Digital Content and Its Security

Guo Jun

（School of Information Engineering, Beijing University of Posts and Telecommunications,

Beijing, 100876, China）

Abstrac t:The digital content industry is becoming a new impetus for the development of the information industry as the infrastructure construction,including the optical fiber backbone transmission network and the wireless mobile access network,are being completed.Industrial analysis and technical research of the digital content become more and more important in this situation.Digital content security technology is one of the three supporting technologies in the digital content industry.The key points to guarantee digital content security include the solutions for the following problems:sale of pirated digital content,damage and pollution of illegal and harmful content to the social environment,and the means for consumers'security and reasonable payment.

A broadband information expressway,providing services that integrate text,image,audio and video,is emerging along with the accomplishment of the opticalfiber backbone transmission network and the new-generation wireless access network.In this situation,people begin to have their eyes on digital content—the＂vehicle＂on the expressway—and expect that it can promote the healthy development of the information industry.

The Organization for Economic Cooperation and Development（OECD）stated in the Information Technology Outlook 2006［1］that the information industry had seen a great development of the digital content industry after the broadband network infrastructure was basically accomplished.Digitalcontent has become a major impulse for the development of the information industry with its effect over all of the socialfields.OECD also appealed to its member countries to change the emphasis from physical product manufacturing to intangible product with high value-added-digital content.

Advanced countries have reaped enormous profits from promoting the digital content industry.For example,the U.S.has revenue of$2.4 billion from online recreation including games,music and video services,which will continue to develop rapidly in the coming years,and is expected to reach$9 billion in 2010.

China also pays great attention to the development of the digital content industry.Its national11th Five-Year Plan definitely addressed a policy to encourage the development of the digital content industry.More and more local governments are establishing development policies in an attempt to be the first to seize the opportunity.

For example,Beijing Municipality places emphasis on the digital content and creative industries in its five-year economic development strategy.Shanghai Municipality takes a series of measures in its three-year action plan and five-year development plan.These measures include building the digital content industry base in the Xuhui district,the multimedia base in the Changning district,the state-level automation and movie production base in the Putuo district,and the state-level network gaming and animated cartoon industry base in the Zhangjiang district.

Under such circumstances,many want to learn about the latest development in the digital content industry and the related techniques,including the basic concepts of the digital content security,key techniques and development news.

1 Basic Concepts of Digital Content and Its Security

More varieties of digital content are available along with the development of digital technologies.Digital content includes digital audio and video,scientific publication,distance learning,animation and gaming,financial information,government bulletin,network blog and forum,Short Message Service（SMS）and Multimedia Message Service（MMS）,and Color Ring Back Tone（CRBT）service.These contents involve education,science,finance,culture,recreation,business and communications.A large-scale industrial chain that will influence the whole society is being developed in the development,production,delivery,distribution and consumption of digital content.People have recognized the industrial chain has great potential in terms of the market size and the impact on the current industrial structure.

Technologically speaking,the development,delivery and security of digital content are the three big supports of the digital content industry.Digital content development is closely associated with cultural and art creation,and on the other hand,it cannot be independent of the image,audio,video and Web 2.0 technologies.Digital content delivery dramatically changed from the traditionaloffline distribution to the Internet online and mobile delivery along with the development of broadband technologies.Network portals,search engines,wireless broadband and mobile interaction become core techniques for digital content delivery.Digital content security includes Digital Rights Management（DRM）,illegal and harmful content filtering,and online payment security.

However,neither the academic world nor the industry has had a uniform recognition on digital content security.As viewed from the general concept of information security,digital content security should mainly ensure content privacy,integrity and authenticity.Theoretically,the concept has no problem,but it appears to be abstract and vague.Main problems in the development,delivery,and consumption of digital content show that the key points to secure digital content provision are the following:

·Solution for the pirated digital content sale and illegaluse problems,

·Solution for the damage and pollution of illegal and harmful content to the social environment,and

·Solution for the consumers'security and reasonable payment.

DRM is developed for the first problem.Encryption methods are used for digital content protection,which allows content to be used only with permission.The Content-Based Filtering（CBF）technology is developed for the second problem.

Character,speech and image recognition techniques and text classification are used to filter and block illegal and harmful contents.For the third problem,a micropayment technology is being studied.Platforms such as Public Key Infrastructure（PKI）and third-party agent are used to ensure user account security,and enable users to pay a small amount of money for digital content.

These technologies and researches cover most of the digital content security.Knowing them can help readers understand the basic

concepts of digital content security.

2 DRM

DRM prevents digital content from being pirated and avoids patent infringement and abuse in each part of the process,from production,delivery,and to consumption.It secures digital content using effective approaches involving technology,law and commerce,thus protecting the provider's intellectual property rights［2］.However,this paper only discusses the technologically implemented DRM system.

The DRM system is generally composed of three parts:

·Digital Content Provider（CP）,

·License Distributor（LD）,and

·User Player（UP）.

The CPencrypts digital files using a packaging program.The 128-bit and 156-bit symmetric encryption algorithms are commonly used now.Akey is created using the key seed shared with the LD and a globally unique key ID.Header information,including the author,version,issue date and key ID,is added after content encryption.Packaged files can be saved on the CP's website server or burned into a CD.

The UPsearches the required license（the decrypted key）first from its license library when it accesses a CP's website server or plays a packaged file on a CD-ROM.If the license exists,it plays the file.If the license does not exist,it must apply for the license for the digital file from the CP-specified LD.

The LD authenticates the user's identity after receiving the license request from the UP.If the user is legal,or the user becomes legal by paying for the license,the LD issues the license for playing the digital file in the UP.A validity period and different charge can be set for the license as needed.

In the DRM system,the encryption function can also be replaced by digital watermark or digitalsignature.Alot of research and development work has been conducted in these aspects in the academic world and the industry.The DRM system can be implemented by using different information security technologies,resulting in different system performance and costs,which is an issue that requires deep research.

Encryption algorithms for multimedia including image,audio and video have been well researched in the past ten years.The encryption process is increasingly integrated with the compressing and coding process to achieve both good security and high compression ratio.In addition,the bandwidth and reliability of multimedia,wireless and mobile networks are also considered.Encryption algorithms that meet the scalability and real-time requirements of heterogeneous environments are being researched and developed.

DRM develops faster on a mobile telecommunication network than on the Internet.The main reasons are as follows:

·The mobile network is relatively closed.The DRM system is easy to set up and hard to be attacked.

·There is a large number of mobile network subscribers.Distributing a large amount of DRM-protected digital content on this platform can lower the cost for digital content,and is helpful for the promotion of licensed digital content and the protection of intellectual property rights.

The Open Mobile Alliance（OMA）published the OMADRM 1.0 Enabler Release,an internationalstandard for mobile DRM,on November 2002,providing a guide on how to set up a DRM system on the mobile network.After that,more and more world-leading vendors,including Nokia and Motorola,undertook relevant development,and publicly discussed the problems in the development.

The OMAissued OMADRM V2.0 in June 2005.This release establishes a PKI-based security and trust model,and provides a functional architecture of the mobile DRM system,rights description language standard,Digital Content Format（DCF）and Rights Object Acquisition Protocol（ROAP）.

3 CBF

CBFis an important part of digital content security.The main objects of CBF include illegal and harmful contents,such as illegaladvertisement,erotic information,misleading rumor,network virus and hacker attack.Earlier CBF technologies filter text and executable files using string match.They are mainly used to prevent harmful texts and viruses.Along with the development of multimedia technologies,lots of illegal and harmful information are transmitted in forms of image,audio and video,making it impossible for the simple string match technique to identify contents effectively.

In this situation,intelligent techniques,including pattern recognition,natural language processing and machine learning,have been introduced to CBF.Moreover,text classification and mining based on the above mentioned intelligent technologies have developed greatly,

which drives CBFinto the development stage supported by intelligent technologies.

For text file filtering,the Vector Space Model（VSM）or N-gram Language Model is used to express files,and then the models for the files requiring filtering and those not requiring filtering are created by using positive and negative samples.Accordingly,classifiers for executing specific tasks can be further created,such as Bayesian classifier,Support Vector Machine（SVM）and k-NN.Such classifiers are placed in network nodes or hosts to achieve text file filtering.

A common text file filter is the spam mail filter.The Text Retrieval Conference（TREC）［3］has taken the spam mail filter as a test program since 2005,which greatly promotes the development of the technique.

In China,the academic world,the industry and the government also pay much attention to the filtering of illegal and harmful information in short text,such as spam short messages,besides spam mails.The National Natural Science Foundation of China,the National Information Security Plan and multinationalenterprises have funded a number of related research projects.

As for the image and video file filtering,character recognition,face recognition,human body recognition and object recognition are core techniques.These techniques enable the recognition of characters contained in files that reflect different scenes,including those in text plates,slogans and advertisements,as well as of faces,bodies and objects that reflect different persons and events.These recognitions can be used to classify and filter images and videos,（e.g.,to filter erotic pictures and drug advertisements）.

In the above-mentioned image recognition technologies,the research of the character recognition technology began very early.However,the recognition of characters in images is a special technology,owing to the influence of such factors as inclination and light in images.

As hot research topics,the technologies for face recognition and object recognition have been given much attention in recent years and have made remarkable progress.In 2007,an object recognition-related key project,sponsored by the National Natural Science Foundation of China,attracted 11 powerful scientific research institutions.The competition was really severe.Besides,international researches for object recognition are increasingly combined with image search and filtering in networks［4-5］.

Core techniques for audio file filtering include speech recognition,language recognition and speech keyword spotting.

For news broadcasting files in a quiet environment,the files are first converted to text files using the speech recognition technique,and then filtered using the text filtering technique.The National Institute of Standard and Technology（NIST）Topic Detection and Tracking（TDT）［6］project of the U.S.made much research in the technique,and it had a remarkable progress.The current hot research is the filtering of speech or music files in noisy environments.It is difficult to recognize the contents of such files using regular speech recognition approaches,and they require special means.

It is unnecessary to convert full files into text when filtering the files using language recognition and speech keyword detection.It is only needed to recognize whether or not the speech in the files is the specified language or if the files contain the specified keywords.Language recognition and speech keyword spotting are usually used for rough filtering to improve filter efficiency.

Filter efficiency is a particular problem in the network environment.Filters based on intelligent technology usually require very complex computing with a large

time overhead.This is caused by the file expression model,which is generally a feature vector with too many dimensions.For example,a feature vector with tens of thousands of dimensions is often used for text classification,with each dimension corresponding to one word.

Therefore,decreasing feature dimensions becomes very important.

Asimple method to decrease feature dimensions is feature selection,that is,parts of the features are selected,according to priority,from the existing features.Mapping transformation from high-dimension space to low-dimension space is another method.Dimensional reduction is obtained by discarding the dimensions with the low variance（energy）such as Principal Component Analysis（PCA）,Linear Discriminant Analysis（LDA）,manifold analysis and the graph model.The study of these methods is very important and has universal significance,and it is also very popular in this field.

4 Micropayment

Downloading digital content such as a song,a CRBT,a paper,or even one page of a book from online usually costs very little.Such consumption cannot be settled between consumer and seller in conventionalways because the settlement cost is too high,and is sometimes even higher than the consumption charge.For example,if downloading a song requires 5 cents,the handling fee for charging through bank in a usual way may be 10 cents at least.Neither the consumer nor the seller can accept such settlement.Therefore,there is a close tie between digital content consumption and the micropayment technique.

Micropayment is a technique that allows electronic payment for any small consumption.It is used to ensure the security of the consumer's money and data in the electronic bank,protect the sellers against fraud,and prevent the transaction data from being tampered.More significantly,it enables electronic payment with the lowest cost,and thus ensures that the transaction cost is lower than the actual content cost.Common micropayment methods include online payment,mobile phone micropayment,electronic check and credit card.

The key technologies for fulfilling the micropayment system include PKIand a transaction agent.PKIprevents attacks by encrypting the identifier of the buyer and seller,as well as the transaction data involved in the deal.Such attacks include identity forgery,key abuse and message cracking.The transaction agent technology enables credit guarantee,identity authentication and fair dealing.It minimizes the transaction cost using techniques such as Transferable Coin.

The current micropayment research focuses on protocols and system models.Micropayment protocols can be divided into offline and online types.Typical offline protocols include MPTP,Payword,Agora and MiniPay.These protocols enable consumers to complete deals before actual payment based on their credit.However,they cannot effectively control repeated consumption（abuse with the same voucher）and malicious consumption（overdraft）.

A typical online micropayment protocol is Millicent.It verifies consumers'account information online in real time using a transaction agent.This protocol effectively prevents repeated and malicious consumption,but decreases the protocol efficiency.

Micropayment protocols and models are evaluated mainly in terms of security,fairness,transaction cost and running efficiency.

（1）Security means protecting bargainers'identities against forgery and betrayal,as well as ensuring the safety of their money and the confidentiality of their transactions.

（2）Fairness means treating consumers,sellers and transaction agents fairly in the whole dealing process,that is to say,consumers'credits are assessed properly;sellers are protected against fraud,and transaction agents can get reasonable profits.

（3）Transaction costs should be minimized to meet the requirement of micropayment.

（4）Running efficiency should be maximized.The time and space consuming for protocols should also be minimized.

Micropayment protocols and models are closely related to the network on which the system is based.For example,there are obvious differences between the micropayment systems separately based on mobile telecommunication,WWWand P2Pnetworks［7］.Generally,the existing systems cannot meet the requirements for the rapid development of the current digital content industry.An OECD report said the lag of the technical development of micropayment system has restricted the digital content consumption.

5 Conclusions

The size of the digital content industry is expanding rapidly,which has increasing impact on the ITindustry structure.

Therefore,all the countries worldwide have paid great attention to the digital content technology.Digital content security is an important component of the digitalcontent technology.The digital content industry cannot develop successfully without the support of the security technologies.

Meanwhile,digital content security involves a variety of challenging scientific and technicalproblems such as efficient multimedia encryption and hiding algorithm,network multimedia content recognition and filtering algorithms,and heterogeneous network oriented micropayment protocols.Overcoming these challenges needs the concerted efforts of the academic world,the industry and the government.And only in this way can the digital content industry of China develop rapidly and become a powerful impetus for China's ITindustry.