Towards Trust in Digital Rights Management Systems

摘要

Digital transactions are usually based on mutual trust. In case of DRM (Digital Rights Management) this initial trust is missing on both sides. Neither do the content providers trust their clients - therefore DRM was established. Nor do the clients trust the content providers and react with not using these systems. The release of an open DRM standard by the Open Mobile Alliance (OMA) was a first step to increase the trustworthiness of DRM. But from the content providers' perspective a secure implementation for PC Platforms was missing. Especially the mechanisms to obfuscate and install the device private key which is the security anchor were not established there. This paper shows a software solution for that. A more riskless way to solve this problem is the involvement of Trusted Computing which is also shown by the authors. Finally the authors claim the necessity not to leave the users' security behind.