The ideal DRM system is flexible, entirely transparent to the user and pretty complex stuff for a computer program to crack. First-generation DRM software sought merely to control copying. Second-generation DRM schemes, on the other hand, seek to control viewing, copying, printing, altering and everything else you can possibly do with digital content.
A digital rights management scheme operates on three levels: establishing a copyright for a piece of content, managing the distribution of that copyrighted content and controlling what a consumer can do with that content once it has been distributed. To accomplish this level of control, a DRM program has to effectively define and describe three entities -- the user, the content and the usage rights -- and the relationship between them.
Let's take the example of a simple DRM scheme for an MP3-download site. Jane Doe logs on to a site to which she subscribes in order to download Lauryn Hill's "Everything is Everything." Jane's subscription level entitles her to five downloads per month. In this case, the user is Jane Doe, and the content is Lauryn Hill's "Everything is Everything." Identifying the user and the content are fairly simple tasks. Jane probably has a customer ID number, and each MP3 file on the site probably has a product number associated with it. The harder part is identifying the rights -- the ways in which Jane is and is not allowed to use "Everything is Everything." Can she download it, or has she already downloaded her five files for the month? Can she copy it, or is she downloading an encrypted file and a corresponding key? Can she excerpt a piece of the song to use in her own audio-mixing software, or is the file locked? Usage rights include not only permissions and constraints, but also any obligations related to the transaction -- for example, does Jane need to pay extra for this download? Has Jane been promised a savings pass if she downloads this song? This would be included in the relationship between Jane, the song and the rights.