Abstract: Various embodiments of a system and method for a single request and single response authentication protocol are described. A client may send to an authentication server a request to authenticate the identity of a user attempting to access an electronic document protected by a rights management policy. The single request may be generated according to rights management configuration information included within the document. Such rights management information may include one or more parameters for requesting authentication from an authentication server. In response to the request, an authentication server may send a single response to the client. The single response may include information indicating that the identity is authenticated (e.g., a license to access the document, or an encryption key to decrypt the document). The client system may be configured to, in response to the single response, provide access to the document according to the rights management policy.

Abstract: Various embodiments of a system and method for digital rights management using a secure end-to-end protocol with embedded encryption keys are described. A DRM framework may implement a secure end-to-end protocol configured to protect messages sent between trusted endpoints by encrypting and decrypting the messages within software applications executing on each trusted endpoint. An encryption key embedded within a binary representation of a DRM client may be used by the DRM client to encrypt and decrypt messages sent over the secure protocol. The DRM client may request authentication using the secure protocol and receive an authentication token used by the DRM client to acquire a license to view protected content. The encryption key may be chosen from a pool of encryption keys and embedded in the DRM client during the software build process for the DRM client. The secure protocol may be designed according to Representational State Transfer guidelines.

Abstract: Method and apparatus for dissociating binding information from objects to enable proper rights management. Embodiments may provide a rights management mechanism that may be implemented in Computer-Aided Design (CAD) systems. The rights management mechanism dissociates binding information from objects in a CAD assembly to enable rights management at the object level. The rights management mechanism enforces rights at the user level as well as at the object level, and manages and enforces rights at the user level for different CAD operations. Embodiments of the rights management mechanism may include a rights management server and a rights client mechanism. The geometry from a set of files that is instantiated into a CAD session may be interpreted by the rights client mechanism and correlated by the rights management server with the associated files to determine the rights that need to be applied to the parts instantiated from the files.