On Supporting Secure Information Distribution in Heterogeneous Systems Using Standard Technologies

This paper presents an integrated security architecture for heterogeneous distributed systems. Based on the MPEG-21 standard data structures and the MPEG-M standard services, the proposed architecture provides a unified, fine-grained solution for protecting each information unit circulated in the system. In this context, a novel scheme for translating the access control rules, initially expressed bymeans of the standard MPEG-21RightsExpression Language, into Ciphertext-Policy Attribute-Based Encryption access trees is introduced, thereby enabling offline authorization based on the users' attributes, also encapsulated and certified using MPEG-21 licenses. The proposed framework provides a detailed approach in all the steps of the information protection process, from attribute acquisition to data encryption and decryption.