OMA DRM (Open Mobile Alliance Digital Rights Management) is a DRM mechanism defined by Open Mobile Alliance. It is designed to control the distribution of media objects. It governs how content is used and allows the development of new end-user features and new kinds of mobile content services for content providers, service developers, operators, and service providers.
OMA DRM enables the content provider to specify rights to the media objects. The rights object specifies the action that can be performed to the media object, for instance play, print, display or execute. It also specifies the limitation of the action, for example play for 30 days or display for 10 times only.
OMA DRM contains a client component, providing a mechanism to control not only piracy via the mobile network but also via local connections, such as BT, IR, and MultiMediaCard (MMC) memory cards. The OMA will continue to develop DRM standards as a joint effort among OMA members.
There are currently two standards of OMA DRM, v1.0 and v2.0.
OMA DRM v1.0
OMA DRM v1.0 provides for three protection methods:
- Forward-Lock. This simple mechanism prevents content from leaving the device to which it was delivered. This provides basic copy protection that protects the rights of content owners.
- Combined Delivery. An extension to forward-lock, combined delivery allows additional usage rights to be added to the content. For example, content that a user could preview would be assigned ‘may be used only once’ usage rights. Combined delivery will also create opportunities for various new business models; for example, content sold temporarily to a consumer might be assigned ‘view for a week’ usage rights.
- Separate Delivery. Similar to combined delivery but with added security, separate delivery dictates that content is delivered as encrypted files, separate from the usage rights, which are delivered via a different channel. Separate delivery also enables the superdistribution business model, in which content protected by DRM can be sent from device to device. An example of this could be the sending of content that is part of an MMS message to a friend. The receiver of the content can then ‘acquire a licence’ to get a preview or buy the content. This viral marketing is potentially a very powerful concept.
OMA DRM v1.0 files can be created using a number of tools, including the Nokia Mobile Internet Toolkit that is available on Nokia Developer.
OMA DRM v2.0
OMA DRM v2.0 extends the separate delivery mechanism in OMA DRM version 1.0. Each device includes an individual Public Key Infrastructure (PKI) certificate with a public key and corresponding private key. When a user purchases the rights to a content item, the content and a Rights Object (RO) are delivered to the device. Both files are encrypted, with the RO containing a key that provides access to the content. The RO is uniquely targeted at a device, because it is encrypting with the device’s public key. This mechanism provides a higher level of protection to content delivered to devices.
Picture is courtesy of Open Mobile Alliance.
OMA DRM Support in Nokia devices
Series 40 devices
From Series 40 2nd Edition onward, an implementation of OMA DRM version 1.0 is provided. In addition, from Series 40 3rd Edition, Feature Pack 1 onward, support is provided for OMA DRM version 2.0.