Digital Rights Management

Content Access Framework provides an abstact way to access DRM protected content. An agent can be designed to implement a DRM scheme.

Description

Applications use DRM protected files in the same way they use any other file. The agent enforces the rights applied to the content. Also, it prevents access when rights have expired or if the file is accessed by applications without DRM capability.

To enforce the protection of the content the agent must know what the client intends to do with the content once it has read the plain-text version of that content. Therefore, applications must specify their intent before using DRM protected content, see DRM Intent.

Applications must always specify their intent, whether they use DRM protected content. Non-DRM agents ignore the call, but it means the application does not need to treat DRM content as a special case.

One scenario where applications do need to treat DRM as a special case is where User Interface menu items may need to be disabled. For example, save or send through Bluetooth may not be permitted. Applications can use the GetAttribute() functions to determine whether the operation is allowed on any given content object.

Finally any application or plug-in that reads DRM content must handle the unencrypted version of the content responsibly. Only applications proven to work this way is given the DRM capability.

DRM capability

The APIs provided by CAF require a client process to have DRM capability in order to use the functionality. The client process needs DRM capability, if it attempts to read DRM content using an CAF agent that implements a DRM protection scheme. The capability can only be enforced by the CAF agent running in a separate server process, so it is the responsibility of the agent to ensure the client process has the required capabilities.

Note: There are no capabilities required to use unprotected content.

DRM Intent

The evaluation of DRM rights hinges on the correct supply of DRM Intent from the trusted rendering application to CAF. The framework provides a number of options so that the application can query and evaluate rights appropriately.

CAF allows a renderer to do the following:

  • Evalute intent: In this evaluation, the ability is queried, but no stateful rights modifications are made. For example, a question on the screen "Could I play this now if I wanted to?".

  • Execute intent: In this evaluation, CAF instructs the agent to evaluate and process the rights, thus modifying any stateful rights (rights that have state). For example, content that has an expiry date or content that can only be played three times.

Essentially, renders begin by evaluating intent when the CData object is created. When the content has been rendered successfully, they execute the intent to ensure that stateful rights are then processed.

The recommended intent values for renders and agents to support are given by ContentAccess::TIntent:

  • EPeek: Do not process or evaluate rights in any way

  • EPlay: Play the target content (OMA)

  • EView: View the target content (OMA)

  • EExecute: Execute the target content (OMA). Note: only supported in a Java context

  • EPrint: Print the target content (OMA)

  • EPause: Pause content playback

  • EContinue: Continue content playback

  • EUnknown: Client has no idea what the content will be used for. DRM Agents can deny this intent, allowing only unprotected content to be accessed this way.