1、 Reference numberISO/IEC 21000-5:2004/Amd.2:2007(E)ISO/IEC 2007Information technology Multimedia framework (MPEG-21) Part 5: Rights Expression Language AMENDMENT 2: DAC (Dissemination And Capture) profile Technologies de linformation Cadre multimdia (MPEG-21) Partie 5: Langage dexpression des droits
2、 AMENDEMENT 2: Profil DAC (Dissemination And Capture) Amendment 2:2008 toNational Standard of CanadaCAN/CSA-ISO/IEC 21000-5:07Amendment 2:2007 to International Standard ISO/IEC 21000-5:2004 has been adopted without modification(IDT) as Amendment 2:2008 to CSA Standard CAN/CSA-ISO/IEC 21000-5:07. Thi
3、s Amendment wasreviewed by the CSA Technical Committee on Information Technology (TCIT) under the jurisdiction of theStrategic Steering Committee on Information Technology and deemed acceptable for use in Canada.September 2008 International Organization for Standardization (ISO), 2007. All rights re
4、served. International Electrotechnical Commission (IEC), 2007. All rights reserved. NOT FOR RESALE. ISO/IEC 21000-5:2004/Amd.2:2007(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited u
5、nless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a tradem
6、ark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies.
7、 In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2007 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any
8、means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail co
9、pyrightiso.org Web www.iso.org ii ISO/IEC 2007 All rights reservedISO/IEC 21000-5:2004/Amd.2:2007(E) ISO/IEC 2007 All rights reserved iiiForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide
10、 standardization. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fie
11、lds of mutual interest. Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted
12、in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an Internati
13、onal Standard requires approval by at least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Amend
14、ment 2 to ISO/IEC 21000-5:2004 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 29, Coding of audio, picture, multimedia and hypermedia information. ISO/IEC 21000-5:2004/Amd.2:2007(E) ISO/IEC 2007 All rights reserved 1Information technology Multimedia
15、framework (MPEG-21) Part 5: Rights Expression Language AMENDMENT 2: DAC (Dissemination And Capture) profile Insert a new subclause 10.3 as follows: 10.3 Multimedia Extension Two 10.3.1 General This subclause specifies an extension, called the “multimedia extension two”, of the REL specified in the p
16、revious clauses. 10.3.2 Normative Namespace The XML namespace for the extension types and new elements and attributes introduced in the m2x extension shall be urn:mpeg:mpeg21:2006:01-REL-M2X-NS, and this namespace is normative. Here, the 01 represents a serial number that is expected to change as th
17、is extension evolves. 10.3.3 Namespace Prefixes For convenience, this extension uses shorthand namespace prefixes when referring to XML elements and types. The actual prefix used is not important as long as the namespace URI is correct. The prefixes used in this extension are given in Table AMD2-1.
18、Table AMD2-1 Prefixes of XML Schemas Prefix Name Namespace r REL Core urn:mpeg:mpeg21:2003:01-REL-R-NS sx REL Standard Extension urn:mpeg:mpeg21:2003:01-REL-SX-NS mx REL Multimedia Extension urn:mpeg:mpeg21:2003:01-REL-MX-NS dsig XML digital signature core http:/www.w3.org/2000/09/xmldsig# xenc XML
19、encryption core http:/www.w3.org/2001/04/xmlenc# m1x REL Multimedia Extension one urn:mpeg:mpeg21:2005:01-REL-M1X-NS m2x REL Multimedia Extension two urn:mpeg:mpeg21:2006:01-REL-M2X-NS ISO/IEC 21000-5:2004/Amd.2:2007(E) 2 ISO/IEC 2007 All rights reserved10.3.4 Definition of Multimedia Extension Two
20、This subclause defines the extensions to the REL used in this profile. The syntax and the semantics of these extensions are presented here. The XML schema for the extension elements and types is listed in L.2. 10.3.4.1 Right Extension Elements 10.3.4.1.1 Export 10.3.4.1.1.1 Informative Description T
21、his element represents the right to export the associated broadcast program to another rendering or storage device. With a m2x:Export, a broadcast program is allowed to be transferred to another device with clear resource. If the resource has been encrypted when m2x:export is exercised, the resource
22、 should be decrypted first before exercising the right. When it presents in an r:grant element, this element allows adding the constraints in the m1x:outputRegulation element to confine the cleared output signal. Figure AMD2-1 m2x:Export Right The example below shows how to grant the m2x:export righ
23、t to export a broadcast program. The broadcast program can be exported to other devices in any kind of format and quality since there is no m1x:OutputRegulation condition. urn:mpeg:mpeg21:2006-01-REL-DAC-NS:DM-00001000 DO1234567 10.3.4.1.1.2 Normative Specification Let r be a m2x:Export. Then r perf
24、orms the act of releasing a resource in the current repository from explicit protection and(or) management by current DRM system to another controlled system such as CPS or an untrusted space. With a m2x:Export, a resource will be transferred to other system in the form of an output signal without p
25、rotection. If r is used as the Right Member of an authorization request, then both the resource Member of that authorization request shall be present and shall identify the destination and, letting be the Authorization Context Member of that authorization request, .m2x:destinationPrincipal shall ide
26、ntify the remote domain or device to which will be transferred the resource. ISO/IEC 21000-5:2004/Amd.2:2007(E) ISO/IEC 2007 All rights reserved 310.3.4.1.2 ExtendRights 10.3.4.1.2.1 Informative Description This element represents the right to extend the rights which are originally transmitted. Figu
27、re AMD2-2 m2x:ExtendRights Right When present in an r:grant element, this element allows to get additional rights from the specified service location if current license does not have proper rights for user request. The child element m1x:ServiceLocation includes identified source for additional right
28、s. The following example shows that recipient whose device identifier is DE1234567 can extend more rights than mx:play through http:/www.foo.org/extendLiceseService dynamically. urn:mpeg:mpeg21:2006-01-REL-DAC-NS:DM-00001000 DE1234567 http:/www.foo.org/extendLiceseService 10.3.4.1.2.2 Normative Spec
29、ification Let r be a m2x:ExtendRights. Then r performs the act of connecting the service location identified by m1x:ServiceLocation and receiving additional rights to a resource in the current repository when current license does not have proper rights for user request. Let d be a m1x:ServiceLocatio
30、n. The endpoint of the service is given by the value of d/m1x:url. ISO/IEC 21000-5:2004/Amd.2:2007(E) 4 ISO/IEC 2007 All rights reserved10.3.4.2 Condition Extension Elements 10.3.4.2.1 DestinationCondition 10.3.4.2.1.1 Informative Description This condition is used to confine the destination entitie
31、s on the exercise of transfer-oriented rights, such as m1x:GovernedMove, m1x:GovernedCopy or m2x:Export. This condition element is used when the destination entity is required to have specific condition such as security level, physical proximity or specific territory etc. Figure AMD2-3 m2x:Destinati
32、onCondition Condition This condition is satisfied only if all conditions specified by the list of m2x:DestinaionCondition is true. Following example shows that a resource is allowed to export only if the destination entity has at least security level 5 in the security system 1 and its location is wi
33、thin Seoul, Korea. urn:mpeg:mpeg21:2006-01-REL-DAC-NS:DM-00001000 DO1234567 urn:mpeg:mpeg21:security:system1 5 KR SEOUL 10.3.4.2.1.2 Normative Specification Let c be a m2x:DestinationCondition. Let (p, r, t, v, , L, R) be an authorization request on the destination entity (or entities). Let (g, h, e
34、) be an authorization story. Then c is satisfied with respect to (p, r, t, v, , L, R) and (g, h, e) if and only if, for every integer i from 1 to .m2x:cNum(), .c/r:condition(i) is true. ISO/IEC 21000-5:2004/Amd.2:2007(E) ISO/IEC 2007 All rights reserved 510.3.4.2.2 DestinationPrincipal 10.3.4.2.2.1
35、Informative Description This condition is used to specify principal on the destination entity of transfer-oriented rights, such as m1x:GovernedMove, m1x:GovernedCopy and m2x:Export. Figure AMD2-4 m2x:DestinationPrincipal Condition This condition is satisfied only if the entity specified by m2x:Desti
36、naionPrincipal is authenticated as the destination entity. In the following example, the right to export a resource can be exercised only if the destination device belongs to the same domain. urn:mpeg:mpeg21:2006-01-REL-DAC-NS:DM-00001000 DO1234567 10.3.4.2.2.2 Normative Specification Let c be a m2x
37、:DestinationPrincipal. Let (p, r, t, v, , L, R) be an authorization request on the destination entity. Let (g, h, e) be an authorization story. Then c is satisfied with respect to (p, r, t, v, , L, R) and (g, h, e) if and only if there exists a c/r:principal such that r:principal is Equal to .r:prin
38、cipal(). 10.3.4.2.3 Proximity 10.3.4.2.3.1 Informative Description This condition is used to confine the destination entities in m2x:DestinationCondition element on the exercise of transfer-oriented rights, such as m1x:GovernedMove, m1x:GovernedCopy or m2x:Export. This condition element is used when
39、 the destination entity is required to have physical proximity to source entity. This condition is satisfied only if the destination entity has physical proximity with the source domain specified at r:grant/r:recipient element. ISO/IEC 21000-5:2004/Amd.2:2007(E) 6 ISO/IEC 2007 All rights reservedFig
40、ure AMD2-5 m2x:Proximity Condition Following example shows that a resource is allowed to export only if the destination entity has physical proximity with the domain specified by DO1234567. urn:mpeg:mpeg21:2006-01-REL-DAC-NS:DM-00001000 DO1234567 NOTE There is no normative standard to determine the
41、Proximity between source entity and destination entity. However according to MPAA memo8, at a minimum, local proximity detection requires:(i) setting the Internet Protocol (IP) packet header parameter Time to Live (TTL) to 3 in all transmitted IP packets of output content from a source device; (ii)
42、confirmation that any Internet Protocol (IP) packets of the content received by a destination device have an IP Time to Live (TTL) parameter value of no greater than 3; and (iii) confirmation by the source device for any transmission of content (including over point-to-point wired connections) that
43、one secure, valid measurement of a Round Trip Time (RTT) of 7 milliseconds or less has been made between itself and the destination device prior to completing the destination devices authentication request. Time to Live (TTL) is defined in Internet Standard RFC 791 STD 5. So the standard of m2x:Prox
44、imity follows the MPAAs recommendation. 10.3.4.2.3.2 Normative Specification Let c be a m2x:Proximity. Let (p, r, t, v, , L, R) be an authorization request. Let (g, h, e) be an authorization story. Then c is satisfied with respect to (p, r, t, v, , L, R) and (g, h, e) if and only if . c/m2x:pM(p) is
45、 true. 10.3.4.2.4 Scrambling 10.3.4.2.4.1 Informative Description This condition is used to confine the rights, m1x:GovernedCopy and m1x:GovernedMove to copy or move the associated resource to the device or system on which a scrambling algorithm should be applied to the resource before it is stored.
46、 The optional attribute cipherType of type QName indicates the name of a scrambling algorithm. When the attribute is not specified, it means that it does not care about the kind of scrambling algorithm. This condition is satisfied only if the target entity has a scrambling function with the algorith
47、m specified at attribute cipherType. ISO/IEC 21000-5:2004/Amd.2:2007(E) ISO/IEC 2007 All rights reserved 7Figure AMD2-6 m2x:Scrambling Condition urn:mpeg:mpeg21:2006-01-REL-DAC-NS:DM-00001000 DE1234567 In the above example, the m1x:GovernedCopy is granted the right to copy the resource specified in
48、r:DigitalResource only if device1234567 has a scrambling function supporting AES algorithm. 10.3.4.2.4.2 Normative Specification Let c be a m2x:Scrambling. Let (p, r, t, v, , L, R) be an authorization request. Let (g, h, e) be an authorization story. Then c is satisfied with respect to (p, r, t, v,
49、, L, R) and (g, h, e) if and only if at least one of the following is true: - if c/cipherType is present then, . m2x:sB(c/cipherType) is true, or - if c/cipherType is present then . m2x:sB() is true. 10.3.4.2.5 SecuritySystem 10.3.4.2.5.1 Informative Description This condition element is used to specify a security system to handle the resource. Figure AMD2-7 m2x:SecuritySystem Condition This condition is satisfied only if the DRM system to handle the resource is the same on
