Overview of OMA Digital Rights Management
Mercè Serra Joan (Fraunhofer Institute for Integrated Circuits IIS, Germany), Bert Greevenbosch (Fraunhofer Institute for Integrated Circuits IIS, Germany), Anja Becker (Fraunhofer Institute for Integrated Circuits IIS, Germany) and Harald Fuchs (Fraunhofer Institute for Integrated Circuits IIS, Germany)
Copyright: © 2009
This chapter gives an overview of the Open Mobile AllianceTM Digital Rights Management (OMA DRM) standard, which allows for the secure distribution and usage of protected digital content. Additionally, the DRM Profile of the OMA Mobile Broadcast Services standard, which is an extension of the OMA DRM standard to support mobile broadcast applications, is discussed. This chapter also introduces the associated OMA Secure Removable Media (OMA SRM) and OMA Secure Content Exchange (OMA SCE) standards, which increase the portability of DRM-protected content and offer a better user experience. The aim of this chapter is to give the reader insight in the above mentioned standards, their technical background, and possible usage scenarios.
Controlled Access To Digital Works: Oma Drm Version 2.0
The OMA DRM v2.0 specification is the successor of OMA DRM v1.0 and provides a complete end-to-end protection system suitable for premium content.
Key Terms in this Chapter
Smartcard: A card residing in the device on which information about the device is securely stored, providing a security anchor for cryptographic functionalities.
Public Key Infrastructure (PKI): A collective name for everything needed to perform public key cryptography, including certificates, issuing authorities, public and private key pairs, and revocation mechanisms.
Rights Expression Language (REL): Format for describing rights, i.e. permissions and constraints, related to the use of content.
Revocation: The process of ending the certification of a certain entity.
Content Encryption Key (CEK): Key used to digitally encrypt a piece of content.
Domain: Group of devices, usually belonging to the same user, that can share a common rights object.
DRM Agent: OMA DRM component installed in the user device, which ensures the secure rendering of the content and enforcement of the license in the device.
Content: Any type of information in digital format including audio files, video files, text documents, games, etc.
Rights Object (RO): A data structure related to a piece of content containing information such as the content encryption key, and usage permissions and constrains. A rights object is also known as a license.
Mutual Authentication: Process in which two entities establish a trust relationship. Mutual authentication includes certificate exchange and revocation checking.
Rights Issuer (RI): A network entity that is responsible for generating and delivering rights objects.