Claudine Viegas Conrado

Privacy in an identity-based DRM system

The present paper addresses privacy issues in electronic audio/video content distribution. It introduces an identity-based rights distribution and management system that enables users to access content anytime, anywhere, and on any device by means of authorization certificates issued by a content provider. These certificates openly link the identity of the users to the content that they are entitled to access. This fact, together with the availability of the certificates everywhere in the network, raises user privacy issues. A solution is proposed which deals with these issues and still allows the device to securely check the users entitlement to the content.

Privacy-Preserving Digital Rights Management

DRM systems provide a means for protecting digital content, but at the same time they violate the privacy of users in a number of ways. This paper addresses privacy issues in DRM systems. The main challenge is how to allow a user to interact with the system in an anonymous/pseudonymous way, while preserving all security requirements of usual DRM systems. To achieve this goal, the paper proposes a set of protocols and methods for managing user identities and interactions with the system during the process of acquiring and consuming digital content. Furthermore, a method that supports anonymous transfer of licenses is discussed. It allows a user to transfer a piece of content to another user without the content provider being able to link the two users. Finally, the paper demonstrates how to extend the rights of a given user to a group of users in a privacy preserving way. The extension hides the group structure from the content provider and at the same time provides privacy among the members of the group.

RFID Security: Cryptography and Physics Perspectives

In this chapter, we provide an overview of mechanisms that are cheap to implement or integrate into RFID tags and that at the same time enhance their security and privacy properties. We emphasize solutions that make use of existing (or expected) functionality on the tag or that are inherently cheap and thus enhance the privacy friendliness of the technology “almost” for free. Technologies described include the use of environmental information (presence of light, temperature, humidity, etc.) to disable or enable the RFID tag, the use of delays to reveal parts of a secret key at different moments in time (this key is used to later establish a secure communication channel), and the idea of a “sticky tag,” which can be used to re-enable a disabled (or killed) tag whenever the user considers it to be safe. We discuss the security and describe usage scenarios for all solutions. Finally, we summarize previous works that use physical principles to provide security and privacy in RFID systems and the security-related functionality in RFID standards.

Cryptographically Enforced Personalized Role-Based Access Control

The present paper addresses privacy and security enhancements to a basic role-based access control system. The contribution is twofold. First, the paper presents an approach to personalized access control, i.e. a combination of role-based access control and user-managed access control. Second, the proposed access control approach is cryptographically enforced and an efficient key management method for the personalized role-based access control is described. The proposed solutions are discussed in the context of a system architecture for secure management of Electronic Health Records.

Enhancing Privacy for Digital Rights Management

This chapter addresses privacy issues in DRM systems. These systems provide a means of protecting digital content, but may violate the privacy of users in that the content they purchase and their actions in the system can be linked to specific users. The chapter proposes a privacy-preserving DRM system in which users interact with the system in an pseudonymous way, while preserving all security requirements of usual DRM systems. To achieve this goal, a set of protocols and methods is proposed for managing user identities and interactions with the basic system during acquisition and consumption of digital content. Privacy-enhancing extensions are also proposed. Unlinkable purchase of content, which prevents content providers from linking all content purchased by a given user, is discussed. Moreover, a method which allows a user to transfer content rights to another user without the two users being linked by the content provider is provided.