Verifiable Threshold Authorization for Scalable and Secure Digital Rights Management

摘要

With fast development of network computing and storage technologies, it became more and more convenient to share and spread digital resources through kinds of network services, however without protection and constraint of copyright, digital content can be illegally copied, altered and distributed, which could cause revenue loss to commercial digital resource providers, to solve this problem, digital rights management(DRM) is adopted to control copyrights of digital resources in a reasonable degree. Most of current DRM systems were built up in centered authorization mode which can work efficiently in normal case, but once the DRM administrator is unauthentic or the server collapsed, it will not provide authentication and authorization service again. In this paper, a verifiable threshold authorization scheme (VETAS) based on ellipse curve cryptosystem (ECC) and Lagrange polynomial is adopted for scalable and robust digital rights management, in which authorization was based on t-out of n qualified members, less than t members cannot implement authorization, and the system can still work well once part of the members are unauthentic. The advantage of the VETAS scheme is that it works in a "mutual authentication and threshold authorization" mode, thus end-user and the authorization center can authenticate each other to enhance security of corresponding identity, another advantage of the VETAS scheme is it can provide real-time rights management with fairly good robustness and reliability in a threshold authorization mode.