Digital rights management (DRM) refers to tools and technologies for protecting copyrights and other rights on digital media. It is an application of identity and access management, but has stronger requirements for fraud prevention. Namely, DRM also
seeks to control usage by authorized users after they have gained access to resources.
Modern DRM systems are all based on the notion of a digital license. Licenses are issued when access is requested, while content is made freely available in encrypted form to prevent access by unauthorized parties. To access encrypted content, a client must obtain a digital license from a "clearing house" that specifies how the content may be used. This requires the client to send an identifier that identifies him and/or a specific device that will play the content. If the clearing house authorizes the request, it sends the requested license to the client. The client’s device or application, which is presumed to be secure against tampering, decrypts the license and makes the content available in accordance with the usage rules.
This approach has security, privacy, and performance challenges that are very similar to those of enterprise I&AM; we refer to that exposition for how U-Prove can address these challenges.