Information and Computer Technologies
Computer Modelling and New Technologies, 2013, Vol.17, No. 4, 204-209Transport and Telecommunication Institute, Lomonosov 1, LV-1019, Riga, Latvia
RESEARCH OF AN NEW AC-C/S-BASED ELECTRONIC
DOCUMENT SECURITY SYSTEM
X. Xu
School of Mechanical&Electrical Engineering Changchun institute of Technology, Changchun, China Phone: (86)431-85711304. E-mail: [email protected]
An AC-C/S (Anti-Crack Client/Server) architecture model is presented in this paper to overcome the software crack risk at the existent DRM clients with anti-crack improved by the shell. The AC-C/S comprises the framework and key components transferred to be executed at the remote server, both interacting through the data stream technology. The realization of the electronic document system and its application is described to show that it has improved the security and flexibility at DRM clients.
Keywords: Electronic Document, Digital Copy Rights Management, Anti-Crack, Data Stream
1. Introduction
All documents have become electronic with the rapid development of computer and network. Moreover, their copyright and security technique also develops rapidly, among which is the typical technique of Data right Management (DRM). This technique is effective in preventing unauthorized use or illegal acquisition of electronic files, for example [1, 2], such as Adobe Content Server, InfoGuard and Unnoo. These products comprises client, licensing server and content server etc. First, the file is encrypted by packaging tools with the use authority and the key stored in the license. The user must acquire the license from the corresponding licensing server for their downloaded documents from the content server [3,4]. Such DRM file security products have the intrinsic demerit that the authentication and decryption are executed on the user’s computer. Once the software were cracked, there would be no protection for the files.
Therefore, ensuring the security of DRM system is important when the software is relatively fragile at client. Based on the popular network and improved bandwidth, the present paper has proposed a new approach in protecting DRM software at the client. The program was disassembled into a frame component and a key component. The software could be normally executed through the real time communication between network interfaces for the key parts transferred to remote security server.
Logically, cracker must establish the architecture transferred to crack the software. The cracking is even more difficult than programming a new software with more interaction in frequency and data between the separated software. For lower crack risk at the client, data stream transportation technique is required for the necessary processing of large amount of data.
Based on such a design philosophy, we have defined a new system architecture on the basis of C/S, named “Anti-Crack Client/Server, AC-C/S”. In addition, based on it we constructed electronic files security management system to safeguard the system and files (documents) through remote processing of the key part and decryption module.
2. AC-C/S Anti-Cracked Architecture and its General Design
2.1. AC-C/S Architecture ModelResearchers have recently noticed the system failure risk [5] brought about by the fragility at clients in DRM system. Although there are many ways of protection such as code encryption and shell technique, malicious cracker have the chances to analyse the plan for software protection and cracks clients through ways such as decompiling, inserting skip command to skip the protection mechanism [6].
We argue that the key for the system security is that the vital components run on the remote server to get rid of the cracker’s control. There is however a technical difficulty to integrate the separated parts and have high efficiency. First, there must be a communication protocol between operating systems, different interfaces and firewalls and we have chosen the “RPC Remote Procedure Call Protocol” as an ideal one. Second, there must be a data structure-processing model for real time interaction of great
Information and Computer Technologies
amount of data. Based on our previously studied technique for data stream processing, we have designed a Data Streaming Operation Tree (suitable for execution and processing in RAM) and query-operation tree dynamic scheduling algorithm by incorporating the compression coding and Sketch. This design solved the problems of the space limitation and query speed in data processing. Therefore, we chose the data stream technique as the interaction model for communication between the modules.Based on the study above, we modified the C/S Architecture by disassembling the client into a front part (for user’s interface, data stream integration and bottom level monitoring) and core part (for the core job), with the former stored at the clients and the latter at the server. The RAM vacancy at the clients left after the transfer is filled with stubs and data stream. We defined this derived architecture for preventing cracked as the AC-C/S (shown in figure 1).
Surface Client Solid Server
Fornt Part Core Part Server DataStream RPC+SSL TCP/IP
Figure 1. SC/SS Architecture Model AC-C/S Architecture could be represented as four tuples:
}
,
,
,
{
SC
SS
CP
DM
SS
(1) in which :}
interface
stream
Data
part,
Front
{
SC
(2)SC is defined as surface client, which comprises model, stubs filing the vacancy and data stream interface at conventional clients.
}
Server
part,
Core
{
SS
(3)SS is defined as Solid server, which comprises core part and disassembled part from clients at the ordinary server.
}
TCP/IP
RPC,
{
CP
(4)CP represents Communication protocol. Multi-threaded RPC was adopted between the disassembled parts from clients. The call interface is SOAP protocol, adopting two-way SSL for communication. TCP/IP was adopted for ordinary interaction between clients and the server.
}
pattern
stream
Data
{
DM
(5)DM represents the data model between two disassembled parts, realized by process-based real time data stream model.
Information and Computer Technologies
2.2. General Design of AC-C/S-based Document Security System 2.2.1. System Requirement
The system should provide the requirement for document security management long life cycle from its creation to destruction, such as the setting up of the access policy and reliable encryption to prevent unauthorized access to and modification of the copy and print, including:
1) In the network environment, administrator manages security levels and authorities, and copy the files and can read or modify them under the control of the system. All the files would be in cipher text format once away from the system.
2) DRM encryption depends on operating system, not with the format or programs. The operating system for the encryption is Windows XP (vista) at the clients and Windows2003 server at the server.
3) The system has high reliability, and strong power against crack. It monitors and records the clients’ operation.
2.2.2. The General Architecture
The System is based on AC-C/S, comprising surface clients and solid server.
Surface clients execute interaction surface, authority identification data stream interface, sends to the security server information collected about the clients, and monitors the uses of the electronic files.
Authentication, granting access, user’s behaviour audit, file decryption and client’s key modules are executed at the Solid server.
file filter driver level document monitoring process monitoring interface user authentication keys management users monitoring behavior audit
other key blocks
file encryption and decryption user level ID authentication data stream management and processing secure RAM management
Surface Client Solid Server
Figure 2. Block diagram of the security systems
The encryption module and some important lower-layer functions of the documents at the DRM file clients are packaged and transported to the server. As there is no decryption algorithm and keys at clients, the files decrypted at the server are sent to RAM and opened at clients. The RAM used for the files are locked and accept no access.
The reading or writing of the files are controlled at the bottom level of the system by file filter driver at the client to protect all kinds of files such as the files in format of pdf or doc [7]. At the same time, the clients are monitored for their operation or block any unauthorized operation, such as copying, reading and modification of the files. Clients sent the detailed description to the security server for query and alert against malicious behaviour.
3. Key Techniques for the Realization of the System
3.1. Realization of the Transfer of Key Module at ClientInformation and Computer Technologies
Client machine
RPC
Open input and output files
Encrypt DES key using RSA
write encrypted DES key
Encrypt the text using DES key
write encrypted text
Open input and output files
Decrypt DES key using RSA
Decrypt the text using DES key
write decrypted text
Remote server Authentication
Encrypt/Decrypt DES key using
RSA Read encrypted DES key
Create DES key
Dataflow Client
machine
RPC
Open input and output files
Encrypt DES key using RSA
write encrypted DES key
Encrypt the text using DES key
write encrypted text
Open input and output files
Decrypt DES key using RSA
Decrypt the text using DES key
write decrypted text
Remote server Authentication
Encrypt/Decrypt DES key using
RSA Read encrypted DES key
Create DES key
Dataflow
Figure 3. Remote encryption and decryption process
Encryption module is executed at remote server. After they passes the authorization, the surface clients start to sequence the files specifically in the form of stream, transfer them through RPC after compressing them into byte stream [8]. Upon receiving the data stream, the server generates query-operation tree in accordance with special connection management policies, and executes encryption algorithm after dissembling the data blocks. After decryption, the data is transferred to the RAM-area secured in SSL encrypted stream through the established security channels at clients. Surface clients counter-sequence the data in the locked security area, add load dropping operators to realize efficient load dropping by using frequent items algorithms in the data stream. This ensures improved file response rate at the clients for the netflow limit (for this technique, please refer to our other papers). In this model, the client could not acquire the authority to process the files before passing the authentication.
As the key to the encryption and decryption is on the remote server, the client could not process the files at clients independently of the remote server. Thus, the cracked DRM is logically blocked at the client.
At the same time, we transported many of the bottom level modules at the client to the server and runs in the above mechanism. Logically, cracker must rebuild the key parts at the client to crack the system at clients. This ultra-difficulty greatly lowers the possibility of cracked risk.
3.2. The Encryption and Decryption System
To lower the risk of misconduct and leak out by insiders, the system adapts a management strategy of “Power Sharing” [9]. We have designed a multi-level encryption system with keys in many categories for data encryption at customer’s end through SM4 encryption card. The keys comprises start key, management key, restoring key, local key and base key ( as shown in Table 1).
TABLE 1.System Key Categories
No Categories Type Uses
1 Start key Asymmetrical System starts key, protecting management key at two levels. 2 Management key Asymmetrical System management key, restoring and decrypting keys. 3 Restoring key Symmetrical Encryption key for local key, protected by key encryption. 4 Local key Symmetrical Encryption key for base key, protected by restoring key. 5 Base key Symmetrical Data encryption key, protected by local key
Encryption Processing Flowchart is shown in Figure 4.In the encryption and decryption system, data is encrypted in the storage processors and sent to the storage equipment. The base key generates a
Information and Computer Technologies
K1 through encryption by local key, which generates K2 through decryption restoring local key, which generates K3 through decryption by restoring key, which generates T through primary start key. Secondary start key encrypts T into TT. The K1, K2, K3, T and TT together are stored in the parameters databank of system.Figure 4. Encryption Grade System in SecureSAN
In this encryption system, the emphasis of protection is that the password stored in the key rather than in the data, in the base key is encrypted at multiple layers. This disperses the management power and lowers the risk of leak out and simple the steps of data encryption but with better functions.
4. Evaluation and Application of the System
4.1. Application Flowchart of the SystemFirst, the administrator packages the DRM files, and stores access control privileges and keys at the server. The cipher text is sent on-line and off-line to clients.
Client logs into the security server through the client, and establishes security channel after ID is authenticated by user’s key and certificate at client. Surface client sends the cipher text to the decryption module at the remote server and gets the plain text in the data stream at the client. The plain text is stored in secure RAM area with exclusive lock protection to prevent the call from external programs while the client is in the state of being monitored at bottom level. The client can have the call operation within the privilege while the software at the client monitors the operation and sends operation records to the software at security server.
The files are closed after the operation with the plain text at RAM automatically deleted and cipher text still at the client computer. In the case of creating a new file or re-editing a file, the remote server would arrange a new key and encrypt the new file and sends the file back to the client as a new edition of the file encrypted and stores it as a duplicate at the server before the saving starts with the packaged files [10].
The communication is realized through the two-way SSL security, which encrypts the channel to safeguard the security of the cipher text and plain text. Separated from the support from the server, the client could not independently decrypt the file. Thus, there is no possibility of cracking the cipher text. 4.2. Evaluation of the System
This technique was tried in a designing institute in Jilin Province. The run environment was the 100M LAN, with 2 Dell 5550 servers and 10 client computers. One server disposed security server system installed with a Dean Encryption System. The other server was used as a files server. The 10 client computers execute requests for opening, re-editing and saving of the files. This trial application showed that the designed aims were realized with the average time delay of 7.7 seconds, which was proved to the time for ID authentication and file decryption by monitoring the netflow at the remote
Encryption Data Management Key Local Key Restore key Base key Encrypted Data K1 K2 K3 T TT Encryption Encryption Encryption
Second Start key First Start key
One System
administrator TWO System administrator
Local administrator Restore administrator Configuration database
Information and Computer Technologies
server. It is thus proposed that a better hardware is required for better and more satisfactory performances.5. Conclusion and Future Work
In conventional DRM file security products, the decryption of the files and the ID authentication are both realized at the clients. Once cracked, DRM files are no longer protected. This paper proposed a new AC-C/S, which transfers the key parts to the remote server. The trial application of security system based on such an architecture was proved to solve the above two problems with ensured performance.
Our future work lies in the following three aspects: First, to probe into the realization of data stream parallel processing, and to support multi-encryption card load balancing and encryption technique for large-scale files. Second, by planning electronic documents management strategy, to increase the response speed by introducing cache prefetching strategy to read and process corresponding documents. Third, to explore watermarking technique of the files at clients so that to provide evidence, through taking pictures of the screen image etc., to trace anyone who leaks the documents.
Acknowledgment
The authors would like to thank Professor Yao Nianmin from Harbin Engineering University for kindly sharing his dataset with us. The work was supported by “Fund for National Development and Reform Commission high-tech”.
References
1. Biddle, P., England, P., Peinado, M., Willman, B. (2003) The darknet and the future of content distribution. In: Feigenbaum J.ed. Digital Rights Management, Lecture Notes in Computer Science 2696, Berlin:Springer-Verlag, 155-176
2. Lin, E.T., Eskieioglu, A.M., Lagendijk, R.L., et al. (2005) Advances in Digital Video Content Protection [J]. Proceedings of the IEEE, 93(1), 171 - 183.
3. Kuhlmann, D., Gehring, R.A. (2003) Trusted platforms, DRM, and beyond. In: Becker E. et al. eds. Digital Rights Management: Technological,Economic,Legal and Political Aspects, Lecture Notes in Computer Science 2770, Berlin: Springer-Verlag, 178-205
4. Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D. (2002) Provisions and obligations in policy management and security applications. In: Bernstein P.A., Loannidis Y.E., Ramakrishnan R., eds. Proc. of the 28th Int’l Conf. on Very Large Data Bases. Hong Kong: Morgan Kaufmann Publishers, 502-513.
5. Xu, X., Su, J. (2012) Research and implementation of iSCSI-based SAN static data encryption system. Computer Science and Network Technology (ICCSNT), 2012 2nd International Conference on . 29-31 Dec., 257 -260
6. Barth, A., Datta, A., Mitchell, J.C. (2006) Nissenbaum H. Privacy and contextual integrity: Framework and application. In: Proc. of the 27th IEEE Symp. on Security and Privacy. New York: IEEE Press, 184-198.
7. Chong, C.N., Ren, B., Doumen, J., Etalle, S., Hartel, P.H., Corin, R. (2004) License protection with a tamper-resistant token. In: Chae HL, Moti Y, eds. Proc. of the 5th Int’l Workshop Information Security Applications. LNCS 3325, Heidelberg: Springer-Verlag, 223-227.
8. Stallings, W. (2000) Network Security Essentials: Application and Standards. New Jersey: Prentice-Hall, 22-23
9. Garnett, N. (2001) Digital rights management, copyright, and napster. ACM SIGecom Exchanges, 2(2), 1-53
10. Davis, R. (2001) The digital dilemma. Communications of the ACM, 44(2), 77-83.
