Summary of the invention
Technical problem to above-mentioned existence; The purpose of this invention is to provide a kind of digital content that is used for digital network and share method and system; This method is based on role's access control model (RBAC) and digital certificate chained list, can the Control Network member and the right to access of equipment.
For achieving the above object, the present invention adopts following technical scheme:
A kind of digital content shared system that is used for digital network:
Comprise computer, smart phone, camera, DTV, personal digital assistant; Said computer, smart phone, camera, DTV, personal digital assistant all have the certificate that certificate issuance office (CA) is issued separately; And all have a pair of PKI and private key separately; PKI is open with certificate form, and private key is placed in the anti-tamper internal memory of equipment; Couple together through digital network between said computer, smart phone, camera, DTV, the personal digital assistant;
Also comprise content distribution client (CI); Said content distribution client provides digital content issue and downloading service, by the content distribution client digital content packaging ciphering (content through encrypting is called digital rights management content) of user's request is provided and is given the legal users territory and make it generate corresponding license passport with copyright distribution client (RI) communication;
Also comprise copyright distribution client (RI): said copyright distribution client is responsible for the generation and the granting of the license passport corresponding with digital content; The information that said copyright distribution client is sent according to the content distribution client earlier generates the corresponding license passport of digital content, provides and gives this digital content legal users territory;
Also comprise local domain management control end (LDM); Said local domain management control end has digital network member's and equipment in all territories tabulation; Be in charge of each member and equipment in the digital network, each member and equipment in the network are registered, confirm member's identity and authority; Management adds the equipment in territory; The user of identification use equipment to content distribution client and copyright distribution client application digital copyright management (DRM) content and corresponding license passport, and is member and equipment distribution of digital rights organize content and usage license certificate;
Digital network between said local domain management control end and said computer, smart phone, camera, DTV, the personal digital assistant is interconnected; Said content distribution client is connected through network with said local domain management control end, and said copyright distribution client is connected through network with said local domain management control end.
Said digital network connects with wired or wireless mode, and the digital authenticating that said computer, smart phone, camera, DTV, personal digital assistant all will be passed through said local domain management control end respectively just can become the equipment in the territory.
Said system adopts the certificate chained list, and said certificate chained list is used for license passport, and with the information of record digital network member and equipment, said certificate chained list is managed by said local domain management control end.
Said system comes member and equipment in the administering digital network through the access control method based on the role.
A kind of digital content that is used for digital network is shared method, may further comprise the steps:
When a digital network member applied for obtaining digital content and license passport, local domain management control end (LDM) was asked and receiving digital contents and corresponding license passport from content distribution client (CI) and copyright distribution client (RI);
The digital network member sends a message to the local domain management control end; The digital content that comprises ID, device id and request; Whether ID and device id on the main inquiry local domain management control end of territory be legal; Inquiring user, role and authority relation table confirm according to this relation table whether this digital network member possesses the access rights to this digital content;
Have corresponding authority if inquire this digital network member, just issue the equipment that this digital network member is using to encrypted digital content, encrypted digital content can be stored in any apparatus in digital network and can between equipment, be transmitted;
If license passport operating position table is arranged on the local domain management control end; Then write down the corresponding license passport information of digital copyright management (DRM) digital content; Main the tabling look-up through the territory; If license passport is on the local domain management control end, then the territory master keeps a record on chained list, then with behind license passport and the subsidiary public key encryption of chained list with requesting service; Issue the equipment that the digital network member is using, and record license passport sequence number, recipient's ID, device id in the license passport operating position table of local domain management control end;
Main the tabling look-up through the territory if license passport sends out message on other equipment, then for this equipment, notifies this equipment to issue the requestor to license passport;
Just the digital network member at usage license certificate keeps a record on chained list; Then with behind license passport and the subsidiary public key encryption of chained list with requesting service; Issue the equipment that the requestor is using; And send out message to recipient's ID, device id and give the local domain management control end, upgrade license passport operating position table on the local domain management control end;
After the digital network member obtains license passport; With the private key of oneself license passport of receiving is deciphered with subsidiary chained list earlier; Thereby obtain content decryption key; Use the decrypted digital content key that the digital copyright management digital content of encrypting is deciphered then, deciphering back digital network member can use or playing digital content.
The corresponding license passport information of said digital copyright management (DRM) digital content comprises license passport sequence number, the ID that is using, device id.
The digital network member is promptly destroyed the content of having deciphered the back of finishing using, and any equipment is forbidden storage and the content of duplicating after the deciphering all.
In digital network, prepare the equipment of reception license passport and must confirm as equipment in the territory mutually with the equipment that sends license passport; Transmit leg must use the PKI of receiving equipment to encrypt when sending license passport, and receiving equipment uses the private key of oneself just can obtain content decryption key after receiving license passport.
The present invention has the following advantages and good effect:
1) digital network of the present invention has adopted the territory notion; Make the license passport of digital content once to bind mutually with a group equipment; Between content distribution client, copyright distribution client and the home network device terminal for protecting communicating by letter that copyrighted digital content carries out greatly to simplify; Significantly reduce the quantity and the management resource that certificate consumed of issuing certificate, alleviated the workload of copyright distribution client;
2) the present invention binds through license passport and digital network, has realized sharing of the interior license passport of digital network, makes the user in the territory, freely to transmit, uses digital content, reaches real convenience and shared freely;
3) the present invention combines the certificate chained list and is used for this method with RBAC, and this technical scheme has realized that the tracking and the DRM authority of license passport shifts in the territory, does not change the content of license passport simultaneously;
4) RBAC of the present invention has realized through for each network members distributes suitable role, thereby distributes suitable DRM authority, can realize the function that some users such as secret protection, managing children need, and the authority difference is controlled more flexible.
Embodiment
Digital network is the main application form of Authorized Domain (AD), and it comprises wireless and mixed form wired connection, comprises some equipment, like PC, printer and smart phone, camera etc.
The method that in the territory, allows different rights has multiple at present, and a kind of direct method is exactly when buying right, to introduce differently, and the user can define different rights for different territory members at once, and content supplier is at this coding of license passport adding.Yet, quite fixing, dumb, the easy invasion of privacy of this method.
In addition, another kind of method is in the process that the DRM right is converted into DRM right in the territory, to introduce different rights.Here, a people who buys digital content (the territory member of domain administrator or first access permission certificate) allows on original rights, to increase restriction or right further, and this restriction or right are used for using and visiting of in territory inner control content.Yet, strong requirement is arranged for digital content provider, he is control content distribution and use fully.Usually, digital content provider is not believed and is not allowed original license passport is changed.
Also having a kind of possible method is certificate chained list scheme, and domain administrator increases chained list for the license passport that each is assigned to this territory, and the chain table record broadcast DRM content and got facility information.This scheme has realized the tracking of license passport in the territory, and do not change the content of right objects (RO) simultaneously, but weak point is: this scheme can't be each territory member and the only DRM authority of devices allocation.
In digital network, if a user has bought digital content, other digital network user also allows to visit this digital content.This can cause much destroying privacy and safety problem.Under certain scene; The owner in territory does not hope that from reasons such as privacy, father and mother's position, personal interests other users in territory use some digital content in the territory yet; Do not hope that such as father and mother child watches some adult's content; Perhaps only allow child to watch some content, consume the too much time in the above, influence child's study and rest to prevent him at official hour; Friend adds your territory with his equipment for another example, and you only are ready to share with him your music or film, but I hope he is not seen other digital content.Therefore, in order to solve these potential safety and privacy concerns, we propose the right to access that a kind of new method is controlled each digital network member.
Other concept terms belong to content well known in the art in this specification, do not repeat them here, introduce in the face of related related notion in the method provided by the invention down, fully to disclose the application's technology contents:
(1) based on role's access control model (RBAC)
Access control (Role-Based Access Control) based on the role becomes the mode that substitutes traditional access control (autonomous visit, pressure visit); In RBAC; Authority is associated with the role, and the user obtains these roles' authority through the member who becomes suitable role.RBAC has greatly simplified the management of authority.In a tissue, the role creates in order to accomplish various work, and the user then is assigned corresponding role according to its responsibility and qualification, and the user can be assigned to another role from a role at an easy rate.The demand of role Ke Yixin and the merging of system and give new authority, and authority also can reclaim from certain role as required.Role and role's relation can be set up to include objective circumstances widely.
The core concept of RBAC interrelates access rights and role exactly, through distribute suitable role to the user, user and access rights is interrelated.The role according in the constituent parts for accomplishing the setting of various task needs, the role who sets them according to user's responsibility and responsibility.About the RBAC model, more famous in the prior art is the R. Sandhu professor's of U.S. George Mason university RBAC96 model, down in the face of introducing based on role's safe access control model.
Safe access control illustraton of model based on the role as shown in Figure 1 has three kinds of entity setses, is called user, role and authority.Shown the set of session among Fig. 1, the user is the main body to the data Object Operations, in this model, is the people, and the role is in-house work functions or work title, about authorizing some roles with authority and responsibility.The role connects user and authority as middle bridge; Authority is to be intended to the one or more objects of visit in the system together, the term mandate, and right to access and privilege also are used to indicate authority.Authority normally has positive effect, and the holder of rights granted accomplishes some activity.Constraint is to be additional in the RBAC system on each element, is used for expressing the condition that permission is carried out; Session is a dynamic concept, and user activation role in time sets up session.
(2) role of digital network divides
According to the relation between user type in the digital network and each user, the classification actor model is as shown in Figure 3:
The classification role is the method for nature, is used to set up role structure, the authority and the responsibility of reflection tissue.By convention, more authority or senior role are presented at high level, and authoritative or not rudimentary role is presented at bottom.
In this model, the rank of model from low to high, being divided into is 4 grades, the 4th grade is lowermost level, interim member is in this rank.In most of the cases, this is the interim and shared digital content of digital network member of a user, has part to use the authority of DRM content, and authority is minimum.
The rank-and-file member is the third level, and this member is more senior than interim member, has therefore inherited all authorities of interim member.The rank-and-file member can have the authority except inheriting interim member; This role's authority comprises requirement and uses DRM content and license passport; But receive certain restriction; For example the child in the family can be used as this role's user, as can only in certain time period, playing some content (like 8:00-21:00).
The succession of authority is transferable, and in Fig. 2, the high-ranking member is in the second level.This role succession interim member and rank-and-file member's authority.The high-ranking member can have extra authority, and for example one-tenth human user in the family such as father and mother can distribute this role, have the overwhelming majority of all authorities.
The territory master has only a member in the first order, is the owner of digital network territory registration, also is the director in territory and the keeper of highest ranking. this role succession the high-ranking member, rank-and-file member and member's authority temporarily can realize all authorities.
(3) delineation of power of digital network
The role gives certain role as the intermediary between user and the access rights to the user, and again the authority type ascribed role, the user obtains corresponding accessing operation authority through the role.Authority is divided into polytype in digital network: as creating, nullify the territory, add, delete user or equipment, acquisition, usage license certificate, use DRM content etc.
According to role above-mentioned, the digital network member can play the part of these roles, thereby has different authorities, and for example, father or mother can play the part of the territory master, have all authorities, and child belong to general user role, and authority is smaller.In some perhaps equipment need be limited use by the head of a family, and can only use at official hour.Certain friend adds digital network temporarily, can only share certain item of digital content, and like music or film, other digital content is limited to use.Set up the relation table of user, role and authority, can search each role's user's user's the set of associated rights or certain authority fast.
As new user registration or when old user's leaving domain is arranged, when user's role changes, or when the new digital copyright management of applying for (DRM) content is arranged, dynamically determine authority that this role's user is all or the operation that the DRM content is carried out.
The digital content that is used for digital network that combines accompanying drawing that the present invention is proposed with specific embodiment is below shared method and is carried out detailed description:
Digital content is shared the access control model (RBAC) of method based on the role in the digital network that this method proposes, and has adopted the certificate chained list in the design, and this chained list is used for license passport, the information of record digital network member and equipment.
(1) home network DRM system frame structure
Fig. 3 is a digital network DRM system frame structure, and this structure is made up of following several kinds of functional entitys:
Content distribution client (CI): CI provides digital content to issue and downloading service, and by CI digital content packaging ciphering (content through encrypting the is called the DRM content) granting of user's request being communicated by letter to the legal users territory and with RI makes it generate corresponding license passport.
Copyright distribution client (RI): RI is responsible for the generation and the granting of the license passport corresponding with digital content: the information of sending according to CI earlier generates the corresponding license passport of digital content, provides and gives this digital content legal users territory.
Local domain management control end (LDM): be the nucleus equipment of digital network, have digital network member's and equipment in all territories tabulation, be in charge of each member of digital network and equipment; Like kinsfolk and the registration of equipment on LDM; Confirm kinsfolk's identity and authority, management adds the equipment in territory, can discern the user of use equipment; To CI and RI application DRM content and corresponding license passport, and be member and equipment distribution DRM content and usage license certificate.LDM can not be a special equipment and being served as by member devices such as PC, notebooks, but this equipment must possess enough memory spaces and disposal ability, can take safety measure preferably, and a digital network has and have only a LDM.
Equipment (like PC, printer, smart phone, camera, DTV, personal digital assistant PDA) is in native system; Equipment all is believable; Must have the certificate that certificate issuance office (CA) is issued; And have a pair of public affairs/private key, and PKI is open with certificate form, and private key is placed in the anti-tamper internal memory and has only this equipment to know.These equipment couple together through digital network, and digital network can wired or wireless mode connect, and all will pass through the equipment that the LDM authentication is crossed just can be become in the territory.Equipment can Local or Remote access modes visit DRM content.Equipment comes display field to describe through the digital network member who uses them.
The digital network member is the user of equipment, after must in the territory, registering earlier.They can share a plurality of equipment, and on equipment, play the DRM content.
(2) license passport is described
When a digital network member buys the DRM content, pay to content supplier, CI is transmitted to LDM with the DRM content.This digital content also should be able to be play on other member devices of digital network.In order to support this ability, RI transmits license passport for the digital content of buying, and this certificate directly sends to LDM.
The license passport form is followed ITUTX. 509 international standards, and the representation of license passport is as follows among the present invention:
Certificate information: the signature algorithm that the version number of license passport, certificate serial number, certificate use;
Owner's sign of certificate: possessory public-key cryptography
Resource information: digital content ID, the decrypted digital content key
Rights of using: the use restriction of resource, the valid expiration date of using
The digital signature of license server
Certificate information comprises the version number of certificate; The sequence number of certificate (each certificate all has a unique certificate serial number); The employed signature algorithm of certificate (like RSA Algorithm).The possessory information of certificate comprises owner's sign; The possessory public-key cryptography of certificate.Resource information comprises unique resource identification, the decruption key of resource (being used for the deciphering to digital content).Rights of using provide the use restriction of resource, and multiple form can be arranged, and like the access times restriction of resource, use the number of devices restriction of resource simultaneously, the term of validity that resource is used etc.; Certificate generally adopts the UTC time format to represent the term of validity.The person's of containing the certificate authority in the certificate signature is to guarantee the integrality of certificate.License passport just must not be revised from buying the back.
The DRM license passport can use right descriptive language REL (Rights Expression Language) to describe; REL is the important technology content in DRM field; Be used to describe the use right of digital content or service, promptly describe the use right that the participant has resource.Right (Rights), resource (Asset) and participant (Party) are three entities the most basic of REL.Right is about the use of resource or access permission, comprises authority, precondition and restrictive condition etc.Resource refers to relevant with right have uniquely identified digital content or service.The participant is corporate entity or the individual relevant with resource, comprises copyright owner, author, content provider and user etc.
REL must be conveniently easy-to-use, possesses opening, flexibility, extensibility and machine readable property, supports the description of all kinds of use rights of various digital contents.XrML (eXtensible rightsMarkup Language) and ODRL (Open Digital Rights Language) are two the most perfect right expression language based on XML of current development, are adopted by the related standards tissue respectively.
(3) certificate chain list structure
Adopt the increase chained list to write down digital network member and the equipment that uses the DRM digital content based on this license passport; While recorded content operating position; This chained list is managed by LDM; Be only limited in the digital network and use, in chained list, identify current digital network member and the equipment that is using, guarantee that the same time can only have a digital network member and equipment to have license passport; In case promptly license passport is changed to other users and equipment and used, user originally and equipment just can not use this license passport play content.Can limit better and authorities such as broadcasting time that statistics of user's is bought, time like this.List structure is as follows:
Record?1:?Content?ID,
Sender?(family?member?ID1,?device?ID1),
Receiver?(family?member?ID1’,?device?ID1’),
Timestamp?1,
Digital?signature?of?family?member?ID1.
Record?2:?…
Record?n:?Content?ID,
Sender?(family?member?IDn,?device?IDn),
Receiver?(family?member?IDn’,?device?IDn’),
Timestamp?n,
Digital?signature?of?family?member?IDn.
Current?device?n
Many service recorders are arranged in the chained list, and every record comprises content ID, Sender information, Receiver information, Timestamp, the digital signature of Family member IDn.
The step of sharing method in the face of the digital content that is used for digital network provided by the invention down is described in detail:
1, wants to obtain digital content and license passport when member's application of a digital network, at first entrust LDM from CI and RI request and receiving digital contents and corresponding license passport;
2, the digital network member sends a message to LDM; Comprise ID; The digital content of device id and request; Whether ID, device id on the main inquiry in the territory LDM be legal, and the relation table of inquiring user, role and authority confirms according to relation table whether this user possesses the access rights to this digital content;
3, have corresponding authority if inquire the user, just issue the equipment that the member is using to encrypted digital content, encrypted digital content can be stored in any apparatus in digital network and can between equipment, be transmitted;
If 4 have individual license passport operating position table on LDM, the corresponding license passport information of record DRM digital content comprises license passport sequence number, the ID that is using, device id.Main the tabling look-up through the territory; If license passport is on LDM; Then the territory master keeps a record on chained list; With behind license passport and the subsidiary public key encryption of chained list, issue the equipment that the digital network member is using, and record license passport operating position table on the LDM to license passport sequence number, recipient's ID, device id then with requesting service;
5, main the tabling look-up through the territory if license passport sends out message on other equipment, then for this equipment, notifies this equipment to issue the requestor to license passport;
6, just on chained list, keep a record the digital network member of usage license certificate; Then with behind license passport and the subsidiary public key encryption of chained list with requesting service; Issue the equipment that the requestor is using; And send out message to recipient's ID, device id and give LDM, upgrade LDM and go up license passport operating position table;
7, after the digital network member obtains license passport; With the private key of oneself license passport of receiving is deciphered with subsidiary chained list earlier; Thereby obtain content decryption key, use the decrypted digital content key that the DRM digital content of encrypting is deciphered then, can use or playing digital content; The content of having deciphered the back of finishing using is promptly destroyed, and any equipment is forbidden storage and the content of duplicating after the deciphering all.
Share method in the face of the digital content that is used for digital network provided by the invention down and carry out safety analysis:
1, system adopts the DRM architecture; The ability realization separates when digital content is distributed with license passport; Strengthened the separating of digital content and license passport the flexibility of management on the one hand: the modification to digital content can not influence the mandate of having made, and has improved the security performance of system on the other hand yet, can prevent that content and certificate from distributing arbitrarily; Even the disabled user has obtained digital content; Also can be owing to its certificate that do not secure permission, can not get decruption key can not accessed content, has effectively taken precautions against user's illegal operation.
2, in the system work process; The digital network member uses digital content at every turn; Whether all legal by ID, device id on the main inquiry in the territory LDM, this working method can be discerned disabled user or equipment effectively, takes precautions against the disabled user and on non-authority computer, uses digital content.
3, the equipment of in digital network, preparing the reception license passport must be confirmed as equipment in the territory mutually with the equipment that sends license passport; Transmit leg must use the PKI of receiving equipment to encrypt when sending license passport, and receiving equipment uses the private key of oneself just can obtain content decryption key after receiving license passport.Like this, except transmit leg and recipient, license passport can not be stolen by other people, and in transmission course, is not distorted, and guarantees that license passport is true and reliable.
4, at one time; Can only on an equipment, play and used digital content by a digital member, after using, the content after the deciphering be destroyed immediately at every turn; Can not be kept in any form on any equipment, can prevent that multimedia digital content from not duplicated arbitrarily.
Compare in the face of technical scheme provided by the invention and existing other two kinds of technical schemes down:
The DRM digital right management scheme is " buying different permission certificate scheme " and " reallocation scheme " in existing two kinds of main territories at present: the present invention compares in many aspects and existing two kinds of schemes:
Fail safe: aspect the fail safe of protection digital content; These three kinds of methods all adopt the DRM architecture, can protect digital content preferably, prevent any distribution; Digital content all is to be to play and to use in that decruption key is arranged only; After finally using, digital content is promptly destroyed, and fail safe is higher.
Complexity: aspect complexity, buying different permission certificate scheme is to let content supplier directly in license passport, add coding in content supplier, and the traffic between territory member and the content supplier increases, and it is heavy that burden becomes, and complexity improves.The reallocation scheme is to be that the license passport that is distributed to other territories member increases condition restriction by domain administrator or the member that buys digital content, and then is distributed to the territory member, owing to will create new authentication or sub-certificate, the burden of domain administrator increases, and complexity improves.And new method has adopted the certificate chained list that license passport is followed the trail of, and has used the RBAC model simultaneously, through form 1 DRM authority and user role is closely connected, and has realized territory member and DRM authority uniform and effective management, and complexity is low.
Flexibility: buying different permission certificate scheme is just to obtain different license passports when buying digital content at the content supplier place, and the authority that different territory members needs is different, all will obtain new license passport again from content supplier at every turn, and is very dumb.Reallocation scheme and new method are carried out high-efficiency management by domain administrator to authority information, have higher flexibility.
Secret protection: aspect protection digital network member's privacy; Buying different permission certificate scheme is directly to customize digital content and license passport keeper or territory member for other members; Reveal other other territories members' privacy easily, and additive method is not easy to expose privacy.
Change the license passport structure: buy the 26S Proteasome Structure and Function that different permission certificate scheme and new method have all kept the original license book, and license passport reallocation scheme can change the form of license passport.
Can find out that through last table contrast the present invention has possessed the advantage of other two kinds of schemes, overcome the shortcoming of the two simultaneously again, realize territory member and DRM authority uniform and effective management, be a kind of scheme that is fit to very much digital network DRM rights management.
In typical DRM system realizes, license passport and apparatus bound, the digital resource that the user buys only allows on purchase of equipment, could use, and limited the flexibility that the user uses digital content like this.Digital network DRM system can satisfy user's actual demand, and digital content can freely be transmitted, used to the user in digital network.
The digital content that is used for digital network provided by the invention is shared method makes system work process more effective.
Above embodiment only supplies to explain the present invention's usefulness, but not limitation of the present invention, the technical staff in relevant technologies field; Under the situation that does not break away from the spirit and scope of the present invention; Can also make various conversion or modification, so all technical schemes that are equal to, all fall into protection scope of the present invention.