How DRM works?

DRM 如何作用？

One way of organising rights management in a digital environment is to attach the usage rules permanently to the content, either as part of the metadata defining the content or by incorporating the usage rules in the encrypted package in which the content resides.

Locking content to a particular machine to enforce a fixed set of usage rules is another possible implementation of a digital rights management system. This is the approach which has been used to date in many so called “thin client” devices such as mobile telephones.

在數位環境下，組織權利管理的一個方法，是將使用規則永久附著於內容上，這 些使用規則或者是界定使用內容的後設資料(metadata)之一部分，或者是連同內容一起 合併於加密包裹(encrypted package)之中。將內容鎖定於特定機器，以實施特定的使用 規則集合，則是另一個數位權利管理系統的可能作法。截至目前，這個方法曾經用於 許多所謂的「精簡型」(thin client)設備，如行動電話。

The rights management system used for DVD Video discs is another example of the basic approach: the usage rules applied to the content of the DVD Video disc are fixed and cannot be varied regardless of the usage context or identity of the user. The undoubted success of the DVD Video format as a vehicle for the delivery of high quality home entertainment (as well as many other possibilities) illustrates clearly that for some content management environments, fixed rights management systems are perfectly adequate.

用於 DVD 影像碟片的權利管理系統，則是這個基本方法的另一個例子：適用於 DVD 影像碟片的使用規則屬於固著性，不會因為使用情境或使用者身分而有差別。

DVD 影像格式成功地成為了高品質家庭娛樂（以及其他可能性）的載體，清楚顯示了 在某些內容管理環境下，固著性的權利管理系統相當完美。

The challenge to find dynamic rights management systems remains, however, because there is an infinite number of instances where the nature of the content or the usage context demand flexibility.

不過，尋求動態性權利管理系統的挑戰依然存在，因為在無數情形下，內容的性 質或使用情境需要具有彈性。

That flexibility is also essential to developing the kind of rights management system required for the security of more sensitive or valuable forms of content. The encryption system used in the DVD Video disc rights management process has already been compromised and cannot be repaired without reconstituting the entire format – a commercial impossibility – (Compromising the security, however, has had minimal impact on the success of the DVD Video disc as a consumer format).

對於更敏感或高價型態的內容，需要開發這種動態權利管理系統，因此彈性也是 不可或缺。用於 DVD 影像碟片權利管理程序的加密系統已經遭到破解，而且若沒有還 原全部的格式則無法修復－這在商業上不具有可行性（不過，對於 DVD 影像碟片作為 一種消費者格式而言，安全性遭破解對於 DVD 的商業成功衝擊微小）。

Furthermore, as will be discussed in more detail shortly, the rich rights management processes which copyright law and practice support also posit that flexibility as a basic requirement of an effective interface between legal and technical regulation of content management.

此外，如稍後將會多加討論，在著作權法律與實務所支持的多種權利管理程序 下，對於內容管理之法律與技術管制介面，彈性也是一項基本要求。

This challenge to achieve flexibility in automated rights management was first taken up by a number of researchers. The most usually cited in this respect is Mark Stefik who, in his work at the Xerox Palo Alto Research Center, identified the need for a dynamic capability in machine-based rights management processes and advanced a number of ideas as to how this might be achieved. There were others, however, who were engaged in the same search, notable amongst whom was Victor Shear and his team of scientists in what became InterTrust Technologies. Yet other researchers, both in the United States and in Japan, were exploring the possibilities of superdistribution, the process of applying and enforcing usage rules in a distributed content management environment. They saw a need for such systems where users of music content wanted to exchange content between each other.

在自動化權利管理中達成彈性是一項挑戰，而這挑戰首先是由一批研究者所承 擔。在這方面最受所用的是任職於全錄公司 Palo Alto 研究中心的 Mark Stefik，他指出 機械式權利管理程序下對於動態能力的需求，並且提出一些如何達成動態能力的想

法。¹⁶然而，也有其他人投入相同研究領域，最著名的是後來成立 InterTrust 科技公司

的 Victor Shear 與他的團隊科學家。而同時在美國及日本，其他研究者正在探索超級散 布(superdistribution)程序的可行性，在分散式內容管理環境下，這項程序能適用與執行 使用規則。他們發現，當音樂內容使用者想要彼此交流內容時，就有需要用到這種系 統。

The key breakthrough in DRM technology came when systems emerged which could deliver rules for the use of content independently of that content. Starting in the early 1990s InterTrust technologies began developing an extensive patent portfolio relating to inventions to that end. Once the capability of delivering rules independently of but associated with particular items of content is established, the range of uses which can be authorised through technology increases dramatically.

當內容使用規則的下達能獨立於內容之外，這就出現了 DRM 科技的關鍵突破。

始於 1990 年代初期，InterTrust 科技公司開始發展關於這項目的的廣泛專利組合。一旦 能夠針對特定內容項目下達具有獨立性與關聯性的規則，藉由科技進行授權的使用規 則便會大幅增加。

In a useful article on the subject of DRM John Erickson, principal scientist in the Digital Media Systems Program at Hewlett-Packard Laboratories, describes the process of enforcing rules in a DRM system as follows:

在一篇關於 DRM 主題的有用文章中，HP 實驗室數位媒體系統計畫首席科學家 John Erickson，將 DRM 系統中執行規則的程序描述如下：¹⁷

“The problem of controlling use [of content] can be broken down into four areas:

控制[內容]使用的問題，可以分為四個部分：

– Use or action against an information resource by a user or an external system.

Typically, uses are defined by an application’s functions (such as view, print, and copy) that must be bound to policy-level terms [rules], either directly or through some contextual filter. To control use, functions within an application

16 Stefik, Mark: Letting Loose the Light: Igniting Commerce in Electronic Publication, 1993, published in Internet Dreams, Stefik/ Cerf, MIT Press, 1997.

17 Erickson, John S.: Fair use, DRM and Trusted Computing, Communications of the ACM, Vol.

46, No. 4, April 2003.

must be forced to obtain authorization from policy-evaluating system components before proceeding.

– 由某一使用者或外部系統，針對資訊資源的使用或動作。通常使用是由 應用程式的功能（如閱讀、列印與複製）所界定，而這些功能則是直接 受制於政策層面的條件[規則]，或是間接透過情境式過濾器(contextual filter)而受制於政策層面的條件[規則]。為了控制使用，在進行使用之 前，應用程式內的功能必須取得政策評估系統單元的授權。

– Implementing control. A virtual machine may be a combination of system components that implement the control specified by policies. The virtual machine functions as an intermediary among user applications (such as viewers, rendering tools, printer drivers, and Web services) and policy-setting authorities; the virtual machine evaluates all applicable policies and permits or denies use.

– 執行控制。執行控制政策的系統單元，可以組成一部虛擬機。在使用者 的各種應用程式（如閱讀程式、播放工具、印表機驅動程式與網路服務 程式）與設定政策的有權機關之間，這部虛擬機具有中介功能；由虛擬 機評估所有的可適用政策，並允許或拒絕使用。

–

– A governing set of policies. For any given action against a resource, there may be a set of applicable policies that determine the conditions under which the requested application is authorized. These policies may take the form of conditions precedent or concurrent obligations; conditions typically include the presence of a particular identifying credential or environmental attribute.

– 治理政策的組合。針對某一資源的特定動作，可能會有一組得適用的政 策，這些政策決定了所請求應用能否授權的條件。這些政策的型態，可 以是先決性條件或同時性條件的義務；這些條件通常包含了特定的識別 資料或環境屬性。

– Fixed or built-in policies. Policies may be fixed or built into the virtual machine; they may also be embedded or otherwise attached to the resource.

Each method sets limitations; in the case of fixed policies, the originator cannot change the policies once the interpreter is distributed; in the case of embedded policies, a policy cannot be changed once the resource is deployed.

The most flexible architecture calls for the policies to be managed, since such management is external and separated (in time and space) from the virtual machine and deployed content.

– 固定式或內建式的政策。這些政策可以固定於或內建於虛擬機當中，也 可以內嵌或附著在資源上。每一種方式設下了限制；在固定式政策的情 形，當直譯器(interpreter)被分配出去之後，送件者(originator)就無法變更 政策；在內嵌式政策的情形，當資源被運用之後，政策就無法變更。由 於這種管理是外在於並且分離於虛擬機與所運用的資源，所以最彈性的 架構是需要這些政策能夠被管理。

DRM systems may implement a combination of embedded and external policy models;

for example, when certain default or generic policies are attached to the deployed resource, a recipient may supplement them through a separate transaction. Policies may be written for groups of resources and principals, possibly relating to roles within an

institution, and may be issued in advance of use; most are available in the rights expression languages.”

DRM 系統可以執行內嵌式或外部式組合的政策模型；例如，當特定預設性或種 類性的政策被配於所運用資源，收件者(recipient)可以經由分離式交易執行這些政 策。可以針對資源與資本的種類撰寫政策，可以依據機構內的人員角色撰寫政 策 ， 並 可 以 在 使 用 前 發 布 政 策 ； 這 些 大 多 數 都 可 以 在 權 利 表 達 語 言 (rights expression languages)當中進行。」

Erickson then goes on to describe the process flow by reference to a typical DRM enabled system:

Erickson 接下來參照典型 DRM 系統而描述流程：

“A generalized DRM system can grant usage rights based on originator-controlled policies. Since this model describes most commercially viable DRM solutions (the DRM reference model), it assumes the availability of standardized or proprietary infrastructure for identification, metadata, authentication, and cryptography. The model’s process flow covers nine steps:

「一般性的 DRM 系統可以基於送件者所控制的政策，而賦予使用權利。由於這 個模式描述了大多數商業上可行的 DRM 解決方案（DRM 參照系統），它預設了 在識別、後設資料、認證與密碼上的標準化或財產權基本建設。這個模式的流程 包含九個階段：

– The user obtains a resource via, say, file transfer or streaming. If the resource is requested from a remote service by the user, it may be cryptographically individualized to the user’s environment.

– 使用者經由檔案傳輸或串流獲得資源。如果使用者的遠端服務請求資 源，得根據使用者的環境，以個別化方式針對資源進行加密。

– The user attempts some use of the resource; the rendering application determines that the requested action requires authorization.

– 使用者想要對資源進行某種使用；由播放程式決定被請求的動作需要授 權。

– If the applicable policies are not found within the user’s environment, attributes of the user’s request (such as usage context) are packaged in a message and sent to a license server by a DRM client component.

– 如果在使用者的環境找不到可適用的政策，則由 DRM 用戶端元件將使 用者請求的屬性（如使用情境）封裝於訊息，而送到授權伺服器。

– The license server determines the applicable policies for the resource based on the submitted request attributes.

– 授權伺服器根據送來的請求屬性，針對該資源決定適用的政策。

– A financial transaction may be conducted to satisfy the policies if no satisfactory evidence of such a transaction is on record.

– 如果沒有交易記錄上的充分證據，則會進行財務交易以符合政策。

– The license package is assembled, including: a rights specification or set of usage policies; identifiers or attributes; revocation information; and cryptographic keys to the content. They may be specific to the content and context of use.

– 組合授權包裹，包含權利規格或使用政策集合；識別號(identifiers)或屬 性(attributes)；撤回資訊；且對於內容的解密鑰匙。它們可以依據內容或 使用情境加以個別化。

– The license is securely packaged and transferred to the client.

– 安全封裝授權，並移轉到用戶端。

– The DRM client authenticates the received policies, evaluates applicable policies, decrypts the content, and issues an authorization to the viewing component for the requested action.

– The DRM client authenticates the received policies, evaluates applicable policies, decrypts the content, and issues an authorization to the viewing component for the requested action.