DRM defects

[Alex Rashevsky]

Hi.
I am exploring DRM technology now.
Forward lock and Combined delivery looks not secure, because hacker can catch midlet in the delivery phase (by PC for example).
But what about Separate delivery? It looks very protected. As I understood, MidLet should be delivered encrypted by AES. And AES key should be sended to the phone by o3.48 SMS. It looks absolutly protected. Am I right? Or separate delivery has any defect too?

[Naveen Mittal]

Hi Alex,

Forward lock and combined delivery is not used for premium content but these are used for sending alerts which has been subscribed by user likes stock exchange updates, cricket score etc.
But Separate delivery is more secure than above two's. The major difference is protected content and licence come at least 2 pass from the Server. Content Issuer isses protected content and Rights Issuer issues Licenses. user can download protected content from anywhere but for playing this content it is required to get license from the RI. This implies virtual marketing Business Model.

One more important point is that OMA DRM 2.0 is more secure than OMA DRM 1.0. Security of Sending and receiving the data to/from the server is done via Cerificaties.

If you have any other specific question regarding OMA DRM 2.0. Please feel free to ask me.

Thanks
Naveen Mittal