DRM systems implement the concept of access control to digital content using cryptographic techniques. Without a valid license related to digital content the user can purchase the device or disk, but not to access the content.
The content server manages the protected digital content and encrypts it using the DRM packager for use in a DRMS, so the content is for the time being unreadable. The license server generates the necessary licenses on request together with the corresponding keys for user authentication and content decryption, which are calculated from the corresponding identifiers (user or device ID, content ID) and the descriptions of rights.
If the user wants to access a DRM protected content, calls the DRM control from the license server on the necessary license to play. Authenticity and integrity of the reproduction program are verified, the contents decrypted with the key in the license, made readable again this way and passed on to the playing program.
Emerging technologies of trusted computing can be used to ensure compliance with the rights.
Functional reference model
DRMS should take priority to the dissemination of and access to digital content on open platforms to control. DRMS should provide particular functions to access and use control. While in controlling access to the identity of the persons (“Who?”) Is, in the use of control is the type of use (“How?”) In the center. Both features use license data defining the necessary rights in different granularity.
To digital content outside of DRMs to allow a degree of protection, potential license violations may also subsequently recognize a possible not easy to remove labeling of content.
DRMS can support revenue models by providing a payroll function. The usage data collected by means of the accounting function, and can then be collected by a billing system of some kind (such as a micro-payment system) for further processing. On the other hand, can support a group or even personal rights and differentiation of prices, the already mentioned use control.
For the identification of the user, there are different approaches: the spectrum of methods ranging from passwords (eg software ID), or hardware authentication (eg X.509 or CPU) to biometrics. Although password-based systems are easy and inexpensive to implement, but are not reliable due to the possibility of passing the password for the identification of a user. More sophisticated methods, to the biometrics, although the increase implementation costs, but provide for a more reliable way to authenticate users, the disadvantages of biometric methods must not be ignored.
Extent of the rights granted a DRMS
The enforcement of a license must be guaranteed even after a successful access authorization. The programs used to access the protected content must therefore understand a description of the authorized disposal forms (license) and can be adapted to enforce.
The rights model shown at right may grant the following three fundamental forms available:
Reproduction right (print, view and play)
Transport Law (copy, distribute and borrow)
To create law, create derivative works (extract, edit and paste)
Thus for example the printing and issuing of a document on the screen allowed (as a positive reproduction right), but the transfer be stopped by a local memory protection (as limiting the rights of transportation).
In its simplest form, comprise control systems that use a simplistic copy protection mechanisms (such as the “digital audio tape” (DAT) or in the DVD standard). In general, however, it is not the aim to prevent the copying entirely, but being able to control copying in the sense of copy control.