Digital rights management is a crucial task when installing any content community. Privacy concerns, the request of an author to control access to his or her work, proprietary interests, or the prevention of unauthorised modification of a document, those issues can only be tackled by imposing rights restrictions on the digital resource.
Following this concept, in order to carry out any operation on an information object, the user needs the right to do so. Depending on the "terms of use" the very institution has, different levels of user access can be defined all having separate rights requirements [Bac01]. Subsequently, for example, users might be allowed to view specific documents, but not to copy them, whereas others are not even admitted access.
Rights might be given for a limited period of time according to the agreement that was met. This could depend on, for instance, whether or not the user paid the last periodical rate for the licence (cf. Section 2.7). Additionally, if the institution has no physical custody of the digital objects, permissions need to be negotiated with rights holders, such as authors or publishers. Managing these issues requires a suitable framework.
A prerequisite for the implementation of this framework is the identification of the user. Yet, if there is a very high number of possible users, infrastructures for unambiguously and securely identifying individual users will be difficult and most probably costly to establish. Therefore, grouping the users or the implementation of other techniques for identification and negotiation of rights should be considered alternatively.
Rights management is a highly delicate task that needs to be tailored to the requirements of the individual institution.