THOMAS Julien¹, CUPPENS Frédéric¹, CUPPENS-BOULAHIA Nora¹

Communication dans une conférence à comité de lecture

SARSSI 2008 : 3ème Conférence sur la Sécurité des Architectures Réseaux et des Systèmes d'Information, 75015 Paris : Publibook, 13-17 october 2008, Loctudy, France, 2008, pp. 85-99, ISBN EAN:9782748343892

2008

In the past years, Digital Rights Management (DRM) has been used in order to control media's resources usage, for instance for the consumers. Several proposals have been made in order to define what kind of controls one could apply and how to apply them. It has also been proposed more recently to use DRM mechanisms in the enterprises (EDRM), not to control media's resources usage but to protect the enterprise resources. However, current studies about EDRM do not take into account an important aspect of the enterprises security information: the environment. In this article, we will define a framework to express environmental constraints based licences and to evaluate them. Examples will be given to show that the environment can be used to define more expressive licences and to apply better security policies for DRM based solutions.

1 : RSM - Dépt. Réseaux, Sécurité et Multimédia (Institut Télécom-Télécom Bretagne)

Environment constraint, Certification, Digital righ management (DRM), Licence

5121