B.Rosenblatt presentation of LCP, epub summitLaurent Le Meur
This presentation was given at the EPUB summit on April 7th, 2016, by Bill Rosenblatt, from GiantSteps, US. It presents the status of the Licensed Content Protection DRM, to be implemented as a plug-in of the Readium SDK.
B.Rosenblatt presentation of LCP, epub summitLaurent Le Meur
This presentation was given at the EPUB summit on April 7th, 2016, by Bill Rosenblatt, from GiantSteps, US. It presents the status of the Licensed Content Protection DRM, to be implemented as a plug-in of the Readium SDK.
In our rapidly evolving digital world, where our online activities are under scrutiny by hackers, safeguarding our digital privacy has become the number one priority.
Ubucon 2013, licensing and packaging OSSNuno Brito
As developers of open source and free software, we share our code freely with the world. It feels great. The problem is when someone points out that the code can't be used for some odd reason. Either because of missing license information or because the reported licenses are incompatible.
If you're writing code then you shouldn't miss this talk. We'll be showing which licenses you should avoid mixing (for e.g Apache v2 inside GPL v2) and other tips to avoid a licensing headache. In the end we'll talk about the SPDX format introduced by the Linux Foundation and show practical examples.
Open Source & What It Means For Self-Sovereign Identity (SSI)Evernym
Open source and open standards have been two pillars of self-sovereign identity since the beginning. Only by breaking down barriers to both development and production can we ensure that SSI works for everyone, everywhere.
Openness is also at the core of how Evernym operates, and our motivation for launching Sovrin, subsequently donating Hyperledger Indy to the world, and more recently, open-sourcing our own products.
In this webinar, we covered:
- The importance of open source software, and why it's needed for self-sovereign identity
- The open source tools available today, from Hyperledger Indy and Aries to Evernym's Verity
- What Evernym's open-sourcing of Verity means for developers
- Getting started with either open source or our free Sandbox plan
What is DRM?
DRM standards
Microsoft Playready , Apple FairPlay , OMA DRM
DRM Techniques
Streaming standards
HTTP live stream, MPEG DASH etc.
DRM content playback
Silverlight, Flash, HTML5 Premium Video Extensions
Managing Software Dependencies and the Supply Chain_ MIT EM.S20.pdfAndrew Lamb
Slides presented at an MIT seminar: Wrangling Software Projects
Provides both a commercial and an open-source perspective on the benefits, costs, and risks of taking on dependencies.
Not my problem - Delegating responsibility to infrastructureYshay Yaacobi
Slides for for my talk, appeared on Code-Europe Poznan 12.06.2018
(https://www.codeeurope.pl/en/speakers/yshay-yaacobi)
https://github.com/yshayy/not-my-problem-talk
https://github.com/Yshayy/not-my-problem-talk/blob/master/slides/demo.md
Premium content protection is key to a successful content monetization strategy and with the recent evolution of streaming formats and standards, it is now easier than ever to create DRM-protected streaming systems. The ability to support all of today’s DRMs - including Widevine, Fairplay and PlayReady – in an efficient and easy-to-manage workflow is crucial for operators who want to enable richer feature sets, such as offline viewing and TVE.
Join Irdeto and Bitmovin for a live webinar as we explore
+ Common approaches for Digital Rights Management in 2018
+ Changes coming to common workflows with CMAF
+ Real-world implementations of simple and complex systems
Watch the webinar! >> https://buff.ly/2ILcSp3
XMPP and SIP Presence Protocols for Messaging and Session Control.pptxGSCWU
XMPP is the Extensible Messaging and Presence Protocol, a set of open technologies for instant messaging, presence, multi-party chat, voice and video calls, collaboration, lightweight middleware, content syndication, and generalized routing of XML data.
XMPP was originally developed in the Jabber open-source community to provide an open, decentralized alternative to the closed instant messaging services at that time
The Session Initiation Protocol is a signaling protocol that enables the Voice Over Internet Protocol (VoIP) by defining the messages sent between endpoints and managing the actual elements of a call. SIP supports voice calls, video conferencing, instant messaging, and media distribution.
Princeton Dec 2022 Meetup_ NiFi + Flink + PulsarTimothy Spann
Princeton Dec 2022 Meetup_ NiFi + Flink + Pulsar
Streaming Data Platform for cloud-native event-driven applications
https://github.com/tspannhw/pulsar-csp-ce/blob/main/weather.md
https://github.com/tspannhw/create-nifi-pulsar-flink-apps
https://medium.com/@tspann/using-apache-pulsar-with-cloudera-sql-builder-apache-flink-b518aa9eadff
https://www.meetup.com/new-york-city-apache-pulsar-meetup/events/289674210/
For non-locals, we will Broadcast Live via Youtube. Sign up and we will send out the link.
Location:
TigerLabs in Princeton on the 2nd floor, walk up and the door will be open. Same that we were using for the old Future of Data - Princeton events 2016-2019.
Parking at the school is free. street parking nearby is free. there are meters on some streets, and a few blocks away is a paid parking garage.
We are joining forces with our friends Cloudera again on a FLiPN amazing journey into Real-Time Streaming Applications with Apache Flink, Apache NiFi, and Apache Pulsar.
Discover how to stream data to and from your data lake or data mart using Apache Pulsar™ and Apache NiFi®. Learn how these cloud-native, scalable open-source projects built for streaming data pipelines work together to enable you to quickly build applications with minimal coding.
|WHAT THE SESSION WILL COVER|
Apache NiFi
Apache Pulsar
Apache Flink
Flink SQL
We will show you how to build apps, so download beforehand to Docker, K8, your Laptop, or the cloud.
Cloudera CSP Setup
Getting Started with Cloudera Stream Processing Community Edition
You may download CSP-CE here:
Cloudera Stream Processing Community Edition
The Cloudera CDP User's page:
CDP Resources Page
https://youtu.be/s80sz3NWwHo
https://docs.cloudera.com/csp-ce/latest/index.html
https://www.cloudera.com/downloads/cdf/csp-community-edition.html
Apache Pulsar
https://pulsar.apache.org/docs/getting-started-standalone/
or
https://streamnative.io/free-cloud/
Cloudera + Pulsar
https://community.cloudera.com/t5/Cloudera-Stream-Processing-Forum/Using-Apache-Pulsar-with-SQL-Stream-Builder/m-p/349917
https://community.cloudera.com/t5/Community-Articles/Using-Apache-NiFi-with-Apache-Pulsar-for-Streaming/ta-p/337891
|AGENDA|
6:00 - 6:30 PM EST: Food, Drink, and Networking!!!
6:30 - 7:15 PM EST: Presentation - Tim Spann, StreamNative Developer Advocate
7:15 - 8:00 PM EST: Presentation - John Kuchmek, Cloudera Principal Solutions Engineer
8:00 - 8:30 PM EST: Round Table on Real-Time Streaming, Q&A
|ABOUT THE SPEAKERS|
John Kuchmek is a Principal Solutions Engineer for Cloudera. Before joining Cloudera, John transitioned to the Autonomous Intelligence team where he was in charge of integrating the platforms to allow data scientists to work with various types of data.
Tim Spann is a Developer Advocate for StreamNative. He works with StreamNative Cloud, Apache Pulsar™, Apache Flink®, Flink® SQL, Big Data, the IoT, machine learning, and deep learning. Tim has over a decade of experience with the IoT, big data, dist
How to Test Security and Vulnerability of Your Android and iOS AppsBitbar
Watch a live presentation at http://offer.bitbar.com/how-to-test-security-and-vulnerability-of-your-android-and-ios-apps
Majority of today’s mobile apps consist of third-party code/libraries. This is a prudent and well-accepted development practice that offloads the task of developing code for non-core functions of your mobile app – or game. Identifying third-party code, its vulnerabilities and its license restrictions, is highly critical in order to understand your security exposure and your liability.
Stay tuned and join our upcoming webinars at http://bitbar.com/testing/webinars/
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...sparkfabrik
This talk "What is the secure software supply chain and the current state of the PHP ecosystem" discusses the current state of the software supply chain, the big global recent events (SolarWinds, log4shell, codecov, packagist) and the state of the PHP and Drupal ecosystem, the threats and the mitigations that can be applied using tools like Sigstore, Syft, and Grype for digital signatures, SBOM generation, and automatic vulnerability scanning and how to use them for real-world projects to gain unprecedented levels of knowledge of your digital artifacts.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
More Related Content
Similar to 2016 Readium LCP workshop at EPUB Summit
In our rapidly evolving digital world, where our online activities are under scrutiny by hackers, safeguarding our digital privacy has become the number one priority.
Ubucon 2013, licensing and packaging OSSNuno Brito
As developers of open source and free software, we share our code freely with the world. It feels great. The problem is when someone points out that the code can't be used for some odd reason. Either because of missing license information or because the reported licenses are incompatible.
If you're writing code then you shouldn't miss this talk. We'll be showing which licenses you should avoid mixing (for e.g Apache v2 inside GPL v2) and other tips to avoid a licensing headache. In the end we'll talk about the SPDX format introduced by the Linux Foundation and show practical examples.
Open Source & What It Means For Self-Sovereign Identity (SSI)Evernym
Open source and open standards have been two pillars of self-sovereign identity since the beginning. Only by breaking down barriers to both development and production can we ensure that SSI works for everyone, everywhere.
Openness is also at the core of how Evernym operates, and our motivation for launching Sovrin, subsequently donating Hyperledger Indy to the world, and more recently, open-sourcing our own products.
In this webinar, we covered:
- The importance of open source software, and why it's needed for self-sovereign identity
- The open source tools available today, from Hyperledger Indy and Aries to Evernym's Verity
- What Evernym's open-sourcing of Verity means for developers
- Getting started with either open source or our free Sandbox plan
What is DRM?
DRM standards
Microsoft Playready , Apple FairPlay , OMA DRM
DRM Techniques
Streaming standards
HTTP live stream, MPEG DASH etc.
DRM content playback
Silverlight, Flash, HTML5 Premium Video Extensions
Managing Software Dependencies and the Supply Chain_ MIT EM.S20.pdfAndrew Lamb
Slides presented at an MIT seminar: Wrangling Software Projects
Provides both a commercial and an open-source perspective on the benefits, costs, and risks of taking on dependencies.
Not my problem - Delegating responsibility to infrastructureYshay Yaacobi
Slides for for my talk, appeared on Code-Europe Poznan 12.06.2018
(https://www.codeeurope.pl/en/speakers/yshay-yaacobi)
https://github.com/yshayy/not-my-problem-talk
https://github.com/Yshayy/not-my-problem-talk/blob/master/slides/demo.md
Premium content protection is key to a successful content monetization strategy and with the recent evolution of streaming formats and standards, it is now easier than ever to create DRM-protected streaming systems. The ability to support all of today’s DRMs - including Widevine, Fairplay and PlayReady – in an efficient and easy-to-manage workflow is crucial for operators who want to enable richer feature sets, such as offline viewing and TVE.
Join Irdeto and Bitmovin for a live webinar as we explore
+ Common approaches for Digital Rights Management in 2018
+ Changes coming to common workflows with CMAF
+ Real-world implementations of simple and complex systems
Watch the webinar! >> https://buff.ly/2ILcSp3
XMPP and SIP Presence Protocols for Messaging and Session Control.pptxGSCWU
XMPP is the Extensible Messaging and Presence Protocol, a set of open technologies for instant messaging, presence, multi-party chat, voice and video calls, collaboration, lightweight middleware, content syndication, and generalized routing of XML data.
XMPP was originally developed in the Jabber open-source community to provide an open, decentralized alternative to the closed instant messaging services at that time
The Session Initiation Protocol is a signaling protocol that enables the Voice Over Internet Protocol (VoIP) by defining the messages sent between endpoints and managing the actual elements of a call. SIP supports voice calls, video conferencing, instant messaging, and media distribution.
Princeton Dec 2022 Meetup_ NiFi + Flink + PulsarTimothy Spann
Princeton Dec 2022 Meetup_ NiFi + Flink + Pulsar
Streaming Data Platform for cloud-native event-driven applications
https://github.com/tspannhw/pulsar-csp-ce/blob/main/weather.md
https://github.com/tspannhw/create-nifi-pulsar-flink-apps
https://medium.com/@tspann/using-apache-pulsar-with-cloudera-sql-builder-apache-flink-b518aa9eadff
https://www.meetup.com/new-york-city-apache-pulsar-meetup/events/289674210/
For non-locals, we will Broadcast Live via Youtube. Sign up and we will send out the link.
Location:
TigerLabs in Princeton on the 2nd floor, walk up and the door will be open. Same that we were using for the old Future of Data - Princeton events 2016-2019.
Parking at the school is free. street parking nearby is free. there are meters on some streets, and a few blocks away is a paid parking garage.
We are joining forces with our friends Cloudera again on a FLiPN amazing journey into Real-Time Streaming Applications with Apache Flink, Apache NiFi, and Apache Pulsar.
Discover how to stream data to and from your data lake or data mart using Apache Pulsar™ and Apache NiFi®. Learn how these cloud-native, scalable open-source projects built for streaming data pipelines work together to enable you to quickly build applications with minimal coding.
|WHAT THE SESSION WILL COVER|
Apache NiFi
Apache Pulsar
Apache Flink
Flink SQL
We will show you how to build apps, so download beforehand to Docker, K8, your Laptop, or the cloud.
Cloudera CSP Setup
Getting Started with Cloudera Stream Processing Community Edition
You may download CSP-CE here:
Cloudera Stream Processing Community Edition
The Cloudera CDP User's page:
CDP Resources Page
https://youtu.be/s80sz3NWwHo
https://docs.cloudera.com/csp-ce/latest/index.html
https://www.cloudera.com/downloads/cdf/csp-community-edition.html
Apache Pulsar
https://pulsar.apache.org/docs/getting-started-standalone/
or
https://streamnative.io/free-cloud/
Cloudera + Pulsar
https://community.cloudera.com/t5/Cloudera-Stream-Processing-Forum/Using-Apache-Pulsar-with-SQL-Stream-Builder/m-p/349917
https://community.cloudera.com/t5/Community-Articles/Using-Apache-NiFi-with-Apache-Pulsar-for-Streaming/ta-p/337891
|AGENDA|
6:00 - 6:30 PM EST: Food, Drink, and Networking!!!
6:30 - 7:15 PM EST: Presentation - Tim Spann, StreamNative Developer Advocate
7:15 - 8:00 PM EST: Presentation - John Kuchmek, Cloudera Principal Solutions Engineer
8:00 - 8:30 PM EST: Round Table on Real-Time Streaming, Q&A
|ABOUT THE SPEAKERS|
John Kuchmek is a Principal Solutions Engineer for Cloudera. Before joining Cloudera, John transitioned to the Autonomous Intelligence team where he was in charge of integrating the platforms to allow data scientists to work with various types of data.
Tim Spann is a Developer Advocate for StreamNative. He works with StreamNative Cloud, Apache Pulsar™, Apache Flink®, Flink® SQL, Big Data, the IoT, machine learning, and deep learning. Tim has over a decade of experience with the IoT, big data, dist
How to Test Security and Vulnerability of Your Android and iOS AppsBitbar
Watch a live presentation at http://offer.bitbar.com/how-to-test-security-and-vulnerability-of-your-android-and-ios-apps
Majority of today’s mobile apps consist of third-party code/libraries. This is a prudent and well-accepted development practice that offloads the task of developing code for non-core functions of your mobile app – or game. Identifying third-party code, its vulnerabilities and its license restrictions, is highly critical in order to understand your security exposure and your liability.
Stay tuned and join our upcoming webinars at http://bitbar.com/testing/webinars/
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...sparkfabrik
This talk "What is the secure software supply chain and the current state of the PHP ecosystem" discusses the current state of the software supply chain, the big global recent events (SolarWinds, log4shell, codecov, packagist) and the state of the PHP and Drupal ecosystem, the threats and the mitigations that can be applied using tools like Sigstore, Syft, and Grype for digital signatures, SBOM generation, and automatic vulnerability scanning and how to use them for real-world projects to gain unprecedented levels of knowledge of your digital artifacts.
Similar to 2016 Readium LCP workshop at EPUB Summit (20)
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
2016 Readium LCP workshop at EPUB Summit
1. European Digital Reading Lab
Licensed Content Protection (LCP)
EPUB Summit workshop
Laurent Le Meur
2. Scope of the workshop
● Update the participants on the architecture of Readium LCP, the workflow, the
state of the developments, the agenda, the costs involved;
● Detail the certification process;
● Exchange on the level of protection of Readium LCP;
● Exchange on the level of support of this new DRM by the participants.
3. DRM = Digital Rights Management
Technical
implementation of a
business model (ex.
Library lending)
Protection against wild
dissemination (anti-
pirating)
Are obligations more than
rights
Complexify access to e-books
Lower interopérability and
accessibility
Hurt honest sharing
Make archiving an illusion
=> push people to use anti-
DRM tools
4. What the devil was he doing in that galley?
LCP implémentation decided in november 2015,
launched in january 2016.
Why do we offer our beloved ebooks to the
DRM Moloch?
- Because public libraries need a better solution than
the Adobe DRM
- Because for most publishers, unprotected EPUB is a
showstopper
- Because the spec is almost ready for 2 years
- Because we have been donated source code to help
5. Goals of Readium LCP
● Simplicity for the user
● Perfect interoperability in the LCP ecosystem
● No limitation on content accessibility
● Offline access to the documents always possible
● Dynamic update of licenses
● Unlimited access (in time) to the documents
● Family sharing possible
● No centralized server
● Low development costs
● Limited cost of certification
7. Readium LCP = simplicity
Encrypted content
Associated decryption key
(passphrase)
The owner of the
passphrase can read the
document
The App can store the key,
so that the user can forget it
9. 2/ License generation
= + + + + +
Protected
content key
Rights Provider
certificate
Passphrase
hint
Signature
License
Personal
data
Standard rights: start/end datetime,
print (# pages),
copy (# characters),
tts (yes/no)
10. Choose a passphrase
A user will usually have one passphrase per bookseller or public library.
Must be easy to remember or find.
A hint stored in the license by the licensor will help the user when needed.
It MUST be clear to the user. In a public library, the user ID can be a good choice.
The passphrase will usually be requested only when a protected document is side
loaded in a new device.
12. 4/ Open with a passphrase
Hint User Passphrase
Signature
checking
EPUB / LCP Content key Clear content
content
The passphrase may be acquired automatically and stored in the
app without user action. The user will use the hint to “remember”
the document passphrase.
13. 5/ Dynamic update of the license
● Early return
● Extended lending
● Requires an online connection
● The licensor can track the number of devices opening the document
15. What is the certification?
● Readium LCP is a DRM ecosystem
● Certification is
○ Guarantee of compliance
○ Guarantee of robustness
○ Guarantee of interoperability
● The specification will be public
● The source code will be open-source (BSD-like)
● But some confidential information will be transferred to the participants to an
LCP ecosystem
○ Root certificate (ITU)
○ Provider certificate
○ Readium LCP 1.0 profile information (unavailable in the specification)
16. Compliance rules, Robustness rules
● Client and server side
● Compliance
○ Server app must alert if *many* devices use the same license
○ Client app must develop an anti-rollback clock (details to be defined)
○ etc.
● Robustness
○ A certain data type must be protected against a certain type of attack to a certain extent
■ Client app must obfuscate the decryption process
■ Client app must hide Readium LCP confidential information
■ Client app must securely store user keys
■ Server app must protect the provider private key
17. Agenda
Q1 2016: development (iOS, MacOS, Android)
Q2 2016: development (iOS, MacOS, Android); first tests; contractual documents;
pricing;
Q3 2016: interop tests; certificate authority setup
Q4 2016: first certifications; launch