[go: up one dir, main page]

HK1072667B - Method for sharing rights objects between users - Google Patents

Method for sharing rights objects between users Download PDF

Info

Publication number
HK1072667B
HK1072667B HK05105251.8A HK05105251A HK1072667B HK 1072667 B HK1072667 B HK 1072667B HK 05105251 A HK05105251 A HK 05105251A HK 1072667 B HK1072667 B HK 1072667B
Authority
HK
Hong Kong
Prior art keywords
user
content
users
play
rights
Prior art date
Application number
HK05105251.8A
Other languages
Chinese (zh)
Other versions
HK1072667A1 (en
Inventor
张庆娥
李炳来
Original Assignee
三星电子株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR10-2003-0057901A external-priority patent/KR100493900B1/en
Application filed by 三星电子株式会社 filed Critical 三星电子株式会社
Publication of HK1072667A1 publication Critical patent/HK1072667A1/en
Publication of HK1072667B publication Critical patent/HK1072667B/en

Links

Description

Method for sharing rights objects between users
This application claims priority from korean patent application No. 10-2003-0057901, filed in korean intellectual property office at 21/8/2003, which is fully disclosed herein by reference.
Technical Field
The present invention relates to a method for transferring all or part of a Rights Object (RO) to a user.
Background
Currently, wireless internet and communication technology is rapidly advancing, and handheld or portable terminals with enhanced multimedia features are widely used in daily life. A number of additional features are included in mobile phones. For example, single melody mobile phones are being replaced with 16 chord melody mobile phones and 32 chord melody mobile phones. Recently, mobile phones that can provide 64 polyphonic ring tones have been proposed. In addition, the demand for mobile phones with digital cameras is increasing. As handheld or portable multimedia terminals are increasingly sought, industrial fields or companies dedicated to providing related contents and services such as ring tone downloads, ring back tones, photos or pictures of actors or characters, and moving images such as movies and sports are rapidly growing. In the past, the services that provided the content were typically free of charge. However, this trend is moving towards charging for these services. In the early days, fundamental problems with content providers were expanding their ability to prevent illegal copying of content provided to users. To this end, content providers and distributors have devised several mechanisms based on piracy prevention techniques. Nowadays, the popularization of a Digital Rights Management (DRM) scheme for flexibly and conveniently managing ROs is growing.
When the DRM scheme has allowed encrypted content to be freely distributed to a user, the DRM scheme prevents a recipient from executing the content before purchasing an RO associated with the content. Freedom in content distribution enables users to forward DRM content to friends or families with whom they want to share, thereby allowing proliferation of high quality content, distribution of content and announcement performed by their users. In order to play encrypted content, the recipient needs to have an RO associated with the content. In other words, the recipient does not purchase the RO, and is not allowed to execute the content forwarded from the other user.
Fig. 1 shows a conventional process of distributing DRM content.
The first user 101 receives encrypted content provided by the content provider 130 for execution. When encrypted content can be freely transmitted and distributed, an RO associated with the content is required to execute the same content. When the first user 101 requests (purchases) the RO from the rights issuer 100 in order to execute the content, the rights issuer 100 transmits the requested (purchased) RO to the first user 101, and then the first user 101 is authorized to execute the content and enjoy the multimedia information contained therein.
Once the first user 101 is satisfied with the content as a result of performing the same and wants to share the content with a friend who is the second user 102, the first user 101 forwards the same content to the second user 102. The second user 102 requires the RO to execute the encrypted content received from the first user 101. The second user 102, which does not hold the RO associated with the content, requests the rights issuer 100 to transmit the RO for execution. The second user 102 is able to receive the desired content directly from both the content provider 130 and the first user 101.
The conventional DRM method shown in fig. 1 does not allow a service user to share a rights object required to execute contents with other users. To address this problem, japanese patent application laid-open No. 2003-58657 has proposed a method for sharing a license to use content with other users, which includes the steps of:
1. storing information on a content license for each user or terminal in a dedicated area of a license information database;
2. creating an encryption key when the request is delivered from the distributor, encrypting information on the license using the key, moving the encryption information from the private area to the public area, and issuing the encryption key to the distributor;
3. transmitting the issued encryption key from the distributor to the transferee;
4. when the transferee requests the transfer of the license, the transferee is authenticated by checking whether he/she has the encryption key issued to the distributor; and
5. when authenticated, the information about the license to be delivered with the key is decrypted and the decrypted information is moved from the public area to the private area for the assignee.
The proposed method makes it possible for a user holding a license to execute content to pass the license to other users. In other words, the user is allowed to share the license for the owned content with others.
However, in the conventional method, the content license should be managed by the content provider or the server of the content provider, and the information on the license resides only on the server. In other words, sharing licenses between users must include a server. In addition, the server pre-validates the request as it is passed from the distributor. That is, to communicate the license for the content to the transferee, the distributor receives the appropriate encryption key from the server and transmits the encryption key to the transferee. The assignee is then authenticated with the encryption key for content use. In this way, the conventional method requires a complicated process for transferring the license.
Disclosure of Invention
The present invention provides a method for freely transmitting and sharing Rights Objects (ROs) required to execute specific content between users.
According to an aspect of the present invention, there is provided a method for sharing a rights object associated with content, the method comprising: creating a rights object to be transmitted to a second user within the limitations of a rights object held by a first user that is issued by a rights issuer or received from another user; and the first user forwards the created rights object to the second user. Preferably, the method further comprises encrypting the rights object using the public key of the second user prior to transmitting the rights object. In addition, the first and second users preferably transmit information about the limitations of their own held rights objects to the rights issuer every predetermined period.
Backing up the RO for the user on the backup server not only ensures quick recovery in the event of loss or failure of the portable terminal, but also can reduce the processing load of the terminal.
Drawings
The above and other features and advantages of the present invention will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings in which:
fig. 1 illustrates a conventional process of distributing content in a Digital Rights Management (DRM) format;
fig. 2 illustrates a process of creating and distributing a Rights Object (RO) required to execute DRM content according to an embodiment of the present invention;
fig. 3A illustrates a file format of the RO illustrated in fig. 2;
fig. 3B illustrates a file structure of the RO illustrated in fig. 2;
fig. 4A illustrates a file format of an RO created for other users by modifying the RO;
fig. 4B illustrates a file structure of ROs created for other users by modifying the ROs;
fig. 5 illustrates a process of creating, distributing and managing ROs required for executing DRM content according to another embodiment of the present invention; and
fig. 6 illustrates a process of creating and distributing an RO required to execute DRM content according to another embodiment of the present invention.
Detailed Description
Preferred embodiments of the present invention will now be described in detail with reference to the accompanying drawings.
Fig. 2 illustrates a process of creating and distributing a Rights Object (RO) required to execute DRM content according to an embodiment of the present invention.
Referring to fig. 2, a first user 201 owns a Rights Object (RO) issued by a rights issuer. The RO currently held by the first user 201 represents a right to play the encrypted content a predetermined number of times. A non-limiting example is described whereby the right to play encrypted content up to 10 times may be granted. When the first user 201 shares the RO containing the play right with friends, i.e., the second and third users 202 and 203 are allowed to play the encrypted content. That is, the first user 201 creates an RO representing the right to play 5 times and the right to play 3 times based on the RO defining the right to play up to 10 times. Thus, the first user 201 is allowed to play the content 2 times. The created RO is forwarded to the second and third users 202 and 203, respectively. In a preferred embodiment, ROs representing the right to play 5 times and the right to play 3 times are encrypted using public keys of recipients (second and third users 202 and 203) and forwarded to the second and third users 202 and 203, respectively, and the second and third users 202 and 203 in turn decrypt the encrypted contents using their secret keys. Forwarding the encrypted RO prevents an unauthorized third party from using the RO. Preferably, the RO is electronically signed with a secret key of the sender (first user 201) for the transmission, which prevents forgery, tampering and denial of the transmission at the sending end.
Once the third user 203 is satisfied with the result after playing the encrypted content using the RO received from the first user 201, the third user 203 creates an RO representing the right to play 1 time based on the RO representing the right to play 2 times, and forwards the created RO to the fourth user 204. The RO must be electronically signed and encrypted before transmission.
The RO in the present invention is not limited to the play count, and may include a play duration. A new RO is created by dividing the play duration into several parts, which is constructed to be included in the present invention.
Fig. 3A and 3B illustrate a file format and a structure of the RO illustrated in fig. 2. Referring to fig. 3A, < right > contains < uid > and < KeyValue > representing a content object id (cid) of an RO and a key value with which the content is encrypted, respectively. < permission > contains various permissions < play >, < copy > and < move > for playing, copying and moving the content, respectively, each limited by < constraint >. For example, < constraint > for the license < play > may be < count > indicating the number of times the content is played, < duration > indicating the time during which the content is played, and < datetime > indicating a certain date or time after which the license < play > expires. In fig. 3A, < constraint > is the play count 10.
Fig. 3B shows an example of a file structure of the RO. Referring to fig. 3B, the RO includes a constraint, metadata, a license, and a signature of a rights issuer. The constraint contains an ID and a key value of the RO, and the metadata contains information on a version and an issuer of the RO. The license includes various licenses to play, copy, and move the content, and the signature of the rights issuer indicates an entity that issued the appropriate RO.
Fig. 4A and 4B illustrate file formats and structures of ROs created for other users by modifying the ROs. Referring first to fig. 4B, user a holds an RO issued by an appropriate rights issuer. Based on the permission defined in the RO as the right to play the appropriate content up to 10 times, the user a creates an RO representing the right to play 5 times in order to move the created RO to the user B. In this case, in addition to the RO issued by the rights issuer, in order to express the modification made by the user a, the user a creates an RO expressing both the right to play 10 times and the movement of the right to play 5 times during the transmission of the continuous period data by the rights issuer. The metadata of the modified RO indicates that the RO has been created for user B and the license indicates that the right to play 5 times has been moved. Finally, user A signs on the appropriate column to indicate that they have made modifications themselves. On the other hand, metadata of an RO created for user B indicates that the RO has been received from user a, and a license indicates a right to play 5 times. Finally, the signature is made to indicate that the RO has been created by user a. The RO created for user B is forwarded to user B and the content is executed within the constraints imposed on the permissions defined in the RO.
Fig. 4A illustrates file formats of the RO created for the user B and the modified RO for the user a as illustrated in fig. 4B. The modified RO contains a new license < move > representing the move of the right to play 5 times, the signature of user a, and other information. The RO created for user B represents the right to play 5 times, the signature of user a, and other information.
Fig. 5 illustrates a process of creating, distributing, and managing ROs required to execute content in a Digital Rights Management (DRM) format according to another embodiment of the present invention.
The first user 501 holds an RO indicating the right to play the content up to 10 times. The first user 501 creates two ROs representing the right to play 5 times and the right to play 3 times and transmits them to the second and third users 502 and 503, respectively. As a result, the remaining ROs currently held by the first user 501 contain the right to play the content 2 times. When the third user 503 creates an RO representing the right to play 1 time and forwards the RO to the fourth user 504, the remaining RO held by the third user 503 contains the right to play the content 2 times.
However, the first or third users 501 and 503 may create ROs beyond the limit of play rights defined in the ROs that they own, or forward legally created ROs to many users at a certain time, i.e., by tampering with software maliciously. In order to prevent illegal use of the RO held by the user, the RO must be transmitted to the rights issuer 500 at regular intervals. For example, a user may forward their own RO to the rights issuer 500 each time a new RO is created or at predetermined intervals (e.g., weekly or fifteen days).
When the RO is forwarded for a long time, there may be a difference between the limit of the RO held by each user and the limit of the RO held by the rights issuer. This discrepancy occurs in close relation to the period of time that the RO is transmitted to the rights issuer 500. That is, as the period of time increases, the communication load decreases, but the possibility of a difference increases. As this time decreases, the communication load increases, but the possibility of a discrepancy decreases.
The created RO is preferably encrypted using the public key of the recipient. Each user may transmit the encrypted content or an address or Uniform Resource Locator (URL) where the encrypted content is located to other users along with the RO associated with the content.
Fig. 6 illustrates a process of creating and distributing an RO required to execute DRM content according to another embodiment of the present invention. The first user 601 can store the RO issued by the rights issuer in the backup server 640 connected via a wireless or wired network. Referring to fig. 2 and 5, as described above, the first user 601 can directly create an RO and forward the RO to the second and third users 602 and 603. However, in the illustrative embodiment, in order to reduce the computational burden of excessive electronic signatures and encryption, the backup server 640 creates ROs for transmission to the second and third users 602 and 603. That is, the backup server 640 creates respective ROs for the second and third users 602 and 603 based on the RO of the first user 601 stored thereon. The created RO is limited by electronic signature and encryption. The backup server 640 receives the secret key of the first user 601 for electronic signature and the public keys of the second and third users 602 and 603 for encryption from the first to third users 601 and 603, and performs electronic signature and encryption on each RO using the keys.
Meanwhile, the first user 601 forwards the address or URL of the backup server 640 to the second and third users 602 and 603, so that the second and third users 602 and 603 can download the created RO from the backup server 640. Here, the first user 601 does not have to forward the address of the backup server 640, but may receive ROs for the second and third users 602 and 603 from the backup server 640 and then transmit them to the second and third users 602 and 603, respectively.
The second and third users 602 and 603 may directly use the received RO as the first user 601 or back up it to the backup server 640. Third user 603 may create an RO for fourth user 604 through backup server 640 within the limits of the RO that it holds.
Meanwhile, since the first user 601 uses 8 of its play rights 10 times, the first user 601 currently has the right to play the encrypted content 2 times. After the first user 601 has played the content again, the right to play 2 times has been backed up in the backup server 640, whereby the first user 601 currently holds the right to play only 1 more time. When the first user 601 accesses the backup server 640 and there is a difference in the play count, the difference may be solved by automatically backing up the play count of the first user 601 into the backup server 640.
According to the present invention, a user is allowed to share his RO with other users within the limits of the RO without authentication by the server.
In addition, the present invention ensures secure use of the purchased RO using a backup server for backing up the RO. The present invention can solve this problem using a backup server when the memory or processor of the terminal does not have sufficient capacity to create the RO.
While the present invention has been particularly shown and described with reference to preferred embodiments thereof, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present invention as defined by the following claims. Accordingly, it should be understood that the above-described embodiments are illustrative only and are not to be construed as limiting the invention. The scope of the invention is given by the appended claims, rather than the preceding description, and all variations and equivalents which fall within the range of the claims are intended to be embraced therein.

Claims (3)

1. A method for sharing rights objects associated with content without requiring server-side authentication, the method comprising:
the first user creating a rights object to be transmitted to the second user within the limitations of a rights object held by the first user that is issued by a rights issuer or received from another user;
encrypting the created rights object using the public key of the second user;
the first user forwards the created rights object to the second user; and
the rights object held by the first user is modified in accordance with the forwarded rights object.
2. The method according to claim 1, further comprising the step of the first and second users transmitting information about the restrictions of each rights object they own hold to the rights issuer for a predetermined period.
3. The method according to claim 1, further comprising the step of electronically signing the created rights object with the first user's secret key before transmitting the rights object.
HK05105251.8A 2003-08-21 2005-06-23 Method for sharing rights objects between users HK1072667B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR2003-57901 2003-08-21
KR10-2003-0057901A KR100493900B1 (en) 2003-08-21 2003-08-21 Method for Sharing Rights Object Between Users

Publications (2)

Publication Number Publication Date
HK1072667A1 HK1072667A1 (en) 2005-09-02
HK1072667B true HK1072667B (en) 2012-10-12

Family

ID=

Similar Documents

Publication Publication Date Title
US7734917B2 (en) Method for sharing rights objects between users
CN108804879B (en) Method and system for content and service sharing
US8225097B2 (en) Anchor point-based digital content protection
CN100432953C (en) Device for secure and convenient management of digital electronic content
JP4149150B2 (en) Transmission distribution system and transmission distribution method under license offline environment
EP3770778B1 (en) Use of media storage structure with multiple pieces of content in a content-distribution system
JP4750352B2 (en) How to get a digital license for digital content
US20030079133A1 (en) Method and system for digital rights management in content distribution application
US20040205333A1 (en) Method and system for digital rights management
US20070198430A1 (en) Data processing device
JP2005526320A (en) Secure content sharing in digital rights management
WO2008048069A1 (en) Digital rights management provision apparatus, system, and method
JP2004046790A (en) System for digital contents protection and management
WO2007010427A1 (en) Digital inheritance
JP2006318134A (en) Digital rights management system, content server, and portable terminal
US20050044397A1 (en) Method and system for secure time management in digital rights management
KR20050105239A (en) Method for carrying out premium-based recommendation of content objects that can be downloaded to a mobile terminal
US20090063871A1 (en) Method and device for managing proprietary data format content
HK1072667B (en) Method for sharing rights objects between users
KR100814064B1 (en) DRM Contents Packaging Method and System
KR100891564B1 (en) Method and apparatus for dealing with proprietary data format content