Through the research and analysis about the security mechanisms of the existing Digital Rights Management (DRM), a fine-grained Usage Control ( UCON) plan separated rights from content was proposed in order to avoid being cracked now and then. Firstly, based on the concept of secret division, digital license has been divided into two sections to realize the separation of authentication and authorization management. Then temporary permission files were fine-grainedly granted to ensure that digital content can be dedicatedly controlled in usage. Finally integrity checks were used to improve the ability of anti-tampering attacks. The model checking results show that this plan and its policy can realize the design requirements and fairly satisfy the security requirements of DRM.%针对现有数字版权管理(DRM)系统屡遭破解的问题,通过调研分析其安全机制,提出一种内容与权限分离的细粒度使用控制方案.该方案首先根据秘密分割的思想将数字许可证一分为二,实现身份验证与授权管理的分离;然后通过细粒度授予临时权限文件,确保数字内容在使用中能够细致控制;最后采用多项完整性检查来提高防篡改攻击的能力.模型检测结果表明,该方案及策略能够实现设计要求并基本满足数字版权管理安全性需求.
展开▼
