Digital Rights Management

 

 
 

This tab contains custom settings for Digital Rights Management and deals with the following categories of options:
 

General Settings
 
 

Secure document on 'Save As' operations

If this option is selected, it means that DRM is active on the system for save operations. This option must be selected to use DRM settings during a session.

When this option is cleared:

  • Any new and saved data will not be DRM protected.
  • Any non-DRM protected data will stay non-DRM protected after a Save As operation.
  • Any DRM protected data with the SaveAsKeepRight credential will stay DRM protected after a Save As operation.
  • Any DRM protected data with the SaveAsNewRight credential may be stored decrypted after a Save As operation.

When this option is selected:

  • Any new and saved data will be DRM-protected.
  • Any non-DRM protected data will become DRM-protected after a Save As operation.
  • Any DRM protected data the SaveAsKeepRight credential will stay DRM protected after a Save As operation.
  • Any DRM protected data with the SaveAsNewRight credential will stay DRM protected after a Save As operation, but the electronic envelope will change.

Whatever, the value of this option:

  • Any non-DRM protected data will stay non-DRM protected after a Save operation.
  • Any DRM protected data with the Save credential will stay DRM protected after a Save operation.

By default, this option is cleared.
 

Check Environment

Click this button to make sure that your environment is correctly set. If not, a warning message is displayed. Possible errors are:

  • A missing dll (msdrm.dll for RMS).
  • The selected licenses do not allow the RM1 product.
 

Publishing License (Basic)
 
  This basic view is the default view displayed when you access the Digital Rights Management tab for the first time.

If the advanced view is displayed, click Less Options... to go back to the basic view.
  This area gives a credential approach and lets you define the lists of users and groups for the following three basic rights:
  • Read... lists the users who can access data.
  • Copy... lists the users who can extract all or part of data.
  • Save... lists the users who can save data.

Note that:

  • Users are separated by a semicolon.
  • Locked users appear in a gray list above the editable list.
  • The entire Publishing License area can be locked (which means that no right can be modified).
  • More lock features can be defined in the advanced view.

By default, the current user's email address is listed in the Read... and Save... boxes.
 

Publishing License (Advanced)
 
 

This advanced view is displayed when clicking More Options... in the basic view. With this option, you can define the default rights that are applied when a user is created.
  This area gives a user approach and lets you define the lists of users and groups with all their associated credentials.
  • The first column can be used by the administrator to lock one or several users.
  • The Name column displays the nickname, if any, assigned to the user listed in the Identifier column. This information is stored in the model. It is optional and aims at providing more filtering capabilities.
  • The Role column displays the role defined in the Roles list area. It is dynamically built from the roles list.
    By using the Role contextual menu on a selected role, you can switch to another role (e.g. Reviewer). This information is not stored in the model.
  • The Identifier column displays the declared mail address of the user or group from an Active Directory point of view. This information is mandatory in the Active Directory for both users and groups.

Each item in these columns can be modified by slowly clicking twice in the desired column to make it editable.
Any modification made to a role in the Publishing License area is automatically applied to the corresponding role in the Roles list.

The Name, Role and Identifier columns can be sorted in ascending or descending order by clicking the title of the desired column.

In addition to this, four command buttons are available:

  •  Add lets you create a new identifier. You can also use the New contextual command. By default, there is at least one user created with the first available role.
  •  Remove lets you delete the selected identifier. You can also use the Delete contextual command.
  • Import lets you import a list from a text ascii file.
  • Export lets you export the displayed list to a text ascii file.
The import/export text files are formatted as follows:
  • One line per role.
  • For each line, a list of fields separated by a semicolon. These fields correspond to the list of DRM associated rights starting with "CATDRM_" (e.g. CATDRM_READ).
  • When importing data, if a line is badly formatted, then it is ignored.
  The rights that can be assigned to each user are:
  • Read (CATDRM_READ): This is the most basic DRM right. It allows you to read a file using commands such as File > Open.... Without this right, there is no way to access the content of an encrypted file.
  • Transfer (CATDRM_TRANSFER): This right allows you to transfer a file.
  • Save (CATDRM_SAVE): This right allows you to save an open file using the same path, name, and extension. With it, you control whether or not the file can be modified. The data can be modified, but without this right you cannot save the modification back to the same file.
  • SaveAsNewRight (CATDRM_SAVEAS): This right allows you to create a new version of the file and change the rights from those of the original file. This right is exclusive with SaveAsKeepRight.
  • SaveAsKeepRight (CATDRM_INHERIT_SAVEAS): This right allows you to create a new version of the file (changing the path and name but not the extension) keeping the same DRM rights as the original file. This right is exclusive with SaveAsNewRight.
  • ExportToNONSecuredFileFormat (CATDRM_EXPORT): This right allows you to export a file to non-V5 formats. DRM rights are not supported on external file formats.
  • ExportToDRMEnableFileFormatKeepRight (CATDRM_INHERIT_TO_DRM_FORMAT): This right allows you to export a file to another V5 format (changing the file extension), such as .cgr or .3dxml. The rights in the new file are the same as the original if you export one file or, if you export multiple files, the rights are taken from the default settings.
  • ExportToDRMEnableFileFormatNewRight (CATDRM_EXPORT_TO_DRM_FORMAT): This right allows you to export a file to another V5 format (changing the file extension), such as .cgr or .3dxml, and change the rights from those of the original file. This right is exclusive from ExportToDRMEnableFileFormatKeepRight.
  • CopyCut&Paste (CATDRM_COPY): This right allows the use of the Copy, Cut and Paste commands as well as drag and drop. This right is a prerequisite for DuplicateSpecifications, Collaborate and DuplicateGeometry.
  • DuplicateGeometry (CATDRM_COPY_GEOMETRY): This right allows you to duplicate geometry from one part to another. This right is needed to perform contextual design. It allows you to import geometry in Product context.
  • DuplicateSpecifications (CATDRM_DUPLICATE_SPECS): This right allows specification advanced duplication through Power Copy and User Feature instantiation.
  • Collaborate (CATDRM_COLLABORATION): This right allows you to collaborate on specifications.

To switch a right from authorized to denied (and inversely), select the line where the right is to be modified then click the symbol in the appropriate column.

In V5, the rights used for 3D XML files are ExportToDRMEnableFileFormatKeepRight (CATDRM_INHERIT_TO_DRM_FORMAT) and ExportToDRMEnableFileFormatNewRight (CATDRM_EXPORT_TO_DRM_FORMAT) to save a 3D XML file that has been imported.
If the Publishing License area (i.e. the whole list) is locked, then no contextual menu is available.
  The current user's email address is listed in the Identifier column if the Publishing License area is empty.
 

Roles list (Advanced)
 
  This area lets you define the default rights that are applied when a user is created.

The rights that can be assigned to each user are identical to those available for the publishing license.
Any modification made to a role in the Roles list area is automatically applied to the corresponding role in the Publishing License area.

As for the publishing license, each right can be managed individually. To do so, select the line where the right is to be modified, then click the symbol in the appropriate column to switch the right from authorized to denied , and inversely.

As an administrator, you have the ability to:

  • Lock one or several users. To do so, use the first column and click the lock symbol opposite the role to be locked. In the example below, the Designer role is locked, which means that no modification can be made to this role:
 

 
  • Lock the whole list. To do so, click the lock symbol opposite the roles list. In the example below, the whole list is locked and no modification can be made to the list:
 

  For more information about the lock mechanism, see Locking Settings.
  You can also use the four command buttons to manage the list:
  •  Add lets you create a new role. You can also use the New contextual command. By default, there is at least one role created.
  •  Remove lets you delete the selected role. You can also use the Delete contextual command.
  • Import lets you import a roles list from a text ascii file.
  • Export lets you export the displayed roles list to a text ascii file.

By default, the only authorized rights are Read and Save.
 

Document validity
 
  In the Document validity box, enter the number of days to allow access to data. The expiration date is the same for all users.

The value entered must be 1 or greater. 

By default, the number of days is 30.