The Digital Media Project  

Source

Phil Merrill

Date:

2004/06/30

Title

Expanded list of PAV PFs with RQs

No.

0121/AHG01

 

Expanded list of PAV PFs with RQs

The following consolidates source material for writing the PAV IED-s CfP
[PFs and RQ #s per dmp0119; RQs and trailing PF #s per dmp0118; definitions per dmp0088]
Additional source material included for "sanity check": dmp0098 Use Cases and dmp0093 added "breakout" RQs

A 5 C 4, 5, 6 E 1, 3, 4, 5, 9, 13 F 2, 7
G 1, 2, 3, 11, 12, 13, 14, 15, 16, 17, 18, 19, 22, 23, 24, 25, 26, 27
H 3, 4, 6, 7, 8, 9, 10, 11, 12 I 2, 3, 4, 5, 5.2, 5.5, 5.6, 5.7, 6, 7, 10, 12 J 1

A. Value-chain design and setup
The set of functions (decisions, assignments) carried out by users when they configure a value chain for exploitation through a DMBM

PF A.5 Defining content structure [RQs 71, 79]
  • RQ 71 Be possible for a DMP device to send DMP content to any other DMP device in a transport independent manner, and for the DMP device receiving DMP content to be able to obtain the DMP rights expression corresponding to the received DMP content. [A.5, H.3, I.3]
  • RQ 79 Be possible to independently specify DMP rights expressions for each individual component of a DMP composite content. [A.5, F.7]

B. Infrastructure Deployment
The set of functions to put in place the technological components to implement DMBM representing value-chains

null

C. Data Management
The set of functions that are executed to manage the data that are created and processed in association with the life cycle of DMP content within a DMBM

PF C.4 Managing Usage Information [RQs 84, 86]
The set of functions that are executed in connection with Usage data (see also extensive subcategory PFs 4.1-8)
  • RQ 84 PAV specification shall support the communication to the DMP content provider of the use that can be made of DMP user and DMP device specific information. [C.4, F.2, (G.19?,) I.3]
  • RQ 86 PAV specification shall support the protection of DMP user specific information such as the DMP user identity when this is sent from the DMP device. [C.4, C.5, C.6, F.2, G.27, H.4]
PF C.5 Managing VCP identifiers [RQ 86]
  • RQ 86 PAV specification shall support the protection of DMP user specific information such as the DMP user identity when this is sent from the DMP device. [C.4, C.5, C.6, F.2, G.27, H.4]
PF C.6 Managing Infrastructure identifiers [RQ 86]
  • RQ 86 PAV specification shall support the protection of DMP user specific information such as the DMP user identity when this is sent from the DMP device. [C.4, C.5, C.6, F.2, G.27, H.4]

D. Service Design
The set of functions that are executed by DMP users when they design a DMP service

null

E. Service Management
The set of functions that are executed by DMP users when they provide a DMP service

PF E.1 Associating persistently identifiers to a piece of content [RQs 9, 13]
Making a continuous logical connection between a name and a piece of DMP content
  • RQ 9 Support for the unambiguous and unique identification of DMP content. [this PF only]
  • RQ 13 Associating DMP rights expressions and DMP metadata to a specific piece of DMP content [E.1, E.13, F.7]
PF E.3 Promoting content [RQ 1]
Communicating information about DMP content to potential customers
  • RQ 1 Accessing, processing and rendering of unprotected DMP metadata of DMP content and DMP rights expressions. [E.3, I.2, I.4, I.10]
PF E.4 Distributing content [RQ 70 (others?)]
Moving (note: "moving" might be wrong word now) DMP content from DMP right holders to DMP end-users
  • RQ 70 Be possible to DMP stream DMP content from the DMP content provider to a set of DMP devices. [E.4, I.6]
PF E.5 Supporting service [RQ 33]
Providing assistance to the users of a DMP service
  • RQ 33 The DMP rights expressions shall enable the following capabilities.
    (a) It shall be possible to perform DMP export of a piece of DMP governed content
    (b) DMP rights expressions shall support the following types of usages:
      (i) Metered time based (i.e. that the DMP device can Play the DMP content as long as the metered usage time is less than a specified time); (ii) User identity based (i.e. that the DMP device can only Play the DMP content when being used by a specified DMP user); (iii) Time/date based; (iv) Count based
    (c) Be possible to express the DMP rights related to the following DMP use:
      (i) Audio rendering; (ii) Video rendering; (iii) Execute applet; (iv) Print; (v) Copy; (vi) Move
    [E.5, I.5.2, I.6, I.7]
PF E.9 Encrypting Content [RQs 59, 61, 69]
Converting DMP content into a form that is only meaningful for an intended receiver
  • RQ 59 PAV specification shall support protection of DMP content, in a manner independent of the transport mechanism, from a DMP device to another DMP device to which the DMP content is transferred. [E.9, G.22, H.3]
  • RQ 61 Be possible for the DMP content provider to encrypt each instance of a particular piece of DMP content with a different Key and for DMP superdistribution of that DMP content to still be possible. [E.9, G.16, G.22]
  • RQ 69 Be possible for only some components of a piece of DMP composite content to be encrypted. [E.9, G.22]
PF E.13 Associating rights expressions and metadata to pieces of content [RQs 13, 53, 87 (had 75, 76, 77 but those may have been de-linked?)]
  • RQ 13 Associating DMP rights expressions and DMP metadata to a specific piece of DMP content [E.1, E.13, F.7]
  • RQ 53 Be possible to package multiple pieces of DMP content and transfer this package to a DMP user, whilst assigning different DMP rights expressions for each item of that DMP composite content. [E.13, F.7]
  • RQ 87 Be possible for the DMP user to delete an instance of DMP content, but to keep the DMP rights expressions associated with that piece of DMP content (so that the DMP user could DMP restore the DMP content on the DMP device later without having to obtain new DMP rights expressions). [E.13, (G.13?,) I.5]

F. Relationships and Agreements
The set of functions that are executed in the setting up of relationships between DMP users and achieving agreements and terms between them for the flow, ownership and control of DMP content and data within DMBM

PF F.2 Establishing trust [RQs 66, 84, 86]
Creating confidence or certainty between DMP users based on past experiences
  • RQ 66 PAV specification shall support protection of sensitive information within the DMP rights expression, e.g. DMP user identities, in a manner independent of the transport mechanism, between the DMP device and any other DMP device to which the DMP rights expression is transferred, such that this sensitive information in the DMP rights expression can only be read by DMP devices for which the DMP rights expression is intended. [F.2, G.19, H.3]
  • RQ 84 PAV specification shall support the communication to the DMP content provider of the use that can be made of DMP user and DMP device specific information. [C.4, F.2, (G.19?,) I.3]
  • RQ 86 PAV specification shall support the protection of DMP user specific information such as the DMP user identity when this is sent from the DMP device. [C.4, C.5, C.6, F.2, G.27, H.4]
PF F.7 Expressing the terms of licensing [RQs 13, 15, 16, 53, 74, 75, 76, 77, 78, 79]
Expressing conditions for (rights-related and value-related) functions between DMP users
  • RQ 13 Associating DMP rights expressions and DMP metadata to a specific piece of DMP content [E.1, E.13, F.7]
  • RQ 15 Be possible to specify that the DMP rights expression is associated to a particular DMP User identity, i.e., that a DMP device can only DMP use the DMP governed content when being used by that DMP user. [F.7, G.13, G.14, G.15]
  • RQ 16 PAV specifications shall support the setting up of DMP domains [F.7, G.14 (?), G.15 (?), H.11]
  • RQ 53 Be possible to package multiple pieces of DMP content and transfer this package to a DMP user, whilst assigning different DMP rights expressions for each item of that DMP composite content. [E.13, F.7]
  • RQ 74 Be possible to specify DMP rights expressions for encrypted and unencrypted content. [this PF only]
  • RQ 75 Be possible to specify within the DMP rights expressions associated with DMP content whether or not the DMP rights expressions and DMP content can be exported to another DRM system, and to which DRM systems. [(used to be at E.13,) F.7, H.3]
  • RQ 76 Be possible to specify within the DMP rights expression associated with DMP content whether or not the DMP rights expression and DMP content can be transferred to a copy protected storage media, and to which type of copy protected storage media. [(used to be at E.13,) F.7, H.3]
  • RQ 77 Be possible to specify within the DMP rights expression associated with a piece of DMP content whether or not the DMP rights expression and the piece of DMP content can be transferred to a rendering device over a copy protected transport mechanism, and over which copy protected transport mechanisms. [(used to be at E.13,) F.7, H.4]
  • RQ 78 Be possible to specify DMP rights expressions associated with DMP content where the DMP content is a DMP composite content. [this PF only]
  • RQ 79 Be possible to independently specify DMP rights expressions for each individual component of a DMP composite content. [A.5, F.7]

G. Security Management
The set of functions that are executed to establish security elements on the value-chain and between DMP users and DMP devices to enable rightful use of DMP content in accordance with the given DMBM

PF G.1 Authenticating [RQs 18, 20, 23, 47, 57, 67]
Confirming the correctness of a claimed identity (of Infrastructure, DMP service, DMP content, DMP user)
  • RQ 18 Determination of authenticity and integrity of DMP rights expressions. [G.1, G.2, G.3, G.11, G.12]
  • RQ 20 Be possible to protect DMP content integrity in a manner independent of the transport mechanism but possibly connected through different networks, between DMP devices. [G.1, G.2, G.3, G.11, G.12, H.3, H.4]
  • RQ 23 The key for decryption/unscrambling being distributed to authenticated license holders only. [G.1, H.3, H.4]
  • RQ 47 Be possible for the DMP rights holder to reliably identify the DMP device for the purpose of either issuing or refusing the issuance of a DMP rights expression to that DMP device. [G.1, G.14, H.9(, H.10?)]
  • RQ 57 The DMP rights holder shall be able to authenticate, in a manner that is independent of the device manufacturer and prior to delivery of DMP rights expression to the intended DMP device, any of the following: (a) The identity of the DMP device; (b) The identity of the DMP user. [G.1, G.23, G.24, G.25, G.26, H.3]
  • RQ 67 Be possible for the DMP device to authenticate the identity of the source of the DMP rights expression. [G.1, G.11, G.12, G.23, G.24, G.25, G.26]
PF G.2 Verifying [RQs 18, 20, 52]
Comparing a DMP device, a DMP service or a functions with the corresponding Requirements or specifications
  • RQ 18 Determination of authenticity and integrity of DMP rights expressions. [G.1, G.2, G.3, G.11, G.12]
  • RQ 20 Be possible to protect DMP content integrity in a manner independent of the transport mechanism but possibly connected through different networks, between DMP devices. [G.1, G.2, G.3, G.11, G.12, H.3, H.4]
  • RQ 52 Be possible for a DMP device which receives DMP content though DMP superdistribution to be able to validate its integrity. [G.2, G.3, G.12]
PF G.3 Certifying [RQs 18, 20, 52]
Evaluating the technical and non-technical security features of Infrastructure, DMP services and DMP user
  • RQ 18 Determination of authenticity and integrity of DMP rights expressions. [G.1, G.2, G.3, G.11, G.12]
  • RQ 20 Be possible to protect DMP content integrity in a manner independent of the transport mechanism but possibly connected through different networks, between DMP devices. [G.1, G.2, G.3, G.11, G.12, H.3, H.4]
  • RQ 52 Be possible for a DMP device which receives DMP content though DMP superdistribution to be able to validate its integrity. [G.2, G.3, G.12]
PF G.11 Asserting Data/Service source/integrity [RQs 18, 20, (22?,) 62, 67]
Claiming the origin and completeness of DMP content and DMP services
  • RQ 18 Determination of authenticity and integrity of DMP rights expressions. [G.1, G.2, G.3, G.11, G.12]
  • RQ 20 Be possible to protect DMP content integrity in a manner independent of the transport mechanism but possibly connected through different networks, between DMP devices. [G.1, G.2, G.3, G.11, G.12, H.3, H.4]
  • (?) RQ 22 Support for verifying the source (VCP and its device) of DMP content [(G.11?,) G.12, G.23, G.24, G.25, G.26]
  • RQ 62 PAV specification shall support protection of the integrity of the DMP rights expression, in a manner independent of the transport mechanism, between the DMP content provider and the DMP device for which the DMP rights expression is intended.
    [See dmp0109 for why this was originally a typo - was intended to have been "service" provider in the original contribution] [G.11, G.12, H.3]
  • RQ 67 Be possible for the DMP device to authenticate the identity of the source of the DMP rights expression. [G.1, G.11, G.12, G.23, G.24, G.25, G.26]
PF G.12 Verifying Data/Service source/integrity [RQs 18, 20, 22, 52, 62, 67]
Comparing the origin and completeness of DMP content and DMP services
  • RQ 18 Determination of authenticity and integrity of DMP rights expressions. [G.1, G.2, G.3, G.11, G.12]
  • RQ 20 Be possible to protect DMP content integrity in a manner independent of the transport mechanism but possibly connected through different networks, between DMP devices. [G.1, G.2, G.3, G.11, G.12, H.3, H.4]
  • RQ 22 Support for verifying the source (VCP and its device) of DMP content [(G.11?,) G.12, G.23, G.24, G.25, G.26]
  • RQ 52 Be possible for a DMP device which receives DMP content though DMP superdistribution to be able to validate its integrity. [G.2, G.3, G.12]
  • RQ 62 PAV specification shall support protection of the integrity of the DMP rights expression, in a manner independent of the transport mechanism, between the DMP content provider and the DMP device for which the DMP rights expression is intended.
    [See dmp0109 for why this was originally a typo - was intended to have been "service" provider in the original contribution] [G.11, G.12, H.3]
  • RQ 67 Be possible for the DMP device to authenticate the identity of the source of the DMP rights expression. [G.1, G.11, G.12, G.23, G.24, G.25, G.26]
PF G.13 Enforcing usage rules [RQs 15, 42, (87?)]
Ensuring observance of rules by DMP users
  • RQ 15 Be possible to specify that the DMP rights expression is associated to a particular DMP User identity, i.e., that a DMP device can only DMP use the DMP governed content when being used by that DMP user. [F.7, G.13, G.14, G.15]
  • RQ 42 Not be possible for a DMP device to use DMP content unless appropriate DMP rights expressions have been associated with that DMP content and the DMP device possesses the said DMP rights expression. [This is not well-phrased - also note dmp0109 re changing appropriate to "its"] [G.13, G.18?, G.19, G.22, G.27?]
  • (?) RQ 87 Be possible for the DMP user to delete an instance of DMP content, but to keep the DMP rights expressions associated with that piece of DMP content (so that the DMP user could DMP restore the DMP content on the DMP device later without having to obtain new DMP rights expressions). [E.13, (G.13?,) I.5]
PF G.14 Associating persistently identifiers to a piece of Infrastructure [RQs 15, 16, 47, 80, 81, 82, 83]
Making a continuous logical connection between a name and piece of Infrastructure (DMP device, network, storage media)
  • RQ 15 Be possible to specify that the DMP rights expression is associated to a particular DMP User identity, i.e., that a DMP device can only DMP use the DMP governed content when being used by that DMP user. [F.7, G.13, G.14, G.15]
  • RQ 16 PAV specifications shall support the setting up of DMP domains [F.7, G.14 (?), G.15 (?), H.11]
  • RQ 47 Be possible for the DMP rights holder to reliably identify the DMP device for the purpose of either issuing or refusing the issuance of a DMP rights expression to that DMP device. [G.1, G.14, H.9(, H.10?)]
  • RQ 80 Be possible for the DMP rights holder to authorise DMP devices to join a DMP domain that has already been formed. [G.14, H.11]
  • RQ 81 Be possible for the DMP rights holder to direct a DMP device to leave a DMP domain. [G.14, H.11]
  • RQ 82 Be possible for the DMP rights holder to exclude one or more DMP devices in the DMP domain, such that the excluded DMP devices cannot process any new DMP rights expressions issued for the DMP domain after the time of exclusion. [G.14, H.11]
  • RQ 83 Be possible for DMP devices in a DMP domain to leave the DMP domain. [G.14, H.11]
PF G.15 Associating persistently identifiers to a DMP user [RQs 15, 16]
Making a continuous logical connection between a name and a DMP user
  • RQ 15 Be possible to specify that the DMP rights expression is associated to a particular DMP User identity, i.e., that a DMP device can only DMP use the DMP governed content when being used by that DMP user. [F.7, G.13, G.14, G.15]
  • RQ 16 PAV specifications shall support the setting up of DMP domains [F.7, G.14 (?), G.15 (?), H.11]
PF G.16 Managing Keys [RQs 29, 61, 64]
The set of functions that are executed in connection with Metadata that control the operations of encryption and decryption.
  • RQ 29 PAV specification shall support the use of individual keys for the individual components of a piece of DMP composite content [this PF only]
  • RQ 61 Be possible for the DMP content provider to encrypt each instance of a particular piece of DMP content with a different Key and for DMP superdistribution of that DMP content to still be possible. [E.9, G.16, G.22]
  • RQ 64 PAV specification shall support protection of any content encryption key (CEK) in a DMP rights expression, in a manner independent of the transport mechanism, between the DMP device and any other DMP device to which the DMP rights expression is transferred, such that the CEK can only be read by DMP devices for which the DMP rights expression is intended. [G.16, G.18, G19]
PF G.17 Resistance to Tampering [RQ 26]
Preventing unauthorized DMP users from accessing data which control the operations of a DMP device
  • RQ 26 Ask respondents to CfP to express their views on how levels of tamper resistance can be specified in the PAV. [G.17, H.6, H.7]
PF G.18 Protecting Keys [RQs 25, (42?,) 60, 64]
Preventing unauthorized DMP users from accessing data which control the operations of encryption and decryption
  • RQ 25 Users shall not have direct access to protected keys. [this PF only]
  • (?) RQ 42 Not be possible for a DMP device to use DMP content unless appropriate DMP rights expressions have been associated with that DMP content and the DMP device possesses the said DMP rights expression. [This is not well-phrased - also note dmp0109 re changing appropriate to "its"] [G.13, G.18?, G.19, G.22, G.27?]
  • RQ 60 PAV specification shall support protection of any content encryption key (CEK) in a DMP rights expression, in a manner independent of the transport mechanism, from the DMP content provider and the DMP device, such that the CEK can only be read by the DMP device for which the DMP rights expression is intended. [G.18, H.3]
  • RQ 64 PAV specification shall support protection of any content encryption key (CEK) in a DMP rights expression, in a manner independent of the transport mechanism, between the DMP device and any other DMP device to which the DMP rights expression is transferred, such that the CEK can only be read by DMP devices for which the DMP rights expression is intended. [G.16, G.18, G19]
PF G.19 Protecting Rights Expressions [RQs 42, 48, 49, 50, 63, 64, 65, 66 (, 84?)]
Preventing unauthorized DMP users from accessing statements of which functions can be executed on a piece of DMP content or DMP content-related DMP services
  • RQ 42 Not be possible for a DMP device to use DMP content unless appropriate DMP rights expressions have been associated with that DMP content and the DMP device possesses the said DMP rights expression. [This is not well-phrased - also note dmp0109 re changing appropriate to "its"] [G.13, G.18?, G.19, G.22, G.27?]
  • RQ 48 Be possible for DMP rights holders to protect DMP rights expressions intended for a particular DMP device such that the DMP rights expression can only be processed by that DMP device. [this PF only]
  • RQ 49 Be possible for DMP rights holders to protect DMP rights expressions intended for a DMP domain such that the DMP rights expression can only be processed by DMP devices within the DMP domain. [this PF only]
  • RQ 50 Be possible for DMP devices to send DMP rights expressions to other DMP devices (the receiving DMP device will only be able to process the DMP rights expression if the DMP rights holder that issued the DMP rights expression enables this). [G.19, H.3, H.4]
  • RQ 63 PAV specification shall support protection of the DMP rights expression, in a manner independent of the transport mechanism, between the DMP device and any other DMP device to which the DMP rights expression is transferred. [G.19, H.3]
  • RQ 64 PAV specification shall support protection of any content encryption key (CEK) in a DMP rights expression, in a manner independent of the transport mechanism, between the DMP device and any other DMP device to which the DMP rights expression is transferred, such that the CEK can only be read by DMP devices for which the DMP rights expression is intended. [G.16, G.18, G19]
  • RQ 65 PAV specification shall support protection of sensitive information within the DMP rights expression, e.g. DMP user identities, in a manner independent of the transport mechanism, between the DMP content provider and the DMP device, such that this sensitive information in the DMP rights expression can only be read by the DMP device for which the DMP rights expression is intended. [G.19, H.3]
  • RQ 66 PAV specification shall support protection of sensitive information within the DMP rights expression, e.g. DMP user identities, in a manner independent of the transport mechanism, between the DMP device and any other DMP device to which the DMP rights expression is transferred, such that this sensitive information in the DMP rights expression can only be read by DMP devices for which the DMP rights expression is intended. [F.2, G.19, H.3]
  • (?) RQ 84 PAV specification shall support the communication to the DMP content provider of the use that can be made of DMP user and DMP device specific information. [C.4, F.2, (G.19?,) I.3]
PF G.22 Protecting content [RQs 42, 59, 61, 69]
  • RQ 42 Not be possible for a DMP device to use DMP content unless appropriate DMP rights expressions have been associated with that DMP content and the DMP device possesses the said DMP rights expression. [This is not well-phrased - also note dmp0109 re changing appropriate to "its"] [G.13, G.18?, G.19, G.22, G.27?]
  • RQ 59 PAV specification shall support protection of DMP content, in a manner independent of the transport mechanism, from a DMP device to another DMP device to which the DMP content is transferred. [E.9, G.22, H.3]
  • RQ 61 Be possible for the DMP content provider to encrypt each instance of a particular piece of DMP content with a different Key and for DMP superdistribution of that DMP content to still be possible. [E.9, G.16, G.22]
  • RQ 69 Be possible for only some components of a piece of DMP composite content to be encrypted. [E.9, G.22]
PF G.23 Asserting devices [RQs 22, 57, 67]
  • RQ 22 Support for verifying the source (VCP and its device) of DMP content [(G.11?,) G.12, G.23, G.24, G.25, G.26]
  • RQ 57 The DMP rights holder shall be able to authenticate, in a manner that is independent of the device manufacturer and prior to delivery of DMP rights expression to the intended DMP device, any of the following: (a) The identity of the DMP device; (b) The identity of the DMP user. [G.1, G.23, G.24, G.25, G.26, H.3]
  • RQ 67 Be possible for the DMP device to authenticate the identity of the source of the DMP rights expression. [G.1, G.11, G.12, G.23, G.24, G.25, G.26]
PF G.24 Asserting users [RQs 22, 57, 67]
  • RQ 22 Support for verifying the source (VCP and its device) of DMP content [(G.11?,) G.12, G.23, G.24, G.25, G.26]
  • RQ 57 The DMP rights holder shall be able to authenticate, in a manner that is independent of the device manufacturer and prior to delivery of DMP rights expression to the intended DMP device, any of the following: (a) The identity of the DMP device; (b) The identity of the DMP user. [G.1, G.23, G.24, G.25, G.26, H.3]
  • RQ 67 Be possible for the DMP device to authenticate the identity of the source of the DMP rights expression. [G.1, G.11, G.12, G.23, G.24, G.25, G.26]
PF G.25 Verifying devices [RQs 22, 57, 67]
  • RQ 22 Support for verifying the source (VCP and its device) of DMP content [(G.11?,) G.12, G.23, G.24, G.25, G.26]
  • RQ 57 The DMP rights holder shall be able to authenticate, in a manner that is independent of the device manufacturer and prior to delivery of DMP rights expression to the intended DMP device, any of the following: (a) The identity of the DMP device; (b) The identity of the DMP user. [G.1, G.23, G.24, G.25, G.26, H.3]
  • RQ 67 Be possible for the DMP device to authenticate the identity of the source of the DMP rights expression. [G.1, G.11, G.12, G.23, G.24, G.25, G.26]
PF G.26 Verifying users [RQs 22, 57, 67]
  • RQ 22 Support for verifying the source (VCP and its device) of DMP content [(G.11?,) G.12, G.23, G.24, G.25, G.26]
  • RQ 57 The DMP rights holder shall be able to authenticate, in a manner that is independent of the device manufacturer and prior to delivery of DMP rights expression to the intended DMP device, any of the following: (a) The identity of the DMP device; (b) The identity of the DMP user. [G.1, G.23, G.24, G.25, G.26, H.3]
  • RQ 67 Be possible for the DMP device to authenticate the identity of the source of the DMP rights expression. [G.1, G.11, G.12, G.23, G.24, G.25, G.26]
PF G.27 Protecting metadata [RQs (42?,), 56, 86]
  • (?) RQ 42 Not be possible for a DMP device to use DMP content unless appropriate DMP rights expressions have been associated with that DMP content and the DMP device possesses the said DMP rights expression. [This is not well-phrased - also note dmp0109 re changing appropriate to "its"] [G.13, G.18?, G.19, G.22, G.27?]
  • RQ 56 PAV specification shall support protection of DMP metadata independently from the transport mechanism. [G.27, H.3]
  • RQ 86 PAV specification shall support the protection of DMP user specific information such as the DMP user identity when this is sent from the DMP device. [C.4, C.5, C.6, F.2, G.27, H.4]

H. Infrastructure Operation
The set of functions that are executed to operate upon the infrastructure underpinning the value-chain and so execute the DMBM

PF H.3 Transferring data between devices [RQs 14, 20, 23, 50, 51, 56, 57, 59, 60, 62, 63, 65, 66, 71, 75, 76]
Moving DMP content from a source DMP device to one or many destination DMP devices and deleting DMP content on the source device
  • RQ 14 Be possible for DMP rights expressions and DMP content to be delivered via the same or different transport mechanisms. [H.3, H.4]
  • RQ 20 Be possible to protect DMP content integrity in a manner independent of the transport mechanism but possibly connected through different networks, between DMP devices. [G.1, G.2, G.3, G.11, G.12, H.3, H.4]
  • RQ 23 The key for decryption/unscrambling being distributed to authenticated license holders only. [G.1, H.3, H.4]
  • RQ 50 Be possible for DMP devices to send DMP rights expressions to other DMP devices (the receiving DMP device will only be able to process the DMP rights expression if the DMP rights holder that issued the DMP rights expression enables this). [G.19, H.3, H.4]
  • RQ 51 Be possible for DMP rights expressions and DMP content to be delivered at the same or different times and to be received in any order. [H.3, H.4, H.12]
  • RQ 56 PAV specification shall support protection of DMP metadata independently from the transport mechanism. [G.27, H.3]
  • RQ 57 The DMP rights holder shall be able to authenticate, in a manner that is independent of the device manufacturer and prior to delivery of DMP rights expression to the intended DMP device, any of the following: (a) The identity of the DMP device; (b) The identity of the DMP user. [G.1, G.23, G.24, G.25, G.26, H.3]
  • RQ 59 PAV specification shall support protection of DMP content, in a manner independent of the transport mechanism, from a DMP device to another DMP device to which the DMP content is transferred. [E.9, G.22, H.3]
  • RQ 60 PAV specification shall support protection of any content encryption key (CEK) in a DMP rights expression, in a manner independent of the transport mechanism, from the DMP content provider and the DMP device, such that the CEK can only be read by the DMP device for which the DMP rights expression is intended. [G.18, H.3]
  • RQ 62 PAV specification shall support protection of the integrity of the DMP rights expression, in a manner independent of the transport mechanism, between the DMP content provider and the DMP device for which the DMP rights expression is intended.
    [See dmp0109 for why this was originally a typo - was intended to have been "service" provider in the original contribution] [G.11, G.12, H.3]
  • RQ 63 PAV specification shall support protection of the DMP rights expression, in a manner independent of the transport mechanism, between the DMP device and any other DMP device to which the DMP rights expression is transferred. [G.19, H.3]
  • RQ 65 PAV specification shall support protection of sensitive information within the DMP rights expression, e.g. DMP user identities, in a manner independent of the transport mechanism, between the DMP content provider and the DMP device, such that this sensitive information in the DMP rights expression can only be read by the DMP device for which the DMP rights expression is intended. [G.19, H.3]
  • RQ 66 PAV specification shall support protection of sensitive information within the DMP rights expression, e.g. DMP user identities, in a manner independent of the transport mechanism, between the DMP device and any other DMP device to which the DMP rights expression is transferred, such that this sensitive information in the DMP rights expression can only be read by DMP devices for which the DMP rights expression is intended. [F.2, G.19, H.3]
  • RQ 71 Be possible for a DMP device to send DMP content to any other DMP device in a transport independent manner, and for the DMP device receiving DMP content to be able to obtain the DMP rights expression corresponding to the received DMP content. [A.5, H.3, I.3]
  • RQ 75 Be possible to specify within the DMP rights expressions associated with DMP content whether or not the DMP rights expressions and DMP content can be exported to another DRM system, and to which DRM systems. [(used to be at E.13,) F.7, H.3]
  • RQ 76 Be possible to specify within the DMP rights expression associated with DMP content whether or not the DMP rights expression and DMP content can be transferred to a copy protected storage media, and to which type of copy protected storage media. [(used to be at E.13,) F.7, H.3]
PF H.4 Establishing a secure means of transferring data between devices [RQs 14, 20, 23, 50, 51, 77, 86]
Providing means to prevent that DMP content being transferred between DMP devices is read or tampered with by an unintended receiver
  • RQ 14 Be possible for DMP rights expressions and DMP content to be delivered via the same or different transport mechanisms. [H.3, H.4]
  • RQ 20 Be possible to protect DMP content integrity in a manner independent of the transport mechanism but possibly connected through different networks, between DMP devices. [G.1, G.2, G.3, G.11, G.12, H.3, H.4]
  • RQ 23 The key for decryption/unscrambling being distributed to authenticated license holders only. [G.1, H.3, H.4]
  • RQ 50 Be possible for DMP devices to send DMP rights expressions to other DMP devices (the receiving DMP device will only be able to process the DMP rights expression if the DMP rights holder that issued the DMP rights expression enables this). [G.19, H.3, H.4]
  • RQ 51 Be possible for DMP rights expressions and DMP content to be delivered at the same or different times and to be received in any order. [H.3, H.4, H.12]
  • RQ 77 Be possible to specify within the DMP rights expression associated with a piece of DMP content whether or not the DMP rights expression and the piece of DMP content can be transferred to a rendering device over a copy protected transport mechanism, and over which copy protected transport mechanisms. [(used to be at E.13,) F.7, H.4]
  • RQ 86 PAV specification shall support the protection of DMP user specific information such as the DMP user identity when this is sent from the DMP device. [C.4, C.5, C.6, F.2, G.27, H.4]
PF H.6 Verifying conformance rules [RQ 26]
Comparing the Infrastructure with the corresponding requirements and specifications
  • RQ 26 Ask respondents to CfP to express their views on how levels of tamper resistance can be specified in the PAV. [G.17, H.6, H.7]
PF H.7 Authenticating conformance rules [RQ 26]
Confirming the compliance of the Infrastructure with the corresponding requirements and specifications
  • RQ 26 Ask respondents to CfP to express their views on how levels of tamper resistance can be specified in the PAV. [G.17, H.6, H.7]
PF H.8 Synchronizing time [RQ 30]
Establishing a common timing between DMP devices
  • RQ 30 Protocols for connecting to a source of secure time. [this PF only]
PF H.9 Discovering DMP device capabilities (including identity) [RQs 44, 45, 47]
  • RQ 44 Be possible for the DMP device to identify whether it is technically capable to use a certain piece of DMP content before requesting the DMP rights expression for that piece of DMP content. [H.9, H.10, I.3]
  • RQ 45 Be possible for a DMP rights holder to discover whether a DMP device is technically capable to use a certain piece of DMP content before issuing the DMP rights expression (for that piece of DMP content) to the DMP device. [H.9, H.10, I.3]
  • RQ 47 Be possible for the DMP rights holder to reliably identify the DMP device for the purpose of either issuing or refusing the issuance of a DMP rights expression to that DMP device. [G.1, G.14, H.9(, H.10?)]
PF H.10 Discovering licensed DMP uses [RQs 44, 45 (, 47?)]
  • RQ 44 Be possible for the DMP device to identify whether it is technically capable to use a certain piece of DMP content before requesting the DMP rights expression for that piece of DMP content. [H.9, H.10, I.3]
  • RQ 45 Be possible for a DMP rights holder to discover whether a DMP device is technically capable to use a certain piece of DMP content before issuing the DMP rights expression (for that piece of DMP content) to the DMP device. [H.9, H.10, I.3]
  • (?) RQ 47 Be possible for the DMP rights holder to reliably identify the DMP device for the purpose of either issuing or refusing the issuance of a DMP rights expression to that DMP device. [G.1, G.14, H.9(, H.10?)]
PF H.11 Managing DMP domains [RQs 16, 80, 81, 82, 83]
  • RQ 16 PAV specifications shall support the setting up of DMP domains [F.7, G.14 (?), G.15 (?), H.11]
  • RQ 80 Be possible for the DMP rights holder to authorise DMP devices to join a DMP domain that has already been formed. [G.14, H.11]
  • RQ 81 Be possible for the DMP rights holder to direct a DMP device to leave a DMP domain. [G.14, H.11]
  • RQ 82 Be possible for the DMP rights holder to exclude one or more DMP devices in the DMP domain, such that the excluded DMP devices cannot process any new DMP rights expressions issued for the DMP domain after the time of exclusion. [G.14, H.11]
  • RQ 83 Be possible for DMP devices in a DMP domain to leave the DMP domain. [G.14, H.11]
PF H.12 Associating data (metadata, key, rights expression) with content [RQs 43, 51]
  • RQ 43 Be possible to separate DMP rights expressions and DMP content physically, but not logically. [this PF only]
  • RQ 51 Be possible for DMP rights expressions and DMP content to be delivered at the same or different times and to be received in any order. [H.3, H.4, H.12]

I. User Operation
The set of functions that a DMP end-user executes through interface with the technical infrastructure to search, access and use DMP content

PF I.2 Searching for a service [RQ 1]
Determining whether one or more of a set of DMP services have a specified property
  • RQ 1 Accessing, processing and rendering of unprotected DMP metadata of DMP content and DMP rights expressions. [E.3, I.2, I.4, I.10]
PF I.3 Using a service [RQs 44, 45, 71, 73, 84]
Accepting and receiving the usages offered by a DMP user
  • RQ 44 Be possible for the DMP device to identify whether it is technically capable to use a certain piece of DMP content before requesting the DMP rights expression for that piece of DMP content. [H.9, H.10, I.3]
  • RQ 45 Be possible for a DMP rights holder to discover whether a DMP device is technically capable to use a certain piece of DMP content before issuing the DMP rights expression (for that piece of DMP content) to the DMP device. [H.9, H.10, I.3]
  • RQ 71 Be possible for a DMP device to send DMP content to any other DMP device in a transport independent manner, and for the DMP device receiving DMP content to be able to obtain the DMP rights expression corresponding to the received DMP content. [A.5, H.3, I.3]
  • RQ 73 Only be possible to DMP restore DMP backed up DMP stateless rights expressions to the DMP device for which the DMP rights expressions were originally issued. [this PF only]
  • RQ 84 PAV specification shall support the communication to the DMP content provider of the use that can be made of DMP user and DMP device specific information. [C.4, F.2, (G.19?,) I.3]
PF I.4 Searching for content [RQ 1]
Determining whether DMP content have a specified property
  • RQ 1 Accessing, processing and rendering of unprotected DMP metadata of DMP content and DMP rights expressions. [E.3, I.2, I.4, I.10]
PF I.5 Processing content [RQ 87]
The set of functions that are executed to manipulate DMP content (see also extensive subcategory PFs 5.1-7)
  • RQ 87 Be possible for the DMP user to delete an instance of DMP content, but to keep the DMP rights expressions associated with that piece of DMP content (so that the DMP user could DMP restore the DMP content on the DMP device later without having to obtain new DMP rights expressions). [E.13, (G.13?,) I.5]
PF I.5.2 Copying content [RQs 2, 3, 4, 5, 33]
Replicating DMP content
  • RQ 2 Support for making a DMP copy of DMP content. [this PF only]
  • RQ 3 Be possible for the DMP device to DMP copy DMP content and DMP rights expression to another DMP device, that does not necessarily have network access e.g. from a set top box to a portable media player. [this PF only]
  • RQ 4 Be possible for the DMP device to DMP backup and DMP restore DMP content. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
  • RQ 5 Be possible for the DMP device to DMP backup a DMP stateless rights expression or a DMP rights expression whenerver the DMP rights expression provides for that eventuality. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
  • RQ 33 The DMP rights expressions shall enable the following capabilities.
    (a) It shall be possible to perform DMP export of a piece of DMP governed content
    (b) DMP rights expressions shall support the following types of usages:
      (i) Metered time based (i.e. that the DMP device can Play the DMP content as long as the metered usage time is less than a specified time); (ii) User identity based (i.e. that the DMP device can only Play the DMP content when being used by a specified DMP user); (iii) Time/date based; (iv) Count based
    (c) Be possible to express the DMP rights related to the following DMP use:
      (i) Audio rendering; (ii) Video rendering; (iii) Execute applet; (iv) Print; (v) Copy; (vi) Move
    [E.5, I.5.2, I.6, I.7]
PF I.5.5 Backing up content [RQs 4, 5]
  • RQ 4 Be possible for the DMP device to DMP backup and DMP restore DMP content. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
  • RQ 5 Be possible for the DMP device to DMP backup a DMP stateless rights expression or a DMP rights expression whenerver the DMP rights expression provides for that eventuality. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
PF I.5.6 Restoring content [RQs 4, 5]
  • RQ 4 Be possible for the DMP device to DMP backup and DMP restore DMP content. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
  • RQ 5 Be possible for the DMP device to DMP backup a DMP stateless rights expression or a DMP rights expression whenerver the DMP rights expression provides for that eventuality. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
PF I.5.7 Moving content [RQs 4, 5]
  • RQ 4 Be possible for the DMP device to DMP backup and DMP restore DMP content. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
  • RQ 5 Be possible for the DMP device to DMP backup a DMP stateless rights expression or a DMP rights expression whenerver the DMP rights expression provides for that eventuality. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
PF I.6 Rendering content [RQs 33, 55, 70]
Processing DMP content so that they can be put across the User Interface to the User
  • RQ 33 The DMP rights expressions shall enable the following capabilities.
    (a) It shall be possible to perform DMP export of a piece of DMP governed content
    (b) DMP rights expressions shall support the following types of usages:
      (i) Metered time based (i.e. that the DMP device can Play the DMP content as long as the metered usage time is less than a specified time); (ii) User identity based (i.e. that the DMP device can only Play the DMP content when being used by a specified DMP user); (iii) Time/date based; (iv) Count based
    (c) Be possible to express the DMP rights related to the following DMP use:
      (i) Audio rendering; (ii) Video rendering; (iii) Execute applet; (iv) Print; (v) Copy; (vi) Move
    [E.5, I.5.2, I.6, I.7]
  • RQ 55 Be possible for a DMP device to DMP use DMP content which has been restored from a DMP backup. [I.6, I.7]
  • RQ 70 Be possible to DMP stream DMP content from the DMP content provider to a set of DMP devices. [E.4, I.6]
PF I.7 Storing content [RQs 4, 5, 33, 55]
Keeping DMP content for future use
  • RQ 4 Be possible for the DMP device to DMP backup and DMP restore DMP content. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
  • RQ 5 Be possible for the DMP device to DMP backup a DMP stateless rights expression or a DMP rights expression whenerver the DMP rights expression provides for that eventuality. [I.5.2, I.5.5, I.5.6, I.5.7, I.7]
  • RQ 33 The DMP rights expressions shall enable the following capabilities.
    (a) It shall be possible to perform DMP export of a piece of DMP governed content
    (b) DMP rights expressions shall support the following types of usages:
      (i) Metered time based (i.e. that the DMP device can Play the DMP content as long as the metered usage time is less than a specified time); (ii) User identity based (i.e. that the DMP device can only Play the DMP content when being used by a specified DMP user); (iii) Time/date based; (iv) Count based
    (c) Be possible to express the DMP rights related to the following DMP use:
      (i) Audio rendering; (ii) Video rendering; (iii) Execute applet; (iv) Print; (v) Copy; (vi) Move
    [E.5, I.5.2, I.6, I.7]
  • RQ 55 Be possible for a DMP device to DMP use DMP content which has been restored from a DMP backup. [I.6, I.7]
PF I.10 Processing Metadata [RQs 1, 12, 90]
[previous definition under different name: Creating Metadata - Making a logical connection between a description (Metadata) and DMP content]
  • RQ 1 Accessing, processing and rendering of unprotected DMP metadata of DMP content and DMP rights expressions. [E.3, I.2, I.4, I.10]
  • RQ 12 DMP specifications shall support conversion of machine readable DMP metadata to human-readable form [this PF only]
  • RQ 90 The supported DMP DRM version should be exposed. [this PF only]
PF I.12 Choosing services [(RQ 8?)]
Selecting a DMP service to access the DMP user from a number of alternatives
  • RQ 8 Support of a broad range of payment methods and mechanisms [(I.12?,) J.1]

J. Value Expression and Remuneration
Operations enabled through the DMBM to allow business fulfillment and to remunerate accordingly

PF J.1 Remunerating [RQ 8]
Paying for goods and/or DMP services or recompensing for losses
  • RQ 8 Support of a broad range of payment methods and mechanisms [(I.12?,) J.1]

dmp0098 Use Cases

Use Case 1: Using content on multiple devices
A downloaded content is sent to a DRM compliant PAV player by:
(a) using a wireless or wired connection with the player, or
(b) copying the content to a removable memory card, and moving the card to the player.

Use Case 2: Restoration of Rights and content using a secure portable user identity
When a user Device is broken, the user ID should be able to be transferred to a new device. The content purchasing record should be kept in a removable media or external memory in the user side. Then, he can restore the lost contents from the Content Providers.

Use Case 3: Backup of Protected content and Rights from a Service Provider
When a user Device is broken, the user ID should be able to be transferred to a new device. The content purchasing record should be kept in a memory in the content provider side. Then, he can restore the lost contents from the Content Providers.

Use Case 4: Removable Media or External Memory Backup of content and Rights
One should be able to Backup his purchased Contents and the Rights, which he has previously purchased, on a removable media or external memory. When the Device is broken, he buys a new device and restores all the contents to the new Device.
The Rights Issuer can Revoke the old Device to prevent possible fraud.

Use Case 5: Export of Protected content and Rights to other DRM systems and/or transfer to copy-protected storage medium/transport
People may want to transfer their contents to a different device which has a different DRM protection format.
The Content Provider can specify whether the alternative device is allowed or not.

Use Case 6: Multiple Contents Scenario
For an example, a karaoke song is actually a package that includes the music and lyrics for the song as well as associated images and links to related content. A single Rights for this package can specify different Permissions for the individual components. The content provider wants to promote the song so it allows the lyrics, images, and other information to be copied for free so they can be shared with people. Through this promotion, the content provider hopes to stimulate sales of the music.
Although the package contains several parts, only one single Rights associates with that content package.

Use Case 7: Download
When payment contract is completed, the content is downloaded to the Device and the Rights is also sent to the Device simultaneously or separately.
The types of Permission may be:
  • Time based Rights allowing the listening to the song until a particular date.
  • Metered usage time based rights allowing the listening to the song as long as the metered usage time is less than a specified time, whilst ensuring that the accumulated time is not modified.
Use Case 8: Subscription
Contents may be streamed/downloaded by subscription to an Internet music service. The Device has removable storage and music playing capability. The service allows:
  • music streaming to the Device for on-demand listening with play control (pause, resume, etc.).
  • music download to the Device. The music can be listened to, as long as the subscription is active, either when the Device is connected to or disconnected from the Internet site.

Use Case 9: Streaming
In this case, before streaming the contents, purchasing contract for the Rights has to be completed. The Rights describes the Permissions concerning setting up, receiving and playing the streams. Then the device is subsequently set up to receive the streams and play them subject to the terms described in the Rights.

Use Case 10: Multicast streaming under subscription
For an example, someone may make a contract for the subscription with an Internet radio service. Then the service allows him to select one of multicast radio channels and listen to the multicast stream on that channel. The music can be listened month after month, as long as the membership is active.

Use Case 11: Backwards compatibility
A new Device conforming to a new version of DRM specification must be able to receive contents from service providers only utilising the old version of the same DRM system. It is desirable for a Device conforming to an old version of DRM to be able to receive contents from service providers utilizing a new version of the same DRM system.

Use Case 12: Preview Rights
In order to advertise a new music band, a music clip of the band may be sent to users together with the preview Rights, which allows people to listen once to the music, or allowing unlimited playback of a small section of the music before buying the full set of rights. This type of Rights may also apply to a clip at the start of streamed data.
The types of possible permissions within the Rights may be:
  • state that the Content can only be played a given number of times, or
  • describe the starting date and the ending date to be able to play the content, or
  • describe the starting and finishing times of the free preview clip
Use Case 13: Superdistribution
Someone receives Protected content from his friend. He wants to acquire Rights to consume the content and follows the appropriate reference provided for that purpose in the Protected content. Before he is charged for the new Rights he expects that
  • the integrity of the Protected content is verified to avoid buying Rights for content that isn't usable,
  • the properties of the Protected content are validated to be suitable for his Device,
  • the process of acquiring new Rights provides the same user experience as the process of purchasing new Protected content with associated Rights.
  • the Rights issuer has been authenticated.

Use Case 14: Revoke Device
The Content Provider may want to prevent someone from being able to acquire new content for his Device, for example, because he has illegally shared his content with friends in the past. The Content Provider therefore revokes his Device and he no longer receives Protected content or Rights from that Content Provider.

Use Case 15: Binding Rights to User Identity
In case someone has two devices and wants to use them both with a same content. For this purpose the User Identity is stored in a removable memory and the device which has the memory device of User Identity can consume the content.

Use Case 16: Hacked DRM Solution
When Rights Issuer identifies that the Device is insecure, it notifies the user and adds the Device identity (Device ID, SW version, user ID, etc.) to a black list for Protected content download.

dmp0093 added "breakout" RQs

back to TOP of page