Fuzzy risk assessments on security policies for digital rights management

Neural Network World

Volumn 20, Issue 3, 2010, Pages 265-284

  Zhang, Zhiyong ^a   Lian, Shiguo ^b   Pei, Qingqi ^c   Pu, Jiexin ^a  

^a HENAN UNIVERSITY OF SCIENCE AND TECHNOLOGY   (China)

^b ORANGE LABS   (France)

^c XIDIAN UNIVERSITY   (China)

Author keywords

Digital rights management; Fuzzy risk assessment; Qualitative and quantitative analysis; Risk management; Security policy; Trusted computing

Indexed keywords

DIGITAL RIGHTS MANAGEMENT; FUZZY RISK; QUALITATIVE AND QUANTITATIVE ANALYSIS; SECURITY POLICY; TRUSTED COMPUTING;

COMPUTER SIMULATION; COPYRIGHTS; QUALITY CONTROL; RISK ANALYSIS; RISK MANAGEMENT; RISK PERCEPTION; SECURITY OF DATA; SECURITY SYSTEMS; UNCERTAINTY ANALYSIS;

RISK ASSESSMENT;

EID: 77955198823     PISSN: 12100552     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (30)

1. Rosenblatt B.: DRM, law and technology: an American perspective, Online Information Review, 31, 1, 2007, pp. 73-84.
2. Buckshaw D., Pamell G., Unkenholz W.: Mission Oriented Risk and Design Analysis of Critical Information Systems, Military Operations Research, 10, 2, 2005, pp. 19-38. (Pubitemid 43264848)
3. Evans S., Wallner J.: Risk-based Security Engineering through the Eyes of the Adversary. In: Proceedings of the 2005 IEEE Workshop on Information Assurance and Security United States Military Academy, West Point, NY, 2005, pp. 158-165.
4. nd edition, Auerbach Publications, New York, 2005.
5. Jones A., Ashenden D.: Risk Management for Computer Security, Elsevier Inc. Press, 2005.
6. DRM Rights Expression Language Candidate Version 2.1. Open Mobile Alliance, July 2007.
7. Puceolla R., Weissman V.: A formal foundation for ODRL. In: Proceedings of Workshop on Issues in the Theory of Security, 2004.
8. Halpern J., Weissman V.: A formal foundation for XrML, Journal of the ACM, 55, 1, 2008, pp. 4-45.
9. Zhang Z., Pei Q., Ma J., Yang L., Fan K.: A Fine-grained Digital Rights Transfer Policy and Trusted Distribution and Enforcement. In: Proceedings of International Conference of Computational Intelligence and Security, IEEE Computer Society Press, Suzhou, China, Dec, 2008.
10. Hibbert C.: A copy protection and content management system from The DVB. The DVB Consortium, http://www.dvb.org/documents/newsletters/DVB-SCENE-05- CopyProtection Article, pdf, 2005.
11. DRM Architecture Candidate Version 2.1. Open Mobile Alliance, Jul, 2007.
12. Koster P., Montaner J., Koraichi N., Iacob S.: Introduction of the domain issuer in OMA DRM. In: Proceedings of 2007 4th Annual IEEE Consumer Communications and Networking Conference, Las Vegas, NV, United States, 2007, pp. 940-944.
13. Kim H., Lee Y., Chung B., Yoon H., Lee J., Jung K.: Digital Rights Management with right delegation for home networks. In: Proceedings of 9th International Conference on Information Security and Cryptology, M. S. Rhee and B. Lee (Eds.): LNCS 4296, 2006, pp. 233-245.
14. Koster P., Kamperman F., Lenoir P., Vrielink K.: Identity-based DRM: personal entertainment domain. In: Proceeding of Transactions on Data Hiding and Multimedia Security, LNCS 4300, 2006, pp. 104-122.
15. Popcscu B., Crispo B., Tanenbaum A., Kamperman F.: A DRM security architecture for home networks. In: Proceedings of 4th ACM Workshop on Digital Rights Management, Oct, 2004.
16. Cooper A., Martin A.: Towards an Open, Trusted Digital Rights Management Platform. In: Proceedings of 2006 ACM Workshop on Digital Rights Management. Alexandria, Virginia, USA, Oct. 2006.
17. TCG PC Specific Implementation Specification Version 1.1, https://www.trusted computinggroup.org/specs/PCClicnt, Aug. 2003.
18. TCG Mobile Reference Architecture Specification Version 1.0, https://www.trii.sted computinggroup.org/specs/mobilephone, Jun. 2008.
19. Zhang Z., Pei Q., Ma J., Yang L., Fan K.: Cooperative and Non-Coopcrative Game-Theoretic Analyses of Adoptions of Security Policies for DRM. In: Proceedings of 5th IEEE International Workshop on Digital Rights Management Impact on Consumer Communications, Satellite Workshop of 6th IEEE Consumer Communications & Networking Conference, Las Vegas, Nevada, U.S.A., Jan. 2009.
20. Zhang Z., Pei Q., Ma J., Yang L.: Establishing Multi-Party Trust Architecture for DRM by Using Game-Theoretic Analysis of Security Policies, Chinese Journal of Electronics, 18, 3, 2009, pp. 519-524.
21. Landoll D.: The Security Risk Assessment Handbook, Auerbach Publications, New York, 2006.
22. Dempster M. A. H.: Risk Management: Value At Risk and Beyond, Cambridge University Press, United Kingdom, 2002.
23. Swarm Development Group, http://www.swarm.org
24. Harmantzis F., Malek M.: Security risk analysis and evaluation. In: Proc. of 2004 IEEE International Conference on Communications, Paris, France, 2004, pp. 1897-1901.
25. Bernard R.: Information Lifecycle Security Risk Assessment: A tool for closing security gaps, Computers and Security, 26, 1, 2007, pp. 26-30.
26. Ekclhart A., Fenz S., Neubauer T.: AURUM: A framework for information security risk management. In: Proc. of the 42nd Annual Hawaii International Conference on System Sciences, Waikoloa, HI, United States, 2009.
27. Andrijcic E., Horowitz B.: A macro-economic framework for evaluation of cyber security risks related to protection of intellectual property, Risk Analysis, 26, 4, 2006, pp. 907-923.
28. Misra S., Kumar V., Kumar U.: A strategic modeling technique for information security risk assessment, Information Management and Computer Security, 15, 1, 2007, pp. 64-77.
29. Yi H., Hori Y., Sakurai K.: Security policy pre-evaluation towards risk analysis. In: Proc. of the 2nd International Conference on Information Security and Assurance, Busan, Korea, 2008, pp. 415-420.
30. Halkidis S., Chatzigeorgiou A., Stephanides G.: Quantitative evaluation of systems with security patterns using a fuzzy approach, Lecture Notes in Computer Science, 4277, 2006, pp. 554-564.