Rights Metadata: XrML and ODRL for Digital Video

Download Report

Transcript Rights Metadata: XrML and ODRL for Digital Video 

Rights Metadata:
XrML and ODRL for
Digital Video
Mairéad Martin
University of Tennessee
Doug Pearson
Indiana University
August 15, 2001
Overview
Digital Rights Management:
Definition and current landscape
 XrML
 ODRL
 Q&A

SEAM: Secure Econtent
Attribute Management
Goal: To develop a dynamic,
portable and granular rights
management tool that will ensure
the security and integrity of digital
objects
 Integrates XML-based rights
language, digital objects, and digital
access technologies

Digital Rights Management

Management vs. enforcement of
rights

“Digital management of rights” vs.
“Management of digital rights”

Players: <Indecs>,W3C, EBX,
MPEG, ContentGuard, IPR Systems
DRM Definition
“DRM involves the description,
layering, analysis, valuation, trading
and monitoring of an enterprise’s
assets; both in physical and digital
form; and of tangible and intangible
value.”
- Renato Ianella, ODRL
Version: 0.9
DRM Languages
eXtensible Rights Markup Language
(XrML)
 Open Digital Rights Language
(ODRL)
 Extensible Media Commerce
Language (XCML)

Rights Language
Requirements







Applicable and interoperable across media
Integration with descriptive metadata
Extensible
Efficient in open or trusted systems
Supports modularity and granularity
Capacity to be integrated with trust and
tracking systems
Open and non-proprietary
What is XrML?

eXtensible rights Markup Language

“A language in XML for describing
specification of rights, fees and conditions
for using digital contents (or properties),
together with message integrity and
entity authentication within these
specifications.”
Intent of XrML

“[XrML] is intended to support commerce
in digital contents, that is, publishing and
selling electronic books, digital movies,
digital music, interactive games,
computer software and other creations
distributed in digital form. It is also
intended to support specification of
access and use controls for secure digital
objects in cases were financial exchange
is not part of the terms of use.”
Trusted Systems

XrML enables trusted systems to
exchange digital contents and
interoperate.

A trusted system is a server, player or
other device for holding or accessing
digital content, which can be trusted to
honor the rights, conditions and fees
specified for digital contents.
Who Controls XrML?

XrML is licensed to the industry royaltyfree by the developer, ContentGuard, Inc.

ContentGuard is a spin-off from Xerox;
with strategic alliances and investment
from Xerox and Microsoft. Xerox is the
majority investor.

Microsoft considers XrML a key
component of its DRM strategy.
Who’s using XrML?

Microsoft uses XrML to specify rights and
content descriptions for licensing eBooks.
The Microsoft Digital Asset Server uses
the rights and content descriptions to
issue a personalized LIT file to the
consumer’s Microsoft Reader.
http://www.xrml.org/about.htm
“XrML -The Technology Standard for Trusted Systems…”
“A mature eContent marketplace requires a standard language…”
“XrML - forging the standard on which the eContent industry depends”
“Trusted systems require a standard. That standard – XrML…”
“Meeting the criteria demanded of an open standard…”
“An industry standard for creation of terms and
conditions associated with the use and protection of
eContent, XrML is licensed on a royalty-free basis…”
Is XrML an Open Standard?

ContentGuard declares commitment to
“promoting and supporting a standard
language that will enable content
creators, providers, distributors and
retailers to express rights and
specifications…”
Is XrML an Open Standard?
Guiding Principles:
 Enable XrML to meet the needs of all
stakeholders in the eContent industry
 Establish a community of practice
committed to develop a common rights
language
 Enable interoperability
 Encourage interested parties to submit
and share XrML Mods with the community
of practice
Is XrML an Open Standard?

XrML is not an “open standard”.

Rather, XrML is an attempt to build an
industry standard with a published
specification and encouragement to a
community of practice.
ContentGuard Patents

"System for Controlling the Distribution and Use of Digital Works
Using Digital Tickets." (US Patent 6,236,971)

"System for Controlling the Distribution and Use of Digital Work
Having Attached Usage Rights Where the Usage Rights are
Defined by a Usage Rights Grammar" (US Patent 5,715,403)

"System for Controlling the Distribution and Use of Composite
Digital Works" (US Patent 5,638,443)

"System for Controlling the Distribution and Use of Digital Works
Having a Free Reporting Mechanism" (US Patent 5,634,012)

"System for Controlling the Distribution and Use of Digital Works"
(US Patent 5,629,980)

"Interactive Contents Revealing Storage Device" (US Patent
5,530,235)

"System for Controlling the Distribution and Use of Rendered
Digital Works through Watermarking" (US Patent 6,233,684)
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
Within the root
XrML is a
mandatory element
BODY and an
optional element
SIGNATURE.
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
SIGNATURE is the
digital signature to
insure integrity of
the XRML
specification
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
BODY consists of
an optional
description of the
digital WORK and
some optional
metadata about the
XrML document.
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
ISSUED is the time
at which the the
XrML document
was issued.
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
TIME is the time
interval over which
the XrML
document is valid.
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
DESCRIPTOR is a
description of the
XrML document –
what this document
represents.
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
ISSUER is the
principle who
issues the XrML
document.
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
ISSUEDPRINCIPALS is a
list of the principals
the XrML
document is issued
to.
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
AUTHENTICATEDATA captures data
which is necessary
for an application
which processes a
XrML document.
<XrML>
<BODY>
(ISSUED)?
(TIME)?
(DESCRIPTOR)?
(ISSUER)?
(ISSUEDPRINCIPALS)?
(WORK)?
(AUTHENTICATEDATA)?
</BODY>
(SIGNATURE)?
</XrML>
WORK defines a
digital work and its
usage rights.
<WORK>
(OBJECT)
(DESCRIPTION)?
(CREATOR)?
(OWNER)?
(DIGEST)?
(PARTS)?
(CONTENTS)?
(COPIES)?
(COMMENT)?
(SKU)?
(RIGHTSGROUP |
REFERENCEDRIGHTSGROUP)+
</WORK>
<WORK>
(OBJECT)
(DESCRIPTION)?
(CREATOR)?
(OWNER)?
(DIGEST)?
(PARTS)?
(CONTENTS)?
(COPIES)?
(COMMENT)?
(SKU)?
(RIGHTSGROUP |
REFERENCEDRIGHTSGROUP)+
</WORK>
OBJECT identifies
the digital object of
the WORK through
a unique identifier
such as ISBN or
ISSN number.
<WORK>
(OBJECT)
(DESCRIPTION)?
(CREATOR)?
(OWNER)?
(DIGEST)?
(PARTS)?
(CONTENTS)?
(COPIES)?
(COMMENT)?
(SKU)?
(RIGHTSGROUP |
REFERENCEDRIGHTSGROUP)+
</WORK>
Self explanatory.
<WORK>
(OBJECT)
(DESCRIPTION)?
(CREATOR)?
(OWNER)?
(DIGEST)?
(PARTS)?
(CONTENTS)?
(COPIES)?
(COMMENT)?
(SKU)?
(RIGHTSGROUP |
REFERENCEDRIGHTSGROUP)+
</WORK>
DIGEST uses a
cryptographic
digest value of the
work to insure
integrity and
originality of the
work.
<WORK>
(OBJECT)
(DESCRIPTION)?
(CREATOR)?
(OWNER)?
(DIGEST)?
(PARTS)?
(CONTENTS)?
(COPIES)?
(COMMENT)?
(SKU)?
(RIGHTSGROUP |
REFERENCEDRIGHTSGROUP)+
</WORK>
PARTS specifies a
list of works that
are included as part
of this WORK.
<WORK>
(OBJECT)
(DESCRIPTION)?
(CREATOR)?
(OWNER)?
(DIGEST)?
(PARTS)?
(CONTENTS)?
(COPIES)?
(COMMENT)?
(SKU)?
(RIGHTSGROUP |
REFERENCEDRIGHTSGROUP)+
</WORK>
CONTENTS gives
the starting and
stopping addresses
which the rights in
the WORK
specification apply.
<WORK>
(OBJECT)
(DESCRIPTION)?
(CREATOR)?
(OWNER)?
(DIGEST)?
(PARTS)?
(CONTENTS)?
(COPIES)?
(COMMENT)?
(SKU)?
(RIGHTSGROUP |
REFERENCEDRIGHTSGROUP)+
</WORK>
COPIES specifies
the number of
copies of the digital
work. It’s possible
to transfer or loan a
copy while
exercising other
rights on remaining
copies.
<WORK>
(OBJECT)
(DESCRIPTION)?
(CREATOR)?
(OWNER)?
(DIGEST)?
(PARTS)?
(CONTENTS)?
(COPIES)?
(COMMENT)?
(SKU)?
(RIGHTSGROUP |
REFERENCEDRIGHTSGROUP)+
</WORK>
Stock Keeping
Unit. Is included
for extensibility;
typically for use by
retailer or
distributor.
<WORK>
(OBJECT)
(DESCRIPTION)?
(CREATOR)?
(OWNER)?
(DIGEST)?
(PARTS)?
(CONTENTS)?
(COPIES)?
(COMMENT)?
(SKU)?
Rights
specification.
(RIGHTSGROUP |
REFERENCEDRIGHTSGROUP)+
</WORK>
<RIGHTSGROUP>
(COMMENT)?
(BUNDLE)?
(RIGHTSLIST)
</RIGHTGROUP>
One or more
RIGHTSGROUP
may exist;
according to logical
collections of rights
for groups of users.
<RIGHTSGROUP>
(COMMENT)?
(BUNDLE)?
(RIGHTSLIST)
</RIGHTGROUP>
Each right may
separately specify
parameters such as
time limits, fees,
access conditions.
Shared parameters
may be bundled.
<!ELEMENT RIGHTSLIST
((
COPY | TRANSFER | LOAN |
PLAY | PRINT | EXPORT | VIEW |
EDIT | EXTRACT | EMBED |
BACKUP | RESTORE | VERIFY | FOLDER | DIRECTORY
DELETE | INSTALL | UNINSTALL
)+)>
Classification of rights:
Transport
Render
Derivative Work
File Management
Configuration
Classification of rights:
Transport
Render
Derivative Work
File Management
Configuration
Governs the creation and
movement of persistent copies of
a work under the control of
trusted repositories
COPY – create a new copy of a
work
TRANSFER – an existing
authorized copy moves to another
repository
LOAN – loan a copy for a period
of time
Classification of rights:
Transport
Render
Derivative Work
File Management
Configuration
Governs the creation of
representations of a digital work
outside of the control of trusted
systems.
PLAY – make an ephemeral copy
available for use
PRINT – make permanent copies
to external media
EXPORT – makes a digital
source copy available outside of
trusted system control
Classification of rights:
Transport
Render
Derivative Work
File Management
Configuration
Governs the reuse of a digital
work, in whole or part, to create a
new composite work. Not
intended to cover all possible
forms of reuse; rather automate
the simple case where the rights
owner can pre-determine fees and
repository-testable conditions on
a work.
EXTRACT, EDIT AND EMBED
Classification of rights:
Transport
Render
Derivative Work
File Management
Configuration
Governs access to directory and
file information in operations
when two repositories are
connected. E.g. when exercising
rights that engage multiple
repositories, such as TRANSFER
or LOAN. Also, controls the
making and restoring of backup
copies.
FOLDER, DIRECTORY,
DELETE, VERIFY, BACKUP
Classification of rights:
Transport
Render
Derivative Work
File Management
Configuration
Governs the adding and removing
of system software from secure
repositories.
INSTALL, UNINSTALL
<!ENTITY % termConditions
“(TIME | ACCESS | FEE | TERRITORY | TRACK)+”>
XrML Definition for
Microsoft eBook
Scenario:
On August 9, I purchased and
downloaded a Microsoft Reader
formatted eBook, Telecosm by George
Gilder, from Amazon. The following
XrML was included inside the .LIT file.
<XrML>
<BODY type="LICENSE" version="2.0">
<ISSUED>2001-08-09T19:27</ISSUED>
<DESCRIPTOR>
<OBJECT type="self-proving-EUL">
<ID type="MS-GUID">{B536F0B2-8755-4CF5-AE80-6E1F41A15A99}</ID>
</OBJECT>
</DESCRIPTOR>
<ISSUER>
<OBJECT type="Licensor-Certificate">
<ID type="MS-GUID">{EF649DC9-29A9-4EA8-9CF7-49A76C394407}</ID>
<NAME>Lightning Source, Inc.</NAME>
<ADDRESS type="URL">www.lightningsource.com</ADDRESS>
</OBJECT>
<PUBLICKEY><ALGORITHM>RSA-512</ALGORITHM><PARAMETER name="public e
</ISSUER>
<ISSUEDPRINCIPALS>
<PRINCIPAL internal-id="1">
<OBJECT type="MS Registration">
<ID type="MS Registration ID">196608-…</ID>
<NAME>[email protected]</NAME>
</OBJECT>
<PUBLICKEY><ALGORITHM>RSA-512</ALGORITHM><PARAMETER name="pu
</PRINCIPAL>
</ISSUEDPRINCIPALS>
<WORK>
<OBJECT type="BOOK-LIT-FORMAT">
<ID type="SKU">074321594X</ID>
<NAME>074321594X</NAME>
</OBJECT>
<OWNER>
<OBJECT type="Licensor-Certificate">
<ID type="MS-GUID">{EF649DC9-29A9-4EA8-9CF7-49A76C394407}</ID>
<NAME>Lightning Source, Inc.</NAME>
<ADDRESS type="URL">www.lightningsource.com</ADDRESS>
</OBJECT>
<PUBLICKEY><ALGORITHM>RSA-512</ALGORITHM><PARAMETER name="pu
</OWNER>
<WORK> [CONTINUED]
<RIGHTSGROUP name="Main Rights">
<COMMENT>Rights description</COMMENT>
<RIGHTSLIST>
<VIEW>
<ACCESS>
<PRINCIPAL internal-id="1">
<ENABLINGBITS type="sealed-des-key">
<VALUE encoding="base64" size="512">E75/0j...</VALUE
</ENABLINGBITS>
</PRINCIPAL>
</ACCESS>
</VIEW>
</RIGHTSLIST>
</RIGHTSGROUP>
</WORK>
<AUTHENTICATEDDATA name="eBook 1.5 Authentication Data"
size="160">
0Gy1fRMXMm3pvpZakb3PVt4IVOA=
</AUTHENTICATEDDATA>
</BODY>
<SIGNATURE>
<DIGEST>
<ALGORITHM>SHA1</ALGORITHM>
<PARAMETER name="codingtype">
<VALUE encoding="string">surface-coding</VALUE>
</PARAMETER>
<VALUE encoding="base64" size="160">rXYVrtQ...</VALUE>
</DIGEST>
<VALUE encoding="base64" size="512">Jy1sGMtN9J...</VALUE>
</SIGNATURE>
</XrML>
<XrML>
<BODY type="LICENSE" version="2.0">
<ISSUED>2000-08-02T22:16</ISSUED>
<DESCRIPTOR>
<OBJECT type="Licensor-Certificate">
<ID type="MS-GUID">{EF649DC9-29A9-4EA8-9CF7-49A76C394407}</ID>
<NAME>Lightning Source, Inc.</NAME>
<ADDRESS type="URL">www.lightningsource.com</ADDRESS>
</OBJECT>
</DESCRIPTOR>
<ISSUER>
<OBJECT type="Corporation">
<ID type="MS-GUID">2</ID>
<NAME>Microsoft Corporation</NAME>
<ADDRESS type="URL">www.microsoft.com</ADDRESS>
</OBJECT>
<PUBLICKEY><ALGORITHM>RSA-512</ALGORITHM><PARAMETER name="public e
</ISSUER>
<ISSUEDPRINCIPALS>
<PRINCIPAL internal-id="1">
<OBJECT type="Corporation">
<ID type="MS-GUID">{EF649DC9-29A9-4EA8-9CF7-49A76C394407}</ID>
<NAME>Lightning Source, Inc.</NAME>
<ADDRESS type="URL">www.lightningsource.com</ADDRESS>
</OBJECT>
<PUBLICKEY><ALGORITHM>RSA-512</ALGORITHM><PARAMETER name="pu
</PRINCIPAL>
</ISSUEDPRINCIPALS>
</BODY>
<SIGNATURE>
<DIGEST>
<ALGORITHM>SHA1</ALGORITHM>
<PARAMETER name="codingtype"><VALUE encoding="string">surface-coding</VALUE
<VALUE encoding="base64" size="160">IOYwWKd...</VALUE>
</DIGEST>
<VALUE encoding="base64" size="1024">pAcwJUWAuuN...</VALUE>
</SIGNATURE>
</XrML>
Open Digital Rights
Language (ODRL)
Developed by Renato Iannella of IPR
Systems (Australia)
 Expressed in XML
 Open source; submitted to W3C
 Goal: “will “plug into” an open
framework that enables P2P
interoperability for DRM services.”
 Version 0.9 published June 26, ’01

ODRL Standard
Specification (Version 0.9)
Expression Language
 Data Dictionary
 Scenarios
 XML schema for both

Digital Video Scenario
A digital video lecture at Georgia Tech is
limited to registrants of the course, each
of whom was issued a digital certificate
identifying them as registrants. Nonregistrants may view the course for a
metered fee of $10 per hour during the
course period. Non-registrants will receive
a lower-resolution video file than
registrants.
<Permissions>Expression
Use
<Display>
<Print>
<Play>
<Execute>
Reuse
<Modify>
<Copy>
<Annotate>
Transfer
<Sell>
<Lend>
<Give>
<Lease>
<Constraints>Expression
User
<Individual>
<Group>
Bound
<Count>
<Range>
Device
<CPU>
<Network>
<Screen>
<Storage>
<Memory>
<Printer>
<Software>
<Constraints>Expression
Temporal
<DateTime>
<Accumulated>
<Interval>
Aspect
<Quality>
Spatial
<Format>
<Country>
<Unit>
<Recontext>
<Watermark>
<Requirements>Expression
Payment Expression
Fee
<PrePay>
<PostPay>
<PerUse>
<Rights Holder>Expression
Party
Context
Royalties
<Percentage>
<Fixed Amount>
<Context>Expression
<Asset>
<Screen>
<Party>
<Storage>
<Individual>
<Memory>
<Group>
<Printer>
<Watermark>
<Software>
<Network>
<Country>
<CPU>
<UID>
<Name>
<Role>
<Remark>
<DateTime>
<Location>
<External
Reference>
<Agreement>Expression
<Asset>
<Context>
<Party>
<Permission>
ODRL Next Version

Extensibility
Additional data dictionary elements
 Specification of equivalent rights
 Mapping between rights languages

Signing ODRL Expressions
 Transporting ODRL Expressions


Will include the use of SOAP
Resources
ODRL: http://www.odrl.net
 XrML: http://www.xrml.org

Credits
Grace Agnew, GA Tech
 Anne Salter, GA Tech
 William Rhodes, UT
