FDRM Security
4/8/2010
Digital Rights Management for Windows Mobile provides a method for protecting multimedia content from unauthorized playback or duplication. The file-based Digital Rights Management (FDRM) feature allows your device to work with media that have been protected by using FDRM.
Note
FDRM-protected content can only be transferred to portable media, such as a compact flash card, memory stick, smart card, secure digital card or xd card, that has a unique device identifier.
To use the FDRM API, your device must include the following:
- Microsoft default registry settings for User Interface and rights commitment.
- Default DRM Security policy, SECPOLICY_DRM_WAPRIGHTS.
Windows Mobile has a DRM WAP Security Policy, SECPOLICY_DRM_WAPRIGHTS, for WAP push messages that contain FDRM rights objects.
For the highest level of security, a WAP push message must be received only from trusted sources. The SECPOLICY_DRM_WAPRIGHTS policy configuration has a role mask of SECROLE_PPG_TRUSTED or SECROLE_PPG_AUTH so that unauthenticated messages are not accepted by the device. Content from the push router is filtered out based on the trust of the message origin.
Note
Microsoft recommends that OEMs provision the SECPOLICY_DRM_WAPRIGHTS policy to discard WAP messages received from unknown origins.
FDRM-protected content security has the following characteristics:
Windows Mobile FDRM APIs meet OMA DRM v1 standard requirements.
The FDRM engine can be called by any FDRM-enabled application running in the NORMAL or TRUSTED code group.
Determined by the device security configuration and trust granted to third party applications.
Note
FDRM content security depends on the device security implemented. The implemented device security is mobile operator dependant.