Chapter 2- DRM in practice

The installation of a system of DRM is based at the same time on the control of the architecture of the system but also on a contractual development necessary to the appropriation and the diffusion of the system near the various speakers and users.

Section 1- Approaches Technical and functional

The development of a project allowing the distribution of digital components on line necessarily rests on a consequent technical infrastructure in which all the aspects related on the confidentiality, the transactions, the rights of the users,... are found. This one is related to partnerships established and developed with various partners (IE : house of disc) then allowing him to present and distribute the whole of the various contents to the users.

§1- technical Architecture

The major difficulty of installation of a functional architecture of a system of DRM lies in the fact that it must be : « divided in three areas: content creation, content management and content use. Content creation includes the creation off the media and defining the rights. Content management is content butt distribution and trading off the rights. Finally, content use is used to enforce that rights are adhered to and to track content use ». ^160(*)

Also, it is a question of controlling at the same time the whole of the chain but also the whole of the speakers so that the system is most transparent for the users because it is one of the keys to success. ^161(*)

One will be satisfied here to evoke some possible architectures suitable for the installation of a system of DRM.

With- Architecture DRM using PKI and Watermarking

The experiment undertaken by the researchers of Université of Finland east to our direction a rather complete response to the deployment of a system of DRM. Indeed, on the basis of the report first that any inviolable system does not exist, they succeeded in establishing a balance which seems to us interesting to study.

Figure 5 : Example of architecture DRM^162(*)

Their step rests on a model of distribution of contents. In this one, and such as that is represented on the diagram above, the process can break up into several stages :

- the licenses are related on the user and not to the terminal, in fact the hardware, the computer.^163(*) The direct benefit being that the user can have access to the contents indifferently support considered. It suffices for this one to establish a connection network and to obtain the license^164(*) since a waiter^165(*) ;

- « player » identifies the protected contents and acquires a license to be able there has to have access. Architecture used is provided by a Public-Key Infrastructure (PKI).^166(*) The only services used of the PKI are the creation and the revocation of the certificates. In this direction, they use the X.509 certificate^167(*) at the same time to buy and sign the license^168(*) ;

- The contents are protected using two methods : asymmetrical cryptography^169(*) and a process of watermarking.

Thus, before letting the user have access to the contents, it « player »^170(*) checks if the license is valid and if the user has well the private key corresponding to the certificate contained in the license.

If this method is not completely inviolable^171(*), it does not remain about it less than the efforts of the user are negligible and than the transparency for him is rather large what remains like underlined it many authors one of the keys of the success of deployment of the DRM.

* ¹⁶⁰ Renato Ianella, DIGITAL Rights Management (DRM) Architectures, D-Lib Magazine, v. 7, N. 6, June, 2001

www.dlib.org/dlib/june01/iannella/06iannella.html

* ¹⁶¹ Grouping of the Editors of Services On Line, the management of the numerical rights, DRM - DIGITAL Right Management, the cards sets of themes, May 2003, p. 1. www.geste.fr/fiches/fiches/fiche3_drm1.pdf

* ¹⁶² Mikko Löytynoja, Tapio Seppänen, Nedeljko Cvejic, MediaTeam Oulu, Information Processing Laboratory, Experimental DRM Structure Using Watermarking and PKI, University off Oulu, Finland, p. 2.

www.mediateam.oulu.fi/publications/pdf/444.pdf

* ¹⁶³ In this respect, it will be noted that this system is not closely related to alliances of manufacturers such as the TCG like with the initiatives of Microsoft with Longhorn and TCPA.

* ¹⁶⁴ The license is a file XML (containing at the same time the certificate of the user, the key of decoding of the contents encryptée with the public key of the user and information suitable for the use of the license). The key of coding is encryptée according to a coding XML and the license is signed with a signature XML.

* ¹⁶⁵ At present, this system uses as language of the XML what makes it possible for the moment only to define simple rights of users as a long time as the license is valid. It is obvious that then the system will use a language of the type ODRL or XrML.

* ¹⁶⁶ In this respect, it will be noted that this PKI must be existing.

* ¹⁶⁷ For recall, a certificate is a document which makes it possible to attest that a public key belongs to you. For that, it contains several information (public key, name, company, email, validity date of the certificate,....). This information is certified to be right by an authority of certification (CA, ex  : Verisign) which is supposed to have checked this information before to have validated your certificate. CA chops and signs the certificate using its own private key. It is thus enough to know its public key to check the validity of a certificate generated by it. Authentification by certificates X.509, Patrick Chambet, April 1999, p. 3.

www.chambet.com/publications/Certifs-X509.pdf

* ¹⁶⁸ The certification authority (CA) is share off PKI. Its task is to link the identities off users and to their encryption key even together using certificates. The architecture use X.509 certificates, which are used to verify the authenticity off licenses and authorize the buying off them.

* ¹⁶⁹ One is reminded that the system functions only insofar as the users do not divide their private key...

* ¹⁷⁰ «  Currently the protection mechanism is implemented directly in the player, goal in the future we to plan uses downloadable tools in the player to extract the watermark and decrypt the content. The watermark is used to content identify Copy protected and to curry information needed to acquire has license  ». Mikko Löytynoja, Tapio Seppänen, Nedeljko Cvejic, MediaTeam Oulu, Information Processing Laboratory, Experimental DRM Structure Using Watermarking and PKI, University off Oulu, Finland, p. 5.

www.mediateam.oulu.fi/publications/pdf/444.pdf

* ¹⁷¹ One will refer to the document to have more precise details on the methods tested of attacks on this system. Ibid, p. 6.