The DRM Daemon
Developed by: Duncan Bennett
Introduction
These pages are presented as part of a project to implement a Digital Rights Management (DRM) Controller at the operating system kernel level. The DRM Controller consists of a Kernel Module, which enforces access control rules, and a Daemon Module, which manages and retrieves licenses for the Kernel Module. The design and implementation of the Daemon Module are described here.The Daemon Module
In order to demonstrate that a complete Operating System level DRM Controller is possible, the Daemon Module implements several components. These include a License Manager, a License Store and a License Negotiation Interface. A simple License Server is packaged with the Daemon Module in order to support license negotiations. A secure execution environment is assumed for the purposes of the current prototype. The UML diagram below gives an overview of the Daemon Module components
The responsibilities of the Daemon Module are explained below.
Management of a License Store
The behaviour of the Daemon Module is driven by the License Manager. This component implements the main loop of the daemon process. It is responsible for servicing Kernel Module requests, retrieving licenses from the License Store and initiating the online license negotiation process. A license negotiation is initiated whenever a Kernel Module license request cannot be satisfied. The LicenseManager has the right to add, revoke or modify license content. Licenses are accessed and retrieved using a combination of two criteria. The first is a unique ID which identifies the party that owns the license. The second is a unique ID which identifies the asset associated with the licenseCommunication with the Kernel Module
The Daemon Module handles license requests from the Kernel Module. A device file is used to facilitate communication between the Kernel and Daemon Modules. Upon receiving a license request, the Daemon attempts to retrieve a license from a License Store. If a license is found, the user is validated against a certificate from a certificate store. At present, certifiactes have not been properly implemented. If the user is authenticated, the license sent to the Kernel Module. If no license is available, an error message is immediately sent to the Kernel Module. Next, a license negotiation process is initiated. This gives the user the opportunity to negotiate a license online. If a license is acquired, it is added to the License Store. The diagram below illustrates a successful license request.
Negotiate Licenses with a License Server
If a license is not available from the License Store, the Daemon initiates a negotiation for a new license. The Daemon Module initiates a license negotiation by activating a user interface. A child process is started to await a response from the user interface. This frees the main Daemon process to continue communicating with the Kernel Module. Once a negotiation is complete, a message is sent to the child process. If the message contains a license, the license is added to the license store.Transform Licenses
The use licenses passed to the Kernel Module must be as simple as possible in order to reduce the amount of processing that must be done. It is therefore not desirable to supply the kernel with licenses written in an an xml based format. There are also elements found in a use license that are not needed during the enforcement process. For this reason, the Daemon Module performs some initial parsing of use licenses and transforms them into a non-xml "kernel license".The License Manager makes use of an XML Parser component to transform licenses using XSLT stylesheets. This adds greater flexibility to the Daemon Module. A transformation for a new license schema can be added by registering the schema in a configuration file. Transforms can be registered using the root-element name and root-namespace of the relevant license schema. This allows the XML Parser to select an appropriate transform at run time.
