1、 IEC/TS 62224 Edition 2.0 2013-07 TECHNICAL SPECIFICATION Multimedia home server systems Conceptual model for digital rights management IEC/TS 62224:2013(E) colour inside THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright 2013 IEC, Geneva, Switzerland All rights reserved. Unless otherwise specified,
2、no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IECs member National Committee in the country of the requester. If you have any questions about IEC
3、copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local IEC member National Committee for further information. IEC Central Office Tel.: +41 22 919 02 11 3, rue de Varemb Fax: +41 22 919 03 00 CH-1211 Geneva 20 infoiec.ch Swit
4、zerland www.iec.ch About the IEC The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes International Standards for all electrical, electronic and related technologies. About IEC publications The technical content of IEC publications is kep
5、t under constant review by the IEC. Please make sure that you have the latest edition, a corrigenda or an amendment might have been published. Useful links: IEC publications search - www.iec.ch/searchpub The advanced search enables you to find IEC publications by a variety of criteria (reference num
6、ber, text, technical committee,). It also gives information on projects, replaced and withdrawn publications. IEC Just Published - webstore.iec.ch/justpublished Stay up to date on all new IEC publications. Just Published details all new publications released. Available on-line and also once a month
7、by email. Electropedia - www.electropedia.org The worlds leading online dictionary of electronic and electrical terms containing more than 30 000 terms and definitions in English and French, with equivalent terms in additional languages. Also known as the International Electrotechnical Vocabulary (I
8、EV) on-line. Customer Service Centre - webstore.iec.ch/csc If you wish to give us your feedback on this publication or need further assistance, please contact the Customer Service Centre: csciec.ch. IEC/TS 62224 Edition 2.0 2013-07 TECHNICAL SPECIFICATION Multimedia home server systems Conceptual mo
9、del for digital rights management INTERNATIONAL ELECTROTECHNICAL COMMISSION U ICS 33.160.60; 35.100.01 PRICE CODE ISBN 978-2-8322-0927-1 Registered trademark of the International Electrotechnical Commission Warning! Make sure that you obtained this publication from an authorized distributor. colour
10、inside 2 TS 62224 IEC:2013(E) CONTENTS FOREWORD . 4 INTRODUCTION . 6 1 Scope . 7 2 Normative references . 7 3 Terms and definitions . 7 4 Abbreviations . 11 5 Notation 12 5.1 Numerical values . 12 5.2 Notation list . 12 6 Requirements . 13 6.1 License service model . 13 General . 13 6.1.1Threats and
11、 countermeasures . 15 6.1.2Evaluation criteria 16 6.1.3 7 Design considerations 17 7.1 General . 17 7.2 Security model 17 General . 17 7.2.1Overview of security model 17 7.2.2TREM functions . 18 7.2.3Secure license transaction protocol (SLTP) model . 18 7.2.4Certification authority. 20 7.2.5Key revo
12、cation and termination of the TREM . 21 7.2.6 7.3 Interconnection model . 21 Generic interconnection model 21 7.3.1License relay protocol (LRP) model . 22 7.3.2Implementation model of inter-connection 23 7.3.3 7.4 License information model . 24 General . 24 7.4.1Digital rights permissions data . 24
13、7.4.2 8 Issues to be standardized . 25 Annex A (informative) Example of algorithms for cryptosystem and hash . 26 Annex B (informative) Example of conversion of rights information in DRM based upon SLTP into that of existing DRM . 27 Bibliography 29 Figure 1 License service model to consider the thr
14、eats 15 Figure 2 Security model of content protection 18 Figure 3 Basic procedure of SLTP model . 20 Figure 4 Overview of issuing TREM class certificates 21 Figure 5 Generic interconnection model for content protection . 22 Figure 6 Implementation model of interconnection . 24 Figure B.1 Example of
15、static conversion of rights information . 27 Figure B.2 Example of dynamic conversion of rights information 28 TS 62224 IEC:2013(E) 3 Table 1 Expression of numerical values . 12 Table 2 Notations used in this model . 12 Table 3 Threats and countermeasures in the license service model . 16 4 TS 62224
16、 IEC:2013(E) INTERNATIONAL ELECTROTECHNICAL COMMISSION _ MULTIMEDIA HOME SERVER SYSTEMS CONCEPTUAL MODEL FOR DIGITAL RIGHTS MANAGEMENT FOREWORD 1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising all national electrotechnical committees (
17、IEC National Committees). The object of IEC is to promote international co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Report
18、s, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with may participate in this preparatory work. International, governmental and non
19、-governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for Standardization (ISO) in accordance with conditions determined by agreement between the two organizations. 2) The formal decisions or agreements of
20、 IEC on technical matters express, as nearly as possible, an international consensus of opinion on the relevant subjects since each technical committee has representation from all interested IEC National Committees. 3) IEC Publications have the form of recommendations for international use and are a
21、ccepted by IEC National Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any misinterpretation by any end user. 4) In order to promote interna
22、tional uniformity, IEC National Committees undertake to apply IEC Publications transparently to the maximum extent possible in their national and regional publications. Any divergence between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the
23、 latter. 5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any services carried out by independent certification bodies. 6) All users
24、should ensure that they have the latest edition of this publication. 7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and members of its technical committees and IEC National Committees for any personal injury, property damage or other
25、damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC Publications. 8) Attention is drawn to the Normative references cited in this publication. Use
26、 of the referenced publications is indispensable for the correct application of this publication. 9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of patent rights. IEC shall not be held responsible for identifying any or all such patent r
27、ights. The main task of IEC technical committees is to prepare International Standards. In exceptional circumstances, a technical committee may propose the publication of a technical specification when the required support cannot be obtained for the publication of an International Standard, despite
28、repeated efforts, or the subject is still under technical development or where, for any other reason, there is the future but no immediate possibility of an agreement on an International Standard. Technical specifications are subject to review within three years of publication to decide whether they
29、 can be transformed into International Standards. IEC 62224, which is a technical specification, has been prepared by technical area 8: Multimedia home server systems of IEC technical committee 100: Audio, video and multimedia systems and equipment. This second edition cancels and replaces the first
30、 edition published in 2007 and constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: TS 62224 IEC:2013(E) 5 a) the Diffie-Hellman method concerning Secure license transaction protocol (SLTP) model has been added, b)
31、the Protected Content Format (PCF) model which is dependent on each service has been deleted, c) a description related to IEC 62227 has been added, d) the classification of certification authority has been added. The text of this technical specification is based on the following documents: Enquiry d
32、raft Report on voting 100/2005/DTS 100/2060/RVC Full information on the voting for the approval of this technical specification can be found in the report on voting indicated in the above table. This publication has been drafted in accordance with the ISO/IEC Directives, Part 2. The committee has de
33、cided that the contents of this publication will remain unchanged until the stability date indicated on the IEC web site under “http:/webstore.iec.ch“ in the data related to the specific publication. At this date, the publication will be transformed into an International Standard, reconfirmed, withd
34、rawn, replaced by a revised edition, or amended. A bilingual version of this publication may be issued at a later date. IMPORTANT The colour inside logo on the cover page of this publication indicates that it contains colours which are considered to be useful for the correct understanding of its con
35、tents. Users should therefore print this document using a colour printer. 6 TS 62224 IEC:2013(E) INTRODUCTION Due to the recent trends in the rapid popularization of mobile phones and the Internet as well as the realization of high-speed data transmission and large-volume data recording media, a hig
36、h quality content distribution and ubiquitous information services are making progress and a new type of information distribution and network sharing service has gradually emerged into the market. It is capable of utilizing terabyte class home servers in private homes, also. Under these circumstance
37、s, in distribution of content over shared networks, it is crucial to establish digital rights management (DRM) technologies to protect the content from illegal copying and usage. These matters have emerged as important social issues. The targets of management by DRM technology are these digital lice
38、nses, such as copyrights. Essentially, these licenses should not only be protected but also promote re-creativity and should be broadly used as the property shared by the human race. Thus, the licenses with these characteristics should be managed and protected by a DRM system that follows open inter
39、operable specifications shared throughout the world. An open interoperable specification that follows this technical specification is able to construct highly expandable PKI based DRM targeting usage between systems, considering the expansion of recent content distribution services and clients (cons
40、ole type AV equipment, PC, mobile phone terminal, automotive telematics terminal, and so on). This technical specification gives protocol specifications for the exchange of license information between the DRM module, the description of specifications for license information and encrypted contents fo
41、rmat. During the development of this model, much consideration was given to the usage of contents in consumer electronics equipment connected with home servers. In addition, particular attention was given to distribution, storage exchange and usage of content between distribution servers and the cli
42、ent destination system, allowing for conditions approved by the rights holder, but nevertheless without loss of convenience for the users. The standardization and its popularization based on this model will enable inter-connection between DRM modules allowing strong contents protection in various co
43、ntent network sharing systems or content distribution services over the Internet and mobile phone networks. TS 62224 IEC:2013(E) 7 MULTIMEDIA HOME SERVER SYSTEMS CONCEPTUAL MODEL FOR DIGITAL RIGHTS MANAGEMENT 1 Scope This Technical Specification explains the conceptual model of the protocol specific
44、ation to exchange license information between DRM modules. This Technical Specification also outlines which models should be defined as standard models as well as the standard meanings (mainly from the viewpoint of information security in the environment, including home server systems). 2 Normative
45、references The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) appli
46、es. IEC 62227:2008, Multimedia home server systems Digital rights permission code Amendment 1:2012 ISO/IEC 7498-1:1994, Information technology Open Systems Interconnection Basic Reference Model: The Basic Model ISO/IEC 9594-8:2008, Information technology Open Systems Interconnection The Directory:Pu
47、blic-key and attribute certification framework ISO/IEC 15408-1:2009, Information technology Security techniques Evaluation criteria for IT security Part 1: Introduction and general model ITU-T Recommendation X.509:1997, Information technology Open systems intercon- nection The Directory: Public-key
48、and attribute certificate frameworks RFC 3280 R. Housley (RSA Laboratories), W. Ford (VeriSign), W. Polk (NIST), D. Solo (Citicorp), Request for Comments: 3280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, Category: Standards Track (April 2002),
49、http:/rfc.slim.summitmedia.co.uk/rfc2380.html 3 Terms and definitions For the purposes of this document, the terms and definitions given in ISO/IEC 9594-8:2008, as well as the following apply. 3.1 access condition information that describes the content usage conditions Note 1 to entry: The access condition represents the conditional rules that restrict user ability to manipulate the content information and is a part of authorization information in the license for
