Other Free Encyclopedias » Online Encyclopedia » Encyclopedia - Featured Articles » Contributed Topics from A-E

Digital Rights Management - What is?, Why DRM?, Technology/Architecture Overview, Selection Guidelines, DRM vs. Contracts Rights Management

content license file media

Pallavi Shah
Hewlett Packard

Definition : Digital Rights Management technology offers the ability to control the distribution and use of the intellectual property (including media/content) and thereby protect the associated revenue or investment for the digital content businesses.

What is Digital Rights Management?

Digital Rights management is a key enabler of end to end digital content business models. Historically, Digital Rights Management is viewed primarily as the security technology used for protection of digital media copyright. However, what differentiates DRM from traditional security technologies is its ability to control content dynamically and persistently by setting policy. Policy provides regulations on the types of actions (like record, copy, play, print, view x number of times, etc.) that can be performed on the content along with the timeframe in which the content is accessible. The policy is set by the IP or content owners.

Why DRM?

Everything a person buys has legal restrictions that determine what can and cannot be done with the media assets. If an individual consumer buys a traditional printed book at a bookstore, he or she is given some rights to the content of the book as an owner of the book. The consumer can read the book, lend it to someone, or give it away.

But by law, the purchaser cannot make copies of the book and sell them. As an institutional consumer (public or private company, or educational facility), the rights to copyright reuse with a printed book or physical piece of media (CD, DVD, audio tape, microfiche, etc.) are the same as the individual consumer, but the notion of “fair use” is instituted when it comes to copyright protection. Institutions can invoke “fair use” of copying copyrighted materials for internal distribution for educational or research purposes without breaking copyright laws.

The traditional media world (publishing, music, movies, etc.) is very simple and limited to basic contractual rights. The objectives for managing content rights in the traditional media world include deterring piracy and protecting the content, enabling revenue through outright purchase or licensing, bolstering traditional media brands, and learning more about a company’s audience. It is because there is a tangible asset related to each piece of data that is recorded (as a whole or in pieces) that “fair use” can be managed more appropriately in the printed or physical media world. It is much more complex in the digital world. Content conversion, digitization, compression, and storage technologies have created new opportunities and efficiencies for media and information to be archived, repackaged, and redistributed through electronic channels (e.g., the Internet, extranets, cable, terrestrial broadcasts, or satellites). As content becomes more widely available in digital form, it becomes even easier to distribute, share, copy, and alter if it is improperly “meta-tagged” (unique identifying tags related to media format, creator, usage, and distribution rules) and encrypted throughout the digital distribution value chain.

This brings an exponential increase in the threat of piracy and the loss of revenue for original content owners and producers.

Now that electronic content can be copied much more easily, content owners have a greater need for content control. IP authentication and password access are not able to protect the content from being duplicated or shared, thus creating a need for greater rights management controls. At the same time, digital media distribution can bring a variety of new business opportunities for owners or generators of content who incorporate the right technologies to control their digital media distribution value chain.

Technology/Architecture Overview

There are 2 entities in the content business: the publisher and the consumer.

The publisher creates the content, tags it appropriately for search and retrieval, seals the content with encryption and policy and finally distributes the protected and encrypted sealed copy widely. The consumer then acquires encrypted content, acquires rights (license) after identification or payment, and finally unseals the content and uses according to the policy set by the publisher.

DRM architecture typically consists of the following components:

  • Content Server : Content Server consists of four blocks:

    1. Content Repository: A content repository contains a meta-data management environment to uniquely identify the digital assets. Some of the more efficient DRM software applications can integrate with asset management and content management systems.
    2. Meta-Data: Product information, consisting of rights and product meta-data
    3. Packager: A packager that encrypts the content with the appropriate mechanisms to unlock the content upon delivery to an end user.
    4. Delivery Mechanism
  • License Server : License Server Consists of three components:

    1. An encryption key repository
    2. A user identity database which ties back to the content
    3. A DRM license generator that binds the content and the encryption key to the end user’s device and registers the user with the appropriate parties involved in the digital distribution value chain.
  • Client : Client resides on the end-user device that displays the encrypted content, communicating the appropriate rights and permissions to the end user and back to the license server.

The basic DRM process workflow is as follows:

  1. Packaging: The first step in providing a deployable and expandable DRM technology strategy involves the appropriate meta-tagging of the assets that are created and stored within databases and media asset management technologies. Within most of the commonly used DRM applications for text, audio, video, and software, a set of rules is created to determine the rights and policies for use. These rules are defined separately for each party accessing the information, including methodology to check the users’ rights to access the content. Access rules may address the price of the content, the frequency and duration of access, and whether the user is authorized to save, print, or transfer the content to other users. Associating the DRM tools back to the original meta-data rights and permissions is critical for the entire digital distribution value chain to ensure that content-creator royalties are tracked. After the assets are meta-tagged, the information is encrypted to ensure the security of the content and locked with a “key.” For example, to generate a key, a license key seed and a key ID may be used: The license key seed is a value that is known only to the content owner and license clearing house. The key ID is created by the content owner for each file. This value is included in the packaged file. When the license clearing house needs to issue a license for a packaged file, a key can be recreated by retrieving the key ID from the packaged file. The License Service may use the license key seed (which the clearing house provides) and the key ID from the packaged file to create a key. This key is stored in an encrypted license, which is distributed separately to the client. Other information can be added to the media file, such as the URL where the license can be acquired. Using the key included in the license, the player can play the protected file.
  2. Distribution: The packaged file can be placed on a web site for download, placed on a media server for streaming, distributed on a CD, or e-mailed to consumers. This enables consumers to send copy-protected digital media files to their friends, as well.
  3. Establishing a License Server/ License Management: The content provider chooses a license clearing house that stores the specific rights or rules of the license and implements license services. The role of the clearing house is to authenticate the consumer’s request for a license. Digital content files and licenses are distributed and stored separately, making it easier to manage the entire system. Each license contains the key to unlock the protected file. The license also contains the rights, or rules, that govern the use of the digital media file. The content owner sets these rights to determine which actions are allowed from minimal control over playback to more restrictive licenses. The licenses can support a wide range of different business rules, including:

    • How many times can a file be played.
    • Which devices a file can be played or transferred on. For example, rights can specify if consumers can transfer the file to portable devices.
    • When the user can start playing the file and what is the expiration date.
    • If the file can be transferred to a CD recorder (burner).
    • If the user can back up and restore the license.
    • What security level is required on the client to play the file, etc.

    Licenses can be delivered in different ways and at different times, depending on the business model. The content owner might want licenses pre-delivered, or they might want the license delivered after a consumer has downloaded and attempted to play a packaged file for the first time. Licenses can be delivered with or without the consumer being aware of the process.

  4. Request Content: The consumer requests the content and attempts to play encrypted file. Since the file is protected, the consumer must have a license that contains the key to unlock the content.
  5. Receive the license: If the valid license exists on the client, it plays the content. If not, license request is made.
  6. License Acquisition: To play a packaged digital media file, the consumer must first acquire a license key to unlock the file. The process of acquiring a license begins automatically when the consumer attempts to acquire the protected content, acquires a pre-delivered license, or plays the file for the first time.
  7. Playing the Media File: To play the digital media file, the consumer needs a secure media player that supports the DRM. The consumer can then play the digital media file according to the rules or rights that are included in the license. Licenses can have different rights, such as start times and dates, duration, and counted operations. For instance, default rights may allow the consumer to play the digital media file on a specific computer and copy the file to a portable device. Licenses, however, are not transferable. If a consumer sends a packaged digital media file to a friend, this friend must acquire his or her own license to play the file. Such licensing scheme ensures that the packaged digital media file can only be played by the computer that has been granted the license key for that file.

Selection Guidelines

Companies should consider the selection of DRM product within a whole spectrum of managing and protecting digital rights. They need to know the value of their assets, understand the risks and look for cost effective solutions. Key question is- what content is worth the cost of protecting? Once the DRM needs are established, the following guidelines apply:

  • Platforms and services should be able to support multiple DRM technologies and insulate content owners from having to develop customized software applications to accommodate underlying DRM technology, the need for DRM expertise, and the need to build out new infrastructure for content sales and fulfillment.
  • Platforms and services should provide support for multiple content types and interoperability, including documents (pdf, HTML), images, audio (streaming and file-based), video (streaming and file-based), games, software, and email.
  • Solutions should adhere to open standards and provide interoperability and provide open APIs to content owners and publisher’s existing infrastructure environments such as content management, digital asset management, billing, customer care, etc.
  • Flexible Business Models: DRM systems should allow companies to pursue multiple business models for different markets, channels or products.

DRM vs. Contracts Rights Management

Contracts rights are the legal agreements between the content creator and publisher or between publishers. Previously, the rights addressed by contracts rights management were inherent in the physical media itself. Examples of rights addressed by contracts rights are related to how the content is licensed: how many times it can be played, how much royalty goes to the content owner, release windows, etc. DRM is about protecting, enforcing, and managing media rights and revenues for the Internet and multi-channel digital delivery world. In the digital world, DRM has the potential to create fundamentally new business models that were not feasible with physical, off-line content. It takes into account many opportunities unthinkable in the past, including micro-payment, pay per listen, dynamic bundling of content, etc.

DRM vs. Conditional Access

Conditional access technology is the media protection technology used for broadcast networks such as satellite, cable, or terrestrial. Video, audio, and data are encrypted during transmission of the uplink site and distributed over an open broadcast network. To block unauthorized users from access, only authorized subscribers receive keys to decrypt content. Typically, the keys are protected using smart card technology to prevent illegal distribution of keys. Typical conditional access systems do not have wide range of policies like DRM systems.

DRM vs. Security

DRM is not synonymous with security. Most security components do not involve rights management in any way. Similarly, DRM includes functions (like reporting or financial interaction) that fall completely outside the scope of security. Nonetheless, security is necessary for DRM to exist. Not only does the content have to be secure from unauthorized access, but also the rights themselves must be secure from tampering. Therefore it is very important that the best security options be available for DRM. An open, standards-based DRM infrastructure makes it possible for solutions providers to use their choice of security.

DRM vs. VPN (Virtual Private Network)

VPN (Virtual Private Network) secures the network only; therefore it is very useful for downloads. However, once the content is downloaded, it is can be freely distributed. It does not address the security of the content itself, nor does it address the rights of the stakeholders. VPN could be a component of DRM. Secured managed networks work ok within or between enterprises. It restricts users to online access only, but it does not necessarily stop them from copying or saving the content on the hard drive.

Applications vs. Services

Building the applications to address the Internet is the first step towards extending the traditional rights models. DRM can be extended as Rights Management Services on Demand that enable companies to market their core competencies over the Internet to provide new broadband-enabled revenue streams. This will result in profit models tied to subscriptions, term licenses, royalties, and transaction-based fees.

Download vs. Streaming

When used with audio and video files, DRM can provide access to a self-contained media file or initiate streaming. Streaming audio and video on the Internet has likewise enjoyed early popularity among consumers. Unfortunately, advertising revenues for these businesses have disappointed expectations. DRM might offer the solution to this revenue problem by enabling the sale of subscriptions or single viewings easily, cheaply, and instantly over the Internet or other networks. The actual broadcast content could vary widely. A few examples include past or current television offerings, radio broadcasts, news, sports, movies, and new offerings created specifically for the online broadcast market.

Tethered vs. Untethered Use

DRM solutions can force the reading device to be connected to the Internet in order to be used (tethered) or can allow the content to be accessed whether or not the device is attached at the moment (untethered).

DRM for Books vs. Music vs. Video

The key differentiator is size of the content and the end device. Books are generally downloaded, whereas music and video are streamed or downloaded. Video requires a more complex infrastructure. Each DRM solution will implement these variables differently depending on the specifics of what it must accomplish. An open DRM infrastructure makes it possible for the industry to fill all these needs. While analysts and industry players generally agree on the need for format-independent DRM solutions, much of today’s development effort is geared toward solving these three specific categories of problem.

Encryption vs. Watermarking

Encryption is used for protecting content. It requires the exchange of keys—used for encrypting content, encrypting licenses, or encrypting digital certificates. Watermarking is a way of binding meta-data to content. It is not used for protecting content. Watermarking is also called information hiding, data embedding, or steganography. Unlike encryption, watermarking does not require special application to render content. Watermarking also does not detract from user’s experience. It is relatively faster to insert or extract and can hold lot of data. Watermarking is generally used for source identification (visible – deters pirates but degrades images, or invisible – catches pirates in the act). They are convenient as meta-data conveyance—like barcodes on products.

Watermark plus Encryption

Watermarks are sometimes encrypted to protect metadata against alteration. Also, generally files are encrypted and then watermarked to protect AND bind metadata to it. This technique is sometimes used in music DRM.


Super-distribution refers to the circulation of DRM-protected content files freely on the Internet and through any other pass-along mechanism. Since the content is protected, access must be purchased to fully utilize it. And since DRM offers persistent protection, even after purchase by any given individual, there is no opportunity to pass along the content to friends, co-workers, communities, or pirate boards. However, the protected version of the content can be shared as easily as any other files. Therefore, it is still trivial for consumers to hand this content off to others they feel might also enjoy it. In an effective super-distribution scheme, the file might contain a description of the content and perhaps a sample of that content (part of a song, a clip from a movie, and a chapter from a book) available for free, enhancing the pass-along value of the file and making it more likely that consumers will open it.

Super-distributed content can be passed along from consumer to consumer any number of times. Any recipient can retain it, store it anywhere, and access it at any time in the future. Consumers can pass it along before or after unlocking access for their own use and the passed-along version is still safe from unauthorized viewing by subsequent recipients. Those subsequent recipients enjoy the same rights to access as earlier recipients did. Super-distributed content has the potential to experience viral growth similar to other Internet phenomena. Unlike most viral mechanisms, this one yields revenues directly to the owner of the content. Super-distribution also makes it possible to run legally viable peer-to-peer content exchange services that will benefit their users a great deal without turning into centers for the unauthorized sharing of copyrighted content.

Digital Video Broadcasting (DVB) Applications - INTRODUCTION, CURRENT STANDARDIZATION INITIATIVES: THE DVB PROJECT, GENERAL FEATURES OF DVB SYSTEMS, Openness, Interoperability, Interfacing [next] [back] Digital Media Systems - Video Production, Film Production, Home Video and Audio, Broadcast Television, Digital Radio, Digital Cable, Digital Publishing

User Comments

Your email address will be altered so spam harvesting bots can't read it easily.
Hide my email completely instead?

Cancel or