Information access controls and DRM security
If you look back at information access control mechanisms in the days of the mainframe computer you just had a few: read (includes copy), write (includes create), append (includes add to and alter), execute, delete. That was because there was an administrator on the mainframe who probably knew who you actually were, set up your identity and password and ‘decided’ which rights you had over which files.
Now that was fine at the time, because life was simple, very few people actually got to be able to get to anything and the systems programmers could always fix the errors because mainly nobody except them had serious access to anything at all. The only ‘stuff’ to leave the mainframe would likely be printed on paper, or maybe on a magnetic tape, and both were controlled physically. Your chance of making copies was about the same as winning the lottery.
Enter the personal computer era.
The real selling point of the PC was the fact that the user was king – they did not have to bow and scrape with the systems programmers, they could do anything they wanted. In fact, each one became the equivalent of a systems programmer.
And PC users had just the same information access controls as were on the mainframe, with all the power that went with them. And basically nothing has changed since. The PC is bigger, faster, more interconnected than we ever thought possible in 1981, but the development of access controls has not kept pace with everything else.
And finally governments, industry and users are waking up to the fact that they need more powers to control how information is disseminated and used. Because the original access controls just don’t cut it. In some cases they want to allow recipients to read information, but not to be able to copy it. In some cases they want to limit the ability to copy, perhaps allowing only printed copies and not digital. In other cases they may want to be able to track if people are re-distributing their information in a printed form.
If you were to think of it as updating information access controls you might get a table something like the following: