| Digital Rights Management (DRM) is an interdisciplinary and challenging research topic in recent years. In the DRM-enabling digital contents value chain, various stake-holders are not fully trusted one another due to their own benefits, thus leading to a fact that the security techniques become the basis of multi-participant trust. Exist-ing security technology-related works primarily focus on contents protections and secure disseminations by using cryptographic algorithms and secure protocols, trusted and con-trolled usages of copyrighted digital assets at the general-purpose or special-purpose user terminal devices, together with watermarking-based copyrights infringements tracking and prosecutions. No doubt that these typical security policies and usage restrictions are indispensable to DRM ecosystem, but the other cover of a coin, they give birth to several unexpected issues, such as the weaker system interoperability and usability, as well as higher security overheads. The simple adoptions of those increasingly enhanced policies for DRM would have negative influences on the utilities of participants without the consideration of the rational decision-making.The thesis has an objective to explore on a tradeoff between DRM security and multi-participant utility, and implement an optimal security-utility equilibrium for vari-ous stakeholders in the contents value chain via the cost-effective adoptions and deploy-ments of security policies, thus a multi-participant trust would be effectively established. The main contributions are listed as follows:1. A systematic and comprehensive formalized analytic framework was proposed, and it is used for presenting the utility of DRM security components/services and composite policies, and further accomplishing the rational decision-making on adoptions of various security policies. The novel framework is involved in the co-operative and non-cooperative game-theoretic analysis, the weights assessments of utility-influencing factors based on Fuzzy Analytic Hierarchy Process (FAHP), as well as quantitative and qualitative assessments on Risk-Controlled Utility (RCU) for enhanced security policies.2. In combination with the recently emerging enhanced security technologies as Trusted Computing, some enhanced security schemes and applications for DRM were addressed. Firstly, based on the investigation into the remote attesta-tion models available, an Attestation Proxy Party-supported Remote Attestation (AP2RA) model and its secure protocol were proposed, which have an essential characteristic of the privacy protection of terminal devices held by end users. Then, oriented by the contents sharing scenario, the thesis realized the rights del-egation/transfer based on the Usage Control models, and to give an AP2RA appli-cation in DRM, thus meeting the practical user requirement for sharing purchased digital contents among users in a social network. Finally, two security policies in existence were refined in order to implement the front-end user contents se-curity and digital rights negotiation between contents providers and consumers, respectively.3. Aiming at the above mentioned typical security policies and a basic scenario of digital contents acquisitions, the utility functions of these policies and the weights of main factors were given, and then the thesis laid an emphasis on addressing a non-cooperative game model among contents providers, rights/services purveyors and end users, further acquiring Nash Equilibrium(s), that is a security policies profile with the optimal benefits for participants, and its precondition. A Swarm-based simulation experiment verified our analytic results and clearly presently various participants' tendency to adopt a certain optimal policies with the increase of contents transactions and the reduction of managerial and session-level costs and overheads resulted from the higher security. In addition, considering the introduction of devices vendors in contents value chain, a cooperative game was represented among various purveyors as digital contents, rights and devices, and the refined analysis shows that providers together adopt and deploy enhanced security policies would give birth to maximum utilities for participants, and the corresponding Nash Equilibrium is Pareto Optimality.4. For a more complicated DRM application scenario, where digital contents sharing commonly exist, the thesis attempted to an exploration on a Dynamic and Mixed Game (DMG) between Providers and Sharer, and have a goal to investigate into several concrete preconditions under which two participants could adopt the en-hanced security policies of the remote attestation, so that the optimal security utility would be achieved. For this, a simplified contents sharing tree structure, which is belongs to a specific style of the Social Network, was proposed, and Providers'optimal strategies and their preconditions were finally gained by us-ing the game-theoretic analysis, DMG algorithm designing and Swarm simulation experiments on the game in term of Sharer's three kinds of sharing modes. In ad-dition, inspired by security risk management, the thesis assessed RCU of trusted computing-enabled enhanced security policies, and further analyzed the influences of different contents sharing modes on total benefits of Providers in the case of digital contents copyrights infringements. As a result, the effective sharing mode and business model suitable for the contents sharing scenario were highlighted in the thesis.
|
PDF Full Text Request