CN1754372A - Method and apparatus for determining controller authorizations in advance - Google Patents
Method and apparatus for determining controller authorizations in advance Download PDFInfo
- Publication number
- CN1754372A CN1754372A CN 200480005268 CN200480005268A CN1754372A CN 1754372 A CN1754372 A CN 1754372A CN 200480005268 CN200480005268 CN 200480005268 CN 200480005268 A CN200480005268 A CN 200480005268A CN 1754372 A CN1754372 A CN 1754372A
- Authority
- CN
- China
- Prior art keywords
- controller
- mandate
- upnp
- indication
- relevant
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The present invention relates to a method, for a controller (103) for invoking actions on a device (105), of determining which actions are authorized to be invoked on said device (105). The controller (103) is adapted for invoking actions on the device (105) by sending an action command (A1, A2, A3, A4) to said device (105). Each of said predefined action commands (A1, A2, A3, A4) can be sent to invoke a specific action on the device (105). The method comprises the step of transmitting an checking-checking query (107, 109, 111, 113) to determine authorizations related to at least one of said actions that can be invoked on the device (105) by said action commands. The method further comprises the step of receiving an indication (115, 117, 119, 121) of authorizations related to the at least one of said actions being invoked on the device (105). Thereby a controller can know in advance, which actions are authorized to be invoked on the device. It can use this information in a variety of ways, one is to inform a user, which actions are available, and which options are not available, another is to plan ahead for a sequence of actions. Authorization can be related to the available rights for DRM protected content being processed by the device or to authorizations related to the controller.
Description
Technical field
The present invention relates to a kind of method, for the controller that is used to call an operation on the device is determined for there being which operation to be authorized to and can to call on the described device.The invention still further relates to the controller of the operation that is used to call a device.The invention further relates to the control point of operation that being used in a kind of UPnP of being arranged on network call the UPnP device of this UPnP network.
Background technology
Currently there is a multiple technology that makes first device be adapted to call the operation on second device.In this case, this first device is the controller of control second device.This technology is used for the standard computer network in multiple application examples such as family or the industry, perhaps uses for example situation of television set, video disc player or industrial equipment of remote controllers control housed device.
In the situation of a device of controller control, this controller is adapted to the operation by utilizing for example wireless communication channel to call this device to this device transmit operation order.The operation that is not all these devices can be authorized to call, and this mandate can be based on the DRM (Digital Right Management) that is applied to the content of being handled by this device.An example of DRM content is a content of multimedia, and this content of multimedia only is authorized to reset but can not records.Further example is the content that limited number of times only is provided or only provides or only provide when operating this feedway as the people who buys this content in certain time period.Another example of authorization limitations could is the mandate of the controller in the relevant for example UPnP network described below.
" UPnP (UPnP) " is used for the architecture that the general point to point network of the PC of smart machine, wireless device and form of ownership factor is connected.It is designed to realize with special or do not have the easy-to-use, flexible, measured of supervising the network and be connected, this network can be at home, little company, public place, perhaps be connected to the internet.UPnP is distributed, the open network system, and its supports TCP/IP and Web technology, and it is except controlling and at home, between the network equipment in office and the public place the transmission data, can also realize that lossless network connects.This UPnP standard is documented in document " Universal P1ug and Play DeviceArchitecture ", the 1.0th edition, on June 8th, 2000, (c) 1999-2000MicrosoftCorporation.
UPnP (UPnP) safety standard is described as the annex of UPnP1.0.Wherein described and how in the UPnP network, to have added and management access control.Especially, can refuse the operation of calling now, because does not authorize at the control point by the control point.This UPnP safety standard comprises four files.A file specification " safety device " has also provided the general introduction of this standard.Other three file specifications a mandatory service " device fail safe " and two optional services " security control console " and " device secret (Device Stealth) ".
The UPnP network can comprise three UPnP security components: security monitoring control point, security monitoring UPnP device and security control console.Security monitoring UPnP device has access control list (ACL), has wherein stored the control point that allows to carry out the service on the specific UPnP device.Security control console is carried out the management to this Access Control List (ACL).This UPnP security component has user interface, and the network ownership can control this security control console and be the control point authorization by this user interface.These three security components are logic entities, and the single physical device can be carried out any amount this logic entity.
Usually, the control point is a part direct and device that the terminal use is mutual.For example, be shown in the itinerant exhibition of the CES world in Philips consumer's the advanced Long-distance Control model of Philips iPronto, this iPronto works as the control point, all devices in can Control Network.The increase of UPnP fail safe has been arranged, just can control all devices fully, but can only control the part of all devices and all functions of these devices so that this device no longer is authorized to be.In this case, will be favourable if this can reflect by this user interface.For example, control certain device, just this can be presented on the user interface (for example by making this device become ash, do not show this device, indicating with the icon of locking etc.) if disapprove the user.Do not have this indication, the user will attempt to control this device and will fail, and this will be thought low-quality by the user.
In order to be what operation the user that is shown to of permission, the control point must pre-determine in some way what these permissions are.About this current UPnP safety standard, have two problems to stop this point:
1. it not is standardized being permitted
When reading the 9th page of safety device, this point is very clear: " yet the mapping between permission and protocol hierarchy entity are for example served and operated is not standardized ".
" device can freely limit their permission and use any their hope coming control request to be mapped to the mechanism of required permission.”
This UPnP safety standard avoids specifying one group of fixing permission.On the contrary, each device seller can specify one group of proprietary permission.The user can select these permissions by selecting character string.The ToolTips of a natural language and webpage are to the implication of these permissions of user interpretation.This is not machine-readable, thus the control point can not according to this information infer which operation be the permission and which operation do not have licensed.
Not having a reason of standardization permission is that if granted access is based on current context, it is possible that a large amount of permissions is arranged so.For example, a permission can be " only daytime ".This permission will be based on the time granted access or the disable access on daytime.Be difficult to propose all possible situation and a standard still succinct and easy to implement that can cover different seller's predictions.And these permissions not being carried out standardization can be so that expanding system at an easy rate, thereby makes it to have following foresight.
2.ACL version can not be sent to the control point.
Can be clear when reading the 8th page of device fail safe, this ACL version can not be sent to the control point.More specifically, at the 23rd page of this file, described the operation of reading ACL in " the only operation of calling by SC " part, wherein SC is a security control console.Particularly, do not have to be sent to the control point from security control console and this safety device about the information of authorization and corresponding Authorized operation.
In US2002/0027569, illustrated how to use the user control point instrument to allow common discovery, control and show universal plug and play devices from common user interface.This class UCP instrument provides the common user experience for all UPnP devices, and does not consider their manufacturers separately.Such UCP instrument allows by type, only device name or finds the UPnP device asynchronously.This user can select find in the device one to observe its attribute, and be chosen as one of service that this device provides and control.Can see extraneous information, and the user can query State variate-value and the operation of calling about the service of this selected UPnP device from service description document.The result of this operation shows on the UI of this instrument, as the temporal information about this UPnP device.State information about the operation of such UCP instrument itself also is provided.How the document not explanation is handled safety problem and is offered the user at first to guarantee only have authorization command can be given to the UPnP device from the control point and should authorize.
Summary of the invention
Thereby, the objective of the invention is to obtain a kind of controller and determine that it is authorized to call the method for which operational order of this device for a device of control.And then a purpose is that acquisition is a kind of for determining that it is authorized to be invoked at which operational order of other UPnP devices in the UPnP network and the method for operational order parameter in the control point in the UPnP network.These mandates should be by overcoming the requirement that above-mentioned UPnP describes and keeping the mode of extensibility and following foresight to obtain.
This is to determine that the method which operation is authorized to call obtains by a kind of for the controller that is used to call an operation on the device on described device, wherein this controller is adapted to by calling operation on this device for from one group of scheduled operation order described device transmit operation order, wherein can send each described scheduled operation order and call a specific operation on this device, and the method comprising the steps of:
-send checking-checking inquire about with definite with can be by at least one described operation that described operational order is called on this device relevant mandate and
The indication of the mandate that-reception is relevant with at least one described operation of calling on this device.
Thereby controller can learn in advance which operation is authorized to call on this device.It can use this information in every way, and a kind of is that to notify which option of user be available and which option is disabled, and another kind is to design a sequence of operation in advance.Further advantage is the type that controller does not need to know the permission that can be authorized to.Thereby when this group permission of describing was expanded or changes, for example for the redaction of device, controller did not need upgrading.This makes controller that following foresight more be arranged.
An operation can be any function that can carry out on this device, if for example this device is the combined DVD recorder/player, the operation carried out of this device can be the recording function of relevant this combined DVD recorder/player so, and this operation for example can comprise the operation of recording, recording certain content or recording certain content at special time at special time.This operation may further include relevant operation of playing or playing the play command of certain content at special time.
This checking-checking inquiry can be that checking is used to call the inquiry that this device is gone up the mandate of one or more specific operations.This can finish by inquiry that sends each operational order in relevant this group scheduled operation order or the inquiry that sends relevant one group of operational order.Alternatively, this authority checking inquiry can be a kind of inquiry, is authorized to call on this device and based on the response that can be determined so that what to be determined, in this scheduled operation order which is authorized to call on this device.
Be called the mandate of operation can be for example based on the available DRM authority of relevant this content.Alternatively, it can be and for example relevant authority of the controller in the UPnP network.Different controllers can have different authorities, thereby is authorized to call on this device different group operations.This mandate can be determined and is sent to this controller by this device.In an example, controller controlling receiver device is used to handle the DRM protected data from source apparatus, and this controller can obtain this DRM customizing messages from source apparatus.Then, this DRM customizing messages is transferred into this acceptor device, and uses this DRM customizing messages that this controller is returned in the mandate of relevant this operation.
In a particular embodiment, this method further comprises step, based on the user's indication and the relevant mandate of invoked at least one described operation on this device that are designated as this controller that are received.Thereby the user just knew its mandate before call instruction, and this can guarantee that the user can carry out call operation and can surprisingly not receive refusal from this device.When using controller, this has improved the quality of user's experience.
In one embodiment, the indication that is received by controller is if predetermined condition realizes then this operation can invoked indication on described device.Condition does not meet then certain operation can be failed thereby controller is known.It can give the user with this indication, thereby and prepares possible authorization failure for the user.Except the pre-period management of user, the user can also determine not select this option.In addition, when command sequence of design, it can design failure scenarios or select by the different operating of full authority.
In a particular embodiment, this predetermined condition is by this sign.Such benefit is, the moment that controller can (repeatedly) design conditions meets.It can use these result calculated on its user interface and in the design process.This controller can also convey to the user with these conditions, can select this option when the user knows that these conditions satisfy.
In one embodiment, change if authorize, controller receives the new indication of the mandate relevant with at least one described operation of calling on this device.User and device mutual generally is continuous and interactively process.Be not authorized to if the user detects certain expection operation, this user can take action and obtain the mandate of this controller, for example by manually being invoked at the order on another device.In case be authorized to, this user just wishes this is reflected on the user interface of this controller.This method recited above can realize this point, because the notified mandate of this controller changes.And controller can also realize depending on the programmed logic that available mandate changes behavior.For example, in case all required mandates are available, program just can become active state.
In one embodiment, this device is adapted to deal with data, and is based on the mandate of relevant described data about the indication of the mandate relevant with at least one described operation of calling on this device.Authorizing and often to relate to data, for example is contents of DRM protection when these data, and which is authorized to call when operating on described device when the controller of determining to be adapted to control a device, should consider these mandates.Based on the mandate of DRM can be for example with the context-sensitive mandate of the device of handling these data, for example user of time, current this device of operation or this world region.
In one embodiment, the indication of the mandate relevant with at least one described operation of calling on this device is based on the mandate of relevant this controller.A controller is compared with another controller, can have to call one group of more mandate of multioperation on a device.
In one embodiment, controller is the control point in the UPnP network, and this device is the UPnP device as a UPnP network part.At present, in current UPnP safety standard, UPnP has no idea at the control point to learn in advance whether it is authorized to call a safety operation.Comprise in the current UPnP A/V standard of DRM protection content and also lack this function being applied to content of multimedia.The present invention has increased this function.
In one embodiment, this authorization query is finished by sending authorization command, and wherein authorization command is corresponding to a single scheduled operation order.This is a kind of straightforward procedure of the mandate of unique inquiry particular command.
In another embodiment, this authorization query is finished by sending authorization command, and wherein this command parameter is a string argument, comprises the operational order of the SOAP layout version that is used to indicate this operational order that is authorized to inquire about.Thereby a single operation is enough to test all available actions.
The invention further relates to a kind of controller that is used to call the operation of a device, wherein this controller is adapted to by transmit operation order from one group of scheduled operation order to described device, in the wherein said scheduled operation order each can be sent out calling the specific operation on this device, and this controller comprises:
-be used to send checking-checking inquiry with the parts determining and can relevant mandate by at least one described operation that described operational order is called on this device and
The parts of the indication of the mandate that-reception is relevant with at least one described operation of calling on this device.
In a particular embodiment, this controller further comprises the parts of indicating the mandate relevant with at least one described operation of calling at this device based on the indication that receives from this device, for the user of this controller.
The invention still further relates to the control point of the operation on the UPnP device that is used for being invoked at the UPnP network in a kind of UPnP of being arranged on network, wherein this control point is adapted to be controlled at UPnP device in this UPnP network by at least one group of scheduled operation order being sent at least one described UPnP device, each of wherein said scheduled operation order is sent out calling the specific operation on this UPnP device, and this control point comprises:
-be used to send checking-checking inquiry with the parts determining and can relevant mandate by at least one described operation that described operational order is called on this UPnP device and
The parts of the indication of the mandate that-reception is relevant with at least one described operation of calling on this UPnP device.
Description of drawings
Below in conjunction with accompanying drawing the preferred embodiments of the present invention are described, wherein:
Fig. 1 determines which operation is authorized to the schematic diagram of the controller that calls on a device, wherein mandate of this device indication,
Fig. 2 determines that it is authorized to call the schematic diagram of the controller of which operation on a device, wherein condition mandate of this device indication,
Fig. 3 has shown an example, and the mandate that wherein is used for the operation of contents processing on a device is based on the content of DRM protection,
Fig. 4 has shown the UPnP network that comprises three kinds of UPnP assemblies, and one is the control point that is used to control the UPnP device,
Fig. 5 is presented at the schematic diagram of setting up the process at control point in the UPnP network, and wherein its mandate is determined at this control point according to the present invention.
Embodiment
In Fig. 1, shown and determined which operation is authorized at the schematic diagram that installs the controller 103 that calls on 105.In the example shown in 100, controller 103 has one group of scheduled operation order A1, A2, A3, the A4 that can be used for control device 105, but controller 103 may not call all these operational orders on device 105 mandate, perhaps all these operations may not be authorized to call on this device.According to the present invention, thus controller 103 this installs and will verify this mandate at 105 o'clock in control.This authority checking is by at first sending checking-checking inquiry 107,109,111,113 to this device, shown in Figure 102, wherein each checking-checking inquiry the 107,109,111, the 113rd, specific operational order, thereby corresponding to one of operational order among this group scheduled operation order A1, A2, A3, the A4.And then this checking-checking inquiry can comprise specific parameter value.In 104, device 105 receives this inquiry, and then by the indication 115,117,119,121 of authorizing is come response controller 103, this authorizes corresponding operational order A1, A2, A3, the A4 that controller 103 calls and is correlated with on device 105.Under the situation of indication parameter value scope or omission parameter value, this return results can be " based on the mandate of parameter value ", " mandate " or " not authorizing ".Should " based on parameter value " return value represent that controller 103 had the mandate to the part of range of parameter values.In the embodiment shown in fig. 1, be that operational order A1 and A4 are authorized to (OK) and are called at device 105 by controller 103 from installing 105 indications that receive, and operational order A3 and A2 are not authorized to (OK) and call on device 105.In 106, controller learns which operational order can call on 105 at device, and ought these can successfully call in case of necessity.Controller 103 can not attempted call operation order A2 and A3, because it receives the information that it only has the mandate of call operation order A1 and A4 from installing 105.
Replace with each specific action command checking and authorize, controller can also be authorized one group of operational order checking, and these groups can be for example based on command type.An example of this situation is, when controller control has the device of storage medium, then Management Information Base can be to call the operational order that comprises the operation that writes this medium, and another group can be to call the operational order that only comprises from this storage medium read operation.The operational order of a call operation can comprise for example how or when definition calls the parameter of an operation.And operation A 1, A2, A3, A4 can be authorized to be called on device 105 by controller 103, but this operation can not be authorized to call with the gamut of possibility input parameter.For example, operation A 1 can have integer input parameter P1, and only is authorized to the P1 value less than limited boundary B1 is called.
This mandate can be pre-stored on the device 105, and based on for example ID of controller 103, this device 105 can be determined the mandate of this controller 103.Alternatively, the any not mandate of the controller of sign that is used to control this device 105 can be identical, and based on the order special delegated authority checking inquiry from this controller, this device 105 can be determined this operational order mandate and should authorize indication to offer this controller.Further, this mandate can be relevant with the data of being handled by device 105, for example when these data are the content of DRM management.In this case, this mandate does not need pre-stored but can be used as the part transmission of data.
In the above in the example, controller receives about specific operation whether be authorized to the information called by this controller on this device, and this operation is permission or unallowed.Usually, this mandate can be with good conditionsi as shown in the tubeization example of Fig. 2 also.At first, controller 103 has one group of scheduled operation order A1, A2, A3, A4 that can be used for control device 105.So controller 103 checking which operation when control device 105 are authorized to call on device 105.This authority checking is carried out by at first sending checking-checking inquiry 207,209,211,213 to this device once more, as shown in 202.In 204, device 105 receives this inquiry, responds this controller 103 by the indication 215,217,219,221 that whether is authorized to about this specific operation be called on this device 105 by this controller 103 then.In this example, this controller only is authorized to call the operation relevant with operational order A1 when condition satisfies, so the mandate (C_OK) of only having ready conditions offers controller 103.This condition can be that this operation only can be at the special time segment call, just calls in the time of perhaps can only formerly having called one or more scheduled operation.If call the operational order of an operation how comprise definition, on what or when call the parameter of an operation, then this condition also can be that an operation only is authorized to call when using special parameter.In 206, this condition has satisfied (CF), and controller 103 will can not attempted call operation order A2 and A3, and do not satisfy in 208 these conditions (C! F), then controller will can not be attempted call operation order A1, A2 and A3.
In Fig. 3, shown mandate how to verify a relevant operation A 1 so that determine whether this operation A 1 is authorized to be called on device 105 by controller 103.In this example, this device is to be used for handling from broadcast singal for example home network, internet or cable, perhaps from the storage medium device of the content of multimedia of DVD or CD for example.This content of multimedia is represented with arrow 303, and these data are DRM protections.The operation A 1 that is verified can be a recording operation, when raising the time spent at this device, makes the content of multimedia on this device beginning recording and storing medium.In 304, this device 105 receives this inquiry, and the mandate of relevant this operation A 1 of checking.This checking by checking respectively with carried out with the information that obtains whether being authorized to record this content of multimedia by the relevant authority 305 of recorded content about it.Further, this checking can comprise checking 307 these specific controller 103 and whether be authorized to call this operation, and this can be that local storage authority 309 is for example stored as access control list (ACL) on this device 105.In 306, the result of the authority checking relevant with this content of multimedia and this controller 103 is that this controller 103 is authorized to (OK) and calls operation A 1 on this device 105 respectively.This device 105 is indication 311 these controllers 103 of response by being authorized to about this specific operation then.In 308, this controller learns that operational order A1 can call on device 105, and ought can successfully call in case of necessity.Under the situation of the content that the DRM that is handled by device 105 protects, when new content is handled by device 105, be necessary to verify once more this order.
The present invention has been described above in the mode of summarizing.The present invention advantageously can be used by the control point that is connected with the UPnP network.
Shown the UPnP network that comprises three kinds of UPnP assemblies in Fig. 4, one is the security monitoring control point 401 that is used to control UPnP device 403.This security monitoring control point 401 comprises that some make this control point carry out the application specific coding (ASC) of different application.These application can be communicated by letter with the UPnP device in this UPnP network by mandate/ciphering unit (Aut/Enc).This UPnP network further comprises security monitoring UPnP device 403 and security control console 405.This security monitoring UPnP device 403 comprises access control list (ACL), has wherein stored the permission to the control point 401 that is used to the service on the specific UPnP device of carrying out.This access control list (ACL) is used by the access control in the UPnP device 403 (AC).This UPnP device further comprises the device specific coding (DSC) of the function that some realize this UPnP device.The management that this security control console 405 is carried out this access control list (ACL).This UPnP security component has user interface (UI), and the owner of this network can control this security control console 405 and issue permission to the control point whereby.These three security components the 401,403, the 405th, logic entity, single physical device just can be implemented an any amount logic entity.
Fig. 5 is presented at the schematic diagram of setting up the process at control point in the UPnP network.Wherein its mandate is determined at this control point according to the present invention.In this explanation, control point 401 usefulness CP representative, UPnP device 403 usefulness D representative, security control console is represented with SC.
At first in 501, security control console SC and UPnP device D are only arranged in this UPnP network, and this security control console acquires to this UPnP device, this means that this security control console can authorize the control point in this network to remove to visit this UPnP device D.In a particular embodiment, this security control console can be identical physical unit with the UPnP device.A kind of mode with secured fashion control is to know the secret of this UPnP device by this security control console of needs, and this secret can for example be encoded and write in the handbook of this UPnP device.Alternatively, this control can obtain by set up escape way (for example passing through USB cable) between this security control console and UPnP device.
In 503, this control point enters this network and obtains the authorization then, and this may further comprise the steps:
This security monitoring control point enters this network (E_N) and finds the existence of all security control consoles.This security monitoring control point offers all security control consoles to its key P_K then.Security control console is authorized this control point on any device then, and this security monitoring control point can be detected this UPnP device and detect the permission A_C that it need be visited simultaneously.Then in the frame of IA by name, this security control console can be with a terminal use mutual and this UPnP device offer this terminal use's authorization options, this security control console and the 3rd authorization server (agency) are alternately alternatively.As further option, the certificate that this security control console inspection is provided by this control point.This security control console is arranged on the mandate (S_A) on this UPnP device then, and last security control console returns authentication to this control point.Alternatively, can be before mandate be issued return authentication.
Now, in 505, this control point checking is for the mandate of specific action command, and this can be by finishing for each operational order checking mandate on this UPnP device.Alternatively, this control point further is registered in the incident of the mandate variation of the operation on this UPnP device.
This control point has the knowledge that has the mandate of calling which operation relevant with the scheduled operation order on this UPnP device about it now, and it can call the operation that is authorized to known to it on the UPnP device in 507.Calling of this operation can be started by the user, and wherein which operation is authorized to and which is not authorized and provides indication from user interface to this user.
In one embodiment, specific checking-checking is inquired about can be to the only appointment of each operational order in this order.In an example, operational order " DestroyObject (IN string0bjectID) " can have the test operation " testDestroyObject (INstring ObjectID) " of corresponding coupling.In another embodiment, the string argument of the SOAP layout version by comprising operation calls limits " test " operation, for example " testAction (IN stringSOAPAction) ".Alternatively, this specific service is also added this operation to as a parameter, thereby this testAction () operation can be limited in the service of separation, for example adds in the DeviceSecurity document.
The example of controlled device can be the network tv of implementing release mechanism, stereo combination or door (can pass through the networking command opening/closing).This security control console that is used to carry out security control can be the general Long-distance Control of network of for example implementing release mechanism.Further, this controller can be pocket memory/control device, resembles the network version of hard disk portable music player.One is used example of the present invention to be described below:
A guest enters a friend's family.This guest has a first new song in his portable music player and want to play on the big sound equipment his friend.There is sound equipment in the UI demonstration of this portable music player, but this guest is not allowed to control it.This guest asks his friend to change.Friend changes it by the general Long-distance Control of obtaining him, selects " mandate " label and sees that this guest's portable music player submitted its key to.So this friend selects this sound equipment and authorized this guest's portable music player " loud guest access (loud guestaccess) " two hours.It is available now to show this sound equipment that this guest's portable music player directly changes this user interface.This guest uses this UI to play with max volume on this big sound equipment with order should new song.This music begins to play after one second.
May be embodied as programmable microprocessor general or special purpose, digital signal processor (DSP), application-specific integrated circuit (ASIC) (ASIC), programmable logic array (PLA), field programmable gate array (FPGA), specific purpose electronic circuit etc. or their combination above being noted that.
Should be noted that the foregoing description is example rather than restriction the present invention, those of ordinary skills will design many optional embodiments and not break away from the scope of claims.In the claims, the invoking marks in any bracket all should not be interpreted as the restriction to claim.Word " comprise " do not get rid of those list in the claims outside other elements or the existence of step.The present invention can be by comprising a plurality of resolution elements hardware and realize by suitable programmable calculator.In having enumerated the device claim of a plurality of parts, a plurality of can the realization with same hardware in these parts by one.Quoting the simple fact of some measure in the dependent claims that differs from one another does not represent to use the combination of these measures to improve.
Claims (13)
1. one kind makes and to be used for determining that at the controller (103) that calls operation on the device (105) which operation is authorized to the method for calling on described device (105), wherein this controller (103) is adapted to by from one group of scheduled operation order (A1, A2, A3, A4) transmit operation order (A1 in, A2, A3, A4) call operation on this device (105) to described device (105), wherein said scheduled operation order (A1, A2, A3, A4) each can be sent out calling the specific operation on this device (105), and this method may further comprise the steps:
Send checking-checking inquire about (107,109,111,113) with definite with can be by at least one described operation that described operational order is called on this device (105) relevant mandate and
Receive the indication (115,117,119,121) of the mandate relevant with at least one described operation of on this device (105), calling.
2. according to the method for claim 1, wherein this method further comprises step: based on the indication (115,117,119 of this reception, 121), to user's indication of this controller (103) and in the last relevant mandate of invoked at least one described operation of this device (105).
3. according to the method for claim 1-2, wherein the indication (115,117,119,121) that should be received by controller (103) be if satisfy predetermined condition then can call the indication (115,117,119,121) of this operation on described device (105).
4. according to the method for claim 3, wherein said predetermined condition is by indication (115,117,119,121) sign.
5. according to the method for claim 1-4, changed if wherein should authorize, then this controller receives and the new indication (115,117,119,121) of going up the relevant mandate of invoked at least one described operation at this device (105).
6. according to the method for claim 1-5, wherein this device (105) is adapted to deal with data, and wherein with the indication (115,117 of going up the relevant mandate of invoked at least one described operation at this device (105), 119,121) be based on the mandate relevant with described data.
7. according to the method for claim 1-5, wherein be based on and the relevant mandate of this controller (103) with the indication (115,117,119,121) of going up the relevant mandate of invoked at least one described operation at this device (105).
8. according to the method for claim 1-7, wherein this controller is the control point (401) in the UPnP network, and this device is the UPnP device (403) as a UPnP network part.
9. according to the method for claim 1-8, wherein this authorization query is undertaken by sending authorization command, and wherein authorization command is corresponding to a single scheduled operation order.
10. according to the method for claim 1-8, wherein this authorization query is undertaken by sending authorization command, wherein this command parameter is a string argument, and this string argument comprises the SOAP layout version of an operational order, and its indication is authorized this operational order inquiry.
11. a controller (103) that is used to call an operation on the device, wherein this controller (103) is adapted to by from one group of scheduled operation order (A1, A2, A3, A4) transmit operation order (A1, A2, A3 in, A4) call operation on this device (105) to described device (105), wherein said scheduled operation order (A1, A2, A3, A4) each can be sent out calling the specific operation on this device (105), and this controller comprises:
Be used for sending checking-checking inquire about (107,109,111,113) with definite and parts that can relevant mandate by at least one described operation that described operational order is called on this device (105) and
The parts that are used for the indication (115,117,119,121) of the reception mandate relevant with at least one described operation of on this device (105), calling.
12. according to the controller of claim 11, wherein this controller (103) further comprises: based on the user indication and the parts of at this device (105) going up invoked at least one described operation relevant mandate of the indication that receives from device (105) to this controller (103).
13. control point that is arranged on the operation on the UPnP device (403) that is used for calling the UPnP network in the UPnP network, wherein this control point (401) are adapted to by sending at least one group of scheduled operation order (A1, A2, A3, A4) control UPnP device (403) in this UPnP network at least one described UPnP device (403) in, wherein said scheduled operation order (A1, A2, A3, A4) each in is sent out calling a specific operation on this UPnP device (403), and this control point (401) comprising:
Be used for sending checking-checking inquire about (107,109,111,113) with definite and parts that can relevant mandate by at least one described operation that described operational order is called on this UPnP device (403) and
The parts that are used for the indication (115,117,119,121) of the reception mandate relevant with at least one described operation of on this UPnP device (403), calling.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP03075589 | 2003-02-27 | ||
| EP03075589.6 | 2003-02-27 | ||
| EP03103791.4 | 2003-10-14 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1754372A true CN1754372A (en) | 2006-03-29 |
Family
ID=36680328
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200480005268 Pending CN1754372A (en) | 2003-02-27 | 2004-02-25 | Method and apparatus for determining controller authorizations in advance |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1754372A (en) |
-
2004
- 2004-02-25 CN CN 200480005268 patent/CN1754372A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8280818B2 (en) | License source component, license destination component, and method thereof | |
| US7877473B2 (en) | Mode detection of data transfer between a source device and a connected portable device | |
| US7765603B2 (en) | Communication system, contents processing device, communication method, and computer program | |
| US20060059105A1 (en) | Move component, program, and move method | |
| US20060069652A1 (en) | Copy component, program and method thereof | |
| US20080021837A1 (en) | Apparatus and method for creating unique identifier | |
| US20070009230A1 (en) | Content processing device, content processing method, and computer program | |
| US20050177823A1 (en) | License management | |
| US20060059101A1 (en) | Reproduction component, program and method thereof | |
| CN101366249A (en) | Method and apparatus for media sharing | |
| US9589112B2 (en) | Method, device, and system for downloading contents on the basis of a rights verification | |
| US20060059103A1 (en) | Return component, program, and return component method | |
| US20060059104A1 (en) | Rent component, program, and rent component method | |
| US20090324197A1 (en) | Information processing apapratus and data processing method and program | |
| CN101563676A (en) | Device for processing information and working method thereof | |
| US20060080726A1 (en) | Method and apparatus for determining controlller authorizations in advance | |
| KR20070020078A (en) | State info in drm identifier for ad drm | |
| CN112612327A (en) | Docking station access control method, device and system and electronic equipment | |
| EP1571787B1 (en) | Apparatus and method for reporting operation state of digital rights management | |
| CN1575474A (en) | Consumer and revocation of their equipment | |
| CN102930231A (en) | Management strategy | |
| CN1754372A (en) | Method and apparatus for determining controller authorizations in advance | |
| US20070061269A1 (en) | Apparatus and method for licensing | |
| JPWO2007089045A1 (en) | Authentication system | |
| JP5705436B2 (en) | Network operating method, local area network and network component |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |