5 Realms of Cards N/A serial key or number
5 Realms of Cards N/A serial key or number
List of games containing time travel
Several Characters, including Kang or Doctor Strange, also have the "Time Manipulation"-Ability to warp time backwards or forwards and affect certain objects.
List of Bionicle media
Aside from the toys in the LegoBionicle franchise, Lego has also marketed an ongoing book series, several video games (mostly for the Game Boy Advance), and four computer-animated movies which feature important plot points. A Bioniclecomic book was also published by DC Comics and made available free to members of the Lego Club with some issues of the Lego Magazines. Some comic issues were also posted on the official Bionicle website, cromwellpsi.com There are also various other ancillary products available, such as watches, toothbrushes, and backpacks, as well as online adventure games. Much of the additional content for Generation 1 that was originally available on the now inactive official websites cromwellpsi.com and cromwellpsi.com is now available on an unofficial website called BioMedia Project.
Books[edit]
Novels[edit]
Bionicle Chronicles[edit]
Bionicle Adventures[edit]
Bionicle Legends[edit]
Bionicle Super Chapter books[edit]
Lego Bionicle chapter books[edit]
Collected[edit]
Title | Author | Publication date | ISBN |
Chronicles Collection | Cathy Hapka, Greg Farshtey | March 13, | ISBN |
Adventures: Volume 1 | Greg Farshtey | January 1, | ISBN |
Young Readers series[edit]
Guidebooks[edit]
Activity books[edit]
Comics[edit]
Bionicle[edit]
No. | Title | Sub-series | Publication date | Writer | Artist |
---|---|---|---|---|---|
1 | The Coming of the Toa | N/A | June | Greg Farshtey | Carlos D'Anda |
2 | Deep into Darkness | July | |||
3 | Triumph of the Toa | October | |||
4 | The Bohrok Awake | The Bohrok Saga | January | ||
5 | To Trap a Tahnok | April | |||
6 | Into the Next | May | |||
7 | What Lurks Below | July | |||
8 | The End of the Toa? | September | |||
9 | Divided We Fall | November | |||
10 | Powerless! | N/A | January | Randy Elliott | |
11 | A Matter of Time | March | |||
12 | Absolute Power | May | |||
13 | Rise of the Rahkshi! | July | |||
14 | At Last – Takanuva! | September | |||
15 | Secrets and Shadows | November | |||
16 | Toa Metru! | Metru Nui[c] | January | ||
17 | Disks of Danger | March | |||
18 | Seeds of Doom | May | |||
19 | Enemies of Metru Nui | July | |||
20 | Struggle in the Sky | September | |||
21 | Dreams of Darkness | November | |||
22 | Monsters in the Dark | January | |||
23 | Vengeance of the Visorak | March | |||
24 | Shadow Play | May | |||
25 | Birth of the Rahaga | July | |||
26 | Hanging by a Thread | September | |||
27 | Fractures | November |
Ignition[edit]
No. | Title | Sub-series | Publication date | Writer | Artist |
---|---|---|---|---|---|
0 [d] | Ignition | N/A | January | N/A | Stuart Sayger |
1 | If a Universe Ends | March | Greg Farshtey | ||
2 | Vengeance of Axonn | May | |||
3 | Showdown | July | |||
4 | A Cold Light Dawns | September | |||
5 | In Final Battle | November | |||
6 | Ignition 6[e] | Sea of Darkness | January | ||
7 | Mask of Life, Mask of Doom | March | |||
8 | Sea of Darkness | May | |||
9 | Battle in the Deep! | July | |||
10 | The Death of Mata Nui | September | |||
11 | Death of a Hero | November | |||
12 | Realm of Fear | Battle for Power[f] | March | Leigh Gallagher | |
13 | Swamp of Secrets | July | |||
14 | Endgame | September | |||
15 | Mata Nui Rising | November |
Glatorian[edit]
No. | Title | Sub-series | Publication date | Writer | Artist |
---|---|---|---|---|---|
1 | Sands of Bara Magna | N/A | January | Greg Farshtey | Pop Mhan |
2 | The Fall of Atero | March | |||
3 | A Hero Reborn | July | |||
4 | Before the Storm | September | |||
5 | Valley of Fear | November | |||
6 | All That Glitters | Journey's End | January | ||
7 | Rebirth | March |
Films[edit]
Title | U.S. release date | Director(s) | Screenwriter(s) | Production studio |
---|---|---|---|---|
Bionicle: Mask of Light | September 16, | Terry Shakespeare, David Molina | Alastair Swinnerton, Henry Gilroy, Greg Weisman | Creative Capers Entertainment |
Bionicle 2: Legends of Metru Nui | October 19, | Henry Gilroy, Greg Klein, Tom Pugsley | ||
Bionicle 3: Web of Shadows | October 11, | Brett Matthews | ||
Bionicle: The Legend Reborn | September 16, | Mark Baldo | Greg Farshtey | Threshold Animation Studios |
Notes
- The Legend Reborn was originally planned as the first film in a new trilogy, but its sequels were scrapped following Lego's decision to discontinue the Bionicle toy line.
- A film based on Bionicle's storyline was planned prior to the franchise's launch, but never reached production.
- The soundtracks for the first three films, composed by Nathan Furst, were each digitally released in
TV series[edit]
Series | Season | Episodes | Originally aired | Showrunner(s) | ||||
---|---|---|---|---|---|---|---|---|
First aired | Last aired | Network | ||||||
Lego Bionicle: The Journey to One | 1 | 4 (+ 1 prologue) | March4,() | July29,() | Netflix | Mathieu Boucher, Jean-Fraçois Tremblay |
Graphic novels[edit]
Generation 1[edit]
- Rise of the Toa Nuva – The Toa Mata arrive on Mata Nui—but is it already too late?
- Challenge of the Rahkshi – The Toa Nuva have to fight Rahkshi and Bohrok-Kal to prepare for the coming of the seventh Toa.
- City of Legends – The Toa Metru fight to save their city from a terrible evil.
- Trial by Fire – The Toa Metru, mutated into Toa Hordika, must save the Matoran, defeat the Visorak, and find the legendary Keetongu before they become beasts.
- The Battle of Voya Nui – The Toa Inika must fight the evil Piraka to save the Great Spirit's life.
- The Underwater City – The Toa Inika have to retrieve the Mask of Life from The Pit before it is too late.
- Realm of Fear – The Toa Nuva have to fight the Brotherhood of Makuta to save a lost Matoran tribe and awaken Mata Nui.
- Legends of Bara Magna – Old stories of Bara Magna will be revealed.
- The Fall of Atero – The Bara Magna residents fight for their freedom against the Skrall.
Generation 2[edit]
- "Gathering of the Toa" – The Toa arrive on the Island of Okoto and battle the evil Skull Spiders.
- "Battle of the Mask Makers" – The story of events leading up to Ekimu and Makuta's confrontation centuries before the Toa arrived.
- A third graphic novel was planned, but was ultimately never released.
Cancelled graphic novels[edit]
- Power of the Great Beings (Issue #10) – Mata Nui must find out the dark secrets of his creators, the Great Beings, and save Bara Magna from a force so evil, it could destroy the entire planet. The project was cancelled while it was a third of the way through.
- Journey's End (Issue #11) – An eleventh graphic novel by the name of Journey's End was planned in advance of the release of the tenth graphic novel. Upon the cancellation of Power of the Great Beings, plans for Journey's End between Papercutz and the Lego Company were abandoned. It would have included the last 2 Bionicle comics and a few Post-Journey's End stories.
Games[edit]
There are also several video games based on Bionicle.
Generation 1[edit]
- Lego Bionicle: Quest for the Toa released for Game Boy Advance in ; is also known as "Tales of the Tohunga" ("Tohunga" being an early word for "Matoran"). It acts as a prelude to the Bionicle saga, telling how Takua gathered the Toa stones and summoned the Toa Mata to Mata Nui. Unlike most games, it is considered canon.
- Mata Nui Online Game Considered to be one of the best Bionicle stories in the whole franchise, MNOG was episodically released onto cromwellpsi.com from January to December of It continues the story of Tales of the Tohunga and follows Takua (known in-game as "The Chronicler") as they journey around Mata Nui. The game was removed from cromwellpsi.com in , but returned as a download in due to high demand from fans.
- Mata Nui Online Game II released on the LEGO Bionicle website, it is the sequel to the Mata Nui Online Game and takes place before and during the events of Bionicle: Mask of Light, in which you play as Hahli of Ga-Koro.
- Bionicle: Matoran Adventures released for Game Boy Advance in , you play as Matoran fighting against the Bohrok swarms.
- Bionicle: The Game released for PC, PlayStation 2, Xbox, GameCube, and Game Boy Advance in ; this is a video game adaptation of the first movie, Mask of Light.
- Bionicle: Maze of Shadows released for Game Boy Advance in , this game expands on the story of Bionicle Adventures #6: Maze of Shadows.
- Bionicle Heroes was released for PC, PlayStation 2, Xbox , Gamecube, Game Boy Advance, and Nintendo DS in November , with a Wii version released later in In the game you play as both the Toa Inika and the Piraka. It was produced by TT Games, the team behind the Lego Star Wars games.
Generation 2[edit]
- Bionicle: Mask of Creation released for iOS devices in
- Bionicle: Mask of Control released for iOS devices in
Canceled Bionicle games[edit]
- Lego Bionicle: The Legend of Mata Nui was planned to be released for PC and would have covered the events of the storyline. The player would have been able to play as each of the six Toa Mata, exploring the island and battling Rahi. Though widely marketed and advertised in the months leading up to its original September release date, the game was suddenly and unceremoniously cancelled by LEGO. Varying reasons for this cancellation were circulated, not least of which revolved around the recent September 11th terror attacks, and subsequently that LEGO thought Legend of Mata Nui was too violent a game to be released to a North American audience so soon after the attack on the World Trade Center. However, according to interviews with former Saffire, Inc. developers, many former members of Legend's development team do not believe this to be the case. In the late 90s and early s, LEGO's various media departments were used to regular mass employee turnover, often to the frustration of LEGO's contracted development studios. Former Saffire, Inc. developers say this was a key reason Legend of Mata Nui was canned. In a shift in LEGO's management allowed for a pitch from eventual Bionicle: The Game developer Argonaut Games to catch LEGO's eye, and combined with Saffire's well-known financial woes led LEGO to pull the plug on Legend's development.[1] In communication with Bionicle fan forum cromwellpsi.com, a LEGO employee only specified as "Michael" cited Legend's chip compatibility and the timing of the release as reasons for the cancellation.[2] In February , a functioning alpha build of the game was recovered[3] and through the diligent work of fan developers a beta version of the game was released to the public on May 12, [4]
- Bionicle: City of Legends was a planned sequel to Bionicle: The Game set for release in Intended to tie in to the "Metro Nui" storyline, it is presumed that players would control the Toa Metru. Argonaut Games liquidation prevented City of Legends from being completed, but a small playable tech demo exists.
Trading card game[edit]
During the first year of the BIONICLE toyline, in , McDonald's distributed packets of cards with their 'kids' meals. There were five cards in each one: four regular, and one holographic or "special" card. The packet came with a mini comic that had an instruction booklet telling the person how to play the game. There was another card game that was sold (instead of collected, like the above) which included a board along with other accessories to play the game.
In LEGO also distributed the "Phantoka Trading Card Game", which were given away for free in little packages which included about six trading cards with a picture and information of one of the Toa Nuva, Makuta, Av-Matoran or Shadow Matoran. The package also included one holographic card, which featured the combination of a Phantoka and a Matoran. The packages were given away for free in many toy stores in Europe if you bought a Phantoka set.
More media[edit]
Besides the movies, books, comics, et cetera, there are other ways parts of the Generation 1 story have been told. Much of this content is now available on the unofficial BioMedia Project website.
Reading materials[edit]
cromwellpsi.com had some information about parts of the Generation 1 story, including some character biographies.
cromwellpsi.com had several sections containing information about the Generation 1 characters, locations, and more. Among the offerings were also story serials and "blog" chapters, the latter being each one or two pages of story text styled as a journal entry from one of the fictional Bionicle characters.
Audio[edit]
cromwellpsi.com had two downloadable MP3s (as well as two PDF files with the "lyrics" to the MP3s) that describe the rise the giant robotic body of Mata Nui out of its slumber and his exile from said body when Makuta Teridax took it over in the Generation 1 plotline.[5]
cromwellpsi.com also had many podcasts recorded by Bionicle writer Greg Farshtey available for download in the "Latest Story" area of the site that tell much of the Generation 1 story.[6]
On the homepage for cromwellpsi.com, there was a collection of audio recordings, called the Mata Nui Saga, that told some of Mata Nui's story. Each one had a picture, text, and music with it. They were split into thirty-four "chapters."
There were also downloadable songs and other things on the website that were inspired by different sections of the Generation 1 storyline.
Notes[edit]
- ^The seventh edition was originally set to be a novel titled Invasion; it was scrapped due to low book sales.
- ^Only physically available in Polish. The English version was published chapter-by-chapter onto the official Bionicle website in
- ^Issues 16—21 are sub-titled City of Legends.
- ^Issue 0 is an exclusive comic featuring an interview with artist Stuart Sayger.
- ^Also known as Web Comic due to initially being released online.
- ^The script for a scrapped comic that was due to be released between Issues 12—13 was published on the official Bionicle website as Comic .
References[edit]
The Digital Dilemma: Intellectual Property in the Information Age ()
Page
5
Protecting Digital Intellectual Property:
Means and Measurements
Recent years have seen the exploration of many technical mechanisms intended to protect intellectual property (IP) in digital form, along with attempts to develop commercial products and services based on those mechanisms. This chapter begins with a review of IP protection technology, explaining the technology's capabilities and limitations and exploring the consequences these capabilities may have for the distribution of and access to IP. Appendix E presents additional technical detail, attempting to demystify the technology and providing an introduction to the large body of written material on this subject.
This chapter also addresses the role of business models in protecting IP. Protection is typically conceived of in legal and technical terms, determined by what the law permits and what technology can enforce. Business models add a third, powerful element to the mix, one that can serve as an effective means of making more digital content available in new ways and that can be an effective deterrent to illegitimate uses of IP.
The chapter also considers the question of large-scale commercial infringement, often referred to as piracy. It discusses the nature of the data concerning the rates of commercial infringement and offers suggestions for improving the reported information.
The chapter concludes with a discussion of the increasing use of patents to protect information innovations such as software and Internet business models, and explores the question of whether the patent system is an appropriate mechanism to protect these innovations.
Page
Technical Protection
The evolution of technology is challenging the status quo of IP management in many ways. This section and Appendix E focus on technical protection services (TPSs) that may be able to assist in controlling the distribution of digital intellectual property on the Internet.1 The focus here is on how technical tools can assist in meeting the objectives stated throughout the report, as well as what they cannot do and what must therefore be sought elsewhere. Appendix Explores how the tools work, details what each kind of tool brings to bear on the challenges described throughout the report, and projects the expected development and deployment for each tool. For ease of exposition,m the presentation in this chapter is framed in terms of protecting individual objects (texts, music albums, movies, and so on); however,many of the issues raised are applicable to collections ( e.g., libraries and databases),2 and many of the techniques discussed are relevant to them as well.
A number of general points are important to keep in mind about TPSs:
• Technology provides means, not ends; it can assist in enforcing IP policy, but it cannot provide answers to social, legal, and economic questions about the ownership of and rights over works, nor can it make up for incompletely or badly answered questions.
• No TPS can protect perfectly. Technology changes rapidly, making previously secure systems progressively less secure. Social environments also change, with the defeat of security systems attracting more (or less) interest in the population. Just as in physical security systems, there are inherent trade-offs between the engineering design and implementation quality of a system on the one hand and the cost of building and deploying it on the other. The best that can be hoped for is steady improvement in TPS quality and affordability and keeping a step ahead of these bent on defeating the systems.
1Note that the phrase "technical protection services" is used deliberately. Although it is tempting to talk about technical protection systemspackages of tools integrated into digital environments and integrated with each otherthe committee believes that such systems are difficult to implement reasonably in the information infrastructure, an open network of interacting components, lacking boundaries that usefully separate inside and outside. In this environment it is better to talk about technical protection services; services; each service will be drawn on by information infrastructure components and will generally interact with other services.
2For example, as reported by a committee member, in February the special assistant to the director of Chemical Abstracts Service (CAS) indicated that there were one to three "hacking" attempts per day to get into the CAS database.
Page
• While technical protection for intellectual property is often construed as protecting the rights of rights holders to collect revenue, this viewpoint is too narrow. Technical protection offers additional important services, including verifying the authenticity of information (i.e., indicating whether it comes from the source claimed and whether it has been alteredeither inadvertently or fraudulently). Information consumers will find this capability useful for obvious reasons; publishers as well need authenticity controls to protect their brand quality.
• As with any security system, the quality and cost of a TPS should be tailored to the values of and risks to the resources it helps protect: The newest movie release requires different protection than a professor's class notes.
• Again, as with any security system, there are different degrees of protection. Some TPSs are designed to keep honest people honest and provide only a modest level of enforcement; more ambitious uses seek to provide robust security against professional pirates.
• As with any software, TPSs are subject to design and implementation errors that need to be uncovered by careful research and investigation. Professional cryptologists and digital security experts look for flaws in existing services in order to define better products.
• TPSs almost invariably cause some inconvenience to their users. Part of the ongoing design effort is to eliminate such inconvenience or at least to reduce it to tolerable levels.
• The amount of inconvenience caused by a TPS has been correlated historically with its degree of protection. As a result, in the commercial context, overly stringent protection is as bad as inadequate protection: In either extremeno protection or complete protection (i.e., making content inaccessible)revenues are zero. Revenues climb with movement away from the extremes; the difficult empirical task is finding the right balance.
• Protective technologies that are useful within special-purpose devices (e.g., cable-television set-top boxes or portable digital music players) are quite different from those intended for use in general-purpose computers. For network-attached general-purpose computers, software alone cannot achieve the level of technical protection attainable with special-purpose hardware. However, software-only measures will doubtless be in wide use soon.
Here (and in more detail in Appendix E) the committee provides a layman's description of the most important technical protection mechanisms, suggesting how each can be fit into an overall protection scheme, describing the limitations of each, and sketching current research directions. There are several classes of mechanisms:
Page
• Security and integrity features of computer operating systems include, for example, the traditional file access privileges enforced by the system.
• Rights management languages express in machine-readable form the rights and responsibilities of owners, distributors, and users, enabling the computer to determine whether requested actions fall within a permitted range. These languages can be viewed as an elaboration of the languages used to express file access privileges in operating systems.
• Encryption allows digital works to be scrambled so that they can be unscrambled only by legitimate users.
• Persistent encryption allows the consumer to use information while the system maintains it in an encrypted form.
• Watermarking embeds information (e.g., about ownership) into a digital work in much the same way that paper can carry a watermark. A digital watermark can help owners track copying and distribution of digital works.
For effective protection, the developer of an IP-delivery service must choose the right ingredients and attempt to weave them together into an end-to-end technical protection system. The term ''end-to-end" emphasizes the maintenance of control over the content at all times; the term "protection system" emphasizes the need to combine various services so that they work together as seamlessly as possible.
Protecting intellectual property is a variant of computing and communications security, an area of study that has long been pursued both in research laboratories and for real-world application. Security is currently enjoying renewed emphasis because of its relevance to conducting business online.3 While security technology encompasses a very large area, this discussion is limited to describing generally applicable principles and those technical topics relevant to the management of intellectual property.4
As cryptography is an underpinning for many of the other tools discussed, the following section begins with a brief explanation of this technology.5 Next, the techniques that help manage IP within general-
3As the technology needed for IP may not be affordable for IP alone, there is the possibility of a useful coincidence: The technology needed for IP may be largely a subset of what will be needed for electronic commerce. One concrete example is the Trusted Computing Platform Alliance discussed below.
4For example, the committee passed silently over a concern closely related to IPthe effect of the digital world on personal privacybecause, although there is some intersection of the two sets of issues, they are sufficiently separable and sizable that each is best addressed in its own report.
5A closely related topic, the Public Key Infrastructurea set of emerging standards for distributing, interpreting, and protecting cryptographic keysis primarily of technical interest and is discussed in Appendix E.
Page
purpose computers are described. Finally the discussion turns to technology that can help in consumer electronics and other special-purpose devices.6
Encryption: An Underpinning Technology for Technical Protection Service Components
Cryptography is a crucial enabling technology for IP management. The goal of encryption is to scramble objects so that they are not understandable or usable until they are unscrambled. The technical terms for scrambling and unscrambling are "encrypting" and "decrypting." Encryption facilitates IP management by protecting content against disclosure or modification both during transmission and while it is stored. If content is encrypted effectively, copying the files is nearly useless because there is no access to the content without the decryption key. Software available off the shelf provides encryption that is for all practical purposes unbreakable, although much of the encrypting software in use today is somewhat less robust.
Many commercial IP management strategies plan a central role for what is called "symmetric-key" encryption, so called because the same key is used both to encrypt and decrypt the content. Each object (e.g., movie, song, text, graphic, software application) is encrypted by the distributor with a key unique to that object; the encrypted object can then be distributed, perhaps widely (e.g., placed on a Web site). The object's key is given only to appropriate recipients (e.g., paying customers), typically via a different, more secure route, perhaps one that relies on special hardware.
One example of an existing service using encryption in this way is pay-per-view television. A program can be encrypted with a key and the key distributed to paying customers only. (The special hardware for key distribution is in the set-top box.) The encrypted program can then safely be broadcast over public airwaves. Someone who has not paid and does not have the key may intercept the broadcast but will not be able to view it.
There is, of course, an interesting circularity in symmetric-key encryption. The way to keep a message secret is to encrypt it, but then you also have to send the decryption key so the message recipient can decrypt the message. You have to keep the key from being intercepted while it is
6Where the text that follows identifies specific commercial products and services, it is solely for the purpose of helping to explain the current state of the art. The committee does not endorse or recommend any specific product or service.
Page
being transmitted, but if you have a way to do that, why not use that method to send the original message?
One answer is hinted at above: speed. The key (a short collection of digits) is far smaller than the thing being encrypted (e.g., the television program), so the key distribution mechanism can use a more elaborate, more secure, and probably slower transmission route, one that would not be practical for encrypting the entire program.7
Another answer has arisen in the past 20 years that gets around the conundruma technique called public-key cryptography.8 This technique uses two different keysa public key and a private keychosen so that they have a remarkable property: Any message encrypted with the public key can be decrypted only by using the corresponding private key; once the text is encrypted, even the public key used to encrypt it cannot be used to decrypt it.
The idea is to keep one of these keys private and publish the other one; private keys are kept private by individuals, while public keys are published, perhaps in an online directory, so that anyone can find them. If you want to send a secret message, you encrypt the message with the recipient's public key. Once that is done, only the recipient, who knows the corresponding private key, can decrypt the message. Software is widely available to generate key pairs that have this property, so individuals can generate key pairs, publish their public keys, and keep their private keys private.
As public-key encryption is typically considerably slower (in terms of computer processing) than symmetric-key encryption, a common technique for security uses them both: Symmetric-key encryption is used to encrypt the message, then public-key encryption is used to transmit the decryption key to the recipient.
A wide variety of other interesting capabilities is made possible by public-key systems, including ways to "sign" a digital file, in effect providing a digital signature. As long as the signing key has remained private, that signature could only have come from the key's owner. These additional capabilities are described in Appendix E.
Any encryption system must be designed and built very carefully, as there are numerous and sometimes very subtle ways in which information can be captured. Among the more obvious is breaking the code: If
7The most basic form of "separate mechanism" to send the key is having a codebook of keys hand-carried to the recipient, as has been done for years in the intelligence business. This is not feasible where widescale distribution is concerned.
8The technique was first brought to practical development by R.L. Rivest, A. Shamir, and L.M. Adelman in Rivest et al. (). RSA Security (see <cromwellpsi.com> produces software products based on this development.
Page
the encryption is not powerful enough, mathematical techniques can be used to decrypt the message even without the key. If the key-distribution protocol is flawed, an unauthorized person may be able to obtain the key via either high technology (e.g., wiretapping) or "social engineering" (e.g., convincing someone with access to the key to supply it, a widely used approach). If the system used to read the decrypted information is not designed carefully, the decrypted information may be left accessible (e.g., in a temporary file) after it has been displayed to the user. The point to keep in mind is that cryptography is no magic bullet; using it effectively requires both considerable engineering expertise and attention to social and cultural factors (e.g., providing incentives for people to keep messages secret).9
Access Control in Bounded Communities
Perhaps the most fundamental form of technology for the protection of intellectual property is controlling access to information (i.e., determining whether the requester is permitted to access the information). A basic form of such control has been a part of the world of operating systems software almost from the time operating systems were first implemented, offering limited but useful security. In its simplest form, an access control system keeps track of the identity of each member of the user community, the identities of the data objects, and the privileges (reading, altering, executing, and so on) that each user has for each object. The system consults this information whenever it receives a service request and either grants or denies the request depending on what the privilege indicates.
Existing access control, however, offers only a part of what is needed for dealing with collections of intellectual property. Such systems have typically been used to control access to information for only relatively short periods such as a few years, using only a few simple access criteria (e.g., read, alter, execute), and for objects whose owners are themselves users and who are often close at hand whenever a problem or question arises.
In contrast, access control systems for intellectual property must deal with time periods as long as a century or more and must handle the sometimes complex conditions of access and use. A sizable collectionas indeed a digital library will bealso needs capabilities for dealing with hundreds or thousands of documents and large communities of users (e.g., a college campus or the users of a large urban library).
Such systems will thus need to record the terms and conditions of access to materials for decades or longer and make this information acces-
9See, for example, CSTB ().
Page
sible to administrators and to end users in ways that allow access to be negotiated. This raises interesting questions of user authentication: For example, is the requester who he says he is? Does he have a valid library card? It also raises issues of database maintenance: For example, collections change, rights holders change, and the user community changes as library cards expire. Many other questions must be addressed as well so that systems work at the scale of operation anticipated. Some work along these lines has been done (e.g., Alrashid et al., ), but a considerable amount of development work is still needed.
Some attempts have also been made to represent in machine-readable form the complex conditions that can be attached to intellectual property. This is the focus of what have been called rights management languages, which attempt to provide flexible and powerful languages in which to specify those conditions DPRL (Ramanujapuram, ), for example, attempts to offer a vocabulary in which a wide variety of rights management terms and conditions can be specified.
An important characteristic of these languages is that they are machine-readable (i.e., the conditions can be interpreted by a program that can then grant or deny the desired use). This is superficially the same as a traditional operating system, but the conditions of access and use may be far more complex than the traditional notions used in operating systems. In addition, as will be shown below, these languages are quite useful outside the context of bounded communities. Finally, although large-scale systems have yet to be deployed, rights management language design is not perceived as a roadblock to more robust TPSs.
Enforcement of Access and Use Control in Open Communities
Access control systems of the sort outlined above can be effective where the central issue is specifying and enforcing access to information,
10MPEG-4 offers a general framework of support for rights management, providing primarily a structure within which a rights management language might be used, rather than a language itself. It is nonetheless interesting, partly because it represents the growing recognition that rights management information can be an integral part of the package in which content is delivered. The standard specifies a set of IP management and protection descriptors for describing the kind of protection desired, as well as an IP identification data set for identifying objects via established numbering systems (e.g., the ISBN used for books). Using these mechanisms, the content providers can specify whatever protection strategy their business models call for, from no protection at all to requiring that the receiving system be authorized via a certified cryptographic key, be prepared to communicate in an encrypted form, and be prepared to use a rights management system when displaying information to the end user. For additional information on MPEG-4, see Konen () and Lacy et al. ().
Page
as is typically true in bounded communities represented by, for example, a single corporation or a college campus. In such communities much greater emphasis is placed on questions of original access to information than on questions of what is done with the information once it is in the hands of the user. The user is presumed to be motivated (e.g., by social pressure or community sanctions) to obey the rules of use specified by the rights management information.
A larger problem arises when information is made accessible to an unbounded community, as it is routinely on the Web. The user cannot in general be presumed to obey rules of use (e.g., copyright restrictions on reproduction); therefore, technical mechanisms capable of enforcing such rules are likely to be needed.
A variety of approaches has been explored. The simpler measures include techniques for posting documents that are easily viewed but not easily captured when using existing browsers. One way to do this uses Java routines to display content rather than the standard HTML display. This gives a degree of control over content use because the display can be done without making available the standard operating system copy-and-paste or printing options. A slightly more sophisticated technique is to use a special format for the information and distribute a browser plug-in that can view the information but isn't capable of writing it to the disk, printing, and so on. Knowledgeable users can often find ways around these techniques, but ordinary users may well be deterred from using the content in ways the rights holder wishes to discourage.
There are also a number of increasingly complex techniques for controlling content use that are motivated by the observation made earlier, that digital IP liberates content from mediumthe information is no longer attached to anything physical. When it is attached to something physical, as in, say, books or paintings, the effort and expense of reproducing the physical object offers a barrier to reproduction. Much of our history of and comfort with intellectual property restrictions is based on the familiar properties of information bound to physical substrates. Not surprisingly, then, some technical protection mechanisms seek to restore these properties by somehow "reattaching" the bits to something physical, something not easily reproduced. The description that follows draws on features of several such mechanisms as a way of characterizing this overall approach.
Encryption is a fundamental tool in this task. At a minimum, encryption requires that the consumer get a decryption key, without which a copy of the encrypted content is useless. Buy a digital song, for example, and you get both an encrypted file and a password for decrypting and playing the song.
But this approach secures only the original access to the content and
Page
its transit to the consumer. Two additional problems immediately become apparent. First, the content is still not "attached" to anything physical, so the consumer who wished to do so could pass along (or sell) to others both the encrypted content and the decryption key. Second, the consumer could use the key to decrypt the content, save the decrypted version in a file, and pass that file along to others.
There are several ways to deal with the first problem that involve "anchoring" the content to a single machine or single user. One technique is to encode the identity of the purchaser in the decryption key, making it possible to trace shared keys back to their source. This provides a social disincentive to redistribution A second technique is for the key to encode some things about the identity of one particular computer, such as the serial number of the primary hard drive, or other things that are unlikely to change The decryption software then checks for these attributes before it will decrypt the content. A third technique calls for special hardware in the computer to hold a unique identifier that can be used as part of the decryption key. Some approaches call for this hardware to be encased in tamper-resistant cases, to discourage tampering even by those with the skill to modify hardware. One form of tamper resistance involves erasing the key if any attempt is made to open or manipulate the chip containing it.
Whatever the approach, the intended result is the samethe content can be decrypted only on the machine for which the decryption has been authorized.
But even this protection alone is not sufficient, because it is not persistent. The consumer may legally purchase content and legally decrypt it on her machine, then (perhaps illegally) pass that on to others who may be able to use the information on their machines. The final technological step is to reduce the opportunities for this to happen. Two basic elements are required: (1) just-in-time and on-site encrypting and (2) close control of the input/output properties of the machine that will display the content. Decrypting just in time and on site means that the content is not decrypted until just before it is used, no temporary copies are ever stored, and the information is decrypted as physically close to the usage site as possible. An encrypted file containing a music album, for instance, would not be entirely decrypted and then played, because a sophisticated pro-
11This also has privacy implications that consumers may find undesirable.
12Hard drives typically have serial numbers built into their hardware that can be read using appropriate software but cannot be changed. However, because even hard disks are replaced from time to time, this and all other such attempts to key to the specific hardware will fail in some situations. The idea of course is to select attributes stable enough that this failure rarely occurs.
Page
grammer might find a way to capture the temporary decrypted file. Instead, the file is decrypted "on the fly" (i.e., as each digital sample is decrypted, it is sent to the sound-generation hardware), reducing the ease with which the decrypted sample can be captured. On-site decryption involves placing the decryption hardware and the sound-generation hardware as physically close as possible, minimizing the opportunity to capture the decrypted content as it passes from one place to another inside (or outside) the computer
Some playback devices are difficult to place physically near the computer's decryption hardware. For example, digital camcorders, digital VCRs, digital video disk (DVD) movie players, and so on all require cables to connect them to the computer, which means wires for interconnection, and wires offer the possibility for wiretapping the signal.
One approach to maintaining on-site decryption for peripheral devices is illustrated by the Digital Transmission Content Protection (DTCP) standard, an evolving standard developed through a collaboration of Hitachi, Intel, Matsushita, Sony, and Toshiba (see Box ). The computer and the peripheral need to communicate to establish that each is a device authorized to receive a decryption key. The key is then exchanged in a form that makes it difficult to intercept, and the content is transmitted over the wire in encrypted form. The peripheral device then does its own on-site decryption. This allows the computer and peripheral to share content yet provides a strong degree of protection while the information is in transit to the decryption site.
But even given just-in-time and on-site decryption, a sophisticated programmer might be able to insert instructions that wrote each decrypted unit of content (e.g., a music sample) to a file just before it was used (in this case sent to the sound-generation hardware). Hence, the second basic element in providing persistent encryption is to take control of some of the routine input and output (I/O) capabilities of the computer. There are a number of different ways to attempt this, depending partially on the degree to which the content delivery system is intended to work on existing hardware and software.
The largest (current) market is of course for PCs running off-the-shelf operating systems (such as Windows, Mac, and Linux). In that case the content delivery system must use the I/O routines of the existing operating system. The difficulty here is that these routines were not designed to hide the information they are processing. As a result, using an existing operating system opens another door to capturing the decrypted content.
13Information may be captured by physically wiretapping the cables that route signals inside and outside the computer.
Page
|
Content delivery systems that wish to work in the environment of such operating systems attempt, through clever programming, to reduce the opportunities to capture the decrypted information while the operating system is performing output. But given existing operating systems, abundant opportunities still exist for a sophisticated programmer.
More complex proposals call for replacing parts of, or even the entire, operating system, possibly right down to the BIOS, the basic input/output routines embedded in read-only memory in the computer hardware. Such computers would instead use specially written routines that will not read or write without checking with the decryption hardware on the computer to ensure that the operation is permitted under the conditions of use of the content. This more ambitious approach faces the substantial problem of requiring not only the development of a new and complex operating system but the widespread replacement of the existing installed base as well. This clearly raises the real possibility of rejection by consumers.
Page
The final problem is the ultimate delivery of the information: Music must be played, text and images displayed, and so on. This presents one final, unavoidable opportunity for the user to capture the information. The sophisticated owner of a general-purpose computer can find ways to copy what appears on the screen (e.g., screen capture utilities) or what goes into the speakers (connect an analog-to-digital converter to the speaker wires). As is usual in such matters, the expectation is that this will be tedious enough (capturing a long document screenful by screenful), complex enough (hooking up the converter), or of sufficiently low quality (the captured speaker signal is not identical to the digital original) that all but the most dedicated of thieves will see it as not worth the effort. Nevertheless, those who place substantial faith in elaborate TPSs should keep in mind the necessity of presenting information to the user and the opportunity this provides for capture.
More generally, because all protection mechanisms can eventually be defeated at the source (e.g., as it was with a2b encoding and Windows Media; see Chapter 2), the key questions concern trade-offs of cost and effectiveness. A good mechanism is one that provides the degree of disincentive desired to discourage theft but remains inexpensive enough so that it doesn't greatly reduce consumer demand for the product. A good deal more real-world experience is needed before both vendors and consumers can identify the appropriate trade-offs.
Currently, any system aiming to provide substantial technical protection will rely on encryption, anchoring the bits to a specific machine, and making encryption persistent through just-in-time decryption and low-level control of I/O. Systems using one or more of these ideas are commercially available, and others are under active development. Music delivery systems such as AT&T's a2b and Liquid Audio's Liquid Player, for example, are commercially available. InterTrust, IBM, and Xerox are marketing wide-ranging sets of software products aimed at providing persistent protection for many kinds of content Similar efforts currently under development include the Secure Digital Music Initiative (discussed in Chapter 2) aimed at providing a standard for protecting music.
Copy Detection in Open Communities: Marking and Monitoring
When a valuable digital object is not encrypted and is outside the sphere of control of its rights holder, the only technical means of hinder-
14See <cromwellpsi.com> for information about a2b, <cromwellpsi.com> for information about Liquid Audio, <cromwellpsi.com> for information on the IBM products, <cromwellpsi.com> for information on InterTrust offerings, and <cromwellpsi.com> for information on Xerox's offerings.
Page
ing misuse is to change it in ways that discourage wrongdoing or facilitate detection. A variety of approaches have been used to accomplish these goals. One technique calls for releasing only versions of insufficient quality for the suspected misuses. Images, for example, can be posted on the Web with sufficient detail to determine whether they would be useful, for example, in an advertising layout, but with insufficient detail for reproduction in a magazine.
Another technique embeds in the digital document information about ownership, allowed uses, and so on. One of the simplest and most straightforward ways to do this is by labeling the document in a standard way (so the label can be found) and in a standard vocabulary (so the terms of use may be widely understood). In its simplest format, a digital label could take the form of a logo, trademark, or warning label (e.g., ''May be reproduced for noncommercial purposes only"). Labels are intended to be immediately visible and are a low-tech solution in that they are generally easily removed or changed, offering no enforcement of usage terms.
Labels could, nevertheless, ease the problem of IP management, at least among the (fairly large) audience of cooperative users. Consider the utility of having every Web page carry a notice in the bottom right corner that spelled out the author's position on use of the page. Viewers would at least know what they could do with the page, without having to guess or track down the author, allowing cooperative users to behave appropriately. Getting this to work would require spreading the practice of adding such information, so that authors did it routinely, and some modest effort to develop standards addressing the kinds of things that would be useful to say in the label. There is an existing range of standard legal phrases.
A second category of label attached to some digital documents is a time stamp, used to establish that a work had certain properties (e.g., its content or the identity of the copyright holder) at a particular point in time. The need for this arises from the malleability of digital information. It is simple to modify both the body of a document and the dates associated with it that are maintained by the operating system (e.g., the creation date and modification date).
Digital time stamping is a technique that affixes an authoritative, cryptographically strong time stamp to digital content; the label can be used to demonstrate what the state of the content was at a given time. A third-party time-stamping service may be involved to provide a trusted source for the time used in the time stamp. Time-stamping technology is not currently widely deployed
15Some products do exist, including WebArmor (see <cromwellpsi.com> and Surety's Digital Notary Service (see <cromwellpsi.com>.
Page
Where the labels noted above are separate from the digital content, another form of marking embeds the information into the content itself. Such digital alterations are called watermarks and are analogous to watermarks manufactured into paper. An example cited earlier described how a music file might be watermarked by using a few bits of some music samples to encode ownership information and enforce usage restrictions. The digital watermark may be there in a form readily apparent, much like a copyright notice on the margin of a photograph; it may be embedded throughout the document, in the manner of documents printed on watermarked paper, or it may be embedded so that it is normally undetected and can be extracted only if you know how and where to look, as in the music example Visible watermarks are useful for deterrence, invisible watermarks can aid in proving theft, and a watermark distributed through a document can by design be difficult to remove, so that it remains detectable even if only part of the document is copied.
The objectives, means, and effectiveness of marking technologies depend on a number of factors. Designing an appropriate watermark means, for instance, asking what mix is desired of visibility (Should the mark be routinely visible?), security (How easy is it to modify the mark?), and robustness (What kinds of modifications, such as printing a picture and rescanning it, can the mark survive?). The nature and value of the information clearly matters. A recent hit song needs different treatment than a Mozart aria. Modality also matters. Sheet music is watermarked differently than an audio recording of a performance. Some things are difficult to watermark. Machine code for software cannot be watermarked in the same way as music, because every bit in the program matters; change one and the program may crash. Identifying information must instead be built into the source code, embedded in a way that the information gets carried into the machine code but does not adversely affect the behavior of the program Watermarking digital text also presents challenges: How can, say, an online version of The Grapes of Wrath be marked to include a digital watermark, without changing the text? One trick is to change the appearance of the text. The watermark can be encoded by varying the interline and intercharacter spacing slightly from what would be expected; the variation encodes the information.
Marking a document is of course only half the battle; monitoring is
16Embedding IP ownership information in documents in subtle ways has a long history and had been used much before the arrival of digital information. One of the oldest and simplest techniques is the mapmaker's trick of inserting nonexistent streets or roads. Similarly, text has been "marked" by distributing versions with small changes in wording.
17This is not difficult technologically, but it adds another step to the marking process and can present significant additional overhead.
Page
needed in order to detect the presence of unauthorized copies. A number of efforts have been made in this direction, many of which rely on "Web crawlers," programs that methodically search the Web looking for documents bearing a relevant watermark. An IP management system that watermarked images, for example, would also have a Web searching routine that examined publicly available image files for that system's watermarks. This is an active area of work; systems have been developed in both the commercial and academic world
Marking and monitoring technologies do not attempt to control users' behavior directly. In particular, they do not attempt to prevent unauthorized copy and modifications. Rather, they attempt to make these actions detectable so that rights holders can seek legal redress when infringements have been detected. Frequently their intent is simply to indicate that copying is prohibited; the utility of these technologies relies on the fact that many people are honest most of the time.
Trusted Systems
The preceding discussion of technical protection mechanisms points out that the strongest intellectual property protection requires embedding protection mechanisms throughout the computer hardware and software at all levels, right down to the BIOS. In one vision of the future, security will become a major influence on the design of computing and communications infrastructure, leading to the development and widespread adoption of hardware-based, technologically comprehensive, end-to-end systems that offer information security, and hence facilitate creation and control of digital IP. There has been some research (and a great deal of speculation and controversy) about these so-called "trusted systems," but none is in widespread use as of
One example of this vision (Stefik, b) seeks to enable the world of digital objects to have some of the same properties as physical objects. In these systems, when a merchant sells a digital object, the bits encoding that object would be deposited on the buyer's computer and erased from the merchant's computer. If the purchaser subsequently "loaned" this digital object, the access control and rights management systems on the lender's computer would temporarily disable the object's use on that computer while enabling use on the borrower's computer. These changes
18Digimarc at <cromwellpsi.com> is one example of a commercial watermarking and tracking system; Stanford's Digital Library project at <cromwellpsi.com> has produced systems for detecting copying of text and audio files, using feature extraction techniques to enable fast searching and detection of partial copies.
Page
would be reversed when the object is returned by the borrower to the lender.
The published literature (see, e.g., Stefik, a,b) is fairly clear on what trusted systems are supposed to accomplish, but it does not spell out in technical detail how they are supposed to accomplish it. Stefik, for example, is clear on the need for some sort of hardware component (Stefik, b) to supplement the Internet and PC world of today,19 but he says little about how that component would work or how it would be added to today's infrastructure. Here, we explore two general ways in which trusted systems might be implemented, then consider the barriers they face.
One way to increase control over content is to deliver it into special-purpose devices designed for purchase and consumption of digital content, but not programmable in the manner of general-purpose PCs. For example, game-playing machines, digital music players, electronic books, and many other types of devices could be (and some are) built so that each one, when purchased, contains a unique identifier and appropriate decoding software. The devices could then be connected to the Web in much the same way as general-purpose computers and download content encrypted by distributors. Legitimate devices would be able to (1) verify that the content came from an authorized distributor, (2) decrypt and display the content (the meaning of "display" depending on whether the content is text, video, audio, and so on), and (3) force the device owner to pay for the content (perhaps by checking before decrypting that the subscription fee payment is up-to-date).
It is expensive to design, manufacture, and mass market such a special-purpose device, and an entire content-distribution business based on such a device would necessitate cooperation of at least the consumer-electronics and content-distribution industries, and possibly the banking and Internet-service industries as well. A particular business plan could thus be infeasible because it failed to motivate all of the necessary parties to cooperate or because consumers failed to buy the special-purpose devices in sufficient numbers. The failure of the Divx player for distribution of movies is perhaps an instructive example in this regard
Hardware-based support for IP management in trusted systems could also be done using PCs containing special-purpose hardware. Because such machines would have the full functionality of PCs, users could con-
19For example, a tamperproof clock to ensure that rights are not exercised after they expire or to secure memories to record billing information (Stefik, b).
20Production of Digital Video Express LP, or Divx, was terminated by Circuit City in June (Ramstad, ). Although it was not designed to download content from the Web, it was in many other respects the sort of device suggested above.
What’s New in the 5 Realms of Cards N/A serial key or number?
Screen Shot
System Requirements for 5 Realms of Cards N/A serial key or number
- First, download the 5 Realms of Cards N/A serial key or number
-
You can download its setup from given links: