Yang Cheng Wang YongbinYang Yixian

（1. Information Engineering School，Communication University of China， Beijing 100024， China；

2. Computer and Software School，Communication University of China， Beijing 100024， China；

3. Information Security Center， Beijing University of Posts and Telecommunications， Beijing 100876， China）

AbstractThe home network is a major concern for the growth of digital and information society.Yet，how to guarantee the security of its digital content and protect the legal benefits for each section of the value chain becomes a crucial"bottleneck"in the home network development.The Digital Rights Management（DRM）technology provides total solution for usage，storage，transfer，and tracing the digital contents and rights.Its basic features are systematic and controllability.Considering the growth of the new media and services and the requirements of the Intellectual Property Rights（IPR）protection in a home network，it's necessary to solve consistency problems in usage，storage，and transfer of contents and rights.In addition，it is inevitable to conduct researches of key techniques such as end-to-end secure transmission，conditional access and play，and right description.

A home network is defined as[1]an internal（and private）network formed by many communication and information devices as well as household appliances that are connected via wired and wireless transmission.

The main functions of the home network accepted in the industry contain:

·the home-internal communication

·the home entertainment（including Internet audio/video on demand，online games，browse and chat，virtual reality as wellas controlover DVD，video camera，digital camera，PDA，MP3 and MP4）

·the home learning（including distance learning，on-line exchange and on-line library）；

·the home office

·the family life

·the home monitoring（including fire and water alarms）

The home network is a combination of fixed and mobile networks[2].With the gradual evolution to the digital，network，and information society，the home network is becoming another focal point to attract people's attention following the digital TVand IPTV.The concept of the home network is being extended and preparations for its core technologies，industry standards，and equipment R&D are well under way.Home network standards such as ITop Home，Intelligent Grouping and Resource Sharing（IGRS），China Communications Standards Association（CCSA），and Energy Conservation and Homecare Network（ECHONET）have entered the stage of chip research and development.Meanwhile，the problem of convergence and interconnection in the home network has become one of the major projects of China Next Generation Internet（CNGI）in 2OO6.All this shows that China has growing needs for future home networks while keeping a fast and sustainable economic growth.

Guaranteeing the security of digital contents usage，storage，and transfer in a home network，and protecting legal benefits of content providers，operators，and copyright owners become a crucial"bottleneck"that restrict popularization and further development of the home network.Consequently，this signifies the need for Digital Rights Management（DRM）.

Based on the provisions of China's Copyright Law，the copyright of digital contents should be protected.As digital contents can be easily reproduced and disseminated，it is possible to freely or illegally distribute，copy，use，and alter the contents in a home network.Therefore，in order to effectively protect the copyright of digitalcontents in a home network，the DRM technology based on contents security shall be widely studied and applied.

1 Basic Features of DRM

The basic principles followed in the design and establishment of DRM are simplicity，flexibility，and openness.The rights management of digital contents involves the benefits of all parties such as content providers，service providers，equipment vendors and consumers.Consequently，the studies on the DRM technology are made throughout the entire life cycle of digital contents including creation，storage，transfer，and usage（reception，play，and display）.

The DRM is divided into three parts[3]:digital contents，rights，and management.The first part refers to digital information such as MP3，VCD，and E-books.The second part is used to describe the usage rights of digital contents，and the third part is the management of digital contents and rights.Basic features of DRM include combination of technical and non-technical methods（systematism），protection of authorship（bindability），rights management and access control（controllability），validation of copyrights information，and pirate tracing.

The DRM binds digital contents with the author or owner.For example，it encrypts and encapsulates the author's copyright information and digital works via a security container，or embeds the serial number that identifies the author's copyright information into the digital works in the form of digital watermark and sets up a connection with the author via the media.Anyone who gets the digital works also obtains visibly or invisibly the information of the author or owner.

Copyright protection supports pirate tracing.To maximally beat the pirates，digital works in the process of dissemination must provide the user with a unique user ID and bind it with the digital works in the form of digital watermark.

The copyright protection system chiefly adopts the encryption technology，the digital signature technology，the trusted module technology，the watermark technology，and the combination of them.The encryption technology can prevent direct access to copies and provide the decryption key for authorized users to access the contents.However，the encryption only provides protection for communication channels.Once the channels are decoded，the digital works will be completely exposed without any protection.The digital signature technology can validate the authorization to the information source as well as the content.This digital signature，however，is separated from the digital works and can be easily removed.In addition，if a slight modification is made to the digital works，the signature will be invalid.Certainly，this is not in accordance with the non-amendable nature required by the copyright protection for digital works such as images and videos.The trusted module is usually an anti-falsification hardware used to protect the decryption key or implement other copyright protection policies specified by the distributor.However，it requires each user to support the related hardware.The watermark technology implements the protection mechanism for digitalworks such as copyright confirmation，copyright tracing，and network detection by embedding certain information into the works.

Many research institutions and companies have undertaken research into copyright protection of digital media from different aspects.For example:Intertrust's DigiBox technology can protect information anywhere throughout its entire life cycle based on certain usage rules；IBM's Cryptolope technology can encapsulate the content of digital media to be protected by using the security encryption technology；and Digimarc Corporation is conducting research on copyright protection of digital watermark-based media information.

2 DRM in the Home Network

The core problem of a home network is with the contents and control among others such as the security of contents and control，which will be the key factor to the popularization and development of the home network.The DRM is just the key solving the problem of contents security in home networks.Aperfect content security solution for home networks needs support and collaboration among all participants including equipment vendors，content providers，and network operators.It is necessary for them to reach an acceptable agreement on security[4].

Specifically，the DRM in a home network involves four problems.

（1）The Problem of Contents and Rights Usage

Alldigitalcontents requiring the copyright protection in a home network provide certain rights that a user must purchase ahead.The device in the home network must have the Condition Play（CP）ability to determine a relation between contents and rights，resolve the actual right the user has and complete the access to contents based on that rights.In addition，it can authenticate program contents，that is，distinguish whether they are genuine or pirate，legal or illegal.

（2）The Problem of Contents and Rights Storage

The devices in the home networks such as digital TVsets，personalvideo recorders，and PCs have the ability to record and store contents on the hard disk or USBdisk.Generally，the recorded and stored contents have the same usage value as the original one and can be easily copied，modified，and disseminated.In addition to the secure end-to-end connection with the source and the destination devices，the storage device，based on its structure and data access interface，shallbe able to secure the data and prevent from being damaged or stolen.

（3）The Problem of Contents and Rights Transfer

The transfer of contents and rights in home networks is classified into three types:

·from external devices or servers to internal devices via the public network（such as Hybrid Fiber-coaxial（HFC）network，telecom network，Internet，and Bluetooth network）or to the mobile storage device

·between different devices in the home networks（such as between the PC and the TVset，and between the mobile device and the fixed device）

·from internal devices to external devices or servers via the public network by means of the home gateway，or directly through the mobile storage device During the transfer it is necessary to validate the license rights of source and destination devices，monitor the transfer process and complete the security processing.All three types of transfers require the home network devices to provide a perfect rights control.Moreover，the transfer of contents and rights from the external devices requiresthe home network to have the Condition Access（CA）ability，while the transfer of contents and rights inside the home network requires the home network to provide end-to-end secure transmission.（4）The Problem of Contents and Rights Consistency

During the use and transfer of contents and rights in home networks，it is necessary to keep consistency in the same digital contents and rights.The problem of consistency involves the binding and the update of contents and rights.

The former is based on many-to-many contents and rights，and means one content is only related to one right that contains its ID while one right only specifies the corresponding content whose ID it contains.The latter means when a duplicate copy of the same content distributed in the home networks is used，the related right description should be modified to make all the duplicates in the home networks consistent.

3 End-to-end Secure Transmissions

The end-to-end secure transmission between internal devices of the home networks is divided into real-time secure transmission and non-real-time secure transmissions as well as contents secure transmission and rights secure transmission.For example，transmission among the set-top box，TV，and Video Cassette Recorder（VCR）belongs to real-time secure transmission.Therefore，it is necessary to fully consider the specific timeliness requirement for high-definition videos and streaming media when encrypting and encapsulating the content transferred among them.However，the relative timeliness requirement while transcribing，storing，and secondarily distribute the content is lower.

The end-to-end secure transmission has two major problems to solve:to protect the content transferred between two devices and to validate the right of content receiving devices.The content flowing in a home network can select the device.When some devices have no right to process specified contents，the network can reject requests from these devices for receiving protected contents.Additionally，the devices can be controlled and divided into internal and external devices of the home network.Internal devices can share their rights while external devices are not allowed to access internally authorized contents.

The main end-to-end secure transmission protocols contain the Digital Transmission Content Protection（DTCP）protocol and High-bandwidth Digital Content Protection（HDCP）protocol.

3.1 The DTCP Protocol

Several companies including Intel，Toshiba，Sony，Panasonic and Hitachi have jointly developed the DTCP protocol.When entertainment contents such as audios and videos are transferred between the digital transmission devices in compliance with the IEEE 1394-1995 interface standards，DTCPcan prevent the content from being illegally copied or extracted.Only the legal content transferred between two authenticated devices can be protected by the copyright protection system.The two authenticated devices are the source and the salve device respectively.The DTCPcontains four parts:Copy Control Information（CCI），device authentication and key exchange，content encryption，and system update.

The content provider needs a method of specifying the copy information of the content，such as not allowed to copy，allowed to copy once，and else.The content protection system can securemy transfer CCIfrom the source device to the slave device.The CCIis transferred in two ways:the Encryption Mode Indicator（EMI）provides a way for simple and secure CCItransfer with the two bits in the synchronous header representing CCI；the CCIis directly embedded in the content flow being transferred.

The slave device checks the received CCIin the EMI.Through the authentication process，the ability of the slave device to receive and store the contents and rights is confirmed.Moreover，through the negotiation during the authentication process，the session key to be used can be obtained.Under the controlof the session key the content data are encrypted by using the Advanced Encryption Standard（AES）and then transmitted to the slave device.

The DTCPprovides support for the device to join or exit the home network.In the complete authentication，a continually updating and effective device list is used to determine whether the device is in the home network.

3.2 The HDCP Protocol

The HDCPprotocol is used to protect audio or video contents transferred through some high-bandwidth interfaces.These specified high-bandwidth interfaces are called HDCPprotection interfaces that contain the Digital Video Interface（DVI）and the High Definition Multimedia Interface（HDMI）.In the HDCPsystem two or more HDCPdevices are connected via the HDCPinterface.The upstream HDCP transmitter sends the audio or video contents protected by HDCPto each HDCPnode and receiver through a tree topology structure.The HDCPinvolves three parts:

（1）The HDCPtransmitter authenticates the HDCPreceiver that requests for sending data contents.

（2）If the HDCPreceiver passes the authentication，the HDCPtransmitter will send the encrypted data contents to the HDCPreceiver.The encryption concerned is based on the key shared by the receiver and the transmitter during the authentication.

（3）The trusted device or institution（such as LLCCompany）revokes the already insecure HDCPreceivers to receive any content.

The HDCPreceiver can be a node that receives contents from the upstream transmitter and then forwards them to one or more downstream receivers.Figure 1 illustrates a simple HDCP topology structure.

The HDCPemploys a tree topology structure.The transmitter authenticates each node and receiver in the entire topology structure.It takes five seconds to complete the authentication.To avoid too much time for authentication，the HDCPspecifies a topology structure that contains at most seven layers of nodes and 128 receivers.This authentication mechanism restricts the device capacity in the whole HDCPsystem，that is，the authentication time increases with the increase of the number of HDCPdevices

connected in the system.

?Figure 1.The HDCP topology structure.

This authentication mechanism also makes the whole HDCPsystem less flexible.If a new receiver wants to join the already authenticated the HDCP topology structure，or an authenticated receiver wants to exit the topology structure，the transmitter must re-authenticate the whole topology structure.

Moreover，the HDCPuses stream ciphers to enable high-speed data encryption.Due to the synchronization required by the stream ciphers，the HDCPtopology structure needs to be authenticated continually，which increases the overhead of the entire system.

4 Condition Access （CA）

The CAcomes from the authorization charge in digital TVbroadcast.It is to solve the problem of secure transfer of contents and rights from the external devices or servers to the internal devices of a home network.The home network is involves controlling the data receiving from internaldevices such as set-top boxes as well as preventing data being stolen or replayed during the transmission.The CAmeans to scramble，encrypt and transfer information such as video，audio，and data，and then use an intelligent card to control and manage the authorization of users.Therefore，the legal or authorized users can receive，decrypt，and descramble the information while the unauthorized users cannot get correct media data streams by any means.

The CAsystem integrates many advanced technologies including:system control and management technologies；digital video compression and coding technologies；scrambling and descrambling algorithms；encryption and decryption algorithms；modulation and demodulation technologies；set-top box technology；intelligent card technology；as well as database technologies such as user management，program management，and charge management.Generally，the CA system is made up of five functional entities:the program management system，the user management system，the front-end CA subsystem，the scrambling and multiplexing system，and the receiver CA subsystem，as shown in Figure 2.The fundamental Framework of the CA System is shown in Figure 3.

The CA system based on the transmission of digital MPEG2 program streams uses the MPEG2 standard format to define the field meaning used for condition access.Recently many successful CA equipment vendors have emerged at home and abroad including foreign companies such as Irdeto，NDS，and Nagra as well as Chinese companies such as Compunicate，Ditel，Novel-Tongfang，Sanzhou，and DTVIA.The MPEG2 standard provides high efficiency in data coding and it has been widely recognized and applied.Number of countries and organizations has been formulated a series of CA system standards based on MPEG2 for application scenarios such as Digital TV.Currently，the international mainstream CA system standards include the European Digital Video Broadcasting（DVB）standard，the North American Advanced Television Systems Committee（ATSC）standard and the Japanese Integrated Services Digital Broadcasting（ISDB）standard.

All these three standards define simple specifications for the CApart and propose three different methods of scrambling.The European DVB organization proposes a Common Scrambling Algorithm（CSA）that is authorized by four members of the DVB organization.The ATSC organization uses a Triple Data Encryption Standard（3DES）algorithm，while the ISDB uses a scrambling algorithm proposed by Panasonic Company.

The traditional one-way DVB-CA system consists of two parts:scrambling/descrambling and encryption/decryption.The scrambling/descrambling part uses the Control Word（CW）to scramble the MPEG2 program streams based on the CSA standard.The encryption/decryption part uses the symmetric and asymmetric key cryptography to encrypt and transfer the CWand then uses the decryption module at the authorized client to get the decrypted CW.As the DVB-CAsystem is designed for one-way broadcasting and TVnetwork，its encryption/decryption part often adopts multiple encryption policies that make the system complicated because each encryption policy is for exclusive use of each equipment vendor.The complexity of the whole CA system lies inthe finishing distribution，the update and coexistence of various ciphers over the one-way network.The keys used in the DVB-CA system include the Service Key（SK）and Personal Distribution Key（PDK）.The CWis encapsulated in the Entitlement Control Message（ECM），while the SKin the Entitlement Management Message（EMM），both for transmission.To facilitate the management of subscribers and services，the CA system provides the Subscriber Management System（SMS）with such functions as recording and executions of various charged services.

Figure 2.?Functional entities ofthe CA system.

▲Figure 3. Fundamental framework of the CA system.

In a two-way network，the CA system can use two-way identity authentication technologies and the corresponding interaction protocols to ensure validity and reliability of the two communication parties—the front end and the client.The mainstream identity authentication technologies contain two types:Public Key Infrastructure（PKI）based authentication and Identity Based Encryption（IBE）based authentication.The PKI-based authentication must be supported by the authentication center，which can bind the generated identity certificate to the user information.Moreover，the authentication center must participate in the process of identity authentication and act as the trusted third party to provide identity confirmation.The IBE-based authentication adopts the identity known to the party being authenticated，such as the Uniform Resource Locator（URL），as an initial value to get the public key through the dual linear mapping function and to authenticate the data signature encrypted through the private key of the party being authenticated.As the process of the IBE-based authentication needs neither the support of the third-party authentication center nor the transfer of the identity certificate，the system is simplified and also improves its security.The two identity authentication technologies can be selected to meet different application scenarios.

The conventional CAsystem is applicable to satellite broadcast as well as traditional one-way cable networks.For the applications such as the new two-way intelligent network，IPTVand interactive TV，the CA system must alter its structure and evolve into a secure two-way CA system to meet the actual requirements.

5 Condition Play （CP）

The CA only offers scrambling and encryption protection for TVprograms on the charged channels.The authorized user who meets the condition access can get the specified decryption key through its own PDKto decrypt and descramble the program contents.This belongs to the charge control.Besides，it is also necessary to control the user's rights to play and use digital contents in a home network through the CPand to authenticate the digital contents.

5.1 Rights Control

Rights control is a fundamental requirement for copyright protection that contains two aspects:

（1）Authenticate the relation between the contents and the rights.Legal users who have the rights can use the digital contents normally，while the users with no rights are partially or fully prohibited from accessing the digital contents，for example，only allowed to browse the digest.

（2）Resolve the rights or certificates owned by users and authenticate their validity.Different rights have different accessibility to digital contents.The copyright protection system should identify different rights and accordingly control users'access to digital contents.

Copy control，play control，processing control，and validity period restriction all belong to the category of rights control.Copy control is used to restrict users to reproduce the digital contents on the same or different devices.For instance，the Open Mobile Alliance Digital Rights Management（OMADRM）standard generally allows copy of digital contents between mobile terminals or between the mobile terminal and the external device.As the digital contents are encrypted for protection，other users must get the rights before using them.Play control is used to restrict time，object and times to play digital contents.For example，the DVD copyright protection specification of the Copy Protection Technical Working Group（CPTWG）requires the use of watermark technology to determine the times to play a movie.Processing control is used to restrict users'operations for digital contents such as rotating，clipping，zooming and adding.Most of the copyright protection systems allow no or a slight alteration to digital contents.

The rights that users obtain are usually described in a uniform format，that is，a rights description language such as Extensible Rights Markup Language（XrML）or Open Digital Rights Language（ODRL）.The rights being described can be used as a part of the rights certificate such as Privilege Management Infrastructure（PMI），or directly form objects of special rightssuch as Secure Digital Music Initiative（SDMI）to be transferred respectively or together with the protected digital contents to the authorized users.

Rights control is implemented in various ways，such as through the identity authentication participated by the third party，PMIcertificate，contents encryption，and security container.The key is that most of the corresponding relations between the rights description and digital contents are established through global identifiers.However，once the relation is destroyed，the rights control will be invalid.Additionally，the digitalwatermark technology is also used for rights control.The watermark of the rights description is embedded in digital contents，which may，however，result in an explosive increase in watermark capacity of contents.A solution to this problem is to use an externaldatabase.The embedded watermark only serves as an index or a key of the rights description in the database.On the other hand，there will be a drawback in fast searching of the database，and the additional database may bring new hidden trouble to the security.

5.2 Content Authentication

As digital contents are easily reproduced and disseminated，pirated or illegal digital contents might exist in the home networks.In addition to encryption，the encapsulation，rights control，and content authentication can also be adopted to protect against pirated or illegal digital contents.

Content authentication mainly adopts the digital watermark technology combined with digital contents features transparency，robustness，verifiability，and security.

The CPallows the digital contents requiring copyright protection to be embedded with digital watermarks that identify the copyright information.In addition，requires that all digital contents transferred to the home network devices must be embedded with legitimate identification watermarks and signed by the approval organization.This will indicate that the program has been protected by copyright and been legally marked.The player device in a home network can identify whether or not the received digital contents contain the copyright and legal identification watermark only by adding the related digital watermark-detecting module.The pirated digital contents have no copyright watermark，while illegal digital contents contain no signed legitimate identification watermark.

6 Rights Description

The digital content provider encapsulates media contents into DRM format by means of the content encapsulation mechanism and registers them at the authorization center.Users can apply for the right to use the DRM media content，but the key problem is how to describe the right.The solution to the rights management is to place a home network copyright management agent in each home network.The copyright management agent is responsible for managing the composition of the home network and controlling the home network devices to receive and use contents.Above all，it is important for the agent to resolve the described rights.

Rights describe the rules of using digital contents.They generally contain two parts:permissions and constraints.

Permissions describe operations that can be performed on the digital contents，such as Play，Display，Execute，and Print.These operations can be combined，for example，pictures can have both Display and Print permissions.

Constraints refer to conditional limitations to the permissions.A constraint can be used for permissions to restrict the access of the users to media contents.For example，the use count specifies the times to access certain media contents.The use time specifies the length of time for a user to access certain media contents from its first access.

Rights are often described in universal description languages，and the described rights can be used in websites，text files，pictures，music，PDF，and stream media.Some well-known description languages are ODRL and XrML.

6.1 ODRL

The ODRL proposed by an international copyright protection organization provides an open standard for effective DRM solution，allowing the adoption of security measures such as encryption to solve the DRM problem.It defines the expression language and vocabulary of digital contents in a network environment.

The ODRLmodel defines three levels:contents，rights，and users；and four types of permissions:use，reuse，transfer，and product management；provides the concept of conditions and agreement（Conditions are some rules that affect the access to digital product rights.These conditions enable you to describe the rights.Agreement is a collection element that expresses the rights of a specified product accessed by a specified person under a certain system environment.）；provides the digitalsignature and cryptographic algorithm to guarantee integrity and privacy of the product；and provides the digest（including the digest method and the digest value），user protection rights，and the integrity of signature.

6.2 XrML

The XrML is a flexible，open，and standard rights description language，and an extension of Extensible Markup Language（XML）.It provides a universal method for securely managing rights and all resources associated with digital content and services.With an open architecture，XrML maximizes the commercial application of digital contents.

The XrML is applicable for home networks.It offers great flexibility in defining various levels of rights capable of relating to numerous digital contents and supporting different rights protection modes and multiple business modes such as ordering and direct buying.It gives detailed specifications for various rights such as copy，edit，meaning of access time，syntactic rules and relations between rights and digital contents.It can be compatible with other related industrialstandards such as public/private keys，cryptology-based digital signature and authentication，and data about data.Furthermore，the rights described in XrMLcan not only be automatically identified，but also be shared and analyzed by various home network devices to minimize their discrepancy.

The XrMLis a simple language withwell-defined semantics.It provides a tool for fast and effective description and analysis while offering well-organized document，highly structured data，man and machine-readable identifiers and meaningful labels.The XrMLhelps browsers and the digitalcopyright management system:

·easily identify relative copyright management information for management control；

·easily make statistics or classification based on the defined labels；

·easily exchange data between heterogeneous systems；

·easily identify and search related rights information.

7 Conclusions

The feature of digitalinformation and networked devices in a home network makes DRM become an important means to coordinate the interests of multiple parties such as network operators，content providers and users.As a comparatively new area of research，DRM has to face many difficulties due to the relative closure and internal sharing nature of the home network.As many problems concerning DMRcore technologies，the architecture and implementation solutions have not yet been solved.It is necessary to make an integrated analysis from various aspects including technology，market，and management，and to carry out a joint discussion among people from different areas and different background groups.

The growth of personalized content making and distribution such as triple play，interactive TV，mobile streaming media and network podcast，or even the up-coming of the pervasive computing concept will certainly present challenges to DRM in home networks.Therefore，it is necessary for law and management professionals as well as technicians to make joint efforts to develop and perfect the DRM system.