Persistent Access Control: A Formal Model for DRM
Arnab, Alapan and Andrew Hutchison (2007) Persistent Access Control: A Formal Model for DRM. In Proceedings Seventh ACM Workshop on Digital Rights Management (ACM-DRM), held in conjunction with CCS 2007, the Thirteenth ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA.
Full text available as:
Digital rights management (DRM) can be considered to be a mechanism to enforce access control over a resource without considering its location. There are currently no formal models for DRM, although there has been some work in analysing and formalising the interpretation of access control rules in DRM systems. A formal model for DRM is essential to provide specific access control semantics that are necessary for creating interoperable, unambiguous implementations. In this paper, we discuss how DRM differs as an access control model to the three well known traditional access control models -- DAC, MAC and RBAC, and using these existing approaches motivate a set of requirements for a formal model for DRM. Thereafter, we present a formal description of LiREL, a rights expression language that is able to express access control policies and contractual agreement in a single use license. Our motivation with this approach is to identify the different components in a license contract and define how these components interact within themselves and with other components of the license. A formal notation allows for an uniform and unambiguous interpretation and implementation of the access control policies.
|EPrint Type:||Conference Paper|
|Keywords:||Rights Expression Languages, REL, Access Control|
|Subjects:||K Computing Milieux: K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS|
D Software: D.4 OPERATING SYSTEMS
|Deposited By:||Arnab, A|
|Deposited On:||29 August 2007|