DRM rights objects

A rights object defines the circumstances in which mobile device users are granted access to DRM-protected content. The rights object governs the use of DRM-protected content and is linked to the corresponding media object.

A rights object contains usage rights and optionally usage right constraints. The usage rights allow the user to play, display, execute or print the DRM protected media object. Constraints can restrict either the number of times the media object can be used, or they can define the period of time during which the media object can be used. Usage rights define whether a rights object is valid or expired. An expired rights object has no more usage times left or the usage time has been exceeded. In addition, timed-count and accumulated time constraints are supported for OMA DRM v2.0 content.

For more information on the permissions and constraints, see:

A rights object is protected by a rights encryption key (REK). The REK is used to encrypt sensitive parts of the rights object such as the content encryption key (CEK). DRM content cannot be used without an associated rights object.


A downloadable media object is located on the Web using a uniform resource locator (URL) and identified using a universal resource identifier (URI). A URI is a member of the universal set of names in registered name spaces and addresses referring to registered protocols or name spaces. A URL is a form of URI that expresses an address that maps onto an access algorithm using network protocols. The uniform resource name (URN) debate attempts to define a name space (and presumably resolution protocols) for persistent object names.

A rights object contains exactly one reference, the content-ID, to the media object for which the rights apply. In OMA DRM v1.0 the term content-ID was used in same context as URI in OMA DRM v2.0.