Download presentation
Presentation is loading. Please wait.
1
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002
2
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 Presentation Topics Internet2 Middleware Focus What is Digital Rights Management (DRM)? DRM and middleware DRM challenges The Federated Digital Rights Management (FDRM) Project –Project Description –Architecture Background to the NSF Middleware Initiative
3
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 I2 Middleware Focus Technical components include: authentication and authorization, directories, community objectclasses, security credentials, identifier management, etc. Policy components include: trust models, privacy legislation and regulations, community standards developments, deployment models, etc.
4
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 What is DRM? The management of intellectual property and distribution of digital content But different interpretations exist ….. Industry: DRM = protect the copyright owner’s rights through enforcement and support licensing model. Emphasis on media packaging, encryption and trusted systems. Research & Education: DRM = enable access while managing intellectual property and protecting user’s privacy. Balance between copyright owner’s and user’s rights.
5
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 Rights Metadata Rights, permissions, constraints expressed in an XML-based Rights Expression Language (REL) REL is linked to a Rights Data Dictionary (Data Model) Current RELs include: XrML: eXtensible Rights Markup Language (ContentGuard) ODRL: Open Digital Rights Language OASIS, MPEG-21,, IEEE, Open eBook Forum
6
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 DRM: A middleware problem? Authorization decision based on intersection of attributes about user, content and usage Much of middleware development concerns user attributes: Directory development, Identity management, Authentication, Role Based Access Control (RBAC)
7
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 DRM: A Middleware Problem? Federation and inter-realm access critical DRM systems are policy vehicles
8
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 DRM Challenges DRM defined and driven by industry DRM technologies being protected by legislation Threats to fair use, “first sale principle,” and user privacy Proprietary systems
9
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 DRM Challenges Existing Rights Expression Languages (REL) have limitations and are immature DRM and REL deployment threatened by patent encumbrances (ContentGuard) Authorization Expressions: SAML (security assertions) XACML (policy assertions) REL (rights, permissions, constraints assertions)
10
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 DRM Workshop NSF Middleware Initiative and DRM Workshop, Sept. 9, 2002 Funded by the NSF NMI program to: Explore DRM requirements in Research and Education Look at ways NMI development might be leveraged 60 representatives from library, content management, middleware, copyright law and standards organizations
11
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 DRM Requirements for Research & Education Multiple roles in academia: consumers, producers, distributors of information Multiple applications: Instructional Management Systems, portals, databases, online content, electronic journals, online collaboration, ….. Degrees of risk: term papers vs. patient records
12
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 DRM Requirements for Research & Education DRM in Higher Education needs to support: Fair use “First Sale” principle Privacy of the end-user Derivatives Complex objects Inter-institutional collaboration and sharing of resources
13
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 DRM Models Industry One-to-one Pay-per-view User as consumer Trusted systems Use monitoring Static content Proprietary hardware/software Academia One-to-many, many-to-many Flexible access User as consumer, producer, distributor Privacy Dynamic content Inter-institutional, cross realm access Interoperability
14
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 Workshop Outcomes Conclusions: Additional DRM function - to record rights Current RELs insufficient Access more important than enforcement Not one unifying architecture Need for more discussion DRM Requirements for R&E: Discussion Paper submitted to OASIS Rights Language Technical Committee Creation of DRM Working Group within I2 Middleware Initiative
15
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 Federated DRM Project Fundamental Goal: Enable intersection of attributes about user, content and usage to manage objects Modeled on the I2 Shibboleth project Also federates rights administration University of Tennessee and Rutgers University leading project
16
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 Shibboleth Basics “Interrealm Attribute-based Authorization for Web Services” An initiative to develop an architecture, policy framework, and practical technologies to support inter- institutional sharing of resources Provides the secure exchange of interoperable attributes which can be used in access control decisions
17
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 Shibboleth Basics Controlled dissemination of attribute information, based on administrative defaults and user preferences Shifts the model from passive privacy towards active privacy Based on a federated administration trust framework Vendor participation - IBM/Tivoli Standards Alignment - OASIS/SAML
18
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 Why Shibboleth? Emphasis on federated administration Emphasis on flexible yet secure access Establishes trust communities Active privacy a core principle Open source, community development Project maturing
30
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 Resources NMI and DRM Workshop www.ait.utk.edu/drmworkshop Discussion Paper: DRM Requirements for Research and Education www.ait.utk.edu/drmworkshop/ resources.htm I2 Middleware Initiative DRM Working Group http://middleware.internet2.edu
31
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 NSF Middleware Initiative Goal to develop and deploy a national middleware infrastructure for science, research and higher education Internet2/EDUCAUSE/SURA and the GRIDs Center Development areas: identifiers, directories, authentication, authorization, GRIDs, PKI, digital video
32
TERENA GENERAL ASSEMBLY MEETING OCTOBER 24, 2002 NSF Middleware Initiative Deliverables: Software, community standards, best practices, schema and objectclasses, reference implementations, open source services, corporate relations NMI 1.0 (May 7, 2002) NMI 2.0 (October 25, 2002)
Similar presentations
