Transcript Promoting the REL Profile for Optical Media
Rights Expression Languages in Digital Rights Management
Xin Wang ContentGuard, Inc.
October 19, 2006
Outline
Concepts and purpose of DRM License-based DRM Systems Roles of RELs in DRM Business models Supported by RELs Conclusions
DRM Concepts
Digital Assets Any resources, contents and services in digital domain Digital Rights Privileges for creating, distributing, using and managing digital assets Digital rights are not just copyrights – e.g., meta-rights Licenses Digital expressions or objects that carry information about digital rights Digital Rights Management (DRM) A unified approach to specifying, interpreting, enforcing and managing digital rights Content protection and watermarking technologies are supporting ones to make DRM more effective and robust.
DRM Purposes
Not just prevent illegal access and sharing of digital assets But, more importantly, allow authorized access and enjoyment to more high quality assets in more convenient fashions and, at the same time, create more markets and businesses for creating, distributing and consuming digital assets
DRM in Multimedia Commerce
Create Package Sell Play Original content
Author / Artist
Aggregate Rights & Conditions Protected content
Publisher
Distribute Prices & Business models Rights & Conditions Protected content
Retailer
Clear Rights & Payment Protected content
Consumer
License-Based DRM
Create Package Sell Play Original content
Author / Artist
Aggregate Protected content
Publisher
Distribute Protected content
Retailer
Prices & Business models Clear Rights & Payment Rights & Conditions Protected content
Consumer
License Prices & Business models Rights & Conditions
License server
License-Based DRM Systems
To use content, one needs to have a valid license to grant usage and possibly provide crypto key and other information for authorized usage of content Characteristics Licenses are associated with content, but can be separated entities with their own life cycle issuance, distribution, consumption, revocation and expiration Licenses specify who have what rights over what resource under what terms and conditions play, print, adapt, … Licenses also provide information for implementing business models, rather than applications hard code it preview for 3 times, rent for a week, … Licenses also carry information for content protection and trust management encrypted content decryption key, license issuance and revocation, … Licenses can be defined using Rights Expression Languages (REL) ISO MPEG REL, OMA DREL, XrML, XMCL, …
Rights Expression Language (REL)
A standard language used to specify rights and their terms and conditions in the form of licenses for distributing and using digital assets Provide an authorization model to determine if a principal has the right to perform an action on a resource according to licenses within a given system context Support flexible business models in the end-to-end distribution value chain Enables trusted systems to exchange digital contents and interoperate for end-to-end DRM
Development History of RELs
Mar 96 DRPL 1.0
Nov 98 DPRL 2.0
Apr 2000 XrML 1.0
Jun 00 XrML 1.03 Nov 01 XrML 1.2.1
Nov 01 XrML 2.0
Mar 04 MPEG REL 95 96 97 98 99 00 ODRL 0.5
Aug 00 01 XMCL Jun 01 02 ODRL 1.0
Nov 01 03 ODRL 1.1
Aug 02 04 05 OMA DREL 1.0
Jun 04 06
Latest Development of RELs
MPEG REL Profiles MAM (Mobile And optical Media) DAC (Dissemination And Capture) OR (Open Release) OMA REL Broadcast profile China AVS DREL
MPEG REL Data Model
A license conveys that an issuer authorizes rights in the forms of grants.
License Grant Issuer Principal Right Resource Condition A grant specifies that a principal has a right over a resource under certain conditions.
A Simple MPEG REL License
< license xmlns="urn:mpeg:mpeg21:2003:01-REL-R-NS" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:mx="urn:mpeg:mpeg21:2003:01-REL-MX-NS" profileCompliance="urn:embedded:rel-profile"> < grant > < keyHolder licensePartID=" Alice ">
“PDQ Records grants Alice the right to play a song for a month.
< validityInterval >
Authorization in DRM
“Can Alice play this .mp3 file?” “Under what condition?” “According to whom?”
License-Based Authorization
Authorization Query “Can Alice play mySong .mp3?” “anyone can play mySong.mp3 in Dec 2003”, Bob says.
REL Licenses
REL Authorization Engine
Authorization Response “Yes, according to Bob.” Context Information “Current time is 2003-12 21T10:00:00”
Generic DRM Flow
capability presentation user interaction “play, save, email …” “I want to play” authentication “who are you?” REL-based authorization “do you have right to play?” usage tracking & reporting “you’ve played …” content rendering “playing …” watermark detection content decryption “Watermark presents?” “decrypt using AES…” event reporting “playing is authorized …” exception handling “player crashed …”
Typical REL Licenses
End-user license rights to play, print, modify, … Attribute license right to possessProperty Distribution license right to issue other rights Offer license right to obtain other rights Revocation license right to revoke other rights Hybrid licenses condition prerequisite on other licenses
Advanced REL Features
Variable Flexibility to specify an element instance at the time of exercising right, but not at the time of issuing the license Convenience for a collection of elements with common properties Pattern Capability of specifying a set of element instances according to some rules Service Reference Encapsulation of information necessary to interact with a service Support interoperability for stateful conditions Delegation Allowance and control on how rights can be delegated and transferred
Business Models
Unlimited usage Flat fee sale Pay per view Preview Promotion Subscription/Membership Transfer Gifting Personal lending Library loan Site/volume license Rent Territory restricted Component based model User types based model Payment to multiple rights Holders Super-distribution Multi-tier models Composite content
Example Business Models
Fixed subscription Monthly or annually charge (e.g., $19/month for any songs in subscription) Limited subscription Monthly charge with fixed amount of content consumption (e.g., $9/month, up to 35 movies each month) Event or transaction based charging Pay per view, per file, or per message (e.g., 10¢ per message) Burn to CD, output to portable device (e.g., 69¢ to listen a song, but 99¢ to burn to CD) Session-based charging Charged according to amount of time or data traffic used, (e.g., 2¢ per minute or KB) Multi-tier models Fixed subscription for Gold members, limited subscription for regular members 2 or more levels of limited subscription (e.g., $9/m for 35 movies, $19/m for 100)
Subscription and Domain Management
Subscription management Subscriber license “Alice is a subscriber until Dec 31, 2006, issued by provider P” Subscription license “Anyone X can play a collection of content, provided X has a valid subscriber license issued by provider P”) Domain management Domain-device license “Desktop PC Z is a device of domain Y, issued by domain manager M” Domain license “Any device X can play a collection of content, provided X has a valid domain device license issued by domain manager M”
Conclusions
License based DRM systems support more flexible business models, via use of licenses RELs are languages used to specify rights and their terms and conditions provide the authorization function to grant rights support flexible business models in the end-to-end distribution value chain enables trusted systems to exchange digital contents and interoperate for end-to-end DRM