|
Napster, Gnutella, DeCess: Three words that give digital content developers the willies, especially as broadband access makes them eminently more usable by more people.
With these audio and video replication technologies widely available, content providers are on guard. They want to prevent these forces from replicating for free what they worked hard to create, but at the same time, they don't want content security to be so laborious that paying customers turn away in frustration.
How do they do that? It depends on what they want, according to those working in the digital rights management arena.
To start with, not all content needs to be all that secure.
"It very much depends on the actual value. If it is a piece of music that is selling by the millions and this is hacked, why that's a big loss," says Leonardo Chiariglione, executive director of the Secure Digital Music Initiative, a group formed by major music labels and several software firms to come up with a copyright-safe music distribution technology. "You would like to have a system that is flexible in the sense that if it is something reasonably valuable, then you can make it very strong. If it is something that is not so valuable you can make it reasonably weak."
That's one reason why San Diego-based Mindport Sentriq is offering a range of security for content providers. It offers varying levels of security--personalized news clips accessed daily shouldn't come with as much protection as a premium movie streamed from a video-on-demand provider.
"Not everything will be at the highest security level," says Robert Fransdonk, chief technical officer. "You make some content secure if it is valuable enough that people want to go through those steps."
But even with the most elaborate encryption and secure transaction process in place, the reality is there will always be hackers eager to crack open content. "There will be a certain percentage of people who will get access to content that they should not have," Fransdonk says. "It has to be kept manageable. It is a balance between maintaining security and providing content to legitimate users. You have to evaluate the content and the willingness of users to go through (the security measures)."
Internet systems may provide more openings for hackers, but digital technology can push them shut using "watercrypting" technology. Mindport Sentriq offers a watercrypting system that encrypts content and adds a data code identifying who bought the content and when. If someone tries to make copies and is caught, the data can trace back to the original owner, who may face the legal music for allowing the content to be duplicated illegally.
In many ways, digital security also has to become more like its real-world counterparts, according to P.S. Kohli, vice president of content security solutions at Convera Corp. Convera is the result of a merger between Excalibur, a search software company, and Intel Corp.'s media services division.
"One doesn't think about it, but when you walk into a store you are subjected to all sorts of security features," Kohli says "For example, the tag on the merchandise sounds an alarm if you try to walk out of the store without paying. The difference between that and what we have on the Internet is the consumer doesn't have to interact with it."
To that end, Convera's Internet Software Integrity System (ISIS) tries to prevent users who have bought digital content from copying it for further distribution by creating a sort of background monitor. ISIS-encoded content carries a stream of data called a content protection agent. This invisible code triggers the user's computer to download a client piece of software, which sits on the computer and acts as a monitor. Each time the content is played the client checks the system for changes-such as a new music file "ripper" program-before it descrambles the content for viewing.
"The trust is it would do a check on the environment before it delivers the content," Kohli says. "It is what we call the digital fingerprint, and it checks to see if anything has changed."
Preventing copies isn't always the goal, however. With music files in particular, the SDMI is working to create a safe system for users to transfer files to a portable digital player. The focus there is on limiting the number of copies, not preventing it outright.
"The point is there is nothing wrong with giving people what they have been accustomed to in the analog world," SDMI's Chiariglione points out. "You buy a cassette-of course you would like to have another copy because you don't know what happens to the one you have bought. But on the other hand when you are in the digital world, and then you have MP3 files, you have 10,000 addresses and you send that in music to those 10,000 addresses-that's a very substantial loss to the people who have created the music. So that's really the dilemma."
That's why SDMI is developing a secure software application that allows consumers to buy a CD and make up to four compressed digital copies. To make more, the user has to remove and reinsert the CD. While they can replicate the original copy endlessly in batches of four, the copies themselves cannot be replicated.
The organization has selected five candidates for this system, and after a series of "hack tests" this fall it is examining the results. Based on that, it will choose either one or create a hybrid of these technologies as the final product. Then companies that agree to produce content, software and consumer electronics under the SDMI banner will use the technology to develop their products.
"It's a gate keeping," Chiariglione says. "It's a technology that lets into the SDMI domain only the content that is legitimate."
|
