US20110119494A1 - Method and apparatus for sharing licenses between secure removable media - Google Patents
Method and apparatus for sharing licenses between secure removable media Download PDFInfo
- Publication number
- US20110119494A1 US20110119494A1 US12/982,350 US98235010A US2011119494A1 US 20110119494 A1 US20110119494 A1 US 20110119494A1 US 98235010 A US98235010 A US 98235010A US 2011119494 A1 US2011119494 A1 US 2011119494A1
- Authority
- US
- United States
- Prior art keywords
- srm
- license
- drm agent
- rights
- agent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 94
- 230000008569 process Effects 0.000 claims description 35
- 230000004044 response Effects 0.000 claims description 32
- 238000012217 deletion Methods 0.000 claims description 6
- 230000037430 deletion Effects 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 6
- 230000000977 initiatory effect Effects 0.000 claims 4
- 101100339481 Cochliobolus miyabeanus HOG1 gene Proteins 0.000 abstract description 93
- 101150009928 SRM1 gene Proteins 0.000 abstract description 93
- 238000002553 single reaction monitoring Methods 0.000 abstract description 42
- 238000013426 sirius red morphometry Methods 0.000 abstract description 42
- 230000000875 corresponding effect Effects 0.000 description 12
- 230000002596 correlated effect Effects 0.000 description 6
- 238000009434 installation Methods 0.000 description 6
- 238000012790 confirmation Methods 0.000 description 5
- 238000012795 verification Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 101000759879 Homo sapiens Tetraspanin-10 Proteins 0.000 description 2
- 102100024990 Tetraspanin-10 Human genes 0.000 description 2
- 230000001276 controlling effect Effects 0.000 description 2
- 230000002950 deficient Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/107—License processing; Key processing
- G06F21/1079—Return
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/101—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
Definitions
- the present invention relates to Digital Rights Management (DRM) technologies, and in particular, to a method and an apparatus for sharing licenses between Secure Removable Media (SRM).
- DRM Digital Rights Management
- the DRM manages use of digital contents through a content protection and rights control solution.
- a typical DRM solution includes: A Content Issuer (CI) uses a Content Encryption Key (CEK) to encrypt digital contents and encapsulate them into a DRM Content Format (DCF), distributes them to the devices, and sends the content identifier of the digital contents and the corresponding CEK to the Rights Issuer (RI).
- the RI generates a license corresponding to the digital contents, and sends the license to a DRM agent in the device.
- the license includes the CEK, and the rights and limitations of using the contents.
- the rights include execution, playing, and moving; and the limitations include use count, accumulated time, and validity period.
- the DRM agent After obtaining the DCF and the license, the DRM agent obtains the CEK through decryption, obtains the contents through decryption, and uses the digital contents according to the rights specified in the license.
- the SRM is a kind of removable medium that protects internal data against unauthorized access. With the SRM storing and moving the DCF and the license, the storage space is expanded, and the license is movable.
- the subscriber expects to present the license to others or replace the SRM, which involves moving or copying of the license from one SRM to another SRM.
- the popularization of multi-card-in-one-phone subscribers have more requirements of sharing licenses between SRM cards.
- the SRM standard of the Open Mobile Alliance gives protocols for moving a license from a device to an SRM, and moving a license from an SRM to a device.
- the SRM agent is an entity for performing DRM-related functions in the SRM.
- the prior art provides a solution to moving a license from a DRM agent to an SRM, and a solution to moving a license from an SRM to a DRM agent.
- the sharing rights are deducted after every moving operation. If a license needs to be moved from SRM 1 to SRM 2 , the license needs to be moved from SRM 1 to the DRM agent first, and then from the DRM agent to SRM 2 , which involves at least two deductions of the sharing rights.
- the inventor finds that the moving of a license in the prior art involves multiple deductions of rights, which is a waste of rights to the subscriber.
- the embodiments of the present invention provide a method and an apparatus for sharing a license between SRMs to overcome unnecessary consumption of sharing rights.
- a method for sharing a license between SRMs includes:
- a method for sharing a license includes:
- a DRM agent triggering, by a DRM agent, a first SRM and a second SRM to negotiate a shared key
- a method for sharing a license includes:
- a method for sharing a license includes:
- An apparatus for sharing a license includes:
- an obtaining unit configured to obtain the license from a first SRM
- a forwarding setting unit configured to set the obtained license to a forwarding state
- a sending unit configured to send the obtained license to a second SRM
- a controlling unit configured to deduct one right of sharing the license.
- An apparatus for sharing a license includes:
- an SRM interacting unit configured to trigger a first SRM and a second SRM to perform key negotiation
- a forwarding unit configured to forward the license of the first SRM to the second SRM.
- An apparatus for sharing a license between a first SRM and a second SRM is located in the first SRM, and includes:
- a key negotiating unit configured to perform key negotiation with the second SRM
- a processing unit configured to encrypt partial information or complete information of the license by using a shared key negotiated with the second SRM;
- a sending unit configured to send the license to the second SRM.
- An apparatus for sharing a license is located in a second SRM and includes:
- a key negotiating unit configured to perform key negotiation with a first SRM
- a receiving unit configured to receive the license sent by the first SRM
- a rights deducting unit configured to deduct one operation right after the receiving unit receives a correct license.
- An apparatus for sharing a license includes:
- an obtaining unit configured to obtain the license of a first SRM from a first DRM agent
- a sending unit configured to: send the license to a second DRM agent, and submit the license to a second SRM through the second DRM agent.
- An apparatus for sharing a license includes:
- a determining unit configured to determine whether a first SRM and a second SRM belong to the same subscriber
- an obtaining unit configured to obtain the license from the first SRM if the determining unit determines that the first SRM and the second SRM belong to the same subscriber;
- an executing unit configured to send the license to the second SRM.
- the license forwarded by the DRM agent is set to the forwarding state, and only one moving right needs to be deducted, and therefore, the consumption of the moving rights is reduced and the subscriber's rights are protected.
- the rights in SRM 1 are deleted only if SRM 2 determines that it is capable of installing the rights.
- the DRM agent can recover the original rights on SRM 1 easily by recovering the available state of the rights.
- a Secure Authenticated Channel (SAC) is set between SRM 1 and SRM 2 , the SAC moves the license, and a DRM agent is responsible only for forwarding the license. Because the forwarded rights are encrypted through the key negotiated between SRM 1 and SRM 2 , the DRM agent is unable to execute operations for the rights. Therefore, the security of the rights is improved.
- SAC Secure Authenticated Channel
- the fourth embodiment is also applicable to sharing of the license between SRMs of the same subscriber.
- a license is shared between the SRMs that belong to the same subscriber.
- the DRM agent queries the RI about the subscriber to whom the request is received.
- the DRM agent may need to query another entity such as subscriber manage server about the subscriber to whom the SRM belongs. Alternatively, the DRM agent queries the entity that manages the relations between the SRM and the subscriber (such as subscriber manage server) directly about the subscriber to whom the SRM belongs. In this case, because the license is shared between the SRMs that belong to the same subscriber, no sharing rights need to be deducted, and the subscriber's resources are saved.
- FIG. 1 is a flowchart of a method for sharing a license between SRMs according to the first embodiment of the present invention
- FIG. 2 is a flowchart of a method for sharing a license between SRMs according to the second embodiment of the present invention
- FIG. 3 is a flowchart of a method for sharing a license between SRMs according to the third embodiment of the present invention.
- FIG. 4 is a flowchart of negotiating a shared key between SRMs shown in FIG. 3 according to an embodiment of the present invention
- FIG. 5 is a flowchart of a method for sharing a license between SRMs according to the fourth embodiment of the present invention.
- FIG. 6 is a flowchart of a method for sharing a license between SRMs of the same subscriber according to the fifth embodiment of the present invention.
- FIG. 7 is a flowchart of a method for sharing a license between SRMs of the same subscriber according to the sixth embodiment of the present invention.
- FIG. 8 shows a structure of a first apparatus on a DRM agent according to an embodiment of the present invention
- FIG. 9 shows a structure of a second apparatus on a DRM agent according to an embodiment of the present invention.
- FIG. 10 shows a structure of a third apparatus on a first SRM according to an embodiment of the present invention
- FIG. 11 shows a structure of a fourth apparatus on a second SRM according to an embodiment of the present invention.
- FIG. 12 shows a structure of a fifth apparatus on an RI or subscriber manager according to an embodiment of the present invention.
- FIG. 13 shows a structure of a sixth apparatus on a DRM agent according to an embodiment of the present invention.
- the embodiments of the present invention provide a solution to sharing a license between SRMs. Only one sharing right is consumed when the license in SRM 1 is shared with SRM 2 through a DRM agent or RI.
- the license sharing mentioned above includes moving and copying of the license.
- the following method embodiments primarily take the moving operation as an example.
- the method in the first embodiment and the method in the second embodiment include the following steps:
- a DRM agent obtains the license from a first SRM, and sets the license to a forwarding state locally;
- the DRM agent deducts one right of sharing the license
- the DRM agent sends the license to a second SRM.
- Sharing of a license refers to copying or moving of the license, and sharing of rights refers to copying or moving of the rights.
- the DRM agent triggers the first SRM to delete the license.
- the first embodiment differs from the second embodiment in the time of performing the steps.
- the DRM agent triggers the first SRM to delete the license after the DRM agent sets the obtained license to a forwarding state; in the second embodiment, the DRM agent triggers the first SRM to delete the license after the DRM agent determines that the license is received by the second SRM.
- FIG. 1 is a flowchart of a method for sharing a license between SRM 1 and SRM 2 in the first embodiment of the present invention. The method includes the following steps:
- S 101 The DRM agent and SRM agent 1 authenticate each other, and a Secure Authenticated Channel (SAC) is set up between them.
- SAC Secure Authenticated Channel
- the license is exchanged between DRM agent and SRM agent 1 , and is checked for validity.
- a random number is exchanged between them, and a communication key is generated according to the random number.
- the communication keys include an encryption key and an integrity protection key.
- S 102 -S 103 The DRM agent initiates a process of moving the rights on SRM 1 to SRM 2 directly. This operation may be triggered by interaction between the subscriber and the DRM agent. The DRM agent obtains the rights information and the REK from SRM 1 , which is covered in the prior art.
- the DRM agent authenticates the rights information and the moving rights, and deducts the moving rights after the authentication succeeds, which is covered in the prior art.
- the deduction of the moving rights may be: deducting one from the remaining moving rights in the state information corresponding to the rights, or adding one to the consumed moving rights in the state information corresponding to the rights.
- S 105 - 106 The DRM agent instructs SRM agent 1 to delete the rights, which is covered in the prior art.
- S 107 -S 108 The DRM agent checks whether SRM 2 has enough space for installing the rights, which is covered in the prior art.
- S 107 Before S 107 , the DRM agent and SRM agent 2 authenticate each other, and a SAC is set up between them. This step is S 107 a in FIG. 1 . If the DRM agent can interact with two SRM agents simultaneously, S 107 a may occur at any time before S 107 .
- the DRM agent may be disconnected from SRM 1 first, and then get connected with SRM 2 to perform subsequent steps.
- the subscriber may operate the device to trigger the implementation of the subsequent steps.
- the rights may be saved as a file of a special format in the device.
- the subscriber browses and determines that the rights are in the forwarding state, and chooses to move the file to another SRM to complete the forwarding.
- the device indicates the rights information to the subscriber, and the subscriber chooses whether to continue with the moving.
- the device performs the operation automatically according to the identifier of the destination device correlated with the rights. For example, when getting connected to SRM 2 , the device searches for local rights which are in the forwarding state and correlated with SRM 2 as a destination device, and performs the steps after S 107 automatically.
- S 109 -S 110 The DRM agent sends a rights installation request message to SRM agent 2 .
- the rights installation request message carries a handle, a REK, a list of hash values of the content identifier, and rights information.
- SRM 2 installs the rights and returns a response, without deducting the moving rights for a second time. Therefore, the number of times of deducting the moving rights is reduced.
- the moving rights are not deducted in S 104 , but are deducted on the device after the rights are installed onto SRM 2 .
- the device may retain the record of the source SRM that forwards the rights, namely, record of SRM 1 .
- the process of installing the rights onto SRM 2 fails, for example, due to deficient space of SRM 2 , the rights can be recovered to SRM 1 , and the subscriber's rights are protected.
- the first embodiment deals with the license sharing method by taking license moving as an example.
- license sharing still includes license copying.
- the process of copying a license in SRM 1 to SRM 2 is similar to FIG. 1 , but differs in that the copying rights are consumed in the copying process:
- the DRM agent deducts one right of copying the license on SRM 1 , and the license sent by the DRM agent to SRM 2 does not include copying right.
- the DRM agent deducts one right of copying the license sent to SRM 2 , and deducts all rights of copying the license on SRM 1 .
- SRM 1 does not need to delete the license.
- one sharing right is deducted when the license moves from SRM 1 to the device, and the other sharing right is deducted when the license moves from the device to SRM 2 .
- the rights forwarded by the DRM agent are set to the forwarding state, and only one moving right needs to be deducted, and therefore, the consumption of the moving rights is reduced and the subscriber's rights are protected.
- Described below is a second embodiment of the method for sharing a license between SRMs.
- the process of the second embodiment includes the following steps:
- S 201 The DRM agent, SRM agent 1 , and SRM agent 2 authenticate each other, and a SAC is set up between them.
- the mutual authentication between the DRM agent and SRM agent 2 may occur at any time before S 205 .
- S 202 -S 203 The DRM agent initiates a process of moving the rights on SRM 1 to SRM 2 directly. This operation may be triggered by interaction between the subscriber and the DRM agent.
- the DRM agent obtains the rights information and the REK from SRM 1 .
- the DRM agent authenticates the rights information and the moving rights, and deducts the moving rights after the authentication succeeds.
- the operation of deducting the moving rights may be performed after S 206 .
- S 205 -S 206 The DRM agent checks whether SRM 2 has enough space for installing the rights.
- S 207 -S 208 The DRM agent sends a rights installation request message to SRM agent 2 .
- the rights installation request message carries a handle, a REK, a list of hash values of the content identifier, and rights information.
- SRM 2 installs the rights and returns a response. If SRM 2 installs the rights successfully, the DRM agent deletes the local rights.
- S 209 -S 210 may occur after S 206 .
- the DRM agent may cancel the moving operation, and recover the original rights on SRM 1 . If the DRM agent is disconnected from an SRM, the DRM agent may keep a disconnection log.
- the disconnection log includes: operation type, current state, license identifier, SRM 1 identifier, handle 1 on SRM 1 corresponding to the license, SRM 2 identifier, and handle 2 on SRM 2 corresponding to the license on SRM 2 .
- the license is recovered according to the information in the disconnection log: The DRM agent continues sending the license to SRM 2 to complete the operation; or cancels the operation and recovers the license to SRM 1 .
- the DRM agent may submit the public key or license of SRM 2 to SRM agent 1 .
- SRM agent 1 uses the public key of SRM 2 to encrypt the REK, and transmits the REK to SRM 2 through the DRM agent.
- the second embodiment differs from the first embodiment in that:
- the rights in SRM 1 are deleted only if SRM 2 determines that it is capable of installing the rights.
- the DRM agent can recover the original rights on SRM 1 easily by recovering the available state of the rights.
- Described below is a third embodiment of the method for sharing a license between SRMs.
- a SAC is set up between SRM 1 and SRM 2 , and the license is shared through a SAC key.
- the third embodiment still takes license moving as an example, and the scenario of copying a license is similar.
- the third embodiment includes the following steps:
- a DRM agent triggers a first SRM and a second SRM to negotiate a shared key
- the first SRM encrypts partial or complete information of the license by using the shared key
- the first SRM sends the license to the second SRM.
- the third embodiment is elaborated below with reference to FIG. 3 .
- the process of the third embodiment includes the following steps:
- S 301 The DRM agent, SRM agent 1 , and SRM agent 2 exchange the supported trust anchor with each other.
- the DRM agent triggers authentication of SRM agent 1 and SRM agent 2 .
- the authentication trigger message carries the selected trust anchor.
- the DRM agent may select the trust anchor according to the rights to be moved.
- the authentication trigger message may further carry an SRM 2 identifier. To trigger this step, the subscriber may choose to move the rights between the two SRMs.
- S 303 SRM agent 1 sends an authentication request to SRM agent 2 .
- the authentication request carries a trust anchor, an SRM 1 certificate chain, and the algorithm supported by SRM agent 1 . If direct communication is enabled between SRM agent 1 and SRM agent 2 , the message does not need to pass through the DRM agent; otherwise, all messages need to be forwarded by the DRM agent.
- S 304 SRM agent 2 returns an authentication response to SRM agent 1 .
- the authentication response carries an SRM agent 2 certificate chain, the algorithm selected by SRM 2 , and random number 1 (RN 1 ) for generating a key.
- RN 1 needs to be transmitted after being encrypted through a public key of SRM 2 .
- S 305 SRM agent 1 sends a key exchange request to SRM agent 2 .
- the key exchange request carries random number 2 (RN 2 ) for generating a key.
- RN 2 needs to be transmitted after being encrypted through a public key of SRM 1 .
- S 306 SRM agent 2 returns a key exchange response to SRM agent 1 .
- the key exchange response may carry the hash value of the connection value of RN 1 and RN 2 for confirming the random number.
- SRM 1 and SRM 2 have obtained RN 1 and RN 2 , and use RN 1 and RN 2 respectively to generate a session key and a Media Access Control (MAC) key.
- MAC Media Access Control
- the DRM agent triggers SRM agent 1 to move rights to SRM 2 .
- the moving trigger message may carry a handle or a license identifier on the SRM 1 , wherein the handle or license identifier on the SRM 1 corresponds to the right.
- S 308 SRM agent 1 sends an initial moving request to SRM agent 2 .
- the initial moving request carries size of the rights, and optionally, carries a handle on the SRM 2 corresponding to the rights.
- SRM agent 2 checks whether enough space is available for installing the rights locally. If a handle is sent by SRM agent 1 in S 508 , SRM agent 2 needs to check whether the handle sent by SRM agent 1 is a duplicate of the handle on SRM 2 , and add the check result into an initial moving response returned to SRM agent 1 . If no handle is sent by SRM agent 1 in S 308 , SRM agent 2 may generate a handle automatically which is different from other handles existent locally, and may return the generated handle through the initial moving response.
- S 310 SRM agent 1 sends a moving request to SRM agent 2 .
- the moving request carries rights information, a REK, and a content identifier correlated to the rights. If SRM agent 1 knows the handle correlated with the rights on SRM 2 , this handle may be carried in the moving request.
- S 311 SRM agent 2 authenticates the rights information, deducts the moving rights after the authentication succeeds, and stores the rights into SRM 2 .
- SRM agent 1 may check and deduct the moving rights before S 310 .
- SRM agent 2 does not need to deduct the moving rights in step S 311 .
- the third embodiment differs from the first embodiment and the second embodiment in that: A SAC is set between SRM 1 and SRM 2 ; the license is moved through the SAC; and a DRM agent is responsible only for forwarding the license. Because the forwarded rights are encrypted through the key negotiated between SRM 1 and SRM 2 , the DRM agent is unable to execute operations for the rights. Therefore, the security of the rights is improved.
- the DRM agent may authenticate the rights instead and deduct the moving rights. This operation may be performed in S 310 , and the prerequisite is that SRM agent 1 or SRM agent 2 notifies the MAC key to the DRM agent.
- S 301 -S 306 in FIG. 3 is a process of negotiating the shared key between two SRMs. This process is put forward in an embodiment of the present invention, and is outlined below:
- the DRM agent initiates an authentication process to the SRM 1 and obtains the first SRM certificate chain;
- the DRM agent initiates an authentication process to the SRM 2 , sends the obtained first SRM certificate chain to the second SRM, and obtains the second SRM certificate chain and a second random number from the SRM 2 , where the second random number is encrypted through the first SRM public key;
- the DRM agent initiates a key exchange process to the SRM 1 , sends the second SRM certificate chain and the second random number encrypted through the first SRM public key to the SRM 1 , and obtains the first random number encrypted through the second SRM public key from the SRM 1 ;
- the DRM agent initiates a key exchange process to the SRM 2 , and sends the first random number encrypted through the second SRM public key to the SRM 2 ;
- the SRM land the SRM 2 use the first random number and the second random number to determine a shared key.
- This process may occur together with the process of negotiating the shared key between the DRM agent and the two SRMs. As shown in FIG. 4 , this process includes:
- the DRM agent sends an authentication request to SRM agent 1 .
- the authentication request carries the selected trust anchor and a device certificate chain corresponding to this trust anchor.
- the DRM agent may select the trust anchor according to the rights to be moved.
- S 403 SRM agent 1 returns an authentication response.
- the response message carries an SRM 1 certificate chain, and a random number (RNs1d) encrypted through a device public key.
- the DRM agent sends a three-party authentication request to SRM agent 2 .
- the three-party authentication request carries the selected trust anchor, a device certificate chain corresponding to this trust anchor, and an SRM 1 certificate chain.
- S 405 SRM agent 2 returns a three-party authentication response.
- the three-party authentication response carries an SRM 2 certificate chain, a random number (RNs2d) encrypted through a device public key, and a random number (RNs2s1) encrypted through an SRM 1 public key.
- the DRM agent sends a three-party key exchange request to SRM agent 1 .
- the three-party key exchange request carries an SRM 2 certificate chain, a random number (RNs2s1) encrypted through an SRM1 public key, and a random number (RNds1) encrypted through an SRM 1 public key (the random number may be encrypted through the SRM 1 public key after being connected with hash of RNs1d).
- S 407 SRM agent 1 returns a three-party key exchange response.
- the three-party key exchange response carries a random number (RN s1s2) encrypted through an SRM 2 public key (the random number may be encrypted through the SRM 2 public key after being connected with hash of RNs 2 s 1 ), and optionally carries the hash of the connection value of RNds1 and RNs1d.
- the DRM agent sends another three-party key exchange request to SRM agent 2 .
- the another three-party key exchange request carries a random number (RNs1s2) encrypted through an SRM 2 public key (the random number may be encrypted through the SRM 2 public key after being connected with hash of RNs2s1), and a random number (RNds2) encrypted through the SRM 2 public key (the random number may be encrypted through the SRM 2 public key after being connected with hash of RNs2d).
- S 409 SRM agent 2 returns another three-party key exchange response.
- the another three-party key exchange response may carry hash of the connection value of RN s1s2 and RNs2s1 and hash of the connection value of RNds2 and RNs2d.
- the random number submitted by the DRM agent to SRM agent 1 may be the same as the random number submitted by the DRM agent to SRM agent 2 . In this way, the three parties can use the shared random number to generate a three-party shared key.
- the DRM agent may use RNs 1 d provided by SRM agent 1 as RNds2, and submit it to SRM agent 2 ; and use RNs2d provided by SRM agent 2 as RNds1, and submit it to SRM agent 1 .
- RNds2 provided by SRM agent 2
- RNds1 RNds1
- the SRM agent and the DRM agent use the random number to generate a key, they are connected according to the order of RNd and RNs.
- they may be connected according to the transmission order for each pair of random numbers. That is, SRM agent 1 gets connected according to the order of RNs1d and RNds1, and SRM agent 2 gets connected according to the order of RNds2 and RNs2d.
- the key may be generated in other modes.
- SRM 1 confirms that SRM 2 has received the rights before deleting the rights on SRM 1 .
- the confirmation information of SRM 2 may be an installation information signature affixed with a private key (such as REK), or a result of encrypting the installation information by using a key shared by only SRM 1 and SRM 2 (REK); or SRM 1 submits confirmation information (such as random number) to SRM 2 , and this confirmation information may be transmitted after being encrypted through the public key of SRM 2 or the key shared by SRM 1 and SRM 2 .
- SRM 2 indicates to SRM 1 that the confirmation information is received.
- SRM 2 uses a private key to convert the signature or confirmation information in a certain way (such as hash operation or a simple operation of adding 1), and then uses a key shared by SRM 1 and SRM 2 to encrypt the converted result and returns it.
- Described below is a fourth embodiment of the method for sharing a license between SRMs.
- the rights are moved between two SRMs through the DRM agent.
- the two SRMs may be located in different places, and cannot be connected to the same DRM agent directly, and the rights need to be forwarded by more than one DRM agent.
- DRM agent 1 obtains the rights from SRM 1 , moves the rights to DRM agent 2 , and indicates to the DRM agent 2 that the rights are directed to SRM 2 .
- DRM agent 2 moves the rights to SRM 2 .
- the rights may be moved between two SRMs through an RI, as outlined below:
- the DRM agent 1 obtains a license from the SRM 1 and sends the license to the RI;
- the DRM agent 2 obtains the license from the RI, and sends the license to the SRM 2 .
- the process includes the following detailed steps:
- the RI sends a ROAP trigger ⁇ SRMROUpload ⁇ to DRM agent 1 , triggering the device to upload the license on the SRM.
- the ROAP trigger includes information such as RI identifier and RI URL, and includes a roRequested property of the Boolean type indicating whether the RI requires the SRM to report the rights to be uploaded. If the RI has buffered the delivered license, the value of the roRequested property is “false”; otherwise, the value of the roRequested property is “true”.
- the trigger includes an SRM 1 identifier and a license identifier. This step is optional. The subscriber may use a man-machine interface to operate the device to upload the license on SRM 1 , and the process starts from S 502 directly.
- DRM agent 1 sends a RightsUpload request message to SRM agent 1 .
- the RightsUpload request message carries a handle that identifies the rights, and a new handle for replacing handle that identifies the rights
- DRM agent 1 and SRM agent 1 need to authenticate each other, and a SAC is set up between them.
- S 503 SRM agent 1 judges whether the new handle is a duplicate of other local handles. If the new handle is not a duplicate, SRM agent 1 replaces the handle that identifies the rights with the new handle, and sets the rights to the unavailable state. SRM agent 1 returns a RightsUpload response message to DRM agent 1 . If the new handle is not a duplicate, the RightsUpload response message further carries the rights information, REK, Kmac, timestamp, and signature affixed by SRM agent 1 for ⁇ flag indicative of upload, REK, RI identifier, timestamp ⁇ .
- DRM agent 1 checks whether the RI signature in the rights information and the state information exceed the original rights.
- S 505 DRM agent 1 sends a SRMROUpload request message to the RI.
- the SRMROUpload request message not only carries public parameters such as identifier of device 1 , RI identifier, nonce, timestamp, and certificate chain of device 1 , but also carries upload information:
- DRM agent 1 needs to affix a signature to the parameters in the request message, and sends the request message that carries the signature to the RI.
- DRM agent 1 sends a RightsRemovalRequest message to SRM agent 1 .
- the message carries a handle that identifies the rights. This handle is the new handle in S 502 .
- S 508 SRM agent 1 deletes the rights corresponding to the handle in the RightsRemovalRequest message, and returns a RightsRemovalResponse message that carries the processing result to DRM agent 1 .
- the RI sends another ROAP trigger ⁇ SRMROAcquisition ⁇ to DRM agent 2 , triggering DRM agent 2 to help SRM 2 obtain the uploaded license.
- the another ROAP trigger includes these parameters: RI identifier, RI alias, RI URL, license identifier, license alias, content identifier, and an indication of whether the RI stores the certificate chain of device 2 and SRM 2 .
- DRM agent 2 and DRM agent 1 may be the same DRM agent. This step is optional.
- the subscriber may use a man-machine interface to operate the device to obtain the license in place of SRM 2 , and the process starts from S 510 directly.
- S 510 DRM agent 2 sends a request for obtaining the license to the RI.
- the request carries: device 2 identifier, RI identifier, nonce, timestamp, license identifier, SRM 2 identifier, certificate chain of device 2 , and certificate chain of SRM 2 . If the trigger indicates that the RI already stores the certificate chain of device 2 or SRM 2 , the certificate chain does not need to be carried in this request.
- DRM agent 2 and SRM agent 2 need to authenticate each other, and a SAC is set up between them.
- the RI returns a license response to DRM agent 2 .
- the response carries: device 2 identifier, RI identifier, nonce, protected license, and RI certificate chain (if the request from DRM agent 2 indicates that DRM agent 2 has stored the RI certificate chain, the RI certificate chain does not need to be carried in this license response).
- the license may be bound to SRM 2 , or bound to DRM agent 2 , but it is indicated that the licensed need be provided to SRM 2 .
- DRM agent 2 writes the license delivered by the RI into SRM 2 . If the license is bound to SRM 2 , DRM agent 2 may send the encrypted connection value of REK and Kmac to SRM agent 2 first, SRM agent 2 sends the connection value to Kmac, and uses the connection value to verify integrity of the license. DRM agent 2 writes the rights and the signature into SRM 2 . If the license is bound to DRM agent 2 , DRM agent 2 obtains the REK through decryption, and writes the REK together with the rights and the signature into SRM 2 .
- S 507 -S 508 may occur before, during, or after S 509 -S 512 .
- the first embodiment to the third embodiment involve consumption of only one moving right or copying right; in the fourth embodiment, because the RI provides the license for SRM 2 , no moving right or copying right needs to be consumed. Therefore, the fourth embodiment is also applicable to the scenario of sharing a license between SRMs of the same subscriber. If the sharing rights need to be consumed for sharing of the license between SRMs of the same subscriber, the subscriber incurs losses. Therefore, a solution to sharing a license between SRMs of the same subscriber without consuming sharing rights is provided in an embodiment of the present invention.
- the RI performs the verification according to the mapping relation between the locally stored SRM identifier and the subscriber identifier, or the RI queries another entity such as subscriber manager, or the RI performs the verification according to the information provided by the subscriber when the subscriber attempts to use the SRM (for example, password, and an answers to a question).
- the subscriber may upload multiple licenses to the RI at a single attempt, or install multiple licenses onto SRM 2 at a single attempt.
- This batch processing mode is especially applicable to the scenario that the subscriber replaces the SRM card.
- the DRM agent queries the RI about whether SRM 1 and SRM 2 belong to the same subscriber, and the rights are shared directly, without requiring the RI to re-generate the license.
- the method for sharing a license between SRMs of the same subscribers in an embodiment of the present invention includes:
- the DRM agent sends the license obtained from a first SRM to a second SRM after determining that the first SRM and the second SRM belong to the same subscriber.
- the fifth embodiment differs from the sixth embodiment in how the DRM agent queries the RI or the subscriber manager about whether the first SRM and the second SRM belong to the same subscriber.
- the DRM agent By sending a query message that carries the identifier of the SRM 1 to the RI or subscriber manage server, the DRM agent queries the subscriber to whom the SRM 1 belongs;
- the DRM agent queries the subscriber to whom the SRM 2 belongs; and the DRM agent checks whether the SRM 1 and the SRM 2 belong to the same subscriber.
- the process of the fifth embodiment includes the following steps:
- S 601 The DRM agent shares the rights on SRM 1 with SRM 2 of the same subscriber according to a subscriber request, and obtains rights information and a REK from SRMI. Before S 601 , the DRM agent and SRM agent 1 need to authenticate each other, and a SAC is set up between the DRM agent and SRM agent 1 .
- the DRM agent queries the RI about the subscriber to whom SRM 1 belongs.
- the query request carries an SRM 1 identifier, and the RI returns a response message that carries the subscriber identifier.
- the DRM agent checks whether the RI signature in the rights information and the state information exceed the original rights in the rights information, and installs the rights if they do not exceed the original rights. When installing the rights, the DRM agent identifies the unavailable state of the rights, and correlates the rights with the subscriber identifier returned by the RI in S 603 .
- S 606 -S 607 DRM agent shares the rights with SRM 2 . Because the rights are bound to the subscriber identifier, the DRM agent queries the RI about the subscriber to whom SRM 2 belongs. The query request carries an SRM 2 identifier, and the RI returns a response message that carries the subscriber identifier. Before S 606 , the DRM agent and SRM agent 2 need to authenticate each other, and a SAC is set up between them.
- S 608 The DRM agent checks whether the subscriber of SRM 2 is the same as the subscriber bound to the rights, namely, the same as the subscriber of SRM 1 . If the subscriber is the same, the DRM agent performs S 609 , or else rejects to share the rights with SRM 2 .
- S 609 The DRM agent installs the rights onto SRM 2 , as detailed in S 107 -S 110 in FIG. 1 .
- the DRM agent queries the subscriber of SRMI and the subscriber of SRM 2 respectively and compares the two subscribers; in the sixth embodiment, however, the DRM agent reports the identifier of SRM 1 and the identifier of SRM 2 to the RI, and the RI compares the two subscribers and returns a comparison result. In this case, the DRM agent does not need to understand details of the subscriber identifier.
- the DRM agent By sending a query message that carries the identifier of the SRM 1 and the identifier of the SRM 2 to the RI or subscriber manager, the DRM agent checks whether the first SRM and the second SRM belong to the same subscriber;
- the RI or subscriber manager returns a query response to the DRM agent, indicating whether the first SRM and the second SRM belong to the same subscriber.
- the process of the sixth embodiment includes the following steps:
- S 701 The DRM agent shares the rights on SRM 1 with another SRM of the same subscriber according to a subscriber request, and obtains rights information and a REK from SRM 1 , as detailed in S 102 -S 103 in FIG. 1 .
- the DRM agent and SRM agent 1 need to authenticate each other, and a SAC is set up between the DRM agent and SRM agent 1 .
- the DRM agent checks whether the RI signature in the rights information and the state information exceed the original rights in the rights information, and installs the rights if they do not exceed the original rights. When installing the rights, the DRM agent identifies the unavailable state of the rights, and correlates the rights with the subscriber of SRM 1 .
- S 704 -S 705 DRM agent shares the rights with SRM 2 . Because the rights are bound to the subscriber of SRM 1 , the DRM agent queries the RI about whether SRM 1 and SRM 2 belong to the same subscriber. The query request carries the identifier of SRM 1 and the identifier of SRM 2 . The RI checks whether the subscriber correlated with SRM 1 is the same as the subscriber correlated with SRM 2 , and returns a check result through a response message. If the result shows that SRM 1 and SRM 2 belong to the same subscriber, the DRM agent performs S 706 ; otherwise, the DRM agent rejects to share the rights with SRM 2 . Before S 904 , the DRM agent and SRM agent 2 need to authenticate each other, and a SAC is set up between them.
- S 706 The DRM agent installs the rights onto SRM 2 , as detailed in S 107 -S 110 in FIG. 1 .
- the DRM agent obtains the license from SRM 1 first, and then queries the RI about whether SRM 1 and SRM 2 belong to the same subscriber. If the destination SRM is already determined when the subscriber initiates the sharing, optionally, the DRM agent queries the RI about whether SRM 1 and SRM 2 belong to the same subscriber first, and then obtains the license from SRM 1 . Besides, the DRM agent may check whether SRM 2 has enough space for installing the rights and then deletes the rights on SRM 1 .
- the DRM agent queries the RI about the subscriber to whom the SRM belongs. If the RI is unaware of the subscriber to whom the SRM belongs, the DRM agent may need to query another entity such as subscriber manage server about the subscriber to whom the SRM belongs. Alternatively, the DRM agent queries the entity that manages the relations between the SRM and the subscriber (such as subscriber manager) directly about the subscriber to whom the SRM belongs.
- FIG. 6 is modified in that two DRM agents exist: DRM agent 1 connected to SRM 1 and DRM agent 2 connected to SRM 2 .
- DRM agent 1 queries the subscriber of SRM 1 , and, when moving the license to DRM agent 2 , specifies that the rights can be shared only with the SRM of this subscriber.
- DRM agent 2 determines that SRM 2 belongs to the same subscriber before installing the rights onto SRM 2 . Alternatively, after determining that SRM 1 and SRM 2 belong to the same subscriber, DRM agent 1 shares the license with DRM agent 2 and specifies that the license is finally shared with SRM 2 , and then DRM agent 2 installs the rights onto SRM 2 . Alternatively, the DRM agent shares the license with DRM agent 2 and specifies that the license is shared with the SRM that belongs to the same subscriber of SRM 1 . After determining that SRM 1 and SRM 2 belong to the same subscriber, the DRM agent installs the rights onto SRM 2 . FIG.
- DRM agent 1 queries the RI about the subscriber of SRM 1 and the subscriber of SRM 2 ; after the RI determines that SRM 1 and SRM 2 belong to the same subscriber, DRM agent 1 shares the license with DRM agent 2 , and DRM agent 2 installs the rights onto SRM 2 .
- DRM agent 1 shares the license with DRM agent 2
- DRM agent 2 queries the RI about the subscriber of SRM 1 and the subscriber of SRM 2 ; after the RI determines that SRM 1 and SRM 2 belong to the same subscriber, DRM agent 2 installs the rights onto SRM 2 .
- the license is shared between two SRMs of the same subscriber without consuming the sharing rights, the subscriber's rights are protected.
- the device may judge whether the two SRMs belong to the same subscriber: if they belong to the same subscriber, the license is shared directly without checking the sharing rights, as illustrated in the fifth embodiment and the sixth embodiment; if they belong to different subscribers, the device checks the sharing rights and deducts one right of sharing the license, as illustrated in the first embodiment and the second embodiment.
- the first apparatus refers to DRM agent or a functional entity located in the DRM agent.
- the apparatus performs the functions of the DRM agent shown in FIG. 1 or FIG. 2 .
- the apparatus includes:
- an obtaining unit 801 configured to obtain the license from a first SRM
- a forwarding setting unit 802 configured to set the license obtained by the obtaining unit 801 to a forwarding state
- a sending unit 803 configured to send the license obtained by the obtaining unit 801 to a second SRM;
- a controlling unit 804 configured to deduct one right of sharing the license.
- the apparatus further includes:
- a deletion requesting unit 805 configured to request the first SRM to delete the license
- a deletion response receiving unit 806 configured to receive a license deletion response returned by the first SRM.
- the second apparatus refers to DRM agent or a functional entity located in the DRM agent.
- the apparatus performs the functions of the DRM agent shown in FIG. 3 .
- the apparatus includes: an SRM interacting unit 901 , configured to trigger a first SRM and a second SRM to perform key negotiation; and a forwarding unit 902 , configured to forward the license of the first SRM to the second SRM.
- the third apparatus refers to the first SRM or a functional entity located in the first SRM.
- the apparatus performs the functions of SRM 1 shown in FIG. 3 .
- the apparatus includes:
- a key negotiating unit 1001 configured to perform key negotiation with the second SRM
- a processing unit 1002 configured to encrypt partial information or complete information of the license by using a shared key negotiated with the second SRM;
- a sending unit 1003 configured to send the license to the second SRM.
- the apparatus further includes: a deleting unit 1004 , configured to delete the local license after confirming that the second SRM receives the license.
- a deleting unit 1004 configured to delete the local license after confirming that the second SRM receives the license.
- the fourth apparatus refers to the second SRM or a functional entity located in the second SRM.
- the apparatus performs the functions of SRM 2 shown in FIG. 3 .
- the apparatus includes:
- a key negotiating unit 1101 configured to perform key negotiation with a first SRM
- a receiving unit 1102 configured to receive the license sent by the first SRM
- a rights deducting unit 1103 configured to deduct one operation right after the receiving unit 1102 receives a correct license.
- the fifth apparatus refers to RI or subscriber manager, or a functional entity located in the RI or subscriber manager.
- the apparatus performs the functions of the RI shown in FIG. 5 .
- the apparatus includes:
- an obtaining unit 1201 configured to obtain the license of a first SRM from a first DRM agent
- a sending unit 1202 configured to: send the license to a second DRM agent, and submit the license to a second SRM through the second DRM agent.
- the sixth apparatus refers to DRM agent or a functional entity located in the DRM agent.
- the apparatus performs the functions of the DRM agent shown in FIG. 6 or FIG. 7 .
- the apparatus includes:
- a determining unit 1301 configured to determine whether a first SRM and a second SRM belong to the same subscriber
- an obtaining unit 1302 configured to obtain the license from the first SRM if the determining unit 1301 determines that the first SRM and the second SRM belong to the same subscriber;
- an executing unit 1303 configured to send the license obtained by the obtaining unit 1302 to a second SRM.
- the embodiments above suppose that the license is shared between two SRMs.
- the embodiments of the present invention are applicable to sharing of a license between three or more SRMs.
- the embodiments of the present invention are also applicable to sharing a license on an SRM of one DRM agent with another DRM agent.
- the program may be stored in a computer readable storage medium.
- the storage medium may be ROM/RAM, magnetic disk, or CD-ROM.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
A method and an apparatus for sharing a license between SRMs are disclosed. The method includes: a DRM agent obtains the license from a first SRM, and sets the license to a forwarding state locally; the DRM agent deducts one right of sharing the license; and the DRM agent sends the license to a second SRM. In the prior art, one moving right is deducted when the license moves from SRM1 to the device, and the other moving right is deducted when the license moves from the device to SRM2. By contrast, in the technical solution under the present invention, the license forwarded by the DRM agent is set to the forwarding state, and only one sharing right needs to be deducted, and therefore, the consumption of the sharing rights is reduced and the subscriber's rights are protected.
Description
- This application is a continuation of International Application No. PCT/CN2009/071721, filed on May 11, 2009, which claims priority to Chinese Patent Application No. 200810134766.3, filed on Jul. 29, 2008, both of which are hereby incorporated by reference in their entireties.
- The present invention relates to Digital Rights Management (DRM) technologies, and in particular, to a method and an apparatus for sharing licenses between Secure Removable Media (SRM).
- In order to protect legal rights of the content owner, the DRM manages use of digital contents through a content protection and rights control solution.
- A typical DRM solution includes: A Content Issuer (CI) uses a Content Encryption Key (CEK) to encrypt digital contents and encapsulate them into a DRM Content Format (DCF), distributes them to the devices, and sends the content identifier of the digital contents and the corresponding CEK to the Rights Issuer (RI). The RI generates a license corresponding to the digital contents, and sends the license to a DRM agent in the device. The license includes the CEK, and the rights and limitations of using the contents. The rights include execution, playing, and moving; and the limitations include use count, accumulated time, and validity period. After obtaining the DCF and the license, the DRM agent obtains the CEK through decryption, obtains the contents through decryption, and uses the digital contents according to the rights specified in the license.
- The SRM is a kind of removable medium that protects internal data against unauthorized access. With the SRM storing and moving the DCF and the license, the storage space is expanded, and the license is movable.
- In certain scenarios, the subscriber expects to present the license to others or replace the SRM, which involves moving or copying of the license from one SRM to another SRM. With the popularization of multi-card-in-one-phone, subscribers have more requirements of sharing licenses between SRM cards.
- The SRM standard of the Open Mobile Alliance gives protocols for moving a license from a device to an SRM, and moving a license from an SRM to a device. The SRM agent is an entity for performing DRM-related functions in the SRM.
- The prior art provides a solution to moving a license from a DRM agent to an SRM, and a solution to moving a license from an SRM to a DRM agent. In both of the solutions, the sharing rights are deducted after every moving operation. If a license needs to be moved from SRM1 to SRM2, the license needs to be moved from SRM1 to the DRM agent first, and then from the DRM agent to SRM2, which involves at least two deductions of the sharing rights. In the process of developing the present invention, the inventor finds that the moving of a license in the prior art involves multiple deductions of rights, which is a waste of rights to the subscriber.
- The embodiments of the present invention provide a method and an apparatus for sharing a license between SRMs to overcome unnecessary consumption of sharing rights.
- The embodiments of the present invention are based on the following technical solution:
- A method for sharing a license between SRMs includes:
- obtaining, by a DRM agent, the license from a first SRM, and setting the license to a forwarding state locally; deducting one right of sharing the license; and sending the license to a second SRM.
- A method for sharing a license includes:
- triggering, by a DRM agent, a first SRM and a second SRM to negotiate a shared key;
- encrypting, by the first SRM, partial or complete information of the license by using the shared key; and
- sending the license to the second SRM.
- A method for sharing a license includes:
- sending, by a first DRM agent, the license to an RI after obtaining the license from a first SRM; and
- obtaining, by the second DRM agent, the license from the RI, and sending the license to a second SRM.
- A method for sharing a license includes:
- sending, by a DRM agent, the license obtained from a first SRM to a second SRM after determining that the first SRM and the second SRM belong to the same subscriber.
- An apparatus for sharing a license includes:
- an obtaining unit, configured to obtain the license from a first SRM;
- a forwarding setting unit, configured to set the obtained license to a forwarding state;
- a sending unit, configured to send the obtained license to a second SRM; and
- a controlling unit, configured to deduct one right of sharing the license.
- An apparatus for sharing a license includes:
- an SRM interacting unit, configured to trigger a first SRM and a second SRM to perform key negotiation; and
- a forwarding unit, configured to forward the license of the first SRM to the second SRM.
- An apparatus for sharing a license between a first SRM and a second SRM is located in the first SRM, and includes:
- a key negotiating unit, configured to perform key negotiation with the second SRM;
- a processing unit, configured to encrypt partial information or complete information of the license by using a shared key negotiated with the second SRM; and
- a sending unit, configured to send the license to the second SRM.
- An apparatus for sharing a license is located in a second SRM and includes:
- a key negotiating unit, configured to perform key negotiation with a first SRM;
- a receiving unit, configured to receive the license sent by the first SRM; and
- a rights deducting unit, configured to deduct one operation right after the receiving unit receives a correct license.
- An apparatus for sharing a license includes:
- an obtaining unit, configured to obtain the license of a first SRM from a first DRM agent; and
- a sending unit, configured to: send the license to a second DRM agent, and submit the license to a second SRM through the second DRM agent.
- An apparatus for sharing a license includes:
- a determining unit, configured to determine whether a first SRM and a second SRM belong to the same subscriber;
- an obtaining unit, configured to obtain the license from the first SRM if the determining unit determines that the first SRM and the second SRM belong to the same subscriber; and
- an executing unit, configured to send the license to the second SRM.
- In the prior art, one moving right is deducted when the license moves from SRM1 to the device, and the other moving right is deducted when the license moves from the device to SRM2. By contrast, in the embodiments of the present invention, the license forwarded by the DRM agent is set to the forwarding state, and only one moving right needs to be deducted, and therefore, the consumption of the moving rights is reduced and the subscriber's rights are protected.
- In another embodiment of the present invention, the rights in
SRM 1 are deleted only if SRM2 determines that it is capable of installing the rights. In the case that SRM2 is incapable of installing the rights, the DRM agent can recover the original rights on SRM1 easily by recovering the available state of the rights. - In another embodiment of the present invention, a Secure Authenticated Channel (SAC) is set between SRM1 and SRM2, the SAC moves the license, and a DRM agent is responsible only for forwarding the license. Because the forwarded rights are encrypted through the key negotiated between SRM1 and SRM2, the DRM agent is unable to execute operations for the rights. Therefore, the security of the rights is improved.
- In another embodiment of the present invention, because an RI submits the rights to SRM2, it is not necessary to consume the moving rights or the copying rights. Therefore, the fourth embodiment is also applicable to sharing of the license between SRMs of the same subscriber.
- In other embodiments of the present invention, a license is shared between the SRMs that belong to the same subscriber. The DRM agent queries the RI about the subscriber to whom the
- SRM belongs. If the RI is unaware of the subscriber to whom the SRM belongs, the DRM agent may need to query another entity such as subscriber manage server about the subscriber to whom the SRM belongs. Alternatively, the DRM agent queries the entity that manages the relations between the SRM and the subscriber (such as subscriber manage server) directly about the subscriber to whom the SRM belongs. In this case, because the license is shared between the SRMs that belong to the same subscriber, no sharing rights need to be deducted, and the subscriber's resources are saved.
-
FIG. 1 is a flowchart of a method for sharing a license between SRMs according to the first embodiment of the present invention; -
FIG. 2 is a flowchart of a method for sharing a license between SRMs according to the second embodiment of the present invention; -
FIG. 3 is a flowchart of a method for sharing a license between SRMs according to the third embodiment of the present invention; -
FIG. 4 is a flowchart of negotiating a shared key between SRMs shown inFIG. 3 according to an embodiment of the present invention; -
FIG. 5 is a flowchart of a method for sharing a license between SRMs according to the fourth embodiment of the present invention; -
FIG. 6 is a flowchart of a method for sharing a license between SRMs of the same subscriber according to the fifth embodiment of the present invention; -
FIG. 7 is a flowchart of a method for sharing a license between SRMs of the same subscriber according to the sixth embodiment of the present invention; -
FIG. 8 shows a structure of a first apparatus on a DRM agent according to an embodiment of the present invention; -
FIG. 9 shows a structure of a second apparatus on a DRM agent according to an embodiment of the present invention; -
FIG. 10 shows a structure of a third apparatus on a first SRM according to an embodiment of the present invention; -
FIG. 11 shows a structure of a fourth apparatus on a second SRM according to an embodiment of the present invention; -
FIG. 12 shows a structure of a fifth apparatus on an RI or subscriber manager according to an embodiment of the present invention; and -
FIG. 13 shows a structure of a sixth apparatus on a DRM agent according to an embodiment of the present invention. - The embodiments of the present invention provide a solution to sharing a license between SRMs. Only one sharing right is consumed when the license in SRM1 is shared with SRM2 through a DRM agent or RI.
- The license sharing mentioned above includes moving and copying of the license. The following method embodiments primarily take the moving operation as an example.
- The embodiments of the method for sharing a license between SRMs are elaborated below.
- Overall, the method in the first embodiment and the method in the second embodiment include the following steps:
- A DRM agent obtains the license from a first SRM, and sets the license to a forwarding state locally;
- the DRM agent deducts one right of sharing the license; and
- the DRM agent sends the license to a second SRM.
- Sharing of a license refers to copying or moving of the license, and sharing of rights refers to copying or moving of the rights.
- When sharing of a license refers to moving of the license, the following step needs to be performed additionally: The DRM agent triggers the first SRM to delete the license.
- The first embodiment differs from the second embodiment in the time of performing the steps. In the first embodiment, the DRM agent triggers the first SRM to delete the license after the DRM agent sets the obtained license to a forwarding state; in the second embodiment, the DRM agent triggers the first SRM to delete the license after the DRM agent determines that the license is received by the second SRM.
- First of all, the first embodiment is described below.
-
FIG. 1 is a flowchart of a method for sharing a license between SRM1 and SRM2 in the first embodiment of the present invention. The method includes the following steps: - S101: The DRM agent and
SRM agent 1 authenticate each other, and a Secure Authenticated Channel (SAC) is set up between them. In the authentication process, the license is exchanged between DRM agent andSRM agent 1, and is checked for validity. A random number is exchanged between them, and a communication key is generated according to the random number. The communication keys include an encryption key and an integrity protection key. - The method of setting up a SAC between the DRM agent and the SRM agent is covered in the prior art, and is not detailed here any further.
- S102-S103: The DRM agent initiates a process of moving the rights on SRM1 to SRM2 directly. This operation may be triggered by interaction between the subscriber and the DRM agent. The DRM agent obtains the rights information and the REK from SRM1, which is covered in the prior art.
- S104: The DRM agent authenticates the rights information and the moving rights, and deducts the moving rights after the authentication succeeds, which is covered in the prior art. The deduction of the moving rights may be: deducting one from the remaining moving rights in the state information corresponding to the rights, or adding one to the consumed moving rights in the state information corresponding to the rights. Once the rights are set to a forwarding state on the device, it means that the rights need to be moved to another SRM and are not available to the DRM agent for consuming contents. In this case, if the DRM agent knows that the rights will be moved to SRM2, the DRM agent may specify the SRM2 identifier.
- S105-106: The DRM agent instructs
SRM agent 1 to delete the rights, which is covered in the prior art. - S107-S108: The DRM agent checks whether SRM2 has enough space for installing the rights, which is covered in the prior art.
- Before S107, the DRM agent and SRM agent 2 authenticate each other, and a SAC is set up between them. This step is S107 a in
FIG. 1 . If the DRM agent can interact with two SRM agents simultaneously, S107 a may occur at any time before S107. - If the DRM agent cannot interact with two SRM agents simultaneously, before S107, the DRM agent may be disconnected from SRM1 first, and then get connected with SRM2 to perform subsequent steps. The subscriber may operate the device to trigger the implementation of the subsequent steps. Specifically, the rights may be saved as a file of a special format in the device. The subscriber browses and determines that the rights are in the forwarding state, and chooses to move the file to another SRM to complete the forwarding. Alternatively, the device indicates the rights information to the subscriber, and the subscriber chooses whether to continue with the moving. Alternatively, the device performs the operation automatically according to the identifier of the destination device correlated with the rights. For example, when getting connected to SRM2, the device searches for local rights which are in the forwarding state and correlated with SRM2 as a destination device, and performs the steps after S107 automatically.
- S109-S110: The DRM agent sends a rights installation request message to SRM agent 2. The rights installation request message carries a handle, a REK, a list of hash values of the content identifier, and rights information. SRM2 installs the rights and returns a response, without deducting the moving rights for a second time. Therefore, the number of times of deducting the moving rights is reduced.
- S111: If SRM2 installs the rights successfully, the DRM agent deletes the local rights.
- Optionally, the moving rights are not deducted in S104, but are deducted on the device after the rights are installed onto SRM2.
- Besides, after S106, the device may retain the record of the source SRM that forwards the rights, namely, record of SRM1. In this way, if the process of installing the rights onto SRM2 fails, for example, due to deficient space of SRM2, the rights can be recovered to SRM1, and the subscriber's rights are protected.
- The first embodiment deals with the license sharing method by taking license moving as an example. As mentioned above, license sharing still includes license copying. The process of copying a license in SRM1 to SRM2 is similar to
FIG. 1 , but differs in that the copying rights are consumed in the copying process: The DRM agent deducts one right of copying the license on SRM1, and the license sent by the DRM agent to SRM2 does not include copying right. Alternatively, the DRM agent deducts one right of copying the license sent to SRM2, and deducts all rights of copying the license on SRM1. SRM1 does not need to delete the license. - In the prior art, one sharing right is deducted when the license moves from SRM1 to the device, and the other sharing right is deducted when the license moves from the device to SRM2.
- By contrast, in this embodiment of the present invention, the rights forwarded by the DRM agent are set to the forwarding state, and only one moving right needs to be deducted, and therefore, the consumption of the moving rights is reduced and the subscriber's rights are protected.
- Described below is a second embodiment of the method for sharing a license between SRMs.
- In S107-S108 of
FIG. 1 in the first embodiment, if the process of installing the rights onto SRM2 fails, the rights are recovered to SRM1, which is rather complicated. A simpler solution is to make sure that SRM2 has enough space for installing the rights and then delete the rights on SRM1. - As shown in
FIG. 2 , the process of the second embodiment includes the following steps: - S201: The DRM agent,
SRM agent 1, and SRM agent 2 authenticate each other, and a SAC is set up between them. The mutual authentication between the DRM agent and SRM agent 2 may occur at any time before S205. - S202-S203: The DRM agent initiates a process of moving the rights on SRM1 to SRM2 directly. This operation may be triggered by interaction between the subscriber and the DRM agent.
- The DRM agent obtains the rights information and the REK from SRM1.
- S204: The DRM agent authenticates the rights information and the moving rights, and deducts the moving rights after the authentication succeeds. The operation of deducting the moving rights may be performed after S206.
- S205-S206: The DRM agent checks whether SRM2 has enough space for installing the rights.
- S207-S208: The DRM agent sends a rights installation request message to SRM agent 2. The rights installation request message carries a handle, a REK, a list of hash values of the content identifier, and rights information. SRM2 installs the rights and returns a response. If SRM2 installs the rights successfully, the DRM agent deletes the local rights.
- S209-S210: If SRM2 installs the rights successfully, the DRM agent instructs
SRM agent 1 to delete the rights. - S209-S210 may occur after S206.
- If the process of installing the rights onto SRM2 fails, for example, due to deficient space of SRM2, the DRM agent may cancel the moving operation, and recover the original rights on SRM1. If the DRM agent is disconnected from an SRM, the DRM agent may keep a disconnection log. The disconnection log includes: operation type, current state, license identifier, SRM1 identifier, handle 1 on SRM1 corresponding to the license, SRM2 identifier, and handle 2 on SRM2 corresponding to the license on SRM2. At the next attempt of connection, the license is recovered according to the information in the disconnection log: The DRM agent continues sending the license to SRM2 to complete the operation; or cancels the operation and recovers the license to
SRM 1. - In order to improve the security of the REK to some extent, the DRM agent may submit the public key or license of SRM2 to
SRM agent 1.SRM agent 1 uses the public key of SRM2 to encrypt the REK, and transmits the REK to SRM2 through the DRM agent. - Evidently, the second embodiment differs from the first embodiment in that: The rights in SRM1 are deleted only if SRM2 determines that it is capable of installing the rights. In the case that SRM2 is incapable of installing the rights, the DRM agent can recover the original rights on SRM1 easily by recovering the available state of the rights.
- Described below is a third embodiment of the method for sharing a license between SRMs.
- In the third embodiment, with assistance of the DRM agent, a SAC is set up between SRM1 and SRM2, and the license is shared through a SAC key. The third embodiment still takes license moving as an example, and the scenario of copying a license is similar.
- Overall, the third embodiment includes the following steps:
- A DRM agent triggers a first SRM and a second SRM to negotiate a shared key;
- the first SRM encrypts partial or complete information of the license by using the shared key; and
- the first SRM sends the license to the second SRM.
- The third embodiment is elaborated below with reference to
FIG. 3 . - As shown in
FIG. 3 , the process of the third embodiment includes the following steps: - S301: The DRM agent,
SRM agent 1, and SRM agent 2 exchange the supported trust anchor with each other. - S302: The DRM agent triggers authentication of
SRM agent 1 and SRM agent 2. The authentication trigger message carries the selected trust anchor. The DRM agent may select the trust anchor according to the rights to be moved. Optionally, the authentication trigger message may further carry an SRM2 identifier. To trigger this step, the subscriber may choose to move the rights between the two SRMs. - S303:
SRM agent 1 sends an authentication request to SRM agent 2. The authentication request carries a trust anchor, an SRM1 certificate chain, and the algorithm supported bySRM agent 1. If direct communication is enabled betweenSRM agent 1 and SRM agent 2, the message does not need to pass through the DRM agent; otherwise, all messages need to be forwarded by the DRM agent. - S304: SRM agent 2 returns an authentication response to
SRM agent 1. The authentication response carries an SRM agent 2 certificate chain, the algorithm selected by SRM2, and random number 1 (RN1) for generating a key. RN1 needs to be transmitted after being encrypted through a public key of SRM2. - S305:
SRM agent 1 sends a key exchange request to SRM agent 2. The key exchange request carries random number 2 (RN2) for generating a key. RN2 needs to be transmitted after being encrypted through a public key of SRM1. - S306: SRM agent 2 returns a key exchange response to
SRM agent 1. The key exchange response may carry the hash value of the connection value of RN1 and RN2 for confirming the random number. By now, SRM1 and SRM2 have obtained RN1 and RN2, and use RN1 and RN2 respectively to generate a session key and a Media Access Control (MAC) key. - S307: The DRM agent triggers
SRM agent 1 to move rights to SRM2. The moving trigger message may carry a handle or a license identifier on the SRM1, wherein the handle or license identifier on the SRM1 corresponds to the right. - S308:
SRM agent 1 sends an initial moving request to SRM agent 2. The initial moving request carries size of the rights, and optionally, carries a handle on the SRM2 corresponding to the rights. - S309: SRM agent 2 checks whether enough space is available for installing the rights locally. If a handle is sent by
SRM agent 1 in S508, SRM agent 2 needs to check whether the handle sent bySRM agent 1 is a duplicate of the handle on SRM2, and add the check result into an initial moving response returned toSRM agent 1. If no handle is sent bySRM agent 1 in S308, SRM agent 2 may generate a handle automatically which is different from other handles existent locally, and may return the generated handle through the initial moving response. - S310:
SRM agent 1 sends a moving request to SRM agent 2. The moving request carries rights information, a REK, and a content identifier correlated to the rights. IfSRM agent 1 knows the handle correlated with the rights on SRM2, this handle may be carried in the moving request. - S311: SRM agent 2 authenticates the rights information, deducts the moving rights after the authentication succeeds, and stores the rights into SRM2.
- Optionally,
SRM agent 1 may check and deduct the moving rights before S310. In this case, SRM agent 2 does not need to deduct the moving rights in step S311. - The third embodiment differs from the first embodiment and the second embodiment in that: A SAC is set between SRM1 and SRM2; the license is moved through the SAC; and a DRM agent is responsible only for forwarding the license. Because the forwarded rights are encrypted through the key negotiated between SRM1 and SRM2, the DRM agent is unable to execute operations for the rights. Therefore, the security of the rights is improved.
- However, if SRM1 and SRM2 are incapable of authenticating the rights, the DRM agent may authenticate the rights instead and deduct the moving rights. This operation may be performed in S310, and the prerequisite is that
SRM agent 1 or SRM agent 2 notifies the MAC key to the DRM agent. - S301-S306 in
FIG. 3 is a process of negotiating the shared key between two SRMs. This process is put forward in an embodiment of the present invention, and is outlined below: - The DRM agent initiates an authentication process to the
SRM 1 and obtains the first SRM certificate chain; - the DRM agent initiates an authentication process to the SRM 2, sends the obtained first SRM certificate chain to the second SRM, and obtains the second SRM certificate chain and a second random number from the SRM 2, where the second random number is encrypted through the first SRM public key;
- the DRM agent initiates a key exchange process to the
SRM 1, sends the second SRM certificate chain and the second random number encrypted through the first SRM public key to theSRM 1, and obtains the first random number encrypted through the second SRM public key from theSRM 1; - the DRM agent initiates a key exchange process to the SRM 2, and sends the first random number encrypted through the second SRM public key to the SRM 2; and
- the SRM land the SRM 2 use the first random number and the second random number to determine a shared key.
- This process may occur together with the process of negotiating the shared key between the DRM agent and the two SRMs. As shown in
FIG. 4 , this process includes: - S401: The DRM agent,
SRM agent 1, and SRM agent 2 exchange the supported trust anchor with each other. - S402: The DRM agent sends an authentication request to
SRM agent 1. The authentication request carries the selected trust anchor and a device certificate chain corresponding to this trust anchor. The DRM agent may select the trust anchor according to the rights to be moved. - S403:
SRM agent 1 returns an authentication response. The response message carries an SRM1 certificate chain, and a random number (RNs1d) encrypted through a device public key. - S404: The DRM agent sends a three-party authentication request to SRM agent 2. The three-party authentication request carries the selected trust anchor, a device certificate chain corresponding to this trust anchor, and an SRM1 certificate chain.
- S405: SRM agent 2 returns a three-party authentication response. The three-party authentication response carries an SRM2 certificate chain, a random number (RNs2d) encrypted through a device public key, and a random number (RNs2s1) encrypted through an SRM1 public key.
- S406: The DRM agent sends a three-party key exchange request to
SRM agent 1. The three-party key exchange request carries an SRM2 certificate chain, a random number (RNs2s1) encrypted through an SRM1 public key, and a random number (RNds1) encrypted through an SRM1 public key (the random number may be encrypted through the SRM1 public key after being connected with hash of RNs1d). - S407:
SRM agent 1 returns a three-party key exchange response. The three-party key exchange response carries a random number (RN s1s2) encrypted through an SRM2 public key (the random number may be encrypted through the SRM2 public key after being connected with hash of RNs2s1), and optionally carries the hash of the connection value of RNds1 and RNs1d. - S408: The DRM agent sends another three-party key exchange request to SRM agent 2. The another three-party key exchange request carries a random number (RNs1s2) encrypted through an SRM2 public key (the random number may be encrypted through the SRM2 public key after being connected with hash of RNs2s1), and a random number (RNds2) encrypted through the SRM2 public key (the random number may be encrypted through the SRM2 public key after being connected with hash of RNs2d).
- S409: SRM agent 2 returns another three-party key exchange response. The another three-party key exchange response may carry hash of the connection value of RN s1s2 and RNs2s1 and hash of the connection value of RNds2 and RNs2d.
- By now, a pair of random numbers has been shared between the DRM agent,
SRM agent 1, and SRM agent 2, which can generate a key independently by using the shared random number. In this way, when SRM1 moves rights to SRM2, important information such as REK can be encrypted through the key shared with SRM2, and other information can be encrypted through the key shared with the DRM agent, or its integrity can be protected to facilitate DRM agent processing. - The random number submitted by the DRM agent to
SRM agent 1 may be the same as the random number submitted by the DRM agent to SRM agent 2. In this way, the three parties can use the shared random number to generate a three-party shared key. - Alternatively, the DRM agent may use RNs1d provided by
SRM agent 1 as RNds2, and submit it to SRM agent 2; and use RNs2d provided by SRM agent 2 as RNds1, and submit it toSRM agent 1. In this way, a key shared by the three parties can also be generated. - Currently, when the SRM agent and the DRM agent use the random number to generate a key, they are connected according to the order of RNd and RNs. However, in this solution, in order to ensure consistency of the key, they may be connected according to the transmission order for each pair of random numbers. That is,
SRM agent 1 gets connected according to the order of RNs1d and RNds1, and SRM agent 2 gets connected according to the order of RNds2 and RNs2d. On the condition that the consistency of the key is not affected, the key may be generated in other modes. - In the process of moving rights from SRM1 to SRM2 through the DRM agent, to be on the safe side, SRM1 confirms that SRM2 has received the rights before deleting the rights on SRM1. Specifically, the confirmation information of SRM2 may be an installation information signature affixed with a private key (such as REK), or a result of encrypting the installation information by using a key shared by only SRM1 and SRM2 (REK); or SRM1 submits confirmation information (such as random number) to SRM2, and this confirmation information may be transmitted after being encrypted through the public key of SRM2 or the key shared by SRM1 and SRM2. SRM2 indicates to SRM1 that the confirmation information is received. For example, SRM2 uses a private key to convert the signature or confirmation information in a certain way (such as hash operation or a simple operation of adding 1), and then uses a key shared by SRM1 and SRM2 to encrypt the converted result and returns it.
- Described below is a fourth embodiment of the method for sharing a license between SRMs.
- In the foregoing solution, the rights are moved between two SRMs through the DRM agent. In some circumstances, the two SRMs may be located in different places, and cannot be connected to the same DRM agent directly, and the rights need to be forwarded by more than one DRM agent. For example,
DRM agent 1 obtains the rights from SRM1, moves the rights to DRM agent 2, and indicates to the DRM agent 2 that the rights are directed to SRM2. DRM agent 2 moves the rights to SRM2. - Besides, the rights may be moved between two SRMs through an RI, as outlined below:
- The
DRM agent 1 obtains a license from theSRM 1 and sends the license to the RI; and - the DRM agent 2 obtains the license from the RI, and sends the license to the SRM 2.
- As shown in
FIG. 5 , the process includes the following detailed steps: - S501: The RI sends a ROAP trigger{SRMROUpload} to
DRM agent 1, triggering the device to upload the license on the SRM. The ROAP trigger includes information such as RI identifier and RI URL, and includes a roRequested property of the Boolean type indicating whether the RI requires the SRM to report the rights to be uploaded. If the RI has buffered the delivered license, the value of the roRequested property is “false”; otherwise, the value of the roRequested property is “true”. Optionally, the trigger includes an SRM1 identifier and a license identifier. This step is optional. The subscriber may use a man-machine interface to operate the device to upload the license on SRM1, and the process starts from S502 directly. - S502:
DRM agent 1 sends a RightsUpload request message toSRM agent 1. The RightsUpload request message carries a handle that identifies the rights, and a new handle for replacing handle that identifies the rights Before S502,DRM agent 1 andSRM agent 1 need to authenticate each other, and a SAC is set up between them. - S503:
SRM agent 1 judges whether the new handle is a duplicate of other local handles. If the new handle is not a duplicate,SRM agent 1 replaces the handle that identifies the rights with the new handle, and sets the rights to the unavailable state.SRM agent 1 returns a RightsUpload response message toDRM agent 1. If the new handle is not a duplicate, the RightsUpload response message further carries the rights information, REK, Kmac, timestamp, and signature affixed bySRM agent 1 for {flag indicative of upload, REK, RI identifier, timestamp}. - S504:
DRM agent 1 checks whether the RI signature in the rights information and the state information exceed the original rights. - S505:
DRM agent 1 sends a SRMROUpload request message to the RI. The SRMROUpload request message not only carries public parameters such as identifier ofdevice 1, RI identifier, nonce, timestamp, and certificate chain ofdevice 1, but also carries upload information: -
- RightsObjectContainer part in the rights information obtained from
SRM agent 1
- RightsObjectContainer part in the rights information obtained from
- (namely, <rights> and <signature> in the license delivered by the original RI) or a result of converting its format. If the RI marks roRequested as “false” in ROAP trigger {SRMROUpload}, this parameter is omissible;
-
- state information in the rights information obtained from
SRM agent 1 if the license has a state; - REK and Kmac encrypted through an RI public key;
- an SRM1 identifier, SRM1 certificate chain, timestamp in the SRMRightsUpload response message, signature affixed by
SRM agent 1 for {flag indicative of upload, REK, RI identifier, timestamp}; and - a result of performing MAC operation for the foregoing parameters by using Kmac.
- state information in the rights information obtained from
-
DRM agent 1 needs to affix a signature to the parameters in the request message, and sends the request message that carries the signature to the RI. - S506: The RI verifies the parameters in the request message:
-
- If the request menage carries a
DRM agent 1 certificate chain, the RI verifies the validity of the certificate chain (which may be implemented through OCSP or CRL), and uses theDRM agent 1 certificate chain in the request message or theDRM agent 1 certificate chain in the local device context of the RI to verify theDRM agent 1 signature in the request message. - The RI obtains REK and Kmac through decryption, and applies the MAC value in the Kmac verification request message.
- The RI verifies validity of the SRM1 certificate chain, possibly through OCSP or CRL, and uses the SRM1 certificate chain to verify the validity of the SRM1 signature information.
- The RI verifies whether the timestamp in the request message is earlier than the current time, and whether the timestamp in the SRMRightsUpload response message is earlier than the timestamp in the request message.
- The RI verifies correctness of <rights> and <signature> (if they exist in the request message), and, if the license has a state, the RI verifies whether the state information falls within the original license.
- The RI attempts to use the REK to decrypt the CEK in the <rights> element, and verifies correctness of the REK and the rights.
- If the request menage carries a
- S507:
DRM agent 1 sends a RightsRemovalRequest message toSRM agent 1. The message carries a handle that identifies the rights. This handle is the new handle in S502. - S508:
SRM agent 1 deletes the rights corresponding to the handle in the RightsRemovalRequest message, and returns a RightsRemovalResponse message that carries the processing result toDRM agent 1. - S509: The RI sends another ROAP trigger{SRMROAcquisition} to DRM agent 2, triggering DRM agent 2 to help SRM2 obtain the uploaded license. The another ROAP trigger includes these parameters: RI identifier, RI alias, RI URL, license identifier, license alias, content identifier, and an indication of whether the RI stores the certificate chain of device 2 and SRM2. DRM agent 2 and
DRM agent 1 may be the same DRM agent. This step is optional. The subscriber may use a man-machine interface to operate the device to obtain the license in place of SRM2, and the process starts from S510 directly. - S510: DRM agent 2 sends a request for obtaining the license to the RI. The request carries: device 2 identifier, RI identifier, nonce, timestamp, license identifier, SRM2 identifier, certificate chain of device 2, and certificate chain of SRM2. If the trigger indicates that the RI already stores the certificate chain of device 2 or SRM2, the certificate chain does not need to be carried in this request. Before S510, DRM agent 2 and SRM agent 2 need to authenticate each other, and a SAC is set up between them.
- S511: The RI returns a license response to DRM agent 2. The response carries: device 2 identifier, RI identifier, nonce, protected license, and RI certificate chain (if the request from DRM agent 2 indicates that DRM agent 2 has stored the RI certificate chain, the RI certificate chain does not need to be carried in this license response). The license may be bound to SRM2, or bound to DRM agent 2, but it is indicated that the licensed need be provided to SRM2.
- S512: DRM agent 2 writes the license delivered by the RI into SRM2. If the license is bound to SRM2, DRM agent 2 may send the encrypted connection value of REK and Kmac to SRM agent 2 first, SRM agent 2 sends the connection value to Kmac, and uses the connection value to verify integrity of the license. DRM agent 2 writes the rights and the signature into SRM2. If the license is bound to DRM agent 2, DRM agent 2 obtains the REK through decryption, and writes the REK together with the rights and the signature into SRM2.
- In the foregoing process, S507-S508 may occur before, during, or after S509-S512.
- In the foregoing embodiments of the method for sharing a license between SRMs, the first embodiment to the third embodiment involve consumption of only one moving right or copying right; in the fourth embodiment, because the RI provides the license for SRM2, no moving right or copying right needs to be consumed. Therefore, the fourth embodiment is also applicable to the scenario of sharing a license between SRMs of the same subscriber. If the sharing rights need to be consumed for sharing of the license between SRMs of the same subscriber, the subscriber incurs losses. Therefore, a solution to sharing a license between SRMs of the same subscriber without consuming sharing rights is provided in an embodiment of the present invention.
- Although no moving right is consumed for sharing of a license between the SRMs of the same user, the RI needs to verify that SRM2 and SRM1 belong to a same subscriber. Multiple verification methods are applicable: The RI performs the verification according to the mapping relation between the locally stored SRM identifier and the subscriber identifier, or the RI queries another entity such as subscriber manager, or the RI performs the verification according to the information provided by the subscriber when the subscriber attempts to use the SRM (for example, password, and an answers to a question).
- The subscriber may upload multiple licenses to the RI at a single attempt, or install multiple licenses onto SRM2 at a single attempt. This batch processing mode is especially applicable to the scenario that the subscriber replaces the SRM card.
- The following solution serves as a substitute of the solution to sharing rights between SRMs of the same subscriber: The DRM agent queries the RI about whether SRM1 and SRM2 belong to the same subscriber, and the rights are shared directly, without requiring the RI to re-generate the license.
- Overall, the method for sharing a license between SRMs of the same subscribers in an embodiment of the present invention includes:
- The DRM agent sends the license obtained from a first SRM to a second SRM after determining that the first SRM and the second SRM belong to the same subscriber.
- The fifth embodiment differs from the sixth embodiment in how the DRM agent queries the RI or the subscriber manager about whether the first SRM and the second SRM belong to the same subscriber.
- Detailed below are embodiments of the method for sharing a license between SRMs of the same subscriber.
- First, the fifth embodiment of the method for sharing a license between SRMs of the same subscriber is described below.
- Overall, the process of querying whether the first SRM and the second SRM belong to the same subscriber in the fifth embodiment is:
- By sending a query message that carries the identifier of the
SRM 1 to the RI or subscriber manage server, the DRM agent queries the subscriber to whom theSRM 1 belongs; - by sending another query message that carries the identifier of the SRM 2 to the RI or subscriber manage server, the DRM agent queries the subscriber to whom the SRM 2 belongs; and the DRM agent checks whether the
SRM 1 and the SRM 2 belong to the same subscriber. - As shown in
FIG. 6 , the process of the fifth embodiment includes the following steps: - S601: The DRM agent shares the rights on SRM1 with SRM 2 of the same subscriber according to a subscriber request, and obtains rights information and a REK from SRMI. Before S601, the DRM agent and
SRM agent 1 need to authenticate each other, and a SAC is set up between the DRM agent andSRM agent 1. - S602-S603: The DRM agent queries the RI about the subscriber to whom SRM1 belongs. The query request carries an SRM1 identifier, and the RI returns a response message that carries the subscriber identifier.
- S604: The DRM agent checks whether the RI signature in the rights information and the state information exceed the original rights in the rights information, and installs the rights if they do not exceed the original rights. When installing the rights, the DRM agent identifies the unavailable state of the rights, and correlates the rights with the subscriber identifier returned by the RI in S603.
- S605: If the sharing operation is a moving operation, the DRM agent instructs SRM1 to delete the rights, as detailed in S105-S106 in
FIG. 1 . - S606-S607: DRM agent shares the rights with SRM2. Because the rights are bound to the subscriber identifier, the DRM agent queries the RI about the subscriber to whom SRM2 belongs. The query request carries an SRM2 identifier, and the RI returns a response message that carries the subscriber identifier. Before S606, the DRM agent and SRM agent 2 need to authenticate each other, and a SAC is set up between them.
- S608: The DRM agent checks whether the subscriber of SRM2 is the same as the subscriber bound to the rights, namely, the same as the subscriber of SRM1. If the subscriber is the same, the DRM agent performs S609, or else rejects to share the rights with SRM2.
- S609: The DRM agent installs the rights onto SRM2, as detailed in S107-S110 in
FIG. 1 . - S610: If SRM2 installs the rights successfully, the DRM agent deletes the local rights.
- Now, the sixth embodiment of the method for sharing a license between SRMs of the same subscriber is described below.
- In the fifth embodiment, the DRM agent queries the subscriber of SRMI and the subscriber of SRM2 respectively and compares the two subscribers; in the sixth embodiment, however, the DRM agent reports the identifier of SRM1 and the identifier of SRM2 to the RI, and the RI compares the two subscribers and returns a comparison result. In this case, the DRM agent does not need to understand details of the subscriber identifier.
- Overall, the process of querying the subscriber of the first SRM and the subscriber of the second SRM in the sixth embodiment is:
- By sending a query message that carries the identifier of the
SRM 1 and the identifier of the SRM 2 to the RI or subscriber manager, the DRM agent checks whether the first SRM and the second SRM belong to the same subscriber; and - the RI or subscriber manager returns a query response to the DRM agent, indicating whether the first SRM and the second SRM belong to the same subscriber.
- As shown in
FIG. 7 , the process of the sixth embodiment includes the following steps: - S701: The DRM agent shares the rights on SRM1 with another SRM of the same subscriber according to a subscriber request, and obtains rights information and a REK from SRM1, as detailed in S102-S103 in
FIG. 1 . Before S701, the DRM agent andSRM agent 1 need to authenticate each other, and a SAC is set up between the DRM agent andSRM agent 1. - S702: The DRM agent checks whether the RI signature in the rights information and the state information exceed the original rights in the rights information, and installs the rights if they do not exceed the original rights. When installing the rights, the DRM agent identifies the unavailable state of the rights, and correlates the rights with the subscriber of SRM1.
- S703: If the sharing operation is a moving operation, the DRM agent instructs SRM1 to delete the rights, as detailed in S105-S106 in
FIG. 1 . - S704-S705: DRM agent shares the rights with SRM2. Because the rights are bound to the subscriber of SRM1, the DRM agent queries the RI about whether SRM1 and SRM2 belong to the same subscriber. The query request carries the identifier of SRM1 and the identifier of SRM2. The RI checks whether the subscriber correlated with SRM1 is the same as the subscriber correlated with SRM2, and returns a check result through a response message. If the result shows that SRM1 and SRM2 belong to the same subscriber, the DRM agent performs S706; otherwise, the DRM agent rejects to share the rights with SRM2. Before S904, the DRM agent and SRM agent 2 need to authenticate each other, and a SAC is set up between them.
- S706: The DRM agent installs the rights onto SRM2, as detailed in S107-S110 in
FIG. 1 . - S707: If SRM2 installs the rights successfully, the DRM agent deletes the local rights.
- In the sixth embodiment, the DRM agent obtains the license from SRM1 first, and then queries the RI about whether SRM1 and SRM2 belong to the same subscriber. If the destination SRM is already determined when the subscriber initiates the sharing, optionally, the DRM agent queries the RI about whether SRM1 and SRM2 belong to the same subscriber first, and then obtains the license from SRM1. Besides, the DRM agent may check whether SRM2 has enough space for installing the rights and then deletes the rights on SRM1.
- In the foregoing two embodiments of the method for sharing a license between the SRMs that belong to the same subscriber, the DRM agent queries the RI about the subscriber to whom the SRM belongs. If the RI is unaware of the subscriber to whom the SRM belongs, the DRM agent may need to query another entity such as subscriber manage server about the subscriber to whom the SRM belongs. Alternatively, the DRM agent queries the entity that manages the relations between the SRM and the subscriber (such as subscriber manager) directly about the subscriber to whom the SRM belongs.
- In the foregoing two embodiments of the method for sharing a license between the SRMs that belong to the same subscriber, it is assumed that SRM1 and SRM2 are connected with the same DRM agent. In some circumstances, the two SRMs are located in different places and cannot be connected to the same DRM agent, and the rights need to be forwarded by more than one DRM agent. For example,
FIG. 6 is modified in that two DRM agents exist:DRM agent 1 connected to SRM1 and DRM agent 2 connected to SRM2. Specifically,DRM agent 1 queries the subscriber of SRM1, and, when moving the license to DRM agent 2, specifies that the rights can be shared only with the SRM of this subscriber. DRM agent 2 determines that SRM2 belongs to the same subscriber before installing the rights onto SRM2. Alternatively, after determining that SRM1 and SRM2 belong to the same subscriber,DRM agent 1 shares the license with DRM agent 2 and specifies that the license is finally shared with SRM2, and then DRM agent 2 installs the rights onto SRM2. Alternatively, the DRM agent shares the license with DRM agent 2 and specifies that the license is shared with the SRM that belongs to the same subscriber of SRM1. After determining that SRM1 and SRM2 belong to the same subscriber, the DRM agent installs the rights onto SRM2.FIG. 7 is modified in the following way:DRM agent 1 queries the RI about the subscriber of SRM1 and the subscriber of SRM2; after the RI determines that SRM1 and SRM2 belong to the same subscriber,DRM agent 1 shares the license with DRM agent 2, and DRM agent 2 installs the rights onto SRM2. Alternatively,DRM agent 1 shares the license with DRM agent 2, and DRM agent 2 queries the RI about the subscriber of SRM1 and the subscriber of SRM2; after the RI determines that SRM1 and SRM2 belong to the same subscriber, DRM agent 2 installs the rights onto SRM2. Evidently, in the fifth embodiment and the sixth embodiment, the license is shared between two SRMs of the same subscriber without consuming the sharing rights, the subscriber's rights are protected. - In conclusion, when the subscriber initiates sharing of a license between two SRMs, the device may judge whether the two SRMs belong to the same subscriber: if they belong to the same subscriber, the license is shared directly without checking the sharing rights, as illustrated in the fifth embodiment and the sixth embodiment; if they belong to different subscribers, the device checks the sharing rights and deducts one right of sharing the license, as illustrated in the first embodiment and the second embodiment.
- Corresponding to the method embodiments above, various apparatuses are provided herein.
- The first apparatus provided herein refers to DRM agent or a functional entity located in the DRM agent. The apparatus performs the functions of the DRM agent shown in
FIG. 1 orFIG. 2 . As shown inFIG. 8 , the apparatus includes: - an obtaining
unit 801, configured to obtain the license from a first SRM; - a
forwarding setting unit 802, configured to set the license obtained by the obtainingunit 801 to a forwarding state; - a sending
unit 803, configured to send the license obtained by the obtainingunit 801 to a second SRM; and - a controlling
unit 804, configured to deduct one right of sharing the license. - Preferably, the apparatus further includes:
- a
deletion requesting unit 805, configured to request the first SRM to delete the license; and - a deletion
response receiving unit 806, configured to receive a license deletion response returned by the first SRM. - The second apparatus provided herein refers to DRM agent or a functional entity located in the DRM agent. The apparatus performs the functions of the DRM agent shown in
FIG. 3 . As shown inFIG. 9 , the apparatus includes: anSRM interacting unit 901, configured to trigger a first SRM and a second SRM to perform key negotiation; and aforwarding unit 902, configured to forward the license of the first SRM to the second SRM. - The third apparatus provided herein refers to the first SRM or a functional entity located in the first SRM. The apparatus performs the functions of SRM1 shown in
FIG. 3 . As shown inFIG. 10 , the apparatus includes: - a
key negotiating unit 1001, configured to perform key negotiation with the second SRM; - a
processing unit 1002, configured to encrypt partial information or complete information of the license by using a shared key negotiated with the second SRM; and - a sending
unit 1003, configured to send the license to the second SRM. - Preferably, the apparatus further includes: a deleting
unit 1004, configured to delete the local license after confirming that the second SRM receives the license. - The fourth apparatus provided herein refers to the second SRM or a functional entity located in the second SRM. The apparatus performs the functions of SRM2 shown in
FIG. 3 . As shown inFIG. 11 , the apparatus includes: - a
key negotiating unit 1101, configured to perform key negotiation with a first SRM; - a
receiving unit 1102, configured to receive the license sent by the first SRM; and - a
rights deducting unit 1103, configured to deduct one operation right after thereceiving unit 1102 receives a correct license. - The fifth apparatus provided herein refers to RI or subscriber manager, or a functional entity located in the RI or subscriber manager. The apparatus performs the functions of the RI shown in
FIG. 5 . As shown inFIG. 12 , the apparatus includes: - an obtaining
unit 1201, configured to obtain the license of a first SRM from a first DRM agent; and - a sending
unit 1202, configured to: send the license to a second DRM agent, and submit the license to a second SRM through the second DRM agent. - The sixth apparatus provided herein refers to DRM agent or a functional entity located in the DRM agent. The apparatus performs the functions of the DRM agent shown in
FIG. 6 orFIG. 7 . As shown inFIG. 13 , the apparatus includes: - a determining
unit 1301, configured to determine whether a first SRM and a second SRM belong to the same subscriber; - an obtaining
unit 1302, configured to obtain the license from the first SRM if the determiningunit 1301 determines that the first SRM and the second SRM belong to the same subscriber; and - an executing
unit 1303, configured to send the license obtained by the obtainingunit 1302 to a second SRM. - It should be noted that the embodiments above suppose that the license is shared between two SRMs. Undoubtedly, persons skilled in the art understand that the embodiments of the present invention are applicable to sharing of a license between three or more SRMs. The embodiments of the present invention are also applicable to sharing a license on an SRM of one DRM agent with another DRM agent.
- Persons of ordinary skilled in the art understand that all or part of the steps of the method in the embodiments of the present invention may be implemented by a program instructing relevant hardware. The program may be stored in a computer readable storage medium. When the program runs, the corresponding steps in the foregoing method are performed. The storage medium may be ROM/RAM, magnetic disk, or CD-ROM.
- Although the invention is described through some exemplary embodiments, the invention is not limited to such embodiments. It is apparent that those skilled in the art can make modifications and variations to the invention without departing from the spirit and scope of the invention. The invention is intended to cover the modifications and variations provided that they fall in the scope of protection defined by the following claims or their equivalents.
Claims (20)
1. A method for sharing a license between Secure Removable Media (SRM), comprising:
obtaining, by a Digital Rights Management (DRM) agent, the license from a first SRM, and setting the license to a forwarding state locally;
deducting, by the DRM agent, one right of sharing the license; and
sending, by the DRM agent, the license to a second SRM.
2. The method of claim 1 , wherein:
sharing of the license is copying of the license or moving of the license, and sharing of rights is copying of the rights or moving of the rights;
when sharing of the license is moving of the license, the method further comprises: triggering, by the DRM agent, the first SRM to delete the license;
when the sharing of the license is copying of the license, the deducting of one right of sharing the license by the DRM agent comprise: deducting, by the DRM agent, one right of copying of the license on the first SRM, wherein the license sent by the DRM agent to the second SRM does not comprise the copying right; or, deducting, by the DRM agent, one right of copying of the license sent to the second SRM, and deducting all rights of copying the license on the first SRM.
3. The method of claim 1 , further comprising:
keeping, by the DRM agent, a log in the forwarding process, wherein the log comprises at least one of a operation type, a current state, a license identifier, an identifier of the first SRM, a first handle on the first SRM corresponding to the license, an identifier of the second SRM, and a second handle on the second SRM corresponding to the license;
when the sharing of the license is interrupted, the method further comprises:
continuing, by the DRM agent, sending the license to the second SRM according to the log;
or,
recovering, by the DRM agent, the license on the first SRM according to the log.
4. The method of claim 1 , wherein the sending of the license by the DRM agent to the second SRM comprises:
forwarding, by the DRM agent, the license to the second SRM through another DRM agent.
5. A method for sharing a license, comprising:
triggering, by a Digital Rights Management (DRM) agent, a first Secure Removable Medium (SRM) and a second SRM to negotiate a shared key;
encrypting, by the first SRM, partial or complete information of the license by using the shared key; and
sending the license to the second SRM.
6. The method of claim 5 , wherein: before the first SRM sends the license to the second SRM, the method further comprises:
performing, by the first SRM, integrity protection for partial or complete information of the license by using the shared key.
7. The method of claim 5 , wherein: after the first SRM sends the license to the second SRM, the method further comprises:
authenticating, by the second SRM, the license, and deducting one right of sharing the license after the authentication succeeds.
8. The method of claim 5 , wherein: before the first SRM sends the license to the second SRM, the method further comprises:
deducting, by the first SRM, one right of sharing the license.
9. The method of claim 5 , wherein the sending of the license by the first SRM to the second SRM comprises:
sending, by the first SRM, the license to the second SRM through the DRM agent; and
authenticating, by the DRM agent, the license in a forwarding process, and deducting one right of sharing the license.
10. The method of claim 5 , wherein the triggering, by the DRM agent , the first SRM and the second SRM to negotiate the shared key comprises:
initiating, by the DRM agent, an authentication process to the first SRM, and obtaining a first SRM certificate chain;
initiating, by the DRM agent, an authentication process to the second SRM, sending the obtained first SRM certificate chain to the second SRM, and obtaining a second SRM certificate chain and a second random number from the second SRM, wherein the second random number is encrypted through a first SRM public key;
initiating, by the DRM agent, a key exchange process to the first SRM, sending the second SRM certificate chain and the second random number encrypted through the first SRM public key to the first SRM, and obtaining a first random number encrypted through a second SRM public key from the first SRM;
initiating, by the DRM agent, a key exchange process to the second SRM, and sending the first random number encrypted through the second SRM public key to the second SRM; and
using, by the first SRM and the second SRM, the first random number and the second random number to determine the shared key.
11. A method for sharing a license, comprising:
sending, by a first Digital Rights Management (DRM) agent, the license to an Rights Issuer (RI) after obtaining the license from a first Secure Removable Medium (SRM);
obtaining, by a second DRM agent, the license from the RI; and
sending, by a second DRM agent, the license to a second SRM.
12. The method of claim 11 , wherein: before the second DRM agent obtains the license from the RI, the method further comprises:
generating, by the RI, a license bound to the second SRM according to the license obtained from the first SRM.
13. The method of claim 11 , wherein: before the second DRM agent obtains the license from the RI, the method further comprises:
verifying, by the RI, that the first SRM and the second SRM belong to the same subscriber.
14. A method for sharing a license, comprising:
sending, by a Digital Rights Management (DRM) agent, the license obtained from a first Secure Removable Medium (SRM) to a second SRM after determining that the first SRM and the second SRM belong to a same subscriber.
15. The method of claim 14 , wherein the determining of that the first SRM and the second SRM belong to the same subscriber by the DRM agent comprises:
sending, by the DRM agent, a query message that carries an identifier of the first SRM to the RI or a subscriber manage server to query a subscriber to whom the first SRM belongs;
sending, by the DRM agent, a query message that carries an identifier of the second SRM to the RI or a subscriber manager to query a subscriber to whom the second SRM belongs; and
verifying, by the DRM agent, whether the first SRM and the second SRM belong to the same subscriber;
or,
sending, by the DRM agent, a query message that carries the identifier of the first SRM and the identifier of the second SRM to the RI or subscriber manage server to verify whether the first SRM and the second SRM belong to the same subscriber; and
returning, by the RI or the subscriber manage server, a query response to the DRM agent, indicating whether the first SRM and the second SRM belong to the same subscriber.
16. An apparatus for sharing a license, comprising:
an obtaining unit, configured to obtain the license from a first Secure Removable Medium (SRM);
a forwarding setting unit, configured to set the obtained license to a forwarding state;
a sending unit, configured to send the obtained license to a second SRM; and
a controlling unit, configured to deduct one right of sharing the license.
17. The apparatus of claim 16 , further comprising:
a deletion requesting unit, configured to request the first SRM to delete the license; and
a deletion response receiving unit, configured to receive a license deletion response returned by the first SRM.
18. An apparatus for sharing a license, comprising:
a Secure Removable Media (SRM) interacting unit, configured to trigger a first SRM and a second SRM to perform key negotiation; and
a forwarding unit, configured to forward the license of the first SRM to the second SRM.
19. An apparatus for sharing a license between a first Secure Removable Media (SRM) and a second SRM, located in the first SRM, comprising:
a key negotiating unit, configured to perform key negotiation with the second SRM;
a processing unit, configured to encrypt partial information or complete information of the license by using a shared key negotiated with the second SRM; and
a sending unit, configured to send the license to the second SRM.
20. The apparatus of claim 19 , further comprising:
a deleting unit, configured to delete a local license after confirming that the second SRM receives the license.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/719,681 US8719956B2 (en) | 2008-07-29 | 2012-12-19 | Method and apparatus for sharing licenses between secure removable media |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2008101347663A CN101640589B (en) | 2008-07-29 | 2008-07-29 | Method and device for sharing license between safe and removable media |
CN200810134766.3 | 2008-07-29 | ||
PCT/CN2009/071721 WO2010012169A1 (en) | 2008-07-29 | 2009-05-11 | Method and device of sharing license between secure removable media |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2009/071721 Continuation WO2010012169A1 (en) | 2008-07-29 | 2009-05-11 | Method and device of sharing license between secure removable media |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/719,681 Continuation US8719956B2 (en) | 2008-07-29 | 2012-12-19 | Method and apparatus for sharing licenses between secure removable media |
Publications (1)
Publication Number | Publication Date |
---|---|
US20110119494A1 true US20110119494A1 (en) | 2011-05-19 |
Family
ID=41609935
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/982,350 Abandoned US20110119494A1 (en) | 2008-07-29 | 2010-12-30 | Method and apparatus for sharing licenses between secure removable media |
US13/719,681 Active US8719956B2 (en) | 2008-07-29 | 2012-12-19 | Method and apparatus for sharing licenses between secure removable media |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/719,681 Active US8719956B2 (en) | 2008-07-29 | 2012-12-19 | Method and apparatus for sharing licenses between secure removable media |
Country Status (4)
Country | Link |
---|---|
US (2) | US20110119494A1 (en) |
EP (1) | EP2323065A4 (en) |
CN (1) | CN101640589B (en) |
WO (1) | WO2010012169A1 (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110072495A1 (en) * | 2009-09-22 | 2011-03-24 | Chu Younsung | Method for using rights to contents |
US20130152209A1 (en) * | 2011-12-12 | 2013-06-13 | Microsoft Corporation | Facilitating System Service Request Interactions for Hardware-Protected Applications |
US8903705B2 (en) | 2010-12-17 | 2014-12-02 | Microsoft Corporation | Application compatibility shims for minimal client computers |
US9319407B1 (en) * | 2014-04-18 | 2016-04-19 | Sprint Communications Company L.P. | Authentication extension to untrusted devices on an untrusted network |
US9323921B2 (en) | 2010-07-13 | 2016-04-26 | Microsoft Technology Licensing, Llc | Ultra-low cost sandboxing for application appliances |
US9413538B2 (en) | 2011-12-12 | 2016-08-09 | Microsoft Technology Licensing, Llc | Cryptographic certification of secure hosted execution environments |
US9495183B2 (en) | 2011-05-16 | 2016-11-15 | Microsoft Technology Licensing, Llc | Instruction set emulation for guest operating systems |
US9588803B2 (en) | 2009-05-11 | 2017-03-07 | Microsoft Technology Licensing, Llc | Executing native-code applications in a browser |
US20210232662A1 (en) * | 2020-01-29 | 2021-07-29 | Nusantao, Inc. | Methods to protect stakeholders' algorithms and information in untrusted environments |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP6126839B2 (en) * | 2012-12-26 | 2017-05-10 | クラリオン株式会社 | Service management apparatus, program, and service management method |
JP6269209B2 (en) * | 2014-03-18 | 2018-01-31 | 富士通株式会社 | Information processing apparatus, method, and program |
CN105721515B (en) * | 2014-12-02 | 2019-06-07 | 鸿富锦精密工业(深圳)有限公司 | The method of cloud agent equipment, cloud disk and archives transfer |
TW201621695A (en) | 2014-12-02 | 2016-06-16 | 鴻海精密工業股份有限公司 | Cloud agent, cloud storage and file transferring method |
CN106331011B (en) * | 2015-06-30 | 2020-06-16 | 中兴通讯股份有限公司 | Method and device for sharing license resources among multiple virtual network functions |
US9841999B2 (en) | 2015-07-31 | 2017-12-12 | Futurewei Technologies, Inc. | Apparatus and method for allocating resources to threads to perform a service |
US10162016B2 (en) | 2016-03-08 | 2018-12-25 | Texas Instruments Incorporated | Reduction of magnetic sensor component variation due to magnetic materials through the application of magnetic field |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050149350A1 (en) * | 2003-12-24 | 2005-07-07 | Kerr Roger S. | Patient information management system and method |
US20050210249A1 (en) * | 2004-03-22 | 2005-09-22 | Samsung Electronics Co., Ltd. | Apparatus and method for moving and copying rights objects between device and portable storage device |
US20070157318A1 (en) * | 2005-11-11 | 2007-07-05 | Lg Electronics Inc. | Method and apparatus for managing digital rights of secure removable media |
US20080103977A1 (en) * | 2006-10-31 | 2008-05-01 | Microsoft Corporation | Digital rights management for distributed devices |
Family Cites Families (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3928561B2 (en) | 2003-01-23 | 2007-06-13 | ソニー株式会社 | Content distribution system, information processing apparatus or information processing method, and computer program |
KR101169021B1 (en) * | 2004-05-31 | 2012-07-26 | 삼성전자주식회사 | Method and Apparatus for sending right object information between device and portable storage |
KR101100391B1 (en) * | 2004-06-01 | 2012-01-02 | 삼성전자주식회사 | Method for playbacking content using portable storage by digital rights management, and portable storage for the same |
EP1632828A1 (en) * | 2004-09-02 | 2006-03-08 | Axalto SA | DRM system for device communicating with a portable device |
KR100608605B1 (en) * | 2004-09-15 | 2006-08-03 | 삼성전자주식회사 | Method and apparatus for digital rights management |
JP4718560B2 (en) * | 2005-01-13 | 2011-07-06 | サムスン エレクトロニクス カンパニー リミテッド | Digital rights management apparatus and method |
JP4786222B2 (en) * | 2005-05-11 | 2011-10-05 | 株式会社エヌ・ティ・ティ・ドコモ | Digital rights management system, content server, and portable terminal |
BRPI0614667A2 (en) * | 2005-08-12 | 2011-04-12 | Lg Electronics Inc | method for moving rights object in digital rights management |
US8554927B2 (en) * | 2005-10-11 | 2013-10-08 | Lg Electronics Inc. | Method for sharing rights object in digital rights management and device and system thereof |
KR20070053032A (en) * | 2005-11-18 | 2007-05-23 | 엘지전자 주식회사 | Method and system for digital rights management among apparatuses |
US8671452B2 (en) * | 2006-01-26 | 2014-03-11 | Lg Electronics Inc. | Apparatus and method for moving rights object from one device to another device via server |
US7526451B2 (en) * | 2006-02-03 | 2009-04-28 | Motorola, Inc. | Method of transferring digital rights |
CN101086752B (en) * | 2006-06-08 | 2012-05-23 | 华为技术有限公司 | Method and device for realizing permission sharing through intermediate equipment |
CN101127064A (en) | 2006-08-18 | 2008-02-20 | 华为技术有限公司 | Method and system for backuping and resuming licence |
US20080047006A1 (en) * | 2006-08-21 | 2008-02-21 | Pantech Co., Ltd. | Method for registering rights issuer and domain authority in digital rights management and method for implementing secure content exchange functions using the same |
US9112874B2 (en) * | 2006-08-21 | 2015-08-18 | Pantech Co., Ltd. | Method for importing digital rights management data for user domain |
FR2906096B1 (en) * | 2006-09-19 | 2008-10-24 | Radiotelephone Sfr | METHOD FOR SECURING SESSIONS BETWEEN A RADIO TERMINAL AND EQUIPMENT IN A NETWORK |
KR20080029766A (en) | 2006-09-29 | 2008-04-03 | 엘지전자 주식회사 | Method and terminal for authenticating between two devices |
US8892887B2 (en) * | 2006-10-10 | 2014-11-18 | Qualcomm Incorporated | Method and apparatus for mutual authentication |
KR100948384B1 (en) * | 2006-11-29 | 2010-03-22 | 삼성전자주식회사 | Method for moving rights object and device that is moving rights object and portable storage device |
KR20080063601A (en) * | 2007-01-02 | 2008-07-07 | 삼성전자주식회사 | Apparatus and method for transmission of content rights through multimedia message in mobile communication system |
US20080313085A1 (en) * | 2007-06-14 | 2008-12-18 | Motorola, Inc. | System and method to share a guest version of rights between devices |
KR101486377B1 (en) * | 2007-08-31 | 2015-01-26 | 엘지전자 주식회사 | Method for supporting post browsing in moving rights object of digital rights management and terminal thereof |
US8452927B2 (en) * | 2008-01-02 | 2013-05-28 | Sandisk Technologies Inc. | Distributed storage service systems and architecture |
US8819838B2 (en) * | 2008-01-25 | 2014-08-26 | Google Technology Holdings LLC | Piracy prevention in digital rights management systems |
-
2008
- 2008-07-29 CN CN2008101347663A patent/CN101640589B/en active Active
-
2009
- 2009-05-11 WO PCT/CN2009/071721 patent/WO2010012169A1/en active Application Filing
- 2009-05-11 EP EP20090802362 patent/EP2323065A4/en not_active Withdrawn
-
2010
- 2010-12-30 US US12/982,350 patent/US20110119494A1/en not_active Abandoned
-
2012
- 2012-12-19 US US13/719,681 patent/US8719956B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050149350A1 (en) * | 2003-12-24 | 2005-07-07 | Kerr Roger S. | Patient information management system and method |
US20050210249A1 (en) * | 2004-03-22 | 2005-09-22 | Samsung Electronics Co., Ltd. | Apparatus and method for moving and copying rights objects between device and portable storage device |
US20070157318A1 (en) * | 2005-11-11 | 2007-07-05 | Lg Electronics Inc. | Method and apparatus for managing digital rights of secure removable media |
US20080103977A1 (en) * | 2006-10-31 | 2008-05-01 | Microsoft Corporation | Digital rights management for distributed devices |
Non-Patent Citations (1)
Title |
---|
Mobile Boradcast DRM based on USer Identity Card. Lee, Byung-Rae. EURASIP Journal, Vol 2007. * |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10824716B2 (en) | 2009-05-11 | 2020-11-03 | Microsoft Technology Licensing, Llc | Executing native-code applications in a browser |
US9588803B2 (en) | 2009-05-11 | 2017-03-07 | Microsoft Technology Licensing, Llc | Executing native-code applications in a browser |
US20110072495A1 (en) * | 2009-09-22 | 2011-03-24 | Chu Younsung | Method for using rights to contents |
US8955053B2 (en) * | 2009-09-22 | 2015-02-10 | Lg Electronics Inc. | Method for using rights to contents |
US9589113B2 (en) | 2009-09-22 | 2017-03-07 | Lg Electronics Inc. | Method for using rights to contents |
US9323921B2 (en) | 2010-07-13 | 2016-04-26 | Microsoft Technology Licensing, Llc | Ultra-low cost sandboxing for application appliances |
US8903705B2 (en) | 2010-12-17 | 2014-12-02 | Microsoft Corporation | Application compatibility shims for minimal client computers |
US9495183B2 (en) | 2011-05-16 | 2016-11-15 | Microsoft Technology Licensing, Llc | Instruction set emulation for guest operating systems |
US10289435B2 (en) | 2011-05-16 | 2019-05-14 | Microsoft Technology Licensing, Llc | Instruction set emulation for guest operating systems |
US9425965B2 (en) | 2011-12-12 | 2016-08-23 | Microsoft Technology Licensing, Llc | Cryptographic certification of secure hosted execution environments |
US9413538B2 (en) | 2011-12-12 | 2016-08-09 | Microsoft Technology Licensing, Llc | Cryptographic certification of secure hosted execution environments |
US9389933B2 (en) * | 2011-12-12 | 2016-07-12 | Microsoft Technology Licensing, Llc | Facilitating system service request interactions for hardware-protected applications |
US20130152209A1 (en) * | 2011-12-12 | 2013-06-13 | Microsoft Corporation | Facilitating System Service Request Interactions for Hardware-Protected Applications |
US9319407B1 (en) * | 2014-04-18 | 2016-04-19 | Sprint Communications Company L.P. | Authentication extension to untrusted devices on an untrusted network |
US20210232662A1 (en) * | 2020-01-29 | 2021-07-29 | Nusantao, Inc. | Methods to protect stakeholders' algorithms and information in untrusted environments |
Also Published As
Publication number | Publication date |
---|---|
US8719956B2 (en) | 2014-05-06 |
CN101640589A (en) | 2010-02-03 |
EP2323065A4 (en) | 2011-12-07 |
US20130111604A1 (en) | 2013-05-02 |
CN101640589B (en) | 2012-11-07 |
WO2010012169A1 (en) | 2010-02-04 |
EP2323065A1 (en) | 2011-05-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8719956B2 (en) | Method and apparatus for sharing licenses between secure removable media | |
JP5977292B2 (en) | Digital rights management using trusted processing technology | |
US11853438B2 (en) | Providing cryptographically secure post-secrets-provisioning services | |
CN102099810B (en) | Mobile device assisted secure computer network communications | |
JP2009087035A (en) | Encryption client device, encryption package distribution system, encryption container distribution system, encryption management server device, solftware module management device and software module management program | |
TW200828944A (en) | Simplified management of authentication credientials for unattended applications | |
WO2020253105A1 (en) | Authorization management method, system, apparatus, and computer readable storage medium | |
WO2007086015A2 (en) | Secure transfer of content ownership | |
EP2088530A2 (en) | Method for joining user domain and method for exchanging information in user domain | |
CN115066863A (en) | Systems and techniques for cross-account device key transfer in a benefit denial system | |
EP1843274B1 (en) | Digital rights management system | |
US20110154436A1 (en) | Provider Management Methods and Systems for a Portable Device Running Android Platform | |
JP6533542B2 (en) | Secret key replication system, terminal and secret key replication method | |
JP2006072808A (en) | Access control system and method of electronic file | |
JP2008083937A (en) | Information processor, management method and computer program | |
JP4740560B2 (en) | How to use content management | |
CN102752105B (en) | Method and the device of license is shared between safe and removable media | |
Culnane et al. | Formalising Application-Driven Authentication & Access-Control based on Users’ Companion Devices | |
JP5483754B2 (en) | Software module management apparatus and software module management program | |
CN114938299A (en) | Device authorization method and device based on application service interface | |
JP2006066960A (en) | Storage device, storing method and program | |
WO2009015607A1 (en) | Method, system and device for performing domain management for user device by domain manager | |
JP2006244026A (en) | Task execution system and method, and task executing computer and program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: HUAWEI TECHNOLOGIES CO., LTD., CHINA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HUANG, CHEN;ZHANG, RENZHOU;ZHOU, ZHIPENG;AND OTHERS;REEL/FRAME:025721/0703 Effective date: 20110110 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |