Use this URL to cite or link to this record in EThOS:
Title: Support consumers' rights in DRM : a secure and fair solution to digital license reselling over the Internet
Author: Gaber, Tarek
ISNI:       0000 0004 2720 2403
Awarding Body: University of Manchester
Current Institution: University of Manchester
Date of Award: 2012
Availability of Full Text:
Access from EThOS:
Access from Institution:
Consumers of digital contents are empowered with numerous technologies allowing them to produce perfect copies of these contents and distribute them around the world with little or no cost. To prevent illegal copying and distribution, a technology called Digital Rights Management (DRM) is developed. With this technology, consumers are allowed to access digital contents only if they have purchased the corresponding licenses from license issuers. The problem, however, is that those consumers are not allowed to resell their own licenses- a restriction that goes against the first-sale doctrine. Enabling a consumer to buy a digital license directly from another consumer and allowing the two consumers to fairly exchange the license for a payment are still an open issue in DRM research area. This thesis investigates existing security solutions for achieving digital license reselling and analyses their strengths and weaknesses. The thesis then proposes a novel Reselling Deal Signing (RDS) protocol to achieve fairness in a license reselling. The idea of the protocol is to integrate the features of the concurrent signature scheme with functionalities of a License Issuer (LI). The security properties of this protocol is informally analysed and then formally verified using ATL logic and the model checker MOCHA. To assess its performance, a prototype of the RDS protocol has been developed and a comparison with related protocols has been conducted. The thesis also introduces two novel digital tokens a Reselling Permission (RP) token and a Multiple Reselling Permission (MRP) token. The RP and MRP tokens are used to show whether a given license is single and multiple resalable, respectively. Moreover, the thesis proposes two novel methods supporting fair and secure digital license reselling. The first method is the Reselling Deal (RD) method which allows a license to be resold once. This method makes use of the existing distribution infrastructure, RP, License Revocation List (LRL), and three protocols: RDS protocol RD Activation (RDA) protocol, and RD Completion (RDC) protocol. The second method is a Multiple License Reselling (MLR) method enabling one license to be resold N times by N consumers. The thesis presents two variants of the MLR method: RRP-MR (Repeated RP-based Multi-Reselling) and HC-MR (Hash Chain-based Multi-Reselling). The RRP-MR method is designed such that a buyer can choose to either continue or stop a multi-reselling of a license. Like the RD method, the RRP-MR method makes use of RP, LI, LRL, and the RDS, RDA, and RDC protocols to achieve fair and secure reselling. The HC-MR method allows multiple resellings while keeping the overhead on LI at a minimum level and enable a buyer to check how many times a license can be further resold. To do so, the HC-MR utilises MRP and the hash chain cryptographic primitive along with LRL, LI and the RDS, RDA and RDC protocols. The analysis and the evaluation of these three methods have been conducted. While supporting the license reselling, the two methods are designed to prevent a reseller from (1) continuing using a resold license, (2) reselling a non-resalable license, and (3) reselling one license a unauthorised number of times. In addition, they enable content owners of resold contents to trace a buyer who has violated any of the usage rights of a license bought from a reseller. Moreover, the methods enable a buyer to verify whether a license he is about to buy is legitimate for re-sale. Furthermore, the two methods support market power where a reseller can maximise his profit and a buyer can minimise his cost in a reselling process. In comparison with related works, our solution does not make use of any trusted hardware device, thus it is more cost-effective, while satisfying the interests of both resellers and buyers, and protecting the content owner's rights.
Supervisor: Zhang, Ning Sponsor: Egyptian Government
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available
Keywords: DRM ; Digital Rights Management ; Fairness ; Fair Exchange ; Abuse-freeness ; Non-repudiation ; Digital License Reselling. ; Reselling Deal ; Multiple License Reselling ; Single License Reselling ; License Issuer ; Re-saleability Check. ; Reselling Permission ; RP ; Multiple Reselling Permission ; MRP ; OMA DRM ; ; Windows Media DRM ; WM-DRM ; FairPlay DRM ; Apple DRM ; License Revocation List ; LRL ; Single Resalable License ; Multiple Resalable License ; DRM Client ; DRM Agant ; Non-Resalable License ; In-line TTP ; On-line TTP ; Off-line TTP ; Mocha ; Mocha Model Checker ; ATL logic ; Guarded Command Language ; Contract Signing ; Formal Analysis ; Contract Signing Protocols ; License Selling Process ; Open Mobile Alliance DRM ; Consumer Privacy ; Interoperability ; Trusted Hardware ; Gradual Secret Release Protocols ; Concurrent Signature ; Concurrent Signatures ; Collusion Attack ; License Double Use