CN101686122A - Transmission permission method and device - Google Patents

Transmission permission method and device Download PDF

Info

Publication number
CN101686122A
CN101686122A CN200810216599A CN200810216599A CN101686122A CN 101686122 A CN101686122 A CN 101686122A CN 200810216599 A CN200810216599 A CN 200810216599A CN 200810216599 A CN200810216599 A CN 200810216599A CN 101686122 A CN101686122 A CN 101686122A
Authority
CN
China
Prior art keywords
permission
publisher
request
trusting relationship
lrm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN200810216599A
Other languages
Chinese (zh)
Inventor
张仁宙
黄晨
袁卫忠
周志鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN200810216599A priority Critical patent/CN101686122A/en
Publication of CN101686122A publication Critical patent/CN101686122A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a transmission permission method, comprising the following steps: the trust relationship of permission publishers is determined; a transmission permission request is received,and the transmission permission request contains an identifier of the permission and the permission publisher; the permission publishers are judged to be trusted according to the trust relationship, and the transmission permission request is accepted. The invention further discloses a transmission permission device, comprising a trust relationship determining module for determining the trust relationship of the permission publishers; a receiving request module for receiving the transmission permission request containing the identifier of the permission and the permission publisher; a judging and accepting module for judging the permission publishers to be trusted according to the trust relationship of the permission publishers and accepting the transmission permission request. The invention realizes to providing transmission permission service of the trusted permission publishers, thereby not only improving the user experience and but also meeting the requirements of competition and cooperation of the permission publishers.

Description

A kind of transmission permission method and device
Technical field
The present invention relates to digital copyright management (DRM) field, relate in particular to a kind of transmission permission method, device.
Background technology
(Digital Rights Management DRM) mainly by the use of control of authority and content protecting scheme control figure content, protects content owner's legitimate rights and interests in digital copyright management.(Content Issuer, CI) (Content Encryption Key CEK) is packaged as content data packets after digital content is encrypted to digital content publisher with contents encryption key.The permission publisher (Rights Issuer, and RI) responsible distribution and the corresponding permission of digital content (Rights Object, RO), comprising the authority and the restriction of CEK that encrypts and correspondence.Equipment (DRM Agent) has only and has content data packets and permission simultaneously, could be according to authority in the permission and the digital content of curbing consumption and being bought.The private key deciphering of equipment utilization oneself obtains CEK, and then decrypts digital content, and according to the concrete use of the control of the authority information in licence user to digital content.
At present, the content of different DRM systems and the encapsulation format of permission are different, and DRM equipment can't directly be consumed the content and the permission of other DRM system.In OMA SCE (Open Mobile AllianceSecure Content Exchange) 1.0 standards; for the equipment that makes can be consumed content and permission by non-OMA DRM system protection; introduced local permit manager (Local Rights Manager; LRM), be used for the content and the permission of non-OMA DRM system protection are imported to OMA DRM system.
For meet OMA SCE1.0 standard and can directly carry out mutual equipment with LRM, the content of the non-OMA DRM of the usefulness system protection that LRM can directly permit the publisher to issue the upstream and permission import this equipment of giving, and do not need to be positioned at the help of the RI of network side; For DRM2.0 that does not meet OMA SCE1.0 standard or DRM2.1 equipment (DRM2.x equipment is called for short in the back), though perhaps meet OMASCE 1.0 standards but because distance etc. are former thereby can't be directly carry out mutual equipment with LRM, LRM the upstream can be permitted permission that the publisher issues by RI indirectly importing to this equipment.
The inventor finds that in realizing process of the present invention along with the development of DRM, competition between operator or the sales of the contents person and cooperation will occur.This just requires in the process of transmission permission such as importing, transfer, RI, LRM, DRM equipment etc. can, for example, for affiliate's permission, can provide the service of propagation, for rival's permission, can refuse to provide the service of propagation, but prior art can't realize.
Summary of the invention
The embodiment of the invention provides a kind of transmission permission method and device, in order to selectable transmission permission.
The technical scheme that the embodiment of the invention provides comprises:
A kind of transmission permission method comprises: determine the trusting relationship between the permission publisher; Receive the transmission permission request, comprised permission and permission publisher's sign in the described transmission permission request; Judge that according to the trusting relationship between the described permission publisher publisher of described permission is trusted, accept described transmission permission request.
A kind of transmission permission method comprises: determine the trusting relationship between the permission publisher; Obtain permission and permission publisher's sign; According to the described permission publisher who permits publisher's trust that the trusting relationship between the publisher is selected at least one described permission, send the transmission permission request to the described permission publisher who is trusted, comprise described permission in the described transmission permission request.
A kind of transmission permission device comprises: determine the trusting relationship module, be used for the trusting relationship between definite permission publisher; Receive request module, be used to receive the transmission permission request that has comprised permission and permission publisher sign; Judge and accept module, be used for judging that according to the trusting relationship between the described permission publisher publisher of described permission is trusted, accept the transmission permission request.
A kind of transmission permission device comprises: determine the trusting relationship module, be used for the trusting relationship between definite permission publisher; Acquisition module, the sign that is used to obtain permission and permits the publisher; Select sending module, be used for selecting the permission publisher of publisher's trust of at least one described permission according to the trusting relationship between the described permission publisher, send the transmission permission request to the described permission publisher who is trusted, comprise described permission in the described transmission permission request.
Such scheme has been realized providing transmission permission to serve for the permission publisher who is trusted owing to the trusting relationship of having determined between the permission publisher.Both improve user experience, also satisfied the demand of competition and cooperation between the permission publisher.
Description of drawings
Fig. 1 is the schematic flow sheet of a kind of transmission permission method of the embodiment of the invention;
Fig. 2 is the schematic flow sheet of the another kind of transmission permission method of the embodiment of the invention;
Fig. 3 is the schematic flow sheet of a kind of register method of the embodiment of the invention;
Fig. 4 is the schematic flow sheet through RI importing Licensing Methods of the embodiment of the invention;
Fig. 5 is the schematic flow sheet of the direct importing Licensing Methods of the embodiment of the invention;
Fig. 6 is the schematic flow sheet through RI license transfer method of the embodiment of the invention;
Fig. 7 is the schematic flow sheet of the direct license transfer method of the embodiment of the invention;
Fig. 8 is the structural representation of a kind of transmission permission device of the embodiment of the invention;
Fig. 9 is the structural representation of the another kind of transmission permission device of the embodiment of the invention.
Embodiment
In order to make those skilled in the art person understand the present invention better, the present invention is described in further detail below in conjunction with accompanying drawing.
A kind of transmission permission method of the embodiment of the invention comprises step as shown in Figure 1:
S11 determines the trusting relationship between the permission publisher;
S12 receives the transmission permission request, has comprised permission and permission publisher's sign in the described transmission permission request;
S13 judges that according to the trusting relationship between the described permission publisher publisher of described permission is trusted, and accepts described transmission permission request.
In the embodiment of the invention, said method can be carried out by the permission publisher; At this moment, the trusting relationship between the permission publisher is: the trusting relationship between permission publisher and other permission publishers; The permission publisher receives and imports permission request message or license transfer request message; The permission publisher judges that according to the trusting relationship between the described permission publisher publisher of permission is trusted, and permission is distributed at least one DRM equipment.
Method shown in Figure 1 also can be carried out by DRM equipment; At this moment, the trusting relationship between the above-mentioned permission publisher is specially: the trusting relationship between the permission publisher who is associated with DRM equipment and other permission publishers, DRM equipment are received and are imported permission request message or license transfer request message; DRM equipment judges that the publisher of permission is trusted, and then accepts permission.
The another kind of transmission permission method of the embodiment of the invention comprises as shown in Figure 2:
S21 determines the trusting relationship between the permission publisher;
S22, the sign of obtaining permission and permitting the publisher;
S23 according to the described permission publisher who permits publisher's trust that the trusting relationship between the publisher is selected at least one described permission, sends the transmission permission request to the described permission publisher who is trusted, and comprises described permission in the described transmission permission request.
Said method can be carried out by DRM equipment or local permit manager LRM; At this moment, trusting relationship is specially: the trusting relationship between the permission publisher who is associated with described DRM equipment or LRM and other permission publishers.DRM equipment sends the license transfer request message to the described permission publisher who selects, or LRM sends the importing permission request message to the described permission publisher who selects.
In the embodiment of the invention, the permission publisher can be the OMA system, also can right and wrong OMA system, the following examples are example with the permission publisher RI of OMA system.DRM equipment is that example illustrates with the DRM Agent of OMA also.Relation needs to break the wall of mistrust between the permission publisher, after the relation of breaking the wall of mistrust between the RI, can or obtain the RI identification list that modes such as configuration file obtain to trust by interface configurations, and can configuration file or mode such as database preserve these trusting relationships, promptly preserve the permission publisher identification list that this RI trusts.Afterwards, the permission publisher's that RI can trust this RI when registrations such as DRM Agent or LRM information returns to LRM, DRM Agent, makes LRM, DRM Agent etc. also obtain the permission publisher sign of trusting.
The schematic flow sheet that is the LRM of the embodiment of the invention to the RI registration shown in Figure 3, when LRM was registered to RI, LRM shows in register requirement needed RI to provide Move service for its RO that creates out, and needed RI to provide the service of RO to DRM Agent that import for it; RI shows that in registration response it can be for LRM provides Import and Move service, and shows the permission publisher's that its is trusted information, for example, can be the permission publisher's that trusts identification list.LRM is saved in this locality with these information, for example is saved in the RI context environmental (RI Context), so that directly importing to DRM Agent (Direct Import), or passes through when RI imports to DRM Agent (Import via RI) and uses.Be described in detail as follows:
S31, LRM sends LRM-RIHelloRequest to RI, and LRM shows certificate and the sign of oneself to RI.
S32, RI returns LRM-RIHelloResponse to LRM, and RI shows certificate and the sign of oneself to LRM.
S33, LRM sends login request message LRM-RIRegistrationRequest to RI, and a structural representation of message is as follows:
Element/property Describe
??sessionID This session identification
??reqID The sign of LRM
??resID The sign of RI
??nonce The random number that anti-replay is used
??time Send the time of this message
??certificateChain The certificate chain of LRM
??reqInfo The particular content of register requirement
??signature LRM is to the signature of this message
Wherein the reqInfo element has carried the particular content of register requirement, and its XML type is LRMRIRegistrationRequest, and its XML Schema is described as:
<complexType?name=″LRMRIRegistrationRequest″>
<complexContent>
<extension?base=″gen:RegReqInfo″>
<sequence>
<element?name=″supportedUpstreamDRMs″type=″SetOfDRMSystem″/>
<element?name=″needImportService″minOccurs=″0″>
<complexType>
<sequence>
<element?name=″upstreamRI″type=″roap:Identifier″
maxOccurs=″unbounded″/>
</sequence
</complexType>
</element>
<element?name=″needMoveService″minOccurs=″0″>
<complexType>
<sequence>
<element?name=″upstreamRI″type=″roap:Identifier″
maxOccurs=″unbounded″/>
</sequence>
</complexType>
</element>
</sequence>
</extension>
</complexContent>
</complexType>
Wherein:
SupportedUpstreamDRMs represents the DRM system that LRM trusts.
Whether needImportService need represents RI that Import is provided service;
UpstreamRI represent LRM will by permitting of importing of RI upstream permission publisher which is arranged;
Whether needMoveService need represents RI to provide Move service for the RO of its derivation;
UpstreamRI represents LRM will need RI to provide the upstream permission publisher of the RO of transfer service which is arranged.
S34, RI returns registration reply message LRM-RIRegistrationResponse to LRM, and message structure is as follows:
Element/property Describe
??Status Responsive state
??sessionID The sign of this session
??errorMessage Error message
??errorRedirectURL Be used to handle wrong URL
??reqID The sign of LRM
??resID The sign of RI
??certificateChain The certificate chain of RI
??ocspResponse The OCSP responsor is to the result of RI certificate
??rspInfo The particular content of registration response
??signature RI is to the signature of this message
Wherein the rspInfo element has carried registration response particular content, and its XML type is LRMRIRegistrationRspInfo, and its XML Schema describes and comprises:
<complexType?name=″LRMRIRegistrationRspInfo″>
<complexContent>
<extension?base=″gen:ResReqInfo″>
<sequence>
<element?name=″selectedUpstreamDRMs″type=″SetOfDRMSystem″
minOccurs=″0″/>
<element?name=″provideImportService″minOccurs=″0″>
<complexType>
<sequence>
<element?name=″supportedUpstreamRI″type=″roap:Identifier″
maxOccurs=″unbounded″/>
</sequence>
</complexType>
</element>
<element?name=″provideMoveService″minOccurs=″0″>
<complexType>
<sequence>
<element?name=″supportedUpstreamRI″
type=″roap:Identifier″maxOccurs=″unbounded″/>
</sequence>
</complexType>
</element>
</sequence>
</extension>
</complexContent>
</complexType>
Wherein:
ProvideImportService represents that RI is willing to mean LRM Import is provided service; Provide Import service if RI is reluctant to mean LRM, then the provideImportService element does not occur.
SupportedUpstreamRI represents the permission publisher that RI trusts, and LRM does not import the permission outside these permission publishers by this RI;
ProvideMoveService represents that RI is willing to mean the RO that derives from this LRM Move is provided service;
SupportedUpstreamRI represents that the permission publisher that RI trusts has which or which.
For example, LRM is in the register requirement that RI sends, and LRM need to represent RI for its RO that creates out provides Move service, needs RI to import the service of RO to DRM Agent for it provides, so in the login request message<reqInfo〉element is:
<reqInfo>
<supportedUpstreamDRMs>
<supportedUpstreamDRM>DRM_a</supportedUpstreamDRM>
<supportedUpstreamDRM>DRM_b</supportedUpstreamDRM>
</supportedUpstreamDRMs>
<needImportService>
<upstreamRI>RI_u1</upstreamRI>
<upstreamRI>RI_u2</upstreamRI>
</needImportService>
<needMoveService>
<upstreamRI>RI_u1</upstreamRI>
<upstreamRI>RI_u2</upstreamRI>
</needMoveService>
</reqInfo>
In the registration response, RI tells LRM that it provides Import and Move service for LRM, and the permission publisher who trusts is RI_u1, RI_u2.In the registration reply message<rspInfo〉element is:
<rspInfo>
<selectedUpstreamDRMs>
<supportedUpstreamDRM>DRM_a</supportedUpstreamDRM>
<supportedUpstreamDRM>DRM_b</supportedUpstreamDRM>
</selectedUpstreamDRMs>
<provideImportService>
<supportedUpstreamRI>RI_u1</supportedUpstreamRI>
<supportedUpstreamRI>RI_u2</supportedUpstreamRI>
</provideImportService>
<provideMoveService>
<supportedUpstreamRI>RI_u1</supportedUpstreamRI>
<supportedUpstreamRI>RI_u2</supportedUpstreamRI>
</provideMoveService>
</rspInfo>
If this RI is unqualified to upstream permission publisher, can be at<provideImportService〉increase such element down:
<supportedUpstreamRI>anyIssuer</supportedUpstreamRI>
More than<rspInfo〉show that RI can provide Import service and Move service, wherein the permission publisher of Xin Rening is RI_u1 and RI_u2.
When DRM Agent when RI registers, can adopt same flow process, obtain the permission publisher's that RI trusts information.
Below several embodiment combine Fig. 1 and Fig. 2 shown in embodiment, " upstream publisher " wherein be the relativeness between the expression permission publisher just.
A kind of method flow schematic diagram that importing is permitted through RI of the embodiment of the invention in the present embodiment, is permitted publisher RIa and the RIb relation of breaking the wall of mistrust as shown in Figure 4, and LRM imports to DRM Agent to the permission process RIb that obtains from RIa.Concrete steps comprise:
S41, LRM is registered to RIb, and LRM shows in register requirement needs RIb to provide Move service for its RO that creates out, and needs RIb to provide the service of RO to DRMAgent that import for it; RIb shows that in the registration response it provides Import and Move service for LRM, and shows that the permission publisher that it is trusted comprises RIa.LRM is saved in this locality with these information.
S42, LRM secures permission from upstream permission publisher RIa.The sign of RIa can be carried at RIa and send in the message of permission to LRM, also can be carried in the message in early stage, as registration message etc.
S43, LRM travel through all RI Context (having a plurality of RI Context in the LRM), according to the information of preserving the permission publisher who trusts about RI wherein, select a RI that can trust this upstream permission publisher (RIa).If LRM can't find the RI that meets the demands, then to user's display reminding information, and process ends; If LRM finds have a plurality of RI to meet the demands, then preferably, LRM can provide the chance of a selection to the user, perhaps allows the user configure the preference of oneself in advance, and LRM can directly determine the RI that meets the demands like this.In the present embodiment, LRM selects RIb, because RIb and the RIa relation of breaking the wall of mistrust.
S44, LRM sends LRM-RICreateRORequest message to the RIb that selects, and request will be permitted to import and be given DRM Agent.LRM-RICreateRORequest message is carried upstream permission publisher's sign, preferably, the upstream can be permitted publisher's sign be carried at LRM-RICreateRORequest message<rights in the element.
S45, RIb is according to the upstream of carrying in LRM-RICreateRORequest message permission publisher's sign, judges self whether breaking the wall of mistrust relation with it: if the relation of breaking the wall of mistrust is promptly trusted this upstream and permitted the publisher, then, do not serve otherwise do not provide to import for LRM provides the service of importing.If RIb judgement self and the RIa relation of not breaking the wall of mistrust, then RIb can construct a LRM-RICreateROResponse message that comprises the mistake indication information and return to LRM, described wrong indication information can be: UpstreamRINotSupported (upstream permission publisher is not trusted), like this LRM in view of the above error message point out to the user.In the present embodiment, because of RIb with the RIa relation of breaking the wall of mistrust, therefore will carry out follow-up step S46.
S46, RIb returns the LRM-RICreateROResponse response message to LRM, shows the success of LRM-RICreateRORequest Message Processing, and RIb can successfully issue RO and give DRM Agent.
S47, RIb is distributed to DRM Agent with RO.
Can also comprise the permission of original upstream in the above-mentioned LRM-RICreateRORequest message, and permission publisher in upstream is to the signature of upstream permission, RI receives after this request message like this, can verify the true and false and the source of permission.For example, the LRM-RICreateRORequest message structure is as follows:
Element/property Describe
??reqID Message request person is the sign of LRM
??resID The message response person is the sign of RI
??nonce The random number that anti-replay is used
??time Send the time of this message
??certificateChain The certificate chain of LRM
??reqInfo Import the particular content of license request
??signature The signature of LRM
Wherein the reqInfo element has carried the particular content that imports license request, and its XML type is LRMRICreateRORequest, and its XML Schema is described as:
<complexType?name=″LRMRICreateROReqInfo″>
<complexContent>
<extension?base=″gen:RequestInformation″>
<sequence>
<element?name=″recipientDeviceId″type=″gen:Identifier″/>
<element?name=″upstreamIssuerId″type=″gen:Identifier″/>
<element?name=″upstreamLicense″type=″base64Binary″/>
</sequence>
</extension>
</complexContent>
</complexType>
Wherein, recipientDeviceId is used to transmit the sign of target DRM Agent, upstreamIssuerId is used to transmit upstream permission publisher's sign, and upstreamLicense is used to transmit the original permission in upstream, wherein comprises upstream permission publisher's signature.
After RI receives LRM-RI CreateRORequest message, outside the field the reqInfo being carried out necessary checking by disclosed method in the OMA SCE standard and handles, also to verify and from upstreamLicense, parse permissions with OMA DRM equivalence to upstreamLicense, after RI successfully resolves upstreamLicense, RI can comprise the RO of the authority that parses in structure LRM-RICreateROResponse message and when LRM sends to the target DRM Agent issue that recipientDeviceId identified.For example, the LRM-RICreateROResponse message structure is as follows:
Element/property Describe
??status Responsive state
??errorMessage Error message
??errorRedirectURL Be used to handle wrong URL
??reqID The sign of LRM
??resID The sign of RI
??nonce The random number that anti-replay is used
??certificateChain The certificate chain of RI
??ocspResponse The OCSP responsor is to the result of RI certificate
??rspInfo The particular content of response
??signature RI is to the signature of this message
Wherein the rspInfo element has carried registration response particular content, and its XML type is LRMRICreateRORspInfo, and its XML Schema describes and comprises:
<complexType?name=″CreateRORspInfo″>
<compIexContent>
<extension?base=″gen:ResponseInformation″>
<sequence>
<choice>
<element?name=″success″/>
<element?name=″failureReason″type=″string″/>
</choice>
</sequence>
</extension>
</complexContent>
</complexType>
Wherein: success is used to represent that upstreamLicense can correctly be handled, and authentication failed or parsing failure can show reason at failureReason.For example, RI can carry out following processing to the reqInfo among the LRM-RICreateRORequest:
1, permits the mode that the publisher adopted according to the upstream of upstreamIssuerId correspondence, upstreamLicense is verified, if checking is not passed through, promptly permitted not is that upstreamIssuerId issues, then the rspInfo element comprises<failureReason in the LRM-RICreateROResponse message of returning to LRM〉element, carrying failure cause is that RI judges that this is permitted not is the upstream permission publisher who identifies from upstreamIssuerId; If checking is passed through to upstreamLicense, then execution in step 2;
2, permit publisher's the mode of being adopted according to the upstream of upstreamIssuerId correspondence, from upstreamLicense, parse permissions with OMA DRM equivalence, if resolve failure, then the rspInfo element comprises<failureReason in the LRM-RICreateROResponse message of returning to LRM〉element, carrying failure cause is that failure is resolved in the original permission in upstream; If resolve successfully, then execution in step 3;
3, structure LRM-RICreateROResponse message, wherein the value of status field is successfully handled the value of LRM-RICreateRORequest message for expression RI, comprise in the rspInfo element<success element, show that the original permission in upstream is correctly resolved, can send to target device.
In addition, consider that RI may change to upstream permission publisher's trusting relationship, causing some originally can become by the RO that certain RI relays can not propagate by this RI.For this reason, preferably, in the above-described embodiments, be LRM-RICreateROResponse message or error code: upstreamIssuerNotSupported of MoveLRMRightsResponse message increase.After LRM or source device are received this error code like this, can send request from other RI of trend.Perhaps, when this trusting relationship takes place after changing, RI can initiatively trigger LRM and register again.
For example, DRM Agent holds this RO after a period of time in the foregoing description, the trusting relationship of RIa and RIb may be interrupted, therefore this moment, DRM Agent shifted this RO to the RIb request, RIb may return error code a: upstreamRightsIssuerNotSupported in response, DRMAgent can respond to the terminal use in view of the above and point out like this.
The method flow schematic diagram of a kind of direct importing permission of the embodiment of the invention as shown in Figure 5, in the present embodiment, permission publisher RIa and the RIb relation of breaking the wall of mistrust, DRM Agent is the associated equipment of RIb, LRM directly imports to DRM Agent to the permission that obtains from RIa, and DRM Agent also verifies the upstream publisher who whether trusts permission when receiving an importing license request.Concrete steps comprise:
S51, LRM is registered to RIb, knows that the RI that RIb trusts comprises RIa.
S52, DRM Agent is registered to RIb, knows that the RI that RIb trusts comprises RIa.
S53, LRM secures permission from upstream permission publisher RIa.
S54, possesses the ability that directly imports RO to DRMAgent because of LRM, LRM sends and imports permission request message to DRM Agent, request directly imports RO and gives DRM Agent, and described upstream permission publisher's sign passed to DRM Agent, the sign of RIa can be carried among the RO, perhaps is carried to import in the permission request message.
S55, the RI context environmental that DRM Agent preserved according to when registration judges whether import the upstream publisher RIa that comprises among permission request message or the RO is trusted, if, then accept the importing of RO, also can return errored response if not the importing of then not accepting RO.In the present embodiment, DRM Agent judges RI and is trusted, and accepts the importing of RO.
S56, DRM Agent returns the importing permission response to LRM, shows direct the importing successfully.
The a kind of of the embodiment of the invention in the present embodiment, permits publisher RIa and the RIb relation of breaking the wall of mistrust through RI license transfer method schematic flow sheet as shown in Figure 6, and DRM Agent1 is related with RIa, and DRM Agent2 is related with Rib; DRM Agent1 transfers to DRM Agent2 to the permission that obtains from RIa through RIb.Concrete steps comprise:
S61, DRM Agent1 is registered to RIa, and same, DRM Agent1 knows that in registration process the RI that is trusted comprises RIb.
S62, DRM Agent1 receives the permission of RIa issue.
S63, the RI context environmental that DRM Agent1 preserved according to when registration is selected the RI that can trust the permission publisher RIa of this permission, i.e. a RIb.
S64, DRM Agent1 sends the license transfer request message to the RIb that selects, and request is transferred to DRM Agent2 with permission.Request message carries upstream permission publisher's sign.
S65, RIb is according to the upstream of carrying in license transfer request message permission publisher's sign, judges self whether breaking the wall of mistrust relation with it: if the relation of breaking the wall of mistrust is promptly trusted this upstream and permitted the publisher, then for DRM Agent1 provides transfer service, otherwise do not provide transfer service.If RIb judgement self and the RIa relation of not breaking the wall of mistrust, then RIb can construct a response message that comprises the mistake indication information and return to DRM Agent1, described wrong indication information can be: UpstreamRINotSupported (upstream permission publisher is not trusted), like this DRM Agent1 in view of the above error message point out to the user.In the present embodiment, because of RIb with the RIa relation of breaking the wall of mistrust, therefore will carry out follow-up step S66.
S66, RIb returns the license transfer response message to DRM Agent1, shows that the license transfer request message handles successfully, and RIb can successfully issue RO and give DRM Agent2.
S67, RIb will issue RO and give DRM Agent2.
A kind of direct license transfer method schematic flow sheet of the embodiment of the invention as shown in Figure 7, in the present embodiment, permission publisher RIa and the RIb relation of breaking the wall of mistrust, DRM Agent1 directly transfers to DRM Agent2 to the permission that obtains from RIa, and DRM Agent 2 also verifies the upstream publisher who whether trusts permission when receiving a license transfer request.Concrete steps comprise:
S71, DRM Agent1 is registered to RIa, knows that the RI that RIa trusts comprises RIb.
S72, DRM Agent2 is registered to RIb, knows that the RI that RIb trusts comprises RIa.
S73, DRM Agent1 receives the permission of RIa issue.
S74, DRM Agent1 wish directly to shift to DRM Agent2 the permission RO of described RIa issue, and DRM Agent1 sends the license transfer request to DRM Agent2, and request directly is transferred to DRMAgent2 with RO.The sign of the publisher RIa of RO is carried among the RO, perhaps is carried in the license transfer request message.
S75, the RI context environmental that DRM Agent2 preserved according to when registration judges whether the upstream publisher RIa that comprises among license transfer request message or the RO is trusted, if, then accept the transfer of RO, also can return errored response if not the transfer of then not accepting RO.In the present embodiment, DRMAgent2 judges RI and is trusted, and accepts the transfer of RO.
S76, DRM Agent2 returns the license transfer response to DRM Agent1, shows direct the transfer successfully.
For passing through SRM (Secure Removable Media, secure removable media) license transfer, DRMAgent also can carry out the judgement to upstream permission publisher equally.
A kind of transmission permission device of the embodiment of the invention comprises as shown in Figure 8
Determine trusting relationship module 801, be used for the trusting relationship between definite permission publisher;
Receive request module 802, be used to receive the transmission permission request that has comprised permission and permission publisher sign;
Judge and accept module 803, be used for judging that according to the trusting relationship between the permission publisher publisher of described permission is trusted, accept the transmission permission request.
Transmission permission device shown in Figure 8 can be a RI or a DRM equipment.
The another kind of transmission permission device of the embodiment of the invention comprises as shown in Figure 9
Determine trusting relationship module 901, be used for the trusting relationship between definite permission publisher;
Acquisition module 902, the sign that is used to obtain permission and permits the publisher;
Select sending module 903, be used for selecting the permission publisher of publisher's trust of at least one described permission according to the trusting relationship between the permission publisher, send the transmission permission request to the described permission publisher who is trusted, comprise described permission in the described transmission permission request.
Transmission permission device shown in Figure 8 can be DRM equipment or local permit manager LRM.
The foregoing description has been realized providing transmission permission to serve for the permission publisher who is trusted owing to the trusting relationship of having determined between the permission publisher.Both improve user experience, also satisfied the demand of competition and cooperation between the permission publisher.
One of ordinary skill in the art will appreciate that all or part of step that realizes in the foregoing description method is to instruct relevant hardware to finish by program, described program can be stored in the computer read/write memory medium, this program is when carrying out, comprise the said method step, described storage medium comprises: ROM/RAM, disk, CD etc.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.

Claims (12)

1, a kind of transmission permission method is characterized in that, comprising:
Determine the trusting relationship between the permission publisher;
Receive the transmission permission request, comprised permission and permission publisher's sign in the described transmission permission request;
Judge that according to the trusting relationship between the described permission publisher publisher of described permission is trusted, accept described transmission permission request.
2, the method for claim 1 is characterized in that, described method is carried out by the permission publisher; Trusting relationship between the described permission publisher is specially: the trusting relationship between described permission publisher and other permission publishers.
3, method as claimed in claim 2 is characterized in that, the request of described reception transmission permission is specially: the permission publisher receives and imports permission request message or license transfer request message;
Describedly accept the transmission permission request and be specially: described permission is distributed at least one DRM equipment.
4, the method for claim 1 is characterized in that, described method is carried out by DRM equipment; Trusting relationship between the described permission publisher is specially: the trusting relationship between the permission publisher who is associated with described DRM equipment and other permission publishers.
5, method as claimed in claim 4 is characterized in that, the request of described reception transmission permission is specially: described DRM equipment is received and is imported permission request message or license transfer request message;
The described transmission permission request of described acceptance is specially: DRM equipment is accepted described permission.
6, method as claimed in claim 4 is characterized in that, the trusting relationship between the described permission publisher who is associated with DRM equipment and other permission publishers passes to described DRM equipment by registration process.
7, a kind of transmission permission method is characterized in that, comprising:
Determine the trusting relationship between the permission publisher;
Obtain permission and permission publisher's sign;
According to the described permission publisher who permits publisher's trust that the trusting relationship between the publisher is selected at least one described permission, send the transmission permission request to the described permission publisher who is trusted, comprise described permission in the described transmission permission request.
8, method as claimed in claim 7 is characterized in that, described method is carried out by DRM equipment or local permit manager LRM; Trusting relationship between the described permission publisher is specially: the trusting relationship between the permission publisher who is associated with described DRM equipment or LRM and other permission publishers.
9, method as claimed in claim 8, it is characterized in that, describedly send the transmission permission request to the permission publisher who is trusted and be specially: DRM equipment sends the license transfer request message to the described permission publisher who selects, or LRM sends the importing permission request message to the described permission publisher who selects.
10, method as claimed in claim 8 is characterized in that, the trusting relationship between the described permission publisher who is associated with DRM equipment or LRM and other permission publishers passes to described DRM equipment or LRM by registration process.
11, a kind of transmission permission device is characterized in that, comprising:
Determine the trusting relationship module, be used for the trusting relationship between definite permission publisher;
Receive request module, be used to receive the transmission permission request that has comprised permission and permission publisher sign;
Judge and accept module, be used for judging that according to the trusting relationship between the described permission publisher publisher of described permission is trusted, accept the transmission permission request.
12, a kind of transmission permission device is characterized in that, comprising:
Determine the trusting relationship module, be used for the trusting relationship between definite permission publisher;
Acquisition module, the sign that is used to obtain permission and permits the publisher;
Select sending module, be used for selecting the permission publisher of publisher's trust of at least one described permission according to the trusting relationship between the described permission publisher, send the transmission permission request to the described permission publisher who is trusted, comprise described permission in the described transmission permission request.
CN200810216599A 2008-09-28 2008-09-28 Transmission permission method and device Pending CN101686122A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200810216599A CN101686122A (en) 2008-09-28 2008-09-28 Transmission permission method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200810216599A CN101686122A (en) 2008-09-28 2008-09-28 Transmission permission method and device

Publications (1)

Publication Number Publication Date
CN101686122A true CN101686122A (en) 2010-03-31

Family

ID=42049111

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200810216599A Pending CN101686122A (en) 2008-09-28 2008-09-28 Transmission permission method and device

Country Status (1)

Country Link
CN (1) CN101686122A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113179416A (en) * 2021-04-26 2021-07-27 腾讯科技(深圳)有限公司 Live content rebroadcasting method and related equipment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113179416A (en) * 2021-04-26 2021-07-27 腾讯科技(深圳)有限公司 Live content rebroadcasting method and related equipment
CN113179416B (en) * 2021-04-26 2022-09-23 腾讯科技(深圳)有限公司 Live content rebroadcasting method and related equipment

Similar Documents

Publication Publication Date Title
EP1301863B1 (en) Systems and methods for integrity certification and verification of content consumption environments
EP1530885B1 (en) Robust and flexible digital rights management involving a tamper-resistant identity module
CN100432953C (en) System and method for secure and convenient management of digital electronic content
KR101366277B1 (en) Method and terminal for verifying membership in order to move rights object in domain
CN101379487B (en) Method and apparatus for generating rights object by means of delegation of authority
CN101373504B (en) Management method and system for downloading digital content
CN111079136B (en) Fog computing intrusion detection feature sharing system based on block chain technology
US9961549B2 (en) Right object acquisition method and system
US20120311326A1 (en) Apparatus and method for providing personal information sharing service using signed callback url message
US7995766B2 (en) Group subordinate terminal, group managing terminal, server, key updating system, and key updating method therefor
AU2001285298A1 (en) Systems and methods for integrity certification and verification of content consumption environments
US20070124313A1 (en) Method and apparatus for secure digital content distribution
CN101606161A (en) Be used for definite supper-distribution and record the method for the price of product
CN113704210A (en) Data sharing method and electronic equipment
CN101286994A (en) Digital literary property management method, server and system for content sharing within multiple devices
US20130030912A1 (en) Method for updating advertisement content using drm
CN103678993A (en) Method and device controlling terminal
US20050097052A1 (en) Distribution of media objects
CN113486122A (en) Data sharing method and electronic equipment
Omar et al. Decentralized identifiers and verifiable credentials for smartphone anticounterfeiting and decentralized IMEI database
KR20050003693A (en) DRM System and contents distribution management method by it
KR100802110B1 (en) Apparatus and method for distribute digital contents
CN101686122A (en) Transmission permission method and device
CN101365247A (en) Digital copyright file transmitting method, terminal, digital copyright management server and system
KR100814064B1 (en) Method and System for packaging DRM contents

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20100331