iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 23078-2:2024

(Main)

Information technology — Specification of digital rights management (DRM) technology for digital publications — Part 2: User key-based protection

Information technology — Specification of digital rights management (DRM) technology for digital publications — Part 2: User key-based protection

This document defines a technical solution for encrypting resources in digital publications (especially EPUB) and for securely delivering decryption keys to reading systems, included in licenses tailored to specific users. It also defines a simple passphrase-based authentication method for reading systems to verify the license and access the encrypted resources of such digital publications.

Technologies de l'information — Spécification de la technologie de gestion des droits numériques (DRM) pour les publications numériques — Partie 2: Protection par clé utilisateur

General Information

Status
Published
Publication Date
06-Jun-2024
ICS
35.240.30 - IT applications in information, documentation and publishing
Technical Committee
ISO/IEC JTC 1/SC 34 - Document description and processing languages
Drafting Committee
ISO/IEC JTC 1/SC 34 - Document description and processing languages
Current Stage
6060 - International Standard published
Start Date
07-Jun-2024
Due Date
09-Jun-2025
Completion Date
07-Jun-2024
Ref Project

Relations

Revises
ISO/IEC TS 23078-2:2020 - Information technology — Specification of DRM technology for digital publications — Part 2: User key-based protection
Effective Date
06-Jun-2022

Buy Standard

ISO/IEC 23078-2:2024 - Information technology — Specification of digital rights management (DRM) technology for digital publications — Part 2: User key-based protection Released:7. 06. 2024ISO/IEC 23078-2:2024 - Information technology — Specification of digital rights management (DRM) technology for digital publications — Part 2: User key-based protection Released:7. 06. 2024
PreviousNext
Standard
ISO/IEC 23078-2:2024 - Information technology — Specification of digital rights management (DRM) technology for digital publications — Part 2: User key-based protection Released:7. 06. 2024
English language
38 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


International
Standard
ISO/IEC 23078-2
First edition
Information technology —
2024-06
Specification of digital rights
management (DRM) technology for
digital publications —
Part 2:
User key-based protection
Reference number
© ISO/IEC 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO/IEC 2024 – All rights reserved
ii
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Abbreviated terms . 3
5 Overview . 4
5.1 General .4
5.2 Protecting the publication .4
5.3 Licensing the publication .5
5.4 Reading the publication .5
6 License document . 6
6.1 General .6
6.2 Content conformance . .6
6.3 License information .6
6.3.1 General .6
6.3.2 Encryption (transmitting keys) .7
6.3.3 Links (pointing to external resources) .8
6.3.4 Rights (identifying rights and restrictions).9
6.3.5 User (identifying the user) .10
6.3.6 Signature (signing the license) .11
6.4 User key . 12
6.4.1 General . 12
6.4.2 Calculating the user key . . 12
6.4.3 Hints . 12
6.4.4 Requirements for the user key and user passphrase . 13
6.5 Signature and public key infrastructure . 13
6.5.1 General . 13
6.5.2 Certificates . 13
6.5.3 Canonical form of the license document .14
6.5.4 Generating the signature . 15
6.5.5 Validating the certificate and signature . .17
7 License status document . 17
7.1 General .17
7.2 Content conformance . .17
7.3 License status information .18
7.3.1 General .18
7.3.2 Status .18
7.3.3 Updated (timestamps) .18
7.3.4 Links .19
7.3.5 Potential rights .19
7.3.6 Events . 20
7.4 Interactions . 20
7.4.1 General . 20
7.4.2 Handling errors . 20
7.4.3 Checking the status of a license . 20
7.4.4 Registering a device .21
7.4.5 Returning a publication . 22
7.4.6 Renewing a license . 23
8 Encryption profile .24
8.1 General .24
8.2 Encryption profile requirements . 25

© ISO/IEC 2024 – All rights reserved
iii
8.3 Basic encryption profile 1.0 . 25
9 Integration in EPUB .25
9.1 General . 25
9.2 Encrypted resources . 25
9.3 Using META-INF/encryption.xml for LCP . 26
10 Reading system behaviour .27
10.1 Detecting LCP protected publication .27
10.2 License document processing .27
10.2.1 Overall .27
10.2.2 Validating the license document .27
10.2.3 Acquiring the publication .27
10.2.4 License status processing . 28
10.3 User key processing . 28
10.4 Signature processing . 28
10.5 Publication processing . 29
Annex A (informative) Examples .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 23078-1:2024(Main)
Information technology — Specification of digital rights management (DRM) technology for digital publications — Part 1: Overview of copyright protection technologies in use in the publishing industry

This document describes three types of copyright protection technologies in use in the publishing industry: — digital rights management (DRM) free protection, i.e. technologies which do not rely on content encryption but rather use content fingerprinting or watermarking, adequate for use cases where user convenience is the top priority; — user key-based DRM protection, adequate where user constraints are limited; — device key-based DRM protection, adequate where the transfer of publications from one device to another is severely constrained.

  • Standard
    6 pages
    English language
    sale 15% off
ISO
ISO/IEC 23078-3:2024(Main)
Information technology — Specification of digital rights management (DRM) technology for digital publications — Part 3: Device key-based protection

This document defines a technical solution for encrypting resources in digital publications (especially EPUB), effectively registering a device certificate to providers and securely delivering decryption keys to reading systems included in licenses tailored to specific devices. This technical solution uses the passphrase-based authentication method defined in ISO/IEC 23078-2 for reading systems to receive the license and access the encrypted resources of such digital publications.

  • Standard
    31 pages
    English language
    sale 15% off
ISO
ISO/IEC 29500-2:2021(Main)
Document description and processing languages — Office Open XML file formats — Part 2: Open packaging conventions

This document defines a set of conventions for packaging one or more interrelated byte streams (parts) as a single resource (package). These conventions are applicable not only to Office Open XML specifications as described in ISO/IEC 29500-1 and ISO/IEC 29500-4, but also to other markup specifications.

  • Standard
    65 pages
    English language
    sale 15% off
  • Standard
    65 pages
    English language
    sale 15% off
ISO
ISO/IEC 23761:2021(Main)
Digital publishing — EPUB accessibility — Conformance and discoverability requirements for EPUB publications

This document specifies content conformance requirements for verifying the accessibility of EPUB publications. It also specifies accessibility metadata requirements for the discoverability of EPUB publications.

  • Standard
    12 pages
    English language
    sale 15% off
  • Standard
    12 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 10036:2020(Main)
Information technology — Font information interchange — Registered glyph identifiers

This document provides the glyph identifiers and glyph images registered and published by the registration authority for ISO/IEC 10036:1996.

  • Technical report
    3 pages
    English language
    sale 15% off
  • Technical report
    3 pages
    English language
    sale 15% off
ISO
ISO/IEC 19757-7:2020(Main)
Information technology — Document Schema Definition Languages (DSDL) — Part 7: Character Repertoire Description Language (CREPDL)

This document specifies a Character Repertoire Description Language (CREPDL). A CREPDL schema describes a character repertoire. A stream of UCS code points can be validated against a CREPDL schema.

  • Standard
    15 pages
    English language
    sale 15% off
  • Standard
    15 pages
    English language
    sale 15% off
ISO
ISO/IEC 19757-3:2020(Main)
Information technology — Document Schema Definition Languages (DSDL) — Part 3: Rule-based validation using Schematron

This document specifies Schematron, a schema language for XML. This document establishes requirements for Schematron schemas and specifies when an XML document matches the patterns specified by a Schematron schema. Schematron uses query languages such as XPath for writing assertions.

  • Standard
    39 pages
    English language
    sale 15% off
  • Standard
    39 pages
    English language
    sale 15% off
  • Standard
    39 pages
    English language
    sale 15% off
ISO
ISO/IEC 23736-2:2020(Main)
Information technology — Digital publishing — EPUB 3.0.1 — Part 2: Publications

This specification, EPUB Publications 3.0.1, defines semantics and conformance requirements for EPUB® Publications, including the format of the Package Document that describes each Rendition of the content and rules for how this document and other Publication Resources are associated to create a conforming EPUB Publication. This specification is one of a family of related specifications that compose EPUB 3, the third major revision of an interchange and delivery format for digital publications based on XML and Web Standards. It is meant to be read and understood in concert with the other specifications that make up EPUB 3: The EPUB 3 Overview [EPUB3Overview], which provides an informative overview of EPUB and a roadmap to the rest of the EPUB 3 documents. The Overview should be read first. EPUB Content Documents 3.0.1 [ContentDocs301], which defines profiles of XHTML, SVG and CSS for use in the context of EPUB Publications. EPUB Open Container Format (OCF) 3.0.1 [OCF301], which defines a file format and processing model for encapsulating a set of related resources into a single-file (ZIP) EPUBContainer. EPUB Media Overlays 3.0.1 [MediaOverlays301], which defines a format and a processing model for synchronization of text and audio. This specification supersedes EPUB Publications 3.0 [Publications30]. Refer to [EPUB3Changes] for information on differences between this specification and its predecessor.

  • Standard
    77 pages
    English language
    sale 15% off
  • Standard
    77 pages
    English language
    sale 15% off
ISO
ISO/IEC 23736-5:2020(Main)
Information technology — Digital publishing — EPUB 3.0.1 — Part 5: Media overlays

This specification, EPUB Media Overlays 3.0.1, defines a usage of [SMIL] (Synchronized Multimedia Integration Language), the Package Document, the EPUB® Style Sheet, and the EPUB Content Document for representation of audio synchronized with the EPUB Content Document. This specification is one of a family of related specifications that compose EPUB 3, the third major revision of an interchange and delivery format for digital publications based on XML and Web Standards. It is meant to be read and understood in concert with the other specifications that make up EPUB 3: The EPUB 3 Overview [EPUB3Overview], which provides an informative overview of EPUB and a roadmap to the rest of the EPUB 3 documents. The Overview should be read first. EPUB Publications 3.0.1 [Publications301], which defines the semantics and overarching conformance requirements for each Rendition of an EPUB Publication. EPUB Content Documents 3.0.1 [ContentDocs301], which defines profiles of XHTML, SVG and CSS for use in the context of EPUB Publications. EPUB Open Container Format (OCF) 3.0.1 [OCF301], which defines a file format and processing model for encapsulating a set of related resources into a single-file (ZIP) EPUB Container.

  • Standard
    34 pages
    English language
    sale 15% off
  • Standard
    34 pages
    English language
    sale 15% off
ISO
ISO/IEC 23736-3:2020(Main)
Information technology — Digital publishing — EPUB 3.0.1 — Part 3: Content documents

This specification, EPUB Content Documents 3.0.1, defines profiles of HTML5, SVG, and CSS for use in the context of EPUB® Publications. This specification is one of a family of related specifications that compose EPUB 3, the third major revision of an interchange and delivery format for digital publications based on XML and Web Standards. It is meant to be read and understood in concert with the other specifications that make up EPUB 3: The EPUB 3 Overview [EPUB3Overview], which provides an informative overview of EPUB and a roadmap to the rest of the EPUB 3 documents. The Overview should be read first. EPUB Publications 3.0.1 [Publications301], which defines the semantics and overarching conformance requirements for each Rendition of an EPUB Publication. EPUB Open Container Format (OCF) 3.0.1 [OCF301], which defines a file format and processing model for encapsulating a set of related resources into a single-file (ZIP) EPUB Container. EPUB Media Overlays 3.0.1 [MediaOverlays301], which defines a format and a processing model for synchronization of text and audio. This specification supersedes EPUB Content Documents 3.0 [ContentDocs30]. Refer to [EPUB3Changes] for information on differences between this specification and its predecessor.

  • Standard
    61 pages
    English language
    sale 15% off
  • Standard
    61 pages
    English language
    sale 15% off