Academic journal article Journal of Electronic Commerce Research

Digital Rights Management for Mobile Commerce Using Web Services

Academic journal article Journal of Electronic Commerce Research

Digital Rights Management for Mobile Commerce Using Web Services

Article excerpt


Performing digital rights management (DRM) on mobile distribution services encounters many technical problems. Major problems include privacy and trust, coordination and interoperability, security, license management, DRM operations, and payment. This paper proposes a generic DRM framework to tackle these problems. The proposed framework consists of (1) an operational mobile infrastructure; (2) Web Services (WS); and (3) a mobile DRM model. This paper emphasizes on the use of WS for DRM because research applying WS to mobile media distribution services is scarce. The framework enables basic rights insertion and enforcement (both online and offline), and media sharing. It is generic in the sense that it is independent of the generation of mobile technology. The framework has been compared with other similar DRM solutions and the results show that it outperforms them in terms of practicability and capabilities. However, there could be possible overloading and risk problems with it. This paper contributes by (1) proposing a generic DRM framework to support mobile media distribution services; and (2) exploring the use of WS for mobile commerce.

Keywords: digital rights management, mobile commerce, web services, multimedia.

1 Introduction

Nowadays, mobile commerce (abbreviated M-Commerce) is getting more and more important as the number of mobile user grows in a rapid manner worldwide, and the mobile networks and services expand to cross-country and even worldwide coverage. M-commerce is simply a way to conduct electronic commerce using mobile devices. M-commerce usually involves multiple independent business entities, for instant mobile operators, service providers, enabling technology providers, and mobile users. Coordination and interoperability become a great concern in such a business setting. Moreover, the success of M-commerce is also dependent upon the mutual trust among these entities. For example, when intellectual property is a concern of a business, privacy and trust become requirements of the business. Furthermore, other business components, such as payment and security also play important roles in M-commerce.

Media distribution services, including video conferencing, video-on-demand, online music distribution are major mobile businesses. Digital Rights Management (DRM) is required in media distribution services to protect the intellectual property of the distributed digital media [Kwok, et al. 2004]. DRM technology includes rights insertion, rights enforcement, license management, license (or media) sharing and so on. Rights insertion and rights enforcement are responsible for basic DRM operations. License management is to manage the usage and access rights of the purchased media [DRM 2005, InterTrust 2000, Kwok 2000]. License (or media) sharing [Brown 2005, Napster 2005] that involves processes of transferring rights and issuing authorization is a demanding feature in media distribution services. Payment [CSRA 2005, eCyberPay 2002] is highly related to DRM operations, as usage and access rights are mainly due to the purchasing agreements and terms.

Due to the limitations of mobile device namely low CPU and memory capacities [Piloura, et al. 2003], there are problems to overcome in order to perform DRM on M-commerce. The following are major problems.

* Coordination and Interoperability [Kwok, et al. 2003]: Electronic commerce protocols and Web technologies are usually different from sites to sites - from one mobile service provider to another mobile service provider. Integrating DRM into a mobile business with these parties needs to resolve the problems of coordination and interoperability.

* Security [Kwok 2003, Memon and Wong 2001]: ID insertion and verification processes are required in DRM. These processes should be treated as black-box processes and sensitive information involved should be kept and handled by a trusted party only, e. g., a clearance house. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.