XrML is the eXtensible Rights Markup Language which has also been standardized as the Rights Expression Language (REL) for MPEG-21. XrML is owned by ContentGuard.
XrML is based on XML and describes rights, fees and conditions together with message integrity and entity authentication information.
Contents |
Mark Stefik, a researcher at Xerox PARC, is known as the originator of the concepts that became the XrML language. Stefik was engaged in research on the topic of trusted systems for secure digital commerce, of which one part was a language to express the rights that the system would allow users to perform on digital resources.
The first version of the rights expression language that became XrML was developed at Xerox PARC, and called the Digital Property Rights Language (DPRL). DPRL appears in a patent filed by Xerox in November 1994 (and was granted in February 1998) entitled: "System for Controlling the Distribution and Use of Digital Work Having Attached Usage Rights Where the Usage Rights are Defined by a Usage Rights Grammar" (US Patent 5,715,403, issued to Xerox Corporation).
Between 1994 and 1998, Xerox formed its Rights Management Group to continue the work represented in the patent. In November 1998, Xerox issued the first XML version of the Digital Property Rights Language (DPRL), labelled Version 2.0. Prior to that time, DPRL had been written in the LISP programming language.
The DPRL 2.0 documentation makes it clear that DPRL was designed for machine-to-machine interaction, with rights expressed as machine actionable functions. It also states clearly that in interpreting a DPRL-based expression of rights, only those rights that are explicitly granted can be acted upon. Any areas where a rights expression is silent must be interpreted as rights not granted, and therefore must be denied by the software enforcing the rights.
In 1998, version 2 of DPRL was licensed to a new company founded by Microsoft and Xerox called ContentGuard, which developed DPRL into the eXtensible rights Markup Language (XrML). Version 1 of XrML was published in 2001.
XrML 1.0 was an evolution of DPRL. It expanded much of the management structure of DPRL, adding unique identifiers, private and public keys, and other mechanisms for identifying and verifying the authenticity of the issuer and the user of the resource. It also added certification for hardware and software that would be part of the trusted environment. The rights list remained the same, although the definitions of individual rights changed somewhat. In particular, XrML 1.0 distinguished clearly between those rights that created a new resource versus those that modified an existing resource.
Version 2.0 of XrML was a radical departure from all that preceded it. Where DPRL and XrML 1.0 contained specific language for machine-actionable rights ("copy" "transfer" "backup" "install" etc.) version 2.0 was an abstract rights language with only a few core elements. The core elements of XrML 2.0 are the ones needed to establish trust between systems so that transactions can take place. These include the issuer of the license, the other parties to the license, and the ability to include resources and rights, digital signatures, etc. This version is not specific to any medium or type of resource, and has been generalized to control rights on digital resources, services, or any other digital entity.
In March 2002, Hari Reddy of ContentGuard became chair of a new OASIS technical committee on rights languages. In a meeting on May 21, ContentGuard appears to have presented a new version of XrML, 2.1, as the starting point for the committee's work. The group disbanded later in that year, unable to agree on a direction for the work. ContentGuard was also working with the Electronic Book Exchange (EBX) in 2000, and later the Open eBook Forum (OeBF), on the development of standards for digital rights management for eBooks. In 2003, the OeBF "Rights and Rules" working group developed a draft standard rights expression language based on XrML 2.0, however this standards effort halted and has not been revived at this writing.
At this same time, ContentGuard was participating in the MPEG-21 standards committee, where XrML was proposed as the basis for Part 5 of the MPEG-21 standard (ISO/IEC 21000), the Rights Expression Language. Through a member vote of the International Organization for Standardization, the MPEG-21 standard, including Part 5, became an official international standard. ContentGuard ceased work on XrML at the point that it became adopted as an official standard; ISO/IEC 21000-5 is its current manifestation.