WO2007118387A1 - A method and system for keeping digital rights management time synchronization - Google Patents

A method and system for keeping digital rights management time synchronization Download PDF

Info

Publication number
WO2007118387A1
WO2007118387A1 PCT/CN2007/000076 CN2007000076W WO2007118387A1 WO 2007118387 A1 WO2007118387 A1 WO 2007118387A1 CN 2007000076 W CN2007000076 W CN 2007000076W WO 2007118387 A1 WO2007118387 A1 WO 2007118387A1
Authority
WO
WIPO (PCT)
Prior art keywords
time
synchronization
terminal device
unit
time synchronization
Prior art date
Application number
PCT/CN2007/000076
Other languages
French (fr)
Chinese (zh)
Inventor
Hailong Qi
Sheng Li
Original Assignee
Huawei Technologies Co., Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd filed Critical Huawei Technologies Co., Ltd
Publication of WO2007118387A1 publication Critical patent/WO2007118387A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04JMULTIPLEX COMMUNICATION
    • H04J3/00Time-division multiplex systems
    • H04J3/02Details
    • H04J3/06Synchronising arrangements
    • H04J3/0635Clock or time synchronisation in a network
    • H04J3/0638Clock or time synchronisation among nodes; Internode synchronisation
    • H04J3/0644External master-clock
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Definitions

  • the present invention relates to Open Mobile Alliance digital rights management technology, and more particularly to an Open Mobile Alliance Digital Rights Management System (Open Mobile Alliance Digital Rights)
  • the Management System (hereinafter referred to as the OMA DRM system) provides a method and system for digital rights management to maintain time synchronization.
  • Copyright protection technology is mainly used to protect digital content including music, video, images, books, computer software, etc., mainly by restricting the use of digital content, copying, etc., to protect digital content.
  • _ controls the use of the digital content of the copyright object by the control parameters set in the Rights Object. For example, controlling the number of uses of digital content by the limit of counts in the rights object; by the expiration date in the copyright object
  • the copyright object is an important part of copyright control in OMA DRM technology.
  • OMA DRM2.0 it is necessary for the terminal to maintain a secure time for the validity period of the certificate of the terminal device, the time-related restriction parameter in the copyright object, and if the security time is lost, between the terminal and the server.
  • the RO AP abbreviation of Rights Obj ect Acquisition Protocol, Protocol Object Acquisition Protocol
  • the time synchronization operation is performed by the OCSP (abbreviation of Online Certificate Status Protocol), so that the terminal and the OCSP Responsder are in time. Synchronize.
  • Figure 1 shows the 4-pass registration flow chart for the ROAP protocol.
  • the terminal device sends a greeting to the authorization center (step 101).
  • the authorization center After the authorization center receives the call, the authorization center sends a greeting response to the terminal device (step 102), and when the terminal device initiates a registration request to the authorization center (step 103), the authorization is authorized.
  • the Rights Issuer will check if the safety time of the equipment brought by the terminal equipment is correct. If it is not correct, then The authorization center sends an OCSP request to the OCSP responder (step 104), and the OCSP responder sends an OCSP response (OCSP Response) to the authorization center (step 105), and the authorization center sends a registration response to the terminal. Equipment (step 1Q6).
  • the OCSP response carries the standard time, and the terminal device performs the time synchronization operation according to the standard time in the OCSP response.
  • the 2-pass copyright acquisition process of the ROAP protocol is shown in Figure 2.
  • the terminal device also carries the device security time in the RO request (RO 201) sent to the authorization center (step 201).
  • the authorization center also judges whether the security time is correct (step 202). If it is determined that the security time is incorrect, an OCSP request is sent to the OCSP responder (step 203), and the OCSP response is received (step 204).
  • the OCSP responds to the terminal device (step 205).
  • the terminal device synchronizes according to the standard time in the OCSP response.
  • time synchronization is only performed when the terminal device initiates a ROAP protocol to the Rights Issuer. This leaves a hidden danger. For example, after obtaining some copyright objects, the user can no longer initiate the ROAP protocol, and the device security time changes by letting the device power down or other possible measures. At this time, when using digital content, the user can change the time to achieve the purpose of reusing the copyright object, and the copyright object has problems in controlling the use of the digital content.
  • a time secure module is used to record the time modification information or time offset of the user to the terminal device.
  • the time offset of the security device may be calculated according to the current time and time of the terminal device.
  • a standard time is issued to ensure that the copyright control information of the digital content is effectively executed without being affected by the user's free time.
  • the current standard time is 13:00
  • the current time of the user is also 13:00
  • the user will The time is changed to 11:00, and two hours in advance, the time security module will record this time change amount (2 hours).
  • the terminal device time is displayed as 15:00, it can be recorded according to the time security module. Time modification information or time offset to determine the current standard time should 17:00.
  • the time modification information recorded by the time security module will be tired. It may cause accumulation of errors and affect the accuracy of time. Moreover, once the time modification information maintained by the secure time module is lost, there is no effective means to recover. In addition, some terminal devices suddenly lose power, and after restarting, the time will automatically change to an initial time. For example, from 2005-9-28 to 2000-01-01. At this time, the change of time is that the system time changes after the power failure, and the time security module cannot record the time change amount, which causes the standard time calculated by the safety time module to be no longer accurate. Summary of the invention
  • the technical problem to be solved by the embodiments of the present invention is to propose a method and system for maintaining digital rights management time synchronization, and does not rely on the terminal device to initiate a ROAP protocol to the authorization center, so that the copyright object information of the DRM content can be managed and protected more effectively.
  • Embodiments of the present invention provide a method for maintaining digital rights management time synchronization, including the following steps:
  • the time synchronization reference device sends a synchronization time to the terminal device according to the time synchronization request
  • an embodiment of the present invention provides a terminal device, including a synchronization request unit, a receiving unit, and a controller, where
  • the synchronization requesting unit is configured to send a time synchronization request to the time synchronization reference device;
  • the receiving unit is configured to receive a synchronization time from the time synchronization reference device, and send the synchronization time to the controller;
  • the controller is configured to control the synchronization requesting unit to generate a time synchronization request when the terminal device is powered on; and correct the security time information on the terminal device according to the synchronization time received by the receiving unit.
  • the embodiment of the present invention further provides a system for maintaining digital rights management time synchronization, including a terminal device and a time synchronization reference device, where
  • the terminal device is configured to initiate a time synchronization request to the time synchronization reference device, and correct the security time information on the terminal device according to the synchronization time from the time synchronization reference device;
  • the time synchronization reference device sends a synchronization to the terminal device according to the time synchronization request Time
  • the method and system for maintaining digital rights management time synchronization can significantly reduce the loss or tampering of the terminal security time by performing time synchronization between the terminal device and the time synchronization reference device at the time of power-on, and correcting the security time information of the terminal.
  • the time synchronization problem when the terminal device does not initiate the ROAP protocol in OMA DRM2.0 can be effectively solved; the cumulative error problem in the maintenance security time offset is solved.
  • a good solution for the more effective implementation of copyright information control in digital copyright protection technology is proposed.
  • the method and system provided by the embodiments of the present invention can implement a secure clock through software without adding any hardware in the terminal device, and thus the cost is low.
  • FIG. 1 is a schematic diagram of a registration process of a copyright object acquisition protocol ROAP 4-pass in the prior art
  • FIG. 2 is a schematic diagram of a copyright acquisition process of a copyright object acquisition protocol ROAP 2-pass in the prior art
  • FIG. 3 is a schematic diagram of a first embodiment of the present invention. Schematic diagram of a time synchronization process between a terminal device of a hardware clock and a base station;
  • FIG. 4 is a schematic diagram of a time synchronization process performed between a terminal device without a hardware clock and a base station in a second embodiment of the present invention; a schematic diagram of a time synchronization process;
  • FIG. 6 is a schematic diagram of a time synchronization process between a terminal device without a hardware clock and a time synchronization server in a fourth embodiment of the present invention; a schematic diagram of a time synchronization process between the devices;
  • FIG. 8 is a schematic diagram showing how a secure time is used when a terminal device having a hardware clock in a seventh embodiment of the present invention uses copyright;
  • FIG. 9 is a schematic diagram showing how a secure time is used when a terminal device without a hardware clock in the eighth embodiment of the present invention uses copyright.
  • FIG. 10 is a schematic structural diagram of a terminal device in a first embodiment of the present invention.
  • FIG. 11 is a schematic structural diagram of a terminal device in a second embodiment of the present invention.
  • FIG. 12 is a schematic structural diagram of a terminal device according to Embodiment 3 of the present invention
  • FIG. 13 is a schematic structural diagram of a terminal device according to Embodiment 4 of the present invention
  • FIG. 12 is a schematic structural diagram of a terminal device according to Embodiment 3 of the present invention
  • FIG. 13 is a schematic structural diagram of a terminal device according to Embodiment 4 of the present invention
  • FIG. 12 is a schematic structural diagram of a terminal device according to Embodiment 3 of the present invention
  • FIG. 13 is a schematic structural diagram of a terminal device according to Embodiment 4 of the present invention
  • Figure 14 is a block diagram showing the structure of a system for maintaining digital rights management time synchronization in the first embodiment of the present invention
  • Figure 15 is a block diagram showing the structure of a system for maintaining digital rights management time synchronization in the second embodiment of the present invention.
  • Figure 16 is a block diagram showing the structure of a system for maintaining digital rights management time synchronization in the third embodiment of the present invention.
  • Embodiments of the present invention are based on implementing a synchronization process with a time synchronization reference unit when the terminal device is powered on.
  • the synchronization refers to time synchronization between the secure time unit of the digital rights use terminal device and the time synchronization reference device of the authorization center
  • the premise is:
  • a secure time unit is established on the terminal device, wherein the secure time unit in the terminal device has two types, one uses a hardware clock, and the other uses software time information, and the software time information includes a standard time or/and a time offset.
  • the terminal device includes a mobile terminal and a network terminal, and the mobile terminal may be a mobile phone or the like, and the network terminal may be a PC or the like.
  • the time synchronization reference unit corresponding to the mobile terminal may be a time synchronization base station or a time synchronization server.
  • the time synchronization reference unit corresponding to the network terminal is a time synchronization server.
  • There are various methods for establishing a secure time unit for example, the method of the secure time module proposed in the aforementioned patent US 2005Q177513 may be employed, or the method of adding a hardware clock may be implemented by maintaining the user's time information or other possible methods. .
  • the terminal device On the basis of establishing a secure time unit of the terminal device, in order to maintain the time synchronization of the terminal device and the time synchronization reference device, it is necessary to specify that the terminal is set to be powered on, that is, the time synchronization program is started, in other words, between the terminal device and the time synchronization reference device.
  • the synchronization process is activated or invoked by the terminal device when it is powered on or powered on.
  • the power-on initialization process of the terminal device using the method of the present invention includes or embeds a process for time synchronization with the time synchronization reference device.
  • the result of the synchronization is that a standard time provided by the time synchronization reference device or a time offset reflecting the standard time is obtained.
  • the terminal device receives the standard time or reflects the time offset of the standard time
  • each time synchronization is based on The standard time is used to update the time modification information; for the hardware clock, the time of the hardware clock is adjusted every time synchronization.
  • the method and system for maintaining digital rights management time synchronization can significantly reduce the loss or tampering of the terminal security time by performing time synchronization between the terminal device and the time synchronization reference device at the time of power-on, and correcting the security time information of the terminal.
  • the time synchronization problem when the terminal device does not initiate the ROAP protocol in OMA DRM2.0 can be effectively solved; the cumulative error problem in the maintenance security time offset is solved.
  • a good solution for the more effective implementation of copyright information control in digital copyright protection technology is proposed.
  • the method and system provided by the embodiments of the present invention can implement a secure clock through software without adding any hardware in the terminal device, and thus the cost is low.
  • the method of the embodiment of the present invention includes at least three steps of providing a secure time unit, starting, synchronizing, and adjusting the secure time unit according to the time synchronization result. That is, the terminal device first needs to maintain a safe time through the security unit. The terminal device performs time synchronization operation each time the terminal device is powered on. The security time is updated and maintained in the following ways:
  • the terminal device finds that the security time is lost. For example, if the time modification amount is lost, the time synchronization operation is initiated to the time synchronization server. The terminal device updates the standard time based on the latest synchronization time and reinitializes the time offset or adjusts the secure hardware clock.
  • Embodiments of the present invention cover both aspects of the time synchronization process and the use of copyright for secure time.
  • the time synchronization includes two terminal devices having a hardware clock and a hardware-free clock; and a mobile terminal or a network terminal corresponding to any clock with or without time, respectively performing time synchronization processing with two secure time reference devices of the base station and the time synchronization server Process.
  • FIG. 3 shows a first embodiment for explaining a time synchronization process between a terminal device having a hardware clock and a base station as a secure time reference device, wherein the terminal device is provided with a hardware clock 34, the hardware clock pair device The user cannot modify it.
  • the terminal device is provided with a secure time unit for recording the standard time or/and time offset of the device, and the terminal device including the secure time unit synchronizes with the time reference device at the time of power on. Time synchronization is performed as follows:
  • the time synchronization process with the time synchronization base station is started immediately after the power is turned on (arrow 1 is shown).
  • the connection with the time synchronization base station is established according to the protocol, and the standard time provided by the time synchronization base station is read.
  • the terminal device initiates the correction of the safety time information in the safety time unit according to the time synchronization result, that is, the current standard time, that is, the safety time unit safety time information is corrected (indicated by arrow 2).
  • This correction actually modifies the standard time that the hardware clock representing the secure time information in the secure clock unit in the terminal device provides the base station.
  • the terminal device without the hardware clock immediately starts the time synchronization process with the base station (shown by arrow 1) after being turned on, and after obtaining the standard time with the base station, according to At this standard time, the terminal device initiates a correction to the safety time unit clock information (arrow 2). This correction actually modifies the time offset in the terminal security time unit.
  • the terminal device with the hardware clock is powered on, and the time synchronization process with the time synchronization server is started immediately after power-on (shown by arrow 1), and the time synchronization process is from the time synchronization server.
  • the terminal device initiates the correction of the hardware clock information in its secure time unit (indicated by arrow 2). This correction actually modifies the current time of the hardware clock in the secure clock unit of the terminal device to the standard time provided by the base station.
  • the terminal device without the hardware clock is powered on, and the time synchronization process with the time synchronization server is started immediately after the power-on (shown by arrow 1), and the time synchronization process is synchronized from time.
  • the terminal device After the server obtains the standard time, the terminal device initiates the correction of its security time unit clock information (indicated by arrow 2). The correction actually modifies the time offset of the terminal device security clock unit based on the standard time from the time synchronization server.
  • the terminal device finds that the maintained security time information is lost, and initiates a time synchronization request to the time synchronization server (indicated by arrow 1).
  • the terminal can check whether the time offset file or data exists, whether the security clock is initialized, etc. To determine if the safe time is lost.
  • the terminal corrects its secure clock unit (shown by arrow 2), that is, after the synchronization is completed, the correction actually modifies the time offset of the device time security module.
  • the technical solution of the embodiment is used to monitor the security time information of the maintenance. When the security time information is lost or incorrect, the time synchronization request is initiated, and the security time of the terminal is destroyed, such as power failure, data loss, etc. After that, it is difficult to re-establish the issue of a secure time base.
  • a sixth embodiment of the method of the present invention is used to describe how the terminal device acquires time synchronization. The following steps are given to obtain time synchronization:
  • the time synchronization server responds to the protocol message, and sends the message with the accurate time to the device that initiates the time synchronization in a secure transmission manner;
  • Customized time Synchronization messages require secure transmission, such as SSL transmission, to prevent tombs during transit.
  • the time information sent by the time synchronization server generally includes a network transmission and processing delay during time synchronization. This delay time can be determined statistically after multiple tests according to the network conditions.
  • the delay time is "a predetermined period of time" is a constant value.
  • the delay is 5ms from 14:00 to 17:00 in the afternoon. In 19:00 ⁇ 21:00, the delay time of this time period is 10ms. Then the server sends the value to the device during the synchronization time or the device stores and maintains the value. After receiving the time information, the device needs to This delay time adjusts the time to a relatively accurate time for reuse.
  • the device confirms that the current security time needs to be updated, adjusts the local security clock or updates the time offset information. After the time synchronization and local security time are correctly updated, the terminal device can use the digital content correctly and effectively according to the copyright information.
  • a seventh embodiment of the method of the present invention is discussed below in conjunction with FIG.
  • the time of the secure clock is first obtained, as in block 802, prior to the use of the digital content, and at block 803, the time-dependent control in the copyright is calculated and maintained based on the secure time in the process of using the digital content. information. For example, it is judged whether the copyright validity period has expired, whether the copyright usage period has been used up, and the like.
  • the user's usage time information of the content is updated and maintained in the copyright.
  • the use of the content if the copyright is found to have expired, the use of the content is terminated. Or the user actively stops using the content. Until the end of the digital content usage or the copyright has expired, the process ends at block 804.
  • the eighth embodiment of the method of the present invention is discussed below in conjunction with FIG.
  • the time offset of the secure time module is first determined as in block 902; in the next block 903, the current standard time is calculated based on the time offset; in subsequent block 904 , means that in the process of using digital content, the time-related control information in the copyright is calculated and maintained according to the safe time.
  • the standard time for time-related copyright, for example, the validity period is valid from 2005-01-01 12:00 to 2005-01-02 13:00, it is judged according to the current standard time whether the validity period has expired or not yet Period to determine if it is available.
  • This patent mainly provides a safe standard time to the DRM equipment, and how to use the standard time for copyright maintenance is no longer discussed. For example, it is judged whether the copyright validity period has expired, whether the copyright usage period has been used up, and the like. At the same time, the user's usage time information of the content is updated and maintained in the copyright; in addition, in the process of using the content, if the copyright is found to have expired, the content is terminated. Or the user actively stops using the content, as in box 905.
  • an embodiment of the present invention provides a terminal device, including a synchronization request unit.
  • a secure time unit 11 for storing safety time information is set, the controller 14 calls the safety time information in the safety time unit 11, and the safety time information is corrected according to the synchronization time, and will be corrected.
  • the secure time information is sent to the secure time unit 11.
  • a comparator 15 is also included for comparing the synchronization time from the time synchronization reference device And the standard time in the safety time information, if the error of the two exceeds the allowable range, the correction control signal is sent to the controller 14, and the controller 14 corrects the safety time based on the correction control signal.
  • the detector 16 is further set to detect whether the security time information in the security time unit 11 is Loss or error, and send the detection result to the controller 14; after receiving the detection result of the lost or incorrect safety time information, the controller 14 controls the synchronization request unit 12 to generate a new time synchronization request.
  • an embodiment of the present invention further provides a system for maintaining digital rights management time synchronization, including a terminal device 1 and a time synchronization reference device 2, wherein when the terminal device 1 is powered on, a time synchronization request is initiated to the time synchronization reference device 2. And correcting the secure time information on the terminal device 1 according to the synchronization time from the time synchronization reference device 2; the time synchronization reference device 2 transmits the synchronization time to the terminal device 1 according to the time synchronization request from the terminal device 1.
  • the terminal device 1 is the same as the aforementioned terminal device, and details are not described herein again.
  • the time synchronization reference device 2 includes a response unit 21 and a standard unit 22, wherein the _ response unit 21 generates a response message to the standard unit 22 based on the time synchronization request from the synchronization request unit 12; the standard unit 22 is based on the response unit The response message of 22 acquires the synchronization time and sends it to the receiving unit 13.
  • the terminal device 1 includes a mobile terminal and a network terminal, and the mobile terminal can be a mobile phone or the like.
  • the network terminal can be a PC or the like.
  • the time synchronization reference unit 2 corresponding to the mobile terminal can be a time synchronization base station or a time synchronization server.
  • the time synchronization reference unit 2 corresponding to the network terminal is a time synchronization server.
  • the decoder 15 is further disposed in the terminal device 1, and the encoder 23 is further provided in the time synchronization reference device 2, and the encoder 23 is set at the synchronization time acquired by the standard unit 22.
  • the SSL or digital digest, digital signature the synchronization time of the security protection is sent to the decoder 15; the decoder 15 obtains the synchronization time from the synchronization time of the security protection, and then sends it to the receiving unit 13.

Abstract

A method and system for keeping Digital Rights Management time synchronization are provided. The method comprises: sending time synchronization request to a time synchronization reference device when a terminal device is powering-on; the time synchronization reference device sends synchronization time to the terminal device according to the time synchronization request; adjusting a secure time of the terminal device according to the received synchronization time. By the method and system, it is effectively resolved that time synchronization and accumulated error of maintaining secure time offset in OMA DRM2.0 when the device does not issue ROAP protocol. The invention implements secure clock by software without adding any hardware, so as to reduce the cost.

Description

保持数字版权管理时间同歩的方法和系统  Method and system for maintaining digital rights management time
本申请要求于 2006 年 4 月 18 日提交中国专利局、 申请号为 200610060427.6、 发明名称为 "保持数字版权管理时间同步的方法和系统,,的中 国专利申请的优先权, 其全部内容通过引用结合在本申请中。  This application claims priority to Chinese Patent Application No. 200610060427.6, entitled "Method and System for Maintaining Digital Rights Management Time Synchronization," filed on April 18, 2006, the entire contents of which are incorporated by reference. In this application.
技术领域 Technical field
本发明涉及开放移动联盟数字版权管理技术, 更具体地说, 涉及一种在开 放移动联盟数字版权管理系统( Open Mobile Alliance Digital Rights  The present invention relates to Open Mobile Alliance digital rights management technology, and more particularly to an Open Mobile Alliance Digital Rights Management System (Open Mobile Alliance Digital Rights)
Management System以下筒称 OMA DRM 系统)中为数字版权管理提供一种保 持时间同步的方法和系统。 The Management System (hereinafter referred to as the OMA DRM system) provides a method and system for digital rights management to maintain time synchronization.
背景技术 Background technique
近来, 诸如 OMA DRM系统的版权保护技术发展迅速, 并逐渐得到广泛认 可。 版权保护技术主要用于对包括音乐、 视频、 图像、 图书、 计算机软件等在 内 ^数字内容的保护上, 主要通过对数字内容的使用、 拷贝等权限进行限制, 来实现对数字内容的保护。  Recently, copyright protection technologies such as the OMA DRM system have developed rapidly and are increasingly recognized. Copyright protection technology is mainly used to protect digital content including music, video, images, books, computer software, etc., mainly by restricting the use of digital content, copying, etc., to protect digital content.
在 OMA DRM2.0技术中, _通过在版权对象( Rights Object ) 中设定的控制 参数对版权对象的数字内容的使用进行控制。 例如, 通过版权对象中的次数 (count)限制来控制对数字内容的使用次数; 通过版权对象中的有效期限  In the OMA DRM 2.0 technology, _ controls the use of the digital content of the copyright object by the control parameters set in the Rights Object. For example, controlling the number of uses of digital content by the limit of counts in the rights object; by the expiration date in the copyright object
(datetime)的限制来实现对数字内容的使用期限进行限制; 通过累计时长 (datetime) restrictions to limit the use of digital content;
(accumulated)来对数字内容的使用累计时间长度进行限制等。 而版权对象是 OMA DRM技术中版权控制的一个重要部分。 在上述 OMA DRM2.0的技术规 范中,对于终端设备的证书有效期、版权对象中的与时间有关限制参数等内容, 需要由终端去维护一个安全时间,如果安全时间丟失,在终端与服务器之间进 行 RO AP ( Rights Obj ect Acquisition Protocol的缩写, 版权对象获取协议 )协 议交互时, 通过 OCSP ( Online Certificate Status Protocol的缩写, 在线证书状 态协议)协议进行时间同步操作,使得终端与 OCSP Responsder在时间上同步。 图 1给出了 ROAP协议的 4-pass注册流程图。 如图 1所示, 终端设备向授权中心 发出招呼(步驟 101 ) , 授权中心收到招呼后, 向终端设备打招呼回应 (步骤 102 ) , 终端设备向授权中心发起注册请求 (步骤 103 ) 时, 授权中心 (Rights Issuer )会检查终端设备带上来的设备安全时间是否正确, 如果不正确, 则由 授权中心向 OCSP响应者 (responder)发起 OCSP请求 (步骤 104 ) , 由 OCSP响应 者 (responder)将 OCSP响应 ( OCSP Response )发给授权中心 (步骤 105 ) , 再 由授权中心下发注册响应给终端设备(步骤 1Q6 ) 。 其中, OCSP 响应中携带 丁标准时间, 终端设备根据 OCSP 响应中的标准时间进行时间同步操作。 (accumulated) to limit the cumulative time length of use of digital content. The copyright object is an important part of copyright control in OMA DRM technology. In the above technical specification of OMA DRM2.0, it is necessary for the terminal to maintain a secure time for the validity period of the certificate of the terminal device, the time-related restriction parameter in the copyright object, and if the security time is lost, between the terminal and the server. When the RO AP (abbreviation of Rights Obj ect Acquisition Protocol, Protocol Object Acquisition Protocol) protocol is exchanged, the time synchronization operation is performed by the OCSP (abbreviation of Online Certificate Status Protocol), so that the terminal and the OCSP Responsder are in time. Synchronize. Figure 1 shows the 4-pass registration flow chart for the ROAP protocol. As shown in FIG. 1, the terminal device sends a greeting to the authorization center (step 101). After the authorization center receives the call, the authorization center sends a greeting response to the terminal device (step 102), and when the terminal device initiates a registration request to the authorization center (step 103), the authorization is authorized. The Rights Issuer will check if the safety time of the equipment brought by the terminal equipment is correct. If it is not correct, then The authorization center sends an OCSP request to the OCSP responder (step 104), and the OCSP responder sends an OCSP response (OCSP Response) to the authorization center (step 105), and the authorization center sends a registration response to the terminal. Equipment (step 1Q6). The OCSP response carries the standard time, and the terminal device performs the time synchronization operation according to the standard time in the OCSP response.
ROAP协议的 2-pass版权获取流程如图 2所示。 终端设备在向授权中心发出 的 RO请求(RO Request ) (步驟 201 ) 中同样带上了设备的安全时间。 授权中 心同样会对该安全时间是否正确进行判断(步骤 202 ) , 如果判断出该安全时 间不正确, 向 OCSP 响应者发出 OCSP请求 (步骤 203 ) ,收到 OCSP响应 (步 骤 204 )后则下发 OCSP 响应给终端设备(步骤 205 )。 终端设备根据 OCSP 响 应中的标准时间进行同步。  The 2-pass copyright acquisition process of the ROAP protocol is shown in Figure 2. The terminal device also carries the device security time in the RO request (RO 201) sent to the authorization center (step 201). The authorization center also judges whether the security time is correct (step 202). If it is determined that the security time is incorrect, an OCSP request is sent to the OCSP responder (step 203), and the OCSP response is received (step 204). The OCSP responds to the terminal device (step 205). The terminal device synchronizes according to the standard time in the OCSP response.
上述 OMA DRM2.Q中 2-PASS和 4- PASS中涉及的时间同步方案存在一个共 同问题, 就是时间同步只在终端设备向 Rights Issuer发起 ROAP协议时才会进 行。 这就留下了一个隐患。 比如, 用户可以在获取一些版权对象后, 不再发 起 ROAP协议, 通过让设备掉电或其他可能的措施使得设备安全时间发生了变 化。 此时, 在使用数字内容时, 用户可以随意 ^改时间来达到重复使用版权对 象的目的, 版权对象对数字内容的使用权限控制上就会存在问题。  A common problem with the time synchronization schemes involved in 2-PASS and 4-PASS in OMA DRM2.Q above is that time synchronization is only performed when the terminal device initiates a ROAP protocol to the Rights Issuer. This leaves a hidden danger. For example, after obtaining some copyright objects, the user can no longer initiate the ROAP protocol, and the device security time changes by letting the device power down or other possible measures. At this time, when using digital content, the user can change the time to achieve the purpose of reusing the copyright object, and the copyright object has problems in controlling the use of the digital content.
在 Kim Tae- sung提出的名称为"用于内容版权保护的数字权利管理方法和 系统,, ( "Digital rights management method and system for content copyright protection" )的美国专利 US 20050177513 中,提到了由一个时间安全模块( time secure module )来记录用户的对终端设备的时间修改信息或时间偏移量。 当用 户使用数字内容时,可以根据终端设备的当前时间和时间安全模块记录的时间 偏移量来计算出一个标准时间,从而保证数字内容的版权控制信息被有效地执 行, 而不受用户随意 改时间的影响。 例如, 当前标准时间为 13:00, 用户当 前时间也是 13:00, 用户此时将时间修改为 11:00, 提前了两个小时, 则时间安 全模块就会将这个时间改变量(2小时)记录下来。当终端设备时间显示为 15:00 时,就可以根据时间安全模块记录的时间修改信息或时间偏移量来确定当前的 标准时间应该为 17:00。  In U.S. Patent No. 20050177513, entitled "Digital rights management method and system for content copyright protection", proposed by Kim Tae-sung, is referred to by a time. A time secure module is used to record the time modification information or time offset of the user to the terminal device. When the user uses the digital content, the time offset of the security device may be calculated according to the current time and time of the terminal device. A standard time is issued to ensure that the copyright control information of the digital content is effectively executed without being affected by the user's free time. For example, the current standard time is 13:00, and the current time of the user is also 13:00, and the user will The time is changed to 11:00, and two hours in advance, the time security module will record this time change amount (2 hours). When the terminal device time is displayed as 15:00, it can be recorded according to the time security module. Time modification information or time offset to determine the current standard time should 17:00.
采用上述方案, 需要在初始时确定一个标准时间与设备时间之间的差异 量, 以后当用户修改时间时, 时间安全模块记录的时间修改信息就会累.加, 从 而可能造成误差积累,影响时间的准确性。 而且一旦这个安全时间模块维护的 时间修改信息丢失, 则没有有效的手段来重新恢复。 另外, 某些终端设备在突 然掉电, 经重启后, 时间会自动变为一个初始时间。 例如, 从 2005-9-28变为 了 2000-01-01。 这时, 时间的改变是在掉电后系统时间改变的, 时间安全模块 不能记录该时间变化量, 就会造成安全时间模块计算出的标准时间不再准确。 发明内容 With the above scheme, it is necessary to determine the difference between a standard time and the equipment time at the initial time, and when the user modifies the time, the time modification information recorded by the time security module will be tired. It may cause accumulation of errors and affect the accuracy of time. Moreover, once the time modification information maintained by the secure time module is lost, there is no effective means to recover. In addition, some terminal devices suddenly lose power, and after restarting, the time will automatically change to an initial time. For example, from 2005-9-28 to 2000-01-01. At this time, the change of time is that the system time changes after the power failure, and the time security module cannot record the time change amount, which causes the standard time calculated by the safety time module to be no longer accurate. Summary of the invention
本发明实施例要解决的技术问题在于提出保持数字版权管理时间同步的 方法和系统, 不依赖于终端设备向授权中心发起 ROAP协议, 从而可以更加有 效地管理和保护 DRM内容的版权对象信息。  The technical problem to be solved by the embodiments of the present invention is to propose a method and system for maintaining digital rights management time synchronization, and does not rely on the terminal device to initiate a ROAP protocol to the authorization center, so that the copyright object information of the DRM content can be managed and protected more effectively.
本发明实施例提出一种保持数字版权管理时间同步的方法, 包括以下步 骤:  Embodiments of the present invention provide a method for maintaining digital rights management time synchronization, including the following steps:
终端设备开机时, 向时间同步基准设备发起时间同步请求;  When the terminal device is powered on, initiate a time synchronization request to the time synchronization reference device;
所述时间同步基准设备根据所述时间同步请求,向所述终端设备发送同步 时间;  The time synchronization reference device sends a synchronization time to the terminal device according to the time synchronization request;
根据接收到的所述同步时间, 修正所述终端设备上的安全时间信息。 相应的, 本发明实施例提出一种终端设备, 包括同步请求单元、接收单元 和控制器, 其中  The security time information on the terminal device is corrected according to the received synchronization time. Correspondingly, an embodiment of the present invention provides a terminal device, including a synchronization request unit, a receiving unit, and a controller, where
所述同步请求单元用于向时间同步基准设备发送时间同步请求; 所述接收单元用于接收来自所述时间同步基准设备的同步时间,并发送给 所述控制器;  The synchronization requesting unit is configured to send a time synchronization request to the time synchronization reference device; the receiving unit is configured to receive a synchronization time from the time synchronization reference device, and send the synchronization time to the controller;
所述控制器用于当终端设备开机时,控制所述同步请求单元生成时间同步 请求; 并根据所述接收单元接收的所述同步时间,修正终端设备上的安全时间 信息。  The controller is configured to control the synchronization requesting unit to generate a time synchronization request when the terminal device is powered on; and correct the security time information on the terminal device according to the synchronization time received by the receiving unit.
本发明实施例还提出一种保持数字版权管理时间同步的系统,包括终端设 备和时间同步基准设备, 其中,  The embodiment of the present invention further provides a system for maintaining digital rights management time synchronization, including a terminal device and a time synchronization reference device, where
所述终端设备用于开机时, 向所述时间同步基准设备发起时间同步请求, 并根据来自所述时间同步基准设备的同步时间 ,修正所述终端设备上的安全时 间信息;  And the terminal device is configured to initiate a time synchronization request to the time synchronization reference device, and correct the security time information on the terminal device according to the synchronization time from the time synchronization reference device;
所述时间同步基准设备根据所述时间同步请求,向所述终端设备发送同步 时间 The time synchronization reference device sends a synchronization to the terminal device according to the time synchronization request Time
实施本发明实施例的保持数字版权管理时间同步的方法和系统,通过终端 设备在开机时与时间同步基准设备进行时间同步,同时修正终端的安全时间信 息, 可以大大减少终端安全时间丢失或被篡改的情况。 例如, 可以有效地解决 OMA DRM2.0中当终端设备不发起 ROAP协议时的时间同步问题; 解决了维 护安全时间偏移量中的累计误差问题。为数字版权保护技术中更加有效的实现 版权信息的控制作用提出了一个很好的方案。 同时, 本发明实施例提供的方法 和系统可以在终端设备中不增加任何硬件,通过软件实现安全时钟, 因此成本 较低。  The method and system for maintaining digital rights management time synchronization according to an embodiment of the present invention can significantly reduce the loss or tampering of the terminal security time by performing time synchronization between the terminal device and the time synchronization reference device at the time of power-on, and correcting the security time information of the terminal. Case. For example, the time synchronization problem when the terminal device does not initiate the ROAP protocol in OMA DRM2.0 can be effectively solved; the cumulative error problem in the maintenance security time offset is solved. A good solution for the more effective implementation of copyright information control in digital copyright protection technology is proposed. In the meantime, the method and system provided by the embodiments of the present invention can implement a secure clock through software without adding any hardware in the terminal device, and thus the cost is low.
附图说明 DRAWINGS
图 1是现有技术中版权对象获取协议 ROAP 4- pass注册流程示意图; 图 2是现有技术中版权对象获取协议 ROAP 2-pass版权获取流程示意图; 图 3是本发明第一实施例中具有硬件时钟的终端设备与基站之间进行时间 同步过程的示意图;  1 is a schematic diagram of a registration process of a copyright object acquisition protocol ROAP 4-pass in the prior art; FIG. 2 is a schematic diagram of a copyright acquisition process of a copyright object acquisition protocol ROAP 2-pass in the prior art; FIG. 3 is a schematic diagram of a first embodiment of the present invention; Schematic diagram of a time synchronization process between a terminal device of a hardware clock and a base station;
图 4是本发明第二实施例中无硬件时钟的终端设备与基站之间进行的时间 同步过程的示意图; 的时间同步过程的示意图;  4 is a schematic diagram of a time synchronization process performed between a terminal device without a hardware clock and a base station in a second embodiment of the present invention; a schematic diagram of a time synchronization process;
图 6是本发明第四实施例中无硬件时钟的终端设备与时间同步服务器之间 的时间同步过程的示意图; 器之间的时间同步过程的示意图;  6 is a schematic diagram of a time synchronization process between a terminal device without a hardware clock and a time synchronization server in a fourth embodiment of the present invention; a schematic diagram of a time synchronization process between the devices;
图 8是本发明第七实施例中有硬件时钟的终端设备在使用版权时如何使用 安全时间的示意图;  FIG. 8 is a schematic diagram showing how a secure time is used when a terminal device having a hardware clock in a seventh embodiment of the present invention uses copyright;
图 9是本发明第八实施例中无硬件时钟的终端设备在使用版权时如何使 用安全时间的示意图  FIG. 9 is a schematic diagram showing how a secure time is used when a terminal device without a hardware clock in the eighth embodiment of the present invention uses copyright.
图 10是本发明第一实施例中的终端设备的结构示意图;  FIG. 10 is a schematic structural diagram of a terminal device in a first embodiment of the present invention; FIG.
图 11是本发明第二实施例中的终端设备的结构示意图;  11 is a schematic structural diagram of a terminal device in a second embodiment of the present invention;
图 12是本发明实施例三中的终端设备的结构示意图; 图 13是本发明实施例四中的终端设备的结构示意图; FIG. 12 is a schematic structural diagram of a terminal device according to Embodiment 3 of the present invention; FIG. FIG. 13 is a schematic structural diagram of a terminal device according to Embodiment 4 of the present invention; FIG.
图 14是本发明实施例一中的保持数字版权管理时间同步的系统的结构示 意图;  Figure 14 is a block diagram showing the structure of a system for maintaining digital rights management time synchronization in the first embodiment of the present invention;
图 15是本发明实施例二中的保持数字版权管理时间同步的系统的结构示 意图;  Figure 15 is a block diagram showing the structure of a system for maintaining digital rights management time synchronization in the second embodiment of the present invention;
图 16是本发明实施例三中的保持数字版权管理时间同步的系统的结构示 意图。  Figure 16 is a block diagram showing the structure of a system for maintaining digital rights management time synchronization in the third embodiment of the present invention.
具体实施方式  detailed description
本发明实施例基于在终端设备上电时启动与时间同步基准单元的同步过 程实现。  Embodiments of the present invention are based on implementing a synchronization process with a time synchronization reference unit when the terminal device is powered on.
在本发明实施例提供的保持数字版权管理时间同步方法中,同步是指在数 字版权使用终端设备的安全时间单元与授权中心的时间同步基准设备之间进 行的时间同步, 其前提是, 首先要在终端设备上建立安全时间单元, 其中终端 设备中的安全时间单元有两类,一类使用硬件时钟,另一类使用软件时间信息, 所述软件时间信息 ^括标准时间或 /和时间偏移量; 终端设备包括移动终端和 网络终端, 所述移动终端可以为手机等, 网络终端可以为 PC机等, 相对应的, 与移动终端对应的时间同步基准单元可以为时间同步基站或时间同步服务器, 与网络终端对应的时间同步基准单元为时间同步服务器。建立安全时间单元有 多种方法,例如, 可以采用前述专利 US 2005Q177513中提出的安全时间模块的 方法,也可以通过增加硬件时钟的方法,通过维护用户 ^i 改时间信息来实现或 者其他可能的方法。  In the method for maintaining digital rights management time synchronization provided by the embodiment of the present invention, the synchronization refers to time synchronization between the secure time unit of the digital rights use terminal device and the time synchronization reference device of the authorization center, the premise is: A secure time unit is established on the terminal device, wherein the secure time unit in the terminal device has two types, one uses a hardware clock, and the other uses software time information, and the software time information includes a standard time or/and a time offset. The terminal device includes a mobile terminal and a network terminal, and the mobile terminal may be a mobile phone or the like, and the network terminal may be a PC or the like. Correspondingly, the time synchronization reference unit corresponding to the mobile terminal may be a time synchronization base station or a time synchronization server. The time synchronization reference unit corresponding to the network terminal is a time synchronization server. There are various methods for establishing a secure time unit. For example, the method of the secure time module proposed in the aforementioned patent US 2005Q177513 may be employed, or the method of adding a hardware clock may be implemented by maintaining the user's time information or other possible methods. .
在终端设备建立安全时间单元基础上,为了维护终端设备与时间同步基准 设备的时间同步, 需要规定终端设^^次开机, 即要启动时间同步程序, 换言 之,终端设备与时间同步基准设备之间的同步过程是由终端设备上电或开机信 —号激活、调用的。 另一方面看, 使用本发明方法的终端设备的上电初始化过程 就包含或嵌入了一个与时间同步基准设备进行时间同步的进程。  On the basis of establishing a secure time unit of the terminal device, in order to maintain the time synchronization of the terminal device and the time synchronization reference device, it is necessary to specify that the terminal is set to be powered on, that is, the time synchronization program is started, in other words, between the terminal device and the time synchronization reference device. The synchronization process is activated or invoked by the terminal device when it is powered on or powered on. On the other hand, the power-on initialization process of the terminal device using the method of the present invention includes or embeds a process for time synchronization with the time synchronization reference device.
同步的结果是获得了一个由时间同步基准设备提供的标准时间或反映标 准时间的时间偏移量。 终端设备收到标准时间或反映标准时间的时间偏移量 后,对于使用时间修改信息来维护时间的终端设备讲,每次时间同步时就根据 标准时间来更新一下时间修改信息; 对于硬件时钟, 则每次时间同步时调整该 硬件时钟的时间。 The result of the synchronization is that a standard time provided by the time synchronization reference device or a time offset reflecting the standard time is obtained. After the terminal device receives the standard time or reflects the time offset of the standard time, for the terminal device that uses the time modification information to maintain the time, each time synchronization is based on The standard time is used to update the time modification information; for the hardware clock, the time of the hardware clock is adjusted every time synchronization.
实施本发明实施例的保持数字版权管理时间同步的方法和系统,通过终端 设备在开机时与时间同步基准设备进行时间同步,同时修正终端的安全时间信 息, 可以大大減少终端安全时间丢失或被篡改的情况。 例如, 可以有效地解决 OMA DRM2.0中当终端设备不发起 ROAP协议时的时间同步问题; 解决了维 护安全时间偏移量中的累计误差问题。为数字版权保护技术中更加有效的实现 版权信息的控制作用提出了一个很好的方案。 同时,本发明实施例提供的方法 和系统可以在终端设备中不增加任何硬件,通过软件实现安全时钟, 因此成本 较低。  The method and system for maintaining digital rights management time synchronization according to an embodiment of the present invention can significantly reduce the loss or tampering of the terminal security time by performing time synchronization between the terminal device and the time synchronization reference device at the time of power-on, and correcting the security time information of the terminal. Case. For example, the time synchronization problem when the terminal device does not initiate the ROAP protocol in OMA DRM2.0 can be effectively solved; the cumulative error problem in the maintenance security time offset is solved. A good solution for the more effective implementation of copyright information control in digital copyright protection technology is proposed. In the meantime, the method and system provided by the embodiments of the present invention can implement a secure clock through software without adding any hardware in the terminal device, and thus the cost is low.
本发明实施例的方法至少包括具备安全时间单元、终端设备开机即启动时 间同步以及根据时间同步结果调整安全时间单元这样三个环节。即先要终端设 备通过安全单元维护一个安全时间。在终端设备每次开机时, 终端设备进行时 间同步操作。 安全时间通过下面的方式进行更新和维护:  The method of the embodiment of the present invention includes at least three steps of providing a secure time unit, starting, synchronizing, and adjusting the secure time unit according to the time synchronization result. That is, the terminal device first needs to maintain a safe time through the security unit. The terminal device performs time synchronization operation each time the terminal device is powered on. The security time is updated and maintained in the following ways:
1 ) 终端设备开机后与基站进行同步时间。终端设备根据最新的同步时间 来更新标准时间并重新初始化时间偏移量或调整安全硬件时钟。  1) Synchronize time with the base station after the terminal device is powered on. The terminal device updates the standard time based on the latest synchronization time and reinitializes the time offset or adjusts the secure hardware clock.
2 ) 终端设备开机后与时间同步服务器之间进行同步。终端设备根据最新 的同步时间来更新标准时间并重新初始化时间偏移量或调整安全硬件时钟。在 这个时间同步方式中,终端设备与时间同步服务器之间的时间同步消息需要受 到安全保护, 防止恶意篡改。 安全保护措施可以采用 SSL或数字摘要、 签名等 措施来实现。 或者  2) Synchronize between the terminal device and the time synchronization server after booting. The terminal device updates the standard time based on the latest synchronization time and reinitializes the time offset or adjusts the secure hardware clock. In this time synchronization mode, time synchronization messages between the terminal device and the time synchronization server need to be secured to prevent malicious tampering. Security measures can be implemented using SSL or digital digests, signatures, and more. Or
3 ) 终端设备发现安全时间丢失, 例如时间修改量丟失, 则向时间同步服 务器发起时间同步操作。终端设备根据最新的同步时间来更新标准时间并重新 初始化时间偏移量或调整安全硬件时钟。  3) The terminal device finds that the security time is lost. For example, if the time modification amount is lost, the time synchronization operation is initiated to the time synchronization server. The terminal device updates the standard time based on the latest synchronization time and reinitializes the time offset or adjusts the secure hardware clock.
本发明的实施例涵盖时间同步过程和版权对安全时间的使用两个方面。其 中: 时间同步包括有硬件时钟和无硬件时钟的两种终端设备; 以及对应于任何 有无时钟的移动终端或网络终端,分别与基站和时间同步服务器两种安全时间 基准设备进行时间同步的处理流程。  Embodiments of the present invention cover both aspects of the time synchronization process and the use of copyright for secure time. Wherein: the time synchronization includes two terminal devices having a hardware clock and a hardware-free clock; and a mobile terminal or a network terminal corresponding to any clock with or without time, respectively performing time synchronization processing with two secure time reference devices of the base station and the time synchronization server Process.
下面结合流程图, 对本发明各个实施例作进一步说明。 图 3示出的第一实施例, 旨在说明有硬件时钟的终端设备与作为安全时间 基准设备的基站之间的时间同步过程, 其中, 终端设备上设有硬件时钟 34, 该 硬件时钟对设备用户而言是不能修改的, 同时,还为终端设备设有用于记录该 设备标准时间或 /和时间偏移量的安全时间单元, 由包含安全时间单元的终端 设备在开机时与时间同步基准设备进行时间同步, 其过程如下: The various embodiments of the present invention are further described below in conjunction with the flowcharts. FIG. 3 shows a first embodiment for explaining a time synchronization process between a terminal device having a hardware clock and a base station as a secure time reference device, wherein the terminal device is provided with a hardware clock 34, the hardware clock pair device The user cannot modify it. At the same time, the terminal device is provided with a secure time unit for recording the standard time or/and time offset of the device, and the terminal device including the secure time unit synchronizes with the time reference device at the time of power on. Time synchronization is performed as follows:
终端设备开机, 开机后立即启动与时间同步基站的时间同步过程 (箭头① 所示) , 在时间同步过程中, 按协议建立与时间同步基站的连接, 读取时间同 步基站提供的标准时间,在此基础上,终端设备根据时间同步结果即当前的标 准时间, 启动对安全时间单元中的安全时间信息的修正, 即对安全时间单元安 全时间信息进行修正 (箭头②所示)。 该修正实际上修改终端设备中安全时钟 单元里表示安全时间信息的硬件时钟为基站提供的标准时间。  When the terminal device is powered on, the time synchronization process with the time synchronization base station is started immediately after the power is turned on (arrow 1 is shown). During the time synchronization process, the connection with the time synchronization base station is established according to the protocol, and the standard time provided by the time synchronization base station is read. On the basis of this, the terminal device initiates the correction of the safety time information in the safety time unit according to the time synchronization result, that is, the current standard time, that is, the safety time unit safety time information is corrected (indicated by arrow 2). This correction actually modifies the standard time that the hardware clock representing the secure time information in the secure clock unit in the terminal device provides the base station.
在图 4示出的本发明方法的第二实施例中, 不带有硬件时钟的终端设备开 机后立即启动与基站的时间同步过程(箭头①所示), 获得与基站的标准时间 后, 按照该标准时间, 终端设备启动对安全时间单元时钟信息的修正(箭头② 所示) 。 该修正实际上修改终端设备安全时间单元中时间偏移量。  In the second embodiment of the method of the present invention shown in FIG. 4, the terminal device without the hardware clock immediately starts the time synchronization process with the base station (shown by arrow 1) after being turned on, and after obtaining the standard time with the base station, according to At this standard time, the terminal device initiates a correction to the safety time unit clock information (arrow 2). This correction actually modifies the time offset in the terminal security time unit.
在图 5示出的本发明方法的第三实施例中, 带硬件时钟的终端设备开机, 开机后立即启动与时间同步服务器的时间同步过程(箭头①所示), 时间同步 过程从时间同步服务器取得标准时间后,终端设备启动对其安全时间单元中硬 件时钟信息的修正(箭头②所示)。 该修正实际上修改终端设备安全时钟单元 里的硬件时钟的当前时间为基站提供的标准时间。  In the third embodiment of the method of the present invention shown in FIG. 5, the terminal device with the hardware clock is powered on, and the time synchronization process with the time synchronization server is started immediately after power-on (shown by arrow 1), and the time synchronization process is from the time synchronization server. After the standard time is obtained, the terminal device initiates the correction of the hardware clock information in its secure time unit (indicated by arrow 2). This correction actually modifies the current time of the hardware clock in the secure clock unit of the terminal device to the standard time provided by the base station.
在图 6示出的本发明方法的第四实施例中,不带硬件时钟的终端设备开机, 开机后立即启动与时间同步服务器的时间同步过程(箭头①所示), 时间同步 过程从时间同步服务器取得标准时间后,终端设备启动对其安全时间单元时钟 信息的修正 (箭头②所示)。 该修正实际上是根据来自时间同步服务器的标准 时间修改终端设备安全时钟单元的时间偏移量。  In the fourth embodiment of the method of the present invention shown in FIG. 6, the terminal device without the hardware clock is powered on, and the time synchronization process with the time synchronization server is started immediately after the power-on (shown by arrow 1), and the time synchronization process is synchronized from time. After the server obtains the standard time, the terminal device initiates the correction of its security time unit clock information (indicated by arrow 2). The correction actually modifies the time offset of the terminal device security clock unit based on the standard time from the time synchronization server.
图 7-图 9示出终端设备在完成时间同步后, 终端设备如何使用安全时间。 在图 7示出的实施本发明方法的第五实施例中, 终端设备发现所维护的安 全时间信息丢失, 向时间同步服务器发起时间同步请求(箭头①所示)。 终端 可以通过检查时间偏移量文件或数据是否存在、安全时钟是否被初始化等方法 来确定安全时间是否丟失。与时间同步服务器的同步过程结束后, 终端对其安 全时钟单元进行修正(箭头②所示), 即同步完成后, 该修正实际上修改设备 时间安全模块的时间偏移量。釆用本实施例的技术方案,对维护的安全时间信 息进行监测, 当安全时间信息丢失或有误时, 发起时间同步请求, 解决了终端 的安全时间被破坏后, 例如掉电、数据丢失等之后, 难以重新建立安全时间基 准的问题。 7-9 illustrate how the terminal device uses the secure time after the terminal device completes the time synchronization. In the fifth embodiment of the method of the present invention shown in Fig. 7, the terminal device finds that the maintained security time information is lost, and initiates a time synchronization request to the time synchronization server (indicated by arrow 1). The terminal can check whether the time offset file or data exists, whether the security clock is initialized, etc. To determine if the safe time is lost. After the synchronization process with the time synchronization server is over, the terminal corrects its secure clock unit (shown by arrow 2), that is, after the synchronization is completed, the correction actually modifies the time offset of the device time security module. The technical solution of the embodiment is used to monitor the security time information of the maintenance. When the security time information is lost or incorrect, the time synchronization request is initiated, and the security time of the terminal is destroyed, such as power failure, data loss, etc. After that, it is difficult to re-establish the issue of a secure time base.
本发明方法第六实施例, 用于说明终端设备如何获取时间同步, 下面给出 获取时间同步的具体步骤:  A sixth embodiment of the method of the present invention is used to describe how the terminal device acquires time synchronization. The following steps are given to obtain time synchronization:
1 )设备开机或认为需要进行时间同步时, 发起 NTP时间同步协议或自定 义的时间同步协议到时间同步服务器;  1) When the device is powered on or considers that time synchronization is required, an NTP time synchronization protocol or a customized time synchronization protocol is initiated to the time synchronization server;
2 ) 时间同步服务器响应协议消息, 以安全传输方式发送含有准确时间的 消息给发起时间同步的设备;  2) the time synchronization server responds to the protocol message, and sends the message with the accurate time to the device that initiates the time synchronization in a secure transmission manner;
3 )设备收到相应的时间响应消息并从中获取到准确时间。 自定义的时间 同步消息需要进行安全传输, 例如采用 SSL传输, 以防止传输途中被墓改。  3) The device receives the corresponding time response message and gets the exact time from it. Customized time Synchronization messages require secure transmission, such as SSL transmission, to prevent tombs during transit.
4 )设备得到准确时间后, 与其维护的本地安全时间单元中的时间信息进 行比较; 如果两者的误差超过了容许的范围, (按照 OMA DRM2.0规范, 该容 许误差为 l20 ppm, 即大约一年的容许误差为 60分钟。 单位 ppm的含义是: 1秒 可以有百万分之几的误差), 则认为本地安全时间已经被无效, 需要更新。 由 于网络传输和服务器处理有一定的延迟,在时间同步过程中, 时间同步服务器 发出的时间信息一般都会包含一个网絡传输和处理延迟。这个延迟时间可以根 据网络情况, 经过多次测试后统计确定, 该延迟时间"在预先规定一段时间内" 为一个常值,例如:在下午 14:00〜17:00这个时间段的延迟为 5ms,在 19:00~21 :00 这个时间段的延迟时间为 10ms, 然后由服务器在同步时间时将该值下发给设 备或者由设备存储维护该值,设备在收到时间信息后, 需要根据该延迟时间将 时间调整为相对准确的时间再使用。调整方法为: 标准时间 =接收到的标准时 间 - 延迟时间 。 4) After the device has been accurately timed, compare it with the time information in the local safety time unit maintained; if the error between the two exceeds the allowable range, (according to the OMA DRM2.0 specification, the tolerance is l 2 0 ppm, That is, the tolerance for about one year is 60 minutes. The meaning of the unit ppm is: 1 second can have an error of parts per million), then the local safety time is considered invalid and needs to be updated. Due to the delay of network transmission and server processing, the time information sent by the time synchronization server generally includes a network transmission and processing delay during time synchronization. This delay time can be determined statistically after multiple tests according to the network conditions. The delay time is "a predetermined period of time" is a constant value. For example, the delay is 5ms from 14:00 to 17:00 in the afternoon. In 19:00~21:00, the delay time of this time period is 10ms. Then the server sends the value to the device during the synchronization time or the device stores and maintains the value. After receiving the time information, the device needs to This delay time adjusts the time to a relatively accurate time for reuse. The adjustment method is: Standard time = standard time received - delay time.
5 ) ,在设备确认当前安全时间需要被更新, 调整本地安全时钟或更新时间 偏移信息。 时间同步及本地安全时间得到正确的更新后, 终端设备在使用数字 内容时, 就可以正确、 有效的根据版权信息进行使用。 为说明本发明方法的使用流程, 下面结合图 8和讨论本发明方法第七实施 例。在框 801开始后,在使用数字内容前,首先获取安全时钟的时间,如框 802; 在框 803 , 表示在使用数字内容的过程中, 根据安全时间来计算、 维护版权中 的时间相关的控制信息。 例如, 判断版权有效期是否已经过期, 版权使用时长 是否已经用完等。同时将用户对内容的使用时间信息在版权中进行更新、维护。 在使用内容的 i£程中, 如果发现版权已经失效, 则终止使用内容。 或者用户主 动停止使用内容。 直到数字内容使用结束或版权已经失效, 结束于框 804。 5), the device confirms that the current security time needs to be updated, adjusts the local security clock or updates the time offset information. After the time synchronization and local security time are correctly updated, the terminal device can use the digital content correctly and effectively according to the copyright information. To illustrate the flow of use of the method of the present invention, a seventh embodiment of the method of the present invention is discussed below in conjunction with FIG. After the start of block 801, the time of the secure clock is first obtained, as in block 802, prior to the use of the digital content, and at block 803, the time-dependent control in the copyright is calculated and maintained based on the secure time in the process of using the digital content. information. For example, it is judged whether the copyright validity period has expired, whether the copyright usage period has been used up, and the like. At the same time, the user's usage time information of the content is updated and maintained in the copyright. In the use of the content, if the copyright is found to have expired, the use of the content is terminated. Or the user actively stops using the content. Until the end of the digital content usage or the copyright has expired, the process ends at block 804.
为说明本发明方法的另一种使用流程,下面结合图 9和讨论本发明方法第 八实施例。 框 901开始后, 在使用数字内容前, 首先确定安全时间模块的时间 偏移量如框 902; 在接下来的框 903中, 根据时间偏移量计算出当前的标准时 间; 在后续的框 904, 表示在使用数字内容的过程中, 根据安全时间来计算、 维护版权中的时间相关的控制信息。计算出标准时间后,对于时间相关的版权, 例如有效期版权从 2005-01-01 12:00至 2005-01-02 13:00期间有效, 则根据当 前标准时间判断该有效期是否已经过期或未到期, 以决定是否可用。本专利主 要向 DRM设备提供安全的标准时间, 具体如何使用该标准时间进行版权维护 不再讨论范围。 例如, 判断版权有效期是否已经过期, 版权使用时长是否已经 用完等。 同时将用户对内容的使用时间信息在版权中进行更新、 维护; 另夕卜, 在使用内容的过程中, 如果发现版权已经失效, 则终止使用内容。 或者用户主 动停止使用内容, 如框 905。  To illustrate another flow of use of the method of the present invention, the eighth embodiment of the method of the present invention is discussed below in conjunction with FIG. After the start of block 901, prior to using the digital content, the time offset of the secure time module is first determined as in block 902; in the next block 903, the current standard time is calculated based on the time offset; in subsequent block 904 , means that in the process of using digital content, the time-related control information in the copyright is calculated and maintained according to the safe time. After calculating the standard time, for time-related copyright, for example, the validity period is valid from 2005-01-01 12:00 to 2005-01-02 13:00, it is judged according to the current standard time whether the validity period has expired or not yet Period to determine if it is available. This patent mainly provides a safe standard time to the DRM equipment, and how to use the standard time for copyright maintenance is no longer discussed. For example, it is judged whether the copyright validity period has expired, whether the copyright usage period has been used up, and the like. At the same time, the user's usage time information of the content is updated and maintained in the copyright; in addition, in the process of using the content, if the copyright is found to have expired, the content is terminated. Or the user actively stops using the content, as in box 905.
相应的, 参见图 10, 本发明实施例提出一种终端设备, 包括同步请求单元 Correspondingly, referring to FIG. 10, an embodiment of the present invention provides a terminal device, including a synchronization request unit.
12、接收单元 13和控制器 14, 其中, 同步请求单元 12用于向时间,同步基准设备 发送时间同步请求;接收单元 13用于将接收到的来自时间同步基准设备的同步 时间发送给控制器 14; 当终端设备开机时,控制器 14控制同步请求单元 12生成 时间同步请求; 并根据接收单元 13接收的同步时间,修正终端设备上的安全时 间信息。 12. The receiving unit 13 and the controller 14, wherein the synchronization requesting unit 12 is configured to send a time synchronization request to the time synchronization reference device; the receiving unit 13 is configured to send the received synchronization time from the time synchronization reference device to the controller 14; when the terminal device is powered on, the controller 14 controls the synchronization requesting unit 12 to generate a time synchronization request; and corrects the security time information on the terminal device according to the synchronization time received by the receiving unit 13.
进一步的, 参见图 11 , 设置用于存储安全时间信息的安全时间单元 11, 控 制器 14调用安全时间单元 11中的安全时间信息,根据所述同步时间修正所述安 全时间信息, 并将 正后的安全时间信息发送给安全时间单元 11。  Further, referring to FIG. 11, a secure time unit 11 for storing safety time information is set, the controller 14 calls the safety time information in the safety time unit 11, and the safety time information is corrected according to the synchronization time, and will be corrected. The secure time information is sent to the secure time unit 11.
参见图 12,还包括比较器 15 , 比较来自所述时间同步基准设备的同步时间 与所述安全时间信息中的标准时间,如果两者的误差超过了容许范围, 则发送 修正控制信号给控制器 14,控制器 14根据所述修正控制信号修正所述安全时间 。 Referring to Figure 12, a comparator 15 is also included for comparing the synchronization time from the time synchronization reference device And the standard time in the safety time information, if the error of the two exceeds the allowable range, the correction control signal is sent to the controller 14, and the controller 14 corrects the safety time based on the correction control signal.
参见图 13 , 为了进一步提高终端设备安全时间的可靠性, 当终端设备的安 全时间被破坏, 例如掉电或数据丢失、 出错, 还设置检测器 16, 检测安全时间 单元 11中的安全时间信息是否丢失或有误, 并将检测结果发送给控制器 14; 控 制器 14接收到安全时间信息丢失或有误的检测结果后, 控制同步请求单元 12 生成新的时间同步请求。  Referring to FIG. 13, in order to further improve the reliability of the security time of the terminal device, when the security time of the terminal device is destroyed, such as power failure or data loss or error, the detector 16 is further set to detect whether the security time information in the security time unit 11 is Loss or error, and send the detection result to the controller 14; after receiving the detection result of the lost or incorrect safety time information, the controller 14 controls the synchronization request unit 12 to generate a new time synchronization request.
参见图 14, 本发明实施例还提出一种保持数字版权管理时间同步的系统, 包括终端设备 1和时间同步基准设备 2, 其中, 终端设备 1开机时, 向时间同步 基准设备 2发起时间同步请求, 并根据来自时间同步基准设备 2的同步时间,修 正终端设备 1上的安全时间信息; 时间同步基准设备 2根据来自终端设备 1的时 间同步请求, 向终端设备 1发送同步时间。 终端设备 1与前述终端设备相同, 此 处不再赘述。  Referring to FIG. 14, an embodiment of the present invention further provides a system for maintaining digital rights management time synchronization, including a terminal device 1 and a time synchronization reference device 2, wherein when the terminal device 1 is powered on, a time synchronization request is initiated to the time synchronization reference device 2. And correcting the secure time information on the terminal device 1 according to the synchronization time from the time synchronization reference device 2; the time synchronization reference device 2 transmits the synchronization time to the terminal device 1 according to the time synchronization request from the terminal device 1. The terminal device 1 is the same as the aforementioned terminal device, and details are not described herein again.
参见图 15 , 时间同步基准设备 2包括响应单元 21和标准单元 22, 其中, _ 响 应单元 21根据来自同步请求单元 12的时间同步请求,向标准单元 22生成响应消 息; 标准单元 22根据来自响应单元 22的响应消息, 获取同步时间, 并发送给接 收单元 13。  Referring to Fig. 15, the time synchronization reference device 2 includes a response unit 21 and a standard unit 22, wherein the _ response unit 21 generates a response message to the standard unit 22 based on the time synchronization request from the synchronization request unit 12; the standard unit 22 is based on the response unit The response message of 22 acquires the synchronization time and sends it to the receiving unit 13.
终端设备 1包括移动终端和网络终端, 所述移动终端可以为手机等, 网络 终端可以为 PC机等, 相对应的, 与移动终端对应的时间同步基准单元 2可以为 时间同步基站或时间同步服务器, 与网络终端对应的时间同步基准单元 2为时 间同步服务器。  The terminal device 1 includes a mobile terminal and a network terminal, and the mobile terminal can be a mobile phone or the like. The network terminal can be a PC or the like. Correspondingly, the time synchronization reference unit 2 corresponding to the mobile terminal can be a time synchronization base station or a time synchronization server. The time synchronization reference unit 2 corresponding to the network terminal is a time synchronization server.
参见图 16, 为了提高同步时间传输过程中的安全性, 终端设备 1 中还设 置解码器 15 , 时间同步基准设备 2中还设置编码器 23 , 编码器 23在标准单元 22获取的同步时间上设置 SSL或数字摘要、 数字签名后, 得到安全保护的同 步时间, 发送给解码器 15; 解码器 15从安全保护的同步时间中得到同步时间 后, 发送给接收单元 13。 例的说明只是用于帮助理解本发明的方法及其核心思想, 依据本发明的思想, 在具体实施方式及应用范围上均会有改变之处, 综上所述, 本说明书内容不应 理解为对本发明的限制。 Referring to FIG. 16, in order to improve the security during the synchronization time transmission, the decoder 15 is further disposed in the terminal device 1, and the encoder 23 is further provided in the time synchronization reference device 2, and the encoder 23 is set at the synchronization time acquired by the standard unit 22. After the SSL or digital digest, digital signature, the synchronization time of the security protection is sent to the decoder 15; the decoder 15 obtains the synchronization time from the synchronization time of the security protection, and then sends it to the receiving unit 13. The description of the examples is only to assist in understanding the method of the present invention and its core idea, in accordance with the idea of the present invention, The details of the present invention and the scope of the application are subject to change. The contents of the present specification are not to be construed as limiting the invention.

Claims

权 利 要 求 Rights request
1、 一种保持数字版权管理时间同步的方法, 其特征在于, 包括以下步骤: 终端设备开机时, 向时间同步基准设备发起时间同步请求;  A method for maintaining digital rights management time synchronization, comprising the steps of: initiating a time synchronization request to a time synchronization reference device when the terminal device is powered on;
所述时间同步基准设备根据所述时间同步请求,向所述终端设备发送同步 时间;  The time synchronization reference device sends a synchronization time to the terminal device according to the time synchronization request;
根据接收到的所述同步时间 , 修正所述终端设备上的安全时间信息。  The security time information on the terminal device is corrected according to the received synchronization time.
2、根据权利要求 1所述的方法, 其特征在于, 所述时间同步基准设备包括 时间同步基站或时间同步服务器。  The method according to claim 1, wherein the time synchronization reference device comprises a time synchronization base station or a time synchronization server.
3、 根据权利要求 1或 2所述的方法, 其特征在于, 所述安全时间信息包括 标准时间和 /或时间偏移量。  3. Method according to claim 1 or 2, characterized in that the safety time information comprises a standard time and/or a time offset.
4、根据权利要求 3所述的方法, 其特征在于, 所述根据接收到的所述同步 时间, 修正所述终端设备上的安全时间信息的步驟包括:  The method according to claim 3, wherein the step of modifying the security time information on the terminal device according to the received synchronization time comprises:
根据所述同步时间, 更新所述终端设备上的标准时间、初始化终端设备上 的时间偏移量或者调整所述终端设备上的硬件时钟的时间。  And updating the standard time on the terminal device, initializing the time offset on the terminal device, or adjusting the time of the hardware clock on the terminal device according to the synchronization time.
5、 根据权利要求 4所述方法, 其特征在于, 还包括: 了容许范围, 则判断需要修正所述终端设备上的安全时间信息。  5. The method according to claim 4, further comprising: determining an allowable range, and determining that the security time information on the terminal device needs to be corrected.
6、 根据权利要求 2所述的方法, 其特征在于, 还包括:  6. The method according to claim 2, further comprising:
所述时间同步基准设备为时间同步服务器时,对所述同步时间进行安全防 护。  When the time synchronization reference device is a time synchronization server, the synchronization time is securely protected.
7、根据权利要求 6所述的方法, 其特征在于, 所述实现安全防护的方法包 括:  The method according to claim 6, wherein the method for implementing security protection comprises:
在所述同步时间上设置 SSL或数字摘要、 数字签名。  Set SSL or digital digest, digital signature on the synchronization time.
8、 根据权利要求 1所述方法, 其特征在于, 还包括:  8. The method according to claim 1, further comprising:
所述终端设备检测所述安全时间信息是否丢失或有误,如果所述安全时间 信息丟失或有误,则所述终端设备向所述时间同步基准设备发起新的时间同步 请求;  The terminal device detects whether the security time information is lost or incorrect. If the security time information is lost or incorrect, the terminal device initiates a new time synchronization request to the time synchronization reference device.
所述时间同步基准设备根据所述新的时间同步请求,向所述终端设备发送 新的同步时间; 根据接收到的所述新的同步时间, 修正所述终端设备上的安全时间信息。 The time synchronization reference device sends a new synchronization time to the terminal device according to the new time synchronization request; The security time information on the terminal device is corrected according to the received new synchronization time.
9、一种终端设备,其特征在于: 包括同步请求单元( 12 )、接收单元( 13 ) 和控制器(14) , 其中 A terminal device, comprising: a synchronization request unit (12), a receiving unit (13), and a controller (14), wherein
所述同步请求单元(12)用于向时间同步基准设备发送时间同步请求; 所述接收单元( 13 )用于接收来自所述时间同步基准设备的同步时间, 并 发送给所述控制器(14) ;  The synchronization requesting unit (12) is configured to send a time synchronization request to the time synchronization reference device; the receiving unit (13) is configured to receive a synchronization time from the time synchronization reference device, and send the synchronization time to the controller (14) ) ;
所述控制器(14)用于当终端设备开机时, 控制所述同步请求单元(12) 生成时间同步请求; 并根据所述接收单元( 13 )接收的所述同步时间, 修正终 端设备上的安全时间信息。  The controller (14) is configured to control the synchronization requesting unit (12) to generate a time synchronization request when the terminal device is powered on; and correct the terminal device according to the synchronization time received by the receiving unit (13) Safety time information.
10、 根据权利要求 9所述的终端设备, 其特征在于: 还包括安全时间单元 10. The terminal device according to claim 9, further comprising: a security time unit
( 11 ) , 所述安全时间单元用于存储安全时间信息, 所述控制器( 14)调用所 述安全时间单元(11)中的安全时间信息, 根据所述同步时间修正所述安全时 间信息, 并将修正后的安全时间信息发送给所述安全时间单元(11) 。 (11), the safety time unit is configured to store safety time information, the controller (14) invokes safety time information in the safety time unit (11), and corrects the safety time information according to the synchronization time, The corrected safety time information is sent to the secure time unit (11).
11、根据权利要求 10所述的终端设备,其特征在于: 还包括比较器(15) , 所述比较器(15)比较来自所述时间同步基准设备的同步时间与所述安全时间 信息中的标准时间,如果两者的误差超过了容许范围, 则发送 4爹正控制信号给 所述控制器( 14) , 所述控制器( 14 )根据所述修正控制信号修正所述安全时 间信息。  The terminal device according to claim 10, further comprising: a comparator (15), wherein said comparator (15) compares a synchronization time from said time synchronization reference device with said safety time information The standard time, if the error of the two exceeds the allowable range, sends a positive control signal to the controller (14), and the controller (14) corrects the safety time information according to the correction control signal.
12、 根据权利要求 10或 11所述的终端设备, 其特征在于: 还包括检测器 ( 16) , 所述检测器( 16)检测所述安全时间单元( 11 ) 中的安全时间信息是 否丢失或有误, 则将检测结果发送给所述控制器( 14) , 所述控制器( 14)接 收到安全时间信息丟失或有误的检测结果后 , 控制所述同步请求单元 ( 12)生 成新的时间同步请求。  The terminal device according to claim 10 or 11, characterized by: further comprising a detector (16), the detector (16) detecting whether the safety time information in the safety time unit (11) is lost or If there is an error, the detection result is sent to the controller (14), and the controller (14) controls the synchronization request unit (12) to generate a new one after receiving the detection result that the safety time information is lost or is incorrect. Time synchronization request.
13、 一种保持数字版权管理时间同步的系统, 其特征在于: 包括终端设备 ( 1 )和时间同步基准设备 (2) , 其中,  13. A system for maintaining digital rights management time synchronization, comprising: a terminal device (1) and a time synchronization reference device (2), wherein
所述终端设备( 1 )用于开机时, 向所述时间同步基准设备 ( 2 )发起时间 同步请求, 并根据来自所述时间同步基准设备( 2 ) 的同步时间, 修正所述终 端设备 ( 1 )上的安全时间信息;  When the terminal device (1) is used for powering on, initiates a time synchronization request to the time synchronization reference device (2), and corrects the terminal device according to a synchronization time from the time synchronization reference device (2) (1) Safety time information on;
所述时间同步基准设备 ( 2 )根据所述时间同步请求, 向所述终端设备 ( 1 ) 发送同步时间。 The time synchronization reference device (2) according to the time synchronization request to the terminal device (1) Send synchronization time.
14、 根据权利要求 13所述的系统, 其特征在于: 所述终端设备(1 ) 包括 同步请求单元(12) 、 接收单元(13)和控制器(14) , 其中,  The system according to claim 13, characterized in that: the terminal device (1) comprises a synchronization request unit (12), a receiving unit (13) and a controller (14), wherein
所述同步请求单元(12—)用于向时间同步基准设备发送时间同步请求; 所述接收单元 U3 )用于接收来自所述时间同步基准设备的同步时间, 并 发送给所述控制器(14) ;  The synchronization request unit (12-) is configured to send a time synchronization request to the time synchronization reference device; the receiving unit U3) is configured to receive a synchronization time from the time synchronization reference device, and send the synchronization time to the controller (14) ) ;
所述控制器 (14)用于当终端设备开机时, 控制所述同步请求单元(12) 生成时间同步请求; 并根据所述接收单元( 13 )接收的所述同步时间, 修正终 端设备上的安全时间信息。  The controller (14) is configured to control the synchronization requesting unit (12) to generate a time synchronization request when the terminal device is powered on; and correct the terminal device according to the synchronization time received by the receiving unit (13) Safety time information.
15、根据权利要求 14所述的系统,其特征在于:所述时间同步基准设备( 2 ) 包括响应单元(21 )和标准单元(22) , 其中,  The system according to claim 14, characterized in that said time synchronization reference device (2) comprises a response unit (21) and a standard unit (22), wherein
所述响应单元(21 )用于根据来自所述同步请求单元(12)的时间同步请 求, 向所述标准单元(22)生成响应消息;  The response unit (21) is configured to generate a response message to the standard unit (22) according to a time synchronization request from the synchronization request unit (12);
所述标准单元(22)根据来自所述响应单元(22)的响应消息, 获取同步 时间, 并发送给所述接收单元(13) 。  The standard unit (22) acquires a synchronization time based on a response message from the response unit (22) and transmits it to the receiving unit (13).
16、 根椐权利要求 15所述的系统, 其特征在于: 所述终端设备(1)还包 括解码器(15), 所述时间同步基准设备(2)还包括编码器(23),  The system according to claim 15, wherein: said terminal device (1) further comprises a decoder (15), said time synchronization reference device (2) further comprising an encoder (23),
所述编码器 (23)在标准单元(22)获取的同步时间上设置 SSL或数字 摘要、 数字签名后, 得到安全保护的同步时间, 发送给所述解码器(15); 所述解码器( 15 )从所述安全保护的同步时间中得到所述同步时间后, 发 送给所述接收单元( 13 )。  The encoder (23) obtains a synchronization time of security protection after setting SSL or digital digest, digital signature on the synchronization time acquired by the standard unit (22), and sends the synchronization time to the decoder (15); the decoder ( 15) After obtaining the synchronization time from the synchronization time of the security protection, sending the synchronization time to the receiving unit (13).
PCT/CN2007/000076 2006-04-18 2007-01-09 A method and system for keeping digital rights management time synchronization WO2007118387A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNB2006100604276A CN100470568C (en) 2006-04-18 2006-04-18 Method and system for keeping digital copyright management time synchronization
CN200610060427.6 2006-04-18

Publications (1)

Publication Number Publication Date
WO2007118387A1 true WO2007118387A1 (en) 2007-10-25

Family

ID=38609048

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/000076 WO2007118387A1 (en) 2006-04-18 2007-01-09 A method and system for keeping digital rights management time synchronization

Country Status (2)

Country Link
CN (1) CN100470568C (en)
WO (1) WO2007118387A1 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101945243B (en) * 2010-08-16 2014-07-16 中兴通讯股份有限公司 Computing method of safety clock and terminal
US10243955B2 (en) * 2016-07-14 2019-03-26 GM Global Technology Operations LLC Securely establishing time values at connected devices
CN106372462B (en) * 2016-08-31 2018-08-28 北京深思数盾科技股份有限公司 To the method for software realization time restriction under off-line state
US10405291B2 (en) * 2017-01-12 2019-09-03 Google Llc Base station time offset adjustment
CN108322785B (en) * 2017-12-29 2021-04-16 海信视像科技股份有限公司 Method and device for judging validity period of double-time service digital copyright certificate and television terminal
CN108171015B (en) * 2018-01-15 2021-10-15 北京书生电子技术有限公司 Method and device for controlling aging
CN109165483A (en) * 2018-08-15 2019-01-08 国云科技股份有限公司 A method of it prevents around cloud platform licensing term

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030233553A1 (en) * 2002-06-13 2003-12-18 Microsoft Corporation Secure clock on computing device such as may be required in connection with a trust-based system
CN1469670A (en) * 2002-06-17 2004-01-21 ��ʽ����Ntt����Ħ Communication terminal for limiting content use
WO2005008442A2 (en) * 2003-07-05 2005-01-27 General Instrument Corporation Ticket-based secure time delivery in digital networks

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030233553A1 (en) * 2002-06-13 2003-12-18 Microsoft Corporation Secure clock on computing device such as may be required in connection with a trust-based system
CN1469670A (en) * 2002-06-17 2004-01-21 ��ʽ����Ntt����Ħ Communication terminal for limiting content use
WO2005008442A2 (en) * 2003-07-05 2005-01-27 General Instrument Corporation Ticket-based secure time delivery in digital networks

Also Published As

Publication number Publication date
CN100470568C (en) 2009-03-18
CN101059825A (en) 2007-10-24

Similar Documents

Publication Publication Date Title
WO2007118387A1 (en) A method and system for keeping digital rights management time synchronization
US9774457B2 (en) Secure time functionality for a wireless device
TW565800B (en) Communications system, terminal, reproduction program, storage medium storing reproduction program, server, server program, and storage medium storing server program
CN101699820B (en) Method and device for authenticating dynamic passwords
US20050050363A1 (en) Secure data management apparatus
EP1969518B1 (en) Cooperative non-repudiated message exchange in a network environment
US9137021B2 (en) Image forming apparatus, secure network system, method for controlling image forming apparatus, and method for updating certificate information
CN101000646A (en) Copyright protection method and system for digital contents controlled by time
EP1991941A1 (en) Apparatus and methods for managing time sensitive application privileges on a wireless device
EP2902940B1 (en) Storage system and method for processing data operation request
US6418486B1 (en) Device handling system and method
JP2010231310A (en) Time correction device, time correction system, time correction method, and program
US7747532B2 (en) Content use management system, content playback apparatus, content use management method, content playback method, and computer program including system date/time information validation
US20100205439A1 (en) Method and terminal for receiving rights object for content on behalf of memory card
KR100653139B1 (en) Certification method
KR101943786B1 (en) How to Manage Access to Services
CN113806720B (en) Software authentication method, system and storage medium supporting offline scene
JP2004266536A (en) Time stamp system and program therefor
JP2003273866A (en) Time certification and device
EP2382576B1 (en) Method and terminal for receiving rights object for content on behalf of memory card
JP2011198321A (en) File management system
JP2013175071A (en) File access control method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07702008

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07702008

Country of ref document: EP

Kind code of ref document: A1