一個具匿名性與可轉移授權的數位權利管理系統

Abstract

隨著網際網路與數位科技的發展，消費者可以利用各種傳輸方式取得各種數位內容。數位內容極易複製，快速傳輸與大量散佈，這些性質帶給內容提供者一個棘手的問題，要如何防止產品被不當的大量散佈給其他沒有經過適當授權的使用者? 可以利用數位權利管理系統(Digital Rights Management，DRM)，經由DRM系統控制並設定存取權限，使得只有經過適當授權的使用者，才能夠存取這些受保護的內容，避免數位內容被不當的散佈與存取，以保障著作人及出版商應享有的權利。 但從另外一個角度來看，現今大多的DRM系統在設計時，偏重於以系統商的利益為出發點，往往過於縮減限制使用者應有的權利，或是私下收集使用者資料而侵犯隱私。我們以使用者要求"合理使用"的理由為出發點，提出一個具有匿名性及可轉移授權機制的DRM系統。使用者在正常使用下享有匿名性，且能自由傳輸授權給予其他使用者；而對系統而言，非法散佈授權的使用者則會喪失匿名性，系統能偵測出其身分，以達到在系統商的利益與消費者之間權利取得一個較佳的平衡點。

With the Internet and digital multimedia technology development, the consumers could easily obtain the digital contents in variant ways. The content providers need some mechanisms to enforce access policies and to control how users to use their digital contents. Digital Rights Management (DRM) system is a system to protect and manage digital contents and control the usage and distribution of those digital contents. Only proper authorized user could access these protected digital contents. However, most current DRM systems add too many restrictions on the right of users and may gather some unnecessary privacy information without the user's permission. We discuss the issue of "fair use" and purpose a DRM system with anonymity and authorization transferability. The honest user could anonymously access the system service and transfer his authorization to other users, and the system could trace the identity of the dishonest user with illegal distributing. We hope our system to achieve a balance between the rights of the owners and the accessibility of the consumers.