Digital rights management (“DRM”) and enforcement is highly desirable in connection with digital content such as digital audio, digital video, digital text, digital data, digital multimedia, software, etc., where such digital content is to be distributed to one or more users. Digital content could be static, such as a text document, for example, or it could be streamed, such as the streamed audio/video of a live event. In a typical use of a rights-management system, a user receives a piece of digital content via a network (e.g., the Internet), or on a physical medium (e.g., on a disk). Additionally, if the user is permitted to “consume” the content (e.g., play audio or video content, view textual content, execute the software, etc.), the user also receives a license for such content. The rights-management system enforces the requirement that the user can consume the content only when such consumption is permitted by the terms of the license.
Rights management systems typically rely on cryptography in at least two contexts. First, content that needs to be protected is encrypted. Second, given that any meaningful use of encrypted content requires the decryption key, the keys must be distributed only to trusted entities, and cryptographic certificates and signatures are used to establish this trust. In the simplest rights management system, the owner of encrypted content directly verifies the trustworthiness of the consumer of that content, and, if the owner is satisfied of the consumer's trustworthiness, distributes a license containing the decryption key to that consumer. Such a system, however, does not provide rich enough capabilities to be of much commercial significance. Most content—like anything else in commerce—is distributed through a complex chain or web of relationships. For example, the content owner may actually delegate to a distributor the task of issuing licenses (and, thus, keys) for content. In this case, the decoupling of the content owner from the license distributor provides greater flexibility in terms of how content gets distributed (e.g., the content owner does not need to spend time or money distributing content and operating a licensing server). On the other hand, this decoupling also requires that the content owner (who has a proprietary interest in the content) trust the license distributor (who has the power to affect the owner's proprietary interest).
Other aspects of the distribution/rights-management process can be decoupled as well. For example, when the licensor issues a license that allows a user to consume a piece of content on a particular hardware platform, the licensor is implicitly making a decision about: (a) the identity of the user (if licensure limited to particular users), and (b) the security of the platform on which the content will be consumed. The licensor may make this decision directly, but it may be useful to allow another entity (an “identity issuer” or “identity server”) to issue a certificate attesting such identity and platform security, and for the licensor to simply rely on this certificate. This decoupling, however, implicitly requires that the licensor trust the issuer of the identity certificate, since continued control of the content is dependent on such a certificate not being issued to an imposter, or for an insecure platform. Another aspect of the distribution and rights-management process that may be decoupled is that the entity that defines the circumstances under which a license may be issued may be different from the entity that actually issues the license. Thus, when content is published, a first entity may digitally sign a rights label that specifies the licensing conditions, and a second entity may actually issue the license that permits the content to be used. Again, this type of decoupling requires that the first entity trust the second entity only to issue licenses under the specified conditions.
It can be appreciated from the foregoing discussion that the practical reality of who can license a document and under what circumstances can be affected by who trust whom. The universe of who can obtain a license for content can be expanded (or contracted) by extending (or withholding) trust between various servers that participate in the distribution and licensing process.
The present invention provides a technique for using trust to control access to content, which has not been realized in the prior art.