Which DRM grade could BYOD users employ? A differentiated DRM service between the cloud and mobile devices

Abstract

The idea of employees leveraging their personal mobile devices for their work (Bring Your Own Device, or BYOD) is becoming increasingly popular in recent years. As BYOD users will use various digital goods (such as cloud services and mobile software) for their work and personal purposes via the same mobile devices, it brings serious security risks into both the cloud and mobile devices. Generally, the BYOD users would employ digital rights management (DRM) to control and manage the execution of digital goods. However, the security requirements for using the digital goods for work and personal tasks are very different, and conventional unified cloud-based DRM services lack the flexibility to satisfy the BYOD users' demands on diversified security levels. In this paper, we regard the security of digital goods as a metric to differentiate the DRM service into multiple grades. We propose a differentiated DRM service to increase the security flexibility of digital goods, which allows BYOD users to choose their preferred DRM grades to maximize their utility. Moreover, the differentiated DRM service can increase the benefit of service providers (SPs) even when the SPs competes with others, and thus, it becomes a dominant strategy for the SPs.