An authenticated access control framework for digital right management system

With the growing development in digital content distribution, researchers focus on the construction of an access right enabled digital content distribution framework for the legal user. Digital rights management (DRM) is the system which tries to ensure authorized content distribution. Current, DRM systems either provide authentication or constrain access right, but access control with legal authentication in the digital content distribution has remained a challenging issue for public-key cryptography (PKC) or identity-based public-key cryptography (ID-PKC). PKC associates certificate management, which includes revocation, storage, distribution and verification of certificates. As a result, certificate authority becomes the bottleneck in a large network. On the other hand, ID-PKC has the drawback of key escrow. For secure and authorized content distribution, evacuation from these problems is needed. In this paper, we present an authenticated access control protocol, which maintains user's right with authorized content distribution for the digital right management system. Its security has been proved in the random oracle model. An analysis of performance shows enhancement in efficiency, which indicates that the proposed scheme presents a secure and authorized access control mechanisms for resource-constrained devices.