Introduction to Digital Rights Management Grace Agnew SURA/ViDe Digital Video Conference March 2004
Digital Rights Management Definitions DRM Action Authorization decision based on intersection of attributes about user, content and usage DRM System Digital application to apply and enforce organizational policies for the access and use of IP Essential DRM Components Directory Services supporting authentication and authorization; Rights Expression; Rights Enforcement METADATA FOR DIGITAL RIGHTS Intellectual Property Rights Right of ownership and control of products of the creators mind. WTO- supported
Essential DRM Components Directory Services: Identity Management Authentication Authorization (Role-based Access Control) Procedures for establishing and maintaining identity including format, database structure, privacy and confidentiality Determining that the user requesting a service has the required (authentic) identity through a secured system Determining that the authenticated user possesses the authorized role to access a service or object. (e.g. student registered in History 101) METADATA FOR DIGITAL RIGHTS
Federated DRM Community of Trust: Common understanding. Shared agreement and enforcement among community members. Ex: Copyright Trusted Systems Standardized, shared technologies for establishing and enforcing DRM
Essential DRM Components Identity Management: METADATA FOR DIGITAL RIGHTS Privacy: Whether the users identity is exposed Confidentiality:Whether the users activities are exposed Trust: Authenticates any entity in a rights transactionrights holder, rights requester and the content being requested.
Developing architectures, policy structures, practical technologies, and an open source implementation to support inter-institutional sharing of web resources subject to access controls. Enabling Technology: Internet2 Shibboleth Project Source: Shibboleth Project: METADATA FOR DIGITAL RIGHTS
Why Shibboleth? Active privacy a core principle Emphasis on federated administration r Emphasis on flexible yet secure access r Establishes trust communities r Open source with active community development r Maturing project with increasing use in higher education and educational collaborations (e.g. NSFs National Science Digital Library) r Utilizes mature, open source applications and standards, such as LDAP (lightweight directory access protocol METADATA FOR DIGITAL RIGHTS
How Shibboleth Works User requests a Shib-requested resource Shib- protected resource User is directed back to home institution to authenticate Home institution generates a temporary handle for user – active privacy authenticated RU faculty member not John Smith 1 2 3
How Shibboleth Works User receives access to resource Shib- protected resource Uses temporary handle to request further attributes about the user (e.g., teaching in interinstitutional program with valid access to relevant e-resources at either institution Users home institution provides necessary attribute 4 5 6
The Structure of Information (IFLA) Work Expression Distinct intellectual or artistic creation Intellectual or artistic realization of a work (interpretation) Manifestation Item Unique physical instance of a manifestation. Physical manifestation of an expression. May differ in physical format, but not in content or interpretation Issues for Trust and Authenticity
Key Work Concepts for Community Definition o Copy – identical in the abstract and the concrete o Version – Intellectual content unchangedconcrete presentation differs (format, language) o Revision – revisions should not impact reuse, according to community o Edition – substantially the same but revisions impact use according to community policy. Attributes –expanded, reduced policy. o Adaptation – object based on theme or premise of another object. Community decision how granular the attribution should be. o Derivation – Theme or premise of original object is starting point for new object o
Digital Provenance record in RUL repository
Lots of Copies Keep Stuff Safe Stanford-initiated projectcurrently applied to e- journalsthat uses a peer-to-peer network to create a selective web cache by polling a web journal at intervals, storing content, and providing to authorized local users. Implications for DRM Implications for DRMRobust access through distributed, redundant managementbeyond the rights holder or the authorized distributor.
Rights Expression Languages in DRM Rights Expression Language: Documents offers & agreements between rights holders, intermediaries, and end users, providing rights to license, distribute, access and use resources. Communicates rights, conditions on the exercise of rights, and other context relevant to the rights transactions.
Rights Expression Languages in DRM Defines the parties and concepts engaged in offers or agreements for the exercise of rights that are exercised against content. Expresses the underlying business model(s) of the community sharing the DRM. Employs data dictionary and a standard syntax to provide interoperable, logically consistent, semantically precise documentation for rights transactions Should be human and machine interpretable
Rights Expression Languages in DRM RIGHTS Rights, Constraints, Agents and terms of agreement - tied to core IP processes - map readily. EXPRESSION Logic for expressing IP offerings and licenses complex and incompatible - requires advanced parsing. LANGUAGE XML provides common framework, grammar and syntax. Use of multiple schemas and subschemas adds parsing complexity
Rights Expression Languages in DRM Passive Documents the copyright status Identifies the rights holder May provide guidance on attribution, reuse Active Documents and enforces permissions to be granted to the user, often after conditions are met or constraints imposed. Enforcement can be at point of access to content or prior to access. Rights Expression Implementations
Rights Expression Languages in DRM Examples of Passive DRM: Creative Commons
Rights Expression Languages in DRM Examples of Passive DRM: Rutgers Libraries RM
User Description Rights Holder Authentication Rights Video Object Permission Administration Authorization Active Rights Management Rights Expression Languages in DRM
Other resource metadata: Administrative metadata : -- provenance, fixity, context, reference, structure, and management. Rights MD may be a subset Descriptive Metadata : information to discover, identify, select and obtain the resource Structural metadata : Information a bout the structured relationship between components of a complex object.
Rights Expression Languages in DRM REL in Context: Integration of Administrative, Descriptive, Structural & Rights Metadata: integrated lifecycle management insures consistency of content information across applications Supports user decision-making in resource discovery and selection Supports complex content management - shared repositories, content versioning; downstream management, multiple manifestations; multipart objects, etc.
Provides encoding and transmission of descriptive, administrative and structural metadata using XML Provides for transmission of metadata. Associates structure map, file types and behaviors with digital objects to provide intelligent complex objects - e.g. E-Journal with machine and human recognizable table of contents, abstract, citation, etc. Metadata schema providing simple rights declaration issued for comment (Aug METS: Metadata Encoding & Transmission Standard Rights Expression Languages in DRM
METS IMPLEMENTATION
Policies; Terms of Agreement and Offer; Rights & Conditions Identification of Agents/Roles REL DRM System USER USER Descriptive & Admin MD Resource Resource Rights Expression Languages in DRM
Issues for Rights Metadata in R&E Many IP models, including: open availability/public domain; educational fair use; e-commerce; archival materials with unclear provenance; government records/collaborations with retention schedules and classification statuses; copyright; patentable ideas, complex collaborations, etc. Creators closely bound to IP - want and need active involvement in setting rights; revising rights. Many agents with complex creation, publication, distribution roles. Resources are also varied, complex and dynamic
Rights Expression Languages in DRM Two Developed languages: XrML and ODRL XrML - Extensible Rights Markup Language Current version ( ) Developed from Xerox PARCs Digital Property Rights Language (1996) ContentGuard - Patent/License owner; language developer
Rights Expression Languages in DRM XrML Core Concepts: License - container of grants or grantgroups. License - container of grants or grantgroups. Grant - bestows authorization to exercise rightGrant - bestows authorization to exercise right Principal - Principal - actors to whom rights are granted Right - Right - action that a principal can exercise on a resource Resource - Resource - object for which rights are granted Condition - Condition - terms, conditions or obligations that affect the exercising of a right.
License Contains Grants authorize Principals Exercise Right(s) Subject to Conditions Resource Issued by Principals Rights Expression Languages in DRM XrML
XrML – Three Schemas Core schema - Specifies semantics and rules for licenses, grants, core resource types and core rights related to licenses and grants Standard Extension Schema - types and extensions for multiple scenarios (sx), particularly payment, conditions, and names. Content extension schema - types and elements for describing rights, conditions and metadata specific to digital works. (cx)
Rights Expression Languages in DRM XrML Highlights and Issues: Integrates XML core technologies in a hybrid language/middleware implementation. Xpath, UDDI, Dsig, etc. integrated into the rules of expression and syntax- requires careful versioning across technologies. Emphasis on end-to-end trusted systems from digital signatures for licenses to direct payment to bank accounts. Requires stateful conditions to point to location where state is maintained.
Rights Expression Languages in DRM XrML Highlights and Issues: Core concept of trusted issuer - digital signature for license integrity Hybrid language is dense, not always eye-readable or hand-codable. Can be intentionally opaque - rights and conditions can be referenced by directory pointers rather than explicit. Patent issues with XrML license Widespread adoptionMPEG21, Open EBook
Rights Expression Languages in DRM Very functional and extensible - strong data integrity support; usage tracking; nested rights and conditions, downstream rights; preconditions, such as acceptance of terms and conditions and license revocation status calls; Can imbed other MD schemas via namespaces; community extension schemas supported; Copyright, attribution and watermarking supported. XrML Highlights and Issues:
Rights Expression Languages in DRM MPEG-21: Multimedia Framework: Based on two concepts: Fundamental unit of Distribution and Transactionthe Digital Item Concept of Users interacting with Digital Items Quoted From: MPEG-21 Home Page
Rights Expression Languages in DRM MPEG21 REL data model for a rights expression: Four basic entities and the relationship among those entities. This basic relationship is defined by the MPEG REL assertion grant, which consists of: The principal to whom the grant is issued The right that the grant specifies The resource to which the right in the grant applies The condition that must be met before the right can be exercised 21.htm
Rights Expression Languages in DRM MPEG-21 REL Data Model
Rights Expression Languages in DRM ODRL - Open Digital Rights Language Developed and Managed by IPR Systems (Renato Iannella) Current version: 1.1 ( ) Open source - freely available
Rights Expression Languages in DRM ODRL Core Concepts: Asset - uniquely-identified content Rights - include permissions to interact with assets, which can include constraints (limits), conditions (exceptions that expire permissions) and requirements (obligations that must be met before permissions can be exercised. Parties - end users who exercise permissions and rights holders who grant permissions (subject to constraints and conditions)
ODRL Schemas: Expression language (ex) Data Dictionary language (dd) ODRL supports the expression of Permissions for both Offers and Agreements Ianella, R. Open Digital Rights Language (ODRL) v p. 5 Rights Expression Languages in DRM
Rights AgreementContext Party Rights Holder Permission Constraint Requirement Condition Offer ODRL - Adaptation of ODRL Foundation Model Open Digital Rights Language (ODRL) v p. 4 Rights Expression Languages in DRM
Ianella, R. Open Digital Rights Language (ODRL) v p. 5 Rights Expression Languages in DRM
Concept of context adds unique identifiers and relevant information about any entity or the relationship between entities. Roles are an explicit attribute of parties (rights holders and end users). Rights for a single asset can be layered by party role. Rights holders have explicit royalty attributes Requirements and conditions can have boolean (and or) logic Requirements and conditions can have boolean (and or) logic ODRL Highlights and Issues
Rights Expression Languages in DRM Rights can be assigned to assets based on physical format (support for rights layered by physical or digital manifestation,) or subparts. Quality and Format are explicit attributes. Language is very functional but lightweight and eye- readable. Technologies and protocols (middleware) to accomplish rights transactions is not specified. Transfer permission explicitly embeds permissions to be passed on for downstream asset use, together with attributes equal, less, and notgreater. Can imbed other MD schemas via namespaces ODRL Highlights and Issues
Rights Expression Languages in DRM Identifying the User as an authorized registrant in the course, 301 History of Film XrML and ODRL Comparison:
Rights Expression Languages in DRM XrML <keyholder licensePartId=301 History Of Film Registrant"> n4rtmxz5/2x1uioP598tyu89olk /> AQABAA
Rights Expression Languages in DRM student
Rights Expression Languages in DRM ODRL
Rights Expression Languages in DRM Offer to registrant: permission to view Casablanca for three weeks, from first access.
Rights Expression Languages in DRM student XrML
Rights Expression Languages in DRM 1F8903B0-FC03-4c5b-A445-AAFCCEC01333 XrML
Rights Expression Languages in DRM ODRL <o-ex:constraint idref=301HistoryOfFilmRegistrant" type=" /> PT90D /o-ex:constraint>