Digital Rights Management (DRM)

Digital Rights Management (DRM) covers a variety of technologies that are employed in the control of access rights to information and various media such as e-books, music, movies, software and digital documents.

Access rights in the officeBy controlling access rights (the rights of a user to access and view or utilize the media), sharing of the media can be controlled to regulate licensing and unauthorized redistribution. Such control can be applied for the purpose protecting copyright or intellectual property, commercial or military security and compliance to privacy regulations.

DRM solutions typically consist of security measures and are applied according to authorized group level governed by database records that determine the correct policy to apply to each file and individual user. The security mechanizations and rights database records are typically protected by a cryptographic layer that is usually comprised of the most secure encryption methods of the day.

The use of DRM has been controversial. While its users argue that it is necessary for copyright holders to protect their livelihood, the public who generally wants everything for free, opposes anything that gets in the way and strongly supports such opponents as the Free Software Foundation. Unfortunately, this is mostly comprised of people who have never had an original thought and depend on an employer or others’ ideas for their living.

Because DRM is designed to prevent plagiarism, the Electronic Frontier Foundation and other opponents that are incapable of creating new ideas and innovation, conveniently consider DRM systems to be anti-competitive practices. Just who and what resources are behind the cracks can be mind boggling when one hears the irony that Microsoft recently awarded a Russian software developer with a gold partner shield -- when their most recent achievement was the development of software that cracks PDF password protection.

As a consequence of the all-in war against protecting one's livelihood, all widely-used DRM systems have been targeted and most have been circumvented. Millions of dollars has gone into the research and development of restricting the copying of audio-visual media but without proprietary equipment to record and play the media, nothing can be 100% secure.

Digital documents in their normal format can be easily copied and exported from the workplace, both physically and electronically. Printed documents can be kept secure if they can be kept away from photocopiers and the original can be secured at all times. But most documents today are in digital format and fewer get converted to paper, making it more difficult to secure them.

Encryption can secure a document while in transit, but once the password has been given out or when the document is decrypted, the contents are no longer secure and can then be copied and redistributed without permission.

The DRM Solution

A typical example of how DRM further enhances the security of an encrypted document can be best explained by describing the process used when accessing a CopySafe PDF document when DRM has been applied.

When DRM is applied to CopySafe PDF documents, they cannot shared or accessed by unauthorized users. Each document can be encrypted with unique requirements that other readers cannot influence. The DRM solution used for CopySafe identifies each user by their unique Computer ID to enable access to those approved by the document author, and according to the privileges allowed  such as print, number of copies that can be printed, how many times the document can be opened, date after which the document will expire, and so on.

So, while copies can still be distributed, if DRM has been applied to the document, then it can be most secure because the end recipient will not have permission to access the document. They will not even be able to open it! The only person who can open that document will be the intended one.

Portability and Support

A common misunderstanding is that any document can be converted to DRM. Why this can never be true is that any document in its natural file format cannot be protected, even if it is viewable in its natural viewer (ie: Word for .doc, Excel for .xls, etc). The document needs to have policy added and then needs to be encrypted to ensure that the policy remains intact. So for each and every document type, one needs to use a custom viewer (ie, .doc files cannot be opened in Adobe Reader).

Of course it would be much more convenient to have a single document reader and that is possible if all types of documents can first be converted to a common format. Most file types including images, HTML, PowerPoint, Excel and Word can easily be converted to PDF format.

ArtistScope Revolutionized DRM

When ArtistScope first looked into providing DRM for CopySafe PDF documents we found that all other DRM providers were distributing token files with their media that could be easily exploited. Needless to say the rumors that DRM could be easily be removed was true, especially with some media being protected by a password wrapper only. By then we were already using call-to-home validation of license protection for our software, so using our registration server to manage access rights permissions for documents was very doable for us.

Our DRM portal for PDF documents was the first of its kind and revolutionized DRM because it could not be exploited in any way. In fact it extended an authors control over their documents by enabling tem to change subscriber and document permissions with immediate effect, even on documents still out in the wild on CD or already saved to a user's computer.

To properly prevent sharing we wanted to lock those access rights to a single computer. But the methods commonly used for computer identification was by network (MAC) address or IP address. Again, we found these methods unsuitable because a MAC address was associated with the user's Internet connection rather than the computer and they differed with each type of Internet connections such as LAN, WiFi, etc. The same problem applies with using IP address because they also change with each type of Internet connection and IP numbers are commonly assigned at random by Internet Service Providers (ISPs).

For our computer identification we needed something more stable and consistent, so we developed the means of retrieving the manufacturer's name and serial number of the hard drive where our software was installed. Again, another revolutionary concept and that has been our story since 1998... we develop and innovate while others plagiarize our developments and terminology.

ArtistScope DRM Software

Some ArtistScope solutions include DRM while others have allowed for the DRM provided by Content Management Systems (CMS) such as WordPress, Moodle, Drupal, Joomla and DNN.

Other solutions such as CopySafe Web and the ArtistScope Site Protection System (ASPS) do not include DRM as they are usually used with CMS (as above) which already have sophisticated membership systems. However any website can be easily modified to use DRM by adding some extra code to login and member pages to use the ArtisBrowser. Unlike popular web browsers, the ArtisBrowser is specially designed to protect website data and media (rather than exploit it) and it can identify each computer by a unique signature based on their hard drive manufacturer and serial number. This signature (Computer ID) can then be passed as a server variable to your web site scripts to validate user access.

How To Add DRM To Any Website

Adding DRM to any website is easy. For those with HTML and/or coding ability it can be as simple as adding a couple of lines of code to any web pages that you want to DRM protect. For WordPress and Moodle websites we provide a ready made plugin that will inject the needed code into any web pages that you nominate in the plugin's settings page.

Click for more information about Adding DRM To Your Website.