In recent decade, DRM (Digital Rights Management) has focused on security techniques for solving the issues as the malicious copy, free dissemination and unrestricted abuse of digital contents or assets. Whereas some increasingly enhanced security policies, which were implemented at contents provider-side or user-side, have not brought about optimal utilities for participants in the contents value chain. An analytic hierarchy structure and its algorithm on the assessment on utility factors’ weights for DRM security policies were proposed based on Fuzzy Analytic Hierarchy Process, and then Swarm simulation experiments were further made on the adoptions of typical security policies in combination with the gained weight values. The simulation results show the proposed approach to fuzzy assessments effectively implements rational and optimal decision-making on security policies combinations.

针对现有的远程证明模型中存在的终端平台基本配置细节与安全属性特征等隐私的保护问题，提出了一种具有委托模式的支持验证代理方的远程证明模型（AP2RA）及其安全协议引入可信第3方接受验证方的委托，实施终端软硬件的完整性和安全性证明，并可信地报告平台当前状态的布尔值，改进了基于验证双方的远程证明模式，有效地保护了被验证方的平台隐私与已有的方案相比，该方案能够抵抗被验证方消息重放攻击和共谋攻击，以及追踪对验证代理方（APP）发起攻击的终端平台，适用于可信网络中的资源分发与信息共享等环境。

A successful transaction of digital contents is primar-ily dependent on security policies, trust relationships and benefit equilibriums among various participants in a DRM (Digital Rights Management)-enabling contents value chain ecosystem. We first analyzed basic value chain architectures in existence, together with some fundamen-tal security and trust requirements. And then, a state-of-the-art anatomy of the security and trust related to DRM was presented from different stakeholder' perspectives. Next, some challenges for multi-party mutual trust, not just inclined to any of participants, were proposed based on the holistic consideration of the digital contents/rights protection and the benefits balance. Finally, a conclusion was drawn that the rights-benefits-centric DRM ecosys-tem and the resulting trust relationship are crucial for the survivability of the contents industry.

A legitimate contents sharing is an essential functionality of DRM (Digital Rights Management)-enabling contents industry and its value chain extension. In order to effectively choose and deploy some typical security policies in a contents sharing scenario, we introduced game theory to analysis the mutual influence of adoptions of trusted computing enabling enhanced security policies on benefits of two stakeholders, which are DRM Providers and contents Sharer who is a category of consumers. A dynamic and mixed game and its algorithm were proposed, where Sharer's strategies were whether to employ the trusted computing enabling devices and related components or not, as well as Providers' strategies included entirely general security, entirely enhanced security and dynamic security policies. We concluded from both game-theoretic analyses and Swarm simulation experiments that the number of acquired sharable digital rights and security cost have a direct effect on Sharer's choices of the enhanced security policy, and also their different basic sharing modes including partial, modest and extensive sharing, further influence the choice of Providers. Besides, with respect to the mixed sharing mode far more similar to a real contents sharing scenario, Dynamic security strategy is superior to the entirely enhanced security in the context of limited sharable rights and higher security costs, but with the acquisition of much more rights and the decrease of enhanced security overhead, the latter strategy would be optimal and stable as a Nash Equilibrium for stakeholders, in combination with the exploitation of effective business models of contents industry.

Digital Rights Management ecosystem is composed of various participants, which adopt different security policies to meet their own security requirements, with a goal to achieve individual optimal benefits. However, from the perspective of the whole DRM-enabling contents industry, a simple adoption of several increasingly enhanced security policies does not necessarily implement an optimal benefit balance among participants. A game-theoretic analysis of adoptions of security policies was emphasized based on a proposed General DRM value chain ecosystem without the loss of generality. First, we formalized security policies and fundamental properties that include internal relativity and external one, together with multiparty game on adoptions of security policies. Also, a cooperative game among digital Contents Provider, Rights/Service Provider and digital Devices Provider, as well as a non-cooperative game between Providers and Consumers were presented. Final, a stable core allocation of benefits and Nash Equilibriums were found out, respectively. It is clearly concluded that the cooperative game has important super-addivitity and convexity, thus simultaneous adoptions of security policies with external relativity being helpful to achieve Pareto Optimality by using a pre-established cooperative relation; and that Pareto Optimality also exists between Providers and Consumer with the increase of users’ purchase transactions when both have a repeated game.