The Coral Interoperability Framework CCNC-2007 Las Vegas Ton Kalker1, Knox Carey2, Jack Lacey2, Martin Rosner3 1Hewlett-Packard, 2Intertrust Technologies, 3Philips Electronics © 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Overview • Introduction • DRM & Non-Interoperability • CORAL − CORAL Architecture − CORAL Ecosystem-A • Summary Learn to speak 15+ languages Agree upon a common language Provide for translation services Digital Rights Management • Control access to and use of digital content − enforcement of copyright • Enable new business models − Traditional • Buy to own • Rent until − New • Play once • Play on maximal 5 devices • … Why Non-Interoperability is Bad • Consumers are put off by content and services that do not work with all of their devices • Device Makers must choose to either integrate a single DRM technology and thereby limit the flexibility of their devices or implement multiple DRM technologies adding to the cost of their devices. • Distributors must choose DRM systems supported by popular devices, limiting their ability to address a broader set of consumers with different devices Content Providers see a smaller addressable market due to the fragmented nature of the downstream value chain. • • AES, SHA, DSS, … • TPM, obfuscation, … Crypto Trust Robustness • XrML, ODRL, … REL Media Identifiers • Users, devices, domains, … Keys Formats • Certificate Authority, … • AAC, WM, AVC, … Bricks and Builders • Digital Rights Management − Tools to enforce copyright and enable business models • Devices & Applications • Service Providers • Service Providers − Builders of the ecosystem − Providing the experience − Using the tools (3GPP, OMA) (AVC , --- ) (WMV , WMDRM+ ) (WMA, WMDRM) (AAC, FairPlay) (Real, Helix) (WMV, WMDRM) (MP3, --- ) Four approaches to Interoperability • Simultaneously deploy all DRM standards • Agree upon a standard DRM − Which one? − Who is in control? − Does not solve the business issues! • Bi-lateral agreements − Does not scale well! − Difficult to retain consistency • Interoperability Framework − CORAL CORAL Mission Statement • Cross-industry group formed to promote interoperability between digital rights management (DRM) technologies in the consumer media market. • The mission statement of Coral is to create a common technology framework for content, device, and service providers, regardless of the DRM technologies they use. This open technology framework will enable a simple and consistent digital entertainment experience for consumers. • Sub-mission: without the need to modify existing DRM systems • http://www.coral-interop.org Protected Content Delivery Server Transaction DB Check Application Logic Request License Record Authorize? License Web Application Server Web Server Browse DRM License Server Trigger Trigger License Client Web Browser Trigger DRM Client SDK License Protected License DB Coral Content Delivery Transaction Rights Registry DB Record Web Server Browse Web Browser CORAL Interoperability Protected Content Delivery Server Rights Instantiator Transaction DB Check Application Logic Request License Authorize? Rights Registry Coral DRM License Server License Web Application Server Web Server Trigger Trigger License Client Web Browser Trigger DRM Client SDK License Protected License DB CORAL Architecture • Coral Core − Building blocks • Ecosystems − Actual Interoperable Frameworks Eco-A: DRM Independent Domain Framework EcoA Domain Client Domain Client Domain Client Web Browser • Domain Client provides − EcoA Identity − Interface to EcoA − Awareness of native DRMs DRM Client SDK Protected License DB Service for DRM A Coral/EcoA Service Rights Locker Rights Instantiator Transaction DB Trigger Coral/EcoA Service Domain Manager Rights Mediator Coral/EcoA Service Domain Client Web Browser Domain Client Fulfillment DRM A Client SDK Protected License DB Service for DRM A Service for DRM B Transaction DB Rights Instantiator Rights Instantiator Transaction DB Coral/EcoA Service Domain Manager Rights Mediator Rights Locker Coral/EcoA Service Domain Client Domain Client Domain Client Domain Client (Domain, C, U) DRM A: xv4356ads33 xv4356ads33 DRM A Client SDK DRM B Client SDK Ecosystem-A Compliance • DRM Compliance − server / client architecture − ability to faithfully represent Rights Tokens • CORAL Usage Models are basic • Service Provider Compliance − honoring Rights Tokens • No more bi-lateral agreements! − maintaining integrity of Ecosystem-A Summary • Interoperability is a multi-faceted issue − DRM interoperability − Service interoperability • CORAL provides a 2-tier interoperability framework − CORAL+ (the bricks) • Technical − Ecosystems (the houses) • Technical + Compliance (+ Business) Thank you for your attention