After fooling around with the DRM-protected material of Adobe Digital Edition for some days, I guess I’ve figured out the mechanism. Here is my guess, without deep googling:
There is an Adobe ID first. It represents a user. When a user buys a ebook, e.g. on BooksOnBoard.com, a small *.acsm file is downloaded. The book is not within that .acsm file. It contains the information to verify the purchase and where to download the book. When that .acsm file is opened by the appropriate software, like Adobe Digital Edition or Sony Reader Library(which in turn calls Adobe Digital Edition), the download process is kicked started.
Before the downloaded process, the software will have to authorize some hardware first. Those hadware include computer and digital reader. I guess the Adobe ID is bound with the hardware IDs. Then when it starts to download, it send those information to the download website. When the server receive these information, it verify with the purchase and download history data, if it’s ok, it encrypt the original content, of the book, with the Adobe ID as well as the authorized hardware information and created an DRM-protected file. This file is sent back to the user. Then the user can read this book on his authorized devices only.
There are times the book is allowed to be read on multiple, like six, devices. And it’s usually the case. Can’t imagine it can only be read on digital reader but not on the PC which is used to transfer the book. So the download server must record the authorized device ID so that it won’t be unlimitedly used.
Guess that’s it. Don’t know how close it is to the truth.