Digital Rights Management (DRM)
Digital Rights Management (or DRM for short) is the term applied to the protection of digital assets using a centralized rights management service. In the Drumlin system these assets are PDF documents - books, reports, technical manuals, training materials and more...
The Drumlin DRM service uses AUTHORIZATION CODES (authcodes) as its principal means of asset management (see diagram, below). Authcodes (for PCs and Macs) are 20 character text strings that relate to a specific secure PDF (a DRMX file) or packaged DRMX file (an EXE file). For tablet devices (e.g. iPADs) and general cross-platform usage shorter (9 character) codes are used - these codes apply to the DRMZ format files that can be created using Drumlin, and such files can also be read by the Javelin readers for PCs and Macs. Each authcode is unique and is stored in a table on the DRM server together with the identity (DocID) of the PDF document it relates to, plus a usage count which is generally set to 1 but can be any value>0 (this value decrements by 1 if it is used and when it reaches 0 it is no longer available). Although not generally enabled, authcodes can also be made specific to individual registered users (via a UserID field entry). Authcodes are created and managed by Drumlin Security and may be ordered via thestoreand byemailing uswith a request for codes. Emails must specify the Document for which codes are required, the number of codes required, and the Drumlin userID of the person requesting them. Codes are supplied as text files and are only issued to the person who created the files originally. In addition, for subscription customers, there is a utility program available that enables the publisher to generate their own authcodes (just for their own documents of course!).
Fully secured DRMX, DRMZ and EXE files designed to be viewed using the Javelin reader (PC, Mac or iPAD version) and do not require user registration. Authcode usage is still tracked with this arrangement. The diagram below shows the main elements and data flows involved in the Drumlin and Javelin DRM services for PDF security:
"Basic DRM" files do not require authorization codes, but can be made user-specific via the UserLists facility. In this case the identify of users who have permission to view the document is included in encrypted form within the document itself. All such users must be existing Drumlin service users, so have pre-installed and registered the Drumlin reader software and have unique UserIDs assigned to them. These IDs are required for the creation of user-specific DRM files. When secure PDFs in the form of DRM or DRMX/DRMZ files are used, Drumlin tracks their creation and usage via a server-based Activity Log and locally on the end user's PC. Authorization events are logged, as are failed attempts.
The Drumlin Digital Rights Management (DRM) Server is comprised of a Microsoft Windows server host configuration offering Web hosting, ASP/.NET and SQLServer 5 (or later) facilities. Service management is conducted via FTP and SQLServer management facilities. In the latter case this is typically Microsoft SQLServer Management Studio (or Studio Express) and Microsoft Access (connection via ODBC to SQLServer host). The latter is principally of use for ad hoc queries and management report generation, but may also be used for data updating where appropriate. The SQLServer configuration may be shared with many other databases and is typically very lightly loaded. This is because the data stored is fairly small (normally no documents are stored in the database, just document and user related data), and interaction between the client and host server is typically occasional, short and fast. Almost the only occasion where larger volumes of data are handled is when a large bulk publishing exercise is run (e.g. for 100s of files at one go)