- From: John S. Erickson <john.erickson@hp.com>
- Date: Fri, 13 Jun 2003 11:29:21 -0400
- To: "Chiusano Joseph" <chiusano_joseph@bah.com>, <www-drm@w3.org>
Joe Chiusano asks: > I am doing some research on how Digital Rights Management can be used in > conjunction with electronic forms (such as Adobe, PureEdge, etc.). I've > reviewed the ODRL 1.1 specification, and am interested in insight on how > ODRL could be used to satisfy the following high-level requirements: > > (1) Assocate an access control list with an e-form, so that user access > can be enforced > > (2) Enforce access of an e-form to a file system (perhaps through LDAP) > to disallow an e-form from accessing a file system inappropriately JSE: To ensure that your question is properly scoped, I'll restate: It appears that it is your intention to use a REL (specifically ODRL) to create rights specifications that would be the basis for access control for an eForm (e.g. so that only certain parties could use a givien form); and, secondly, to (somehow) control an eForm's access to a file system. First level answer (to the first question) is, you'll need an ODRL-interpreting DRM client written against the Acrobat plugin (as it applies to forms). The applicable (based upon context, subject and target objects) higher-level ODRL rights specification would get interpreted by the plugin and would twiddle the bits (to control usage) as appropriate, based upon evaluation of the policies. Disclaimer: I know that such a plugin would enable an ODRL expression to "hook" the set of generic Acrobat functions that would apply to both forms and normal PDFs (open, print, etc). I DON'T know if there are additional, forms-only actions that are exposed by the API and therefore can be "hooked" by the client (and thus controlled by a rights specification). | John S. Erickson, Ph.D. | Hewlett-Packard Labs | Norwich, Vermont USA | john.erickson@hp.com
Received on Friday, 13 June 2003 11:32:14 UTC