Trust management languages and data structures are frequently used to grant principals, such as users, rights to access digital data. Conventional trust management languages and data structures are used to represent licenses. A license typically identifies the issuer, the principal, the right, the resource and any conditions on the validity of the license. FIG. 1 illustrates a conventional mechanism for granting rights to access a group of related resources 102a-102d. Resource 102a-102d may by way of example each be a digital work in the form of a text file, an image, an audio or video file, an e-book, or the like. Trusted issuer 104 issues a group of licenses 108a-108d to user 106. Each license 108a-108d corresponds to a different resource and potentially includes a different condition. For example, license 108a includes condition 110a and licenses 108b-108c include conditions 110b-110c. Each condition may for example be a different expiration date.
There are several drawbacks to the mechanism of granting rights in the manner shown in FIG. 1. The requirement of issuing a group of licenses that are substantially identical but differ amongst themselves according to variations within a certain structural aspect (such as variations in the resource used in each) leads to a large number of licenses that must be issued by trusted issuer 104. As the number of licenses increases, so does the burden on trusted issuer 104 and the user 106. This problem worsens as the numbers of trusted issuers, resources and users increase. Moreover, the set of variations that the group of licenses may need to cover may logically be of infinite size or otherwise be pragmatically not possible to physically enumerate or cover with conventional licenses.
Therefore, there is a need in the art for trust management languages and data structures that reduce the number of licenses that must be issued by a trusted issuer or received by a user or principal, by allowing a single license to cover plural resources and plural conditions.