The Digital Dilemma Intellectual Property in the Information Age (2000) / Chapter Skim
Currently Skimming:
Appendix E: Technologies for Intellectual Property Protection
Appendix E: Technologies for Intellectual Property Protection
Pages 282-303
The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.
From page 282... ...
are covered in Chapter 5. Encryption, digital signatures, the infrastructure needed to make public-key encryption widely usable, techniques for marking and monitoring digital information, and mechanisms for secure packaging of information are described in this appendix.
|
From page 283... ...
Before an object is encrypted it is called "cleartext." Encryption transforms cleartext into "ciphertext," and decryption transforms ciphertext back into cleartext.1 Encryption and other closely related mechanisms can be used to help achieve a wide variety of security objectives, including:2 · Privacy and confidentiality; · Data integrity: ensuring that information has not been altered; · Authentication or identification: corroborating the identity of a person, computer terminal, a credit card, and so on; · Message authentication: corroborating the source of information; · Signature: binding information to an entity; · Authorization: conveying to another entity official sanction to do or be something; · Certification: endorsing information by a trusted entity; · Witnessing: verifying the creation or existence of information; · Receipt: acknowledging that information has been received; · Confirmation: acknowledging that services have been provided; · Ownership: providing an entity with the legal right to use or transfer a resource to others; · Anonymity; · Nonrepudiation: preventing the denial of previous commitments or actions; and 1These terms are used even when the medium involved is not text. For example, one may refer to a "cleartext image." 2Adapted from Menezes et al.
|
From page 284... ...
. Cryptologic folklore has it that Julius Caesar used the shift cipher with k equal to 3; this special case is often referred to as the "Caesar cipher." The shift cipher is completely unusable in a modern computing environment because the key space (i.e., the set of all possible keys)
|
From page 285... ...
To compute the ith bit of the ciphertext, the encryption procedure takes the exclusive-or of the ith bit of the cleartext and the ith bit of the key.4 Decryption is done in precisely the same way. For example, encrypting the cleartext string "01100010" with the key "11001100" produces the ciphertext "10101110." 3The most secure keys are truly, uniformly random; hence the example of using readable text as the key is not the best practice.
|
From page 286... ...
An adversary can of course always mount an exhaustive search attack to try to find the right key, decrypting using each possible key and testing each output result to see if it is a comprehensible cleartext object (e.g., readable text, viewable image, or sensible sound)
|
From page 287... ...
In the context of mass market IP, key exchange can be a large-scale problem: Online distribution of a best-selling novel may mean a few hundred thousand customers, that is, a few hundred thousand key exchanges. Although the encrypted text of the novel may be distributed via high-bandwidth broadcast channels (neither authentication nor secrecy is required)
|
From page 288... ...
Logically, a secret key is determined by its corresponding public key, but the time required to compute this uniquely determined quantity should Key Generator Cleartext Public Key Ciphertext Secret Key Encryption Function Decryption Function FIGURE E.2 The public-key encryption system. Public Key Secret Key Ciphertext Cleartext
|
From page 289... ...
Considerable disagreement still exists in the technical community about how to create an effective public-key infrastructure (see below and Feigenbaum, 1998~. Other potential obstacles to widespread use of public keys are the same ones that make symmetric-key systems hard to deploy effectively in a mass market service: A user's secret keys must be managed extremely carefully, as must all cleartext objects; otherwise, the property that was protected during transmission can be stolen once it reaches its destination.
|
From page 290... ...
As before, the success of the scheme depends on the ability to generate public-key/secret-key pairs that cause the signing and verification procedures to work properly and that have the counterintuitive property Key Generator Object Secret Key Object Signature Public Kev Signing Function Verification Function FIGURE E.3 The system for digital signatures. ~ Secret Key
|
From page 291... ...
As noted earlier, public-key encryption is currently too slow to use to encrypt significant amounts of content, hence its main role in the foreseeable future is likely to be key distribution. Digital signatures, on the other hand, provide assured provenance (only the person in possession of the secret key could have created the signature)
|
From page 292... ...
and that both are revocable to deal with secret keys that have been compromised. One standard version of public-key infrastructure calls for official CAs to issue ID certificates for other official CAs, thus forming "hierarchies of trust." (Having numerous CAs prevents the entire system from being dependent on a single source.)
|
From page 293... ...
Direct authorization of verification keys can be a powerful tool in IP management and in e-business generally, enabling individual customers to do business anonymously (as they often can in the physical world) and enabling businesses to derive much more information from digital signature verification than simply the name of the signer.
|
From page 294... ...
There is good reason to believe that an appropriate infrastructure will emerge soon, however, because of the enabling role that digital signatures could play in electronic commerce. Unlike encryption, digital signature technology is not encumbered by export restrictions.
|
From page 295... ...
· Fingerprinting: To avoid unauthorized duplication and distribution of publicly available content, an author can embed a distinct watermark (or fingerprint) into each copy of the data.
|
From page 296... ...
To make the preview commercially worthless, the content could be stamped with a visible watermark that is very difficult to remove. Currently, no universal watermarking technique exists that satisfies all requirements of all applications; instead the specific requirements of each watermarking application depend on the protection objectives, the kind of object and its digital size, and possibly on the kind of distribution channel.
|
From page 297... ...
The input to the insertion procedure consists of the unmarked object, the watermark, and a key associated with the creator of the object (or another authorized party in the distribution chain) ; the output is a watermarked object.
|
From page 298... ...
Typically, it is only rights holder ownership information that is embedded in marked works, but licensing terms or information about users can also be recorded and carried with the object. As noted above, fingerprinting by adding personal information to the object can add force to the disincentive for infringement, but because it can compromise user privacy and can be done without the knowledge of the licensee, it could also alienate potential customers.
|
From page 299... ...
at a particular point in time. TPSs that use time stamping facilitate copyright protection by affixing an authorita
|
From page 300... ...
Although Web monitoring increases the likelihood of detection of copyright violators, monitoring cannot directly stop violations from happening its effectiveness lies in the threat of legal action against violators.l3 12Although some products do exist, including some by WebArmor at |
From page 301... ...
Each uses some variety of a secured digital container (a cryptographically protected file) holding the content, the vendor's rules for access and use (described in a rights management language)
|
From page 302... ...
A customer's use of the information must be cleared by software that checks the rights that have been packaged with the content and checks the identity of the local machine. One approach to checking the rights calls for the local machine to issue a request to the rights management server, which must provide clearance before access can occur and at the same time can record billing information.
|
From page 303... ...
. The customer packages those six reports in his own secure digital container, with his own set of rules (e.g., prices)
|
Key Terms
This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More
information on Chapter Skim is available.