从不同等级安全与效用分析的新角度，提出了基于模糊层次分析法的DRM安全策略效用评估及其博弈论选取。通过构建安全策略的层次分析结构，采用模糊判断一致矩阵，分析可选安全组件与服务在安全策略中的权重关系，并将所得权重用于计算DRM安全策略组合的实际效用以及进而实现博弈论选取，得出多方安全效用的Nash均衡，即最优均衡安全策略组合及其存在条件。一组典型安全策略的实例分析表明，博弈结果存在2组不同的安全策略组合，内容与服务提供商可根据数字内容购买用户数及平均购买量等应用情形来有效部署DRM系统，从而获得数字版权保护与各方实际收益的均衡。

Nowadays open and distributed Computer Supported Cooperative Work (CSCW) systems are faced with security challenges due to large numbers of cooperative users, and a mass of valued data resources need to be protected against unauthorized usage, disseminations and share. To this end, role-based collaboration framework and access control approaches have been a focus in recent years, but there lack of a holistic and comprehensive model and visual modeling. We proposed and formalized a CSCW-enabling access control model integrating generic centralized authorization and distributed authority delegation, called IACM (Integrated Access Control Model) for CSCW, based on the cooperative roles and their owned activities. And then, the visual modeling was represented with static and dynamic characteristics, with a goal to narrow the gap of the formalized model and application level. Finally, an application in the collaboration system for equipments manufacture designing was implemented to improve security of the role-based centralized authorization management by using the authorization constraint rules, and to enhance the collaborative capability based on the user-side delegation mechanism, effectively guaranteeing CSCW system security and authorization management efficiency.

In multimedia consuming, Digital Rights Management (DRM) is the important means to con¯rm the bene¯ts of both digital contents/services providers and consumers. To keep the DRM system running in order, risk management should be adopted, which identi¯es and assesses the DRM system's security level. Now, the legitimate sharing of copyrighted digital content is still an open issue, which faces severe risks of propertied assets circumvention and copyright infringe-ments. In this paper, we try to highlight a multi-disciplinary method for all-around examinations on risks to digital assets in the contents sharing scenario. The method is a qualitative and quantitative fuzzy risk assessment, which is used for estimating a novel concept called Risk-Controlled Utility (RCU) in DRM. Then, we emphasize on an application case of the emerging trusted computing policy, and analyze the in°uences of di®erent content sharing modes. Finally, we address a business model with some simulation results. The comparison with other methods shows that the fusion of qualitative and quantitative styles can not only evaluate the RCU with uncertain risk events e®ectively, but also provide accurate assessment data for the security policies of DRM.