Riding the M

The one common element to all of these letters inconcordant with one another is the word management (hence the closing M in each). But what's the difference between Content Management (CM), Digital Asset Management (DAM), Knowledge Management (KM), Media Asset Management (MAM), and our letter gumbo of the day, Digital Rights Management (DRM)? Get out your notebook because there is quite a bit of difference in actuality.

Content Management and Knowledge Management are all about the strategy and the technology for storing and indexing information on multiple media types and/or networks.

Digital Asset Management and Media Asset Managament are the specific technologies used to locate and retrieve digital content objects for possible resale or reuse.

Of these, Digital Rights Management (DRM) has been well-defined since 1998 in the form of Digital Property Rights (or "usage rights" for short), and has been used for the purpose of creating access rules for the creation, sale, and distribution of e-books, among other things. Less defined solutions have also been around a bit for managing access to image content (photos) over the Internet.

Additionally, a whole slew of open source and industry organizations are seeking to further refine DRM as both a functional data specification for specific purposes like e-books, and as an extension to existing technologies like Electronic Data Interchange (EDI).

In the simplest terms: DRM is the technologies used to manage access and use of specific content objects, and deliver those elements complete with a usage ticket or key which defines that usage depending on factors such as time or location.

According to William Kent, president of Australia-based Artistscope, which offers Internet image protection solutions for artists and photographers, "To the owners of intellectual property such as artists, musicians and film makers, DRM is the ability to be able to control just who uses and distributes the property which they create as the products of their industry as a means of making a living."

Digital Property Rights

Xerox actually defined DRM pretty well in 1998 in a paper called, The Digital Property Rights Language (see resources, end of article). In this paper, digital property rights are those rights associated with digital works and their parts and which describe how the works can be used. Here are some basic concepts:

• Rights are associated with parts of a digital work (and with folders).
• Every class of usage right has a corresponding transaction.
• The transaction defines what a repository does when the right is exercised.
• Rights are described in sentences of a machine-interpreted language having a grammar.
• The transactions for a given work are parameterized by the information in the usage rights sentences for the work.
• The rights on a work can be changed later, if the change is authorized by the rights owner.

Based on this original paper covering DRM definitions and XML tags, an open standard was launched called XrML, or the eXtensible rights Markup Language. This specification provides a universal method for specifying rights and issuing conditions associated with the use and protection of content. XrML has been endorsed by over 20 major players in the content and software arenas including Adobe, Bartlesman, e-Vue, H-P, Microsoft, St. Martins Press, Time Warner Trade Publishing and Xerox Corp.

The goal of XrML is to enable eContent owners to:

• Describe rights, fees and conditions appropriate to commerce models they select.
• Provide standard easy-to-understand terms for usage rights,
• Offer vendors operational definitions of trusted systems for compliance testing and evaluation.
• Provide extensibility to new language features.

DRM Standards

Another, and more recent, definition has also been specified by The Open Digital Rights Language Initiative, which is an "open source" group which seeks to create a standard markup language for how DRM tickets and objects are designated. ODRL is a vocabulary for the expression of terms and conditions including permissions, constraints, obligations, and agreements with rights holders. It is positioned to be extended by different industry sectors (eg, e-books, music, audio, software) and to be an interoperable language.

The Electronic Book Exchange (EBX) Working Group is an organization of companies, organizations, and individuals developing a standard for protecting copyright in electronic books and for distributing electronic books among publishers, distributors, retailers, libraries, and consumers. The draft EBX specification accommodates a variety of formats for electronic books, including Open eBook and PDF.

One of the most important movements toward a worldwide standard for business DRM, is The Electronic Business XML (ebXML) Initiative. Hundreds of companies, industry organizations, vendors of software and services, and standards bodies spent 18 months (November 1999 to May 2001) to develop a common framework for DRM using XML and existing business connected technologies. The ebXML specifications developed as a result. It was formally initiated by the Organization for the Advancement of Structured Information Standards (OASIS) and the United Nations Centre for Trade Facilitation and Electronic Business (UN/CEFACT). The ebXML messages use a specification called the Simple Object Access Protocol (SOAP). SOAP is an XML application that defines a message format with headers to indicate sender, receiver, routing, and security details.

DRM in Use

A perfect example of customer-oriented CM, DAM, and DRM working together today might be PhotoDisc. In building their online store to sell stock and royalty-free images, they developed an overall Content Management strategy, that combined Digital Asset Management (such as how to store and retrieve all their images and keywords), with Digital Rights Management that works with their e-commerce system to take payments, then assign a temporary key to the file to allow it to be downloaded for a certain period of time from the server. However, no rights are attached to the file itself.

Similarly, DRM is used by Adobe's Acrobat Commerce Server to allow sales of e-books in PDF format, to wrap the file in a "wrapper" which is a rights ticket, and then deliver it via the Internet. The ticket is written which assigns rights -- such as the unique ID of the person purchasing the product, by communicating with the purchaser's installation of the reader software — and what can be done with it, such as only allowing opening from the specific PC with the matching reader ID. Microsoft's Digital Asset Server (DAS) works in much the same way, except for Microsoft's e-book formats.

Another good example of the goal of consumer-oriented DRM is that which is being sought by the music industry: record companies and Internet media distributors are trying to develop a robust solution that will allow for the sale of music files, which contain rights tickets that specify how the files can be used by the purchaser. Maybe the song can only be played for 30 days, or maybe only on a specific PC, and/or maybe they can be allowed to make a single copy after which the file deletes itself. One form of this is The Secure Digital Music Initiative (SDMI), organized by a collection of over 160 companies and organizations. The SDMI portable device specification is a voluntary, open standard for delivery of digital music.

Forms of DRM are offered by the many companies which have staked a claim to this market space. Some offer custom XML-based solutions which combine the various acronymical technologies, inluding older buzzwords like "data warehousing," or "data mining," and some offer watered-down products which may do something "kind of like DRM," which is limiting use of content viewed via one avenue, such as a Web browser.

In this last case there are numerous companies which purport to offer some form of protection for viewing images online, and inline of a Web page, while prohibiting copying/saving, and/or printing and screen capture of images and text. While not strictly DRM, this type of solution has many of the same goals: defining use of delivered content.

Thus, if we add this other form to the definition; we would then have two general forms of DRM: 1) the management and delivery of content with usage rules attached, such as a key file, wrapper, or ticket embedded into the file object; and, 2) the control of content for use without attached usage rules, but whose use is managed through a device or media player that controls use depending on rules which are provided to the device or player from a connected management system.