Notification: Our email services are now fully restored after a brief, temporary outage caused by a denial-of-service (DoS) attack. If you sent an email on Dec 6 and haven't received a response, please resend your email.
CFP last date
20 December 2024
Reseach Article

Secure Anonymously Authenticated and Traceable Enterprise DRM System

by Maged Hamada Ibrahim
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 126 - Number 3
Year of Publication: 2015
Authors: Maged Hamada Ibrahim
10.5120/ijca2015906011

Maged Hamada Ibrahim . Secure Anonymously Authenticated and Traceable Enterprise DRM System. International Journal of Computer Applications. 126, 3 ( September 2015), 1-9. DOI=10.5120/ijca2015906011

@article{ 10.5120/ijca2015906011,
author = { Maged Hamada Ibrahim },
title = { Secure Anonymously Authenticated and Traceable Enterprise DRM System },
journal = { International Journal of Computer Applications },
issue_date = { September 2015 },
volume = { 126 },
number = { 3 },
month = { September },
year = { 2015 },
issn = { 0975-8887 },
pages = { 1-9 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume126/number3/22529-2015906011/ },
doi = { 10.5120/ijca2015906011 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:16:27.027312+05:30
%A Maged Hamada Ibrahim
%T Secure Anonymously Authenticated and Traceable Enterprise DRM System
%J International Journal of Computer Applications
%@ 0975-8887
%V 126
%N 3
%P 1-9
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Anonymity is one of the important services that must be available to users in the digital world as long as they behave honestly. Users’ communication must be kept authenticated and anonymous unless malicious behaviors are detected. In this case the accused user’s clear identity must be traced and revealed by the system to solve accusations. Enterprise Digital Rights Management (E-DRM) protects business digital applications by allowing an author in an organization to securely upload his confidential package/file(s) and store the contents in a private way on secure servers. This is done in a way that – later – allows an authorized user who is able to prove his authorization for the package to an authorization authority to download and use these contents in a private way. In this paper, we extend our previously proposed E-DRM protocols and propose an E-DRM protocol that allows authorized users to upload, store and download packages in an efficiently secure, anonymous and authenticated way. On the other hand, in case of an accusation or a dispute, our system is able to trace the user to his clear identity to solve accusations.

References
  1. Yair Amir, Yongdae Kim, Cristina Nita-Rotaru, and Gene Tsudik. On the performance of group key agreement protocols. ACM Trans. Inf. Syst. Secur., 7(3):457–488, August 2004.
  2. Alapan Arnab and Andrew Hutchison. Digital rights management-an overview of current challenges and solutions. In Proceedings of Information Security South Africa (ISSA) Conference 2004, 2004.
  3. Alapan Arnab and Andrew Hutchison. Digital rights managementa current review. Technical report, 2004.
  4. Alapan Arnab and Andrew Hutchison. Requirement analysis of enterprise drm system. In In proceedings of ISSA’05, pages 1–14, 2005.
  5. Endre Bangerter, Jan Camenisch, and Ueli Maurer. Efficient proofs of knowledge of discrete logarithms and representations in groups with hidden order. In In PKC 2005, LNCS 3386, pages 154–171. Springer-Verlag, 2005.
  6. J. Bar-Ilan and D. Beaver. Non-cryptographic fault-tolerant computing in constant number of rounds of interaction. In Proceedings of the Eighth Annual ACM Symposium on Principles of Distributed Computing, PODC ’89, pages 201–209, New York, NY, USA, 1989. ACM.
  7. Franco Bartolini, A Piva, A Fringuelli, M Barni, et al. Electronic copyright management systems: Requirements, players and technologies. In Database and Expert Systems Applications, 1999. Proceedings. Tenth International Workshop on, pages 896–898. IEEE, 1999.
  8. Mihir Bellare, Daniele Micciancio, and Bogdan Warinschi. Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. In Proceedings of the 22Nd International Conference on Theory and Applications of Cryptographic Techniques, EUROCRYPT’03, pages 614–629, Berlin, Heidelberg, 2003. Springer-Verlag.
  9. Mihir Bellare, Haixia Shi, and Chong Zhang. Foundations of group signatures: The case of dynamic groups. pages 136– 153. Springer-Verlag, 2004.
  10. Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, STOC ’88, pages 1–10, New York, NY, USA, 1988. ACM.
  11. Adam Bender, Jonathan Katz, and Ruggero Morselli. Ring signatures: Stronger definitions, and constructions without random oracles. J. Cryptol., 22(1):114–138, December 2008.
  12. Dion Boesten and Boris kori. Asymptotic fingerprinting capacity in the combined digit model. In Matthias Kirchner and Dipak Ghosal, editors, Information Hiding, volume 7692 of Lecture Notes in Computer Science, pages 255–268. Springer Berlin Heidelberg, 2013.
  13. Jan Camenisch and Jens Groth. Group signatures: Better efficiency and new theoretical aspects. In Carlo Blundo and Stelvio Cimato, editors, Security in Communication Networks, volume 3352 of Lecture Notes in Computer Science, pages 120–133. Springer Berlin Heidelberg, 2005.
  14. Chin-Chen Chang and Jen-Ho Yang. A group-oriented digital right management scheme with reliable and flexible access policies. I. J. Network Security, 15(6):471–477, 2013.
  15. David Chaum and Torben P. Pedersen. Wallet databases with observers. In Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’92, pages 89–105, London, UK, UK, 1993. Springer-Verlag.
  16. David Chaum and Eug`ene Van Heyst. Group signatures. In Advances in CryptologyEUROCRYPT91, pages 257–265. Springer, 1991.
  17. Paul Feldman. A practical scheme for non-interactive verifiable secret sharing. In Proceedings of the 28th Annual Symposium on Foundations of Computer Science, SFCS ’87, pages 427–438, Washington, DC, USA, 1987. IEEE Computer Society.
  18. Rosario Gennaro, Stanisaw Jarecki, Hugo Krawczyk, and Tal Rabin. Robust threshold DSS signatures. In Advances in Cryptology EUROCRYPT 96, volume 1070 of Lecture Notes in Computer Science, pages 354–371. Springer Berlin Heidelberg, 1996.
  19. Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. Secure distributed key generation for discrete-log based cryptosystems. J. Cryptol., 20(1):51–83, January 2007.
  20. Maged H Ibrahim, IA Ali, II Ibrahim, and AH El-sawi. A robust threshold elliptic curve digital signature providing a new verifiable secret sharing scheme. In Circuits and Systems, 2003 IEEE 46th Midwest Symposium on, volume 1, pages 276–280. IEEE, 2003.
  21. Maged H. Ibrahim, I. I. Ibrahim, and A. H. El-Sawy. Fast three-party shared generation of rsa keys without distributed primality tests. In in Proceedings of the Information Systems: New Generations (ISNG04, 2004.
  22. Maged Hamada Ibrahim. Verifiable threshold sharing of a large secret safe-prime. In Information Technology: Coding and Computing, 2005. ITCC 2005. International Conference on, volume 1, pages 608–613. IEEE, 2005.
  23. Maged Hamada Ibrahim. Eliminating quadratic slowdown in two-prime RSA function sharing. I. J. Network Security, 7(1):106–113, 2008.
  24. Maged Hamada Ibrahim. Resisting traitors in linkable democratic group signatures. International Journal of Network Security, 9(1):51–60, 2009.
  25. Maged Hamada Ibrahim. Efficient robust and secure E-DRM with encrypted content search. International Journal on Information (Information-Tokyo), 18(6(A)):2531–2546, 2015.
  26. Maged Hamada Ibrahim. Secure and robust digital rights management protocol with efficient storage. International Journal on Information (Information-Tokyo), 18(2):625–640, February 2015.
  27. Ingemar Ingemarsson and Gustavus J. Simmons. A protocol to set up shared secret schemes without the assistance of mutually trusted party. In Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques on Advances in Cryptology, EUROCRYPT ’90, pages 266–282, New York, NY, USA, 1991. Springer-Verlag New York, Inc.
  28. Aggelos Kiayias and Moti Yung. Group signatures with efficient concurrent join. In In proceedings of EUROCRYPT 05, LNCS series, pages 198–214. Springer-Verlag, 2005.
  29. Yongdae Kim, Adrian Perrig, and Gene Tsudik. Tree-based group key agreement. ACM Trans. Inf. Syst. Secur., 7(1):60– 96, February 2004.
  30. Joseph K. Liu, Victor K.Wei, and Duncan S.Wong. Linkable spontaneous anonymous group signature for ad hoc groups. In Huaxiong Wang, Josef Pieprzyk, and Vijay Varadharajan, editors, Information Security and Privacy, volume 3108 of Lecture Notes in Computer Science, pages 325–335. Springer Berlin Heidelberg, 2004.
  31. Anna Lysyanskaya, RonaldL. Rivest, Amit Sahai, and Stefan Wolf. Pseudonym systems. In Howard Heys and Carlisle Adams, editors, Selected Areas in Cryptography, volume 1758 of Lecture Notes in Computer Science, pages 184–199. Springer Berlin Heidelberg, 2000.
  32. Mark Manulis. Democratic group signatures - on an example of joint ventures. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS 2006, 2006.
  33. Mark Manulis, Ahmad-Reza Sadeghi, and Jrg Schwenk. Linkable democratic group signatures. In Kefei Chen, Robert Deng, Xuejia Lai, and Jianying Zhou, editors, Information Security Practice and Experience, volume 3903 of Lecture Notes in Computer Science, pages 187–201. Springer Berlin Heidelberg, 2006.
  34. Deirdre K Mulligan, John Han, and Aaron J Burstein. How drm-based content delivery systems disrupt expectations of personal use. In Proceedings of the 3rd ACM workshop on Digital rights management, pages 77–89. ACM, 2003.
  35. Jaehong Park, Ravi Sandhu, and James Schifalacqua. Security architectures for controlled digital information dissemination. In Computer Security Applications, 2000. ACSAC’00. 16th Annual Conference, pages 224–233. IEEE, 2000.
  36. Torben P. Pedersen. Non-interactive and informationtheoretic secure verifiable secret sharing. In Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’91, pages 129–140, London, UK, UK, 1992. Springer-Verlag.
  37. Michael O. Rabin. Efficient dispersal of information for security, load balancing, and fault tolerance. J. ACM, 36(2):335– 348, April 1989.
  38. Jason K. Resch and James S. Plank. Aont-rs: Blending security and performance in dispersed storage systems. In Proceedings of the 9th USENIX Conference on File and Stroage Technologies, FAST’11, pages 14–14, Berkeley, CA, USA, 2011. USENIX Association.
  39. Ronald L. Rivest, Adi Shamir, and Yael Tauman. How to leak a secret. In Proceedings of 7th international conference on the theory and application of cryptology and information security, pages 554–567. Springer-Verlag, 2001.
  40. C. P. Schnorr. Efficient signature generation by smart cards. J. Cryptol., 4(3):161–174, January 1991.
  41. Adi Shamir. How to share a secret. Commun. ACM, 22(11):612–613, November 1979.
  42. Ahmed H. Soliman, Maged H. Ibrahim, and Adel E. El- Hennawy. Improving security and efficiency of enterprise digital rights management. In proceedings of the 6th IEEE International Conference on Computing, Communications and Networking Technologies (ICCCNT 2015). IEEE, 2015.
  43. G´abor Tardos. Optimal probabilistic fingerprint codes. In Proceedings of the Thirty-fifth Annual ACM Symposium on Theory of Computing, STOC ’03, pages 116–125, New York, NY, USA, 2003. ACM.
  44. L.R. Welch and E.R. Berlekamp. Error correction for algebraic block codes, dec 30 1986. US Patent 4,633,470.
  45. Yang Yu and Tzi-cker Chiueh. Enterprise digital rights management: Solutions against information theft by insiders. Research Proficiency Examination (RPE) report TR-169, 2003.
Index Terms

Computer Science
Information Sciences

Keywords

Enterprise security Digital rights management Anonymity Traceability Threshold cryptography Authentication Group signatures