Flexible and secure enterprise rights management based on trusted virtual domains

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2008, Pages 71-80

  Gasmi, Yacine ^a   Sadeghi, Ahmad Reza ^a   Stewin, Patrick ^a   Unger, Martin ^a   Winandy, Marcel ^a   Husseiki, Rani ^b   Stüble, Christian ^b  

^a RUHR UNIVERSITY BOCHUM   (Germany)

^b Sirrix AG Security Technologies   (Germany)

Author keywords

Enterprise rights management (ERM); Security policy; Trusted computing; Trusted virtual domain (TVD)

Indexed keywords

CONCEPT-BASED; DOCUMENT STRUCTURE; ENTERPRISE RIGHTS MANAGEMENT; ENTERPRISE RIGHTS MANAGEMENT (ERM); EXECUTION ENVIRONMENTS; KEY MANAGEMENT; PHYSICAL RESOURCES; POLICY ENFORCEMENT; ROLE-BASED; SECURE ENTERPRISE; SECURITY MODEL; SECURITY POLICY; SYSTEM-BASED; TRANSPARENT ENCRYPTION; TRUSTED COMPUTING; TRUSTED VIRTUAL DOMAIN (TVD); VIRTUAL ENTITIES;

ACCESS CONTROL; COMPUTER SCIENCE; CRYPTOGRAPHY; DISTRIBUTED COMPUTER SYSTEMS; SECURITY SYSTEMS; SPACE TIME ADAPTIVE PROCESSING;

NETWORK SECURITY;

EID: 70349233094     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1456455.1456467     Document Type: Conference Paper

References (36)

1. Adobe Systems Inc. Adobe LiveCycle Policy Server: Document-level persistent protection and dynamic control for multiformat enterprise rights management. http://www.adobe.com/de/products/server/policy/pdfs/ps\datasheet. pdf, 2006.
2. A. Arnab and A. Hutchison. Requirement analysis of enterprise DRM systems. In Information Security South Africa, 2005.
3. Authentica Inc. Page Recall: The Key to Document Protection. http://www.adobe.com/de/products/server/policy/pdfs/ps\datasheet.pdf, 2002.
4. M. Backes, C. Cachin, and A. Oprea. Lazy Revocation in Cryptographic File Systems. In SISW '05: Proceedings of the Third IEEE International Security in Storage Workshop, pages 1-11, Washington, DC, USA, 2005. IEEE Computer Society.
5. S. Berger, R. Cáceres, K. A. Goldman, R. Perez, R. Sailer, and L. van Doorn. vTPM: virtualizing the trusted platform module. In USENIX-SS'06: Proceedings of the 15th conference on USENIX Security Symposium, pages 21-21, Berkeley, CA, USA, 2006. USENIX Association.
6. S. Berger, R. Caceres, D. Pendarakis, R. Sailer, E. Valdez, R. Perez, W. Schildhauer, and D. Srinivasan. TVDc: Managing Security in the Trusted Virtual Datacenter, 2008. ACM SIGOPS Operating Systems Review, Vol 42, Issue 1.
7. D. F. C. Brewer and M. J. Nash. The Chinese Wall Security Policy. In Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages 206-214. IEEE, 1989.
8. A. Bussani, J. L. Griffn, B. Jasen, K. Julisch, G. Karjoth, H. Maruyama, M. Nakamura, R. Perez, M. Schunter, A. Tanner, L. V. Doorn, E. V. Herreweghen, M. Waidner, and S. Yoshihama. Trusted Virtual Domains: Secure Foundations for Business and IT Services. Technical Report Research Report RC23792, November 2005.
9. S. Cabuk, C. Dalton, H. Ramasamy, and M. Schunter. Towards Automated Provisioning of Secure Virtualized Networks, 2007. ACM CCS 2007.
10. Y. Dodis and N. Fazio. Public key broadcast encryption for stateless receivers. In Proceedings of the Digital Rights Management Workshop 2002, volume 2696 of LNCS, pages 61-80, 2002.
11. European Multilaterally Secure Computing Base (EMSCB) Project. Towards Trustworthy Systems with Open Standards and Trusted Computing, 2008. http://www.emscb.de.
12. G. Faden. Multilevel Filesystems in Solaris Trusted Extensions. In Proceedings of the 12th ACM Symposium in Access Control Models and Technologies, pages 121-126. ACM, 2007.
13. Y. Gasmi, A.-R. Sadeghi, P. Stewin, M. Unger, and N. Asokan. Beyond Secure Channels, 2007. ACM Workshop on Scalable Trusted Computing 2007.
14. E. Gaudet. DRM vs. ERM: battle to control data. http://www.networkworld. com/news/tech/2006/121806techupdate.html, December 2006.
15. J. L. Griffin, T. Jaeger, R. Perez, R. Sailer, L. van Doorn, , and R. Cáceres. Trusted Virtual Domains: Toward Secure Distributed Services. In 1st IEEE Workshop on Hot Topics in System Dependability, June 2005.
16. V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation: a virtual machine directed approach to trusted computing. In VM'04: Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium, pages 3-3, Berkeley, CA, USA, 2004. USENIX Association.
17. T. Jaeger, R. Sailer, and U. Shankar. PRIMA: policy-reduced integrity measurement architecture. In SACMAT '06: Proceedings of the eleventh ACM symposium on Access control models and technologies, pages 19-28, New York, NY, USA, 2006. ACM.
18. Y. Katsuno, M. Kudo, P. Perez, and R. Sailer. Towards Multi-Layer Trusted Virtual Domains, 2006. The 2nd Workshop on Advances in Trusted Computing.
19. J. Liedtke. On Microkernel Construction. In 15th ACM Symposium on Operating System Principles, 1995.
20. V. Likitalo. Remote Attestation and Peer-to-Peer Net. http://www.tml.tkk.fi/Publications/C/18/likitalo.pdf, 2005.
21. M. Matson and M. Ulieru. Persistent Information Security - Beyond the e-Commerce Threat Model. In The Eighth International Conference on Electronic Commerce, August 2006.
22. Microsoft. Microsoft Windows Rights Management Services for Windows Server 2003 - Helping Organizations Safeguard Digital Information from Unauthorized Use. Whitepaper, 2003.
23. J. Park, R. Sandhu, and J. Schifalacqua. Security architectures for controlled digital information dissemination. In ACSAC '00: Proceedings of the 16th Annual Computer Security Applications Conference, page 224, Washington, DC, USA, 2000. IEEE Computer Society.
24. S. Pearson. Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall PTR, Upper Saddle River, NJ, USA, 2002.
25. J. Reid and W. Caelli. DRM, Trusted Computing and Operating System Architecture. 2005.
26. A. Sadeghi, M. Wolf, C. Stüble, N. Asokan, and J. Ekberg. Enabling Fairer Digital Rights Management with Trusted Computing, October 2007.
27. R. Sailer, T. Jaeger, E. Valdez, R. Cáceres, R. Perez, S. Berger, J. L.Grin, and L. van Doorn. Building a MAC-based Security Architecture for the Xen Opensource Hypervisor. In 21st Annual Computer Security Applications Conference (ACSAC), Dec 2005.
28. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium, pages 16-16, Berkeley, CA, USA, 2004. USENIX Association.
29. R. Sandhu, K. Ranganathan, and X. Zhang. Secure information sharing enabled by Trusted Computing and PEI models. In ASIACCS '06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security, pages 2-12, New York, NY, USA, 2006. ACM.
30. R. Sandhu and X. Zhang. Peer-to-peer access control architecture using trusted computing technology. In SACMAT '05: Proceedings of the tenth ACM symposium on Access control models and technologies, pages 147-158, New York, NY, USA, 2005. ACM.
31. S. Schechter, R. Greenstadt, and M. Smith. Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment. In The Second Annual Workshop on Economics and Information Security, May 2003.
32. E. Sebes and M. Stamp. Solvable Problems in Enterprise Digital Rights Management. http://home. earthlink.net/̃mstamp1/papers/DRMsebes.pdf, 2004.
33. R. Thomas and R. Sandhu. Towards a Multi-dimensional Characterization of Dissemination Control. In POLICY '04: Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, page 197, Washington, DC, USA, 2004. IEEE Computer Society.
34. Trusted Computing Group. TCG Specication Architecture Overview. Trusted Computing Group: https://www.trustedcomputinggroup.org/groups/TCG-1-3- Architecture-Overview.pdf, Mar. 2003. Specication Revision 1.3 28th March 2007.
35. Trusted Computing Group. TPM Main Specication v1.2. https://www. trustedcomputinggroup.org, November 2003.
36. Y. Yu and T. Chiueh. Display-Only File Server: A Solution against Information Theft Due to Insider Attack. October 2004.