A Hardware Approach for Trusted Access and Usage Control

A Hardware Approach for Trusted Access and Usage Control

Nicolas Anciaux (INRIA Rocquencourt, France), Luc Bouganim (INRIA Rocquencourt, France) and Philippe Pucheral (INRIA Rocquencourt and University of Versailles, France)
Copyright: © 2009 |Pages: 23
DOI: 10.4018/978-1-60566-262-6.ch009
OnDemand PDF Download:


This chapter advocates the convergence between Access Control (AC) models, focusing on the granularity of sharing, and Digital Right Management (DRM) models focusing on conditional authorizations and obligations. The convergence is also expected in terms of control enforcement considering that both AC and DRM models must be equally protected against any form of tampering and piracy. We capitalize on the democratization of powerful secure chip platforms (e.g., smart cards, secure USB dongles) which can be plugged in a variety of client devices (PC, PDA, cell phones, consumer electronics) to design a new architecture of a trusted access and usage control system. The benefits of the proposed architecture are exemplified in two different contexts: a fair DRM scenario and a healthcare scenario.
Chapter Preview


In computer systems, access control models are used to express who is granted privilege to execute which actions on which set of resources. Many works have been conducted on access control management in the database context, trying to provide the finest granularity of sharing. In relational database systems, privileges can be granted on virtual objects, called views, dynamically built by an SQL query (Melton et al., 1993). In XML databases, XPath expressions are usually used to delineate the objects or document parts targeted by an access control rule (Bertino et al., 2001; Gabillon et al., 2001; Damiani et al., 2002). The reason for this granularity concern is that databases often contain sensitive information (e.g., personal, commercial, administrative, military data) shared by a large number of users playing different roles with different privileges. Digital Right Management (DRM) models are also used to regulate the access to resources. DRM models primarily target the protection of digital assets (e.g., videos and sounds). The granularity of the access control is of lesser concern here but the conditions (e.g., to pay a fee) and obligations (e.g., to increment a counter at each copy) related to how a privilege can be exercised become central (XrML; ODRL). Hence DRM models complement access control with usage control. Another major concern of DRM systems is the enforcement of the access and usage control rules to fight against a large scale piracy threatening the global multimedia content industry (IFPI).

As the information distributed to customers becomes more complex and structured (e.g., encyclopaedia, cultural collections, stock exchange databases) the need for finer granularity rules arise in the DRM context. Conversely, as database applications show an increasing concern for regulating the usage made of the information legally accessed, the need for access control rules integrating contextual conditions and obligations arises. This is particularly true for databases containing personal data (Agrawal et al., 2002). The management of Electronic Health Records illustrates this well. For example, permissive access control rules should apply to a medical folder in specific contexts like an emergency situation. Obligations like registering all accesses to a medical folder in a log are also required to allow auditing the system.

In this chapter, we advocate the convergence between the access control and DRM worlds, encompassing the expression of fine grain access control and accurate usage control. This convergence is also expected in terms of control enforcement. In database environments, the access control is usually enforced by the database server, under the assumption that the server is trusted. Unfortunately, even the most defended servers (including those of Pentagon, FBI and NASA) have been successfully attacked, and database systems are identified as the primary target of computer criminality (Computer Security Institute, 2007). This motivated the design of new architectures where the server role amounts to deliver raw content to smart clients implementing the access control (Bouganim et al., 2004; Hacigumus et al., 2002). The question becomes how to enforce access and usage control on the client side. This question is not new in the DRM context, though no satisfactory solutions have been proposed yet. Indeed, today’s DRM methods are so coercive that they do nothing but exasperating consumers and legitimize piracy (Champeau, 2004). The question is newer in the database world, people slowly becoming aware of the value of personal data and starting considering that protecting privacy is at least as important as protecting digital assets.

Key Terms in this Chapter

Data Spoofing: an attacker deletes or modifies (even randomly) some data, thereby potentially corrupting the evaluation of access and usage rules and/or query evaluation.

MAC: The Mandatory Access Control Model (MAC) attaches security level to objects and clearance level to users in a centralized way.

Secure Operating Environment: A combination of hardware and software modules providing a tamper-resistant storage and execution environment protecting against any form of snooping and tampering attacks.

RBAC: The Role Bases Access Control Model (RBAC) introduces the concepts of Roles and Teams to improve the administration of access control policies for a large population of cooperating users.

Insider: a person properly identified by the database server (i.e., a registered user) who tries to get information exceeding her own privileges. The owned privileges give her more abilities than the intruder to tamper the system and to deduce valuable unauthorized content.

Intruder: a person with no database privilege, who infiltrates a computer system and tries to extract valuable information from the database footprint on disk.

DAC: The Discretionary Access Control model (DAC) gives the creator of an object the privilege to define the policy regulating access to this object, and granted privileges can be transmitted between users.

Administrator: a person who has enough (usually all) privileges to administer a computer system (System Administrator) or a DBMS (Database Administrator or DBA). These privileges give her the opportunity to access the database files and to spy on the DBMS behavior (e.g., main memory monitoring).

Data Splicing: an attacker replaces a valid data by another valid data. This attack may lead to reveal unauthorized data, corrupt the evaluation of access and usage rules.

Data Replaying: an attacker replaces a valid data by one of its older version. For instance, replaying old access rules may lead to disclose unauthorized data.

Access Control Policy: Set of rules regulating the use of the resources of a system, each rule granting or revoking the right to access some data or perform some action in that system.

Usage Control: complements access control with contextual predicates, conditioning the activation of a given privilege, and obligations, i.e., mandatory actions associated to the exercise of a privilege.

Data Snooping: an attacker examines the (potentially encrypted) data, on disk, in the memory or on the communication links and deduces unauthorized information.

Complete Chapter List

Search this Book:
Editorial Advisory Board
Table of Contents
Borko Furht
Shiguo Lian, Yan Zhang
Shiguo Lian, Yan Zhang
Chapter 1
Pramod A. Jamkhedkar, Gregory L. Heileman
Rights expression languages (RELs) form a central component of digital rights management (DRM) systems. The process of development of RELs... Sample PDF
Rights Expression Languages
Chapter 2
Deepali Brahmbhatt, Mark Stamp
This chapter presents a digital rights management (DRM) system designed for streaming media. A brief, general introduction to DRM is also provided... Sample PDF
Digital Rights Management for Streaming Media
Chapter 3
Jean-Henry Morin
This chapter introduces and discusses much needed alternatives to the traditional either/or debate on total security of secure multimedia... Sample PDF
Rethinking DRM Using Exception Management
Chapter 4
Mercè Serra Joan, Bert Greevenbosch, Anja Becker, Harald Fuchs
This chapter gives an overview of the Open Mobile AllianceTM Digital Rights Management (OMA DRM) standard, which allows for the secure distribution... Sample PDF
Overview of OMA Digital Rights Management
Chapter 5
Hugo Jonker, Sjouke Mauw
The use of Digital Rights Management (DRM) systems involves several stakeholders, such as the content provider, the license provider, and the user... Sample PDF
Discovering the Core Security Requirements of DRM Systems by Means of Objective Trees
Chapter 6
Pallavi Priyadarshini, Mark Stamp
Peer-to-peer (P2P) networks have proliferated and become ubiquitous. A school of thought has emerged that harnessing the established user-base and... Sample PDF
Digital Rights Management for Untrusted Peer-to-Peer Networks
Chapter 7
L. Badia, A. Erta, U. Malesci
Traditional analog video surveillance systems technology has recently become inadequate to face the massive demand of security systems consisting of... Sample PDF
Pervasive Video Surveillance Systems Over TCP/IP Networks
Chapter 8
Ramya Venkataramu, Mark Stamp
Digital Rights Management (DRM) technology is used to control access to copyrighted digital content. Apple employs a DRM system known as Fairplay in... Sample PDF
P2PTunes: A Peer-to-Peer Digital Rights Management System
Chapter 9
Nicolas Anciaux, Luc Bouganim, Philippe Pucheral
This chapter advocates the convergence between Access Control (AC) models, focusing on the granularity of sharing, and Digital Right Management... Sample PDF
A Hardware Approach for Trusted Access and Usage Control
Chapter 10
Ionut Florescu
Regarding fundamental protocols in cryptography, the Diffie-Hellman (Diffie and Hellman, 1976) public key exchange protocol is one of the oldest and... Sample PDF
A Summary of Recent and Old Results on the Security of the Diffie-Hellman Key Exchange Protocol in Finite Groups
Chapter 11
Guojun Wang, Yirong Wu, Geyong Min, Ronghua Shi
Secret sharing aims at distributing and sharing a secret among a group of participants efficiently. In this chapter, we propose a plane-based access... Sample PDF
Secret Sharing with k-Dimensional Access Structure
Chapter 12
Supavadee Aramvith, Rhandley D. Cajote
Presently, both wireless communications and multimedia communications have experienced unequaled rapid growth and commercial success. Building on... Sample PDF
Wireless Video Transmission
Chapter 13
M. Hassan Shirali-Shahreza, Mohammad Shirali-Shahreza
Establishing hidden communication is an important subject of discussion that has gained increasing importance recently, particularly with the... Sample PDF
A Survey of Information Hiding
Chapter 14
Fan Zhang
The digital multimedia, including text, image, graphics, audio, video, and so forth, has become a main way for information communication along with... Sample PDF
Digital Watermarking Capacity and Detection Error Rate
Chapter 15
Digital Watermarking  (pages 277-297)
Aidan Mooney
As Internet usage continues to grow, people are becoming more aware of the need to protect the display and presentation of digital documents.... Sample PDF
Digital Watermarking
Chapter 16
Pradeep K. Atrey, Abdulmotaleb El Saddik, Mohan Kankanhalli
Digital video authentication has been a topic of immense interest to researchers in the past few years. Authentication of a digital video refers to... Sample PDF
Digital Video Authentication
Chapter 17
Tieyan Li
The multimedia community is moving from monolithic applications to more flexible and scalable proliferate solutions. Security issues such as access... Sample PDF
Flexible Multimedia Stream Authentication
Chapter 18
K-G Stenborg
Media that is distributed digitally can be copied and redistributed illegally. Embedding an individual watermark in the media object for each... Sample PDF
Scalable Distribution of Watermarked Media
Chapter 19
Hafiz Malik
This chapter provides critical analysis of current state-of-the-art in steganography. First part of the this chapter provides the classification of... Sample PDF
Critical Analysis of Digital Steganography
Chapter 20
Esther Palomar, Juan M.E. Tapiador, Julio C. Hernandez-Castro, Arturo Ribagorda
Perhaps the most popular feature offered by Peer-to-Peer (P2P) networks is the possibility of having several replicas of the same content... Sample PDF
Secure Content Distribution in Pure P2P
Chapter 21
Andreas U. Schmidt, Nicolai Kuntze
Security in the value creation chain hinges on many single components and their interrelations. Trusted Platforms open ways to fulfil the pertinent... Sample PDF
Trust in the Value-Creation Chain of Multimedia Goods
Chapter 22
Goo-Rak Kwon, Sung-Jea Ko
The objective of this chapter introduces an advanced encryption of MP3 and MPEG-4 coder with a quality degradation-based security model. For the MP3... Sample PDF
Copyright Protection of A/V Codec for Mobile Multimedia Devices
Chapter 23
Frank Y. Shih, Yi-Ta Wu
Steganography is the art of hiding secret data inside other innocent media file. Steganalysis is the process of detecting hidden data which are... Sample PDF
Digital Steganography Based on Genetic Algorithm
Chapter 24
Guangjie Liu, Shiguo Lian, Yuewei Dai, Zhiquan Wang
Image steganography is a common form of information hiding which embeds as many message bits into images and keep the introduced distortion... Sample PDF
Adaptive Image Steganography Based on Structural Similarity Metric
Chapter 25
Shiguo Lian
Video watermarking technique embeds some information into videos by modifying video content slightly. The embedded information, named watermark, may... Sample PDF
A Survey on Video Watermarking
Chapter 26
Minglei Liu, Ce Zhu
Digital watermarking is a useful and powerful tool for multimedia security such as copyright protection, tamper proofing and assessment, broadcast... Sample PDF
Multiple Description Coding with Application in Multimedia Watermarking
Chapter 27
Hsuan T. Chang, Chih-Chung Hsu
This chapter introduces a pioneer concept in which multiple images are simultaneously considered in the compression and secured distribution... Sample PDF
Fractal-Based Secured Multiple-Image Compression and Distribution
About the Contributors