Abstract
In any kind of electronic transaction, it is extremely important to assure that any of the parties involved can not deny their participation in the information exchange. This security property, which is called non-repudiation, becomes more important in Digital Rights Management (DRM) scenarios, where a consumer can freely access to certain contents but needs to obtain the proper Right Object (RO) from a vendor in order to process it. Any breach in this process could result on financial loss for any peer, thus it is necessary to provide a service that allows the creation of trusted evidence. Unfortunately, non-repudiation services has not been included so far in DRM specifications due to practical issues and the type of content distributed. In this paper we analyze how to allow the integration of non-repudiation services to a DRM framework, providing a set of protocols that allows the right objects acquisition to be undeniable, alongside with a proof-of-concept implementation and a validation process.
Article PDF
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Avoid common mistakes on your manuscript.
References
Asokan, N. (1998). Fairness in electronic commerce. PhD thesis, University of Waterloo, Computer Science.
Bradner, S. (1997). RFC 2119. Key words for use in RFCs to indicate requirement levels. IETF.
Franklin, M., & Tsudik, G. (1998). Secure group barter: Multi-party fair exchange with semi-trusted neutral parties. In Lecture notes in computer science: Vol. 1465. Proceedings of financial cryptography 1998 (pp. 90–102). Springer.
González-Deleito, N., & Markowitch, O. (2001). An optimistic multi-party fair exchange protocol with reduced trust requirements. In Lecture notes in computer science: Vol. 2288. Proceedings of the 4th international conference on information security and cryptology (pp. 258–267). Springer.
González-Deleito, N., & Markowitch, O. (2002). Exclusion-freeness in multi-party exchange protocols. In Lecture notes in computer sciences. 5th International conference on information security (ISC 2002) (pp. 200–209). Springer.
http://www.3gpp.org/ (n.d.).
ITU. (1997). Information technology—open systems interconnection—the directory: Overview of concepts, models and services.
ITU. (2003). Security architecture for systems providing end to end communications.
Khill, I., Kim, J., Han, I., & Ryou, J. (2001). Multi-party fair exchange protocol using ring architecture model. Computers & Security, 20(5), 422–439.
Kremer, S., & Markowitch, O. (2000). A multi-party non-repudiation protocol. In Proceedings of SEC 2000: 15th international conference on information security. IFIP World Computer Congress (pp. 271–280).
Kremer, S., Markowitch, O., & Zhou, J. (2002). An intensive survey of fair non-repudiation protocols. Computer Communications, 25(17), 1606–1621.
kXML (n.d.). http://kxml.sourceforge.net/index.orig.shtml.
Markowitch, O., & Kremer, S. (2000). A multi-party optimistic non-repudiation protocol. In Lecture notes in computer science: Vol. 2015. Proceedings of 3rd international conference on information security and cryptology (pp. 109–122). Springer.
Onieva, J. A., Zhou, J., Carbonell, M., & Lopez, J. (2003). Intermediary non-repudiation protocols. In Proceedings of 2003 IEEE fifth conference on electronic commerce (pp. 207–214).
Ope. (2006). DRM specification (2 ed.).
Plaza, P., Gonzalez, J. L., Lacoste, M., Stern, D., Bormann, F., Zoth, C., Tacken, J., Lopez, J., Onieva, J., Soriano, M., Forne, J., Marin, A., Almenarez, F., Görlich, J., Eikerling, H.-J., Müller, W., & Schäfer, R. (2004). Mobile security: Requirements and state of the art analysis. Technical Report D2.1, UBISEC Consortium.
Seitz, J. (2005). Digital watermarking for digital media. Hershey: Information Science.
Services, T. S. G., & Aspects, S. (2001). 3gpp s1-01 1197. ts 22.242. Technical report, 3rd generation partnership project. V6.2.0.
The legion of the bouncy castle. (n.d.). http://www.bouncycastle.org.
Wang, X., Lai, X., Feng, D., Chen, H., & Yu, X. (2005). Cryptanalysis of the hash functions MD4 and RIPEMD. In R. Cramer (Ed.), Lecture notes in computer science: Vol. 3494. Advances in cryptology (pp. 1–18). EUROCRYPT, Springer.
Wang, X., & Yu, H. (2005). How to break MD5 and other hash functions. In R. Cramer (Ed.), Lecture notes in computer science: Vol. 3494. Advances in cryptology (pp. 19–35). EUROCRYPT, Springer.
Yan, Z. (2001). Mobile digital rights management. In L. Staffans & T. Virtanen (Eds.), T-110.501 seminar on network security. Helsinki: Helsinki University of Technology, Telecommunications Software and Multimedia Laboratory.
Zhou, J., & Gollmann, D. (1996). A fair non-repudiation protocol. In Proceedings of IEEE symposium on security and privacy (pp. 55–61). IEEE Computer Society Press.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Onieva, J.A., Lopez, J., Roman, R. et al. Integration of non-repudiation services in mobile DRM scenarios. Telecommun Syst 35, 161–176 (2007). https://doi.org/10.1007/s11235-007-9050-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-007-9050-4