wdsi 2015-design and implementation of a policy-based service-oriented drm system
TRANSCRIPT
1
Design and Implementation of a Policy-based Service-oriented DRM System
Yung-Hsin Wang, Yu-Hong Lin Shing-Han Li Tatung University Nat’l Taipei Univ. of Business Taipei, Taiwan Taipei, Taiwan
WDSI 2015 - Maui, Hawaii
2 Outline
4. Conclusion & Future Work Direction
3. Design and Implementation
2. Background and Technology
1. Introduction
3 Motivations
DRM permits smooth, secure, trusted movement of digital contents from Content Providers and Distributors to Clearing House and Consumers
Based on access, use, tracking, payment & reporting systemBusiness functions automated to deliver creators’ win-distributors’
win-clearing house’s win-consumers’ winAccess control and authorization implemented in proprietary
manner results in extreme tight coupling of authorization decisions within applications
4 Motivations (cont.)
SOA solutionNot only a framework but a key mechanism for cost effectivenessPromoting organizational agility to adapt the most frequent
changing environment Implementing SOA to improve DRM System
Service interoperability, Loosing coupling, Reusing or composing shared service components during service orchestration
Challenges in security issue!
5
To re-model DRM System based on SOAAll participants well collaborate and equitably share sales benefits
Adopt policy-based security mechanismIntroduce the eXtensible Access Control Markup Language
(XACML) technology to decouple authorization decisions from DRM system
Fulfill autonomous management on authorization and access control for all resources via flexible policy-based SOA solution
Research Objective
6
2. Background and Technology
Outline
4. Conclusions & Future Works Direction
3. Design and Implementation
1. Introduction
7
Emphasizing on protection and management for digital contents
The essential is tocontrol publication, billing/payment and copyright for digital contents
DRM System
8
Usually combined with certain business models for the sales of digital contents
DRM System
The integrated DRM solution
9
Service Contract Service Loose Coupling Service Abstraction Service Reusability Service Autonomy Service Statelessness Service Discoverability Service Composability
Service Oriented Design Principle
10
Interoperability problems arise within different DRM solutions
DRM with SOA can increase interoperability for the system management and facilitate efficient collaboration
Security is a major imperative for SOAFigueira Filho et al. (2006) in their proposed framework adopted
SOA and a high-level policy modeling approach to promote interoperability among DRM systems; however, the policy model only focused on the copyright protection
DRM System Moves to SOA
11
eXtensible Access Control Markup Language Based on XML standardsDefine the general policy syntax for resources protection and
accessOASIS has regulated XACML as security standards to support
security technology for access control
XACML frameworks for services security
12T
he implem
entation process of XA
CM
L and access control architecture
13
SOA-based DRM System’s security, privacy, resource authorizing and access control must be well managed.
Help participants in SOA-based DRM System autonomously manage their own systemsSecurity Policy applies to resource authorization and access
control among systems Facilitate the abstraction of security jobs from the logic
loop of business system to become public servicesachieve centralization of operation and management
Security Policy in SOA-based DRM System
2. Background and Technology
14 Outline
4. Conclusions & Future Works Direction
3. Design and Implementation
1. Introduction
15Step 1. Streamline DRM system architecture to be service choreography
The fundamental architecture of DRM system
The streamlined architecture of DRM
16Step 2. Achieve the service-oriented DRM system
Relations between functions and/or systems among the DRM system
The D
RM
system w
ith layered SOA
The SOMA layered mechanism
17Step 3. Implement security policy with XACML
18
The example of XACML Policy converted from CMS
Content Provider authorizescontents to Distributor
19 The inquiry example of XACML Request for Consumer or Distributor
20 The Example of XACML Response from PDPwhen Distributor inquires the authorized content
21
2. Background and Technology
Outline
4. Conclusion & Future Work Direction
3. Design and Implementation
1. Introduction
22
This study has designed and implemented a policy-based service-oriented DRM systemTransform a proprietary/tight-coupling DRM system into a
loose-coupling/on-demand business processesHelp participants' operation among DRM system be flexible and
react agilely in data transmission, exchange or integrationNot only to meet the security needs of web services, but also to
achieve a loose coupling in resources perspective
Conclusion
23 Future Work Direction
Apply to cloud computing via service-oriented featuresParties who need to build up their systems can take advantages
of Infrastructure as a Service (IaaS) to save hardware costs and maintenance expenses
Functions of Multi-layered and remodeled DRM system can leverage Software as a Services (SaaS)
Adopt XACML to fulfill the security and safety needs of inter–service in cloud computing
.
24
Thanks for your attention!