KR100596382B1 - Apparatus for protecting digital content and method therefor - Google Patents

Abstract

The present invention relates to a digital content protection method and system for fundamentally preventing illegal copying and illegal transmission of MPEG-4 content streamed through the Internet. The digital content protection device according to the present invention receives an original format file. A packager for encrypting and inserting metadata to generate an encrypted format file; A license unit for transmitting license information containing encryption information used for encryption in the packager; And a streaming unit encrypting a content file based on the encrypted format file to transmit a streaming encryption packet.

Digital Content, Licensing, Encryption, Streaming

Description

Apparatus for protecting digital content and method therefor}

1 is a diagram illustrating a configuration of a system for protecting digital content according to an embodiment of the present invention.

FIG. 2 is a detailed view of the MP4 packager 101 shown in FIG. 1.

3A-3D illustrate the process of parsing an MP4 file to locate audio / video samples.

4 is a flowchart illustrating an encryption method according to the present invention, and FIG. 5 shows a change when only a key frame is encrypted in an MP4 file.

6 illustrates the structure of an encrypted sample of MPEG-4 video.

7 is a block diagram showing the detailed configuration of a decoding filter according to the present invention shown in FIG.

8 shows a schematic diagram of an apparatus for testing the performance of the present invention.

9A is a screen showing a result of performing an encryption-protected MP4 file without a decryption process, and FIG. 9B shows a screen reproduced through a decryption process according to the present invention.

The present invention relates to a method and a system for protecting digital content to fundamentally block illegal copying and illegal transmission of MPEG-4 content streamed through the Internet.

Recently, with the rapid development of computers, the Internet, and storage media, various documents and contents have been produced and distributed in the form of computer-readable digital data, but due to the nature of these digital contents, it is easy to make the same copy or modified version as the original. Not only can it be done, but it is also easy to deploy. Therefore, the authors of digital content, which requires a lot of money, time, creativity, and labor, want to protect their copyrights online or offline, but the digital content market is active due to the easy copying and distribution of digital content as described above. Has become a big obstacle.

One of the methods to solve the illegal copying and illegal distribution of digital content is a streaming method. The streaming method does not store data on the user's hard disk, but only temporarily stores and uses the data on RAM memory. However, this is due to technical problems such as communication speed or other compression. There are often disadvantages.

DRM technology is a concept to protect copyrighted information and has been proposed as a way to solve this problem. The existing DRM system for video content encrypts the content and downloads the entire content to the user system, and when the content is played back, the decrypted content is played by decrypting the block by a specific size in memory. However, in the case of video content such as movies, most of them are hundreds of megabytes and more than 1 gigabyte in size, so downloading the entire contents to the user's local system is not only inefficient but also generates severe network traffic. Therefore, the VoD service uses a streaming technology to transmit and play content in real time. Streaming is a popular method for security reasons because the transmitted data is not stored locally but is reproduced in real time through buffering.

The video streaming service allows only authorized users to access contents through ID / PW authentication. However, with the emergence of tools that capture streaming URLs and use them to store streaming packets, it is no longer safe for streaming content. This is because streaming content stored in the user system may be illegally copied and distributed.

For DRM systems that support streaming content, Microsoft's Windows Media Rights Manager Software Development Kit (SDK), Windows Media Format SDK, and other formats include Microsoft's streaming server, Windows Media Server, and media formats WMV, WMA, and ASF. Because most systems only support it, they cannot support streaming systems that conform to the general MPEG-4 streaming standard specification. Since the encryption method of content is applied equally to all contents, it is difficult to apply various business models and affect the QoS of streaming service because the load due to decryption operation on user system cannot be adjusted according to user system performance. Can be.

The technical problem to be achieved by the present invention is an encryption method and a dedicated viewer program for MPEG-4 content stored in MP4 file format that can be applied immediately without modification to the existing streaming server and can minimize the impact on QoS of the streaming service. In addition, to provide a digital content protection device and method that can be used in a general-purpose viewer program.

According to another aspect of the present invention, there is provided a digital content protection device, including: a packager for receiving an original format file, encrypting the data, and inserting metadata to generate an encrypted format file; A license unit for transmitting license information containing encryption information used for encryption in the packager; And a streaming unit encrypting a content file based on the encrypted format file to transmit a streaming encryption packet.

According to an aspect of the present invention, there is provided a digital device for protecting content according to an embodiment of the present invention, comprising: a DRM controller receiving license information containing encryption information capable of decrypting an encrypted packet; A decryption filter for receiving a streaming encryption packet and decrypting the same according to the encryption information; And a viewer for reproducing video and audio data by the decoded packet.

According to an aspect of the present invention, there is provided a method for protecting digital content, the method comprising: receiving an original format file, encrypting the data, and inserting metadata to generate an encrypted format file; Transmitting a streaming encryption packet by encrypting a content file based on the encrypted format file, and transmitting license information containing encryption information used for the encryption; Receiving the license information and the streaming encryption packet, and decoding the packet according to the license information to play video and audio data.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.

In order to protect the copyright of digital content, a recent interest is the Digital Rights Management (DRM) system. DRM system is a technology that protects various digital contents such as texts, music, images, videos, video lectures, movies, software, and games distributed through various channels from illegal copying, and enables continuous content monetization service. When a content provider introduces a DRM system, digital content distributed through all networks can be opened only if it meets the rules and usage policies set by the content provider. Even if illegal copying, all digital content is encrypted so that it does not pay a fair fee. The user will not be able to open it.

Due to changes in the Internet and network environments, it is possible to provide high quality content services in real time. As the demand for digital content increases, the issues related to intellectual property become more important. Streaming services such as VOD solved this problem by not storing content. However, with the emergence of several tools for storing streaming content, the stream content is no longer free from this problem. Thus, a new technology for controlling and managing the rights to the content has been required for security measures such as access control.

MPEG-4 is the main technology of content streaming and shows high quality in a wired or wireless environment. Compared to other media types, stream services using MPEG-4 require longer time to decode and play content. This means that the processing time of the DRM should be minimized to guarantee the quality of the content. In order to meet this requirement, it is essential to analyze the effects of DRM on performance. Effective encryption methods can be determined from the results of this analysis.

The present invention provides a DRM-based streaming system that can not only protect stream MPEG-4 contents but also easily integrate with existing MPEG-4 streaming systems. In the present invention, by designing the DRM while using the existing streaming server without modification, the MP4 file is encrypted without breaking the file format, so that it can operate in any MP4 streaming server. Thus, an encryption method that can be applied to compressed MPEG-4 is used.

The present invention is a DRM system designed to be applied immediately without modification to the existing streaming server, even after the content file is encrypted to follow the MP4 file format, MPEG-4 standard file format, so that the streaming server encrypts the content file Streaming is available regardless.

1 is a diagram showing the configuration of a system for protecting digital content according to an embodiment of the present invention, which includes a server system 100 for transmitting streaming packets and a client system 120 for receiving and playing the same. .

The server system 100 includes a packager 101 which receives an original MP4 file, encrypts it, inserts necessary metadata, and then transmits encryption information used when encrypting. The encrypted MP4 file is transmitted to the DB 105 in which the content file of the streaming server 103 is stored, and the streaming server 103 generates a streaming encryption packet by encrypting the content file based on the encrypted MP4 file. The streaming server 103 stores the encrypted file in the database, and even though the encrypted file is encrypted, the format is the same, so that the streaming server 103 streams the encrypted file as in the case of streaming a normal file without having to know whether the encrypted file is encrypted.

Encryption information such as a key used for encryption in the MP4 packager 101 is transmitted to the license server 107, and the license server 107 is an encryption capable of decrypting content when the client system 120 decrypts the streaming packet. Send license information with information.

The DRM controller 121 of the client system 120 receives license information from the license server 107 and transfers the license information to the decryption filter 123. The decryption filter 123 decrypts the streaming encryption packet received from the streaming server 103 by using the license information, and the viewer 125 plays the video / audio signal according to the decrypted packet.

The streaming server 103 transmits stream data according to the file format of the content regardless of whether the content is encrypted. In order to transmit the stream data in this manner, the format of the encrypted content should not be modified. Thus, there is a need to apply a method that does not break the content format. The MP4 packager 101 encrypts only the media data portion of the MP4 file so as not to break the MP4 file format. At this time, the frame type to be encrypted or the size of data to be encrypted can be selected.

The license server 107 manages information (eg, key information, type of encrypted media data, size of encrypted data) necessary for decrypting the encrypted MP4 file and provides it to a legitimate user.

FIG. 2 is a detailed view of the MP4 packager 101 shown in FIG. 1.

The original MP4 file input to the MP4 packager 101 includes an object description track, a scene description track, an MPEG-4 video track, an MPEG-4 audio track, and the like. The MPEG-4 file format (MP4) is a format designed to include media information of MPEG-4. More information can be found at the following site.

http://developer.apple.com/documentation/QuickTime/

The MP4 file format consists of an object-oriented structure called an atom, with each atom identified by a unique tag and length. Most of the time, atoms are described as a hierarchical structure of metadata that provides information such as index points, durations, and pointers to media data. The media data itself may be located in an MP4 file included in one or more mdat (media data atoms), or may be located outside the MP4 and referenced through a URL.

Metadata in a file, known as a hint track, provides instructions that indicate how the server delivers media data through a particular delivery protocol. The metadata in the file allows the MP4 format to support streaming, editing, local playback and content exchange, thereby satisfying the requirements for the MPEG-4 intermediate format.

The MP4 packager 101 is an MP4 parser 21 which parses an MP4 file to find the location of an audio / video sample, and an encryption region checker that extracts a sample corresponding to a key frame or a sample corresponding to a section to be encrypted from the video samples ( 22), an encrypter 23 that performs actual encryption using a universal encryption algorithm such as DES or AES, or a hint track for an audio / video track if the original MP4 file does not contain hint track information or a meta information track. A hint track generator 24 for generating a hint track for the meta information track generator 25 for inserting any meta information track that can contain packaging information and other user-defined information.

The information specified in the meta information track can identify whether the file is an encrypted MP4 file. The hint track is information required when streaming an MP4 file and contains packetizing information of a protocol and data to be transmitted.

In FIG. 2, the packager 101 is an MP4 file 29 in which an original MP4 file 27 is received and the structure of a packaged file is encrypted. And a hint track for the meta information track.

3A and 3D are diagrams illustrating a process of locating an audio / video sample by parsing a 'moov' atom of an MP4 file in the MP4 parser 21 illustrated in FIG. 2. The offset information of the sample can be known using the table information in the 'moov' atom. In MP4 files, audio / video data is stored in samples, where samples are the same as audio frames and video frames. Encryption is done on a sample basis.

4 is a flowchart illustrating an encryption method according to the present invention, and illustrates a process of encrypting only a sample corresponding to a key frame (I frame) among video samples of an MP4 file. 5 shows a change when only a key frame is encrypted in an MP4 file. To encrypt a key frame, it must be able to distinguish it from other frames. Information related to the frame type is contained in the VOP start code.

An encryption method that protects content by encrypting all data regardless of the content format cannot be applied to streaming content. Encrypting the entire content data changes the format of the content, so the streaming server cannot properly transmit the stream data. Therefore, in order to protect MP4 content without changing the streaming server, an encryption method without changing the content format is required. The most obvious way is to encrypt the RTST packet payload contained within the MP4 file mdat chunk. Each media track is defined by a series of chunks.

In a video track, one packet may include one frame of a video sequence, and the first frame of video may include header and codec information. Video sequence frames can be divided into two categories: I-frames and other frames (P. B frames). I-frames are also called sync frames or key frames.

Referring to FIG. 4, the offset information of the parsing result video sample of the MP4 parser is found (41), and then the VOP start code is checked from the video sample (42). The VOP start code indicates a start of a video frame. The VOP start code indicates whether a key frame is found by looking at the upper two bits of the lower byte of the value. If this value is 00, it is a key frame, and if it is 01, 10, or 11, it represents P frame, B frame, and S frame, respectively. If it is a key frame (43) the video data is encrypted (44), otherwise the next sample is processed without encryption.

6 illustrates the structure of an encrypted sample of MPEG-4 video. The safe header contains the VOP start code and frame type information. This part is not encrypted. The tail is also not encrypted, and the tail is less than 8 bytes long. When 8 bytes of sample data are continuously encrypted, if the length of the remaining data is smaller than 8 bytes, the data is not encrypted so that the total sample size is not changed.

7 is a block diagram showing the detailed configuration of a decoding filter according to the present invention shown in FIG. When a client requests a service from a streaming server, the client uses RTSP to configure network port information and content to be serviced between the server and the client. The information is described in a Session Description Protocol (SDP) format.

The decoding filter 123 includes an SDP data parser 201 for parsing this SDP information, a video packet decoder 202 for decoding a video packet, and an audio packet decoder 203 for decoding an audio packet. And a control unit 205 for receiving a key and encryption information necessary for decryption from the DRM controller and performing a monitoring operation.

The SDP data parser 71 extracts the port number of the video RTP packet, the port number of the audio RTP packet, the transmission mode, and the AU header length information of the audio. This information is used to distinguish whether the packet to be processed is an audio packet or a video packet, and to parse the AU header of the audio packet.

If only the key frame is encrypted, it is necessary to determine which sample to decrypt. Since some data of the sample header is not encrypted at the encryption stage, the safe header portion can be inspected to determine whether it is a key frame. The VOP has a 4-byte start code and uses two bits of the frame type to determine whether or not it is a key frame.

In order to decode the key frame in the video packet decoder 72, first, it is checked whether the current packet is a video packet using a port number of the packet and a synchronization source (SSRC) value of the RTP packet. The timestamp, sequence number, and markerbit information of the RTP packet header are used to determine whether the current packet is included in the same frame as the previous packet, and if so, whether the packet corresponds to the end of the frame or not. Check if the packet corresponds to the middle part. Or, it is checked whether the current packet is a packet starting with a new frame different from the frame of the previous packet.

The reason for dividing the number into three cases is that the decryption method differs depending on the encryption method used. In the case of using the stream encryption, the decryption method is the same in all three cases. However, in the case of using the block encryption, the packet recombination process occurs, so buffering is required. If the current packet is a packet starting with a new frame, the RTP payload finds the VOP start code and checks whether it is a key frame, and if it is a key frame, decryption is performed. If the length of the RTP payload is not a multiple of the block size when the block encryption method is used, fragmentation occurs in one encryption unit block. Therefore, the payload is decrypted only as much as the block size and the rest is buffered. It stores the data in the next packet, and when the next packet comes in, it is combined and decrypted. When processing the next packet, the buffered data is concatenated with payload data of the current packet to perform decoding.

The decoding of the audio packet in the audio packet decoder 73 is almost the same as the decoding of the video packet, but there is a slight difference in the method of packetizing the RTP packet.

8 shows a schematic diagram of an apparatus for testing the performance of the present invention. The RTP / RTSP stream source 150 parses the data received from the broadcasting / live server and outputs uncompressed MPEG-4 video / audio data. The video / audio decoding filters 151 and 153 are implemented as in-place filters.

The MPEG-4 audio decoder 154 decodes the MPEG-4 AAC LC audio stream and outputs PCM audio data. The MPEG-4 video decoder 152 decodes the MPEG-4 Advanced Simple Profile video stream and outputs a video RGB / YUV stream. The viewer 155 plays the video / audio data output from the MPEG-4 video / audio decoders 152 and 154. 9A is a screen showing a result of performing an encryption-protected MP4 file without a decryption process, and FIG. 9B shows a screen reproduced through a decryption process according to the present invention.

In order to test the performance of the decoding process according to the present invention, three types of files are used, ranging from low to high bit rates. The characteristics of the test file are shown in Table 1 below. In this experiment, only video data processing was tested because the audio data is smaller than the video data and does not significantly affect the overall processing time.

Table 2-4 shows the processing time for files A, B and C. Experimental results show that the decryption time is very fast, and even if all the frames are encrypted, it has little effect on the performance of streaming.

File A File B File C Video Track MPEG-4, 320x240, 25fps, 210kbps MPEG-4, 90x60, 8fps, 4kbps MPEG-4, 320x240, 29.97 fps, 974 kbps Audio track MPEG-4 @ L1, 32KHz 56kbps MPEG-4 @ L1, 16 KHz 16 kbps MPEG-4 @ L1, 44KHz 128kbps Duration 7405.560 sec (~ 124 min) 1718.976 sec (~ 29 min) 30.063sec File size 240 MB 10 MB 4 MB Total Video Samples 184,139 13,752 901 I-Frame samples 768 5,481 23

Encrypt All Decrypt All Encrypt I-Fr. Decrypt I-Fr. Open file 0.3 s [0.5%] 0.3s [0.7%] 0.3s [0.7%] 0.3s [1.0%] Audio processing 16.8s [30.6%] 7.5 s [17.2%] 17.9s [42.8%] 7.4 s [25.1%] Video Processing 31.9s [58.1%] 29.7s [68.3%] 23.3 s [55.7%] 21.4s [72.8%] Video Crypting 5.9 s [10.7%] 6.0 s [13.8%] 0.3s [0.7%] 0.3s [1.0%] Video Crypting (Aver.) 32us 32us 0.39 ms 0.39 ms Total 54.9 s 43.5 s 41.8s 29.4 s

Encrypt All Decrypt All Encrypt I-Fr. Decrypt I-Fr. Open file 0.0s [0.0%] 0.0s [0.0%] 0.0s [0.0%] 0.0s [0.0%] Audio processing 1.5s [62.5%] 0.3s [25%] 0.7s [50.0%] 0.3s [30.0%] Video Processing 0.7s [29.2%] 0.7s [58.3%] 0.6s [42.9%] 0.6s [60.0%] Video Crypting 0.2s [8.3%] 0.2s [16.7%] 0.1s [7.1%] 0.1s [10.0%] Video Crypting (Aver.) 14.5us 14.5us 18.2us 18.2us Total 2.4 s 1.2 s 1.4 s 1.0 s

Encrypt All Decrypt All Encrypt I-Fr. Decrypt I-Fr. Open file 0.0s [0.0%] 0.0s [0.0%] 0.0s [0.0%] 0.0s [0.0%] Audio processing 0.23 s [30.3%] 0.12s [20.0%] 0.22 s [39.3%] 0.10s [24.4%] Video Processing 0.43 s [56.6%] 0.38s [63.3%] 0.32s [57.1%] 0.29 s [70.7%] Video Crypting 0.1 s [13.2%] 0.1s [16.7%] 0.02 s [3.6%] 0.02s [4.9%] Video Crypting (Aver.) 0.11 ms 0.11 ms 0.87 ms 0.87 ms Total 0.76 s 0.60 s 0.56 s 0.41 s

The invention can also be embodied as computer readable code on a computer readable recording medium. The computer-readable recording medium includes all kinds of recording devices in which data that can be read by a computer system is stored. Examples of computer-readable recording media include ROM, RAM, CD-ROM, magnetic tape, floppy disk, optical data storage, and the like, which are also implemented in the form of a carrier wave (for example, transmission over the Internet). It also includes. The computer readable recording medium can also be distributed over network coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.

The best embodiments have been disclosed in the drawings and specification above. Although specific terms have been used herein, they are used only for the purpose of describing the present invention and are not used to limit the scope of the present invention as defined in the meaning or claims. Therefore, those skilled in the art will understand that various modifications and equivalent other embodiments are possible from this. Therefore, the true technical protection scope of the present invention will be defined by the technical spirit of the appended claims.

As described above, according to the present invention, the encrypted content file also complies with the MP4 file format so that the encrypted file and the unencrypted file operate in the streaming server in the same manner, and the video data having a relatively large size compared to the audio data can be obtained. When encrypting, only a part of the data can be encrypted using the characteristics of MPEG-4 compression method, and only the data in the desired play time area among the total play time of the content can be encrypted so that the decryption operation on the client affects the QoS of the streaming service. Was minimized. When the encrypted streaming content is played back, decryption is performed at the network device driver level, so that it can be used not only for a dedicated viewer program but also for a general purpose viewer program. Therefore, the present invention can be used for secure streaming service of MPEG-4 content.

According to the present invention, when encrypting content, the encryption server conforms to the same format as before encryption, that is, the MP4 format, so that the streaming server does not need to know whether the content that is being streamed is an encrypted packet. You can stream in the same way. Therefore, there is an advantage that can be applied to the DRM system according to the present invention without designing a streaming server that is commonly used directly.

Claims (7)

Parser to find the location of the audio / video sample by parsing the input source format file, an encryption region checker to extract the sample corresponding to the section to be encrypted from the video sample, and to perform encryption on the extracted video sample using an encryption algorithm. A packager including a hint track generator for generating a hint track for the audio / video track or the meta information track, and a meta information track generator for generating a meta information track that can contain packaging information and user-defined information; A license unit for transmitting license information containing encryption information used for encryption in the packager; And And a streaming unit which transmits a streaming encryption packet by encrypting a content file based on the encrypted format file. The method of claim 1, And a user system for decrypting and playing the packet transmitted in the encrypted state in real time. delete The apparatus of claim 1, wherein the cryptographic area checker And determining the VOP start code from the video sample and extracting the sample corresponding to the key frame after finding the offset information of the video sample by the parser. A DRM controller for receiving license information containing encryption information capable of decrypting an encrypted packet; A decryption filter for receiving a streaming encryption packet and decrypting the same according to the encryption information; And A viewer for playing video and audio data by the decoded packet, The decoding filter includes an SDP parser for parsing network port information and SDP information for content to be served, a video packet decoder for decoding video packets, an audio packet decoder for decoding audio packets, and the DRM controller. And a control unit which receives the encryption information necessary for decryption from the control unit and controls decryption of the video packet and the audio packet at all times. delete Parse the input source format file to find the location of the audio / video sample, extract the sample corresponding to the section to be encrypted from the video sample, perform encryption on the extracted video sample using an encryption algorithm, Generating a hint track for a video track or meta-information track and generating a meta-information track that can contain packaging information and user-defined information; Transmitting a streaming encryption packet by encrypting a content file based on the encrypted format file, and transmitting license information containing encryption information used for the encryption; And Receiving the license information and the streaming encryption packet, and decoding the packet according to the license information to play video and audio data.

Images