Design principles and issues of rights expression languages for digital rights management

Abstract

Digital rights management (DRM) provides a unified approach to specifying, interpreting, enforcing and managing digital rights throughout the entire life cycle of digital assets. Using a declarative rights expression language (REL) for specifying rights and conditions in the form of licenses, as opposite to some other approaches (such as data structures and imperative languages), has been considered and adopted as a superior technology for implementing effective, interoperable and scalable DRM systems. This paper discusses some principles and issues for designing RELs, based on the experiences of developing a family of REL's (DPRL, XrML 1.x, XrML 2.0 and MPEG REL). It starts with an overview of a family tree of the past and current REL's, and their development history, followed by an analysis of their data models and a comparison with access-control oriented models. It then presents a number of primary design principles such as syntactic and semantic un-ambiguity, system interoperability, expressiveness in supporting business models and future extensibility, and discusses a number of key design issues such as maintaining stateful information, multi-tier issuance of rights, meta rights, identification of individual and aggregate objects, late-binding of to-be-identified entities, as well as some advanced ones on revocation and delegation of rights. The paper concludes with some remarks on REL profiling and extension for specific application domains.