Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information and Communications Security

ICICS 2004: Information and Communications Security pp 546–561Cite as

Rights-Carrying and Self-enforcing Information Objects for Information Distribution Systems

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3269))

Abstract

In today’s digital world digital information is ubiquitous and threats against it proliferate. Therefore, one of the most important challenges facing us is that of providing secure enforcement of rights of access to, and usage of, this information. Self-protecting information objects have significant relevance in this context. A self-protecting information object has the ability to allow us to define access rules, to manage access to its information content in accordance with these rules, to protect its contained information against unauthorized access, and to update and modify these rules with ease. This means that such an object must be able to deal with attacks by both unauthorized users and authorized users seeking unauthorized access and usage. This paper describes and analyses a model of Rights-Carrying and Self-Enforcing Information Objects (SEOs) for Digital Rights Management (DRM) for a secure information distribution system that carry with them access and usage rights and themselves enforce these rights, preserving their confidentiality and integrity. The model was originally developed as part of the distributed DRM model for an information distribution system for the net-based learning project in Norwegian schools.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. XIWT: An Approach Based on Digital Objects and Stated Operations (May 1997), http://www.xiwt.org/documents/ManagAccess.html

  2. Abie, H., Spilling, P., Foyn, B.: Authentication and Authorization for Digital Rights Management for Information Distribution Systems. In: The IASTED International Conference on Communication, Network, and Information Security, CNIS 2003, New York, USA, December 10-12 (2003)

    Google Scholar 

  3. Abie, H., Spilling, P., Foyn, B.: A Distributed Digital Rights Management Model for Secure Information Distribution Systems. International Journal of Information Security (IJIS), Springer-Verlag (2004) (to appear)

    Google Scholar 

  4. LAVA Learning Project Page, http://www.nr.no/lava/lava-le/

  5. Foyn, B., Maus, E.: Designing Tools and Contents for Project-based Learning with Net- Based Curriculum, ED-Media (June 2002)

    Google Scholar 

  6. Diesen, D., Oskal, A.: Using Object-oriented Information Distribution to Present and Protect Information. In: SSGRR 2001, L’Aquila (August 6-12, 2001)

    Google Scholar 

  7. Payette, S., Lagoze, C.: Policy-Carrying, Policy Enforcing Digital Objects. In: Borbinha, J.L., Baker, T. (eds.) ECDL 2000. LNCS, vol. 1923, p. 144. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  8. XrML - eXtensible rights Markup Language, http://www.xrml.org/

  9. Kaplan, M.A.: IBM Cryptolopes, SuperDistribution and Digital Rights Management (1996), http://www.research.ibm.com/people/k/kaplan/cryptolope-docs/crypap.html

  10. Kocher, P., Jaffe, J., Jun, B., Laren, C., Lawson, N.: Self-Protecting Digital Content: A Technical Report from the CRI Content Security Research Initiative, Whitepaper (2003), http://64.5.53.22/resources/whitepapers/SelfProtectingContent.pdf

    Google Scholar 

  11. López, J., Maña, A., Pimentel, E., Troya, J.M., Yagüe, M.I.: Access Control Infrastructure for Digital Objects. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 399–410. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Marazakis, M., Papadakis, D., Papadakis, S.A.: A Framework for the Encapsulation of Value-Added Services in Digital Objects. In: European Conference on Digital Libraries, pp. 75–94 (1998), http://citeseer.nj.nec.com/marazakis98framework.html

  13. Silbert, O., Bernstein, D., Van Wie, D.: The DigiBox: A Self-Protecting Container for Information Commerce. In: Proc. of the First USENIX workshop on Electronic Commerce (1995), http://citeseer.nj.nec.com/silbert95digibox.html

  14. Manaz, A., Pimentel, E.: An Efficient Software Protection Scheme, IFIP TC11 16th International. In: Kluwer Academic International Federation for Information Processing–C 2001, vol. 65, pp. 385–401 (2001)

    Google Scholar 

  15. Schneier, B.: Secrets and Lies: Digital Security in a Networked World. John Wiley & Sons, Inc., Chichester (2000)

    Google Scholar 

  16. van Oorschot, P.C.: Revisiting Software Protection. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 1–13. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Abie, H., et al.: The Need for a Digital Rights Management Framework for the Next Generation of E-Government Services. International Journal of Electronic Government 1(1), 8–28 (2004)

    Article  Google Scholar 

  18. Hamilton, C.R.: The Case for Holistic Security: The Integration of Information and Physical Security as an Element of Homeland Security. Computer Security Journal XIX(1) (Winter 2003), http://www.riskwatch.com/Press/Holistic_Security_10-03.pdf

  19. Irvine, C., Levin, T.: Overview of Quality of Security Service, Center for INFOSEC Studies and Research, Naval Postgraduate School (April 1, 2003), Available from http://cisr.nps.navy.mil/downloads/QoSS_Overview.pdf

Download references

Author information

Authors and Affiliations

  1. Norwegian Computing Center, N-0314, Oslo, Norway

    Habtamu Abie & Bent Foyn

  2. Department of Informatics, University of Oslo, N-0371, Oslo, Norway

    Pål Spilling

Authors
  1. Habtamu Abie
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pål Spilling
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bent Foyn
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Information and Communication Technologies, University of A Coruña, Spain

    Javier Lopez

  2. Chinese Academy of Sciences, Institute of Softwear, 100080, Beijing, China

    Sihan Qing

  3. Graduate School of Systems and Information Engineering, University of Tsukuba, 1-1-1 Tennodai, Tsukuba, 305-8573, Ibaraki, Japan

    Eiji Okamoto

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Abie, H., Spilling, P., Foyn, B. (2004). Rights-Carrying and Self-enforcing Information Objects for Information Distribution Systems. In: Lopez, J., Qing, S., Okamoto, E. (eds) Information and Communications Security. ICICS 2004. Lecture Notes in Computer Science, vol 3269. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30191-2_42

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30191-2_42

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23563-7

  • Online ISBN: 978-3-540-30191-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation