基于移动终端的数字内容安全交易模型的研究
|
摘要
随着网络和电子商务的发展,网上传播的数字内容存在着大量的盗版和侵权问题,对数字内容的交易进行版权保护,成为一个迫切需要解决的问题。另一方面,移动终端也在快速发展,终端用户共享资源也变得越来越频繁,这样也要求在移动终端实现对数字内容的版权保护。但现在的数字版权保护技术和数字版权保护系统存在缺点,特别在移动终端上更加明显,这也是数字内容的商业模式至今未成熟起来的原因。
本文首先论述了基于个人电脑的数字内容安全交易模型,此模型在安全性达到要求的基础上,消除了一般数字版权保护系统中授权用户容易获得数字内容的解密密钥、数字内容缺乏通用性和未保证用户购买商品匿名性的缺点。其次从移动终端角度,分析了移动终端硬件、软件等环境的特殊性以及将基于个人电脑的数字内容安全交易模型移植到它之上的可行性,并提出了基于移动终端的数字内容安全交易模型。它是一种纯软件的解决方法,能克服一般数字版权系统的缺点,相对于目前的移动数字版权管理系统需要辅助硬件来支持也有一定的优势。本文最后讨论了在移动终端模拟器上利用自主开发的客户端应用程序进行仿真实验,测试了此模型,能达到预期的效果。
在仿真实验中,采用J2ME作为开发语言,它相对于其他语言有移植性强和开发速度快等优点,而且在机器指纹获取方面也能发挥重要的作用。
相信本文对“移动终端数字内容安全交易的商业模式及其安全性需求”的研究具有重大的意义。
With the development of Internet and electronic commerce, a great deal of pirate and tort about digital contents exists on Internet, so it is urgent to do something to protect copyright of digital contents. On the other hand, mobile terminals have developed fast and resource is shared more and more frequently among users of terminals so that it is also needed to realize copyright protection of digital contents in mobile terminals. However, system of the digital rights management is not perfect enough to solve the problem at present, especially in the area of mobile terminal, which is the reason that the commercial pattern of digital content has not been developed naturally.
At first in this paper a model of digital content's secure trade based on personal computer is discussed. The model has the same security as general system of digital rights protection, and eliminates the shortages of the common digital rights management system: getting the decrypted key of digital content by legal user easily, lacking generality of digital content and shopping on Internet without anonymousness. Secondly at a different angle, this paper analyses the particularity of hardware, software and so on of mobile terminal, and the feasibility of transplantation from PC to mobile terminal of the secure trade model of digital content. Then the new model of secure trade of digital content has been put forwarded. This is a resolvent by only software. It doesn't only eliminate the shortages of system of common digital rights management, but also has more advantages than present system of mobile digital rights management which needs support by extra hardware. At last, the model is tested through the client software on the emulator of mobile terminal and the conclusion is that the model has the same effect as expected.
At the emulating test, J2ME is used as developing program which has more advantages of transplantation and is faster at developing rapidity than other program, and plays an important role at getting the fingerprint of mobile terminal.
It is trusted that the paper makes significance on the research of commercial mode of digital content's secure trade based on mobile terminal and its security.
本文首先论述了基于个人电脑的数字内容安全交易模型,此模型在安全性达到要求的基础上,消除了一般数字版权保护系统中授权用户容易获得数字内容的解密密钥、数字内容缺乏通用性和未保证用户购买商品匿名性的缺点。其次从移动终端角度,分析了移动终端硬件、软件等环境的特殊性以及将基于个人电脑的数字内容安全交易模型移植到它之上的可行性,并提出了基于移动终端的数字内容安全交易模型。它是一种纯软件的解决方法,能克服一般数字版权系统的缺点,相对于目前的移动数字版权管理系统需要辅助硬件来支持也有一定的优势。本文最后讨论了在移动终端模拟器上利用自主开发的客户端应用程序进行仿真实验,测试了此模型,能达到预期的效果。
在仿真实验中,采用J2ME作为开发语言,它相对于其他语言有移植性强和开发速度快等优点,而且在机器指纹获取方面也能发挥重要的作用。
相信本文对“移动终端数字内容安全交易的商业模式及其安全性需求”的研究具有重大的意义。
With the development of Internet and electronic commerce, a great deal of pirate and tort about digital contents exists on Internet, so it is urgent to do something to protect copyright of digital contents. On the other hand, mobile terminals have developed fast and resource is shared more and more frequently among users of terminals so that it is also needed to realize copyright protection of digital contents in mobile terminals. However, system of the digital rights management is not perfect enough to solve the problem at present, especially in the area of mobile terminal, which is the reason that the commercial pattern of digital content has not been developed naturally.
At first in this paper a model of digital content's secure trade based on personal computer is discussed. The model has the same security as general system of digital rights protection, and eliminates the shortages of the common digital rights management system: getting the decrypted key of digital content by legal user easily, lacking generality of digital content and shopping on Internet without anonymousness. Secondly at a different angle, this paper analyses the particularity of hardware, software and so on of mobile terminal, and the feasibility of transplantation from PC to mobile terminal of the secure trade model of digital content. Then the new model of secure trade of digital content has been put forwarded. This is a resolvent by only software. It doesn't only eliminate the shortages of system of common digital rights management, but also has more advantages than present system of mobile digital rights management which needs support by extra hardware. At last, the model is tested through the client software on the emulator of mobile terminal and the conclusion is that the model has the same effect as expected.
At the emulating test, J2ME is used as developing program which has more advantages of transplantation and is faster at developing rapidity than other program, and plays an important role at getting the fingerprint of mobile terminal.
It is trusted that the paper makes significance on the research of commercial mode of digital content's secure trade based on mobile terminal and its security.
引文
[1].爱迪德技术(北京)有限公司,移动数字版权管理.广播电视信息[J],2006(2):42-44.
[2].Special Issues on Copyright and Priracy.IEEE Journal of Selected Area in Communications[J],1998,16(4).
[3].陈明奇,钮心忻,杨先义.数字水印的研究进展与应用[J].通信学报,2001,(5):71-79.
[4].马苗,张群会,郝重阳.数字版权保护新技术—数字水印.西安科技学院学报[J],2003,(3):82-85.
[5]. F Hartung, M Kutter. Multimedia Watermarking Techniques. Proc of the IEEE [J], 1999, 87(7) : 1079-1107.
[6]. K Stefan, F A P Petitcolas. Information Hiding Techniques for Steganography and Signal Watermarking [M]. Boston: Artech House, 2000.
[7].易开祥,石教英,孙鑫.数字水印技术研究进展.中国图像图形学报[J],2001,6(2):111-117.
[8]. Bender W, Gruhl D, Morimoto N, et al. Techniques for data hiding. IBM System Journal[J], 1996, 35(3&4): 313-336.
[9].汪保友.数字作品的安全与版权保护关键技术研究[C]。复旦大学,2002,(5).
[10]. MoriR, KawaharaM. Super distribution: The Concept and the Architecture. Transactions of the IEICE, 1990, E73(7).
[11].胡志远,顾君忠.基于安全容器的媒体信息版权保护机制研究[J].计算机工程,2002,(7):26-31.
[12].庄超,白硕,李国杰.网络内容安全分发与版权保护技术[J].计算机工程,2000,(6):50-52.
[13]. InterTrust, Digibox. http://www.intertrust.com.
[14]. IBM, Crypolope. http://www.cryptolope.ibm.com/white.com.
[15]. Morin J H, Konstantas D. Commercialization of Electronic Information. Alberto Del Bimbo. IEEE Multimedia Systems 99, University of Florence, Italy, 1999. 1-16.
[16]. Alexander T J. A Java-based Platform for Intellectual Property Protection on the World Wide Web. Computer Networks and ISDN System. 1998, 30(7):591-593.
[17].杨义先.现代密码新理论[M].北京:科学出版社,2002.23-73.
[18]. William Stallings, Cryptography and Network Security Principles and Practices[M].张焕国.第三版.北京:电子工业出版社,2004,44-62.
[19].李莉,张焕国.高级加密标准AES候选之一——RC6[J].通信保密.2000(1):57-61.
[20]. Biham E, Shamir A. Power analysis of the key scheduling of the AES candidate. The Second AES Conference. 1999: 115-121.
[21]. Gladmam B. Implementation experiences with AES candidate algorithms. The Second AES Conference. 1999: 7-14.
[22].阙喜戎,孙锐等.信息安全原理与应用[M].第一版.北京:清华大学出版社,2003.78-96,106-131,189-192.
[23].何俊杰,李广锡.采用MD5加密算法保护用户口令[J].计算机工程,2000,(10):277-280.
[24].张燕.数字签名技术的研究[J].计算机时代,1998,(5):20-22.
[25].王晓斌,黄少宽.数字化作品版权管理与XrML[J].图书情报知识,2003,(4):48-51.
[26]. OASIS. Extensible Access Control Markup Language(XACML) Version 1.0. OASIS Standard, http://www.oasis-open.org/xacml/.2002.
[27]. The XML Cover Pages. http://xml.coverPages.org.orml.html.
[28]. Hurwitz Group. Enterprise Metadata Management[R]. Hurwitz Group Balanced View Report, 1998.
[29]. The Digital Object Identifier System[M].http://www.doi.org/overiew.html.
[30].张福学.数字版权管理系统的功能和信息结构分析[J].情报技术,2002,(6):26-27.
[31].沙瀛,白硕.一种Internet内容版权保护机制模型及其实现[J].计算机工程与应用,2002,38(6):195-198.
[32]. John S, Erickson. Information objects and rights management: a mediation-based approach to DRM interoperability [J]. D-Lib Magazine, 2001, 7(4).
[33].蔡伟鸿,彭思喜,胡斯捷.基于版权保护的数字内容安全交易系统的设计与实现[J].计算机工程与设计.2005.26(9):2347-2350.
[34].郁英霞.掌上电脑不等于PDA[J].计算机周刊.2001(27):34.
[35].韦绍波.PDA及其发展前景[J].广西右江民族师专学报.2003,16(3):21-23.
[36].通信标准与质量信息网.无线移动终端的发展与标准化.http://www.ptsn.net.cn/.
[37].笋糕.细说操作系统 手机四大名牌服饰.http://mobile.yesky.com/smartphone/51/2036051.shtml.
[38]. GSM SECURITY. http://www.gsm-security.net/faq/imei-international-mobile-equipment-identity-gsm.shtml.
[39]. JSR_75、JSR_130 Specification. http://www.jcp.org.
[40]. 开放移动联盟-OMA. http://cs.nju.edu.cn/yangxc/2006dc/OMA.htm
[41]. OMA HOME.http://www.openmobilealliance.org/.
[42]. CoreMedia DRM.http://www.coremedia.com/.
[43]. Beep Science. http://www.beepscience.com/.
[44].姜楠,王健.移动网络安全技术与应用.北京:电子工业出版社,2004,109-146.
[45]. OMA-Download-DRM-Vl_0-20040615-A. http://www.openmobilealliance.org/
[46].华国栋.针对移动增值业务的OMA数字版权管理[J].当代通信.2005,(17):32-33.
[2].Special Issues on Copyright and Priracy.IEEE Journal of Selected Area in Communications[J],1998,16(4).
[3].陈明奇,钮心忻,杨先义.数字水印的研究进展与应用[J].通信学报,2001,(5):71-79.
[4].马苗,张群会,郝重阳.数字版权保护新技术—数字水印.西安科技学院学报[J],2003,(3):82-85.
[5]. F Hartung, M Kutter. Multimedia Watermarking Techniques. Proc of the IEEE [J], 1999, 87(7) : 1079-1107.
[6]. K Stefan, F A P Petitcolas. Information Hiding Techniques for Steganography and Signal Watermarking [M]. Boston: Artech House, 2000.
[7].易开祥,石教英,孙鑫.数字水印技术研究进展.中国图像图形学报[J],2001,6(2):111-117.
[8]. Bender W, Gruhl D, Morimoto N, et al. Techniques for data hiding. IBM System Journal[J], 1996, 35(3&4): 313-336.
[9].汪保友.数字作品的安全与版权保护关键技术研究[C]。复旦大学,2002,(5).
[10]. MoriR, KawaharaM. Super distribution: The Concept and the Architecture. Transactions of the IEICE, 1990, E73(7).
[11].胡志远,顾君忠.基于安全容器的媒体信息版权保护机制研究[J].计算机工程,2002,(7):26-31.
[12].庄超,白硕,李国杰.网络内容安全分发与版权保护技术[J].计算机工程,2000,(6):50-52.
[13]. InterTrust, Digibox. http://www.intertrust.com.
[14]. IBM, Crypolope. http://www.cryptolope.ibm.com/white.com.
[15]. Morin J H, Konstantas D. Commercialization of Electronic Information. Alberto Del Bimbo. IEEE Multimedia Systems 99, University of Florence, Italy, 1999. 1-16.
[16]. Alexander T J. A Java-based Platform for Intellectual Property Protection on the World Wide Web. Computer Networks and ISDN System. 1998, 30(7):591-593.
[17].杨义先.现代密码新理论[M].北京:科学出版社,2002.23-73.
[18]. William Stallings, Cryptography and Network Security Principles and Practices[M].张焕国.第三版.北京:电子工业出版社,2004,44-62.
[19].李莉,张焕国.高级加密标准AES候选之一——RC6[J].通信保密.2000(1):57-61.
[20]. Biham E, Shamir A. Power analysis of the key scheduling of the AES candidate. The Second AES Conference. 1999: 115-121.
[21]. Gladmam B. Implementation experiences with AES candidate algorithms. The Second AES Conference. 1999: 7-14.
[22].阙喜戎,孙锐等.信息安全原理与应用[M].第一版.北京:清华大学出版社,2003.78-96,106-131,189-192.
[23].何俊杰,李广锡.采用MD5加密算法保护用户口令[J].计算机工程,2000,(10):277-280.
[24].张燕.数字签名技术的研究[J].计算机时代,1998,(5):20-22.
[25].王晓斌,黄少宽.数字化作品版权管理与XrML[J].图书情报知识,2003,(4):48-51.
[26]. OASIS. Extensible Access Control Markup Language(XACML) Version 1.0. OASIS Standard, http://www.oasis-open.org/xacml/.2002.
[27]. The XML Cover Pages. http://xml.coverPages.org.orml.html.
[28]. Hurwitz Group. Enterprise Metadata Management[R]. Hurwitz Group Balanced View Report, 1998.
[29]. The Digital Object Identifier System[M].http://www.doi.org/overiew.html.
[30].张福学.数字版权管理系统的功能和信息结构分析[J].情报技术,2002,(6):26-27.
[31].沙瀛,白硕.一种Internet内容版权保护机制模型及其实现[J].计算机工程与应用,2002,38(6):195-198.
[32]. John S, Erickson. Information objects and rights management: a mediation-based approach to DRM interoperability [J]. D-Lib Magazine, 2001, 7(4).
[33].蔡伟鸿,彭思喜,胡斯捷.基于版权保护的数字内容安全交易系统的设计与实现[J].计算机工程与设计.2005.26(9):2347-2350.
[34].郁英霞.掌上电脑不等于PDA[J].计算机周刊.2001(27):34.
[35].韦绍波.PDA及其发展前景[J].广西右江民族师专学报.2003,16(3):21-23.
[36].通信标准与质量信息网.无线移动终端的发展与标准化.http://www.ptsn.net.cn/.
[37].笋糕.细说操作系统 手机四大名牌服饰.http://mobile.yesky.com/smartphone/51/2036051.shtml.
[38]. GSM SECURITY. http://www.gsm-security.net/faq/imei-international-mobile-equipment-identity-gsm.shtml.
[39]. JSR_75、JSR_130 Specification. http://www.jcp.org.
[40]. 开放移动联盟-OMA. http://cs.nju.edu.cn/yangxc/2006dc/OMA.htm
[41]. OMA HOME.http://www.openmobilealliance.org/.
[42]. CoreMedia DRM.http://www.coremedia.com/.
[43]. Beep Science. http://www.beepscience.com/.
[44].姜楠,王健.移动网络安全技术与应用.北京:电子工业出版社,2004,109-146.
[45]. OMA-Download-DRM-Vl_0-20040615-A. http://www.openmobilealliance.org/
[46].华国栋.针对移动增值业务的OMA数字版权管理[J].当代通信.2005,(17):32-33.