Protecting Digital Content- The Challenge

Andy Barlow

CTO – Phocis

© 2001 Phocis Limited

DRM?

DRM (Digital Rights Management) is a much used – and abused - term

DRM refers to those technologies which have been specifically developed for managing digital rights

We prefer the term “digital trading platforms”

And we prefer the term “users” to “customers”

© 2001 Phocis Limited

What does an organisation need to consider?

Intellectual Property (IP) rights

Copyright

Payment mechanisms

Security

E-commerce and ERP systems

Licensing…

© 2001 Phocis Limited

Licensing

Licensing by its very nature is complex

Organisations and their business processes do not remain static

Solutions should not place restrictions on the licensing process, which is the embodiment of a business process

Organisations need to update & incorporate new licensing requirements when necessary

© 2001 Phocis Limited

How do customers access your content?

Devices & Platforms

Package/Protect/Licence

Content

© 2001 Phocis Limited

Independence - encryption

There is more than one encryption technology available

Encryption independence can provide organisations with the flexibility they require

Content can then be secured for different client platforms using different encryption technologies

© 2001 Phocis Limited

Independence - DRM

Currently a wide range of incompatible DRM technologies

Organisations change and DRM gets hacked

Different types of content need to be secured

Users (and publishers) must be assured that they’re not buying (into) the Betamax model!

© 2001 Phocis Limited

Independence – digital content

Should be able to protect any type of content

Should be able to enforce IPR using original file formats: is this possible? Yes!

Give the user the choice of THEIR player/reader (within the constraints of the publisher’s T’s & C’s)

© 2001 Phocis Limited

Independence - trust

Essential factor in enabling e-commerce

Say its you and prove its youPKI

Smart cards and biometrics

Digital rights technologies should work alongside these types of technologies

© 2001 Phocis Limited

Watermarking

Encryption is not always possible or required

Watermarking and similar technologies provide traceability outside of the DRM domain

© 2001 Phocis Limited

Payment

Flexible “payment” mechanismsCredit card

Information trade

On-line currencies

Authentication

Organisations don’t need to use the same payment mechanisms all the time

© 2001 Phocis Limited

E-commerce, ERP, Content Management Systems

Most organisations already have these infrastructures in place and don’t want to re-invent them

Digital protection technology shouldIntegrate with current infrastructure

Enabling rapid publishing of secure content

Not be prescriptive outside of its own domain

© 2001 Phocis Limited

How should it work?

2Package with appropriate

security

3Trade with

chosen ‘currency’

4Allow thecontent tobe used

1Take any content

© 2001 Phocis Limited

Ease of use

Easy to implement and useFor both publisher and user

Access to information should be easy but remain secureThe cost should not be prohibitiveScaleable to run an Amazon or Yahoo!Adaptable to change as DRM, encryption, payment and e-commerce technologies come and go

© 2001 Phocis Limited

Open standards

DRM standards – isn’t that why we’re here?

W3C standards – SOAP, XML

e-business standards – ebXML, Biztalk

UDDI, SDMI

JFDI?

© 2001 Phocis Limited

Questions