- Access
control
-
A mechanism for limiting the use of a
digital content, resources, or services to authorized users.
- Authentication
-
The process of reliably ensuring
the identity of participants in a digital communication session. Participants
can be both people and technology components, such as software programs.
Authentication is an important element of establishing trust in the digital
world.
- Authorization
-
A process for granting permissions
to access or use digital content, resources, or services.
- Business model
-
A
commonly understood and practiced way that digital resources can be accessed,
used, and priced during the resources' life cycles. A business model may
be specified by multiple sets of rights and their associated conditions and
obligations. Business models express rights for the entire life cycle, which
can include distributing, loaning, selling, and using digital resources.
- Certificate
-
See Digital certificate.
- Certificate authority
-
A
trusted third party who issues and manages digital certificates. Certificate
authorities also may verify that digital certificates belong to their proper
owners.
- Confidentiality
-
The property
that sensitive information is not disclosed to unauthorized individuals,
entities, or processes.
- Condition
-
Something that
must exist or be fulfilled before a right can be exercised or
granted. Examples include temporal constraints, payment, territorial
location, exercise limit, and possession of some credentials and other
rights.
- Configuration rights
-
A category of
rights that govern the addition and removal of system software from highly
secure repositories. Examples include
install and uninstall.
- Constraint
-
See Condition.
- Consumer
-
Any person or
entity who uses digital resources. Also see End user.
- Content
-
See Digital content.
- Content management
-
The mechanisms, processes,
protocols and systems that enable creation, manipulation, search, access,
storage, delivery, use, and disposal of content across the content distribution
and consumption value chain.
- Content user
-
A person or entity that
accesses and uses digital content. The content user can be any party in the life cycle, not just
the end user. See End user.
- Copyright
-
The
legal right granted to an author, composer, playwright, publisher, or
distributor to exclusive publication, production, sale, or distribution of a
literary, musical, dramatic, or artistic work.
- Creator
-
Any
person or entity who originates digital content either through personal
creation or by hiring another person to originate such content.
- Cryptography
-
A
branch of mathematics that deals with approaches for turning clear text into
encrypted text and back. See also Encryption, Digital signature.
- Derivative work rights
-
A category of rights that govern
the reuse of a digital work, in whole or part, to create a new composite
work. Examples include edit, extract, and embed.
- Digital
certificate
-
A set of data that unambiguously
identifies an entity, contains the entity's public key, is digitally signed by
a trusted party, and binds the public key to the entity. In digital
content commerce, digital certificates prove the owner's identity, similar to
the function that passports play in the physical world.
- Digital content
-
The
primary information or data intended to be conveyed by a digital object. It is
valuable for distribution and consumption. Digital content excludes metadata
that describes various attributes of the digital object. See also Metadata.
- Digital object
-
A
sequence of bits that incorporates unique numbering, metadata, and digital
content. A digital object is the lowest level transactional unit in a digital
publishing environment. Content can be described as a collection of one or
more digital objects. Digital objects can be arranged in a hierarchy, where
some digital objects are the "children" of "parent"
objects. Child objects may inherit some of the attributes of their parent
object.
- Digital resource
-
A
resource that provides the means to identify, locate, and use it in the digital
domain. See also Digital object, Digital
work, and Resource.
- Digital right
-
See Right.
- Digital Rights Management (DRM)
-
The
technological, legal, and/or social mechanisms, processes, and regulations used
to protect the copyrights in digital content.
- Digital signature
-
A
non-forgeable transformation of data that enables proof of the source (with
non-repudiation) and verification of the integrity of that data. Digital
signatures are usually created using a public-key algorithm.
- Digital
watermark
-
See Watermark.
- Digital work
-
A
digital resource that represents the content to which rights and conditions
are being applied. A digital work can be of the form of a digital object. See
also Digital
object, Digital resource, and Resource.
- Distributor
-
Any
person or entity who provides digital resources directly to consumers or
another distributor.
- Edit
-
The right to make
changes to a work to create a new work based on the original.
-
- Element
-
An
entity that encapsulates content, properties, attributes, and functions to
perform a given task or define a specific process.
- Encryption
-
The
process of scrambling unprotected information (sometimes called clear text or
plain text) to produce protected information, or cipher text.
- End user
-
Any person or entity
that consumes a digital resources.
- eXtensible Markup
Language (XML)
-
A
standard for markup of data and text. XML provides a simpler, yet more
powerful capability than its predecessor, HyperText Markup Language
(HTML).
- eXtensible rights Markup
Language (XrMLtm)
-
A rights
expression language written in XML for specifying rights, conditions, and
obligations associated with all or a part of a digital resources and for
implementing interoperable DRM systems. XrML is developed and currently owned
by ContentGuard, Inc.
- File management rights
-
A
category of rights that govern access to directory and file information when
two repositories are connected. File management rights control how directory
information of one repository can be accessed from another. They also control
creation and restoration of backup copies.
- Grant
-
An element that
conveys to a principal the right to use a resource subject to certain
conditions.
- Granted right
-
A
right that has been transferred from its owner or distributor to someone
else.
- Identification
-
A piece of data or process that
enables recognition of a digital representation of a person or entity.
- Integrity
-
The property
that sensitive data has not been modified or deleted in an unauthorized and
undetected manner.
- Intellectual property
-
Something owned or
possessed that is a product of the human mind (for example, works protected
under copyright law and inventions protected by patent law).
- Intellectual property management and
protection
-
MPEG term for
Digital Rights Management
(DRM).
- Intent
-
A
user's desire to access or use a digital content.
- Interoperability
-
The
condition achieved when two or more technical systems can exchange information
directly in a way that is satisfactory for the users of the systems. In DRM
systems, this typically involves content file formats and DRM components, but
may include other functions such as financial clearing.
- Issued right
-
A
right that is made available by its owner or distributor for granting or
transferring to someone else.
- Key
-
A
string of bits, characters, or words used along with a cryptographic
algorithm to scramble or unscramble a message.
- Meta Right
-
A right about other
rights. Examples include issue, obtain, delegate, revoke, and possess
property.
-
- License
-
A container of the
grants that convey to principals the rights to use resources subject to
certain conditions.
- Life cycle
-
The entire time period
of a resource's existence. It includes all phases
across the distribution and consumption value chain, such as creation, manipulation, search, access,
storage, delivery, use, and disposal.
- Metadata
-
Data
about data. Metadata can describe such elements as the creator (such as an
author biography) and the content (such as the number of pages or chapter
titles).
- Obligation
-
A
course of action that a person or entity must perform when exercising a
granted right, such as usage tracking and content watermarking.
- Principal
-
An encapsulation of
the identification of an entity involved in the granting or exercise of
rights.
- Publisher
-
Any
person or entity who accepts content from creators, aids in the editing
process, creates and distributes metadata, and produces finished,
publication-ready content.
- Render rights
-
A category of rights that govern
the creation of representations of a digital work outside of the control of
trusted systems. Examples include play, print, and export.
- Repository
-
A system that
can hold digital resources, such as personal systems, on-line storefront
systems, library systems, and archive systems.
- Resource
-
The object to which a
principal may be granted rights. A resource can be a digital work (such as an
e-book, an audio or video file, or an image), a service (such as an email
service, or B2B transaction service), or even a piece of information that can
be owned by a principal (such as a name or an email address).
- Right
-
A privilege
that someone may claim or that is due to them, which makes
them entitled to make copies of, distribute, or perform all or part of a
published or recorded work for a certain extended period of time. In XrML , it
is the "verb" that a principal can be granted to exercise against
some resource under some condition. Typically, a right specifies an action (or
activity) or a class of actions that a principal may perform on or using the
associated resource. See also Copyright, Granted right, Issued right,
Meta right, and Usage right.
- Rights expression
-
A digital
string, file, or document written in a rights expression language to describe
rights, conditions, and obligations associated with a digital content or a
component of digital content.
- Rights Expression Language (REL)
-
Within
a DRM system, the statements and grammar that can be used to describe rights,
conditions, and obligations associated with a digital resource.
- Rights holder
-
Any
person or entity who owns or has been licensed the intellectual property
rights for the digital content. Examples include authors, consumers, creators, rights
management service providers, media distributors, performers, producers,
publishers, retailers, telecom companies, and trusted third parties.
- Rights specification
-
See Rights expression.
- Rights specification language
-
See Rights expression language.
- Service provider
-
Any
person or entity who provides a service that enables or provides one or more
activities in the digital resource life cycle.
- Superdistribution
-
A
publishing business model in which multiple parties of the content value chain
distribute content with rights and compensation controlled by prior agreement
and enforced by DRM systems. In a typical example, consumers of digital
content can pass that content on to associates who must then pay the rights
holder(s) to acquire access to the content.
- Technology provider
-
Any
person or entity who provides either software or hardware that enables the
secure distribution of digital content and protects the intellectual property
rights of the rights holder. Examples include hardware vendors and software
vendors.
- Transport rights
-
A category of rights that govern
the creation and movement of persistent copies of a work under the control of
trusted repositories. Examples include copy, transfer, and loan.
- Trust Infrastructure
-
The technology and
processes used to make system components trustworthy. Trusted system
components are known with confidence to perform a range of functions in a
specified way. For example, a trusted reading device may only allow an ebook
to be printed if the ebook's rights specification allows printing.
- Trusted
system
-
A system whose behaviors can be
expected. In DRM, trusted systems (or repositories) are systems that can hold
digital resources and which can be trusted to honor the rights, conditions,
and fees specified for those resources. See also Repository.
- Trusted third party
-
An
intermediary or additional party to a transaction who has been granted
authority by one or more of the other parties to the transaction to perform
certain functions such as certification, registration, encryption, security,
credit card clearance, rights clearance, transaction reporting, and so on.
- Usage right
-
A right that
someone is entitled to access, duplicate, modify, distribute, consume, and
dispose of all or part of a resource. Examples include play, print, edit,
extract, embed, copy, loan, transfer, read, write, execute, and delete. See
also Copyright, Granted right, Offered right,
and Right.
- User
-
An individual
or a process (subject) operating on behalf of the individual, accessing a
cryptographic module in order to obtain cryptographic services.
- Work
-
The content to which rights and conditions are
being applied. See also Content.
- Watermark
-
A
cryptographic technique for protecting digital content by placing a pattern of
bits in the content in way that it is invisible to the consumer but can be read
by special programs. A wide variety of information, including owner's identity
and consumer's identity, can be contained in the digital watermark. A digital
watermark does not encrypt the digital content, but it does make it possible
for the source of the content to be determined.
The following acronyms and abbreviations apply within this
document.
