Digital Rights Management in E-commerceDRM in PracticeEnterprise DRMDRM Policy Management IssuesDRM Authentication IssuesEnterprise DRM ExamplesSarbanes-Oxley Act ComplianceAccess Control without User AuthenticationThe Bottom LineEnterprise Digital Rights Management:Ready for Primetime?Mark Stamp and E. John SebesDigital Rights Management in E-commerceAlthough audio and video grab most of the digital rights management (DRM) headlines, let’s consider different example. Suppose I want to sell my new digital book online. One obvious concern is that I might only sell one copy, since a purchaser can—at the click of a mouse—redistribute the book to anyone on the Internet. This is a fundamentally different situation than what existed in the pre-digital era. Of course, non-digital books can be photocopied, but time and effort isrequired to do so, and there is some reduction in quality from the original. Is there any reasonable way to sell my digital book online? The simplest and least secure approach would be to follow the shareware model, which is essentially the honor system. In doing so, I would be relying on the inherent honesty and goodness of Internet users. You might be surprised to know that this has actually been tried. Stephen King published a book, The Plant, online, relying on the honor system for payment. The book was produced in installments that were freely available for download. The price was $7 and the author stated that he would continue publishing installments provided at least 75% of downloader’s paid. The first installment just made the grade, with a 76% paymentrate, but by the fourth installment, only 46% had paid. King then pulled the plug, leaving behind some angry customers who had paid $7 for a fraction of a novel.If we’re not willing to rely on the honor system, what other options are available? This is where digital rights management comes into the picture. A DRM system isdesigned to restrict what the legitimate recipient can do with digital content after receiving it. These restrictions might include “no forwarding” or “no printing” or “do not open until Christmas”, or any of a number of other possibilities. Note that DRM is primarily designed to prevent the intended recipient from doing certain tings. This is in stark contrast to standard cryptography, where the protection is aimed at unintended recipients.At the least, a DRM system should prevent a purchaser from redistributing my digital book to others. Since DRM protection must stay with the content whereverit goes, the buzzwords “persistent protection” and—in the case of documents—“protable document security”, are often used synonymously with DRM.DRM in PracticeDRM is supposed to restrict what a user can do with digital content. But the user will have some access to the content on a PC that is completely under the userscontrol. If the user also happens to be a motivated attacker, the advantage clearly lies with the attacker. In the e-commerce arena, the long list of failed DRMsystems attests to this basic fact. Examples of failed DRM systems include Sony’s Key2Audio (which, famously, could be defeated by a felt-tip pen), Microsoft’s MS-DRM and Adobe’s e-Books, among many others.Another issue inherent in DRM is the so-called “analog hole”. Even if a DRM system were to provide perfect technical security, the content could still be captured in analog form. For example, a camera could be used to photograph thedisplayed images of the pages of a digital book. These photos could then be redistributed in digital form. Such an attack is the digital equivalent of photocopying a non-digital book, since some effort is required and the copy is of lower quality than the original. An attack via the analog hole is beyond the scope of a DRM system and acts as a limit on the value and sensitivity of data that can be protected.How is DRM actually implemented in software? In a nutshell, DRM client software incorporates data or techniques that must be kept secret from users andadministrators. Knowledge of these secrets would allow an attacker to remove the DRM protection on documents, or to trick the software into always granting full access. Strong DRM software should also include defensive mechanisms to limit the ability of attackers to observe the client software as it executes. Other critical challenges for DRM systems include protecting a shared secret (such as a master key) in software, authentication and authorization, and disabling obvious attacks, such as the screen capture of digital documents. The strength ofany particular DRM system is determined by the strength of its self-defense measures.Not surprisingly, secure DRM in the e-commerce arena has proven to be an elusive goal. But within an enterprise, DRM has much better prospects for success.Enterprise DRMDRM within an enterprise setting is a vastly different beast than DRM in a general e-commerce setting. While the strength (or lack thereof) of DRM mechanisms looms large in e-commerce applications, it is of far less concern within an enterprise. In enterprise DRM the system often only needs to be robust enough so that active measures are required to break the security. Provided this is the case, legal sanctions can be brought to bear against employees who attackthe DRM security, since they must have actively sought to do so. In e-commerce,such a low degree of DRM strength would likely be insufficient, since the legal sanction is far less plausible since it is much harder to enforce.The “killer app” for enterprise DRM is document management, primarily due to regulatory compliance. The relevant regulations include the Health InsurancePortability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA) and the Sarbanes-Oxley Act (SOA). These laws require that the confidentiality and/or integrity of certain types of documents be protected. The penalties imposed can be Draconian, which has generated considerable interest in DRM-based protection.While the utility of DRM in e-commerce remains in question, existing DRM security technology is more than sufficient to meet the more limited requirements of document management within an enterprise. If enterprise DRM is ready for primetime, why is it not more prevalent in the corporate world today? In our experience, two issues having nothing to do with the strength of DRM security have been the most significant barriers to enterpriseDRM adoption. These issues