mairéad martin the university of tennessee december 16, 2015 federated digital rights management
Post on 18-Jan-2016
217 Views
Preview:
TRANSCRIPT
Mairéad MartinThe University of Tennessee
April 21, 2023
Federated Digital Rights Management
Topics
Background to VidMid DRM ProjectDRM Problem SpaceNMI and DRM WorkshopFDRM
ArchitectureInterface/functionalities
VidMid DRM Project
Originated in ViDe Video Access Working GroupVidMid Video-on-Demand Working Group a subgroup of VidMidDRM principal projectApplication beyond digital video
DRM Problem Space
DRM - the management of intellectual property and distribution of digital content But different interpretations abound …..
Publishers: DRM = protect the copyright owner’s rights, and support licensing model (one-to-one ecommercial model)Research & Education: DRM = enable access while managing Intellectual Property and protecting user’s privacy, (distributed sharing and collaboration model)
DRM Problem Space
Where does DRM end and Digital Access Management begin? Are they the same thing?Is DRM a middleware problem?Can commercial DRM systems satisfy R&E requirements?Does an ontological model for DRM exist to reflect R&E requirements?Can fair use be accommodated in DRM systems?Can end-user privacy be protected in DRM systems?
DRM Problem Space
Are existing and emerging rights metadata schemes flexible and extensible enough to describe sharing of resources in a distributed environment? (ODRL, XrML, OASIS Rights Language, MPEG-21) Patent encumbrance (ContentGuard/XrML) Who is going to provide DRM “services” on our campuses?
NMI and DRM Workshop
Funded by the NSF NMI program to:
Explore DRM requirements in Research and EducationLook at ways NMI development might be leveragedCreate an NMI collaboration of middleware/content management expertsPropose rights metadata core
CNI, EDUCAUSE, I2, SURA, ViDe
Federated DRM Project
Fundamental Goal: Enable intersection of attributes about user, content and usage to manage objectsAn application of ShibAlso federates rights administrationTennessee and Rutgers leading project
Why Shibboleth?
Emphasis on federated administrationEmphasis on trustUser privacy a core principleClub Shib can be leveragedOpen source, community development
FDRM Architecture: Components
FDRM Components
Resource Attribute Authority (RAA) Function: A database of metadata containing rights records with rights, permissions and constraints associated with a digital resources.
Shibboleth Object Attribute Resolver (SHOAR) Function: A component that interacts with the RAA in order to obtain the rights metadata associated with the requested resource.
FDRM Components
Resource Manager (RM)Function: The RM resolves the user’s attributes with the resource attributes (rights, permissions and constraints), and forwards the details of the package request to the P/LS. The RM is the equivalent of a DRM Controller in a commercial DRM model.Packaging/License Service (P/LS)Function: A fundamental component of DRM architecture, the P/LS dynamically packages content for delivery. The licensing function of the P/LS entails specification of the rights the user is allowed to exercise on the content (e.g., play, annotate, edit, transfer, etc.).
1
A user in an origin site launches a web browser and selects a URL to access a managed resource from a HTTP server.
FDRM Architectural Flows 1
FDRM Architectural Flows 2
2
The Shibboleth Indexical Resource Establisher (SHIRE) receives the user's request and sends the location of the requested resource and the SHIRE's URL to an off-site "Where Are You From?“(WAYF) server.
FDRM Architectural Flows 3
3
The WAYF server establishes a connection with therequesting user and the Handle Service responsible for the origin site.
FDRM Architectural Flows 4
4
The local Handle Service returns the handle package to the SHIRE. The handle package includes the opaque handle and the address of the user's local AA (UAA) server.
FDRM Architectural Flows 5
5
The SHIRE then passes the received handle package to the Shibboleth Attribute Requester (SHAR).
FDRM Architectural Flows 6
6
The SHAR constructs an Attribute Query Message (AQM) and submits it to the UAA defined in the handle package. The AQM includes the opaque handle, the target URL and the SHAR name.
FDRM Architectural Flows 7
7
The UAA responds to the AQM with an Attribute Response Message (ARM), which includes the SHAR name, target URL and the user attributes as allowed by the user's Attribute Release Policy (ARP).
FDRM Architectural Flows 8
The SHAR passes the results of the ARM to the Shibboleth Object Attribute Resolver (SHOAR).
8
FDRM Architectural Flows 9
9
The SHOAR constructs a Resource Attribute Query(RAQ) and submits it to the Resource Attribute Authority (RAA) associated with the requested resource.
FDRM Architectural Flows 10
The RAA returns a Resource Attribute Response (RAR) to the SHOAR detailing the supporting services and access rights associated with the requested resource.
10
FDRM Architectural Flows 11
11
Depending on the assertions received from the UAA and the RAA, the SHOAR sends a package request to the Resource Manager (RM).
FDRM Architectural Flows 12
12
The RM forwards the package request to the Packaging and License Service (P/LS).
FDRM Architectural Flows 13
13
The P/LS creates the requested package and sends it back to the RM.
FDRM Architectural Flows 14
14
The RM passes the requested resource to the user.
Scenario
Two researchers at different institutions are collaborating on a research paper. They assign differential access to the paper based on roles: as principal authors, only they have read/write permissions, and the academic community has read-only permissions during the development of the work.
FDRM Rights Assignment 1
FDRM Rights Assignment 2
FDRM Rights Assignment 3
FDRM Rights Assignment 4
FDRM Functionalities: Annotate
FDRM Functionalities: Read
FDRM Functionalities: Write
FDRM Access
FDRM Access
FDRM Access
Resources
VidMid Website: http://middleware.internet2.edu/
video/“FDRM: A Proposed DRM Solution for Research & Education.” DLib Magazine, July 2002 issue (www.dlib.org). (Includes Shib and FDRM Glossary).
top related