KR20090057981A - Transferring licensed digital content between users - Google Patents

Abstract

Techniques are described for reselling digital data content, such as books, other types of documents, music, video, software and games. Such data are stored in a small portable digital rights management (DRM) device, such as a non-volatile memory card or flash drive, along with a license that defines the extent of the use permitted of the data. The content and license data are processed by a microprocessor that is included in the memory card or flash drive, including modification of the license in response to the data content being resold and transferred to another memory card or flash drive. The process is a digital version of selling a book, CD, DVD or the like in a second-hand market.

Description

Transfer between authorized digital content between users {TRANSFERRING LICENSED DIGITAL CONTENT BETWEEN USERS}

The present invention relates generally to the field of digital rights management and, more particularly, to a method for transmitting rights of digital content licensed in accordance with the digital rights policy of content.

In the Internet worldwide network as well as other data communication networks, many digital appliances can interconnect and exchange information. Digital appliances include personal computers, laptop computers, tablet computers, personal digital assistants (PDAs), mobile phones, MP3 players, DVD players, game consoles, digital recording devices such as digital cameras, and the like. There is this. Certain users of the Internet and other networks, such as cables and satellites, or corporate or organizational networks, must distribute digital files, especially digital content files.

A digital content file contains data that is finally viewed, listened to, read, played back, played, or otherwise used by the end user, stored at some point prior to the end use, and / or displayed in numeric form. . The digital content file may be an audio file, a video file, a software file, an electronic book, a document, a computer game or other types of content.

Digital content files are often copyrighted, which places legal restrictions on distribution and end use. For example, users typically do not copy, distribute, modify, sell, and / or perform other end uses of copyrighted digital content files without first obtaining a license or other form of permission from the copyright owner. can not do it. Examples of copyrighted digital content files include commercial movies, commercial music, electronic books, software, computer games, and the like. Copyrighted digital content files are transmitted in braille permission to end-user buyers by content providers via the Internet.

In an effort to obtain the downloading and sharing of copyrighted digital content by unauthorized third parties, and to enhance the use of digital content in accordance with the permissions, various methods of protection are used by content owners. The collective term for control of the distribution and use of digital content is digital rights management (DRM). DRM systems typically include encryption methods for content security distribution between servers of content repositories and digital appliances. Such methods typically require the digital appliance to include execution of cryptographic algorithms and to hold cryptographic keys to access its content.

In many cases, software applications used to provide digital content implement any form of DRM that is relevant when a user attempts to access digital content. One of the operations performed by such an application is the process of decrypting the content file using encryption methods and encryption keys. In order to perform these operations, the application must have access to encryption methods and keys; Therefore, encryption methods and keys must be within the reach of the application. Typically, the encryption methods, keys, or both are in an application in the digital content file itself or somewhere in the digital appliance storage.

Digital appliances, such as computers or PDAs, are typically open platforms that allow computer programmers to deploy programs about it. In some cases, software programs are deployed to hack and deploy cryptographic keys and algorithms of the DRM system to bypass the DRM and access content. This process is commonly referred to as an "attack," and the DRM system is usually referred to as a "crack" or "hack" if the attack is successful. Computer programs that execute these functions are referred to hereinafter as hacking programs or cracking programs.

Other forms of attack using programming tools are included. For example, software debuggers track and trap the digital content information after the application decrypts it, and retrieve "protected" information. This information includes metadata and digital content files that describe how it is displayed. A hacking program that cracks the application and releases the information from the DRM system enables the construction of illegal copies of the original digital content file.

As a countermeasure, DRM systems may use more sophisticated encryption configurations and code confusion techniques. Other methods include adding tamper resistant hardware to storing cryptographic keys. These solutions either leak the cryptographic key to the digital appliance in the process of decrypting the information, or execute cryptographic functions internally, but do not leak the final result in its original form that can then be accessed.

A side effect that arises in the content protection methods is that the software application providing the digital content participates in the active part of the protection process by implementing the above mentioned encryption methods and code confusion. Since the content protection implementation must be kept confidential, it can only be known by the configuration that deploys the software application. In addition, the content itself should be modified with cryptographic keys and data known only to that particular implementation that causes the particular software application to be the only piece of software that can decrypt and provide the content. By allowing content to be used by a particular software application, the type and variety of digital appliances that can be used to use the content is limited to the type and variety of consumer electronic appliances that the configuration that deploys the application decides to support.

Another partially effective way to prevent digital content files from being copied and disseminated without control is to stream digital content files such as audio and video files to users. In this scenario, the files are not downloaded to be stored on the digital appliance, but rather "broadcast" as a radio program. This ensures that only a small block of content will be displayed on the digital appliance at each given moment. The negative side of this is that the user must be connected to a streaming source or online for the duration of the music program or movie. Another problem with streaming is that, in contrast to files stored in digital appliance storage, users who pay for streamed content cannot always access the content. Another problem with streaming is that there are programs today that record streamed content and reconstruct a digital copy of the original digital content without creating a significant difference in the human eye or ear.

In more recent developments, to improve the protection of content data files, cryptographic keys and algorithms are stored and executed in a dedicated DRM device separate from the digital appliance on which it operates. This technique is described in US Patent Application Publication No. 2004/0039932. Preferably, the DRM device runs on commercially available memory cards or flash drives, which have their own processing power. Appropriate memory cards are available from SanDisk Corporation, both of which are an acknowledgment of this document, and include those sold under the CompactFlash (CF), Multimedia Card (MMC), Secure Digital (SD), MicroSD, and Memory Stick PRO trade names. These memory cards are removably connected to the digital appliances through different mating connectors for most cards. SanDisk Corporation flash drives sold under the Cruiser brand include a plug according to the Universal Serial Bus (USB) standard, which can be plugged directly into any digital appliance with a USB receptacle.

Products and services that utilize dedicated DRM devices to store books and other documents are supplied by SanDisk Corporation under the trademark BookLocker, FlashCP. End users typically download data of books and documents from the Internet to a DRM device, which is a flash drive, via a connected digital appliance. The data is stored in a portion of the nonvolatile flash memory of the DRM device that is inaccessible by the digital appliance to which the DRM device is connected. Rather, the data is accessed by the internal processor of the DRM device and one page at a time is sent to the digital appliance for display to the end user. This generation of document page images makes it very difficult for illegal copying of document data files to be stored on a DRM device.

When a book is purchased, data about the book is downloaded to the end user's DRM device. In addition to receiving data of book content, end-users receive data about licenses purchased for use of the book, which licenses are also stored in non-volatile memory. The license defines the rights of the end user of the data content. If the DRM device in which data about the book is stored is connected to a digital appliance with an appropriate video display, the book can be read by the end user by license. The right to use data content is not limited to any particular digital appliance or type of digital appliance. The digital appliance with which the DRM device can be used does not need to hold keys, security algorithms, etc .; These are contained within and processed by the DRM device.

Stored on DRM devices that mimic the legitimate transfer of content implemented in conventional physical forms of books, music CDs, video DVDs, computer software or game CDs, while limiting any increased risk to content providers of illegal copying and use. It is desirable to provide the end user with the right to resell or transfer the content. This is accomplished by sending the content to the buyer's DRM device in accordance with a license appropriate to use the content, wherein the seller's license of the DRM device restricts or suspends further access to the content data stored on the seller's DRM device. The provider of the content, or any other rights granted to the content, may be included in the transaction by providing a new license to the buyer's DRM device and limiting or suspending the content license on the seller's DRM device. The content provider or licensing right is assigned a portion of the purchase price paid by the buyer, most of which is assigned to the seller. Or, the original license of the seller's DRM device allows the buyer's transfer to the DRM device without obtaining permission or including a content provider or licensing right. In this case, the original license automatically changes after the transfer of the content to limit or stop the seller's right to access the content of his or her DRM device. In addition to or instead of modifying or changing the license of the seller's DRM device for the transferred content, the transfer process may be done to include deleting the content from the seller's DRM device memory, but typically this is done by the DRM device. Because of the high level of security provided to the content, it is not necessary as with digital rights management issues. The content cannot be read at the DRM device by the connected digital appliance except as permitted under the stored license.

In still other aspects, the advantages and features of the invention are included in the following description of illustrative examples of the invention, which description should be taken in conjunction with the accompanying drawings.

All patents, patent applications, articles, standards, books, other publications, documents, and things mentioned in this specification are hereby incorporated by reference in their entirety for versatility. The definition or use of terms in this document prevails to the extent of any discrepancy or conflict in the definition or use of terms between any of the integrated publications, documents or objects and the text of this document.

1 illustrates the use of two types of DRM devices with one type of digital appliance.

2 is an electronic block diagram of an example DRM device as shown in FIG.

3 illustrates an example division of a nonvolatile memory of the DRM device of FIG.

4 illustrates a method for downloading content from a central provider of content to a DRM device.

5 provides an example of the operation of the DRM device of FIG. 2 to retrieve data of stored content.

6-9 illustrate different methods of transferring rights of content from one user's DRM device to another user's.

DRM devices and their operation

A general form of the DRM device 11 and the digital appliance 13 is shown in FIG. 1. The DRM device 11 is a flash drive with a USB plug 15 for detachably inserting into a USB receptacle 17 of the digital appliance 13, which digital appliance 13 is usually a personal computer comprising a USB receptacle. It will be a notebook computer or other host. Of course, different digital appliances offer the same connectivity possibilities for different types of memory devices. Alternatively, the plug 15 may be in the form of a firewire connector. In addition, wireless communication may be used instead of the wired connection between the digital appliance 13 and the DRM device 11.

The use of the SD card 19 as a DRM device is also described in FIG. 1, which is removably insertable into the card slot 21 of the digital appliance 13 to electrically connect with an external contact 23. Any form of memory card adapter, such as plugging into the digital appliance's USB receptacle, can be used instead of using the dedicated card slot of the digital appliance itself.

Another memory storage device that is very useful for DRM devices is a memory card with two different external connectors on the card, both of which connect to an internal memory controller, one for inserting a USB receptacle, and another for an SD card standard. As per the standard set of card contacts. Such devices are described in US Patent Application Publication No. 2005 / 0230484A1 entitled "Memory Cards with Two Standard Sets of Contacts," and "Memory Cards with Two Standard Sets of Contacts and Contact Covering Mechanisms." Described in patent publication 2006 / 0084287A1. These memory cards also use a wireless data communication interface with a host system in addition to or in lieu of two sets of contacts.

Any video content of the data stored on the DRM device can be shown by the user on the video display 25 of the digital appliance, and any audio content can be listened to via the audio speaker 27 or earphones. The digital appliance 13 includes only one of the display 25 or the audio source 27, or includes multiple copies of them if dedicated to playing only video or audio content, respectively. Any other human sensory transducer can be used as part of the digital appliance 13 where appropriate for playing data of content files stored on the DRM device. DRM devices do not include most video, audio or other human sensory transducers that play stored content, but rather rely typically on digital appliances for such functions.

Content files and other data are stored in the flash memory of either of the devices 11 or 19 via the digital appliance 13 that is inserted when the digital appliance is connected to the Internet or some other network that communicates with these data sources. Downloaded. Or, the DRM device does not have one of the video display 25 or the audio speakers 27, and the content is obtained from a digital appliance which is somehow connected to the network by, for example, wireless Internet access through a hotpoint switch. Get

The electronic functions of such flash memory devices 11, 19 are typically shown in FIG. 2. The device includes a flash memory 31 having an array or a plurality of arrays of flash memory cells formed in one or more semiconductor integrated circuit chips. The memory controller 33, usually formed on another chip, typically includes a bus 35 extending between the interface 37 and the interface 39 having the flash memory 31 of the device. The bus 35 is connected to a micro-processor 41 and a memory 43, which is volatile random access memory (RAM) and one or more circuits, typically for special purpose calculations, for example data and security. Circuitry 45 for calculating error correction codes (ECCs) from processing circuitry 47. The external connector 49 is formed outside of the memory device and is mechanically or electrically mated with the connector 51 or in communication with the digital appliance 31. Of course, if the devices 11 and 19 are wireless, the external connectors 49 and 51 are not present, rather they are replaced by antennas of the DRM device and the digital appliance and an operable connection is made to transfer data between them. The two are connected to the interface by the provided method.

The shape of the connector 49 is unique compared to the standard of a particular memory card or flash drive used as a DRM device. Many such standards exist. For example, a public document describing the physical and arbitrary electrical characteristics of an SD card is available from the SD Association (SDA): "Simple Form: Part 1 Physical Layer Specification Version 1.01," dated April 15, 2001. Instructions for TransFlash Memory Cards are available from SanDisk Corporation. The mechanical and electrical details of the USB interface are provided by the Revision 2.0 "Universal Serial Bus Manual" dated April 27, 2000. Another high-speed transfer rate interface known as FireWire is detailed by the following standards of the Institute of Electrical and Electronics Engineers (IEEE): IEEE Standard for High-Performance Serial Buses, Changed to Document Numbers IEEE 1394a-2000 and IEEE 1394b-2002 ", Document number IEEE 1394-1995.

It is also desirable to manufacture the DRM device in a manner that is difficult to disassemble. This provides additional security of the data stored on the device. Such manufacturing techniques and flash drives resulting from the techniques are described in US Patent Application Publication No. 2004 / 0137664A1.

The technique contemplates that the DRM device is implemented in the form of a memory card or flash device that is removable from the digital appliance. However, there are applications where it is desirable to permanently install a DRM device in a digital appliance, for example, the digital appliance is portable like an audio MP3 player. In this case, the DRM device is preferably formed separately in a sealed package, making it more difficult to disassemble, thereby increasing the security of the data processed.

The microprocessor 41 (FIG. 2) of the controller 33 manages the operation of the flash memory 31, interfaces with the digital appliance 13, processes data flow between the two interfaces, and provides two interfaces. Process or supervise the processing of data flowing between the liver. The flash memory 31 can be partitioned operationally in the manner shown in FIG. 3, physically, logically or in combination. Segment 55 may be provided for conventional data storage, where provided, digital appliance 13 is allowed by controller 33 to process said portion of memory to store data therein. Another portion 57, in this example the remaining portion of the memory space, is made inaccessible by the digital appliance. Rather, the hidden portion 57 is accessible by the controller 33 when it is necessary to execute the requests and instructions of the digital appliance 13. The controller 33 accesses the hidden portion 57 of the flash memory to perform its functions, but this portion is not in the logical address space of the memory device seen by the digital appliance 13.

Memory segment 59 may be provided within hidden portion 57 to store firmware that controls the operation of controller 33. The firmware is loaded from the flash memory 31 into the controller memory 43 as needed and executed in the memory 43 by the microprocessor 41. Another segment 61 contains data of the content to be retrieved by the digital appliance 13, but this data is transmitted to the digital appliance after processing by the controller 33. Data about the license that sets rules regarding access and use of the content may be stored in segment 63. Another hidden segment 65 may be provided for storing data of cryptographic keys, serial number or other unique identification device and other secure data used when loading content data into memory portion 57. Another hidden memory segment 67 may also be included for use by the controller to immediately store its processing results that are not accessible by the digital appliance 13.

Another way of storing content in the hidden portion 57 may be stored in encrypted form in the memory portion 55 accessible by the host within the logical address space of the memory. Other items shown in FIG. 3 within the hidden portion 57 may be processed the same. Indeed, with an appropriate cipher, there may be less memory capacity or no hidden memory capacity.

There is a wide range of types of content data that can be stored in the memory segment 61. Data about books, magazines and other documents is one example where a DRM device is quite useful. Data about music, literature, books and other audio sources may be stored on the DRM device. Various types of image data may be stored as contents including still images, movies, television shows, and the like. The DRM device may also be used to store data of games or various software applications. Typically, any type of data that a user wishes to access or store may be stored as content in the DRM device. The DRM device described herein allows a content provider to control its use so that the provider can earn money instead of allowing its use.

The content may be downloaded to the memory segment 61 via a digital appliance that is typically connected to the DRM device on the Internet, or any other computer network. License data specifying the permission to use the content is downloaded to the memory segment 63 in the same manner. License data is typically downloaded as part of content downloading to set constraints on the use of the accompanying content. Examples of license constraints include the date or time that access to the content is allowed, the date the license ends, the conditions for keeping the license valid, and whether the content can be transferred to another DRM device. . The controller of the DRM device uses the license data to control whether the content requested by the user is submitted. But not controlled is a host or other digital appliance that can be used to retrieve data from a DRM device. Since the DRM device, the content stored in it, is portable, its owner uses a wide range of digital appliances at various locations to access the stored content. Licenses granted to users are limited to any digital appliance.

The transmission of content and license data is preferably done over the internet in an encrypted manner, but can be decrypted within the DRM device before being stored therein. Although content data may be stored in encrypted form, inaccessibility by the digital appliance of the memory segments in which they are stored protects the content and license data from unauthorized access, even if stored in an unencrypted form. They are only accessed by the controller and not encrypted, but submit the content to the digital appliance in a format that is not particularly useful to anyone wishing to copy content data from the DRM device without permission.

The various types of data stored in the DRM device need not be divided in the same way as the example shown in FIG. 3. Various types of data may be distributed in memory rather than stored in specific segments. In addition, data can be fragmented by, for example, storing pieces of license within pieces of content. The data may also be stored in areas that are not hidden from the user, as long as the user does not have access to the data, such as when the data is encrypted. In addition, the content data and license data can be stored differently, some of the memory is hidden from the DRM device and cannot be accessed externally, while others are externally accessible portions but in encrypted form. Data stored in the hidden memory portion does not typically need to be encrypted, but may be encrypted. In one particular example, the content data is stored in an encrypted form in an externally accessible portion of the memory, and the license data is stored in a hidden portion of the memory without encryption. In addition, only a portion of the stored data can access the content at any point in time, for example, with or without a license.

4 illustrates a transaction that results in the downloading of new content data from content provider 71 to DRM device 73 via digital appliance 75 to which the DRM device is connected. The DRM device 73 is similar to the device 11 or 19 described with respect to FIG. 2. The end user sends a request from his or her computer or other digital appliance 75 over the Internet to the content provider 71 to receive data of the content of the particular item. The payment 79 for paying for the license may also be sent by credit card use or some other payment transfers. Again, the requested content 81 and accompanying license 83 are transmitted to the digital appliance 75 via the Internet and stored in the DRM device as shown in FIG. Alternatively, content and licenses may be obtained from different providers.

The content content stored in the DRM devices 11, 19 can be used in the manner shown in FIG. 5, with any functional operations of its controller 33 (FIG. 2) executing its firmware. In response to a request 85 from the digital appliance 13 to access an item of content stored in the flash memory 31, the policy manager 87 accesses license data stored in an area 63 of the flash memory. The policy manager 87 determines whether the requested access is in accordance with the permission granted by the license associated with the accessed content. In addition, the content manager 89 accesses the requested content in the area of the flash memory. If the policy manager 87 determines that it is licensed, then it is allowed at 91 to pass the rendering operation 93 so that the data of the requested content is ready for output to the digital appliance 13. Although the policy manager 87 has determined that access is granted by the license, a message is sent to the digital appliance 13 to suspend the access operation and notify the end user of this fact.

The rendering operation 93 executed by the controller 33 of the DRM device preferably provides the output of the content data to the digital appliance 13 to which it is connected so that the end user can benefit from the purchased license. It is not a useful format for illegal copying of data accessed at the same time. A small portion of the content data is sent to the digital appliance 13 at a time and in a format that is difficult or unrealistic to aggregate to regenerate the content data file. The DRM device preferably arranges the presentation of the content data to the digital appliance rather than sending the entire data file in a format that can be copied. This provides considerable protection against copying the content data file by outputting in an unencrypted format from the DRM device.

For example, if the content is a book, magazine or other document, the rendering operation 93 sends the image to the digital appliance 13 one page at a time, for example in the form of a bitmap image. This is what all end users require to be able to read the document, but security is maintained because this output is not particularly useful to anyone who wants to copy the data being rendered. The illegal copyer prefers to access the data stored in flash memory 31, the entire data file in any conventional format, rather than assembling the bitmaps of each page into such a file. Similar limited rendering may be provided at the output of the DRM device for other types of content data.

Authorized Digital Content Transfer Between Users

For the purpose of trading content in digital format that is very similar to the content in physical formats, such as books, CDs, DVDs, and software or game CDs, digital content may be purchased by a book, CD or DVD buyer to another buyer. Like reselling, it should be transferable from one user to another. The objectives of the techniques described herein are to effectively deliver the content to another person in a way that parallels the operation of existing markets in the corresponding used physical items, such as books, CDs and DVDs. It is to permit the licensing of copyrighted digital content.

6-9 illustrate several such systems. In each of these examples, license data controlling the digital content and its use is downloaded from the content provider to the DRM device 101 of the type described with respect to FIGS. 1, 2, 3, 5 in the manner shown in FIG. 4. . This digital content is almost rendered through the digital appliance 103 to which the DRM device 101 is connected for this purpose. An end user "seller" who owns the DRM device 101 and initially purchased the rights to the content would like to sell the content to another end user, like the item now being used. This end-user "buyer" who wishes to purchase content has a DRM device 105 that can store digital content and license data through the digital appliance 107.

In most of the example systems shown in FIGS. 6-9, central authority 109 is in some way involved in a transaction between a buyer and a seller. Such rights may exercise control and maintenance of individual user licenses with respect to digital content stored on various DRM devices. For this purpose, entitlement 109 typically maintains digital content and license data mostly on one or more servers used to enable "used" content sales. Rights 109 include a content provider or entity that acts as an agent for content providers to license their copyrighted works. The central authority 109 requires a portion of the resale price as a condition to allow transfer from one user to another user and somehow facilitate it.

However, in the example of content delivery used in FIG. 6, this right 109 is not included in content delivery. The transaction takes place directly between the buyer and seller's DRM devices. In this case, the license stored on the DRM device 101, which also controls the use of the stored content data, may possibly have some limitations, without requiring the user of the device to seek additional permission from the content provider or the authority 109. Allows transfer of content and licenses for use of that content. Examples of such constraints are to limit the number of times the associated content data can be copied and to determine when it is allowed. Voluntary sellers and buyers find each other through postings on appropriate Internet web sites, facilities provided by content providers as part of their content storage, print advertisements, and then digitally "used" as indicated by path 11. Negotiate the selling price and other terms of the content. The transaction is completed by the buyer sending the purchase price to the seller as indicated by path 113 and the seller sending the content data and license to the buyer as indicated by paths 115 and 117. Optionally, the price may be fixed at the time of the original license with respect to the seller, and / or transfer to one or more friends or relatives of the seller is characteristically free.

In response to the completion of this transaction, the license status in the seller's DRM device 101 automatically changes the usage rights by the seller of the stored content data by terminating the license. If the usage rights by the DRM device 101 terminate at approximately the same time as the DRM device 105 requires content and a license to use it, the transaction may be associated with the sale of a book, CD, DVD or other physical form of content. similar. Optionally, the order of the events may differ slightly from the above depending on, for example, a license that changes before the transaction is completed and, if not, changes back to its original state.

In addition, the original license allows the original purchaser to retain his or her license even when he continues to use content that is resold with or without time restrictions, or sells additional copies of a specified number of times, usually within a certain set time limit. Will be. This retention right is in addition to the transfer right imitating the rights of the owner of the physical book, audio CD, video DVD or other form of content. License data stored in the DRM device 101 specifies these permissions and conditions and is executed by the DRM device firmware when executing content and license transfers. The license transmitted to the purchaser's DRM device 105 is included as part of the original license stored in the seller's DRM device 101, and the initial cost of the license and content for the user of the DRM device 101 is typically any such re-authorization. (relicensing) depends on the scope of authority.

Content and license data are typically transmitted from the DRM device 101 to the DRM device 105 beyond the seller's digital appliance 103 and beyond the buyer's digital appliance 107 via the Internet or any other network. Digital appliances typically include software that performs these transmissions. The firmware stored on the DRM devices enables this transfer to occur even if the memory space storing the content and license data is hidden or otherwise inaccessible by the connected digital appliance. This transfer is preferably performed by the seller's DRM device 101 using, for example, an algorithm stored in a hidden portion 65 of that memory (FIG. 3) and a security key from the memory portion of the buyer's DRM device 105. Encrypted within. The received encrypted content and license may be decrypted within the receiving DRM device 105 and stored in hidden areas 61, 63 of its memory.

Another example of delivering content is provided in FIG. 7. The method is similar as between buyer and seller as described above with respect to FIG. 6. Negotiation 121 takes place, followed by an agreement regarding the amount the buyer is paid to the seller, as indicated by path 123. In this regard, the seller transmits the content to be resold and buyer data that is a license to use the content, as indicated by paths 125 and 127. However, the difference here is that the original license that is purchased by the seller and stored in the DRM device 101 does not allow this transaction to occur. Rather, the seller must first obtain permission from authority 109 by making a request and paying a fee, as indicated by paths 129 and 131. The fee may be as high as a small percentage of what is paid to the seller by the buyer, for example 10-20%, or in certain circumstances 50%. Optionally, the fee for central authority 109 may be a fixed minimum dollar. This fee may be zero in the case of an authorization transfer, for example to an transfer to a friend or relative by exchange or other means.

The right 109 in the embodiment of FIG. 7 transmits a license to the DRM device 101 as shown in the path 133 to transfer content stored in the DRM device 101 to another DRM device, It may be implemented in the same manner as described above with respect to FIG. This license permits one-time transmission only to any other DRM device, or only the specific DRM device 101 referenced in the seller's request 129. The license of the DRM device 101 is typically modified at the same time as indicated by the path 135. Such modification terminates the seller's rights with respect to any further use of the content, places a time limit on any further use, or provides other restrictions. Optionally, the seller may be allowed to continue using the content without any limitations not originally prepared for the license, and no license modification 135 occurs. The license may also be sent by the authority 109 to the DRM device 105 to make the transferred content data available to the purchaser.

The embodiment of FIG. 7 may be modified to be paid by the buyer to the authority 109, with some, typically the majority of that payment going back to the seller. A request for sales authority may be made to authority 109 from either the buyer or seller. It may also be possible not to publish the original license as to what may be done to the content after the first use, such as in the case of a physical book being purchased. However, in the case of electronic distribution, the authority 109 prevents the transmission of content until the seller has paid some of the authority to the authority 109 until the reauthorization information is obtained from it.

In another embodiment described by FIG. 8, there is also a direct negotiation between the buyer and the seller, and the buyer pays the seller for the content delivery as indicated by path 141. The seller also pays a portion of the path 145 to the rights 109 for what they receive from the buyer for the content. Right 109 may also modify the license at the DRM device as shown by path 147. So far, the transaction of FIG. 8 is quite similar to that of FIG. Instead of authorizing the seller's DRM device 101 to transfer content and licenses to the purchaser's DRM device 105, the permission 109 is assigned to the DRM device 105 as shown by paths 149 and 151. Send these directly to. As in this case and also in other cases, the right 109 retains all of the content that is authorized to the mass memory servers. The identification of license data, authorized DRM devices and their owners, and other data may also be maintained by the authority 109 on the same or additional servers. The same permission 109 may also be the source 71 of original downloads of content and license data (FIG. 4).

In the transaction embodiment of FIG. 9, both the buyer and the seller deal with rights 109 and not with each other. The seller contacts right 109 if he or she wishes to resell the content back to the content provider. This is indicated by path 155, and as shown by path 157, the negotiated amount is paid to the seller. The license of the seller's DRM device 101 may then be modified by the authority 109 per path 159 to disable the content.

The seller initiates a request for permission 109 to make the content downloaded to his or her DRM device 105 available. This is indicated by path 161 in FIG. 9, where a negotiated price is paid to authority 109, as shown by path 163. Accordingly, the authority 109 sends content and license data to the DRM device 105 via the digital appliance 107 as shown by paths 165 and 167, respectively. The content and license data are stored in the DRM device 105 in the manner described above. Content is made available to Buyer in a manner permitted by License.

In the case of FIG. 9, the authority 109 serves as a clearing house for reauthorization of previously authorized content. This embodiment is particularly useful when the number of copies of a given piece of content is maximum, which allows the provider of that content to be disseminated at that time. Once the maximum number of copies are downloaded and licensed to individual DRM devices, an existing licensee must relinquish his or her license by reselling rights back to rights 109 before anyone else gets permission. do.

In addition, the rights of one or more limited number of copies of the content item may be sold at the auction by right 109 in the transaction model of FIG. 9, instead of executing negotiation 161. The price 163 may be set by the highest bidder if the highest bid is accepted by the authority 109. Block transfer of copies of specific content may also be auctioned to the highest bidder, such as an intermediate reauthorization right.

Auctions may also be used in the transaction models of FIGS. 6-8, instead of the negotiation between the buyer and seller shown, to sell specific content of a single copy. Such auctions may be conveniently held at appropriate internet sites where sellers post content to be sold and prospective buyers may bid and the seller typically chooses to sell the content to the highest bidder.

Another system for distributing content mimics a library system of the type normally operated by public bodies, charities or even commercial stages. Right 109 of FIG. 9 becomes a library and “loan” a predetermined number of copies of one or more copies of each of the majority of items of content, such as books, audio productions, videos, computer games, and the like. Has the authority to do so. The rights of each copy of this work may be "checked out" individually. If all the copies maintained by the library are checked out, the library cannot borrow works from another person until someone checks the copy back in the library. The transfer to an individual by the library of content items according to the license to use it constitutes a "check out" of one copy of the item. "Check-in" may occur when an end user initiates termination of a license, but more typically may be considered to occur upon automatic expiration of a license when an event occurs. Such an event may be the expiration of a fixed time, such as a week or weeks after the content and license have been sent to a particular end user. Once one of the limited number of licenses for a particular work has ended, the library can freely re-authorize a copy of the work to someone else.

The library is a record of a number of activity licenses for each work, and upon receiving a request to borrow a copy of the work, the library shall determine that the number of activity licenses for the lender is equal to the number of copies of the work, subject to the conditions permitting the rental. Check to see if it is smaller. If small, a copy of the requested work may be rented. Otherwise, the request is ignored. As soon as the activity license expires or otherwise expires, the library has a copy of the work to be re-rented.

conclusion

While various aspects of the invention have been described with respect to exemplary embodiments thereof, it is to be understood that the invention is entitled to the protection within the full scope of the appended claims. In particular, modifications to the example transactions described above primarily with respect to FIGS. 6-9 may be made to accommodate other specific situations.

As mentioned above, the present invention is generally used in the field of digital rights management, and more specifically, to provide a method for transmitting rights of digital content licensed in accordance with the digital rights policy of content.

Claims (37)

In the method of managing the use of items in the data content, Using at least first and second portable devices, each including a processor, a reprogrammable nonvolatile memory and an interface, to connect with any one of the plurality of digital appliances; A method of defining the presentation of the data content by the first portable device, causing the processor of the first portable device to connect to one of the plurality of digital appliances to which the first portable device is connected via its interface. Storing the data content item in a nonvolatile memory of the first portable device, in accordance with data of a first license that enables rendering the item of data content from the first portable device; A method of defining the presentation of the data content by the second portable device, causing the processor of the second portable device to connect to one of the plurality of digital appliances to which the second portable device is connected via its interface. Storing the data content item in a nonvolatile memory of the second portable device, in accordance with a second license that enables rendering of the item of data content from the second portable device; In response to storing the item of data content in a nonvolatile memory of the second portable device, the first license stored in the first portable device is further configured to cause the processor of the first portable device to select the item of data content. 1 to allow the portable device to be modified to render to one of a number of digital appliances connected through its interface. And an item usage management method of data content. The method of claim 1, wherein the modification of the first license comprises terminating the right to use an item of data content stored on the first portable device. The method of claim 1, wherein the data content and second license are transferred from the first portable device to the second portable device, wherein the second license is derived from the first license. 4. The method of claim 3 wherein the first license is automatically modified to terminate the right to use an item of data content stored on the first portable device. The method of claim 1, wherein the item of data content and the second license are stored on the second portable device at a master computer. 6. The method of claim 5 wherein the first license is modified by the master computer server to terminate the right to use the data content stored on the first portable device. The method of claim 1, wherein at least one of the first and second portable devices is a flash memory card. The method of claim 1, wherein at least one of the first and second portable devices is a flash memory drive, the interface of which includes a USB connector. The method of claim 1, wherein the data content comprises data of recorded text. The method of claim 1, wherein the data content comprises audio data. The method of claim 1, wherein the data content comprises video data. The method of claim 1, wherein the data content comprises computer software. The method of claim 1, wherein the data content comprises a computer game. The method of claim 1, wherein storing the data content item in memories of the first and second portable devices comprises: storing a portion of its nonvolatile memories that is not within an externally accessible address space of the memories. And storing the item of data content. The method of claim 1, wherein storing the data content item in memories of the first and second portable devices further comprises storing the data content item in an encrypted format. Way. 16. The method of claim 15, wherein storing the data content item in memories of the first and second portable devices comprises storing in a hidden portion of its nonvolatile memories that are not in an externally accessible address space of the memories. And storing the license data. The method of claim 1, wherein the interface of the at least first or second portable device comprises a physical connector having electrical contacts. The method of claim 1, wherein the interface of the at least first or second portable devices comprises a wireless connection. In the method of operating a lending library of digital content, Storing, on at least one computer server, a plurality of content items and digital data of a corresponding license that permits to rent a given number of one or more copies of individual items of the plurality of content items at a time; Maintaining a record of the number of loaned copies of individual content items having corresponding activity licenses for use of the individual content items; In response to a request from the digital appliance to borrow a copy of a particular item of individual content items, confirm that all given numbers of copies of the particular item are rented using the current activity license, otherwise recalling the requested item. Sending a copy of the requested item to the digital appliance in accordance with an associated license limiting the period of time over which the copy's content data can be used; Storing the copy of the requested item and the associated license in a memory of a portable device detachably connected to the digital appliance. And operating a rental library of digital content. 20. The method of claim 19, further comprising the portable device for providing a limited rendition of the content data to the digital appliance using the rendered content data. 20. The system of claim 19, wherein the at least one computer server determines the number of rental copies of one individual item having active licenses in the recording of the rental copy, in accordance with the duration of the license of one of the individual items of excess content. Reducing, how to operate a rental library of digital content. As a portable device, Reprogrammable nonvolatile memory for storing data content and associated license data; A memory controller, An interface through which access to the memory can be established by any one of a plurality of digital appliances Access to the memory is under control of the memory controller, The memory controller accesses content and license data stored in the memory to provide limited presentation of the data content via the interface according to the term of the license for efficiency of use by any one of the plurality of digital appliances. , And the memory controller is further operable to modify the term of the license to subsequently change the presentation of the data content via the interface. 23. The system of claim 22, wherein the memory is divided into at least open and hidden portions in such a way that data of the data content and associated licenses can be stored in a hidden portion of the memory, and wherein the memory controller is not the hidden portion of the memory. Providing access through the interface to an open portion, the memory controller accessing the hidden portion of the memory. The portable device of claim 22, wherein the data content and data of an associated license are stored in a hidden portion of the memory. 23. The portable device of claim 22, wherein the memory is also capable of storing data content and data of an associated license in encrypted form in a portion of the memory to which the memory controller provides access via the interface. 26. The portable device of claim 25, wherein the data content and data of an associated license are stored in cryptographic form in a portion of memory where the memory controller provides access via the interface. 23. The system of claim 22, wherein the memory is divided into at least open and hidden portions in such a way that the data content can be stored in an encrypted form in an open portion of the memory and that data of a related license can be stored in a hidden portion of the memory. And the memory controller provides access through the interface to an open portion that is not a hidden portion of the memory, and the memory controller accesses the hidden portion of the memory. 23. The portable device of claim 22, wherein the data content is stored in encrypted form in an open portion of the memory and data of an associated license is stored in a hidden portion of the memory. 23. The portable device of claim 22, wherein the memory controller is operable to modify the term of the license in a manner that subsequently terminates the controller's ability to provide limited presentation of the data content via the interface. 23. The portable device of claim 22, wherein the memory controller is operable to modify the license data in response to a command received via the interface. 23. The portable device of claim 22, wherein the memory controller is operable to automatically modify the license data when the data content is transmitted over the interface without the limited presentation. 23. The portable device of claim 22 wherein the interface includes a connector having a set of electrical contacts suitable for matching receptacles of the plurality of digital appliances. 23. The portable device of claim 22 wherein the interface comprises wireless communication suitable for operating with the plurality of digital appliances. A computer system comprising the portable device of claim 22, comprising: And cannot use the limited presentation of the content data without using its interface in connection with one of the plurality of digital appliances utilizing the limited presentation of the content data. As a computer system, At least one server comprising content data of various items and associated data of a license defining acceptable renderings of the items of content data; A number of digital appliances, each communicating with the server and capable of utilizing permissible rendering of data content of various items in accordance with their associated license data; A plurality of portable storage devices, The plurality of portable storage devices, Reprogrammable nonvolatile memory, A memory controller, An interface through which access to the memory can be established on one of the plurality of digital appliances Access to the memory is under control of the memory controller, At least one of the items of content data having its associated license data is transferable from the server to at least one memory of the portable storage devices via one of the digital appliances to which the portable storage device is interfaced and , The memory controller accesses the content and license data stored in the memory such that the portable device provides a limited presentation of the data content to one of the digital interfaces that are connected to the interface according to the associated license data, The associated license data is stored in the memory to cause the memory controller to transmit the content data via the interface without the limited rendering, and thereby alter the rendering of the data content allowed through the interface. And modify the stored related license data. 36. The computer system of claim 35 wherein the associated license data causes the memory controller to automatically modify the associated permission data in response to the transmission of the content data through the interface without the limited rendering. 37. The computer system of claim 36 wherein the associated permission data causes the memory controller to modify the associated permission data to terminate any further transmission or rendering of the content data via the interface.

Images