Rights Expression Languages in Digital Rights Management

Xin WangContentGuard, Inc.October 19, 2006

Outline

Concepts and purpose of DRM License-based DRM Systems Roles of RELs in DRM Business models Supported by RELs Conclusions

DRM Concepts

Digital Assets Any resources, contents and services in digital domain

Digital Rights Privileges for creating, distributing, using and managing

digital assets Digital rights are not just copyrights – e.g., meta-rights

Licenses Digital expressions or objects that carry information about

digital rights Digital Rights Management (DRM)

A unified approach to specifying, interpreting, enforcing and managing digital rights

Content protection and watermarking technologies are supporting ones to make DRM more effective and robust.

DRM Purposes

Not just prevent illegal access and sharing of digital assets

But, more importantly, allow authorized access and enjoyment to more high quality assets in more convenient fashions

and, at the same time, create more markets and businesses for creating, distributing and consuming digital assets

DRM in Multimedia Commerce

Consumer

Protectedcontent

Rights &

Conditions

Prices &

Business models

Author / Artist

Originalcontent

Create Package Sell Play

Retailer

Protectedcontent

Rights &Conditions

Publisher

Protectedcontent

Rights &Conditions

Prices &Business models

ClearRights &PaymentDistributeAggregate

License-Based DRM

Consumer

Protectedcontent

Author / Artist

Originalcontent

Create Package Sell Play

Retailer

Protectedcontent

Publisher

Protectedcontent

ClearRights &Payment

DistributeAggregate

License server

License

Rights &Conditions

Prices &Business models

Rights &

Conditions

Prices &

Business models

Rights &Conditions

Prices &Business models

License-Based DRM Systems To use content, one needs to have a valid license to grant

usage and possibly provide crypto key and other information for authorized usage of content

Characteristics Licenses are associated with content, but can be separated entities

with their own life cycle issuance, distribution, consumption, revocation and expiration

Licenses specify who have what rights over what resource under what terms and conditions

play, print, adapt, … Licenses also provide information for implementing business

models, rather than applications hard code it preview for 3 times, rent for a week, …

Licenses also carry information for content protection and trust management

encrypted content decryption key, license issuance and revocation, … Licenses can be defined using Rights Expression Languages (REL)

ISO MPEG REL, OMA DREL, XrML, XMCL, …

Rights Expression Language (REL)

A standard language used to specify rights and their terms and conditions in the form of licenses for distributing and using digital assets

Provide an authorization model to determine if a principal has the right to perform an action on a resource according to licenses within a given system context

Support flexible business models in the end-to-end distribution value chain

Enables trusted systems to exchange digital contents and interoperate for end-to-end DRM

Development History of RELs

95 06

96 97 98 99 00 01 02 03 04 05

Nov 01XrML 1.2.1

Nov 01XrML 2.0

Apr 2000XrML 1.0

Mar 04MPEG REL

Mar 96DRPL 1.0

Nov 98DPRL 2.0

Nov 01ODRL 1.0

Jun 00XrML 1.03

Aug 00ODRL 0.5

Aug 02ODRL 1.1

Jun 04OMA DREL 1.0

Jun 01XMCL

Latest Development of RELs

MPEG REL ProfilesMAM (Mobile And optical Media)DAC (Dissemination And Capture)OR (Open Release)

OMA REL Broadcast profile China AVS DREL

MPEG REL Data Model

License

Grant Issuer

Principal Right Resource Condition

A license conveys that an issuer authorizes rights in the forms of grants.

A grant specifies that a principal has a right over a resource under certain conditions.

A Simple MPEG REL License<license xmlns="urn:mpeg:mpeg21:2003:01-REL-R-NS"

xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:mx="urn:mpeg:mpeg21:2003:01-REL-MX-NS" profileCompliance="urn:embedded:rel-profile">

<grant> <keyHolder licensePartID="Alice">

<info><dsig:KeyValue> <dsig:RSAKeyValue><dsig:Modulus>oRUTUiTQk … </dsig:Modulus> <dsig:Exponent>AQABAA==</dsig:Exponent></dsig:RSAKeyValue> </dsig:KeyValue></info>

</keyHolder><mx:play/><mx:diReference> <mx:identifier>urn:PDQRecords:song:WhenTheThistleBlooms.mp3</mx:identifier></mx:diReference><validityInterval> <notBefore>2003-02-13T15:30:00</notBefore> <notAfter>2003-03-13T15:30:00</notAfter></validityInterval>

</grant> <issuer licensePartID=“PDQRecords”> <dsig:Signature><dsig:SignatureValue>zIRYaxl5EX … </dsig:SignatureValue> <dsig:KeyInfo><dsig:KeyValue><dsig:RSAKeyValue><dsig:Modulus>yQ== … </dsig:Modulus><dsig:Exponent>AQAB==</dsig:Exponent></dsig:RSAKeyValue> </dsig:KeyValue></dsig:KeyInfo></dsig:Signature> </issuer></license>

“PDQ Records grants Alice the right to play a

song for a month.

Authorization in DRM

“Can Alice play this .mp3 file?”

“Under what condition?”

“Accordingto whom?”

License-Based Authorization

RELAuthorization

Engine

“Current time is 2003-12-21T10:00:00”

“anyone can play mySong.mp3 in Dec

2003”, Bob says.

AuthorizationQuery

AuthorizationResponse

ContextInformation

“Can Alice playmySong .mp3?”

“Yes, accordingto Bob.”

RELLicenses

Generic DRM Flow

usage tracking& reporting

REL-basedauthorization

contentdecryption

watermarkdetection

authenticationuser

interactioncapability

presentation

contentrendering

exceptionhandling

eventreporting

“play, save, email …” “I want to play” “who are you?” “do you have right to play?”

“you’ve played …” “playing …” “Watermark presents?” “decrypt using AES…”

“player crashed …”“playing is authorized …”

Typical REL Licenses

End-user license rights to play, print, modify, …

Attribute license right to possessProperty

Distribution license right to issue other rights

Offer license right to obtain other rights

Revocation license right to revoke other rights

Hybrid licenses condition prerequisite on other licenses

Advanced REL Features

Variable Flexibility to specify an element instance at the time of

exercising right, but not at the time of issuing the license Convenience for a collection of elements with common

properties Pattern

Capability of specifying a set of element instances according to some rules

Service Reference Encapsulation of information necessary to interact with a

service Support interoperability for stateful conditions

Delegation Allowance and control on how rights can be delegated and

transferred

Business Models

Unlimited usage Flat fee sale Pay per view Preview Promotion Subscription/Membership Transfer Gifting Personal lending Library loan

Site/volume license Rent Territory restricted Component based model User types based model Payment to multiple

rights Holders Super-distribution Multi-tier models Composite content

Example Business Models

Fixed subscription Monthly or annually charge (e.g., $19/month for any songs in

subscription) Limited subscription

Monthly charge with fixed amount of content consumption (e.g., $9/month, up to 35 movies each month)

Event or transaction based charging Pay per view, per file, or per message (e.g., 10¢ per message) Burn to CD, output to portable device (e.g., 69¢ to listen a song,

but 99¢ to burn to CD) Session-based charging

Charged according to amount of time or data traffic used, (e.g., 2¢ per minute or KB)

Multi-tier models Fixed subscription for Gold members, limited subscription for

regular members 2 or more levels of limited subscription (e.g., $9/m for 35 movies,

$19/m for 100)

Subscription and Domain Management

Subscription management Subscriber license

“Alice is a subscriber until Dec 31, 2006, issued by provider P” Subscription license

“Anyone X can play a collection of content, provided X has a valid subscriber license issued by provider P”)

Domain management Domain-device license

“Desktop PC Z is a device of domain Y, issued by domain manager M”

Domain license “Any device X can play a collection of content, provided X has

a valid domain-device license issued by domain manager M”

Conclusions

License based DRM systems support more flexible business models, via use of licenses

RELs are languages used to specify rights and their terms and conditionsprovide the authorization function to grant

rightssupport flexible business models in the end-

to-end distribution value chainenables trusted systems to exchange digital

contents and interoperate for end-to-end DRM