Upload
milton-marshall
View
216
Download
1
Embed Size (px)
Citation preview
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
1
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
UDACIPR (Intellectual Property Rights)
Oriented Access Control Commands
for Optical Disk Device
"UDAC" is being registered as a trademark of Fujitsu Limited.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
2
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Requirements of Access ControlRequirementsRequirements
•Availability to set variable access conditions and enforce it for the IPR owner
•Network security
•Authentication of Users and Devices
•Access control over multiple domains
•Pre-distribution of protected contents (cache or distribution within disk ROM)
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
3
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
UDAC ArchitectureFeatureFeature
Universal Distribution
IPR OwnerContent Procure
rAccess Control
Use
EncryptedEncrypted
Content
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
4
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Basic Access Control Model
Control
Hardware Hardware EnvironmentEnvironment
Content
IPR ownerContent Procurer
Use
IPR Owner Area
Protected Area
Open Area
Hardware Protection
Fire-wall UDAC-VPN
FeatureFeature
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
5
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
High efficiency of IP distribution
• Fairly payment corresponding to the usage by the service user
• Certain pay corresponding to the provision by the service provider
• Robust Access Control
• Universal DistributionSimultaneous realization
FeatureFeature
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
6
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Features
• Satisfies all the access control requirements
• OS/Device independent
• Available the existing infrastructures
• IPR oriented Access Control of content
• Reflects hardware robustness
• Available the risk distribution to devices
FeatureFeature
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
7
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Support Generic Content
• Content played statically (Doc., Image)
• Stream Content (Sound, Movie)– Encryption of a unit content for accounting
• Interactive Content (Program code, Presentation)– Protection of the part as movie or sound– Protection of the kernel code
FeatureFeature
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
8
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Ex.: Protection from Illegal Use
IPR Owner
A
CD
Replication
Replication
Content
Key / Password
I’d like to let only D play this content
PlayContentAccess
Control
UDAC UDAC ProtectionProtection
FeatureFeature
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
9
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Kernel Technique(1) Device Authentication
(2) Network Model
(3) UDAC-ACL (Access Control List)
(4) UDAC-License
(5) Inter-domain Administration
Satisfies all the requirements
Tech.Tech.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
10
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
(1) Device Authentication
Under access control after any replications
Doc.
Image
Data
CopyCheck EnvironmentCheck Environment
Decode
•Network distribution
•Distribution by ROM-Disk
Replication ???
Tech.Tech.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
11
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Device ID (PCSUE* ID)Tech.Tech.
* PCSUE: Physical Component of a Specific Usage Environment
Table 1 - Examples of PCSUE and its identifierClass of Physical ComponentSpecifying an User Environment(PCSUE)
Physical component identifier(PCSUE-ID)
1) CPU PSN (Processor Serial Number)2) Optical disk device Storage device product identifier
and/or DSN (Device Serial Number)3) Storage disk medium MSN (Medium Serial Number)4) Smart card PIN (Personal Identification Number)5) Player / Viewer Player or Viewer ID
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
12
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
(2) Network Model
Content
IPR owner
ContentProcurer
PCSUE IdDecryption Keys
ContentDecryption
Key
IPR owner area
Protected area
Open area
PCSUE ID
PCSUE
1)
Protected
2)
Copy /Distribute
3)
4)
PCSUE ID
7)
5)License
6) 8)
Tech.Tech.
PCSUECertificates
PCSUE ID
* PCSUE: Physical Component of a Specific Usage Environment
LICENSE SERVER SYSTEM CLIENT SYSTEM
Create & set access
conditions
Mutual authentication between IPR owner and devices
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
13
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
(3) UDAC-ACL
cn=Movie1, ou=planning, o=fujitsu, c=jp
Tech.Tech.To set the variable access conditions
udac_acl
play: ( (group = fujitsu OR group = mtfuji) AND 45661244 < MSN < 45661412) OR count < 1 ;
edit: user = yuji OR user = hata OR smartCard = 1afd234fe4def458c3bae78497bbda6f ;
copy: group = fujitsu OR count < 1 ;
Group, members of which are able to Play
Scope of MSN which must be inserted
Available number
PIN which must be inserted when the content is modified
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
14
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Account ConditionsTech.Tech.
1) Max. Number of playing 2) Max. Length of playing 3) Max. Time to be able to play 4) Payment for a unit content5) Limitation of date and time
15
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Standard FormatInformation Program
Reference Counter
SuperdistributionSuperdistributionCenterCenter
Redistribution of Income
Charge
Income
Contents Provider
Hardware Vendor Retailer
Charge
Income
Usage Counter
Usage Record
Reference Record
Tech.Tech.
Copyright 1994-7, FUJITSU LIMITED, 013
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
16
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
A
License Server
Domain Y
Domain X
ACL of C1
Client
(4) UDAC-License
License includes:•C1 Decryption Key and•Subset of ACL.
Tech.Tech.
udac_licenseread: group = soft4soft AND MSN = 45661388;
C1
Inter-domain licensing
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
17
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Licensing Protocol Model
License Server
Procurer ClientPCSUE1
PCSUE2
PCSUEN
PCSUEiKCi: Shared private key for class of PCSUEiKPi: Private key in PCSUEi. KCi, DSN, KSi.
(1) Request to use IPR-protected content
(4) Send license
ICi: Identifier of PCSUE class
KSi: Session key
ACi: Access condition PCSUEi can enforce
KC: Content decryption key
(5) Decrypt licenses in t
urn
(6) Decrypt KC and the content
ICi
{T}KX: T can be decrypted by KX
Network device
IC1, {KS1, hash} KP1 +
ICi, {KSi, hash} KPi +
ICN, {KSN, hash} KPN
IC1, {PCSUE-ID1, hash} KS1 +
ICi, {PCSUE-IDi, hash} KSi +
ICN, {PCSUE-IDN, hash} KSN
{{... {KC, ACN, hash} KPN, ACN-1, hash} KP(N-1) ,
... AC1, hash} KP1
{{...{KC, ACN, hash} KPN , ACN-1, hash} KP(N-1) ,
...ACi, hash} KPi
Risk Distribution to each device (PCSUE)
Tech.Tech.
(2) Send Session Key
(3) Report certificates
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
18
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Structure of License
{{... {KC, ACN, hash} KPN, ACN-1, hash} KP(N-1) ,
• • •ACi, hash} KPi ,
• • •AC1, hash} KP1
Access Condition Enforceable in PC
SUEi
Private key in PCSUEi
Content Decryption
Key
Tech.Tech.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
19
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Inter-PCSUE Licensing
PCSUEi+1
PCSUEi
PCSUEi-1
KPi: KCi, DSN or KSi.
: Licenser in the view point of PCSUEi
: Licensee in the view point of PCSUEi
{{...{KC, ACN, hash} KPN , ACN-1, hash} KP(N-1) ,... ACi-1, hash} KP(i-1) , ACi, hash} KPi
{...{KC, ACN, hash} KPN , ACN-1, hash} KP(N-1) ,... ACi-1, hash} KP(i-1)
Tech.Tech.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
20
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Ex. - Applying to Current PC
PCSUEi+1
PCSUEi
PCSUEi-1
Pass through
Tech.Tech.
Procurer Client(Host)
{{...{KC, ACN, hash} KPN , ACN-1, hash} KP(N-1) ,... ACi-1, hash} KP(i-1) , ACi, hash} KPi
{...{KC, ACN, hash} KPN , ACN-1, hash} KP(N-1) ,... ACi-1, hash} KP(i-1)Pass through
Licenser
Licensee
LicensingRelation
Licenser
Licensee
LicensingRelation
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
21
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Ex. - Applying to STB / DTV
PCSUEi+1
PCSUEi
PCSUEi-1
Procurer Client(Host)
{{...{KC, ACN, hash} KPN , ACN-1, hash} KP(N-1) ,... ACi-1, hash} KP(i-1) , ACi, hash} KPi
{...{KC, ACN, hash} KPN , ACN-1, hash} KP(N-1) ,... ACi-1, hash} KP(i-1)
Tech.Tech.
(Logical Unit)
License Server
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
22
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Commands to Disk Device
a) SEND KEY (Session Key)
b) REPORT KEY (Certificates)
c) SEND KEY (Optical Disk Device License)
d) REPORT KEY (The Next Device License)
ICL, {RN, KS, hash} KP
{RN, DSN [, MSN], hash} KS
{<The Next Device License>, AC, hash} KP
{<The Next Device License>, hash} KS
Procurer Client(Host)
Optical disk device(Logical Unit) : PCSUEi
ICL
ICL: Identifier of device class
KCL: Shared private key for device class of the device.
DSN: Device Serial Number.
MSN: Medium Serial Number.
AC: Access condition the device can enforce. Such as MSN
KP: Private key for the device. KCL, DSN or KS
{T} KX: T can be decrypted by KX
[ ]: Optional supportRN: Random Number
Tech.Tech.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
23
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
State Diagram of Disk Device
Initial State
SEND KEY(Session Key)
Session KeyShared
MutuallyAuthenticated
REPORT KEY(Certificates)
No Grants Available
LicenseAuthorized
SEND KEY(Optical Disk License)
Error, Authentication Failed / Algorithm Not Supported
Begin Sequence
REPORT KEY(Request AGID)
Region Code Errors(s)from REPORT KEYCommand
REPORT KEY(The Next Device License)
Tech.Tech.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
24
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Applications• Variable and Robust IPR-protection
• Each Device Authentication
• Enforcement of Variable Account Conditions
• Availability of each LSI Authentication
• ROM-Disk Distribution
• Broadcast Distribution
• Network (Internet) Distribution
• Mobile Content Distribution
Appl.Appl.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
25
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Protected Disk Device & PlayerIn the case of medium oriented accounting
MediumDSN
Storage Device
MSN
: protected
{{AC,KC}KPD, MSN}DSN
1) Send UDAC-license
Player Device
LICENSESERVERSYSTEM
{X}K : X can be decrypted by K
{AC,KC}KPD
3) Send Player-license
AL
KC
KPD DSN
MSN
KPD {Content}KC
AC,KC Content 4) Check AC & decrypt content
AC : Access Conditions
2) Check MSN
Appl.Appl.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
26
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Profiles for Disk Device
MediumDSN
MSN{{AC,KC}KPD, [MSN] } KP
UDAC-license
LICENSESERVERSYSTEM
ACL
KC
: X is optional
[X]
Profile MSN KP Non-networkmodel
Media Dependent MSN KCL supportedDevice Dependent nothing DSN supportedMedia-device Dependent MSN DSN supportedNetwork Dependent nothing KS not supported
KS : Session key temporally created in a session.KCL : Key shared by a device class.
Appl.Appl.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
27
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Medium base Guard
• Simple Content Guard without Network
• Only to set “Play rights with MSN condition for EVERYONE”
• Distribution together with:• Medium (in which the followings are recorded)
• Encrypted Content
• License (with MSN)
Appl.Appl.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
28
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
Pre-paid in Smart Card
KSC
{{{KC , ACPD}KPD, ACSC} KSC, MSN}DSN
Player Device
LICENSESERVER
{KC, ACPD}KPDACL
KC
Storage Device
Smart card
Card Device{{KC, ACPD}KPD, ACSC} KSC
KPD
AccountInformation
: Account Condition
ACX
Appl.Appl.
99/05/03 All Rights Reserved, Copyright (c) FUJITSU LIMITED 1999
29
UDAC(UDAC( Universal Distribution with Access ControlUniversal Distribution with Access Control ))
For Any Distribution / Player
Digital Appliances: DigitalTV, Set Top Box, PC, ...
Secure HD/OD )
SateliteSatelite
Radio/TV TowerRadio/TV Tower
PBXPBX
CATVCATV
Digital Information Super HighwayDigital Information Super Highway
Cheap delivery throughMagazine Channel
Cheap delivery throughMagazine Channel
Using Media ChannelUsing Media Channel
Personal HyperKnowledgeBase Processing
PC
PersonalComputing
DigitalTV
Appl.Appl.