Research On Digital Rights Management Based On Risk

Digital rights management can realize the digital content protection by encrypting the digital content and adding using control rules to content. It has some advantages such as spread fast, easy to use, query in rapid and comprehensive, so DRM play an increasingly important role in the network era. However, the traditional DRM systems are more concerned about the security of the system, and the information sharing needs are relatively neglected. How to flexibly balance the security of digital documents and the needs of information sharing has an important practical significance in a digital rights management system.Traditional DRM system is accurate authorization in making use of policy, but in fact that strategy formulation is fuzzy and uncertainty, and it will change with the risk in the process of using. This article proposes a model of digital rights management based on risk. With risk as an authorization factor of policy, and make quantitative measurement of the access control information such as subject, object, operation and time constraints. Then this paper can decide whether to authorize with the quantitative risk values. The proposed method can make the system authorization and the access control decision reflect the purpose of security control strategy more accurately, and they also can dynamic adjustment with the system state, so as to obtain the best balance between the needs of sharing and security control.Compared with the traditional digital rights management system, R-DRM system proposed in this paper has a time comstraint which is an interval value. This mechanism allows the system to make multi-level fuzzy authorization based on the time that users propose the request. Our paper improves the shortcomings of the traditional "allow or deny" authorization mechanisms, which make the system are more suitable for the dynamic network environment.Finally, our paper does some test in functionality and performance about the system. The test results show that the R-DRM system can balance and manage the security and information sharing of document effectively with proper risk controls.