WO2007043805A1 - Procede permettant de partager des objets de droits dans la gestion des droits numeriques et dispositif et systeme correspondants - Google Patents

Procede permettant de partager des objets de droits dans la gestion des droits numeriques et dispositif et systeme correspondants Download PDF

Info

Publication number
WO2007043805A1
WO2007043805A1 PCT/KR2006/004090 KR2006004090W WO2007043805A1 WO 2007043805 A1 WO2007043805 A1 WO 2007043805A1 KR 2006004090 W KR2006004090 W KR 2006004090W WO 2007043805 A1 WO2007043805 A1 WO 2007043805A1
Authority
WO
WIPO (PCT)
Prior art keywords
constraint
drm
sharing
content
network
Prior art date
Application number
PCT/KR2006/004090
Other languages
English (en)
Inventor
Seung-Jae Lee
Te-Hyun Kim
Original Assignee
Lg Electronics Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lg Electronics Inc. filed Critical Lg Electronics Inc.
Priority to CN2006800375148A priority Critical patent/CN101283540B/zh
Publication of WO2007043805A1 publication Critical patent/WO2007043805A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Definitions

  • the present invention relates to a digital rights management (DRM), and more particularly to a method for temporarily sharing a rights object (RO) for a specific DRM content resident in a certain device together with different devices, and a device and system thereof.
  • DRM digital rights management
  • RO rights object
  • a Digital Rights Management refers to a system technology for safely protecting a right for digital contents and systematically managing it.
  • the DRM provides a protecting and managing scheme for preventing an illegal copy of the content, acquiring DRM contents RO, and creating and transferring the content.
  • Fig. 1 illustrates a construction of a DRM system.
  • the DRM system controls content issued to a user by a content provider to be consumed only in a right-limit of RO.
  • the content provider refers to an entity corresponding to a Content Issuer (CI) and/or a Rights Issuer (RI).
  • CI Content Issuer
  • RI Rights Issuer
  • the CI issues a protected content using a particular encryption key so as to protect the content from users having no access right therefor, while the RI issues RO required to consume the protected content.
  • a DRM agent is mounted in a terminal thus to receive the protected content and the
  • the DRM agent analyzes 'permission' and/or 'constraint' included in the RO and thus changes the protected content into a format which is usable in the corresponding terminal, thereby controlling the use of the content.
  • the RO for the DRM content may include various types of constraints which is employed when consuming the corresponding DRM content and examples of types of constraints, related to consuming the corresponding DRM content, is given as follows: 'count'; 'interval'; or 'system'.
  • DRM content has been issued employs the RO issued and simultaneously desires to temporarily share the RO together with a plurality of unspecified devices or different (other) devices all of which belong to a certain domain.
  • a method for sharing RO for DRM content comprising: performing a mutual authentication between a first device and a second device to set a session therebetween; creating, by the first device, a second RO for the second device; and transferring the second RO from the first device to the second device through a particular interface.
  • the first device consumes a specific DRM content with employing the first RO
  • the second device simultaneously consumes the specific DRM content with the second RO transferred from the first device.
  • a method for sharing RO for DRM content comprising: receiving, by a first device, a first Rights Object (RO) issued from a Rights Issuer (RI) or another device; processing the first RO into a second RO by the first device; and transferring the second RO from the first device to one or more second devices.
  • a first Rights Object RO
  • RI Rights Issuer
  • the second device executes notifying of an expiration of the second RO to the first device and canceling (deleting) of the second RO, upon the expiration of the second RO.
  • a method for sharing RO for DRM content comprising: transferring RO from a first device to one or more second devices, wherein the RO is created by a Rights Issuer (RI) or the first device to include one of a temporary-share permission and a network- connectivity constraint; and sharing the RO in the first device and the at least one or more second devices.
  • RI Rights Issuer
  • a method for sharing RO for DRM content comprising: receiving, by a first device, a first RO from an RI or another device; and checking, by a second device, whether the first device has a right of modifying (changing or creating) the first RO.
  • a device for DRM content is embodied such that the device processes RO issued from a Rights Issuer (RI), and transfers the processed RO to at least one or more different devices thus to share the RO with the one or more different devices.
  • RI Rights Issuer
  • the present invention can process RO for a specific DRM content to transfer to at least one or more other devices.
  • the present invention can be embodied such that a plurality of devices can use the
  • the present invention can effectively be implemented such that the plurality of devices can use the RO for the specific DRM content according to a certain time (e.g.,
  • the present invention can effectively be implemented such that the plurality of devices can use the RO for the specific DRM content within a range of a particular network (e.g., LAN or Bluetooth) according to constraint (e.g., a proximity- based constraint) set in the RO for the specific DRM content.
  • a particular network e.g., LAN or Bluetooth
  • constraint e.g., a proximity- based constraint
  • Fig. 1 is an architecture showing a Digital Rights Management (DRM) system according to the related art.
  • Fig. 2 is a schematic architecture showing a DRM system related to a temporary sharing of RO for a DRM content in accordance with an embodiment of the present invention.
  • Fig. 3 is a view showing an XML format of RO containing a temporary-share permission.
  • Fig. 4 is an XML format of RO containing a temporary-share permission which has a sub-element.
  • Fig. 5 is an XML format of RO containing a network-connectivity constraint.
  • Fig. 6 is an XML format of RO containing a network-connectivity constraint which has a sub-element.
  • Fig. 7 is a signal flow chart showing a method for processing constraint of RO and thereafter transferring the RO in order to temporarily share RO between devices in accordance with a first embodiment of the present invention.
  • Fig. 8 is a signal flow chart showing a method for transferring RO in which a network-connectivity is included in order to temporarily share RO between devices in accordance with a second embodiment of the present invention.
  • Fig. 9 is a signal flow chart showing a method for sharing RO between devices in accordance with a third embodiment of the present invention. [30]
  • the present invention may conceptually be embodied such that Rights Object (RO) possessed by a particular device can be transferred to at least one or more other devices which desire to temporarily share the RO for use, by including a specific constraint or the like for a temporary-share in the RO transferred.
  • the particular device receives RO issued from a Rights Issuer (RI) (or another device) and processes or changes the RO in order to share it with one or more other devices.
  • the particular device may then transfer the processed RO to the one or more other devices.
  • the particular device on the other hand, can obtain RO issued from the RI, the RO having processed to include a specific constraint for a temporary-share, so as to transfer the RO to one or more other devices.
  • a term “content” described in the present invention is, for example, generally called a protected content which denotes digital contents such as DRM contents.
  • a term “device” described in the present invention refers to every device to which a DRM can be applied. That is, the device may include not only mobile communications terminals to which the DRM is applicable but also all electrical home appliances to which the DRM is applicable (e.g., TVs or refrigerators, laptop computers, PDAs, game machines, etc)
  • Fig. 2 is an architecture schematically illustrating a DRM system for a temporary- share of DRM content.
  • a first device DRM agent and a second device DRM agent shown in Fig. 2 are referred to as a first device and a second device, respectively.
  • a second device for a simple explanation in Fig. 2, it is assumed in the present invention that one or more second devices may be used.
  • a DRM system may roughly perform two different operations, namely, a first operation performed between a first device and RI and CI, and a second operation performed between the first device and a second device.
  • a Content Issuer issues DRM content to the first device (i.e., a first device DRM agent), and a RI issues RO with respect to the DRM content.
  • the issued RO may include permission (or a permission operation) for a temporary-share.
  • the first device having received the RO which includes the temporary-share permission can transfer to the second device (i.e., a plurality of second devices) a specific DRM content and a temporary-share RO for consuming the specific DRM content.
  • the first device performs a super- distribution to the second device (i.e., a second device DRM agent) in order to distribute the specific DRM content thereto.
  • the second device can receive the specific DRM content from a different entity (e.g., the CI) prior to or after receiving the temporary-share RO from the first device.
  • the first device needs to get a temporary-share permission for the RO from the RI, and a certain constraint is required to allow the second device to employ (temporarily share) the RO transferred from the first device.
  • the RI transfers to the first device a permission for a temporary-share, namely, the permission meaning of capability in which the first device can deliver a temporary- share RO for a specific DRM content to one or more different devices (i.e., a plurality of second devices).
  • the temporary-share permission may be transferred to the first device by being included in the RO issued by the RI.
  • the temporary- share permission may be formed in a certain data format (e.g., as a certain packet) separately from the RO to thereafter be transferred to the first device from the RI.
  • the "temporary-share" permission corresponds to a parameter or an element transferred together with the RO issued from the RI.
  • the RO including the temporary-share permission
  • the RO may be alternatively issued (or transferred) from another device, rather than the RI, to the first device.
  • the RO including the temporary-share permission
  • Fig. 3 illustrates an XML ((exTensible Markup Language) format for specifying a structure of RO including a temporary-share permission among several permission elements which are included in the RO issued to the first device by the RI.
  • Fig. 4 illustrates one or more sub-elements contained in the temporary-share permission, which shows an XML format of RO including one or more sub-elements such as ® 'constraint', (D 'permission', (D 'concurrent', and ® 'hostdevID'.
  • ® 'constraint' element indicates an employing condition for RO to consume an DRM content therewith.
  • the constraint namely, the employing condition may include, for example, 'count', 'timed-out', 'datetime', 'interval', 'accumulated', 'individual', 'system', and the like.
  • D 'permission' element indicates a permission of RO for a specific DRM content, which may, for example, include 'play' corresponding to an operation of playing a certain DRM content, 'display' corresponding to an operation of displaying a certain DRM content on a screen, 'execute' corresponding to an operation of executing a certain DRM content in the form of program, 'print' corresponding to an operation of printing a certain DRM content to an output device, 'export' corresponding to an operation of exporting a certain DRM content in another DRM technology based format, and the like.
  • (D 'concurrent' element has an attribute indicating the maximum number of second devices which can simultaneously consume temporary-share RO for a certain time.
  • a first device Upon designating a 'concurrent' attribute, a first device should manage the number of second devices which are sharing RO with the first device.
  • ® 'hostdevID' element may indicate an attribute for determining which device is to be a host of a temporary-share or an attribute denoting which device can modify RO, or indicate both the two attributes. Therefore, if the hostdevID denotes an ID of a first device (i.e., if a value of the hostdevID matches an ID value of the first device), only the first device can get a right of transferring RO to one or more second devices to temporarily share RO for a specific DRM content together with the one or more second devices. Alternatively, if a particular entity (e.g., the RI) transfers a certain RO to the first device, the first device should check whether its ID matches a value of the hostdevID.
  • the hostdevID denotes B ASE64 Hash value of a certificate of a certain device (e.g., the first device) or a unique string.
  • a first device When a first device receives RO issued from an RI, the RO including 'constraint' and 'permission' specified in an XML format as shown in Fig. 3 and/or Fig. 4, the first device decodes a Content Encryption Key (CEK) included in the RO. The first device leaves the RO in the CEK decoded state, encodes the RO using a public key of the second device, or encodes the RO using a sharing key of the second device. Alternatively, the first device attaches a digital signature to information related to 'permission' or 'constraint' in the RO, or attaches (adds) a value of a Message Authentication Code (MAC), the value obtained from the RO.
  • CEK Content Encryption Key
  • the first device attaches a MAC value to the RO as follows: the first device creates a MAC key with the MAC value; obtains( creates) a MAC value by using the MAC key; and then attaches the obtained MAC value into the RO issued from the RI.
  • the first device may transfer RO, which is possessed by the first device itself, to second devices (i.e., a plurality of devices) to temporarily share it therewith.
  • the first device may transfer the RO to second devices (i.e., the plurality of devices) after processing it. Processing the RO by the first device is executed in order to temporarily share the RO with the second devices.
  • the first device since the first device processes the RO resident to the first device itself to thereafter transfer the processed RO to the second devices (i.e., a plurality of second devices), the first device may be referred to as a local Rights Issuer (RI).
  • RI local Rights Issuer
  • the number of devices which temporarily share the RO may be managed by a sub-element of the temporary-share permission, namely, a 'concurrent'.
  • the first and second devices may be devices belonging to the same particular domain. If the first and second devices all belong to the same domain, the first device is not necessary to process the RO, which is possessed by the first device, in order to temporarily share it together with the second devices. If the RO is a domain RO for a certain domain, it is encoded with a domain key dedicated for the certain domain. Accordingly, the domain RO is received in the second devices from the first device to thereafter be decoded using the domain key.
  • RO transferred (or issued) from the first device to the second device may be processed (or changed or modified) by adapting two methods as follows.
  • a first method is employed such that RO is processed (or created) by attaching (adding) a certain constraint in the RO
  • a second method is employed such that RO is processed by attaching (adding) 'network connectivity' constraint in the RO.
  • the first method is based upon a time-based constraint
  • the second method is based upon a proximity- based constraint.
  • the second method is referred to as 'proximity-based constraint' and is implemented such that RO is processed by adding 'network connectivity' in the RO. That is, 'network connectivity' indicates a condition (i.e., a constraint) which specifies whether RO for consuming DRM content is capable of being shared according to a connected state with a certain network.
  • a condition i.e., a constraint
  • Fig. 5 illustrates an XML format defining a structure of RO including a
  • FIG. 6 illustrates an XML format defining RO containing a network-connectivity constraint which has sub-elements, namely, ® errcount, (D hostaddr, and ® period.
  • a network connectivity element is added to a constraint element.
  • a particular device e.g., the second device having received the RO analyzes the network-connectivity constraint and sub-elements of the RO. That is, when the first device has issued to the second device the RO in the XML format as shown in Figs. 5 and 6, the second device analyzes a 'hostaddr' of the RO to attempt to access an address of a local RI (e.g., the first device).
  • the second device deletes or disables the RO received from the first device.
  • the 'hostaddr' may be defined as a Uniform Resource Identifier (URI), for example, defined as a http address in a format of http://xxxx/xxx, and defined as a device ID such as 'Bluetooth:DEV10A56'.
  • URI Uniform Resource Identifier
  • the second device examines a network entity on a certain network (e.g., Bluetooth, an Internet, LAN, etc).
  • a device ID of a local RI e.g., the first device
  • a certain device e.g., the second device
  • the RO should check 'network connectivity' by a time interval defined in the 'period' .
  • Fig. 7 is a signal flow chart illustrating a method for transferring RO by processing constraint of the RO to temporarily share the RO between devices, in accordance with a first embodiment of the present invention. That is, Fig. 7 shows the first method aforementioned, which illustrates that a first device processes its RO by attaching a certain constraint in the RO, and thereafter transfers the processed RO to one or more second devices. Also, the embodiment illustrated in Fig. 7 uses the RO illustrated in Figs. 3 and 4.
  • a first device performs a Public Key Infrastructure mutual authentication (Sl).
  • a public key of a second device is transferred to the first device.
  • a secure channel may be formed between the first and second devices (S2).
  • a private key may be shared between the first and second devices to be used for their communication.
  • the RO is transferred through the secure channel without encoding a CEK included in the RO.
  • the first device processes the RO issued from the RI (S3). That is, the first device, as illustrated in Figs. 3 and 4, creates or changes one or more constraints within the RO.
  • the RO processed in the step S3 (i.e., the RO in which one or more constraints have been created or changed) is transferred to the second device (S4).
  • the RO is transferred from the first device to the second device through the secure channel.
  • the RO is transferred from the first device to the second device through a non- secure channel.
  • the second device when the second device receives the processed RO through the step S4, the second device can access (i.e. consume) the corresponding DRM content employing the processed RO.
  • the RO i.e., the RO resident in the first device
  • the RO can temporarily be shared with four other devices at once. While doing so, in case the RO of the first device is transferred to the second devices through the step S4, the 'concurrent' shall be changed from '4' to '3'.
  • the first device can temporarily share the RO (i.e., the RO resident in the first device) with three other devices at once.
  • the second device can notify this to the first device (S5).
  • the second device Upon the expiration of the RO, the second device performs a temporary copy terminating process (S6).
  • the first device allows the value of the 'concurrent' to be returned into '4' from '3'. Accordingly, the first device can temporarily share the RO simultaneously with four other devices.
  • the second device Upon the expiration of the RO, the second device expires the RO (S7).
  • the expiration of the RO in the step S6 may denote deleting or disabling the RO.
  • Fig. 8 is a signal flow chart illustrating a method for transferring RO by including 'network-connectivity' within the RO to temporarily share the RO between devices, in accordance with a second embodiment of the present invention.
  • Fig. 8 corresponds to the second method aforementioned, in which the first device processes the RO by further including 'network connectivity' constraint in the RO and then transfers the processed RO to the second device.
  • the embodiment of Fig. 8 employs the RO illustrated in Figs. 5 and 6.
  • the same reference numerals have the same operations and functions as those of signals corresponding to the reference numerals.
  • a value of an 'errcount' within the RO is set to 4 and a value of a 'hostaddr' denotes the first device (e.g., a value of the hostaddr attribute is set to a device ID of the first device).
  • the first device processes the RO by adding (attaching)
  • the first device transfers to one or more second devices the processed RO, namely, the processed RO including the 'network-connectivity' constraint, and then temporarily shares the RO with the second devices (S4).
  • the processed RO is transferred from the first device to the second device through the secure channel.
  • the secure channel has not been formed therebetween, the processed RO is then transferred from the first device to the second device through a non-secure channel.
  • the first and second devices periodically check a network connectivity therebetween (S5'). That is, the network connectivity between the first and second devices are periodically checked by a time interval set in the 'period' as illustrated in Fig. 6. In case a value of an errcount has been set to 4, when the network connection between the first and second devices is disconnected sequentially four times (S5'), the first device terminates the temporary-share of the RO with the second device (i.e., performs the temporary copy terminating process mentioned in Fig. 8) (S6). After the step S5' performed, the second device expires the RO (S7). Here, the expiring the RO denotes to delete or disable the RO.
  • Fig. 9 is a signal flow chart illustrating a method for sharing RO between devices in accordance with a third embodiment of the present invention.
  • a DRM agent 1 and a DRM agent 2 in Fig. 9 correspond to the first device and the second device, respectively.
  • a signal for sharing the RO between the devices is transmitted through an A2AP-1 interface.
  • the A2AP-1 interface denotes a 2- way RO acquisition protocol for acquiring the RO between the DRM agents.
  • a DRM agent 2 When a DRM agent 2 enters a certain network (e.g., a Bluetooth, etc) or domain in which a DRM agent 1 is currently positioned, the DRM agent 1 discovers the DRM agent 2 by using a discovery mechanism such as UPnP (specified as 'Discovery' in Fig. 9).
  • the discovery process according to the discovery mechanism may include a work of informing a capability for processing the temporary-share (or which is referred to as 'Ad Hoc Sharing') of the RO between the devices (i.e., the DRM agent 1 and the DRM agent 2).
  • Each user of the DRM agent 1 and the DRM agent 2 selects a content to transfer (specified as 'Select Content' in Fig. 9).
  • a session is accordingly set between the DRM agent 1 and the DRM agent 2 (SlO).
  • the DRM agent 1 creates RO (referred to as a 'second RO' for reference) for the DRM agent 2 based upon RO (referred to as a 'first RO') which the DRM agent 1 is currently possessing (Sl 1).
  • the first RO may be issued from the RI.
  • the DRM agent 1 processes (or changes or modifies) the first RO to thereby create the second RO based upon a specific permission for a temporary-share or Ad Hoc sharing.
  • the DRM agent 1 may processes the first RO to thereby create the second RO based on current state information with respect to the first RO.
  • the DRM agent 1 processes the first RO to create the second RO so that the second RO could include one of 'time-based constraint' and 'proximity-based constraint', or include both the constraints.
  • the DRM agent 1 may create a second RO in which ' ⁇ datetime>' constraint, namely, a type of 'time-based constraint', is set to two hours.
  • the DRM agent 1 transfers the second RO to the DRM agent 2 using an A2AP protocol (S12 and S13). That is, the DRM agent 1 sends an A2AP-roShareRequest message including the second RO to the DRM agent 2 (S 12).
  • the DRM agent 2 processes the A2AP-roShareRequest message, and then sends back to the DRM agent 1 an A2AP-roShareResponse message in response to the A2AP-roShareRequest message (S 13).
  • the DRM agent 1 receives and processes the A2AP-roShareResponse message.
  • the DRM agent 1 may transfer to the DRM agent 2 a Digital Content Format (DCF) corresponding to a sharing RO (i.e. the second RO), and the transferring may be executed at a time of transferring the second RO or before or after transferring the second RO.
  • DCF Digital Content Format
  • the DRM agent 2 can consume the corresponding DRM content employing the second RO (e.g., the second RO in which ⁇ datetime> has been set to two hours) as the sharing RO. That is, assuming that the corresponding DRM content is a certain movie, a user of the DRM agent 2 can play the certain movie for two hours employing the second RO, and simultaneously a user of the DRM agent 1 can play the certain movie employing the first RO. That is, each user of the DRM agent 1 and the DRM agent 2 can simultaneously consume the DRM content (i.e. the certain movie) employing their owned ROs (i.e. the first RO and the second RO) to thereby embody temporary-sharing RO therebetween. However, the user of the DRM agent 1 may play the corresponding DRM content (i.e., the certain movie) using the first RO within a range which the RI has originally constrained.
  • the second RO e.g., the second RO in which ⁇ datetime> has been set to two hours
  • the second RO is created to include a proximity-based constraint (e.g., a network-connectivity) in the step SIl, and the second RO is transferred from the DRM agent 1 to the DRM agent 1.
  • the DRM agent 2 can consume (or access) the corresponding DRM content, for example, a video, employing the second RO only when the DRM agent 2 is positioned within a network (e.g., the Bluetooth, etc) in which the DRM agent 2 can communicate with the DRM agent 1.
  • the DRM agent 1 can also consume (or access) the corresponding DRM content (e.g., the video, etc) employing the first RO.
  • the network denotes a certain area, for example, a banquet or a place holding a party in which a communication between the DRM agents is available within a network in proximity such as the Bluetooth.
  • the DRM agent 2 moves away from the network (e.g., the place holding a party), the DRM agent 2 can not access the corresponding DRM content any more by using the second RO.
  • the embodiments of Figs. 5 and 7 have been employed to explain the method in which the first device processes the RO issued from the RI and then transfers it to the second device so as to temporarily share the RO with the second device.
  • the RI directly creates RO in a format capable of being temporarily shared with one or more different devices (e.g., the second devices) without the RO processing by the first device to thereafter provide (or issue) the RO to the first device, and then the first device can transfer the RO (i.e., the RO directly provided from the RI and formed in a temporarily sharable format) to the one or more different devices.
  • an entity to create the temporarily sharable RO can be the RI as well as the first device.
  • the second device receives the RO (i.e., the RO for a temporary share) from the first device, and can also receive the corresponding DRM content of the RO simultaneously with the RO, or before or after receiving the RO.
  • the second device can receive the corresponding DRM content of the RO (i.e., the RO for the temporary sharing) directly from the RI or CI.
  • a device may separately include a module for receiving RO, and a module for checking(or verifying) whether information related to a right of modifying (or changing) the received RO is included in the RO.
  • the RO has been processed to include a time-based constraint (e.g., 'count' or 'datetime') or include a proximity-based constraint (e.g., network-connectivity). If necessary, the RO can be processed to include both the time-based constraint and the proximity-based constraint.
  • a time-based constraint e.g., 'count' or 'datetime'
  • a proximity-based constraint e.g., network-connectivity

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé permettant de partager un objet de droits (RO) d'un contenu de gestion de droits numériques (DRM) spécifique qui se trouve dans un dispositif déterminé avec différents dispositifs (ou terminaux) dans un système de gestion des droits numériques (DRM). Selon le mode de réalisation décrit dans cette invention, un premier dispositif et un second dispositif peuvent partager un objet de droits pour un contenu de gestion de droits numériques par exécution d'une authentification réciproque entre le premier dispositif et le second dispositif afin d'établir une session entre eux; création, par le premier dispositif, d'un second objet de droits pour le second dispositif; puis transfert du second objet de droits depuis le premier dispositif vers le second dispositif par l'intermédiaire d'une interface particulière. Ainsi, pendant que le premier dispositif utilise un contenu de gestion des droits numériques spécifique à l'aide du premier objet de droits, le second dispositif utilise, simultanément, le contenu de gestion des droits numériques spécifique à l'aide du second objet de droits transmis par le premier dispositif.
PCT/KR2006/004090 2005-10-11 2006-10-11 Procede permettant de partager des objets de droits dans la gestion des droits numeriques et dispositif et systeme correspondants WO2007043805A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2006800375148A CN101283540B (zh) 2005-10-11 2006-10-11 在数字权限管理中共享权限对象的方法及其装置和系统

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US72490605P 2005-10-11 2005-10-11
US60/724,906 2005-10-11
KR10-2006-0057141 2006-06-23
KR20060057141 2006-06-23

Publications (1)

Publication Number Publication Date
WO2007043805A1 true WO2007043805A1 (fr) 2007-04-19

Family

ID=37943000

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2006/004090 WO2007043805A1 (fr) 2005-10-11 2006-10-11 Procede permettant de partager des objets de droits dans la gestion des droits numeriques et dispositif et systeme correspondants

Country Status (3)

Country Link
KR (1) KR100854039B1 (fr)
CN (1) CN101283540B (fr)
WO (1) WO2007043805A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2866416A1 (fr) * 2013-10-24 2015-04-29 NEC Corporation Contrôle de l'utilisation de données reçues d'un dispositif par l'intermédiaire d'un réseau

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101434402B1 (ko) * 2007-06-09 2014-08-27 삼성전자주식회사 휴대단말의 콘텐츠 권리객체 획득 방법 및 장치
KR100930695B1 (ko) * 2007-08-06 2009-12-09 현대자동차주식회사 디알엠 시스템 및 디알엠 콘텐츠 관리방법
KR101015891B1 (ko) * 2007-10-09 2011-02-23 한국전자통신연구원 Drm 상호호환성 제공 방법 및 이를 위한 drm 모듈
KR100988374B1 (ko) * 2007-12-14 2010-10-18 엘지전자 주식회사 사용권리 이동 방법, 사용권리의 발급권한 관리 방법 및시스템
KR101301726B1 (ko) * 2011-11-22 2013-09-16 주식회사 디알엠인사이드 전자책 저작권 보호시스템에서의 권리표현 처리방법 및 이를 적용한 전자책 열람 장치

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040148503A1 (en) * 2002-01-25 2004-07-29 David Sidman Apparatus, method, and system for accessing digital rights management information
US20050132207A1 (en) * 2003-12-10 2005-06-16 Magda Mourad System and method for authoring learning material using digital ownership rights
US20050210236A1 (en) * 2004-03-22 2005-09-22 Samsung Electronics Co., Ltd. Digital rights management structure, portable storage device, and contents management method using the portable storage device

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6671803B1 (en) 1998-10-06 2003-12-30 Koninklijke Philips Electronics N.V. Method and system for consumer electronic device certificate management
JP4296742B2 (ja) * 2002-01-30 2009-07-15 パナソニック株式会社 鉛蓄電池
JP2004302817A (ja) 2003-03-31 2004-10-28 Matsushita Electric Ind Co Ltd ライセンス管理システム
JP2004303111A (ja) * 2003-04-01 2004-10-28 Hitachi Ltd ライセンス管理機能付き携帯端末
DE602004015823D1 (de) * 2003-10-22 2008-09-25 Nxp Bv Verwaltungseinheit für digitale rechte für ein verwaltungssystem für digitale rechte

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040148503A1 (en) * 2002-01-25 2004-07-29 David Sidman Apparatus, method, and system for accessing digital rights management information
US20050132207A1 (en) * 2003-12-10 2005-06-16 Magda Mourad System and method for authoring learning material using digital ownership rights
US20050210236A1 (en) * 2004-03-22 2005-09-22 Samsung Electronics Co., Ltd. Digital rights management structure, portable storage device, and contents management method using the portable storage device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2866416A1 (fr) * 2013-10-24 2015-04-29 NEC Corporation Contrôle de l'utilisation de données reçues d'un dispositif par l'intermédiaire d'un réseau

Also Published As

Publication number Publication date
KR100854039B1 (ko) 2008-08-26
CN101283540A (zh) 2008-10-08
CN101283540B (zh) 2013-02-13
KR20070040322A (ko) 2007-04-16

Similar Documents

Publication Publication Date Title
US8554927B2 (en) Method for sharing rights object in digital rights management and device and system thereof
US7885871B2 (en) Method and system for managing DRM agent in user domain in digital rights management
JP4804055B2 (ja) 機器ネットワーク運用方法
EP2070345B1 (fr) Enregistrement de dispositif sans fil, tel qu'un enregistrement automatique d'un dispositif wi-fi
US8656156B2 (en) Method and terminal for authenticating between DRM agents for moving RO
JP5248505B2 (ja) 制御デバイス、再生デバイス、及び許可サーバ
EP2018019B1 (fr) Procédé et système d'acquisition d'un objet de droits
US20090064346A1 (en) Providing services to a guest device in a personal network
US20060156388A1 (en) Method and apparatus for a security framework that enables identity and access control services
JP2008052735A (ja) デジタル権限管理において権限発行者とドメイン権限附与者を登録する方法及びこの方法を利用して保安コンテンツ交換機能を実行する方法
JP5101951B2 (ja) ユーザードメインのためにデジタル権限管理をインポートする方法
JP2009510583A (ja) 改善されたdrmシステム
US20070110012A1 (en) Device and method for tracking usage of content distributed to media devices of a local area network
WO2007043805A1 (fr) Procede permettant de partager des objets de droits dans la gestion des droits numeriques et dispositif et systeme correspondants
JP5043953B2 (ja) リソース伝送方法及び情報提供方法
KR101457689B1 (ko) 멀티 도메인 매니저의 운영 방법 및 도메인 시스템
US8752191B2 (en) Generic digital rights management framework, and applications thereof
WO2004100456A1 (fr) Systeme et procede d'authentification inter-dispositifs, dispositif de communication et programme informatique
JP6466382B2 (ja) 鍵を送付するための方法および装置
EP2093687B1 (fr) Procédé et dispositif de gestion d'autorisations du bon objet dans la gestion des droits numériques
KR20070091521A (ko) 도메인 운용 방법, 도메인 확장 방법 및 도메인 시스템
KR20070102374A (ko) 도메인 대표 장치의 선출 방법
Keoh Marlin: toward seamless content sharing and rights management
WO2005093543A1 (fr) Systeme de controle d'acces a un reseau d'ordinateurs
Schwiderski-Grosche et al. Towards the secure initialisation of a personal distributed environment

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200680037514.8

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06799170

Country of ref document: EP

Kind code of ref document: A1