separate delivery

advertisement
OMA DRM
Kevin Liu
Advisor Prof. Hsing Mei
Web Computing Laboratory
Graduate Institute of Applied Science and Engineering,
Fu Jen Catholic University
March 15, 2008
Outline
• Introduction
• DRM System Overview
• Three DRM V1.0 methods
•
•
•
•
– Combined delivery
– Forward-Lock
– Separate delivery
Introduction of DRM V2.0
DRM Website
Conclusion
Reference
2
OMA DRM
• OMA:Open Mobile Alliance
– 正式成立於2002年6月初,其前身為:Open
Mobile Architecture Initiative Supporters
和WAP Forum。後續有一些組織加入了OMA.
• DRM:Digital Rights Management
– Is the means to control the usage of the
media object once it has been
downloaded.
3
Preface
• Without protection and management of digital
rights,
– Digital content can be easily copied, altered, and
distributed to a large number of recipients, which could
cause revenue loss to media companies.
• There is a need for content providers and
operators to control the usage of downloaded
media objects.
• To protect commercial digital intellectual property
and avoid digital piracy,
– we need a system that prevents unauthorized access to
digital content and manages content usage right.
4
Introduction of DRM
• A content provider can grant a user the
rights to preview media objects for free
and charge the user only for the full usage
rights.
• The value lies in the rights and not in the
media object itself
• DRM makes it possible to sell the rights to
use the media object, rather than selling
the media object itself.
5
Introduction of DRM
• A DRM system should offer a persistent
content protect against unauthorized access
to the digital content ,
– limiting access to only those with the proper
authorization.
• DRM enables content providers to define
rules (rights) for how the media object
should be used.
– the ability to preview DRM content
– to prevent downloaded DRM content from being
illegally forwarded (copied) to other users
6
Introduction
• The rights can be delivered to the consuming
device by downloading them together with the
content or by sending the rights object separately
from content.
7
DRM System Overview
License Server
Paying royalty fees
Usage rules
Content
Provider
Digital License
Requiring license
and paying
Paying distribution
Protected Content
Consumer
Protected content
Content Server
8
Three DRM V1.0 Methods
• Forward-Lock
• Combined delivery
• Separate delivery
9
Forward-lock (FL)
• A special case of
combined delivery
method where the
DRM message does
not contain a rights
object.
• The device is
allowed to render
the content but not
to forward it to
other devices.
10
Forward-lock (FL)
• The Content Provider, using a DRM Packager, packages the
media object into one DRM Message and makes the URL
available to the device (e.g. by publishing it on a Web page).
• HTTP Download is used to deliver the DRM Message.
• The User is using the media object.
• The DRM agent ensures that the media object is not copied
to another device, via IrDA or Bluetooth, or sent from the
device in an MMS or email.
11
Combined delivery (CD)
• Delivery of the rights
object and content together
in a single message.
• The DRM message includes
the media object and a
rights object.
• The device may render the
content according to the
rights object.
• If the device supports the
“combined delivery” method
it MUST also support the
“forward-lock” method.
12
Combined delivery (CD)
• The Content Provider, using a DRM Packager,
packages the media object and the rights object
into one DRM Message.
• The DRM Message is made available to the device
(e.g. by publishing it on a Web page).
• To download the DRM Message (media object +
rights object).
• The User is using the media object. The DRM
agent ensures that the media object is used
according to the rights.
13
Separate delivery (SD)
• Delivery of the rights
object and content via
separate transports.
• If the device supports the
“separate delivery” method
it MUST also support the
“combined delivery” and
“forward-lock” methods.
• If there are no rights
objects associated with a
piece of DRM content the
device MUST NOT consume
the content.
14
Separate delivery
• In the separate delivery method the content
provider needs to convert the plaintext media
object into DRM content format (DCF).
• This conversion includes symmetric encryption of
the content making the DRM protected content
object useless to parties not having access to the
Content Encryption Key (CEK).
• The content in DRM format may be distributed via
an insecure transport whereas a more secure
transport (from DRM point of view) is used to
deliver the rights object with the CEK.
15
Separate delivery
• In the separate delivery method the media object
is always encrypted and converted into the DCF
format.
• When a media object is distributed in encrypted
form, the key is with the rights object.
• The device should allow to forward the DCF file to
another device.
• The device must not forward rights objects from
the device.
16
Separate delivery
• The media object is
allowed to pass from
mobile device to
mobile device through
any channel, with the
rights object being
obtainable from the
Rights Issuer.
17
DRM V1.0 Use Case
18
Introduction of DRM V2.0
• 更進一步加密權限物件
• 藉由使用裝置的公開金鑰(public key)做為
內容物件加密的金鑰
– 將它們結合於目標裝置,來加強安全性。
• 整合的保護內容及權限物件,可減少被濫
用的風險
• 除了加強安全性,亦加入信任的元件(trust
element)
19
The Trust Element of DRM V2.0
• DRM Agent
• Content Issuer
• Rights Issuer
20
DRM Agent
• 此元件內嵌入一個信任的實體(trusted
entity)
• 負責執行DRM 內的許可權限及限制
• 控制對DRM 內容的存取
21
Content Issuer
• 負責傳遞DRM 內容
• OMA DRM 中有定義DRM 內容的格式以傳
遞至DRM Agent
• 亦定義使用不同傳遞機制由Content
Issuer 傳遞至DRM Agent
• 可以確實地將DRM 內容包裝好或是可接收
已包裝好的內容
22
Rights Issuer
• 對DRM 內容分配許可權限及限制的一個實
體
• 產生權限物件Rights Objects
• 一個權限物件是一份XML 文件,表達出對
相關DRM 內容的許可權限及限制
• 權限物件管理DRM 內容如何被使用
23
DRM Website
24
DRM Website
25
Conclusion
• 所謂的DRM乃是藉由電腦程式,以軟體或硬體方
法限制數位內容使用方式的系統通稱
• 一種機密保護機制,防止被複製,或防止在傳遞
時被攔截轉拷
• 在「複製」所費不貲的年代中,出版商持有了複
製所需的資源及技術,壟斷了複製的權利,藉以
保障其利潤,這便是著作權的由來。
• 「合理使用」的權利會被 DRM 吞噬
• 使用者還是得接受大財團的剝削,讓自己的權益
平白受損。
26
Reference
• OMA Digital Rights Management V1.0 Approved Enabler
• Digital Rights Management (OMA-Download-DRM-V1_020040615-A.pdf)
• Download Architecture(OMA-Download-ARCH-V1_0-20040625A.pdf)
• Introduction to DRM - Digital Right Management
• DRM Website
• 再論DRM
27
Q&A
28
Download