|
The Digital Media Project |
|||
|
Source |
GA05 |
Date: |
2005/01/28 |
|
Title |
Interoperable DRM Platform (IDP) Functions and Requirements |
No. |
0328/GA05 |
Interoperable DRM Platform (IDP) Functions and Requirements
DMP Specifications
2 DMP Requirements
3 General IDP Requirements
4 Benefits of DMP Specifications.
4.1 Toolkit and interoperability
4.2 The DMP Content Format (DCF).
4.3 Other examples of benefits
5 Specific Requirements.
Annex A.
Annex B.
The Digital Media Project (DMP) is a not-for-profit organisation with the mission to “promote continuing successful development, deployment and use of Digital Media that respect the rights of creators and rights holders to exploit their works, the wish of end users to fully enjoy the benefits of Digital Media and the interests of various value-chain players to provide products and services, according to the principles laid down in the Digital Media Manifesto”.
DMP has identified “Interoperable Digital Rights Management (DRM)” as the technology whose deployment can further the goals stated in its Mission and has developed a work plan whose current version foresees, inter alia, the development and publication of:
1. Technical Specifications for Interoperable DRM Platform
a. Phase 1 (IDP-1) will be approved in April 2005
b. Phase 2 (IDP-1) in October 2005
2. Technical Specifications for DMP Use Cases
a. Phase 1 will be approved in April 2005
b. Phase 2 will be approved in October 2005
3. Recommended Practices for End-to-End Conformance (EEC) in July 2006.
To become aware of the technologies required to implement its Technical Specifications DMP issues Calls for Proposals. In July 2004 the DMP issued a Call for Proposals (CfP) on “Portable Audio and Video (PAV) Devices”, relevant to point 1. a and 2.a above. It is planning to issue another CfP relevant to point 1.b and 2.b above.
Calls for Proposals make reference to a Requirements document, called “IDP Requirements”. The DMP is currently busy collecting said requirements from a variety of sources. So far requirements from representatives of the following Value-Chain Users (VCU) have been contributed:
1. Civil Rights Associations
2. Collective Management Societies
3. Device Manufacturers
4. Individuals
5. Producers
6. Public Service Broadcasters
7. Sheet Music Publishers
8. Telecommunication operators
A list of Value-Chain Users identified so far DMP, and whose requirements the DMP expects to include is given in Annex A. All Value-Chain Users are encouraged to provide additional requirements that satisfy their needs or to comment on the existing ones. They will be incorporated in this document after review by DMP. The IDP Requirements document is posted on the open DMP web page so that contributors have an opportunity to review and possibly make further comments on the document.
This document should be read bearing in mind that words beginning with a capital letter have the meaning specified in the DMP Terminology. Please note that the DMP Terminology document, too, is work in progress.
Those wishing to comment on or contribute requirements to this document should forward their submissions to Marc Gauvin (mgauvin@sdae.net). Submissions will be discussed by the Ad hoc Group on Requirements for Interoperable DRM Platform. To subscribe to the ad hoc group reflector follow the instructions.
The table below gives the general IDP requirements. The acronyms in the 3rd column represent the source of the requirements and are defined in Annex 2.
Note that the list is work in progress.
|
|
IDP shall be a “tool-kit” specification
|
GA04 |
|
|
IDP shall evolve in phases, each phase introducing new tools |
GA04 |
|
|
IDP tools shall support all legitimate needs by |
|
|
|
Value-Chain Users |
Statutes |
|
|
Cultures |
DC |
|
|
IDP shall support Rights inheritance, i.e.the set of Rights acquired by a given Value-Chain User is subject to the set of Rights that was available to the Value-Chain User granting the Rights. E.g. a Producer Using a Work to produce a piece of Content can only grant a conditional subset of those Rights to that Content that have been granted him by the Author of said Work |
AHG03 |
|
|
IDP shall support the ability of a VCU A providing services to a VCU B to be “seen” by VCU B even though VCU A may rely on the services of VCU C in its relationship with VCU B |
TO |
|
|
Licensing of technologies required to implement IDP tools shall be RAND and preferably royalty-free |
DC |
|
|
IDP shall contain tools to minimize impact on end-user (transparency). |
DC |
|
|
DMP Use Cases shall describe how specific applications can be supported by IDP tools |
GA04 DC |
|
|
DMP Use Cases shall provide a small number of Rights Expression templates that are well understood by end users |
AHG06 |
|
|
IDP shall support multiple means to evaluate content use? |
AHG06 |
The toolkit nature of IDP allows solving one of the thorniest problems of DRM interoperability. Indeed the general need of different VCUs to interoperate across Value-Chains clashes with the broad range of Value-Chain functionality. The IDP toolkit enables Users:
1. To set up Value-Chains supporting specific business models. As tools are independently specified it is possible to create a competitive market of tool suppliers
2. To make their Value-Chains grow in functionality in a scalable fashion
3. To retain interoperability with Users of other Value-Chains
DMP will develop a Use Case document. The purpose of that document is to describe how specific Value-Chains can be set up using the IDP tool-kit. Some of those Use Cases may be made normative to enhance interoperability between Users of well-understood Value-Chains.
Imagine a population of DMP Devices that can Use DMP Content and enable End-Users to perform TRUs, e.g. Annotate DMP Content. The annotated Content could be Released by embedding the original Content in a new DCF. This would have a new DCF identifier that could either be obtained from an identifier-issuing agency or automatically from the identifier space of the DMP Device utilised to Annotate that DMP Content.
Note that DMP Content Distribution itself needs not use the same DRM tools as it could be Released as a DMP Content with
1. DCF identifier, DCF describing Resources and Metadata, Resources and Metadata
2. ditto + Rights Expression
3. ditto + Resource Encryption
TBD
|
Category |
Function |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Detailed description of Requirements |
Source |
|
Definition |
The means to uniquely and unambiguosly · identify a piece of o Content Data o Content Data Element o Use Data · refer to the identification. |
PAV |
|
|
The means to uniquely and unambiguously · identify o Work · refer to the Work identification. |
CMS |
|
|
The means to uniquely and unambiguously · identify o Work and its constituent parts · refer to the Work identification. |
SMP |
|
Objective |
To support the association of Resources, Metadata, Rights Expressions, Licences and/or Use Data with a piece of Data that may be remote from such Resources, Metadata, Rights Expressions, Licenses and/or Function that generated the Use Data. |
PAV |
|
|
To support the association of Work, Resources, Metadata, Rights Expressions, Licences and/or Use Data with a piece of Data that may be remote from such Work, Resources, Metadata, Rights Expressions, Licenses and/or Function that generated the Use Data. |
CMS |
|
|
To support the Use of a Work and/or its parts |
SMP |
|
Requirements |
1. Unambiguous identification of a piece of Content Data and Content Data Element 2. Unambiguous identification of Use Data 3. Ability to work in conjunction with multiple, existing industry schemes for Content Data identification. 4. Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete. |
PAV |
|
|
· Unambiguous identification of a Work · Unambiguous identification of a Work Use License and Data |
CMS |
|
|
· Identify Work within an organisation (#3 in PAV?) · Avoid duplication of Work Identifiers over time (#4 in PAV?) |
PBB (PRD) |
|
|
· Unambiguous identification of a Work and its parts |
SMP |
|
|
Answer to Sony queries. In the PAV Requirements we refer to Content Identification required for particular PAV implementations and not all identification schemes. But at the IDP level we include any standard identification scheme provided by VCUs. |
DVM |
|
|
Content should be identifiable by different VCUs to enable tracing the origin of content when licensed to other VCUs |
BT |
|
Benefits |
· Flexible distribution schemes where different Content Data Elements may be supplied from different sources. · A given Content Data Element may be referenced by a multiplicity of Composing Content without duplication. · Fine granularity of Rights Expressions. |
PAV |
|
|
· Permit tracking of a Work throughout copy generations and variations. |
CMS |
Identify License
|
|
Detailed description of Requirements |
Source |
|
Definition |
The means to identify the appropriate License of Work contained in Governed Content in a particular instance of Use |
CMS |
|
Objective |
· To support the association of the use of a Work (e.g. Use Context) within a piece of Governed Content with the appropriate License or License identifier · To support Trust Management |
CMS |
|
Requirements |
· Compatible with administration of Domains for Work Use, i.e. that a Work can only be Used in a specific Domain (e.g. a Broadcast Footprint, a company) · Ability to associate a given set of Rights Expressions with the appropriate License and Use Context · Ability to work in conjunction with existing industry schemes to deliver specific Licensed uses. · Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete. |
CMS |
|
Benefits |
Guarantee appropriate Licensed Uses of Works |
CMS |
|
|
|
DMV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The means to identify Use domains |
AHG3 |
|
Objective |
To identify groupings of Users and/or Devices. For the time being only End-Users are considered |
AHG3 |
|
Requirements |
· The following types of Domain shall be supported o Device-based o User-based § By enumeration § By reference to a legally established class of special users o Location-based |
AHG3 DC |
|
|
· Hierarchy of Domains shall be supported |
PM |
|
Benefits |
Enable more Uses of Content by identifying groupings of Users and/or Devices instead of just Users or Devices |
AHG3 |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The means to identify the device that represents the (human, corporate etc.) User in a particular instance of Use |
PAV |
|
Objective |
To enable · Content Access and Use of Content and Services · Payment systems to operate |
PAV |
|
Requirements |
· Being usable for the purpose of User authentication · Ability to accommodate a variety of models for human interaction with Devices e.g.: o Allow a single User to use multiple Devices, o Allow multiple Users to share a single Device, o Allow the use of a confidential identity, · Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete. |
PAV |
|
|
· Supports identification of identity of user to which content was licensed |
DC |
|
|
· To provide the means to identify the authorities responsible for certifying:
|
|
|
|
· The ability to express the age of the User |
|
|
Benefits |
Depending on a given device's design, allows one User to employ multiple devices or allows multiple Users to use a single device. Useful in the event of disaster recovery scenarios when a device or storage medium is destroyed |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The means to identify the Device employed in a particular instance of Use |
PAV |
|
Objective |
· To support the association of a piece of Governed Content with a Device · To support Trust management |
PAV |
|
|
· To support the association of the Use of a Work with a Device |
CMS |
|
Requirements |
· Compatible with administration of Domain models for Use. · Ability to work in conjunction with existing industry schemes to administer customer/device-specific uses. · Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete. |
PAV |
|
|
· Ability to obtain Device capability information from the Device Identifier |
DC |
|
Benefits |
· Allows reliable administration of Device-based Uses. · Compatible with succession strategies in cases where a Device is destroyed or otherwise replaced, or else used only for a period of time after which a different Device will be used. |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
Identification of Content formats |
PAV |
|
Objective |
To provide the means to identify Content formats |
PAV |
|
Requirements |
· How to identify Content formats |
PAV |
|
|
· Relevant parameters in a content format o Compression algorithm used o Video resolution o Bitrate used for encoding o Audio sampling frequency o Number of channels o Etc. |
AHG3 |
|
Benefits |
The ability to acquire Content that is suitable for the Device |
PAV |
|
|
The ability to acquire a Work that is suitable for the Device as per Rights Expressions and Licenses issued by Authors and CMSs |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The means to identify that the Context of Use of a Work is in accord with License stipulated by the Author/CMS and according to the Author’s moral rights. These limits would relate to identifiable associations of a Work with the presence of another Work, Logo, Name (i.e. names of commercial entity, political or religious entities), Domains, IP or geographic region etc. Example is content released under a “free use” License that shall not be used for political purposes |
CMS |
|
Objective |
· To support associating a Work or only associating a Work with an identifiable pre-determined Context or Contexts in accord with the intended limits of associating a Work as stipulated by the Author · To support Trust management |
CMS |
|
|
· To support Rights "packaging" |
PM |
|
Requirements |
· Compatible with administration of Domain for Work Use. · Ability to work in conjunction with existing industry schemes to administer specific Work Uses. · Ability to identify other Works and objects associated within an identifiable digital unit such as a Web object or Digital Item |
CMS |
|
Benefits |
Allows reliable administration of intended Work Uses |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
Identification of capabilities of a Device to handle Data or perform Functions |
PAV |
|
Objective |
To provide the means to identify the functionality of a Device |
PAV |
|
Requirements |
· To identify Device capabilities, e.g. o capability to process (e.g. Render) certain Resource types; o capability to process certain Content formats o capability to process certain Rights Expressions o etc. |
AHG3 |
|
Benefits |
The ability to acquire Content that is suitable for the Device |
PAV |
|
|
The ability to acquire a Work that is suitable for the Device as per Rights Expressions and Licenses |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The means to identify the Tool employed in a particular instance of Use |
GA05 |
|
Objective |
To be able to Access the Tools required |
GA05 |
|
Requirements |
· Tools may be used by different Content Providers · Tools may be used in different Devices · Tools may have versions |
GA05 |
|
Benefits |
The ability to Access Tools that are suitable for the Device |
GA05 |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The function performed by an Authority to assign an Identifier to a Work, a Resource, a piece of Content, Device, or User |
AHG3 |
|
Objective |
To unambiguously associate descriptive data to a Work, a Resource, a piece Content, Device or User |
AHG3 |
|
Requirements |
· Check origin of Work for which Identifier is requested · Check that the requester qualifies as Author of Work |
CMS |
|
|
· Check that the requester represents a qualified Author of Work (agency) |
PM |
|
Benefits |
Form trusted relationships and give all Users confidence in the Work, Resource or Device. Check that any entity that can be identified is justly and correctly identified. |
AHG3 |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The function performed by an Authority to assign a Descriptor to a Work, a Resource, a piece of Content, Device, or User |
AHG3 |
|
Objective |
To facilitate the search for Works, Content, Content Data, Devices, Users |
AHG3 |
|
Requirements |
· To include the following mandatory fields o Author o Title o Genre of Authorship o Date of Creation of Work … |
CMS |
|
|
· Assign Descriptors that facilitate cataloguing Content for B2B distribution |
SMP |
|
Benefits |
Easy and accurate retrieval of Works, Resources or pieces of Content |
AHG3 |
Revoke
|
|
Detailed description of Requirements |
Source |
|
Definition |
The function by which an authority ceases to recognise a particular Domain |
PM |
|
Objective |
Support Domain Management |
PM |
|
Requirements |
· |
PM |
|
Benefits |
|
PM |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The means to organize and associate Content Data and Content Data Elements including Resources, Metadata, Rights Expressions and Licenses. |
PAV |
|
|
Metadata can include Work-related information such as Work Identifier, Authors |
CMS |
|
Objective |
Provide for the ability to group any of the following components: Resources, Metadata, Rights Expressions and Licenses |
PAV |
|
Requirements |
· Persistent Association of Identifiers and Metadata to Resources · Ability to include encrypted and unencrypted Data · Ability to apply Rights Expressions to Composite Content components · Ability to Use Content Data Elements from Governed Content · Ability to associate Composite Content Elements stored at locations remote from each other · Ability to support association of Composite Content Elements · Ability to support Element unavailability, both temporary and permanent. |
PAV |
|
|
· Standard format for Work-related information |
CMS |
|
|
· Compatibility of Resource Descriptors with existing standards · Organize and associate (i.e. multiplex) Rights Expressions and Content for carriage in broadcast and streaming · Efficient communication of Rights Expressions § An End-User should not have to wait for a long time before Using Content · Organize and associate (i.e. multiplex) Metadata and Content for carriage in broadcast and streaming · Efficient communication of Metadata § An End-User should not have to wait for a long time before Using Metadata |
PBB |
|
|
· Content shall be represented in a Delivery-System agnostic format |
AHG03 |
|
|
· Ability to access information related to § Key management § Encryption methods § Watermarking |
Bentley |
|
Benefits |
· Different Uses of the same Content (e.g. Resource selection) · Executing sets of Functions on Content that serve for orientation, navigation and judgement (e.g. searching/filtering content) |
PAV |
|
|
· License Different Uses of the same Work (e.g. Work based Resource selection) · Ability to apply Work based Author and CMS issued Rights Expressions and Licenses to Composite Content components containing various types of Works/Resources (Audio, Video, Graphic etc.). · Ability to find out which Works are employed in a piece of Content |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
A format representing how the Use of a piece of Governed Content has actually taken place in a Device |
PAV |
|
Objective |
To enable further digital processing of Use Data |
PAV |
|
Requirements |
· Ability to identify Use Data · Ability to support protection of Use Data · Ability to convert Use Data to a human readable form · Ability to represent a wide range of Content Uses e.g. time of Use, Composite Content, Domains, Superdistribution Uses |
PAV |
|
|
· Ability to identify Use Data pertaining to a Work · Ability to support protection of Work Use Data · Ability to represent a wide range of Work Uses e.g. time of Use, Composite Content, Domains, Super-distribution Uses |
CMS |
|
Benefits |
Provide a machine-processable record of Uses |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
|
|
|
Objective |
|
|
|
Requirements |
· |
|
|
Benefits |
|
|
|
|
Detailed description of Requirements |
Source |
|
Definition |
Format that is capable of expressing Rights |
PAV |
|
Objective |
To allow conditional use of Content, based on the conditions being satisfied or fulfilled |
PAV |
|
|
To allow conditional use of a Work used in Content, based on the conditions being satisfied or fulfilled. |
CMS |
|
Requirements |
· The Solution shall represent different subsets of Rights · The Solution shall represent new Rights when the need occurs · The Solution shall unambiguously identify o the User granting the Right o the User, Device or Domains obtaining the Right o the piece(s) of Content to which the Rights Expression refers o the Right that is granted in such a way that there is no ambiguity in the semantics of the Rights Expression · The Solution shall support the following Functions: o Copy o Move o Backup/Restore o Export o Import o Transfer to an external rendering device · The Rights Expression shall support at least the following: o To assign one Rights Expression to many pieces of Governed Content o To assign many Rights Expressions each referring to a different component of a piece of Content § In particular a piece of Content can have no Rights Expression (i.e. a Device can Use the Content without limits) o To specify Content Uses e.g. § Period of time (e.g. play as long as the play time is less than a specified period) and based on time/date § User identity-based § Count based (play up to the specified number of time) o To specify Resource Uses e.g. § Audio § Video § Executables (e.g. applet) o To allow streaming o To process metadata § Presentation of Metadata o To allow trick modes |
PAV |
|
|
· The solution shall represent varying subsets of Author/CMS Rights · The Solution shall unambiguously identify o the Work(s) to which the Rights Expression refers o the Right in the context of a given License or Licenses · The Solution shall support the following Functions: o Edit o Adapt o Associate (e.g. we may want to maintain an association between audio and video) o Stream o Download · Digital Rights Expressions shall support at least the following: o To assign Rights Expressions to Works o To assign one Rights Expression to many Works and/or pieces of Governed Content o To assign Rights Expressions with Context Use limitations, e.g. age of End-User o To assign many Rights Expressions each referring to a component of a Composite Content containing any combination of Works o To resolve conflicts between Rights Expressions for Work Use and Rights Expressions for Governed Content Use in which the Works are contained o To specify Work Uses e.g. § Period of time (e.g. play as long as the play time is less than a specified period) and based on time/date § User identity-based § Count based (play up to the specified number of time) |
CMS |
|
|
· The Solution shall support the following Functions: o Store · Rights Expression should enable o Store received Content o Move/Copy within Authorised Domain o Move/Copy within Footprint (e.g. applications may be required to determine the geographic region in which the device running the application is found, particularly when on-line) o Export to a movable media o Signal no Copy/Move outside Footprint o Inhibit Encryption of cleartext Content · Rights Expressions should be able to make reference to a Footprint (already supported by “Identify Domain”) · Rights Expressions should o Not require a return channel o Have low payload o Be processable by a wide array of Device sophistication |
PBB |
|
|
· Rights Expressions should support o Conditional expiry (i.e. SMP loses Rights to sheet music if Stored for longer than determined period without Use) o Multiple grantors of the same Work o Rights to segments of Work and Content |
SMP |
|
|
· Rights Expressions should support Quote |
DC |
|
|
· Rights Expressions shall support o Use of Content Stored in a Device-based Domain by the User of that Domain through a Device that does not belong to that Domain o Store o Time-shifted Use |
AHG3 |
|
|
· Rights Expressions shall support o Use of Governed Content within geographical domains |
DVM |
|
|
· Rights Expression shall support Licenses applying to Devices |
BT |
|
|
· Rights Expression shall support conversion between different resource encoding (e.g. MP3 to AAC) · Rights Expression shall support annotate / modify content for personal use |
BT |
|
|
· The Rights Expression shall support at least the following types of media: audio, video, images, text and executables, groups/bundles thereof |
BT |
|
|
· The Rights Expression shall support the addition of new metadata |
BT |
|
|
· The Rights Expression shall support the expression of time within which content can be Accessed |
BT |
|
|
· The Rights Expression shall support Access of Content based on User identity and Rating (e.g. suitability for age) |
BT |
|
|
· The Rights Expression shall support the Right of a User to License another User |
BT |
|
|
· Playback of a set of Content can be restricted to a specific set of users |
DC |
|
Benefits |
Potentially allow the full range of human contractual agreements to be embodied in the digital domain, especially including automatic processing of agreements that are stated in sufficiently rigorous forms. |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The procedure to validate the User identity |
PAV |
|
Objective |
To make sure that Governed Content is Used by the intended User |
PAV |
|
|
To make sure that Works are Used by the intended User |
CMS |
|
Requirements |
· Shall support multiple protocols for the authentication of Users |
PAV DC |
|
|
· Certificates must be removable by the User, e.g. for the purpose of servicing the device |
DC |
|
Benefits |
To enable Content Uses by identified Users |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The procedure to validate the Device |
PAV |
|
Objective |
To make sure that Governed Content is Used by the intended Device |
PAV |
|
|
To make sure that Works are Used by the intended Device |
CMS |
|
Requirements |
· Protocol for the authentication of the Device |
PAV |
|
Benefits |
To enable Content Uses on identified Devices |
PAV |
|
|
To enable Work Uses on identified Devices |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
|
|
|
Objective |
|
|
|
Requirements |
· |
|
|
Benefits |
|
|
|
|
Detailed description of Requirements |
Source |
|
Definition |
The procedure to validate the Tool |
|
|
Objective |
To make sure that the Governed Content is processed by the intended tool |
|
|
Requirements |
· Protocol for the authentication of Tool |
|
|
Benefits |
Correct handling of Content Management and Protection |
|
|
|
Detailed description of Requirements |
Source |
|
Definition |
The procedure to detect corruption or loss of part of the Content, Use Data and Executables |
PAV |
|
|
The procedure to detect misrepresentation of a Work |
CMS |
|
|
The procedure to detect corruption or loss of part of the Content, Content Data, or Use Data and their associated Identifiers. |
Bentley |
|
Objective |
· Correct delivery of Content, Use Data and Executables. |
PAV |
|
|
· Correct delivery of a Work · Guarantee that correct Work and Author are associated within content. |
CMS |
|
|
· Guarantee that the Content and associated Identifiers are correct. |
Bentley |
|
Requirements |
· Ability to detect that there is corruption or loss of part of the Content, Use Data and Executables · Support error recovery in the case where Content, Use Data and Executables are delivered over an imperfect Delivery System. · Compatibility with data protection and privacy aspects (e.g. to limit the compilation of user profiles by third parties) |
PAV |
|
|
· Ability to cross-reference Work and Author identification with license data (this is a question of verifying Metadata Intergrity) |
CMS |
|
|
· Detect miss-match of Content or Content Data and their associated Identifiers. |
Bentley |
|
Benefits |
To provide Content, Use Data and Executables integrity |
PAV |
|
|
To provide Work and Author representation integrity |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The procedure to detect corruption of part of the software of a Device |
PAV |
|
Objective |
To support Trust management with a Device that may be remote from a User |
PAV |
|
Requirements |
· Ability to detect that there is corruption of the Device software |
PAV |
|
Benefits |
The ability to support Trust management with a Device that may be remote from a User |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The issuance of a statement by an authority that the Work identified is truly the said work (i.e. watermark) |
CMS |
|
Objective |
To make sure that Works are by the Author |
CMS |
|
Requirements |
· A protocol to certify Content in reference to a Work |
CMS |
|
Benefits |
To support correct attribution |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The issuance of a statement by an authority that the claim by a user to be the User is supported (e.g. X.509 certificates are issued by the Spanish Government to its residents for secure on-line tax return filing and other issues). |
PAV |
|
Objective |
To make sure that Governed Content is Used by the intended User |
PAV |
|
|
To make sure that Governed Content and Works are Used by the intended User |
|
|
|
To make sure that the User is who he says he is |
Bentley |
|
Requirements |
· A mechanism to certify Users |
PAV |
|
Benefits |
To enable Content Uses by certified Users |
PAV |
|
|
To enable Content and Work Uses by certified Users |
|
|
|
Detailed description of Requirements |
Source |
|
Definition |
The issuance of a statement by an authority that the Author identified is truly the Registered Author of a Work |
CMS |
|
Objective |
To make sure Works are attributed correctly |
CMS |
|
Requirements |
· A protocol to certify Authors |
CMS |
|
Benefits |
To enable correct attribution |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The issuance of a statement by an authority that the claim by a device to be the Device is supported |
PAV |
|
Objective |
To make sure that Governed Content is Used by the intended Device |
PAV |
|
Requirements |
· A mechanism to certify Devices |
PAV |
|
Benefits |
To enable Content Uses by certified Devices |
PAV |
|
|
To enable Content and Work Uses by certified Devices |
|
|
|
Detailed description of Requirements |
Source |
|
Definition |
Controlling, generating, protecting, distributing, assigning, installing, tracking, validating and using keys. Also, updating, revoking, destroying, storing, and archiving keys as well as providing some means of Backup/Restore. |
PAV |
|
Objective |
· to enable the controlled encryption and decryption of Data |
PAV |
|
Requirements |
· To support multiple key exchange protocols without loss of interoperability o One key to one or to many piece(s) of Governed Content o One key to one or to many Users o One key to one or to many Devices · To support identification of authorised key management systems · Technology to protect keys · For any pieces of Content used within Composite Content, it shall be possible to choose not to encrypt that piece of Content and it shall also be possible to encrypt that piece of Content using individual keys. · The ability to support superdistribution of Governed Content when each instance of such Governed Content is encrypted with a different key. · The Solution should lend itself easily to key management implementations that do not interfere with an enjoyable User experience. · Key management solutions should not be completely destroyed by a single failure and if defeated, should have adequate recovery plans in place to restore key management security. |
PAV |
|
|
· Must apply to any distribution means (CD, download, streaming, etc.) |
DC |
|
Benefits |
To enable Users to employ a wide variety of key management systems in an interoperable fashion. |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
Procedure to manage a set of Devices such that only those Devices can Use the same Governed Content |
PAV |
|
Objective |
To enable groups of Devices and/or Users e.g. belonging to a family to Use the same Governed Content on any of the Devices in the group |
PAV |
|
Requirements |
· Setting up a Domain, including the ability to distribute Rights Expressions that can only be used by Devices in the Domain · Joining a Domain · Authorising entry to a Domain · Leaving a Domain · Directing to leave a Domain, including the ability to exclude a Device so that it cannot process Rights Expressions associated with the Domain after the time of exclusion · Users with an authorised entitlement shall be able to fully control Domain membership and Content distribution. · Users without an authorised entitlement shall not be able to obtain confidential information related to the Domain · A Domain shall be configurable to permit a variety of distribution options between Devices belonging to the Domain, e.g. superdistribution of Content and Composite Content to Devices belonging to a sub-Domain within the Domain (e.g., specialized interest groups). |
PAV |
|
Benefits |
Enables content distribution to be both very wide and very specific, supporting many possible business models. |
PAV |
|
|
Enables Work distribution to be both very wide and very specific, supporting many possible business models. |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The procedure by which a Device can acquire information of the capabilities of another Device |
PAV |
|
Objective |
To determine the capabilities of a Device so that Content suitable for Use on it, or Rights Expressions, can be provided/acquired |
PAV |
|
|
To determine the capabilities of a Device so that a Work contained in the Content suitable for Use on it, or Rights Expressions, can be provided/acquired or not according to the Authors wishes |
CMS |
|
Requirements |
· Protocol to ascertain that a device is a Device · Protocol to determine the Device’s Rights Expression interpretation capabilities · Protocol to determine the Device’s Use capabilities · A Device shall be able to identify another Device before distributing (or refusing to distribute) Content or Rights Expressions to that Device, however configurations for anonymity and/or confidentiality should be optional · Content shall include relevant Metadata identifying the characteristics of that Content and the Device capabilities required to process that Content · A Device shall be able to request and receive information identifying relevant capabilites of another Device before distributing (or refusing to distribute) requested Content or its associated Rights Expression to that Device · A Device shall be able to request and receive information identifying characteristics of Content before receiving (or refusing to receive) the Content or its Rights Expression · If a Device has received Content, the Device shall be able to determine whether it is able to process the Content before requesting the Rights Expression associated with it; the same shall apply if a Device has received the Rights Expression but has not received the Content · The solution shall provide sufficient flexibility to respect Users' wishes for anonymous use and confidentiality of information not necessary for the purpose of discovery of Device capabilities. |
PAV |
|
Benefits |
To enable Users to acquire Governed Content that matches their Devices’ capabilities. |
PAV |
|
|
To enable Users to acquire Governed Content which matches their Devices’ capabilities and allow Authors to control how their works are rendered or performed. |
CMS |
Manage Use Data Confidentiality
|
|
Detailed description of Requirements |
Source |
|
Definition |
Protocols that allow User A to negotiate the way User B will utilise acquired User and Use Data of User A |
PAV |
|
Objective |
To let two Users determine how the information acquired during their interaction can be further utilised |
PAV |
|
Requirements |
· Mechanism for protection of Use Data · Ability to decide the utilisation of Use Data |
PAV |
|
|
· Use of broadcast Governed Content in a Footprint must support Use Privacy |
PBB |
|
Benefits |
Allows User confidence that their privacy will be protected, simultaneously allowing Providers to gain knowledge from User and Use Data to the extent this is agreed. |
PAV |
Access Content
|
|
Detailed description of Requirements |
Source |
|
Definition |
The function of searching and selecting Governed Content of interest to a User |
AHG3 |
|
Objective |
To let Users make the best choice of Content |
AHG3 |
|
Requirements |
· Navigation aids can be downloaded and executed on a Common Open API |
PBB |
|
|
· Access to authenticated Work and Author Descriptors |
SMP |
|
|
· Access Content via multicast |
BT |
|
Benefits |
Easy and accurate retrieval of Works, Resources or pieces of Content |
AHG3 |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The protocol executed by a Device to obtain a License |
|
|
Objective |
To be able to Use Content |
|
|
Requirements |
· It shall be possible to make Access License Transparent to User |
DC |
|
Benefits |
|
|
|
|
Detailed description of Requirements |
Source |
|
Definition |
The protocol executed by a Device to obtain a Tool |
|
|
Objective |
To be able to execute Content Management and Protection functions |
|
|
Requirements |
· It shall be possible to Access Tools from o Content o Resources o Remote server · Tools can be Accessed in o active (i.e. pull) mode o passive (i.e. push) mode |
|
|
Benefits |
Flexible handling of Content Management and Protection |
|
|
|
Detailed description of Requirements |
Source |
|
Definition |
Methods used to hide portions or totality of Content Data Elements |
PAV |
|
Objective |
To prevent a user from using Content Data |
PAV |
|
Requirements |
· Suitably flexible for a wide variety of Content Data · Efficiently implementable on a wide range of Devices · Based on Encryption Algorithms that are: o publicly disclosed o subject to constant scrutiny and evaluation by the worldwide cryptographic community o supporting stream and bulk ciphers o considered as secure o in broad use · The appropriate consideration of export restrictions. |
PAV |
|
|
· Content may be governed but resources may not be encrypted |
DC |
|
|
· Encryption methods that allow decryption by Devices with different processing capabilities |
DC |
|
|
· Support o Facilitate efficient prefetch and decryption of child resources. o Efficient random access to content blocks for all linear content types. |
DC |
|
|
· Must not require specifc player to extract specific resources from a file |
DC |
|
Benefits |
To protect Content and Rights Expressions from being read by unintended Users |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The Function by which a piece of Governed Content enters a Device from a Delivery System and remains there for later Use |
AHG3 |
|
Objective |
Allow a User to Use a Piece of Content for a longer period of time |
AHG3 |
|
Requirements |
There are no identified requirements |
AHG3 |
|
Benefits |
The User can Use a Piece of Content for a longer period of time according to the Rights Expression |
AHG3 |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The Function by which a piece of Governed Content can be transferred to another Device, leaving the original (Copy) and deleting the original (Move). Copy and Move are executed according to the Rights Expression. Grouped together as a higher-level Function, the "Copy/Move" function accomplishes the transfer of a piece of Governed Content between Devices, either leaving the original in place ("Copy") or deleting the original ("Move"). |
PAV |
|
Objective |
To enable more use of the same piece of Governed Content |
PAV |
|
Requirements |
· A protocol to communicate with another Device to accomplish the function required by the definitions of Copy/Move, including the point-to-multipoint case · The protocol should lend itself to secure implementations · The protocol should lend itself to efficient implementations on a wide variety of devices. |
PAV |
|
Benefits |
Allow controlled Copy and Move of Content |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The Function by which a Device can store a copy of a piece of Content or Governed Content (in case the Rights Expression is a Stateless Rights Expression) in a device where the (Governed) Content is not for Use, e.g. for the purpose of later restoring the (Governed) Content. Backup requires that the backup target be a non-DMP device and therefore does not result in a second usable copy. |
PAV |
|
Objective |
to be able to backup/restore Content to an external device |
PAV |
|
Requirements |
There are no identified requirements |
PAV |
|
Benefits |
To be able to make room for Governed Content in a Device without losing permanently the Governed Content that is removed from the Device. |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The Function by which a Device makes available a piece of Governed Content for use by a non-DMP DRM system. |
PAV |
|
Objective |
To enable use of a piece of Governed Content outside of an Environment. |
PAV |
|
Requirements |
· A protocol to communicate with a non-DMP DRM system. This includes, as a minimum, a means to identify non-DMP DRM systems · The protocol should be capable of exporting cleartext Resources, Metadata and License in such a way that o Content Data cannot be accessed by a third party o An audit trail can be created |
PAV |
|
Benefits |
A Rights Holder has the ability to extend the range of use of their Content to other governed environments. |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The Function by which a Device accesses a piece of content governed by a non-DMP DRM system. |
PAV |
|
Objective |
To enable Use of a piece of governed content by a Device. |
PAV |
|
Requirements |
· A protocol to communicate with a non-DMP DRM system. This includes, as a minimum, a means to identify non-DMP DRM systems · The protocol should be capable of importing cleartext Resources, Metadata and License in such a way that Content Data cannot be accessed by a third party |
PAV |
|
Benefits |
Enables Environments to be populated with governed content from sources outside of DMP. |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The Function of converting a piece of Content Data to a form that can be Rendered |
AHG3 |
|
Objective |
Provide the intended Experience to a User |
AHG3 |
|
Requirements |
· Time-shifted Play should be supported · Immediacy of Playing Content (without the need of complex username/password) |
PBB |
|
|
· Governed content should be playable without negative effects on player performance. Media quality, etc. |
DC |
|
|
· Implementable in open-source players as far as technically possible. |
DC |
|
|
· Required features must be implementable on all current DTB reading systems as far as technically possible |
DC |
|
|
· Must allow rendering compatible with existing assistive technologies (screen readers, refreshable braille displays) as far as technically possible |
DC |
|
|
· Can't ""hide"" text from other applications (e.g., screen-readers). |
DC |
|
|
· Players must inform the user of authorization failures |
DC |
|
|
· Protected books must fail gracefully when played in a legacy player as far as technically possible |
DC |
|
Benefits |
|
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The temporary transmission of content during playback/access to an external device for rendering. The rendering device may be a DMP Device |
PAV |
|
Objective |
To Render Resources, Metadata and Licenses securely. |
PAV |
|
Requirements |
· A protocol to communicate with the external rendering device. This includes o a means to identify external rendering devices o a means · Ability to work with standards already in place or in development for the networked home. |
PAV |
|
|
· License must be disclosed to human user in a usable form (education about rights, restrictions, penalties). |
DC |
|
|
· Content should be rendered without markup. |
DC |
|
Benefits |
Interferes with capture of the rendered bitstream. |
PAV |
|
|
Detailed description of Requirements |
Source |
|
Definition |
The function of binding different sets of data |
CMS |
|
Objective |
To make available, possibly in a persistent form, specific sets of data, e.g. an identifier and the data identified |
CMS |
|
Requirements |
· The ability to Associate Persistently Work related information to all copies of Content containing that Work and all child copies and variations thereof that retain the Work and/or variation. |
CMS |
|
Benefits |
· In the case of persistent association the ability to Distribute Data that are tightly bound to other Data |
CMS |
|
|
Detailed description of Requirements |
Source |
|
Definition |
Providing Use, User, Device and Governed Content information to a payment system external to an Environment |
PAV |
|
Objective |
To enable flexible payment systems such as subscription, pre-payment or transaction-based payment by a single Device, a Domain or a User. |
PAV |
|
Requirements |
· The ability to support multiple payment methods and mechanisms |
PAV |
|
Benefits |
Automated payment |
PAV |
Test Conformance of Rights Expressions
|
|
Detailed description of Requirements |
Source |
|
Definition |
Verifying that a Rights Expression is interpreted and provides the output as intended by the originator of the Rights Expression |
|
|
Objective |
To verify Conformance of the engine interpreting the Rights Expressions |
|
|
Requirements |
IED Conformance shall be assessed and regulated according to industrial compliance regime |
PBB |
|
Benefits |
It is essential for a Rights Holder that a Device will correctly interpret Rights Expressions. |
|
Test Conformance of Enforcing Rights Expressions
|
|
Detailed description of Requirements |
Source |
|
Definition |
Verifying that the Functions corresponding to the output are executed as intended |
|
|
Objective |
To verify Conformance of the engine executing the Rights Expressions |
|
|
Requirements |
IED Conformance shall be assessed and regulated according to industrial compliance regime |
PBB |
|
Benefits |
It is essential for a Rights Holder that a Device will correctly execute the intepreted Rights Expressions. |
|
Test Conformance of Tamper resistance
|
|
Detailed description of Requirements |
Source |
|
Definition |
Defining the levels of tamper resistance and the methods to be used when an implementation is put under test for tamper resistance to determine such levels |
|
|
Objective |
To verify the robustness of a Device to attacks |
|
|
Requirements |
Proponents are asked to provide their views on this issue |
PBB |
|
Benefits |
It is essential for a Rights Holder that a Device is implemented in a way that makes it difficult for an attacker to tamper with it. |
|
|
# |
Value-chain User |
Acr. |
Definition |
|
1. |
Author |
AUT |
A User who creates Works |
|
2. |
Performer |
PRF |
A User who Uses Works to make Content |
|
3. |
Collective Management Society |
CMS |
A User who provides collective representation to its member, e.g. Authors, Performers, Publishers etc. |
|
4. |
Producer |
PRD |
A User who produces Content |
|
5. |
Publisher |
PBL |
A User who makes Content available to the public |
|
6. |
Syndicator |
SND |
A User who manages and provides Content to Retailers using a variety of purchase options |
|
7. |
Metadata Service provider |
MTP |
A User who recognises, assigns, delivers and processes structured metadata |
|
8. |
Mediation Service provider |
MDP |
A User who provides mediator/agent Services to broker “closed” information such as actor identity |
|
9. |
Resolution Service provider |
RSP |
A User who provides the Service of mapping disparate sets of Metadata |
|
10. |
Repository |
RPS |
A User who offers Services to name, describe, locate, access, manage, and secure information about Content |
|
11. |
Monitoring Service provider |
MNP |
A User who provides Use Data information in aggregated form |
|
12. |
Marketer |
MKT |
A User who provides promotional, sale enhancement, brand enhancement and Merchandising Services |
|
13. |
Aggregator |
AGG |
A User who provides procuring, packaging, presenting, cataloguing, archiving, indexing and promoting Services typically to Retailers |
|
14. |
Retailer |
RTL |
A User who sells or Licenses Content to an End-user |
|
15. |
Technology licensing provider |
TLP |
A User who provides Device Manufacturers and Platform providers with a license to utilise patented technology to make Devices and Platforms |
|
16. |
Device Manufacturer |
DVM |
A User who manufactures or assembles hardware and/or software components to make Devices |
|
17. |
Connectivity provider |
CNP |
A User who provides point-to-point or point-to-multipoint connectivity between Users |
|
18. |
Network Service provider |
NTP |
A User who provides IP (or equivalent) services and typically various other services above it, e.g. guarantee of quality of service |
|
19. |
Platform Service provider |
PLP |
A User who provides services on (parts of) the technology infrastructure of a Value-chain |
|
20. |
Security provider |
SCP |
A User who provides technologies and services related to the security technologies and all levels of relevant computer and network security solutions |
|
21. |
Certificate Authority |
CRA |
A User who issues digital certificates used to create digital signatures and public-private key pair |
|
22. |
Conformance certification provider |
CCP |
A User who provides conformance, robustness and encoding rules along with certification of satisfying same. |
|
23. |
Clearing House |
CLH |
A User who collects Value Expressions from other Users to distribute to Right Holders for the purchase of Use Rights over a given instance of Content |
|
24. |
Financial Service provider |
FSP |
A User who provides the infrastructure for financial transactions, and accept deposits and channel the money into lending activities |
|
25. |
End-user |
ENU |
The last User in a Value-chain |
|
26. |
Reseller |
RSL | A User who possesses the Right, acquired by sale, License or other transfer, to control the disposition and transfer of Content from End-users to different End-users |
|
27. |
Public Authority |
PBA |
A User who provides rules relating to the Use of Content and taxation on transactions related to Content. |
|
Acronym |
Name |
|
AHG3 |
Ad hoc group established by DMP General Assembly |
|
AHG6 |
Ad hoc group established by DMP General Assembly |
|
CMS |
Collective Management Societies |
|
DC |
Daisy Consortium |
|
ENU |
End-User |
|
GA04 |
4th DMP General Assembly |
|
PAV |
Portable Audio and Video Device Requirements |
|
PBB |
Public Service Broadcasters |
|
PRD |
Producers |
|
SMP |
Sheet Music Publishers |
|
Statutes |
DMP Statutes |
|
TO |
Telecommunication Operators |