TW201224831A - Digital content and rights object management systems and methods - Google Patents

Abstract

Digital content and rights object management systems and methods are provided. The system at least includes a storage device having a hardware UID, a public area and a hidden area. The public area at least includes a security management application. The hidden area at least includes a rights object, a key and a specific ID. The specific ID is read and determined whether or not it matches with the hardware UID. When the specific ID matches with the hardware UID, the rights object is retrieved from the hidden area, and the rights object is delivered to a security management application of a playback device for playback. In some embodiments, the rights object may be encrypted, and the security management application can read the hardware UID of the storage device, and decrypt the rights object according to the hardware UID. In the present invention, the hardware UID of the storage device and the rights object stored in the hidden area which cannot be accessed by general consumers are used to manage the DRM content.

Description

201224831 VI. Description of the Invention: [Technical Field] The present invention relates to a digital content and rights object management system and method, and more particularly to a hardware unique identification code that can be stored in a storage device according to a storage device A system and method for managing rights management objects in a storage device to manage digital rights management content in a storage device. [Prior Art] With the spread of electronic devices such as computers or portable devices, digital content has become the main data recording type of these devices due to the convenience of digital content. At the same time, content providers are also working to develop applications for various styles of digital content. Currently, digital content can be delivered in two well-known ways. In the offline mode, digital content is stored on discs such as CD/VCD/DVD. The user can play digital content with any playback device at any time. The rights management of the content in the disc can be accepted by most users. However, the mobility of the disc due to the volume of the disc is also limited. In addition, in this manner, digital rights management methods are inefficient because content rights management requires the participation of content providers, manufacturers of playback devices, and disc manufacturers, and each party has different focuses and interests. In addition, since the content is pre-recorded on the disc, the type of digital content that can be played is limited, and bottlenecks will be encountered for the development of business models across applications and different content. In the online mode, digital rights management content and/or rights objects can be downloaded to the memory of a playback device via the Internet. Once the digital rights management content and rights objects are delivered to the playback device, the playback device

Patent 10/9034-A41912-TW/Draft-Final 4 201224831 The digital rights management agent stores the rights object to a place that cannot be accessed by the general user, and binds the rights object to the device code of the playback device. When an electronic device wants to access the content, it first determines whether the device code of the electronic device matches the device code bundled with the content file. When the device code of the electronic device conforms to the device code bundled with the content file, the electronic device is allowed to access and decrypt the content. In this way, content is forced to be bundled with a particular device. Since the user may wish to access the content on other devices, the fair use rights of the user who owns the content will be severely restricted. SUMMARY OF THE INVENTION In view of the above, the present invention provides a digital content and rights object management system and method. A digital content and rights object management system in accordance with an embodiment of the present invention includes at least one storage device having a hardware unique identification code, a public area, and a hidden area. The public area has at least one security management application, an authentication module, an encryption and decryption algorithm, and/or a digital rights management content. Note that the authentication module can be used to securely manage a part of the application or a separate program. The hidden area has at least one rights object, a key, and a specific identification code. The authentication module reads the specific identification code from the hidden area and determines whether the specific identification code matches the hardware unique identification code of the storage device. When the specific identification code matches the hardware unique identification code of the storage device, the security management application retrieves the rights object from the hidden area of the storage device, and delivers the rights object to a security management application of the playback device, and the rights object will be The corresponding digital rights management content is combined for playback. Note that in some embodiments, the rights item can be stored

Patent 10/9034-A41912-TW/Draft-Final 5 201224831 The security management application or a separate encryption and decryption algorithm is used to encrypt based on the key derived from the unique identification code. When the rights object is retrieved from the hidden area, the storage device's security management application or the independent encryption and decryption algorithm will use the associated key to decrypt the rights object. A digital content and rights object management method according to an embodiment of the present invention. First, a storage device including at least one of a hard unique identification code, a public area and a hidden area is provided. The public area has at least one security management application, an authentication module, an encryption and decryption algorithm, and/or a digital rights management content. The hidden area has at least one rights object, key, and a specific identification code. The specific identification code can be read by the authentication module from the hidden area and judged whether it is associated with the hardware unique identification code. When the specific identification code is matched with the hardware unique identification code of the storage device, the security management application extracts the rights object from the hidden area of the storage device, and delivers the rights object to a security management application of the playback device for performing Play. It is noted that in some embodiments, the rights object can be encrypted. A digital content and rights object management method according to an embodiment of the present invention. First, a content is managed by a number of rights, thereby obtaining a digital rights management content and a rights object. The hardware object and a hardware unique identification code of a storage device are stored in a hidden area of the storage device. The digital rights management content is stored in a public area of the storage device or a specific file directory of one of the playback devices. A security management application, an authentication module, and an encryption and decryption algorithm are stored in the public area of the storage device. It is noted that in some embodiments, the entitlement object may be encrypted according to the hardware unique identification code of the storage device, and the encrypted entitlement

Patent 10/9034-A41912-TW/Draft-Final 6 201224831 = : = ΐ In the hidden area of this storage device. - number μ code; yes: = hidden ‘ special = :.::::::: Τ object delivery ===:= object, line play. As mentioned above, when, the main style, to enter

The object is delivered to the security management of the playback device 2; the =::: or the independent encryption and decryption algorithm will be described as the above method of the present invention. The above objects, features and advantages of the present invention will become more apparent from the following description of the invention. The details are as follows. [Embodiment] Fig. 1 shows a digital content and rights management system according to an embodiment of the present invention. The digital content and rights management system in accordance with an embodiment of the present invention includes a storage device 1000 and an electronic device 2000. The storage device 10 can be a flash memory device, such as an SD (Secure Digita) card, or a USB (Universal Serial Bus) disk β storage device 1000 including at least one public area 1100 and A hidden area 1200. Note that the public area 11 can be accessed by the general consumer. The general consumer can read/write the data in the public area 1100 at will. The hidden area 1200 is not accessible to the average consumer. General consumers can't

Patent 10/9034-A41912-TW/Draft-F inal 201224831 reads and displays the data in the hidden area 1200 through the card reader. The storage device 1000 has a hardware unique identification code 1300. It is noted that in some embodiments the storage device 1 can include a semiconductor component such as a memory or microcontroller. The hardware unique identification code 13: may be a hardware serial number generated for the semiconductor component at the time of production, or a virtual serial number established by the firmware/software to the semiconductor component. The electronic device 2 can be a processor-based electronic device such as a computer or a portable device such as an Mp3 player, an MP4 player, a personal digital assistant (PDA), a global positioning device, or a mobile phone. When the storage device 1000 is coupled to the electronic device 2, the electronic device 2_ can execute the related application and module in the storage device 1_. Figure 2 shows a storage device in accordance with an embodiment of the present invention. The storage device 1 can be a flash memory device such as an SD card or a USB disk. The storage device surface includes at least a public area measurement and a hidden area 12 〇〇. The public area drawing may include a digital rights management content lio, a security management application 112, an authentication module (1), and a encryption/decryption algorithm 114. It is worth noting that the digital rights management = capacity 111G can be stored in the storage device or in a specific directory of the playback device. It is noted that the authentication module 113G and the encryption and decryption calculations are part of the internal management application 1120 or the process 4 digital rights management content 111G of the system - through the digital rights management, and then the inner valley. The hidden area employs at least the rights object 1210, the key 1230, and the specific identification code of the corresponding digital rights management ML cylinder can be implemented in the content, thereby obtaining the digital right Lv Valley 1110, such as open Action Alliance A,

Patent lO/POS^^^-TW/Draft-Final 201224831

Alliance) The .dcf file in the digital rights management and the rights object (Fantasy Object) 1210. When the authentication module 1130 is executed, the hardware unique identification code 1300 stored for 1 将 will be read and compared with the specific identification code 12. When the hardware unique identification code 1300 matches the specific identification code 122, the digital rights management content 1110 is allowed to be accessed. For example, it can be read by one of the security management applications of one of the playback devices of the electronic device 2000. It should be noted that in some embodiments, the storage device (8) can include a semiconductor component such as a memory or a microprocessor. The hardware unique identification code 1300 may be a hardware serial number that is generated for the semiconductor component at the time of production, or a ring number assigned to the semiconductor component by the firmware/software. The security management application 1120 can be read and executed by an electronic device (not shown). When the security management application 112 executes, the security management application 112G can take the rights object 121 from the hidden area #| and deliver the security object 1210 to the security management application of the playback device (not shown) for playback. The playback device has a security management application for executing the rights management device to receive the rights object coffee, and accessing the associated digital rights: Rinetu 1110' and playing the digital rights management according to the rights object 121G In the example, the rights 21 can be encrypted. The rights component 1210 can be used by the security service application 112 or the encryption and decryption algorithm 1140 to enter the light encryption according to the key derived from the storage device 1's cup d-only identification code 1300. And the encrypted right is stored in the hidden area of the storage device surface_. When the security management ^ j hemp is encrypted and the right object (2) g, the application of the private 1120 or this encryption and decryption, the palace, the soil P__-A41912-TW/DrafrFinal, the different method 114〇 will be the right 201224831 1210 performs decryption and delivers the rights object 1210 to the security management application of the playback device. Additionally, it is noted that in some embodiments, the electronic device 2 has a rights 〇bject pool (not shown) for storing rights to the respective individual digital rights management content. In some embodiments, the security management application in the playback device of the electronic device 2000 may first attempt to access the digital rights management content 1110 and check whether the rights object in the rights object area already has the corresponding digital rights management content 1110. When the rights of the corresponding digital rights management content 111 are already present in the rights object area, the electronic device 2000 can execute the playback device to play the digital rights management content 111 according to the corresponding rights object in the rights object area. When the rights object of the corresponding digital rights management content does not exist in the rights object area, the security management application of the playback device can transmit a signal to the security management application 1120 of the storage device 1000. The security management application 1120 retrieves the rights object 121 of the corresponding digital rights management content 1110 from the hidden area 12 of the storage device 1 and delivers the rights 12 〇 of the corresponding digital rights management content 1110 to the playback device. Security management application. Figure 3 shows a digital content and rights object administrative method in accordance with an embodiment of the present invention. In this embodiment, a storage device having digital rights management content can be generated. In the step S3100', a digital rights management is performed to a content, thereby obtaining the digital rights management content 1110 and a rights object 121. It is worth noting that digital rights management can vary according to different needs and applications. For example, step S3200' rights object 1210, gold input 1230, and storage skirt 1 〇〇〇

Patent 10/9034-A41912-TW/Draft-Final 201224831 The hardware-only meteorite horse is stored in this storage fruit 1200. The object is _ the hard body only two: 藏: domain device means that the hidden area is deleted into a specific ^ ^ = stored to store in some embodiments t from the π identification code 122G. Similarly, such as memory or micro-processing 从 from the inclusion of semiconductor components, the production of 1300 can be given to the semiconductor component =; more = or _ soft body

The rights object 1210 can be based on the storage device! The hardware of _ is uniquely identified by the derivation key for encryption' and the encrypted entitlement deletion is stored in the hidden area of the storage device. In step S3300, the digital rights management content (10) is stored in the public_1100 of the storage device 1_ or a specific file/directory of a playback device. In step S3400, the security management application 112, an authentication module 1130, and the encryption/decryption algorithm n4G are stored in the public area mo of the storage device. Similarly, the authentication module U3G and the encryption/decryption algorithm 1140 may be a part of the security management application 112 or a separate program. When the certificate module 1130 is executed, the hardware unique identification code 13 of the storage device 1000 storing the digital rights management content 1110 is read, and the specific identification code already stored in the hidden area 12 of the storage device 1000 is read. 1220 for comparison. When the hardware unique identification code 13 is matched with the particular identification code 122 that has been stored in the hidden area 1200 of the storage device 1000, the rights object 1210 in the hidden area 1200 will be allowed to be retrieved by the security management application 1120. When the security management application 112 executes, the rights object 1210 is retrieved from the hidden area 1200 and delivered to the phase.

Patent 10/9034-A41912-TW/Draft-Final 201224831 The security management application of the playback device of the digital rights management content for playback. Figure 4 shows a digital content and rights object management method in accordance with another embodiment of the present invention. When the digital rights management content m〇 in the storage device 1000 is requested to be played, in step S4100, the authentication module 1130 is activated to read the hardware unique identification code 1300 of the storage device 1 and, as in step S42. It is determined whether the hardware unique identification code 1300 matches the specific identification code 1220 in the hidden area 1200 of the storage device 10A. Similarly, the storage device_ can include a semiconductor component such as a memory or a microprocessor. The hardware unique identification code 1300 may be a hardware serial number generated for the semiconductor component at the time of production, or may be established by the firmware/software. When the hard Zhao Wei-ID code and the specific axis == (No in step S4200), the flow ends. When the hardware unique identification code is matched with the specific identification code 1220 (YES in step S4200), the security management application 112 is activated to be captured by the hidden area 1200 of the storage device 1 as in step S43A. Rights object 1210. In step S4400, the security management should use the program 1120 to deliver the rights object 121 to the security management application of a playback device. On the step s side, the playback apparatus executes the security management application and executes the digital rights management content 111G according to the rights object i2i. Similarly, when the rights object 121 is encrypted, the security management application 112 or the encryption/decryption algorithm ιι4 can read the calculated derived key of the hardware unique identification code 13 of the storage device 1000 and according to this The key decrypts the encrypted entitlement object (10). Note that as previously mentioned, in some embodiments, the electronic device 2_

Patent 10/9034-A41912-TW/Draft-FinaI 12 201224831 Z , rights object area (rights 〇bject ρ〇〇ι) (not shown), which is used to store the rights of a digital rights management content. In one embodiment, the security management application of the device can be: Controlled by: Content (1). . The security management application of the playback device; = the county in the right object area; ^a ^ mad eight" to check the trend of the object, there is already a corresponding number of rights management content 1110, the size of the 1110 ° / _ object area already exists When the digital rights manage the internal rights objects, the security management application of the playback device, and the corresponding rights objects in the rights object area play the digital rights; the second two rights rights area does not have the corresponding digital rights management content delivery-letter The security device of the playback device can be transmitted 1120: Storage: Full Management Application 1120. The security management application manages the content-recognized hidden area 12GG#M to take the corresponding digital rights 22nd right object 1210' and delivers the corresponding digital rights management inner rights object 121〇 to the electronic device 2000. Therefore, the digital content and the rights management object rights management content of the present case are stored in the storage device, and the right object management device is stored in the hidden area of the storage device according to the hardware-only identification code of the storage device. The right in this case: and: a mechanism can be provided for digital rights management. Right

The hardware unique identification code of the Si:= device can be used for authentication first: the specific identification code recorded in the matching care field is used by the playback device as the hardware-only identification code of the storage device. In order to judge whether it can successfully encrypt and encrypt it, the disadvantages of the conventional content management system and method are reduced. The method of the present invention, or a specific type or part thereof, may be present in the form of Patent 10/9034-A41912-TW/Drafi-Fina and Shima 201224831. The code may be included in a physical medium such as a floppy disk, a CD, a hard disk, or any other machine readable (eg computer readable storage medium) or a computer program product of an external form, wherein go with. Although the program code is loaded and executed by a machine such as a computer, the machine becomes a spring for the spring and the present invention. The code can also be transmitted through some transmission medium, such as electric cable or cable, optical fiber, or any transmission type. Straight, too y, although the code is received, loaded and executed by the machine, such as a computer, the machine It becomes a device for participating in the present invention. When implemented in a general purpose processing unit. The code combination processing unit provides a unique device that operates similar to application specific logic. Although the present invention has been disclosed in the above preferred embodiments, it is not intended to limit the present invention, and any one skilled in the art can make some changes and refinements without diminishing the scope of the present invention. The scope of the invention is defined by the scope of the appended claims. BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is a schematic diagram showing a digital content and rights object management system in accordance with an embodiment of the present invention. Figure 2 is a schematic diagram showing the storage according to an embodiment of the present invention. Figure 3 is a flow chart showing a digital content and rights object management method in accordance with an embodiment of the present invention. Figure 4 is a flow chart showing a digital content and rights object management method in accordance with another embodiment of the present invention. [Main component symbol description]

Patent 10/9034-A41912-TW/Draft-Final 201224831 1000~ storage device; 1100~ public area; 1110~digit rights management content; 1120~ security management application; 1130~ authentication module; 1140~ encryption and decryption algorithm; 1200 ~ hidden area; 1210 ~ rights object; 1220 ~ specific identification code; 1230 ~ key; 1300 ~ hardware unique identification code; 2000 ~ electronic device; S3100, S3200, S33O0, S3400 ~ steps; S4100, S4200, S4300, S4400, S4500 ~ steps.

Patent 10/9034-A41912-TW/Draft-Final 15

Claims (1)

201224831 VII. Patent application scope: 1. A digital content and rights object management system, comprising: a storage device, comprising: a hardware unique identification code; a public area, including a security management application, an authentication module, and a An encryption and decryption algorithm; and a hidden area, including a rights object, a gold record, and a specific identification code, wherein the authentication module reads the specific identification code from the hidden area and determines whether the specific identification code and the storage The hardware unique identification code of the device is matched, and when the specific identification code matches the hardware unique identification code of the storage device, the security management application retrieves the rights object from the hidden area of the storage device, and The rights object is delivered to a security management application of a playback device for playback. 2. The digital content and rights management system of claim 1, wherein the electronic device executes the authentication module and the security management application when the storage device is coupled to an electronic device. 3. The digital content and rights object management system of claim 1, wherein the storage device comprises a semiconductor component, and the hardware unique identification code is generated during production to a hard serial number of the semiconductor component. Or a virtual serial number created by the firmware/software to the semiconductor component. 4. The digital content and rights object management system of claim 3, wherein the semiconductor component comprises a body of the storage device or a microprocessor. 5. A digital content and rights object management method comprising the following steps: Patent 10/9034-A41912-TW/Draft-Final 16 201224831 provides a storage device, wherein the storage device includes at least one hardware unique identification code, a disclosure An area and a hidden area, the public area includes at least a security management application, an authentication module, and an encryption and decryption algorithm, the hidden area including at least one rights object, a key, and a specific identification code; The group reads the specific identification code from the hidden area, and determines whether the specific identification code matches the hardware unique identification code of the storage device; and the hardware unique identification code of the specific identification code and the storage device When matched, the security management application retrieves the rights object from the hidden area of the storage device and delivers the rights object to a security management application of a playback device for playback. 6. The digital content and rights management method of claim 5, wherein when the storage device is coupled to an electronic device, the electronic device executes the authentication module and the security management application. 7. The digital content and rights object management method according to claim 5, wherein the storage device comprises a semiconductor component, and the hardware unique identification code is generated at the time of production to a hard serial number of the semiconductor component. Or a virtual serial number created by the firmware/software to the semiconductor component. 8. The digital content and rights management method of claim 7, wherein the semiconductor component comprises a body of the storage device or a microprocessor. 9. The method for managing digital content and rights according to claim 5, further comprising reading the hardware unique identification code of the storage device, and using the security management application or the encryption and decryption algorithm. The hardware unique identification code encrypts the rights object. Patent 10/9034-A41912-TW/Draft-Final 17 201224831 Management content and a rights object; 10. A digital content and rights object management method, comprising the following steps: Implementing a digital rights management in a content, thereby obtaining - digital ^ Huo meat order such as ... J stores the right object in a hidden area of a storage device; stores a hardware unique identification code of the storage device into the hidden area of the storage device; The rights management content is in a public area of the storage device or a specific directory of a playback device; and a security management application, an authentication module, and an encryption/decryption algorithm are stored in the public area of the storage device The authentication module reads the specific identification code from the hidden area and determines whether the specific identification code matches the hardware unique identification code of the storage device, and when the digital rights management content is required to be accessed, and When the specific identification code matches the hardware unique identification code of the storage device, the security management application is hidden by the storage device The possession retrieves the rights object and delivers the rights object to a security management application of a playback device for playback. 11. The digital content and rights object management method of claim 10, wherein the storage device comprises a semiconductor component, and the hardware unique identification code is generated at the time of production - the hardware The serial number, or a virtual serial number established by the firmware/software to the semiconductor component. 12. The digital content and rights management method of claim 306, wherein the semiconductor component comprises a body of the storage device or a microprocessor. 13. Digital content and rights as described in Section 1 of the patent application. Patent 10/9034-A41912-TW/Draft-Final 201224831 The component management method further includes encrypting the rights object according to the hardware unique identification code, and storing the encrypted rights object in the hidden area of the storage device. Patent 10/9034-A41912-TW/Draft-Final 19