Journal of Theoretical and Applied Electronic Commerce Research
ISSN 0718-1876 Electronic Versión VOL 3 / ISSUE 3 / DECEMBER 2008 /103-118.

RESEARCH

The Use of Digital Watermarking for Intelligence Multimedia Document Distribution

Shing-Chi Cheung¹, Dickson K. W. Chiu² and Cedric Ho³

Department of Computer Science and Engineering, Hong Kong University of Science and Technology,
¹ scc@cs.ust.hk,
² Dickson Computer Systems, Kowloon, Hong Kong dicksonchiu@ieee.org
³ cedric.ho@gmail.com

Abstract

Digital watermarking is a promising technology to embed information as unperceivable signáis in digital contents. Various watermarking techniques have been proposed to protect copyrights of multimedia digital contents over Internet trading so that ownership of the contents can be determined in subsequent copyrights disputes. However, their applications in preventing unauthorized distribution of intelligence document have not been studied. In this paper, we propose a watermark-based document distribution protocol, which complements conventional cryptography-based access control schemes, to address the problem of tracing unauthorized distribution of sensitive intelligence documents. The reinforcement of document distribution policies requires a concrete support of non-repudiation in the distribution process. The distribution protocol is adapted from our previous work on the watermarking infrastructure for enterprise document management. It makes use of intelligence user certificates to embed the identity of the users into the intelligence documents to whom are distributed. In particular, keeping the identity secrecy between document providers and users (but yet traceable upon disputes) is a key contribution of this protocol in order to support for intelligence applications. We also outline an implementation of the distribution protocol and watermarking scheme employed.

Key words: Intelligence contení management, Multimedia contení security, Digiíal waíermarking, Documení disíribuíion protocol, Intelligence user certifícate.

1 Introduction

The enforcement of distribution policies for sensitive intelligence documents is important but difficult. Sensitive documents may be found left behind in conference rooms, common áreas, printing rooms, or public folders. Access control based on cryptography alone cannot address this problem. Once after obtaining access to a sensitive document may a person make unnecessary copies or handle it without care. A major challenge in the reinforcement of distribution policies for sensitive documents is the support of non-repudiation in the underlying process so that unauthorized copies of intelligence documents can be identified and traced back to their users. The reinforcement should also be applicable to both hard copies and soft copies of the documents. Conventional cryptographic schemes that cover only soft copies are inadequate to handle this requirement.

Digital watermarking is a promising technology employed by various digital rights management (DRM) systems to achieve rights management. It supports copyright information (such as the owner's identity, transaction dates, and serial numbers) to be embedded as unperceivable signáis into digital contents [1]. The signáis embedded can be perceivable or unperceivable to humans. In this paper, we focus on the application of invisible watermarking techniques for documents that are based on the imperfection of the human visión system. While visible watermarks should be perceptible enough to discourage theft but not perceptible enough to decrease the utility or appreciation of the document, invisible watermarks should be imperceptible. Furthermore, robust watermarking techniques [12], [14], [15] have been designed to resist tampering and support later extraction and detection of these watermark signáis. These signáis recoverthe rights information originally embedded in the document.

In this paper, we apply digital watermarking techniques for the distribution intelligence multimedia documents such as images and audios. In particular, we present a novel distribution protocol for such documents. The protocol is adapted from two pieces of previous work (Cheung & Chiu [3]; Memon & Wong [17]), which describes an enterprise document management system and a watermarking protocol for purchasing digital contents over the Internet, respectively. It introduces the concepts of intelligence user certificates and trusted authorities responsible to issue these certificates. Document users may use the intelligence user certificates obtained from a trusted authority to identify themselves in acquisitions of intelligence documents. The same intelligence user certifícate may be used in múltiple acquisitions. These watermarks, once inserted, are difficult to be removed from their watermarked documents without knowing the exact insertion parameters [7]. Watermarks can be preserved across media. For instance, a watermark embedded in a text document in its digital form can be detected in the hard copies of the digital document. If múltiple watermarks are applied to individual digital copies, watermarking may also be used to indícate the identity of the legitímate document user of each copy. This allows unauthorized copies to be traced back to the document user from which they originated and thereby deterring unauthorized distribution of sensitive documents. However, this alone cannot fu If ¡II the non-repudiation requirement in document distribution because these unauthorized copies may also origínate from the document providers. As such, the document distribution protocol should be able to distinguish the copies made by the document users from those made by intelligence document providers. In other words, the distribution protocol should be able to prevent document providers from making copies on behalf of document users. Further, the use of intelligence user certificates together with intermediaries in our protocol enforces the identity secrecy between document suppliers and users (but yet traceable upon disputes). This is a key contribution in order to support for intelligence applications.

This paper is organized as follows. Section 2 gives an overview of the watermarking and document distribution infrastructure. Section 3 gives an account of our protocol, which is followed by an implementation framework in Section 4. Section 5 discusses the advantages of our scheme and Section 6 concludes our work.

2 Background and Related Work

In this section, we present the basic principies of watermarking schemes and the advantages of our watermarking protocols, by comparing related work.

2.1 Principie of Watermarking Schemes

Watermarking schemes refer to the use of signal processing techniques to process watermarking signáis in a piece of digital document. Existing watermarking schemes generally involve two stages: watermark insertion and watermark detection as shown in Figure 1. Suppose we have a digital document X, a watermark W, and a permutation function a. A watermark insertion scheme / inserís a watermark Wto the document X, where:

If D does not require the original document X, the scheme is called oblivious watermarking [13]. There are two main scenarios where watermarking techniques are used for rightful ownerships. In the first scenario, the provider inserís a unique watermark into the document. If a copy is later found, the provider can prove its ownership by detecting its unique watermark from the document. In the second scenario, since the provider can insert different watermarks to the origin document for identifying each of its users, each copy can be distinguished and therefore traced.

2.2 Intelligence Document Distribution Infrastructure

We identify five distinguished roles in an intelligence document distribution infrastructure, namely, Document user, Document provider, Intelligence control certification authority, Judge, and Intermedian/, as shown in Figure 2. Document users are the ones who want to acquire some intelligence documents. Each copy of the intelligence document can be individually watermarked to identify its authorized user. Document providers are producers of these intelligence documents. Document providers employ their own, possibly proprietary, watermarking techniques to encode watermarks into intelligence documents before distributing them to document users. Intelligence control certification authorities are trusted parties that genérate intelligence user certifícate identifying document users. Judges are trusted parties to resolve allegations filed by document providers against document users. Based on the evidence submitted by the document provider, a judge will decide whefher the allegation is justified.

Intermediarles are third party agents between document users and providers; they know both the document providers and the users. Intermediates are only necessary in the cases where users and providers must remain anonymous to each other. Otherwise, if the user and provider know each other, the intermediaries can be bypassed. Intermediarles do not produce intelligence documents themselves and they do not need to be trusted.

In this paper, we are primarily interested in those intelligence documents with contení valúes that can be preserved only by duplicating the source documents. Examples of these documents are often multimedia in nature such as films, maps, photographs, and so on. This is because documents with contents that can be wholly presented by texts (such as financial market news) can also be reproduced by retyping the original document or applying optical character recognition (OCR) without losing the contení valúes.

Although various applicaíion of waíermarking schemes for íhe írading of digiíal coníenís have been síudied in íhe liíeraíure (such as [4], [10], [12], [14], [15], [17]), a comprehensive íreaímení of íhese five roles alíogeíher in íhe proposed intelligence document disíribuíion infrasírucíure has noí been síudied, in particular, regarding íhe issuance of intelligence user certifícates and íheir uíilizaíion in íhe conírol of intelligence documenís.

2.3 Watermarking Protocols

In general, waíermarking protocols govern íhe process of exchanging watermarks and waíermarked digiíal coníenís beíween a user and a provider (íradiíionally a buyer and a merchaní in coníenís írading over íhe Iníerneí). Such waíermarking protocols have been mainly deployed for complemeníing digiíal righís managemení. For example, Schneider & Cheng [21] ¡Ilústrate how contení-based digiíal signaíures can be applied for image auíheníicaíion, which relaíes ío íhe íracking of íhe documení provider. Wolf eí al. [24] presení a framework based on various digiíal waíermarking íechnologies for marking, searching, and reírieving mulíimedia files over íhe Iníerneí for íhe proíecíion of digiíal righís. Haríung & Ramme [11] discuss how such DRM approaches can be applied ío mobile commerce applicaíions. Nair eí al. [18] discuss some issues of DRM relaíed ío digiíal coníení redisíribuíion and propose a scheme ío address íhem after our iniíial aítempf [4].

Wiíh íhe advancemení of waíermarking research and increasing adopíions, various problems of attacks ío waíermarking proíocols are being discovered. A waíermarking proíocol generally comprises íhree major processes: waíermark generaíion, waíermark inseríion & disíribuíion, and dispute resoluíion. The waíermark generaíion process concerns íhe creaíion of a legiíimaíe waíermark íhaí can identify a buyer. The waíermark inseríion process concerns íhe inseríion of watermarks ío digiíal coníenís by a merchaní and íhe disíribuíion of waíermarked coníenís reliably ío buyers (some work separaíes waíermark inseríion and coníení disíribuíion inío íwo processes). The dispute resoluíion concerns íhe resoluíion of copyrighís upon íhe deíecíion of suspecíed copies. In connecíion ío íhese íhree major processes, laíesí researches on waíermarking proíocol generally address íhe six issues as íabulaíed in Table 1. Regarding íhe issues (b) ío (f), differení work makes differení assumpíions on íhe degree of írusís.

The íechnical research issues in íhe proíecíion of waíermark secrecy in íhe process of waíermark generaíion are similar ío íhose occur in íhe public key infrasírucíure. As such, mosí exisíing works on waíermarking proíocols do noí expliciíly address íhaí issue. Memon & Wong [17] and Cheung & Curreem [4] address íhe issue by requiring íhe buyers ío presení a valid public key on requesíing a írusíed certification authority for a legiíimaíe waíermark. Issue (b) is addressed by mosí exisíing waíermarking proíocols in íhe way íhaí buyers are noí írusíed ío provide a legiíimaíe waíermark. To resolve íhis issue, mosí proíocols require intermediaries ío be responsible for íhe waíermark generaíion, while our proíocol does noí require íhis.

Several studies attempt the problem that contení merchants may not be trusted in the process of watermark insertion, Le., the issue (c) in Table 1. Qiao and Nahrstedt [19] suggest iwo ways to tackle the problem. One is to introduce a trusted third party (TTP). The merchant first sends the original contení to íhe TTP, íhe coníení is encrypíed wiíh a symmeíric key sysíem. Then íhe waíermark is generaíed ai íhe TTP and inseríed ío íhe original coníení. Finally, íhe waíermarked coníení is delivered ío íhe buyer íhrough a secured channel beíween íhe TTP and íhe buyer. Anoíher alíernaíive is ío use crypíographic proíocols beíween merchanís and buyers. The merchaní uses íhe buyer's unique ideníificaíion ceríificaíe (a random bií sequence) ío generaíe íhe waíermark. This ideníificaíion ceríificaíe is generaíed by íhe buyer using íhe síandard DES (Daía Encrypíion Síandard) algoriíhm [22] and coníains an encrypíed copy of íhe seed information privaíely agreed beíween íhe buyer and íhe merchaní. The encrypíion key of íhe ideníificaíion ceríificaíe is known only ío íhe buyer. This proíocol prevenís merchanís ío generaíe ideníificaíion ceríificaíes wiíhouí buyers' involvemení. However, ií síill relies on íhe honesíy of íhe merchanís noí ío abuse íhe ideníificaíion ceríificaíes and noí ío disseminaíe íhem ío oíher parties. Jun eí al. [12] propose anoíher waíermarking proíocol for digiíal coníenís copyrighí proíecíion. Like íhe approach by Qiao and Nahrsiedi [19], ií assumes a írusíed third party called monitoring service merchant (MSP) ío mainíain all íhe inseríed waíermarks.

Regarding íhe dispuíe resoluíion phase, mosí waíermarking proíocols require coníenís and sensiíive informaíion ío be revealed ío a íhird party, commonly referred to as a judge, for verificaíion. If íhe judge cannoí be írusíed, problems will arise as a waíermark can be removed easily when ií is known. To address íhe issue (f) in Table 1, Gopalakrishnan et al. [10] suggesíed a proíocol íhaí need noí reveal waíermarks ío a judge in íhe dispuíe resoluíion phase. Buí íhere is a disadvaníage wiíh íhis scheme. The verificaíion procedure is expensive and complicaíed. Amongsí all íhe waíermarking proíocols, íhe Buyer-Seller Waíermarking Proíocol (Memon & Wong [17]) offers íhe highesí proíecíion ío buyers in íhe sense íhaí ií resíricís a piece of waíermarked coníení ío be used only by iís buyers. Ií addresses íhe issue (c) in Table 1 where uneíhical merchanís can frame buyers. For insíance, a merchaní mighí reproduce a copy of waíermarked coníení íhaí was acquired by a buyer, disíribuíe ií illegally, and subsequeníly sue íhe buyer for compensaíion.

Alíhough exisíing waíermarking proíocols for mulíimedia coníení írading may be deployed in íhe disíribuíion of iníelligence documenís by mapping coníení buyers ío documení users and coníení merchanís ío documení providers, such deploymenís eiíher ignore íhe iníeresís of documení users (in particular, íhe secrecy of waíermarks in íhe process of waíermark insertion and disíribuíion) or do noí address íhe disíinguished roles of iníermediaries and documení providers. Proíocols in íhe former caíegory are unappealing ío documení users since íhese documení users may noí írusí iníermediaries or documení providers noí ío abuse íheir waíermarks. Proíocols in íhe laííer caíegory are unlikely ío be adopíed by documení providers, which may noí have full írusís in íhe iníermediaries. This is because íhe issue íhaí iníermediaries may exploií documení providers has noí been addressed. For insíance, íhe proíocol proposed by Memon and Wong [17] has noí addressed íhe scenario where a buyer may coníací a merchaní íhrough an iníermediary. Thus, a user could obíain an unauíhorized copy of digiíal coníenís if an uneíhical iníermediary agrees ío cheaí íhe provider wiíh an encrypíed waíermark of anoíher user. This problem can be preveníed wiíh íhe use of iníelligence user ceríificaíes iníroduced in íhis paper.

3 A Distribution Protocol for Intelligence Documents

Our disíribuíion proíocol consisís of íhree processes: (i) generaíion of waíermarks and iníelligence user ceríificaíes, (ii) acquisiíion of waíermarked iníelligence documenís, and (iii) resoluíion of policy violaíion. The processes and íhe daía relaíions involved will be diagrammaíically specified in íhe Unified Modeling Language (UML) [16], which is a well defined modeling language widely used for specifying, consírucíing, and documeníing software systems. To support flexible eníerprise documení managemení policies, our disíribuíion proíocol is designed ío address íhe following íwo issues.

• Maintenance of watermark secrecy: The secrecy of documení users' waíermarks musí be mainíained because íhese waíermarks ideníify documení users. This issue is particularly importaní in íhe processes of documení disíribuíion where a party can be ai íhe same íime a documení provider and a documení user. Waíermarks musí noí be released ío documení providers. In our proíocol, a documení user does not need ío reléase his/her waíermark ío any parties after acquisiíion of íhe legiíimaíe waíermark.

• Prevention of Trojan horse attacks: A documení user cannoí use íhe iníelligence user ceríificaíe of anoíher userío obíain a waíermarked documení.

The documení disíribuíion proíocol comprises íhree major processes: iníelligence user ceríificaíe generaíion, iníelligence documení acquisiíion, policy violaíion resoluíion. The iníelligence user ceríificaíe generaíion process concerns íhe creaíion of a regisíraíion ceríificaíion, which embeds an encrypíed versión of a legiíimaíe waíermark íhaí ideníifies a documení user. The waíermarked documení creaíion process governs íhe creaíion of waíermarked documenís and íheir reliable disíribuíions ío documení users. The policy violaíion resoluíion process focuses on íhe collecíion of evidence and jusíificaíion of a policy violaíion allegaíion againsí a documení user.

3.1 Generation of an Intelligence User Certifícate

Figure 3 and Figure 4 present the process of acquiring an intelligence user certifícate and the associated data relations, respectively. Before applying for an intelligence user certifícate, a document user should have obtained a valid Public Key Infrastructure (PKI) Certifícate, which contains a public key to be used in the purchase of digital contents. A legitímate certifícate must be issued by a trusted PKI Certification Authority.

When the document user wants to acquire a watermark for accessing a document, he/she attaches his/her PKI certifícate in an intelligence user certifícate request and submits it to a trusted intelligence control certification authority. Like a PKI certification authority, an intelligence control certification authority is a third party trusted by document users, document producers, intermediaries, and judges. In response to the intelligence user certifícate request, the intelligence control certification authority generates a legitímate watermark (W) and prepares an intelligence user certifícate containing an encrypted copy By Ek{W), we mean:

The document user can verify the encrypted watermark, if necessary, using his/her private key and the received watermark. The watermark (W) uniquely identifies the document user. Like PKI private key, the watermark (W) is to be kept confidentially. Only the encrypted copy (E_K{W)) is used in the subsequent acquisition of intelligence documents in order to protect the secrecy of the user's watermark. The Intelligence control certification authority signs the intelligence user certifícate to ensure the watermark validity of a document provider, while keeping the watermark private to the document user. In addition, this allows the document provider to verify the consistency between Ek{W) and K.

3.2 Acquisition of Intelligence Documents

Figure 5 and Figure 6 present the process of acquiring an intelligence document and the associated data relations, respectively. In this process, a document user places a request containing his/her intelligence user certifícate (lUCert) to an intermediary that knows where to find a provider of the requested document. The intermediary then forwards the lUCert to the corresponding document provider. The provider retrieves the encrypted watermark (Ek(W)) and the user's public key (K) from the lUCert and verifies their consistency based on the digital signature SigniccñilUCert) by the intelligence control certification authority. If the verification succeeds, the document provider generates a unique identifier (V) and prepares a hashed valué H(a) of a selected permutation function a using an one way hash function, such as MD5 (RSA ¡Error! No se encuentra el origen de la referencia.). The permutation is to increase the watermark robustness so that the watermarked intelligence documents can better resist tampering. Further details of the permutation function will be discussed in Section 4.

The hashed valué is then signed with the private key of the user to produce Sign(H(a)). The private key used must match the public key (K) in the intelligence user certifícate. It can be readily checked by using the user's public key after receiving Sign(H(a)). This procedure allows the userto acknowledge the permutation function to be used in the subsequent watermark insertion process. After receiving the signed hashed valué Sign(H(a)), the document provider validates the signature using K. If the validation succeeds, the request details and the signed hashed valué are recorded to a datábase; otherwise the request is aborted. To facilítate the detection of access right violation, the document X is watermarked with the unique identifier V. The document X is then encrypted to E_K{X) using the public key K. The provider also permutes the encrypted watermark Ek(W) with the function a, resulting in o(Ek(W)). Since Ek{W) is a vector in the form of {Ek(wi), Ek{w2), ..., Ed,Wm)}, the resultant valué gives the encrypted permutated watermark Ek{oW). The provider then inserís the permutated watermark Ek{cM/) into the encrypted document Ek{X') using a non-invertible watermarking technique, resulting in Ek{X®oW). Here, we make use of a public key cryptosystem that exhibits prívacy homomorphism with respect to the watermark insertion operator ©, that means,

For example, the well known RSA ¡Error! No se encuentra el origen de la referencia, public key cryptosystem is one of those that exhibit privacy homomorphism with respect to an addition operator.

The document provider delivers the encrypted watermarked document E_K{X®cM/) to the intermediary. Alternatively, the document provider may deliver an URL at which the document user may retrieve the encrypted watermarked document Ek(X'®oW); this saves the communication overhead of delivering the document through the intermedíate intermediary. Now, only the document user can recover the plain document (X'®oW) using his/her private key. As

such, the document user is Hable to unauthorized distribution of the document {X®oW). The mechanism ensures only the document user to whom the watermark identifies can recover the document. As the intermediary does not know the document user's watermark and the recovered watermarked document, both the interests of document users and providers can be protected.

The assumption for a watermark generation algorithm that supports an insertion function X=l(X,W,o), a detection function D(X',X,W,a), and a privacy homomorphism are commonly supported by most watermark generation algorithms. The specific implementation of / and D does not affect the applicability of our protocol and therefore is not the focus of this paper. As such, the protocol can be used with most existing watermark generation algorithms.

3.3 Resolution of Policy Violation

Figure 7 presents the protocol for the policy violation resolution process. When an unauthorized copy of document, say X", is found, the affected document provider can extract the unique request identifier Vencoded in X". Based on the corresponding request record in its authorization datábase, the document provider retrieves the permutation function o, its signed hashed valué Sign(H(d)), and the intelligence user certificate containing Ek{W) and K The document provider submits these evidences to a judge for an allegation made against a user. In our approach, the judge can carry out the verification directly without the need of approaching the suspected document user for the watermark. This is a desirable feature because the document user might either provide a wrong watermark or have lost the watermark upon the allegation. In our protocol, if the watermark E_K{cM/) can be detected in the encrypted versión of unauthorized copy Ek{X"), the suspected document user is concluded guilty; otherwise innocent.

4 Implementation Framework

In this section, we present a case study based on our implementation framework to demónstrate the functionality and practicability.

4.1 System Architecture

Figure 8 outlines the system architecture of an intelligence document distribution infrastructure centered on intermediaries. An intermediary needs to have a full-scale intelligence document management system, while document users or providers may rely on that of an intermediary. The main components of the management system are as follows.

1. The front end application is tightly coupled with an access control layer for authentication and control of document users and providers.

2. The agencies / role manager maintains the information of the document users and providers in strict confidentiality. The roles captured the capability and authorization about which kind of documents they can use or provide.

3. The document tracker keeps track of all the document request and provisión, validating the authorization.

4. The watermark engine processes watermark insertion and extraction. In case a document provider cannot process watermark, it may fall back to use the facility provided by the intermediary.

5. The document repository and datábase collectively serve as a backend to store all the above information, documents, and logs for non-repudiation purposes.

Furthermore, this architecture supports múltiple tiers of intermediarles in an intelligence distribution network, which is an additional advantage. Instead of directly obtaining a document from a document provider, an intermediary can indirectly contact another capable intermediary for intelligence documents.

4.2 Structure of Intelligence User Certifícate

Figure 9 depicts the structure of an intelligence user certifícate. To support future extensions, each certifícate carries a versión number indicating its format. The intelligence user certifícate serial number, assigned by the intelligence control certification authority, uniquely identifies each certifícate. The signature algonthm identifier denotes the algorithm (say, md5RSA) used by the authority to sign this certifícate. Fields are also contained in a certifícate to indícate its issuer, owner, and effective period. The issuer of a certifícate must be a trusted intelligence control certification authority. The role field specifies the role to be played by the owner of this certifícate. Examples of role are individual, organization, and group. The role is used by document providers to define various policies. Each certifícate carries the public key of its owner, with which the certification authority encrypt the watermarks embedded in a certifícate. This facilitates the verification of subject's identity against an encrypted watermark. Note that a document provider will permute the encrypted watermark before inserting it to a piece of digital contení. The watermarking scheme identifier specifies the scheme to which the watermark is applicable. The encrypted watermark contains an encrypted valué of each component of the watermark that the certification authority has issued to the owner of this certifícate.

Our prototype uses a Spread-Spectrum watermarkingscheme based on the one proposed by Cox et al. [7]. Other linear watermarking scheme can be used in the protocol as long as the watermark can be inserted in the encrypted domain, where digital documents are encrypted by public keys. The watermark consists of a set of 1,000 independent real numbers W = {wi, w^..., w₁₀oo}- The choice of the valué 1,000 is arbitrary; we may use a smaller number for watermark generation. Each of these real numbers is drawn from a Gaussian distribution using a pseudorandom number generator with a zero mean and a variance of 1.

where • and * denotes the dot product operator and real number multiplication operator, respectively.

Figure 10 shows our correlation result when the original watermark is compared with other 999 randomly generated watermarks. The spike in the graph represents the correlation of the original's watermark. We set our correlation threshold to 0.4 (tested out by experiment) to distinguish between a genuine watermark from a fake one.

Next, we demónstrate our application of the RSA cryptosystem [51] for encryption in our protocol. In the encryption process, for a datum x and a public key a, the encrypted datum y is computed as:

4.4 Permutation function

During the watermark insertion phrase, the provider has to permute the document user's encrypted watermark. We implemented this function (a) by randomly swapping the 1000 watermark coefficient. The following code snippet illustrates howthis can be done in the C programming language:

The VLONG structure can hold an integer of any size and seed represents the seed number used for random number generator. The providerwill compile this code into an object code. Togetherwith the random seed used, the provider will applied SHA-1 [22] to the object code to genérate a message digest H(ct). This message digest is put on the provider's site and must be downloaded by the document user beforehand. Then, the document user can sign this message digest Sign(H(a)).

5 Discussions

Watermark robustness is a key topic studied in the discipline of signal processing. Robustness refers to the ability to detect the watermark from a watermarked copy after common signal processing operations that do not destruct the contents. Various robust watermarking schemes (see section 2.3) have recently been proposed to survive different kinds of attacks, such as the insertion of malicious watermarks, spatial filtering, band-pass filtering, lossy compression, printing and scanning, re-sampling and noise addition, etc.

The scheme described in this paper supports watermark privacy so that one need not reléase the watermark obtained from an intelligence control certification authority. This is analogous to the privacy of private key in the Public Key Infrastructure. In the proposed scheme, each page of the textual documents is treated as an image in orderto leverage on the existing robust watermarking techniques for images.

The proposed scheme is primarily aimed at improving privacy and confidentiality of the originators, namely the document providers. It allows a document provider to reléase its documents only to users who agree to be Hable to the distribution of the acquired copies. If a user wishes to legitimately pass the document to another one, the approval from the original document providers must be sought so that another watermarked copy can then generated by the document providers and distributed to the target users. Note that this watermarked copy is encrypted using the target user's public key and therefore could only be opened by the target user. The issue of the providers' privacy has been further enforced throughout the distribution process because of the separation between the intermediary and the document provider. The scheme can complement conventional access control policy by providing traceability to the distribution to both hard and soft copies of documents.

5.1 Access Policy Model

We employ a role-based [3] access policy model augmented with an access management mechanism similar to that of the Structured Query Language (SQL) [9] in databases, as depicted in Figure 11.

A work unit may consist of múltiple member work units down to the level a document user. A work unit, being a document user, may play one or more roles depending on its Job function, seniority, group memberships, affiliations, etc. Access rights acquired by a work unit are automatically inherited by its members.

Note that a work unit may, at the same time, be a document provider of some documents and a document user of other documents. The document provider sets an initial access policy by granting access rights to roles, which are played by document users. A grantor who grants an access right may revoke it. Access rights may have the following attributes: expiry time and grant option. When an expiry time is specified, the affected document users will no longer have access rights to them after expiry. The artifact of grant option allows a document user of a document to be its access rights grantor. A document user, who is granted with a grant option, has the privilege in granting it further to other roles. If this happens, the system informs the provider of the document and its document users in the granting chain, so that the involved grantors in the chain may revise the access policy in case of undesirable access. The privilege of grant option expires upon the expiry or revocation of the granted access rights. We employ cascade semantics on access rights revocation (as in SQL). Suppose a grantor A grants rights to 6 with grant option and 6 grants it further to C. The revocation of the rights by A from 6 will forcé the revocation of the corresponding rights acquired by C from 6.

5.2 Tracing of Source of Document Leakage

This is one of the most important applications of the proposed distribution protocol, where the document providers cannot trust the distribution channel of their intelligence documents. The watermark inserted at an intelligence document can identify the user responsible forthe document. Thus, a document user musttake uttermost care of the confidentiality of the document. Otherwise, a betraying or careless user leaking the document to an unauthorized party can also be traced by means of the watermark attached in the leaked document and be subsequently made responsible for policy violation. If the users are warned beforehand about the watermark, this keeps them alert to the enforcement of document confidentiality. Intelligence documents in this category may also be extended to other application such as inspection films prepared by film producers, audio clips used in public examinations, headline TV news, and so on.

On the other hand, another usage of documents with hidden watermarked carrying personal identification is to trace the route of unauthorized leakage or spies. In this case, the documents users, of course, are not told about this fact in order to be effective.

5.3 The Role of an Intermediary in our Infrastructure

Since each watermarked document is encrypted using its user's public key, the document may not be decrypted by parties other than the document user itself. Similarly, a document provider only needs to trust the intelligence user certifícate issued by a trusted intelligence control certifícation authority. Since the certifícate is digitally signed by the certificaron authority, integrity of the certifícate is guaranteed. Note that, an intermediary cannot imitate a user to successfully request an intelligence document. The proposed protocol mandates the document provider to ask the user to digitally sign the message digest of a permutation function before document distribution. This assures that the request is made by the document user.

An important role of an intermediary in our infrastructure is to decouple document users from document providers. This allows both parties remain highly anonymous to each other. Here, the PKI certificaron authority concerned is trusted not to reveal the owner's identity of public keys. As such, document providers could not identify the owners from their public keys in the intelligence user certificates. To strengthen protection of intelligence agents, the protocol is so designed that document users cannot tell if their contact parties are intermediarles or document providers. Similarly, document providers cannot differentiate document users from intermediaries. There can also be múltiple tiers of intermediaries. In other words, an intermediary may acquire an intelligence document through another intermediary.

With the support of contemporary and upcoming mobile technologies, document users and providers can have ubiquitous support from intermediaries, which is especially invaluable in this kind of applications. On the other hand, if the document user and provider know each other, the intermediaries can be bypassed. This becomes a special case of the protocol and the does not affect its integrity.

6 Conclusions

In this paper, a novel document distribution protocol has been proposed to address a problem in an intelligence distribution network so that document management policies can be properly reinforced. The protocol provides a concrete support for non-repudiation in the document distribution processes. It allows the document user, who has made each document copy, to be uniquely identified and accountable, and thus the route of document leakages can be identified. The support of non-repudiation in fact reduced to the requirement of the absence of mutual trusts between document users and document providers. To realize the protocol, we have also outlined a possible implementation centered on intermediarles, which can isolate document users and providers. Further, we have discussed howthe protocol is designed to address two important issues: the maintenance of watermark secrecy and the prevention of Trojan horse attacks. In particular, the use of intelligence user certificates together with intermediarles in our protocol help maintain the identity secrecy between document suppliers and users (but yet traceable upon disputes). This is a key contribution to support for intelligence applications.

Besides implementing a prototype for this infrastructure, we are looking into issues of integrating this watermarking protocol into our ADOME workflow management system [6] for intelligence document workflow applications. On the other hand, we are investigating various types of security policies that can be integrated to our document watermarking protocol.

Acknowledgments

We thank Hanif Curreem for his assistance in the prototype implementation of the proposed document distribution protocol. The research work is partially supported by the Hong Kong Research Grant Council (Grant ref. DAG03/04.EG27).

References

[1] H. Berghel, Watermarking Cyberspace, Communications of the ACM, vol. 40, no. 11, pp. 19-24, 1997.        [ Links ]

[2] J. Bustos and K. Watson, Beginning .Net Web Services using C#, Birmingham, UK: Wrox Press Ltd., 2002.        [ Links ]

[3] S. C. Cheung and D. K. W Chiu, A watermarking infrastructure for enterprise document management, in Proceedings of the 36th Hawaii International Conference on System Sciences (HICSS-36), CDROM, IEEE Press, Big Island, Hawaii, 2003, 10 pages.         [ Links ]

[4] S. C. Cheung and H. Currem, Rights protection for digital contents redistribution over the Internet, in Proceedings ofthe 26^th Annual International Computer and Applications Conference (COMPSAC 2002), Oxford, August2002, pp. 105-110.         [ Links ]

[5] D. K. W. Chiu, Q. Li, and K. Karlapalem, A meta modeling approach for process management system supporting exception handling, Information Systems, vol. 24, no. 2, pp. 159-184.         [ Links ]

[6] D. K. W Chiu, Q. Li. and K. Karlapalem, Web interface-driven cooperative exception handling in ADOME process management system, Information Systems, vol. 26, no. 2, pp. 93-120.         [ Links ]

[7] I. J. Cox, J. Kilian, F. T. Leighton, and T. Shamoon, Secure spread spectrum watermarking for multimedia, IEEE Transactions on Image Processing, vol. 6, no. 12, pp. 1673-1687, 1997.         [ Links ]

[8] S. Craver, N. Memon, B. L . Yeo, and M. M. Yeung, Resolving rightful ownerships with invisible watermarking techniques: limitations, attacks and implications, IEEE Journal on Selected Áreas in Communications, vol. 16, no. 4, pp. 573-586, 1998.         [ Links ]

[9] R. A. Elmasri and S. B. Navathe, Fundamentáis of Datábase Systems, Bostón: Addison-Wesley, 5th edition, 2007.        [ Links ]

[10] K. Gopalakrishnan, N. D. Memon, and P. Vora, Protocols for watermark verification, IEEE Multimedia, vol. 8, no. 4, pp. 66-70.        [ Links ]

[11] F. Hartung and F. Ramme, Digital rights management and watermarking of multimedia contení for m-commerce applications, IEEE Communications Magazine, vol. 38, no. 11, pp. 78-84, 2000.        [ Links ]

[12] J. M. Jun, B. M. Lee, K. K. Kim, and D. H. Won, Digital watermarking and practical distribution protocol for digital contents copyright protection, in Proceedings ofthe WISA2000, Seoul, Korea, 2000, pp. 251-264.         [ Links ]

[13] S. Katzenbeisser and F. A. P. Petitcolas, Information Hiding Techniques for Steganography and Digital watermarking, Norwood, MA: Artech House, 2000.         [ Links ]

[14] D. Kirovski and H. Malvar, Robust Spread-spectrum audio watermarking, in Proceedings of IEEE International Conference on Acoustics, Speech, and Signal Processing, Salt Lake City, UT, 2001, pp. 1345-1348.        [ Links ]

[15] J. S. H. Kwok, S. C. Cheung, K. C. Wong, K. F. Tsang, S. M. Lui, and K. Y. Tam, Integration of Digital Rights Management into Internet Open Trading Protocol (IOTP), Decisión Support Systems, vol. 34, no. 4, pp. 413-425, 2003.        [ Links ]

[16] C. Larman, Applying UMLand Patterns, Upper RiverSaddle, NJ: Prentice Hall, 1997.         [ Links ]

[17] N. Memon and P. W. Wong, A document user-seller watermarking protocol, IEEE Transactions on Image Processing, vol. 10, no. 4, pp. 643-649, 2001.        [ Links ]

[18] S. K. Nair, B. C. Popescu, C. Gamage, B. Crispo, and A. S. Tanenbaum, Enabling DRM-preserving digital contení redistribuíion, in Proceedings of íhe Seveníh IEEE Iníernaíional Conference on E-Commerce Technology (CEC05), Munich, Germany, 2005, pp. 151-158.        [ Links ]

[19] L. Qiao and K. Nahrsíedí, Wafermarking schemes and protocols for protecting rightful ownership and customer's rights, Journal of Visual Communication and Image Representaron, vol. 9, no. 3, pp. 194-210, 1998.         [ Links ]

[20] R. A. Mollin, RSAand Public-Key Cryptography, Boca Ratón: Chapman & Hall/CRC, 2002.         [ Links ]

[21 ] M. Schneider and S.-F Chang, A robust contení based digital signaíure for image auíheníicaíion, in Proceedings of íhe Iníernaíional Conference on Image Processing 1996, vol. 3, pp. 227-230, 1996.        [ Links ]

[22] W Síallings, Cryptography and Neíwork Securiíy, Principies and Pracíice, 4^th ediíion, Upper River Saddle, NJ: Preníice Hall, 2006.         [ Links ]

[23] J. Su, F. Hartung, and B. Girod, Digital watermarking of text, image and video documenís, compuíers and 117 Shing-Chi Cheung Dickson K.W. Chiu Cedric Ho graphics, vol. 22, no. 6, pp. 687-695, 1998.

[24] P. Wolf, M. Steinebach, and K. Diener, Complementing DRM with digital watermarking: mark, search, retrieve, Online Information Review, vol. 31, no. 1, pp. 10-21, 2007.        [ Links ]

Received 10 April 2008; received in revised form 6 September 2008; accepted 6 October 2008.