In the era of the information technology and the rapid growth of the Internet access, e-Commerce technologies become very crucial as new and effective ways are needed to manage, transact, distribute, and exploit digital contents (e.g. audio and video). The proliferation of these contents has created a need for Digital Rights Management (DRM) systems. DRM, in addition to other security measures, is essential for the management and the protection of digital property, which is the main component of an e-Commerce system. This chapter highlights the need for DRM as a tool facilitating e-Commerce. It also provides the history of developing DRM and the main components of a DRM system. It also gives an overview of the existing DRM system used in e-Commerce systems. It then discuss some open issues in the current DRM system to support consumers’ rights, so supporting e-Commerce business.
TopDrm Overview
DRM refers to digital technologies, which enable legal distributions of digital contents (e.g. ringtones, songs, video clips) while enforcing usage rights specified by content owners of these contents. DRM also refers to a set of hardware and software technologies and services which (1) control the authorised use of a given digital content, (2) and manage, through associated usage rights, any consequences of this use during the entire lifetime of the content (Zeng, Yu, & Lin, 2006). These hardware and software technologies include trusted hardware, encryption, digital signature, and individualisation (more details in Chapter 3).
In a typical DRM system, as depicted in Figure 1, a content owner first encrypts digital content with a key and defines usage rights over this content. The content owner then sends the encrypted content and the key along with the usage rights to a content provider and a license issuer (LI), respectively. When a consumer is interested in the content, he gets the encrypted form of this content from the content provider. However, the consumer cannot access this encrypted content until he pays the LI for a corresponding license. This license contains the key by which the consumer can decrypt the encrypted content. It also contains the usage rights that control the usage of the content, (Zeng et al., 2006; Liu, Naini, & Sheppard, 2003; Joan, Michael, Tomas, & Adam, 2002; Lee, Wu, & Chang, 2007).
Figure 1. A typical DRM system architecture
TopDrm History
DRM technologies were initially developed for software copy protection in IT industries and for controlling the access of paid TV programs on set-top boxes in audiovisual consumer electronics. One of the earliest DRM systems was the Serial Copy Management System (SCMS). SCMS was developed in the mid-1980s to prevent illegal copies of the first generation of digital recording technology, Digital Audio Tape (DAT). SCMS is based on copy-control bits that can be set either to 00, “unrestricted digital copies allowed,” 11 “one generation of digital copies allowed,” and 10 “no digital copies allowed.”
DRM technologies have undergone two generations of development. The first has paid the full attention to security and encryption to prevent unauthorised copying. The second generation (i.e. the current one) has a broad aim. It covers the protection, description, identification, trading, monitoring, and tracking of all types of usage rights over digital contents.