• Enterprise DRM;
  • mutual authentication;
  • electronic commerce;
  • mobile environment;
  • BAN logic


Digital rights management (DRM) is a term for access control technologies that are used by hardware manufacturers, publishers, copyright holders, and individuals to limit the use of digital content and devices. Enterprise digital rights management (E-DRM) is the application of DRM technology to prevent illegal users from accessing the confidential data of an enterprise. In 2010, Chang et al. proposed an efficient E-DRM scheme to solve the flaws of Chen's scheme. However, we still found some weaknesses in their scheme. In this article, we propose an improved secure and efficient E-DRM mechanism based on a one-way hash function and exclusive-or. Our mechanism overcomes the weaknesses in the scheme of Chang et al. and also reduces computation costs. In addition, we used BAN logic to show the correctness of our mechanism. Copyright © 2012 John Wiley & Sons, Ltd.