A flexible multiparty multilevel DRM architecture Dheerendra Mishra1 and RishiKesh Sahay2 Department of Mathematics, Indian Institute of Technology, Kharagpur, India1 Department of Computer Science and Engineering, IIIT Bhubaneswar, India2 { [email protected] , [email protected] }

Abstract. Traditional digital right management architecture are the two party architectures, involving only the content owner and costumers. However, for smooth functioning of business, it is necessary to involve additional levels of distributors and sub distributors, who can handle different price structure in different country. In this paper, we proposed a multiparty, multilevel DRM architecture with additional rights to distributors, will helpful in handling different price structures of contents in different geographical regions, and provides the way to better explore probably unknown market to the content owner. Furthermore, proposed model also helps to avoid taking external services of certificate authorities, By using Identity based encryption. Keywords: DRM , Distribution business model, license, IBE

1

Introduction

The widespread use, and great improvement in network technology has greatly facilitated the distribution and exchange of information. Immediate access and cheap mode of multimedia content distribution, is one of the new benefits Internetbased distribution brings. However, digital content by nature is highly vulnerable to unauthorized use and redistribution. This raises issues regarding intellectual property rights and copyright. After content is provided, no further protection is provided on that content. While these new technologies have the potential to open up new markets. Digital Rights Management (DRM) technologies ensure the protection of digital content after distribution also. The goal of DRM technology is to distribute digital contents in a manner that can protect and manage the rights of all parties involved in the system. DRM is a complex information systems in the sense that they highly involve technological, business, economical and most importantly, social factors. DRM involves many diverse areas such as cryptography, signal processing and information theory,business modeling, e-commerce, law, legal and social aspects, etc. The core concept in DRM is the use of digital licenses. The consumer buys a digital license, getting certain rights to him instead of buying the digital content. A License constraints may include expiration date, available regional zone, software security requirements, hardware security requirements, and watermarking requirements.

One prerequisite for the smooth running of the electronic content delivery business is the availability of protected content so that costumer can easily access and play for it. Therefore, a simple, reliable, secure, easy to use, and ubiquitous DRM architecture is needed. If we looking at the description of different DRM architectures, the difficulty aries that each author designed an architecture with a different focus. Therefore, it is very hard to compare these schemes and impossible to infer an open DRM architecture from them. We need a DRM architecture with the description of components and there involve role with their interoperability. Related work: Liu et al. [12] follow-up the general DRM architecture involving the content provider, clearing house, distributor and consumer. Functionality of the distributor in all DRM architectures reviewed in [12]. Current Digital Rights Management (DRM) systems support only two-party systems, involving the package server and purchaser [10], [2], [13], [7], [3]. However, DRM systems need to be sufficiently flexible, reliable and easy to accessible to support existing business models and extensible to adapt to future models. In [14] described a DRM architecture with better security mechanism than basic DRM architectures described in [12], but only authorized user can get the content that restrict the more number of users. Lee at al. [5] design a content distribution framework which supports a multi level distribution based on MPEG-21 in which they have replace monitoring service provider by Distribution information management system and clearing house. Hwang et al. in [8] developed a modified imprimatur model based on based on multilevel distribution system. In their framework they considered the distributor as a trusted authority, and hence distributor can posses content key. But this model restrict the number of distributors because to find large number of trusted distributors is very difficult in practice. Grimen et al. in [6] have discusses the security aspects of DRM system. Sachan et al. in [15] presented multiparty multilevel DRM architecture. But they have not focussed over the functionality of distributors (such as how distributer will decide price of item, how distributer will create offers, etc.). Our Contribution: DRM systems are complicated, expensive and inherit many of the shortcomings of the methods they use. Digital right management models are currently not able to support high degree of flexibility, secure media distribution, and consumer privacy at the same platform. It is unlikely that a single DRM technology will be able to support the diversity of devices, users, distributors and issues related to security, efficiency, flexibility, and privacy. Here first objective of our architecture is to provide an easy to understand introduction to the component and their working principal of state of art DRM model. We want to present a DRM model that highlight the main building blocks of DRM system. A DRM architecture should be suitable to more innovative and scalable business. We are Considering a system with multi-distributors instead of singledistributor. A local distributor can better explore probably unknown markets for the content owner and make strategies according to the relatively known market

to him. In addition, the multi distributor system can also help in handling different pricing structures of media in different countries, and share with the owner any information on price or demand fluctuation cost. In Proposed architecture distributer keeps the rights of payment, distributor check the authenticity and receive the payment from consumer. This provide high degree of flexibility in the architecture by sharing the work of license server at his level.

2 2.1

Preliminaries Components of the architecture

Despite different DRM vendors having different DRM implementations ways to specify the content usage rules, the basic DRM process is the same. A typical DRM architecture involve mainly four components owner, distributer, license server and client [12], [9].

Registering

License Server Rights, contacts, Key Usages Rules + Agreement Content Owner

Issue digital License Clearing House

Select Content

Tracking Paying Royalty Fees

Encrypted Content and Information + Registered Tracking user's ID

Information Flow

Request for License Issue

DRM Client

Paying

Download Protected Content

Distributor

Money Flow

A Typical DRM Framework

Fig. 1. A typical DRM framework

Lot of application involve in a complete DRM architecture. Identifying multiple roles of applications in a DRM architecture is essential to view complete picture. Here we will discuss the different high level services and applications that are need in complete DRM architecture to provide the application level

functionality. The following applications and services play vital role in DRM functionality. Package server: Packager gets the unprotected content from the content owner. The content owner specifies the contracts and rights within the packager and packager transfer these rights to license server. The package server generate encryption key by using secrete master key and encrypt the content by using that key, and provide unique ID to the content. Encryption can be done independently without specifying the rights so that right can be changed letter according to the consumer choice. Packager perform following action. – Content protection: Packager encrypt the content by using some encryption algorithm. Packager put watermark in the protected content by using some effective watermarking technique. – Distribution: Packager get input from the content owner and out put the protected content to the distribution server, and key seeds with usages rule to the license server. Tracking server: Tracking server receives usages information from the license server, and send information to the usage clearing house. The license server generates statical usages information (i.e., the number of times the licenses issued, to whom request licences are issued, how many number of time a distributer have requested, who (distributor) asked for which license, and how many times, etc. ). Financial clearing house (FCH): The financial issues are taken care of an internal payment services associated with owner. Financial clearing house enables financial transaction to be carried out, and keep statics of royalty payment received from distributor, and time to time provides to other authorities. Usage clearing house (UCH): usages clearing house provides the usage information to all involve parties, specially to license server and owner. It stores the necessary statical information provides by tracking server, and financial details by financial clearing house. Registration authority (RA): To become a part of DRM a consumer must have to register to registration authority. Registration authority registrar the consumer and provide a unique ID to the consumer, call consumer ID. It also verify the details provided by the consumer and check the authenticity of the information given by consumer. Once registration authority authenticate the consumer, consumer become the part of DRM and he can get the content. Monitoring server (MA): Monitoring server is some short of surveillance that monitoring the illegal use of the content and providing inform to the higher authorities. It trace and analyze the logs for violation detection, if any violation detected, MA sends statics to authorities for further action. Web site: The web site consist all the detailed of contents data base. It provides detailed content information that it receives from the packager. Clint visit the web site and can select the content or offers from the distribution server web site.

Media server: Media server keeps encrypted content on his server provided by packager. A consumer can select a content from the distribution server web site and download the encrypted content from the media server. Access and payment server: Access server responsible for the authentication of the consumer. It also responsible for checking payments of consumers before allowing particular action on the DRM system. The access service may deny access if bills are not paid or if consumer is unauthorized. Interoperability: Internet is accessible to all form of electronic devices (such as laptop, desktop, cell phone etc.). DRM architecture should be flexible to access from all type of devices. Interoperability takes care the compatibility of consumer devices and provide the way so that all devices can access the facilities. Authorization and authentication (AA) Server: The AA server concern about authorization and authentication. Once these step are carried out, it forward the request to the key distribution server for issuing license. Rights and contacts: This server keeps the usage rights and contracts provided by owner. it maintain and store all the instruction send by owner and responsible for the implementation of instruction when licenses is issued. Clearing house: Clearing house Keeps the record of all issued licenses. It updates statistical data base by information provided by usage clearing house that includes license issuing permissions for distributers. It is also responsible for checking royalty payment by matching data obtain from usages clearing house and the financial clearing house, Before instructing key distribution server for license. Key distribution Server: key distribution server generates the content key with the help of secrete key seeds and with the help of rights and contracts, the license is created. Key distribution server gets the master key seed from the packager, and output a license to the user, on the request of distribution server. Multi device server: Multi device server transfer the digital contents securely to specific devices. The content can be reformatted and packaged prior to transmission to meet the requirement of the target device. External services: Financial institute that offers support for money transaction facility, billing, etc. With the help of financial institute DRM authorities receives payment and details of payee. 2.2

Core components:

The typical DRM architecture involve various services and applications but the core component are content owner, distributor, license server and consumer. Each component of DRM is the collection of some servers, logical devices and applications. A component interact with other component using predefined interfaces or ports. A interface is determined by a set of methods and connected with its component using cable. At the application level, need to have a complete DRM system. We identify three key DRM services with respect to content consumer: Content owner, License server, and Distributer. Identifying the multiple roles of components in a DRM system is crucial, to view the complete picture.

Content owner: Content owner holds the digital rights of the content and want to protect these rights. Owner is concern about unauthorized use and illegal redistribution of contents. Owner concern for unauthorized use of content is resolved by encrypting the content with symmetric key algorithm. Symmetric key is usually used to encrypt the content for high performance of computation and for each digital content, a different symmetric key is used. Owner provides unprotected content to the package server, and rights and contracts to the licence server. These would regulate how the content is to be used by the content purchaser.

Content

Packager

Financial Clearing House Protected content

Content Owner

Key seeds

Paying Royalty Usage Clearing House

License server

Tracking Server

Distributor

Registration Authority Protected content

unique ID Monitoring server

Payment license

requesting for issuing license

registering

Clint

Fig. 2. A framework to illustrate the online DRM system and Content owner

Here owner consist of different applications and servers, with inter operability feature. Owner include packager, financial clearing house, usage clearing house, tracking server, registration authority and monitoring server. Owner provide unprotected content to the packager; packager encrypt these content by using symmetric encryption algorithm. Owner’s tracking server that takes statical data of license distribution from the license server and provides it to the usages clearing house then usage clearing house update its data base with the help of information provided by tracker. It has also registration and monitoring server, registration server registrar the consumer and monitoring server take care

of surveillance. Distribution Server: The distribution server provides the encrypted content, trailer of content to the consumer without asking any information and payment. Distribution server receives the payment and request to the license server. Distributor is not a part of actual DRM system so there is a freedom of defining supplier functionality. Distributor is responsible for specifying the usage rule by owner. The distributor keeps a data base of content ID and details of products on there website. Contents price structure is based on usage rules associated with contents. Since distributor is responsible to determine price structure, he can also prepare promotional offers. This would be an addition to the content that is actually ordered by a consumer. Distribution server have different com-

Website Content data base

Protected Content

Protected content

Content Owner

Distributor

requesting for license

Access and Payment

License Server Interoperability

Monitoring Server

Protected content

Customer Care issuing license paying

selecting content

User

Distributor working model

Fig. 3. A framework to illustrate the online DRM system and Distributor

ponent, with each component some tasks are associated. Distribution server has a media server and setup a website presenting the protected content and content information. Its access and payment unit, authenticate the consumer and receive the payment. Interoperability unit check the devices of customer and provides the files format according to compatibility. Distributor also has costumer care unit and monitoring server. License Server: License server is responsible for license distribution. License server receives the rights and contracts, the content ID, and the content encryp-

tion key from the packager, and output the license including usage rule to the consumer based over the recommendation of the distributor server, after the verification done by AA server. Digital licenses content different permission, usage rules and contracts, which may be interpreted by the plug-in.

Tracking

Licenses Key seeds Rights

Content Owner

Rights and C ontacts

Distributor

License Server Clearing House

Requesting for license

Data base Registration information

AA server

License

Payment

User

Fig. 4. A framework to illustrate the online DRM system and License server

License server maintain AA server and clearing house to issuing license for right authority and maintaining data base. When these two authorities approve some request, License authority issues the licence by including usage rules and permission in the license. User: Customer is concern about easy to access of content, easy to use, and his own privacy. Customer wants to consume protected content in a user friendly way and wishes to browse the content catalog where the contains and offers can be selected of his choice. Since a Customers also require a license to consume protected content, they must be able to select license type associated with usage rules. Also Several devices may be associated with a user, so rights should be associated with users, instead of with devices. There should be a general support for multiple devices. Customer select a content from the distribution server’s website and download the protected content from the media server and paying the license fee to get decryption key to payment authority. Finally, Customer wants to consume the protected content, according to the usages rule associated with corresponding license to his all devices. 2.3

Certificate-Based Vs. Identity-Based Cryptography

The certificate-based protocols work by assuming that each entity has a static (long term) public/private key pair, and each entity knows the public key of

each other entity. The static public keys are authenticated via certificates issued by a certifying authority (CA) by binding users’ identities to static keys. When two entities wish to establish a session key, a pair of ephemeral (short term) public keys are exchanged between them. The ephemeral and static keys are then combined in a way so as to obtain the agreed session key. The authenticity of the static keys provided by signature of CA assures that only the entities who posses the static keys are able to compute the session key. Thus the problem of authenticating the session key is replaced by the problem of authenticating the static public keys which is solved by using CA, a traditional approach based on a Public Key Infrastructure (PKI). However, in a certificate-based system, the participants must first verify the certificate of the user before using the public key of the user. Consequently, the system requires a large amount of computing time and storage. In identity-based public key encryption, the public key distribution problem is eliminated by making each user’s public key derivable from some known aspect of his identity, such as his email address. When Alice wants to send a message to Bob, she simply encrypts her message using Bob’s public key which she derives from Bob’s identifying information. Bob, after receiving the encrypted message, obtains his private key from a third party called a Private Key Generator (PKG), after authenticating himself to PKG and can then decrypt the message. The private key that PKG generates on Bob’s query is a function of its master key and Bob’s identity. Shamir [17] introduced this concept of identity-based cryptosystem to simplify key management procedures in certificate-based public key infrastructure. The first pairing-based IBE scheme was proposed by Boneh and Franklin in 2001. Shortly after this, many identity-based cryptographic protocols were developed (see [4] for a survey) based on pairings and this is currently a very active area of research.The identity-based public key cryptosystem can be an alternative for certificate-based PKI, especially when efficient key management and moderate security are required. The advantages of ID-based encryption are significant. It makes maintaining authenticated public key directories unnecessary. Instead, a directory for authenticated public parameters of PKGs is required which is less burdensome than maintaining a public key directory since there are substantially fewer PKGs than total users. In particular, if everyone uses a single PKG, then everyone in the system can communicate securely and users need not to perform on-line lookup of public keys or public parameters. In an ID-based encryption scheme there are four algorithms – (i) Setup: Creates system parameters and master key, (ii) Extract: Uses master key to generate the private key corresponding to an arbitrary public key string ID, (iii) Encrypt: Encrypts messages using the public key ID, and (iv) Decrypt: Decrypts the message using the corresponding private key of ID.

3

Proposed DRM Architecture

In the proposed DRM architecture core component are owner, distributor, license server and customer. This DRM architecture facilitate the multiple levels of distribution system, in other word this system support superdistribution. Here sub distributor can download the protected content from super distributor. This Proposed model gives the clear picture of functionality of DRM components. In our DRM architecture owner have content severable like server, Packager, Financial clearing house (FCH), Tracking server, and monitoring server (MS). Owner provides the unprotected contents to the packager. Packager after encrypting the content send the key seeds and usages rules to the License distribution authority and encrypted content with their unique content ID to the distributor; Distributor receive this data and keep the encrypted content over his media server and display content catalogue with price structure over his website. A consumer visit the website and select the content of his choice, costumer can also download encrypted content from media server. Some time distributors also provide trail of content to the costumer. Since costumer can only download the protected content, to usage these contents costumer need to have license key that he can get from the license server. To get the license costumer contact to the access server, access server first check the authenticity of the costumer and if verification succeeds, it takes the payment and send a request to the license server for issuing the license. Here consumer have the freedom to choose the mode of payment ( such as frequency to access, pay per view, pay per content, advanced payment, etc.). Despite these core component DRM architecture involve some other important component for proper functioning of DRM system and provide practical secure and efficient way to distribute the content. To keep the data base updated of license distribution and payment, architecture have clearing house, tracking server, usage clearing house, financial clearing house. Tracking server track the license distribution and send statistics to the usage clearing house, usage clearing house update his data base. Financial clearing house received the royalty from the distributor, and make the payment data base, and provide financial transaction related to the details to the usage clearing house. By using information provided by financial clearing house and tracking server, usage clearing house send instruction to the clearing house. On the basis of these instruction clearing house decide which licence request should be forward of not. Consumer may have multiple devices, and consumer may not want to purchase the same component for each device. Its usually happen that all devices may not support the same component of same player, so there need a mechanism to handle this problem of format Converting. Distribution server provides the interoperability to the DRM architecture. If the contents are not compatible to device used by Costumer, then format convertor converts the content according to requirement.

Key Licenses

Content

Rights and C ontacts

License Server Packager Clearing House

License

Financial Clearing House AA server Content

Content Owner License request

User

Usage Clearing House

Tracking Server

Registration Authority

Monitoring server

Multi Devices

Website

Protected Content

Device 1

Distributor

Device Format information

Authentication and Payment

Device 2

Customer Care Query Interoperability

Device n

Monitoring Server

Fig. 5. Proposed DRM framework

To control and monitoring all the system and detect illegal use of content need some system. Monitoring server, tracking server, registration authority and access control provide the way to achieve some safety, security and authenticity parameters. Registration authority, registrar the costumer by verifying the details provided by costumer, and issued an unique ID to further transaction in DRM system. All these registration details provided to access server. When some costumer approach to access server, server check his authenticity and then forward his request of license issuing. Monitoring server (MS) at the distributor’s site gets the usage details of the content from the client machine and check for rights violation done by the client. Monitoring system (MS) at the distributor site also monitors the lower level distributors. If rights violation is done by the lower level distributors then it reports to the concerned distributor. At regular times, on a monthly basis for example, the content owner gets a compensation for the trading of his content by the distributors.

4

Efficiency of multiparty multilevel DRM Architecture

A two party DRM model may not be sufficient to handle present business scalability. Present working models are not very flexible to make proper business strategies according to geographical regions. So be need to have a DRM distributors at local level, to take care of the local market. A architecture should be flexible enough to support existing business models and extensible to adapt the future business strategies. All these things ask for the Need of a innovative and scalable business models which have the flexibility of making strategies and policies according to local market. It is necessary to have a more flexible and herbarial distribution system. Therefore, a multiparty, multilevel DRM architecture comes in picture, which can involve multiple level of distributer, sub-distributer at lower level in additions to the owner and consumer. A local distributor can better handle and explore potentially known market by making strategies according to the local customer demand and their preferences. With the help on sub-distributers, owner can also handel different price structure in different countries or geographical regions.

th

Djk = K distributor atj

th

level Owner

License Server

D 11

D 12

C

C

Distributors st at 1 level

D 13

C

D j1

D j2

C

C

D n1

D n2

D n3

C

C

C

D j3

D j4

C

C

D n4

D n5

D n6

C

C

C

D j5

D j6

C

C D n7

C

Distributors th at j level

D n8

D n9

D n10

C

C

C

Distributors th at n level

Fig. 6. Multiparty multilevel DRM framework

Our multiparty multilevel digital right management architecture providers flexibility to handle a local market that are usually unknown to the content owner. In this architecture distributor have the authority to determine the price according to his own familiar market demands. Since in this model distributer is the payment taker so the distributor have full freedom to determine the price

structure, to create offers to attracts the costumers. This model allow more to make more innovative and scalable business strategies. in [8] they considered the distributor as a trusted authority, and hence distributor can posses content key. But this model restrict the number of distributors because to find large number of trusted distributors is very difficult in practice. But in our architecture distributer do not have the rights of key distribution this point allow the participation of more number of distributors and sub distributors. In this proposed model, we propose a multiparty, multilevel DRM architecture. Though the architecture helps the owner in establishing business better. Also with the help of tracking and monitoring servers owner can easily monitor the distributor and costumer. Every time a new license is generated by a License server, an authentication is required every time. Authentication authority needs to handle a large number of validation requests per unit time. It may be hard for the validation authority to handle such a large number of validation requests per unit time. To avoid all this difficulties we have proposed access server with each distributor to handle it. This MPML DRM architecture also provide secure environment for license distributor by keeping the key seeds (license keys) at one place instead of providing to every distributor. Packager use encryption, signature and watermarking techniques for secure delivery of content. Also before involving in DRM a costumer must have to registrar to the registration authority and that registrar ID will be use throughout. So if system violation is detected, content owner can easily detected. This model also not required external services of certificate authority by using identity based encryption. Costumer need not to go for certificate authority, by simply using his own identity he can get his desired contents. This provide a great extend of flexibility in this system and make it workable.

4.1

License management:

The core concept in DRM is the use of digital licenses efficiently. The consumer buys a digital license, gets certain rights instead of buying the digital content. The content access is regulated with the help of a license that contains permissions, constraints, expiry date, a content decryption key, etc. Permissions are actions that a authorized authority can be granted to exercise against some object under some constraints. Examples of permissions include printing, playing, copying, and embedding the content into other content items. Constraints are restrictions and conditions under which permissions are executed. Constraints may include expiration date, available regional zone, software security requirements, hardware security requirements, and watermarking requirements. A set of constraints can also include another set of constraints recursively, which means that the included set of constraints must also be satisfied. The license is usually separated from the content. It should be possible to verify the validity to both license and content. A license can only be used by a legitimate costumer by making payment to content owner. In proposed architec-

ture we have also defined the format and distribution of the license. A license contains the following information.

Content ID

License details

Renewal detail

Signature

Usage rules & permissions

Decryption Key

Security

Device option

Fig. 7. License Architecture

The content ID: Content ID include information about the content for that the license is issued. Signature: To make the digital content authenticate, License server put his digital signature. The License detail: These details include manufacturing date, expiry date, details of producer, etc. Where expiry details ensure, how long a purchased license can be used. Renewal detail: This part of license includes the details of renewal of license so that a expired or almost expired license can be updated through internet. Usage rules and permissions: Permissions correspond to action that can be performed on the protected contents e.g. play, frequency of use, etc. Decryption key: Decryption key is used to decrypt protected content and works only if all the constraints associated with that rules and permissions are satisfied. Security: Owner always want that consumer should use content under the permission and usage rules, to ensure all that consumer must not be able to make changes in the license file. To ensure the security of license, license authority encrypt the license. Device option: License authority left this portion for for distributor. Interoperability section of distributer, check the consumer devices and associate specific

device permission with the license. This license architecture provide great extend of flexibility by associating the device option to distributor. Since consumer take the services to the distributor and with the help of interoperability, distributor will be able to provide license for selected devices of consumer. This feature also reduce the conjunction to license server and increasing system efficiency.

5

Conclusion

This multiparty multilevel DRM architecture provides the way towards the flexibility of a DRM system by providing two important rights to the distributor to handle local market and to reduce the load of license server. Since distributor have payment and authority to select the device option in license, reduce the congestion to the license server and provide flexibility to the system to maintain different price structure in different geographical region. By using IBE instead of external services of certificate authority, that include less computational cost and storage as certificate managements require. Also reduce the work load of Certificate verifications. These features make our DRM system suitable for more effective business models with the flexibility in deciding a wide range of business strategies as compared to the existing works.

References 1. ANSI X9.62, Public Key Cryptography for the Financial Services Industry. The Elliptic Curve Digital Signature Algorithm, 1999. 2. L. J. Camp. First Principles of Copyright for DRM Design. IEEE Internet Computing, vol.7, pp. 59-65, May-June 2003. 3. J. E. Cohen. DRM and Privacy. Communications of the ACM, vol. 46, issue 4, Apr. 2003. 4. R. Dutta, R. Barua and P. Sarkar. Pairing Based Cryptographic Protocols : A Survey. Manuscript 2004. Available at http://eprint.iacr.org/2004/064. 5. BlueKrypt: Cryptographic Key Length Recommendation. Available at http://www.keylength.com/en/3/ 6. G. Grimen, C. Monch, and R. Midtstraum. Building Secure Software- based DRM systems, NIK 2006. 7. F. Hartung and F. Ramme. Digital Rights Management and Watermarking of Multimedia Content for M-Commerce Applications. IEEE Comm., vol. 38, pp.78-84, Nov. 2000. 8. S. O. Hwang, K. S. Yoon, K. P. Jun, K. H. Lee. Modeling and implementation of digital rights. Journal of Systems and Software, 73 (3), pp. 533-549, 2004. 9. Y. Jeong, K. Yoon, J. Ryou. A Trusted Key Management Scheme for Digital Rights Management. ETRI Journal, Vol. 27, No. 1, pp. 114-117, Feb. 2005 10. J. Lee, S. Hwang, S. Jeong, K. Yoon, C. Park, and J. Ryou. A DRM Framework for Distribution Digital Contents through the Internet. ETRI Journal, vol. 25, pp.423-436, Dec. 2003.

11. X. Liu, T. Huang, and L. Huo. A DRM Architecture for Manageable P2P Based IPTV System. IEEE Conference on Multimedia and Expo, pp. 899-902, July2007. 12. Q. Liu, R. Safavi-Naini, and N. P. Sheppard. Digital Rights Management for Content Distribution. Proceedings of Australasian Information Security Workshop Conference on ACSW Frontiers 2003, vol. 21, Jan 2003. 13. D. K. Mulligan, J. Han, and A. J. Burstein. How DRM- Based Content Delivery Systems Disrupt Expectations of Personal Use. Proc. 2003 ACM Works. Digital Rights Management, pp.77-88, Oct. 2003. 14. V. Rosset, C. V. Filippin, and C.M. Westphall. A DRM Architecture to Distribute and Protect Digital Content Using Digital Licenses. pp. 422- 427, telecommunication, July-2005. 15. A. Sachan, S. Emmanuel, A. Das, M. S. Kankanhalli. Privacy Preserving Multiparty Multilevel DRM Architecture. IEEE Consumer Communications and Networking Conference (CCNC), Jan. 2009. 16. A. Shamir. How to Share a Secret. Communications of the ACM, Vol. 22, No. 11, pp. 612-613, 1979. 17. A. Shamir. Identity-based Cryptosystems and Signature Schemes. In proceedings of Crypto 1984, LNCS 196, pp. 47-53, Springer, 1984.