1 ASSIGNMENT TOP SHEET Faculty of Creative Arts, Technologies

ASSIGNMENT TOP SHEET

Faculty of Creative Arts, Technologies & Science

Department of Computer Science & Technology

Student Ref. No 1030160 Unit Code

CIS000-6

Unit Name Deadline for Submission(s)

MSc Project 25th May 2012, by 4 pm

Student's Surname Student's Forename

Vyas Rohit

Unit Leader's Name Supervisor’s Name

Dr Fiaz Hussain Edmond Prakash

Assignment Details:

MSc Project – Final Thesis Report

Instructions to Student:

Please note: Work presented in an assessment must be the student's own. Plagiarism is where a student copies work from another source, published or unpublished (including the work of a fellow student) and fails to acknowledge the influence of another's work or to attribute quotes to the author. Plagiarism is an academic offence.

Work presented in an assessment must be your own. Plagiarism is where a student copies work from another source, published or unpublished (including the work of another student) and fails to acknowledge the influence of another’s work or to attribute quotes to the author. Plagiarism is an academic offence and the penalty can be serious. The University’s policies relating to Plagiarism can be found in the regulations at http://www.luton.ac.uk/livingandstudying/qa/documents. To detect possible plagiarism we may submit your work to the national plagiarism detection facility. This searches the Internet and an extensive database of reference material including other students’ work to identify. Once your work has been submitted to the detection service it will be stored electronically in a database and compared against work submitted from this and other universities. It will therefore be necessary to take electronic copies of your materials for transmission, storage and comparison purposes and for the operational back-up process. This material will be stored in this manner indefinitely.

I have read the above information and I confirm that this work is my own and that it may be processed and stored in the manner described.

Signature: Rohit Vyas Date: 24/05/2012

Extension deadline

CAAS agrees that the assignment may be submitted ____ days after the deadline and should be marked without penalty.

CAAS confirmation......

Please leave sufficient time to meet the given deadline and do not leave the handing-in of assignments to the last minute. You need to allow time for any system problems or other issues.

“A Rental Digital Rights Management framework which allows user to lend books and notes.”

Thesis submitted at the University of Bedfordshire

In partial fulfilment for the degree of

Masters of Science

Computing and Entrepreneurship

Rohit Vyas

1030160

Supervisor: Dr. Edmond Prakash

Department of Computer Science and Technology

January 2012

Abstract

With new technologies come new challenges and opportunities. The upsurge in use of tablets and readers has led to increase in eBooks usage in recent years. But there lies some key differences in eBooks and print books which are often seen as a hurdle in the growth of eBook market. Firstly an eBook provider delivers eBooks with access control technologies known as Digital Rights Management which makes it difficult for the consumers to use eBooks as print Books. Secondly eBook renting is not widely used as print book renting and lastly users cannot lend eBooks as they do in case of print books. This project analyses the digital rights management schemes and provides a suitable framework which has an interoperable rental DRM framework which allows users to lend eBooks and notes.

Acknowledgements

The dissertation could not have been completed without the guidance of my supervisor Dr. Edmond Prakash who generously took time to see my work and his valuable suggestions were very helpful.

Secondly I would like to thank our academic librarian Chris Whitfield for appreciating my idea of the dissertation and Chris gave me contacts of people who could give me suggestions about the eBook industry.

There were others who were directly or indirectly supported me in the project. I often received help from my friend vannie shravan in searching data and balram lath who gave me the confidence of working on the project. Last but not the least I would like to thank my family for supporting me throughout the project.

Dedication

I dedicate my work to my father Gajraj Vyas and my mother Rekha Vyas.

Consent Form

Author’s Name: - Rohit Vyas

Thesis Title: - A Rental Digital Rights Management framework which allows user to lend books and notes

Degree: - Master’s in Computing & Entrepreneurship

I have read and understood the University’s regulations and procedures concerning the submission of my thesis.

I understand that I have already signed a declaration agreeing to my dissertations being kept in the Learning Resources Centre (LRC) when I enrolled.

We would like now, to extend this agreement by making the thesis available online.

Further to this,

I agree as follows:

- That I am the author of the work.

- That I have exercised reasonable care to ensure that the Work is original, and does not to the best of my knowledge break any UK law or infringe any third party’s copyright or other Intellectual Property Right.

- The LRC and BREO administrators do not hold any obligation to take legal action on behalf of the Depositor (you), or other rights holders, in the event of breach of intellectual property rights, or any other right, in the material deposited.

I hereby extend my consent to this thesis being included in the LRC as well as on BREO via online access.

Author’s Signature: - Rohit Vyas

Author’s Student Number: - 1030160

Date: - 25/05/2012

Table of Contents Abstract ...... 4 Chapter 1-Introduction ...... 12 Problem Statement ...... 13 Brief overview of the dissertation ...... 13 Importance of the dissertation ...... 14 Aims and Objectives of the Project ...... 14 Chapter wise description of project ...... 15 Methodologies and outcomes ...... 15 Chapter 2-Literature Review ...... 16 Copyright ...... 16 What is an eBook? ...... 16 Major EBook formats ...... 17 Unique Identifier of E-books ...... 18 Formats and OS of Major Devices ...... 19 Digital Rights Management ...... 20 Architecture of DRM ...... 23 Chapter 3- Comparison of existing DRM systems ...... 28 Existing DRM Systems:- ...... 28 Comparison of the Major DRM Systems ...... 29 Related works:- ...... 32 Chapter 4-Survey ...... 33 Survey results ...... 33 Questions and Responses ...... 34 Chapter 5-Implementation ...... 39 Proposed DRM framework ...... 39 Security Architecture of the System ...... 39 Encryption of the Digital Content ...... 41 Broadcast Encryption ...... 41 Distribution architecture for renting and selling eBooks ...... 43 Framework for Lending eBooks ...... 44 Evaluation of the framework...... 48 Chapter 6-Conclusion ...... 50 References ...... 51

Appendix ...... 58 Appendix-1 PPF ...... 58 Additions in PPF ...... 60 Appendix 2-Ethics Form ...... 62 Appendix 3- Dissertation Timeline ...... 65 Appendix 4- Project Poster ...... 66

List of Figures

Figure 1- DRM Architecture ...... 23 Figure 2- Transactional DRM ...... 24 Figure 3- Entities in Mathematical forms ...... 25 Figure 4- Core entities in DRM ...... 25 Figure 5-Architecture content model ...... 26 Figure 6- Architecture REL model ...... 27 Figure 7- Survey Response ...... 38 Figure 8-Security Architecture...... 40 Figure 9-Flow Chart for Registration ...... 42 Figure 10-server to server communication ...... 43 Figure 11-Distributed architecture ...... 43 Figure 12-Sequence Diagram...... 44 Figure 13- P2P LMM ...... 46

List of Tables

Table 1 ...... 15 Table 2 ...... 18 Table 3 ...... 19 Table 4 ...... 20 Table 5 ...... 22 Table 6 ...... 30 Table 7 ...... 31 Table 8 ...... 31 Table 9 ...... 48 Table 10 ...... 49 Table 11 ...... 49

Chapter 1-Introduction Since the invention of printing press (Gutenberg revolution) the biggest revolution has been the ability to convert physical entities into digital content. Life around us is being significantly transformed by technology. The ability to convert information in the form of 0s and 1s has made knowledge sharing easier. The ability of peer to peer networking has completely transformed the way information is shared. But the advantage of digitizing information also has some disadvantages. One of the biggest disadvantages is digital piracy. Revenue losses due to digital piracy are $200 billion annually (Market Assessment 2010, 2010). Digital music industry suffered huge losses from 2001 the digital music revenue dropped from $1.9 billion to $1.6 billion (Benz, Matthew 2002).

Our day to day life is being transformed by these technologies. The sales of music players, PCs, tablets, eBook readers are continuously on rise. Companies are trying to create monopoly in market by developing digital stores for their consumers. The consumers who purchase these devices are bound to purchase the content from the digital stores of these companies due to incompatibility of the protection schemes employed. The recent transformation has been observed in the eBook industry. The industry of e-Books is facing the same challenges which music industry has faced. There is need to reinvent the business models and the technical frameworks employed by the businesses for customer satisfaction. In order to prevent super distribution of the content; organisations have been successful in creating technical systems which can control/ prevent or prohibit content sharing.

These systems are known as Digital Rights Management. Digital Rights Management (DRM) means a set of technologies which maintains the social, legal and technological view. DRM builds processes that enable the foundation of trust for transaction of digital content (Association of American publishers 2000). Digital Rights Management is the primary discussion of the project and will be discussed in detail in second chapter.

Problem Statement There is sudden increase in people who prefer reading eBooks over print books. The sales of tablets and readers are proliferating continuously. Consumers have to purchase the same content from different providers for different devices due to interoperability issues and format issues (Lee, Sangho 2010). The reason behind interoperability issue is the deployment of different DRM schemes by different vendors. The current DRM schemes employed by companies are very complex and it creates trouble for consumers. Consumers cannot use the purchased content on different devices owned by them. Consumers often complain about the DRM standards available in the market. One of important difference between hard book and print book is that currently there are no companies which rent eBooks. Reference tree is the only trader which permits chapter wise lending of e-books (Reference Tree Limited 2010). Therefore there is a requirement of a common DRM scheme which is compatible with most of the popular devices available in market and gives flexibility to consumer and a strong rental framework. Lastly user often takes notes while reading books therefore the notes taken from one device should also appear on another device of the user; when they read the same book from another device.

Brief overview of the dissertation The main aim of the project is to suggest a suitable Rental DRM framework which allows user to read eBooks from different devices and rent eBooks. The framework will also allow consumers to lend eBooks to others. Lastly the notes prepared on one device by the consumer can be seen on other devices.

The framework will solve the following problems:-

1. Consumers have to purchase the same content from different providers for different devices due to interoperability issues and format issues (Lee, Sangho 2010). 2. No rental framework for eBook exists except Reference-Tree which permits chapter wise lending of eBooks (Reference Tree Limited 2010). 3. Consumer cannot lend their eBooks to friends (Breen, M. 2011). 4. Currently Notes prepared on one device cannot be continued from other device.

The framework is prepared after reading data from various sources and conducting a survey from the user community.

Importance of the dissertation The importance of the dissertation lies in studying the different DRM schemes provided by major vendors, comparative analysis of those schemes, and different architecture of DRM. The study of these DRM schemes will help us to understand the shortcomings in these DRM schemes, study of rental framework of music industry & movie industry to draw ideas for e- Book industry. The framework suggested will be based upon the survey conducted in the user community. The project will solve most of the problems associated with eBooks. Companies can utilize the knowledge of the project to form collaboration and deliver eBooks from the same platform.

Aims and Objectives of the Project

The aims and objectives of the project have been further added in the final report. The main aim of the project is to suggest a Rental DRM framework from where users can rent or purchase e-Books and lend e-Books to others as well as continue notes prepared from one device on another device. By studying various sources and conducting a survey the project will describe DRM from various perspectives.

Objectives:-

1. A thorough study of DRM. 2. Comparative analysis of major DRM systems. 3. Understanding user needs by conducting Survey. 4. Suggest a suitable DRM framework. 5. Provide a rental and lending scheme.

Beneficiaries of investigation

Companies like Amazon, Apple, and OReilly etc which are into e-Book distribution will be benefitted. People who read eBooks via tablets, readers and mobiles will find the framework useful because it will help them to read eBooks without worrying about the format issues.

Chapter wise description of project Chapter No. Description 1. Introduction Overview of the dissertation 2. Literature Review Research of study conducted about DRM 3. Comparison of existing systems Comparison of existing DRM systems 4. Survey Analysis of survey and outcomes 5. Implementation Suggesting and evaluating the framework 6. Conclusion Recommendations and future work. Table 1 Methodologies and outcomes Methodologies

1) Case Study: - To provide details of major eBook formats and operating systems of popular eReaders. 2) Case Study: - To conduct a thorough study of Digital Rights Management. 3) Case Study: - To study the details of different DRM schemes of different Readers. 4) Survey: - Conducted a survey. 5) Implementation: - Implement this information to suggest framework. . 6) Primary Research: - Primary research of this project is based on books, journals, papers and articles studied from UoB library and Google scholar. 7) Secondary Research: - Secondary research of this project is based on results of survey.

Outcomes

1) A report which can present sufficient knowledge of DRM systems. 2) Tables revealing evaluation of major existing DRM systems. 3) A Rental DRM framework which allows user to lend books and notes.

Chapter 2-Literature Review

Copyright The whole discussion for the project stems from the fact that copyright infringement is illegal. We commence the review by defining the legal definition of copyright.

Copyright is a property right which protects all kinds of artistic work for instance music, books, movies available in any form (written, printed, and electronic), as well as typographical arrangement. Copyright law gives control to the owner right since the moment work is created (University of Reading 1988). Under the copyright law, the creator of work is the author of the work if the work is original (Copyright 1976).

Copyright protects work which literary, dramatic, musical, broadcasts, artistic and layouts (Intellectual Property Office 1988). E-books belong to literary works. In order to ensure copyright protection of eBooks technical measures are employed. In context of the project technical measures is Digital Rights Management abbreviated as DRM.

What is an eBook?

There is no official definition of eBook, for a consumer eBook can be defined as a book which can be read on internet, eBook reader, computer, smart phone or a tablet PC (Henke, H. 2003). The traditional definition of an eBook is an electronic version of a hard copy which can be read by computer, tablet or smart phones ( Search Mobile Computing 2005).

The biggest invention after Gutenberg’s printing press is the ability of digitizing content. Reading is undergoing momentous change. For the first time in the history of Amazon sales eBooks have surpassed the sales of print books (Herther, Nancy K. 2011). People prefer eBooks over print books because of the convenience they offer, searching is easier, and up gradation, instant availability and many more advantages over printed books (Bryant, J.M. 1995).

Traditional books are being replaced by eBooks. Digital revolution makes it easy to distribute information as compared to the print books. The intrinsic hypothesis with eBooks is the same as a print book- only one person can read book at a time. The business of e-book is on continuous rise and this has led to a complete transformation in the publishing house (Golshani, Forouzan 2008). EBooks have completely changed the traditional form of inventory, printing, and delivery. The difference between eBooks and traditional books is that

16 eBooks are machine-readable whereas the print book is read by humans. Different e-readers and tablets are available in the markets which are used for reading e-books (Fox, Megan K. 2006). The technologies used within these products are entirely different. The flexibility with the technology today has enabled us to achieve our ends via various means. The conventional definition of book is now under question. Due to the fast growth of digitization it has become easier to transfer and share digital content. This has led to the violation of copyright law and IP theft. One major difference between print book and eBooks is that currently it is not possible to rent eBooks due to same problems as mentioned above as well as the publishers in the eBooks industry are reluctant to the idea of renting eBooks due to the problem of DRM. In the eBooks’ industry the most important development is in standardization of five factors:

1. E-book Formats 2. Audio Formats 3. Digital audio Formats 4. DRM systems 5. Distribution and promotion

None of these standards are concerned with publishing but with the computing technology. For the development in the eBooks standards researchers from various fields for example encryption, certification and trusted systems are heading towards eBooks market and changing the future of reading (Zhang, Zhiyong 2010). These make eBooks merely digital product and now problem lies with the delivery. A middleware approach is not required for delivering the eBooks. The fight for increasing business monopoly has led to increase in eBooks formats which are restricted by DRM. In order to avoid copyright violation, DRM is employed which restricts the transfer of the files. But the current DRM schemes available are not interoperable because of various formats and different DRM schemes used by different vendors (Lee, Sangho 2010).

Major EBook formats

The table below lists the key features of the major formats of eBooks. EPub is a free and open eBooks standard by the International Digital Publishing Agency and is a distribution and interchange format, most of the tablets and readers available in the market support this format. The latest version of ePub is ePub 3 which has increased the potential of ePub further by providing wider range of publisher’s requirement (International Digital Publishing Forum

2011). EPub is the format of future. The first reason behind this is that it is an open source and no licensing costs or restrictions are associated with it. The second rationale with ePub is that it is built on top of existing standards. Most of the operating systems support ePub format. EPub was a DRM free format when it was launched with the proliferation of e- Readers and tablets, ePub files are encrypted.

Azw and Mobipocket are proprietary formats supported by Amazon products. PDF is a proprietary format owned by adobe. Earlier most of tablets and readers were specialised in supporting only one format but nowadays most of readers and tablets available support ePub format and the ones which are not yet supporting will soon support ePub formats because the format is becoming publisher’s choice.

Features PDF Mobipocket AZW ePub Metadata fields Title, Subject Author None Title, Language, Identifier Type of Metadata Embedded Embedded Embedded Embedded DRM Support Yes Yes Yes Yes Table 2

Unique Identifier of E-books

In order to track products a unique identifier is required. The unique identifier in case of eBooks is ISBN. Unique identifier helps in discovery of eBooks as well as makes it easy to separate different formats of the same title. This feature helps publishers and authors to check the performance of eBooks across various channels. Metadata is helpful for the customers to know about the eBooks format, prices, and licensing terms. Incomplete metadata of eBooks leads to supply chain problems and these leads to the misplacement of the titles.

Currently the problems in the eBooks industry are that not all the publishers use unique identifiers, different traders use different identifiers and therefore there is not a common unique identifier of eBooks (Paskin, N. 1999). Another problem is that eBooks in ePub formats only have ISBN assigned to them and other formats do not have any unique identifier but some distributors for example Amazon uses its own unique “Amazon standard identification number. An eBook published with different formats should have different unique identifiers. The server stores necessary information associated with an ebook. The

18 publishers and the suppliers store the information about the DRM, Metadata and numbering in their servers (H., Henke 2001). Metadata is categorized into three types. The categorization is as follows:-

1. Discovery Metadata 2. Private Metadata 3. Core Metadata.

The first category of Metadata is useful for the consumers in the sense it helps to search the ebooks by the desired titles, authors and other basic information of ebooks. Discovery Metadata is available in public domain. Private Metadata is not meant for consumers use. This is used by the suppliers and providers to manage and track the ebooks. Private Metadata contains information which supports DRM solution and it also indicates the necessary conditions for instance the terms and conditions for using the content, format of the e-book and return metadata (information sent by customers during the exchange process).

Formats and OS of Major Devices

Device OS Application Format of Purchase Required eBooks Kindle 2, kindle Android Kindle AZW, PRC, Amazon.com 3, Kindle fire Mobipocket, PDF +DRM iPad IOS iBooks, calibre, ePub +DRM, ITunes, kindle app, kobo app Nook Android B&N eReader ePub +DRM B&N Windows Windows Adobe Digital All formats + Anywhere readers Edition, calibre, DRM Mobipocket Reader, Stanza, Kindle for PC, Borders Kobo Android Kobo ePub, PDF Kobo, +DRM Borders.com Table 3

Table- indicates information about the major tablets & readers available in the market. And now we draw a table below which shows how the consumers want market to be.

Device Application Format of eBooks Purchase Any One Any + DRM Anywhere Table 4

Digital Rights Management Digital Rights Management (DRM) means a set of technologies which maintains the social, legal and technological view. DRM builds processes that enable the foundation of trust for transaction of digital content (Association of American publishers 2000). In simple words DRM is defined as a system that confines and organizes the usage for copyright protection (C, Hoofnagle 2008). (H., Henke 2001) and (M., Bide 2004) believed that DRM is composed of two processes. The first section is encryption (M., Bide 2004) and the second is digital policy management (H., Henke 2001).

The purpose behind DRM is to avoid exploitation of intellectual property (David, D. 2002). DRM enables the whole publication process of eBook from production to distribution (Association of American publishers, 2000). The conventional process of DRM changed after the year 2000 therefore the subsequent year was believed to the beginning of second generation of DRM (R, Ianella 2001).

DRM is employed by using various techniques many stakeholders in the eBooks market employ to protect their interest. Netlibrary is a web-based service provider which presented a copyright notice in 2001 to prevent unauthorised access to digital content and further also documented users’ history (David, D. 2002). Different schemes are used by different service providers to ensure the content usage for instance Sony employed time limitation framework which prohibited illegitimate users from accessing digital content for sixty days(G, Marshall 2005). The violation of copyright by peer to peer networking has encouraged eBook publishers to employ DRM (N, Herther 2005)

Digital Rights Management facilitates secure transfer of Intellectual Property. Books, Music, Movies and other forms of IP when are used in the form of digital content they can be easily shared and exchanged over the internet or other sources like USB sticks, mobile networks or disks. DRM systems classically integrate encryption, access limitation, control mechanisms, media identification and tracking mechanisms. DRM systems aim to create a secure framework to control access and actions that can be performed by users (both human and machine). Some critics believe that enforcement of DRM on digital content is a very complex

20 and unreasonable process which is not of any help whereas others believe that it is very necessary to enforce in order to prevent the violation of the copyright law (Cory, Doctorow 2012).

DRM technologies are crucial in the era of internet because it ensures the persistent control of the file when the file is accesses. Different DRM systems are employed by different companies and these schemes are not interoperable and this becomes a problem for the content users because at times the customer has to purchase the same content from different providers for different devices due to interoperability issues and format issues (Lee, Sangho 2010). DRM can be used to define, manage, and track rights of the digital content. By this we know that not only does DRM encrypt the content but it also tracks and manages the content. The role of DRM systems came into play when the piracy issues were continually on rise.

There are two types of DRM schemes known as first generation and second generation. First generation schemes can control the copying of the digital content this feature makes them limited whereas second generation schemes can control copying, altering, access, printing and various other features which prevents IP violation. An ideal DRM system should be adaptable, strongly encrypted and transparent to the user.

Core activities of DRM:-

DRM has four common activities:

 Packaging - Encryption of the content.  Distribution - Distribution of the encrypted content.  License Serving - Authenticating legitimate users.  License Acquisition – Users access files once authorization is successful.

The critical processes of DRM are:-

1. Encryption of the digital content. 2. Decryption of the digital content by the device once it is purchased. 3. Conditional access accordingly. 4. Payment 5. Prevention of copying the content 6. Embedding technology in the content to track data for instance fingerprinting or watermarking.

There are three major characteristics of Digital Rights Management:

1. Expression- Terms and Condition for using the resource, explanation of the resource and proprietor of the resource. 2. Authentication- Authentication of the device from which the resource is accessed, granting rights to the device to access the resource. 3. Protection – this involves encrypting the resource to ensure authorised access of content to authorised user.

Digital Rights Management is used in three areas:

1. Resource – For example eBooks are encrypted, songs are encrypted and others. 2. Access points - For example websites. 3. Network – the connection between servers

DRM systems are complex because of various reasons one of the reasons is decryption/deciphering but with the increasing speed in the processing power of the mobile devices the problem will soon be resolved (Michiels, S. 2005). DRM systems are realised in hardware and software. The realisation of DRM in software is not secure against serious attacks whereas in hardware they have a weak protection scheme (Cohen, J.E. 2003). Reverse engineering of DRM system is possible and this makes it possible to use them on different platforms. The encryption of the content controls the free transferability of the eBook; it has the features that more closely resembles a license.

The table below shows the methods use for copy protection and copy prevention.

Security goal Technologies Conditional Access/ Copy- Prevention For prevention - Encryption Authorized access Copy- Detection and tamper resistant hardware devices are used. For detection fingerprinting and watermarking are used. Integrity Protection Protection of ownership Watermarking Table 5

Architecture of DRM DRM address three different architectural perspectives: functional, architectural and transactional (Diehl, E. 2008). The functional architecture of DRM takes management aspects into consideration for instance the usage rights. There are different functional architectures of DRM we draw a general purpose functional architecture. The figure below shows a general purpose functional architecture of DRM.

Functional architecture of DRM can be divided in three areas:-

1. IP Asset Creation Capture: - the process refers to the creation and managing of the content. Rights are inserted into the content when it is created by the content providers. This area involves:-

Figure 1- DRM Architecture 1. Validation- Right for the content to be created from the same content.

2. Creation - Assigning the rights to the content created, this involves detailing the usage permission rights and owner rights. 3. Workflow- reviewing the content step by step and approving the rights.

2. IP Asset Management: - the process of tracing and managing content. The process involves embedding metadata to add description to the product. This area involves:-

1. Repository functions- this involves searching content in the databases by the use of metadata. The metadata includes titles, authors, publication date, creation date and Unique Identifier of eBook. 2. Trading functions: - this area issues licenses to the parties who have traded agreements for rights over the content.

3. IP Asset Usage: - defines to the process of content usage after the delivery of the content. The process controls the usage of the sold content on embedded devices/desktop devices.

1. Permissions Management: embedding the rights on the content according to the environment of the user. 2. Tracking Management: Checking the content usage but preserving user privacy.

The transactional model of DRM has more to do with the publishing process (Diehl, E. 2008) which starts from the encryption and keeps the track of whole process, not only till the customer receives the product but it goes further than that by tracking the usage of the content.

Figure 2- Transactional DRM

In each phase of these processes, entities are embedded for DRM representation of the content (Hameed, N. 2010). We draw a figure below which gives description of the entities expressed as mathematical entities.

Figure 3- Entities in Mathematical forms Architectural model define different entities of DRM architecture the architectural model has more to do with the technical process of DRM (Diehl, E. 2008).

Figure 4- Core entities in DRM

Figure 5-Architecture content model Figure-5 shows the content model of the DRM architecture. The first layer known as work distinguishes the type of work, in this project the work is literary work and to be specific it is eBook. The expression layer indicates the creativity of work and the subsequent layer manifestation represents how the content is represented digitally. And lastly the item describes the form of content.

Figure-6 represents the rights expression model which shows how the right given to the user; and the model is evidenced in Open Digital Rights Language. The presence of Rights Entity is important because it gives meaning to the language used for filling metadata for the publisher. It is complex and gets more complex as more and more metadata is added by the publisher. The use of rights expression is that it gives the usage permissions, charge for the content usage. If the publishers does not mentions the rights then rights expression does not grants the usage to the consumer, it assumes that publisher or the trader is reluctant or prohibited the content usage. The fields in the diagram below belong four important expressions: the first one is usage permission: - customer rights, constraints- restrictions imposed, rights holder- consumer is the rights holder and lastly obligation which describes that consumer will abide by the rights.

Fig ure 6- Architecture REL model

After describing the architecture of DRM from three perspectives we further discuss the interoperability approaches in DRM systems. The approaches of interoperability among different DRM is categorised into three types full format interoperability, connected interoperability and configuration driven interoperability(Lee, Sangho 2010). Full format interoperability means that there is a common standard for all the DRM systems and the security infrastructure is same. Connected interoperability means that a third party handles the interoperability functions, it is also known as translation-driven interoperability (Hwang, S.O. 2008) and lastly configuration driven interoperability means the consumer can handle interoperability by downloading components (Lee, Sangho 2010).

Other approaches for interoperability are Intra-DRM interoperability and Inter-DRM Interoperability. In inter-DRM interoperability DRM service providers implement compatible DRM schemes in their own DRM scheme. And in inter-DRM operability the customer have to implement DRM scheme in their device (Hwang, S.O. 2008).

Chapter 3- Comparison of existing DRM systems

Existing DRM Systems:- ITunes

Apple computers introduced ITunes as a music store and later on expanded the product category to movies and now to EBooks. ITunes is a application level DRM controller and it is an interface among the apple products. ITunes allows a user to register up to five Apple devices. In order to use ITunes store the user have to first register their devices with ITunes store and a digital certificate is generated for that machine (Leong, K. 2007). The certificate is signed by ITunes Store. Content purchased from Apple ITunes store can be shared among Apple devices registered with the machine (Muller, C. 2011). But the same content cannot be shared with the devices of other companies even if the format is supported by those devices.

Rights Management Services (RMS)

Right Management Service is developed by Microsoft and is mainly developed for enterprise purposes. This DRM system is the only system that has access control support in operating systems kernel (certified security Solutions). RMS protects all types of data and is mostly used in enterprises. The distribution of RMS is not restricted. Different set of infrastructure facilities are required by enterprises to set up RMS.

Adobe DRM

Adobe was the first to implement a DRM in the consumer space. Adobe’s DRM is mostly used for Adobe’s formats therefore this DRM system can only support PDF. On the flip side this DRM system is capable of supporting a wide range of platforms on embedded as well as desktop systems. But Adobe’s DRM is not capable of controlling the distribution of illegal copies.

Kindle

Amazon launched its first eReaders in 2006 and since then is increasing sales of eBooks from kindle store by introducing new eReaders and tablets (Bedord, Jean 2009). The eBooks sold from the kindle store are protected by kindle’s DRM. DRM policies of Kindle are not appreciated a lot by kindle users because of the user privacy issues and format support issues (Tonkin, E. 2010).

Comparison of the Major DRM Systems

The table below shows the comparative analysis of the four DRM on the basis of requirements categorised. The first table does a comparative analysis of the core requirements of these DRM systems, the second table does a comparative analysis of the usability requirements of these DRM systems and the last table does a comparative analysis of the legal and social requirements.

Requirements:

The evaluation of DRM is divided into three types of requirements:-

1. Core Requirements 2. Usability Requirements 3. Social Requirements

Core Requirements

These set of requirements are access control requirements which can only be granted to the user once the user fulfils the requirements to access the content. All the requirements from 1 to 14 specified in the table below shows the necessary control policies required.

The requirements below evaluate the authentication schemes, the rights scheme and licensing schemes of the current DRM schemes.

Usability Requirements

These requirements are demanded by the user and the provider once the DRM content has been sold. The requirements of the user are convenience in using the content and the provider expects that the content remains with the user and any unauthorised usage is prohibited.

Legal and Social Requirements

These requirements are expected by the content owner and provider. The legal framework should address the copyright issues and fair usage of the content by the user. The current DRM systems are not strong with the legal framework.

The scaling scheme for the table is as follows:- 0: Requirement not supported

1: Limited support 2: Complete Support

Table 6

Table 7

Table 8

Currently the market is distributed unevenly and in order to increase sales and profits companies have adopted different DRM schemes which are not interoperable and Consumers cannot use the digital content from one provider on all the devices. Survey by Indicare in Germany indicates that 86% of the potential digital content customers prefer to pay 1 euro for interoperable content than paying for device bond content (Loebbecke, C. 2010).

Related works:- OMA DRM and MPEG-21 are two open standard DRM architectures. OMA stands for Open Mobile Alliance, it is a global organisation grouped by mobile industry (Chang, F.C. 2007). The protection of the digital content is by common encryption methods, and in order to consume the content the customer decrypts the content after decrypting the content which they get in the form of digital signature. MPEG-21 is also an open standard and it is employed for streaming media contents. The rights expression language used in most of the standards is XrML (Hwang, S.O. 2008). Coral is another DRM-neutral interoperability framework which solves multiple DRM problems (Chang, F.C. 2007). Lastly the digital media project which breaks the larger business functions into smaller business function and this scheme operates on its own formats (Chang, F.C. 2007).

Chapter 4-Survey

Survey results The next step after the study of various sources was to conduct a survey in order to know what perception people hold about eBooks. The respondents of the survey are divided into two categories. The first category of people is students and professors of university of Bedfordshire and the second category of people are professionals working in the companies like Infosys, Wipro, Bobcares, and others. There were 7 questions in the survey. All the questions were multiple choice questions with only one answer. All the questions were optional.

Objectives of the survey

1. To know user expectations. 2. Suggest a framework according to user needs.

Data Collection

In order to collect data from the users a small questionnaire was conducted. The survey was conducted from “Surveymonkey.com”. The link of the survey was sent to all the students and lecturers by using the student portal. Another link was sent to a group of professionals working in organisation from personal email address. The purpose of the survey was to know user needs and the knowledge users possess about Digital Rights Management.

Questions and Responses

As mentioned earlier there were seven questions in the survey

1. The snapshot of the first question is given below

There were 100 respondents in total. All the 100 respondents answered the first question. 75% of the respondents responded yes and 25% responded no to the question. This question helped us to know that majority of the respondents have the devices to read eBooks.

2. The snapshot for the second question is given below

All the 100 respondents answered the second question. 88% of the respondents answered that they read eBooks and 12% of the respondents answered that they do not read eBooks.

3. The snapshot for the third question is given below

66% of the respondents answered no to the survey whereas 34% answered yes. We can draw three conclusions from the survey

1. That these 66% users do not purchase eBooks because of the complexity issues associated with eBooks. (Complexity associated with DRM) 2. The fear of eBooks getting deleted.

4. The snapshot of the fourth question is given below

73% of the respondents did not know what Digital Rights Management is and only 27% knew about it.

5. The snapshot of fifth question is given below

Out of 100 respondents, 8 respondents skipped the question and 92 respondents answered the question. 25% of the respondents preferred cloud storage and 75% respondents preferred storing the eBooks on their local machine. This will further help us to consider the user expectations.

6. The snapshot of sixth question is given below

Out of 100 respondents, 97 answered the question and three respondents skipped the question. In order to know users opinion about eBook rental and purchase this question was asked. 29.9% of the respondent’ responded eBooks should be available on rental basis whereas 24.7% preferred eBook purchase. And 45.4% chose both.

7. Snapshot of seventh question is given below

15% responded to access the content online when they are online and 85% chose the option of downloading the content and accessing it on their device.

8. Snapshot of eighth question is given below

In order to know users view about notes, this question was asked and 88% responded yes and 12% responded no, which means that majority of the eBook want their notes to be available on all of their devices.

9. The snapshot of the last question is

All the respondents answered the question. 75% chose yes and 25% chose no.

Conclusion

Of the 100 respondents, 75% of the respondents have smart phones &tablets and 88% of respondents read eBooks by their devices. The analysis of the survey clearly indicates that most of the user doesn’t prefer to store eBooks in cloud; they expect the presence of purchase and rental schemes for eBooks, lending scheme and availability of notes on other devices is also an important priority for user.

The graph below shows the respondents selection of option for each question.

Figure 7- Survey Response

Chapter 5-Implementation

Proposed DRM framework

We propose a resource and network based second generation DRM scheme digital rights authentication framework which is based on cloud based licensing system which will allow users to read eBooks online and download content on up to five registered devices. The framework will allow consumers to store the digital proof-of-purchases under the registered account. The framework is a cloud based licensing system and it will not be a cloud storage platform. It will store and manage the licenses of the user.

The DRM framework is as follows:-

1. Encryption of the digital content. 2. Registration  The first step in the registration will require that the customer creates a user id.  Provide the details to the server. The detail involves the user ID and the products IMEI number, serial number. 3. Once the registration process is complete, the server keeps track record of the client devices. 4. The data can be purchased or rented and is stored on the provider’s server. It can be accessed by any of the clients registered devices. 5. Client can register up to five devices. 6. Client can also de-register any devices.

Security Architecture of the System

We propose embedded control architecture with an external repository and message push system in the presence of a virtual machine.

The existence of a virtual machine is necessary for the architecture because the virtual machine helps to control and manage the data which the user accesses. Virtual machines can take the form of plug-in and thus they control the access to DRM-enabled data. The current DRM delivery system does not support Time Shifting as seen from table 6. The existence of a virtual machine in the architecture will help in resolving the time shifting issues as well as the VM based systems help in achieving higher level of performance level which directly improves users’ real-time experience of data access.

Figure 8-Security Architecture The second aspect which comes into consideration is the use of control sets. Because we are using a VM it comes with fixed control sets but we prefer to use embedded control set because they are flexible in terms of usage.

Finally the distribution of the data will be through an external repository. The user is not required to store the data on his machine he can access the data from the cloud. The security of data does not come into question by the distribution channel.

The advantage of using the above proposed architecture is that:-

1. Persistent protection. 2. Data can be accessed by the user from any location via any machine. 3. Rights can be transferred through a trusted third party. 4. Data can be tracked. 5. Access rights can be changed after the content is distributed.

In figure 8 w/o VM indicates without virtual machine and the other branch represents with virtual machine. MP stands for a message push system and ER represents an external repository. Another layer in the node of virtual machine represents the control sets. And the third layer shows the distribution system where a is message push and b denotes external repository.

Encryption of the Digital Content

Broadcast Encryption Broadcast encryption permits the external repository to distribute the digital content to the user who request access to the product. The advantage of using broadcast encryption is that the data can be delivered to large set of legitimate users. The reason behind choosing broadcast encryption technique is that a single user can register up to five different devices. The decryption key for all the devices will be different and when the data is accessed only one device can access the data because the privilege for accessing the content is temporarily with that device.

1. A user can get five symmetric encryption keys for its five different devices. 2. It is not necessary for a user to register all the five devices at once, the devices can be registered according to user’s convenience and registering the device later will not change the encryption key of previously registered devices. 3. The encryption keys are not affected by user’s viewing history. 4. Any registered device can access the content without affecting the keys of other devices. 5. Broadcast encryption is also helpful to provide limited bounds and unlimited bounds to single content.

Broadcast encryption is a relevant cryptographic method for DRM technologies and in used for delivery of various types of digital content for example music, movies, other copyrighted material and other types of digital content (Zhang, Z.Y. 2009).

Three algorithms are used in broad cast encryption:

1. Key Assignment algorithm 2. Broadcast Algorithm 3. Decryption Algorithm

Key assignment algorithm generates secret personalised information when a new user registers.

Broadcast algorithm: generates an encryption key which is broadcasted to the user

Decryption algorithm: the decryption key is sent with the content to the user and is the key is only sent to those devices which are registered.

Broadcast encryption algorithm is meant for to deliver the content safely to the user.

Registration

Figure 9-Flow Chart for Registration

Figure-8 shows the registration process for registering the devices by their unique IMEI number or serial number.

Tracking and managing licenses

Figure 10-server to server communication

The local machine can be client’s PC, mobile phone, tablet or Reader. Whenever the consumer purchases an eBook from the providers the common server will track and manage the licenses. The server will allow users to store digital proof of purchases under one account.

Distribution architecture for renting and selling eBooks For distribution of eBooks we employ distributed P2P architecture

Figure 11-Distributed architecture

In the distribution architecture, all the modules exist in peer nodes. And the DRM server controls and tracks the peer nodes. In order to rent eBooks the provider will have to define the usage rights for the eBook and give the key fields such as

{Rent, purchase}

The architecture proposed can work only when user is online therefore in order to work offline we need to extend the framework; client can work offline only if trust is established between client and server.

Figure 12-Sequence Diagram

The above sequence diagram represents the entities and how the communication will take place in the framework.

Framework for Lending eBooks

In order to create lending framework for eBooks we will need to employ peer to peer networking. If we are successful in creating a proper license management model we can create a rental framework. Peer to peer networking is used for sharing digital content. The unencrypted digital content is shared on a very high scale by peer to peer networking.

Advantages of P2P

1. Facilitates sharing of digital content. 2. Allows the user to filter digital content. 3. Facilitates the tracking of the content usage. 4. It can be integrated with DRM to learn user behaviour. 5. Allows Super distribution.

We borrow some features from p2p networking for the rental framework.

We require a business to customer distribution model which has a peer to peer enabled license management model.

License management model is required for exchanging e-books and notes. We have two types of services in the framework. The first one is external service and the other one is local service. The external service is provided by the distributor which has the database of the consumer and database of the licenses issues to customer. And the second service centre has the database of the user and the database of licenses. Both the external and local services are responsible for the operations concerning license management.

The external service centre stores a back up of all the transactions this includes the information of user, licenses issues to the user. A local service centre is similar to external service centre but less complex. It stores the licenses of e-books; it also issues licenses to the peer nodes in the peer-to-peer distribution model and also stores the information of the peer users.

Figure 13- P2P LMM

In the framework proposed there are two distribution channels for distribution of e-books

1. Peer to peer channel 2. E-book distribution channel

Peer to peer channel will allow customers to transfer e-books and their notes to another customer and the distribution channel is used when the customer purchases e-books.

Note Sharing

In order to prepare a note sharing framework we will need a repository which will store the notes of the user. The server will store the notes of the user and the user can access notes by any of the registered devices.

Digital Licensing

In order to transfer e-books to other customers for rent, the owner will have to transfer the rights. The license contains information about the customer, transaction and retailer. The decryption key and rights are also stored in the digital license. The usage rights of the e-book are defined in XrML therefore same language is to be used in the intermediate digital license. This license is issued by one DRM server and transferred to another server. In the framework we require two types of licenses, they are: - “authorization license” and “peer license”. The structure of both licenses is same. The difference lies in the usage. The official license is issued by the external service centre which belongs to the distributor and is enabled by business to consumer model and this license is stored in the customer database in the local database centre. The official can only be obtained after the purchase of e-book whereas the peer license can only be issued by the customer to other person. The peer license in this framework is “peer-rental” which only allows customer to rent his content temporarily.

Acquiring license

The external service centre handles the purchase of the e-books and tracking the usage after it is sold. The external service centre authenticates the customer identity by verifying the customer ID from database. The customer will have to register with the external service centre in case the verification fails. After the authentication of customer identity is verified the license with complete information is issued to the customer to access the content. The license is sent in encrypted form to the customer.

The consumer can lend the content to other users by producing a peer license. The peer license is produced to lend the content. If a consumer requests to lend e-book to the owner, the owner can either grant it or deny it. In case of denial no further steps take place but when the consumer allows lending, license is transferred to the owner. The license acquisition process is analogous to the official license.

Evaluation of the framework The suggested framework is compared with existing frameworks on the basis of three requirements as we did in chapter 3. The requirements are:-

1. Core Requirements 2. Usability Requirements 3. Legal and Social Requirements

Table 9

Table 10

Table 11

Chapter 6-Conclusion

In the project we have conducted detailed analysis of Digital Rights Management on eBooks and compared the existing frameworks of Digital Rights Management deployed by major vendors. We provided a framework after studying various sources and conducting a survey. The proposed system has resolved user needs by providing a rental DRM framework which allows users to lend and notes.

Future Work

In the project we have examined the latest issues arising in eBook industry. Demonstration of the framework is not conducted and the future work will involve application of the framework in real life scenario.

Limitations

As mentioned in the table 8, table 9 and table 10,

1. Requirement number 3, 7, 8, 9, 12 and 13 in table 8 (core requirements), 2. Requirement number 2, 5, 6, 7 and 9 in table 9 (usability requirements) 3. Requirement 2, 3, 4 in table 10 (legal & social requirements), needs to be improved.

References

1. 'A true mulligan's soup of acronyms -- ebook standards today', (2011) Searcher, 19 (3), pp.19-19. 2. "Title pages", (2010) Advanced Information Management and Service (IMS), 2010 6th International Conference on, Advanced Information Management and Service (IMS), 2010 6th International Conference on,pi-viii. 3. Acker, S.R. (2008) 'Will digital texts succeed?', Campus Technology, pp.6. 4. Alam, K.M., Md Mahfujur Rahman, A.S. & El Saddik, A. (2011) "HE-book: A prototype haptic interface for immersive e-book reading experience", World Haptics Conference (WHC), 2011 IEEE, World Haptics Conference (WHC), 2011 IEEE,p367- 371. 5. Asia-Pacific Business and Technology Report (2011) Top trends in china's ebook industry. Available at: Top Trends in China’s eBook Industry (Accessed: 23/02/2012). 6. Association of American publishers (2000) 'Digital rights management for ebook', . 7. Bansal, R. (2008) 'DRM [microwave surfing]', Microwave Magazine, IEEE, 9 (4), pp.34-147. 8. Bedord, J. (2009) 'Ebooks HIT CRITICAL MASS', Online, 33 (3), pp.14-18. 9. Benz, M. & Gruenwedel, E. (2002) 'Losses mount for music industry's digital services. (cover story)', Billboard, 114 (14), pp.1. 10. Biddle, P., England, P., Peinado, M. & Willman, B. (2003) 'The darknet and the future of content protection', Digital Rights Management, pp.155-176. 11. Breen, M. (2011) "If we lend them will they come; lending ebook readers at the glucksman library UL", LIR Annual Seminar, 2011, Ebooks–Caressing the Divine Details, Friday March 25th in Dublin. 12. Bryant, J.M. (1995) 'The paperless book', IEE Review, 41 (6; to work out exactly what the end product should be. The author suggests that what is needed is an object that can be carried anywhere, and will allow the user to read any book in his/her collection wherever they are. This immediately places l(TRUNCATED)), pp.245. 13. Byers, S., Cranor, L.F., Cronin, E., Korman, D. & McDaniel, P. (2004) 'An analysis of security vulnerabilities in the movie production and distribution process', Telecommunications Policy, 28 (7-8), pp.619-644. 14. Byers, S., Cranor, L.F., Cronin, E., Korman, D. & McDaniel, P. (2004) 'An analysis of security vulnerabilities in the movie production and distribution process', Telecommunications Policy, 28 (7-8), pp.619-644. 15. Certified security Solutions Rights Management Service. 16. Chang, F.C., Wu, C.L. & Hang, H.M. (2007) "A switchable DRM structure for embedded device", Intelligent Information Hiding and Multimedia Signal Processing, 2007. IIHMSP 2007. Third International Conference on, IEEE. p37-40. 17. Cheongjae Lee, Rudnicky, A. & Lee, G.G. (2010) "Let's buy books: Finding eBooks using voice search", Spoken Language Technology Workshop (SLT), 2010 IEEE, Spoken Language Technology Workshop (SLT), 2010 IEEE,p85-90. 18. Cherry, S. (2008) 'Blu-ray's empty victory', Spectrum, IEEE, 45 (3), pp.16-16. 19. Cherry, S. (2004) 'Selling music for a song [online music]', Spectrum, IEEE, 41 (12), pp.56. 20. Chun-I Fan, Wen-Shenq Juang & Ming-Te Chen (2010) "Efficient fair content exchange in cloud computing", Computer Symposium (ICS), 2010 International, Computer Symposium (ICS), 2010 International,p294-299.

21. Cohen, J.E. (2003) 'DRM and privacy', Communications of the ACM, 46 (4), pp.46- 49. 22. Collins, L. (2008) 'Youtube generation no match for the man [electronics]', Engineering & Technology, 3 (9), pp.40-41. 23. Collins, T. (2012) 'The current budget environment and its impact on libraries, publishers and vendors', Journal of Library Administration, 52 (1), pp.18-35. 24. Cory, D. (2012) 'Why death of DRM would be good news for readers, writers and publishers. ', Guardian, 03/05, . 25. Cubillo, J., Martin, S. & Castro, M. (2011) "New technologies applied in the educational process", Global Engineering Education Conference (EDUCON), 2011 IEEE, Global Engineering Education Conference (EDUCON), 2011 IEEE,p575-584. 26. Davis, R.C., Landay, J.A., Chen, V., Huang, J., Lee, R.B., Li, F.C., Lin, J., Morrey III, C.B., Schleimer, B. & Price, M.N. (1999) "NotePals: Lightweight note sharing by the group, for the group", Proceedings of the SIGCHI Conference on Human Factors in Computing Systems: The CHI is the Limit, ACM. p338-345. 27. Davis, L. (2001) "Profiting from innovations in digital information goods: The role", Management of Engineering and Technology, 2001. PICMET '01. Portland International Conference on, Management of Engineering and Technology, 2001. PICMET '01. Portland International Conference on,p78 vol.1. 28. Davis, L. (2001) "Profiting from innovations in digital information goods: The role", Management of Engineering and Technology, 2001. PICMET '01. Portland International Conference on, Management of Engineering and Technology, 2001. PICMET '01. Portland International Conference on,p471-480 vol.2. 29. de Rosnay, M.D. (2002) "Digital rights management systems and european law: Between copyright protection and access control", Web Delivering of Music, 2002. WEDELMUSIC 2002. Proceedings. Second International Conference on, Web Delivering of Music, 2002. WEDELMUSIC 2002. Proceedings. Second International Conference on,p117-124. 30. Dempsey, P. (2010) 'Analysis [briefing in depth]', Engineering & Technology, 5 (1), pp.14-14. 31. Diehl, E. (2008) "A four-layer model for security of digital rights management", Proceedings of the 8th ACM Workshop on Digital Rights Management, ACM. p19- 28. 32. d'Ornellas, M.C. (2008) "Applying digital rights management to complex content management systems", Computational Science and Engineering, 2008. CSE '08. 11th IEEE International Conference on, Computational Science and Engineering, 2008. CSE '08. 11th IEEE International Conference on,p429-435. 33. Dumrongsiri, A., Jain, A. & Moinzadeh, K. (2008) "Based rental service with two- classes of customers", Industrial Engineering and Engineering Management, 2008. IEEM 2008. IEEE International Conference on, Industrial Engineering and Engineering Management, 2008. IEEM 2008. IEEE International Conference on,p1055-1059. 34. eCommerce Masters, G. & Hörnig, D. (2001) 'eBooks as digital objects', . 35. Eskicioglu, A.M., Town, J. & Delp, E.J. (2003) 'Security of digital entertainment content from creation to consumption', Signal Processing: Image Communication, 18 (4), pp.237-262. 36. Federrath, H. (2002) 'Scientific evaluation of DRM systems', . 37. Fialkoff, F. (2008) Beyond the kindle. Media Source, Inc. 38. Fiat, A. & Naor, M. (1994) "Broadcast encryption", Advances in Cryptology— Crypto’93, Springer. p480-491.

39. Fox, M.K. (2006) 'Product pipeline', Library Journal, 131 pp.18-22. 40. G, M. (2005) The day the music died. . PC Plus. 41. García, R., Gil, R. & Delgado, J. (2007) 'A web ontologies framework for digital rights management', Artificial Intelligence and Law, 15 (2), pp.137-154. 42. Goldstein, S. (1995) 'Q&A with jeffrey eves', Billboard, 107 (21), pp.66. 43. Golshani, F. (2008) 'Digital textbooks', Multimedia, IEEE, 15 (2), pp.c2-c2. 44. Griffith, E. (2011) 'Readers' choice awards 2011: Tablets and ebook readers', PC Magazine, 30 (10), pp.8-8. 45. Halevy, D. & Shamir, A. (2002) 'The LSD broadcast encryption scheme', Advances in Cryptology—CRYPTO 2002, pp.145-161. 46. Hameed, N., Cheah, Y.-. & Rafie, M. (2010) "An e-book personalization architecture with digital rights and encryption procedures", Information Technology (ITSim), 2010 International Symposium in, Information Technology (ITSim), 2010 International Symposium in,p1222-1227. 47. Hameed, N., Cheah, Y.-. & Rafie, M. (2010) "An e-book personalization architecture with digital rights and encryption procedures", Information Technology (ITSim), 2010 International Symposium in, Information Technology (ITSim), 2010 International Symposium in,p1222-1227. 48. Hartung, F. & Ramme, F. (2000) 'Digital rights management and watermarking of multimedia content for m-commerce applications', Communications Magazine, IEEE, 38 (11), pp.78-84. 49. Hartung, F. & Ramme, F. (2000) 'Digital rights management and watermarking of multimedia content for m-commerce applications', Communications Magazine, IEEE, 38 (11), pp.78-84. 50. Heileman, G.L., Jerez, H., Jamkhedkar, P.A. & Khoury, J. (2007) "Indirect DRM evaluation architecture", Proceedings of the 5th International Workshop for Technical, Economic and Legal Aspects of Business Models for Virtual Goods, Koblenz, Germany, . 51. Henke, H. (2003) 'Consumer survey on eBooks', URL: Http://www.Idpf.org/doc_library/surveys/IDPF_eBook_Consumer_Survey_2003.Pdf, . 52. Henshel, S., Schroeter, A. & Gaillard, L. (2010) "Solar lantern rental system: Paying for the service, not the hardware", Energy and Sustainable Development: Issues and Strategies (ESD), 2010 Proceedings of the International Conference on, Energy and Sustainable Development: Issues and Strategies (ESD), 2010 Proceedings of the International Conference on,p1-9. 53. Herther, N.K. (2011) 'Ebooks everywhere', Searcher, 19 (6), pp.22-31. 54. Herther, N.K. (2011) 'Ebooks everywhere', Searcher, 19 (6), pp.22-31. 55. Hwang, S.O. & Yoon, K.S. (2008) 'Interoperable DRM framework for multiple devices environment', ETRI Journal, 30 (4), pp.565-575. 56. Iannella, R. (2001) 'Digital rights management (DRM) architectures', DLib Magazine, 7 (6), pp.1-9. 57. Intellectual Property Office (1988) About copyright. Available at: http://www.ipo.gov.uk/types/copy/c-about.htm (Accessed: 14/05/2012). 58. International Digital Publishing Forum (2011) EPUB 3 overview. Available at: http://idpf.org/epub/30/spec/epub30-overview.html (Accessed: 02/05/2012). 59. Iwata, T., Abe, T., Ueda, K. & Sunaga, H. (2003) "A DRM system suitable for P2P content delivery and the study on its implementation", Communications, 2003. APCC 2003. the 9th Asia-Pacific Conference on, IEEE. p806-811 Vol. 2.

60. Jamkhedkar, P.A. & Heileman, G.L. (2004) "DRM as a layered system", Proceedings of the 4th ACM Workshop on Digital Rights Management, ACM. p11-21. 61. JiangZhang, Nan-Shan Wu, Jian-Guang Luo & Shi-Qiang Yang (2005) "A scalable digital rights management framework for large-scale content distribution", Intelligent Signal Processing and Communication Systems, 2005. ISPACS 2005. Proceedings of 2005 International Symposium on, Intelligent Signal Processing and Communication Systems, 2005. ISPACS 2005. Proceedings of 2005 International Symposium on,p761- 764. 62. Jong-hwan Suh, Jae-Hoon Jin, Sung-Je Park, Soon-Young Bae & Sang-Chan Park (2006) "U-DRM: A framework of digital rights management based on ubiquitous computing", Artificial Reality and Telexistence--Workshops, 2006. ICAT '06. 16th International Conference on, Artificial Reality and Telexistence--Workshops, 2006. ICAT '06. 16th International Conference on,p570-575. 63. Kwok, S.H. & Lui, S.M. (2001) "A license management model to support b2c and c2c music sharing", Proceedings of International WWW Conference (10), . 64. Lee, K., Sakurai, K., Lee, J. & Ryou, J. (2004) 'A DRM framework for secure distribution of mobile contents', Information Networking.Networking Technologies for Broadband and Mobile Networks, pp.905-914. 65. Lee, S., Park, H. & Kim, J. (2010) "A secure and mutual-profitable DRM interoperability scheme", Computers and Communications (ISCC), 2010 IEEE Symposium on, Computers and Communications (ISCC), 2010 IEEE Symposium on,p75-80. 66. Leong, K. (2007) 'ITunes: Have they created A system for international copyright enforcement?', New Eng.J.Int'l & Comp.L., 13 pp.365-365. 67. Li Fen & Liu Quan (2011) "Digital right management based on cloud computing and dynamic secure permission", Consumer Electronics, Communications and Networks (CECNet), 2011 International Conference on, Consumer Electronics, Communications and Networks (CECNet), 2011 International Conference on,p3091- 3094. 68. Loebbecke, C., Bartscher, P., Weiss, T. & Weniger, S. (2010) "Consumers' attitudes to digital rights management (DRM) in the german trade eBook market", Mobile Business and 2010 Ninth Global Mobility Roundtable (ICMB-GMR), 2010 Ninth International Conference on, Mobile Business and 2010 Ninth Global Mobility Roundtable (ICMB-GMR), 2010 Ninth International Conference on,p337-344. 69. Loebbecke, C., Soehnel, A., Weniger, S. & Weiss, T. (2010) "Innovating for the mobile end-user market: Amazon's kindle 2 strategy as emerging business model", Mobile Business and 2010 Ninth Global Mobility Roundtable (ICMB-GMR), 2010 Ninth International Conference on, Mobile Business and 2010 Ninth Global Mobility Roundtable (ICMB-GMR), 2010 Ninth International Conference on,p51-57. 70. Lohan, F., Defee, I. & Hakulinen, H. (2001) "Networked multimedia system based on open architecture", Consumer Electronics, 2001. ICCE. International Conference on, Consumer Electronics, 2001. ICCE. International Conference on,p344-345. 71. Luby, M. & Staddon, J. (1998) 'Combinatorial bounds for broadcast encryption', Advances in Cryptology—EUROCRYPT'98, pp.512-526. 72. M., B. (2004) ' Digital rights management: Preventing or enabling access?

', 17 (2), pp.141. 73. Marinai, S., Marino, E. & Soda, G. (2011) "Conversion of PDF books in ePub format", Document Analysis and Recognition (ICDAR), 2011 International

Conference on, Document Analysis and Recognition (ICDAR), 2011 International Conference on,p478-482. 74. Market Assessment 2010 (2010) Book Retailing on the Internet. Keynote. 75. Michiels, S., Verslype, K., Joosen, W. & De Decker, B. (2005) "Towards a software architecture for DRM", Proceedings of the 5th ACM Workshop on Digital Rights Management, ACM. p65-74. 76. Mulligan, D.K., Han, J. & Burstein, A.J. (2003) "How DRM-based content delivery systems disrupt expectations of personal use", Proceedings of the 3rd ACM Workshop on Digital Rights Management, ACM. p77-89. 77. Mutalib, A.A., Alwi, A. & Salam, S.N.A. (2006) "The acceptance of e-book readers among malaysian children", Computing & Informatics, 2006. ICOCI '06. International Conference on, Computing & Informatics, 2006. ICOCI '06. International Conference on,p1-5. 78. N, H. (2005) ' The e-book industry today: A bumpy road becomes an evolutionary path to market maturity. ', The Electronic Library, 23 (1), pp.45-53. 79. Nam, D.W., Lee, J.S., Kim, J.H. & Yoon, K.S. (2007) "Interlock system for DRM interoperability of streaming contents", Consumer Electronics, 2007. ISCE 2007. IEEE International Symposium on, IEEE. p1-4. 80. Narayanan, A. & Shmatikov, V. (2008) "Robust de-anonymization of large sparse datasets", Security and Privacy, 2008. SP 2008. IEEE Symposium on, Security and Privacy, 2008. SP 2008. IEEE Symposium on,p111-125. 81. Paskin, N. (1999) 'Toward unique identifiers', Proceedings of the IEEE, 87 (7), pp.1208-1227. 82. Paskin, N. (1999) 'Toward unique identifiers', Proceedings of the IEEE, 87 (7), pp.1208-1227. 83. Peinado, M. (2006) Binding a Digital License to a Portable Device Or the Like in a Digital Rights Management (DRM) System and Checking out/checking in the Digital License to/from the Portable Device Or the Like, . 84. PEINADO, M. & ABBURI, R. (2000) STRUCTURE OF DIGITAL RIGHTS MANAGEMENT (DRM) SYSTEM, . 85. Peng Zou, Chaokun Wang, Zhang Liu & Dalei Bao (2010) "Phosphor: A cloud based DRM scheme with sim card", Web Conference (APWEB), 2010 12th International Asia-Pacific, Web Conference (APWEB), 2010 12th International Asia-Pacific,p459- 463. 86. Rake-Revelant, J., Holschke, O., Offermann, P. & Bub, U. (2010) "Platform-as-a- service for business customers", Intelligence in Next Generation Networks (ICIN), 2010 14th International Conference on, Intelligence in Next Generation Networks (ICIN), 2010 14th International Conference on,p1-6. 87. Reference Tree Limited (2010) About us:. Available at: http://reference- tree.com/about-us (Accessed: 23/03/2012). 88. Reid, J.F. & Caelli, W.J. (2005) "DRM, trusted computing and operating system architecture", Proceedings of the 2005 Australasian Workshop on Grid Computing and e-Research-Volume 44, Australian Computer Society, Inc. p127-136. 89. Shih-Chun Chou, Stu, J., Yuting Lin & Wen-Tai Hsieh (2010) "Toward computer- based learning: A taxonomy of ebook readers", Computer Engineering and Technology (ICCET), 2010 2nd International Conference on, Computer Engineering and Technology (ICCET), 2010 2nd International Conference on,pV2-431-V2-434.

90. Shihong Xu & Hong Shen (2009) "QoS-oriented content delivery in e-learning systems", IT in Medicine & Education, 2009. ITIME '09. IEEE International Symposium on, IT in Medicine & Education, 2009. ITIME '09. IEEE International Symposium on, p665-670. 91. Survey Monkey (2012) My surveys. Available at: http://www.surveymonkey.com/MySurveys.aspx (Accessed: 01/05/2012). 92. The Independent (2011) Amazon planning to launch ebook rental service: WSJ. Available at: http://www.independent.co.uk/life-style/gadgets-and-tech/amazon- planning-to-launch-ebook-rental-service-wsj-2353523.html (Accessed: 12/09/2011). 93. Tonkin, E. (2010) 'eBooks: Tipping or vanishing point?', Ariadne, 62 . 94. Tu Jian-fei, Fang Zhi-mei & Ye Fei-fan (2008) "The rental-type application system based on web service", Business and Information Management, 2008. ISBIM '08. International Seminar on, Business and Information Management, 2008. ISBIM '08. International Seminar on,p161-164. 95. Veerubhotla, R.S. & Saxena, A. (2011) "A DRM framework towards preventing digital piracy", Information Assurance and Security (IAS), 2011 7th International Conference on, Information Assurance and Security (IAS), 2011 7th International Conference on,p1-6. 96. Veerubhotla, R.S. & Saxena, A. (2011) "A DRM framework towards preventing digital piracy", Information Assurance and Security (IAS), 2011 7th International Conference on, Information Assurance and Security (IAS), 2011 7th International Conference on,p1-6. 97. el zquez, R., ern ndez, . & Preza, E. (2 A portable eBook reader for the blind", Engineering in Medicine and Biology Society (EMBC), 2010 Annual International Conference of the IEEE, Engineering in Medicine and Biology Society (EMBC), 2010 Annual International Conference of the IEEE,p2107-2110. 98. Vicarel, J.A. (2010) 'The format puzzle', Library Journal, 135 (14), pp.94-94. 99. Wei-Ming Yeh (2010) "A marketing research of new digital readers and iPad in comprehensive aspect", Computer Application and System Modeling (ICCASM), 2010 International Conference on, Computer Application and System Modeling (ICCASM), 2010 International Conference on,pV15-320-V15-323. 100. Wei-Ming Yeh (2010) "A new trend of eBook confidence level in perspective aspect", Machine Learning and Cybernetics (ICMLC), 2010 International Conference on, Machine Learning and Cybernetics (ICMLC), 2010 International Conference on,p2500-2503. 101. Wei-Ming Yeh & Kuang-Wu Koai (2010) "A study of ebook confidence level in perspective aspect", Measuring Technology and Mechatronics Automation (ICMTMA), 2010 International Conference on, Measuring Technology and Mechatronics Automation (ICMTMA), 2010 International Conference on,p348-351. 102. Xu Yanfang, Zhang Dingnan & Gao Ning (2009) "A method for evaluation of the font definition quality of eBook readers", Image and Signal Processing, 2009. CISP '09. 2nd International Congress on, Image and Signal Processing, 2009. CISP '09. 2nd International Congress on,p1-4. 103. Yanmei, C. & Ying, T. (2011) "e3-value based research on business model of mobile internet music services", E -Business and E -Government (ICEE), 2011 International Conference on, E -Business and E -Government (ICEE), 2011 International Conference on,p1-5. 104. Zhang, Z.Y., Pei, Q.Q., Ma, J. & Yang, L. (2009) 'Security and trust in digital rights management: A survey', International Journal of Network Security, 9 (3), pp.247-263.

105. Zhang, Z. (2010) "Security, trust and risk in digital rights management ecosystem", High Performance Computing and Simulation (HPCS), 2010 International Conference on, High Performance Computing and Simulation (HPCS), 2010 International Conference on,p498-503. 106. Zongkai Yang, Qingtang Liu, Kun Yan, Wanting Deng & Jing Jin (2005) "Integration of digital rights management into learning content management system", Information Technology: Coding and Computing, 2005. ITCC 2005. International Conference on, Information Technology: Coding and Computing, 2005. ITCC 2005. International Conference on,p465-469 Vol. 1.

Appendix

Appendix-1 PPF AY11/12, Semester 2

Student Number 1030160

Student Name Rohit Vyas

Degree Course Computing and Entrepreneurship

Supervisor Name Edmond Prakash

Analytical Framework for Renting eBook Title of Project compatible with the device and allows notes sharing among the readers.

Description of your artefact Reference-Tree offers chapter-wise renting of eBooks (Reference Tree, 2 . Amazon’s is about to launch eBook lending program in coming months. (The independent, 2011). An analysis of Operating System of the most popular tablet PCs and E-readers.

An analysis of the EBook formats supported by these tablets and E-readers.

A Framework suggesting a common DRM scheme for these formats.

A Framework for Renting eBooks, Sharing Notes among the readers

Aim and Objectives of the project:-

The main aim of the project is to suggest a suitable framework which allows eBook readers and tablet PCs to rent eBooks, which are compatible with their dedicated Reader or Tablet PC, for a specific number of days. And allow readers to share notes prepared and securely retrieve all the notes once the rented period is over.

Challenges Involved:-

Proposing a Rental Framework with appropriate

DRM scheme to ensure Copyrights are preserved.

Extensive study of various formats compatible with eReaders and Tablets.

Study of different mobile O.S

The Framework can be used by companies who are already into eBook publishing or can be used by new entrants.

The framework will be different from the existing framework by differentiating itself in day rental format.

What methodology Case Study: - To provide details of all the EBook (structured process) will you formats and Operating systems of popular e- be following to realise your readers and tablets. artefact? Case study:- To study the details of different DRM schemes of different readers

Survey: - To collect information from readers about their notes writing habits and analysis of those applications which allows users to write notes while reading books.

Implementation: - Implement this information for suggesting a common DRM framework, Rental framework and notes sharing.

How does your project relate My course is computing and Entrepreneurship. I to your degree course and have studied Grid Services & Distributed build upon the Computing and Entrepreneurship in my first units/knowledge you have semester and Emerging Technology in my second studied/acquired semester. I will be the implementing the knowledge retrieved from these units in my project.

Resources I.O.S 3 and upgraded versions, Android operating systems, Windows 2007, UOB Database, Internet connection, Microsoft Office 2007

1GB Flash Disk

Have you completed & Yes submitted your ethics form?

Additions in PPF AY11/12, Semester 2

Student Number 1030160

Student Name Rohit Vyas

Degree Course Computing and Entrepreneurship

Supervisor Name Edmond Prakash

A Rental Digital Rights Management framework Title of Project which allows user to lend books and notes.

An analysis of the EBook formats supported by these tablets and E-readers.

A Framework suggesting a rental DRM scheme for these formats.

A Comparison of existing DRM schemes

A Framework for Lending eBooks

Aim and Objectives of the project:-

The main aim of the project is to suggest a suitable rental DRM framework which allows eBook readers and tablet PCs to rent eBooks, which are compatible with their dedicated Reader or Tablet PC, for a specific number of days. And allow readers to lend eBooks prepared and securely retrieve all the notes once the rented period is over.

Challenges Involved:-

Proposing a Rental Framework with appropriate DRM scheme to ensure Copyrights are preserved.

Extensive study of various formats compatible with eReaders and Tablets.

Study of different DRM schemes

The Framework can be used by companies who are already into eBook publishing or can be used by new entrants.

The framework will be different from the existing framework by differentiating itself in day rental format and allowing lending to user.

What methodology Case Study: - To provide details of all the EBook (structured process) will you formats and Operating systems of popular e- be following to realise your readers and tablets. artefact? Case study: - To study the details of different DRM schemes of different readers.

Survey: - To collect information from readers about their notes writing habits and analysis of those applications which allows users to write notes while reading books.

Implementation: - Implement this information for suggesting a Rental DRM framework which allows lending notes.

Resources I.O.S 3 and upgraded versions, Android operating systems, Windows 2007, UOB Database, Internet connection, Microsoft Office 2007

1GB Flash Disk

Have you completed & Yes submitted your ethics form?

Appendix 2-Ethics Form

Appendix 3- Dissertation Timeline

Appendix 4- Project Poster