The Digital Media Project  

Source

GA04

Date:

2004/10/29

Title

Interoperable DRM Platform Functions and Requirements

No.

0239/Barcelona

 

 

Interoperable DRM Platform Functions and Requirements

 

The Digital Media Project (DMP) is a not-for-profit organisation with the mission to “promote continuing successful development, deployment and use of Digital Media that respect the rights of creators and rights holders to exploit their works, the wish of end users to fully enjoy the benefits of Digital Media and the interests of various value-chain players to provide products and services, according to the principles laid down in the Digital Media Manifesto”.

 

DMP has identified “Interoperable Digital Rights Management (DRM)” as the technology whose deployment can further the goals stated in its Mission and has developed a work plan whose current version foresees, inter alia, the development and publication of:

 

1.      Technical Specifications for Portable Audio and Video (PAV) Devices in April 2005

2.      Technical Specifications for Interoperable DRM Platform (IDP) and Interoperable End-user Devices (IED) in October 2005

3.      Recommended Practices for End-to-End Conformance (EEC) in July 2006.

 

In July 2004 the DMP issued a Call for Proposals (CfP) on “Portable Audio and Video (PAV) Devices”, relevant to point 1. above. It is planning to issue another CfP for both “Interoperable DRM Platform (IDP)” and “Interoperable End-User Devices (IED)” relevant to point 2. above. The latter specifications will extend the functionalities of the PAV specification.

 

As done for the PAV CfP, the IDP/IED CfP will make reference to “IDP/IED Requirements”. The DMP is currently busy collecting said requirements from a variety of sources. So far requirements from representatives of the following Value-Chain Users have been contributed:

 

1.      Collective Management Societies

2.      Producers

3.      Public Service Broadcasters

4.      Sheet Music Publishers

5.      Device Manufacturers in the development of PAV requirements.

 

A list of Value-Chain Users identified so far DMP, and whose requirements the DMP expects to include is given in Annex A.

 

This document contains in an organised fashion the IDP/IED requirements as developed so far. It is based on the PAV requirements document but new information submitted by some Value-Chain Users representing their requirements (so far DMP0171, DMP0169 and DMP0175 in addition to those already received for the PAV CfP) has been added.  Value-Chain Users are encouraged to provide additional requirements that satisfy their needs or to comment on the existing ones. They will be incorporated in this document after review by DMP. Contributors will have ample opportunity to review the document before final publication as an attachment to the IDP/IED CfP.

 

An effort has been made to apportion the requirements provided by an organisation to different Value-Chain Users when that organisation clearly represents more than one Value-Chain User.

 

This document is made public for the purpose of offering an opportunity to concerned entities to express their requirements and to comment on the requirements collected and organised so far. Currently the document is planned for final publication on 2004/10/29 and therefore represents work in progress.

 

This document should be read bearing in mind that words beginning with a capital letter have the meaning specified in the DMP Terminology. Please note that this document, too, is work in progress.

 

Readers should note that the right column of each of the tables below contains a reference to the source of the entry:

 

Acronym

Name

CMS

Collective Management Societies

PRD

Producers

PBB

Public Service Broadcasters

SMP

Sheet Music Publishers

PAV

Portable Audio and Video Device Requirements

AHG3

Ad hoc group established by DMP General Assembly

 

The requirements below should be read bearing in mind the following general requirements (the list below is work in progress):

 

1.      The set of Rights acquired by a given Value-Chain User is subject to the set of Rights that was available to the Value-Chain User granting the Rights. E.g. a Producer Using a Work to produce a piece of Content can only grant a conditional subset of those Rights to that Content that have been granted him by the Author of said Work

2.      DMP specifications aim at a unique form for Resources, Metadata, Rights Expressions and Licenses that is agnostic of Delivery Systems.

3.      DMP specifications do not aim to support specific business models to the detriment of other business models

4.      DMP aims at developing “tool-kit” specifications, i.e. Users wishing to set up Value-Chains supporting specific business models will have the possibility to do so in a scalable way and retaining interoperability with other Value-Chains.

 

Those wishing to comment on or contribute requirements to this document should forward their submissions to Marc Gauvin (mgauvin@sdae.net). Submissions will be discussed by the Ad hoc Group on Requirements for Interoperable DRM Platform (IDP) and Interoperable End-user Devices (IED). To subscribe to the ad hoc group reflector follow the instructions.

 

Ed. Comment Need to add a section dedicated to interoperability ETRI.

 

 

Table of Contents

 

Category

Function

Identify

 

 

Identify Data

 

Identify License

 

Identify User

 

Identify Device

 

Identify Use Context

 

Identify Domain

 

Identify Content Format

 

Identify Device Capability

Assign

 

 

Assign Identifier

 

Assign Descriptor

Revoke

Revoke Domain ID

Represent

 

 

Represent Content

 

Represent Resources

 

Represent Metadata

 

Represent Rights Expression

 

Represent Use Data

Authenticate

 

 

Authenticate User

 

Authenticate Device

 

Authenticate Domain

Verify

 

 

Verify Data Integrity

 

Verify Device Integrity

Certify

 

 

Certify Work

 

Certify User

 

Certify Author

 

Certify Device

Manage

 

 

Manage Key

 

Manage Domain

 

Manage Device Capability

 

Manage Use Data Confidentiality

Access

 

 

License

 

Content

Process

 

 

Access

 

Encrypt

 

Store

 

Copy/Move

 

Backup/Restore

 

Export

 

Import

 

Play

 

Render

 

Bind

Pay

 

Test Conformance

 

 

Test Conformance of Rights Expressions

 

Test Conformance of Enforcing Rights Expressions

 

Test Conformance of Tamper resistance

 

Identify

 

Identify Data

 

 

Detailed description of Requirements

Source

Definition

The means to uniquely and unambiguosly

        identify a piece of

o       Content Data

o       Content Data Element

o       Use Data

        refer to the identification.

PAV

 

The means to uniquely and unambiguously

        identify

o       Work

        refer to the Work identification.

CMS

 

The means to uniquely and unambiguously

        identify

o       Work and its constituent parts

        refer to the Work identification.

SMP

Objective

To support the association of Resources, Metadata, Rights Expressions, Licences and/or Use Data with a piece of Data that may be remote from such Resources, Metadata, Rights Expressions, Licenses and/or Function that generated the Use Data.

PAV

 

To support the association of Work, Resources, Metadata, Rights Expressions, Licences and/or Use Data with a piece of Data that may be remote from such Work, Resources, Metadata, Rights Expressions, Licenses and/or Function that generated the Use Data.

CMS

 

To support the Use of a Work and/or its parts

SMP

Requirements

1.      Unambiguous identification of a piece of Content Data and Content Data Element

2.      Unambiguous identification of Use Data

3.      Ability to work in conjunction with multiple, existing industry schemes for Content Data identification.

4.      Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete.

PAV

 

        Unambiguous identification of a Work

        Unambiguous identification of a Work Use License and Data

CMS

 

        Identify Work within an organisation (#3 in PAV?)

        Avoid duplication of Work Identifiers over time (#4 in PAV?)

PBB

(PRD)

 

        Unambiguous identification of a Work and its parts

SMP

 

Answer to Sony queries. In the PAV Requirements we refer to Content Identification required for particular PAV implementations and not all identification schemes. But at the IDP level we include any standard identification scheme provided by VCUs.

DVM

Benefits

        Flexible distribution schemes where different Content Data Elements may be supplied from different sources.

        A given Content Data Element may be referenced by a multiplicity of Composing Content without duplication.

        Fine granularity of Rights Expressions.

PAV

 

        Permit tracking of a Work throughout copy generations and variations.

CMS

 

 

Identify License

 

Definition

The means to identify the appropriate License of Work contained in Governed Content in a particular instance of Use

CMS

Objective

        To support the association of the use of a Work (e.g. Use Context) within a piece of Governed Content with the appropriate License or License identifier

        To support Trust Management

CMS

Requirements

        Compatible with administration of Domains for Work Use, i.e. that a Work can only be Used in a specific Domain (e.g. a Broadcast Footprint, a company)

        Ability to associate a given set of Rights Expressions with the appropriate License and Use Context

        Ability to work in conjunction with existing industry schemes to deliver specific Licensed uses.

        Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete.

CMS

Benefits

Guarantee appropriate Licensed Uses of Works

CMS

 

 

DMV

 

 

Identify Domain

 

Definition

The means to identify Use domains

AHG3

Objective

To identify groupings of Users and/or Devices. For the time being only End-Users are considered

AHG3

Requirements

        The following types of Domain shall be supported

o       Device-based

o       User-based

o       Location-based

AHG3

 

        Hierarchy of Domains shall be supported

PM

Benefits

Enable more Uses of Content by identifying groupings of Users and/or Devices instead of just Users or Devices

AHG3

 

 

Identify User

 

Definition

The means to identify the device that represents the (human, corporate etc.) User in a particular instance of Use

PAV

Objective

To enable

        Content Access and Use of Content and Services

        Payment systems to operate

PAV

Requirements

        Being usable for the purpose of User authentication

        Ability to accommodate a variety of models for human interaction with Devices e.g.:

o       Allow a single User to use multiple Devices,

o       Allow multiple Users to share a single Device,

o       Allow the use of a confidential identity,

        Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete.

PAV

Benefits

Depending on a given device's design, allows one User to employ multiple devices or allows multiple Users to use a single device. Useful in the event of disaster recovery scenarios when a device or storage medium is destroyed

PAV

 

 

Identify Device

 

Definition

The means to identify the Device employed in a particular instance of Use

PAV

Objective

        To support the association of a piece of Governed Content with a Device

        To support Trust management

PAV

 

        To support the association of the Use of a Work with a Device

CMS

Requirements

        Compatible with administration of Domain models for Use.

        Ability to work in conjunction with existing industry schemes to administer customer/device-specific uses.

        Ability to extend the total number of identifiers that can be assigned in such a manner that previously assigned identifiers do not become obsolete.

PAV

Benefits

        Allows reliable administration of Device-based Uses.

        Compatible with succession strategies in cases where a Device is destroyed or otherwise replaced, or else used only for a period of time after which a different Device will be used.

PAV

 

 

Identify Content Format

 

Definition

Identification of Content formats

PAV

Objective

To provide the means to identify Content formats

PAV

Requirements

        How to identify Content formats

PAV

 

        Relevant parameters in a content format

o       Compression algorithm used

o       Video resolution

o       Bitrate used for encoding

o       Audio sampling frequency

o       Number of channels

o       Etc.

AHG3

Benefits

The ability to acquire Content that is suitable for the Device

PAV

 

The ability to acquire a Work that is suitable for the Device as per Rights Expressions and Licenses issued by Authors and CMSs

CMS

 

 

Identify Use Context

 

Definition

The means to identify that the Context of Use of a Work is in accord with License stipulated by the Author/CMS and according to the Author’s moral rights. These limits would relate to identifiable associations of a Work with the presence of another Work, Logo, Name (i.e. names of commercial entity, political or religious entities), Domains, IP or geographic region etc. Example is content released under a “free use” License that shall not be used for political purposes

CMS

Objective

        To support associating a Work or only associating a Work with an identifiable pre-determined Context or Contexts in accord with the intended limits of associating a Work as stipulated by the Author

        To support Trust management

CMS

 

        To support Rights "packaging"

PM

Requirements

        Compatible with administration of Domain for Work Use.

        Ability to work in conjunction with existing industry schemes to administer specific Work Uses.

        Ability to identify other Works and objects associated within an identifiable digital unit such as a Web object or Digital Item

CMS

Benefits

Allows reliable administration of intended Work Uses

CMS

 

 

Identify Device Capability

 

Definition

Identification of capabilities of a Device to handle Data or perform Functions

PAV

Objective

To provide the means to identify the functionality of a Device

PAV

Requirements

        To identify Device capabilities, e.g.

o       capability to process (e.g. Render) certain Resource types;

o       capability to process certain Content formats

o       capability to process certain Rights Expressions

o       etc.

AHG3

Benefits

The ability to acquire Content that is suitable for the Device

PAV

 

The ability to acquire a Work that is suitable for the Device as per Rights Expressions and Licenses

CMS

 

 

Assign

 

Assign Identifiers

 

Ed. Note Is the verification itself a requirement or just a record of  the verification? N.E.

 

Definition

The function performed by an Authority to assign an Identifier to a Work, a Resource or a piece of Content

AHG3

Objective

To unambiguously associate descriptive data to a Work, a Resource or a piece Content

AHG3

Requirements

        Verify origin of Work for which Identifier is requested

        Verify that the requester qualifies as Author of Work

CMS

 

        Verify that the requester represents a qualified Author of Work (agency)

PM

Benefits

 

AHG3

 

 

Assign Descriptors

 

Definition

The function performed by an Authority to assign a Descriptor to a Work, a Resource or a piece of Content

AHG3

Objective

To facilitate search and find Works, Resources or pieces of  Content

AHG3

Requirements

        To include the following mandatory fields

o       Author

o       Title

o       Genre of Authorship

o       Date of Creation of Work …

CMS

 

        Assign Descriptors that facilitate cataloguing Content for B2B distribution

SMP

Benefits

Easy and accurate retrieval of Works, Resources or pieces of  Content

AHG3

 

 

Revoke

 

Revoke Domain ID

 

Definition

 

PM

Objective

 

PM

Requirements

         

PM

Benefits

 

PM

 

 

Represent

 

Represent Content

 

Definition

The means to organize and associate Content Data and Content Data Elements including Resources, Metadata, Rights Expressions and Licenses.

PAV

 

Metadata can include Work-related information such as Work Identifier, Authors

CMS

Objective

Provide for the ability to group any of the following components: Resources, Metadata, Rights Expressions and Licenses

PAV

Requirements

        Persistent Association of Identifiers and Metadata to Resources

        Ability to include encrypted and unencrypted Data

        Ability to apply Rights Expressions to Composite Content components

        Ability to Use Content Data Elements from Governed Content

        Ability to associate Composite Content Elements stored at locations remote from each other

        Ability to support association of Composite Content Elements

        Ability to support Element unavailability, both temporary and permanent.

PAV

 

        Standard format for Work-related information

CMS

 

        Compatibility of Resource Descriptors with existing standards

        Organize and associate (i.e. multiplex) Rights Expressions and Content for carriage in broadcast and streaming

        Efficient communication of Rights Expressions

         An End-User should not have to wait for a long time before Using Content

        Organize and associate (i.e. multiplex) Metadata and Content for carriage in broadcast and streaming

        Efficient communication of Metadata

         An End-User should not have to wait for a long time before Using Metadata

PBB

Benefits

        Different Uses of the same Content (e.g. Resource selection)

        Executing sets of Functions on Content that serve for orientation, navigation and judgement (e.g. searching/filtering content)

PAV

 

        License Different Uses of the same Work  (e.g. Work based Resource selection)

        Ability to apply Work based Author and CMS issued Rights Expressions and Licenses to Composite Content components containing various types of Works/Resources (Audio, Video, Graphic etc.).

        Ability to find out which Works are employed in a piece of Content

CMS

 

 

Represent Use Data

 

Definition

A format representing how the Use of a piece of Governed Content has actually taken place in a Device

PAV

Objective

To enable further digital processing of Use Data

PAV

Requirements

        Ability to identify Use Data

        Ability to support protection of Use Data

        Ability to convert Use Data to a human readable form

        Ability to represent a wide range of Content Uses e.g. time of Use, Composite Content, Domains, Superdistribution Uses

PAV

 

        Ability to identify Use Data pertaining to a Work

        Ability to support protection of Work Use Data

        Ability to represent a wide range of Work Uses e.g. time of Use, Composite Content, Domains, Super-distribution Uses

CMS

Benefits

Provide a machine-processable record of Uses

PAV

 

 

Represent Rights Expression

 

Definition

Format that is capable of expressing Rights

PAV

Objective

To allow conditional use of Content, based on the conditions being satisfied or fulfilled

PAV

 

To allow conditional use of a Work used in Content, based on the conditions being satisfied or fulfilled.

CMS

Requirements

        The Solution shall represent different subsets of Rights

        The Solution shall represent new Rights when the need occurs

        The Solution shall unambiguously identify

o       the User granting the Right

o       the User, Device or Domains obtaining the Right

o       the piece(s) of Content to which the Rights Expression refers

o       the Right that is granted in such a way that there is no ambiguity in the semantics of the Rights Expression

        The Solution shall support the following Functions:

o       Copy

o       Move

o       Backup/Restore

o       Export

o       Import

o       Transfer to an external rendering device

        The Rights Expression shall support at least the following:

o       To assign one Rights Expression to many pieces of Governed Content

o       To assign many Rights Expressions each referring to a different component of a Composite Content

o       To specify Content Uses e.g.

         Period of time (e.g. play as long as the play time is less than a specified period) and based on time/date

         User identity-based

         Count based (play up to the specified number of time)

o       To specify Resource Uses e.g.

         Audio

         Video

         Executables (e.g. applet)

o       To allow streaming

o       To process metadata

         Presentation of Metadata

         Presentation of human-readable Cleartext Rights Expression

o       To allow trick modes

PAV

 

        The solution shall represent varying subsets of Author/CMS Rights

        The Solution shall unambiguously identify

o       the Work(s) to which the Rights Expression refers

o       the Right in the context of a given License or Licenses

        The Solution shall support the following Functions:

o       Edit

o       Adapt

o       Associate (e.g. we may want to maintain an association between audio and video)

o       Stream

o       Download

        Digital Rights Expressions shall support at least the following:

o       To assign Rights Expressions to Works

o       To assign one Rights Expression to many Works and/or pieces of Governed Content

o       To assign Rights Expressions with Context Use limitations, e.g. age of End-User

o       To assign many Rights Expressions each referring to a component of a Composite Content containing any combination of Works

o       To resolve conflicts between Rights Expressions for Work Use and Rights Expressions for Governed Content Use in which the Works are contained

o       To specify Work Uses e.g.

         Period of time (e.g. play as long as the play time is less than a specified period) and based on time/date

         User identity-based

         Count based (play up to the specified number of time)

CMS

 

        The Solution shall support the following Functions:

o       Store

        Rights Expression should enable

o       Store received Content

o       Move/Copy within Authorised Domain

o       Move/Copy within Footprint (e.g. applications may be required to determine the geographic region in which the device running the application is found, parcticularly when on-line)

o       Export to a movable media

o       Signal no Copy/Move outside Footprint

o       Inhibit Encryption of cleartext Content

        Rights Expressions should be able to make reference to a Footprint (already supported by “Identify Domain”)

        Rights Expressions should

o       Not require a return channel

o       Have low payload

o       Be processable by a wide array of Device sophistication

PBB

 

        Rights Expressions should support

o       Conditional expiry (i.e. SMP loses Rights to sheet music if Stored for longer than determined period without Use)

o       Multiple grantors of the same Work

o       Rights to segments of Work and Content

SMP

 

        Rights Expressions should support Quote

AHG3

 

        Rights Expressions shall support

o       Use of Content Stored in a Device-based Domain by the User of that Domain through a Device that does not belong to that Domain

o       Store

o       Time-shifted Use

AHG3

 

        Rights Expressions shall support

o       Use of Governed Content within geographical domains

DVM

Benefits

Potentially allow the full range of human contractual agreements to be embodied in the digital domain, especially including automatic processing of agreements that are stated in sufficiently rigorous forms. 

PAV

 

 

Authenticate

 

Authenticate User

 

Definition

The procedure to validate the User identity

PAV

Objective

To make sure that Governed Content is Used by the intended User

PAV

 

To make sure that Works are Used by the intended User

CMS

Requirements

        Protocol for the authentication of Users

PAV

Benefits

To enable Content Uses by identified Users

PAV

 

 

Authenticate Device

 

Definition

The procedure to validate the Device

PAV

Objective

To make sure that Governed Content is Used by the intended Device

PAV

 

To make sure that Works are Used by the intended Device

CMS

Requirements

        Protocol for the authentication of the Device

PAV

Benefits

To enable Content Uses on identified Devices

PAV

 

To enable Work Uses on identified Devices

CMS

 

 

Verify

 

Verify Data Integrity

 

Definition

The procedure to detect corruption or loss of part of the Content, Use Data and Executables

PAV

 

The procedure to detect misrepresentation of a Work

CMS

Objective

        Correct delivery of Content, Use Data and Executables.

PAV

 

        Correct delivery of a Work

        Guarantee that correct Work and Author are associated within content.

CMS

Requirements

        Ability to detect that there is corruption or loss of part of the Content, Use Data and Executables

        Support error recovery in the case where Content, Use Data and Executables are delivered over an imperfect Delivery System.

        Compatibility with data protection and privacy aspects (e.g. to limit the compilation of user profiles by third parties)

PAV

 

        Ability to cross-reference Work and Author identification with license data (this is a question of verifying Metadata Intergrity)

CMS

Benefits

To provide Content, Use Data and Executables integrity

PAV

 

To provide Work and Author representation integrity

CMS

 

 

Verify Device Integrity

 

Definition

The procedure to detect corruption of part of the software of a Device

PAV

Objective

To support Trust management with a Device that may be remote from a User

PAV

Requirements

        Ability to detect that there is corruption of the Device software

PAV

Benefits

The ability to support Trust management with a Device that may be remote from a User

PAV

 

 

Certify

 

Certify Work

 

Definition

The issuance of a statement by an authority that the Work identified is truly the said work (i.e. watermark)

CMS

Objective

To make sure that Governed Content and Works are by the Author

CMS

Requirements

        A protocol to certify Content in reference to a Work

CMS

Benefits

To support correct attribution

CMS

 

 

Certify User

 

Definition

The issuance of a statement by an authority that the claim by a user to be the User is supported (e.g. X.509 certificates are issued by the Spanish Government to its residents for secure on-line tax return filing and other issues).

PAV

Objective

To make sure that Governed Content is Used by the intended User

PAV

 

To make sure that Governed Content and Works are Used by the intended User

 

Requirements

        A mechanism to certify Users

PAV

Benefits

To enable Content Uses by certified Users

PAV

 

To enable Content and Work Uses by certified Users

 

 

 

Certify Authorship

 

Definition

The issuance of a statement by an authority that the Author identified is truly the Registered Author of a Work

CMS

Objective

To make sure Works are attributed correctly

CMS

Requirements

        A protocol to certify Authors

CMS

Benefits

To enable correct attribution

CMS

 

 

Certify Device

 

Definition

The issuance of a statement by an authority that the claim by a device to be the Device is supported

PAV

Objective

To make sure that Governed Content is Used by the intended Device

PAV

Requirements

        A mechanism to certify Devices

PAV

Benefits

To enable Content Uses by certified Devices

PAV

 

To enable Content and Work Uses by certified Devices

 

 

 

Manage

 

Manage Key

 

Definition

Controlling, generating, protecting, distributing, assigning, installing, tracking, validating and using keys. Also, updating, revoking, destroying, storing, and archiving keys as well as providing some means of Backup/Restore.

PAV

Objective

        to enable the controlled encryption and decryption of Data

PAV

Requirements

        To support multiple key exchange protocols without loss of interoperability

o       One key to one or to many piece(s) of Governed Content

o       One key to one or to many Users

o       One key to one or to many Devices

        To support identification of authorised key management systems

        Technology to protect keys

        For any pieces of Content used within Composite Content, it shall be possible to choose not to encrypt that piece of Content and it shall also be possible to encrypt that piece of Content using individual keys.

        The ability to support superdistribution of Governed Content when each instance of such Governed Content is encrypted with a different key.

        The Solution should lend itself easily to key management implementations that do not interfere with an enjoyable User experience.

        Key management solutions should not be completely destroyed by a single failure and if defeated, should have adequate recovery plans in place to restore key management security.

PAV

Benefits

To enable Users to employ a wide variety of key management systems in an interoperable fashion.

PAV

 

 

Manage Domain

 

Definition

Procedure to manage a set of Devices such that only those Devices can Use the same Governed Content

PAV

Objective

To enable groups of Devices and/or Users e.g. belonging to a family to Use the same Governed Content on any of the Devices in the group

PAV

Requirements

        Setting up a Domain, including the ability to distribute Rights Expressions that can only be used by Devices in the Domain

        Joining a Domain

        Authorising entry to a Domain

        Leaving a Domain

        Directing to leave a Domain, including the ability to exclude a Device so that it cannot process Rights Expressions associated with the Domain after the time of exclusion

        Users with an authorised entitlement shall be able to fully control Domain membership and Content distribution.

        Users without an authorised entitlement shall not be able to obtain confidential information related to the Domain

        A Domain shall be configurable to permit a variety of distribution options between Devices belonging to the Domain, e.g. superdistribution of Content and Composite Content to Devices belonging to a sub-Domain within the Domain (e.g., specialized interest groups).

PAV

Benefits

Enables content distribution to be both very wide and very specific, supporting many possible business models.

PAV

 

Enables Work distribution to be both very wide and very specific, supporting many possible business models.

CMS

 

 

Manage Device Capability

 

Definition

The procedure by which a Device can acquire information of the capabilities of another Device

PAV

Objective

To determine the capabilities of a Device so that Content suitable for Use on it, or Rights Expressions, can be provided/acquired

PAV

 

To determine the capabilities of a Device so that a Work contained in the Content suitable for Use on it, or Rights Expressions, can be provided/acquired or not according to the Authors wishes

CMS

Requirements

        Protocol to ascertain that a device is a Device

        Protocol to determine the Device’s Rights Expression interpretation capabilities

        Protocol to determine the Device’s Use capabilities

        A Device shall be able to identify another Device before distributing (or refusing to distribute) Content or Rights Expressions to that Device, however configurations for anonymity and/or confidentiality should be optional

        Content shall include relevant Metadata identifying the characteristics of that Content and the Device capabilities required to process that Content

        A Device shall be able to request and receive information identifying relevant capabilites of another Device before distributing (or refusing to distribute) requested Content or its associated Rights Expression to that Device

        A Device shall be able to request and receive information identifying characteristics of Content before receiving (or refusing to receive) the Content or its Rights Expression

        If a Device has received Content, the Device shall be able to determine whether it is able to process the Content before requesting the Rights Expression associated with it; the same shall apply if a Device has received the Rights Expression but has not received the Content

        The solution shall provide sufficient flexibility to respect Users' wishes for anonymous use and confidentiality of information not necessary for the purpose of discovery of Device capabilities.

PAV

Benefits

To enable Users to acquire Governed Content that matches their Devices’ capabilities.

PAV

 

To enable Users to acquire Governed Content which matches their Devices’ capabilities and allow Authors to control how their works are rendered or performed.

CMS

 

 

Manage Use Data Confidentiality

 

Ed. Note our use of User is not evident to non DMP readers.

 

Definition

Protocols that allow User A to negotiate the way User B will utilise acquired User and Use Data of User A

PAV

Objective

To let two Users determine how the information acquired during their interaction can be further utilised

PAV

Requirements

        Mechanism for protection of Use Data

        Ability to decide the utilisation of Use Data

PAV

 

        Use of broadcast Governed Content in a Footprint must support Use Privacy

PBB

Benefits

Allows User confidence that their privacy will be protected, simultaneously allowing Providers to gain knowledge from User and Use Data to the extent this is agreed.

PAV

 

 

Process

 

Access

 

Definition

The function of searching and selecting Governed Content of interest to an End-User

AHG3

Objective

To let the End-User make the the best choice of Content

AHG3

Requirements

        Navigation aids can be downloaded and executed on a Common Open API

PBB

 

        Access to authenticated Work and Author Descriptors

SMP

Benefits

Easy and accurate retrieval of Works, Resources or pieces of  Content

AHG3

 

 

Encrypt

 

Definition

Methods used to hide portions or totality of Content Data Elements

PAV

Objective

To prevent a user from using Content Data

PAV

Requirements

        Suitably flexible for a wide variety of Content Data

        Efficiently implementable on a wide range of Devices

        Based on Encryption Algorithms that are:

o       publicly disclosed

o       subject to constant scrutiny and evaluation by the worldwide cryptographic community

o       supporting stream and bulk ciphers

o       considered as secure

o       in broad use

        The appropriate consideration of export restrictions.

PAV

Benefits

To protect Content and Rights Expressions from being read by unintended Users

PAV

 

 

Store

 

Definition

The Function by which a piece of Governed Content enters a Device from a Delivery System and remains there for later Use

AHG3

Objective

Allow a User to Use a Piece of Content for a longer period of time

AHG3

Requirements

There are no identified requirements

AHG3

Benefits

The User can Use a Piece of Content for a longer period of time according to the Rights Expression

AHG3

 

 

Copy/Move

 

Definition

The Function by which a piece of Governed Content can be transferred to another Device, leaving the original (Copy) and deleting the original (Move).

Copy and Move are executed according to the Rights Expression.

Grouped together as a higher-level Function, the "Copy/Move" function accomplishes the transfer of a piece of Governed Content between Devices, either leaving the original in place ("Copy") or deleting the original ("Move").

PAV

Objective

To enable more use of the same piece of Governed Content

PAV

Requirements

        A protocol to communicate with another Device to accomplish the function required by the definitions of Copy/Move, including the point-to-multipoint case

        The protocol should lend itself to secure implementations

        The protocol should lend itself to efficient implementations on a wide variety of devices.

PAV

Benefits

Allow controlled Copy and Move of Content

PAV

 

 

Backup/Restore

 

Definition

The Function by which a Device can store a copy of a piece of Content or Governed Content (in case the Rights Expression is a Stateless Rights Expression) in a device where the (Governed) Content is not for Use, e.g. for the purpose of later restoring the (Governed) Content. Backup requires that the backup target be a non-DMP device and therefore does not result in a second usable copy.

PAV

Objective

to be able to backup/restore Content to an external device

PAV

Requirements

There are no identified requirements

PAV

Benefits

To be able to make room for Governed Content in a Device without losing permanently the Governed Content that is removed from the Device.

PAV

 

 

Export

 

Definition

The Function by which a Device makes available a piece of Governed Content for use by a non-DMP DRM system.

PAV

Objective

To enable use of a piece of Governed Content outside of an Environment.

PAV

Requirements

        A protocol to communicate with a non-DMP DRM system. This includes, as a minimum, a means to identify non-DMP DRM systems

PAV

Benefits

A Rights Holder has the ability to extend the range of use of their Content to other governed environments.

PAV

 

 

Import

 

Definition

The Function by which a Device accesses a piece of content governed by a non-DMP DRM system.

PAV

Objective

To enable Use of a piece of governed content by a Device.

PAV

Requirements

        A protocol to communicate with a non-DMP DRM system. This includes, as a minimum, a means to identify non-DMP DRM systems  

PAV

Benefits

Enables Environments to be populated with governed content from sources outside of DMP.

PAV

 

 

Play

 

Definition

The Function of converting a piece of Content Data to a form that can be Rendered

AHG3

Objective

Provide the intended Experience to a User

AHG3

Requirements

        Time-shifted Play should be supported

        Immediacy of Playing Content (without the need of complex username/password)

PBB

Benefits

 

PAV

 

 

Render

 

Definition

The temporary transmission of content during playback/access to an external device for rendering. The rendering device may be a DMP Device

PAV

Objective

To Render Resources securely.

PAV

Requirements

        A protocol to communicate with the external rendering device. This includes

o       a means to identify external rendering devices

o       a means

        Ability to work with standards already in place or in development for the networked home.

PAV

Benefits

Interferes with capture of the rendered bitstream.

PAV

 

 

Bind

 

Definition

The function of binding different sets of data

CMS

Objective

To make available, possibly in a persistent form, specific sets of data, e.g. an identifier and the data identified

CMS

Requirements

        The ability to Associate Persistently Work related information to all copies of Content containing that Work and all child copies and variations thereof that retain the Work and/or variation.

CMS

Benefits

        In the case of persistent association the ability to Distribute Data that are tightly bound to other Data

CMS

 

 

Pay

 

Definition

Providing Use, User, Device and Governed Content information to a payment system external to an Environment

PAV

Objective

To enable flexible payment systems such as subscription, pre-payment or transaction-based payment by a single Device, a Domain or a User.

PAV

Requirements

        The ability to support multiple payment methods and mechanisms

PAV

Benefits

Automated payment

PAV

 

 

Test Conformance

 

Test Conformance of Rights Expressions

 

Definition

 Verifying that a Rights Expression is interpreted and provides the output as intended by the originator of the Rights Expression

 

Objective

 To verify Conformance of the engine interpreting the Rights Expressions

 

Requirements

IED Conformance shall be assessed and regulated according to industrial compliance regime

PBB

Benefits

 It is essential for a Rights Holder that a Device will correctly interpret Rights Expressions.

 

 

 

Test Conformance of Enforcing Rights Expressions

 

Definition

 Verifying that the Functions corresponding to the output are executed as intended

 

Objective

 To verify Conformance of the engine executing the Rights Expressions

 

Requirements

IED Conformance shall be assessed and regulated according to industrial compliance regime

PBB

Benefits

 It is essential for a Rights Holder that a Device will correctly execute the intepreted Rights Expressions.

 

 

 

Test Conformance of Tamper resistance

 

Definition

 Defining the levels of tamper resistance and the methods to be used when an implementation is put under test for tamper resistance to determine such levels

 

Objective

 To verify the robustness of a Device to attacks

 

Requirements

 Proponents are asked to provide their views on this issue

PBB

Benefits

 It is essential for a Rights Holder that a Device is implemented in a way that makes it difficult for an attacker to tamper with it.

 

 


 

Annex A

 

#  

Value-chain User

Acr.

Definition

1.       

Author

AUT

A User who creates Works

2.       

Performer

PRF

A User who Uses Works to make Content

3.       

Collective Management Society

CMS

A User who provides collective representation to its member, e.g. Authors, Performers, Publishers etc.

4.       

Producer

PRD

A User who produces Content

5.       

Publisher

PBL

A User who makes Content available to the public

6.       

Syndicator

SND

A User who manages and provides Content to Retailers using a variety of  purchase options

7.       

Metadata Service provider

MTP

A User who recognises, assigns, delivers and processes structured metadata

8.       

Mediation Service provider

MDP

A User who provides mediator/agent Services to broker “closed” information such as actor identity

9.       

Resolution Service provider

RSP

A User who provides the Service of mapping disparate sets of Metadata

10.   

Repository

RPS

A User who offers Services to name, describe, locate, access, manage, and secure information about Content

11.   

Monitoring Service provider

MNP

A User who provides Use Data information in aggregated form

12.   

Marketer

MKT

A User who provides promotional, sale enhancement, brand enhancement and Merchandising Services

13.   

Aggregator

AGG

A User who provides procuring, packaging, presenting, cataloguing, archiving, indexing and promoting Services typically to Retailers

14.   

Retailer

RTL

A User who sells or Licenses Content to an End-user

15.   

Technology licensing provider

TLP

A User who provides Device Manufacturers and Platform providers with a license to utilise patented technology to make Devices and Platforms

16.   

Device Manufacturer

DVM

A User who manufactures or assembles hardware and/or software components to make Devices

17.   

Connectivity provider

CNP

A User who provides point-to-point or point-to-multipoint connectivity between Users

18.   

Network Service provider

NTP

A User who provides IP (or equivalent) services and typically various other services above it, e.g. guarantee of quality of service

19.   

Platform Service provider

PLP

A User who provides services on (parts of) the technology infrastructure of a Value-chain

20.   

Security provider

SCP

A User who provides technologies and services related to the security technologies and all levels of relevant computer and network security solutions

21.   

Certificate Authority

CRA

A User who issues digital certificates used to create digital signatures and public-private key pair

22.   

Conformance certification provider

CCP

A User who provides conformance, robustness and encoding rules along with certification of satisfying same.

23.   

Clearing House

CLH

A User who collects Value Expressions from other Users to distribute to Right Holders for the purchase of Use Rights over a given instance of Content

24.   

Financial Service provider

FSP

A User who provides the infrastructure for financial transactions, and accept deposits and channel the money into lending activities

25.   

End-user

ENU

The last User in a Value-chain

26.   

Reseller

RSL A User who possesses the Right, acquired by sale, License or other transfer, to control the disposition and transfer of Content from End-users to different End-users

27.   

Public Authority

PBA

A User who provides rules relating to the Use of Content and taxation on transactions related to Content.