An Inference With Uncertainty-Based Security Auditing System In DRM

Digital Rights Verification (DRV), which is one of the most important techniques in Digital Rights Management (DRM) research area, is mainly responsible for deciding whether the requests from the users of digital resources to be authorized by checking that the operations from the users coincide with the right declarations in the related digital rights expression document. But DRV can't fully protect users'legal rights yet. As a supplementation to DRV, we need auditing the events happening in a DRM system, which will be called DRM Security Auditing (DRM-SA). DRM-SA checks those events which have happened in digital resources consuming process and judges the validity of this process according to the knowledge about the approaches used in the process of digital resource consuming. The primary goal of DRM-SA is to safeguard the legal intellectual property (IP) of digital resources, which enhances the reliability of DRV.And currently, the hardest problems to be settled in DRM-SA are as follows: it needs a DRM-SA theory framework as guidelines for the practice; the concepts in DRM-SA theory framework are to be mapped as entities outside of or inside of a DRM system; and these entities should be composed according to their relationships defined in DRM-SA theory framework in order to get a runnable software system.Central tasks finished in this thesis include the design of both DRM-SA theory framework and the implementation of DRM-SA System. The DRM-SA theory framework is established on the thoughts of the auditing theories in economical fields. The core of designing of DRM-SA System is determinations of the auditing information and methods; the auditing information is extracted by a"Cause-Context-Result based DRM event depictive model", and the auditing method is based on the inference technique. The implementation of DRM-SA System has logs analyzing as its kernel function, in which the logs are generated after the"Cause-Context-Result based DRM event depictive model"and the logs are analyzed by the inference mechanism which works as a CLIPS(C Language Integrated Production System) based inference with uncertainty.In the beginning of this thesis, a DRM-SA Theory framework is set up. Afterwards, with the guide of this theory framework, we present DRM-SA objects and rules in a DRM system. A DRM event depictive model and an inference with uncertainty based auditing method are created for the purpose of both designing a log format supplying rich information to DRM-SA and improve the efficiency of analyzing logs. At last, a DRM-SA prototype is presented in detail.