Share via


Flow 8: Rights Object Received

4/8/2010

A new security policy, DRM WAP Security, is used for WAP push messages containing DRM rights objects. Microsoft strongly recommends that OEMs provision the DRM WAP Security Policy to discard WAP messages received from unknown origins.

Microsoft recommends that for the highest level of security, WAP push message should only be received from trusted sources. The most secure DRM WAP Security policy will have SECROLE_PPG_TRUSTED or SECROLE_PPG_AUTH such that unauthenticated messages will not be accepted by the device. Content from the push router will be filtered out based on the trust of the message origin.

Note

If an application such as home.exe needs to be notified when the new rights have been received, the application needs to monitor the DRM rights store for changes.

The following illustration is an example of the UI flow when receiving rights objects.

Bb446743.df6e272f-cc11-4e8c-854f-ee634d80575f(en-us,MSDN.10).gif

The following table shows the image set associated with each screen.

Screen Image set Description

Screen 1

Image Set 12b

Unknown RO received (FDRM engine)

If rights are received from an unauthenticated WAP origin, rights are not saved to the device until the user has consented. This prevents a Denial of Service attack by overloading memory with rights objects.

See Also

Concepts

Recommended UI Provided by the FDRM Engine

Other Resources

FDRM Engine UI Recommendations