Digital Rights Management

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

The control of access to content on computing devices that are not owned by the content owner.

Context

For individual users.

  • Information wants to be free!
  • Unless, of course, it might embarrass me or interfere with my ability to earn a living.

For owners of valuable resources.

  • The realization of large media companies, like music and videos, saw their control of the distribution channels erode.
  • The governments and militaries of the world would rather that the enemy not see their plans or even their knowledge.
  • Any large organization similarly wants to control access to their internal resources as a source of market control.

After the failure of the media companies from 2000 onward to control access to their content, DRM was known by different names. But the goal remains the same as ever, Enterprises want to control access to information, even when it is on devices that are not under their control.

Solutions

Device Control

  • At first the media companies attempted to convince the lawmakers that it was someone else's problem to protect their revenue stream. That worked for a while, but eventually they backed off.
  • Enterprise-owed devices allowed the Enterprise to install Mobile Device Management (MDM) on the device and continue to control their content no matter where the user would travel.
  • Bring your Own Device (ByoD) to work allows some level of control, but there is resistance to allowing an Enterprise MDM on a user-owned device.
  • The best solution has proven to be an Enterprise supplied app that allowed access to [Enterprise] data.

Policy

See the wiki page on Policy-Based Access Control for more examples of policy languages. This works best, of course, on apps owned or controlled by the Enterprise.

  • OASIS eXtensible Access Control Markup Language (XACML) TC with errata Version 2 (2008-07-29), version 3 (2017-07-12).
    The XACML Technical Committee defines a core XML schema for representing authorization and entitlement policies.
  • Open Digital Rights Language (ODRL) Version 1.1 (2002-09-19)
    The Open Digital Rights Language (ODRL) is a proposed language for the Digital Rights Management (DRM) community for the standardization of expressing rights information over content. The ODRL is intended to provide flexible and interoperable mechanisms to support transparent and innovative use of digital resources in publishing, distributing and consuming of electronic publications, digital images, audio and movies, learning objects, computer software and other creations in digital form. The ODRL has no license requirements and is available in the spirit of "open source" software.

References