1. The Field of the Invention
The present invention generally relates to the distribution of protected message in a rights management s system. In particular, the present invention provides for the ability to compare and enforce policies between trusted entities.
2. Background and Related Art
Rights management services (RMS) provide software that protects ownership/copyright of electronic message by restricting what actions an authorized recipient may take in regard to that message. The term message as referred to herein is information and data stored in digital format including: pictures, movies, videos, music, programs, multi-media, games, documents, etc. A few of the primary functions of a RMS are to control licensing authorization so that message is unlocked only by authorized intermediate or end-users that have secured a license, and to control message usage according to the conditions of purchase or license or otherwise imposed by the author (e.g. permitted number of copies, number of plays, the time interval or term the license may be valid, or actions that may be performed on the message, such as further distribution, opening or accessing, printing, and the like). Another function of a RMS may be to identify the origin of unauthorized copies of message to further combat piracy.
Originally, the idea of rights management was used to protect against the on-line piracy of commercially marketed material such as digital periodicals, books, photographs, educational material, video, music, etc. The use of rights management, however, has become increasingly popular in the business setting to protect proprietary or confidential information within a business network. For example, a CEO of a large corporation may wish to distribute an e-mail that includes trade-secrets. Because of the confidential nature of this information, however, the CEO may wish to limit the actions recipients may take in regard to this message. For example, the CEO may wish to allow upper-level management to read, copy, print and save the confidential information; however, she may wish to limit other employees to read-only access or to no access at all. Accordingly, through the use of RMS the CEO can specify who is authorized to view the protected message and what actions they may take in regards thereto.
The above illustrates just one of many examples of the importance of controlling messages in a business network environment. Although rights management is becoming a popular tool in a business environment, there currently exist several drawbacks and deficiencies in the system. For example, when messages are exchanged between two organizations, each organization implements trust policies that specify the conditions each allows or requires to be performed on protected messages in order to establish a trust between the organizations. Establishing this trust is complex and typically involves manual intervention in many current RM systems. For instance, partner organizations must manually exchange RMS server certificates and policy information with each partner. Exchanging certificates and manually updating them when they expire can become extremely unmanageable, especially if an organization exchanges secure messages with a significant number of partner organizations. Further, there is currently no way to determined if the policies between the two organizations are compatible for sending and receiving protected messages.
There are other related problems associated with conventional RM-systems. For example, because messages whose access is controlled by RMS are typically encrypted from desktop to desktop, agents or servers have no access to the protected portions of the message. Accordingly, this prevents valuable operations such as anit-virus scanning, anti-spam filtering, search term indexing, etc. Without such features, RMS could become an unfettered method for distributing viruses, worms, Trojans and spam.