ShieldIP and Digital Rights Protection

Software piracy, where software includes computer programs, written text, music, images, video, etc., is a problem of vast economic significance. According to the 2000 SIIA Global Piracy Report, business PC application software revenues in 1999 were $21.6 billion and piracy losses were $12 billion. These numbers do not include piracy estimates from consumer, entertainment, educational, and other software which are assumed to be much higher.

Current losses to software vendors due to piracy, harmful as they are, do not tell the whole story. The wide acceptance of the Internet and the availability of broadband have made it practical for Independent Software Vendors (ISVs) to offer users new and convenient methods of software distribution. Unfortunately, the Internet is also the distribution channel of choice for pirated software, a fact which has discouraged many ISVs from using it for distribution. A simple search on the Internet will produce hundreds of sites listing everything from activation keys to content that can be downloaded free of charge. Whatever was available on Napster, and more, is now available elsewhere.

Internet distribution offers ISVs many benefits over traditional distribution models. Packaging, warehousing and shipping costs are virtually eliminated. Time to market is reduced. Upgrades and patches are readily available. Customer service is enhanced. Furthermore, rental arrangements, managed services, and software subscriptions become possible. Unfortunately, electronic downloading makes piracy much easier.

ShieldIP has unique and breakthrough technology to prevent various forms of software piracy, while enabling ISVs and distributors to implement, charge for, and enforce a wide range of software usage agreements and distribution models. ShieldIP achieves these goals while preserving the purchaser/renter's privacy with respect to software use. The software covered by ShieldIP solutions includes computer programs and other digital information. The technology uniformly applies to all types of platforms, operating systems, software, and sales/rental arrangements.

Unlike existing licensing and protection solutions, ShieldIP's Digital Rights Protection (DRP) solution does not require ISVs to modify their software. The solution is easy to implement and entails low overhead. The protection is by technical means and does not rely on expensive and intrusive law enforcement mechanisms such as searching for and seizing of illegal copies. ShieldIP offers true Hands-off Intellectual Property Protection, because it rigorously preserves the privacy rights of consumers and allows all manner of free, as well as paid-for software distribution.

ShieldIP Protection Features

• Uniformly applies to all forms of digital content including software, computer games, DVD, digitized audio, electronic books, etc.
• Implements and enforces a wide variety of usage policies available from an ISV / distributor. Examples of usage policies include: try before you buy; limited run time; unlimited use.
• Prevents all forms of fraudulent content distribution including illegal copies, large scale CD duplication, Internet distribution, etc.
• Eliminates illegal use of reverse engineered or modified digital content.
• Dynamically extensible to counter new attacks as they evolve.
• Does not require proprietary hardware or recording media.

Commercial Advantages

• Can be applied to existing content.
• Does not require a digital content provider to modify content.
• Uniformly applies to various types of hardware and distribution media. Protection can be deployed on a wide range of digital user devices.
• Allows for secure distribution through current reseller channels. Existing distribution models are unaffected.
• Does not impact or modify existing purchase and usage experience.
• Allows easy distribution of digital content over the Internet without exposing content providers/vendors to fraud or loss.
• Allows easy and legal transfer of usage rights between users and devices. Ensures that no illegal double use occurs. Enables uninterrupted use of digital content when upgrading or replacing hardware.

Privacy Protection

Use of ShieldIP DRM technology provably does not infringe in any way on a user's privacy with respect to what and how digital content is used. ShiedlIP technology is designed not to collect or store any information regarding users and their use of content.

ShieldIP: A Significant Improvement over Existing Technologies

There are a number of different technological approaches to intellectual property protection in the marketplace today. In broad terms, they can be categorized as hardware-based, watermarking, license servers, encryption-based containers, or a combination of such approaches.

Hardware Keys "Dongles"

Hardware Keys or "Dongles" are attachments that must be present for software to run. Usually this hardware is attached to the Universal Serial Bus (USB) or a communications port.

Dongles sell to the high-end software market such as CAD, music composition, and graphics. They offer benefits such as ease of use and the ability to legally install software on several machines but use it only on the machine connected to the dongle.

Besides increasing the cost of software (up to 5% of the retail value), dongles have historically been met with user and developer resistance. Moreover, they have been successfully hacked. The predominant method for hacking dongles is to remove the call in the application software that checks for the presence of those dongles. Once such a hack (or any other) is found, the resulting application code can be used anywhere by anyone.

Watermarking

Digital watermarking places invisible or inaudible identifying data in content usually in order to identify the user to whom the content was sold or to prevent unauthorized copies from being used. Those unique identifying characteristics can be used to track down the existence and source of illegitimate copies. For example, the spacing between letters in Bob's document might be slightly different than the spacing in Alice's document. If Bob's spacing is found in the document that Charlie is reading, then Bob and Charlie are suspected of participating in piracy. At this point appropriate authorities can be called.

Watermarks are mostly used to protect documents and images. They are easy and inexpensive to deploy.

There are many well-known and published attacks on watermarking systems. For example, the well-funded SDMI project was cracked by two French graduate students and independently by a team of researchers from Rice and Princeton universities led by Ed Felten, who took a watermarked copy of a digitally encoded piece of music and produced a watermark-free copy having the same digital sound quality. Even in an ideal case, in which watermarks are not removed, the successful prevention of the use of pirated software requires law enforcement. Cooperative law enforcement is unavailable in many countries and even in the best of circumstances; law enforcement is often not effective. Finally, watermarking often entails tracking copies and therefore implies an infringement on privacy, potentially of innocent users.

Encryption and Containerized Software

Encryption entails converting content into an unusable form so that only a user with a proper key can decrypt and use the content. It is the most widely used technology in Digital Rights Protection today.

Containerized content systems place encrypted objects in "envelopes" that contain the digital content and provide scripts for access control. During installation, the user is asked to type in an activation or registration key provided by the vendor/distributor. The key is then used to decrypt the content and install it in unencrypted form. Sometimes the key is based on that user's hardware identifier therefore infringing on that user's privacy. The vendor requests this identifying information from the user and then provides the decryption key.

Famous attacks on containerized content include successful cracks on Microsoft MediaPlayer, Whistler Installation Wizard, and an early electronic version of a Stephen King novel. In all attacks on containers, once content is available in the clear, the rightful owner can do nothing to stop its distribution. Furthermore, keys may be passed along and used to decrypt pirated content.

License Servers

When using license servers, vendors must modify their software to call a special outside piece of software (the "license server"). The license server checks that the software is being used according to the usage policy.
License servers are most commonly used for protecting enterprise software. In addition to DRP, they usually offer asset management tools, and allow for floating licenses.

Historically, license servers have been easily hacked, either by changing the application software or by creating a phony license server.

Summary of Existing Technologies

• Present technologies require modifications to the software being protected and affect existing consumer purchase and usage experience.
• Watermarks require law enforcement and can be circumvented.
• License servers, copy-protected writeable media, and dongles require changes to user behavior.
• License servers, containerized content and watermarks all present threats to privacy.
• Using any of the existing methods, once a single unencrypted, de-watermarked, de-media blocked, or de-customized copy of software is produced, it can be distributed widely. The same holds for modifications to the software.
• In summary: Existing technologies are vulnerable to BORE - Break Once Run Everywhere and BOBE - Break Once Break Everywhere.

By contrast, ShieldIP technology

• Requires no modification of content. In fact, software can be pre-installed on computers and other digital devices.
• Requires no change in the user's interaction with his or her system.
• Preserves the privacy of users (even the pirate is unknown).
• Can stop all common forms of piracy as well as software that has been reverse engineered and distributed.
• Can evolve to counter emerging threats.

Back to top