One of the most important issues impeding the widespread distribution of digital works (i.e. documents or other content in forms readable by computers), via electronic means, and the Internet in particular, is the current lack of ability to enforce the intellectual property rights of content owners during the distribution and use of digital works. Efforts to resolve this problem have been termed “Intellectual Property Rights Management” (“IPRM”), “Digital Property Rights Management” (“DPRM”), “Intellectual Property Management” (“IPM”), “Rights Management” (“RM”), and “Electronic Copyright Management” (“ECM”), collectively referred to as “Digital Rights Management (DRM)” herein. There are a number of issues to be considered in effecting a DRM System. For example, authentication, authorization, accounting, payment and financial clearing, rights specification, rights verification, rights enforcement, and document protection issues should be addressed. U.S. Pat. Nos. 5,530,235, 5,634,012, 5,715,403, 5,638,443, and 5,629,940, the disclosures of which are incorporate herein by reference, disclose DRM systems addressing these issues.
For example, U.S. Pat. No. 5,634,012, discloses a system for controlling the distribution of digital documents. Each rendering device has a repository associated therewith. A predetermined set of usage transaction steps define a protocol used by the repositories for enforcing usage rights associated with a document. Usage rights persist with the document content. The usage rights specify various manners of use of the content such as, viewing only, use once, distribution, and the like. Pre-conditions, such as payment of a fee, proof of identity or other conditions can be required prior to permitting access to the content in accordance with the usage rights. Once the pre-conditions are satisfied access to the content is granted. The concept of conditional access is well known in access control applications also. For example, it is known to grant access to network resources upon entry of login name and password.
The concept of conditional access is a foundation for both access control and DRM systems. A typical pre-condition, i.e. a condition for granting access, defines a list of authorized users along with a set of access rights and conditions to a given resource. Pre-conditions associated with a given resource can be defined as resources associated with certain users. This is known as “role-based” access control. Pre-conditions can also be defined by rules in a process known as “rule-based” access control. Both types of pre-conditions are expressed as an access control list, which is a set of resources or rules defined in some language or data structure.
Conditional access is typically implemented by most systems as an authorization process in which a principal (e.g., a person, a system or a process) is allowed access to a protected resource after certain conditions are met and/or verified.