Abstract: A very efficient authentication and authorization check in n:m relationships is possible with a method for checking the entitlement of a user of a telecommunication terminal (1) to a service, whereby an access device (4) on a telecommunication network (3) obtains at least one certificate and a proof of identity (10) from the telecommunication terminal (1), whereupon NMT (5) together with a certification device (7) carries out a check of whether the certificate giving the identity is valid and has a positive status and whether particular authorization may be obtained from complementary certificates. Should the above be the case, a secret (for example a session key) is transmitted (15) to the access device (4) which is also sent (15, 16) to the telecommunication terminal (1, 2), encoded with at least the public key. The access device (4) is then activated with a policy corresponding to the rights of the telecommunication user.

Abstract: A method for enabling a first party to provide a second party with personalized digital content includes at a network unit: in response to receiving a request from a first party, the request including an identifier identifying a second party, retrieving identity credentials of the second party; and transmitting the identity credentials of the second part to a first party or to a content providing system; and in a content providing system: in response to receiving: a) an identifier from the first party, the identifier identifying digital content in a digital content storage, and b) the identity credentials of the second party, personalizing digital content using the identity credentials, the personalizing adapted to enable the second party to reproduce the digital content but to prevent any unauthorized party to reproduce it; and delivering the personalized digital content to the first party.

Abstract: Digital right management systems are technically constructed for protecting and carrying out wishes of a copyright holder such that the digital content is connected in a cryptographic and unique manner to any particular device and/or data carrier. Use of the digital content on other devices of the person who acquires rights is only possible after previous registration by the copyright holder. The person who acquires rights is enabled to manage the acquired rights thereof themselves on the electronic data object without instructing the intervention of a central copyright holder. This is accomplished by the person who acquires the rights creating partial amounts of the user rights having individual user rights. The digital content can be used, respectively, in the periphery of the created partial amounts of the individual user rights.

Abstract: A method for enabling a first party to provide a second party with personalized digital content includes at a network unit: in response to receiving a request from a first party, the request including an identifier identifying a second party, retrieving identity credentials of the second party; and transmitting the identity credentials of the second part to a first party or to a content providing system; and in a content providing system: in response to receiving: a) an identifier from the first party, the identifier identifying digital content in a digital content storage, and b) the identity credentials of the second party, personalizing digital content using the identity credentials, the personalizing adapted to enable the second party to reproduce the digital content but to prevent any unauthorized party to reproduce it; and delivering the personalized digital content to the first party.

Abstract: A very efficient authentication and authorisation check in n:m relationships is possible with a method for checking the entitlement of a user of a telecommunication terminal (1) to a service, whereby an access device (4) on a telecommunication network (3) obtains at least one certificate and a proof of identity (10) from the telecommunication terminal (1), whereupon NMT (5) together with a certification device (7) carries out a check of whether the certificate giving the identity is valid and has a positive status and whether particular authorisation may be obtained from complementary certificates. Should the above be the case, a secret (for example a session key) is transmitted (15) to the access device (4) which is also sent (15, 16) to the telecommunication terminal (1, 2), encoded with at least the public key. The access device (4) is then activated with a policy corresponding to the rights of the telecommunication user.