KR20070022257A - Digital license sharing system and method - Google Patents

Abstract

Provided are a digital license sharing method, system, and apparatus for use in a digital rights management system. By associating each player with a status indication, usage rights for digital content are transferred between content player devices or applications. The transfer is performed by sending a request to obtain a right to use from the player requesting the right to use it to the currently possessing right. The transferring player sets a first status indication indicating that the transferring player is no longer granted rights to perform the rights, and sends a response to transfer the usage rights to the requesting player. Thereafter, the requesting player sets a second status indication to indicate that he can now exercise his rights. Also provided are methods and apparatuses for generating a transferable license using a shared license format including validity and invalidity. For example, the validator, which can be digitally signed by the license issuing authority, includes characteristic information of the digital content decryption key required to access digital content controlled by the license. The invalid portion contains the digital content key itself, which is encrypted using an encryption key associated with a player that can use the license.

 Digital license, encryption key, digital content.

Description

DIGITAL LICENSE SHARING SYSTEM AND METHOD}

The present invention relates to digital rights management (DRM), and more particularly to a method and system for sharing one digital license among a plurality of devices.

Today, many digital service providers sell digital content such as digital music, images, videos, books, and games over computer networks. To protect such commercial digital intellectual property rights and avoid digital infringement, there is a need for a digital rights management system that can be used to prevent unauthorized access to digital content and to manage digital content usage rights. The key concept in DRM is the use of digital licenses. A license is a digital data file that contains content decryption keys and content usage rules.

In DRM, a user purchases a license that grants certain rights to access the content, rather than purchasing the content directly. The terms of use specify how the content should be used, such as allowing copying, pay-per-view, weekly rentals, and so on. The license may be described using a language that expresses copyright, such as eXtensible rights Markup Language (XrML), which may be written to the Video Experts Group (MPEG) for the MPEG-21 multimedia framework. Has been selected. Some usage scenarios for the Terms of Use are described in the XrML Standard Document, eXtensible Rights Markup Language (XrML) 2.0 Standard Content Protection (November 20, 2001). However, the standard does not specify the mechanisms that support these scenarios.

In current DRM implementations, encrypted content can be supplied via any communication medium, such as a client / server system, super-distribution, digital audio / video broadcast, CDs, or the like. The content cannot be decrypted unless you possess a valid license. Thus, protected content can be supplied regardless of any license. More specifically, when a user attempts to consume protected content, the player device will check if a valid license exists for the content on the user device. If the placer device does not find a license, the player device will deny access to the content and inform the user that he must connect to the license server to obtain a valid license. After you provide a fee and / or information that may be necessary to obtain a license, the license will be transferred to your device, and the protected content may be decrypted and used in accordance with the terms or conditions of use within the license. Can be.

To protect digital privacy through the transfer of copyrights, most DRM solutions bind licenses to specific devices. Licenses cannot be transferred and cannot be used on other devices. For example, if a user wants to watch a purchased movie elsewhere or listen to music on a mobile device, the user has to acquire a new license for each device, which is very inconvenient for the user.

One method of enabling a license that can be used on a plurality of devices is "broadcast encryption". In crypto broadcast, a user must register with the content provider all the devices he wants to use. During the license transfer, the sender does not need to modify the original license. After receiving the license, only legitimate devices can access the content key.

The disadvantage of using cryptographic broadcast is that new devices must be registered with the content provider. When a user replaces an old device with a new one, the user wants to continue using the content he has purchased. The new device must receive a private key. If the device is compromised, the content provider must replace the public key and update the private keys of all devices. Thus, the content provider will have to store a record for the user and a record for the device set, and also update it periodically. Furthermore, if a user wants to use content from another content provider, the user must register his devices with each content provider, which is inconvenient for the user.

For example, the License Management Service (LMS), published in 2000-2003 Backing UP and Restoring of DRM Licenses, uses a centralized server to manage the restoration of licenses in DRM. This service allows, for example, a user to transfer a license to a new computer or to a same computer after hard disk reformatting. When a user attempts to restore a license, the user must be connected to the Internet and a request from the application will be sent to the server.

Under the LMS, the user is allowed to restore the license only to a limited number of computers. Each time a license is restored, the server tracks the number of the computer on which the license was restored. If the limit is reached, the user cannot restore the license. Microsoft has not disclosed detailed descriptions of these services, but it is clear that the LMS does not provide a satisfactory solution to the problem of sharing licenses between multiple devices, whereas only one device at a time is licensed. It is clear that it can be used.

In 2000, according to the Copy Prevention Scheme Rights Trading Infrastructure, a document by NTT Laboratories Masayuki Terada, Hiroshi Kuno, Masayuki Handate and Ko Fujimura, a general copy protection scheme for the exchange of digital rights called FlexiToken is disclosed. In this system, digital copyright is expressed using two types of information. Rights Description Object and Token Object. The token object represents the "genuineness" of the rights object, is stored and circulated by tamper-proof devices such as smart cards. The rights object can be stored on any storage medium, but the user must submit a token of the rights to the service provider in order to redeem the rights.

The security of this scheme relies heavily on the assumption that secret keys are managed secretly, and on the assumption that the tamper-resistant capabilities of smart cards are not compromised. Thus, digital copyright can be protected from alteration, forgery and reproduction.

To prevent the denial of the transfer of rights, FlexiToken assumes that no participant flees from other participants, that is, the sender removes the token from the original card after receiving a receipt from the recipient. However, if the operation of these procedures is intentionally or accidentally stopped, such assumptions may be violated. For example, a dishonest user may terminate the process by not removing the original after transferring the rights object from one card to another.

Because digital licenses in DRM contain content keys that must be stored in a protected format, FlexiToken cannot be applied directly to DRM. However, the rights object in FlexiToken does not contain content keys.

As an alternative, Extensible Cluster Protocol (xCP) is described in IBM's document, IBM Response to DVB-CPT Call for Proposla for Content Protection & Copy Management: xCP Cluster Protocol, 2001. In xCP, the digital content is encrypted and bound to a network of devices in the "cluster", which may be all devices in the user's home, for example. Within one cluster, the consumer can freely access all licensed content from these devices because the digital content can be moved freely or copied freely from this device to that device. The xCP cluster protocol prevents unauthorized content distribution outside the cluster, for example, preventing unauthorized content distribution from one house to another.

This protocol requires each device to have a unique set of device keys and allows peer devices in a cluster to share one cluster ID with one common media key block. Devices use device keys and the media key block to calculate a common key. This key value will be used to decrypt the encrypted content key embedded in the content. The security of such a protocol relies heavily on the assumption that the media key block must be securely stored on one of the devices in the cluster (functioning as a server managing other devices).

Unlike most existing DRM systems, where digital content and licenses are stored and distributed separately, in the xCP framework, the terms of use, such as "copy once", "no longer copy", "no copy", stored in the (clear) part

All. Time-based rules of use, such as exceeded time conditions or calendar-based permissions, are supported by the assumption that the server has a secure clock. Count-based terms of use, such as a fixed number of player devices, require that the server have a secure hardware counter that can prevent the user from restoring old counter values or prevent the user from resetting the usage coefficients. Requires.

The xCP cluster protocol is a hardware-based solution. Thus, for example, if user A sells a device that conforms to xCP to B, in order for the device to operate in user B's cluster, a cluster ID specific to user B's home network is embedded in the device. An acceptable method must be provided.

U. S. Patent No. 6,372, 974, assigned to Intel, describes a mobile music player that can transfer music files directly to another such music player without intervention of a PC or other intermediate host. The disclosed transmission method can protect digital rights, which can be protected by using a transmission protocol that can result in the removal of the content of the transmitting player. Thus, the method ensures that at any given time, there is only one copy of the content. However, the method does not support more complex DRM features, and in particular does not provide a license that may contain content terms of use, a license that may exist independently of encrypted content.

Furthermore, it is not clear from US Pat. No. 6,372,974 whether adequate protection is provided for communication failures in which the connection between players during the transmission is intentional or accidentally broken. Unless there is adequate protection to ensure the atomicity of the information (i.e. under all circumstances in which all actions are performed or no actions are performed), such disconnection may result in playable content. You may not be able to access your copy, or you may be illegal to obtain additional copies of the content.

Published US Application No. 2003/0004885, assigned to IBM, describes how to maintain a chain of titles when transferring digital property rights. The method consists in increasing existing DRM information (eg, a license) with additional fields that can identify the current owner and ownership history. When the license is transferred, ownership is renewed and digitally signed by the seller. Thereafter, only buyers are allowed to consume the licensed content or transfer ownership once again. However, the method is based on the assumption that a procedure with confidentiality and stability for the transfer of rights is available, and the document does not disclose any specific scheme for obtaining it. In particular, the IBM standard does not disclose a method for transferring a license containing a content decryption key between two devices without intervention of a license server.

US Patent No. 5,629,980, assigned to Xerox, discloses a system for controlling the use and distribution of digital work. The system includes trusted storage locations, known as "repositories," where digital operations are controlled, controlled by the DRM usage rights. Thus, all placer devices as well as content servers contain such repositories. Methods are provided for realizing and describing a wide range of possible usage rights, including varying levels of lease and copy rights. However, according to this document, it is independent of encrypted content, as it is possible to maintain multiple copies of the content on an untrusted repository (such as multiple devices owned by one consumer). Methods of providing a reliable, efficient and flexible transfer of licenses have not been disclosed, while allowing only one device to have one license to allow content playback using that device.

In summary, there is a need for a secure license sharing system and method that allows a user to share a license among multiple devices and ensure that only one device can use the license at a time.

It is desirable to have a license sharing method that can provide protected content keys, which can be applied directly to DRM, and that digital rights can be protected against tampering and counterfeit reproduction.

Furthermore, the desirable features of the license sharing scheme are that they are not hardware dependent to an inadequate degree, for example, even if ownership of the player device is transferred and / or the physical location or connection of the device is changed, a new user and / or It is desirable that no specialized methods are required to employ authentication to use the device in the new location.

In addition, despite any transfer failure between two players (in other words, the transfer procedure satisfies the valence characteristics), at the end of the license transfer procedure, you can be sure that exactly one device always has a valid license copy, It is desirable to provide a license sharing scheme.

Accordingly, it is an object of the present invention to alleviate the problems of the prior art by satisfying at least one of the needs and desires as described above.

It should be noted that any discussion, devices, operations or knowledge regarding the documents contained herein have been included to illustrate the spirit of the invention.

The inventors of the present invention have recognized that it is possible to separate a digital license granting specific usage rights within a DRM system from the title of any particular device that performs the usage rights. In the prior art system, the rights of use and the titles that carry out these rights are generally tied together in a digital license, consequently binding the license itself to one device. By separating the rights from the title, it is possible to ensure that only one device can actually perform the usage right at a time, while a method by which a license can be held by a plurality of devices is the inventor of the present invention. Provided by them. Thus, while the license is not tied to a particular device and may be held by an unlimited number of devices, the title executing the usage rights may be held by only one device at a time.

Thus, according to one aspect, the present invention provides a method of transmitting a usage right from a first content player application to a second content player application in a digital rights management system in which a digital license grants predetermined usage rights for digital content. The method is as follows:

a) associating a first status indication with respect to the digital license to the first content player application to indicate whether the first content player application can exercise the usage rights granted by the digital license;

b) associating a second status indication with respect to the digital license to the second content player application to indicate whether the second content player application can exercise the usage rights granted by the digital license;

c) sending a request to transfer the usage right from the second content player application to the first content player application;

d) setting the first status indication to indicate that the first content player application can no longer exercise the usage right;

e) sending a response to transmit the usage right from the first content player application to the second content player application;

f) setting the second status indication to indicate that the second content player application can now exercise the usage rights,

Wherein steps c) to f) are performed in the above-described order.

Advantageously, said usage rights granted by said digital license are not tied to a single device or application, but can be transferred from one device to another, wherein at any one moment the digital license is only for a single device or application. It is guaranteed that it can be used. In addition, the specific order of the steps ensures that the transmission process is robust against intentional or unintentional failure of communication between the two applications, thereby avoiding any interruption that occurs during the process. Applications cannot simultaneously acquire the usage rights granted by the digital license.

Advantageously, said first content player application runs on a first player device while a second content player application runs on a second player device. However, it will be appreciated that the two content player applications may run on a single device, for example a general purpose PC.

Preferably, the first status indication before the transmission indicates that the first content player application can perform the usage right. Clearly, if not, the transfer of usage rights cannot occur. In addition, preferably, the second status indication before the transmission indicates that the second content player application cannot exercise the usage right.

In a preferred embodiment, step e) must be completed successfully within a predetermined time following completion of step c), otherwise the transmission is stopped. Advantageously, the inclusion of this timeout in the method ensures that the failure of communication between the two applications does not cause a deadlock of one or both of the two applications.

Step e) also includes transmitting the digital license from the first content player application to the second content player application. This is particularly advantageous if the second content player application does not already have the digital license, which means that the second content player application does not need to individually obtain the digital license itself, thereby granting the right to use the digital content. Because you can exercise immediately.

Step c) includes setting the second status indication to indicate that the transmission of the usage right has been requested after sending the request. Sending the request includes sending a request message from the second content player application to the first content player application, wherein the request message includes a value of the second status indication. Thus, if the transmission is subsequently stopped after step d), the first and second status indications indicate that the second content player application has requested the permission while the first content player application is no longer available. It will indicate that the use right cannot be exercised. Advantageously, the applications can thus prove that the transfer has been aborted and negotiate the completion of the usage right transfer to the second content player application.

Advantageously, said first and second status indications can be implemented as transaction flags in first and second tracking files associated with said first and second content player applications, respectively. . The transaction flags may be associated with the digital license as an index in the tracking file by using a unique license identifier stored in the license. Preferably, this allows each tracking file to store transaction flags associated with various digital licenses. In addition, each entry in each tracking file preferably includes a time stamp indicating when the license was last sent to or from the corresponding application.

In a preferred embodiment, the method further comprises computing an authentication code which is a function of the values of all transaction flags in the tracking file whenever any transaction flag in the tracking file changes. The authentication code may be computed as a one way hash function of concatenated values of all the transaction flags. Advantageously, a secret key is associated with each of said first and second content player applications, said value of said secret key being associated with said transaction flags prior to computing said hash function. Advantageously, this prevents a malicious user from changing the value of the transaction flag in the tracking file to recompute the authentication code.

In a particularly preferred embodiment, a secure monotonic counter is associated with each content player application, and the counter is incremented each time any transaction flag in the tracking file changes, and the value of the counter returns the hash function. The private key and the transaction flags are connected before the operation. This protects the tracking file against replay attacks.

Preferably, the steps of the method are performed in a tamper secure computing environment that includes secure storage.

In another aspect, the present invention provides a system for transferring the usage rights from a first content player application to a second content player application in a digital rights management system in which a digital license grants certain usage rights associated with digital content. The system is:

Request transmitting means adapted to transmit a request for transmitting the usage right from the second content player application to the first content player application;

First display setting means adapted to set a first status indication associated with the first content player application to indicate that the first content player application can no longer exercise fraud usage rights;

Response transmitting means adapted to transmit a response for transmitting the usage right from the first content player application to the second content player application; And

Second display setting means adapted to set a second status indication associated with the second content player application to indicate that the second content player application can now exercise the usage rights.

Advantageously, said request transmitting means comprises computer software code comprising instructions for executing a transfer of said transfer of usage rights from said second content player application to said first content player application, said first display setting The means comprises computer software code comprising instructions for causing the first content player application to execute setting of the first status indication to indicate that the first content player application can no longer perform the usage right, and the response transmitting means comprises: Computer software code including instructions for effecting a transfer of a response for transferring the usage right from a first content player application to the second content player application, and wherein the second display setting means comprises: Computer software code including instructions for executing setting of the second status indication to indicate that the second content player application may now exercise the usage rights.

In another aspect, the present invention provides a method for generating a second digital license from a first digital license in a digital rights management system, wherein the first digital license grants a predetermined usage right with respect to the digital content to the first digital content player. And the second digital license grants the usage right to a second digital content player application, the digital content typically being encrypted and decrypted only using a digital content decryption key, the first digital Each of the license and the second digital license includes a valid portion and an invalid portion,

Wherein the valid portion of the first digital license includes characteristic information of the digital content decryption key, and

The invalid portion of the first digital license includes the digital content decryption key encrypted using an encryption key associated with the first digital content player application,

The method is:

Decrypting the digital content decryption key using a decryption key associated with the first digital content player application;

Generating the characteristic information of the digital content decryption key using the decrypted digital content decryption key;

Verifying that the generated characteristic information matches the characteristic information included in the valid portion of the first digital license; And

If the verification is successful, encrypting the digital content decryption key using an encryption key associated with the second digital content player application and including the encrypted key in the invalid portion of the second digital license. .

Advantageously, the method is for use by said first digital content player application without having to contact a license provider or other authority to obtain a new license for use by said second digital content player application. Allow the license that was originally issued to be transferred to the second digital content player application.

Advantageously, said valid portion of said first digital license is validated using a digital signature of a trusted authority. The trusted authority can be, for example, a license issuer. The valid portion may also include information about the usage rights granted to the player application. Preferably, the valid portion also includes a unique license identifier.

Preferably, the encryption and decryption keys associated with the first digital content player application are public and private keys of a first public / private key pair. In addition, the encryption key associated with the second digital content player application is preferably the public key of a second public / private key pair.

In a preferred embodiment, the method includes verifying that the valid portion of the digital license has not been altered or forged, and that the license has been legally obtained from the license issuer, wherein the verifying step is for example the This is done by verifying that the content of the valid portion of the license is correct in terms of the digital signature. Thus, for example, if an attempt was made to change the license to grant additional rights or forge a license, the player application may reject the license.

The valid portion of the digital license preferably includes characteristic information of the encrypted digital content, such as a hash of the encrypted digital content. Thus, the method further comprises generating the characteristic information of the encrypted digital content, and verifying that the generated characteristic information matches the corresponding information included in the valid portion of the digital license. do. Advantageously, this allows a content player application to verify that the digital license corresponds to the digital content.

The characteristic information of the digital content decryption key is preferably a hash of the digital content decryption key. In a particularly preferred embodiment, one-way, collision free, and pre-image resistant hash functions are preferably used such that no two content decryption keys have nearly the same hash value.

The device on which the first digital content player application is executed provides a tamper resistant secure computing environment comprising secure storage, and wherein the decrypted digital content decryption key and the private key of the first digital content player application are merely secured. It is desirable to keep only in the store.

In another aspect, the present invention provides a method of transmitting a usage right from a first digital content player device to a second digital content player device in a digital rights management system in which a digital license grants a predetermined usage right associated with digital content. Provided, wherein the method is:

a) receiving a request from the second digital content player device to transmit the usage right from the first digital content player device to the second digital content player device;

b) setting a first status indication to indicate that the first digital content player device is no longer capable of exercising the usage rights granted by the digital license; And

c) transmitting a response to transmit the usage right from the first digital content player device to the second digital content player device;

By the step c), when the second digital content player device receives the response, set the second status indication to indicate that the second digital content player device can now exercise the usage right,

Here, steps a) to c) are performed in the above-described order.

In another aspect, the present invention provides a method of transferring a usage right from a first digital content player device to a second digital content player device in a digital rights management system in which a digital license grants certain usage rights associated with digital content. Provided, wherein the method is:

a) sending a request to the first digital content player device to transmit the usage right to the second digital content player device, whereby the first digital content player device causes the first digital content player to transmit to the first digital content player device. Set a first status indication to indicate that a player device can no longer exercise the usage rights granted by the digital license;

b) receiving a response to transmit the usage right from the first digital content player device to the second digital content player device; And

c) setting a second status indication to indicate that the second digital content player device can now exercise the usage rights;

Wherein steps a) to c) are performed in the order described above.

In another aspect, the present invention provides a digital content player device for use in a digital rights management system in which the digital license grants certain usage rights with respect to the digital content, the device comprising:

Request transmitting means adapted to transmit a request for transmitting the usage right from an additional device to the digital content player device;

Response sending means adapted to send a response from the further device to the request for transmission of the usage right received by the digital content player device;

Request receiving means adapted to receive, by the digital content player device, a request for transmission of the usage right from the additional device;

Response receiving means adapted to receive, by the digital content player device, a response to the transmitted request of the usage right from the additional device; And

The digital content player device to indicate that the digital content player device can exercise the usage right when the usage right is sent to the digital content player device, and when the usage right is not sent to the digital content player device. Display setting means configured to set a status display to indicate that the user cannot exercise the usage right.

According to yet another aspect of the present invention, there is provided a device for generating a second digital license from a first digital license rotor in a digital rights management system, wherein the first digital license is a first digital content player application. Give a predetermined use right to the digital content, the second digital license grants the use right to a second digital content player application, the digital content is typically encrypted, and only using a digital content decryption key. Each of the first and second digital licenses includes a valid portion and an invalid portion, wherein the valid portion of the first license includes characteristic information of a digital content encryption key, The invalid part of the digital license is the first digital content player application. A digital content decryption key encrypted using an encryption key associated with the application,

The apparatus includes decrypting means for decrypting the digital content decryption key using a decryption key associated with the first digital content player application;

Generating means for generating characteristic information of the digital content decryption key using the decrypted digital content decryption key;

Verification means for verifying that the generated characteristic information matches the characteristic information included in the valid portion of the first digital license; And

Check if the verification is successful and if successful encrypt the digital content decryption key using an encryption key associated with the second digital content player application and include the encrypted key in the invalid portion of the second digital license. Encryption means.

Advantageously, said decrypting means comprises computer software containing instructions for causing decryption of said content decryption key and said generating means includes computer software for instructions for generating generation of characteristic information of said digital content decryption. Wherein the verifying means comprises computer software containing instructions for verifying whether the generated characteristic information matches the characteristic information included in the valid portion of the first digital license, wherein the encrypting means includes: Checking for success and if successful, encrypting the digital content decryption key using an encryption key associated with the second digital content player application and including the encrypted key in the invalid portion of the second digital license. This includes computer software listed.

In order that the present invention may be more fully understood, embodiments of the present invention will be described with reference to the accompanying drawings. Further optional or desirable features and advantages of the methods and systems of the present invention will become apparent from the following detailed description of these preferred embodiments. However, the embodiments described below should not be considered as limiting the scope of the invention or the foregoing.

1 is a schematic diagram of a digital rights management system in accordance with a preferred embodiment of the present invention.

2 illustrates one configuration in which a malicious user can be used to gain unauthorized access to a license.

3 is a flowchart illustrating an exemplary license transfer procedure in accordance with a preferred embodiment of the present invention.

4 is a flowchart illustrating a license retrieval procedure according to a preferred embodiment of the present invention.

5 is a schematic diagram of an exemplary license in accordance with the present invention.

6 is a flow chart illustrating a method for generating a transferable digital license in accordance with a preferred embodiment of the present invention.

7 is a schematic diagram of an exemplary track file in accordance with the present invention.

1 is a schematic diagram of a digital rights management system 100 in accordance with a preferred embodiment of the present invention. The system includes two trusted player devices 102, 103, each of which includes a digital library 104, 105, a license database 106, 107, and a security hardware counter 108, 109. Each player device 102, 103 may be, for example, a portable music player, a digital video player, or a general purpose personal computer equipped with software and hardware that can be used to play or display digital content.

Each license database 106, 107 is a conceptual database, such as a file directory on each device, which further includes a transaction track file that stores all licenses in a protected form and maintains a record of the transaction flags of these licenses. Each digital library 104, 105 is a digital content repository on a user device that stores digital items in a protected form. In order to decrypt and use the content, there must be a valid license with valid transaction flags in the license database 106, 107. Each counter 108, 109 is a secure, monotonically increasing hardware counter that can be used to prevent replay attacks. This will be increased by one each time a license transfer occurs. A player is a viewer that is responsible for decrypting and playing content and providing an interface for a user to request / transmit a license from / to another device.

In one example usage scenario of such a system, a user would have obtained a license 110 from a license server and stored the license, eg, on a home PC. If the user wishes to consume content on the plurality of devices 102, 103, the license must be transferred to the appropriate device. License transfer can occur directly between devices via a network connection such as a TCP / IP LAN, or via an infrared link or a wireless connection such as a Bluetooth or 802.11 radio frequency link. Alternatively, the transfer of licenses can be through the intermediary of a mobile phone or other handheld device with wireless connections. The use of such a device to facilitate license transfer enhances the system's ease of use, since the user can carry a mobile phone or other handheld device wherever he goes.

In the license sharing system and method of the present invention, reliability is made under a plurality of assumptions as follows.

A1. The DRM protected content can be copied and distributed to any device. Note that such protected content cannot be consumed without any valid license on the device.

A2. License transfers occur between two trusted player applications. It is trusted if the player enforces the right to use the content with respect to the license.

A3. Each trusted player has a public / private key pair and an authentication key. Trusted private and authentication keys are stored securely on the secure memory of the user device, such that the user may not always have knowledge of these keys.

A4. Trusted players run in a secure computing environment, and harmful users cannot obtain content keys and unprotected content when the content is decrypted.

A5. Trusted player applications are transform-inhibited, ie the user cannot modify the software by reversing the engineer.

A6. Secure audio paths exist between the trusted player and the display card and between the trusted player and the ID card. This assumption ensures that the protected content files are protected until the content reaches the output device.

It will be apparent to those skilled in the art that the above assumptions are generally satisfied in many known devices and systems that perform DRM and can be achieved using known techniques and methods. Thus, these assumptions do not limit the invention.

The system embodiment of FIG. 1 satisfies a number of requirements in transferring a license from a first player 102 to a second player 103 as follows.

R1. Digital licenses must be maintained on the user's device in a protected form. This is because the license contains content decryption keys that must be hidden from the user.

R2. The license transfer process must ensure that only authorized player applications can access the license. When a license is sent from a device, there is a potential threat that all neighboring devices of the device may get a signal via wireless (or PC) broadcast.

R3. The license must be protected against unauthorized modification, interference and illegal forgery during the transaction.

2 illustrates one configuration in which a malicious user attempts to use to gain unauthorized access to a license. The license is sent from the first device 202 to a second device 204, such as a general purpose PC. License data is received via network interface hardware 206 and processed by network interface device driver software component 208 installed within the operating system of device 204. The unmodified device driver will send the license data to the player application 210 without examining or processing the content. However, there is a potential threat that a user may modify the driver software 208 on the device 204, whereby the driver 208 may modify or block the received license or even illegally forge the license. .

R4. The license transfer process must satisfy the atomicity characteristics. Atomicity does not perform all transactional operations or perform any transactional operations. If the transaction is interrupted by a failure, the partial changes are back. The atomicity in the license transfer process is to ensure that only one device will have a valid license copy at the end of the transfer process despite any communication failure between the two players.

Each of the two trusted player devices 102, 103 of FIG. 1 has a copy of the DRM protected content. Licenses are transferred between two players. Players manage license transfers and storage. Each device maintains a transaction track file for license transfer. Each license known to the player has a corresponding data entry in the track file containing the transaction flag of the license. Only the player can use the authentication key to validate the integrity of the track file and to read the records of the file. There are four types of transaction flags for the license: active, deactivated, request and recover. The meanings of these flags are explained as follows.

Active: A license can be used to encrypt content by the player.

Deactivation: The license is deactivated, so the player cannot use it.

Request: A license for another application is required by one player application.

Recovery: A one player application is required to set the transaction flag of a license for another application to 'active'.

Each device can have a copy of the license, but only a license with an 'active' flag can be used by the player application to decrypt the content.

According to the example above, A and B are two trusted player applications running on devices 102 and 103. In practical implementations of the transport protocol, it is necessary for those skilled in the art to establish a suitable communication channel or session, such as an authentication session, for example, to ensure that all devices are trusted before A and B typically initiate the authorization transfer. Will be understood by them.

ID _L is the identifier of the license L. Req (A, B, L) is a license request that application B sends to A for license L. T is the timeout value of the protocol. 3 shows a flowchart 300 of steps completed in an example license transfer scenario. Prior to transmission, the initial conditions 302 are as follows. License L is stored on the hard disk of device 102 on which application A runs, and the transaction flag for L is 'active'. A and B set up appropriate communication channels as described above. Application B running on player 103 requires an 'active' license from A.

Step 304: B → A: Req (A, B, L), B records (ID _L , 'Flag = Request').

Steps 306 and 308: If Req (A, B, L) = valid, A records (ID _L , 'Flag = Deactivated') (step 306) and A → B: L (step 308). ); If not, A is stopped after time expiration (T). (ID _L , 'Flag = Active'), otherwise B stops after time expiration (T).

Step 310: If L is valid, B stores L and records (ID _L , 'Flag = Active'), otherwise B stops after timeout T .

In step 304, B writes (ID _L , 'Flag = Request') as an entry for L in the transaction track file. The transaction flag 'Flag = Request' indicates the current transaction state of L, that is, the application B has requested an active license. At this time, the entry of L in the transaction track file on the device 102 of the application A is (ID _L , 'Flag = Active').

In step 306, A receives and validates a license request from B. If the request is found to be valid, A writes (ID _L , 'Flag = Deactivated') as an entry for L in the transaction track file, and sends license L to B in step 308. . Although L will still remain on device A, i.e. if A finds that L is marked as deactivated in the transaction track file, A will refuse to use L to decrypt the content, where 'Flag = Deactivated 'Indicates that the license is no longer available.

In step 310, B receives and validates L from A. If L is found to be valid, B stores L and sets the transaction flag for L to 'active', that is, the entry for L in the B transaction track file is (ID _L , 'Flag = Active '). In other cases, if verification fails or if B does not receive a license from A within time T after sending Req (A, B, L), B aborts the transaction. Thereafter, application B may retry the license request starting from step 304.

Preferably, a license plural protocol similar to the license transfer process is performed. 4 shows a flowchart 400 of steps completed in a license recovery scenario. Prior to recovery, initial conditions 402 are as follows. Both A and B are copies of the license (L) on their hard disks, and the transaction flag for L is active on device B, but is 'deactivated' on device A. A requires that the transaction flag of L on his device be set to 'active'.

In this process, instead of writing (IDL, 'Flag = Request') in step 404, A sends an license recovery request to B and then as an entry for L in his transaction track file (ID _L). , 'Flag = Recover'). The transaction flag 'repair' indicates that L is physically stored on A's hard disk but cannot be used, and A requires an 'active' flag from B to L. In step 406, after B receives and verifies A's license recovery request, it will set the transaction flag for L on his device from 'active' to 'deactivate', and in step 408 Will be sent to A. B will not be able to use the license. In step 410, the entry for L in the transaction file of A will be (ID, 'Flag = Active'), whereby L can be used to decrypt the content by A.

The difference between the license recovery process and the license request process is that in license recovery, A has a copy of the license (L) that is already known to be valid by A, so that B sends L to A or validates the license for A. It should be noted that there is no need to do this.

In known DRM implementations, the license includes content usage rules and content key. When a license is distributed from a license server to a user device, the content key should not be transmitted entirely in text. Typically, the license issuer encrypts the content key with the player's public key on the user's device.

Each player application has a unique public / private key pair, so each license is uniquely generated for a particular player on a user's machine. For example, in the DRM scheme described in the document architecture of Windows Media Rights Manager published by Microsoft Corporation in 2003, protected content keys and usage rights are grouped in licenses signed by a license issuer with a private key. This guarantees that the license has not been modified and proves that the license was purchased from the issuer.

The disadvantage of this approach is that it can only be used by a licensed player application. In order to consume content on other players, the user must request or purchase additional licenses. In at least preferred embodiments, the present invention can be used to circumvent this disadvantage, thus providing a license structure that enables direct transfer of licenses between devices.

The trusted player has a private key PRI_P that corresponds with the public key PUB_P. The license issuer has a private key (PRI_I) corresponding to the public key (PUB_I). The license issuer generates a license L that contains metadata about the content and the content key CK encrypted with the player's public key and usage rules, and then signs the license with that private key. That is, the issuer generates a signed license as follows.

Signed L = L∥S _{PRI _I} (L)

L = Metadata ∥E _{PUB _I} (CK) ∥ use ruldeul

Where S () is a signature algorithm, E () is an asymmetric encryption algorithm, and '∥' is connected. The signed license can then be sent to the trusted player via the public channel.

However, a potential problem arises when this approach is used for the encryption of content keys and the construction of licenses. Assume A and B are two trusted player applications. Their public keys may be represented by PUB_A and PUB_B, respectively. Player A has a license L that contains an encrypted content key (E _{PUB _ A} (CK)) signed by the issuer using PRI_I. A sends the license to B.

Prior to the transfer process, A decrypts the encrypted content key and then uses its private key to re-encrypt the content key using the player E's public key. That is, A must use E to create E _{PUB _B} (CK) to replace E _{PUB _A} (CK) in L, so that B can obtain it by decrypting the content key once the license is transferred from A to B. . The problem with this scenario, because it would change to E _{PUB _B} (CK) in E _{PUB _A} (CK) from the encrypted content key part of the license, the license integrity be compromised. When Player B checks the license integrity according to the license issuer's signature, the validation will fail because it includes E _{PUB _A} (CK) when the license is signed.

Thus, a new license structure for use in the preferred embodiments of the present invention is proposed. 5 schematically shows a license 500 according to a preferred embodiment in which the license is separated into two parts 501, 502. The first portion 501 of the license 500 is an validated portion that includes an encryption hash 504 of encrypted content, a hash value 506 of the content key, usage rules 508, and metadata 510. . The second portion 502 of the license 500 is an unvalidated portion that includes a content key encrypted with the public key of the player application 514. The first portion of the license is digitally signed 512 by the issuer to verify its integrity and authenticity. The reason for configuring the license in this manner is to prevent the usage rules from being tampered with and to ensure that the issuer's signature works properly when the content key is encrypted with another player's public key during license transfers.

There arises a problem about what happens in the case of a dispute in which the license issuer claims to have put the wrong content key in the license. To avoid this debate, the hash function is preferably one-way, collision-free and pre-image resistant, so that the publisher may not generate two content keys with the same hash value. .

When the player receives a license,

Verifying the signature 512 of the first part of the license,

Verifying the hash 504 of the content,

Decrypts the encrypted content key 506 using its private key, and

Send the key value to the hash function.

If the calculation result is equal to the hash value 506 included in the license, the player will accept the license. In other cases, the license will be rejected and the player will contact the license server to reissue the license. If the license is accepted but the key cannot be used to decrypt the content, the license issuer needs to reissue the license containing the correct content key.

To uniquely identify the license, a license identifier 516 may be included in the first portion of the license. Before decrypting the content, the player needs to find the corresponding entry in the transaction track file, which can be done by using the unique license identifier 516 as the key of the track file. If the transaction flag of the license is 'active', the player will be allowed to use the content key to decrypt the content.

FIG. 6 shows a flowchart 600 of an example process that follows after a device or application A to generate a second digital license for use by another device or application B, all of which are licensed in FIG. 5. Based on the new license structure 500 shown in FIG. In step 602, A _obtains the content key CK by decrypting E _{PUB_A} (CK) using the corresponding private key PRI_A. The hash value of the CK, the hash CK, is calculated at step 604 and then compared with the hash (CK) 506 value stored in the validated portion 501 of the license 500. Once the CK is validated in this manner, in step 608, A encrypts the CK using B's public key (PUB_B), and within the unvalidated portion 502 of the copy of the license to be sent to B. The result value E _{PUB _B} (CK) is stored.

The second license generated according to process 600 can then be verified, used and reused by B in exactly the same way that the original license was used by A.

A more detailed description of the transaction track file format is now described. The transaction track file keeps a record of the current transaction status of licenses on the user machine. When a license is first transferred to a user device, the player application will write an entry for the license to the track file if license integrity is verified.

To prevent track entries from undetected manipulation or deletion, in an exemplary embodiment, a message authentication code (MAC) is attached to the file based on the secret key held by the player. Each license must have a unique entry in the track file that contains the license's transaction flag. Each time a player updates a track entry, it increments the security monotonicity counter, e.g. 108, 109, and includes the MAC counter value along with the file. If the license is physically deleted from the hard disk, the track entry will be deleted and the MAC will be updated automatically. If the license is physically stored on the device's hard disk but there is no track entry for this license, the player will detect the unauthorized deletion of the track entry and will refuse to transfer the license to another device.

7 shows an exemplary track file entry 700 format, which is a unique license identifier 702, transaction flag 704, and a timestamp 706 maintained to indicate when the entry 700 was last updated. ).

If the license identifier 702 of the track entry 700 matches the license identifier 516 of the license, the track entry corresponds to the license. In the exemplary embodiment described herein, there are four types of transaction flags: 'active', 'deactivating', 'request' and 'recovery'. The timestamp 706 records when the transfer of the corresponding license last occurred, so it is when the transaction flag was last updated.

A secret key based MAC is used to prevent unauthorized modification of the track file. In an exemplary embodiment, the player's authentication key is used for MAC calculation. Assuming the authentication key is K and T (j = 1,2, ..., n) is the i th entry of the track file, the MAC value is

MAC = H (K ∥ counter value ∥ T ₁ ∥ T ₂ ∥ ∥ T _n ),

Where H () is a one-way hash function and ∥ denotes the connection part.

The transaction track file is different from the audit log as described in the prior art literature. According to the definition of "log" provided by M Ruffin, A Survey of Logging Uses, University of Glasgow (Scotland), Fide2 Report 94-82, February 1994, "log is an append-only record repository. And a plain file that is stored sequentially when the data arrives. In an exemplary embodiment, there is only one entry in the track file for a license along with a specific license identifier. When a license is first distributed to a user device, the player will create a new data entry for the license. The transaction flag for this license will be set to 'active'. When a license transfer occurs, the player will first read the license identifier from the transferred license, and then will locate the entry for the license in the track file according to the identifier. The player will update the license's timestamp and transaction flag in the track entry after the license is transferred to another device.

The security characteristics of the preferred embodiments of the present invention are analyzed below with reference to requirements R1 to R4.

Requirement R1 is satisfied, that is, the content keys of the licenses remain in encrypted form on the user device. Only player applications can use their private keys to decrypt encrypted content.

Requirement R2 is satisfied. Unauthorized player applications may gain access to the license via wireless or PC broadcast or through any form of eavesdropping of communication links between devices or applications, where the content key of the license uses B's public key. This is because it is transmitted to the authorized recipient B in encrypted form. Only B has knowledge of the corresponding private key, so only B can decrypt the encrypted content key.

Requirement R3 is satisfied. Unauthorized modification, forgery and interference of the license can be prevented because the integrity of the usage rules can be verified according to the digital signature of the issuer in the license.

Requirement R4 is satisfied. After the license transfer process has occurred, only one device has a license with an 'active' flag. This characteristic is analyzed for a number of specific license transfer cases from player application A to player application B as follows.

Case 1: There is no communication problem between A and B. Exchange messages are not interrupted by the attacker. The protocol runs successfully.

At the end of the license transfer, only B has a license and has a corresponding track file entry with an 'active' flag.

Case 2: A fails to receive a license request from B in step (2).

The protocol is stopped after timeout (T). B does not acquire a license. L still remains on the A device. The transaction entry for L on A device is not changed.

Case 3: B fails to receive a license from A in step (3).

The protocol is stopped after timeout (T). The transaction flag for L in the track file of device A is marked as deactivated, so that A can no longer use L. However, B can obtain a license from A through the negotiation process, that is, B sends a license request back to A beginning in step (1). This license request needs to include the current transaction flag of L in the track file on B, which must be a 'request'. A will check the license request during negotiation. Since L is still physically stored on device A, A will send L back to B if verification is successful. Finally, B will get a license (L), and set the transaction flag for L to 'active', so that B cannot send a valid license request back to A.

In addition, the present system can prevent retransmission attacks. Assume that a malicious user has licenses with an 'active' flag on their device. The user can take a snapshot of the current state of the track file, perform one or more license transfers to another device, and finally restore the snapshot, which removes all records indicating license transactions because of the snapshot. However, the player can detect this attack because the security counter increments once for each transmission. Under user restoration of a snapshot of the track file, the counter cannot be restored to the value prior to transactions by the user. Thus, the calculated MAC value will not match the restored MAC due to the changed counter value.

Claims (69)

A method of transferring said usage rights from a first content player application to a second content player application in a digital rights management system in which a digital license grants predetermined usage rights with respect to digital content. a) associating a first status indication with respect to the digital license to the first content player application to indicate whether the first content player application can exercise the usage rights granted by the digital license; b) associating a second status indication with respect to the digital license to the second content player application to indicate whether the second content player application can exercise the usage rights granted by the digital license; c) sending a request to transfer the usage right from the second content player application to the first content player application; d) setting the first status indication to indicate that the first content player application can no longer exercise the usage right; e) sending a response to transmit the usage right from the first content player application to the second content player application; f) setting the second status indication to indicate that the second content player application can now exercise the usage rights, Wherein steps c) to f) are performed in the order stated. The method of claim 1, And wherein the first content player application runs on a first player device and the second content player application runs on a second player device. The method according to any of the preceding claims, Prior to sending the request, the first status indication indicates that the first content player application can perform the usage right. The method according to any of the preceding claims, If the step (e) of sending a response is not completed successfully within a predetermined time after completion of the step of sending a request, the transfer of the usage right is abolished. The method according to any of the preceding claims, The step c), after sending the request, setting the second status indication to indicate that the sending of the usage right is requested. The method of claim 5, wherein Sending the request comprises sending a request message from the second content player application to the first content player application, wherein the message includes a value of the second status indication. Way. The method according to claim 5 or 6, By checking the values of the first and second status indications to establish if the second content player application requested the permission while the first content player application indicates that it can no longer exercise the permission. And determining whether the right transmission has been interrupted. The method according to any one of claims 1 to 7, And a plurality of status indications associated with each of said first and second content player applications and corresponding to a plurality of digital licenses. The method of claim 8, Whenever a status indication associated with corresponding content player applications changes, an authentication code that is a function of the values of the respective status indicators associated with each of the first and second content player applications. And transmitting the usage rights. The method of claim 9, And wherein said authentication code is computed as a one way hash function of all said status indication values. The method of claim 10, Associating a secret key with one of the first and second content player applications, wherein the authentication code is calculated as a function of the corresponding status indication values and the secret key. How to transfer permissions. The method of claim 11, The authorization code is calculated as a function of the corresponding status indication values and the current value of a secure monotonic counter associated with each content player application, where the counter is incremented each time any status indication changes. Usage rights transmission method characterized in that. The method according to any of the preceding claims, And sending the response comprises transmitting the digital license from the first player application to the second player application. 14. The digital license of claim 13, wherein the digital license is encrypted using a valid portion comprising characteristic information of a digital content decryption key required to decrypt digital content and an encryption key associated with the first digital content player application. The invalid portion comprising a digital content decryption key, wherein the transfer of the digital license from the first player application to the second player application comprises: Decrypting the digital content decryption key using a decryption key associated with the first digital content player application; Using the decrypted digital content decryption key to generate characteristic information of the digital content decryption key; Verifying whether the generated characteristic information matches characteristic information included in a valid part of the first digital license; And If the verification is successful, encrypting the digital content decryption key using an encryption key associated with the second digital content player application, and including the encrypted key in the invalid portion of the second digital license; And transmitting to the player application. In a digital rights management system in which a digital license grants certain usage rights associated with digital content, a system is provided for transferring said usage rights from a first content player application to a second content player application. Request transmitting means adapted to transmit a request for transmitting the usage right from the second content player application to the first content player application; First display setting means adapted to set a first status indication associated with the first content player application to indicate that the first content player application can no longer exercise fraud usage rights; Response transmitting means adapted to transmit a response for transmitting the usage right from the first content player application to the second content player application; And And second display setting means adapted to set a second status indication associated with the second content player application to indicate that the second content player application can now exercise the usage rights. system. The method of claim 15, First and second content player devices, wherein the first device comprises the first display setting means and the response transmitting means, and the second device comprises the request transmitting means and the second display setting. Digital rights management system comprising means. The method according to claim 15 or 16, Request receiving means for receiving a request for the usage right transmitted from the second player application in the first player application; And And response response means for receiving a response for transmitting the usage right transmitted from the first player application in the second player application. The method according to any one of claims 15 to 17, And a timer for measuring a predetermined timeout period after sending the request for transmission of usage rights from the second player application, such that, before expiration of the predetermined timeout period, if the corresponding response is And if not received by the response receiving means, the system stops transmitting the usage right. 19. The digital rights management system according to any one of claims 15 to 18, wherein said request sending means sends a request message comprising said second status indicator value. 20. An authentication code operation according to any one of claims 15 to 19, wherein each time the corresponding status indication is changed, an authentication code operation for calculating an authentication code that is a function of at least one of the first and second status indications. Digital rights management system further comprising means. 21. The digital rights management system according to claim 20, wherein said authentication code calculating means calculates said authentication code as a one-way hash function including said corresponding status indication value. 22. The digital rights management system according to claim 21, wherein said authentication code calculating means calculates said authentication code as a function of said corresponding status indication and secret key value. 23. The digital rights management system of claim 22 including a secure store that stores the secret key value. The method of claim 22 or 23, And further comprising a secure forged counter associated with each of said first and second content player applications, each secure forged counter being incremented each time the status indication associated with said corresponding application changes. Means for calculating the authentication code as a function of the corresponding status indication value and the current value of the corresponding security forged counter. 25. The method of any one of claims 15 to 24, further comprising first and second tracking files associated with each of the first and second content player applications, wherein the first and second status indications are selected from the Digital rights management system characterized by being performed with transaction flags stored in tracking files. The method of claim 25, A plurality of tracking files having a corresponding plurality of digital licenses, wherein the transaction flags are associated with the corresponding digital licenses by using a unique license identifier stored in the license as an index of the tracking files. Digital Rights Management System. The method according to any one of claims 15 to 26, At least in part performed using one or more tamper resistant secure computing devices. The method according to any one of claims 15 to 27, And license transmission means for transmitting the digital license from the first player application to the second player application. 29. The apparatus of claim 28, wherein the digital license includes a valid portion and an invalid portion, the valid portion includes characteristic information of a digital content decryption key required to decrypt the digital content, and the invalid portion is the first digital. The digital content decryption key encrypted using an encryption key associated with a content player application, Digital content decrypting means for decrypting the digital content decryption key using a decryption key associated with the first digital content player application; Generating means for generating characteristic information of the digital content decryption key using the decrypted digital content decryption key; Verification means for verifying whether the generated characteristic information matches characteristic information included in the valid portion of the first digital license; And And if the verification is successful, encrypting the digital content decryption key using an encryption key associated with the second digital content player application and including the encrypted key in an invalid portion of the digital license to enable the second digital content. Further comprising encryption means for transmitting to the content player application. In a digital rights management system in which a digital license grants certain usage rights associated with digital content, a method is provided for transferring the usage rights from a first digital content player device to a second digital content player device, the method comprising: a) receiving a request from the second digital content player device to transmit the usage right from the first digital content player device to the second digital content player device; b) setting a first status indication to indicate that the first digital content player device is no longer capable of exercising the usage rights granted by the digital license; And c) transmitting a response to transmit the usage right from the first digital content player device to the second digital content player device; By the step c), when the second digital content player device receives the response, set the second status indication to indicate that the second digital content player device can now exercise the usage right, Wherein the steps a) to c) are performed in the order described above. The method of claim 30, Prior to step (a), the first status indication indicates that the first content player application can exercise the usage right. The method of claim 30 or 31, Step (c) should be completed successfully within a predetermined time after the end of step (a). 33. The method according to any one of claims 30 to 32, And each time the first status indication value is changed, computing an authentication code that is a function of the first status indication value. The method of claim 33, Said authentication code being calculated as a one-way hash function of said first status indication value. 35. The method of claim 33 or 34, wherein the authentication code is calculated as a function of the first status indication value and a secret key. The method according to any one of claims 33 to 35, The authentication code is calculated as a function of the first status indication value and the current value of the secure forged counter which is incremented each time the first status indication value is changed. In a digital rights management system in which a digital license grants certain usage rights associated with digital content, a method is provided for transferring the usage rights from a first digital content player device to a second digital content player device. a) sending a request to the first digital content player device to transmit the usage right to the second digital content player device, whereby the first digital content player device causes the first digital content player to transmit to the first digital content player device. Set a first status indication to indicate that a player device can no longer exercise the usage rights granted by the digital license; b) receiving a response to transmit the usage right from the first digital content player device to the second digital content player device; And c) setting a second status indication to indicate that the second digital content player device can now exercise the usage rights; Wherein the steps a) to c) are performed in the order described above. 38. The method of claim 37, wherein prior to step (a), the second status indication indicates that the second content player device cannot exercise the usage right. 39. The method of claim 37 or 38, wherein step (c) must be completed successfully within a predetermined time after completion of step (a), otherwise transfer of the usage right is suspended. How to. 40. The method of any one of claims 37 to 39, further comprising computing an authentication code that is a function of the second status indicator value whenever the second status indicator value changes. 41. The method of claim 40, wherein the authentication code is calculated as a one-way hash function of the second status indication value. 42. The method of claim 40 or 41, wherein the authentication code is calculated as a function of the second status indicator and a secret key. 43. The method according to any one of claims 40 to 42, wherein the authentication code is calculated as a function of the second status indication value and the current value of a secure forged counter that is incremented each time the second status indication value changes. Characterized in that the method. A digital content player device for use in a digital rights management system in which a digital license grants certain usage rights associated with digital content, Request transmitting means for transmitting a request for transmission of a use right from another device to the digital content player device; Response transmitting means for transmitting a response to a usage right transfer request received by the digital content player device from another device; Request receiving means for receiving, by the digital content player device, a request for transmission of the usage right from another device; Response receiving means for receiving a response to the transmitted request for transmission of the user right from another device by the digital content player device; And When the right is transferred to the digital content player device, indicating that the digital content player device can exercise the user right, and when the right is not transferred to the digital content player device, the digital content player device And display setting means for setting a status display to indicate that the user cannot exercise the user rights. The method of claim 44, A timer for measuring a predetermined timeout period after the transmission of the user right transmission request by the request sending means, wherein if the corresponding response is before the expiration of the timeout period by the response receiving means; And if not received, the digital content player device stops transmitting user rights. 46. The method of claim 44 or 45, And authentication code calculating means for calculating an authentication code which is a function of the status display value whenever the status display value is changed. The method of claim 46, And said authentication code is calculated as a one-way hash function of said status display value. 48. The method of claim 46 or 47, And said authentication code is calculated as a function of said status display value and a private key. The method of claim 48, And a secure storage for storing the secret key. The method according to any one of claims 46 to 49, And a secure monotonic counter that is incremented each time the status indication is changed, wherein the authentication code is calculated as a function of the status indication value and the current value of the secure forged counter. The method according to any one of claims 44 to 50, And a tracking file, wherein said status indication is performed as a transaction flag stored in said tracking file. The method of claim 51, The tracking file includes a plurality of transaction flags corresponding to a plurality of digital licenses, each transaction flag associated with a corresponding digital license by using a unique license identifier stored in the license as an index in the tracking file. And a digital content player device. In a digital rights management system, there is provided a method of generating a second digital license from a first digital license rotor, wherein the first digital license gives a first digital content player application a predetermined usage right with respect to digital content, The second digital license grants the use rights to a second digital content player application, the digital content is typically encrypted, and can only be decrypted using a digital content decryption key, and the first and second digital licenses. Each includes a valid portion and an invalid portion, wherein the valid portion of the first digital license includes characteristic information of a digital content encryption key, and the invalid portion of the first digital license is an encryption key associated with the first digital content player application. Using cancer Encrypted digital content, including a decryption key, The method includes decrypting the digital content decryption key using a decryption key associated with the first digital content player application; Generating characteristic information of the digital content decryption key using the decrypted digital content decryption key; Verifying that the generated characteristic information matches the characteristic information included in the valid portion of the first digital license; And Check if the verification is successful and if successful encrypt the digital content decryption key using an encryption key associated with the second digital content player application and include the encrypted key in the invalid portion of the second digital license. And comprising a step. 54. The method of claim 53. And verifying that the valid portion of the first digital license has not been altered or tampered with. 55. The method of claim 54, wherein the first digital license is validated with a digital signature of a trusted authority, and proving that a valid portion of the first digital license has not been altered or tampered with, wherein the digital signature is the trusted authority. And verifying that the validity of the license is accurate with respect to content. 56. The method of claim 54 or 55, further comprising the step of denying the digital license if the license has been altered or forged. 57. The method of any of claims 53-56, wherein the valid portion of the first digital license includes characteristic information of the encrypted digital content. Generating characteristic information of the encrypted digital content; And And verifying that the generated characteristic information matches the corresponding information included in the valid part of the digital license. 58. The method of any of claims 53-57, wherein the encryption key associated with the first digital content player application is a public key of a first public / private key pair, and wherein the decrypting step comprises the corresponding private key. Using the method to decrypt the encrypted digital content decryption key. 59. The method of claim 58, wherein the encrypting step includes using a public key of a second public / private key pair associated with the second digital content player application to encrypt the digital content decryption key. Way. The method according to any one of claims 53 to 59, The characteristic information of the digital content decryption key is a hash of the digital content decryption key, and generating the characteristic information of the digital content decryption key includes calculating a hash value of the digital content decryption key. Way. 61. The method of claim 60, wherein the hash value is computed using a one-way, collision-free, circular restraining hash function. In a digital rights management system, there is provided an apparatus for generating a second digital license from a first digital license rotor, wherein the first digital license gives a first digital content player application a predetermined usage right with respect to digital content. Wherein the second digital license grants the use rights to a second digital content player application, the digital content is typically encrypted, and can only be decrypted using a digital content decryption key, the first and second digital Each license includes a valid portion and an invalid portion, wherein the valid portion of the first license includes characteristic information of a digital content encryption key, and the invalid portion of the first digital license is the first digital content player. Password using the encryption key associated with the application Digitalized content decryption key, The apparatus includes decrypting means for decrypting the digital content decryption key using a decryption key associated with the first digital content player application; Generating means for generating characteristic information of the digital content decryption key using the decrypted digital content decryption key; Verification means for verifying that the generated characteristic information matches the characteristic information included in the valid portion of the first digital license; And Check if the verification is successful and if successful encrypt the digital content decryption key using an encryption key associated with the second digital content player application and include the encrypted key in the invalid portion of the second digital license. Apparatus comprising encryption means. The method of claim 62, Further comprising license verification means adapted to verify that a valid portion of the digital license has not been modified or tampered with. The method of claim 63, The valid portion of the first digital license is validated with a digital signature of trusted authority, and the license verification means is configured to verify that the digital signature is correct for the trusted authority and the content of the valid portion of the license. Apparatus characterized in that it is adapted. The method of any one of claims 62-64, The valid portion of the digital license includes characteristic information of encrypted digital content, the content verification means generates the characteristic information of the encrypted digital content, and the generated characteristic information is a valid portion of the digital license. And adapted to verify that it matches the corresponding information contained in the device. The method of any one of claims 62 to 65, The encryption key associated with the first digital content player application is a public key of a first public / private key pair, and the decryption means decrypts the encrypted digital content decryption key using the corresponding private key. Apparatus comprising a. The method of claim 66, And said encryption means uses the public key of a second public / private key pair associated with said second digital content player application to encrypt said digital content decryption key. The method of any one of claims 62 to 67, The characteristic information of the digital content decryption key is a hash of the digital content decryption key, the generating means calculates a hash value of the digital content decryption key, and the verification means is configured to calculate the hash value and the first digital license. Comparing the hash values contained in the effective part of the apparatus. The method of claim 68, wherein And said generating means calculates a one-way, collision-free, original suppression hash function of said digital content decryption key.

Images