the potentials of IPR protection and the use of advanced information systems for their management, cost ... JPEG2000 coding standard, and self-protecting content. We also ..... www.drmwatch.com/special/article.php/3095031] (2005). 21.
Protecting Intellectual Property Rights and the JPEG2000 Coding Standard B. Vassiliadis, V. Fotopoulos, A. Ilias, and A.N. Skodras Digital Systems & Media Computing Laboratory, Computer Science, School of Science and Technology, Hellenic Open University, 13-15 Tsamadou st., GR-26222, Patras, Greece {bb, vfotop1, ilias, skodras}@eap.gr
Abstract. The ever-increasing use of the Internet and file sharing applications based on Peer to Peer networks has alarmed content authors, providers and resellers of digital content. Techniques proposed for protecting digital media include watermarking, use of metadata and self-protection and self-authentication. In this paper we review the most important of these methods and analyse their potential use in Digital Rights Management systems. The main focus is on IPR management through watermarking for digital images coded with the new and a lot promising compression standard: JPEG2000.
1 Introduction According to recent studies, the amount of information produced and digitized in the last three years is equal to that produced in all the previous years of human history. Pervasive digital media distribution through the Internet has increased the cases of digital media unauthorised use. The loss of profits for the media industry is already calculated in billions of euros [1]. Economic loss has alarmed content authors, distributors, providers and resellers alike and has created an initial movement for the development of advanced and costeffective techniques for IPR (Intellectual Property Rights) management and protection of digital media. Although IPR protection is currently considered a strategic goal for many organisations, vendors are not willing to invest substantial resources to achieve it [2]. Following the initial enthusiasm from research and private organisations about the potentials of IPR protection and the use of advanced information systems for their management, cost effectiveness seems to be the major requirement for using them [3]. The two main strategies proposed for achieving IPR for digital media include a priori protection (copy prevention) and a posteriori protection (copy detection). Initially, IPR focused on security and encryption as a means of solving the issue of unauthorized copying. The shortcomings of CD/DVD copy prevention systems have shown that a priori protection alone is still not as effective as predicted. A posteriori protection mechanisms, such as digital watermarking, are considered as a valid solution for multimedia data in a networked environment. New trends such as selfprotecting content, metadata embedding or linking in digital artifacts are proposed or used for right management purposes. New coding standards such as JPEG2000 and P. Bozanis and E.N. Houstis (Eds.): PCI 2005, LNCS 3746, pp. 705 – 715, 2005. © Springer-Verlag Berlin Heidelberg 2005
706
B. Vassiliadis et al.
metadata standards such as MPEG7 have already shown significant potential in terms of flexibility, interoperability and cost-effectiveness. IPR protection is closely linked to IPR management since digital media are produced, reselled, transferred through vendor channels. The need for advanced management of digital property rights has spawned an entire race of new information systems called Digital Rights Management systems (DRM systems). These systems make use of, among other technologies, IPR protection techniques in order to efficiently and flexibly manage property rights. In this paper we review the most important IPR protection techniques for digital images, namely watermarking and metadata with a special focus on the new JPEG2000 coding standard, and self-protecting content. We also analyse the basic characteristics of a DRM system and how the above mentioned techniques can be efficiently embedded in them. The rest of this paper is organised as follows: section 2 introduces DRM systems and briefly discusses security policies while section 3 describes the concept of watermarking, current developments for the JPEG2000 standard and metadata enabled IPR protection methods. Section 4 briefly discusses the new proposition for self-protecting content and finally, section 5 draws the conclusions.
2 DRM Systems: An Overview of Basic Concepts and Enabling Technologies Digital Rights Management is a set of technologies that enables the management of licenses for media artifacts throughout their lifecycle. In other words it provides a complete set of functionalities for managing IPR. The area of DRM is unique in the sense that it involves many diverse sub-areas: cryptography, legal and social aspects, signal processing, information theory, and business analysis, just to mention a few. DRM systems rely on licenses which specify the content usage rules. Content is distributed with or without licenses but it cannot be used without them. Rules can be either attached or embedded to content, or delivered independently [4,18]. Modern DRM systems cover the full range of IPR management including the description, identification, trading, protection, monitoring and tracking of all forms of rights’ usage. They are applied over both tangible and intangible assets including rights workflow and rights owner relationships [5]. The information architecture of a classic DRM system is depicted in figure 1. The typical business model of a DRM system is presented in figure 2. The creator produces the digital content and provides the usage rules to a third party (authority) which is responsible for supervising its proper use. Distributors receive the content from the creators and distribute it through the appropriate channels (e.g. e-shops) to the end-users (buyers). In order for the buyer to use the content, the appropriate license must be obtained by the authority. This happens after the appropriate request is sent to the authority by the buyer. The transaction is concluded when the authority pays royalties to the creator. Encryption, a key technology for any DRM system, is used to ensure that publickey certificates owned by the Buyer and the Distributor are digitally signed by the Authority. A handshake protocol makes sure that both sides have the secret keys that
Protecting Intellectual Property Rights and the JPEG2000 Coding Standard
707
correspond to the public keys described in the license to use the digital media. This approach is called ‘Crypto101’. Newer approaches such as broadcast encryption avoid the costly, in terms of data transmitted, two-way handshake with single way broadcast of public keys [6].
Fig. 1. The Information architecture of a classic DRM system (modified from [5])
Fig. 2. The common business model of DRM systems
An interesting variation of DRM systems uses special plug-ins in order to decode digital information and communicate with the creator or the content provider. Nevertheless, this model suffers from the obvious lack of interoperability since there is no common framework for encoding the information prior to its use. This situation has
708
B. Vassiliadis et al.
led to a number of different plug-ins which are used with specific DRM systems only and thus are inflexible. Plug-ins are usually content viewers and players [7]. DRM systems provide persistent content protection meaning that they need to do more than simply manage digital licenses to authorized users. Restrictions of the content usage rights have to be maintained after the content is delivered to the end user including data protection to protect against unauthorized interception and modification, unique identification of recipients to enable access control for the digital content, and effective tamper-resistant mechanisms to process protected data and enforce content usage rights [16]. There is a large number of security methods used by DRM systems to protect IPR of digital content artifacts, among them:
Password protection: it is used mainly for access control. Symmetric and Asymmetric Encryption: the content is encrypted using a symmetric key algorithm (digital signatures, one-way hash functions, or both). It is used mainly for access control and pirate prevention. Digital Certificates: used to authenticate or verify the identity of the parties involved in the distribution of the content Individualization: some new DRM systems rely on unique identification of user devices. Watermarking: used for binding (embedding) information to digital content, such as content owners, the buyer of the content and payment information (annotation watermarks).
Recent studies [2] have shown that, apart from standard security technologies such as password protection and encryption, most current DRM implementations use watermarking as well. Several commercial systems offer special crawling functions that scan the Internet for finding instances of the protected (watermarked) artifacts and produce usage reports. Although this method works only for on-line content, it might be successful in preventing piracy [21]. One of the major problems of DRM systems is interoperability and transfer across different platform (including mobile devices) [2,16]. This is a major requirement for wider DRM adoption which will rely upon the adoption of common media standards. JPEG2000 seems to concentrate all the requirements for still digital images (see section 3.1). Watermarking will be discussed with more details in the following sections. Rights management, a basic function of a DRM system, is possible via RELs (Rights Expression Language). After numerous proposals, XrML was chosen for wider adoption since it was adopted as the REL for the MPEG21 standard. There is a plethora of DRM business models: pay as you use, try first buy later, pay per view etc. Payment rules are closely connected to the way the content is supposed to be used and as such they are described in rules. A useful analysis of DRM business models, standards and core technologies can be found in [21].
3 IPR Protection and JPEG2000 Watermarking and authentication for digital images are relatively new technologies a posteriori, descendants of the last decade. The main reason for their introduction was the fact that digital images are quite easy to duplicate, forge or misuse in general.
Protecting Intellectual Property Rights and the JPEG2000 Coding Standard
709
Watermarking is mainly focused towards the protection of the images' copyright while authentication aims to the verification of the content, investigate if an image is tampered or not and if it is, to identify the locations that the alterations have occurred. For both technologies to succeed, side information needs to be embedded and/or linked with the original image file. That is obviously the reason why lossy compression schemes are often difficult to be used. Part of the watermarking or authentication information is discarded along with insignificant parts of the original image's information to achieve better compression. Digital watermarking has been proposed as a valid solution to the problem of copyright protection for multimedia data in a networked environment [8]. The two most important characteristics a watermarking scheme should provide are imperceptibility and robustness. A digital watermark is usually a short piece of information, that is difficult to erase, intentionally or not. In principle, a digital watermark is an invisible mark inserted in digital media such as digital images, video and audio so that it can be detected at a later stage as evidence of copyright or it can generally be used against any illegal attempt to either reproduce or manipulate the media. Watermarking has been extensively researched in the past few years as far as common image formats are concerned. By identifying the rightful creator/owner, watermarks may be used to prevent illegal use, copy or manipulation of digital content, as proof of ownership or tampering [9]. The problem that these techniques have to encounter is the robustness of the watermark against common processing tasks. Any attempt to remove the ownership information from the original image is called an attack. Some common attacks for still images include filtering, compression, histogram modification, cropping, rotation and downscaling. Image watermarking techniques can generally be divided in two main groups, depending on the processing domain of host image that the watermark is embedded in. The first one is the spatial domain group of techniques, according to which the intensity values of a selected group of pixels are modified. The other is the frequency domain group, where a group of the transform coefficients of the image are altered. Up to date, frequency domain approaches have been proved more successful for image watermarking. The transforms usually employed are the discrete versions of the Fourier, Cosine and Wavelet transform (DCT, DFT and DWT) [9,10]. In these schemes, the image is being transformed via one of the aforementioned frequency transforms and watermarking is performed by altering the resulting transform coefficients of the image. New standards such as JPEG2000 create new possibilities for the IPR protection industry and have already attracted much attention by the scientific community. In the next subsections we review the basic characteristics of the coding standard and the most important watermarking and metadata-enabled techniques proposed so far. 3.1 The JPEG2000 Image Compression Standard Since the mid 1980s, both ITU (International Telecommunications Union) and ISO (International Organization for Standardization) have joined their efforts to establish an international Standard for compression of greyscale and colour still images. The result of this process has been called “JPEG” (Joint Photographic Experts Group) and become an International Standard in 1991. Very soon, the JPEG image format (jpg) has become the most commonly used format. However, the development of a standard is a continuous process. Thus it was reasonably expected that a new standard
710
B. Vassiliadis et al.
should appear to satisfy the increased needs and requirements of today for multimedia and Internet applications. Under these circumstances, almost a decade later, JPEG2000 emerged. The new standard provided a unified coding system for different types of still images (bilevel, gray scale, colour, multi-component) with different characteristics (natural, medical, remote sensing etc.) allowing different imaging models (client/server, real time transmission, image library archival etc.) [11]. The system performs better than older standards by achieving great compression ratios while retaining image quality at the same level. Part I of the standard (depicted in figure 3) can be used on a royalty and fee-free basis. All these lead to the conclusion that it is only a matter of time before JPEG2000 will become widely accepted. Tile or entire image Source Image
Pre-processing Tiling DC level shifting Component Transformation Note:
optional
Forward Transform DWT (5,3) reversible (9,7) irreversible mandatory
Codeblock Quantization
Entropy Coding
Codestream Formation
Dead-zone Uniform Scalar Quantization
ROI coding MQ-coder (contentdependent binary arithmetic coding of bit-planes
Bit allocation Data ordering Error resilience File format
Compressed Image
Fig. 3. JPEG2000 encoding process
The new standard has come to serve a wide variety of applications like the Internet, mobile communications, medical imagery, remote sensing, colour facsimile, printing and scanning, digital photography, e-commerce, digital libraries and many more. Each of these areas, imposes certain requirements that the new standard should fulfil in the best possible way. The implementation of JPEG2000 provides the following:
Superior low bit-rate performance: JPEG2000 performs superior to its predecessors for very low bit-rates. Internet and mobile communications, as well as network applications greatly benefit from this feature. Continuous-tone and bi-level compression: Various kinds of images are supported by the new compression system. The encoding algorithm is capable of compressing images of various dynamic ranges (e.g. from 1 to 16 bpp for each colour component). This benefits a variety of applications like compound document compression, facsimile, graphics and images with binary and near to binary regions, alpha and transparency planes. Lossless and lossy compression: The new standard provides both kinds of compression within the same codestream. There are applications like medical imaging, digital libraries and prepress imagery, in which image information loss can not be tolerated. In these cases, the lossless part of the codestream is used while in the other cases (web browsing, network transmission over client/server applications) the lossy part can be used instead. JPEG2000 also allows progressive lossy to lossless buildup. Progressive transmission and decoding: It is possible to transmit images progressively and decode at the receiver with increasing pixel accuracy or spatial resolution. This a valuable feature for web browsing and digital libraries.
Protecting Intellectual Property Rights and the JPEG2000 Coding Standard
711
Regions of Interest: In almost every image, there are regions that contain more important information content than others. In JPEG2000 one can define these regions of interest (ROI) and allocate more bits for their coding than for the rest of the image. Open Architecture: JPEG2000 allows optimization for different image types and applications. Error resilience: The new standard provides robustness to bit errors that may cause catastrophic decoding failures. This is essential, especially when images are transmitted over noisy channels (e.g. wireless networks). Fixed-rates, fixed-sizes, limited workspace memory: It is possible to specify the exact number of bits allocated for a group of consecutive pixels or for the whole codestream. Except for the profound advantage of this feature, it is also possible for devices of limited memory (like scanners and printers) to function with the new format.
3.2 Watermarking and JPEG2000 Watermarking against lossy compression has always been an interesting challenge. Most of the existing literature techniques are not very efficient against the JPEG standard. With the new JPEG2000 standard, superior quality for the same compression ratio can be achieved or similar quality for higher compression ratio, may be used depending on user needs. Since it is easier now to retain quality by achieving smaller file sizes, this is quite desirable. Thus compression ratios of less than 0.5bpp will become common practice. The problem is, that although these images will be visually pleasant, watermarking methods have to evolve in order to survive such high compression. Is the watermarking community ready to undertake this challenge? Very few works directly relate watermarking with JPEG2000. In the majority of the literature, the new standard is considered as yet another attack. Others examine the effects that the various JPEG2000 coding parameters cause to the watermark’s detection. There is also a third category that proposes incorporating watermarking into the JPEG2000 coding pipeline or using it as an important factor in the marking/retrieval process. These may be few but they are of great practical interest. Significant research effort has addressed watermarking in the wavelet domain. Since the heart of the new standard is the wavelet transform, these works may be seen as the pioneers of watermarking in the JPEG2000 domain. Some of these categories will be briefly discussed in this section. The first wavelet based watermarking schemes appeared around 1995. As far as embedding is concerned, the approximation image is selected. For a 3-level wavelet decomposition, this band of coefficients is actually a miniature of the original image (dimensions are 1/8 of the originals). This way, traditional spread spectrum and spatial techniques can be easily used since these methods do not exploit the special features that the wavelet decomposition provides. Examples of these works can be found in [12-13]. Detail based methods [17] are a bit different. Coefficient distribution in the detail bands is different when compared to the approximation. There are only a few coefficients large enough to carry the watermark and a careful selection strategy is required. To define a selection threshold, the level of decomposition, orientation and subband energy can be utilized. Since the number of appropriate coefficients in each band is
712
B. Vassiliadis et al.
small, usually contribution is gathered from all the detail bands in all decomposition levels. An advantage of this practice is that if the watermark is found in one of them, there’s no need to search the others, thus reducing the detection’s computational cost. This characteristic makes such methods appealing for real time applications. There are also techniques that use all of the bands, approximation and details for additional robustness [18]. Usually, when watermarking methods are tested for lossy compression, the parameter involved is compression ratio. In JPEG2000, compression ratio is only one of the available options to the coder. Other equally important parameters include the filter kernels used, regions of interest, levels of decomposition, tile size and many more. Such an advanced (and consequently complex) compression algorithm, is definitely multi-parametric and it is not wise to ignore all these parameters during the testing procedure. In a category of works, JPEG2000 is simply considered as yet another attack. No special care is taken during the algorithm’s design which is simply tested against compression with various bit rates. One of the two publicly available versions of the encoder is usually used, JJ2000 or Jasper. Testing is always based on the bit rate parameter. The lowest the bit rate, the worst the detectors perform. It seems that 0.3-0.1 bpp is the range in which the watermarks start finding great difficulties to survive and under 0.1 bpp the majority of the methods easily fail (speaking of blind detection algorithms). By far, the most complete comparative study of various schemes for different bit rates can be found in Meerwald’s webpage [19]. 3.3 Metadata-Enabled IPR Protection and JPEG2000 JPEG2000 coding standard offers features such as Region of Interest Coding, Scalability, Error Resilience, Visual Frequency Weighting. Although all of the above mentioned features of the compression standard are very important, the application of watermarking in JPEG2000 compressed images is closely related with its IPR capabilities. These capabilities include the embedding of XML-formatted information into the image file in order to annotate/link image data with metadata. These metadata are associated with the image vendor, the image properties, the existence of IPR information in the image data etc. The new format (JP2) [11] gives the opportunity to accompany the data that correspond to the image with extra metadata but it doesn’t replace the watermarking mechanisms that are used today for copyright protection and authentication, provided through watermarking process. It rather complements them. In order to address the increasing need for security, the international community is already researching the incorporation of IPR protection characteristics within the JPEG2000 standard. This initiative will produce JPEG 2000 Secured (JPSEC) also known as Part 8 of JPEG2000 [14]. Applications addressed by JPSEC include, among others encryption, source authentication, data integrity, conditional access, ownership protection etc. It is expected that the new standard will be available by 2007. In a different approach, metadata may be linked and not directly inserted in an image. For this purpose, a special kind of watermarking is used: annotation watermarking. Watermarks, combined with digital signature methods, may contain information about proprietary, copyright, the author, the user, the number of copies and/ or other important information. The insertion of multiple watermarks for the identification of distribution channels is also possible. It must be noted however that there is an upper
Protecting Intellectual Property Rights and the JPEG2000 Coding Standard
713
limit for the number of watermarks that can be embedded in an image, before the quality of reproduction is significantly altered. In order to maintain a high Quality of Service, a consensus must be found between multiple watermarking and its perceptibility in the digital object. Multiple watermarks can be inserted at the production level, for the identification of the distribution path and/or to identify the end-user path.
4 Self Protecting Content Self protecting content was recently suggested as a solution to the ever-increasing problem of DRM interoperability and immature economics. This type of content includes special logic which can decide by itself how it will be used by the client machine which provides only basic functionality [15]. For example, an image encoded with a self protecting standard is loaded in a palmtop. The logic is loaded into the palmtop, reads the appropriate information (ID, user acquired licenses etc.) and decides whether it will be viewed in full or reduced resolution, whether it will be copied or reproduced etc. It is obvious that apart from the logic encapsulated into the content, appropriate mechanisms need to be available to the user machine. These mechanisms should at least include a virtual machine for the code to run and a ROM for storing keys and licenses. If the end-user machine is a personal computer there is no obvious disadvantage but what happens when it is a CD-player or a home DVD device? Although the notion of self-protecting content is extremely innovative and attractive in many aspects, several shortcomings of technological, cultural and economic nature exist: there are no standards for encoding logic into content, what happens to the size of the media artifact when code is added to it, are the manufacturers of player devices willing to add new machinery to their products, are content creators willing to pay for new content creation tools? Although the self protecting content idea has already attracted criticism, it remains to be seen if it will be adopted in the future [20].
5 Conclusions The extensive use of digital media in networked applications increases security requirements. The protection of the IPR of digital media is increasingly considered as one of the most important areas of e-commerce. Increased concern by companies and academia has led to the development of numerous methods and techniques that manage and protect IPR. DRM is one of the most important and complete frameworks that enable end-to-end management of digital rights through the media lifecycle. Enabling technologies for DRM systems include, among other, watermarking, an information hiding technique. Watermarking can be used for embedding or connecting usage rules in/with the content itself. New standards, such as JPEG2000 offer new possibilities for IPR protection and DRM systems that use watermarking and may lead to the development of more advanced security services. In this work we surveyed recent development in watermarking for the JPEG2000 domain which is currently a very promising research area. JPEG2000 offers many places in its coding pipeline in which the watermarks can be embedded. There are various arguments about the place of embedding: into the
714
B. Vassiliadis et al.
transform, after it, in the quantization stage, in the coding stage. Each of these cases has specific advantages and disadvantages. Experiments justify the suspicion that the parameters used during encoding are very important for the detector’s expected performance, however there are many more aspects of such a complex compression standard like JPEG2000 that still need to be investigated. In conclusion, it seems that in the next years the field of watermarking of digital images coded with the JPEG2000 standard will attract even more the interest of the research community and the upcoming format will be supported with powerful protection mechanisms.
Acknowledgements This work was funded by the European Social Fund, Operational Programme for Educational and Vocational Training II (EPEAEK II), programme Pithagoras (contract no. 89188).
References 1. International IPR Alliance, Special 301 Recommendations, [available online http://www. iipa.com/pdf/2004SPEC301LOSS.pdf] (2004) 2. Fetscherin, M., Schmid, M.,: Comparing the usage of digital rights management systems in the music, film, and print industry. Proceedings of the 5th international conference on Electronic commerce (2003) 316–325 3. Eskicioglu, E.M.: Protecting Intellectual Property in Digital Multimedia Networks. Computer, Vol. 36 39-45 (2003) 4. Cohen, J.E.: DRM and Privacy. Communications of the ACM, Vol. 46(4) 46-49 (2003). 5. Iannella, R.:Digital Rights Management (DRM) Architectures. D-Lib Magazine, Vol.7(6) (2001) 6. Lotspiech, J., Nusser, S., Pestoni, F.:Anonymous Trust: Digital Rights Management Using Broadcast Encryption. Proc. of IEEE Vol. 92(6) 898-909 (2004) 7. Liu, Q., Safavi-Naini, R., Sheppard, N.P.: Digital Rights Management for Content Distribution. Australian Information Security Workshop (2003) 8. Voyatzis, G., Pitas I.: Image Watermarking for Copyright Protection and Authentication. In: Bovik, A. (ed.): Handbook of Image & Video Processing. Academic Press (2000) 9. Fotopoulos, V., Skodras, A.N.: Digital Image Watermarking: An Overview. EURASIP Newsletter, Vol.14 (4) (2003) 10. Fotopoulos, V., Skodras, A.N.: A Subband DCT Approach to Image Watermarking. Proc. X European Signal Processing Conference (2000) 11. Taubman, D.S., Marcellin, M.W.: JPEG2000: Image Compression Fundamentals, Standards and Practice. Kluwer Academic Publishers, (2002) 12. Liang, J., Xu, P., Tran, T.D.: A universal robust low frequency watermarking scheme. IEEE Transactions on Image Processing, (2000) 13. Perreira, S., Voloshynovskiy, S., Pun, T.: Optimized wavelet domain watermark embedding strategy using linear programming. In Szu, H.H. (ed.): SPIE AeroSence 2000: Wavelet Applications VII (2000) 14. JPEG 2000 Secured (JPSEC), [available online http://www.jpeg.org/jpeg2000/ j2kpart8.html] (2000)
Protecting Intellectual Property Rights and the JPEG2000 Coding Standard
715
15. Kocher, P., Jaffe, J., Jun, B., Lawson, N.: Self protecting digital content. Cryptographic Research Inc, CRI [available online http:// www.cryptography.com/resources/ whitepapers/SelfProtectingContent.pdf] (2005) 16. Koenen, R.H., Lacy, J., Mackay, M., Mitchell, S.:The long march to interoperable digital rights management. Proc. of IEEE Vol. 92(6) (2004) 883-897 17. Kim, Y.S., Kwon, O.H., Park, R.H.: Wavelet based watermarking method for digital images using the human visual system. Electronic Letters Vol.35, (1999) 466-467 18. Davoine, F.: Comparison of two wavelet based image watermarking schemes. Proceedings of the IEEE International Conference on Image Processing (2000) 19. Meerwald, P.: Quantization Watermarking in the JPEG2000 Coding Pipeline. Communications and Multimedia Security Issues of the New Century, IFIP TC6/TC11, Fifth Joint Working Conference on Communications and Multimedia Security, CMS’01, Kluwer Academic Publishing, Darmstadt, Germany, (2001) 20. DRMWatch: Analysis of CRI’s Self Protecting Digital Content. [available online http:// www.drmwatch.com/special/article.php/3095031] (2005) 21. Rosenblatt, B., Trippe, B., Mooney, S.: Digital Rights Management-Business and Technology. M&T Books, (2002) 22. Hwang, S.O., Yoon, K.S., Jun, K.P., Lee, K.H.: Modeling and implementation of digital rights. Journal of Systems and Software Vol. 73(3) (2004) 533-549
