KR101302127B1 - Digital rights management method and system thereof - Google Patents

Abstract

The present invention relates to a digital rights management method and a system capable of limiting the use time of the content protected by encryption. The digital rights management method sets the usage time zone of the content protected by encryption, and generates usage rights information so that the protected content can be used only within the time period belonging to the set usage time zone. The generated usage right information may be delivered to the device that has received the protected content, thereby limiting a time period during which the protected content may be used.

Digital, Content, Rights Management, Permissions, DRM

Description

Digital rights management method and system thereof

1 is a view showing an example of a system to which a digital rights management method according to the present invention is applied;

2 and 3 are message sequence charts provided in the explanation of the digital rights management method according to the present invention;

4 is a flowchart provided in the description of the digital rights management method according to the present invention, and

5 to 7 are views for explaining the digital rights management method according to the present invention with the user interface provided to the device.

Explanation of symbols on the main parts of the drawings

110: device 120: content publisher

130: authority issuer

The present invention relates to a digital rights management method and system, and more particularly, to a digital rights management method and system that can limit the use time zone for the content protected by encryption.

In general, digital rights management (DRM) is used to manage rights for digital content in various formats distributed through wired and wireless networks. Digital rights management is a method that prevents the illegal use of digital content itself, and converts the digital content into encrypted data using a package technology. Accordingly, in order to use digital content protected by digital rights management, that is, DRM content, rights information used to decrypt DRM content must be obtained through an authentication procedure.

Examples of such digital rights management methods include Microsoft's DRM and OMA DRM (Open Mobile Alliance Digital Rights Management). In the case of OMA DRM, V2.0 is announced. In the case of OMA DRM V2.0, the encrypted DRM content and the permission information on the DRM content may be physically separated, and the permission information used to decrypt the encrypted DRM content may be divided into a device and an authorization provider ( It can be obtained through mutual certification between Rights Issuer.

However, according to the current OMA DRM V2.0 protocol and the OMA Rights Expression Language (REL), the period or number of times that DRM content can be used can be limited, but the usage time period can be set again within the set period of use. There is no provision for limiting measures. Therefore, if the parent wants to restrict the use time of the DRM content, such as when the parent wants to allow the use of the content only in a specific time zone, there is no other way.

Accordingly, it is an object of the present invention to provide a digital rights management method and system capable of limiting the use time for contents protected by encryption.

In accordance with another aspect of the present invention, there is provided a digital rights management method comprising: setting a use time zone of DRM content and receiving use rights information of the DRM content including the DRM content and information corresponding to the use time zone And allowing use of the DRM content only within a time period belonging to the use time zone according to the usage right information. The restriction information may include a start time and an end time of the use time zone.

In addition, the digital rights management method according to the present invention for achieving the above object, the step of setting the use time zone of the digital content protected by encryption, enabling the use of the protected content only within the time period belonging to the use time zone Generating usage rights information, and transmitting the protected content and the usage rights information.

In addition, the digital rights management system according to the present invention, the device for setting the usage time zone of the DRM content to be received, and the device for using the DRM content and the usage rights information to make the DRM content available only within the time period belonging to the usage time zone. It includes the content provider to send to.

In order to attain the above object, the present invention provides a computer-readable recording medium having recorded thereon a program for causing a computer to execute the method.

Hereinafter, with reference to the drawings will be described the present invention in more detail.

The digital rights management method according to the present invention is basically applied to a mobile communication environment based on the Open Mobile Alliance (OMA) standard, but is not necessarily limited thereto and may be applied to other communication environments that satisfy the conditions according to the present invention. Do. In addition, the digital rights management method according to the present invention uses a method of limiting the content usage time zone by using an element newly defined in the usage right information of the DRM content.

1 shows an example of a system to which a digital rights management method according to the present invention is applied. Referring to FIG. 1, the system includes a device 110, a content issuer 120, and a rights issuer 130.

The device 110 is a device that uses contents, and includes a user's terminal such as a mobile phone or a personal digital assistant (PDA). The device 110 is communicatively connected to the content publisher 120 through a network such as a mobile communication network, and downloads DRM content protected by digital rights management (DRM) from the content publisher 120. The device 110 downloads the usage right information (Rights Object) through an authentication process with the authority issuer 130. The device 110 may use the downloaded DRM content by decrypting the encrypted DRM content by using content encryption key information included in the usage right information.

In addition, as shown in FIG. 1, the device 110 may receive the DRM content and the usage right information from the content issuer 120 and the authority issuer 130, respectively. It may be transmitted simultaneously or sequentially from one content provider.

2 and 3 are message sequence charts provided for explaining the digital rights management method according to the present invention, and are referred to for explaining a process of downloading DRM contents and usage rights information from a device. First, referring to FIG. 2, the device 110 is communicatively connected to the content publisher 120 through a predetermined network to search for content that the content publisher 120 can provide (S200). By the searching process, the content to be downloaded is selected, the use condition for the selected content is set and the cost is paid (S205).

In this case, the usage time of the content may be set in detail within the usage period, in addition to the existing limitation conditions such as the usage period or the number of times of use of the selected content. For example, the use of the selected content is allowed only during the period of 17:00 to 18:00 during the use period, and the content may not be used at other times. Such use time zone can be set to a start time and an end time of the use time zone.

When the setting of the usage conditions and the payment for the content are completed, the device 110 downloads the selected DRM content from the content issuer 120 (S210). The device 110 requests the right issuer 130 to use the downloaded DRM content for use (S215). The authority issuer 130 receives necessary information from the content issuer 120, generates usage rights information according to the set usage conditions, and transmits the generated usage right information to the device 110. Accordingly, the device 110 obtains the usage right information (S220). The device 110 installs a usage right in the device 110 by using the obtained usage right information (S235). By such a process, the DRM content and its usage right information are stored in the device 110.

3 illustrates a case where both the selected DRM content and the usage right information for using the DRM content are downloaded from one content provider, and the basic operations are the same as those described with reference to FIG. 2. Referring to FIG. 3, the device 250 accesses the content provider 260 to search for content (S300), and selects content to be downloaded (S305). When the content is selected, the content purchase information is downloaded from the content provider 260 (S310). In operation S315, the device 250 sets a usage condition and pays the cost with reference to the purchase information. At this time, the setting of the use condition is as described with reference to FIG. 2.

When the setting condition and the cost of the content is settled, all of the selected DRM content and usage right information are downloaded from the content provider 260 (S320). The device 250 installs a use right using the obtained use right information (S335). By this process, the DRM content and its use right information are downloaded and stored in the device 110.

On the other hand, in the digital rights management method according to the present invention, in order to include the information corresponding to the time zone in the usage rights information, the <starttime> and <endtime> elements as follows in the <Datetime> element used for the time limit of the content Define a new element.

Element

<! ELEMENT o-dd: starttime (#DATA)>

Element
<! ELEMENT o-dd: endtime (#DATA)>

Where <starttime> is an element used to indicate the start time of the time zone, and the start time has the format hour: minute: second, such as hh: mm: ss. <endtime> is an element used to indicate the end time of the usage time zone, and the end time also has the format hour: minute: second like hh: mm: ss. That is, the content can be used only at the time belonging to the time zone from the start time set in <starttime> to the end time set in <endtime>, and the use is restricted at other times. For example, if <starttime> is set to 17:00:00 and <endtime> is set to 18:00:00, the content can be used only at a time between 17:00 and 18:00 every day.

[Table 3] below shows an example of user authority information including newly defined <starttiem> and <endtime> elements. Here, it is described in OMA Rights Expression Language (REL) based on Extensible Markup Language (XML).

1: <o-ex: rights
2: xmlns: o-ex = "http://odrl.net/1.1/ODRL-EX"
3: xmlns: o-dd = "http://odrl.net/1.1/ODRL-DD"
4: xmlns: oma-dd = "http://www.openmobilealliance.com/oma-dd"
5: xmlns: ds = "http://www.w3.org/2000/09/xmldsig#"
6: xmlns: xenc = "http://www.w3.org/2001/04/xmlenc#">
7: <o-ex: context>
8: <o-dd: version> 2.0 </ o-dd: version>
9: <o-dd: uid> RightsObjectID </ o-dd: uid>
10: </ o-ex: context>
11: <o-ex: agreement>
12: <o-ex: asset o-ex: id = "Asset-1">
13: <o-ex: context>
14: <o-dd: uid> ContentID1 </ o-dd: uid>
15: </ o-ex: context>
16: <o-ex: digest>
17: <ds: DigestMethod Algorithm = "http://www.w3.org/2000/09/xmldsig#sha1"/>
18: <ds: DigestValue> DCFHash </ ds: DigestValue>
19: </ o-ex: digest>
20: <ds: KeyInfo>
21: <xenc: EncryptedKey>
22: <ds: KeyInfo>
23: <ds: RetrievalMethod URI = "REKReference"/>
24: </ ds: KeyInfo>
25: <xenc: EncryptionMethod Algorithm = "http://www.w3.org/2001/04/xmlenc#kw-aes128"/>
26: <xenc: CipherData>
27: <xenc: CipherValue> EncryptedCEK </ xenc: CipherValue>
28: </ xenc: CipherData>
29: </ xenc: EncryptedKey>
30: </ ds: KeyInfo>
31: </ o-ex: asset>
32: <o-ex: permission>
33: <o-dd: play>
34: <o-ex: constraint>
35: <o-dd: datetime>
36: <o-dd: start> 2006-03-01T00: 00: 00Z </ o-dd: start>
37: <o-dd: end> 2006-03-10T23: 59: 59Z </ o-dd: end>
38: <o-dd: starttime > 17:00:00 </ o-dd: starttime >
39: <o-dd: endtime > 18:00:00 </ o-dd: endtime >
40: </ o-dd: datetime>
41: </ o-ex: constraint>
42: <o-dd: play />
43: </ o-ex: permission>
44: </ o-ex: agreement>
45: </ o-ex: rights>

In Table 3, lines 1 to 6 indicate the structure of the DRM permission, and describe information about an XML namespace indicating information for XML interpretation. Lines 7 to 10 describe version information of the DRM system to which the DRM permission is applied.

Lines 11 to 44 include content information and specific contents of the DRM permission, and are represented by <asset> and <permission> elements, respectively.

The <asset> element describes the identifier of the content to which the DRM license is applied in lines 12 to 31, and content encryption key (CEK) information capable of decrypting encrypted DRM content in lines 20 to 30. It describes. In addition, the <permission> element describes that contents can be reproduced in lines 32 to 43.

The <constraint> element in line 34 may include elements such as <count>, <interval>, <accumulated>, <start>, <end>, and the like. The <interval> element represents a period during which the content can be used, and the start time point is a time point of using the content for the first time. The <start> and <end> elements are described together, stating that they can be used freely from the date specified by <start> to the date specified by <end>. The <start> and <end> elements have the format CCYY-MM-DDThh: mm: ss, where CC is the century, YY is the year, MM is the month, DD is the day, hh is the hour, mm is the minute, and ss is the second. Indicates. In this case, it means that the content can be played from 00:00:00 on March 1, 2006 to 23:59:59 on March 10, 2006.

<Starttime> and <endtime> in lines 38 and 39 are elements newly defined in the present invention as described above. This usage right information indicates that the content can be played back only from 17:00 to 18:00 daily during the usage period. In this way, the <starttime> and <endtime> elements can be newly defined to set the usage time zone. In addition, in the above example, the use time limit is again limited among the usage periods. However, depending on the application example, the <starttime> and <endtime> elements may be used independently of the <start> and <end> elements. It can also be used in combination with.

4 is a flowchart provided to explain a process of using a content in a device in which DRM content and its usage right are installed in the digital rights management method according to the present invention. Referring to FIG. 4, if there is a content use request in a device on which DRM content and its usage right are installed (S400), first, it is determined whether a basic constraint such as a use period or a number of times is satisfied (S405). As a result of the determination, if the basic restriction condition is satisfied, it is determined whether the content use request time corresponds to a time condition indicating whether or not it belongs to the set use time zone (S410).

If the content use request time belongs to the set time zone and satisfies the time condition, the use of the content is allowed (S415). If the use of the content is allowed, the content may be played, displayed, or executed depending on the type of the content.

However, if the content use request time does not belong to the set use time zone, the application ends without allowing the use of the content. In addition, even if the use of the content is allowed, the use of the content is terminated when time passes out of the set use time zone.

5 to 7 are views for explaining the digital rights management method according to the present invention with the user interface provided to the device. First, FIG. 5 illustrates an example of a user interface used in a process of downloading content and usage right information from a device.

Referring to FIG. 5A, a user interface displayed on a screen of a device may include a status display area 501 of a device, an area 503 indicating a current menu item, and a submenu item of a current menu item. Area 505 and a selection area 507 for menu selection and returning to the previous menu. 5 (a) shows '3. 3' in a submenu item of the 'Internet' menu item. Go to URL 'is selected, and FIG. 5B illustrates a process of inputting a Uniform Resource Locator (URL) address of a content provider to be accessed.

FIG. 5C illustrates a process of selecting one of contents provided by a content provider connected by an input URL address, and FIG. 5D illustrates a menu for inputting purchase information on selected content. Indicates the process of downloading. As shown in (e) of FIG. 5, a menu for inputting purchase information includes items for inputting a start time 511 and an end time 513 to set a use time zone. You can also enter a time at which the use of can be accumulated to the maximum. According to the use condition, a credit card number 515 and a password 517 are input through the payment screen, as shown in FIG.

After this process, the selected content and the usage right are downloaded as shown in FIG. 5 (h) is a screen indicating that the download of the selected content and the right to use has been completed.

FIG. 6 is a diagram for describing a case where a content execution request is requested at a time out of a set use time zone. In FIG. 6, (a) shows a process of selecting a type of content to be used, and (b) shows a process of selecting a content title to be used in the selected content type. In the case of (c) of FIG. 6, when the use of content is requested at a time out of the use time zone, for example, the use time is set to 17:00 to 18:00. will be. A message indicating that the content can be used only between 17:00 and 18:00, which is the use time zone set as shown in FIG. 6C, is displayed, and the use of the content is not allowed.

 FIG. 7 is a diagram illustrating a case where a content execution request is requested at a time belonging to a set use time zone. In FIG. 7, (a) shows a process of selecting a type of content to be used, and (b) shows a process of selecting a content title to be used in the selected content type. FIG. 7C illustrates a screen in which content use is requested at a time belonging to a use time zone, and selected content is reproduced.

As such, even when content usage is requested at a time belonging to the use time zone and the use of the content is allowed, when the time passes and the user goes out of the use time zone, the content may be used only in the use time zone, as shown in FIG. Message is displayed and the use of the selected content is stopped.

By using the above process, the use time zone can be set for the protected content, so that the parent can use it when the parent restricts the use time of the content of the child to a specific time zone.

The present invention can also be embodied as computer-readable codes on a computer-readable recording medium. A computer-readable recording medium includes all kinds of recording apparatuses in which data that can be read by a computer system is stored. Examples of the computer-readable recording medium include a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like, and may be implemented in the form of a carrier wave (for example, transmission via the Internet) . The computer readable recording medium may also be distributed over a networked computer system so that computer readable code can be stored and executed in a distributed manner.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, It will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the present invention.

As described above, according to the present invention, the use time zone can be set for contents protected by encryption. Therefore, since the protected content can be restricted to be used only in a specific time zone, it can be used when a parent restricts the use of content of the child to a specific time zone. In addition, since the present invention is a method of adding a newly defined element to the existing usage rights information, it can be easily implemented by simply changing the software without changing the hardware.

Claims (15)

In the digital rights management method of a device that can use DRM (Digital Rights Management) content, Accessing a content publisher through a communication network, searching for DRM content provided by the content publisher, and selecting DRM content to be downloaded from the content publisher; Displaying a UI screen for setting a use condition of the selected DRM content; Setting a number of use of the DRM content, a use period, and a use time zone of the DRM content within the use period, through a user input on the UI screen; Transmitting information on the set use condition and payment information to the content issuer; Receiving the DRM content from the content publisher; In response to the request for the usage right information on the received DRM content, the content encryption key information that can decrypt the DRM content, information corresponding to the number of times and period of use, and information corresponding to the usage time zone Receiving usage right information of the DRM content from the authority issuer; And Allowing use of the DRM content only within a time period belonging to the use time zone within a range that satisfies the use number and use period condition according to the use right information; Digital rights management method of a device comprising a. The method of claim 1, The information corresponding to the use time zone includes a start time and an end time of the use time zone. 3. The method of claim 2, The permission information is digital rights management method, characterized in that described in Rights Expression Language (REL) according to the OMA standard. The method of claim 3, And the start time identifier is an <starttime> element, and the end time identifier is an <endtime> element. In the digital rights management method of a device that can use DRM (Digital Rights Management) content, Accessing a content provider through a communication network, searching for digital rights management (DRM) content provided by the content provider, and selecting DRM content to be downloaded from the content provider; Displaying a UI screen for setting a use condition of the selected DRM content; Setting a number of use of the DRM content, a use period, and a use time zone of the DRM content within the use period, through a user input on the UI screen; Transmitting information on the set use condition and payment information to the content provider; Sequentially receiving the DRM content and usage right information of the DRM content from the content provider; And Based on the DRM content and the usage right information, using the DRM content only within a time period belonging to the use time zone within a range that satisfies the usage count and usage period condition, The usage right information includes content encryption key information capable of decrypting the DRM content, information corresponding to the number of times and period of use, and information corresponding to the usage time period. Way. delete delete The method of claim 5, And the information corresponding to the use time zone includes information corresponding to a start time and an end time of the use time zone. 9. The method of claim 8, The usage right information is described in OMA Rights Expression Language (REL), the start time identifier is an <starttime> element, and the end time identifier is an <endtime> element. Accessing a content provider through a communication network, searching for digital rights management (DRM) content provided by the content provider, selecting DRM content to be downloaded from the content provider, and setting a condition for using the selected DRM content; Displaying a user interface (UI) screen, setting a number of times of use of the DRM content, a period of use, and a time zone of use of the DRM content within the period of use, through a user input to the UI screen; A device for transmitting information about the information and payment information to the content provider; And When the cost for the DRM content is settled, the DRM content and usage right information for enabling decoding of the DRM content only within a time period belonging to the use time frame within a range that satisfies the usage count and usage period condition are recalled. A content provider for sequentially transmitting to the device; The usage right information includes content encryption key information capable of decrypting the DRM content, information corresponding to the number of times of use and duration of use, and information corresponding to the time of use. The method of claim 10, The rights information is digital rights management system, characterized in that described in DRM Rights Expression Language (REL). The method of claim 10, The information corresponding to the use time zone includes information corresponding to the start time and the end time of the use time zone. A user interface (UI) for accessing a content publisher through a communication network, searching for DRM content provided by the content publisher, selecting DRM content to be downloaded from the content publisher, and setting conditions for using the selected DRM content. Displaying a screen, setting a usage count of the DRM content, a usage period, and a usage time zone of the DRM content within the usage period through a user input on the UI screen, and paying for information and costs for the set usage conditions; A device for transmitting information to the content publisher; A content issuer that transmits the DRM content to the device when the cost for the DRM content is paid; And In response to a request of the device, the authority issuer for transmitting the usage right information to the device to enable the decryption of the DRM content only within a time period within the use time zone within a range that satisfies the use number and use period condition. Including; The usage right information includes content encryption key information capable of decrypting the DRM content, information corresponding to the number of times of use and duration of use, and information corresponding to the time of use. A computer-readable recording medium having recorded thereon a program for executing the method of any one of claims 1 to 4. A computer-readable recording medium having recorded thereon a program for executing the method of any one of claims 5, 8 and 9.

Images