Distributed Multimedia Database Technologies Supported by MPEG-7 and MPEG-21

 < Day Day Up > 


3.3 Intellectual Property Management and Protection, Rights Expression Language, and Rights and Data Dictionary

The IPMP (ISO/IEC 21000-4) contains the expression and enforcement of rights and defines consequences and obligations that are associated with the distribution, management, and usage of DIs. To allow the multimedia systems to control the flow and use of a DI in accordance with the relevant user permissions and rights, the IPMP capabilities of DIs, terminals, peers, and users must be defined. To meet these objectives, IPMP is proposed to be a language and dictionary. The language will provide syntax for the articulation of attributes of the parties in the framework. The dictionary will provide semantic information for terms used in the articulation of the IPMP capabilities. MPEG-21 is currently evaluating proposals for the IPMP-L (language) and the IPMP-D (dictionary).

The specification of the rights for exchange and use of DIs are currently specified in the MPEG rights expressions. They are organized in a language (REL) and a dictionary (RDD); Section 3.3.1 introduces REL, and Section 3.3.2 introduces RDD.

A typical digital rights management (DRM) system using the MPEG-21 REL and RDD includes the following processes: during the creation of the DI, the licenses related to this item are specified; during the distribution of the DI, licenses are issued to users and terminals; finally, during the consumption of a DI, the terminal receives the item and its licenses that specify the rights that have been granted and the conditions under which the rights can be exercised. Section 3.3.3 gives a simple use case scenario based on MPEG-21 REL.

3.3.1 MPEG Rights Expression Language

The REL (ISO/IEC 21000-5) provides interoperable mechanisms to protect the resources and metadata and that accept the rights, conditions, and fees specified for them. To do so, REL offers means—the REL data model realized in XML Schema—for declaring rights, conditions, and obligations in identifying and associating these rights with DIs. REL can declare rights and permissions using the terms as defined in the RDD. Further, the REL authorization algorithm defines the authorization decision process for the question: Is a principal authorized to exercise a right against a resource?

The REL data model for rights expression consists of four basic entities and relationships among these entities. A principal is an element of the multimedia system to which rights are granted; examples are users and terminals. A resource is the object to which a principal can be granted a right; the resource may be a DI. The condition specifies the terms, conditions, and obligations under which rights can be exercised. An example is the time period for which a right may be granted. Exhibit 3.3 displays the entities and their relationships. The relationships are defined by the REL assertion grants that are specified within a license.

Exhibit 3.3: The components of the Rights Expression Language data model.

The REL authorization algorithm defines the authorization decision process, which is a central part of a DRM. Exhibit 3.4 gives an example. The input to this process is the authorization query: context information that is relevant for the decision making and the REL licenses. These licenses may be, for instance, delivered with the DI to be consumed. The output of the algorithms is the authorization response for the consumption of the respective resource.

Exhibit 3.4: Example of the Rights Expression Language authorization process.

3.3.2 MPEG Rights and Data Dictionary

The RDD (ISO/IEC 21000-6) comprises a set of uniquely identified terms to support the MPEG-21 REL, called a dictionary. The RDD standard provides a methodology for making the dictionary. It contains the initial group of terms—the RDD standardized terms—defined according to this method. Finally, the standard also provides extension mechanisms that will manage the ongoing work of adding a new term to the dictionary. This is similar to the principle for registrations of new CSs within MPEG-7 (see Section 2.7).

The dictionary may be seen as ontology, designed to provide a set of well-defined terms for use in rights expressions for DIs, but it is also designed to represent as many different definitions of terms as its users require and to show their relationships in a structured way.

REL and RDD together give meaning to the IPMP management. REL defines a set of XML Schema complex types called Multimedia Rights. Each activity associated with one Multimedia Right has a context that can be related to particular Act Types (activity types) within the RDD ontology.

Example: REL defines the render-right Copy, meaning the process of making a reproduction of a resource. This right, Copy, relates to the RDD Copy term and a set of activities. An activity that is defined with the RDD Copy is the process of determining how much the replica and source may differ to be considered close enough to represent a copy.

3.3.3 DRM Use Case Scenario Using MPEG-21 REL

This simple use case scenario defines an MPEG-21 REL license containing the specification of the play rights for a DI referencing a piece of music. It is based on the example authorization process depicted in Exhibit 3.4. Two persons are involved in this use case scenario. The sample user, Harald, possesses a DI with the id (identification) urn:harald-1. This DI references to a resource starmania.mp3. The second sample user, Edith, likes to consume this DI, and she likes to hear starmania.mp3. The DI requested is the following:

<DIDL xmlns="urn:mpeg:mpeg21:2002:01-DIDL-NS" xmlns:dii="urn:mpeg:mpeg21:2002:01-DII NS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:mpeg:mpeg21:2002:01-DIDL-NS Mpeg21DIDL-2002.xsd"> <Item> <! - Unique identifier of this digital item - > <Descriptor> <Statement mimeType="text/xml"> <dii:Identifier>urn:harald-1</dii:Identifier> </Statement> </Descriptor> <Component> <Resource ref="starmania.mp3" mimeType= "audio/mp3"/> </Component> </Item> </DIDL>

Harald provides the following MPEG-21 REL license to Edith. The license allows Edith to consume the DI during 2003 (from 2003-01-01T00:00:00 to 2003-12-31T12:59:59).

<license xmlns="http://www.xrml.org/schema/2002/05/xrml2core" xmlns:mx="urn:mpeg:mpeg21:2002:01-REL-NS" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:mpeg:mpeg21:2002:01-REL-NS mpeg-rel.xsd"> <! - The license is granted to Edith - > <grant> <keyHolder licensePart> <info> <! - Digital Signature of Edith - > <dsig:KeyValue> ... </dsig:KeyValue> </info> </keyHolder> <mx:play/> <mx:diReference> <mx:identifier>urn:harald-1</mx:identifier> </mx:diReference> <validityInterval> <notBefore>2003-01-01T00:00:00</notBefore> <notAfter>2003-12-31T12:59:59</notAfter> </validityInterval> </grant> <! - The license is issued by Harald - > <issuer> <keyHolder> <info> <! - Digital Signature of Harald - > <dsig:KeyValue> ... </dsig:KeyValue> </info> </keyHolder> </issuer> </license>

The license above contains two parts: the declaration of the grant and the specification of the issuer.

The grant declaration contains four parts:

The issue part contains principally the keyHolder, identifying that Harald issues the grant.

Note that many of the licensing elements stem from the Extensible rights Markup Language (XrML)[7] and some from the XML signature syntax and processing (xmldsig).[8] XrML provides a universal method for specifying rights and issuing conditions (licenses) associated with the use of all kinds of resources, including digital content as well as services. xmldsig specifies XML syntax and processing rules for creating and representing digital signatures. xmldsig can be applied to any digital content, including XML.

The authorization process follows: Edith's MPEG-21-enabled terminal receives the license from Harald. The terminal relies on the REL authorization algorithm to decide whether Edith can play the requested piece of music. The authorization algorithms parse the REL license received, retrieve the current time from a trusted server, and process Edith's authorization query. If the right claimed by Edith matches the rights provided by the REL license, the resource is provided; otherwise, the access is denied.

[7]http://www.xrml.org/.

[8]http://www.w3.org/TR/xmldsig-core/.


 < Day Day Up > 

Категории