The Digital Media Project  

Source

GA07

Date:

2005/07/22

Title

Interoperable DRM Platform (IDP) Functions and Requirements

No.

0490/GA07

 

Interoperable DRM Platform (IDP) Functions and Requirements

 

 TOC  \* MERGEFORMAT Foreword............................................................................................................................................... PAGEREF _Toc110694556 \h 1

The Digital Media Project................................................................................................................... PAGEREF _Toc110694557 \h 1

Media and Digital Technologies........................................................................................................... PAGEREF _Toc110694558 \h 2

DRM requires more than technology................................................................................................... PAGEREF _Toc110694559 \h 4

The suite of DMP Approved Documents............................................................................................. PAGEREF _Toc110694560 \h 5

1      DMP Requirements........................................................................................................................ PAGEREF _Toc110694561 \h 6

2      General IDP Requirements & Policies............................................................................................. PAGEREF _Toc110694562 \h 6

3      Specific Requirements..................................................................................................................... PAGEREF _Toc110694563 \h 7

Annex A............................................................................................................................................... PAGEREF _Toc110694564 \h 27

Annex B............................................................................................................................................... PAGEREF _Toc110694565 \h 28

 

Foreword

The Digital Media Project

 

The Digital Media Project (DMP) is a non-profit Association registered in Geneva, Switzerland. Its mission is to promote the successful development, deployment and use of digital media that respect the rights of creators and rights holders to exploit their works, the wish of end users to fully enjoy the benefits of digital media and the interests of value-chain players to provide products and services, according to the principles laid down in the Digital Media Manifesto”

 

Membership in DMP is open to any corporation and individual firm, partnership, governmental body or international organisation. DMP does not restrict Membership on the basis of race, colour, sex, religion or national origin. By joining DMP each Member agrees, both individually and collectively, to adhere to open competition in the development of digital media technologies, products or services.

 

DMP Members are not restricted in any way from designing, developing, marketing or procuring digital media technologies, hardware, software, systems or services. Members are not bound to implement or use specific digital media standards, recommendations and specifications by virtue of their participation in DMP.

 

The goals of DMP are realised by developing Technical Specifications, Technical References and Recommended Practices enabling businesses that support new or improved end-user experiences and Recommended Actions to appropriate entities to act on removal of barriers holding up exploitation of digital media. Technical Specifications, Technical References, Recommended Practices and Recommended Actions are collectively called "DMP Approved Documents".

DMP will contribute the results of its activities to appropriate formal standards bodies and other appropriate entities whenever this is instrumental to achieve the general DMP goals.

 

DMP Approved Documents are developed by participating DMP members on the basis of responses to Calls for Proposals that are submitted by both members and non-members. DMP Approved Documents are publicly available documents whose copyright is retained by DMP. Electronic copies of DMP Approved Documents can be obtained from the DMP web site (http://www.dmpf.org/) or from the DMP Secretariat (secretariat@dmpf.org).

 

DMP develops Approved Documents and makes them available in a form such that users of the Approved Documents can implement them either freely, or on a royalty-free basis or on fair and reasonable terms and non discriminatory (RAND) conditions following the IEC/ISO/ITU policy on IPR in international standards. When issuing Calls for Proposals DMP explicitly advises Respondents to the Calls of this policy.

 

If DMP references an external standard or specification in a DMP Approved Document, DMP expects that the same IPR policy, or a comparable one, has been adopted by the entity that produced the standard or specification.

 

However, it must be noted that DMP is not in a position to make any expressed or implied guarantee that licensing of any of the technologies relevant to any or all of its Approved Documents can indeed be obtained either royalty free, or at RAND terms.

 

Media and Digital Technologies

 

Media content has always played an important role in all societies and manifold technologies have been invented and deployed to provide means to store and distribute media content. The complexity of these technologies and the stimulus to provide ever-enhanced end-user experiences have created very complex media content value-chains populated by an increasing number of interacting intermediaries providing increasingly sophisticated services to the two extremes of the value-chains – creators and end users – as well as  to the various intermediaries in between. In DMP all players in the value chain – Creators, Intermediaries and End-Users – are generically called Value-Chain Users or, simply, Users. Terms beginning with a capital letter are defined in the DMP Terminology

 

Media value-chain technologies have been designed with two main purposes in mind: the first to provide or augment the end-user experience, and the second to augment the capability to distribute media content. The latest round of technologies are digital. They have augmented the end-user experience, e.g. by providing very high quality audio and video that does not deteriorate with different generations of copies, and have dramatically increased the distribution potential of media content in combination with the development of digital networks.

 

The result today is that the traditional means to manage the value of media content along the value-chain are fast losing their established meaning. This is the source of various difficulties and is the major cause of the poor exploitation of the potential of digital media technologies. Digital Rights Management (DRM) has been advocated by many as the set of technologies that can overcome these difficulties.

 

The Digital Media Project agrees that DRM has the potential to combine the benefit of digital technologies with the need for a virtuous circle that motivates creators to continue creating because means of remuneration are provided by DRM technologies. However, DMP sees serious problems in the introduction of DRM technologies that are not interoperable.

 

A DRM system can be described as a particular form of communication system designed to provide controlled communication between two or more entities. As such the implementation of a DRM system may requires a broad range of communication technologies. Unless these are designed in such a way as to enable communication between two different implementations, DRM becomes an obstacle to communication between Value-Chain Users. This has particularly serious consequences in the case of the End-User because the lack of interoperability detracts from the End-User experience and thus may seriously impede the take off of services based on Governed Content.

 

Standards can bring benefits to the very special type of communication systems called DRM. However, the application of standards obeys different rules because DRM is tightly connected to business practices enabled by the introduction of digital technologies. As these are currently forcing changes in the way value-chain users conduct their business, it is hard to define what kinds of standards are required now as the only thing known is that media business is rapidly changing. This also adds to the difficulty of forecasting what kinds of standards will be needed in the future.

 

A solution can be found by breaking down the way value-chain users do business between themselves into the performance of diverse functions. Typically these functions are a combination of smaller functions that DMP calls “primitive functions”. While functions are changing as a consequence of the evolution of media business in the value-chain, primitive functions are in general more stable. Therefore DRM standardisation can be achieved by standardising the means to perform primitive functions.

 

A consequence of the above is that it is difficult to define a universal “DRM standard” that provides interoperability between every variety of different Users in arbitrary value-chains or across different value-chains. It is considerably easier to select a value-chain serving a specific goal and standardise its required DRM technologies. This may provide a solution for the contingent needs of today and for a specific value-chain, but it would fly in the face of advancing convergence.

 

The DMP approach to DRM standardisation is based on the following process

 

1.      Specifications are developed in phases

2.      Use Cases deemed to be significant are identified

3.      Primitive Functions that are required to implement the selected Use Cases are singled out

4.      Requirements for Primitive Functions are developed through inputs from relevant Value-Chain Users

5.      Calls for Proposals for technologies implementing the selected Primitive Functions with the identified requirements are issued

6.      The technologies selected – called Tools – are documented in technical terms through an open process

7.      Specifications of how Tools can be assembled to implement the selected Use Cases are developed

8.      In a subsequent phase of specification development Calls for Proposals for additional Tools needed to support new Primitive Functions or additional functionalities of existing Tools are issued.

 

Note that DMP favours the adoption of Tools that have already been developed, standardised or adopted by other bodies, possibly adapting them to DMP needs.

 

DMP calls the ensemble of all standardised DRM Tools “Interoperable DRM Platform (IDP)”. The IDP provides three major advantages:

 

1.      A great variety of Value-Chains can be implemented using a combination of standard technologies drawn from the IDP and, through additional standardisation, this potential can be extended to support unpredictably new Value-Chains

2.      Access to standardised Tools may have reduced cost because Tools may find multiple usages and may be provided by multiple suppliers

3.      An enhanced degree of interoperability is achieved between different Value-Chains.

 

DRM requires more than technology

 

In spite of the value DMP recognizes for Interoperable DRM as the main digital media-enabling technology, DMP has noted that DRM has the potential to substantially alter the balance that has been in existence in the analogue world between different Users of Content, in particular when one of them is the End-User. If not appropriately remedied, this imbalance may lead to a significant reduction of the scope of Traditional Rights and Usages (TRU) of Users. A possible outcome is the outright rejection of the new technology on the part of some Users, in particular End-Users perceiving the DRM media experience as inferior.

 

DMP is not claiming that an established TRU necessarily implies a right of a User to a particular Use of digital media but simply that, if Users have found a particular Use advantageous in the analogue domain, they are probably interested in continuing to exercise that Use in the digital domain as well. Leveraging upon this interest may provide opportunities for new “Digital Media Business Models” that are attractive to Users but respectful of the Rights of those who have created Works and invested in making Content.

 

Therefore DMP will be adding technologies to its specifications to make the exercise of TRUs technically possible. However, even a summary analysis shows that many TRUs have a legislative/regulatory impact that needs to be addressed by proper authorities. This can only be done within individual jurisdictions by determining which TRUs shall mandatorily be supported by the Interoperable DRM Platforms operating under their jurisdiction and which TRUs can be left to private negotiations between Users. This is a challenging task because it requires blending knowledge encompassing the legal, social and economic fields with in-depth knowledge of the highly sophisticated and unusual DRM technologies.

 

The suite of DMP Approved Documents

 

So far DMP has produced the following Approved Documents:

 

1.      Approved Document No. 1 – Use Cases [Error! Reference source not found.]: a collection of all Use Cases that are supported by Tools at a given phase of DMP specifications.

 

2.      Approved Document No. 2 - Architecture [Error! Reference source not found.]: a general architecture that represents the digital extension of today’s media value-chains and collects the basic assumptions and technologies underlying the establishment of IDP-enabled Value-Chains at a given phase of DMP specifications.

 

3.      Approved Document No. 3 – Interoperable DRM Platform [Error! Reference source not found.]: a collection of technical specification of basic Tools that are needed to implement Primitive Functions at a given phase of DMP specifications.

 

4.      Approved Document No. 4 – Value Chains [Error! Reference source not found.]: a collection of normative examples of Value-Chains or of portions thereof implementing the Use Cases considered at a given phase of DMP specifications using the Tools drawn from the IDP Toolkit.

 

5.      Approved Document No. 5 – Registration Authorities [Error! Reference source not found.]: a set of operational rules for Registration Authorities established to Assign Identifiers to Content, Devices and other Entities.

 

6.      Approved Document No. 6 – Terminology [Error! Reference source not found.]: terms and definitions that are used throughout DMP Approved Documents. Providing these terms with consistent meanings is meant to overcome the problem of DRM being a new field that impacts many existing fields with their own established and sometimes conflicting terminologies.

 

Further DMP is working on the following Approved Documents:

 

7.      Approved Document No. 7 – Reference Software: a software implementation of the Tools in IDP at a given phase of DMP specifications. DMP will strive to provide the reference software as Open Source, with a license aligned to established practices, unless proof that this outcome cannot be achieved is adequately demonstrated.

 

8.      Approved Document No. 8 – Recommended Practices for End-to-End Conformance: a set of Recommended Practices that Value-Chain Users can reference to ascertain that the Tools employed by other parties conform to DMP Technical Specifications and Technical References.

 

9.      Approved Document No. 9 – Recommended Action on Mapping of Traditional Rights and Usages (TRU) to the digital space: a set of scenarios of TRU support using IDP Tools with an analysis of the impact on the more relevant Value-Chain Users that can be considered by authorities to enable the benefit of TRUs – the result of decades, and sometimes centuries, of rights, exceptions and other types of usages – in a DMP-enabled world of digital media.

1          DMP Requirements

Calls for Proposals make reference to a Requirements document, called “IDP Requirements”. The DMP is currently busy collecting said requirements from a variety of sources. So far requirements from representatives of the following Value-Chain Users (VCU) have been contributed:

 

1.      Civil Rights Associations

2.      Association of People with Special Needs

3.      Collective Management Societies

4.      Device Manufacturers

5.      Individuals

6.      Producers

7.      Public Service Broadcasters

8.      Sheet Music Publishers

9.      Telecommunication operators

 

A list of Value-Chain Users identified so far DMP, and whose requirements the DMP expects to include is given in Annex A. All Value-Chain Users are encouraged to provide additional requirements that satisfy their needs or to comment on the existing ones. They will be incorporated in this document after review by DMP. The IDP Requirements document is posted on the open DMP web page so that contributors have an opportunity to review and possibly make further comments on the document.

 

This document should be read bearing in mind that words beginning with a capital letter have the meaning specified in the DMP Terminology. Please note that the DMP Terminology document, too, is work in progress.

 

Those wishing to comment on or contribute requirements to this document should forward their submissions to Marc Gauvin (mgauvin@sdae.net). Submissions will be discussed by the Ad hoc Group on Requirements for Interoperable DRM Platform. To subscribe to the ad hoc group reflector follow the instructions.

2          General IDP Requirements & Policies

The table below gives the general IDP requirements and policies. The acronyms in the 3rd column represent the source of the requirements and are defined in Annex 2.

 

Note that the list is work in progress.

 

  1.  

IDP shall be a “tool-kit” specification

 

GA04

  1.  

IDP shall evolve in phases, each phase introducing new tools

GA04

  1.  

IDP tools shall support all legitimate needs by

 

 

Value-Chain Users

Statutes

 

Association of People of Special Needs

DC

  1.  

IDP shall support Rights inheritance, i.e.the set of Rights acquired by a given Value-Chain User is subject to the set of Rights that was available to the Value-Chain User granting the Rights. E.g. a Producer Using a Work to produce a piece of Content can only grant a conditional subset of those Rights to that Content that have been granted him by the Author of said Work

AHG03

  1.  

IDP shall support the ability of a given VCU to mask the  VCUs supplying services to it in support of the services that it provides to its clients

TO

  1.  

Licensing of technologies required to implement IDP tools shall be RAND and preferably royalty-free

DC

  1.  

IDP shall contain tools to minimize impact on end-user (transparency).

DC

  1.  

DMP Use Cases shall describe how specific applications can be supported by IDP tools

GA04

DC

  1.  

DMP Use Cases shall provide a small number of Rights Expression templates that are well understood by end users (explain)

AHG06

  1.  

IDP shall support multiple means to evaluate content use? ¿evauluate?

AHG06

3          Specific Requirements

 

Category

Function

Identify

 

 

Identify Content

 

Identify Device

 

Identify User

 

Identify Domain

 

Identify Class of Users

 

Identify Footprint

 

Identify Jurisdiction

 

Identify Territory

Assign

 

 

Assign Identifier

 

Assign Metadata

Represent

 

 

Represent Metadata

 

Represent Key

 

Represent Rights Expression

 

Represent Rights Data

 

Represent DRM Tool

 

Represent Use Data

 

Represent Content

 

Represent Resource Format

 

Represent Device Capability

Package

 

 

Package Content

Authenticate

 

 

Authenticate Content

 

Authenticate DRM Tools

 

Authenticate Device

 

Authenticate User

 

Authenticate Domain

Verify

 

 

Verify Content

 

Verify Device

Certify

 

 

Certify Content

 

Certify Device

 

Certify User

Revoke

 

 

Revoke Content

 

Revoke Content Element

 

Revoke Device

 

Revoke User

 

Revoke Domain

Manage

 

 

Manage Domain

 

Manage Use Data Confidentiality

Access

 

 

Content

Update

 

 

License

 

DRM Tool

Process

 

 

Encrypt/Decrypt

 

Store/Retrieve

 

Copy/Move

 

Backup/Restore

 

Export

 

Import

Pay

 

Test Conformance

 

 

Test Conformance of Rights Expressions

 

Test Conformance of Enforcing Rights Expressions

 

Test Conformance of Tamper resistance

 

 

Identify

 

Identify Content

 

 

Detailed description of Requirements

Definition

The means by which the identity Content and of the constituent Content Elements can be uniquely and unambiguously determined

Objective

To enable accurate Governance of a Content Item and of the constituent Content Elements

Requirements

1.      Unambiguous identification of a Content Item and Content Elements

2.      Versioning shall be supported

3.      Ability to work in conjunction with multiple, existing industry schemes for Content Element identification

4.      Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete

5.      Content should be identifiable by different VCUs to enable tracing the origin of content when licensed to other VCUs

6.      Ability to Identify a Content Item for Use only within a specific a Device or a Domain (e.g. a Broadcast Footprint, a company, a home)

Benefits

1.      Flexible distribution schemes where different Content Elements may be supplied from different providers

2.      A given Content Element may be referenced in multiple parts of a Content Item

3.      Multiple Content Items can refer to the same Content Element

4.      Fine granularity of Rights Expressions.

 

 

Identify Domain

 

 

Detailed description of Requirements

Definition

The means by which the identity of a Domain can be uniquely and unambiguously determined

Objective

To enable Value-Chain Users to License Content to groupings of Users and/or Devices

Requirements

·        The following types of Domains shall be supported

o       Device-based

o       User-based

§         By enumeration

o       Context-based

§         By reference to a legally established class of special users (e.g. students, people with special needs)

§         Location-based

·        A hierarchy of Domains shall be supported

Benefits

Enable more Uses of Content by identifying groupings of Users and/or Devices instead of just Users or Devices

 

 

Identify User

 

 

Detailed description of Requirements

Definition

The means to identify the User in a particular instance of Use

Objective

To enable various User-related Functions such as License Content to an identified User

Requirements

·        Being usable for the purpose of User Authentication

·        Ability to accommodate a variety of models for human interaction with Devices e.g.:

o       Allow a single User to use multiple Devices,

o       Allow multiple Users to share a single Device,

o       Allow the use of a confidential identity (e.g. prepaid card)

·        Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete

·        Support the means to Identify any Value-Chain User

·        The ability to access information related the User that may be legally required for the provision of Content

Benefits

Depending on a given device's design, allows one User to employ multiple devices or allows multiple Users to use a single device

 

 

Identify Device

 

 

Detailed description of Requirements

Definition

The means to identify the Device employed in a particular instance of Use

Objective

To enable various Device-related Functions such as

·        To support the association of a piece of Governed Content with a Device

·        To support Trust management

Requirements

·        Compatible with administration of Domains

·        Ability to work in conjunction with existing industry schemes to administer customer/device-specific uses

·        Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete

·        Ability to obtain Device capability information from the Device Identifier

Benefits

·        Allows reliable administration of Device-based Uses

·        Compatible with replacement strategies in cases where a Device is destroyed or otherwise replaced, or else used only for a period of time after which a different Device will be used.

 

 

Identify Footprint

 

 

Detailed description of Requirements

Definition

The means to identify the Devices within the primary broadcast distribution area

Objective

To enable Devices to Use Content intended for a particular Footprint

Requirements

Unambiguous means for defining a particular Footprint

Benefits

Enable Usage of Content within a particular Footprint

 

 

Identify Class of User

 

 

Detailed description of Requirements

Definition

The means to identify the Devices belonging to a particular class of Users

Objective

To enable Devices to Use Content intended for a particular class of Users

Requirements

Unambiguous means for defining a particular class of Users

Benefits

Enable Usage of Content within a particular class of Users

 

 

Identify Jurisdiction

 

 

Detailed description of Requirements

Definition

The means to identify the Devices within a particular Jurisdiction

Objective

To enable Devices to Use Content intended for a particular Jurisdiction

Requirements

Unambiguous means for defining a particular Jurisdiction

Benefits

Enable Usage of Content within a particular Jurisdiction

 

 

Identify Territory

 

 

Detailed description of Requirements

Definition

The means to identify the Devices within a particular geographical area

Objective

To enable Devices to Use Content intended for a particular Territory

Requirements

Unambiguous means for defining a particular Territory

Benefits

Enable Usage of Content within a particular Territory

 

 

Assign

 

Assign Identifier

 

 

Detailed description of Requirements

Definition

The Function performed by a User when assigning an Identifier to Content, Content Element, Device, Domain and User

Objective

To unambiguously associate descriptive data to Content, Content Element, Device, Domain and User

Requirements

To Assign Identifiers according to the rules laid down by the the Registration Authority as implemented by the Registration Agency

Benefits

Form trusted relationships and give Users confidence in the identity of the Identified Content, Content Element, Device, Domain and User

 

 

Assign Metadata

 

 

Detailed description of Requirements

Definition

The function performed by a User when describing Content, Content Element, Device, Domain and User

Objective

To facilitate the search for Content, Content Element, Device, Domain and User

Requirements

Different Users may wish to Assign Metadata that have mandatory descriptive fields, e.g.:

o       Author

o       Title

o       Genre of Authorship

o       Date of Creation of Work

o      

·        facilitate cataloguing Content for B2B distribution

Benefits

Secondary means to identify Content, Content Element, Device, Domain and User

 

 

Revoke

 

Revoke Content

 

 

Detailed description of Requirements

Definition

The function by which a User ceases to recognise a Content Item

Objective

To prevent the further Use of a Content Item

Requirements

·        Content must be Identified

Benefits

To discontinue Use of a Content Item, e.g. when the Content Item is faulty

 

 

Revoke Content Element

 

 

Detailed description of Requirements

Definition

The function by which a User ceases to recognise a Content Element

Objective

To prevent the further Use of a Content Element

Requirements

·        Content Element must be Identified

Benefits

To discontinue Use of a Content Element, e.g. when the Content Element is faulty

 

 

Revoke Device

 

 

Detailed description of Requirements

Definition

The function by which a User ceases to recognise a device as a Device

Objective

To prevent the further Use of the Device

Requirements

·        Device must be Identified

Benefits

To discontinue Use of a Device, e.g. when the Device has been compromised

 

 

Revoke Domain

 

 

Detailed description of Requirements

Definition

The function by which a User ceases to recognise a Domain

Objective

To prevent the further operation of the Domain

Requirements

·        Domain must be Identified

·        Devices or Users must be Identified

Benefits

To discontinue operation of a Domain, e.g. when Users have breached the Device has been compromised

 

 

Revoke User

 

 

Detailed description of Requirements

Definition

The function by which a User ceases to recognise a device as a User

Objective

To prevent the further Use of Devices by a User

Requirements

·        User must be Identified

Benefits

To discontinue Use of Devices by a User, e.g. when the device representing the User has been compromised

 

 

Represent

 

Represent Content

 

 

Detailed description of Requirements

Definition

The means to organize and associate Content and Content Elements in a form that can be processed by a Device

Objective

To enable a predictable processing of Content and Content Elements according to the purposes of the Content Item design, i.e. to Represent the Governed Use of Work, Manifestation, Instance, Production, DRM Tool etc.)

Requirements

·        Persistent Association of Identifiers, Content and Content Elements

·        Ability to include encrypted and unencrypted Identifiers, Content and Content Elements

·        Ability to apply Rights Expressions to different Content Items in a Content

·        Ability to Use individual Content Elements in Content Item

·        Ability to associate Content Elements stored at locations remote from each other to the Content Item

·        Ability to support temporary and permanent unavailability of Content Elements

·        Content shall be represented in a Delivery-System agnostic format

·        Ability to access information related to

§         Key management

§         Encryption methods

§         Watermarking

§         Etc.

Benefits

·        Different Uses of the same Content (e.g. play list)

·        Executing sets of Functions on Content that serve for orientation, navigation and judgement (e.g. searching/filtering content)

·        License Different Uses of the same Content and/or Content Elements

 

 

Represent Use Data

 

 

Detailed description of Requirements

Definition

The means to represent the components related to one or more instance of Content, Device or User Use.

Objective

To enable processing of Use Data in a predictable fashion

Requirements

·        Ability to identify Use Data

·        Ability to support protection of Use Data

·        Ability to convert Use Data to a human readable form

·        Ability to not identify User or Device associated with Use Data

·        Ability to represent a wide range of Content Uses e.g. time of Use, Composite Content, Domains, Superdistribution Uses

Benefits

Provide a machine-processable record of Uses

 

 

Represent Metadata

 

 

Detailed description of Requirements

Definition

The ability to describe features and attributes associated with Content and Content Elements or Devices

Objective

·        Facilitate business between Users e.g. classify, describe, search and retrieve, presentation etc.

·        Enable best Use of Content on Devices

Requirements

·        Ability to support existing Metadata standards

·        Ability to signal the standard in use

·        Ability to employ a minimal Metadata standard set for End Users

·        Ability to describe Device features and capabilities

Benefits

Allows for an effective interchange of Content between Users and optimal Use of Devices

 

 

Represent Rights Expression

 

 

Detailed description of Requirements

Definition

The means to express Rights in a Device processable form

Objective

To allow conditional Use of Content, based on the conditions being satisfied or fulfilled

Requirements

·        The Solution shall represent different subsets of Rights

·        The Solution shall represent new Rights when the need occurs

·        The Solution shall unambiguously identify

o       the User granting the Right

o       the User, Device or Domain obtaining the Right

o       the Content Items to which the Rights Expression refers

·        The Solution shall utilize User selectable data dictionary

·        The Solution shall provide a minimal standard data dictionary

·        The Rights Expression shall support at least the following:

o       To assign one Rights Expression to many pieces of Governed Content

o       To assign many Rights Expressions each referring to a different component of a piece of Content

§         In particular a piece of Content can have no Rights Expression (i.e. a Device can Use the Content without limits)

o       To specify Content Uses e.g.

§         Period of time (e.g. play as long as the play time greater than specified time and less than a specified time) and based on time/date

§         User based

§         Device based

§         Domain based

§         Count based (play up to the specified number of time)

o       To specify Resource Uses e.g.

§         Audio

§         Video

§         Executables (e.g. applet)

o       To allow delivery by:

§         Streaming

§         Broadcast

§         File download

§         Physical media

o       To process metadata

§         Presentation of Metadata

o       To allow trick modes

·        The solution shall represent the sets of Rights pertaining to all Value-Chain Users e.g. Authors, Performers, Producers, Aggregators, Distributors, etc.

·        Rights Expressions shall be able to represent different IP entities

·        Digital Rights Expressions shall support at least the following:

o       To assign Rights Expressions with Context Use limitations, e.g. age of End-User

o       To assign many Rights Expressions each referring to a component of a Composite Content containing any combination of IP Entities

o       Support consistency between various Rights Expressions

·        Rights Expression should allow control over

o       Move/Copy

§         Between Devices

§         Within Domain

§         Within Footprint

o       Export to a movable media

o       Encryption of clear-text Content

·        Rights Expression should support reference to:

o       Territories

o       Jurisdictions

o       Footprints

o       Domains

o       Devices

o       Users

o       IP Entities

·        Rights Expressions should

o       Not require a return channel

o       Have low payload

o       Be processable by a wide array of Device sophistication

·        Rights Expressions should support

o       Conditional expiry (e.g. User loses Rights to Content if Stored for longer than determined period without Use)

o       Multiple grantors of Rights

o       Rights to segments of Content

·        Rights Expressions should support

o       Quote

o       Time-shifted Use

o       Annotation

·        Rights Expressions shall support the Use of at least the following types of Resources: audio, video, images, text and executables, groups/bundles thereof

·        The Rights Expression shall support the addition of metadata

·        The Rights Expression shall support Access of Content based on Rating (e.g. suitability for age)

·        The Rights Expression shall support the Right of a User to License another User

·        The Rights Expression shall support restriction to a class of Users

Benefits

Potentially allow the full range of human contractual agreements to be embodied in the digital domain, especially including automatic processing of agreements that are stated in rigorous forms. 

 

Represent Rights Data

 

 

Detailed description of Requirements

Definition

The means to represent the semantics of Functions that relate to Rights Granting e.g. Rights Data of Copy is the semantic of Copy in a Device

Objective

To enable a device to perform the Functions in a agreed and predictable way

Requirements

·        Provide the semantics for the following:

·        Adapt (Resource)

§         Conversion of compression method

§         Video resolution

§         Sampling frequency

·        Backup

·        Copy

·        Edit

·        Encrypt

·        Export

·        Import

·        Move

·        Quote

·        Restore

·        Space-shifted Use

·        Store

·        Synchronise

·        Time-shifted Use

·        Transfer to an external rendering device

 

Benefits

To be sure that Devices behave predictably

 

Represent DRM Tool

 

 

Detailed description of Requirements

Definition

The means for describing the DRM Tool

Objective

To provide the Device the means to perform the required DRM functionality

Requirements

·        The Representation shall include:

·        Tool ID

·        Version

·        Target OS

·        Target HW

·        Target Virtual Machine

·        Format e.g. zip

·        Tool source

·        Authentication parameters

·        Update schedule info

·        Tool Validation info

·        License info

·        Vendor info

Benefits

Upgradeable Device capable of executing multiple DRM functionalities

 

Represent Key

 

 

Detailed description of Requirements

Definition

The means to describe Keys and associated parameters

Objective

To provide a Device the necessary information to utilize a Key

Requirements

·        The Representation shall include

·        Key type and related data (e.g. Authentication, Certificates, etc.)

·        Set of Key types

Benefits

The ability to use multiple Keys and Key Management schemes

 

Represent Resource Format

 

 

Detailed description of Requirements

Definition

The means to describe the format of Resources

Objective

To provide the means to acquire Content containing suitable Resources for the Device

Requirements

·        The ability to express relevant parameters in a Resource format

o       Compression algorithm used

o       Video resolution

o       Bitrate used for encoding

o       Audio sampling frequency

o       Number of channels

o       Etc.

Benefits

To facilitate access to Content

 

Represent Device Capability

 

 

Detailed description of Requirements

Definition

The  means to describe the capabilities of a Device for processing Content Data or perform Functions

Objective

To describe the capability of a Device

Requirements

·        To identify Device capabilities, e.g.

o       capability to process (e.g. Render) certain Resource Types

o       capability to determine the applicability of  certain Rights Expressions

o       etc.

Benefits

The ability to acquire Content that is suitable for the Device

 

Authenticate

 

Authenticate User

 

 

Detailed description of Requirements

Definition

The Function of proving the identity of a User to a Device another User or Domain

Objective

To make sure that the User is the intended User

Requirements

·        Shall support multiple protocols for the authentication of Users

Benefits

To enable Content Uses by identified Users

 

 

Authenticate Device

 

 

Detailed description of Requirements

Definition

The Function of proving the identity of a Device to another Device a User or Domain

Objective

To make sure that Content is Used by the intended Device

Requirements

·        Shall support multiple types of Devices Identification schemes

Benefits

To enable Content Uses on identified Devices

 

Authenticate Domain

 

 

Detailed description of Requirements

Definition

The Function of proving the identity of a Domain to a Device, a User or another Domain

Objective

To make sure that Content is Used within the intended Domain

Requirements

·        Capable of coping with multiple Domain Management Models

Benefits

To enable Content Uses within identified Domains

 

Authenticate DRM Tool

 

 

Detailed description of Requirements

Definition

The Function of proving the identity of a DRM Tool to a Device

Objective

To make sure that the Content is processed by the intended DRM Tool

Requirements

·        Protocol for the Authentication of Tool

Benefits

Correct handling of Content Management and Protection

 

Authenticate Content

 

 

Detailed description of Requirements

Definition

The Function of proving the identity of a Content Item to a Device

Objective

To make sure that the Content has the proper Identity

Requirements

·        Protocol for the Authentication of Content

Benefits

To enable a Device to Use the intended Content

 

 

Verify

 

Verify Content

 

 

Detailed description of Requirements

Definition

The procedure to detect corruption or loss of part of the Content

Objective

Delivery of the correct Content

Requirements

·        Ability to detect that there is corruption or loss of part of the Content

Benefits

To assure Content Integrity and support Trust management in the case of DRM Tools

 

 

Verify Device

 

 

Detailed description of Requirements

Definition

The procedure to detect corruption of part of the software of a Device

Objective

To support Trust management with a Device that may be remote from a User

Requirements

·        Ability to detect that there is corruption of the Device software

Benefits

The ability to support Trust management with a Device that may be remote from a User

 

 

Certify

 

Certify User (TBD)

 

 

Detailed description of Requirements

Definition

TBD

Objective

TBD

Requirements

·        TBD

Benefits

TBD

 

 

Certify Device

 

 

Detailed description of Requirements

Definition

The issuance of a statement by an authority that the claim by a device to be a Device is guaranteed

Objective

To make sure that Governed Content is Used by a Device

Requirements

·        Device conformance testing tools

·        Procedures to Certify Devices

Benefits

To provide a guarantee that a Content Item is Used by a Device

 

 

Certify Content

 

 

Detailed description of Requirements

Definition

The issuance of a statement that a given Content Item is conformant to the DMP specifications (either through certified Content creation device or Authority and corresponding Agency)

Objective

To provide the means to assure when required that a Content Item is indeed  Content

Requirements

·        Content conformance testing tools

·        Procedures to Certify Content

 

Benefits

To guarantee system integrity

 

Manage

 

Manage Domain

 

 

Detailed description of Requirements

Definition

Procedure to manage a set of Devices such that only those Devices can Use the Content Licensed to the Domain

Objective

To enable groups of Devices and/or Users e.g. belonging to a family to Use the same Content on any of the Devices in the group

Requirements

·        Users with an authorised entitlement (Administrator) shall be able to fully control Domain membership and Content distribution.

·        Setting up a Domain, including the ability to distribute Rights Expressions that can only be used by Devices in the Domain

·        Joining a Domain

·        Authorising entry to a Domain

·        Leaving a Domain

·        Directing to leave a Domain, including the ability to exclude a Device so that it cannot process Rights Expressions associated with the Domain after the time of exclusion

·        Users without an authorised entitlement shall not be able to obtain confidential information related to the Domain

·        A Domain shall be configurable to permit a variety of distribution options between Devices belonging to the Domain, e.g. superdistribution of Content and Composite Content to Devices belonging to a sub-Domain within the Domain (e.g., specialized interest groups).

Benefits

Enables content distribution to be both very wide and very specific, supporting many possible business models.

 

 

Manage Use Data Confidentiality

 

 

Detailed description of Requirements

Definition

The means to allow User A to negotiate the way User B will utilise acquired User and Use Data of User A

Objective

To let two Users determine how the information acquired during their interaction can be further utilised

Requirements

·        Mechanism for protection of Use Data

·        Ability to decide the utilisation of Use Data

Benefits

Allows User confidence that their privacy will be protected, simultaneously allowing Providers to gain knowledge from User and Use Data to the extent this is agreed.

 

 

Access

 

Access Content

 

 

Detailed description of Requirements

Definition

The Function of making Content available to a Device so that a Device can execute Functions

Objective

To enable a Device to process Content

Requirements

·        Access via file download , broadcast and streaming

Benefits

Access to Content via all delivery mechanisms

 

 

Update

 

Update License (To be revised later)

 

 

Detailed description of Requirements

Definition

The means by which a Content Item may replace a License

Objective

Allow for Content to be Governed dynamically

Requirements

·        Associate Content with License

Benefits

·         

 

·         

 

 

Update DRM Tool (TBD)

 

 

Detailed description of Requirements

Definition

The means by which a Device

Objective

 

Requirements

 

 

 

 

 

Benefits

·         

 

·         

 

 

Process

 

Encrypt/Decrypt

 

 

Detailed description of Requirements

Definition

Methods used to hide portions or totality of Content Elements

Objective

To prevent a user from using Content, Resources or Fragments of Resources

Requirements

·        Suitably flexible for a wide variety of Content

·        Efficiently implementable on a wide range of Devices

·        Based on Encryption Algorithms that are:

o       publicly disclosed

o       subject to constant scrutiny and evaluation by the worldwide cryptographic community

o       supporting stream and bulk ciphers

o       considered as secure

o       in broad use

·        The appropriate consideration of export restrictions.

·        Encryption methods  that allow decryption by Devices with different processing capabilities

·        Support

o       Facilitate efficient prefetch and decryption of child resources.

o       Efficient random access to content blocks for all linear content types

Benefits

To protect Content and Rights Expressions from being read by unintended Users

 

 

Store/Retrieve

 

 

Detailed description of Requirements

Definition

The Function by which a piece of Content enters a Device from a Delivery System and remains there for later Use

Objective

Allow a User to retain a Content Item for later use

Requirements

There are no identified requirements

Benefits

The User can Use a Piece of Content for a longer period of time according to the Rights Expression

 

 

Copy/Move

 

 

Detailed description of Requirements

Definition

The Function by which a Content Item can be transferred to another Device, leaving the original (Copy) and deleting the original (Move).

Copy and Move are executed according to the Rights Expression.

Grouped together as a higher-level Function, the "Copy/Move" function accomplishes the transfer of a piece of Governed Content between Devices, either leaving the original in place ("Copy") or deleting the original ("Move").

Objective

To enable more use of the same Content Item

Requirements

·        A protocol to communicate with another Device to accomplish the function required by the definitions of Copy/Move, including the point-to-multipoint case

·        The protocol should lend itself to secure implementations

·        The protocol should lend itself to efficient implementations on a wide variety of Devices.

Benefits

Allow controlled Copy and Move of Content

 

 

Backup/Restore

 

 

Detailed description of Requirements

Definition

The Function by which a Device can Store a Copy of a Content Item (in case the Rights Expression is a Stateless Rights Expression) in a Device where the Content Item is not for Use, e.g. for the purpose of later Restoring the Content Item.

Objective

To be able to backup/restore Content to an external device

Requirements

Backup requires that the Backup does not result in a second usable copy.

Benefits

To be able to make room for Governed Content in a Device without losing permanently the Governed Content that is removed from the Device.

 

 

Export

 

 

Detailed description of Requirements

Definition

The Function by which a Device makes available a Content Item for use by a non-DMP DRM system.

Objective

To enable use of a Content Item outside of an Environment.

Requirements

·        A protocol to communicate with a non-DMP DRM system. This includes, as a minimum, a means to identify non-DMP DRM systems

·        The protocol should be capable of Exporting cleartext Resources, Metadata and License e.g. Content received in the clear is still available in that form in another DRM environment

Benefits

A Rights Holder has the ability to extend the range of use of their Content to other governed environments.

 

 

Import

 

 

Detailed description of Requirements

Definition

The Function by which a Device accesses a piece of content governed by a non-DMP DRM system.

Objective

To enable Use of a piece of governed content by a Device.

Requirements

·        A protocol to communicate with a non-DMP DRM system. This includes, as a minimum, a means to identify non-DMP DRM systems 

·        The protocol should be capable of importing cleartext Resources, Metadata and License from another DRM environment that makes it available in that form

Benefits

Enables Environments to be populated with governed content from sources outside of DMP.

 

 

 

Pay

 

 

Detailed description of Requirements

Definition

Providing Use, User, Device and Governed Content information to a payment system external to an Environment

Objective

To enable flexible payment systems such as subscription, pre-payment or transaction-based payment by a single Device, a Domain or a User.

Requirements

·        The ability to support multiple payment methods and mechanisms

Benefits

Automated payment

 

 

Package   

 

Package Content

 

 

Detailed description of Requirements

Definition

The Function of processing Content for the purpose of delivering it between Devices

Objective

To ensure proper delivery of Content

Requirements

·        Organize and associate Content for efficient and timely carriage in download, broadcast and streaming e.g. an End-User should not have to wait for a long time before Using Content

Benefits

Ability to make Content available through all types of delivery systems

 

Test Conformance

 

Test Conformance of Rights Expressions

 

 

Detailed description of Requirements

Definition

Checking that a Rights Expression is interpreted and provides the output as intended by the originator of the Rights Expression

Objective

To test conformance of the engine interpreting the Rights Expressions

Requirements

Device conformance shall be assessed and regulated according to industrial compliance regime

Benefits

It is essential for a Rights Holder that a Device will correctly interpret Rights Expressions.

 

 

Test Conformance of Enforcing Rights Expressions

 

 

Detailed description of Requirements

Definition

Checking that the Functions corresponding to the output are executed as intended

Objective

To test conformance of the engine executing the Rights Expressions

Requirements

Device conformance shall be assessed and regulated according to industrial compliance regime

Benefits

It is essential for a Rights Holder that a Device will correctly execute the interpreted Rights Expressions.

 

 

Test Conformance of Tamper resistance

 

 

Detailed description of Requirements

Definition

Defining the levels of tamper resistance and the methods to be used when an implementation is put under test for tamper resistance to determine such levels

Objective

To test the robustness of a Device to attacks

Requirements

 

Benefits

It is essential for a Rights Holder that a Device is implemented in a way that makes it difficult for an attacker to tamper with it.

 


 

Annex A

 

#  

Value-chain User

Acr.

Definition

1.       

Author

AUT

A User who creates Works

2.       

Performer

PRF

A User who Uses Works to make Content

3.       

Collective Management Society

CMS

A User who provides collective representation to its member, e.g. Authors, Performers, Publishers etc.

4.       

Producer

PRD

A User who produces Content

5.       

Publisher

PBL

A User who makes Content available to the public

6.       

Syndicator

SND

A User who manages and provides Content to Retailers using a variety of  purchase options

7.       

Metadata Service provider

MTP

A User who recognises, assigns, delivers and processes structured metadata

8.       

Mediation Service provider

MDP

A User who provides mediator/agent Services to broker “closed” information such as actor identity

9.       

Resolution Service provider

RSP

A User who provides the Service of mapping disparate sets of Metadata

10.   

Repository

RPS

A User who offers Services to name, describe, locate, access, manage, and secure information about Content

11.   

Monitoring Service provider

MNP

A User who provides Use Data information in aggregated form

12.   

Marketer

MKT

A User who provides promotional, sale enhancement, brand enhancement and Merchandising Services

13.   

Aggregator

AGG

A User who provides procuring, packaging, presenting, cataloguing, archiving, indexing and promoting Services typically to Retailers

14.   

Retailer

RTL

A User who sells or Licenses Content to an End-user

15.   

Technology licensing provider

TLP

A User who provides Device Manufacturers and Platform providers with a license to utilise patented technology to make Devices and Platforms

16.   

Device Manufacturer

DVM

A User who manufactures or assembles hardware and/or software components to make Devices

17.   

Connectivity provider

CNP

A User who provides point-to-point or point-to-multipoint connectivity between Users

18.   

Network Service provider

NTP

A User who provides IP (or equivalent) services and typically various other services above it, e.g. guarantee of quality of service

19.   

Platform Service provider

PLP

A User who provides services on (parts of) the technology infrastructure of a Value-chain

20.   

Security provider

SCP

A User who provides technologies and services related to the security technologies and all levels of relevant computer and network security solutions

21.   

Certificate Authority

CRA

A User who issues digital certificates used to create digital signatures and public-private key pair

22.   

Conformance certification provider

CCP

A User who provides conformance, robustness and encoding rules along with certification of satisfying same.

23.   

Clearing House

CLH

A User who collects Value Expressions from other Users to distribute to Right Holders for the purchase of Use Rights over a given instance of Content

24.   

Financial Service provider

FSP

A User who provides the infrastructure for financial transactions, and accept deposits and channel the money into lending activities

25.   

End-user

ENU

The last User in a Value-chain

26.   

Reseller

RSL A User who possesses the Right, acquired by sale, License or other transfer, to control the disposition and transfer of Content from End-users to different End-users

27.   

Public Authority

PBA

A User who provides rules relating to the Use of Content and taxation on transactions related to Content.

 

Annex B

 

Acronym

Name

AHG3

Ad hoc group established by DMP General Assembly

AHG6

Ad hoc group established by DMP General Assembly

CMS

Collective Management Societies

DC

Daisy Consortium

ENU

End-User

GA04

4th DMP General Assembly

PAV

Portable Audio and Video Device Requirements

PBB

Public Service Broadcasters

PRD

Producers

SMP

Sheet Music Publishers

Statutes

DMP Statutes

TO

Telecommunication Operators