Abstract
The desires for robust digital rights management (DRM) systems are not new to the commercial world. Indeed, industrial research, development and deployment of systems with DRM aspects (most notably crude copy-control schemes) have a long history. Yet to date the industry has not seen much commercial success from shipping these systems on top of platforms that support general-purpose computing. There are many factors contributing to this lack of acceptance of current DRM systems, but I see three specific areas of work that are key adoption blockers today and ripe for further academic and commercial research. The lack of a general-purpose rights expression/authorization language, robust trust management engines and attestable trusted computing bases (TCBs) all hamper industrial development and deployment of DRM systems for digital content. In this paper I briefly describe each of these challenges, provide examples of how the industry is approaching each problem, and discuss how the solutions to each one of them are dependent on the others.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ayars, J.: XMCL–the eXtensible Media Commerce Language, draft as of June 2001, Available at http://xmcl.org/specification.html
Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: Trust Management for Public Key Infrastructures. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 59–63. Springer, Heidelberg (1999)
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proceedings 1996 IEEE Symposium on Security and Privacy, May 1996, pp. 164–173 (1996)
Chu, Y.-H., Feigenbaum, J., LaMacchia, B., Resnick, P., Strauss, M.: REFEREE: Trust Management for Web Applications. In: Proceedings of the Sixth International World Wide Web Conference, Santa Clara, CA (April 1997); Reprinted in Computer Networks and ISDN Systems 29, 953-964 (1997)
eXtensible Rights Markup Language (XrML) 2.1, submission by ContentGuard to the OASIS Rights Language Technical Committee (May 2002), Available at http://www.oasis-open.org/committees/rights/documents/xrml200205.zip
Fox, B., LaMacchia, B.: A Safe Harbor for Designers of DRM Systems. Communications of the ACM (to appear)
Godik, S., Moses, T. (eds.): OASIS eXtensible Access Control Markup Language (XACML). OASIS eXtensible Access Control Markup Language Technical Committee, Working Draft (September 2002)
Hallam-Baker, P., Maler, E. (eds.): Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML). OASIS XML-Based Security Services Technical Committee (May 2002)
Iannella, R. (ed.): Open Digital Rights Language (ODRL), Version 1.1, Available at http://odrl.net/1.1/ODRL-11.pdf
LaMacchia, B., Lange, S., Lyons, M., Martin, R., Price, K.: .NET Framework Security. Addison-Wesley, Reading (2002)
Moving Picture Experts Group (MPEG), ISO/IEC JTC1/SC29/WG11. Working documents, available at http://mpeg.telecomitalialab.com/working_documents.htm
Pearson, S. (ed.): Trusted Computing Platforms, TCPA Technology in Context. Prentice Hall PTR, Englewood Cliffs (2002)
Housley, R., Ford, W., Polk, W., Solo, D. (eds.): PKIX Working Group, Internet Engineering Task Force. RFC 3280, Internet X.509 Public Key Infrastructure: Certificate and Certificate Revocation List (CRL) Profile (April 2002), Available at http://www.ietf.org/rfc/rfc3280.txt
Reddy, H. (Chairperson): OASIS Rights Language Technical Committee. Charter and documents, availabe at http://www.oasis-open.org/committees/rights/
Stefik, M.: The Digital Property Rights Language, Manual and Tutorial, Version 1.02. Xerox Palo Alto Research Center, Palo Alto (1996)
Trusted Computing Platform Alliance, TCPA Main Specification, Version 1.1b, Available at http://www.trustedcomputing.org/docs/main%20v1_1b.pdf
Trusted Computing Platform Alliance, TCPA PC Specific Implementation Specification, Version 1.00, Available at http://www.trustedcomputing.org/docs/TCPA_PCSpecificSpecifcation_v100.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
LaMacchia, B.A. (2003). Key Challenges in DRM: An Industry Perspective. In: Feigenbaum, J. (eds) Digital Rights Management. DRM 2002. Lecture Notes in Computer Science, vol 2696. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-44993-5_4
Download citation
DOI: https://doi.org/10.1007/978-3-540-44993-5_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40410-1
Online ISBN: 978-3-540-44993-5
eBook Packages: Springer Book Archive