Digital rights management
DRM in the Enterprise
Protect certain types of private information.
Example
The Health Insurance Portability and Accountability Act(HIPAA) requires that companies protect personal medical records.
The Sarbanes-Oxley Act(SOA) requires that companies must preserve certain documents, such as information that might be relevant to “insider trading” stock violations.
45 trang |
Chia sẻ: vutrong32 | Lượt xem: 1242 | Lượt tải: 0
Bạn đang xem trước 20 trang tài liệu Digital rights management, để xem tài liệu hoàn chỉnh bạn click vào nút DOWNLOAD ở trên
DIGITAL RIGHTS MANAGEMENT Hoang Viet Lam Tran Quoc Trieu*OUTLINEIntroductionSoftware reverse engineeringSoftware tamper resistanceDigital rights management**SOFTWARE REVERSE ENGINEERINGReverse engineering is the process of analyzing a subject system to identify the system's components and their inter-relationships, and to create representations of the system in another form at higher levels of abstraction(Chikofsky and Cross1990)SRE can be used for good or not so good purposes.*SOFTWARE REVERSE ENGINEERING(CONT)The essential tools for SRE include a disassembler, a debugger and a hex editor.A disassembler converts an executable into assembly code(IDA Pro, Hackman).A debugger is used to set break points, which allows Trudy to step through the code as it executes(SoftICE, OllyDbg).*SOFTWARE REVERSE ENGINEERING(CONT)A hex editor is also a necessary SRE tool.The hex editor is the tool Trudy will use to directly modify, or patch, the exe file(UltraEdit, HIEW).Other tools that might sometimes prove useful include( Regmon-monitors all accesses of the Windows registry; Filemon-monitors all accesses of files)VMWare-which allows a user to set up virtual machines*SOFTWARE REVERSE ENGINEERING(CONT)Why do we need a disassembler and a debugger?For SRE work, boundless patience and optimism are also needed since SRE is extremely tedious and labor intensive. SRE is essentially a manual processThe necessary technical skills for SRE include a working knowledge of the target assembly language and experience with the necessary tools*SOFTWARE REVERSE ENGINEERING(CONT)For our SRE example, we’ll consider code that requires a serial number.*SOFTWARE REVERSE ENGINEERING(CONT)Trudy disassembled serial.exe using IDA Pro tool*SOFTWARE REVERSE ENGINEERING(CONT)*SOFTWARE REVERSE ENGINEERING(CONT)*SOFTWARE REVERSE ENGINEERING(CONT)The instruction test eax,eax computes a binary AND of register eax with itself. This causes the flag bit—which is tested in the jump instruction at address 0x401032—to be zero only if the eax register contains 0Replace instruction “test eax,eax” at address 0x401030 with “xor eax,eax” then the flag bit that is tested in line 0x401032 will always be zero*SOFTWARE REVERSE ENGINEERING(CONT)Trudy examines the bits at address 0x4010300x33C0**ANTI-DISASSEMBLY TECHNIQUESEncrypt executable file and when the exe file is in encrypted form, it can’t be disassembled correctly.False disassembly*ANTI-DISASSEMBLY TECHNIQUES(CONT)Another sophisticated anti-disassembly trick that has been used is self-modifying code.Self-modifying code modifies its own executable in real time.This is an effective way to confuse a disassembler, but it may also confuse the developers, since it’s difficult to implement and is error prone*ANTI-DEBUGGING TECHNIQUESSince a debugger uses certain debug registers, a program can monitor the use of these registers and stop (or crash) if these registers are in use. A program can also monitor for inserted breakpoints, which is another telltale sign of a debugger*ANTI-DEBUGGING TECHNIQUES(CONT)A simple anti-debugging technique*SOFTWARE TAMPER RESISTANCEGuards: It’s possible to have the code hash sections of itself as it executes and compare the computed hash values with the known hash values of the original code.If tampering occurs, a hash check will fail and the program can take evasive action.*SOFTWARE TAMPER RESISTANCE(CONT)Obfuscation:Another popular form of tamper resistance is code obfuscation. Here, the goal is to make the code difficult to understand“Spaghetti code”“Opaque predicate”*SOFTWARE TAMPER RESISTANCE(CONT)Code obfuscation has sometimes been promoted as a powerful security technique.In fact, Diffie and Hellman’s original conception of public key cryptography suggested obfuscation as a likelyway to develop a such a cryptosystem.Recently it has been argued that obfuscation cannot possibly provide strong security in, say, the same sense as cryptography*METAMORPHISM REVISITEDThe usual practice in software development is to distribute identical copies, or clones, of a particular piece of software to each customerBreak once, break everywhere or BOBESuppose we distribute metamorphic copies. That is, each copy of our software differs internally, but all copies are functionally identical.*METAMORPHISM REVISITED(CONT)Thanks to open platforms and SRE, we cannot prevent attacks on software. Arguably, the best we can hope for is increased BOBE resistance. Metamorphism is one possible way to achieve a reasonable level of BOBE resistance.*DIGITAL RIGHTS MANAGEMENTWhat is DRM?Describe an actual DRM system designed to protect PDF documents.DRM system designed to protect streaming mediaParticular peer-to-peer applicationUse DRM to protect documents distributed within an enterprise*WHAT IS DRM?Trudy wants to sell her new book in digital form on the internet.Alice buys Trudy’s digital book and then redistributes it for free online => What happens?Persistent protection is the buzzword for the required level of DRM protection. Examples of the kinds of persistent protection on a digital book: No copying, read once, do not open until Christmas, *WHAT IS DRM?What can be done to enforce persistent protection?One option is to rely on the honor system, whereby we do not actually force users to obey the rules but instead simply expect that they will. Example: horror novel writer Stephen King with a book The Plant.*WHAT IS DRM?Give up on enforcing DRM on an open platform such as a PC.Enforce persistent protection through software in a PC => failureExample: DRM system for protecting digital documents might be defeated by user who is knowledgeable enough to operate a screen capture program.*WHAT IS DRM?Another option would be to develop the strongest possible DRM system in software.A reasonably high level of DRM protection can be achieved.Example: Closed systems(game systems)*WHAT IS DRM?Cryptography is the solution to the DRM problem.*WHAT IS DRM?There is a fundamental limit on the effectiveness of any DRM system, since the so called analog hole is present in any DRM. When the content is rendered, it can be captured in analog form.*A REAL-WORLD DRM SYSTEMMediaSnap DRM systems*MediaSnap DRM systemsSecure Document Server(SDS)Client softwareA REAL-WORLD DRM SYSTEM*A REAL-WORLD DRM SYSTEM*A REAL-WORLD DRM SYSTEMThere are security issues both on the server and on the client side.The SDS must protect keys and authenticate users, and it must apply the required persistent protection to the document. The SDS resides at corporate headquarters and is relatively secure.The client must protect keys, authenticate users, and enforce the persistent protection. The DRM client software, on the other hand, is readily available to any attacker.*A REAL-WORLD DRM SYSTEM*A REAL-WORLD DRM SYSTEMTo prevent disassembly, the executable code is encrypted, and false disassembly is used to protect the part of the code that performs the decryption. In addition, the executable code is only decrypted in small slices so that it’s more difficult for an attacker to obtain the entire code in decrypted form.The anti-debugging technique. *A REAL-WORLD DRM SYSTEMThe anti-debugging technique. The basic approach is to monitor for the use of the debug registers. One obvious attack on such a scheme is a man-in-the-middle, where the attacker debugs the code but responds to the anti-debugging software in such a way that it appears no debugger is running. The anti-debugging technique includes defenses against such an attack on its monitoring mechanism.*A REAL-WORLD DRM SYSTEMThe obfuscation is applied to the security critical operations, including key management, authentication, and cryptography.Advanced Encryption Standard(AES).Scrambling algorithm.Can be obfuscated.The keys are also obfuscated by splitting them into multiple parts and hiding some parts in data and other parts in code.*A REAL-WORLD DRM SYSTEM*DRM FOR STREAMING MEDIAAttacks on streaming media include spoofing the stream between the end-points, man-in-the-middle, replay, or redistribution of the data, and the capture of the plaintext at the client.Scrambling algorithms.Each instance of the client software comes equipped with a large number of distinct scrambling included.Each client has a distinct subset of scrambling algorithms chosen from a master set of all scrambling algorithms, and the server knows this master set of algorithms.*DRM FOR STREAMING MEDIAScrambling algorithms.Suppose the server knows the N different scrambling algorithm, s0,s1,,sN-1 . Each client is equipped with a subset of these algorithms, example: LIST = {s12, s45, s2, s37, s23, s31}*DRM FOR A P2P APPLICATIONPeer-to-peer networks*DRM FOR A P2P APPLICATIONPeer offering service(POS)*DRM IN THE ENTERPRISEProtect certain types of private information.ExampleThe Health Insurance Portability and Accountability Act(HIPAA) requires that companies protect personal medical records.The Sarbanes-Oxley Act(SOA) requires that companies must preserve certain documents, such as information that might be relevant to “insider trading” stock violations.**
Các file đính kèm theo tài liệu này:
- sem07_digitalrightm_kstn_8054.ppt