CN100412743C - Method and apparatus for digital right management - Google Patents

Method and apparatus for digital right management Download PDF

Info

Publication number
CN100412743C
CN100412743C CNB2004100821620A CN200410082162A CN100412743C CN 100412743 C CN100412743 C CN 100412743C CN B2004100821620 A CNB2004100821620 A CN B2004100821620A CN 200410082162 A CN200410082162 A CN 200410082162A CN 100412743 C CN100412743 C CN 100412743C
Authority
CN
China
Prior art keywords
identifier
digit content
protected digit
restriction
identification symbol
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CNB2004100821620A
Other languages
Chinese (zh)
Other versions
CN1790218A (en
Inventor
高岩
朱宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Motorola Mobility LLC
Google Technology Holdings LLC
Original Assignee
Motorola Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Motorola Inc filed Critical Motorola Inc
Priority to CNB2004100821620A priority Critical patent/CN100412743C/en
Priority to PCT/US2005/044532 priority patent/WO2006065633A2/en
Publication of CN1790218A publication Critical patent/CN1790218A/en
Application granted granted Critical
Publication of CN100412743C publication Critical patent/CN100412743C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]

Abstract

The present invention relates to a method (400) and a device for digital right management, which is used for protected digital content. The method (400) requests to use the protected digital content (310) used by an application which is supported by an electronic device (100) with a device mark, and the reading after the method is relevant to the permitted use of the protected digital content and manages a right object (450) of the digital content, which is permitted to be used; afterwards, the method (400) determines an identifier and at least one limitation which is partially matched with the identifier; then, only when the device mark is definitely matched with the identifier or is ensured by the limitation which is partially matched with the identifier and is partially matched with the identifier, a user is allowed to use the protected digital content through the management on the authority object by the device (100).

Description

The method and apparatus that is used for Digital Right Management
Technical field
Present invention relates in general to Digital Right Management (DRM), and more specifically say, but unnecessary being defined in, a kind of method and apparatus relevant with DRM, it allows the group access to protected digit content.
Background technology
The electronic installation that is equipped with microprocessor and communication capacity becomes and becomes more and more popular, and a lot of new application that have been these device development.Use communication electronic device to come digital for processing digital content, such as music, recreation, video clipping, picture, books; Responsive private data is such as medical records, finance data, credit number; And maintain secrecy and safe situation, such as Industry Control, building automation, secret alarm; Add other guide.
In a lot of situations, the digital content, the information that always need protection and transmit or send to these devices.For example, content owner need submit to and make device content trusty to protect them the work or the content of copyright be arranged, thereby limits the visit and the use of these contents.Digital content has inherent value and content owner and need use protective device to guarantee to compensate liberally use to their assets.DRM comprises permission and the restriction that is used to protect about the authority of visit and digital for processing digital content.Content owner wishes to use DRM to protect their the valuable digital content that gets, and this DRM is realized such as mobile phone by the anti-tamper electronic installation of maintaining secrecy.
Can protected digit content be sent to one group of device by peer-to-peer network or the broadcasting by the service provider, or be sent to one or more devices, perhaps the combination by any additive method and device by the content supplier that allows access to content.But; current DRM scheme and method and device do not allow to use protected digit content by group, unless list the permission that each unique identifier obtains to use content in the permission object that each member of this group provides by the copyright owner by provider that speciallys permit or content.
In this manual, comprise claim, term " comprises ", " comprising ", " containing " or similarly term be intended to represent comprising of nonexcludability, make the method or the device that comprise series of elements not only comprise the element that those are listed, but also comprise the element of not listing.
Description of drawings:
In order more easily to understand the present invention and it to be tried out, the embodiment of illustrated example below with reference to the accompanying drawings, in the accompanying drawings:
Fig. 1 shows the block diagram according to the Circuits System of mobile phone of the present invention;
Fig. 2 is the detailed diagram that typically comprises the communication system of a plurality of mobile phones as shown in Figure 1;
Fig. 3 is the conceptual schema that is stored in the content in the static memory of mobile phone as shown in Figure 1;
Fig. 4 shows according to process flow diagram exemplary embodiment of the present invention, that provide and use the method for operating of protected digit content.
Summary of the invention
According to an aspect of the present invention, provide a kind of method that is used for the DRM of protected digit content, this method comprises:
Protected digit content is used in request, so that use by having with should being used for of supporting of the electronic installation of its device identification that is associated;
Read the permission object that permission to use with protected digital content is associated and manages the permission to use of this content;
From permission object, determine identifier and the restriction of at least one part matching identification symbol; And
Only when device identification matching identification symbol or guarantee and during part matching identification symbol, allow to use protected digit content by the management of permission object definitely by device by at least one part matching identification symbol restriction.
Aptly, identifier can be the user's of recognition device a user identifier.A suitable identifier is the identifier of RUIM or SIM or USIM.Typically, identifier can be international mobile subscriber identification (International Mobile Subscriber Identity) or an international mobile device identifier (International Mobile Equipment Identity).
Identifier can be the telephone number corresponding to international mobile subscriber identification.
Aptly, at least one part matching identification symbol restriction can be the phase ortho position (adjacent bit) in international mobile subscriber identification.The phase ortho position can be adjacent least important position or adjacent most important position.Adjacent position can recognition network provider, maybe can discern country, area, state or city.This at least one part matching identification symbol restriction can comprise aptly from following one or more coupling: 10 most important positions of identifier; 10 least important positions of identifier; The n of identifier phase ortho position; N phase ortho position of the least significant bit i position of range marker symbol; N phase ortho position of the most significant bit i position of range marker symbol; The the 11st and the 12nd least important position of identifier; Or the 11st to the 15th least important position of identifier, wherein n and i are integers.Permission is made up each part matching identification symbol restriction and one or more other part matching identification symbol restrictions by the Boolean logic operational character.
According to a further aspect in the invention, provide a kind of device, it comprises:
Storer, its storage protected digit content file and the object permission that is associated, this object permission have identifier and the restriction of at least one part matching identification symbol;
Processor, it is connected with storer effectively,
At least one user interface and keyboard; it is the connection processing device effectively; wherein in response to the user command that provides at keyboard; device is determined identifier and the restriction of at least one part matching identification symbol from permission object; and afterwards only when the device identification of recognition device matching identification symbol or guarantee and during part matching identification symbol, allow device to use protected digit content by the management of permission object definitely through user interface by at least one part matching identification symbol restriction.
Aptly, identifier can be the user's of recognition device a user identifier.A suitable identifier is the identifier of RUIM or SIM or USIM.Identifier can be international mobile subscriber identification or international mobile device identifier.Identifier can be the telephone number corresponding to international mobile subscriber identification.
According to a further aspect in the invention, provide a kind of method that is used to provide protected digit content, this method comprises:
Obtain device identification from the device that protected digit content is provided to it; And
The permission object that protected digit content is provided and is associated, wherein this permission object comprises identifier and the restriction of at least one part matching identification symbol that obtains from device identification.
Aptly, identifier can be the user's of recognition device a user identifier.A suitable identifier is the identifier of RUIM or SIM or USIM.Identifier can be international mobile subscriber identification or international mobile device identifier.Identifier can be the telephone number corresponding to international mobile subscriber identification.
Aptly, at least one part matching identification symbol restriction can be the phase ortho position in the telephone number of discerning corresponding to international mobile subscriber.The phase ortho position can be adjacent least important position or adjacent most important position.Adjacent position can recognition network provider, maybe can discern country, area, state or city.This at least one part matching identification symbol restriction can comprise aptly from following one or more coupling: 10 most important positions of identifier; 10 least important positions of identifier; The n of identifier phase ortho position; N phase ortho position of the least significant bit i position of range marker symbol; N phase ortho position of the most significant bit i position of range marker symbol; The the 11st and the 12nd least important position of identifier; Or the 11st to the 15th least important position of identifier, wherein n and i are integers.Permission is made up each part matching identification symbol restriction and one or more other part matching identification symbol restrictions by the Boolean logic operational character.
Embodiment
Provide directly open and make and use the mode of enabling according to the best mode of at least one embodiment of the present invention with further explanation.Further provide the disclosure to strengthen understanding and approval, rather than limit the present invention in any way for inventive principle of the present invention and advantage.
Further understand, the use of relational language only is for differentiation entity or action mutually, and does not need to represent or hint the relation or the order of any practical between this entity or action.And the term in this instructions " use " or " utilization " have implication widely, and it comprises: check, carry out, listen to, broadcast, visit data, visit information and other similar terms.The reader pays particular attention to the definition of " device identification ", it has implication widely, comprise with sign or recognition device or on device or any device that is associated of the module that is connected with device, method, technology etc., and " device identification " comprising: international mobile phone user discern (IMSI), international mobile device discern (IMEI), IP address or arbitrarily other possible appropriate identification accord with.
A lot of invention functions and a lot of invention principle preferably realize by software or in software program, perhaps by instruction and integrated circuit (IC), realize such as application-specific integrated circuit.Expection those of ordinary skills can generate this software instruction and program and IC at an easy rate with minimum experience by here disclosed notion and guidance of principle the time.Therefore, cause for simplicity and in order to minimize the purpose that makes according to any risk of principle of the present invention and concept obfuscation, the further discussion of this software and IC will be limited to about the principle of being used by the present invention and the essence of notion.
Forward accompanying drawing now to, the element that wherein similar numeral is similar.With reference to figure 1, it shows is the explanatory view of the electronic installation of movement station or mobile phone 100 in form, and this movement station or mobile phone 100 comprise radio frequency communications unit 102, and it is connected to communicate by letter with it with processor 103.This mobile phone 100 also has keyboard 106 and display screen 105, and they are connected to communicate by letter with it with processor 103.To those skilled in the art clearly, screen 105 can be a touch-screen, makes that thus keyboard 106 is optional.
Processor 103 comprises encoder/decoder 111, and it has the code ROM (read-only memory) (ROM) 112 that is associated, and is used to store be used for Code And Decode by mobile phone 100 transmissions or the voice that receive or the data of other signals.Processor 103 also comprises microprocessor 113, it is connected encoder/decoder 111, character ROM (read-only memory) (ROM) 114, random-access memory (ram) 104, able to programmely reads and write static memory 116, short-range wireless transceiver 180, plug-in unit memory module and network connection interface 160 by conventional data with address bus 117, and removable Subscriber Identity Module (RUIM) interface 118.Static programmable memory 116 is connected RUIM interface 118 effectively with RUIM card 119, each can store preferred roaming list (PRL), subscriber's authorization data, selected introducing text message and telephone number database (TND telephone directory), and the TND telephone directory comprises the numeric field of subscriber directory number and is used for and the name field of the identifier that one of therein number is associated.RUIM card 119 and static memory 116 can also be stored the password that is used to allow to visit the cipher protection function on mobile phone 100.To those skilled in the art clearly, RUIM card 119 is sometimes referred to as or is called subscriber identity module (SIM) or global subscriber identity module (USIM) interchangeably, and stores unique international mobile subscriber identification (IMSI) thereon.
Microprocessor 113 has the port that is used to be connected to keyboard 106, screen 105 and warns 115, and this warning 115 typically comprises alert speaker, vibrating motor and the driver that is associated.And microprocessor 113 has the port that is used to be connected to microphone 135, polyphony loudspeaker 170 and communications speaker 140.Character ROM (read-only memory) 114 storage be used to decode or the encode code of the text message that can receive by communication unit 102.In this embodiment, character ROM (read-only memory) 114, RUIM card 119 and static memory 116 can also be stored operation code (OC) that is used for microprocessor 113 and the code that is used to carry out the function that is associated with mobile phone 100.In addition, static memory 116 is also stored and is had the corresponding permission object file that will be described below and the digital content of rights expression language.
Radio frequency communications unit 102 is receiver and transmitters of combination, and it has common antenna 107.Communication unit 102 has the transceiver 108 that is connected with antenna 107 through radio frequency amplifier 109.This transceiver 108 also is connected with the modulator/demodulator 110 of combination, and modulator/demodulator 110 is connected to processor 103 with communication unit 102.
Fig. 2 is the block diagram of system 200 according to an embodiment of the invention.As shown in the figure, system 200 comprises that typical landform is a plurality of electronic installations 201,202 and 203 of movement station or mobile phone 100.But electronic installation 201,202 and 203 can be the device of the network-connectable of any suitable, such as, but be not limited to personal digital assistant, audio player, video player, pocket computer etc.In addition, by the mode of example, can typically equip one or more electronic installations 201,202 and 203 and have MPEG video layer 4 files of standard MPEG Video Codec with broadcast.And by the mode of example, one or more devices 201,202 and 203 can be equipped with the application program with application program " broadcast " mpeg audio layer 3 (MP3) file, such as standard MP3 player.
System 200 also comprises a plurality of content suppliers 205,207,209 and network 210, and wherein network 210 allows in the communication between the electronic installation 201,202,203 (peer-to-peer communications) or in content supplier 205,207,209 and the communication between the electronic installation 201,202,203 arbitrarily arbitrarily.Content supplier 205,207,209 has aptly after carrying out by the suitable DRM agreement of using limitation management, available protected digit content is offered the database of electronic installation 201,202,203.For example; content supplier 205 can use the DRM agreement that the protected digit content mp3 file is offered electronic installation 201; here this DRM with MPEG-21 (ISO/IEC TR 21000-1:2001 (E) " Part 1:Vision, Technologies and Strategy ", can from Http:// www.iso.ch/iso/en/ittf/Obtain) exploitation, and also content supplier 207 can use the 2nd DRM agreement that shielded digital video content is offered electronic installation 202, the two DRM agreements as described in the Open Mobile Alliance standard known to a person of ordinary skill in the art.Can comprise by the digital content that content supplier 205,207,209 provides, but be not limited to, music, recreation, video, picture, books, map, software, add other digital contents arbitrarily.And content supplier 205,207,209 can provide the communication network provider that the communication network between electronic installation 201,202,203 is connected with peer-to-peer communications.
According to exemplary embodiment of the present invention, all communications between electronic installation 201,202,203 and the 205-207 of content supplier are carried out on network 202.Network 202 can have various ways, such as, but being not limited to, cellular network, LAN (Local Area Network), wide area network, hardware circuit connect or other communication networks arbitrarily.
Fig. 3 is the conceptual schema that is stored in the content in the static memory 116.As shown in the figure, static memory 116 storages comprise program, file or the module of protected digit content file 310,314,318 and each authority that is associated (permission object) 312,316,320 and DRM Agent 330.Static memory 116 is also stored the program that is used for system service 340 and is used to use 305,307,309 program.Though this exemplary embodiment shows static memory 116 storages and uses 305,307,309; protected digit content file 310,314,318; authority (permission object) 312,316,320 and DRM Agent 330 should be noted that the memory storage that can use any amount stores above-mentioned one or more.Such memory storage can comprise, but be not limited to, the harddisk storage device that is connected with interface 160, random-access memory (ram) 104, and smart cards for storage device or the RUIM card 119 that is connected with RUIM interface 118, or the removable memory storage that is connected with interface 160, such as multimedia card (MMC) or removable storer.And, to those skilled in the art clearly, the conceptual schema of Fig. 3 only is the purpose that is used to illustrate, and the program, file or the module that are stored in the static memory 116 can be by any Storage Mapping memory allocated, and can be continuously or the piecewise allocation map.Should be noted that authority 312,316 and 320 can be embedded in the protected digit content file 310,314,318.
Generally speaking, by using relevant authority 312 for example on protected digit content file 310, to strengthen or protection DRM.Authority 312 comprises the usage license and the contents encryption key (CEK) that is used for protected digit content file 310, and only gives or use therein content by having device by identifier (ID) processing authority of the permission of corresponding authority 312 definition.Give device with this authority by the identifier (ID) that the module of installing or effectively be connected to device is discerned, this identifier is such as the identification code on mobile phone 100 (or numeral), the international mobile subscriber identification (IMSI) that has on RUIM typically.
When need by use one of 305,307,309 use on protected digit content file 310 protected digit content the time; mode with the management of the access rights that provide by authority 312; device such as mobile phone 100 will use DRM Agent 330 to specially permit with authentication; resolve and the reinforcement rule, and resolve, decipher and next visit or use protected digit content.DRM Agent 330 serves 340 to help carrying out public function, such as the file system management or the deciphering of the content in protected digit content file 310 with using system.
Model, scheme or the agreement of the DRM authority of format, editor or encryption that consideration has on authority 312,316,320.This model, scheme or agreement comprise permissions (PR), binding authority (CR) and secret authority (SR) aptly.The model of this DRM of being used for authority, scheme or agreement define with for example Open Mobile Alliance standard DRM rights expression language usually.
Consider binding authority (CR), it is following described that the present invention provides aptly:
Restriction (CR):
number_of_usages;.........;expiry_date;
identity;.........;end
The number of times of the assets (asset) that number_of_usages binding authority (CR) appointment permission to use is admitted wherein defines this permission by permissions (PR).
The time range or the time restriction of the assets that Expiry_date binding authority (CR) appointment permission to use is admitted.
Sign (identity) binding authority (CR) specify have the permission (PR) admitted, by the permissions definition to use one or more identifiers (ID) of assets.
The present invention uses identity restriction authority (CR), and wherein sign has following object:
Permitted_Identifier:<32 〉;
Mate 1:<10 most important positions 〉;
Mate 2:<10 least important positions 〉;
Coupling 3:<n phase ortho position 〉; N is the integer between 2 to 31
Coupling 4:<n phase ortho position, apart from least significant bit i position 〉; Wherein n and i are the integers between 1 and 16
Coupling 5:<n phase ortho position, apart from most significant bit i position 〉; Wherein n and i are the integers between 1 and 16
Mate 6:<the 11 and the 12nd least important position 〉;
Mate the 7: the<the 11 to the 15th least important position 〉;
Coupling 8: for being used to mate 1 Boolean logic AND/OR/NOT operational character to any of coupling 7 or all parts couplings
Can find out from above-mentioned identity restriction authority (CR); if wishing to allow only to have, the permission object publisher has the specific the 11st to the 15th (just; 46000) identifier (ID) and other all irrelevant users, device, system or network use protected digit content; by only selecting coupling 7 (do not select every other coupling: coupling 1 to 6 and coupling 8), the permission object publisher will realize required protection purpose: only allow to have its 11st to the 15th, the use of the identifier of coupling 46000.As another example, if the permission object publisher wishes to allow only to have and has the specific the 11st to the 15th and the specific the 3rd to the 7th both and other all irrelevant users, device, system or network and use protected digit content, by only select coupling 8 (do not select every other coupling: coupling 1 to 7), the permission object publisher will be encoded as by use " coupling 7AND coupling 3 (n=4; I=6) " coupling 8 Boolean logic operational characters realize required protection purpose.Therefore, from as can be seen above-mentioned, clearly allow to make up each part matching identification symbol restriction and one or more other part matching identification symbol restrictions by the Boolean logic operational character.
With reference to figure 4, it shows the process flow diagram of the method for operating 400 of communication system 200.This method 400 is to start frame 410 beginnings, and one of device 201,202,203 is connected to one of content supplier 205,207,209 suitably by network 210.The permission object that this method 400 provides protected digit content and is associated at frame 420.Provide and can carry out that Multimedia Message transmits from the website or download by network, perhaps can be arbitrarily other form is provided.For instance; if network 210 is cellular networks, will sends to mobile phone 100 at the protected digit content in one or more Multimedia Messages and the permission object that is associated by content supplier 205 (it also is the permission object publisher in essence) so and carry out and provide.
At frame 430, in static memory 116, receive and storage protected digit content and the permission object that is associated.Receive by radio frequency communications unit 102, and, for example, in protected digit content file 310, store protected digit content and in authority 312, store permission object.Can in a transmission, receive protected digit content file 310 respectively and the permission object of storage in authority 312, perhaps can in two transmission that separate, receive them.And, permission object can be embedded in the protected digit content file 310.
To those skilled in the art clearly, when execution provides, content supplier 205 obtains identifier (ID) from device, and this identifier (ID) is the international mobile subscriber identification (IMSI) that is stored among RUIM119 or SIM or the USIM, but can use other forms of identifier (ID), comprise international equipment identification (IMEI), IP address or other possible suitable identifiers arbitrarily of moving, this generally depends on the type of system 200 and the requirement of content supplier 205.In this illustrative examples, this identifier (ID) is the identifier (PID) with the permission in the identity restriction authority (CR) of 32 Permitted_Identifier object/field store in the permission object that provides is provided.Should notice that not all 32 can be used in Permitted_Identifier object/field, in one embodiment, the identifier (PID) that is stored in the permission in Permitted_Identifier object/field can be corresponding to the telephone number of international mobile subscriber identification (IMSI) or other identifiers (ID) arbitrarily, such as IMEI, IP address or other possible operable appropriate identification symbols arbitrarily.At least one part matching identification symbol restriction (coupling 1 is to coupling 8) also is provided in permission object, and it is allowed by identity restriction authority (CR).The restriction of part matching identification symbol can be the adjacent numeral (position) in the telephone number of discerning corresponding to international mobile subscriber.Adjacent position can be adjacent least important position or adjacent most important position.Adjacent position can marked network provider, perhaps can identify country, area, state or city.At least one part matching identification symbol restriction can comprise following coupling suitably: 10 most important positions of identifier; 10 least important positions of identifier; The n of identifier phase ortho position; N phase ortho position, the least significant bit i position of range marker symbol; N phase ortho position, the most significant bit i position of range marker symbol; The the 11st and the 12nd least important position of identifier; Or the 11st to the 15th least important position of identifier, wherein n and i are integers.
After frame 430, the permission object that method 400 can stop or further provide and receive more protected digit content and be associated.But at some point, mobile phone 100 can be sent in the user command of keyboard 106 inputs, and protected digit content is used in request.As shown in the figure, carrying out request immediately after frame 430 is finished reception and storage uses.
Use protected digit content in frame 440 execution requests, typically in response to user command (or when frame 430 receives and stores, automatically performing) in keyboard 105 inputs.It is that mobile phone 100 has device identification at the employed content of being supported by mobile phone 100 of application that protected digit content is used in request, for example, and the identifier (ID) that obtains from international mobile subscriber identification (IMSI).If; for example; protected digit content is MPEG video layer 4 files of encrypting in file 310; so; at frame 450; permission object in the authority 312 that method 500 reads in and the protected digit content in file 310 is associated, and the permission of the protected digit content of this permission object management in file 310 is used.Selection can move one of application 305,307,309 of MPEG video layer 4 files and use for mobile phone 100.
Afterwards, at frame 460, method 400 is determined the DRM authority from the permission object file 312, comprising: from the identifier (PID) of one or more permissions of Permitted_Identifier object/field; And if be included in the identity restriction authority (CR), the DRM authority comprises that also the coupling 1 that is set up/selects is at least one part matching identification symbol restriction of mating 8.
Test at matching test frame 470 afterwards, with the identifier (ID) of checking the permission in permission object file 312 whether: mate the device identification that obtains from identifier (ID) definitely; Or partly mate the device identification that obtains from identifier (ID), at least one the part matching identification symbol restriction that defines as the coupling (coupling 1 is to mating 8) that allows setting/selection is guaranteed.If in frame 470 not coupling or part coupling, method provides banning use of of the protected digit content that is stored in the file 310 at frame 480 so.As another selection; if have coupling or part coupling; based on above-mentioned match-on criterion; at frame 490; method is only when the device identification that obtains from identifier (ID) mates the identifier (PID) of permission or the identifier (PID) that part is mated permission (at least one the part matching identification symbol restriction that defines as the coupling (coupling 1 is to coupling 8) that allows is guaranteed) definitely; permission is by mobile phone 100; by the management of the permission object in file 312, and the protected digit content of use in file 310.Therefore; DRM Agent 330 is under the help of system service; the contents encryption key (CEK) of use in permission object deciphered; and use to use 305 (mpeg players), on the screen 105 and replenish with polyphony loudspeaker 170 and play protected digit content (MPDG video layer 4 files of encryption) in file 310.Then, method 400 stops in end block 495 after frame 480 or 490.
Useful is; if content supplier; perhaps copyright owner or the franchisor protected digit content that is desirable to provide them is given specific group or zone; perhaps allow its use, suitable one or more in limiting of at least one part matching identification symbol by the coupling of the permission of identity restriction authority (CR) (coupling 1 is to coupling 8) definition can be set in permission object so.Therefore, content supplier, perhaps copyright owner or franchisor can optionally allow big group through their wireless communication unit 102 on network, the certain subscriber grade, use with the zone and distribute, can connect by hardware circuit, by using the insert arrangement of interface 160, perhaps by the transceiver 180 of short distance or by any other modes.For example; if the device identification that obtains from identifier (ID) is corresponding to telephone number 65123456789; if select coupling 3 to be included in the permission object so; and n is set to 2, and the telephone number that has 2 phase ortho positions at two phase ortho positions in the coupling any 65 123456789 so can use protected digit content.But; for stricter restriction is provided; make group can use protected digit content, can use coupling 4 make n be set to 2 and i be set to 8, therefore only the 9th and the 10th numeral (position) is that 65 telephone number can use protected digit content.Because the 9th and the 10th numeral (position) in telephone number be 65 be the international code of Singapore, therefore this group user is those users with mobile phone of the identifier (telephone number) that has the IMSI number that is used for Singapore.
Another example relates to different operational character schemes.One of IMSI number segmentation of distributing to a move operation person of China is segmentation 460 00XXXXX XXXXX, this means that preceding 5 most important positions equal 460 00 an international mobile subscriber identification (IMSI) and belong to this move operation person.For another operator in China, international mobile subscriber identification (IMSI) segmentation is with 460 01 beginnings.Therefore; if for 5 part couplings that are defined in the permission object since the first most important position; and the User_Identifiter in permission object is written as 460 00 XXXXX XXXXX by the permission object publisher, and other move operations person's subscriber can not obtain visiting the permission of protected digit content arbitrarily.
By specific reference to the IMSI number of generator sign, the example seldom of advantage of the present invention only is provided, but, to those skilled in the art clearly, device identification and permitted_Identifier (PID) can be any other possible admissible identifiers, include, but are not limited to the identifier that in this instructions, is specifically related to.
Foregoing detailed description only provides schematic embodiment, and is not intended to qualification scope of the present invention, applicability or setting.And the detailed description of exemplary embodiment makes those of ordinary skills can realize exemplary embodiment of the present invention.Should be appreciated that, under the situation of the spirit and scope that do not break away from the proposition of the present invention such as claims, can make multiple change the function and the layout of element and step.

Claims (20)

1. method that is used for the DRM of protected digit content, this method comprises:
The protected digit content that uses by using is used in request, and this application is by the electronic installation support with the device identification that is associated with protected digit content;
Read with the permission of protected digit content and use the permission object that is associated and manages the permission use of this content;
From permission object, determine identifier and the restriction of at least one part matching identification symbol; And
Only when device identification matching identification symbol or guarantee and during part matching identification symbol, allow to use protected digit content by the management of permission object definitely by the user by at least one part matching identification symbol restriction.
2. the method that is used for the DRM of protected digit content as claimed in claim 1, wherein, this identifier is the user's of recognition device a user identifier.
3. the method that is used for the DRM of protected digit content as claimed in claim 2, wherein, this identifier is the user identifier of RUIM or SIM or USIM.
4. the method that is used for the DRM of protected digit content as claimed in claim 1, wherein, this identifier is international mobile subscriber identification or international mobile device identifier.
5. the method that is used for the DRM of protected digit content as claimed in claim 4, wherein, this at least one part matching identification symbol restriction is the phase ortho position in international mobile subscriber identification.
6. the method that is used for the DRM of protected digit content as claimed in claim 5, wherein, this phase ortho position is adjacent least important position or adjacent most important position.
7. the method that is used for the DRM of protected digit content as claimed in claim 6, wherein, the bit-identify network provider that this is adjacent maybe can be discerned country, area, state or city.
8. the method that is used for the DRM of protected digit content as claimed in claim 1, wherein, this at least one part matching identification symbol restriction comprises from following one or more coupling: 10 most important positions of identifier; 10 least important positions of identifier; The n of identifier phase ortho position; N phase ortho position, the least significant bit i position of range marker symbol; N phase ortho position, the most significant bit i position of range marker symbol; The the 11st and the 12nd least important position of identifier; Or the 11st to the 15th least important position of identifier, wherein n and i are integers.
9. the method that is used for the DRM of protected digit content as claimed in claim 8, wherein, each part matching identification symbol restriction is allowed to by Boolean logic operational character and one or more other part matching identification symbol restriction combinations.
10. device, it comprises:
Storer, its storage protected digit content file and the object permission that is associated, this object permission have identifier and the restriction of at least one part matching identification symbol;
Processor, it is connected with storer effectively,
At least one user interface and keyboard; it is the connection processing device effectively; wherein; in response to the user command that provides at keyboard; device is determined identifier and the restriction of at least one part matching identification symbol from permission object, and afterwards only when the device identification of recognition device matching identification symbol or guaranteed and part matching identification when according with by at least one part matching identification symbol restriction definitely, allows to pass through device; by user interface, use protected digit content by the permission object management.
11. device as claimed in claim 10, wherein, this identifier is the user's of recognition device a user identifier.
12. device as claimed in claim 11, wherein, this identifier is the user identifier of RUIM or SIM or USIM.
13. device as claimed in claim 10, wherein, this identifier is international mobile subscriber identification or international mobile device identifier.
14. a method that is used to provide protected digit content, this method comprises:
Obtain device identification from the device that protected digit content is provided to it; And
The permission object that protected digit content is provided and is associated, wherein, this permission object comprises identifier and the restriction of at least one part matching identification symbol that obtains from device identification.
15. the method that is used to provide protected digit content as claimed in claim 14, wherein, this identifier is the user's of recognition device a user identifier.
16. the method that is used to provide protected digit content as claimed in claim 15, wherein, this identifier is the user identifier of RUIM or SIM or USIM.
17. the method that is used to provide protected digit content as claimed in claim 14, wherein, this identifier is international mobile subscriber identification or international mobile device identifier.
18. the method that is used to provide protected digit content as claimed in claim 16, wherein, this at least one part matching identification symbol restriction is the phase ortho position in the telephone number of discerning corresponding to international mobile subscriber.
19. the method that is used to provide protected digit content as claimed in claim 14, wherein, this at least one part matching identification symbol restriction can comprise aptly from following one or more coupling: 10 most important positions of identifier; 10 least important positions of identifier; The n of identifier phase ortho position; N phase ortho position, the least significant bit i position of range marker symbol; N phase ortho position, the most significant bit i position of range marker symbol; The the 11st and the 12nd least important position of identifier; Or the 11st to the 15th least important position of identifier, wherein n and i are integers.
20. the method that is used to provide protected digit content as claimed in claim 14, wherein, each part matching identification symbol restriction is allowed to by Boolean logic operational character and one or more other part matching identification symbol restriction combinations.
CNB2004100821620A 2004-12-17 2004-12-17 Method and apparatus for digital right management Active CN100412743C (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CNB2004100821620A CN100412743C (en) 2004-12-17 2004-12-17 Method and apparatus for digital right management
PCT/US2005/044532 WO2006065633A2 (en) 2004-12-17 2005-12-08 Method and device for digital rights management

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2004100821620A CN100412743C (en) 2004-12-17 2004-12-17 Method and apparatus for digital right management

Publications (2)

Publication Number Publication Date
CN1790218A CN1790218A (en) 2006-06-21
CN100412743C true CN100412743C (en) 2008-08-20

Family

ID=36588392

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004100821620A Active CN100412743C (en) 2004-12-17 2004-12-17 Method and apparatus for digital right management

Country Status (2)

Country Link
CN (1) CN100412743C (en)
WO (1) WO2006065633A2 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9356935B2 (en) * 2006-09-12 2016-05-31 Adobe Systems Incorporated Selective access to portions of digital content
KR20090022997A (en) * 2007-08-29 2009-03-04 삼성전자주식회사 Method and apparatus for managing drm rights object
WO2009086661A1 (en) * 2007-12-29 2009-07-16 Motorola, Inc. User identification method and apparatus for multimedia priority service
GB2465769A (en) * 2008-11-27 2010-06-02 Symbian Software Ltd Method and apparatus relating to licenses necessary for the operation of a software application on a mobile terminal
US8869289B2 (en) 2009-01-28 2014-10-21 Microsoft Corporation Software application verification
US9519799B2 (en) 2009-06-01 2016-12-13 Koninklijke Philips N.V. Dynamic determination of access rights
CN102236750B (en) * 2010-04-29 2016-03-30 国际商业机器公司 The method and apparatus of control of authority is carried out in cloud storage system
US20130067508A1 (en) * 2010-05-25 2013-03-14 Koninklijke Philips Electronics N.V. Controlling access of a user to media content
CN102301777B (en) * 2011-05-27 2013-10-09 华为技术有限公司 Method and device for controlling parameter configuration
US20140283133A1 (en) * 2013-03-13 2014-09-18 Rockwell Automation Technologies, Inc. Code-enabled remote activation of software for industrial automation systems
CN103476149B (en) * 2013-09-27 2017-01-11 惠州Tcl移动通信有限公司 Method and system for automatically switching user modes by identifying IMSIs

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1313988A (en) * 1999-04-14 2001-09-19 松下电器产业株式会社 Data management apparatus, data management method, and record medium recording data management program
CN1379955A (en) * 1999-10-19 2002-11-13 汤姆森许可公司 System and method for verifying authorization for communicating protected content
CN1384946A (en) * 1999-09-10 2002-12-11 数据播放公司 Content distribution method and apparatus
CN1392700A (en) * 2001-06-15 2003-01-22 三星电子株式会社 System and method for protecting content data
JP2003223317A (en) * 2002-01-30 2003-08-08 Sony Corp Privileged instruction execution controller, privileged instruction execution control method, and its program
CN1521980A (en) * 2003-02-11 2004-08-18 Publishing digital content within a defined universe such as an organization in accordance with a digital rights management (drm) system
CN1530792A (en) * 2003-03-14 2004-09-22 西门子公司 Method and system for preventing electronic data object from unauthorized access

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6044471A (en) * 1998-06-04 2000-03-28 Z4 Technologies, Inc. Method and apparatus for securing software to reduce unauthorized use
WO2004081719A2 (en) * 2003-03-07 2004-09-23 Chaoticom, Inc. Methods and systems for digital rights management of protected content

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1313988A (en) * 1999-04-14 2001-09-19 松下电器产业株式会社 Data management apparatus, data management method, and record medium recording data management program
CN1384946A (en) * 1999-09-10 2002-12-11 数据播放公司 Content distribution method and apparatus
CN1379955A (en) * 1999-10-19 2002-11-13 汤姆森许可公司 System and method for verifying authorization for communicating protected content
CN1392700A (en) * 2001-06-15 2003-01-22 三星电子株式会社 System and method for protecting content data
JP2003223317A (en) * 2002-01-30 2003-08-08 Sony Corp Privileged instruction execution controller, privileged instruction execution control method, and its program
CN1521980A (en) * 2003-02-11 2004-08-18 Publishing digital content within a defined universe such as an organization in accordance with a digital rights management (drm) system
CN1530792A (en) * 2003-03-14 2004-09-22 西门子公司 Method and system for preventing electronic data object from unauthorized access

Also Published As

Publication number Publication date
CN1790218A (en) 2006-06-21
WO2006065633A3 (en) 2006-10-19
WO2006065633A2 (en) 2006-06-22

Similar Documents

Publication Publication Date Title
CN101317380B (en) Method and system for license backup and recovery
CN100459780C (en) Robust and flexible digital rights management involving a tamper-resistant identity module
KR100552984B1 (en) Device and method for restricting content access and storage
WO2006065633A2 (en) Method and device for digital rights management
US20050120232A1 (en) Data terminal managing ciphered content data and license acquired by software
EP1495409B1 (en) Method and system for distribution of encrypted data in a mobile network
KR101434354B1 (en) Rights sharing system and method for digital rights management
CN1991856A (en) Locking applications for specially marked content
CN101206697B (en) Method and apparatus for decoding right object and method and apparatus for sharing contents using the same
CN101014944A (en) Method and apparatus for digital rights management
KR20060048949A (en) Method of providing access to encrypted content to one of a plurality of consumer systems, device for providing access to encrypted content and method of generating a secure content package
JP5837219B2 (en) Method and system for lending digital content
CN100471110C (en) Method and apparatus for managing digital rights using portable storage device
US20030009667A1 (en) Data terminal device that can easily obtain content data again, a program executed in such terminal device, and recording medium recorded with such program
JP4142287B2 (en) Communication terminal, content use restriction method, and program execution restriction method
CN100555205C (en) Portable memory and in portable memory the method for management document
KR20100108970A (en) Method and apparatus for protecting of drm contents
CN100593786C (en) Sytem and method for providing access to OMA DRM protected files from JAVA applications
CN102024124B (en) Method, and device for processing mobile widgets as well as client-side
CN100476845C (en) Digital copyright management method
KR20100088966A (en) Method for playing drm contents and managing of license in a portable device and a apparatus therefor
CN102130901A (en) Information processing device, method thereof, information processing system, and method thereof
CN101375543B (en) Via server by right objects the apparatus and method from an equipment moving to another equipment
CN101841806A (en) Service card information processing method, device and system and communication terminal
CN103310156A (en) Method and device for updating terminal system file

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: MOTOROLA MOBILE CO., LTD

Free format text: FORMER OWNER: MOTOROLA INC.

Effective date: 20110120

C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20110120

Address after: Illinois State

Patentee after: MOTOROLA MOBILITY, Inc.

Address before: Illinois, USA

Patentee before: Motorola, Inc.

C41 Transfer of patent application or patent right or utility model
C56 Change in the name or address of the patentee
CP01 Change in the name or title of a patent holder

Address after: Illinois State

Patentee after: MOTOROLA MOBILITY LLC

Address before: Illinois State

Patentee before: MOTOROLA MOBILITY, Inc.

TR01 Transfer of patent right

Effective date of registration: 20160721

Address after: California, USA

Patentee after: Google Technology Holdings LLC

Address before: Illinois State

Patentee before: MOTOROLA MOBILITY LLC