AXMEDIS Tool Core for MPEG-21 Authoring/Playing

AXMEDIS Tool Core for MPEG-21 Authoring/Playing

P. Bellini, P. Nesi, D. Rogai, A. Vallotti DSI-DISIT, Department of Systems and Informatics, University of Florence

Via S. Marta, 3 - 50139 Florence, Italy, nesi@dsi,unifi.it, http://www.disit.dsi.unifi.it

Abstract Despite to the relevance of the MPEG-21 standard,

little has been done by the collectivity about the modeling of authoring tools for the production of MPEG-21 digital objects. The designs and implementation of an MPEG-21 authoring tool presents several critical points to be solved at the architectural level. This paper presents the AXMEDIS Tool Core for MPEG-21 content authoring and playing. The architecture identified and proposed supports both data manipulation flexibility and a high level of security when digital resources are used. The same architecture can be used for structuring other MPEG-21 players. The architecture presented has been adopted to build authoring and player tools developed for the AXMEDIS IST FP6 R&D project. 1. Introduction

The state of the art of content distribution, modeling, composition, formatting, protection and management is grounded on the content formats. Presently, there is a large number of content formats that ranges from the simple files: documents, video, images, audio, multimedia, etc., to integrated content models such MPEG-21 [1] and WEDELMUSIC [2] (proposed in the past by some of the authors of this paper and obtained as a result from an IST European Commission R&D project, FP5), SCORM. The first two models attempt to wrap any digital resource in a container to make them ready for delivering (streaming or download) by using a large range of business and transaction models and supporting them with some DRM (Digital Rights Management) model. The latter format is focused on packaging information for educational content.

More specifically, MPEG-21 is mainly focused on the standardization of the DRM aspects and packaging while WEDELMUSIC was mainly focused on Multimedia Music modeling and provided limited DRM flexibility with an effective implementation of tools for digital item collection and distribution. The standardization process of MPEG-21 is still under completion; presently some parts are mature while others are under evolution. The mechanism of MPEG

standardization process is only focused on the model format and client tools. This means that the architecture for content production, protection and distribution, the single architecture of tools, the business models, the transactions models, etc., are not normative parts. Relevant mature parts of MPEG-21 are related to DRM such as REL (Rights Expression Language) and RDD (Right Data Dictionary) of MPEG-21 [5]. The authors have also worked on DRM aspects in WEDELMUSIC [2] and recently also for REL-RDD MPEG-21 as in [3]. The authors are involved in MPEG forum.

Despite to the relevance of the standard, little has been done by the collectivity about the modeling of authoring tools for the production of MPEG-21 digital objects [4]. Those parts seem to be out of the standardization activity. The implementation of an MPEG-21 authoring tool is a very complex task since it presents several critical points at the architectural level. In fact, it is not simply to guarantee at the same time (i) easy and fast access at the modeled information (metadata, multimedia digital resources, relationships, synchronization, protection information, etc..); (ii) a high/absolute security level giving the possibility to viewers and tools to access at the digital resources under the control of the DRM. In addition, the authoring tool has to be based on an object model capable of supporting: composition of digital resources and MPEG-21 objects, digital item adaptation, integration in the same objects protected and non protected components, etc. In [4], those problems have not been addressed at all, together with the DRM aspects. This paper reports the architecture design and the implementation of the core parts of an MPEG-21 authoring tool (namely AXMEDIS Authoring/Editor Tool) for secure content modeling and processing, implemented, solving a large part of the above mentioned problems and critical points. The architecture is capable of supporting both data access flexibility and a high level of security when resources are used for authoring or for visualization/playing/ execution. The same architecture can be used for structuring other MPEG-21 players and is used for

implementing AXMEDIS players and authoring and content processing tools. AXMEDIS solution is capable of supporting data gathering from accessible Content Management Systems, to transform legacy digital content in AXMEDIS objects, and from these to apply the above mentioned functionalities preserving security level along the whole value chain and thus creating a perfect environment for content production, protection and distribution at both B2B and B2C levels. AXMEDIS solution is mainly based on MPEG-21 model and specialize its format, it provides a P2P tool for content sharing and distribution at B2B level, and it is capable to work with a multichannel architecture for B2C distribution for the production of content on demand. AXMEDIS is a large Integrated Project on Research and Development founded by the European Commission in IST FP6 and includes about 20 partners among them: University of Florence, OD2, HP, COMVERSE, EPFL, FHGIGD, ACIT, AFI, TISCALI, University Pompeo Fabra, University of Leeds, CPR, EXITECH, XIM, University of Reading, etc.

The paper is organized as follows. In section 2, an

application scenario for the tool is reported. An overview of the MPEG-21 is reported in section 3. Section 4 refers to the Object Oriented model for Digital Items. In Section 5, the general architecture of the presented authoring tool for MPEG-21 is reported. In section 6 and 7, details about the class structure of the authoring tool are presented. The user interface of the AXMEDIS Authoring Tool is discussed in Section 8. Conclusions are drawn in Section 9.

2. Authoring tool application scenario

A typical application scenario for our authoring tool is the creation of a digital item from a set of other digital items, each of which could be associated with a set o licenses (formalizing the DRM aspects), and digital resources, e.g., mp3 files, pdf files, etc., typically referred as content.

Fig. 1 – Scenario

The user, interacting with the authoring tool, manages and composes content to produce a new object. Every action taken by the user on the content is controlled and validated by the authoring tool. The validation is made against the licenses owned by the user and related to the managed content, if any.

Licenses are still digital resources, e.g., files. A license expresses which actions can be performed by a user on a specific content (or part thereof) and the condition those actions are subject to. For example: John can embed content X in another object paying a 50€ fee. A license is issued by the content owner or someone who has the rights (own a license) to issue to third party a license related to a piece of content. Some supervisors and a set of tools are capable to verify and constraining the exploitation of the acquired rights only.

In many cases, the authoring tool is only focused on the packaging of digital resource, creation of structured objects and protection of them. Nevertheless, it has been designed to allow plugging-in of resource editing/viewing functionality, e.g., image filtering, sound mixing, etc.

3. MPEG-21 Overview

Presently, many elements exist to build an infrastructure for the delivery and consumption of multimedia content. There is, however, no “big picture” to describe how these elements, either in existence or under development, relate to each other. The vision for MPEG-21 is to define a multimedia framework to enable transparent and augmented use of multimedia resources across a wide range of networks and devices used by different communities.

MPEG-21 definition is still in progress by the MPEG consortium. Digital Items are defined as structured digital objects, including a standard representation and identification, and meta-data. This entity is the fundamental unit of distribution and transaction within the MPEG-21 framework as a whole; it has, however, no further technical meaning.

MPEG-21 is dived into several parts [2]; some these parts have reached a mature state of definition. Such parts are mainly concerned to the declaration of digital items, their identification and the description of the related rights. The parts which are of main interest for this work are: part 2 Digital Item Declaration (DID); part 5 Rights Expression Language (REL); and part 6 Right Data Dictionary (RDD).

The MPEG-21 DID model identifies different elements which compose a digital item and gives for each of them a semantic meaning. The most relevant elements of DID are:

Authoring Tool

Licenses Content

User

• Item – the fundamental exchange element of the whole framework. It could be composed of several Component or nested Item, which contain the content, and Descriptor, which enrich the Item with descriptive information;

• Component – it contains a Resource and the Descriptor associated to;

• Descriptor – container for descriptive information to be associated to various elements of DID model. That information can be Component (e.g. a thumbnail of an image), plain text or machine-readable text (e.g. XML document)

• Resource – it contains the real content or a reference to it. The content is typified through its MIME type, thus any kind of digital resource.

DID is formalized by using an XML schema produced by MPEG. REL and RDD together allow to produce machine-readable licenses. As stated above, licenses are used to grant rights to consumer of digital items. REL fixes the structure of license defining the following elements: • Principal – identifies to whom grant is issued • Right – is the "verb" that a principal can be

granted to exercise against some resource under some condition

• Resource – is the "object" to which a principal can be granted a right

• Condition – specifies the terms, conditions and obligations under which rights can be exercised

Moreover, REL states that licenses have to contain an identification of their issuer (who produces the license). In that way the license can be validated in a recursive way similar to that used in certification systems. The means to verify licenses and rights in MPEG-21 is the so called Authorization Algorithm which is specified in the REL. RDD is a set of clear, consistent, structured, integrated and uniquely identified terms (i.e. verbs, actions) to support REL. Moreover, RDD specifies how to create dictionaries and integrate them together. In that way the set of action which can be expressed in a license can be enlarged by whoever needs to express a concept which is not still defined. REL and RDD together are a powerful means to create licenses which can be verified and validated by MPEG-21 complaint devices.

MPEG will not define any normative way to design and implement MPEG-21 compliant software. Instead, as stated above, it fixes how content and metadata have to be described and exchanged among various element of an infrastructure for content delivery and consumption. Thus, software design and implementation is left to producers.

IPMP-X, which is used in MPEG-4 and MPEG-2, defines how software have to be implemented to

support the hook mechanism and thus to create a secure system. Conversely MPEG-21 will not fix how to implement secure system. MPEG-21 defines how IPMP systems have to be described and the way to request the use of a security system instead of another. Part 4 of MPEG-21 identified as Intellectual Property Management and Protection (IPMP) is in charge to define that description mechanism.

Finally, notice that MPEG-21 do not care about particular kind of business model. It provides the tools to support a large variety of models. In particular, business model can be created/supported using customized model of licensing. Content owner can impose several kind of transaction simply imposing specific consumption condition in licenses: fee payment for each use of the content; subscription; etc.

4. Object Oriented Model for Digital

Item To allow usage and manipulation of digital item

based on the MPEG-21 DID, an object oriented software model has been developed. The model consists of a set of classes modeling all the elements of the DID model [2]. They are a hierarchy of classes specialized from the same base class. That class provides a set of general methods and features to manage the document structure.

The software model gives function to browse the MPEG-21 structure, to modify it and to load/save files MPEG-21 DID compliant. Thus the Object Oriented Model for Digital Item has been exploited in the architecture to be controlled as described in the following sections.

5. General Architecture of the

AXMEDIS core for Authoring/playing tools

Since the content has to be protected against unauthorized accesses the design pattern applied to the authoring tool is the Model-View-Controller, see Fig. 2 for the general architecture. In the diagram, it is depicted a single MPEG-21 Digital Item manipulation, the proposed authoring tools uses several instances of such a subsystem in order to manage at the same time several different objects and views.

The Model stores the content data. The data objects hierarchy representing the DID elements is included in the Model. The Model Status Manager is responsible to allow a correct manipulation of the Model – i.e., avoiding simultaneous read/write access to the same data object by locking mechanism. The Controller is the intermediary of every action performed on the Model. This ensures that all the operations on the data

object in the Model can be executed only after the needed authorization. Thus, a log can be easily produced in order to report internally or outside the history of commands/changes.

The User interacts with the Model by means of Views. They render the data model information and interpret the user commands requesting the controller for actualization. Views are mainly part of the user inetrface, which is described below. How Views request the controller for actualization is furhter explained below in this work.

Fig. 2 – Major aspects of the architecture of the proposed AXMEDIS Core for MPEG-21 Tools.

By “data indexing” is intended a mechanism

(explained below) to index the content without directly access, i.e., views can refer a specific resource element without need a memory pointer to it.

The Controller accepts commands from a View that forward such a request after a user interaction. The View can use a set of predefined commands. Commands are classes provided from the Controller module itself, i.e. those classes are defined in the library which also defines the Controller class. At runtime, one of the available class commands is instantiated by a View which specifies the needed parameters (see below for more details).

This architecture also allows to support cooperative work and to control concurrent work on the Model, etc. It is possible to have multiple Views on the same Model and they can provide different textual or graphical representation of the content.

The typical sequence of actions includes the following steps: user acts on the View; one or more Command instances are initialized with the proper data (i.e., command target, parameters, etc) and submitted to the execution method of the Controller; than the latter processes the command and notifies the View of the changes occurred to the data model, if any. On the basis of the notifications, the View can refresh the visualization of the digital item.

6. The Controller module The classes which compose the Controller module

are depicted in Fig. 3. For space limitation the complete class diagram has not been included, and thus, only the most relevant issues related are addressed.

The commands are defined conceived as a class specialization hierarchy to efficiently organize, and control actions which can be performed on the Model. Thus, all commands derives from a common base class (Command) which exposes the abstract methods for command execution, undo support and grant verification. Those functions are re-defined in all sub-classes. In that way, all commands are treated in the same manner while they expose their own behavior. For instance, for each of them, the corresponding rights (intended as grant needed to perform the corresponding action) must be declared in order to be authorized before executing the proper modifications on the Model and the reverse command has to be available to enable undo mechanism.

The class AxCommandManager exposes methods to the View module (e.g., execute) which are different from those exposed to the Command classes. More specifically, a Command is allowed to get the reference to the Model in order to perform the specific operations by calling directly the methods exposed by the Model.

Fig. 3 – Class Diagram of Controller module.

The Command execution by class

AxCommandManager consists on invoking the execute method of the command instance passing the AxCommandManager reference as a parameter. In this

«interfaccia»IModelStatusManagerListener

AxObject ModelStatusManage

1

1

1

1

AxCommandManage

11

ElementInde

Commands::Command

Commands::CommandAdd

1 *

PMSClien

«uses»

«uses»«interfaccia»

ICommandManagerListene

«uses»

«uses»

ProtectionProcessor

«uses»

1

*

View

Controller

Model

commands external events

data manipulation

internal events

rendering user actions

Model Status Manager

data indexing

authorization algorithm

Views

way each command can access directly to the data model and use it as required.

The data model protection is achieved since the view can only execute the commands on the AxCommandManager (i.e., instantiates one of the predefined classes and passes it to the AxCommandManager) which verifies command grants and authoring tool integrity using services of the PMS Client (Protection Manager Support Client) and of the Protection Processor.

Protection Processor exposes functions for controlling the integrity of the software and for protecting/unprotecting the elements of the data model. Since Protection Processor service has to be unique for the overall application, it has been implemented applying the singleton pattern. That is, only one instance of the class exists for the whole application.

PMS Client is in charge of verifying the grants needed to execute a given command. Therefore, PMS Client implements the REL authorization algorithm of MPEG-21. Moreover, PMS Client is able to communicate with global server to validate licenses. PMS Client has been implemented applying the singleton pattern as well as Protection Processor. Notice that, PMS Client is not directly used by the AxCommandManager because its services have to be used only after tool integrity has been proved by the Protection Processor. For that reason, the functions of PMS Client are wrapped by analogous functions of Protection Processor and AxCommandManager uses the latter only. Thus, Protection Processor verifies the tool integrity before (and eventually after) invoking the linked service of PMS Client.

ICommandManagerListener is an interface which has to be implemented by all classes which want to be informed of data model changes. In particular, this interface is implemented by all the Views. ICommandManagerListener exposes event methods, i.e., methods which are called by the AxCommandManager every time a specific event occurs. For example, after a new element has been successfully added to the data model, the AxCommandManager informs all the registered listeners calling their proper event function.

A sequence diagram, which details how an addition

is requested/elaborated/reported, is depicted in Fig. 4 The diagram shows the interaction among the components of the Controller module. The add command contains two main parameters: the new element to be attached to the structure, and the index of the element at which the new element has to be added i.e., the index of the prospective parent element.

In the diagram, the interaction between Protection Processor and PMS Client is omitted due to problem of space (see below for more details).

Fig. 4 – Sequence diagram of the addition of an element

The element index is an important class in order to maintain aligned the View and the data model structures. A View element includes the ElementIndex of the related data element. The View can get the data element by calling the index resolution method of the AxCommandManager, and can receive a clone of the data element purified from the direct references to the parent/children element in the protected data model. Once the View has obtained the element, this is stored and associated to its corresponding visual rendering.

7. Protection Processor

Protection Processor is the main classes in charge of maintaining the dependability of the authoring tool. From our point of view, a tool is dependable if it manages content respecting constraints and allows content owners (or other delegate entities) to detect constrain infringements.

As depicted in Fig. 5, Protection Processor services

can be divided into four categories: • protection/unprotection of AXMEDIS

element –to unprotect a protected element and to obtain a protected element from a unprotected one

• tool integrity verification – to test the status of the tool through local or remote checks

• sensible information management – to estimate/ retrieve/ manage sensible information such as certificates, user identity, etc…

• PMS Client functions wrapping – isGranted wraps the homonymic function of the PMS Client adding to them the verification of tool integrity.

Fig. 5 – Detailed Interaction among Protection Processor and PMS Client.

Fig. 6 – Detailed Interaction among Protection Processor and PMS Client.

The interactions between Protection Processor and PMS Client during authorization requests is detailed in Fig. 6. As depicted in the picture, the interplay is composed of four main phases: (i) local verification of

tool integrity; (ii) remote verification of tool integrity, (iii) evaluation of requested grants; (iv) update of tool status on the basis of the previous evaluation results.

The double verification of tool integrity (local and

remote) allows reaching a good security level even if the tool works off-line for a period of time, i.e. the Certifier and Supervisor server is not reachable. In fact, during off-line working, Protection Processor and PMS Client cache user actions and system-status related information. That data are sent to the servers as soon as a connection to Certifier and Supervisor servers is available, thus it can compare that information with those it holds.

8. AXMEDIS Authoring Tool User

Interface The main window of the AXMEDIS Authoring

Tool is a MDI frame: a snapshot is shown in Fig. 7. Some basic child windows are at disposal: the

treeview window, which renders the hierarchical structure of MPEG-21 DID allowing the addition/ deletion of elements cut-copy-paste and drag-drop functionalities (see Fig. 8); the attribute viewer/editor dialog which can be invoked by the contextual menu on the treeview and allows editing the attribute of a specific DID element (see Fig. 9); the items and views manager window which shows all the opened Digital Items with all the activated views (different views can be realized on the same basis).

Fig. 7 – AXMEDIS Authoring Tool snapshot.

A suitable dialog can be popped-up on each element of DID depending on the required attributes to be edited/viewed: a dynamic creation of the proper controls in the dialog is realized on the basis of the element type (see an example in Fig. 9).

pmsClient protectionProcessor axCommandManager

isGranted ( AXOID, grant )

getAXCSProxy ()

axcsProxy

doLocalToolVerification ()

getCommunicationCertificate () certificate

getActionLogs () actionLogList

doToolVerification (TID , ToolFPHash, time , newHistoryHash,actionLogList)

releaseAXCSProxy ( axcsProxy )

axcsProxy

tru

tru

clearActionLogs()

isGranted (AXOI , grant ) tru

getLastActionLog () actionLog

New action history hash isevalueted , et .tru

Fig. 8 – Treeview window for Digital Item browsing.

The AXMEDIS Authoring Tool will be also equipped with a resource-oriented view integrated with the above-mentioned tree view. The new view will aid the user to manage resources, and their metadata, without annoying him/her with the heaviness of MPEG-21 Digital Item structure. In fact, a digital item could be very complex and could contain several DID element to associate metadata to resources. However, not all those elements are really useful in a user-friendly visualization of the item.

Fig. 9 – Dialog for viewing/editing element attributes.

9. Conclusions Despite of the relevance of the standard, little has

been done by the collectivity about the modeling of authoring tools for the production of MPEG-21 digital objects. The implementation of an MPEG-21 authoring tool is a complex task since it presents several criticisms to be solved at the architectural level. This paper presented the AXMEDIS Authoring Tool for AXMEDIS MPEG-21 objects editing, processing and browsing. The architecture identified and proposed solved a large part of the above mentioned problems and criticisms. In fact, it is capable of supporting both flexibility and a high level of security when resources are used for authoring or for visualization/ playing/ execution. The same architecture can be used for structuring any MPEG-21 players.

10. Acknowledgements

The authors would like to thanks to all AXMEDIS project partners including the Expert User Group and all affiliated members, for their contributions, funding and collaborations. A specific acknowledgment to EC IST FP6 for the partial funding pf AXMEDIS project.

11. References

[1] Leonardo Chiariglione, MPEG Group, “www.chiariglione.org/mpeg”, standard MPEG-21, 2004.

[2] P. Bellini, J. Barthelemy, I. Bruno, P. Nesi, M. Spinu, ``Multimedia Music Sharing among Mediateques, Archives and Distribution to their attendees", Journal on Applied Artificial Intelligence, Special Issues on Artificial Intelligence for Cultural Heritage and Digital Libraries, Vol.17, N.8-9, pp.773-796, 2003.

[3] P. Bellini, P. Nesi, D. Rogai, A. Vallotti, “MPEG-21 REL Authorization Algorithm, C implementation, with RDD support”, Technical Report, DSI-DISIT, Department of Systems and Informatics, University of Florence, May 2004.

[4] ENIKOS Digital Item Creator, http://www.enikos.com/home.shtml

[5] E.. Rodriguez, S. Llorente, J. Delgado, “Use of rights expression languages for protecting multimedia information”, Proc. of the 4th International Conference on WEB Delivering of Music, Barcelona, 13-14- September, 2004. [6] AXMEDIS: www.axmedis.org