Safeguarding digital library contents and users: Storing, sending, showing, and honoring usage terms and conditions

Abstract

This article knits together ideas and technologies discussed in several prior articles in the Safeguarding ... series in D-Lib Magazine. We discuss languages for representing intellectual property usage terms and conditions in databases, for network transmission, and for presentation to and editing by human beings. Prototypes, one in each domain, can be knit together as a component of digital library services. We favor an approach based on cryptographic envelopment of document packets because this provides end-to-end protection and requires less network infrastructure and administration than alternatives. It needs protocols for enforcing information owners' rules - protocols which govern how a user might select, request, possibly pay for, and eventually gain access to what she wants. A deployed permission management and revenue collection mechanism will implement at least three system roles: a source S which encrypts and bundles valuable objects, an end user system U which manages requesting and receiving protected information, and a clearance center C which checks users' commitments to observe owners' conditions. We consider three alternative configurations. We remind the readers why incomplete schemes based on much-ballyhooed "trusted systems" are fundamentally flawed, and suggest why it is unlikely that these notions will evolve to practical personal computer services. People might be less likely to be misled if this elusive objective were called "trustworthy systems".