Sun streaks ahead in open source DRM and CAS
DReaM to come true?
"We don’t want to develop technology that is wholly different, we just want it to be simple, sufficient, and to make sure we can cite all the prior art. Some of the new technology comes from Sun, but we are committing that to be royalty free as well, which is one of the conditions for contributions made under the CDDL.
"It's a form of patents commons, where each contributor agrees to pool intellectual property. A company can't both include their contribution in code and also charge a license for it."
The CDDL allows for commercial implementations and for companies to commercially benefit and improve upon the code, both with changes to the code and additional segments of code which they add to it.
"There will be a requirement for code interoperability and to that extent a certification and conformance program will be put in place. That is likely to require a new legal entity, which will come into existence once version 1.0 is released, which will be this summer for both D-CAS and MMI. Currently the code is at release 0.7. Once version 1.0 is out then copyright will be extended to the specifications.
"Currently we are offering downloads in three modes, CAS which is designed for use with IPTV; DRM for a stored content model, which is more complex, and MMI which will convey rights information from server to client.
"DReaM-MMI is the mechanism for clients to negotiate with a networked licensing service for rights (including keys) for content, while DReaM-CAS assumes a network connection and network delivery model by the nature of its focus on MPEG-2 TS delivery systems."
DReaM-MMI is the technology focusing on stored content of all types. Network connections are not required to assert rights already negotiated and stored, but a network connection is needed when new rights are negotiated. The specifications for both types of systems are available now (DReaM-CAS and DReaM-MMI) as is the source code for a prototype DReaM-CAS system. Source code for MMI is targeted for release later this month. Surely MMI must overlap with the intellectual property in Content- Guard’s Rights Expression Language if it can store persistent content rights?
"We don't do this using a Rights Expression Language, but a protocol that stores the rights conversation that is had with the server. The trouble with Right Expression Languages is that they are tied to the network identity of a particular device. You buy something, get a license and decryption keys, delivery it to a device and you’re done.
"But what about a situation where you are watching the content in a QCIF file (176 x 144 pixels) on a phone and want to switch to watching it on a High Definition TV, that switch needs to be made at the server level and if needs to know that it is you making the request.
"You might use Blutooth or Infra Red from your mobile to demonstrate that you are present in the same room as a particular TV and use this proof of proximity to send a higher definition version of the content to the TV screen. Of course the TV will also have to have a trusted identity and be somehow associated with the individual."
For tethered devices DReaM-MMI will negotiate on behalf of a portable client which is not directly attached to the network, rather like the way in which PC held copy of iTunes does this for an iPod. The networked device will know the private key of the portable device and negotiate for content on that device. The version of content it will get will be encrypted only for use on the tethered client device, not for use on the device even that negotiated the license. If that is, for instance, a PC, then if a customer also wants to view it on the PC, he will need a different copy of the content, encrypted for the PC private key.
Both will need a secure execution environment and data paths, and a tamper proof clock, which of course could easily be implemented as a Java download to devices like OCAP set tops.
First talked about in October, DReaM was not supposed to be ready for implementation until the second quarter of 2007, and as such was likely to miss out on being a candidate for mobile handset DRM, but at its current pace of development, the lure of no royalty payouts for protection on handset content is likely to be too tempting for many mobile operators around the world.
Copyright © 2006, Faultline
Faultline is published by Rethink Research, a London-based publishing and consulting firm. This weekly newsletter is an assessment of the impact of the week's events in the world of digital media. Faultline is where media meets technology. Subscription details here.
Sponsored: The Nuts and Bolts of Ransomware in 2016