ISO/IEC 21000-5:2004/Amd 1:2007

INTERNATIONAL ISO/IEC
STANDARD 21000-5
First edition
2004-04-01
AMENDMENT 1
2007-02-01

Information technology — Multimedia
framework (MPEG-21) —
Part 5:
Rights Expression Language
AMENDMENT 1: MAM (Mobile And optical
Media) profile
Technologies de l'information — Cadre multimédia (MPEG-21) —
Partie 5: Langage d'expression des droits
AMENDEMENT 1: Profil MAM (“Mobile And optical Media”)




Reference number
ISO/IEC 21000-5:2004/Amd.1:2007(E)
©
ISO/IEC 2007

---------------------- Page: 1 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.


©  ISO/IEC 2007
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2007 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
Amendment 1 to ISO/IEC 21000-5:2004 was prepared by Joint Technical Committee ISO/IEC JTC 1,
Information technology, Subcommittee SC 29, Coding of audio, picture, multimedia and hypermedia
information.

© ISO/IEC 2007 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)

Information technology — Multimedia framework (MPEG-21) —
Part 5:
Rights Expression Language
AMENDMENT 1: MAM (Mobile And optical Media) profile
Insert two new clauses 10 and 11 as follows:
10 Additional Extensions
10.1 General
This clause lists extensions of the REL.
The REL (Rights Expression Language) defined in the previous clauses and Annexes A through J is a
comprehensive, flexible and domain-agnostic rights language that can be used for a wide spectrum of
applications. However, in order to meet specific needs on the REL from, for example, an ecosystem (e.g.,
electronic books or mobile devices), an application (e.g., media streaming), a function (e.g., certificating and
attesting assertions), or a region (e.g., North America, Europe or Asia), the entire REL may need to be
restricted to some profiles for the purposes of optimization and interoperability in developing and deploying
systems, applications, components and devices. Here, a profile here represents a subset of the REL types,
elements and attributes (with any specified syntactic, semantic and processing restrictions), possibly together
with some further extensions to the REL types and some newly introduced elements and attributes, all subject
to maintaining compliance to the specification of the REL.
10.2 Multimedia Extension One
10.2.1 General
This subclause specifies an additional extension, called the “multimedia extension one”, of the REL specified
in the previous clauses.
10.2.2 Normative Namespace
The XML namespace for the extension types and new elements and attributes introduced in the REL
multimedia extension one shall be urn:mpeg:mpeg21:2005:01-REL-M1X-NS, and this namespace is
normative. Here, the 01 represents a serial number that is expected to change as this extension evolves.
© ISO/IEC 2007 – All rights reserved 1

---------------------- Page: 4 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
10.2.3 Namespace Prefixes
For convenience, this extension uses shorthand namespace prefixes when referring to XML elements and
types. The actual prefix used is not important as long as the namespace URI is correct. The prefixes used in
this extension are given in Table AMD1.1.
Table AMD1.1 — Prefixes of XML Schemas
Prefix Name Namespace
r urn:mpeg:mpeg21:2003:01-REL-R-NS
REL Core
sx urn:mpeg:mpeg21:2003:01-REL-SX-NS
REL Standard Extension
mx REL Multimedia Extension urn:mpeg:mpeg21:2003:01-REL-MX-NS
dsig XML Digital Signature http://www.w3.org/2000/09/xmldsig#
xenc XML Encryption http://www.w3.org/2001/04/xmlenc#
m1x urn:mpeg:mpeg21:2005:01-REL-M1X-NS
REL Multimedia Extension One

10.2.4 Defintion of Multimedia Extension One
This subclause defines the multimedia extension one to the REL. The syntax and the semantics of the types
and elements in the multimedia extension one are presented here. The XML schema for the extension
elements and types is listed in Annex L.
10.2.4.1 Principal Extension Elements
10.2.4.1.1 IdentityHolder
10.2.4.1.1.1 Informative Description
The m1x:identityHolder element is an extension element of the type r:Principal defined in the REL
Core. It identifies the principal who is the holder of the specified identity possibly in some identification system.
The optional m1x:idSystem child element of the xsd:anyURI type is used to indicate the identification
system. The m1x:idValue child element, which can be either character content or element content from any
namespace, is used to contain the identifier value of the identity.
2 © ISO/IEC 2007 – All rights reserved

---------------------- Page: 5 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)

Figure AMD1.1 — m1x:identityHolder Principal
The following example specifies a principal as the holder of an International Mobile Subscriber Identifier.


 urn:acme:imsi
 IMSI:2232111123



 


In the above example, the principal identified by m1x:identityHolder is granted the right to play the
resource specified in r:digitalResource.
The types of the m1x:identityHolder element and the m1x:idValue child element are defined as
extensions of the r:LicensePart type. Consequently, both m1x:identityHolder and m1x:idValue
can be specified by variables. The following example is like the example above, except the principal is a
holder of any, instead of a particular, International Mobile Subscriber Identifier.



 urn:acme:imsi
 



 



10.2.4.1.1.2 Normative Specification
Let p be a m1x:IdentityHolder. If p/m1x:idValue has a child element, then p/m1x:idValue identifies
that system entity that possesses the identifier indicated by that child element. Otherwise, p/m1x:idValue
identifies that system entity that possesses the identifier indicated by the value of p/m1x:idValue. In either
case, the identifier belongs to the identification system indicated by the URI value of p/m1x:idSystem when
the p/m1x:idSystem child element is present.
© ISO/IEC 2007 – All rights reserved 3

---------------------- Page: 6 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
10.2.4.2 Right Extension Elements
10.2.4.2.1 GovernedCopy
10.2.4.2.1.1 Informative Description
This element represents the right to copy the resource and at the same time to result in certain rights being
associated to the copied resource. The optional attribute @m1x:governanceRule of type QName indicates
the name of a governance rule that determines how exactly the copy should be made and what rights should
be associated and by whom for the copied resource. When the attribute is not specified, this right allows to
make a bit-wise identical copy of the resource and to result in an identical copy of the r:license that this
right is specified being made to the copied resource. This right can be used for copying the resource that is
either locally available or received from a remote location (e.g., via streaming or broadcasting) during the time
this right is being exercised.

Figure AMD1.2 — m1x:governedCopy Right
A sample code fragment is provided below for illustration:


 
 
 
 


 
 
 
 



In the above example, any principal is granted the right to play a movie clip, and the right to copy the clip
together with the same license.
The following is another example license.


 
 
 
 


 
 
 
 


4 © ISO/IEC 2007 – All rights reserved

---------------------- Page: 7 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
 
 
  Rights Issuer Public Key Name
 
 



Suppose the governance rule named “acme:CopyOnce” only allows exercising this right once to make a bit-
wise identical copy of the resource and associating the other rights in the same license to the copied resource
by issuing another license by the same issuer. In this case, exercising the right m1x:governedCopy in the
license will result in a bit-wise identical copy of the resource, and the following license:


 
 
 
 


 
 
  Rights Issuer Public Key Name
 
 



10.2.4.2.1.2 Normative Specification
Let r be a m1x:GovernedCopy. Then, if r/@m1x:governanceRule is present, r identifies the act of making
a copy and associating right expressions with that copy in compliance with the compliance rules identified by
r/@m1x:governanceRule. Otherwise, if r/@m1x:governanceRule is absent, r identifies the act of making
a bit-wise identical copy and associating a right expression to that copy that is Equal to the License in the
authorizer in one of the authorization proofs for the authorization request for that copy.
If r is used as the Right Member of an authorization request, then the Resource Member of that authorization
request shall be present and shall identify the resource being copied.
10.2.4.2.2 GovernedMove
10.2.4.2.2.1 Informative Description
This element represents the right to move the resource and at the same time to result in certain rights being
associated to the moved resource. The moved resource and its associated rights should not exist or be valid
on the original repository after exercising this right. The optional attribute @m1x:governanceRule of type
QName indicates the name of a governance rule that determines how exactly the resource should be moved
and what rights should be associated and by whom for the moved resource. When the attribute is not
specified, this right allows to the moved resource to be a bit-wise identical copy of the resource and to result in
an identical copy of the r:license that this right is specified being made to the moved resource. This right
can be used for moving the resource that is either locally available or received from a remote location during
the time this right is being exercised.
© ISO/IEC 2007 – All rights reserved 5

---------------------- Page: 8 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)

Figure AMD1.3 — m1x:governedMove Right
A sample code fragment is provided below for illustration.


 
 
 
 


 
 
 
 



In the above example, any principal is granted the right to play a movie clip, and the right to move the clip
together with the same license.
Following is another example license.


 
 
 
 


 
 
 
 


 
 
  Rights Issuer Public Key Name
 
 



Suppose the governance rule named “acme:MoveOnce” only allows exercising this right once to move the
resource in the bit-wise identical manner and associating the other rights in the same license to the moved
resource by issuing another license by the same issuer. In this case, exercising the right
m1x:governedMove in the license will result in moving the resource in the bit-wise identical manner and the
following license:


 
 
 
6 © ISO/IEC 2007 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
 


 
 
  Rights Issuer Public Key Name
 
 



10.2.4.2.2.2 Normative Specification
Let r be a m1x:GovernedMove. Then, if r/@m1x:governanceRule is present, r identifies the act of
performing the act mx:move to the Resource and associating right expressions with that moved Resource in
compliance with the compliance rules identified by r/@m1x:governanceRule. Otherwise, if
r/@m1x:governanceRule is absent, r identifies the act of performing the act mx:move to the Resource in
the bit-wise identical sense and associating a right expression to that moved Resource that is Equal to the
License in the authorizer in one of the authorization proofs for the authorization request for that moved
Resource.
If r is used as the Right Member of an authorization request, then the Resource Member of that authorization
request shall be present and shall identify the resource being moved.
10.2.4.2.3 Enlist
10.2.4.2.3.1 Informative Description
This element represents the right to link or enlist (the reference to) the related resource into a new playback
control sequences description (i.e. play-list) for the optical disc. When it presents in an r:grant element, this
element allows adding the value of the resourceLocator in the m1x:protectedResource element to
the play-list.

Figure AMD1.4 — m1x:enlist Right
The following grant permits any user to link the associated (video object) resource
“file:///HDDVDdisc/ADV_OBJ/Vo3” into a new play list being edited currently. In this example, the value
of the m1x:resourceLocator, “file:///HDDVDdisc/TM_OBJ/TM3”, will be added to the play list when
the user selects the object “Vo3”.

  
  

    file:///HDDVDdisc/TM_OBJ/TM3
  


© ISO/IEC 2007 – All rights reserved 7

---------------------- Page: 10 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
10.2.4.2.3.2 Normative Specification
Let r be a m1x:enlist. Then r identifies the act of adding the Resource into a Resource which is a list of
Resources.
If r is used as the Right Member of an authorization request, then the Resource Member of that authorization
request shall be present and shall identify the resource being added to the list Resource.
10.2.4.2.4 Delist
10.2.4.2.4.1 Informative Description
This element represents the right to unlink or delist (the reference to) the related resource from a related
playback control sequences description (i.e. play-list) for the optical disc when the play-list is newly created
from an existing one. When it presents in an r:grant element, this element allows to remove the value of the
resourceLocator in the m1x:protectedResource element from a (new) play-list created from the
associated resource described as a member of m1x:isPartOf.

Figure AMD1.5 — m1x:delist Right

The following grant permits any user to delist the associated (video object) resource
“file:///HDDVDdisc/ADV_OBJ/Vo3” from any play-list created from the associated resource
“file:///cache/playlist003". In this example, the value of the m1x:resourceLocator,
“file:///HDDVDdisc/TM_OBJ/TM3”, will be removed from any newly created play-list that is created from
the existing “playlist003” when the user selects to remove the “Vo3”.


    
   
       file:///HDDVDdisc/TM_OBJ/TM3







  


10.2.4.2.4.2 Normative Specification
Let r be a m1x:delist. Then r identifies the act of removing the Resource from a Resource which is a list of
Resources and contains the Resource to be removed. If a condition m1x:derviationContraint is present,
is satisified and contains a child element m1x:isPartOf, then the Resource should be removed from
Resource identified by the m1x:isPartOf, as the result of performing the act identified by r.
8 © ISO/IEC 2007 – All rights reserved

---------------------- Page: 11 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
If r is used as the Right Member of an authorization request, then the Resource Member of that authorization
request shall be present and shall identify the resource to be removed.
10.2.4.3 Resource Extension Elements
10.2.4.3.1 ProtectedResource
10.2.4.3.1.1 Informative Description
This resource represents a piece of content that is protected with some form of (symmetric key and/or public
key) encryption. The element contains the following child elements: r:digitalResource,
xenc:EncryptedData, and xenc:EncryptedKey.
The r:digitalResource element specifies the resource under consideration. The nonSecureIndirect
element is used to identify the resource. If it is necessary to bind the identifier to the actual content of the
resource, then the secureIndirect element provides elements to include a secure hash
(ds:DigestValue) of the content.
The xenc:EncrytedData is for carrying information about encryption of the resource identified by
r:digitalResource. The xenc:EncryptedKey contains information about encryption of the key (or keys)
that is used to encrypt the resource. It should be clear that, regardless of whether the
xenc:EncryptedData or xenc:EncryptedKey child elements appear, the r:digitalResource child
element always represents the clear-text resource and not the encrypted resource.
The m1x:resourceLocator specifies the location of the associated resource. When the associated right is
either m1x:enlist or m1x:delist, the location specified by this element should be added to or removed
from the related containing resource. This element is different from the r:digitalResource element in that
the latter provides the information for identifying the resource.

Figure AMD1.6 — m1x:protectedResource Resource
Here is an example showing that an MPEG movie resource is encrypted using the AES-128 encryption
algorithm with a key whose key name is “Content Encryption Key Name”, and the AES key is further
encrypted using the RSA encryption algorithm with a key whose key name is “User Key Name” and the
encrypted key value is “AQABAA==”. This way the user can use a key with key name “User Key Name” to
decrypt the resource encryption key from the value “AQABAA==” and use the decrypted key to further decrypt
the encrypted movie resource.
© ISO/IEC 2007 – All rights reserved 9

---------------------- Page: 12 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)


 urn:acme:imsi
 IMSI:2232111123



 
 
 
 
 
 
  
  Content Encryption Key Name
 
 
 
 
 
  User Key Name
 
 
  AQABAA==
 
 
  
 
  Content Encryption Key Name
 



10.2.4.3.1.2 Normative Specification
Let t be an r:ProtectedResource. Then t identifies a Digital Resource whose plaintext sequence of digital
bits b is the sequence of digital bits identified by t/r:digitalResource. Moreover,
⎯ If t/xenc:EncryptedData is present, then it should represent the encryption of b per XMLENC.
⎯ If t/xenc:EncryptedKey is present, then it should represent the encryption of the cryptographic keys
used for encrypting b per XMLENC.
⎯ If t/resourceLocator is present, the URI the value of t/resourceLocator provides the location of
the digital bits b. When the associated right is either m1x:enlist or m1x:delist, the location specified
by this element should be added to or removed from the related containing resource.
10.2.4.4 Condition Extension Elements
10.2.4.4.1 DerivationConstraint
10.2.4.4.1.1 Informative Description
This condition element is used for derivation, including adapting, diminishing, enhancing, playing, enlisting and
delisting of the associated resource. It imposes possible restrictions on the following:
10 © ISO/IEC 2007 – All rights reserved

---------------------- Page: 13 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
⎯ which resource the associated resource has to be part of in order for the derivation to take place;
⎯ which additional resources must or must not become part of the resource into which the associated
resource is derived, and what possible temporal relationships of these additional resources must or must
not have with the associated resource; and
⎯ which resources can be used to replace the associated resource in the derived resource.

Figure AMD1.7 — m1x:derivationConstraint Condition

The element m1x:isPartOf indicates a list of protected resources, one or more of which the associated
resource must be part of.
The element m1x:resouceInclusionList indicates a list of resources, each of which must become,
possibly with respect to some temporal relations, part of the resource into which the associated resource is
derived. The element m1x:resouceExclusionList indicates a list of resources, each of which must not
become, possibly with respect to some temporal relations, part of the resource into which the associated
resource is enhanced. The temporal relations are specified by values of an optional attribute
temporalRelation of the two child elements. The attribute can take one of the following values:
⎯ any: when rendered temporally, each of the list of resources is related to the associated resource in an
unrestricted manner;
⎯ before: when rendered temporally, each resource in the list is before the associated resource;
⎯ after: when rendered temporally, each resource in the list is after the associated resource; and
⎯ simultaneous: when rendered temporally, each resource in the list is simultaneous with the associated
resource.
When the attribute is omitted, the default relation is identical to the one specified by the value “any” of the
attribute.
The element m1x:resourceReplacementList indicates a list of resources, one of which must be used to
replace the associated resource in the resource into which the associated resource is derived.
The condition specified by the m1x:derivationConstraint is satisfied, only if all of the following hold:
© ISO/IEC 2007 – All rights reserved 11

---------------------- Page: 14 ----------------------
ISO/IEC 21000-5:2004/Amd.1:2007(E)
⎯ If m1x:isPartOf is present, the associated resource is part of one or more resources listed in
“m1x:isPartOf”;
⎯ if m1x:resourceInclusionList is present, the derived resource contains all of the resources listed in
m1x:resourceInclusionList element, and all the resources being contained in the derived resource
satisfy the respective temporal relation with the associated resource;
⎯ if m1x:resourceExclusionList is present, the derived resource does not contain any of the
resources listed in m1x:resourceExclusionList with respect to its temporal relation with the
associated resource; and
⎯ if m1x:resourceReplacementList is present, the derived resource contains the associated resource
as the replacement of one of the resources which is contained in the derived resource and also listed in
m1x:resourceReplacementList.
The following grant permits the associated (video object) resource urn:myPlaylist:vo:0 to be enlisted,
but the enlisting must include the resource urn:myPlaylist:vo:1, must include the resource
urn:myPlaylist:vo:2 before the associated resource, must not include the resource
urn:myPlaylist:vo:3, and must not include the resource urn:myPlaylist:vo:4 simultaneously with
the associated resource (which however does not forbid possibly before or after the associated resource).
Because all of the individual resources have their locators specified by the m1x:resourceLocator elements,
the individual locators are enlisted into the playlist.




file:///HDDVDdisc/TM_OBJ/TM0



     < m1x:protectedResource>
         
file:///HDDVDdisc/TM_OBJ/TM1
     


     
         
file:///HDDVDdisc/TM_OBJ/TM2
     
...