Hybrid digital rights management system and related document access authorization method

What is claimed is: 1. A computer program product comprising a computer usable non-transitory medium having a computer readable program code embedded therein for controlling a client computer, the computer readable program code being a plug-in program code configured to cooperate with an application program of the client computer to cause the client computer to execute a digital rights management process, the process comprising: obtaining, from the application program, a document ID for a document that has been opened by the application program and a user ID for a user requesting to access the document; transmitting an authentication request to a digital rights management server (RMS server), the authentication request including the document ID and the user ID; receiving an authorization response from the RMS server which indicates that the RMS server denies the request to access the document by the user; and in response to the received authentication response indicating that the RMS server denies the request to access the document by the user, closing the document that has been opened by the application program. 2. The computer program product of claim 1 , wherein the application program is a Microsoft Office program. 3. A computer program product comprising a computer usable non-transitory medium having a computer readable program code embedded therein for controlling a digital rights management server (RMS server), the computer readable program code configured to cause the RMS server to execute a digital rights management process, the process comprising: storing a document authorization table, the document authorization table containing a plurality of document IDs and a DRM policy associated with each document ID including full policy information regarding which users have what access rights to a document represented by the document ID, wherein the document authorization table further contains a status associated with each document ID, the status being either True or False; receiving an authorization request from a client computer, and extracting from the authorization request a document ID of a document requested to be accessed and a user ID of a user requesting access; querying the document authorization table using the document ID to determine whether the user is to be granted or denied access to the document, including: querying the document authorization table using the document ID to obtain the status associated with the document ID; when the status is False, determining that the user is to be denied access to the document without evaluating the corresponding DRM policy; and when the status is True, querying the document authorization table using the document ID to obtain the full policy information associated with the document ID, and based on the full policy information, determining whether the user is to be granted or denied access to the document; and transmitting an authorization response to indicate whether the user is granted or denied access to the document, wherein the authorization response contains no decryption key for decrypting the document.