Vous êtes sur la page 1sur 60

In InInt ttr rro oodu duduct ctction ionion t tto oo D DDigita igitaigital Righ l Righl Rights tstsM MMan

ananage ageageme memen nnt tt Grace Agnew SURA/ViDe Digital Video Conference March 2004

Digital Rights Management Definitions Intellectual Property Rights DRM System DRM Action Essential DRM Components Right of ownership and control of products of the creator s mind. WTOsupported Digital application to apply and enforce organizational policies for the access and use of IP Authorization decision based on intersection of attributes about user, content and usage Directory Services supporting authentication and authorization; Rights Expression; Rights Enforcement

Essential DRM Components Directory Services: Identity Management Authentication Authorization (Role-based Access Control) Procedures for establishing and maintaining identity including format, database structure, privacy and confidentiality Determining that the user requesting a service has the required ( authentic ) identity through a secured system Determining that the authenticated user possesses the authorized role to access a service or object. (e.g. student registered in History 101 )

Federated DRM Community of Trust : Common understanding. Shared agreement and enforcement among community members. Ex: Copyright Trusted Systems Standardized, shared technologies for establishing and enforcing DRM

Essential DRM Components Identity Management: Privacy: Whether the user s identity is exposed Confidentiality: Whether the user s activities are exposed Trust: Authenticates any entity in a rights transaction rights holder, rights requester and the content being requested.

Enabling Technology: Internet2 Shibboleth Project Developing architectures, policy structures, practical technologies, and an open source implementation to support inter-institutional sharing of web resources subject to access controls. Source: Shibboleth Project: http://shibboleth.internet2.edu

Why Shibboleth? .. Active privacy a core principle .. Emphasis on federated administration .. Emphasis on flexible yet secure access .. Establishes trust communities .. Open source with active community development .. Maturing project with increasing use in higher education and educational collaborations (e.g. NSF s National Science Digital Library) .. Utilizes mature, open source applications and standards, such as LDAP (lightweight directory access protocol

User requests a Shib-requested resource 2 1 Shibprotected resource User is directed back to home institution to authenticate 3 Home institution generates a temporary handle for user active privacy authenti cated RU faculty member not John Smith How Shibboleth Works

User receives access to resource How Shibboleth Works Uses temporary handle to request further attributes about the user (e.g., teaching in interinstitutional program with valid access to relevant e-resources at either institution User s home institution provides necessary attribute 4 5 6 Shibprotected resource

I IIss ssssu uues eses f ffor oror Tr TrTru uust stst an anand dd A AAu uut tth hhen enent tti iici cicit tty yy The Structure of Information (IFLA) Work Expression Expression Distinct intellectual or artistic creation Manifestation Manifestation Manifestation Item Intellectual or artistic realization of a work ( interpretation ) Physical manifestation of an expression. May differ in physical format, but not in content or interpretation Unique physical instance of a manifestation.

K KKe eey yy Wo Wo Wor rrk kk Co CoConc ncnce eep ppts tsts fo fofor rr Co CoCom mmm mmuni uniunity tyty D DDe eefi fifini niniti titio oon nn o Copy identical in the abstract and the concrete o Version Intellectual content unchanged concrete presentation differs (format, language) oRevision revisions should not impact reuse, according to community o Edition substantially the same but revisions impact use according to community policy. Attributes expanded, reduced policy. o Adaptation object based on theme or premise of another object. Community decision how granular the attribution should be. oDerivation Theme or premise of original object is starting point for new object

Digital Provenance record in RUL repositoryDigital Provenance record in RUL repo sitory

Lots of Copies Keep Stuff Safe Stanford-initiated project currently applied to ejournals that uses a peer-to-peer network to create a selective web cache by polling a web journal at intervals, storing content, and providing to authorized local users. Impli ImpliImplic cca aat tti iio oon nns ss f ffo oor rr D DDRM RMRM Robust access through distributed, redundant management beyond the rights holder or the authorized distributor.

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM R RRi iig gght hthts ss E EEx xxpr prpressi essiessio oon nn L LLa aanguag nguagnguage: e:e: .Documents offers & agreements between rights holders, intermediaries, and end users, providing rights to license, distribute, access and use resources. .Communicates rights, conditions on the exercise of rights, and other context relevant to the rights transactions.

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM . Defines the parties and concepts engaged in offers or agreements for the exercise of rights that are exercised against content. . Expresses the underlying business model(s) of the community sharing the DRM. . Employs data dictionary and a standard syntax to provide interoperable, logically consistent, semantically precise documentation for rights transactions . Should be human and machine interpretable

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM R RRI IIG GGH HHT TTS SSRights, Constraints, Agents and terms of agreement -tied to core IP processes - map readily. E EEX XXP PPR RRE EES SSS SSI IIO OON NNLogic for expressing IP offerings and licenses complex and incompatible - requires advanced parsing. L LLA AAN NNG GGU UUA AAG GGE EEXML provides common framework, grammar and syntax. Use of multiple schemas and subschemas adds parsing complexity

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM Rights Expression Implementations Documents the copyright status Passive Identifies the rights holder May provide guidance on attribution, reuse Documents and enforces permissions to Active be granted to the user, often after conditions are met or constraints imposed. Enforcement can be at point of access to content or prior to access.

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM Examples of Passive DRM: Creative Commons

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM Examples of Passive DRM: Rutgers Libraries RM

User Description Rights Holder Authentication Rights Video Object Permission Administration Authorization Rights ExpressionLanguagesinDRMRights Expression Languages in DRM Active Rights Management

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM Other resource metadata: .Administrative metadata: --provenance, fixity, context, reference, structure, and management. Rights MD may be a subset .Descriptive Metadata: information to discover, identify, select and obtain the resource .Structural metadata: Information a bout the structured relationship between components of a complex object.

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM REL in Context: Integration of Administrative, Descriptive, Structural & RightsMetadata: . integrated lifecycle management . insures consistency of content information across applications . Supports user decision-making in resource discovery and selection . Supports complex content management - shared repositories, content versioning; downstream management, multiple manifestations; multipart objects, etc.

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM MEMET TTS: S:S: Me MeMeta tatad dda aata tata Enc EncEnco ood ddi iing ngng & && T TTr rra aans nsnsm mmi iis sss ssi iio oon nn S SSta tatand ndnda aar rrd dd http httphttp:/ :/:// //www.l www.lwww.lo ooc

cc/ //g ggo oov vv/ //s ssta tatand ndnda aar rrd dds ss/ //m mme eets tsts/ // . Provides encoding and transmission of descriptive, administrative and structural metadata using XML . Provides for transmission of metadata. . Associates structure map, file types and behaviorswith digital objects to provid e intelligent complexobjects -e.g. E-Journal with machine and humanrecognizable le of contents, abstract, citation, etc. . Metadata schema providing simple rightsdeclaration issued for comment (Aug. 2003

tab

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM M MME EETS TSTS I IIM MMP PPLE LELEM MMEN ENENTA TATAT TTI IIO OON NN

Rights ExpressionLanguagesinDRMRights Expression Languages in DRM Policies; Terms of Agreement and Offer; Rights & Conditions Identification of Agents/Roles RELREL DRM System USERUSER Descriptive & Admin MD ResourceResource

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM Issues for Rights Metadata in R&E . Many IP models, including: open availability/public domain; educational fair use; e-commerce; archival materials with unclear provenance; government records/collaborations with retention schedules and classification statuses; copyright; patentable ideas, complex collaborations, etc. . Creators closely bound to IP -want and need active involvement in setting rights; revising rights. . Many agents with complex creation, publication, distribution roles. Resources are also varied, complex and dynamic

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM Two Developed languages: XrML and ODRL X XXr rrM MML LL --E EExt xtxten enensi sisibl blble ee Ri RiRigh ghght tts ss M MMar arark kku uup pp L LLan anangu guguage ageage w wwww. ww.ww.x xxr rrm mml ll.or .or.org gg

Current version -2.0 (2001-11-20) Developed from Xerox PARC s Digital Property Rights Language (1996) ContentGuard -Patent/License owner; language developer

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM X XXrML rMLrML C CCo oor rre ee C CCo oon nncept ceptcepts: s:s: L LLi iic ccense enseense -- c cco oont ntntai aiainer nerner of ofof g ggr rrant antants ss o oor rr gr grgra aan nnt ttgr grgrou ououps. ps.ps.

G GGr rra aant ntnt --b bbe ees sst ttow owows ss aut autauthor horhori iiza zazat tti iion onon t tto oo exer exerexerc cci iise r se rse ri iig gght htht Pr PrPri iin nnc cci iipa papal ll --actors to whom rights are granted R RRi iig ggh hht tt --action that a principal can exercise on a resource R RResourc esourcesource ee --object for which rights are granted C CCo oon nndi didit tti iion onon -terms, conditions or obligations that affect

the exercising of a right.

R RRi iigh ghght tts ss E EExp xpxpr rressi essiession onon L LLan anangu guguag agages eses i iin nn D DDR RRM MM XrXMLrML License yIssued bPrincipals Contains Grants Principals authorize Subject to Exercise Right(s) Conditions Resource

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM XrML Three Schemas

.Core schema -Specifies semantics and rules for licenses, grants, core resource types and core rights related to licenses and grants . Standard Extension Schema -types and extensions for multiple scenarios ( sx ), particularly payment, conditions, and names. . Content extension schema -types and elements for describing rights, conditions and metadata specific to digital works. (cx)

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM XrML Highlights and Issues: .Integrates XML core technologies in a hybrid language/middleware implementation. . Xpath, UDDI, Dsig, etc. integrated into the rules of expression and syntax-requires careful versioning across technologies. . Emphasis on end-to-end trusted systems from digital signatures for licenses to direct payment to bank accounts. . Requires stateful conditions to point to location where state is maintained.

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM X XXrML rMLrML H HHi iighl ghlghli iight ghtghts and Issues: s and Issues:s and Issues: . Core concept of trusted issuer -digital signature for license integrity . Hybrid language is dense, not always eye-readable or hand-codable. . Can be intentionally opaque -rights and conditions can be referenced by directory pointers rather than explicit. . Patent issues with XrML license . Widespread adoption MPEG21, Open EBook

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM X XXrML rMLrML H HHi iighl ghlghli iight ghtghts and Issues: s and Issues:s and Issues: .Very functional and extensible -strong data integrity support; usage tracking; nested rights and conditions, downstream rights; preconditions, such as acceptance of terms and conditions and license revocation status calls; . Can imbed other MD schemas via namespaces; community extension schemas supported; . Copyright, attribution and watermarking supported.

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM MPEG-21: Multimedia Framework: Based on two concepts: . Fundamental unit of Distribution and Transaction the Digital Item . Concept of Users interacting with Digital Items Quoted From: MPEG-21 Home Page http://www.chiariglione.org/mpeg/standards/mpeg-21/mpeg-21.htm

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM MPEG21 REL data model for a rights expression: Four basic entities and the relationship among those entities. This basic relationship is defined by the MPEG REL assertion grant , which consists of: .The principal to whom the grant is issued .The right that the grant specifies .The resource to which the right in the grant applies .The condition that must be met before the right can be exercised http://www.chiariglione.org/mpeg/standards/mpeg-21/mpeg21. htm

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM MPEG-21 REL Data Model

http://www.chiariglione.org/mpeg/standards/mpeg-21/mpeg-21.htm

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM O OOD DDR RRL LL -- O OOpen penpen D DDi iigi gigit ttal alal R RRi iig gght hthts ss L LLa aan nng gguag uaguage ee h hht ttt ttp: p:p:/ /// //o oodr drdrl ll.ne .ne.net tt

. Developed and Managed by IPR Systems (Renato Iannella) . Current version: 1.1 (2002-08-08) . Open source -freely available

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM O OOD DDR RRL LL C CCore oreore C CCo oonc ncncept eptepts: s:s: .Asset -uniquely-identified content .Rights -include permissions to interact with assets, which can include constraints (limits), conditions (exceptions that expire permissions) and requirements (obligations that must be met before permissions can be exercised. .Parties -end users who exercise permissions and rights holders who grant permissions (subject to constraints and conditions)

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM OD ODODR RRL LL Sc ScSch hhe eem mmas: as:as: . Expression language ( ex ) . Data Dictionary language ( dd ) ODRL supports the expression of Permissions for both Offers and Agreements Ianella, R. Open Digital Rights Language (ODRL) v. 1.1 2002-08-08. http://odrl.net/1.1/ODRL-11.pdf. p. 5

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM ODRL -Adaptation of ODRL Foundation Model

Open Digital Rights Language (ODRL) v. 1.1 2002-08-08. http://odrl.net/1.1/ODRL11.pdf. p. 4 Rights Agreement Context PartyRights Holder Permission Constraint Requirement Condition Offer

Ianella, R. Open Digital Rights Language (ODRL) v. 1.1 2002-08-08. http://odrl.net/1.1/ODRL-11.pdf. p. 5 Rights ExpressionLanguagesinDRMRights Expression Languages in DRM

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM ODRL Highlights and Issues . Concept of context adds unique identifiers and relevant information about any entity or the relationship between entities. Roles are an explicit attribute of parties (rights holders and end users). Rights for a single asset can be layered by party role. . Rights holders have explicit royalty attributes . R RRe eeq qqui uiuir rre eem mmen enent tts ss and andand con concondi didit tti iion onons c s cs can have boo an have booan have bool lle eean ( an (an ( and and and o o or

rr ) )) l llo oogi gigic cc

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM ODRL Highlights and Issues . Rights can be assigned to assets based on physical format (support for rights layered by physical or digital manifestation, ) or subparts. Quality and Format are explicit attributes. . Language is very functional but lightweight and eyereadable. Technologies and protocols ( middleware ) to accomplish rights transactions is not specified. . Transfer permission explicitly embeds permissions to be passed on for downstream asset use, together with attributes equal, less, and notgreater. . Can imbed other MD schemas via namespaces

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM XrML and ODRL Comparison: I IIde dedent ntnti iif ffyi yiying t ng tng th hhe ee U UUs sse eer rr a aas ss a aan aut n autn auth hhor orori iiz zze eed re d red regi gigis sst ttrant rantrant i iin nn t tthe hehe course, course,course, 3 301 H

01 H01 Hi iis sst ttory of ory ofory of F FFi iil llm mm

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM X XXrM rMrML LL <grant> <keyholder licensePartId= 301 History Of Film Registrant"> <info> <dsig:KeyValue> <dsig:RSAKeyValue> <dsig:Modulus>n4rtmxz5/2x1uioP598tyu89olk /> <dsig:Exponent>AQABAA</dsig:Exponent> </dsig:RSAKeyValue> </dsig:KeyValue> </info> </cx:keyholder>

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM <possessProperty /> <library:identification> <library:scheme>http://www.history.rutgers.edu/301HistoryOfFilm/registration </library:scheme> <library:value>student</library:value> </library:identification> </grant>

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM O OOD DDR RRL LL <o-ex:constraint id= 301 History Of Film Registrant"> <o-ex:group> <o-ex:context> <o-dd:uid> http://www.history.rutgers.edu/301HistoryOfFilm/registration </o-dd:uid> </o-ex:context> </o-ex:group> </o-ex:constraint>

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM O OOf fff ffer erer t tto oo re rereg ggi iist ststr rra aant ntnt: :: perm permpermi iissi ssission t on ton to vi o vio vie eew ww C CCa aasabl sablsabla aanc ncnca aa f f fo oor rr t tth hhr rree

eeee w wwee eeeek kks, s,s, f ffrom romrom f ffi iirst rstrst acce acceaccess ssss. ..

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM <grant> X XXrML rMLrML <for all varName= 301 History of Film registrant > <everyone> <library:identification> <library:scheme> http://www.history.rutgers.edu/301HistoryOfFilm/registration </library:scheme> <library:value>student</library:value> </library:identification> <trustedIssuer> <keyHolder licensePartIdRef="trustedissuer /> </trustedIssuer> </everyone> </forAll> <keyHolder varRef= 301 History of Film Registrant >

R RRi iigh ghght tts ss E EExp xpxpr rressi essiession onon L LLan anangu guguag agages eses i iin nn D DDR RRM MM X XXrML rMLrML <grant> <sx: play/> <cx:digitalWork licensePartIdRef= Casablanca"/> <sx:validityIntervalFloating> <sx:stateReference> <uddi> <serviceKey> <uuid>1F8903B0-FC03-4c5b-A445-AAFCCEC01333 </uuid> </serviceKey> </uddi> </sx:stateReference> </sx:validityIntervalFloating> </grant>

R RRi iigh ghght tts ss E EExp xpxpr rre eessi ssission onon L LLan anangu guguages agesages i iin nn D DDR RRM MM O OOD DDR RRL LL <o-ex:permission> <o-ex:asset idref= Casablanca /> <o-dd:play> <o-ex:constraint idref= 301HistoryOfFilmRegistrant" type="http://odrl.net1.1#forEachMember /> <o-ex:constraint> <o-dd:interval>PT90D</o-dd:interval> /o-ex:constraint> </o-dd:play> </o-ex:permission>