Digital Rights Management (DRM) has been developed in order to enable the distribution of digital content while controlling the use of that content. The content is encrypted to prevent its unauthorized use and distributed as an encrypted file. The decryption of the content and how it may be used is controlled by a rights object. This rights object may be a separate file or it may be attached to the encrypted content.
The rights object specifies the rights for the content. These rights generally constrain the actions that can be performed on the content. The constraints may, for example, prevent or restrict one or more of using, copying, forwarding, saving, previewing etc. The rights can be limited in time so that the content can only be used for a specified time or they can be limited by play count so that the content can only be used a specified number of times.
A rights object contains a Content Encryption Key (CEK) that is used for decrypting the encrypted content associated with the rights object.
Typically the integrity of the rights object is protected using the digital signature of the content originator. This prevents the modification of the rights object.
Consequently, as the device hosting the rights object cannot update the rights object directly it must have a dedicated database for maintaining rights object information. For example, as the device cannot update the playcount in the rights object each time the content is accessed it must maintain a database that stores and decrements playcount each time the content is accessed.
It would be desirable to enable modification of the rights object while maintaining the integrity of the rights object.