一種植基於群體導向授權為基礎的企業數位產權管理系統

A Group-Oriented Base E-DRM System

10.29767/ECS.200906.0002

陳金鈴(Chin-Ling Chen)

資訊安全 ； 數位產權管理 ； 數位內容 ； 秘密分享 ； Information Security ； DRM ； Digital Content ； Security Sharing

Electronic Commerce Studies

7卷2期（2009 / 06 / 30）

133 - 150

繁體中文

近年來違反智慧財產權的事件層出不窮，引起企業對數位內容保護的重視。儘管目前存在許多的企業數位產權管理系統；無論如何，這些系統並不適用於企業內部以群組分工為導向的運作，因此我們提出一種有效的企業內部數位產權管理系統。此法整合了公開金鑰、對稱式密碼系統、秘密分享、單向赫序函數和數位簽章等機制。使用者在n個授權者中通過t個授權者的身分驗證同意後，方可獲得解密金鑰，進而存取數位內容；非法的存取數位內容將會被禁止。 這種以群組為基礎的數位內容授權方式，能夠對企業內部數位產權內容做最有效的管理。使得企業的數位產權管理在永久保護、完整性、認證、產權管理的追蹤、可改變的存取權、整合性及可攜性的議題上都能夠確保，本文所提出的方法對企業內部數位內容得到最佳的產權保護。

In recent years, the intellectual property violation events have caused the enterprise to respect digital content protection. In spite of existing many Enterprise Digital Right Management (E-DRM) systems; however, the current E-DRM systems are not suitable for teamwork project in the enterprise. Therefore, we propose an efficient group-based authorized DRM system to solve this problem. Public key cryptosystem, symmetric cryptosystem, secret sharing mechanism, one-way hash function and digital signature are integrated into our scheme. Any t out of n entities of the Authorization Authority provides their secret shadows for the identification authentication; the user only can get the decryption key and access the digital content. The illegal access will be forbidden. The group oriented authorization provides the most efficient management for digital right management in the enterprise such that the persistent protection, integrity, authentication, track usage of DRM work, changeable access right, integration and portability issues will be assured. Our scheme will support the enterprise to work properly in digital content protection.

1. Departmental technical report Town
2. Bartolini, F.,Cappellini, A.,Piva, A. Fringuelli,M. Barni(1999).Tenth International Workshop on Database and Expert Systems Applications DEXA99.Florence:Italy.
3. C-Net News.com
4. Conrado, C.,Kamperman, F.,Schrijen, G., J.,Jonker, W.(2003).Privacy in an identity-based DRM system.Proceedings of the 14th International Workshop on Database and Expert Systems Applications.
5. Gennaroa, R.,Jareckib, S.,Krawczykd, H.,Rabin(1996).T.Robust Threshold DSS Signatures.Advances in Cryptology-Eurocrypt'96,1070(Springer-Verlag),354-371.
6. Jarecki, S.,Lysyanskaya, A.(2000).Adaptively Secure Threshold Cryptography.Advances in Cryptology-Eurocrypt'00,1807(Springer-Verlag),221-242.
7. Mulligan, D.,Han, J.,Burstein, A.(2003).How DRM Based Content Delivery Systems Disrupt Expectations of Personal Use.In Proceedings of the 2003 ACM workshop on Digital Rights Management.
8. Park, J.,Sandhu, R.,Schifalacqua, J.(2000).Proceedings of the 16th Annual Computer Security Applications Conference (ACSAC '00).LA:New Orleans.
9. Schneier, B.(1996).Addison Wiley.New York:Addison Wiley.
10. Shamir, A.(1979).How to Share a Secret.Communications of the ACM,22,612-613.
11. Computer Science Department, Stony Brook University
12. 呂芳懌、蘇俊維、許惟翔(2003)。內部網路安全威脅分析與防制。2003年電子商務與數位生活研討會，台北市:
13. 萬濤、廖維川、馬建峰(2006)。面向群體的身分認證方案。電腦工程與設計，13，2348-2350。