The OMA Digital Rights Management (DRM) v2.0 specification provides stronger content protection and improved functionality for rich media content, such as music and video. The specification enables an end-to-end DRM system that takes into account the need for secure distribution, authentication of devices, revocation and other aspects. The Symbian platform supports the mandatory features of the OMA DRM v2.0 specification.
The improved security, compared with OMA DRM v1.0, is achieved by using:
Bilateral authentication between the rights issuers and devices
Public key infrastructure (PKI) certificates and online revocation checks
Protection of the confidentiality and integrity of the rights objects
Improved functionality and usability are achieved, for example, by providing enhanced preview functions and mechanisms for sharing content within a registered community of devices, called a domain.
The OMA DRM v2.0 specification as such is not mobile-specific, which means that there can be OMA DRM v2.0 non-mobile devices, such as PC software, thus enabling better interaction and content transferability between devices.
In the Symbian platform, OMA DRM v2.0 is enabled for music and video files via HTTP or OMA download. For more information on the OMA DRM v2.0 features that are supported in the Symbian platform, see Supported OMA DRM v2.0 features. For more information on supported OMA DRM v2.1 features, see OMA DRM v2.1.
Silent rights object acquisition means that no DRM-specific notifications are shown during the acquisition if the feature is enabled in the media file. The OMA DRM specification defines two types of silent rights URL:
On-demand
Rights object is acquired when the user tries to open the file.
In-advanced
Rights object is acquired at the earliest possible time.
The Symbian platform supports only on-demand silent rights acquisition. The in-advanced type is treated similarly as on-demand.
Transaction tracking allows the rights
issuer to track the content flow from one user to another via superdistribution.
The rights issuer includes a TransactionID
in the rights
object, which allows the rights issuer to build a reward mechanism, for example.
In the PKI, secret data is encrypted with the recipient's public key. Only the recipient can open the content with the private key. This private key system is sometimes known as symmetric cryptography and the public key system as asymmetric cryptography. PKI makes sure that both the mobile device and server are authenticated. The key in the mobile device identifies the mobile device and the key in the server identifies the server. The device key is stored by using data caging. If the key is lost, the downloading rights are revoked, but usage rights still apply.
In addition to the software implementation in the Symbian platform, each device must have the keys and certificates listed below:
Device private key
Public certificates
Device certification authority (CA) certificate
CA root certificate
Note: The Symbian platform does not provide PKI keys, certificates, or server infrastructure. Content Management License Administrator is a known PKI provider for OMA DRM v2.0. The DRM implementation in the Symbian platform is prepared for CMLA, but it is not certified, because only devices can be certified by CMLA.