Digital Rights Management (DRM) for PDF and Ebooks

Digital Rights Management (DRM)

Digital Rights Management (DRM) covers a variety of technologies that are employed in the control of access rights to information and various media such as e-books, music, movies, software and digital documents.

Access rights in the officeBy controlling access rights (the rights of a user to access and view or utilize the media), sharing of the media can be controlled to regulate licensing and unauthorized redistribution. Such control can be applied for the purpose protecting copyright or intellectual property, commercial or military security and compliance to privacy regulations.

DRM solutions typically consist of security measures and are applied according to authorized group level governed by database records that determine the correct policy to apply to each file and individual user. The security mechanizations and rights database records are typically protected by a cryptographic layer that is usually comprised of the most secure encryption methods of the day.

The use of DRM has been controversial. While its users argue that it is necessary for copyright holders to protect their livelihood, the public who generally wants everything for free, opposes anything that gets in the way and strongly supports such opponents as the Free Software Foundation. Unfortunately, this is mostly comprised of people who have never had an original thought and depend on an employer or others’ ideas for their living.

Because DRM is designed to prevent plagiarism, the Electronic Frontier Foundation and other opponents that are incapable of creating new ideas and innovation, conveniently consider DRM systems to be anti-competitive practices. Just who and what resources are behind the cracks can be mind boggling when one hears the irony that Microsoft recently awarded a Russian software developer with a gold partner shield -- when their most recent achievement was the development of software that cracks PDF password protection.

As a consequence of the all-in war against protecting one's livelihood, all widely-used DRM systems have been targeted and most have been circumvented. Millions of dollars has gone into the research and development of restricting the copying of audio-visual media but without proprietary equipment to record and play the media, nothing can be 100% secure.

Digital documents in their normal format can be easily copied and exported from the workplace, both physically and electronically. Printed documents can be kept secure if they can be kept away from photocopiers and the original can be secured at all times. But most documents today are in digital format and fewer get converted to paper, making it more difficult to secure them.

Encryption can secure a document while in transit, but once the password has been given out or when the document is decrypted, the contents are no longer secure and can then be copied and redistributed without permission.

The DRM Solution

A typical example of how DRM further enhances the security of an encrypted document can be best explained by describing the process used when accessing a CopySafe PDF document when DRM has been applied.

When DRM is applied to CopySafe PDF documents, they cannot shared or accessed by unauthorized users. Each document can be encrypted with unique requirements that other readers cannot influence. The DRM solution used for CopySafe identifies each user by their unique Computer ID to enable access to those approved by the document author, and according to the privileges allowed  such as print, number of copies that can be printed, how many times the document can be opened, date after which the document will expire, and so on.

So, while copies can still be distributed, if DRM has been applied to the document, then it can be most secure because the end recipient will not have permission to access the document. They will not even be able to open it! The only person who can open that document will be the intended one.

Portability and Support

A common misunderstanding is that any document can be converted to DRM. Why this can never be true is that any document in its natural file format cannot be protected, even if it is viewable in its natural viewer (ie: Word for .doc, Excel for .xls, etc). The document needs to have policy added and then needs to be encrypted to ensure that the policy remains intact. So for each and every document type, one needs to use a custom viewer (ie, .doc files cannot be opened in Adobe Reader).

Of course it would be much more convenient to have a single document reader and that is possible if all types of documents can first be converted to a common format. Most file types including images, HTML, PowerPoint, Excel and Word can easily be converted to PDF format.

ArtistScope Revolutionized DRM

When ArtistScope first looked into providing DRM for CopySafe PDF documents we found that all other DRM providers were distributing token files with their media that could be easily exploited. Needless to say the rumors that DRM could be easily be removed was true, especially with some media being protected by a password wrapper only. By then we were already using call-to-home validation of license protection for our software, so using our registration server to manage access rights permissions for documents was very doable for us.

Our DRM portal for PDF documents was the first of its kind and revolutionized DRM because it could not be exploited in any way. In fact it extended an authors control over their documents by enabling tem to change subscriber and document permissions with immediate effect, even on documents still out in the wild on CD or already saved to a user's computer.

To properly prevent sharing we wanted to lock those access rights to a single computer. But the methods commonly used for computer identification was by network (mac) address. Again, we found this method unsuitable because a mac address was associated with the user's Internet connection and not necessarily a single computer. Also, a user's mac address changes when they move from LAN, Satellite or a WiFi connection, even if using the same Internet service.

For our computer identification we needed something more stable and consistent, so we developed the means of retrieving the manufacturer's name and serial number of the hard drive where our software was installed. Again, another revolutionary concept and that has been our story since 1998... we develop and innovate and copy cats plagiarize our developments and terminology.

Most competitors claim to have started their developments many years before they actually started and some have the audacity to claim "50 plus years experience in the development of copy protection" when we all know that simply means 50 years total by several people plagiarizing everything they can. They have no shame or ethic. We found one who had copied our web pages word for word and simply replaced our company name.

Who would you trust with your intellectual property?

ArtistScope DRM Software

Some ArtistScope solutions include DRM while others have allowed for the DRM provided by related solutions such as Content Management Systems (CMS).

Other solutions such as CopySafe Web and the ArtistScope Site Protection System (ASPS) do not include DRM as they are usually used with CMS such as DNN, Drupal, Joomla, Moodle and WordPress which already have complex membership login and management systems, and although user logins are not considered secure DRM (because they can be shared), those CMS can be modified easily to include Computer Identification as a discerning criteria for user access to mission critical web sites.

The ArtisBrowser, which is now the only browser suitable for copy protected web sites, is the perfect browser for DRM web sites, because it can identify each computer and create a unique signature for them using an algorithm based upon their hard drive manufacturer and serial number. This signature (Computer ID) can then be passed as a server variable to your web site scripts every time a web page is requested.