On the operational semantics of rights expression languages

We propose an operational model for formalising and enforcing rights expression languages based on the concept of a rights expression compiler. Our compiler transforms an XML-based rights expression into a programme for a virtual machine. This approach provides a formal way of defining semantics for rights expression languages that can be directly used in practice to enforce the expressions while ensuring their consistency and correctness. We further argue that our model eliminates a number of limitations in previous attempts to associate rights expression languages with formal semantics. We demonstrate the power and practicality of our model by using it to develop operational semantics for the OMA Rights Expression Language, from which a real interpreter can be derived with relatively little effort.

[1]  John C. Mitchell,et al.  Managing Digital Rights using Linear Logic , 2006, 21st Annual IEEE Symposium on Logic in Computer Science (LICS'06).

[2]  Pramod A. Jamkhedkar,et al.  DRM as a layered system , 2004, DRM '04.

[3]  Ninghui Li,et al.  Purpose based access control for privacy protection in relational database systems , 2008, The VLDB Journal.

[4]  Stefan Katzenbeisser,et al.  Towards Formal Semantics for ODRL , 2004, ODRL Workshop.

[5]  Reihaneh Safavi-Naini,et al.  Import/export in digital rights management , 2004, DRM '04.

[6]  Yee Wei Law,et al.  LicenseScript: a novel digital rights language and its semantics , 2003, Proceedings Third International Conference on WEB Delivering of Music.

[7]  Joseph Y. Halpern,et al.  A formal foundation for XrML , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[8]  Pramod A. Jamkhedkar,et al.  A formal conceptual model for rights , 2008, DRM '08.

[9]  Simone Fischer Hübner IT-Security and Privacy : Design and Use of Privacy-Enhancing Security Mechanisms , 2001 .

[10]  Dines Bjørner,et al.  Formal digital license language with OTS/CafeOBJ method , 2008, 2008 IEEE/ACS International Conference on Computer Systems and Applications.

[11]  Riccardo Pucella,et al.  A logic for reasoning about digital rights , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[12]  Riccardo Pucella,et al.  A Formal Foundation for ODRL , 2006, ArXiv.

[13]  Andrew Hutchison,et al.  Persistent access control: a formal model for drm , 2007, DRM '07.

[14]  S. Fischer-h bner IT-Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms , 2001 .

[15]  Carl A. Gunter,et al.  Models and languages for digital rights , 2001, Proceedings of the 34th Annual Hawaii International Conference on System Sciences.

[16]  Steven J. DeRose,et al.  XML Path Language (XPath) Version 1.0 , 1999 .

[17]  Mark Strembeck,et al.  Experiences with the enforcement of access rights extracted from ODRL-based digital contracts , 2003, DRM '03.

[18]  Xin Wang,et al.  XrML -- eXtensible rights Markup Language , 2002, XMLSEC '02.