CN101232494A - System and method for logging of triggering terminal unit in-filed manager and joining in field - Google Patents
System and method for logging of triggering terminal unit in-filed manager and joining in field Download PDFInfo
- Publication number
- CN101232494A CN101232494A CNA2007100075050A CN200710007505A CN101232494A CN 101232494 A CN101232494 A CN 101232494A CN A2007100075050 A CNA2007100075050 A CN A2007100075050A CN 200710007505 A CN200710007505 A CN 200710007505A CN 101232494 A CN101232494 A CN 101232494A
- Authority
- CN
- China
- Prior art keywords
- domain manager
- territory
- domain
- terminal equipment
- permission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for a trigger terminal device domain manager registration and domain joining, which makes the terminal device register on the corresponding domain manager and join the domain through the manager when receiving a trigger message or a domain permission. The method includes the following steps: sending a trigger message or a domain permission to the terminal equipment and provides the domain manager information; the terminal device registers on the corresponding domain manager according to the domain manager information and/or join the domain through the corresponding domain manager. The invention further discloses a terminal device, a permission server, a domain manager and a digital right management system.
Description
Technical field
The present invention relates to the digital copyright management technical field, relate in particular to the method and system of triggering terminal equipment in domain manager registration and adding territory.
Background technology
(Digital Rights Management DRM) mainly by the use of claim limitation and content protecting scheme control figure content, protects content owner's legitimate rights and interests in digital copyright management.The publisher of digital content (Content Issuer, CI) with after the encrypt digital content, the user downloads to the encrypted digital content packet on the terminal equipment; (Rights Issuer, (Rights Object, RO), comprising content key and corresponding authority, this content key is used for decrypts digital content to permit server with the corresponding licence of digital content RI) to be responsible for distribution.Terminal equipment has only and has content data packets (wherein comprising the necessary information of decrypts digital content) and licence simultaneously, could normally use the digital content of being bought.
Carry out the distribution and the management of licence for convenience, introduced the notion in territory in OMA (Open Mobile Alliance, Open Mobile Alliance) the DRM2.0 standard.The territory is the set of one group of DRM equipment, and the DRM equipment in the same territory is shared some domain informations, and this domain information can comprise the readable domain name of a unique relam identifier, people, be used for domain key of deciphering sensitive information in the permission of territory or the like.When RI is territory distribution permission (being called the territory permits), utilize domain key that sensitive information in the permission of territory is encapsulated, the member can utilize domain key to obtain content key in the follow-up territory, and then uses digital content; Non-territory member can not use digital content owing to can't obtain domain key.In the OMA DRM2.0 standard, the territory as adding or leaving domain according to certain domain policy control appliance, is carried out the distribution of territory permission etc. by the RI unified management.
A kind of possible situation is, the user need be a plurality of equipment or the territory that founds a family of a plurality of equipment in the family of oneself.Set up same territory for fear of each RI, SCE (the Secure Content Exchange that OMA DRM working group formulates, secure content exchange) notion of user domain has been proposed in the standard, the territory management function is peeled off out from RI, setting is independent of functional entity DA/DEA (the DomainAuthority/Domain Enforcement Agent of RI, the territory authority/domain is carried out the agency), it is domain manager, be used to carry out the function that adds or leave user domain according to the domain policy control appliance, and offer RI by mutual relevant information with user domain such as user domain keys with RI.RI generates the user domain permission according to the relevant information of the user domain that DA/DEA provides, and this user domain permission can be used by the equipment in the respective user territory.
System configuration in the SCE AD draft (OMA-AD-SCE-V0_5-20061201-D) comprises as shown in Figure 1: content publisher CI100, rights issuer RI101, domain manager DA/DEA102, introducing equipment LRM103 and be arranged in the DRM proxy module 104 of terminal equipment.Wherein, the DRM in terminal equipment agency (DRM Agent) module 104 is bought the handling process of permitting in the territory as shown in Figure 2 for user domain:
Step 200, DRM Agent are at DA/DEA registration and adding user domain.
Step 201 is registered at RI to step 205, DRM Agent.
Step 206 is bought user domain by the RI trigger request to RI to step 207, DRM Agent and is permitted RO.
Step 208 is registered at RI to step 212, DA/DEA.
Step 213 is exchangeed subscriber the relevant information of user domain such as domain key to step 214, RI and DA/DEA and is used for RI and creates territory permission RO.
Step 215, RI send and buy user domain permission RO response message to DRM Agent, wherein carry user domain permission RO in this response message.
DRM Agent in order to use the territory permission of this user domain, must and add corresponding user domain receiving after RO obtains trigger (ROAP Trigger{roRequest}) in the DA/DEA registration.
In the OMADRM2.0 standard, include RI relevant information (riID, riAlias), territory relevant information (domainID, domainAlias), RO relevant information (roID, roAlias, contentID) etc. among the ROAP Trigger{roRequest}.Below be the descriptor of ROAP Trigger{roRequest}:
<complexType?name=″ROAcquisitionTrigger″>
<sequence>
<element name=" riID " type=" roap:Identifier "/〉 //RI relevant information riID
<element name=" riAlias " type=" string " minOccurs=" 0 "/〉 //RI relevant information riAlias
<element?name=″nonce″type=″roap:Nonce″minOccurs=″0″/>
<element?name=″roapURL″type=″anyURI″/>
<element?name=″domainID″type=″roap:DomainIdentifier″
MinOccurs=" 0 "/〉 // territory relevant information domainID
<element name=" domainAlias " type=" string " minOccurs=" 0 "/〉 // territory relevant information domainAlias
<sequence?maxOccurs=”unbounded”>
<element name=" roID " type=" ID "/〉 //RO relevant information roID
<element name=" roAlias " type=" string " minOccurs=" 0 "/〉 //RO relevant information roAlias
<element?name=″contentID″type=″anyURI″minOccurs=”0”
MaxOccurs=" unbounded "/〉 //RO relevant information contentID
</sequence>
</sequence>
<attribute?name=″id″?type=″ID″/>
</complexType>
But, the deficiency of above-mentioned processing mode is, owing to do not comprise the information of DA/DEA among the ROAP Trigger{roRequest}, if receive the DRM Agent of this trigger not in this user domain, then can't know the DA/DEA of this user domain correspondence, thereby can't realize adding the process of user domain.
In the SCE AD draft, DRM in terminal equipment agency (DRM Agent) module 104 after receiving the user domain permission, the handling process of sharing this user domain permission with the DRM proxy module in other terminal equipment as shown in Figure 3:
Step 300 is registered at DA/DEA to step 304, DRM Agent1.
Step 305 adds user domain to step 307, DRMA gent1.
Step 308 is bought user domain to step 309, DRM Agent1 from RI and is permitted (its processing procedure is consulted shown in Figure 2).
Step 310, DRM Agent1 share described user domain permission RO and corresponding DCF (DRM ContentFormat, DRM content format) content object and DRM Agent2.
Step 311, because DRM Agent only holds effective user domain key could install and uses the user domain that gets access to permit, so DRM Agent2 must add the user domain that this user domain is permitted correspondence.Before adding this user domain, DRM Agent must register at DA/DEA.DRM Agent2 in DA/DEA registration and the process that adds user domain with step 300 to step 307.
In OMA DRM2.0 standard, except authority and authority encryption key message, also comprise RI relevant information (riID, riAlias, riURL) among the territory permission RO, territory relevant information (domainAlias, be included in the domainID among the encKey) etc.Below be the descriptor of territory permission:
<!--Rights?Object?Definitions-->
<complexType?name=″ROPayload″>
<sequence>
<element name=" riID " type=" roap:Identifier "/〉 //RI relevant information riID
<element?name=″rights″type=″o-ex:rightsType″/>
<element?name=″signature″type=″ds:SignatureType″minOccurs=″0″/>
<element?name=″timeStamp″type=″dateTime″minOccurs=″0″/>
<element name=" encKey " type=" xenc:EncryptedKeyType "/〉 // the territory relevant information is included in
DomainID among the encKey
<element name=" riAlias " type=" string " minOccurs=" 0 "/〉 //RI relevant information riAlias
<element?name=″roAlias″type=″string″minOccurs=″0″/>
<element name=" domainAlias " type=" string " minOccurs=" 0 "/〉 // territory relevant information domainAlias
</sequence>
<attribute?name=″version″type=″roap:Version″use=″required″/>
<attribute?name=″id″?type=″ID″use=″required″/>
<attribute?name=″stateful″type=″boolean″/>
<attribute?name=″domainRO″type=″boolean″/>
<attribute name=" riURL " type=" anyURI "/〉 //RI relevant information riURL
</complexType>
But, the deficiency of above-mentioned processing mode is, owing to do not comprise the information of DA/DEA in the user domain permission, if the DRM Agent that receives this user domain permission is not in this user domain, then can't know the corresponding domain manager of this user domain permission, thereby can't add corresponding territory.
Summary of the invention
The embodiment of the invention provides a kind of triggering terminal equipment in domain manager registration and add the method and system in territory so that terminal equipment can receive trigger message or territory permission after, add the territory to the domain manager registration of correspondence and by corresponding domain manager.
The embodiment of the invention provides the method for a kind of triggering terminal equipment in domain manager registration and adding territory, and the method comprising the steps of:
The information of carrying the domain manager separate in the triggering message of obtaining the territory permission of permit server in the territory permission that generates or with it in transmission;
After terminal equipment receives the permission of described territory or triggers message,, and/or add the territory by corresponding domain manager according to the domain manager registration of the information of wherein domain manager in correspondence.
The embodiment of the invention provides a kind of terminal equipment, comprising:
Be used for sending the territory permission, wherein carry the unit of the information of the separate domain manager of the permit server corresponding with this territory permission to miscellaneous equipment;
Be used to receive the territory permission of permit server transmission or obtain the triggering message of territory permission, perhaps, receive the unit of the territory permission that other terminal equipment sends, wherein, carry unit in described triggering message or the territory permission with the information of the separate domain manager of corresponding permit server;
Be used for extracting unit with the information of the separate domain manager of permit server from the permission of described triggering message or territory;
Be used for registering at the domain manager of correspondence, and/or add the unit in territory by corresponding domain manager according to the information of described domain manager.
The embodiment of the invention provides a kind of permit server, comprising:
Be used in territory permission that generates or the triggering message of obtaining the territory permission, carrying the unit of the information of the domain manager separate with it in transmission;
Be used for sending the unit that the triggering message of territory permission was permitted or obtained in described territory to terminal equipment.
The embodiment of the invention provides a kind of system for numeral copyright management, comprising:
Domain manager is used for equipment in the territory is managed;
Permit server is used to provide territory permission, wherein, and in the territory permission that generates or the information of carrying the domain manager separate in the triggering message of obtaining the territory permission that is sending with it;
Terminal equipment is used to receive the permission of described territory or triggers message, and according to the domain manager registration in correspondence of the information of wherein domain manager, and/or adds the territory by corresponding domain manager.
In the embodiment of the invention, when providing triggering message or territory to permit to terminal equipment, information with the separate domain manager of corresponding permit server is provided, terminal equipment adds the territory according to the information of this domain manager in the domain manager registration of correspondence and by corresponding domain manager, like this, terminal equipment can add the territory to the domain manager registration and by domain manager according to the information of the domain manager that obtains; In addition, terminal equipment can send to permit server with this domain manager sign when receiving the domain manager sign, obtain the domain manager address by permit server, and proxy terminal equipment adds the territory.
Description of drawings
Fig. 1 is the system configuration schematic diagram of SCE AD draft in the background technology;
Fig. 2 is the process chart that the DRM agency buys the territory permission in the background technology for user domain;
Fig. 3 is the process chart that permit in the sharing users territory between the terminal equipment in the background technology;
Fig. 4 is the structural representation of system for numeral copyright management in the embodiment of the invention;
Fig. 5, Fig. 8 are the structural representation of terminal equipment in the embodiment of the invention;
Fig. 6, Figure 11 are the structural representation of permit server in the embodiment of the invention;
Fig. 7 is the process chart that permit server triggering terminal equipment registered and added the territory in the embodiment of the invention at domain manager;
Fig. 9 is that terminal equipment triggers the process chart of registering and add the territory at domain manager by the territory permission in the embodiment of the invention;
Figure 10 be in the embodiment of the invention triggering terminal equipment 1 and terminal equipment 2 in the domain manager registration and add the process chart in territory;
Figure 12 is the process chart that terminal equipment adds the territory in the embodiment of the invention by the permit server agency.
Embodiment
In the system for numeral copyright management of the embodiment of the invention, the information of carrying the domain manager separate in the triggering message of obtaining the territory permission of permit server in the territory permission that generates or with it in transmission, when described territory permission that terminal equipment receives or triggering message, information according to wherein domain manager, in the domain manager registration of correspondence, and/or by corresponding domain manager adding territory.Permit server of mentioning in the embodiment of the invention and domain manager are independent mutually.
A kind of system for numeral copyright management in the embodiment of the invention comprises as shown in Figure 4: domain manager DA/DEA400, permit server 401, terminal equipment 402; Wherein, described domain manager 400 is used for equipment in the management domain, comprises that equipment provides the territory relevant information in the territory, as domain identifier, domain key, the territory term of validity etc., makes that equipment can use the territory to permit in the territory in; And, be used for carrying out alternately with overseas equipment, comprise overseas equipment to domain manager 400 registrations, and/or overseas equipment adds the territory by domain manager 400.At overseas equipment after domain manager 400 succeeds in registration, domain manager 400 also is used for providing to this overseas equipment the relevant information of domain manager, as domain manager sign, domain manager address, domain manager name, protocol version, the cryptographic algorithm of selection, the term of validity of domain manager, the certificate chain of domain manager etc., make overseas equipment add the territory to the domain manager application according to this information.
Described permit server 401, be used to provide the territory permission, and the information of in this territory permission, carrying domain manager, and, when described terminal equipment 402 transmission territories are permitted or obtained the triggering message (ROAP trigger{roRequest}) of territory permission, provide the information of the domain manager of correspondence to described terminal equipment by this territory permission or triggering message.Described terminal equipment 402 in order to install and to use this territory to permit, need be permitted corresponding domain manager registration in this territory and pass through this domain manager adding territory after the territory permission that receives permit server 401 transmissions or being obtained the triggering message of territory permission.When described terminal equipment 402 determines that according to the information of the domain manager that carries in territory permission or the triggering message it is not the member in this territory, to the domain manager application adding territory of correspondence.Described terminal equipment 401 determined not when the domain manager registration of correspondence or registration had been lost efficacy according to territory permission or the information that triggers the domain manager that carries in the message, before adding the territory earlier to this domain manager registration.
The structure of a kind of permit server in the embodiment of the invention comprises as shown in Figure 5: processing unit 500, transmitting element 501; Wherein, described processing unit 500 is used for the information of carrying the domain manager separate with it in territory permission that generates or the triggering message of obtaining the territory permission that sending; Described transmitting element 501 is used for sending the permission of described territory or obtaining the triggering message of territory permission to terminal equipment.
Described terminal equipment 402, be used to receive the triggering message of obtaining the territory permission or the territory permission that permit server provides, perhaps, receive the territory permission that other terminal equipment provides, and from the permission of described triggering message or territory, extract the information of domain manager, information according to described domain manager is registered at the domain manager of correspondence, and/or adds the territory by corresponding domain manager.The information of the domain manager that terminal equipment 402 described here receives comprises domain manager sign DA/DEA ID and/or domain manager address D A/DEA URL (UniformResource Locator URL(uniform resource locator)).
Described domain manager identifies to be used to identify and triggers message or the corresponding domain manager of territory permission, and preferable, described terminal equipment 402 can judge whether to register to the domain manager of correspondence according to this domain manager sign, and perhaps whether registration is still effective; Determining unregistered or registration when losing efficacy (as expired), described terminal equipment 402 is to the domain manager registration of correspondence.Described domain manager address is the URL of definition in [RFC2396], is an absolute identifier, and is preferable, and described terminal equipment 402 can be registered to the domain manager of correspondence according to this domain manager address, and/or adds the territory of this domain manager correspondence.Certainly, terminal equipment 402 also can judge whether to register to the domain manager of correspondence according to the domain manager address here, and perhaps whether registration is still effective; Described terminal equipment 402 also can be registered to the domain manager of correspondence according to the domain manager sign, and/or adds the territory of this domain manager correspondence.
The information of the domain manager that described terminal equipment 402 receives can also comprise the domain manager name, and being used for provides the title of domain manager with user interactions the time.Can also comprise domain identifier in triggering message that described terminal equipment 402 receives or the territory permission, this domain identifier is used for the territory of identification field manager correspondence, described terminal equipment 402 can judge whether to add the territory of described domain manager correspondence according to this domain identifier, and whether perhaps add the territory out of date; Determining not add described territory or adding the territory when out of date that preferable, described terminal equipment 402 adds described territory according to this domain identifier and domain manager address to described domain manager application.
The structure of a kind of terminal equipment in the embodiment of the invention is consulted shown in Figure 6, comprising: receiving element 600, extraction unit 601, processing unit 602; Described receiving element 600, be used to receive the triggering message of obtaining the territory permission or the territory permission that permit server provides, perhaps, receive the territory permission that other terminal equipment provides, wherein, carry information with the separate domain manager of corresponding permit server in the permission of described triggering message or territory; Described extraction unit 601 is used for permitting the information that extracts domain manager from described triggering message or territory; Described processing unit 602 is used for registering at the domain manager of correspondence according to the information of described domain manager, and/or adds the unit in territory by corresponding domain manager.Preferable, described receiving element 600, extraction unit 601 and processing unit 602 all are arranged in the DRM proxy module.
Consult shown in Figure 7ly, in the embodiment of the invention, permit server triggering terminal equipment is in domain manager registration and to add the handling process in territory as follows:
Step 700, permit server send the territory permission to terminal equipment and obtain triggering message (ROAPtrigger{roRequest}), obtain the territory permission with triggering terminal equipment, and do not trigger and register and/or the adding territory to domain manager to the terminal equipment in domain manager registration and/or adding territory, carry the information of domain manager in the wherein said triggering message, comprise domain manager sign and/or domain manager address, also include domain identifier in certain described triggering message.
Step 701, described terminal equipment judge whether to register at this domain manager according to the domain manager sign that triggers in the message, and perhaps whether registration is still effective; Determining unregistered or registration when having lost efficacy, execution in step 702 is to step 705, otherwise skips steps 702 is to step 705.
Step 702 to step 705, described terminal equipment according to the domain manager address of triggering in the message, to the domain manager registration of correspondence.Here, described terminal equipment is after described domain manager is successfully registered, described domain manager carries the relevant information of domain manager in the response message of the successful registration of returning to terminal equipment, as domain manager sign, domain manager address, domain manager name, protocol version, the cryptographic algorithm of selection, the term of validity of domain manager, the certificate chain of domain manager etc., the relevant information of this domain manager is used for the mutual of follow-up terminal equipment and domain manager, as adds corresponding territory.
Step 706, terminal equipment judge whether to add the territory of domain manager correspondence according to the domain identifier in the triggering message; Determining not add or to add when out of date, execution in step 707 is to step 708, otherwise skips steps 707 is to step 708.
Step 707 to step 708, described terminal equipment adds the territory according to the domain manager address and the domain identifier that trigger in the message to the domain manager request of correspondence.Here, described terminal equipment is after successfully adding the territory, described domain manager carries the territory relevant information in the response message in the successful adding territory of returning to terminal equipment, as domain identifier, domain key, the territory term of validity etc., this territory relevant information is used for follow-up installing terminal equipment and uses the territory permission.
Step 709 to step 710, described terminal equipment obtains the territory permission from described permit server.
In another kind of implementation, the information of domain manager is provided to described terminal equipment by other terminal equipment, wherein, described other terminal equipment sends the territory permission to described terminal equipment, carries the information of the corresponding domain manager of this territory permission in the permission of described territory.Described terminal equipment in order to install and to use this territory permission, needs to permit the domain manager registration of correspondence in this territory and add the territory after the territory permission that receives other terminal equipment transmission.When described terminal equipment determines that according to the information of the domain manager in the permission of territory it is not the member in this territory, to the domain manager application adding territory of correspondence.Described terminal equipment 401 determined not when the domain manager registration of correspondence or registration had been lost efficacy according to the information of the domain manager in the territory permission, before adding the territory earlier to this domain manager registration.
Consult terminal equipment shown in Figure 8, shown in Figure 6 and also comprise a transmitting element 603, be used for sending the territory permission, and the information of permitting the domain manager that corresponding permit server is separate with this territory is provided to miscellaneous equipment.Preferable, described receiving element 600, extraction unit 601, processing unit 602, transmitting element 603 all are arranged in the DRM proxy module.
Consult shown in Figure 9ly, in the embodiment of the invention, terminal equipment triggers in the domain manager registration by territory permission and to add the handling process in territory as follows:
Step 900, terminal equipment 1 send the content object DCF that is embedded with the territory permission to terminal equipment 2, do not permit the terminal equipment 2 in corresponding domain manager registration and/or adding territory to described domain manager registration and/or adding territory to trigger to described territory, carry the information of domain manager in the permission of wherein said territory, comprise domain manager sign and/or domain manager address, also carry domain identifier in the permission of described territory.
Step 901, terminal equipment 2 judge whether to register at this domain manager according to the domain manager sign in the permission of territory, and perhaps whether registration is still effective; Determining unregistered or registration when having lost efficacy, execution in step 902 is to step 905, otherwise skips steps 902 is to step 905.
Domain manager address during step 902 to step 905, terminal equipment 2 permitted according to the territory is to the domain manager registration of correspondence.Here, terminal equipment 2 is after described domain manager is successfully registered, described domain manager carries the relevant information of domain manager in the response message of the successful registration of returning to terminal equipment 2, as domain manager sign, domain manager address, domain manager name, protocol version, the cryptographic algorithm of selection, the term of validity of domain manager, the certificate chain of domain manager etc., the relevant information of this domain manager is used for the mutual of follow-up terminal equipment 2 and domain manager, as adds corresponding territory.
Step 906, terminal equipment 2 judge whether to add the territory of domain manager correspondence according to the domain identifier in the permission of territory; Determining not add or to add when out of date, execution in step 907 is to step 908, otherwise skips steps 907 is to step 908.
Step 907 to step 908, terminal equipment 2 adds the territory according to domain manager address in the permission of territory and domain identifier to the domain manager request of correspondence.Here, terminal equipment 2 is after successfully adding the territory, described domain manager carries the territory relevant information in the response message in the successful adding territory of returning to terminal equipment 2, as domain identifier, domain key, the territory term of validity etc., this territory relevant information is used for follow-up terminal equipment 2 and uses the territory permission.
Step 909, if terminal equipment 2 in the permit server registration of the described territory of distribution permission, is then carried out the process to described permit server registration, arbitrary moment execution that this step can be step 900 after.
Provide one below by triggering the instantiation of message or territory permission triggering terminal equipment at domain manager registration and adding user domain.
Carry the territory of the information of domain manager and permit that the form that obtains triggering message ROAP trigger{roRequest} is as follows:
<complexType?name=″ROAcquisitionTrigger″>
<sequence>
<element?name=″riID″type=″roap:Identifier″/>
<element?name=″riAlias″type=″string″minOccurs=″0″/>
<element?name=″nonce″type=″roap:Nonce″minOccurs=″0″/>
<element?name=″roapURL″type=″anyURI″/>
<element name=" daID " type=" roap:Identifier " minOccurs=" 0 "/〉 // domain manager sign daID
<element name=" daAlias " type=" string " minOccurs=" 0 "/〉 // domain manager name daAlias
<element name=" daURL " type=" anyURI " minOccurs=" 0 "/〉 // domain manager address daURL
<element?name=″domainID″type=″roap:DomainIdentifier″
MinOccurs=" 0 "/〉 // domain identifier domainID
<element?name=″domainAlias″type=″string″minOccurs=″0″/>
<sequence?maxOccurs=″unbounded”>
<element?name=″roID″type=″ID″/>
<element?name=″roAlias″type″string″minOccurs=″0″/>
<element?name=″contentID″type=″anyURI″minOccurs=”0”
maxOccurs=″unbounded″/>
</sequence>
</sequence>
<attribute?name=″id″?type=″ID″/>
</complexType>
Carry the territory of the information of domain manager and permit that the form of RO is as follows:
<!--Rights?Object?Definitions-->
<complexType?name=″ROPayload″>
<sequence>
<element?name=″riID″type=″roap:Identifier″/>
<element name=" daID " type=" roap:Identifier " minOccurs=" 0 "/〉 // domain manager sign daID
<element?name=″rights″type=″o-ex:rightsType″/>
<element?name=″signature″type=″ds:SignatureType″minOccurs=″0″/>
<element?name=″timeStamp″type=″dateTime″minOccurs=″0″/>
<element name=" encKey " type=" xenc:EncryptedKeyType "/〉 // domain identifier domainID
<element?name=″riAlias″type=″string″minOccurs=″0″/>
<element name=" daAlias " type=" string " minOccurs=" 0 "/〉 // domain manager name daAlias
<element?name=″roAlias″type=″string″minOccurs=″0″/>
<element?name=″domainAlias″type=″string″minOccurs=″0″/>
</sequence>
<attribute?name=″version″type=″roap:Version″use=″required″/>
<attribute?name=″id″?type=″ID″use=″required″/>
<attribute?name=″stateful″type=″boolean″/>
<attribute?name=″domainRO″type=″boolean″/>
<attribute?name=″riURL″type=″anyURI″/>
<attribute name=" daURL " type=" anyURI " minOccurs=" 0 "/〉 // domain manager address daURL
</complexType>
In this example, carry the territory of the information of domain manager and permit that the descriptor of obtaining triggering message ROAPtrigger{roRequest} is as follows:
<roap:roapTrigger?xmlns:roap=″urn:oma:bac:dldrm:roap-1.0″version=″1.0″>
<roAcquisition>
<riID>
<keyIdentifier?xsi:type=″roap:X509SPKIHash″>
<hash>aXENc+Um/9/NvmYKiHDLaErK0fk=</hash>
</keyIdentifier>
</riID>
<nonce>SnVzdCBBIE5vbmNlICE=</nonce>
<roapURL>http://ri.example.com/ro.cgi?tid=qw683hgew7d</roapURL>
<daID>
<keyIdentifier?xsi:type=″roap:X509SPKIHash″>
<hash〉e9lNNPV9OzBDdAkkvnSYLVUqg5o=</hash〉// domain manager sign daID
</keyIdentifier>
</daID>
<daAlias〉DA-024</daAlias〉// domain manager name daAlias
<daURL〉http://DA.example.com/id.cgi? tid=g97sd976s90</daURL〉// domain manager address daURL
<domainID〉Domain-XYZ-001</domainID〉// domain identifier domainID
</rddoAcquisition>
</roapTrigger>
In this example, carry domain manager information territory permission RO descriptor as follows:
<roap:ro?id=″n8yu98hy0e2109eu09ewf09u″domainRO=″true″version=″1.0″
riURL=″http://ri.example.com/ro.cgi?tid=BDek3hwdAg″
DaURL=" http://DA.example.com/id.cgi? tid=g97sd976s90 "〉// domain manager address daURL
<riID>
<keyIdentifier?xsi:type=″roap:X509SPKIHash″>
<hash>aXENc+Um/9/NvmYKiHDLaErK0fk=</hash>
</keyIdentifir>
</riID>
<daID>
<keyIdentifier?xsi:type=″roap:X509SPKIHash″>
<hash〉e9lNNPV9OzBDdAkkvnSYLVUqg5o=</hash〉// domain manager sign daID
</keyIdentifier>
</daID>
<rights?o-ex:id=″REL1″>
...
</rights>
...
<encKey?Id=″K_MAC_and_K_REK″>
...
<ds:KeyInfo>
<roap:domainID〉Domain-XYZ-001</roap:domainID〉// domain identifier domainID
</ds:KeyInfo>
...
</encKey>
<daAlias〉DA-024</daAlias〉// domain manager name daAlias
</roap:ro>
Consult shown in Figure 10ly, triggering terminal equipment 1 and terminal equipment 2 are in domain manager registration and to add the handling process in territory as follows in this example:
Step 1000, permit server send the territory permission to terminal equipment 1 and obtain triggering message ROAPtrigger{roRequest}, and in this triggering message, carry domain manager sign, domain manager address, also carry domain identifier and domain manager name in this triggering message.
Is it that the domain manager DA/DEA of e9lNNPV9OzBDdAkkvnSYLVUqg5o=correspondence registered or registered when having lost efficacy that step 1001 to step 1004, terminal equipment DRM Agent1 judged not at domain manager sign ID, according to domain manager address http://DA.example.com/id.cgi? tid=g97sd976s90 is registered to domain manager DA-024.
Is step 1005 during to step 1006, terminal equipment 1 does not join domain Domain-XYZ-001, according to domain manager address http://DA.example.com/id.cgi? tid=g97sd976s90 and domain identifier Domain-XYZ-001 add territory Domain-XYZ-001.
Step 1007 to 1008, terminal equipment 1 obtains the territory permission from permit server.
Step 1009, terminal equipment 1 embed the territory permission among the content object DCF and send to terminal equipment 2.
Does is not step 1010 designated the domain manager registration of e9lNNPV9OzBDdAkkvnSYLVUqg5o=or register at domain manager to step 1013, terminal equipment 2 judgements and lost efficacy, then according to domain manager address http://DA.example.com/id.cgi? tid=g97sd976s90 is registered to domain manager A-024.
Do step 1014 to step 1015, terminal equipment 2 judged does not join domain Domain-XYZ-001, then according to domain manager address http://DA.example.com/id.cgi? tid=g97sd976s90 and domain identifier Domain-XYZ-001 add territory Domain-XYZ-001.
Step 1016, if terminal equipment DRMAgent2 in the permit server RI registration of this user domain of distribution permission, then carries out the process to described permit server RI registration, this step can be carried out in the arbitrary moment after step 1000.
In the above-mentioned implementation, the information of domain manager comprises domain manager sign and/or domain manager address, with domain identifier be independent parameter; In another kind of implementation, the domain manager address can be included in the domain identifier, and at this moment, terminal equipment can extract described domain manager address from this domain identifier, and press this domain manager address and directly register, and/or add the territory by corresponding domain manager at the domain manager of correspondence.
In another kind of implementation, the sign of IncFlds manager in the domain identifier, perhaps domain identifier can the unique identification domain manager.Terminal equipment owing to do not obtain the domain manager address, can not directly add the territory by corresponding domain manager after obtaining domain identifier.Terminal equipment can directly send to permit server with the domain identifier that receives, when this domain identifier unique identification domain manager, find corresponding domain manager address by permit server according to domain identifier, and proxy terminal equipment is mutual with domain manager, terminal equipment is added the territory of correspondence; When in this domain identifier, including the domain manager sign, from domain identifier, extract the domain manager sign by permit server, and finding corresponding domain manager address according to domain manager sign, proxy terminal equipment and domain manager are mutual, terminal equipment are added the territory of correspondence.The implementation of another possibility is, when including the domain manager sign in the domain identifier that receives, terminal equipment can extract described domain manager sign and send to permit server from domain identifier, find corresponding domain manager address by described permit server according to the domain manager sign, and proxy terminal equipment and domain manager are mutual, and terminal equipment is added corresponding territory.Certainly, if the information of a domain manager IncFlds manager sign, domain manager sign whether related with domain identifier (IncFlds manager sign in domain identifier unique identification domain manager or the domain identifier) no matter then, terminal equipment also needs to add the territory by the permit server agency.
In this implementation, permit server 401 in the system for numeral copyright management shown in Figure 4 finds corresponding domain manager address according to domain identifier or the domain manager sign that terminal equipment 402 provides, and proxy terminal equipment 402 is mutual with domain manager 400, and terminal equipment is added corresponding territory.Wherein, can provide domain identifier or domain manager sign to described terminal equipment 402 by permit server 401, other terminal equipment, its processing procedure and aforementioned implementation are similar.
The structure of a kind of permit server in this implementation comprises as shown in figure 11: first processing unit 1100, transmitting element 1101, receiving element 1102, search unit 1103, second processing unit 1104; Wherein, described first processing unit 1100 is used for the sign of carrying the domain manager separate with it in territory permission that generates or the triggering message of obtaining the territory permission in transmission; Described transmitting element 1101 is used to send the permission of described territory or triggers message; Described receiving element 1102 is used for domain identifier or domain manager sign that receiving terminal apparatus provides; The described unit 1103 of searching is used for searching corresponding domain manager address according to described domain identifier or domain manager sign; Described processing unit 1104, to be used for acting on behalf of described terminal equipment according to described domain manager address mutual with corresponding domain manager, and described terminal equipment is added corresponding territory.
Consult shown in Figure 12ly, terminal equipment is as follows by the handling process that permit server agency adds the territory in the embodiment of the invention:
Step 1200, terminal equipment 1 are in domain manager registration and adding territory.
Step 1201 to step 1202, terminal equipment 1 obtains territory permission RO (its processing procedure as shown in Figure 2).
Step 1203, terminal equipment 1 send to terminal equipment 2 with territory permission and content object DCF.
Step 1204 to 1208, terminal equipment 2 adds the territory in permit server registration and request, wherein, includes domain identifier in request message.After permit server receives the adding territory request of terminal equipment 2 transmissions, from domain identifier, extract the domain manager sign, and search the domain manager address according to this domain manager sign, perhaps, directly find the domain manager address according to domain identifier, proxy terminal equipment 2 is mutual with corresponding domain manager, and described terminal equipment is added corresponding territory.
To sum up, in the embodiment of the invention, when providing triggering message or territory to permit to terminal equipment, information with the separate domain manager of corresponding permit server is provided, terminal equipment adds the territory according to the information of this domain manager in the domain manager registration of correspondence and by corresponding domain manager, like this, terminal equipment can add the territory to the domain manager registration and by domain manager according to the information of the domain manager that obtains; In addition, terminal equipment can send to permit server with this domain manager sign when receiving the domain manager sign, obtain the domain manager address by permit server, and proxy terminal equipment adds the territory.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (12)
1. the method in territory is registered and added to a triggering terminal equipment at domain manager, it is characterized in that the method comprising the steps of:
The information of carrying the domain manager separate in the triggering message of obtaining the territory permission of permit server in the territory permission that generates or with it in transmission;
After terminal equipment receives the permission of described territory or triggers message,, and/or add the territory by corresponding domain manager according to the domain manager registration of the information of wherein domain manager in correspondence.
2. the method for claim 1 is characterized in that, sends the permission of described territory by permit server or other-end equipment to described terminal equipment.
3. method as claimed in claim 1 or 2 is characterized in that, the information of described domain manager comprises domain manager sign and/or domain manager address.
4. method as claimed in claim 3, it is characterized in that, when described domain manager address packet is contained in the domain identifier, described terminal equipment extracts described domain manager address from this domain identifier, and press this address and directly register, and/or add the territory by corresponding domain manager at the domain manager of correspondence.
5. method as claimed in claim 3, it is characterized in that, described domain manager sign is included in the described domain identifier or the information of described domain manager when being the domain manager sign, described terminal equipment sends to permit server with domain identifier or domain manager sign, find corresponding domain manager address and proxy terminal equipment is mutual with domain manager by described permit server, terminal equipment is added the territory of correspondence.
6. a terminal equipment is characterized in that, comprising:
Be used for sending the territory permission, wherein carry the unit of the information of the separate domain manager of the permit server corresponding with this territory permission to miscellaneous equipment;
Be used to receive the territory permission of permit server transmission or obtain the triggering message of territory permission, perhaps, receive the unit of the territory permission that other terminal equipment sends, wherein, carry unit in described triggering message or the territory permission with the information of the separate domain manager of corresponding permit server;
Be used for extracting unit with the information of the separate domain manager of permit server from the permission of described triggering message or territory;
Be used for registering at the domain manager of correspondence, and/or add the unit in territory by corresponding domain manager according to the information of described domain manager.
7. a permit server is characterized in that, comprising:
Be used in territory permission that generates or the triggering message of obtaining the territory permission, carrying the unit of the information of the domain manager separate with it in transmission;
Be used for sending the unit that the triggering message of territory permission was permitted or obtained in described territory to terminal equipment.
8. permit server as claimed in claim 7 is characterized in that, also comprises:
Be used for the domain identifier that receiving terminal apparatus provides or the unit of domain manager sign;
Be used for searching the unit of corresponding domain manager address according to described domain identifier or domain manager sign;
It is mutual with corresponding domain manager to be used for acting on behalf of described terminal equipment according to described domain manager address, described terminal equipment is added the unit in corresponding territory.
9. a system for numeral copyright management is characterized in that, comprising:
Domain manager is used for equipment in the territory is managed;
Permit server is used to provide territory permission, wherein, and in the territory permission that generates or the information of carrying the domain manager separate in the triggering message of obtaining the territory permission that is sending with it;
Terminal equipment is used to receive the permission of described territory or triggers message, and according to the domain manager registration in correspondence of the information of wherein domain manager, and/or adds the territory by corresponding domain manager.
10. system as claimed in claim 9 is characterized in that, sends the permission of described territory by permit server or other terminal equipment to described terminal equipment.
11., it is characterized in that the information of described domain manager comprises domain manager sign and/or domain manager address as claim 9 or 10 described systems.
12. system as claimed in claim 11, it is characterized in that, described domain manager sign is included in the described domain identifier or the information of described domain manager when being the domain manager sign, described terminal equipment sends to permit server with domain identifier or domain manager sign, find corresponding domain manager address and proxy terminal equipment is mutual with domain manager by described permit server, terminal equipment is added the territory of correspondence.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100075050A CN101232494A (en) | 2007-01-26 | 2007-01-26 | System and method for logging of triggering terminal unit in-filed manager and joining in field |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100075050A CN101232494A (en) | 2007-01-26 | 2007-01-26 | System and method for logging of triggering terminal unit in-filed manager and joining in field |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101232494A true CN101232494A (en) | 2008-07-30 |
Family
ID=39898670
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007100075050A Pending CN101232494A (en) | 2007-01-26 | 2007-01-26 | System and method for logging of triggering terminal unit in-filed manager and joining in field |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101232494A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102006324A (en) * | 2010-11-23 | 2011-04-06 | 无锡语意电子政务软件科技有限公司 | Multi-user object sharing method |
| CN102483786A (en) * | 2009-09-11 | 2012-05-30 | 皇家飞利浦电子股份有限公司 | Method and system for restoring domain management |
| CN102799807A (en) * | 2012-06-15 | 2012-11-28 | 华为终端有限公司 | Digital rights management content playing method, user equipment and domain manager |
-
2007
- 2007-01-26 CN CNA2007100075050A patent/CN101232494A/en active Pending
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102483786A (en) * | 2009-09-11 | 2012-05-30 | 皇家飞利浦电子股份有限公司 | Method and system for restoring domain management |
| CN102483786B (en) * | 2009-09-11 | 2015-11-25 | 皇家飞利浦电子股份有限公司 | For recovering the method and system of territory management |
| US9596243B2 (en) | 2009-09-11 | 2017-03-14 | Koninklijke Philips N.V. | Method and system for restoring domain management |
| CN102006324A (en) * | 2010-11-23 | 2011-04-06 | 无锡语意电子政务软件科技有限公司 | Multi-user object sharing method |
| CN102006324B (en) * | 2010-11-23 | 2015-05-13 | 无锡语意电子政务软件科技有限公司 | Multi-user object sharing method |
| CN102799807A (en) * | 2012-06-15 | 2012-11-28 | 华为终端有限公司 | Digital rights management content playing method, user equipment and domain manager |
| CN102799807B (en) * | 2012-06-15 | 2015-11-25 | 华为终端有限公司 | The player method of digital rights management content, subscriber equipment and domain manager |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20190080098A1 (en) | System and method to protect user privacy in multimedia uploaded to internet sites | |
| US7885871B2 (en) | Method and system for managing DRM agent in user domain in digital rights management | |
| CN102934118B (en) | Subscriber equipment and control method thereof | |
| EP1529371B1 (en) | Monitoring of digital content provided from a content provider over a network | |
| CN1992594B (en) | URL extension method for streaming media system | |
| KR101601976B1 (en) | System and method for managing digital rights management content | |
| US20040205333A1 (en) | Method and system for digital rights management | |
| US20060048237A1 (en) | Tracing and identifying piracy in wireless digital rights management system | |
| KR20040099939A (en) | Method for resisting program tampering using serial number and for upgrading obfuscated program, and apparatus for the same | |
| JP2006318134A (en) | Digital right management system, content server and portable terminal | |
| EP2388724A1 (en) | Method and device for communicating digital content | |
| US20100017888A1 (en) | Method, device and system for transferring license | |
| US20050044397A1 (en) | Method and system for secure time management in digital rights management | |
| WO2006065633A2 (en) | Method and device for digital rights management | |
| CN111800426A (en) | Method, device, equipment and medium for accessing native code interface in application program | |
| EP1785904A2 (en) | Digital rights management method and system | |
| CN101842783B (en) | Method and apparatus for managing DRM rights object | |
| KR20090089673A (en) | System and method for withdrawaling rights object of the digital contents | |
| CN101232494A (en) | System and method for logging of triggering terminal unit in-filed manager and joining in field | |
| US20100191804A1 (en) | Method for supporting post browsing in moving rights object of digital rights management and terminal thereof | |
| CN117579338A (en) | Method for processing streaming media file and related equipment | |
| Alliance | DRM Specification V2. 0 | |
| CN101290641B (en) | Method for trigger equipment executing operation, equipment and system thereof | |
| KR20100051035A (en) | Contents distributing system using widget and method thereof | |
| KR20070120413A (en) | Method for processing contents and contents trust status management system for drm interoperability system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20080730 |