Download - Introduction to Digital Rights Management

8/2/2019 Introduction to Digital Rights Management

1/60

InInIntttrrroooduduductctctionionion tttoooDDDigitaigitaigital Righl Righl RightststsMMManananageageagemememennnttt

Grace AgnewSURA/ViDe Digital Video Conference

March 2004


2/60

Digital Rights Management Definitions

IntellectualPropertyRights

DRM System

DRM Action

Essential DRMComponents

Right of ownership and control ofproducts of the creator s mind. WTO-supported

Digital application to apply andenforce organizational policies for theaccess and use of IP

Authorization decision based onintersection of attributes about user,content and usage

Directory Services supporting

authentication and authorization;Rights Expression; Rights

Enforcement


3/60

Essential DRM ComponentsDirectory Services:

Identity Management

Authentication

Authorization(Role-basedAccess Control)

Procedures for establishing and

maintaining identity including

format, database structure,

privacy and confidentiality

Determining that the user

requesting a service has the

required ( authentic ) identity

through a secured system

Determining that theauthenticated user possesses theauthorized role to access a serviceor object. (e.g. student registeredin History 101 )


4/60

Federated DRM

Community of Trust :

Common understanding. Shared agreement andenforcement among community members. Ex:Copyright

Trusted Systems

Standardized, shared technologies for establishingand enforcing DRM


5/60

Essential DRM Components

Identity Management:

Privacy:Whether the user s identity is exposed

Confidentiality:Whether the user s activities areexposed

Trust:Authenticates any entity in a rightstransaction rights holder, rights

requester and the content beingrequested.


6/60

Enabling Technology: Internet2 Shibboleth Project

Developing architectures, policy structures, practicaltechnologies, and an open source implementation tosupport inter-institutional sharing of web resourcessubject to access controls.

Source: Shibboleth Project:http://shibboleth.internet2.edu


7/60

Why Shibboleth?

.. Active privacy a core principle

.. Emphasis on federated administration

.. Emphasis on flexible yet secure access

.. Establishes trust communities

.. Open source with active community development

.. Maturing project with increasing use in highereducation and educational collaborations (e.g. NSF sNational Science Digital Library).. Utilizes mature, open source applications andstandards, such as LDAP (lightweight directory accessprotocol


8/60

User requests aShib-requestedresource2

1

Shib-protectedresourceUser is directed back tohome institution toauthenticate3

Home institutiongenerates atemporary handlefor user activeprivacy authenticated RU facultymember not John

SmithHow Shibboleth Works


9/60

User receivesaccess toresourceHow Shibboleth WorksUses temporaryhandle to requestfurther attributesabout the user (e.g.,teaching ininterinstitutionalprogram with validaccess to relevante-resources ateither institutionUser s homeinstitution providesnecessary attribute456Shib-protectedresource


10/60

IIIssssssuuueseses fffororor TrTrTruuuststst anananddd AAAuuuttthhhenenentttiiicicicitttyyy

The Structure of Information (IFLA)WorkExpression ExpressionDistinct intellectual orartistic creationManifestationManifestation ManifestationItemIntellectual or artisticrealization of a work( interpretation )

Physical manifestationof an expression. Maydiffer in physical format,but not in content orinterpretation

Unique physical

instance of a manifestation.


11/60

KKKeeeyyy WoWo Wor

rrkkk

CoCoConcncnceeeppptststs fofoforrr CoCoCommmmmmuniuniunitytyty DDDeeefififini

ninitititiooonnn

o Copy identical in the abstract and the concreteo Version Intellectual content unchanged concretepresentation differs (format, language)oRevision revisions should not impact reuse, accordingto community

o Edition substantially the same but revisions impact useaccording to community policy. Attributes expanded,

reduced policy.o Adaptation object based on theme or premise ofanother object. Community decision how granular theattribution should be.oDerivation Theme or premise of original object isstarting point for new object


12/60

Digital Provenance record in RUL repositoryDigital Provenance record in RUL repository


13/60

Lots of CopiesKeep Stuff Safe

Stanford-initiated project currently applied to ejournalsthat uses a peer-to-peer network tocreate a selective web cache by polling a webjournal at intervals, storing content, and providingto authorized local users.

ImpliImpliImplicccaaatttiiiooonnnsss fffooorrr DDDRM

RMRMRobust access throughdistributed, redundant management beyond therights holder or the authorized distributor.


14/60

RRRiiighghghtttsss EEExpxpxprrreeessississiononon LLLanananguguguagesagesages iiinnn DDDRRRMMM

R

RRiiiggghththtsss EEExxxprprpressiessiessiooonnn LLLaaanguag

nguagnguage:e:e:

.Documents offers & agreements between rightsholders, intermediaries, and end users, providingrights to license, distribute, access and useresources..Communicates rights, conditions on the exerciseof rights, and other context relevant to the rightstransactions.


15/60


.

Defines the parties and concepts engaged in offers oragreements for the exercise of rights that are exercisedagainst content..Expresses the underlying business model(s) of thecommunity sharing the DRM..Employs data dictionary and a standard syntax to provideinteroperable, logically consistent, semantically precisedocumentation for rights transactions

.Should be human and machine interpretable


16/60


R

RRIIIGGGHHHTTTSSSRights, Constraints, Agents and terms ofagreement -tied to core IP processes - map readily.

EEEXXXPPPRRRE

EESSSSSSIIIOOONNNLogic for expressing IP offerings and licensescomplex and incompatible - requires advancedparsing.

LLLAAANNNG

GGUUUAAAGGGEEEXML provides common framework, grammar andsyntax. Use of multiple schemas and subschemasadds parsing complexity


17/60


Rights Expression Implementations

Documents the copyright status

Passive

Identifies the rights holder

May provide guidance on attribution,

reuse

Documents and enforces permissions toActive

be granted to the user, often afterconditions are met or constraintsimposed. Enforcement can be at pointof access to content or prior to access.


18/60


Examples of Passive DRM: Creative Commons


19/60

RRRiiighghghtttsss EEExpxpxprrreeessississiononon LLLanananguguguagesagesages iiinnn DDDRRRMMMExamples of Passive DRM: Rutgers Libraries RM


20/60

UserDescriptionRightsHolderAuthenticationRightsVideoObjectPermissionAdministrationAuthorizationRights ExpressionLanguagesinDRMRights Expression Languages in DRMActive Rights Management


21/60


Other resource metadata:

.Administrative metadata:--provenance, fixity, context, reference, structure, andmanagement. Rights MD may be a subset

.Descriptive Metadata: information to discover, identify,select and obtain the resource.Structural metadata: Information a bout the structuredrelationship between components of a complex object.


22/60


REL in Context:

Integration of Administrative, Descriptive, Structural & RightsMetadata:

.integrated lifecycle management.insures consistency of content information across applications.Supports user decision-making in resource discovery and selection.Supports complex content management - shared repositories, contentversioning; downstream management, multiple manifestations;multipart objects, etc.


23/60


MEMET

TTS:S:S: MeMeMetatatadddaaatatata EncEncEncooodddiiingngng &&& T

TTrrraaansnsnsmmmiiissssssiiiooonnn SSStatatand

ndndaaarrrdddhttphttphttp:/:/:////www.lwww.lwww.loooc


24/60

cc///gggooovvv///ssstatatandndndaaarrrdddsss///mmmeeetststs///

.Provides encoding and transmission of descriptive,administrative and structural metadata using XML.Provides for transmission of metadata.

.Associates structure map, file types and behaviorswith digital objects to provide intelligent complexobjects -e.g. E-Journal with machine and humanrecognizable table of contents, abstract,citation, etc.

.Metadata schema providing simple rightsdeclaration issued for comment (Aug. 2003


25/60


M

MMEEETSTSTS IIIMMMPPPLELELEMMMENENENTATATATTTIIIOOON

NN


26/60

Rights ExpressionLanguagesinDRMRights Expression Languages in DRMPolicies;Terms ofAgreementand Offer;Rights &ConditionsIdentificationofAgents/RolesRELRELDRM SystemUSERUSERDescriptive &Admin MDResourceResource


27/60


Issues for Rights Metadata in R&E

.Many IP models, including: open availability/public domain;educational fair use; e-commerce; archival materials with unclearprovenance; government records/collaborations with retention schedulesand classification statuses; copyright; patentable ideas, complexcollaborations, etc..Creators closely bound to IP -want and need activeinvolvement in setting rights; revising rights..Many agents with complex creation, publication,distribution roles. Resources are also varied, complex and

dynamic


28/60


Two Developed languages: XrML and ODRL

XXXrrrMMMLLL ---EEExtxtxtenenensisisiblblbleee Ri

RiRighghghtttsss MMMarararkkkuuuppp LLLanananguguguageageage

wwwww.ww.ww.xxxrrrmmmlll.or.or.orggg


29/60

Current version -2.0 (2001-11-20)Developed from Xerox PARC s Digital Property Rights

Language (1996)ContentGuard -Patent/License owner; language

developer


30/60


X

XXrMLrMLrML CCCooorrreee CCCooonnnceptceptcepts:s:s:LLLi

iicccenseenseense --- cccooontntntaiaiainernerner ofofof gggrrrantantants

ss ooorrr grgrgraaannntttgrgrgrouououps.ps.ps.


31/60

GGGrrraaantntnt ---bbbeeessstttowowowsss autautauthorhorhoriiizazazatttiiiononon tttooo exerexerexerccci

iise rse rse riiiggghththt

PrPrPriiinnnccciiipapapalll -

--actors to whom rights are grantedRRRiiiggghhhttt ---action that a principal can exercise on a resource

RRResourcesourcesourceee ---object for which rights are granted

CCCooonnndididitttiiiononon ---

terms, conditions or obligations that affect


32/60

the exercising of a right.


33/60

RRRiiighghghtttsss EEExpxpxprrressiessiessiononon LLLanananguguguagagageseses iiinnn DDDRRRMMM

XrXMLrML

License yIssued bPrincipals

Contains Grants

Principalsauthorize

Subject to

Exercise

Right(s)ConditionsResource


34/60


XrML Three Schemas

.Core schema -Specifies semantics and rulesfor licenses, grants, core resource types and corerights related to licenses and grants.Standard Extension Schema -types andextensions for multiple scenarios ( sx ), particularlypayment, conditions, and names..Content extension schema -types andelements for describing rights, conditions andmetadata specific to digital works. (cx)


35/60


XrML Highlights and Issues:

.Integrates XML core technologies in a hybridlanguage/middleware implementation..Xpath, UDDI, Dsig, etc. integrated into the rules ofexpression and syntax-requires careful versioning acrosstechnologies..Emphasis on end-to-end trusted systems from digitalsignatures for licenses to direct payment to bank accounts.

.

Requires stateful conditions to point to locationwhere state is maintained.


36/60


X

XXrMLrMLrML HHHiiighlghlghliiightghtghts and Issues:s and Issues:s and Issues:

.Core concept of trusted issuer -digital signature forlicense integrity. Hybrid language is dense, not always eye-readable or

hand-codable..Can be intentionally opaque -rights and conditions can bereferenced by directory pointers rather than explicit..Patent issues with XrML license.Widespread adoption MPEG21, Open EBook


37/60


X

XXrMLrMLrML HHHiiighlghlghliiightghtghts and Issues:s and Issues:s and Issues:

.Very functional and extensible -strong data integrity support;usage tracking; nested rights and conditions, downstream rights;preconditions, such as acceptance of terms and conditions and licenserevocation status calls;

.Can imbed other MD schemas via namespaces; communityextension schemas supported;.Copyright, attribution and watermarking supported.


38/60


MPEG-21: Multimedia Framework:

Based on two concepts:

.Fundamental unit of Distribution and

Transaction the Digital Item.Concept of Users interacting with Digital ItemsQuoted From: MPEG-21 Home Page

http://www.chiariglione.org/mpeg/standards/mpeg-21/mpeg-21.htm


39/60


MPEG21 REL data model for a rights expression:

Four basic entities and the relationship among thoseentities.

This basic relationship is defined by the MPEG RELassertion grant , which consists of:

.The principal to whom the grant is issued

.The right that the grant specifies

.The resource to which the right in the grant applies

.The condition that must be met before the rightcan be exercised

http://www.chiariglione.org/mpeg/standards/mpeg-21/mpeg21.htm


40/60


MPEG-21 REL Data Model

http://www.chiariglione.org/mpeg/standards/mpeg-21/mpeg-21.htm


41/60


O

OODDDRRRLLL --- OOOpenpenpen DDDiiigigigitttalalal RRRi

iiggghththtsss LLLaaannnggguaguaguageeehhhtttt

ttp:p:p://////ooodrdrdrlll.ne.ne.nettt


42/60

.Developed and Managed by IPR Systems (RenatoIannella).Current version: 1.1 (2002-08-08).Open source -freely available


43/60


O

OODDDRRRLLL CCCoreoreore CCCoooncncncepteptepts:s:s:

.Asset -uniquely-identified content

.Rights -include permissions to interact withassets, which can include constraints (limits),conditions (exceptions that expire permissions) andrequirements (obligations that must be met beforepermissions can be exercised..Parties -end users who exercise permissions andrights holders who grant permissions (subject toconstraints and conditions)


44/60


OD

ODODRRRLLL ScScSchhheeemmmas:as:as:

.Expression language ( ex ).Data Dictionary language ( dd )

ODRL supports the expression of Permissions forboth Offers and Agreements

Ianella, R. Open Digital Rights Language (ODRL) v. 1.1 2002-08-08.http://odrl.net/1.1/ODRL-11.pdf. p. 5


45/60


ODRL -Adaptation of ODRL Foundation Model

Open Digital Rights Language (ODRL) v. 1.1 2002-08-08. http://odrl.net/1.1/ODRL-11.pdf. p. 4

RightsAgreement ContextPartyRights HolderPermissionConstraintRequirementConditionOffer


46/60

Ianella, R. Open Digital Rights Language (ODRL) v. 1.1 2002-08-08.http://odrl.net/1.1/ODRL-11.pdf. p. 5Rights ExpressionLanguagesinDRMRights Expression Languages in DRM


47/60


ODRL Highlights and Issues

.Concept of context adds unique identifiers andrelevant information about any entity or the relationshipbetween entities. Roles are an explicit attribute ofparties (rights holders and end users). Rights for a singleasset can be layered by party role..Rights holders have explicit royalty attributes.RRReeeq

qquiuiuirrreeemmmenenentttsss andandand conconcondididitttiiion

onons cs cs can have booan have booan have boollleeean (an (an ( andand and

oo or


48/60

rr)

)) lllooogigigiccc


49/60


ODRL Highlights and Issues

.Rights can be assigned to assets based on physicalformat (support for rights layered by physical or digitalmanifestation, ) or subparts. Quality and Format are

explicit attributes..Language is very functional but lightweight and eye-readable. Technologies and protocols ( middleware ) toaccomplish rights transactions is not specified.. Transfer permission explicitly embeds permissions tobe passed on for downstream asset use, together with

attributes equal, less, and notgreater..Can imbed other MD schemas via namespaces


50/60


XrML and ODRL Comparison:

IIIdededentntntiiifffyiyiying tng tng thhheee UUUssse

eerrr aaasss aaan autn autn authhhorororiiizzzeeed red red regigigis

sstttrantrantrant iiinnnttthehehe course,course,course, 33 301 H


51/60

01 H01 Hiiissstttory ofory ofory of FFFiiilllmmm


52/60


X

XXrMrMrMLLL


53/60


http://www.history.rutgers.edu/301HistoryOfFilm/registration

student


54/60


O

OODDDRRRLLL


55/60


O

OOffffffererer tttooo rereregggiiistststrrraaantntnt:

::permpermpermiiississission ton ton to vio vio vieeewww

CCCaaasabl

sablsablaaancncncaaa f

f fooorrr ttthhhrrree


56/60

eeee wwweeeeeekkks,s,s,fffromromrom fffiiirstrstrst acceacceaccessssss...


57/60


X

XXrMLrMLrML

http://www.history.rutgers.edu/301HistoryOfFilm/registration

student


58/60

RRRiiighghghtttsss EEExpxpxprrressiessiessiononon LLLanananguguguagagageseses iiinnn DDDRRRMMM

X

XXrMLrMLrML


59/60


O

OODDDRRRLLL

PT90D

/o-ex:constraint>


60/60