Research And Implementation Of Digital Content Security Management In Sensitive Enterprises

The administration of large numbers of documents and access right in sensitive enterprises is a complex and challenging task, especially with the widely usage of workflow. Digital Right Management (DRM) is a powerful concept for protecting the digital content in its whole lifecycle. However, the authorization for documents is quite cumbersome for its leakage of efficient access control mechanism, so it needs to be automated.A TR-Rs-BAC access control model is proposed to solve this problem. In this model, documents are divided into different sets by attributes, and a rule-based authorization which mapped the task to different document sets and permission sets, is proposed to make the authorization more agile.In this thesis, 3 parts are mainly discussed as following:1. The relevant conditions and progresses as well as the security requirements and the existing problems of information in sensitive enterprises are analyzed.2. The current research on typical access control model and DRM is analyzed both at home and abroad. A TR-Rs-BAC model is proposed to make the authorization more agile.3. TR-Rs-BAC model is integrated to a DRM based Digital Document Protection System, DDPS for short. The design and implementation of DDPS is described in detail.The DDPS has been implemented and basically achieved the goal of the sensitive enterprises. It has been used preliminarily in a sensitive enterprise and is commended by the customers.