1. Field of the Invention
This invention relates to a rights management system and related method for digital contents, and in particular, it relates to a rights management system that is convenient for use when transmitting documents via emails.
2. Description of Related Art
Documents traditionally available only in hard copies are increasingly also available in digital forms. In fact many documents nowadays are prepared, generated, stored, distributed, accessed, read or otherwise used electronically in digital file formats such as Portable Document Format (PDF). With the wide use of digital file formats in document processing, digital rights management (DRM) systems are increasingly implemented to control user access and prevent unauthorized use of digital documents. The rights involved in using a digital document may include the right to view (or “read”) the digital document, the right to edit (or “write”) the digital document, the right to print the digital document in hard copies, the right to copy the digital document, etc. A user may access a digital document by acquiring (or being assigned) one or more of these rights, and any of the acquired or assigned rights may be later revoked for various reasons.
DRM systems are generally implemented for managing users' rights to the digital documents stored in the systems. For example, in some current rights management systems, a document can be associated with a rights management policy which specifies which user of the system has what kind of access rights to the document. The DRM systems enforce the rights management policies for documents managed by the system using various digital technologies such as encryption. Thus, when a user attempts to access a document, for example to open an encrypted PDF document for viewing, the DRM system applies the rights management policy associated with the document to determine whether the user is permitted to access the document in the attempted manner.
DRM systems may be implemented in various ways. In one example, a rights management server (RMS server or RMS) stores multiple rights management policies in a policy table. Each document managed by the system is associated with a policy, and the RMS stores the association between documents (e.g. as identified by a unique document ID) and policies. When a user runs an application on a client computer to access a document (which may be a copy of the document residing on the client computer), the application contacts the RMS server to seek permission. The RMS server receives relevant information from the client, such as the identity of the user, the identity of document, the type of access attempted, etc.; based on such information, the RMS server determines which rights management policy is associated with the document, and consults the policy table to determine whether access should be granted or denied to that user. If access is to be granted, the RMS server sends a decryption key to the client computer. Based on the reply from the RMS server, the application on the client computer will permit or deny the access sought by the user; if access is to be permitted, the client computer will use the decryption key to decrypt the document.