Towards multilateral secure digital rights distribution infrastructures

Digital Rights Management (DRM) systems and applications appear to increasingly attract the interest of e-commerce business developers. DRM systems aim at secure distribution of digital content and commonly comprise a huge variety of different technologies. Current DRM systems focus mainly on right-holder's security needs and commonly neglect those of consumers. In particular, these systems even lack reliable means for users to verify that they purchase usage-rights on works (licenses) from the rightful authors (rights-holder). This seems to be simply achievable in centralistic systems where only global players or a few large collecting societies control the distribution of licenses. However, in a large distributed system with many unknown and potentially untrusted sellers/distributors of digital content it is crucial from the legal and security perspectives that any user/device of the DRM platform can reliably verify that a purchased license is authorised by the rightful author/rights-holder.In this paper we introduce a formal model and the corresponding schemes for establishing a multilateral secure rights-distribution infrastructure. The key features of our proposal are: firstly, consumers can directly verify that a seller is indeed authorised to grant certain usage-rights. Secondly, the authorship and rights licenses are invariant with respect to perceptibly similar works, i.e., they are not only valid for the original work but also for a set of closely related similar works which are modifications of the original work (e.g., different resolutions or encodings of an image or a video). The reason for providing this property is that these works are still considered to be under the copyright of the author.Our scheme provides an enabling technology for decentralised right distribution infrastructures for intellectual property with multilateral security.