Beruflich Dokumente
Kultur Dokumente
*INTRODUCTION*
During the past decade, computers and the Internet have transformed the way we
work, learn, communicate and are entertained. Yet some of technology's potential
to do even more has not been fully realized, because of concerns about illegal use
of digital information, about confidentiality and about privacy. For example, e-
commerce in music and movies has been slowed, because artists and publishers
have been concerned about protecting their copyrighted works from illegal use.
More broadly, businesses don't exchange digital information with customers and
partners as freely as they might, because they fear it could fall into the wrong
hands.
These concerns reflect the increasing need of all businesses and many individual
computer users to share a wide range of digital information, yet still control who can
use it and how -and it is called "rights management."Digital Rights Management
(DRM) is a technology that protects content owners' rights while selling and
distributing the content online in a digital form. DRM introduces new possibilities for
selling, distributing and consuming content and therefore does not only involve the
prevention of piracy.
D-Lib Magazine
June 2001
Volume 7 Number 6
ISSN 1082-9873
1. Introduction
Digital Rights Management poses one of the greatest challenges for content
communities in this digital age. Traditional rights management of physical materials
benefited from the materials' physicality as this provided some barrier to
unauthorized exploitation of content. However, today we already see serious breaches
of copyright law because of the ease with which digital files can be copied and
transmitted.
In designing and implementing DRM systems, there are two critical architectures to
consider. The first is the Functional Architecture, which covers the high-level
modules or components of the DRM system that together provide an end-to-end
management of rights. The second critical architecture is the Information
Architecture, which covers the modeling of the entities within a DRM system as well
as their relationships. (There are many other architectural layers that also need to be
considered, such as the Conceptual, Module, Execution, and Code layers
[HOFMEISTER], but these architectures will not be discussed in this article.)
This article discusses the Functional and Information Architecture domains and
provides a summary of the current state of DRM technologies and information
architectures.
2. Functional Architecture
The overall DRM framework suited to building digital rights-enabled systems can be
modeled in three areas:
• Intellectual Property (IP) Asset Creation and Capture: How to manage the
creation of content so it can be easily traded. This includes asserting rights
when content is first created (or reused and extended with appropriate rights
to do so) by various content creators/providers.
• IP Asset Management: How to manage and enable the trade of content. This
includes accepting content from creators into an asset management system.
The trading systems need to manage the descriptive metadata and rights
metadata (e.g., parties, usages, payments, etc.).
• IP Asset Usage: How to manage the usage of content once it has been traded.
This includes supporting constraints over traded content in specific desktop
systems/software.
While the above models comprise the broad areas required for DRM, the models need
to be complemented by the Functional Architecture that provides the framework for
the modules to implement DRM functionality (see Figure 1).
• Rights Validation - to ensure that content being created from existing content
includes the rights to do so.
Together, these three modules provide the core functionality for DRM systems. The
modules have been described only at a high level, and they would also need to
operate within other, existing e-business modules (such as shopping carts, consumer
personalization, etc.) and Digital Asset Management modules (such as version
control, updates, etc.). Additionally, the modules would support interoperability,
trust, standard formats, openness and other such principles described in an article by
John Erickson in D-Lib Magazine's April 2001 issue [ERICKSON].
The Functional Architecture is only part of the solution to the challenges of DRM.
Rights Management can become complex remarkably quickly. As a result, DRM
systems must support the most flexible information model possible to provide for
these complex and layered relationships. The Information Architecture provides this.
3. Information Architecture
The Information Architecture deals with how the entities are modeled in the overall
DRM framework and their relationships. The main issues that require addressing in
the development of a DRM Information model include:
It is important to adopt a clear and extensible model for the DRM entities and their
relationship with other entities. Existing work in this area includes the <indecs>
project [INDECS]. The basic principle of the <indecs> model is to clearly separate
and identify the three core entities: Users, Content, and Rights as shown in Figure 2.
Users can be any type of user, from a rights holder to an end-consumer. Content is
any type of content at any level of aggregation. The Rights entity is an expression of
the permissions, constraints, and obligations between the Users and the Content. The
primary reason for this model is that it provides the greatest flexibility when
assigning rights to any combination or layering of Users and Content. The Core
Entities Model also does not constrain Content from being used in new and evolving
business models.
Figure 2 - DRM Information Architecture - Core Entities Model
This model implies that any metadata about the three entities needs to include a
mechanism to relate the entities to each other.
The Content itself also needs to be modeled. Again, there has been some existing
work in this area from the International Federation of Library Associations [IFLA].
The key principle in the modeling of Content is that Content contains many "layers"
from various intellectual stages or evolution of its development. Such a model will
enable clearer (i.e., more explicit and/or appropriate) attribution of rights information.
For example, the IFLA model allows Content to be identified at the Work,
Expression, Manifestation, and Item layers. At each of these layers, different rights
and rights holders may need to be supported as shown in Figure 3.
Figure 3 - DRM Information Architecture - Content Model
The layers of the Content defined as Work (a distinct intellectual or artistic creation)
and Expression (the intellectual or artistic realization of a work) reflect scholarly or
creative content. On the other hand, the other layers of Content, defined as
Manifestation (the digital embodiment of an expression of a work) and Item (a single
exemplar instantiation of a manifestation), reflect physical or digital form.
As an example, consider "The Name of the Rose". The Work, by Umberto Eco,
would be the idea of the events that took place in an isolated Benedictine monastery
and include descriptions of the concepts and main ideas, features, or characters. The
Expressions of the Work could then include:
Another aspect that may affect rights is when Content is made of many parts. Some
of these parts may have different rights associated with them that need to be
recognized in the aggregated content.
Content should be described using the most appropriate metadata standard for that
genre (for example, the EDItEUR ONIX standard [ONIX] for books (physical and
electronic) and the IMS Learning Resource Meta-data Information Model [IMS] for
educational learning objects). It is also critical that such metadata standards do not
themselves try to include metadata elements that attempt to address rights
management information, as this will lead to confusion regarding where to describe
such rights expressions. For example, the ONIX standard has elements for a number
of rights holders (e.g., Authors and Publishers) and Territories for rights and single
Price information. (The latter poses a problem in setting multiple prices depending on
what rights are traded). In such cases, following the <indecs> model should take
precedence.
To describe Users, vCard [VCARD] is the most well-known metadata standard for
describing people and (to some extent) organizations. An additional and important
part of the Rights model is to articulate the role that the User has undertaken with
respect to Content. A comprehensive list of roles can be found in the MARC Relators
code list [MARC].
The Rights entity allows expressions to be made about the allowable permissions,
constraints, obligations, and any other rights-related information about Users and
Content. Hence, the Rights entity is critical because it represents the expressiveness
of the language that will be used to inform the rights metadata.
Rights expressions can become complex quite quickly. Because of that, they are also
modeled to understand the relationships within the rights expressions. This has been
evidenced in the Open Digital Rights Language [ODRL] and a paper by Carl A.
Gunter et al. [GUNTER].
For example, a Rights expression may say that a particular video can by played (i.e., a
usage permission) for a maximum of 10 times (i.e., a count constraint) in any
semester (i.e., a time constraint) for a $10 fee (i.e., an obligation to pay). Each time
the video is played, John, Mary, and Sue (the rights holders) receive a percentage of
the fee. Usually, if a right is not explicit in an expression, it means that the right has
not been granted. This is a critical assumption made by Rights languages and should
be made clear to all Users.
For an example of a rights language, see the Open Digital Rights Language [ODRL].
ODRL lists the many potential terms for permissions, constraints, and obligations as
well as the rights holder agreements. As such terms may vary across sectors, rights
languages should be modeled to allow the terms to be managed via a Data Dictionary
and expressed via the language.
Figure 5 shows the OzAuthors' interface for the specification of Rights information.
In this example, the "Usage Rights and Pricing" allows the content provider to
specify “Read” and/or “Print” permissions, pricing, and security options for the
ebook. Additionally, a number of pages can be specified as a free preview. The
second part of the interface allows the content provider to specify all the rights
holders, their roles, and their percentage of the royalty split. Each time the ebook is
sold, the rights holders will automatically receive the indicated amount.
Figure 5 - OzAuthors - Rights Interface
All of this information is encoded in XML using the ODRL rights language. This
encoding will enable the exchange of information with other ebook vendors who
support the same language semantics, and will set the stage for complete and
automatic interoperability.
5. Conclusion