An Approach of Digital Rights Management for E-Museum with Enforce Context Constraints in RBAC Environments

In this paper, a personal digital rights management system based upon the role based access control with the dynamic context constrains is proposed. The constrained table is constructed with the context constrains. The context constrains includes time, location information, the user devices, O.S., service group, connection rate. This dynamic RBAC constraint will check by one or more context constraints to assign the right permissions. With our approach we aim to preserve the advantages of RBAC and offer an additional means for the definition and enforcement of fine-grained context-dependent access control policies. The user downloads the digital content into the personal devices such as PDA or mobile phone. The user fingerprint has embedded into the digital contents to achieve the information security objectives of non-repudiation, integrity and security. Some of legal users may leak their rights to unauthorized member to use the digital content. This system authority can use the traitor tracing to revoke the usage license of the traitor and to catch traitors that leaks secrets. Hence, the misuse users will be degraded the permissions in the future. With this new approach, the management of access rights becomes much flexible and efficient on the e-museum applications.