- From: David Parrott <David.Parrott@reuters.com>
- Date: Wed, 25 Apr 2001 13:40:44 +0100
- To: "Paskin, Norman (DOI-ELS)" <n.paskin@doi.org>
- Cc: www-drm@w3.org
Norman,
Absolutely agree. I would further say that data dictionaries (/vocabularies)
can themselves be layered. No one data dictionary could hope to
encapsulate all the rights and obligations requirements of all players both
existing and to be defined in the future. Therefore, the glue language should
accommodate alternative and combined sources of vocabularies and, indeed,
dynamically varying sources. I would argue that there is intellectual property
in certain vocabularies and others in which information resides that cannot be
shared with the general community for legal reasons. I look forward to open
languages that take account of flexible data dictionary and vocabulary
management.
Given that I am at least trying to stay on top of several standards activities
right
now, I am more than happy to try to bridge wherever I can. I would expect that
I'm not the only one. One thing is for sure: there'll be a lot of healthy
debate on
these topics over the coming months and, hopefully, a good degree of cross
fertilisation.
Best regards,
/Dave.
_ ______________________________________________________________
Dr David J. Parrott (Chartered Engineer) Chief Technology Office
Reuters Limited, 85 Fleet Street, London EC4P 4AJ, UK.
Direct Line: +44 (0)20 7542 9830, Fax: +44 (0)20 7542 8314
Email: David.Parrott@reuters.com, dparrott@acm.org
|--------+----------------------->
| | "Paskin, |
| | Norman |
| | (DOI-ELS)" |
| | <n.paskin@doi|
| | .org> |
| | |
| | 25/04/2001 |
| | 10:14 |
| | |
|--------+----------------------->
>--------------------------------------------------------------------------|
| |
| To: David Parrott/LON/GB/Reuters@Reuters |
| cc: "'www-drm@w3.org'" <www-drm@w3.org> |
| Subject: RE: XACML - Extensible Access Control Markup Language |
| Header: Internal Use Only |
>--------------------------------------------------------------------------|
Dave: I absolutely agree with your stated fears. Too many cooks spoil the
broth and there is a whole cuisine school out there at present, with varying
degrees of knowledge and ability.
As I think you'll agree DRM isn't one thing. It can certainly be broken
down into some layers. One such breakdown is into an underlying semantics
(a data dictionary of terms); and a use of those terms in an application by
means of an expression (a language). That separation has been called
"Rights Data Dictionary" and "Rights Expression Language" respectively in
e.g. the recent MPEG-21 work., and was obvious in the W3C DRM (indecs as
exemplar of semantics, ODRL and XRML as expression)
indecs focussed on the semantic analysis and was successful; see practical
commercial implementatioins in ONIX, DOI, etc. It's planned to build
further semantic analysis in the rights area as a Data Dictionary, under the
indecs2 umbrella (IDF has a role in funding the feasibility study to build
support to do this - see IDF FUNDS STUDY OF MULTIMEDIA INTELLECTUAL PROPERTY
RIGHTS April 17, 2001 http://www.doi.org/news/010418-multimediaIP.html).
The detailed document (now in preparation) which describes that study
explores this separation further. I see from the XACML press release:
"XACML will define the representation for rules that specify the who, what,
when and how of information access," explained Simon Y. Blackwell of Psoom,
chair of the OASIS XACML Technical Committee. "Access control, which is
often called 'rights management' or 'entitlement management,' determines who
can look at something, what they can do with it, the type of device they can
look at it on, etc."
So (as I said in another posting) it seems to me that the effort is not
going to be doing the necessary *semantic* work of the Rights Data
Dictionary, as discussed at MPEG Singapore in the Rights Requirements
sessions, and the W3C DRM. It seems more to be standard XML expressions of
this ("the representation for rules" rather than "the rules")? If it is
indeed planning to do the semantic work, then for the reasons you note it
needs to talk to indecs2. Clearly it has relevance anyway and I have
suggested a contact between OASIS and the indecs2 activity , and which is
planned to be the basis for the indecs2 development of the Rights Data
Dictionary (for feed in to MPEG-21). Can you be the bridging contact here?
I'd be interested in seeing how we can indeed whilst still getting both the
semantic and the expression work done.
Norman
-----Original Message-----
From: David Parrott [mailto:David.Parrott@reuters.com]
Sent: 25 April 2001 09:28
To: www-drm@w3.org
Subject: Re: XACML - Extensible Access Control Markup Language
You will note from the Press Release from OASIS that Reuters is one of
the initial members of the OASIS XACML Technical Committee. I will be
taking part in the kick-off teleconference on 12 May and would hope
that any work undertaken by OASIS will be aligned as closely as
possible to the many other efforts currently in the process of
starting up. I am fearful that too many competing standards will have
the following effects:
1/ to dilute the effort applied in any one place
2/ to spread too thin the efforts of those who are trying to keep
up with (i.e., by active participation) multiple standards
3/ to reduce the likelihood of truly interoperable systems
4/ to impact credibility
Looking at the PKI space, one sees many standards in place (PKIX,
OCSP, PKCS, S/MIME, etc) but each of those is operating in a slightly
different problem domain. My concern about the rights management
standards is that there is significant overlap. I would be looking,
ideally, for niches to be identified in which the different standards
excel and which are complementary. Clearly, lines of responsibility
need to be drawn.
Regards,
/Dave.
_ ______________________________________________________________
Dr David J. Parrott (Chartered Engineer) Chief Technology Office
Reuters Limited, 85 Fleet Street, London EC4P 4AJ, UK.
Direct Line: +44 (0)20 7542 9830, Fax: +44 (0)20 7542 8314
Email: David.Parrott@reuters.com, dparrott@acm.org
|--------+----------------------->
| | Rigo Wenning |
| | <rigo@w3.org>|
| | |
| | 24/04/01 |
| | 23:36 |
| | |
|--------+----------------------->
>-------------------------------------------------------------------|
| |
| To: DRM-Public-List <www-drm@w3.org> |
| cc: (bcc: David Parrott/LON/GB/Reuters) |
| Subject: XACML - Extensible Access Control Markup |
| Language |
| Header: Internal Use Only |
>-------------------------------------------------------------------|
----- Forwarded message from Larry Gussin <ldgussin@home.com> -----
Date: Tue, 24 Apr 2001 13:14:56 -0400 (EDT)
Message-ID: <00b101c0ccd8$8e395c60$16c60b41@pwtkt1.ri.home.com>
From: "Larry Gussin" <ldgussin@home.com>
To: <www-drm@w3.org>
Subject: [Moderator Action] XACML - Extensible Access Control Markup
Language
Hi,
I worked at Intertrust for some years, and so am familiar with DRM concepts.
I
note XACML, which was begun at IBM and announced today by OASIS as a
technical
committee, as another form of XML-based rights language, growing out of
enterprise access control practices:
http://xml.coverpages.org/XACML-PR20010424.html. The XACML web page:
http://xml.coverpages.org/xacl.html.
>From the press release:
"XACML will define the representation for rules that specify the who, what,
when
and how of information access," explained Simon Y. Blackwell of Psoom, chair
of
the OASIS XACML Technical Committee. "Access control, which is often called
'rights management' or 'entitlement management,' determines who can look at
something, what they can do with it, the type of device they can look at it
on,
etc."
I'd appreciate hearing how this effort might fit in.
Larry Gussin
----- End forwarded message -----
-----------------------------------------------------------------
Visit our Internet site at http://www.reuters.com
Any views expressed in this message are those of the individual
sender, except where the sender specifically states them to be
the views of Reuters Ltd.
-----------------------------------------------------------------
Visit our Internet site at http://www.reuters.com
Any views expressed in this message are those of the individual
sender, except where the sender specifically states them to be
the views of Reuters Ltd.
Received on Wednesday, 25 April 2001 08:43:16 UTC