Introduction
DRMTICS 2005 (pronounced: "dramatics") was the inaugural conference in a series considering all aspects of DRM systems including issues faced by holders of digital rights who want to protect their intellectual property rights and consumers who seek to protect their privacy and to preserve their traditional pattern of access to media under existing copyright law.

The conference attracted submissions from all of Asia, Australia, Europe and North America, from which twenty-seven papers were selected for presentation at the conference. The programme also included three invited speakers and a panel session. The papers covered a variety of topics, including cryptography, digital watermarking, legal issues, rights expression languages, trusted computing and complete digital rights management frameworks.

DRMTICS 2005 was held in co-operation with IACR (International Association for Cryptologic Research; cf. sources) and the IEEE Computer Society Task Force on Information Assurance (cf. sources), and sponsors included electronics giant Motorola The full proceedings of the conference will be available in Springer’s Lecture Notes in Computer Science series (DRMTICS 2006) in 2006.

Invited talks
The three invited talks were given by Renato Ianella (NICTA, Australia and ODRL Initiative), Moni Naor (Weizmann Institute of Technology, Israel) and Karen Gettens (Blake Dawson and Waldron, Australia).

Renato's talk focused on the evolution of rights expression languages (RELs) from the late 90's with DPRL up to Creative Commons and focusing on the ODRL REL. He looked at the standardisation of RELs and the impact this has had where successful, such as the mobile sector with the Open Mobile Alliance DRM specifications and concluded by reviewing the current "DRM Patents Saga" that has plagued the standardisation effort. He raised the issue of the applicability of some of the patents to RELs and the serious impact this will have on future research in this area, and the direct impact to systems being deployed today.


Moni surveyed some proposals for designing cryptographic schemes that take into account both human and computer abilities and weaknesses in solving various types of problems. These include schemes for traditional cryptographic tasks such as identification, authentication and encryption, as well as more modern ones, such as spam and abuse prevention, denial of service and voting.

Karen gave an overview of legal action taking place in the digital rights management world. She took us through the subtleties of the legal decisions in

  • the Sony vs Stevens mod-chipping case in Australia;
  • the MGM vs Grokster file-sharing network case in the United States; and
  • the Universal Music vs Sharman Networks (Kazaa) case in Australia.

Karen concluded that courts have generally sought a balance between copyright owners and other parties, to the point of creating principles that are not included in the law itself. She further concluded that the particular outcomes in the file-sharing cases are very fact-specific and do not represent broad decisions for or against peer-to-peer technology.

Rights Expression Languages
A new rights expression language is being developed by the Audio Video Coding Standard Working Group of China. This was to be presented by Ying Sha (Chinese Academy of Sciences, China), but he was unable to travel to Australia and was represented by compatriot Bin Zhu (Microsoft Research Asia). Kurt Maly (Old Dominion University, USA) presented a comparative study of two languages not widely considered in the digital rights management literature, the eXtensible Access Control Markup Language (XACML) and the Policy Core Information Model (PCIM).

Paul Koster (Philips Research, the Netherlands) proposed to introduce "user-attributed rights" that allow users to control the way content which has been purchased is shared amongst their family, friends, etc. without interfering with the rights of the original content owner.

Legal and social aspects
Brian Fitzgerald (Queensland University of Technology, Australia) presented further details of the Sony vs. Stevens case. This case addresses the question of whether or not region-coding devices such as those used in the Sony PlayStation are to be considered “technological protection measures” under copyright. Current case law in Australia holds that they are not, but Fitzgerald warns that amendments guided by the recent Australia-US Free Trade Agreement may result in unforeseen control over the use of products being handed to multi-national corporations.

Yee Fen Lim (Macquarie University, Australia) also argued that digital rights management systems and the laws that support them increase the rights of copyright owners beyond what they are given in copyright law, to the point of creating an intellectual property regime even more powerful in some respects than that for tangible property.

Supriya Singh (Royal Melbourne Institute of Technology, Australia) and Jenine Beekhuyzen (Griffith University, Australia) gave an entertaining presentation disputing record companies’ claims that music fans use free downloading as substitute for purchase. Their series of interviews with Australian music fans demonstrated a continuum in behaviour between free downloading and purchase: most interviewees combined freely-obtained and purchased music depending on a variety of factors including the availability of their preferred forms of music, their financial means and their level of familiarity with a particular artist.

Panel session
The panel session brought together technical and legal minds to discuss the subject Is Reliable and Trusted DRM Realistic or Even Possible? Discussion could no doubt continue almost indefinitely on such a provocative topic but we had to discuss what we could in an hour.

The panel was chaired by Bill Caelli (Queensland University of Technology, Australia). Ezzy Dabbish (Motorola, USA) and Bin Zhu (Microsoft Research Asia) presented the technical side, while the legal view was represented by David Vaile (Baker & Mackenzie Cyberlaw and Policy Centre, Australia), Philip Argy (Mallesons Stephen Jaques, Australia) and Susanna Leisten (Queensland University of Technology, Australia).

It seems fair to say that the general view of the technical community involved is that DRM systems will exist and their reliability and trustworthiness will be possible within certain parameters – no security system will ever be perfectly secure in itself, but it can be secure enough to serve its purpose given the right legal and other support.

The views of legal side were less unified. While Leisten outlined the negative effects of strict regimes for protection of digital rights, Argy viewed DRM systems as a natural evolution of property protection systems. Vaile questioned the possibility of DRM systems that can provide fair use.

Cryptography
Broadcast encryption has become an important cryptographic primitive for conditional access and digital rights management systems. Miodrag Mihaljević (Serbian Academy of Science and Arts) presented one paper describing potential weaknesses in certain broadcast encryption schemes, and another describing a new scheme with improved efficiency and greater security than previous schemes. Ulrich Greveler (Ruhr University Bochum, Germany) presented a new scheme offering unconditional cryptographic security at the cost of allowing a few free-riders.

Jacques Fournier (GEMPlus S.A., France) showed how cryptographic operations can be vectorised for efficient implementation on embedded systems such as smartcards.

Tamper-resistance
The security of digital rights management systems depends on the inability of attackers to reverse-engineer and modify sensitive hardware and software components. Mahadevan Gomathisankaran (University of Iowa, USA) presented an architecture for verifying the correctness of systems without requiring the verifier itself to be given sensitive information about the system. Brian Blietz (University of Iowa, USA) presented a software tamper-resistance system based on extending the power of small, heavily-obfuscated process to a larger process that performed the real function of the software. Valery Pryamikov (Harper Security Consulting AS, Norway) presented a new method of preventing reverse-engineering of software based on transforming a programme’s function call tree.

Watermarking
Watermarking continues to be one of the active research topics with extended applications from multimedia security to software security. Hongmei Liu (Sun Yat-Sen University, China) presented two papers. One is about a scheme for reversible semi-fragile image authentication that is able to locate any tampered areas but is tolerant to JPEG compression. Another is DC coefficient-based video watermarking compliant to MPEG-2 bit stream without any additional payload. Yongwha Chung (Korea University, Korea) presented a case using robust and fragile watermarking (dual watermarking) for the communication of fingerprints. The robust watermark may be used to identify source devices. Clark Thomborson (University of Auckland, New Zealand) introduced software watermarking as a means of preventing software from piracy and unauthorised modification and presented an improved version of the QP algorithm through register allocation.

Systems
The last day of the conference was mostly given over to proposals for complete digital rights management systems. Bin Zhu (Microsoft Research Asia, China) presented two systems, one for a privacy- and copyright-respecting peer-to-peer network and another for scaling the quality of content according to the user’s willingness to pay for it. Another copyright-respecting peer-to-peer service was presented by Kyung-Hyune Rhee (Pukyong National University, Korea).

Ulrich Greveler (Ruhr University Bochum, Germany) discussed several methods of enforcing regional access to pay-TV broadcasts and concluded that, even though deployment of trusted hardware is considered the standard requirement for digital rights management systems, trusted hardware was not necessarily the best solution in this scenario.

Bottom line
DRMTICS provides a forum where all researchers from all disciplines with an interest in digital rights management can come together and share their views and ideas. While technical presentations decidedly out-numbered the other presentations at this year’s conference, both technical and non-technical disciplines were well-represented amongst the conference delegates. As noted in another INDICARE conference review (Kerényi 2005), a healthy exchange between the technical and non-technical communities is essential to successful deployment of digital rights management. Hopefully DRMTICS 2005 represents a good start to a significant event on the annual DRM calendar.

Sources

About the author: Rei Safavi-Naini is a Professor in computer security at the University of Wollongong, Australia and is the Programme Chair of DRMTICS 2005 as well as the ACM Workshop on Digital Rights Management 2005. Contact: +61 2 4221 3800, rei@uow.edu.au. Wanqing Li and Nicholas Sheppard are academic staff at the University of Wollongong and are the General Co-Chairs of DRMTICS 2005. Contact: +61 2 4221 5410, wanqing@uow.edu.au and +61 2 4221 3788, nps@uow.edu.au.

Status: first posted 15/12/05; licensed under Creative Commons
URL: http://www.indicare.org/tiki-read_article.php?articleId=160