Difference between revisions of "Digital Rights Management"

From MgmtWiki
Jump to: navigation, search
(References)
(Policy)
 
(13 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
==Full Title or Meme==
 
==Full Title or Meme==
The control of access to content on public networks, like the internet.
+
The control of access to content on computing devices that are not owned by the content owner.
  
 
==Context==
 
==Context==
 +
For individual users.
 
* Information wants to be free!
 
* Information wants to be free!
 
* Unless, of course, it might embarrass me or interfere with my ability to earn a living.
 
* Unless, of course, it might embarrass me or interfere with my ability to earn a living.
 +
For owners of valuable resources.
 +
* The realization of large media companies, like music and videos, saw their control of the distribution channels erode.
 +
* The governments and militaries of the world would rather that the enemy not see their plans or even their knowledge.
 +
* Any large organization similarly wants to control access to their internal resources as a source of market control.
 +
 +
After the failure of the media companies from 2000 onward to control access to their content, DRM was known by different names. But the goal remains the same as ever, Enterprises want to control access to information, even when it is on devices that are not under their control.
  
 
==Solutions==
 
==Solutions==
* [https://www.w3.org/TR/odrl/#:~:text=The%20Open%20Digital%20Rights%20Language,expressing%20rights%20information%20over%20content.&text=The%20ODRL%20has%20no%20license,of%20%22open%20source%22%20software. Open Digital Rights Language (ODRL) Version 1.1] (2002-09-19)<blockquote>The Open Digital Rights Language (ODRL) is a proposed language for the Digital Rights Management (DRM) community for the standardisation of expressing rights information over content. The ODRL is intended to provide flexible and interoperable mechanisms to support transparent and innovative use of digital resources in publishing, distributing and consuming of electronic publications, digital images, audio and movies, learning objects, computer software and other creations in digital form. The ODRL has no license requirements and is available in the spirit of "open source" software.</blockquote>
+
===Device Control===
* [https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml OASIS eXtensible Access Control Markup Language (XACML) TC] with errata Version 2 (2008-97-29), version 3 (2017-07-12). <blockquote>The [https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml XACML Technical Committee] defines a core XML schema for representing authorization and entitlement policies.</blockquote>
+
* At first the media companies attempted to convince the lawmakers that it was someone else's problem to protect their revenue stream.  That worked for a while, but eventually they backed off.
 +
* Enterprise-owed devices allowed the Enterprise to install Mobile Device Management (MDM) on the device and continue to control their content no matter where the user would travel.
 +
* Bring your Own Device (ByoD) to work allows some level of control, but there is resistance to allowing an Enterprise MDM on a user-owned device.
 +
* The best solution has proven to be an [[Enterprise]] supplied app that allowed access to [Enterprise] data.
 +
 
 +
===Policy===
 +
See the wiki page on [[Policy-Based Access Control]] for more examples of policy languages. This works best, of course, on apps owned or controlled by the [[Enterprise]].
 +
* [https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml OASIS eXtensible Access Control Markup Language (XACML) TC] with errata Version 2 (2008-07-29), version 3 (2017-07-12). <blockquote>The [https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml XACML Technical Committee] defines a core XML schema for representing authorization and entitlement policies.</blockquote>
 +
* [https://www.w3.org/TR/odrl-model/ 2018-02-15 ODRL Information Model 2 W3C Recommendation] <blockquote>Policies are used to represent permitted and prohibited actions over a certain asset, as well as the obligations required to be meet by stakeholders. In addition, policies may be limited by constraints (e.g., temporal or spatial constraints) and duties (e.g. payments) may be imposed on permissions.</blockquote>
 +
* 2002-09-19 [https://www.w3.org/TR/odrl/#:~:text=The%20Open%20Digital%20Rights%20Language,expressing%20rights%20information%20over%20content.&text=The%20ODRL%20has%20no%20license,of%20%22open%20source%22%20software. Open Digital Rights Language (ODRL) Version 1.1] <blockquote>The Open Digital Rights Language (ODRL) is a proposed language for the Digital Rights Management (DRM) community for the standardization of expressing rights information over content. The ODRL is intended to provide flexible and interoperable mechanisms to support transparent and innovative use of digital resources in publishing, distributing and consuming of electronic publications, digital images, audio and movies, learning objects, computer software and other creations in digital form. The ODRL has no license requirements and is available in the spirit of "open source" software. </blockquote>
  
 
==References==
 
==References==
 
  
 
[[Category: Glossary]]
 
[[Category: Glossary]]
[[Category: Access]]
+
[[Category: Authorization]]
 +
[[Category: Policy]]
 +
[[Category: Language]]

Latest revision as of 09:20, 10 June 2025

Full Title or Meme

The control of access to content on computing devices that are not owned by the content owner.

Context

For individual users.

  • Information wants to be free!
  • Unless, of course, it might embarrass me or interfere with my ability to earn a living.

For owners of valuable resources.

  • The realization of large media companies, like music and videos, saw their control of the distribution channels erode.
  • The governments and militaries of the world would rather that the enemy not see their plans or even their knowledge.
  • Any large organization similarly wants to control access to their internal resources as a source of market control.

After the failure of the media companies from 2000 onward to control access to their content, DRM was known by different names. But the goal remains the same as ever, Enterprises want to control access to information, even when it is on devices that are not under their control.

Solutions

Device Control

  • At first the media companies attempted to convince the lawmakers that it was someone else's problem to protect their revenue stream. That worked for a while, but eventually they backed off.
  • Enterprise-owed devices allowed the Enterprise to install Mobile Device Management (MDM) on the device and continue to control their content no matter where the user would travel.
  • Bring your Own Device (ByoD) to work allows some level of control, but there is resistance to allowing an Enterprise MDM on a user-owned device.
  • The best solution has proven to be an Enterprise supplied app that allowed access to [Enterprise] data.

Policy

See the wiki page on Policy-Based Access Control for more examples of policy languages. This works best, of course, on apps owned or controlled by the Enterprise.

  • OASIS eXtensible Access Control Markup Language (XACML) TC with errata Version 2 (2008-07-29), version 3 (2017-07-12).
    The XACML Technical Committee defines a core XML schema for representing authorization and entitlement policies.
  • 2018-02-15 ODRL Information Model 2 W3C Recommendation
    Policies are used to represent permitted and prohibited actions over a certain asset, as well as the obligations required to be meet by stakeholders. In addition, policies may be limited by constraints (e.g., temporal or spatial constraints) and duties (e.g. payments) may be imposed on permissions.
  • 2002-09-19 Open Digital Rights Language (ODRL) Version 1.1
    The Open Digital Rights Language (ODRL) is a proposed language for the Digital Rights Management (DRM) community for the standardization of expressing rights information over content. The ODRL is intended to provide flexible and interoperable mechanisms to support transparent and innovative use of digital resources in publishing, distributing and consuming of electronic publications, digital images, audio and movies, learning objects, computer software and other creations in digital form. The ODRL has no license requirements and is available in the spirit of "open source" software.

References