This paper examines the architecture of present day systems and shows that they are not trustworthy enough to support certain DRM features/restrictions, even when the DRM delivery system exclusively utilizes signed and protected operating system components. This weakness was discovered while creating a technique for remote transfer of audio streams generated by a Virtual Machine Monitor (VMM), to achieve network transparency for audio devices. The technique is based on the implementation of hosted I/O VMMs that intercept device I/O instructions executed by a "guest" O/S and emulate them through system calls processed by device drivers of a "host" O/S. The design consists of a virtual audio device driver that forwards sound streams to a user-level network server. Because (1) the virtual device intercepts audio data in an unprotected format (WAV), regardless of which application and file format are in use by the guest O/S, (2) modern virtual machine-based systems already achieve performance levels that allow for real-time audio playback, the playback only model of service/restriction imposed by some content delivery businesses is rendered ineffective by this technique. It enables Fair Use of DRM enabled media by allowing the user to make a copy of legally purchased audio media and time-shifting of Internet Radio stations. Experiments have shown that audibly perfect copies of media played by a VM "guest" can be made in PCM/WAV format, even though DRM-enabling features are present in the "guest" O/S drivers and media players. This paper also draws attention to the fact that the VM should be considered while designing the security and DRM capabilities in future general-purpose systems since a device driver in between the VMM and the host O/S has the potential of being an eavesdropper and a malicious end user.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Secure audio path. http://msdn.microsoft.com/library/default.asp?url=/library/enus/wmrm10/htm/wmrm_sdk_guide_ncbj.asp.
	2	Total recorder. http://www.highcriteria.com.
	3	Michael Kozuch , M. Satyanarayanan, Internet Suspend/Resume, Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications, p.40, June 20-21, 2002
	4	ALSA. Advanced Linux Sound Architecture. http://www.alsa-project.org.
	5	Mark Boyns. rplay. http://rplay.doit.org/, 1999.
	6	Microsoft Corporation. Digital rights management for audio drivers, December 2001.
	7	R. J. Creasy. The Origin of the VM/370 Time-Sharing System. IBM Journal of Resarch and Development, 25(5):pp 483--490, 1981.
	8	Cynthia Dwork, Andrew Goldberg, and Moni Naor. On Memory-Bound Functions for Fighting Spam. Proceedings of Crypto 03, 2729:426--444, August 2003.
	9	Robert P. Goldberg. Survey of Virtual Machine Research. IEEE Computer Magazine, 7(6):34--45, 1974.
	10	Rick Kennel and Leah H Jamieson. Establishing the genuity of remote computer systems. In Proceedings of the 12th USENIX Security Symposium, pages 295--310, August 2003.
	11	Thomas M. Levergood, Andrew C. Payne, James Gettys, G. Winfield Treese, and Lawrence C. Stewart. Audiofile: A Network-Transparent System for Distributed Audio Applications. Proceedings of the USENIX Summer Conference, pages 219--236, June 1993.
	12	Qiong Liu , Reihaneh Safavi-Naini , Nicholas Paul Sheppard, Digital rights management for content distribution, Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003, p.49-58, February 01, 2003, Adelaide, Australia
	13	Microsoft. Security Model for the Next-Generation Secure Computing Base. Windows Platform Design Notes, 2003.
	14	Microsoft. NGSCB: Trusted Computing Base and Software Authentication. Windows Platform Design Notes, 2003.
	15	Gerald J. Popek , Robert P. Goldberg, Formal requirements for virtualizable third generation architectures, Communications of the ACM, v.17 n.7, p.412-421, July 1974  [doi>10.1145/361011.361073]
	16	Tristan Richardson , Quentin Stafford-Fraser , Kenneth R. Wood , Andy Hopper, Virtual Network Computing, IEEE Internet Computing, v.2 n.1, p.33-38, January 1998  [doi>10.1109/4236.656066]
	17	Ahmad-Reza Sadeghi and Christian Stüuble. Bridging the Gap between TCPA/Palladium and Personal Security. Technical report, Saarland University, 2003.
	18	Pamela Samuelson. Anticircumvention rules: Threat to science. 293 Science 2028, Sept 2001.
	19	Pamela Samuelson, DRM {and, or, vs.} the law, Communications of the ACM, v.46 n.4, April 2003  [doi>10.1145/641205.641229]
	20	Jeremy Sugerman , Ganesh Venkitachalam , Beng-Hong Lim, Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor, Proceedings of the General Track: 2002 USENIX Annual Technical Conference, p.1-14, June 25-30, 2001
	21	Jon Trulson. The Network Audio System. http://radscan.com/nas.html, 2002.
	22	Carl A. Waldspurger, Memory resource management in VMware ESX server, Proceedings of the 5th symposium on Operating systems design and implementation Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading , December 09-11, 2002, Boston, Massachusetts  [doi>10.1145/1060289.1060307]
	23	Pete Wyckoff. Audio Forwarder. http://www.osc.edu/~pw/afwd/, 2001.