Security
Annotated Bibliography - Security and Digital Content
Method and system for digital content security cooperation. (2013): USPTO Patent Applications. Web. 7 Nov. 2013.
This article discusses methods for working with digital content security cooperation’s. The article itself was rather confusing at times, as it described the methods. I'm not sure we would use the article.
Albrechtsen, E. (2007). A qualitative study of users' view on information security. Computers & Security, 26(4), 276-289.
This article discusses information security and how it is used by users. The article provides accounts based on interviews with users at an IT-company and a bank. The study finds several trends that show how users function in the security aspect of the digital world.
Albrechtsen, E., & Hovden, J. (2009). The information security digital divide between information security managers and users. Computers & Security, 28(6), 476-490.
This article discusses the divide between the views of digital managers and digital users. The views of these two groups differ along with the practices they use when dealing with digital security.
Azad, M.M., Ahmed, A.H.S., & Alam, A. (2010) Digital rights management. International Journal of Computer Science and Network Security, 10(11), 24-33.
The authors discuss digital rights management (DRM) and how unauthorized distribution of copyrighted digital media is easier. They discuss types of DRM, the formats it’s used on, for how long, and current (as of the writing) ramifications of its use. The authors provide some alternatives to DRM, but insist that some form of digital rights management is required.
Bide, M. (2004). Digital rights management: Preventing or enabling access? Serials, 17(2), 141-147.
Access to digital materials is becoming easier with the increase of digitally published materials. This paper explores the possibility that digital rights management (DRM) is crucial for controlling abuses instead of being a barrier to access. While DRM is an essential aspect of the digital world the author of this article that trust is another key aspect.
Bradley, R. (2005). Digital authenticity and integrity: Digital cultural heritage documents as research resources. Portal: Libraries and the Academy, 5(2), 165-175.
Bradley presents the results of a survey that identifies the methods used by cultural heritage institutions for securing digital content and guaranteeing the authenticity and integrity of that content. Digital repositories in the United States and Canada were selected for the survey from an initial list of institutions that was later refined based on criteria determined from the website of each institution. Institutions were asked if they used digital signatures, digital time-stamping, trusted systems, digital watermarks, or other techniques to ensure that researchers’ access authentic and reliable digital content. The organizations were also asked what security measures they used to secure content. The results of the survey indicate that ensuring the authenticity and integrity of digital content and the security of content was a low priority, with increasing access, long-term preservation, and ensuring appropriate use for digital content ranking above security as challenges facing digital repositories.
Breeding, M. (2013). The systems librarian: Digital archiving in the age of cloud computing. Computers in Libraries, 33(2), 22-26.
Breeding’s article focuses on the growing usage of cloud computing technologies as a potential solution for protecting digital content. The author discusses the basics of both local and cloud content security, with an emphasis on backups and disaster recovery. A combination of both cloud and local storage is recommended for personal content, while concerns such as scale and capacity, reliability, bandwidth and cost are considered for cloud computing at the institutional level. The use of cloud computing for long-term digital preservation is also examined through discussion of how institutions might implement cloud storage services, such Fedora Commons and DSpace, to develop preservation and security processes adhering to the OAIS reference model.
Colati, J. B., & Colati, G. C. (2009). A place for safekeeping: Ensuring responsibility, trust, and goodness in the Alliance Digital Repository. Library & Archival Security, 22(2), 141-155.
Colati and Colati’s article explains how the Colorado Alliance of Research Libraries developed a trustworthy and secure digital repository, the Alliance Digital Repository (ADR), by drawing from several foundational documents outlining the criteria for establishing trusted repositories. Using these guiding texts, the authors discuss guiding principles adopted by the ADR, such as trustworthiness, goodness, and responsibility, which can be interchanged with the ADR’s concept of security. These principles shape a framework not just for a secure repository, but also for digital object creation and long-term preservation. The strategies taken by the ADR for establishing a secure organization structure, strengthening infrastructure and ensuring financial security are also reviewed.
Copeland, A. J. (2011). Analysis of public library users' digital preservation practices. Journal Of The American Society For Information Science & Technology, 62(7), 1288-1300. doi:10.1002/asi.21553
This article was very well written and will seem useful for our project. The article stems from the perspective of library users, the patrons themselves. The article used interviews, among other techniques, to collect the data. The article discussed how patrons went about protecting their personal information. This article seems to be well versed in information from the perspective of public libraries and would be useful our project due to the fact it dealt with patrons and their perspective of digital preservation.
Desai, D. (2013). Beyond Location: Data Security in the 21st Century. Communications of the ACM, 56(1), 34-36.
This article discusses the competing ideas for data security between data protection regulators, businesses and the computer science communities. The author offers suggestions to offset regulatory laws and ways to join the communities in data security ideals.
Diehl, E. (2012). Securing digital video [electronic resource] : techniques for DRM and content protection / Eric Diehl. Heidelberg ; New York : Springer, c2012 (Norwood, Mass. : Books24x7.com [generator]).
This article provided a strong narration on working with and securing the content of digital video. It covered many types of issues, from cinema, to protection of pre-recorded information, to the current video ecosystem. This article provided many types of information which will be useful for our project.
Dixon, P. (2008). Ethical Issues Implicit in Library Authentication and Access Management: Risks and Best Practices. Journal Of Library Administration, 47(3/4), 141-162.
This paper focuses on the ethical implications of authentification and access management systems such as DRM within the library-patron relationship. More and more, authentification is moving towards digital authentification and it can sometimes pose privacy issues.
Dlamini, M., Eloff, J., & Eloff, M. (2009). Information security: The moving target. Computers & Security, 28(3/4), 189-198.
This paper discusses the evolution of digital security and the growth as technology changes. The paper discusses security issues that are commonly overlooked and looks to historical data for to see how it may continue to grow.
Einhorn, Michael A., and Bill Rosenblatt. Peer-to-peer networking and digital rights management: how market tools can solve copyright problems. Washington D.C.: Cato Institute, 2005. <http://object.cato.org/sites/cato.org/files/pubs/pdf/pa534.pdf>.
This study focuses on the relationship of peer-to-peer (P2P) and digital rights management (DRM). It argues that P2P and DRM can be complementary and are not inherently working against one another. If P2P and DRM are working together they can improve the current issues with copyrights.
Eschenfelder, K. R., & Agnew, G. (2010). Technologies employed to control access to or use of digital cultural collections: Controlled online collections. D-lib Magazine, 16, 1-2.
Eschenfelder’s article presents the findings of a survey exploring how U.S. cultural heritage institutions with controlled online collections employ technological tools to regulate patron access and use of digital content. Defined as “technological protection measures” (TPM), these tools include hardware or software systems that limit access and use to content, but unlike DRM these tools prohibit the use of content regardless of that content’s copyright status. Institutions were asked a set of questions about what protection features they use in various systems to control access or use and a series of questions about which tools they use within their controlled collections. Results of the survey demonstrate that institutions prefer to use long established systems and tools over newer technologies to create controlled online collections.
Eskicioglu, A., Town, J., & Delp, E.J. (2003). Security of digital entertainment content from creation to consumption. Signal Processing: Image Communication, 18(4), 237-262.
The authors explain how security is important to content creation, focusing on the means to do so in each step of the process, creation to consumption. They offer information on how content is represented digitally then provide the means on the different methods that secure the information, explaining physical means briefly before discussing digital methods in more detail. The authors explore the necessity of end-to-end security for digital content.
Fleischhauer, C. (2003). Chapter 17: Preservation, security, and digital content. Journal of Library Administration, 38(3-4), 141-147.
Fleischhauer’s article demonstrates the collaborative effort needed to secure and preserve digital content that is within the custody of an institution. In discussing digital preservation, the author addresses security as a key element and pairs it with the term trustworthiness to encompass all dimensions of safekeeping digital content. The author suggests that proper consideration of security will lead institutions to perform a list of other operational and administrative actions that will pilot an institution toward creating a trustworthy networked information system ideal for preservation. Five digital content preservation categories are identified, with two of them highlighted as critical to establishing a trustworthy networked information system.
Foroughi, A., Albin, M., & Gillard, S. (2002). Digital rights management: A delicate balance between protection and accessibility. Journal of Information Science, 28(5), 389-395.
The authors discuss digital rights management (DRM) and how security of digital content has been an issue in providing that information to consumers. They focus on how DRM needs to protect content but be flexible for the consumer and not prevent the end use from accessing content. It is noted that some don’t agree with DRM and don’t use it because the security alienates customers.
Fox, E., & ElSherbiny, N. (2011). Security and Digital Libraries. INTECH Open Access Publisher. Retrieved from http://cdn.intechopen.com/pdfs/14701/InTech-Security_and_digital_libraries.pdf
Fox and ElSherbiny’s article summarizes the security issues present in each of the six main concepts presented by the DELOS Reference Model, which include content, user, functionality, architecture, quality, and policy. For content, the authors explore the techniques provided by DRM, such as encryption, passwords, watermarking, digital signatures and fingerprints, copy detection systems, and payment systems. In addressing the user, they consider the various approaches for access control, including role-based, task-based, team-based, and content-based models. Discussion on digital library architecture focuses on the client-server, peer-to-peer, and distributed models. Finally, the sections on functionality, quality and policy briefly define each concept and touch on a few examples of security issues related to each. The 5S framework (Societies, Scenarios, Spaces, Structures, and Streams) is also demonstrated as a possible security measure for digital libraries and digital content.
Fox, R. (2006). Vandals at the gates. OCLC Systems & Services, 22(4), 249-255.
Fox’s article is designed as an introduction to the information security issues that exist within digital libraries and thereby inhibit the stewardship and safety of digital content. The author presents security as a serious challenge by explaining how intrusions from both illegal criminals and law enforcement agencies have put digital libraries in a balancing act between preserving and protecting digital content, patron records and electronic infrastructure from attack, while at the same time guarding the confidentiality of patrons. Fox suggests staff and user training on information security to ensure digital content is not put at risk and addresses concerns about making sure that authentication and authorization methods are properly planned out. He also emphasizes the importance of staying informed on the broader area of information technology so as to understand your institution’s vulnerabilities. This includes a discussion on understanding scripting languages and maintaining awareness of how criminals might infiltrate, manipulate or corrupt digital content via library web applications.
Gautam, V., Behera, P. K., & Singh, M. (2011). Issues of digital data security in library environment. International Journal of Information Dissemination and Technology, 1(4), 244-248.
This article provided a strong narrative of how digital data is secured within the library environment. The article discusses the importance of how to monitor and analyze security threats and keep information secure. This article would be a good reference for our group's theme because it deals directly with digital content security within a library environment.
Haouzia, A., & Noumeir, R. (2008). Methods for image authentication: A survey. Multimedia Tools and Applications, 39(1), 1-46.
Haouzia and Noumeir’s article surveys and compares the various approaches to protecting the authenticity of digital images. The authors describe the division between strict and selective image authentication and further refine their definition of authentication as tolerate of image processing operations. The techniques evaluated by the authors include conventional cryptography, fragile and semi-fragile watermarking and digital signatures. These methods are classified by the services they provide, which are mirrored by the authors’ essential requirements for an authentication system, including sensitivity, robustness, localization, recovery, security, portability and complexity. Different algorithms are used to compare the various methods.
Hawkins, D. T. (1998). Digital watermarking: intellectual property protection for the Internet? Online, 22(4), 91-93.
This paper discusses digital watermarking and its uses to protect electronic intellectual property on the internet. Advantages include copyright protection, the discovery of unauthorized reproduction of images, discouragement of potential pirates, and even generation of sales. Digital watermarks are compared and contrasted to paper watermarks.
Hombal, S., & Prasad, K. (2012). Digital copyright protection: Issues in the digital library environment. DESIDOC Journal of Library & Information Technology, 32(3), 233-239.
The authors posit that digital rights management (DRM) poses a threat to libraries looking to provide access to digital items. They explain the different issues DRM and its technology pose to libraries and offer open source alternatives. The note that libraries will need to understand the different rights to digital content and decide what’s best for their institution.
Huang, L., Chu, H., Lien, C., Hsiao, C., & Kao, T. (2009). Privacy preservation and information security protection for patients' portable electronic health records.(Report). Computers In Biology And Medicine, (9), 743. doi:10.1016/j.compbiomed.2009.06.004
This article covered the idea of patients having the ability to copy and keep their electronic health records through portable storage, which would incur new and often serious threats to the safety of their personal and private data. The article discusses a method that would ensure the safety of the patient's data. This article would be good to use because of its direct impact on the true and real issues of personal data security.
Iannella, R. (2001). Digital rights management (DRM) architectures. D-Lib Magazine, 7(6). Retrieved October 12, 2013, from http://dx.doi.org/10.1045/june2001-iannella
The author discusses the challenges digital rights management (DRM) poses for content and the state of those technologies and information architectures. The author discusses the benefits and weaknesses of two architectures designed to help with interoperability and openness yet still provide the security needed to protect digital content. The author thinks this is necessary due to the movement for DRM standardization.
Jahnke, T., & Seitz, J. (2005). Digital watermarking and its impact on intellectual property limitation for the digital age. Journal of Electronic Commerce in Organizations, 3(1), 72-82.
This paper deals with the basic ideas of digital watermarking. After a brief overview of commercial relevance of protection systems of digital media, the paper moves onto media protection and control mechanisms. Following this digital watermarking is explained. The paper finishes with problems and shortcomings of digital watermarking.
Krishna, A. K. (2004). Protection & security of your digital content with DRM. Aiim E-Doc, 18(4), 30-33.
This paper discusses the scope of DRM applications, standards, and deployments. Organizations have become vulnerable to the loss and/or theft of intellectual property due to the growing reliance on digital technology for conducting day-to-day business operations. This increase of security risks has led to the creation of digital rights management (DRM). DRM software allows an organization to control what a recipient can do after receiving the information through the network.
Kuzma, J. (2010). European digital libraries: Web security vulnerabilities. Library Hi Tech(28), 402-413.
This article discusses the security of European library websites and how it can be used to protect the information of its patrons.
Lim, K., & Lee, C. (2013). A framework for unified digital evidence management in security convergence. Electronic Commerce Research, 13(3), 379-398. doi:10.1007/s10660-013-9119-y
This article discusses how digital evidence management can be used within a security convergence. The article also works with the idea of storing digital content. This article could be good for our group, yet I think we can find a stronger one.
Liu, Q., Safavi-Naini, R., & Sheppard, N.P. (2003) Digital rights management for content distribution, Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003, p.49-58, February 01, 2003, Adelaide, Australia
The authors present the state of digital rights management (DRM), its legal issues, and deployment obstacles. The focus of DRM is to provide content security without blocking access to users with the proper authentication and to prevent the originators from losing control. They mention a variety of features that DRM uses to secure digital content and discuss some of the issues consumers have with DRM.
Miller, R. (2007). Plugging information leaks. EContent, 30(1), 26-30.
Miller’s article examines how institutions and commercial repositories might develop policies for content security and use technologies to routinely maintain those policies. The author suggests operator errors as a big issue regarding content security and identifies three main types of content leaks: unintentional or accidental, intentional, and malicious. A couple solutions are presented for preventing leaks and securing content, such as monitoring network traffic, but the author stresses that any solution is only as good as the policies that give it support. Proposed recommendations for developing a comprehensive security policy include drafting it in collaboration with multiple departments, keeping it simple so as to make it achievable, and refraining from making it too restrictive that it disrupts the information flow.
Moscon, V. (2011). Rights Expression Languages: DRM vs. Creative Commons. Italian Journal Of Library & Information Science, 2(1), 4593-1-4593-26.
Most sources discuss DRM but this one focuses on Creative Commons. Much like DRM, Creative Commons licenses are concerned with digital content and improve intellectual collaboration. Creative Commons is an “open” model of digital rights. It was created from ideas carried out by Free Software Foundation.
Natarajan, M., & Makhdumi, G. (2009). Safeguarding the digital contents: Digital watermarking. DESIDOC Journal of Library & Information Technology, 29(3), 29-35.
The authors research digital watermarking and how secure it makes digital content distribution. They present the needs, properties, aspects, and solutions for digital watermarking; how it can be applied to images and text; and attacks on the method. Watermarking relies on a secret key which allows the mark to be embedded in the content and provide security. Due to this security technology being new, there is a need to make sure that the methods don’t exclude the information wanted by the general public.
Poynder, R. (2002). Paying the Price for Security. Information Today, 19(2), 1.
The author of this article argues that while digital information may save costs for users the cost to secure this data is growing and may cost consumers more than expected.
Rhee, H.-S., Kim, C., & Ryu, Y. U. (2009). Self-efficacy in information security: Its influence on end users' information security practice behavior. Computers & Security, 28(8), 816-826.
This article discusses information security and its implementation by users. The authors argue that successful development of an information security plan relies on proper use by end-users. They provide suggestions for implementation security programs so that security can be efficient in its defense against threats.
Ring, S. (2012, June 18). What is Content Security?. EContent. Retrieved November 7, 2013, fromhttp://www.econtentmag.com/Articles/Resources/Defining-EContent/What-is-Content-Security-83244.htm
This site focuses on the role of digital rights management (DRM) and some of the downsides of using DRM. There is also a brief discussion of content security and DRM companies. While not an in-depth look into content security it does give a valuable introduction to the subject.
Ripley, M., Traw, C. S., Balogh, S., & Reed, M. (2002). Content Protection in the Digital Home. Intel Technology Journal, 6(4), 49-56.
This article was interesting in that it offered a framework for distributing digital data in a secure manner while in house. It discussed recordable content protection which will go well with our project, as well as transmission data protection. Both will go nicely for our project
Shoeb, M. Z. H. (2009). Access management for digital repository. DESIDOC Journal of Library and Information Technology, 29(4), 21-27.
Shoeb’s article defines the concept of access management as involving authentication and authorization, as well as permission operations, copyright policies and DRM as it applies to digital content and digital repositories in Bangladesh. To further explain the concept of authentication (validity of a user), the author considers the different types of user authentication, such as login ID and password-based access, IP authentication, web cookies, web proxy, challenge-response authentication, referring URL, and biometric technologies. Additionally, a range of solutions for authenticating digital content and managing secured digital communication are reviewed. User authorization (permission to access content) is presented as a more challenging process than authentication because it must address the varying degrees of responsibility assigned to each individual in a dynamic digital content environment. Almost a dozen conventional access control methods for managing authorization are briefly defined.
Shoeb, M. Z. H., & Sobhan , A. (2010). Authentication and authorization: Security issues for institutional digital repositories. Library Philosophy and Practice, NP.
This article discusses digital security in an academic setting. The authors provide insight into authentication issues along with using DRM.
Smallwood, R. (2005). DRM in ERM: know your rights provider. Econtent, 28(9), 34-41.
Enterprise content management (ECM) has not been meeting the needs for the growing digital landscape leading to software companies to develop and sell digital rights management (DRM) software, commonly called enterprise rights management (ERM). This paper discusses perspectives on the tools being used by the main players (like Adobe) to protect enterprise content.
Tabar, P. (2013). Protecting your digital assets. Long-Term Living: For The Continuing Care Professional, 62(5), 28-30.
This article discussed the proper use of digital asset security plans within a medical environment. The article suggests a to-do list which seemed to be fairly well laid out. This article would be interesting to use considering it has a to-do list which could help in our group's theme.
Tabitha, J., Nottingham, Q., & Byung, K. (2013). Determining the antecedents of digital security practices in the general public dimension. Information Technology & Management, 14(2), 69-89.
This paper details a study completed on the behavior of individuals security practices. The authors argue that our increased reliance on digital data requires more weight to be placed on security for that data.
Vidyadhar Bhatt, C. C. (2008). Is digital rights management an IPR?. DESIDOC Journal Of Library & Information Technology, 28(5), 39-42.
This paper discusses Digital Rights Management (DRM) and how it compares to paper management of intellectual property rights (IPR). Existing IPR laws were not sufficient for emerging digital technology and a new approach was needed. DRM is the solution for the management of digital content.
Vikrant, G., Behera, P. K., & Singh, M. (2011). Issues of digital data security in library environment. International Journal of Information Dissemination & Technology, 244-248.
This paper discusses digital data in a library environment and the importance of security in the digital age. The authors argue that less attention is given to security for digital content compared to the efforts made to create the digital content in general.
Walsh, J., American Library Association, C. L., & O. (1992). Rare and valuable government documents: A resource packet on identification, preservation, and security issues for government documents collections.
This article was excellent and should be used by our group. It covered a wide arrange of resources to identity rare documents and have information security. There was a part of the article which was devoted to the primary act of preservation. The article contained a vast amount of information which would be good for our group considering we are covering security and digital content.
Wolf, P., Steinebach, M., & Diener, K. (2007). Complementing DRM with digital watermarking: Mark, search, retrieve. Online Information Review, 31(1), 10-21.
The authors explain how digital watermarking can assist digital rights management (DRM) with digital content security. They note that watermarking, by itself, doesn’t actively prevent copyright violations. They find that adding watermarking to a DRM system, in particular a cryptographic system, will need to be modified to allow for a marking, searching, and retrieving workflow. The addition of watermarking can identify possible sources of illegal use.
Yagüe, M. I., Maña, A., López, J., Pimentel, E., & Troya, J. M. (2003). A secure solution for commercial digital libraries. Online Information Review, 27(3), 147-159.
The authors discuss the XML-based secure content distribution (XSCD) system and how it provides security for digital libraries. Security is very important in digital libraries since information is provided to many people and the formats of data presentation can differ. The authors work to show that XSCD is flexible and can be applied to a variety of complex environments.
Yong, J. J. (2011). Security and privacy preservation for mobile e-learning via digital identity attributes. Journal Of Universal Computer Science, 17(2), 296-310.
This paper dealt with the security of e-learning systems. The article presented a case where the relationship between security, privacy policies, and privacy technology. This article was well versed in recent research about e-learning technology but does not seem particularly relevant to our topic and I think we can find valuable resources from within this article for further consideration.
Zwollo, K. (2001) Digital document delivery and digital rights management. Information Services & Use, 21, 9-11.
The author looks at issues with the difficulties libraries face in providing digital content to their users and suggests using digital rights management (DRM). The use of DRM allows content owners to maintain control and determine who can use what or offer sample journal articles. They point out the benefits of DRM technologies for document delivery and briefly discuss the technology behind DRM security.
