Digital Rights Management systems originally arose as an example of a solution to one of the most basic problems associated with secure systems design, the problem of governing access by a credentialed entity to a resource in the context of a set of policies established to restrict or define such access. Most DRMs that are in use today are based on DRM-specific declarative rights expression languages and authorization mechanisms that have strong semantic coupling to the application in which they are employed. A notable exception to this approach can be found in the Octopus system described in this paper. Octopus employs several concepts from the trust management philosophy originally posited by Blaze, et al. in 1996, but perhaps its most striking similarity can be found in its clear separation of authorization mechanism from application semantics.
[1]
Jaime Delgado,et al.
Profiles for interoperability between MPEG-21 REL and OMA DRM
,
2005,
Seventh IEEE International Conference on E-Commerce Technology (CEC'05).
[2]
Joan Feigenbaum,et al.
Decentralized trust management
,
1996,
Proceedings 1996 IEEE Symposium on Security and Privacy.
[3]
Joan Feigenbaum,et al.
The KeyNote Trust-Management System
,
1998
.
[4]
Joan Feigenbaum,et al.
The KeyNote Trust-Management System Version 2
,
1999,
RFC.
[5]
D. P. Maher,et al.
Music on the Internet and the intellectual property protection problem
,
1997,
ISIE '97 Proceeding of the IEEE International Symposium on Industrial Electronics.
[6]
J. Feigenbaum,et al.
The KeyNote trust management system version2, IETF RFC 2704
,
1999
.