Rights-carrying and self-enforcing information objects for information distribution systems

Abstract

In today's digital world digital information is ubiquitous and threats against it proliferate. Therefore, one of the most important challenges facing us is that of providing secure enforcement of rights of access to, and usage of, this information. Self-protecting information objects have significant relevance in this context. A self-protecting information object has the ability to allow us to define access rules, to manage access to its information content in accordance with these rules, to protect its contained information against unauthorized access, and to update and modify these rules with ease. This means that such an object must be able to deal with attacks by both unauthorized users and authorized users seeking unauthorized access and usage. This paper describes and analyses a model of Rights-Carrying and Self-Enforcing Information Objects (SEOs) for Digital Rights Management (DRM) for a secure information distribution system that carry with them access and usage rights and themselves enforce these rights, preserving their confidentiality and integrity. The model was originally developed as part of the distributed DRM model for an information distribution system for the net-based learning project in Norwegian schools. © Springer-Verlag 2004.