A Study of Key Management Mechanism for Content Access Control in Pay-TV Broadcasting Systems

現今用於付費廣播電視存取控制的金鑰管理系統可以分成兩種類型，時限性階層金鑰管理系統(time-bound hierarchical key management system)與條件式存取系統(conditional access system)。時限性階層金鑰管理系統主要是針對不同權限的使用者於不同時間指派不同的金鑰；另一方面，條件式存取系統則是針對不同的商業模式來設計出符合條件的系統。這兩類的系統的目的都是希望只有合法的使用者能夠正確的收看節目。在此博士論文中，這兩種類型的金鑰管理系統都有詳細的討論。此論文的第一部分，我們針對第一類型的金鑰管理系統。部分這類型的演算法是利用智慧卡來抵擋共謀攻擊。然而，我們發現一個利用智慧卡的演算法依然會遭受到共謀攻擊。我們修改此演算法來抵擋共謀攻擊並提出一個新的方法，可以不需使用智慧卡便能抵擋共謀攻擊。此論文的第二部分，我們針對條件式存取系統作深入研究討論並提出新的改良。由於現有的商業模式都有其限制，首先，我們定義了一個新的商業模式並針對此商業模式設計出相對應的條件式存取系統。此外，我們也針對所設計出的條件式存取系統作詳細的分析與比較。

關鍵字

存取控制；時限性階層金鑰管理系統；條件式存取系統；付費

並列摘要

In Pay-TV broadcasting systems, only the authorized subscribers are allowed to precisely access the TV programs/channels subscribed by them. In order to achieve this requirement, several key management mechanisms are proposed to provide the channel protection. Two kinds of key management mechanisms, time-bound hierarchical key management and conditional access systems, are widely discussed in Pay-TV broadcasting systems. A time-bound hierarchical key management scheme is a method to assign time-dependent encryption keys to a set of classes which have partially ordered hierarchy. On the other hand, conditional access systems provide the channel protection according to distinct business models. In this thesis, these two mechanisms are discussed. In the first part of this thesis, we focus on time-bound hierarchical key management schemes. We first demonstrate that a new scheme proposed by Betrino et al. is insecure against the collusion attack even their scheme has adopted tamper-resistant devices. We also provide some possible amendments to this scheme. Besides, we propose a new time-bound hierarchical key management scheme which can effectively defeat the collusion attacks without adopting a tamper-resistant device. Compared with the previous schemes, our design requires less public parameters. In the second part of this thesis, we put emphasis on the conditional access system. Since the existing business models, pay-per-view and pay-per-channel, have some constraints and drawbacks, we define a new business model which is more flexible for subscribers. In order to fulfill the requirements and assumptions of this business model, we also propose a new conditional access system. Besides, we also describe two methods to reduce the size of the access control matrix which is used for recording the subscription of all subscribers.

並列關鍵字

access control ； time-bound hierarchical key management ； conditional access system ； Pay-TV

參考文獻

[1] S. G. Akl and P. D. Taylor. Cryptographic Solution to a Problem of Access Control in a Hierarchy. ACM Transactions on Computer Systems, 1(3):239-248, 1983.

[4] G. Ateniese, A. D. Santis, A. L. Ferrara, and B. Masucci. Provably-Secure Time-Bound Hierarchical Key Assignment Schemes. In Proceedings of 13th ACM conference on Computer and Communications Security, pages 288-297,

[5] E. Bertino, S. Ning, and S. S. Wagsta. An Ecient Time-Bound HierarchicalKey Management Scheme for Secure Broadcasting. IEEE Transactions on Dependable and Secure Computing, 5(2):65-70, April-June 2008.

[7] H. Y. Chen. Ecient Time-Bound Hierarchical Key Assignment Scheme.IEEE Transactions on Knowledge and Data Engineering, 16(10):1301-1304, Oct. 2004.

[11] T. T. Do, K. A. Hua, and M. A. Tantaoui. P2VoD: Providing Fault Tolerant Video-on-Demand Streaming in Peer-to-Peer Environment. In Proceedings of IEEE International Conference on Communications, volume 3, pages 1467-1472, 2004.

國際替代計量

A Study of Key Management Mechanism for Content Access Control in Pay-TV Broadcasting Systems

主題瀏覽