|   |  | 
Digital libraries (DL) systems represent today a relevant mean supporting information acquisition and exchange among a large variety of users with different tasks and goals, such information and knowledge producers, librarians, information and knowledge seekers. A main relevant issue in DL is securing information. On one hand the system must be secure against malicious use and data-corruption and must ensure the privacy of its users as well as protect the intellectual property of the vendors and information producers. On the other hand, however, the system should provide open access so that vendors and information producers can add/update information and services any time. Thus, a full-fledged security model for DLs should address authentication and security services to guarantee privacy, integrity, confidentiality, access control, and copyright issues.
This paper makes a very interesting contribution to the problem of secure document distribution to DL users when purchasing transactions are required for the users to get access to documents. The paper first discusses why traditional approaches are not fully suited protect documents in such an environment. Then, it describes an alternative approach. An interesting feature of this approach is that one can give access rights to different portions of the same document to different users and yet use the same document (properly encrypted and extended with additional components) for distribution to all the users. The paper describes the document format used for secure document distribution as well as the process used by a user to decrypt the document. The paper also clearly identifies the main organizational entities involved in such process.
Copyright © 2000 by the author(s). Review published with permission.