Marlin provides an end-to-end digital rights management (DRM) development platform that is easy to use, efficient, and applicable to a variety of market implementations across content types, delivery mechanisms, format types and platforms.

It is based on a group of specifications and tools, including conformance test suites, reference implementations, and software development kits (SDKs) necessary to create a common DRM content distribution system.

Community Developed, Standards-Based

With its developer community approach, Marlin delivers the most comprehensive and advanced rights management technology in the market today. Using Marlin, developers have the advantage of using industry-approved, standards-based, open DRM technology to create high-value services on a variety of devices with innovative revenue models.

Open Architecture

At its core, Marlin is based on a general-purpose rights management architecture that allows for substantial flexibility and control in implementation. Marlin specifications define the capabilities and architecture so that devices and services can interoperate to provide consumers with valuable content options. In addition, wherever practicable, Marlin uses industry standards, including security standards from IETF, W3C, ISO, OASIS, and others.

Marlin Specifications

The core system specifications, including underlying reference technologies, define elements common to most Marlin implementations. 

The Marlin Core System Specification defines the basic components, protocols, and consumer domain model that enable the interoperability between Marlin-enabled devices and services. This specification is based on the Octopus and NEMO reference technologies (described below), which have been adapted for peer-to-peer device interactions.

The rights management within Marlin is based on a general-purpose DRM architecture (Octopus) that is extremely expressive and allows for flexible business rules. At the center of an Octopus system is a graph-based relationship engine. In Marlin, Octopus node objects are used to represent system entities (such as users and devices), and links between nodes represent relationships. The system of nodes and links is integral to managing where, how, and when content can be used in a Marlin system. Octopus is designed to run on various platforms, from smartcards to servers, being media format and cryptographically agnostic. It is extensible for future-proofing systems, easily configurable, optimized for small systems, and semantics-free.
NEMO is an acronym for Networked Environment for Media Orchestration. It provides a services-based framework for trusted connections between various components of a Marlin DRM system. Based on secure Web Services standards, NEMO defines service interfaces, service access policies, and support for trust relationships among distributed entities that play well-defined and certified roles. Through the use of the NEMO framework, Marlin components can leverage a consistent mechanism to ensure that messages are delivered with appropriate protection and are exchanged between entities that are properly authenticated and authorized. The services supported by NEMO may be operated together with other, application-specific media services that are not required to be NEMO-compliant.  

Delivery system specifications define additional requirements for different types of delivery channels, such as mobile, IPTV, or broadband. For instance, the OMArlin specification bridges OMA-compliant devices with the Marlin technology. OMArlin enables interoperable download, streaming, sharing and consumption of content between OMA and Marlin DRM systems.

Other specifications define additional requirements for particular implementation needs. For instance, theDynamic Media Zones specification identifies how to develop targeted advertising and subscription business models involving anonymous usage data collection.

White Papers

Marlin Simple Secure Streaming (MS3)

This paper provides a short overview of the Marlin Simple Secure Streaming Specification. MS3 specifies a simple mechanism for services to authenticate trusted clients and securely issue content keys or authentication tokens so these clients can access streamed content. Content can be clear or protected using any of a variety of content protection schemes. MS3 Services require nothing more than a TLS certificate and a simple server module to generate SAS containers, along with readily available tools to encrypt and package content. ADD DOWNLOAD 

Marlin Architecture Overview

This paper provides a technical overview to the Marlin DRM content sharing architecture and its application to common implementation use cases. It is best suited to technical implementers or developers who are beginning to read the Marlin specifications and who seek a high-level context with which to understand the detailed specifications. Other readers that may benefit from this document are technically-oriented business planners or project managers that wish to gain a deeper technical understanding of how Marlin can be used to execute common business scenarios. ADD DOWNLOAD 

Marlin Broadband Architecture Overview

This paper provides an overview of the architecture for a complete system that includes utilization of Marlin Broadband protocols. It describes the key components, their responsibilities, and how they interact. It also discusses example components that are already built, the Marlin Client SDK (Sushi) and the Marlin Broadband Server (Bluewhale). ADD DOWNLOAD 

The Role of Octopus in Marlin

This paper introduces Octopus as it is used in the Marlin DRM content sharing system. The rights management within Marlin is based on Octopus, which is extremely expressive and allows for flexible business rules. The paper begins with a discussion of Octopus’ goals and benefits to a potential adopter of Marlin specifications. The largest section focuses on the specifics of the architecture; this covers both the conceptual underpinnings and practical application of Octopus in providing DRM functionality on CE devices and services. ADD DOWNLOAD 

The Role of NEMO in Marlin

This paper introduces the Networked Environment for Media Orchestration (NEMO) as it is used to provide a services-based framework for trusted connections between various components of a Marlin DRM content sharing system. The paper begins with a discussion of DRM transactions which provide a natural basis for understanding the respective roles NEMO and Octopus technologies play in Marlin. The largest section focuses on the specifics of the NEMO stack, addressing authentication, authorization, and message security.  ADD DOWNLOAD 

Refusal, Remediation and Renewability in Marlin

This paper describes the rich set of security mechanisms described in the Marlin Technology Specifications that are designed to mitigate threats that arise from attacks and compromised devices, applications and services. It also describes circumstances in which it is appropriate to apply a given countermeasure and the complementary renewal mechanisms for informing systems of the failed entity and for remediation of the ostracized entity.  ADD DOWNLOAD