Rights Metadata: XrML and ODRL for Digital Video

1
Rights Metadata XrML and ODRL for Digital Video

• Mairéad Martin
• University of Tennessee
• Doug Pearson
• Indiana University
• August 15, 2001

2
Overview

• Digital Rights Management Definition and current
  landscape
• XrML
• ODRL
• QA

3
SEAM Secure Econtent Attribute Management

• Goal To develop a dynamic, portable and granular
  rights management tool that will ensure the
  security and integrity of digital objects
• Integrates XML-based rights language, digital
  objects, and digital access technologies

4
(No Transcript)
5
Digital Rights Management

• Management vs. enforcement of rights
• Digital management of rights vs. Management of
  digital rights
• Players ltIndecsgt,W3C, EBX, MPEG, ContentGuard,
  IPR Systems

6
DRM Definition

• DRM involves the description, layering,
  analysis, valuation, trading and monitoring of an
  enterprises assets both in physical and digital
  form and of tangible and intangible value.
• - Renato Ianella, ODRL
• Version 0.9

7
DRM Languages

• eXtensible Rights Markup Language
• (XrML)
• Open Digital Rights Language (ODRL)
• Extensible Media Commerce Language (XCML)

8
Rights Language Requirements

• Applicable and interoperable across media
• Integration with descriptive metadata
• Extensible
• Efficient in open or trusted systems
• Supports modularity and granularity
• Capacity to be integrated with trust and tracking
  systems
• Open and non-proprietary

9
What is XrML?

• eXtensible rights Markup Language
• A language in XML for describing specification
  of rights, fees and conditions for using digital
  contents (or properties), together with message
  integrity and entity authentication within these
  specifications.

10
Intent of XrML

• XrML is intended to support commerce in
  digital contents, that is, publishing and selling
  electronic books, digital movies, digital music,
  interactive games, computer software and other
  creations distributed in digital form. It is also
  intended to support specification of access and
  use controls for secure digital objects in cases
  were financial exchange is not part of the terms
  of use.

11
Trusted Systems

• XrML enables trusted systems to exchange digital
  contents and interoperate.
• A trusted system is a server, player or other
  device for holding or accessing digital content,
  which can be trusted to honor the rights,
  conditions and fees specified for digital
  contents.

12
Who Controls XrML?

• XrML is licensed to the industry royalty-free by
  the developer, ContentGuard, Inc.
• ContentGuard is a spin-off from Xerox with
  strategic alliances and investment from Xerox and
  Microsoft. Xerox is the majority investor.
• Microsoft considers XrML a key component of its
  DRM strategy.

13
Whos using XrML?

• Microsoft uses XrML to specify rights and content
  descriptions for licensing eBooks. The Microsoft
  Digital Asset Server uses the rights and content
  descriptions to issue a personalized LIT file to
  the consumers Microsoft Reader.

14
http//www.xrml.org/about.htm
XrML -The Technology Standard for Trusted
Systems
A mature eContent marketplace requires a
standard language
XrML - forging the standard on which the
eContent industry depends
Trusted systems require a standard. That
standard XrML
Meeting the criteria demanded of an open
standard
An industry standard for creation of terms and
conditions associated with the use and protection
of eContent, XrML is licensed on a royalty-free
basis
15
Is XrML an Open Standard?

• ContentGuard declares commitment to promoting
  and supporting a standard language that will
  enable content creators, providers, distributors
  and retailers to express rights and
  specifications

16
Is XrML an Open Standard?

• Guiding Principles
• Enable XrML to meet the needs of all stakeholders
  in the eContent industry
• Establish a community of practice committed to
  develop a common rights language
• Enable interoperability
• Encourage interested parties to submit and share
  XrML Mods with the community of practice

17
Is XrML an Open Standard?

• XrML is not an open standard.
• Rather, XrML is an attempt to build an industry
  standard with a published specification and
  encouragement to a community of practice.

18
ContentGuard Patents

• "System for Controlling the Distribution and Use
  of Digital Works Using Digital Tickets." (US
  Patent 6,236,971)
• "System for Controlling the Distribution and Use
  of Digital Work Having Attached Usage Rights
  Where the Usage Rights are Defined by a Usage
  Rights Grammar" (US Patent 5,715,403)
• "System for Controlling the Distribution and Use
  of Composite Digital Works" (US Patent 5,638,443)
  
• "System for Controlling the Distribution and Use
  of Digital Works Having a Free Reporting
  Mechanism" (US Patent 5,634,012)
• "System for Controlling the Distribution and Use
  of Digital Works" (US Patent 5,629,980)
• "Interactive Contents Revealing Storage Device"
  (US Patent 5,530,235)
• "System for Controlling the Distribution and Use
  of Rendered Digital Works through Watermarking"
  (US Patent 6,233,684)

19
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
20
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
Within the root XrML is a mandatory element BODY
and an optional element SIGNATURE.
21
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
SIGNATURE is the digital signature to insure
integrity of the XRML specification
22
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
BODY consists of an optional description of the
digital WORK and some optional metadata about the
XrML document.
23
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
ISSUED is the time at which the the XrML document
was issued.
24
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
TIME is the time interval over which the XrML
document is valid.
25
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
DESCRIPTOR is a description of the XrML document
what this document represents.
26
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
ISSUER is the principle who issues the XrML
document.
27
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
ISSUED-PRINCIPALS is a list of the principals the
XrML document is issued to.
28
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
AUTHENTICATE-DATA captures data which is
necessary for an application which processes a
XrML document.
29
ltXrMLgt ltBODYgt (ISSUED)? (TIME)? (DESCRIPTOR
)? (ISSUER)? (ISSUEDPRINCIPALS)? (WORK)? (
AUTHENTICATEDATA)? lt/BODYgt (SIGNATURE)? lt/XrMLgt
WORK defines a digital work and its usage rights.
30
ltWORKgt (OBJECT) (DESCRIPTION)? (CREATOR)? (OWN
ER)? (DIGEST)? (PARTS)? (CONTENTS)? (COPIES)?
(COMMENT)? (SKU)? (RIGHTSGROUP
REFERENCEDRIGHTSGROUP) lt/WORKgt
31
ltWORKgt (OBJECT) (DESCRIPTION)? (CREATOR)? (OWN
ER)? (DIGEST)? (PARTS)? (CONTENTS)? (COPIES)?
(COMMENT)? (SKU)? (RIGHTSGROUP
REFERENCEDRIGHTSGROUP) lt/WORKgt
OBJECT identifies the digital object of the WORK
through a unique identifier such as ISBN or ISSN
number.
32
ltWORKgt (OBJECT) (DESCRIPTION)? (CREATOR)? (OWN
ER)? (DIGEST)? (PARTS)? (CONTENTS)? (COPIES)?
(COMMENT)? (SKU)? (RIGHTSGROUP
REFERENCEDRIGHTSGROUP) lt/WORKgt
Self explanatory.
33
ltWORKgt (OBJECT) (DESCRIPTION)? (CREATOR)? (OWN
ER)? (DIGEST)? (PARTS)? (CONTENTS)? (COPIES)?
(COMMENT)? (SKU)? (RIGHTSGROUP
REFERENCEDRIGHTSGROUP) lt/WORKgt
DIGEST uses a cryptographic digest value of the
work to insure integrity and originality of the
work.
34
ltWORKgt (OBJECT) (DESCRIPTION)? (CREATOR)? (OWN
ER)? (DIGEST)? (PARTS)? (CONTENTS)? (COPIES)?
(COMMENT)? (SKU)? (RIGHTSGROUP
REFERENCEDRIGHTSGROUP) lt/WORKgt
PARTS specifies a list of works that are included
as part of this WORK.
35
ltWORKgt (OBJECT) (DESCRIPTION)? (CREATOR)? (OWN
ER)? (DIGEST)? (PARTS)? (CONTENTS)? (COPIES)?
(COMMENT)? (SKU)? (RIGHTSGROUP
REFERENCEDRIGHTSGROUP) lt/WORKgt
CONTENTS gives the starting and stopping
addresses which the rights in the WORK
specification apply.
36
ltWORKgt (OBJECT) (DESCRIPTION)? (CREATOR)? (OWN
ER)? (DIGEST)? (PARTS)? (CONTENTS)? (COPIES)?
(COMMENT)? (SKU)? (RIGHTSGROUP
REFERENCEDRIGHTSGROUP) lt/WORKgt
COPIES specifies the number of copies of the
digital work. Its possible to transfer or loan a
copy while exercising other rights on remaining
copies.
37
ltWORKgt (OBJECT) (DESCRIPTION)? (CREATOR)? (OWN
ER)? (DIGEST)? (PARTS)? (CONTENTS)? (COPIES)?
(COMMENT)? (SKU)? (RIGHTSGROUP
REFERENCEDRIGHTSGROUP) lt/WORKgt
Stock Keeping Unit. Is included for
extensibility typically for use by retailer or
distributor.
38
ltWORKgt (OBJECT) (DESCRIPTION)? (CREATOR)? (OWN
ER)? (DIGEST)? (PARTS)? (CONTENTS)? (COPIES)?
(COMMENT)? (SKU)? (RIGHTSGROUP
REFERENCEDRIGHTSGROUP) lt/WORKgt
Rights specification.
39
ltRIGHTSGROUPgt (COMMENT)? (BUNDLE)? (RIGHTSLIST)
lt/RIGHTGROUPgt
One or more RIGHTSGROUP may exist according to
logical collections of rights for groups of users.
40
ltRIGHTSGROUPgt (COMMENT)? (BUNDLE)? (RIGHTSLIST)
lt/RIGHTGROUPgt
Each right may separately specify parameters such
as time limits, fees, access conditions. Shared
parameters may be bundled.
41
lt!ELEMENT RIGHTSLIST (( COPY TRANSFER LOAN
PLAY PRINT EXPORT VIEW EDIT EXTRACT
EMBED BACKUP RESTORE VERIFY FOLDER
DIRECTORY DELETE INSTALL UNINSTALL ))gt
42
Classification of rights Transport Render Der
ivative Work File Management Configuration
43
Classification of rights Transport Render Der
ivative Work File Management Configuration
Governs the creation and movement of persistent
copies of a work under the control of trusted
repositories COPY create a new copy of a
work TRANSFER an existing authorized copy moves
to another repository LOAN loan a copy for a
period of time
44
Classification of rights Transport Render Der
ivative Work File Management Configuration
Governs the creation of representations of a
digital work outside of the control of trusted
systems. PLAY make an ephemeral copy available
for use PRINT make permanent copies to external
media EXPORT makes a digital source copy
available outside of trusted system control
45
Classification of rights Transport Render Der
ivative Work File Management Configuration
Governs the reuse of a digital work, in whole or
part, to create a new composite work. Not
intended to cover all possible forms of reuse
rather automate the simple case where the rights
owner can pre-determine fees and
repository-testable conditions on a
work. EXTRACT, EDIT AND EMBED
46
Classification of rights Transport Render Der
ivative Work File Management Configuration
Governs access to directory and file information
in operations when two repositories are
connected. E.g. when exercising rights that
engage multiple repositories, such as TRANSFER or
LOAN. Also, controls the making and restoring of
backup copies. FOLDER, DIRECTORY, DELETE,
VERIFY, BACKUP
47
Classification of rights Transport Render Der
ivative Work File Management Configuration
Governs the adding and removing of system
software from secure repositories. INSTALL,
UNINSTALL
48
lt!ENTITY termConditions (TIME ACCESS FEE
TERRITORY TRACK)gt
49
XrML Definition for Microsoft eBook

• Scenario
• On August 9, I purchased and downloaded a
  Microsoft Reader formatted eBook, Telecosm by
  George Gilder, from Amazon. The following XrML
  was included inside the .LIT file.

50
ltXrMLgt ltBODY type"LICENSE" version"2.0"gt ltIS
SUEDgt2001-08-09T1927lt/ISSUEDgt ltDESCRIPTORgt lt
OBJECT type"self-proving-EUL"gt ltID
type"MS-GUID"gtB536F0B2-8755-4CF5-AE80-6E1F41A15A
99lt/IDgt lt/OBJECTgt lt/DESCRIPTORgt ltISSUERgt lt
OBJECT type"Licensor-Certificate"gt ltID
type"MS-GUID"gtEF649DC9-29A9-4EA8-9CF7-49A76C3944
07lt/IDgt ltNAMEgtLightning Source,
Inc.lt/NAMEgt ltADDRESS type"URL"gtwww.lightningso
urce.comlt/ADDRESSgt lt/OBJECTgt ltPUBLICKEYgtltALGOR
ITHMgtRSA-512lt/ALGORITHMgtltPARAMETER name"public
exponent"gtltVALUE encoding"integer32"gt65537lt/VALUE
gtlt/PARAMETERgtltPARAMETER name"modulus"gtltVALUE
encoding"base64" size"512"i7rWoCdyg...lt/VALUEgtlt
/PARAMETERgtlt/PUBLICKEYgt lt/ISSUERgt
51
ltISSUEDPRINCIPALSgt ltPRINCIPAL
internal-id"1"gt ltOBJECT type"MS
Registration"gt ltID type"MS Registration
ID"gt196608-lt/IDgt ltNAMEgtdodpears_at_indiana.edult/
NAMEgt lt/OBJECTgt ltPUBLICKEYgtltALGORITHMgtRSA-51
2lt/ALGORITHMgtltPARAMETER name"public
exponent"gtltVALUE encoding"integer32"gt65537lt/VALUE
gtlt/PARAMETERgtltPARAMETER name"modulus"gtltVALUE
encoding"base64" size"512"gtjykOvc...lt/VALUEgtlt/PA
RAMETERgtlt/PUBLICKEYgt lt/PRINCIPALgt lt/ISSUEDPRINC
IPALSgt
52
ltWORKgt ltOBJECT type"BOOK-LIT-FORMAT"gt lt
ID type"SKU"gt074321594Xlt/IDgt ltNAMEgt074321594Xlt
/NAMEgt lt/OBJECTgt ltOWNERgt ltOBJECT
type"Licensor-Certificate"gt ltID
type"MS-GUID"gtEF649DC9-29A9-4EA8-9CF7-49A76C3944
07lt/IDgt ltNAMEgtLightning Source,
Inc.lt/NAMEgt ltADDRESS type"URL"gtwww.lightnings
ource.comlt/ADDRESSgt lt/OBJECTgt ltPUBLICKEYgtltAL
GORITHMgtRSA-512lt/ALGORITHMgtltPARAMETER
name"public exponent"gtltVALUE encoding"integer32"
gt65537lt/VALUEgtlt/PARAMETERgtltPARAMETER
name"modulus"gtltVALUE encoding"base64"
size"512"gti7rWoCdy...lt/VALUEgtlt/PARAMETERgtlt/PUBLI
CKEYgt lt/OWNERgt
53
ltWORKgt CONTINUED ltRIGHTSGROUP
name"Main Rights"gt ltCOMMENTgtRights
descriptionlt/COMMENTgt ltRIGHTSLISTgt ltVIEWgt
ltACCESSgt ltPRINCIPAL internal-id"1"gt
ltENABLINGBITS type"sealed-des-key"gt lt
VALUE encoding"base64" size"512"gtE75/0j...lt/VALU
Egt lt/ENABLINGBITSgt lt/PRINCIPALgt
lt/ACCESSgt lt/VIEWgt lt/RIGHTSLISTgt lt/RIGHTSG
ROUPgt lt/WORKgt
54
ltAUTHENTICATEDDATA name"eBook 1.5
Authentication Data" size"160"gt 0Gy1fRMXMm3p
vpZakb3PVt4IVOA lt/AUTHENTICATEDDATAgt lt/BODYgt lt
SIGNATUREgt ltDIGESTgt ltALGORITHMgtSHA1lt/ALGORITHMgt
ltPARAMETER name"codingtype"gt ltVALUE
encoding"string"gtsurface-codinglt/VALUEgt lt/PARAM
ETERgt ltVALUE encoding"base64"
size"160"gtrXYVrtQ...lt/VALUEgt lt/DIGESTgt ltVALUE
encoding"base64" size"512"gtJy1sGMtN9J...lt/VALUEgt
lt/SIGNATUREgt lt/XrMLgt
55
ltXrMLgt ltBODY type"LICENSE" version"2.0"gt ltISS
UEDgt2000-08-02T2216lt/ISSUEDgt ltDESCRIPTORgt ltOB
JECT type"Licensor-Certificate"gt ltID
type"MS-GUID"gtEF649DC9-29A9-4EA8-9CF7-49A76C3944
07lt/IDgt ltNAMEgtLightning Source,
Inc.lt/NAMEgt ltADDRESS type"URL"gtwww.lightningso
urce.comlt/ADDRESSgt lt/OBJECTgt lt/DESCRIPTORgt lt
ISSUERgt ltOBJECT type"Corporation"gt ltID
type"MS-GUID"gt2lt/IDgt ltNAMEgtMicrosoft
Corporationlt/NAMEgt ltADDRESS type"URL"gtwww.micr
osoft.comlt/ADDRESSgt lt/OBJECTgt ltPUBLICKEYgtltALGO
RITHMgtRSA-512lt/ALGORITHMgtltPARAMETER name"public
exponent"gtltVALUE encoding"integer32"gt65537lt/VALUE
gtlt/PARAMETERltPARAMETER name"modulus"gtltVALUE
encoding"base64" size"1024"gt5sqoaK...lt/VALUEgtlt/P
ARAMETERgtlt/PUBLICKEYgt lt/ISSUERgt
56
ltISSUEDPRINCIPALSgt ltPRINCIPAL
internal-id"1"gt ltOBJECT type"Corporation"gt
ltID type"MS-GUID"gtEF649DC9-29A9-4EA8-9CF7-49A7
6C394407lt/IDgt ltNAMEgtLightning Source,
Inc.lt/NAMEgt ltADDRESS type"URL"gtwww.lightnings
ource.comlt/ADDRESSgt lt/OBJECTgt ltPUBLICKEYgtltAL
GORITHMgtRSA-512lt/ALGORITHMgtltPARAMETER
name"public exponent"gtltVALUE encoding"integer32"
gt65537lt/VALUEgtlt/PARAMETERgtltPARAMETER
name"modulus"gtltVALUE encoding"base64"
size"512"gti7rWoC...lt/VALUEgtlt/PARAMETERgtlt/PUBLICK
EYgt lt/PRINCIPALgt lt/ISSUEDPRINCIPALSgt lt/BODYgt lt
SIGNATUREgt ltDIGESTgt ltALGORITHMgtSHA1lt/ALGORITHMgt
ltPARAMETER name"codingtype"gtltVALUE
encoding"string"gtsurface-codinglt/VALUEgtlt/PARAMETE
Rgt ltVALUE encoding"base64" size"160"gtIOYwWKd..
.lt/VALUEgt lt/DIGESTgt ltVALUE encoding"base64"
size"1024"gtpAcwJUWAuuN...lt/VALUEgt lt/SIGNATUREgt lt
/XrMLgt
57
Open Digital Rights Language (ODRL)

• Developed by Renato Iannella of IPR Systems
  (Australia)
• Expressed in XML
• Open source submitted to W3C
• Goal will plug into an open framework that
  enables P2P interoperability for DRM services.
• Version 0.9 published June 26, 01

58
ODRL Standard Specification (Version 0.9)

• Expression Language
• Data Dictionary
• Scenarios
• XML schema for both

59
Digital Video Scenario

• A digital video lecture at Georgia Tech is
  limited to registrants of the course, each of
  whom was issued a digital certificate identifying
  them as registrants. Non-registrants may view the
  course for a metered fee of 10 per hour during
  the course period. Non-registrants will receive a
  lower-resolution video file than registrants.

60
ltPermissionsgtExpression
61
ltConstraintsgtExpression
62
ltConstraintsgtExpression
63
ltRequirementsgtExpression
64
ltRights HoldergtExpression
65
ltContextgtExpression
66
ltAgreementgtExpression
67
ODRL Next Version

• Extensibility
• Additional data dictionary elements
• Specification of equivalent rights
• Mapping between rights languages
• Signing ODRL Expressions
• Transporting ODRL Expressions
• Will include the use of SOAP

68
Resources

• ODRL http//www.odrl.net
• XrML http//www.xrml.org

69
Credits

• Grace Agnew, GA Tech
• Anne Salter, GA Tech
• William Rhodes, UT