CN101059828A - Digital copyright protection method and system - Google Patents
Digital copyright protection method and system Download PDFInfo
- Publication number
- CN101059828A CN101059828A CNA2006100759385A CN200610075938A CN101059828A CN 101059828 A CN101059828 A CN 101059828A CN A2006100759385 A CNA2006100759385 A CN A2006100759385A CN 200610075938 A CN200610075938 A CN 200610075938A CN 101059828 A CN101059828 A CN 101059828A
- Authority
- CN
- China
- Prior art keywords
- token
- distribution device
- terminal device
- terminal
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a digit version protective method, comprising that a terminal device obtains an encrypted digit content from a content publisher, obtaining a priority object for consuming the digit content from a relative priority publisher, the terminal device obtains coins from an independent coil publisher authorized by the content publisher or the priority publisher, the coin publisher calculates the coin publish condition and records statistic information, and the terminal device uses the obtained priority object and the coins to consume the digit content. The invention also discloses a digit version protective system.
Description
Technical field
The present invention relates to the digital copyright technology of the communications field, especially digital literary property protection method and system.
Background technology
Digital copyright management (DRM, Digital Rights Management) is a copyright protection technology at digital content, can prevent effectively by network and computing machine bootlegging, copy, transmission digital content.The content distribution device that the publisher of digital content uploads to after with encrypt digital content in the network (or claims digital content publisher, be Content Issuer, CI), the user is if the use digital content must (or claim authority distribution device, i.e. Rights Issuer to the authority distribution device, RI) ask and obtain the permission object (RO of this digital content, Rights Object), comprises relevant key in the permission object, can be used for deciphering and obtain digital content; Comprise rights of using and service condition to content simultaneously in the permission object, terminal can only satisfy under the situation of service condition according to rights of using use digital content.
In permission object, also carried the specifying information that uses digital content to charge to the user,, can charge to the user, for example: press access times and charge, press charging service time etc. according to user's usage behavior by using token.Terminal consumes token according to the charge information in the permission object in the process of consumption digital content, for example every mistake consumed 1 token in 10 minutes.
In the prior art, RI is responsible for handling the request and the granting of token, as shown in Figure 1.When number of tokens quantity not sufficient that the user uses, must be to the new token of RI application of issuing RO.Each rights issuer can only be sent out token separately, after terminal is received token from a rights issuer, automatically this token is stored in the storage area of this rights issuer correspondence.The RO of different RI distribution can only consume token separately, and for example the RO of RI_A distribution can only consume the token that terminal obtains from RI_A.
Prior art has the following disadvantages:
1,, therefore increased the load of RI because each authority distribution device RI must be able to provide the function of providing token.
2, same content publisher can authorize a plurality of rights issuer to be its issued rights object and token.In this case, even the content of two permission object controls all belongs to same content publisher, because the rights issuer difference, terminal also must remove to apply for token respectively.
3, token and certain rights issuer are bound, and the token of different rights publisher can not be changed mutually.
Summary of the invention
The invention provides a kind of digital literary property protection method and system, to solve the problem that needs each authority distribution device RI distribution token in the prior art and increase the RI load; The problem that further solution also necessary SEPARATE APPLICATION token when the content of two permission objects controls all belongs to same content publisher, and the token of different rights publisher can not be changed.
The invention provides following technical scheme:
A kind of digital literary property protection method comprises the steps:
Terminal device obtains encrypted digital content from the content distribution device, and obtains the permission object that is used to consume described digital content from corresponding authority distribution device;
Described terminal device from by content distribution device or the mandate of authority distribution device and independently the token distribution device obtain token, by token distribution device statistics token distribution situation and write down statistical information; And
Described terminal device uses the permission object and the token that obtain to consume described digital content.
According to said method:
Terminal device obtains token and comprises step: terminal device is to token distribution device request token;
The user is verified,, then return the request message of the token that comprises some to the user if checking is passed through, otherwise, failure response message returned to terminal device.
Terminal device request token takes a step forward and the token distribution device is set up security mechanism, and uses this security mechanism to guarantee the security of follow-up interaction message.
Described token is pre-payment type token or back paying formula token; Described authority distribution device is also specified the type of token in permission object.
Terminal device indicates the authority distribution device of this token binding and/or indicates the type of the described binding of token when token distribution device request token in request message.
For the back paying formula token of terminal device request, described token distribution device is in the one or more authority distribution devices or the token type of the coin binding of the response message middle finger Ming Dynasty.
Behind the paying formula token, further send the consumption report of the token quantity that comprises consumption after the terminal device consumption, indicate the type of the authority distribution device and/or the back paying formula token of the binding of back paying formula token in this report to the token distribution device; Charge by token distribution device or charging center, and terminal device is only at the successfully back deletion consumption record that charges.
Described method also comprises step: terminal device is changed to the token of former type down state and asks the token distribution device to be converted into the token of target type; The token distribution device verifies the user, and by verifying that the back returns the token of the target type of respective numbers to terminal device; The described token that is changed to down state of described terminal device deletion, the token of installation and use target type.
A kind of method at digital copyright protecting transfer replacement coin comprises the steps:
Terminal device is changed to down state with the token of former type, and request by content distribution device or the mandate of authority distribution device and independently the token distribution device be converted into the token of target type;
The token distribution device verifies the user, and by verifying that the back returns the token of the target type of respective numbers to terminal device;
The described token that is changed to down state of described terminal device deletion, the token of installation and use target type.
A kind of digital copyright protection system comprises:
The content distribution device is used to provide encrypted digital content;
The authority distribution device is used to obtain the permission object that is used to consume described digital content;
The token distribution device, according to the mandate of a plurality of described content sending apparatus or authority distribution device, to terminal device distribution token, statistics token distribution situation and record statistical information;
Message accounting charges to the user according to statistical information.
The present invention has following beneficial effect:
1, authority distribution device RI only is responsible for issued rights object RO, and issues token by a special token distribution device TI, thereby has alleviated the load of RI.
2, content publisher or rights issuer can be specified the type of token flexibly, thereby support the multiple business model, and the RO that different RI provides can consume the token of same type.
3, in the payment mode of back, terminal does not need to go independent application for the token of each type, has alleviated the mutual amount of terminal and token publisher.
4, dissimilar tokens can be changed by token publisher, have great convenience for the user use.
Description of drawings
Fig. 1 be in the prior art terminal device from the synoptic diagram of authority distribution device request token;
Fig. 2 is the structural representation of digital copyright protection system in the embodiment of the invention;
Fig. 3 is a main process flow diagram of realizing digital copyright protecting in the embodiment of the invention;
Fig. 4 is the process flow diagram that content distribution device in the embodiment of the invention/authority distribution device participates in the token distribution;
Fig. 5 sets up the process flow diagram of escape way for adopting IPSec between terminal device in the embodiment of the invention and the token distribution device;
Fig. 6 is the process flow diagram that terminal is registered to the token distribution device in the embodiment of the invention;
Fig. 7 be in the embodiment of the invention terminal to the process flow diagram of third-party registration;
Fig. 8 is the charging flow figure under the pre-payment pattern in the embodiment of the invention;
Fig. 9 be in the embodiment of the invention authority distribution device at the process flow diagram of RO middle finger Ming Dynasty coin type;
Figure 10 is the process flow diagram of terminal processes token under the pre-payment pattern in the embodiment of the invention;
Figure 11 is the process flow diagram that terminal is reported to token distribution device transmission consumption under the payment mode of back in the embodiment of the invention;
Figure 12 is the process flow diagram of terminal processes token under the payment mode of back in the embodiment of the invention;
Figure 13 is the process flow diagram of embodiment of the invention transfer replacement coin.
Embodiment
Consult shown in Figure 2ly, the digital copyright protection system in the present embodiment comprises: content distribution device, copyright distribution device, token distribution device and charging center.
Content distribution device (or claiming content publisher) is used to provide digital content, and the user can obtain encrypted digital content from the content distribution device.According to different business models, this content distribution device can be Download Server, streaming media server or broadcasting server etc.Digital content is encrypted, and can not directly use.Could use this digital content after only obtaining corresponding permission object.A content distribution device can be authorized the content issued rights object of one or more authority distribution devices for oneself.
The authority distribution device is responsible for providing permission object to the user, and the user is to control by the digital copyright management drm agent on the terminal device (hereinafter to be referred as terminal) to the use of content.Drm agent is at first searched the local corresponding permission object that whether has before using content, if do not have, then file an application to rights issuer; If have, then resolve permission object, obtain key, judge whether current operation to content meets the permission object defined terms, if eligible, then to would carrying out this operation behind the contents decryption.Before permission object was provided, rights issuer should verify at first whether the drm agent of user terminal is legal, generally uses digital certificate to carry out legitimate verification.
The token distribution device is responsible for providing token to the user.Terminal according to the corresponding information in the permission object, constantly consumes token when consumption digital content.When the quantity of token is lower than when carrying out the required token quantity of this operation, terminal need go to apply for could carry out this operation then to obtain new token to token publisher.The token distribution device can charge to a charging center request after the token request of receiving the user, and token publisher issues the token of some to the user subsequently.Token publisher need add up the situation of token distribution, and statistical information is reported to content corresponding distribution device and/or authority distribution device.This statistical information can be with the real-time or periodic content of announcement distribution device of the form of message/authority distribution device, also can be with forms such as statistical report forms, the regular content distribution device/authority distribution device that offers.Token distribution device and content distribution device/authority distribution device be by this statistical information, work such as charge.
The charging center can be same entity with the token distribution device, also can be different entities.
Consult shown in Figure 3ly, the main processing procedure of digital copyright protecting is as follows in the present embodiment:
Step 300, terminal are obtained the content of encryption from the content distribution device.
Step 310, terminal send the RO request message to the authority distribution device, and request is used for the permission object RO of content of consumption.
The legitimacy of step 320, authority distribution device verification terminal and message if the verification passes, returns success the response message of the token distribution device address that comprises RO and correspondence, and continues step 330; If authentication failed is returned the response message of failure, whole flow process finishes.
Step 330, terminal send the token request message to the token distribution device, the token of request some.
The legitimacy of step 340, token distribution device verification terminal and message, if the verification passes, the response message that returns success wherein comprises the token of some; If authentication failed is returned the response message of failure.The token distribution device is added up the distribution situation and is write down corresponding statistical information behind the distribution token.
Step 350, terminal are according to RO consumption digital content and consumption token.
Step 360, token distribution device are notified the distribution situation of token to the authority distribution device.
Step 370, token distribution device are notified the distribution situation of token to the content distribution device.
In above-mentioned steps 360 and step 370, according to different business models, the token distribution device can offer statistical information authority distribution device and/or content distribution device, and both sides carry out disbursement and sattlement according to statistical information or are divided into.This statistical information can be a detailed token distribution record, also can be according to closing the account that token distribution record and CAMEL-Subscription-Information calculate.Statistical information does not need real-time RI or the CI of passing to generally speaking, and can be that form with file regularly offers the other side.For example the token distribution device can each moonrise a statistical report form, by means such as FTP or Email or faxes statistical report form is passed to RI/CI.
Further, can require the token distribution device to obtain the affirmation of RI/CI when the distribution token, as shown in Figure 4, its processing procedure is as follows:
Step 400, terminal are to token distribution device request token.
Step 410, token distribution device are notified to CI or RI with the token request message.
If the legitimacy of step 420, CI/RI verification terminal and request message by checking, is then returned the response message that allows the distribution token; Otherwise, return the response message that does not allow to issue token.
Step 430, token distribution device return corresponding token response message according to the result who returns to terminal.If, by checking, then in response message, comprise the token of asking quantity, otherwise, the response message of failure returned.
Can know the address of token distribution device in order to make terminal, in the step 320 of Fig. 3, the authority distribution device is carried at the address of token distribution device in the RO response message, to specific token publisher request token, a concrete RO response message format is as shown in the table according to the address in this message for terminal:
| Parameter | Explanation |
| State | Expression success or failure etc. |
| Session ID | Be used for and the request message coupling |
| The rights issuer identifier | Sign |
| Token publisher address | The URL address, terminal is asked token by this address to token publisher |
| Permission object | The permission object of terminal request |
| The rights issuer certificate | Be used for verifying authorization publisher |
| The rights issuer signature | Rights issuer is to the digital signature of above-mentioned parameter |
The authority distribution device also can be when terminal request be registered, the address of after the endpoint registration success, in the response message that returns to terminal, carrying the token distribution device, and terminal can be preserved relevant parameters in this locality.Like this, RI need not carry the address of token publisher in the RO response message.Terminal is initiated by terminal when terminal is got in touch certain authority distribution device for the first time to the registration of authority distribution device, and a concrete registration reply message form is as shown in the table:
| Parameter | Explanation |
| State | Expression success or failure etc. |
| Session ID | Be used for and the request message coupling |
| The rights issuer identifier | Be used for identifying rights issuer |
| Token publisher address | The URL address, terminal is asked token by this address to token publisher |
| The rights issuer certificate | Be used for verifying authorization publisher |
| The rights issuer signature | Rights issuer is to the digital signature of above-mentioned parameter |
In addition, the authority distribution device can also be placed on the address of token distribution device among the RO and offer terminal, for example:
<permission object 〉
<rights issuer〉rights issuer identifier</rights issuer
<token distribution device〉the token distribution device URL</the token distribution device
<authority 〉
......
</authority 〉
</permission object 〉
In a word, RI can offer terminal by the address of variety of way token distribution device, thereby terminal can be known to the corresponding token of corresponding token distribution device request.
Confidentiality and integrity for the intercommunication that guarantees terminal and token distribution device needs to set up security mechanism between terminal and the token distribution device.
Can adopt ipsec protocol to set up an escape way between terminal and the token distribution device.As shown in Figure 5: in step 500, terminal is mutual with the token distribution device before the request token, adopts ipsec protocol to set up an escape way.In step 510 and step 520, transmit follow-up token request message and token response message by the escape way of setting up.
Also can use log-on message to carry out safeguard protection between terminal and the token distribution device, as shown in Figure 6: in step 600, terminal is initiated login request message to the token distribution device, information such as sign (ID), user name, password and/or certificate that wherein can carried terminal are used for marking terminal or user's identity; Terminal can further be encrypted the sensitive data in the message with the private key of oneself.In step 610, token distribution device checking login request message, and the registration reply message that after succeeding in registration, returns success, wherein can carry the information such as certificate of token distribution device for the sign of user's distribution or arranging key, token distribution device; If registration failure then returns failed message.The token distribution device can further be encrypted the sensitive data in the message with the private key of oneself.In step 620 and step 630, successfully after the registration, terminal and token distribution device use arranging key or the public and private key technology of PKI to guarantee the security of subsequent communications.Terminal can be to token distribution device application token only after the registration of success.
Registration message among Fig. 6 can be that each terminal is initiated before token distribution device request token, is used for interim arranging key or exchange certificate; Also can when the terminal first time and the contact of token distribution device, register, the back both sides that succeed in registration store log-on message in this locality, in follow-up token request process, can use the log-on message of preservation to carry out two-way checking and to the encrypted transmission of message, and need not all re-register, both sides can stipulate a term of validity for log-on message. at every turn
In addition, terminal also can be registered to a registration center, and the token distribution device is verified terminal by registration center, obtains user data and corresponding message encryption and decryption key.As shown in Figure 7:
Step 700, terminal send login request message to registration center.
Step 710, registration center's checking login request message, if be proved to be successful, the response message that then returns success; Otherwise, return failed message.
Step 720, terminal are after succeeding in registration, to the token of token distribution device application some.
Step 730, token distribution device obtain registration center from request message address, request is verified terminal to registration center.
The token distribution device can verify to the legitimacy of token request message earlier that also if be proved to be successful, then the request registration center is verified terminal, if authentication failed is directly returned failed message to terminal, stops follow-up step.
Step 740, registration center verify that to terminal if success, the response message that then returns success wherein comprises the required terminal information of token distribution device, for example terminal certificate; If failed message is then returned in failure.
If step 750 terminal is proved to be successful, the token distribution device returns the token of some according to the request of terminal to it; Otherwise, return failed message to it.
In a word, when terminal and token distribution device communicate, must set up a safe communication passage, this passage can be each interim foundation, also can be to set up by some log-on message that is kept at both sides this locality.
In the present embodiment, according to the charge mode difference, token can be divided into pre-payment type token and two kinds of back paying formula tokens.
The token of described pre-payment type is meant that the token distribution device at first charges to the user, provides the token of some then.This charging work can oneself be finished when the token distribution device is received the token request message, also can finish by the third party charging center.As shown in Figure 8: in step 800, terminal is to token distribution device request token.In step 810, according to the token quantity of terminal request, the user is chargeed.In step 820, the token dispensing device returns response message to terminal; If charging failure then returns a failed message and finishes whole flow process to terminal; Otherwise, return the response message of the token that comprises some to terminal.Charging can be to be undertaken by token distribution device oneself, also can be to be undertaken by the third party charging center, for example the token distribution device is transferred to this expense in the account of token distribution device then to the expense of bank's request deduction purchase token from user account.
Because a plurality of content publisher or rights issuer can authorize same token distribution device to be its granting token, therefore, the token distribution device must be able to be added up the token situation of issuing at different content publisher or rights issuer.During to token distribution device request token, must be able to show the purposes of this token in terminal.
For example, token can implicit expression and the rights issuer binding, that is to say the permission object of rights issuer RI_A distribution, can only use the token with the RI_A binding, and can not use the token with the RI_B binding.Therefore, during to token distribution device request token, the rights issuer information under this token should be reported the token distribution device in terminal.A concrete token request message format is as follows:
Type of message: token request
Terminal iidentification: abc
Pre-payment type or back paying formula: pre-payment
Token quantity: 100
Rights issuer: RI_A
Digital signature: xxxxxxx
After the token distribution device is provided the token of some, need be at the authority distribution device under this token of local record.The token distribution device can be periodically to the quantity of the corresponding distribution token of authority distribution device report, and both sides charge according to this statistical information.
In addition, the authority distribution device can be in permission object the type of explicit declaration token, the type of this token can be the type with a rights issuer binding, also can be the type of and content publisher binding.Authority descriptive language with OMADRM is an example, can increase the element of new token-type by name:
<o-dd:play>
<o-ex:constraint>
<oma-dd:token-based>
<oma-dd:token-constraint>count</o-dd:token-constraint>
<oma-dd:token-unit>1</o-dd:token-unit>
<oma-dd:tokens-consumed>2</o-dd:tokens-consumed>
<xxxx:token-type〉token type</xxxx:token-type
</oma-ex:token-based>
</o-ex:constraint>
</o-dd:play>
Wherein, o-dd:play represents that this terminal has the authority of play content, and oma-dd:token-based represents that this constraint condition is based on token.This example represents that content of the every broadcast of terminal all must consume the token of 2 units.
Adopt token and content publisher/rights issuer binding mode, it is its issued rights that a content publisher can be authorized several rights issuer, and the RO of these rights issuer grantings can consume same type token.As shown in Figure 9, its implementation procedure is as follows:
Step 900, terminal are obtained content A and content B from the content distribution device.
Step 910, terminal are obtained permission object RO_A from authority distribution device A, and this permission object RO_A is used for content of consumption A, and the token type that explanation is used in RO_A is token1.
Step 920, terminal are obtained permission object RO_B from authority distribution device B, and this permission object RO_B is used for content of consumption B, and the token type that explanation is used in RO_B is token1.
Step 930, terminal are the token of token1 to token distribution device request type, and the token distribution device is verified terminal, is the token of token1 by after discharge some types, and write down the token quantity of this granting and the type of token.
Step 940, terminal are according to the RO_A content of consumption, and consuming type is the token of token1.
Step 950, terminal are according to the RO_B content of consumption, and consuming type is the token of token1.
In step 930, terminal must be carried type parameter in the message of token distribution device request token, and a concrete message format is as follows:
Type of message: token request
Terminal iidentification: abc
Pre-payment type or back paying formula: pre-payment type
Token quantity: 100
Token type: a1234567
Rights issuer: RI_A
Digital signature: axc....df
Consult shown in Figure 10ly, the processing procedure of terminal is as follows under the pre-payment pattern:
Whether the token of step 1001, terminal judges this locality is enough, in this way, then carry out step 1002, otherwise carry out step 1003.
The token of step 1002, consumption respective numbers continues step 1000.
Whether step 1003, prompting user will buy new token, if, then continue step 1005, otherwise, carry out step 1004.
Token for the binding rights issuer by matching request message, can obtain the identification information of rights issuer.Terminal can be preserved the token quantity of binding separately for each rights issuer in database, also can add the identification information of rights issuer on the token object.
Pay and refer to such an extent that be that the token that the token distribution device is at first provided some is given terminal in so-called back, with the operating position notice token distribution device of token, the token distribution device charges according to the token operating position of terminal terminal after a time.Consult shown in Figure 11: use digital content and consume token in step 1100, terminal, crossed after a period of time, the token quantity of consuming is reported to the token distribution device.In step 1101, the token distribution device charges according to the report of terminal; Wherein, charging can be finished by the token distribution device, also can finish by the charging center.In step 1102, charge successfully after, the response message that the token distribution device returns success is given terminal, terminal is deleted the consumption record of last time in view of the above; Otherwise, to return failed message and give terminal, terminal must keep the consumption record, reports consumption condition after a time again.
For the token of paying in the back, the request message of the request message of terminal and pre-payment type token is similar, and terminal can comprise the identification information of the type and/or the rights issuer of token in request message.
The token distribution device can be in the several rights issuer or the type of token request response middle finger Ming Dynasty coin binding, and a concrete response message format is as follows:
Type of message: token request response
Token publisher: http://aaa
Paying in pre-payment or back: pays in the back
Token quantity: 100
Token type: a1234567, bbbbbbbb
Digital signature: asd.....eo
In this case, terminal must be preserved the rights issuer that token binds or the set of type.Any permission object can use this token that is tied to a rights issuer/type set, as long as rights issuer that the token of this permission object appointment is bound or type are among set.If rights issuer or token type that the token distribution device is not bound at response message middle finger Ming Dynasty coin, then any permission object can use this token.
When the token of paying formula after the terminals consume, the quantity that must the record token consumes and the rights issuer or the type of this token actual needs binding.When terminal reports the consumption report to the token distribution device, need the quantity of explanation token consumption and the rights issuer and/or the type of binding, a concrete consumption report message form is as follows:
Type of message: consumption report
Terminal iidentification: abc
Token quantity: 100
Token type: a1234567
Rights issuer: RI_A
Token quantity: 45
Token type: bbbbbbbb
Rights issuer: RI_A
Token quantity: 60
Token type: bbbbbbbb
Rights issuer: RI_B
Digital signature: xkc....de
The token distribution device charges to the user according to the token quantity and the token type of user's real consumption after receiving the consumption report, and the rights issuer and/or the token type of record token quantity and token binding.
Consult shown in Figure 12ly, the processing procedure of terminal is as follows under the payment mode of back:
Terminal must write down quantity and the type of this token or the rights issuer of binding that consumes token when consuming token.Wherein terminal can be notified, an example as shown in the table by user oneself configuration or by the authority distribution device equally in token distribution device address in registration message or permission object:
| The token quantity consumed | The token type | Token distribution device address |
| 100 | a1234567 | token_issuer1_url |
| 45 | bbbbbbbb | token_issuer1_url |
| 50 | a1234567 | token_issuer2_url |
After chargeing successfully, the token distribution device can initiatively provide the back paying formula token of some in response message, and terminal is obtained this token and preserved from response message.
In the present embodiment, can distinguish the token of pre-payment type and the token of back paying formula, two kinds of tokens can be preserved or added the mark of pre-payment type/back paying formula respectively in database after receiving token in order to make terminal.Two kinds of tokens may be present on the terminal simultaneously, the token of configurable preferential use pre-payment of user or back paying formula.Drm agent must guarantee the security of token in terminal storage, the request of token, obtains, installs, consumes all and carry out under the control of drm agent, and the token that is stored in terminal can not be visited and be revised to user or other application programs.
The user uses for convenience, and by the token distribution device, the user can ask the pre-payment type token of a certain type is converted to another type in the present embodiment.Consult shown in Figure 13ly, the processing procedure of conversion token type is as follows:
Step 1300, user select " token conversion " function, at first check the existing token situation of terminal, select certain type token (being exemplified as token1) to change.Can all change, also can be by user's specified quantity.The user also wants the type (being exemplified as token2) after the designated conversion.
Step 1301, terminal are changed to " unavailable " according to user's request with the token of the token1 type of specified quantity, initiate conversion request message to the token distribution device then.Comprise the preceding type token1 of conversion in this message, the type token2 after needing to change and the quantity of token.
The legitimacy of step 1302, token distribution device checking message and terminal is if authentication failed is returned failed message; If be proved to be successful, the message that returns success then wherein comprises the token that some types are token2.After being proved to be successful, the token distribution device can further charge to terminal as required.
After step 1303, terminal were received response message, if the response message that is defined as failing, the token that then will be changed to " unavailable " originally reverted to upstate, notifies the user convert failed; If receive the response message of success, then deletion was changed to the token of " unavailable " originally, and new token is installed.
From present embodiment as can be known, authority distribution device RI only is responsible for issued rights object RO among the present invention, and issues token by a special token distribution device TI, has therefore alleviated the load of RI.Because content publisher or rights issuer can be specified the type of token flexibly, thereby can support the multiple business model, and the RO that different RI provides can consume the token of same type.Further, dissimilar tokens can be changed by token publisher, has great convenience for the user use.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (21)
1, a kind of digital literary property protection method is characterized in that, comprises the steps:
Terminal device obtains encrypted digital content from content distribution device (CI), and obtains the permission object (RO) that is used to consume described digital content from corresponding authority distribution device (RI);
Described terminal device from by content distribution device or the mandate of authority distribution device and independently token distribution device (TI) obtain token, by token distribution device statistics token distribution situation and write down statistical information;
Described terminal device uses the permission object and the token that obtain to consume described digital content.
2, the method for claim 1 is characterized in that, terminal device obtains the address information of described token distribution device to described authority distribution device registration or request permissions object the time.
3, the method for claim 1 is characterized in that, the user is chargeed when the terminal device request token or behind the distribution token by described token distribution device or charging center.
4, the method for claim 1 is characterized in that, described token distribution device is further with statistical information content of announcement distribution device and/or authority distribution device.
5, the method for claim 1 is characterized in that, when terminal device finds that in the described digital content of consumption token is not enough, further obtains token from described token distribution device.
As the described method of one of claim 1 to 5, it is characterized in that 6, terminal device obtains token and comprises step:
Terminal device is to token distribution device request token;
The user is verified,, then return the response message of the token that comprises some to the user if checking is passed through, otherwise, failure response message returned to terminal device.
7, method as claimed in claim 6 is characterized in that, terminal device request token takes a step forward and the token distribution device is set up security mechanism, and uses this security mechanism to guarantee the security of follow-up interaction message.
8, method as claimed in claim 7 is characterized in that, utilizes ipsec protocol to set up escape way between terminal device and the token distribution device, and carries out follow-up mutual through this escape way; Perhaps
Terminal device is to the registration of token distribution device, and the back both sides that succeed in registration preserve log-on message, and use this log-on message that follow-up interaction message is carried out safeguard protection; Perhaps
Terminal device is registered to registration center; the back both sides that succeed in registration preserve log-on message; and terminal device uses this log-on message that the follow-up message that sends to the token distribution device is carried out safeguard protection, by the token distribution device this message is sent to registration center and carries out security verification.
9, method as claimed in claim 6 is characterized in that, by the token distribution device user is verified; And/or,, the user is verified token request content of announcement distribution device or authority distribution device by the token distribution device by it.
10, method as claimed in claim 6 is characterized in that, described token is pre-payment type token or back paying formula token, and described authority distribution device is also specified the type of token in permission object.
11, method as claimed in claim 10 is characterized in that, terminal device indicates the authority distribution device of this token binding and/or indicates the type of the described binding of token when token distribution device request token in request message.
12, method as claimed in claim 11 is characterized in that, for the back paying formula token of terminal device request, described token distribution device is in the one or more authority distribution devices or the token type of the coin binding of the response message middle finger Ming Dynasty.
13, method as claimed in claim 10, it is characterized in that, after the terminal device consumption behind the paying formula token, further send the consumption report of the token quantity that comprises consumption, indicate the type of the authority distribution device and/or the back paying formula token of the binding of back paying formula token in this report to the token distribution device; Charge by token distribution device or charging center, and terminal device is only at the successfully back deletion consumption record that charges.
14, method as claimed in claim 13 is characterized in that, described terminal device regularly sends described consumption report, and sends when consuming report at the appointed time, temporarily stops using described back paying formula token.
15, method as claimed in claim 10 is characterized in that, this method also comprises step:
Terminal device is changed to the token of former type down state and asks the token distribution device to be converted into the token of target type;
The token distribution device verifies the user, and by verifying that the back returns the token of the target type of respective numbers to terminal device;
The described token that is changed to down state of described terminal device deletion, the token of installation and use target type.
16, method as claimed in claim 15 is characterized in that, terminal device reverts to upstate with the described token that is changed to down state when receiving failure response message.
17, a kind of method at digital copyright protecting transfer replacement coin is characterized in that, comprises the steps:
Terminal device is changed to down state with the token of former type, and request by content distribution device or the mandate of authority distribution device and independently the token distribution device be converted into the token of target type;
The token distribution device verifies the user, and by verifying that the back returns the token of the target type of respective numbers to terminal device;
The described token that is changed to down state of described terminal device deletion, the token of installation and use target type.
18, method as claimed in claim 17 is characterized in that, terminal device reverts to upstate with the described token that is changed to down state when receiving failure response message.
19, a kind of digital copyright protection system is characterized in that, comprising:
The content distribution device is used to provide encrypted digital content;
The authority distribution device is used to obtain the permission object that is used to consume described digital content;
The token distribution device, according to the mandate of a plurality of described content sending apparatus or authority distribution device, to terminal device distribution token, statistics token distribution situation and record statistical information;
Message accounting charges to the user according to statistical information.
20, system as claimed in claim 19 is characterized in that, described token distribution device is further with statistical information content of announcement distribution device and/or authority distribution device.
As claim 19 or 20 described systems, it is characterized in that 21, described token device and message accounting are separate physical entity; Perhaps, described token device and message accounting are same physical entity.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100759385A CN101059828A (en) | 2006-04-20 | 2006-04-20 | Digital copyright protection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100759385A CN101059828A (en) | 2006-04-20 | 2006-04-20 | Digital copyright protection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101059828A true CN101059828A (en) | 2007-10-24 |
Family
ID=38865927
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2006100759385A Pending CN101059828A (en) | 2006-04-20 | 2006-04-20 | Digital copyright protection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101059828A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101552793B (en) * | 2009-04-29 | 2011-12-14 | 成都卫士通信息产业股份有限公司 | Method for downloading digital multimedia file and program order commission |
| CN107180399A (en) * | 2016-03-10 | 2017-09-19 | 太赞(北京)网络科技有限公司 | A kind of chip based on internet exchanges conversion method and system |
| CN108431819A (en) * | 2015-12-03 | 2018-08-21 | 奥卡交互有限公司 | Client is protected to access the method and system of the service of the DRM agent of video player |
-
2006
- 2006-04-20 CN CNA2006100759385A patent/CN101059828A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101552793B (en) * | 2009-04-29 | 2011-12-14 | 成都卫士通信息产业股份有限公司 | Method for downloading digital multimedia file and program order commission |
| CN108431819A (en) * | 2015-12-03 | 2018-08-21 | 奥卡交互有限公司 | Client is protected to access the method and system of the service of the DRM agent of video player |
| CN108431819B (en) * | 2015-12-03 | 2021-06-08 | 奥卡交互有限公司 | Method and system for protecting client access to service of DRM agent of video player |
| CN107180399A (en) * | 2016-03-10 | 2017-09-19 | 太赞(北京)网络科技有限公司 | A kind of chip based on internet exchanges conversion method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1221907C (en) | Content application administrative system and its method | |
| CN1147120C (en) | Accounting apparatus, information receiving apparatus, and communication system | |
| CN1934564A (en) | Method and apparatus for digital rights management using certificate revocation list | |
| CN100345148C (en) | Information processing system, information processing device, and program | |
| CN100337175C (en) | Method and system of adding region and obtaining authority object of mobile terminal | |
| CN100347623C (en) | Device and method for managing content usage right | |
| CN1756150A (en) | Information management apparatus, information management method, and program | |
| CN1266875C (en) | Content issuing/receiving method | |
| CN100341020C (en) | Game device management system, game device, control method and software recording medium | |
| CN1636217A (en) | Method and apparatus for controlling a lifecycle of an electronic contract | |
| CN1700641A (en) | Digital signature assurance system, method, program and apparatus | |
| CN1540915A (en) | Revocation of certificate and exclusion of other principals in digital rights management system and delegated revocation authority | |
| CN1467642A (en) | Data protection program and data protection method | |
| CN1531253A (en) | Server for managing registered/subregistered digit power in DRM structure | |
| CN1607485A (en) | Content delivery service providing apparatus and content delivery service terminal unit | |
| CN1698041A (en) | Information device, information server, information processing system, information processing method, and information processing program | |
| CN1545661A (en) | Information processing device and method, information processing system, recording medium, and program | |
| CN1503179A (en) | Content use system, mehtod and server thereof | |
| CN1581771A (en) | Authentication system, server, and authentication method and program | |
| CN1738248A (en) | Information-processing method, information-processing apparatus and computer program | |
| CN1758590A (en) | Information processing apparatus, information processing method, and program | |
| CN1502186A (en) | Controlled distribution of application code and content data within a computer network | |
| CN1723426A (en) | Software execution control system and software execution control program | |
| CN1691588A (en) | Information processing apparatus, information processing method, and computer program | |
| CN1852094A (en) | Method and system for protecting account of network business user |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20071024 |