WO2003065362A2 - Methods and system for authorizing record replication - Google Patents

Methods and system for authorizing record replication Download PDF

Info

Publication number
WO2003065362A2
WO2003065362A2 PCT/IB2003/000104 IB0300104W WO03065362A2 WO 2003065362 A2 WO2003065362 A2 WO 2003065362A2 IB 0300104 W IB0300104 W IB 0300104W WO 03065362 A2 WO03065362 A2 WO 03065362A2
Authority
WO
WIPO (PCT)
Prior art keywords
response
fingeφrints
tracks
replication
authoritative
Prior art date
Application number
PCT/IB2003/000104
Other languages
French (fr)
Other versions
WO2003065362A3 (en
Inventor
Jakobus Middeljans
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Priority to BR0302854-2A priority Critical patent/BR0302854A/en
Publication of WO2003065362A2 publication Critical patent/WO2003065362A2/en
Publication of WO2003065362A3 publication Critical patent/WO2003065362A3/en

Links

Classifications

    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00855Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a step of exchanging information with a remote server
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00094Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which result in a restriction to authorised record carriers
    • G11B20/00123Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which result in a restriction to authorised record carriers the record carrier being identified by recognising some of its unique characteristics, e.g. a unique defect pattern serving as a physical signature of the record carrier
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00884Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a watermark, i.e. a barely perceptible transformation of the original data which can nevertheless be recognised by an algorithm

Definitions

  • the invention relates to a method of obtaining authorization for a media carrier replication process, to a method of authorizing a media carrier replication process, to a replication system and to a verifying system.
  • replication One of the most common ways to distribute content such as music, songs, movies, television programs, pictures and the likes, is to produce a number of physical media carriers like CDs or DNDs that can be sold in stores.
  • the process of producing media carriers is called replication.
  • a replication plant receives a master from a content producer such as a record label or television studio, together with an order for a certain number of copies.
  • Various techniques are available to create these copies, such as making pressed discs, also known as replicates, from the master (replication) or writing the copies to a blank CD or DND disc (duplication).
  • the replication plant is responsible for verifying the copyright status of the tracks (i.e., the individual songs, movies, video clips and so on) on the master.
  • This object is achieved according to the invention in a method comprising receiving a master recording comprising a number of tracks, computing respective fingerprints for each of said number of tracks, submitting the computed finge rints to a verifying server, and authorizing the replication process in dependence on a response received from the verifying server.
  • a fingerprint of a multimedia object is a representation of the most relevant perceptual features of the object in question.
  • Such finge ⁇ rints are sometimes also known as "(robust) hashes”.
  • the finge ⁇ rints of a large number of multimedia objects along with their associated respective metadata, such as the title, artist, genre and so on, are stored in a database.
  • the metadata of a multimedia object is retrieved by computing its finge ⁇ rint and performing a lookup or query in the database using the computed finge ⁇ rint as a lookup key or query parameter.
  • the lookup then returns the metadata associated with the finge ⁇ rint.
  • finge ⁇ rinting is used to identify the tracks on the master recording. Based on the identifying information, a determination can be made of who the copyright holder is for these tracks, and/or whether the replication process is authorized.
  • the finge ⁇ rints are computed inside the replication plant and then transmitted to the verifying server.
  • the verifying server identifies the tracks using the finge ⁇ rints, and checks whether authorization has been granted by the content owner(s) for replication. If so, it issues a positive response and the replication plant can initiate the process.
  • the process of obtaining authorization can be completely automated. Further, the accuracy of the authorization process is increased, as it is no longer necessary to manually check the information.
  • the verifying server is trusted to supply accurate information, and the chance of errors in the process is thereby reduced. Security is increased too, as the authorization no longer relies on possibly falsified information regarding the tracks and/or the source of the master recording.
  • the response comprises an authoritative track list.
  • This embodiment has the advantage that the replication plant now not only can verify that replication is authorized, but also now has an accurate set of metadata for the tracks. It can then e.g. add this metadata to the media carriers it replicates, or correct any errors in a preliminary track list it received together with the master recording.
  • the method further comprises verifying a digital signature associated with the response.
  • This embodiment has the advantage that the response can now be verified as authentic if the digital signature checks out. If the replication plant proceeds with replication based on a positive response with a valid digital signature, it can later easily argue that the copies were made in good faith. This makes it easier to combat copyright infringement accusations.
  • the master recording is in an electronic format.
  • this format is a secure electronic format. This has the advantage that no physical masters are necessary, and that the tracks on the master do not have to be converted to an electronic format for the prnpose of computing the finge ⁇ rints.
  • This object is achieved according to the invention in a method comprising receiving a number of finge ⁇ rints from a replication system, matching each of said finge ⁇ rints against entries in a database to obtain respective identifiers, comparing the obtained identifiers against authoritative track lists, and transmitting a positive response to the replication system in dependence on the comparison.
  • This method when executed by a party independent from the operator of the replication system, allows for independent authorization of the replication process.
  • the database is used to identify the tracks based on the finge ⁇ rints submitted under replication system, and content producers supply authoritative track lists to indicate which master recordings may be replicated. Having identified the tracks, it suffices to check the identified tracks against the authoritative lists to determine whether authorization should be given.
  • the response comprises an authoritative track list matching the obtained identifiers. Using this authoritative track list, the replication system can determine the accuracy of the track list it received together with the master recording. In a further embodiment the method further comprises generating a digital signature for the response and transmitting the digital signature to the replication system. The digital signature allows the replication system to verify the authenticity of the response.
  • FIG. 1 schematically illustrates a content replication system
  • Fig. 2 schematically shows a verifying server in more detail.
  • Fig. 1 schematically illustrates a content replication system 100 comprising a content producer 101, a replication plant 110, and a verifying server 120.
  • the content producer 101 collects a number of multimedia objects, such as music or other forms of audio recordings, movies, television programs and so on. These objects could be made by the content producer 101 itself, or be bought or licensed from another content producer.
  • the collected objects are stored on a master recording 102 in the form of a number of tracks.
  • the master recording 102 in this embodiment is a physical media carrier, it could equally well be an electronic recording, for instance in the form of a number of digital files each representing one or more tracks.
  • the digital files represent the tracks in a secure format, e.g. by using encryption.
  • the content producer 101 supplies the master recording 102 to the replication plant 110 together with an order to replicate (produce) a number of copies 112. These copies 112 can then be brought to the market, for example by distributing them to stores, or by offering them for sale in an e-commerce system. The copies 112 could also be distributed to radio stations or to other destinations, as is well known in the art. It is assumed that the tracks on the master recording 102 are protected by copyright. Since ordinarily the making of copies 112 from master recording 102 is one of tlie exclusive rights of the copyright holder, the replication plant 110 needs permission before it can start the replication process. This permission should include an identification of the tracks, so that later no misunderstandings can arise concerning which tracks were allowed to be copied.
  • the tracks on the master recording 102 are received by reception module 111 and from there fed to finge ⁇ rinting module 113.
  • the finge ⁇ rinting module 113 then generates a so-called robust finge ⁇ rint for the received tracks.
  • International patent application WO02/065782 (attorney docket PHNLOIOI 10) describes a method that generates robust finge ⁇ rints for multimedia objects such as, for example, audio clips.
  • the audio clip is divided in successive (preferably overlapping) time intervals. For each time interval, the frequency spectrum is divided in bands.
  • a robust property of each band e.g.
  • a multimedia object is thus represented by a finge ⁇ rint comprising a concatenation of binary values, one for each time interval.
  • the fmge ⁇ rint does not need to be computed over the whole multimedia object, but can be computed when a portion of a certain length, typically about three seconds, has been received.
  • the finge ⁇ rinting module 202 then supplies the computed finge ⁇ rint to the DBMS backend module 203.
  • the finge ⁇ rinting module 113 then feeds the computed finge ⁇ rints to a communication module 114.
  • This module 114 establishes a connection 115 with the verifying server 120, e.g. over the Internet or using a dial-up telephone connection.
  • Establishing the connection may involve authentication procedures, preferably mutual. This way both parties in the communication can be relatively sure that they are communicating with the correct other party.
  • the communication module 114 submits the finge ⁇ rints to the verifying server 120.
  • the verifying server 120 then performs a database lookup in database 121, which contains a number of previously computed finge ⁇ rints and associated identifiers, to obtain respective identifiers associated with the respective received finge ⁇ rints. The operations by the verifying server 120 to do so are explained with reference to Fig. 2 below.
  • the verifying server 120 determines whether permission to replicate (or duplicate, depending on the process used) should be granted. This permission is then transmitted back as a positive response to the communication module 114 in the replicating plant 110. If no permission should be granted, a negative response is transmitted instead.
  • the communication module 114 Upon receiving a response 116 from the verifying server 120, the communication module 114 determines whether the permission is positive or negative, and if it is positive signals that the replication process can be started.
  • the signal could be as simple as displaying or otherwise rendering a confirmation to an operator (giving "the green light"), but in an automated replication plant the signal could be sent electronically to the replicating equipment, causing that equipment to start automatically.
  • the response 116 includes a digital signature.
  • the communication module 114 is then equipped with a digital certificate for the verifying server 120. Using this certificate, the communication module 114 can verify whether the digital signature is authentic and whether the response has been tampered with. Verifying digital signatures using digital certificates is well known in the field of cryptography. If the response has been tampered with, the communication module 114 should alert an operator, as this might be an indication of a possible fraud or an error in the communication channel between verifying server 120 and replication plant 110.
  • Fig. 2 schematically shows the verifying server 120 in more detail.
  • the server 120 here comprises an input module 201, an optional finge ⁇ rinting module 202, a Database Management System (DBMS) backend module 203, and a response module 204.
  • DBMS Database Management System
  • the input module 201 is activated when the communication module 114 contacts the server 120.
  • the input module 201 receives a number of finge ⁇ rints from the communication module 114 and feeds them to the DBMS backend module 203.
  • the input module 201 receives a plurality of audio clips through the connection established with the communication module 114 instead of a number of finge ⁇ rints. These audio clips are then fed to the finge ⁇ rinting module 202.
  • the finge ⁇ rinting module 202 computes a finge ⁇ rint from the received audio clip. In this alternative embodiment, it is no longer necessary to have the finge ⁇ rinting module 113 in the replication plant 110. It should be replaced with a module that can extract audio clips of sufficient quality to allow the finge ⁇ rinting module 202 to compute the finge ⁇ rint after receiving the clips over the connection between communication module 114 and input module 201.
  • the DBMS backend module 203 performs a query on the database 211 to retrieve a set of metadata associated with the received finge ⁇ rints from the database 211.
  • the database 121 comprises finge ⁇ rints FP1, FP2, FP3, FP4 and FP5 and respective associated sets of metadata MDS1, MDS2, MDS3, MDS4 and MDS5.
  • the above- mentioned patent application WO02/065782 describes various matching strategies for matching finge ⁇ rints computed for an audio clip with finge ⁇ rints stored in a database.
  • One disclosed method of matching a finge ⁇ rint representing an unknown information signal with a plurality of finge ⁇ rints of identified information signals stored in a database to identify the unknown signal uses reliability information of the extracted finge ⁇ rint bits.
  • the finge ⁇ rint bits are determined by computing features of an information signal and thresholding said features to obtain the finge ⁇ rint bits. If a feature has a value very close to the threshold, a small change in the signal may lead to a finge ⁇ rint bit with opposite value.
  • the absolute value of the difference between feature value and threshold is used to mark each finge ⁇ rint bit as reliable or unreliable. The reliabilities are subsequently used to improve the actual matching procedure.
  • the database 121 can be organized in various ways to optimize query time and/or data organization.
  • the output of the finge ⁇ rinting module 113 (or finge ⁇ rinting module 202) should be taken into account when designing the tables in the database 121.
  • the database 121 comprises a single table with entries (records) comprising respective finge ⁇ rints and sets of metadata.
  • a first table comprises a plurality of unique identifiers (primary keys) each associated with respective sets of metadata.
  • Such tables can be obtained from various music identification sources. The combination of artist, title and year of release could be combined to form a unique identifier, although this is not guaranteed to be unique, so preferably a really globally unique value is used.
  • a second table is then set up with entries comprising for each multimedia object the finge ⁇ rints and the unique identifiers from the first table. This way, multiple finge ⁇ rints can be associated with one set of metadata without having to duplicate the metadata. If multiple finge ⁇ rints are possible for one multimedia object, all these finge ⁇ rints are stored in the second table, all associated with the one unique identifier for that multimedia object.
  • the DBMS backend module 203 then matches the received finge ⁇ rints against the finge ⁇ rints in the second table, obtains an identifier and matches the identifier against the first table to obtain the metadata. If the database 211 is an SQL database, the two tables could be joined on the identifier.
  • the DBMS backend module 203 feeds the results of the query to the response module 204, which determines whether to give a positive or negative response to the communication module 114 based on the query results (i.e. the obtained identifiers).
  • the content producer 101 When the content producer 101 creates the master recording 102, it also creates an authoritative track list 103 for the tracks on the master recording 102. The content producer 101 transmits this authoritative track list 103 to the verifying server 120, where it is received and made accessible to the response module 204. Additionally, the content producer 101 should supply finge ⁇ rints and identifiers for the tracks on the master recording 102, which are then added to the database 121. This way the finge ⁇ rints computed by the replicating plant 110 can be found in the database 121.
  • the response module 204 attempts to match the results of the query with the authoritative track list 103. If a match is found, then the response module 204 concludes that the replicating plant 110 is authorized to perform the replication process. A positive response should then be given to the replicating plant 110.
  • the response module 204 concludes that the master recording for which finge ⁇ rints were supplied is not a legitimate master recording, and so a negative response should be given to the replicating plant 110.
  • the response module 204 could cause the matching authoritative track list to be deleted. This way, an illegal copy of the master recording 102 cannot be replicated again later, as a subsequent attempt to obtain authorization will fail due to a lacking matching authoritative track list.
  • response module 204 could keep track of the number of times a match was found with a particular authoritative track list.
  • the content provider 101 can then use this information to check on the replicating plant 110.
  • the response 116 given by the verifying server 120 may include the authoritative track list 103. This way the replicating plant 110 obtains accurate metadata for the tracks together with authorization to replicate. The metadata could then be included on the copies 112.
  • the response module 204 transmits the response to the communication module 114, so that the correct action can be taken in the replication plant 110, as set out above with reference to Fig. 1.
  • the transmitted response includes a digital signature, allowing the communication module 114 to verify its authenticity.
  • any reference signs placed between parentheses shall not be construed as limiting the claim.
  • the word “comprising” does not exclude the presence of elements or steps other than those listed in a claim.
  • the word “a” or “an” preceding an element does not exclude the presence of a plurality of such elements.
  • the invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer.
  • the device claim enumerating several means several of these means can be embodied by one and the same item of hardware.
  • the mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

A replicating plant (110) receives a master recording (102) comprising a number of tracks from a content producer (101). The audio fingerprints of the tracks are computed and submitted to a verifying server (120). The server performs a database lookup to identify the tracks based on the submitted fingerprints. The list with identified tracks is then compared against authoritative lists (103) submitted by content providers (101). If a match is found, the verifying server (120) transmits a positive response to the replicating plant (110), otherwise it transmits a negative response. Preferably the response is digitally signed to allow the replicating plant (110) to verify its authenticity. The response may include the matching authoritative track list, so that the replicating plant (110) also obtains accurate metadata for the tracks. This metadata could then be included in the replicated copies (112).

Description

Methods and system for authorizing record replication
The invention relates to a method of obtaining authorization for a media carrier replication process, to a method of authorizing a media carrier replication process, to a replication system and to a verifying system.
One of the most common ways to distribute content such as music, songs, movies, television programs, pictures and the likes, is to produce a number of physical media carriers like CDs or DNDs that can be sold in stores. The process of producing media carriers is called replication. Typically, a replication plant receives a master from a content producer such as a record label or television studio, together with an order for a certain number of copies. Various techniques are available to create these copies, such as making pressed discs, also known as replicates, from the master (replication) or writing the copies to a blank CD or DND disc (duplication). The replication plant is responsible for verifying the copyright status of the tracks (i.e., the individual songs, movies, video clips and so on) on the master. Today this is done based on paper information supplied together with the master, containing amongst other things metadata like artist, title and so on. This makes the present system vulnerable against attacks in which unauthorized copies of the master are supplied to a replication plant together with falsified information on copyright status. The replication plant is then duped into producing unauthorized media carriers, which could lead to copyright infringement lawsuits.
To improve this situation, at the time of writing of this document plans are underway to implement on-line connections between content producers and replication plants. This would allow master recordings to be distributed in a secure fashion, e.g. by encrypting the tracks before on-line transmission. However, this does not solve the problem that falsified (copyright) information can be supplied to the replication plant. If a pirate were to supply an unauthorized master recording together with information identifying himself as the copyright holder, the replication plant still has no way of verifying the authenticity of that information. It is an object of the invention to provide a method of obtaining authorization for a media carrier replication process, which allows the detection of falsified information. This object is achieved according to the invention in a method comprising receiving a master recording comprising a number of tracks, computing respective fingerprints for each of said number of tracks, submitting the computed finge rints to a verifying server, and authorizing the replication process in dependence on a response received from the verifying server. A fingerprint of a multimedia object is a representation of the most relevant perceptual features of the object in question. Such fingeφrints are sometimes also known as "(robust) hashes". The fingeφrints of a large number of multimedia objects along with their associated respective metadata, such as the title, artist, genre and so on, are stored in a database. The metadata of a multimedia object is retrieved by computing its fingeφrint and performing a lookup or query in the database using the computed fingeφrint as a lookup key or query parameter. The lookup then returns the metadata associated with the fingeφrint.
An example of a method of computing such a fingeφrint is described in International patent application WO 02/065782 (attorney docket PHNL010110), as well as in Jaap Haitsma, Ton Kalker and Job Oostveen, "Robust Audio Hashing For Content Identification", International Workshop on Content-Based Multimedia Indexing, Brescia, September 2001.
Another example method is disclosed in WO 02/37316. According to the present invention, fingeφrinting is used to identify the tracks on the master recording. Based on the identifying information, a determination can be made of who the copyright holder is for these tracks, and/or whether the replication process is authorized. The fingeφrints are computed inside the replication plant and then transmitted to the verifying server. The verifying server identifies the tracks using the fingeφrints, and checks whether authorization has been granted by the content owner(s) for replication. If so, it issues a positive response and the replication plant can initiate the process. Using the above method the process of obtaining authorization can be completely automated. Further, the accuracy of the authorization process is increased, as it is no longer necessary to manually check the information. The verifying server is trusted to supply accurate information, and the chance of errors in the process is thereby reduced. Security is increased too, as the authorization no longer relies on possibly falsified information regarding the tracks and/or the source of the master recording.
In an embodiment the response comprises an authoritative track list. This embodiment has the advantage that the replication plant now not only can verify that replication is authorized, but also now has an accurate set of metadata for the tracks. It can then e.g. add this metadata to the media carriers it replicates, or correct any errors in a preliminary track list it received together with the master recording.
In a further embodiment the method further comprises verifying a digital signature associated with the response. This embodiment has the advantage that the response can now be verified as authentic if the digital signature checks out. If the replication plant proceeds with replication based on a positive response with a valid digital signature, it can later easily argue that the copies were made in good faith. This makes it easier to combat copyright infringement accusations.
In a further embodiment the master recording is in an electronic format. Preferably this format is a secure electronic format. This has the advantage that no physical masters are necessary, and that the tracks on the master do not have to be converted to an electronic format for the prnpose of computing the fingeφrints.
It is an object of the invention to provide a method of authorizing a media carrier replication process, which allows the detection of falsified information. This object is achieved according to the invention in a method comprising receiving a number of fingeφrints from a replication system, matching each of said fingeφrints against entries in a database to obtain respective identifiers, comparing the obtained identifiers against authoritative track lists, and transmitting a positive response to the replication system in dependence on the comparison. This method, when executed by a party independent from the operator of the replication system, allows for independent authorization of the replication process. The database is used to identify the tracks based on the fingeφrints submitted under replication system, and content producers supply authoritative track lists to indicate which master recordings may be replicated. Having identified the tracks, it suffices to check the identified tracks against the authoritative lists to determine whether authorization should be given.
In an embodiment the response comprises an authoritative track list matching the obtained identifiers. Using this authoritative track list, the replication system can determine the accuracy of the track list it received together with the master recording. In a further embodiment the method further comprises generating a digital signature for the response and transmitting the digital signature to the replication system. The digital signature allows the replication system to verify the authenticity of the response.
It is a further object of the invention to provide a replication system arranged for a media carrier replication process for which authorization must be obtained, comprising reception means for receiving a master recording comprising a number of tracks, fingeφrinting means for computing respective fingeφrints for each of said number of tracks, communication means submitting the computed fingeφrints to a verifying server, and for authorizing the replication process in dependence on a response received from the verifying server.
It is a further object of the invention to provide a verifying server arranged for authorizing a media carrier replication process, comprising input means for receiving a number of fingeφrints from a replication system, matching means for matching each of said fingeφrints against entries in a database to obtain respective identifiers, and response means for comparing the obtained identifiers against authoritative track lists, and for transmitting a positive response to the replication system in dependence on the comparison.
These and other aspects of the invention will be apparent from and elucidated with reference to the embodiments shown in the drawing, in which:
Fig. 1 schematically illustrates a content replication system; Fig. 2 schematically shows a verifying server in more detail.
Throughout the figures, same reference numerals indicate similar or corresponding features. Some of the features indicated in the drawings are typically implemented in software, and as such represent software entities, such as software modules or objects.
Fig. 1 schematically illustrates a content replication system 100 comprising a content producer 101, a replication plant 110, and a verifying server 120. The content producer 101 collects a number of multimedia objects, such as music or other forms of audio recordings, movies, television programs and so on. These objects could be made by the content producer 101 itself, or be bought or licensed from another content producer. The collected objects are stored on a master recording 102 in the form of a number of tracks. While the master recording 102 in this embodiment is a physical media carrier, it could equally well be an electronic recording, for instance in the form of a number of digital files each representing one or more tracks. Preferably the digital files represent the tracks in a secure format, e.g. by using encryption. The content producer 101 supplies the master recording 102 to the replication plant 110 together with an order to replicate (produce) a number of copies 112. These copies 112 can then be brought to the market, for example by distributing them to stores, or by offering them for sale in an e-commerce system. The copies 112 could also be distributed to radio stations or to other destinations, as is well known in the art. It is assumed that the tracks on the master recording 102 are protected by copyright. Since ordinarily the making of copies 112 from master recording 102 is one of tlie exclusive rights of the copyright holder, the replication plant 110 needs permission before it can start the replication process. This permission should include an identification of the tracks, so that later no misunderstandings can arise concerning which tracks were allowed to be copied.
In the replication plant 110, the tracks on the master recording 102 are received by reception module 111 and from there fed to fingeφrinting module 113. The fingeφrinting module 113 then generates a so-called robust fingeφrint for the received tracks. There are several techniques that can be used to compute such a robust fingeφrint. International patent application WO02/065782 (attorney docket PHNLOIOI 10) describes a method that generates robust fingeφrints for multimedia objects such as, for example, audio clips. The audio clip is divided in successive (preferably overlapping) time intervals. For each time interval, the frequency spectrum is divided in bands. A robust property of each band (e.g. energy) is computed and represented by a respective fingeφrint bit. A multimedia object is thus represented by a fingeφrint comprising a concatenation of binary values, one for each time interval. The fmgeφrint does not need to be computed over the whole multimedia object, but can be computed when a portion of a certain length, typically about three seconds, has been received. There can thus be plural fingeφrints for one multimedia object, depending on which portion is used to compute the fingeφrint over. For reasons of clarity, the term "the fingeφrint" will be used even in cases when multiple fmgeφrints for one multimedia object can exist.
Another method for computing a robust fingeφrint is described in WO02/37316, although of course any method for computing a robust fingeφrint can be used. For another option, see WO01/62004 or US 5,918,223. The fingeφrinting module 202 then supplies the computed fingeφrint to the DBMS backend module 203.
The fingeφrinting module 113 then feeds the computed fingeφrints to a communication module 114. This module 114 establishes a connection 115 with the verifying server 120, e.g. over the Internet or using a dial-up telephone connection.
Establishing the connection may involve authentication procedures, preferably mutual. This way both parties in the communication can be relatively sure that they are communicating with the correct other party.
Using the established connection 115, the communication module 114 submits the fingeφrints to the verifying server 120. The verifying server 120 then performs a database lookup in database 121, which contains a number of previously computed fingeφrints and associated identifiers, to obtain respective identifiers associated with the respective received fingeφrints. The operations by the verifying server 120 to do so are explained with reference to Fig. 2 below. Based on the obtained identifiers, the verifying server 120 determines whether permission to replicate (or duplicate, depending on the process used) should be granted. This permission is then transmitted back as a positive response to the communication module 114 in the replicating plant 110. If no permission should be granted, a negative response is transmitted instead. Upon receiving a response 116 from the verifying server 120, the communication module 114 determines whether the permission is positive or negative, and if it is positive signals that the replication process can be started. The signal could be as simple as displaying or otherwise rendering a confirmation to an operator (giving "the green light"), but in an automated replication plant the signal could be sent electronically to the replicating equipment, causing that equipment to start automatically.
Preferably the response 116 includes a digital signature. The communication module 114 is then equipped with a digital certificate for the verifying server 120. Using this certificate, the communication module 114 can verify whether the digital signature is authentic and whether the response has been tampered with. Verifying digital signatures using digital certificates is well known in the field of cryptography. If the response has been tampered with, the communication module 114 should alert an operator, as this might be an indication of a possible fraud or an error in the communication channel between verifying server 120 and replication plant 110. Fig. 2 schematically shows the verifying server 120 in more detail. The server 120 here comprises an input module 201, an optional fingeφrinting module 202, a Database Management System (DBMS) backend module 203, and a response module 204.
The input module 201 is activated when the communication module 114 contacts the server 120. The input module 201 receives a number of fingeφrints from the communication module 114 and feeds them to the DBMS backend module 203.
In an alternative embodiment, the input module 201 receives a plurality of audio clips through the connection established with the communication module 114 instead of a number of fingeφrints. These audio clips are then fed to the fingeφrinting module 202. The fingeφrinting module 202 computes a fingeφrint from the received audio clip. In this alternative embodiment, it is no longer necessary to have the fingeφrinting module 113 in the replication plant 110. It should be replaced with a module that can extract audio clips of sufficient quality to allow the fingeφrinting module 202 to compute the fingeφrint after receiving the clips over the connection between communication module 114 and input module 201.
The DBMS backend module 203 performs a query on the database 211 to retrieve a set of metadata associated with the received fingeφrints from the database 211. As shown in Fig. 2, the database 121 comprises fingeφrints FP1, FP2, FP3, FP4 and FP5 and respective associated sets of metadata MDS1, MDS2, MDS3, MDS4 and MDS5. The above- mentioned patent application WO02/065782 describes various matching strategies for matching fingeφrints computed for an audio clip with fingeφrints stored in a database. One disclosed method of matching a fingeφrint representing an unknown information signal with a plurality of fingeφrints of identified information signals stored in a database to identify the unknown signal uses reliability information of the extracted fingeφrint bits. The fingeφrint bits are determined by computing features of an information signal and thresholding said features to obtain the fingeφrint bits. If a feature has a value very close to the threshold, a small change in the signal may lead to a fingeφrint bit with opposite value. The absolute value of the difference between feature value and threshold is used to mark each fingeφrint bit as reliable or unreliable. The reliabilities are subsequently used to improve the actual matching procedure.
The database 121 can be organized in various ways to optimize query time and/or data organization. The output of the fingeφrinting module 113 (or fingeφrinting module 202) should be taken into account when designing the tables in the database 121. In the embodiment shown in Fig. 2, the database 121 comprises a single table with entries (records) comprising respective fingeφrints and sets of metadata.
Another way to realize the database 121 is to set up several tables. A first table comprises a plurality of unique identifiers (primary keys) each associated with respective sets of metadata. Such tables can be obtained from various music identification sources. The combination of artist, title and year of release could be combined to form a unique identifier, although this is not guaranteed to be unique, so preferably a really globally unique value is used.
A second table is then set up with entries comprising for each multimedia object the fingeφrints and the unique identifiers from the first table. This way, multiple fingeφrints can be associated with one set of metadata without having to duplicate the metadata. If multiple fingeφrints are possible for one multimedia object, all these fingeφrints are stored in the second table, all associated with the one unique identifier for that multimedia object. The DBMS backend module 203 then matches the received fingeφrints against the fingeφrints in the second table, obtains an identifier and matches the identifier against the first table to obtain the metadata. If the database 211 is an SQL database, the two tables could be joined on the identifier.
The DBMS backend module 203 feeds the results of the query to the response module 204, which determines whether to give a positive or negative response to the communication module 114 based on the query results (i.e. the obtained identifiers).
When the content producer 101 creates the master recording 102, it also creates an authoritative track list 103 for the tracks on the master recording 102. The content producer 101 transmits this authoritative track list 103 to the verifying server 120, where it is received and made accessible to the response module 204. Additionally, the content producer 101 should supply fingeφrints and identifiers for the tracks on the master recording 102, which are then added to the database 121. This way the fingeφrints computed by the replicating plant 110 can be found in the database 121.
The response module 204 then attempts to match the results of the query with the authoritative track list 103. If a match is found, then the response module 204 concludes that the replicating plant 110 is authorized to perform the replication process. A positive response should then be given to the replicating plant 110.
If no matching authoritative track list could be found, then the response module 204 concludes that the master recording for which fingeφrints were supplied is not a legitimate master recording, and so a negative response should be given to the replicating plant 110.
If a positive response has been given, the response module 204 could cause the matching authoritative track list to be deleted. This way, an illegal copy of the master recording 102 cannot be replicated again later, as a subsequent attempt to obtain authorization will fail due to a lacking matching authoritative track list. Alternatively, response module 204 could keep track of the number of times a match was found with a particular authoritative track list. The content provider 101 can then use this information to check on the replicating plant 110. The response 116 given by the verifying server 120 may include the authoritative track list 103. This way the replicating plant 110 obtains accurate metadata for the tracks together with authorization to replicate. The metadata could then be included on the copies 112.
Having determined the appropriate response, the response module 204 transmits the response to the communication module 114, so that the correct action can be taken in the replication plant 110, as set out above with reference to Fig. 1. Preferably the transmitted response includes a digital signature, allowing the communication module 114 to verify its authenticity.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design many alternative embodiments without departing from the scope of the appended claims.
In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps other than those listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements.
The invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the device claim enumerating several means, several of these means can be embodied by one and the same item of hardware. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Claims

CLAIMS:
1. A method of obtaining authorization for a media carrier replication process, comprising receiving a master recording comprising a number of tracks, computing respective fingeφrints for each of said number of tracks, submitting the computed fingeφrints to a verifying server, and authorizing the replication process in dependence on a response received from the verifying server.
2. The method of claim 1, in which the response comprises an authoritative track list.
3. The method of claim 1 , further comprising verifying a digital signature associated with the response.
4. The method of claim 1 , in which the master recording is in an electronic format.
5. The method of claim 4, in which the electronic format is a secure electronic format.
6. A method of authorizing a media carrier replication process, comprising receiving a number of fingeφrints from a replication system, matching each of said fingeφrints against entries in a database to obtain respective identifiers, comparing the obtained identifiers against authoritative track lists, and transmitting a positive response to the replication system in dependence on the comparison.
7. The method of claim 6, in which the response comprises an authoritative track list matching the obtained identifiers.
8. The method of claim 6, further comprising generating a digital signature for the response and transmitting the digital signature to the replication system.
9. A replication system arranged for a media carrier replication process for which authorization must be obtained, comprising reception means for receiving a master recording comprising a number of tracks, fingeφrinting means for computing respective fingeφrints for each of said number of tracks, communication means submitting the computed fingeφrints to a verifying server, and for authorizing the replication process in dependence on a response received from the verifying server.
10. A verifying server arranged for authorizing a media carrier replication process, comprising input means for receiving a number of fingeφrints from a replication system, matching means for matching each of said fingeφrints against entries in a database to obtain respective identifiers, and response means for comparing the obtained identifiers against authoritative track lists, and for transmitting a positive response to the replication system in dependence on the comparison.
PCT/IB2003/000104 2002-01-28 2003-01-17 Methods and system for authorizing record replication WO2003065362A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
BR0302854-2A BR0302854A (en) 2002-01-28 2003-01-17 Method to obtain authorization to authorize a media bearer replication process, replication system arranged for a media bearer replication process, and verification server arranged to authorize a media bearer replication process

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP02075341.4 2002-01-28
EP02075341 2002-01-28

Publications (2)

Publication Number Publication Date
WO2003065362A2 true WO2003065362A2 (en) 2003-08-07
WO2003065362A3 WO2003065362A3 (en) 2004-03-04

Family

ID=27635843

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2003/000104 WO2003065362A2 (en) 2002-01-28 2003-01-17 Methods and system for authorizing record replication

Country Status (2)

Country Link
BR (1) BR0302854A (en)
WO (1) WO2003065362A2 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5659613A (en) * 1994-06-29 1997-08-19 Macrovision Corporation Method and apparatus for copy protection for various recording media using a video finger print
WO2000063860A1 (en) * 1999-04-21 2000-10-26 Interactual Technologies, Inc. System, method and article of manufacture for authorizing the use of electronic content utilizing a laser-centric medium and a network server
WO2001011623A1 (en) * 1999-08-04 2001-02-15 Recording Industry Trading Company Limited Reproduction control system
WO2001062004A2 (en) * 2000-02-17 2001-08-23 Audible Magic Corporation A method and apparatus for identifying media content presented on a media playing device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5659613A (en) * 1994-06-29 1997-08-19 Macrovision Corporation Method and apparatus for copy protection for various recording media using a video finger print
WO2000063860A1 (en) * 1999-04-21 2000-10-26 Interactual Technologies, Inc. System, method and article of manufacture for authorizing the use of electronic content utilizing a laser-centric medium and a network server
WO2001011623A1 (en) * 1999-08-04 2001-02-15 Recording Industry Trading Company Limited Reproduction control system
WO2001062004A2 (en) * 2000-02-17 2001-08-23 Audible Magic Corporation A method and apparatus for identifying media content presented on a media playing device

Also Published As

Publication number Publication date
BR0302854A (en) 2004-04-27
WO2003065362A3 (en) 2004-03-04

Similar Documents

Publication Publication Date Title
US8601504B2 (en) Secure tracking system and method for video program content
Cano et al. Audio fingerprinting: concepts and applications
US7310629B1 (en) Method and apparatus for controlling file sharing of multimedia files over a fluid, de-centralized network
EP1652383B1 (en) Content identification for broadcast media
EP2791848B1 (en) Coordinated watermarking
US8850214B2 (en) Methods and systems for encoding and protecting data using digital signature and watermarking techniques
US7949494B2 (en) Method and device for monitoring and analyzing signals
US8126918B2 (en) Using embedded data with file sharing
US7194636B2 (en) Data authentication
US20130151856A1 (en) Conditional access using embedded watermarks
US20130151855A1 (en) Watermark embedding workflow improvements
US20040243540A1 (en) Method and device for monitoring and analyzing signals
EP2081190B1 (en) Information processing apparatus, disc, information processing method, and program
WO2004084549A1 (en) Recording medium and production method, playback method, and playback device thereof
GB2354347A (en) A Reproduction control system
EP1452030A2 (en) Enhanced content resolution method
KR20050088463A (en) Method and system for authentificating a disc
WO2003065362A2 (en) Methods and system for authorizing record replication
JP2006050355A (en) Data reproducing apparatus, data reproducing method and data reproducing program
US7730303B2 (en) Enhanced content resolution method
WO2007011842A2 (en) System and method for associating physical media with digital files
CN115272040A (en) Video copyright protection method based on block chain and digital watermark technology
JP2001356965A (en) Electronic file and device and method for reproducing electronic file

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP