摘要 |
There is disclosed a cryptographic key management concept for a user domain, in which a local rights manager (LRM) is provided a cryptographic generation key for validly generating or converting only a limited amount of rights objects. In case a compromise of the LRM is detected, the cryptographic generation key is not renewed after the limited amount of ROs have been generated by the LRM. Otherwise, i.e. in case no compromise of the LRM has been detected, i.e. in case the LRM may be considered trustable, the LRM is provided a new (different) cryptographic generation key for generating a further limited amount of rights objects.
|