資訊管理學報
羅濟群;黃俊傑;
頁: 117-139
日期: 2010/12
摘要: 由於資訊科技進步與網路環境等基礎建設的完成,傳統的媒體與文件等相關產品亦隨之數位化。為保護數位內容及保障創作者的智慧結晶,便有數位版權管理系統(Digital Rights Management, DRM)的出現。DRM系統提供一個安全的管理平台,將數位內容轉換成受保護-數位內容,並將解密金鑰置於執照中。消費者在完成付款程序後,方能獲取該受保護-數位內容相對應之執照,以取得數位內容。因此,DRM系統對數位內容提供私密性、完整性與可認證性之保證。 在無線網路環境,行動設備有其限制及具動態的網路環境特性,因此,DRM系統必須調適至該應用環境,稱之為行動式數位版權管理(M-DRM)。在M-DRM中,關於執照合法性的認證便是一個很重要的議題。故本研究針對應用於行動商務環境之M-DRM系統內的執照合法性做研究。本研究提出一個以群體為導向-提名式代理簽章機制(Group-Oriented Nominative Proxy Signature Scheme, GO-NPSS),在此機制中原始簽章者可將本身的簽章能力轉由一群代理人來完成,且原始簽章者可以指派哪些人具有簽章驗證能力。本研究希望在行動商務環境中,數位內容提供者可以順利的提供消費者完成執照合法性驗證的方法,由數位內容提供者指派一群代理者(n個人),且只要同時有t或t個人以上,(1≤t≤n),即可完成代理簽章(Proxy Signature)的工作。數位內容提供者可以指定特定一群簽章驗證者(l個人),且只要同時有w或w個人以上,(1≤w≤l),即可驗證由代理簽章者所產生的代理簽章之合法性。此外,本研究亦對GO-NPSS機制之安全性進行分析,以證明本研究所提之機制滿足簽章機制安全上的要求。
關鍵字: 數位版權管理系統;行動式數位版權管理;執照;行動商務;以群體為導向的提名式代理簽章機制;
Abstract: The increasing availability of information technology and computer networks has made the process of trading digital content through Internet very convenient. However, digital contents are easy to be copied and redistributed in ways that violate the intended use of the product. Digital Rights Management (DRM) is a system used to protect digital assets and control the distribution and usage of those digital assets. DRM systems separate protected content and digital license. A digital license controls the contents to be accessed by consumers. A consumer could download digital license after paying the money. DRM systems provide confidentiality, integrity and authenticity protection for digital contents. Nowadays, mobile commerce is getting more important as the mobile networks and services expand widely. While mobility presents some special requirements and limitations, it also creates new possibility for DRM. A DRM system must be adapted into a new one, Mobile DRM (M-DRM). One of the major issues raised by M-DRM systems concerns the integrity of this license. In this paper, we propose a group-oriented nominative proxy signature scheme (GO-NPSS) which supports a content provider to delegate his/her signing ability to the partial members of a group of clearinghouses having n members and to designate the partial members of a group of consumers, purchasing the same products, having l members to verify their digital licenses. In the proposed scheme, (t, n) proxy signers sign the specific digital license on behalf of the content provider and (w, l) verifiers verify the proxy signature. The proposed scheme can guarantee that the digital products come from the authorized providers. A formal security analysis demonstrates that our scheme is secure enough to be used in DRM systems.
Keywords: Digital Rights Management;Mobile Digital Rights Management;Digital License;Mobile Commerce;Group-Oriented Nominative Proxy Signature Scheme;
瀏覽次數: 17991 下載次數: 159
引用 導入Endnote
頁: 117-139
日期: 2010/12
摘要: 由於資訊科技進步與網路環境等基礎建設的完成,傳統的媒體與文件等相關產品亦隨之數位化。為保護數位內容及保障創作者的智慧結晶,便有數位版權管理系統(Digital Rights Management, DRM)的出現。DRM系統提供一個安全的管理平台,將數位內容轉換成受保護-數位內容,並將解密金鑰置於執照中。消費者在完成付款程序後,方能獲取該受保護-數位內容相對應之執照,以取得數位內容。因此,DRM系統對數位內容提供私密性、完整性與可認證性之保證。 在無線網路環境,行動設備有其限制及具動態的網路環境特性,因此,DRM系統必須調適至該應用環境,稱之為行動式數位版權管理(M-DRM)。在M-DRM中,關於執照合法性的認證便是一個很重要的議題。故本研究針對應用於行動商務環境之M-DRM系統內的執照合法性做研究。本研究提出一個以群體為導向-提名式代理簽章機制(Group-Oriented Nominative Proxy Signature Scheme, GO-NPSS),在此機制中原始簽章者可將本身的簽章能力轉由一群代理人來完成,且原始簽章者可以指派哪些人具有簽章驗證能力。本研究希望在行動商務環境中,數位內容提供者可以順利的提供消費者完成執照合法性驗證的方法,由數位內容提供者指派一群代理者(n個人),且只要同時有t或t個人以上,(1≤t≤n),即可完成代理簽章(Proxy Signature)的工作。數位內容提供者可以指定特定一群簽章驗證者(l個人),且只要同時有w或w個人以上,(1≤w≤l),即可驗證由代理簽章者所產生的代理簽章之合法性。此外,本研究亦對GO-NPSS機制之安全性進行分析,以證明本研究所提之機制滿足簽章機制安全上的要求。
關鍵字: 數位版權管理系統;行動式數位版權管理;執照;行動商務;以群體為導向的提名式代理簽章機制;
A Group-Oriented Nominative Proxy Signature Scheme for Digital Rights Management in Mobile Commerce
Abstract: The increasing availability of information technology and computer networks has made the process of trading digital content through Internet very convenient. However, digital contents are easy to be copied and redistributed in ways that violate the intended use of the product. Digital Rights Management (DRM) is a system used to protect digital assets and control the distribution and usage of those digital assets. DRM systems separate protected content and digital license. A digital license controls the contents to be accessed by consumers. A consumer could download digital license after paying the money. DRM systems provide confidentiality, integrity and authenticity protection for digital contents. Nowadays, mobile commerce is getting more important as the mobile networks and services expand widely. While mobility presents some special requirements and limitations, it also creates new possibility for DRM. A DRM system must be adapted into a new one, Mobile DRM (M-DRM). One of the major issues raised by M-DRM systems concerns the integrity of this license. In this paper, we propose a group-oriented nominative proxy signature scheme (GO-NPSS) which supports a content provider to delegate his/her signing ability to the partial members of a group of clearinghouses having n members and to designate the partial members of a group of consumers, purchasing the same products, having l members to verify their digital licenses. In the proposed scheme, (t, n) proxy signers sign the specific digital license on behalf of the content provider and (w, l) verifiers verify the proxy signature. The proposed scheme can guarantee that the digital products come from the authorized providers. A formal security analysis demonstrates that our scheme is secure enough to be used in DRM systems.
Keywords: Digital Rights Management;Mobile Digital Rights Management;Digital License;Mobile Commerce;Group-Oriented Nominative Proxy Signature Scheme;
瀏覽次數: 17991 下載次數: 159
引用 導入Endnote