Summary of the invention
Technical problem for above-mentioned existence, the purpose of this invention is to provide a kind of digital content for digital network and share method and system, the method can be controlled the right to access of network members and equipment based on role access control model (RBAC) and digital certificate chained list.
For achieving the above object, the present invention adopts following technical scheme:
A kind of digital content shared system for digital network:
Comprise computer, smart phone, camera, Digital Television, personal digital assistant, described computer, smart phone, camera, Digital Television, personal digital assistant all have the certificate that certificate issuance office (CA) promulgates separately, and all have separately a pair of PKI and private key, PKI is open with certificate form, and private key is placed in the anti-tamper internal memory of equipment; Couple together by digital network between described computer, smart phone, camera, Digital Television, the personal digital assistant;
Also comprise content distribution client (CI), described content distribution client provides digital content issue and downloading service, by the content distribution client digital content packaging ciphering (being called digital rights management content through the content of encrypting) of user's request is provided to legal user domain and with copyright distribution client (RI) communication to make it generate corresponding license passport;
Also comprise copyright distribution client (RI): described copyright distribution client is responsible for generation and the granting of the license passport corresponding with digital content, license passport corresponding to Information generation digital content that described copyright distribution client is sent according to the content distribution client first provided to the legal user domain of this digital content again;
Also comprise local domain management control end (LDM), described local domain management control end has the tabulation of digital network member and equipment in all territories, be in charge of each member and equipment in the digital network, each member and equipment in the network are registered, determine member's identity and authority, management adds the equipment in territory, the user of identification use equipment, to content distribution client and copyright distribution client application digital copyright management (DRM) content and corresponding license passport, and be member and equipment distribution of digital rights organize content and usage license certificate;
Digital network between described local domain management control end and described computer, smart phone, camera, Digital Television, the personal digital assistant is interconnected, described content distribution client and described local domain management control end are by network connection, and described copyright distribution client and described local domain management control end are passed through network connection.
Described digital network connects in wired or wireless mode, and described computer, smart phone, camera, Digital Television, personal digital assistant all will just can become through the digital authenticating of described local domain management control end respectively the equipment in the territory.
Described system adopts the certificate chained list, and described certificate chained list is used for license passport, and with the information of record digital network member and equipment, described certificate chained list is managed by described local domain management control end.
Described system comes member and equipment in the administering digital network by the access control method based on the role.
A kind of digital content for digital network is shared method, may further comprise the steps:
When a digital network member applied for obtaining digital content and license passport, local domain management control end (LDM) was asked and receiving digital contents and corresponding license passport from content distribution client (CI) and copyright distribution client (RI);
The digital network member sends a message to the local domain management control end, the digital content that comprises user ID, device id and request, whether user ID and device id on the main inquiry local domain management control end of territory be legal, inquiring user, Role and privilege relation table determine according to this relation table whether this digital network member possesses the access rights to this digital content;
Have corresponding authority if inquire this digital network member, just the digital content of encrypting is issued the equipment that this digital network member is using, the digital content of encryption can be stored in any apparatus in digital network and can be transmitted between equipment;
If in the local domain management control end license passport operating position table is arranged, then record license passport information corresponding to digital copyright management (DRM) digital content, main the tabling look-up through the territory, if license passport is on the local domain management control end, then the territory master keeps a record at chained list, then after license passport and subsidiary chained list being used the public key encryption of requesting service, issue the equipment that the digital network member is using, and license passport sequence number, recipient's user ID, device id are recorded in the license passport operating position table of local domain management control end;
Main the tabling look-up through the territory if license passport sends out message on other equipment, then for this equipment, notifies this equipment that license passport is issued the requestor;
Just the digital network member at usage license certificate keeps a record at chained list, then after license passport and subsidiary chained list being used the public key encryption of requesting service, issue the equipment that the requestor is using, and recipient's user ID, device id sent out message to the local domain management control end, upgrade license passport operating position table on the local domain management control end;
After the digital network member obtains license passport, with the private key of oneself license passport of receiving and the chained list of attaching are deciphered first, thereby obtain content decryption key, then use the decrypted digital content key that the digital copyright management digital content of encrypting is decrypted, the digital network member can use or playing digital content after the deciphering.
License passport information corresponding to described digital copyright management (DRM) digital content comprises license passport sequence number, the user ID of using, device id.
The digital network member is namely destroyed after the content of having deciphered is finished using, and any equipment is forbidden storage and copy content after the deciphering all.
In digital network, prepare the equipment of reception license passport and must confirm as mutually equipment in the territory with the equipment that sends license passport, transmit leg must use the PKI of receiving equipment to be encrypted when sending license passport, and receiving equipment uses the private key of oneself just can obtain content decryption key after receiving license passport.
The present invention has the following advantages and good effect:
1) digital network of the present invention has adopted the territory concept, so that the license passport of digital content can once be bound with one group of equipment mutually, between content distribution client, copyright distribution client and the home network device terminal for protecting communicating by letter that copyrighted digital content carries out greatly to simplify, greatly reduce the quantity of issuing certificate and managed the resource that certificate consumes, alleviated the workload of copyright distribution client;
2) the present invention has realized sharing of the interior license passport of digital network by license passport and digital network binding, so that the user can freely transmit in the territory, use digital content, reaches real convenience and shared freely;
3) the present invention combines the certificate chained list for the method with RBAC, and this technical scheme has realized that tracking and the DRM authority of license passport shifts in the territory, does not change the content of license passport simultaneously;
4) RBAC of the present invention has realized by for each network members distributes suitable role, thereby distributes suitable DRM authority, can realize the function that some users such as secret protection, managing children need, and the authority difference is controlled more flexible.
Embodiment
Digital network is the main application form of Authorized Domain (AD), and it comprises wireless and mixed form wired connection, comprises some equipment, such as PC, printer and smart phone, camera etc.
It is multiple to allow the method for different rights to have at present in the territory, and a kind of direct method is exactly to introduce differently when buying right, and the user can define different rights for different territory members at once, and content supplier adds this coding at license passport.Yet, quite fixing, dumb, the easy invasion of privacy of this method.
In addition, another kind of method is to introduce different rights in the process that the DRM right is converted to DRM right in the territory.Here, a people who buys digital content (the territory member of domain administrator or first access permission certificate) allows to increase further restriction or right on original rights, and this restriction or right being used and accessing for Control the content in the territory.Yet, strong requirement is arranged for digital content provider, he is Control the content distribution and use fully.Usually, digital content provider is not believed and is not allowed original license passport is changed.
Also having a kind of possible method is certificate chained list scheme, and domain administrator increases chained list for the license passport that each is assigned to this territory, and the chain table record broadcast DRM content and got facility information.This scheme has realized the tracking of license passport in the territory, and do not change the content of right objects (RO) simultaneously, but weak point is: this scheme can't be each territory member and the only DRM authority of devices allocation.
In digital network, if a user has bought digital content, other digital network user also allows to access this digital content.This can cause much destroying privacy and safety problem.Under certain scene, the owner in territory does not wish that for reasons such as privacy, father and mother's position, personal interests other users in territory use some digital content in the territory yet, do not wish that such as father and mother child watches some adult's content, perhaps only allow child to watch some content at official hour, to prevent that him from consuming the too much time in the above, affect child's study and rest; Friend adds your territory with his equipment for another example, and you only are ready to share with him your music or film, but do not wish that he sees other digital content.Therefore, in order to solve these potential safety and privacy concerns, we propose the right to access that a kind of new method is controlled each digital network member.
Other concept terms belong to content well known in the art in this specification, do not repeat them here, and the below is introduced related notion related in the method provided by the invention, fully to disclose the application's technology contents:
(1) based on role access control model (RBAC)
Access control (Role-Based Access Control) based on the role becomes the mode that substitutes traditional access control (autonomous access, pressure access), in RBAC, authority is associated with the role, and the user obtains these roles' authority by the member who becomes suitable role.RBAC has greatly simplified the management of authority.In a tissue, the role creates in order to finish various work, and the user then is assigned corresponding role according to its responsibility and qualification, and the user can be assigned to another role from a role at an easy rate.The demand of role Ke Yixin and the merging of system and give new authority, and authority also can reclaim from certain role as required.Role and role's relation can set up to include widely objective circumstances.
The core concept of RBAC interrelates access rights and role exactly, by giving the suitable role of user assignment, user and access rights is interrelated.The role according in the constituent parts for finishing the setting of various task needs, the role who sets them according to user's responsibility and responsibility.About the RBAC model, more famous in the prior art is the R. Sandhu professor's of U.S. George Mason university RBAC96 model, and the below is introduced the role based safe access control model.
Role based safe access control illustraton of model as shown in Figure 1 has three kinds of entity setses, is called user, Role and privilege.Shown the set of session among Fig. 1, the user is the main body to the data Object Operations, is the people in this model, and the role is in-house work functions or work title, about authorizing some roles with authority and responsibility.The role connects user and authority as middle bridge; Authority is to be intended to together the one or more objects of access in the system, the term mandate, and right to access and privilege also are used to indicate authority.Authority normally has positive effect, and the holder of granted rights finishes some activity.Constraint is to be additional in the RBAC system on each element, is used for expressing the executable condition of being permitted; Session is a dynamic concept, and the user activates the role and in time sets up session.
(2) Partition of role of digital network
According to the relation between user type in the digital network and each user, the Graded Roles model as shown in Figure 3:
Graded Roles is the method for nature, is used for setting up role structure, authority and the responsibility of reflection tissue.By convention, more authoritative or senior role is presented at high level, and authoritative or not rudimentary role is presented at bottom.
In this model, the rank of model from low to high, being divided into is 4 grades, the 4th grade is lowermost level, interim member is in this rank.In most of the cases, this is the interim and shared digital content of digital network member of a user, has part to use the authority of DRM content, and authority is minimum.
The rank-and-file member is the third level, and this member is more senior than interim member, has therefore inherited all authorities of interim member.The rank-and-file member can have the authority except inheriting interim member, this role's authority comprises requirement and uses DRM content and license passport, but be subject to certain restrictions, for example the child in the family can be used as this role's user, as can only can play some content (such as 8:00-21:00) within certain time period.
The succession of authority is transferable, and in Fig. 2, the high-ranking member is in the second level.This role succession interim member and rank-and-file member's authority.The high-ranking member can have extra authority, and for example the adult user in the family such as father and mother can distribute this role, has the overwhelming majority of all authorities.
The territory master only has a member in the first order, is the owner of digital network territory registration, also is the director in territory and the keeper of highest ranking. this role succession the high-ranking member, rank-and-file member and interim member's authority can realize all authorities.
(3) delineation of power of digital network
The role gives certain role as the intermediary between user and the access rights to the user, and again the authority type ascribed role, the user obtains corresponding accessing operation authority by the role.Authority is divided into polytype in digital network: as creating, nullify the territory, add, delete user or equipment, acquisition, usage license certificate, use DRM content etc.
According to role above-mentioned, the digital network member can play the part of these roles, thereby has different authorities, and for example, father or mother can play the part of the territory master, have all authorities, and child belong to general user role, and authority is smaller.In some perhaps equipment need to be limited use by the head of a family, and can only use at official hour.Certain friend adds digital network temporarily, can only share certain item of digital content, and such as music or film, other digital content is limited to use.Set up the relation table of user, Role and privilege, user's that can each role of fast finding associated rights or the user's of certain authority set.
When new user registration being arranged or old user's leaving domain is arranged, when user's role changes, or when digital copyright management (DRM) content that new application arrives is arranged, dynamically determine the authority that this role's user is all or the operation that the DRM content is carried out.
The digital content that is used for digital network that the below proposes the present invention by reference to the accompanying drawings with specific embodiment is shared method and is described in detail:
Digital content is shared method based on role access control model (RBAC) in the digital network that this method proposes, and has adopted the certificate chained list in the design, and this chained list is used for license passport, the information of record digital network member and equipment.
(1) Home DRM system frame structure
Fig. 3 is digital network DRM system frame structure, and this structure is made of following several functional entitys:
Content distribution client (CI): CI provides digital content issue and downloading service, and by CI digital content packaging ciphering (being called the DRM content through the content of the encrypting) granting of user's request being communicated by letter to legal user domain and with RI makes it generate corresponding license passport.
Copyright distribution client (RI): RI is responsible for generation and the granting of the license passport corresponding with digital content: license passport corresponding to Information generation digital content of sending according to CI first, provide again to the legal user domain of this digital content.
Local domain management control end (LDM): the nucleus equipment that is digital network, there is the tabulation of digital network member and equipment in all territories, be in charge of each member of digital network and equipment, the registration on LDM such as kinsfolk and equipment, determine kinsfolk's identity and authority, management adds the equipment in territory, can identify the user of use equipment, to CI and RI application DRM content and corresponding license passport, and be member and equipment distribution DRM content and usage license certificate.LDM can not be special equipment and being served as by member devices such as PC, notebooks, but this equipment must possess enough memory spaces and disposal ability, can take preferably safety measure, and a digital network has and only have a LDM.
Equipment (such as PC, printer, smart phone, camera, Digital Television, personal digital assistant PDA) is in native system, equipment all is believable, must have the certificate that certificate issuance office (CA) promulgates, and have a pair of public affairs/private key, PKI is open with certificate form, and private key is placed in the anti-tamper internal memory and only has this equipment to know.These equipment couple together by digital network, and digital network can wired or wireless mode connect, and all will authenticate the equipment that just can become in the territory through LDM.Equipment can Local or Remote the mode of access access the DRM content.Equipment comes display field to describe by the digital network member with them.
The digital network member is the user of equipment, after must registering in the territory first.They can share a plurality of equipment, and play the DRM content at equipment.
(2) license passport is described
When a digital network member buys the DRM content, pay to content supplier, CI is transmitted to LDM with the DRM content.This digital content also should be able to be play at other member devices of digital network.In order to support this ability, RI transmits license passport for the digital content of buying, and this certificate directly sends to LDM.
The license passport form is followed ITUTX. 509 international standards, and the representation of license passport is as follows among the present invention:
Certificate information: the signature algorithm that the version number of license passport, certificate serial number, certificate use;
Owner's sign of certificate: possessory public-key cryptography
Resource information: digital content ID, the decrypted digital content key
Rights of using: the use restriction of resource, the valid expiration date of using
The digital signature of license server
Certificate information comprises the version number of certificate; The sequence number of certificate (each certificate has a unique certificate serial number); The employed signature algorithm of certificate (such as RSA Algorithm).The possessory information of certificate comprises owner's sign; The possessory public-key cryptography of certificate.Resource information comprises unique resource identification, the decruption key of resource (being used for the deciphering to digital content).Rights of using provide the use restriction of resource, and multiple form can be arranged, and such as the access times restriction of resource, use simultaneously the number of devices restriction of resource, the term of validity that resource is used etc.; Certificate generally adopts the UTC time format to represent the term of validity.The person's of containing the certificate authority in the certificate signature is to guarantee the integrality of certificate.License passport just must not be revised after buying.
The DRM license passport can be described by right to use descriptive language REL (Rights Expression Language), REL is the important technology content in DRM field, be used for describing the right to use of digital content or service, namely describe the right to use that the participant has resource.Right (Rights), resource (Asset) and participant (Party) are three entities the most basic of REL.Right is about the use of resource or access permission, comprises authority, precondition and restrictive condition etc.Resource refers to relevant with right have uniquely identified digital content or service.The participant is and corporate entity or the individual of resource dependency, comprises copyright owner, author, content provider and user etc.
REL must be conveniently easy-to-use, possesses opening, flexibility, extensibility and machine readable, supports the description of all kinds of rights to use of various digital contents.XrML(eXtensible rightsMarkup Language) and ODRL(Open Digital Rights Language) be the right expression language of two the most perfect XML-baseds of current development, adopted by the related standards tissue respectively.
(3) certificate chain list structure
Adopt the increase chained list to record digital network member and the equipment that uses the DRM digital content based on this license passport, record simultaneously the content operating position, this chained list is managed by LDM, be only limited in the digital network and use, in chained list, identify current digital network member and the equipment that is using, guarantee that the same time can only have a digital network member and equipment to have license passport, in case namely license passport is changed to other users and equipment and used, user originally and equipment just can not use this license passport play content.Can limit better and the authorities such as broadcasting time that counting user is bought, time like this.List structure is as follows:
Record?1:?Content?ID,
Sender?(family?member?ID1,?device?ID1),
Receiver?(family?member?ID1’,?device?ID1’),
Timestamp?1,
Digital?signature?of?family?member?ID1.
Record?2:?…
Record?n:?Content?ID,
Sender?(family?member?IDn,?device?IDn),
Receiver?(family?member?IDn’,?device?IDn’),
Timestamp?n,
Digital?signature?of?family?member?IDn.
Current?device?n
Have many to use record in the chained list, every record comprises content ID, Sender information, Receiver information, Timestamp, the digital signature of Family member IDn.
The step that the below shares method to the digital content for digital network provided by the invention is described in detail:
1, wants to obtain digital content and license passport when member's application of a digital network, at first entrust LDM from CI and RI request and receiving digital contents and corresponding license passport;
2, the digital network member sends a message to LDM, comprise user ID, the digital content of device id and request, whether user ID, device id on the main inquiry in the territory LDM be legal, the relation table of inquiring user, Role and privilege determines according to relation table whether this user possesses the access rights to this digital content;
Have corresponding authority if 3 inquire the user, just the digital content of encrypting is issued the equipment that the member is using, the digital content of encryption can be stored in any apparatus in digital network and can be transmitted between equipment;
If 4 have individual license passport operating position table at LDM, license passport information corresponding to record DRM digital content comprises license passport sequence number, the user ID of using, device id.Main the tabling look-up through the territory, if license passport is on LDM, then the territory master keeps a record at chained list, then after license passport and subsidiary chained list being used the public key encryption of requesting service, issue the equipment that the digital network member is using, and license passport sequence number, recipient's user ID, device id are recorded to the upper license passport operating position table of LDM;
5, main the tabling look-up through the territory if license passport sends out message on other equipment, then for this equipment, notifies this equipment that license passport is issued the requestor;
6, just keep a record at chained list the digital network member of usage license certificate, then after license passport and subsidiary chained list being used the public key encryption of requesting service, issue the equipment that the requestor is using, and recipient's user ID, device id sent out message to LDM, upgrade the upper license passport operating position table of LDM;
7, after the digital network member obtains license passport, with the private key of oneself license passport of receiving and the chained list of attaching are deciphered first, thereby obtain content decryption key, then use the decrypted digital content key that the DRM digital content of encrypting is decrypted, can use or playing digital content, namely destroyed after the content of having deciphered is finished using, any equipment is forbidden storage and copy content after the deciphering all.
The below shares method to the digital content for digital network provided by the invention and carries out safety analysis:
1, system adopts the DRM architecture, the energy realization separates when digital content is distributed with license passport, separating of digital content and license passport strengthened the flexibility of managing on the one hand: the modification on digital content can not affect the mandate of having made, also improved on the other hand the security of system performance, can prevent that content and certificate from distributing arbitrarily, even the disabled user has obtained digital content, also can be owing to its certificate that do not secure permission, can not get decruption key can not accessed content, has effectively taken precautions against user's illegal operation.
2, in the system work process, the digital network member uses digital content at every turn, whether all legal by user ID, device id on the main inquiry in the territory LDM, this working method can be identified disabled user or equipment effectively, takes precautions against the disabled user and uses digital content at non-authority computer.
3, the equipment of preparing the reception license passport in digital network must be confirmed as mutually equipment in the territory with the equipment that sends license passport, transmit leg must use the PKI of receiving equipment to be encrypted when sending license passport, and receiving equipment uses the private key of oneself just can obtain content decryption key after receiving license passport.Like this, except transmit leg and recipient, license passport can not be stolen by other people, and is not tampered in transmission course, guarantees that license passport is true and reliable.
4, at one time, can only be play and the use digital content at an equipment by a digital member, after using, the content after the deciphering is destroyed immediately at every turn, can not be kept in any form on any equipment, can prevent that multimedia digital content from not copied arbitrarily.
The below compares technical scheme provided by the invention and existing other two kinds of technical schemes:
The DRM digital right management scheme is " buying different license passport schemes " and " reallocation scheme " in existing two kinds of main territories at present: the present invention compares in many aspects and existing two schemes:
Fail safe: aspect the fail safe of protection digital content; these three kinds of methods all adopt the DRM architecture; can protect preferably digital content; prevent any distribution; digital content all is to be to play and to use in that decruption key is arranged only; after finally using, digital content is namely destroyed, and fail safe is higher.
Complexity: aspect complexity, buying different license passport schemes is to allow content supplier directly add coding in content supplier in license passport, and the traffic between territory member and the content supplier increases, and it is heavy that burden becomes, and complexity improves.The reallocation scheme is to be that the license passport that is distributed to other territories member increases condition restriction by domain administrator or the member that buys digital content, and then is distributed to the territory member, owing to will create new authentication or sub-certificate, the burden of domain administrator increases, and complexity improves.And new method has adopted the certificate chained list that license passport is followed the trail of, and has used simultaneously the RBAC model, by form 1 DRM authority and user role is closely connected, and has realized the unified effectively management of territory member and DRM authority, and complexity is low.
Flexibility: buying different license passport schemes is just to obtain different license passports when buying digital content at the content supplier place, and the authority that different territory members needs is different, all will again obtain new license passport from content supplier at every turn, and is very dumb.Reallocation scheme and new method are efficiently managed authority information by domain administrator, have higher flexibility.
Secret protection: aspect protection digital network member's privacy; buying different license passport schemes is directly to customize digital content and license passport keeper or territory member for other members; reveal easily other other territories members' privacy, and additive method is not easy to expose privacy.
Change the license passport structure: buy the 26S Proteasome Structure and Function that different license passport schemes and new method have all kept the original license book, and license passport reallocation scheme can change the form of license passport.
Can find out that by upper table contrast the present invention has possessed the advantage of other two schemes, overcome again the shortcoming of the two simultaneously, realize the unified effectively management of territory member and DRM authority, be a kind of scheme that is fit to very much digital network DRM rights management.
In typical DRM system realizes, license passport and apparatus bound, the digital resource that the user buys only allows could use on purchase of equipment, limited like this flexibility that the user uses digital content.Digital network DRM system can satisfy user's actual demand, and digital content can freely be transmitted, be used to the user in digital network.
Digital content for digital network provided by the invention is shared method makes system work process more effective.
Above embodiment is only for explanation the present invention, but not limitation of the present invention, person skilled in the relevant technique; in the situation that does not break away from the spirit and scope of the present invention; can also make various conversion or modification, so all technical schemes that are equal to, all fall into protection scope of the present invention.