WO2007064086A1 - Method and device for drm time synchronization between devices in digital rights management - Google Patents

Method and device for drm time synchronization between devices in digital rights management Download PDF

Info

Publication number
WO2007064086A1
WO2007064086A1 PCT/KR2006/004461 KR2006004461W WO2007064086A1 WO 2007064086 A1 WO2007064086 A1 WO 2007064086A1 KR 2006004461 W KR2006004461 W KR 2006004461W WO 2007064086 A1 WO2007064086 A1 WO 2007064086A1
Authority
WO
WIPO (PCT)
Prior art keywords
time
drm
virtual clock
current time
target
Prior art date
Application number
PCT/KR2006/004461
Other languages
French (fr)
Inventor
Seung-Jae Lee
Te-Hyun Kim
Original Assignee
Lg Electronics Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020060077767A external-priority patent/KR101305282B1/en
Application filed by Lg Electronics Inc. filed Critical Lg Electronics Inc.
Priority to CN2006800435473A priority Critical patent/CN101313297B/en
Publication of WO2007064086A1 publication Critical patent/WO2007064086A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp

Definitions

  • the present invention relates to a Digital Rights Management (DRM), and more particularly, to a method and device for DRM time synchronization between devices in DRM capable of performing DRM time synchronization between devices so as to effectively consume a Rights Object (RO) of DRM content.
  • DRM Digital Rights Management
  • RO Rights Object
  • Digital Rights Management is technique to protect Rights Object (RO) for digital content and systematically manage it, and provides a protecting and managing scheme for preventing an illegal copy of the content, acquiring RO, and generating/transferring the content.
  • RO Rights Object
  • FIG. 1 is a configuration view showing a DRM system in accordance with the related art.
  • the DRM system controls content issued to a user by a content provider to be used only in a right-limit of RO.
  • the content provider is an entity corresponding to a Content Issuer (Cl) or a Rights Issuer (Rl).
  • the Cl issues content protected by a specific encryption method
  • DRM content (hereinafter, will be referred to as a DRM content) so as to protect content from a user having no access right, and the Rl issues a Rights Object (RO) necessary to use the DRM content.
  • RO Rights Object
  • a DRM Agent is mounted at a Device thus to receive the DRM content and RO from the Cl or the Rl, and controls a usage of the DRM content at a corresponding device by analyzing a 'License' included in the RO.
  • the License consists of a 'Permission' and a 'Constraint'.
  • the 'Permission' includes explanation and reference information for specific content, a decryption key for content. For instance, the 'Permission' includes Play, Display, Execute, Print, Export, etc., and the 'Constraint' includes Count, Timed-Count, Datetime, Interval, Accumulcated, Individual, System, etc.
  • the Timed-Count, Datetime, and Accumulcated are time-related conditions, and whether they are valid or not is determined by the DRM Agent with reference to a DRM Time managed by the DRM Agent.
  • the DRM Agent registers into the Rl through a Rights Object
  • ROAP obtains RO from the Rl, and joins/leaves a Domain of devices managed by the Rl.
  • the ROAP consists of a Registration Protocol, an RO Acquisition Protocol, and a Domain Management Protocol.
  • Registration Protocol a reciprocal authentication, a certificate exchange, an algorithm negotiation, etc. are performed between a device and an Rl.
  • RO Acquisition Protocol a request and reception for RO is performed.
  • Domain Management Protocol a joining/leave to/from a domain is performed.
  • FIG. 2 is a block diagram showing a method for transmitting RO for digital content between devices.
  • a Device A possesses RO issued from an Rl, and transmits the RO to a Device B, the RO to which a certain constraint (e.g., timed-count and/or datetime) is set. Then, the Device B transmits the RO to a Device C (not shown).
  • a DRM Time e.g., a clock or a counter
  • a DRM Time has to be synchronized between the Device A and the Rl.
  • the Rl sends an OCSP request message to an OCSP Responder.
  • the Rl sends Noncejransmitted from the Device A together with the OCSP request message.
  • the Rl sends a RegistrationResponse message to the Device A with including a Nonce-based OCSP Response in the message.
  • the Device A having received the Nonce-based OCSP Response message including a Nonce identical to the Nonce transmitted from the ROAP-RegistrationResponse controls DRM Time by using visual information included in the OCSP Response.
  • the Device A can be provided with a current time from the OCSP Responder since it is a connected Device to the Rl.
  • Devices B and C are unconnected Devices to the Rl, they can not be provided with a current time from the OCSP Responder.
  • the Device A receives RO from the Rl, it synchronizes its DRM Time with the Rl through an OCSP Response.
  • the Devices B and C can not manage RO having a time-related constraint since they do not have a source to synchronize DRM Time.
  • CP Content Provider
  • an object of the present invention is to provide a method and device for DRM Time synchronization between devices in DRM capable of effectively consuming Rights Object (RO) transmitted from a specific Device.
  • RO Rights Object
  • Another object of the present invention is to provide a method and device for DRM Time synchronization between devices in DRM capable of protecting a right of a Content Provider (CP) from an illegal damage by managing RO received from a specific device.
  • CP Content Provider
  • a method for DRM Time synchronization between devices in DRM comprising: transmitting time information to a target device by at least one source device; and generating at least one virtual clock based on the time information by the target device.
  • the generating at least one virtual clock for each source device based on the time information by the target device comprises: checking an ID of the source device recorded in the RO by the target device; checking whether a virtual clock for the source device having transmitted the RO exists or not by the target device; if the virtual clock for the device exists, calculating a current time by using the virtual clock for the device; and determining whether the RO is valid or not based on the calculated current time.
  • the generating a virtual clock for each RO transmitted from the device by the target device comprises: checking whether a virtual clock for the RO exists or not by the target device; if a virtual clock for the RO exists, calculating a current time by using the virtual clock for the RO; and determining whether the RO is valid or not based on the calculated current time.
  • the method for DRM time synchronization between a first device and a second device in a DRM system including an Rl and an OCSP Responder comprises: receiving time information of the second device together with RO from the second device; calculating a current time on a DRM Time of the second device based on the time information; comparing the calculated current time of the second device with a current time of a DRM Time of the first device; if difference between the current time of the first device and the current time of the second device is over the range as a result of the comparison, synchronizing, the current time of a DRM Time of the first device thereby registering at the Rl.
  • the method for DRM Time synchronization between devices in DRM comprises: transmitting time information to a second device by a first device; comparing whether the first device and the second device are synchronized with each other based on the time information by the second device; when the first device and the second device are not synchronized with each other, synchronizing each DRT Time by the first device and the second device.
  • the method for DRM Time synchronization between devices in DRM comprises: transmitting time information together with RO to a second device by a first device; obtaining DRM Time of the first device from the time information by the second device; the second device's calculating a difference value between its DRM Time and the DRM Time of the first device; and determining whether the calculated difference value is within a preset range.
  • FIG. 1 is an architecture schematically showing a Digital Rights Management (DRM) system in accordance with the related art
  • FIG. 2 is a block diagram showing a method for transmitting RO for digital content between devices in accordance with the related art
  • FIG. 3 is a block diagram schematically showing a DRM system for DRM time synchronization between devices according to a first embodiment of the present invention
  • FIG. 4 is a block diagram schematically showing DRM time synchronization between devices according to a first embodiment of the present invention
  • FIG. 5 is a block diagram schematically showing DRM time synchronization between devices according to a second embodiment of the present invention.
  • FIG. 6 is a block diagram schematically showing DRM time synchronization between devices according to a third embodiment of the present invention
  • FIG. 7 is a signal flowchart schematically showing DRM time synchronization between devices according to a fourth embodiment of the present invention
  • FIG. 8 is a signal flowchart schematically showing DRM time synchronization between devices according to a fifth embodiment of the present invention.
  • FIG. 9 is a signal flowchart schematically showing DRM time synchronization between devices according to a sixth embodiment of the present invention.
  • FIG. 3 is a block diagram schematically showing a DRM system for DRM time synchronization between devices according to a first embodiment of the present invention.
  • a DRM system according to the present invention comprises a Rights Issuer (Rl) 10; an Online Certificate Status Protocol (OCSP) Responder 20 for providing a reference time; a Device A 30 for receiving a Rights Object (RO) from the Rl 10; and a Device B 40 and a Device C 50.
  • the Device A 30 directly receives an RO from the Rl 10, and synchronizes DRM Time by an OCSP Response included in RegistrationResponse.
  • the Device B 40 receives RO from the Device A 30, and the Device C 50 receives RO from the Device B 40.
  • the Device B 40 and the Device C 50 may be implemented as Unconnected Devices that are not directly connected to the Rl 10, or may be implemented as a Connected Device that is directly connected to the Rl 10.
  • the Device A 30 transmits RO to the Device B 40 together with certain information for DRM Time synchronization (e.g., Timestamp) and an ID thereof.
  • the Device B 40 transmits RO received from the Device A to the Device C 50 together with certain information for DRM Time synchronization (e.g., Timestamp) and an ID of the Device (e.g., an ID of the Device A or a combination between an ID of the Device A and an ID of the Device B).
  • certain information for DRM Time synchronization will be later explained in more detail.
  • the Device B 40 having received the RO from the Device A 30 checks whether the RO for DRM content is valid.
  • time-related constraint e.g., timed-count and/or datetime
  • the Device B 40 uses DRM Time synchronized with the Rl 10.
  • the Device B 40 determines the DRM content as a Permission content.
  • FIG. 4 is a block diagram schematically showing DRM time synchronization between devices according to a first embodiment of the present invention. Referring to FIG. 4, a Device Z that receives RO from Devices X and Y generates a virtual clock for the Device X and a virtual clock for the Device Y 1 thereby performing DRM Time synchronization between the Devices.
  • the Device X and the Device Y transmit RO for different DRM contents or RO having different constraints for the same DRM content
  • the Device Z is an Unconnected Device that is not directly connected to a Content Provider (CP) on network.
  • the Device X and the Device Y are provided with each DRM Time (e.g., a clock or a counter) managed by a DRM Agent.
  • the Devices X and Y need not be Devices having directly received RO from the Rl. That is, the Devices X and Y may be implemented as Devices having not been directly synchronized with the Rl.
  • the Device Z generates a virtual clock for the Device X and a virtual clock for the Device Y, and manages the virtual clocks.
  • the virtual clock for the Device X and the virtual clock for the Device Y may be implemented by several methods.
  • the virtual clock for the Device X and the virtual clock for the Device Y may be constructed to store a difference value between DRM Time of the Device Z and their DRM Times.
  • the time information of the Device X and the Device Y are transmitted to the Device Z via a Timestamp.
  • the DRM time of the Device X is slower than the DRM time of the Device Z by 11 minutes. Accordingly, the virtual clock for the Device X stores a value corresponding to the (-)11 minutes.
  • the Device Z is to calculate a current time on the virtual clock for the Device X, it subtracts 11 minutes from a current time on the DRM Time of the Device Z.
  • the method for DRM Time synchronization between devices comprises generating a virtual clock and determining whether RO is valid or not.
  • the generating a virtual clock will be explained.
  • the Device X (or the Device Y) When the Device X (or the Device Y) is to transmit RO to the Device Z, the Device X (or the Device Y) sends an ID of the Device X (or an ID of the Device Y) to the Device Z together with time information on the DRM Time of the Device X, that is, Timestamp.
  • the Timestamp is a parameter (or an element) including time information, and is included in a certain message used when the Device X transmits RO to the Device Z.
  • the Timestamp includes a value corresponding to a current time on the DRM Time of the Device X.
  • the Device Z checks whether a virtual clock assigned for an ID of the Device X exists therein. If there exists no virtual clock assigned for an ID of the Device X in the Device Z, Device Z generates a virtual clock for the
  • the virtual clock for the Device X may be generated by storing a difference value between DRM Time of the Device X and DRM Time of the Device Z in a memory of the Device Z.
  • a virtual clock for the Device Y is generated in the same manner as the virtual clock for the Device X.
  • the Device Y in a memory thereof, it records that the RO has been transmitted from the Device X (or the Device Y). For instance, the Device Z stores additional information (an ID of the Device X or an ID of the Device Y) in the received RO or in a memory thereof together with the received RO.
  • the Device Z determines whether a corresponding RO for a specific
  • DRM content (e.g., RO transmitted from the Device X) is valid or not.
  • the Device Z checks from which the RO has been transmitted between the Device X and the Device Y.
  • the Device Z determines that the RO has been transmitted from the Device X by checking information recorded in the RO (e.g., an ID of the Device X or an ID of the Device Y).
  • the Device Z checks whether a virtual clock for the Device X (or a virtual clock for the Device Y) that has transmitted the RO exists.
  • the Device Z calculates a current time by using the existing virtual clock. However, if there exists no virtual clock for the Device X or virtual clock for the Device Y, the Device Z generates a certain error (e.g., alarm sound, vibration, informing characters, clicking of an LED, etc.) thus to inform a user of the Device Z.
  • a certain error e.g., alarm sound, vibration, informing characters, clicking of an LED, etc.
  • the Device Z determines whether the RO transmitted from the Device X or the Device Y is valid or not based on a current time on a virtual clock for the Device X (or a virtual clock for the Device Y). For instance, in an assumption that a current time on the virtual clock for the Device X is 13:00 PM, June 10 th , 2006, when a time-related constraint of the RO transmitted from the Device X is set to be 13:00 PM, June 11 th , 2006, the Device Z determines that the RO transmitted from the Device X is valid. Accordingly, a user of the Device Z can access a specific DRM content by consuming the RO.
  • FIG. 5 is a block diagram schematically showing DRM time synchronization between devices according to a second embodiment of the present invention.
  • a target Device (Device Z) generates each virtual clock for each RO transmitted from Devices X and Y, thereby synchronizing DRM time of each Device.
  • the Device X and the Device Y transmit RO for different DRM contents, and the Device Z is an Unconnected Device that is not directly connected to a Content Provider (CP) on network.
  • the Device X and the Device Y are provided with each DRM Time managed by a DRM Agent.
  • the Devices X and Y need not be Devices having directly received RO from the Rl. That is, the Devices X and Y may be implemented as Devices having not been directly synchronized with the Rl.
  • the second embodiment of the present invention is different from the first embodiment by the followings.
  • the Device X and the Device Y transmit at least one different RO to the Device Z with including only a Timestamp without each ID thereof.
  • the Device Z does not generate a virtual clock for Device but generates a virtual clock for RO.
  • the method for DRM Time synchronization between devices according to the second embodiment comprises generating a virtual clock, and determining whether RO is valid or not.
  • a Device X When a Device X is to transmit RO (e.g., RO1 and/or RO2 of FIG.5) to a Device Z, it transmits time information on DRM Time thereof, that is, Timestamp to the Device Z together with the RO.
  • the Timestamp is a parameter (or an element) including time information, and is included in a certain message used when the Device X transmits RO to the Device Z.
  • Timestamp includes a value corresponding to a current time on the DRM
  • a Device Y is operated in the same manner as the Device X. That is, when the Device Y is to transmit RO (e.g., RO3 and/or RO4 of FIG.5) to the Device Z, it transmits time information on DRM Time thereof, that is, Timestamp to the Device Z together with the RO.
  • RO e.g., RO3 and/or RO4 of FIG.5
  • the Device Z checks whether a virtual clock for each RO (i.e., RO1 ,
  • RO2, RO3, or RO4 exists therein. If there exists no virtual clock for RO (e.g., RO1 ) in the Device Z, a virtual clock for the RO1 is generated.
  • a virtual clock for RO1 and a virtual clock for RO2 may be generated by storing a difference value between DRM Time of the Device X and DRM Time of the
  • a virtual clock for RO3 and a virtual clock for RO4 may be generated by storing a difference value between DRM Time of the Device Y and DRM Time of the Device Z in the virtual clock for RO3 and the virtual clock for RO4.
  • the determining whether RO is valid according to the second embodiment is the same the determining whether RO is valid according to the first embodiment, and the its detailed explanation will be omitted.
  • FIG. 6 is a block diagram schematically showing DRM time synchronization between devices according to a third embodiment of the present invention.
  • a target Device receives RO from a Device X, and accesses to Rl when an error is generated on its DRM Time, thereby synchronizing DRM Time between devices.
  • the Device X receives RO of a specific DRM content from the Rl, and transmits the RO to the Device Z.
  • the Device Z receives RO from the Device X, and is a Connected Device that is directly connected to a Content Provider (CP) on network.
  • CP Content Provider
  • the Device X When the Device X is to transmit RO to the Device Z, the Device X sends time information, that is, Timestamp to the Device Z.
  • the Timestamp is a parameter including DRM time of the Device X, that is, a current time on DRM Time.
  • the Device Z compares a current time of the Device X obtained from the Timestamp with a current time on its DRM Time. Then, the Device Z checks whether a difference value between the current time of the Device X and the current time of the Device Z is within a preset allowable range (e.g., within one hour). If the difference value between the current time of the
  • the Device X and the current time of the Device Z is not within the preset allowable range (e.g., the difference value is more than one hour), the Device
  • the Device Z accesses the Rl thus to synchronize its DRM Time. That is, the Device Z is connected to the Rl thus to perform a registration again.
  • the registration has the same procedure as that of the aforementioned embodiment.
  • the Device Z sends a RegistrationRequest Message to the Rl so as to synchronize its DRM Time managed by a DRM Agent thereof. Then, the Rl analyzes the DRM Time of the Device Z included in the RegistrationRequest Message. The Rl transceives a certain message (i.e., an OCSP Request message and an OCSP Response message) with an OCSP Responder, and then sends a current time provided from the OCSP Responder to the Device
  • the Device Z through a RegistrationResponse Message. Then, the Device Z synchronizes its DRM Time with the current time provided from the OCSP Responder. Then, in order to use a specific DRM content (e.g., DRM content accessible by the RO transmitted from the Device X), the Device Z determines whether a corresponding RO (e.g., the RO transmitted from the Device X) is valid or not in the same manner as that of the first embodiment shown in FIG. 4. Accordingly, detailed explanation for the determining whether RO is valid or not according to the second embodiment will be omitted.
  • a corresponding RO e.g., the RO transmitted from the Device X
  • FIGS. 7 to 9 are signal flowcharts schematically showing DRM time synchronization between devices according to fourth to sixth embodiments of the present invention.
  • a first DRM Agent 10 is an entity mounted on the Device 1
  • a second DRM Agent 20 is an entity mounted on the Device 2.
  • the same reference numerals shown in FIGS. 7 to 9 have the same operation and construction.
  • both the Device 1 and the Device 2 are a Connected Device, respectively.
  • Devices are synchronized with each other (the same DRM Time, S10), and the Devices are not synchronized with each other (S20).
  • S10 and S20 are implemented as independent procedures having no relation therebetween.
  • the S10 of FIG. 7 is similar to FIG. 6 of the third embodiment.
  • the second DRM Agent 20 compares DRM Time of the first DRM Agent 10 with its DRM Time (S12).
  • the DRM Time of the first DRM Agent 10 is obtained by using the Timestamp transmitted to the second DRM Agent 20 in step S11.
  • the second DRM Agent 20 calculates a difference value between the DRM Time of the first DRM Agent 10 and its DRM Time. Then, the second DRM Agent 20 determines whether the calculated difference value is within a preset allowable range, thereby determining whether the first DRM Agent and the second DRM Agent are synchronized with each other.
  • the S11 may be performed by a Trigger message of the second DRM Agent 20.
  • the second DRM Agent 20 sends a failure message to the first DRM Agent 10 (S13). Then, the first DRM Agent 10 and the second DRM Agent 20 register into an Rl 30 (ROAP REGISTRATION), thereby synchronizing each DRM Time thereof with a current time provided from an OCSP Responder 40 (S14).
  • Rl 30 ROAP REGISTRATION
  • the process for synchronizing DRM time of the second DRM Agent 20 in S14 will be explained in more detail.
  • the Rl 30 transceives an OCSP Request message and an OCSP Response message with the OCSP Responder 40.
  • the Rl 30 sends a current time provided from the OCSP Responder 40 to the second DRM Agent 20 through a ROAP-Registration Response message.
  • the second DRM Agent 20 synchronizes its DRM Time with the current time provided from the OCSP Responder 40.
  • the process for synchronizing DRM Time of the first DRM Agent 10 is equal to the process for synchronizing DRM Time of the second DRM Agent 20.
  • the first DRM Agent 10 and the second DRM Agent 20 synchronize their current times on the DRM Times to the current time provided from the OCSP Responder 40.
  • FIG. 8 is a signal flowchart schematically showing DRM time synchronization between devices according to a fifth embodiment of the present invention.
  • a Device 1 is a Connected Device
  • a Device 2 is an Unconnected Device.
  • the FIG. 8 of the fifth embodiment is different from the FIG. 7 of the fourth embodiment in that the Device 2 including the second DRM Agent 20 is an Unconnected Device. That is, the first DRM Agent 10 is directly connected to the Rl 30 thus to independently perform ROAP REGISTRATION for DRM
  • the second DRM Agent 20 is connected to the Rl 30 via the first DRM Agent
  • the first DRM Agent 10 is operated as a proxy for the second DRM Agent 20.
  • the first DRM Agent 10 is operated as a proxy for the second DRM Agent 20.
  • FIG. 8 according to the fifth embodiment of the present invention, Devices are synchronized with each other (the same DRM Time,
  • FIG. 8 has the same operation as the S20 of FIG. 7, and thus only the S10' of FIG. 8 different form the S10 of FIG. 7 will be explained.
  • the first DRM Agent 10 performs an ROAP-Registration process and an OCSP process like in the S14 thus to synchronize its DRM Time with a current time provided from an OCSP Responder 40.
  • the second DRM Agent 20 is not directly connected to the Rl 30. Accordingly, the second DRM Agent 20 is connected to the Rl 30 by serving the first DRM Agent 10 as a proxy thus to perform an ROAP-Registration process, and to perform an OCSP process with the OCSP Responder 40 (S14').
  • the first DRM Agent 10 and the second DRM Agent 20 synchronize each of their DRM Times with a current time provided from the OCSP Responder 40.
  • the first DRM Agent 10 may synchronize DRM Time with the Rl 30 just before RO is transmitted to the second DRM Agent 20 (prior to the S11 ) so as to obtain a precise DRM Time. That is, the first DRM Agent 10 is connected to the Rl 30 by using an ROAP-Registration Protocol thus to obtain an OCSP Response. Then, the first DRM Agent 10 synchronizes its DRM Time with the Rl 30 by using Timestamp inside the obtained OCSP Response. However, if the Device 1 of the first DRM Agent 10 is an Unconnected Device, the first DRM Agent 10 performs an ROAP-Registration by serving the second DRM Agent 20 as a proxy.
  • FIG. 9 is a flowchart schematically showing DRM Time synchronization between devices according to a sixth embodiment of the present invention. Referring to FIG. 9, both a Device 1 and a Device 2 are an Unconnected Device, respectively.
  • the method for DRM Time synchronization between devices in FIG. 9 includes S10" in which a difference value between the first DRM Agent 10 and the second DRM Agent 20 is within a preset allowable range (e.g., within one hour), and S20' in which the difference value between the first DRM Agent 10 and the second DRM Agent 20 is not within the preset allowable range (e.g., more than one hour).
  • the second DRM Agent 20 compares DRM Time of the first DRM Agent 10 with its DRM Time (S12).
  • the DRM Time of the first DRM Agent 10 is obtained by using the Timestamp transmitted to the second DRM Agent 20 in step S11.
  • the second DRM Agent 20 calculates a difference value between the DRM Time of the first DRM Agent 10 and its DRM Time.
  • the S11 may be performed by a Trigger message of the second DRM Agent 20.
  • the second DRM Agent 20 stores RO received from the first DRM Agent 10 in a memory thereof (S12 1 ). Then, the second DRM Agent 20 sends an ok message to the first DRM Agent 10 (S13).
  • the S20' of FIG. 9 is similar to the S10" except the following.
  • the second DRM Agent 20 stores the RO received from the first DRM
  • the virtual time denotes the difference value between the DRM Time of the first DRM Agent 10 and the DRM Time of the second DRM Agent 20.
  • the second DRM Agent 20 can calculate a difference value from the DRM Time of the first DRM Agent 10 based on its DRM Time thus to store it as the virtual time. Then, the second DRM Agent 20 performs DRM Time synchronization by using the virtual time. As aforementioned, in the present invention, even an Unconnected
  • the Device having not received time information from the OCSP Responder can provide time information of the source Device to the target Device, thereby performing DRM synchronization between devices.
  • the Unconnected Device having not received time information from the OCSP Responder can generate a virtual clock, thereby performing DRM synchronization between devices.
  • the DRM Time of the source device and the DRM Time of the target device can be synchronized with each other. Fourth, regardless whether the Device is a Connected Device or an
  • Devices is not within a preset allowable range at the time of transmitting RO between Devices, the Devices are connected to the Rl thus to perform DRM Time synchronization.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Synchronisation In Digital Transmission Systems (AREA)

Abstract

Disclosed are a method and device for DRM time synchronization between devices in DRM capable of performing DRM time synchronization between devices so as to effectively consume a Rights Object (RO) of DRM content. DRM time synchronization between devices is performed even in an unconnected device having not received time information from an OCSP Responder, by providing time information of a source device for transmitting RO to a target device.

Description

METHOD AND DEVICE FOR DRM TIME SYNCHRONIZATION BETWEEN DEVICES IN DIGITAL RIGHTS MANAGEMENT
TECHNICAL FIELD The present invention relates to a Digital Rights Management (DRM), and more particularly, to a method and device for DRM time synchronization between devices in DRM capable of performing DRM time synchronization between devices so as to effectively consume a Rights Object (RO) of DRM content.
BACKGROUND ART
Digital Rights Management (DRM) is technique to protect Rights Object (RO) for digital content and systematically manage it, and provides a protecting and managing scheme for preventing an illegal copy of the content, acquiring RO, and generating/transferring the content.
FIG. 1 is a configuration view showing a DRM system in accordance with the related art. The DRM system controls content issued to a user by a content provider to be used only in a right-limit of RO. The content provider is an entity corresponding to a Content Issuer (Cl) or a Rights Issuer (Rl). The Cl issues content protected by a specific encryption method
(hereinafter, will be referred to as a DRM content) so as to protect content from a user having no access right, and the Rl issues a Rights Object (RO) necessary to use the DRM content.
A DRM Agent is mounted at a Device thus to receive the DRM content and RO from the Cl or the Rl, and controls a usage of the DRM content at a corresponding device by analyzing a 'License' included in the RO. The License consists of a 'Permission' and a 'Constraint'. The 'Permission' includes explanation and reference information for specific content, a decryption key for content. For instance, the 'Permission' includes Play, Display, Execute, Print, Export, etc., and the 'Constraint' includes Count, Timed-Count, Datetime, Interval, Accumulcated, Individual, System, etc. The Timed-Count, Datetime, and Accumulcated are time-related conditions, and whether they are valid or not is determined by the DRM Agent with reference to a DRM Time managed by the DRM Agent. The DRM Agent registers into the Rl through a Rights Object
Acquisition Protocol (ROAP), obtains RO from the Rl, and joins/leaves a Domain of devices managed by the Rl. The ROAP consists of a Registration Protocol, an RO Acquisition Protocol, and a Domain Management Protocol. Through the Registration Protocol, a reciprocal authentication, a certificate exchange, an algorithm negotiation, etc. are performed between a device and an Rl. Through the RO Acquisition Protocol, a request and reception for RO is performed. Through the Domain Management Protocol, a joining/leave to/from a domain is performed.
FIG. 2 is a block diagram showing a method for transmitting RO for digital content between devices.
As shown in FIG. 2, a Device A possesses RO issued from an Rl, and transmits the RO to a Device B, the RO to which a certain constraint (e.g., timed-count and/or datetime) is set. Then, the Device B transmits the RO to a Device C (not shown). In order for the Device A to use the RO including a set time-related constraint, a DRM Time (e.g., a clock or a counter) has to be synchronized between the Device A and the Rl.
Hereinafter, a method for performing a DRM Time synchronization by the Device A will be explained. When ROAP-RO Request or ROAP-JoinDomain Request is performed by the Device A, if a DRM Time of the Device A included in the message is determined not to be precise by the Rl, the Rl returns a Device TimeError to the Device A. Then, the Device A activates the Registration Protocol thus to register the message into the Rl again. When ROAP-RegistrationRequest is performed by the Device A, if a
DRM Time of the Device A included in the ROAP-RegistrationRequest is determined not to be precise by the Rl, the Rl sends an OCSP request message to an OCSP Responder. Herein, the Rl sends Noncejransmitted from the Device A together with the OCSP request message. The Rl sends a RegistrationResponse message to the Device A with including a Nonce-based OCSP Response in the message.
Then, the Device A having received the Nonce-based OCSP Response message including a Nonce identical to the Nonce transmitted from the ROAP-RegistrationResponse controls DRM Time by using visual information included in the OCSP Response.
As aforementioned, the Device A can be provided with a current time from the OCSP Responder since it is a connected Device to the Rl. However, if Devices B and C are unconnected Devices to the Rl, they can not be provided with a current time from the OCSP Responder. When the Device A receives RO from the Rl, it synchronizes its DRM Time with the Rl through an OCSP Response. However, the Devices B and C can not manage RO having a time-related constraint since they do not have a source to synchronize DRM Time. Furthermore, since the Devices having received the RO can not be controlled, a right of a Content Provider (CP) for providing DRM content is damaged.
DISCLOSURE OF THE INVENTION
Therefore, an object of the present invention is to provide a method and device for DRM Time synchronization between devices in DRM capable of effectively consuming Rights Object (RO) transmitted from a specific Device.
Another object of the present invention is to provide a method and device for DRM Time synchronization between devices in DRM capable of protecting a right of a Content Provider (CP) from an illegal damage by managing RO received from a specific device.
To achieve these and other advantages and in accordance with the purpose of the present invention, as embodied and broadly described herein, there is provided a method for DRM Time synchronization between devices in DRM, comprising: transmitting time information to a target device by at least one source device; and generating at least one virtual clock based on the time information by the target device.
Preferably, the generating at least one virtual clock for each source device based on the time information by the target device, in case that the target device consumes RO received from the source device, comprises: checking an ID of the source device recorded in the RO by the target device; checking whether a virtual clock for the source device having transmitted the RO exists or not by the target device; if the virtual clock for the device exists, calculating a current time by using the virtual clock for the device; and determining whether the RO is valid or not based on the calculated current time.
Preferably, the generating a virtual clock for each RO transmitted from the device by the target device, in case that the target device consumes the RO, comprises: checking whether a virtual clock for the RO exists or not by the target device; if a virtual clock for the RO exists, calculating a current time by using the virtual clock for the RO; and determining whether the RO is valid or not based on the calculated current time.
The method for DRM time synchronization between a first device and a second device in a DRM system including an Rl and an OCSP Responder, comprises: receiving time information of the second device together with RO from the second device; calculating a current time on a DRM Time of the second device based on the time information; comparing the calculated current time of the second device with a current time of a DRM Time of the first device; if difference between the current time of the first device and the current time of the second device is over the range as a result of the comparison, synchronizing, the current time of a DRM Time of the first device thereby registering at the Rl.
There is also provided a device for DRM time synchronization between devices in DRM, the device capable of receiving time information from at least one source device, and generating at least one virtual clock by using the time information. The method for DRM Time synchronization between devices in DRM, comprises: transmitting time information to a second device by a first device; comparing whether the first device and the second device are synchronized with each other based on the time information by the second device; when the first device and the second device are not synchronized with each other, synchronizing each DRT Time by the first device and the second device.
The method for DRM Time synchronization between devices in DRM, comprises: transmitting time information together with RO to a second device by a first device; obtaining DRM Time of the first device from the time information by the second device; the second device's calculating a difference value between its DRM Time and the DRM Time of the first device; and determining whether the calculated difference value is within a preset range.
The foregoing and other objects, features, aspects and advantages of the present invention will become more apparent from the following detailed description of the present invention when taken in conjunction with the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and serve to explain the principles of the invention together with the description. In the drawings:
FIG. 1 is an architecture schematically showing a Digital Rights Management (DRM) system in accordance with the related art; FIG. 2 is a block diagram showing a method for transmitting RO for digital content between devices in accordance with the related art;
FIG. 3 is a block diagram schematically showing a DRM system for DRM time synchronization between devices according to a first embodiment of the present invention;
FIG. 4 is a block diagram schematically showing DRM time synchronization between devices according to a first embodiment of the present invention;
FIG. 5 is a block diagram schematically showing DRM time synchronization between devices according to a second embodiment of the present invention;
FIG. 6 is a block diagram schematically showing DRM time synchronization between devices according to a third embodiment of the present invention; FIG. 7 is a signal flowchart schematically showing DRM time synchronization between devices according to a fourth embodiment of the present invention;
FIG. 8 is a signal flowchart schematically showing DRM time synchronization between devices according to a fifth embodiment of the present invention; and
FIG. 9 is a signal flowchart schematically showing DRM time synchronization between devices according to a sixth embodiment of the present invention.
MODES FOR CARRYING OUT THE PREFERRED EMBODIMENTS Reference will now be made in detail to the preferred embodiments of the present invention, examples of which are illustrated in the accompanying drawings.
Hereinafter, a method and device for DRM time synchronization between devices according to the present invention will be explained in more detail with reference to one embodiment of the attached drawings.
FIG. 3 is a block diagram schematically showing a DRM system for DRM time synchronization between devices according to a first embodiment of the present invention. As shown in FIG. 3, a DRM system according to the present invention comprises a Rights Issuer (Rl) 10; an Online Certificate Status Protocol (OCSP) Responder 20 for providing a reference time; a Device A 30 for receiving a Rights Object (RO) from the Rl 10; and a Device B 40 and a Device C 50. The Device A 30 directly receives an RO from the Rl 10, and synchronizes DRM Time by an OCSP Response included in RegistrationResponse. The Device B 40 receives RO from the Device A 30, and the Device C 50 receives RO from the Device B 40. The Device B 40 and the Device C 50 may be implemented as Unconnected Devices that are not directly connected to the Rl 10, or may be implemented as a Connected Device that is directly connected to the Rl 10.
The Device A 30 transmits RO to the Device B 40 together with certain information for DRM Time synchronization (e.g., Timestamp) and an ID thereof. In the same manner, the Device B 40 transmits RO received from the Device A to the Device C 50 together with certain information for DRM Time synchronization (e.g., Timestamp) and an ID of the Device (e.g., an ID of the Device A or a combination between an ID of the Device A and an ID of the Device B). The certain information for DRM Time synchronization will be later explained in more detail.
The Device B 40 having received the RO from the Device A 30 checks whether the RO for DRM content is valid. Herein, if time-related constraint (e.g., timed-count and/or datetime) for the RO exists, the Device B 40 uses DRM Time synchronized with the Rl 10. As a result of comparing the synchronized DRM Time with a current time, if the time-related constraint is valid and the rest constraint is also valid, the Device B 40 determines the DRM content as a Permission content.
The method for DRM time synchronization between devices according to the present invention will be explained in more detail. The method is implemented according to whether the device of the present invention is an unconnected device or a connected device. FIG. 4 is a block diagram schematically showing DRM time synchronization between devices according to a first embodiment of the present invention. Referring to FIG. 4, a Device Z that receives RO from Devices X and Y generates a virtual clock for the Device X and a virtual clock for the Device Y1 thereby performing DRM Time synchronization between the Devices.
The Device X and the Device Y transmit RO for different DRM contents or RO having different constraints for the same DRM content, and the Device Z is an Unconnected Device that is not directly connected to a Content Provider (CP) on network. The Device X and the Device Y are provided with each DRM Time (e.g., a clock or a counter) managed by a DRM Agent. The Devices X and Y need not be Devices having directly received RO from the Rl. That is, the Devices X and Y may be implemented as Devices having not been directly synchronized with the Rl.
The Device Z generates a virtual clock for the Device X and a virtual clock for the Device Y, and manages the virtual clocks. The virtual clock for the Device X and the virtual clock for the Device Y may be implemented by several methods. For instance, the virtual clock for the Device X and the virtual clock for the Device Y may be constructed to store a difference value between DRM Time of the Device Z and their DRM Times. Herein, the time information of the Device X and the Device Y are transmitted to the Device Z via a Timestamp. More concretely, when it is assumed that a current time on the DRM Time of the Device Z is 10:31 AM and time information when the Device X transmits the RO to the Device Z via the Timestamp is 10:20 AM, the DRM time of the Device X is slower than the DRM time of the Device Z by 11 minutes. Accordingly, the virtual clock for the Device X stores a value corresponding to the (-)11 minutes. When the Device Z is to calculate a current time on the virtual clock for the Device X, it subtracts 11 minutes from a current time on the DRM Time of the Device Z.
Hereinafter, the method for DRM Time synchronization between devices according to a first embodiment of the present invention will be explained with reference to FIG. 4.
The method for DRM Time synchronization between devices according to a first embodiment of the present invention comprises generating a virtual clock and determining whether RO is valid or not. The generating a virtual clock will be explained. When the Device X (or the Device Y) is to transmit RO to the Device Z, the Device X (or the Device Y) sends an ID of the Device X (or an ID of the Device Y) to the Device Z together with time information on the DRM Time of the Device X, that is, Timestamp. The Timestamp is a parameter (or an element) including time information, and is included in a certain message used when the Device X transmits RO to the Device Z. The Timestamp includes a value corresponding to a current time on the DRM Time of the Device X.
The Device Z checks whether a virtual clock assigned for an ID of the Device X exists therein. If there exists no virtual clock assigned for an ID of the Device X in the Device Z, Device Z generates a virtual clock for the
Device X. Herein, the virtual clock for the Device X may be generated by storing a difference value between DRM Time of the Device X and DRM Time of the Device Z in a memory of the Device Z. A virtual clock for the Device Y is generated in the same manner as the virtual clock for the Device X.
When the Device Z stores RO transmitted from the Device X (or the
Device Y in a memory thereof, it records that the RO has been transmitted from the Device X (or the Device Y). For instance, the Device Z stores additional information (an ID of the Device X or an ID of the Device Y) in the received RO or in a memory thereof together with the received RO.
The determining whether RO is valid will be explained.
The Device Z determines whether a corresponding RO for a specific
DRM content (e.g., RO transmitted from the Device X) is valid or not. Herein, it is determined whether a time-related constraint of the RO is valid or not. As shown in FIG. 4, the Device Z checks from which the RO has been transmitted between the Device X and the Device Y. When the RO has been transmitted from the Device X, the Device Z determines that the RO has been transmitted from the Device X by checking information recorded in the RO (e.g., an ID of the Device X or an ID of the Device Y). The Device Z checks whether a virtual clock for the Device X (or a virtual clock for the Device Y) that has transmitted the RO exists. If a virtual clock for the Device X (or a virtual clock for the Device Y) exists, the Device Z calculates a current time by using the existing virtual clock. However, if there exists no virtual clock for the Device X or virtual clock for the Device Y, the Device Z generates a certain error (e.g., alarm sound, vibration, informing characters, clicking of an LED, etc.) thus to inform a user of the Device Z.
The Device Z determines whether the RO transmitted from the Device X or the Device Y is valid or not based on a current time on a virtual clock for the Device X (or a virtual clock for the Device Y). For instance, in an assumption that a current time on the virtual clock for the Device X is 13:00 PM, June 10th, 2006, when a time-related constraint of the RO transmitted from the Device X is set to be 13:00 PM, June 11th, 2006, the Device Z determines that the RO transmitted from the Device X is valid. Accordingly, a user of the Device Z can access a specific DRM content by consuming the RO.
FIG. 5 is a block diagram schematically showing DRM time synchronization between devices according to a second embodiment of the present invention. Referring to FIG. 5, a target Device (Device Z) generates each virtual clock for each RO transmitted from Devices X and Y, thereby synchronizing DRM time of each Device. The Device X and the Device Y transmit RO for different DRM contents, and the Device Z is an Unconnected Device that is not directly connected to a Content Provider (CP) on network. The Device X and the Device Y are provided with each DRM Time managed by a DRM Agent. The Devices X and Y need not be Devices having directly received RO from the Rl. That is, the Devices X and Y may be implemented as Devices having not been directly synchronized with the Rl.
The second embodiment of the present invention is different from the first embodiment by the followings. In the second embodiment, the Device X and the Device Y transmit at least one different RO to the Device Z with including only a Timestamp without each ID thereof. Also, the Device Z does not generate a virtual clock for Device but generates a virtual clock for RO.
Like the method according to the first embodiment of FIG. 4, the method for DRM Time synchronization between devices according to the second embodiment comprises generating a virtual clock, and determining whether RO is valid or not.
The generating a virtual clock will be explained.
When a Device X is to transmit RO (e.g., RO1 and/or RO2 of FIG.5) to a Device Z, it transmits time information on DRM Time thereof, that is, Timestamp to the Device Z together with the RO. The Timestamp is a parameter (or an element) including time information, and is included in a certain message used when the Device X transmits RO to the Device Z. The
Timestamp includes a value corresponding to a current time on the DRM
Time of the Device X. A Device Y is operated in the same manner as the Device X. That is, when the Device Y is to transmit RO (e.g., RO3 and/or RO4 of FIG.5) to the Device Z, it transmits time information on DRM Time thereof, that is, Timestamp to the Device Z together with the RO.
The Device Z checks whether a virtual clock for each RO (i.e., RO1 ,
RO2, RO3, or RO4) exists therein. If there exists no virtual clock for RO (e.g., RO1 ) in the Device Z, a virtual clock for the RO1 is generated. Herein, a virtual clock for RO1 and a virtual clock for RO2 may be generated by storing a difference value between DRM Time of the Device X and DRM Time of the
Device Z in the virtual clock for RO1 and the virtual clock for RO2 according to an operation method for a virtual clock. In the same manner, a virtual clock for RO3 and a virtual clock for RO4 may be generated by storing a difference value between DRM Time of the Device Y and DRM Time of the Device Z in the virtual clock for RO3 and the virtual clock for RO4.
The determining whether RO is valid according to the second embodiment is the same the determining whether RO is valid according to the first embodiment, and the its detailed explanation will be omitted.
FIG. 6 is a block diagram schematically showing DRM time synchronization between devices according to a third embodiment of the present invention.
Referring to FIG. 6, a target Device (a Device Z) receives RO from a Device X, and accesses to Rl when an error is generated on its DRM Time, thereby synchronizing DRM Time between devices.
The Device X receives RO of a specific DRM content from the Rl, and transmits the RO to the Device Z. The Device Z receives RO from the Device X, and is a Connected Device that is directly connected to a Content Provider (CP) on network. T Hereinafter, the device and method for DRM Time synchronization between devices according to the third embodiment will be explained.
When the Device X is to transmit RO to the Device Z, the Device X sends time information, that is, Timestamp to the Device Z. The Timestamp is a parameter including DRM time of the Device X, that is, a current time on DRM Time.
The Device Z compares a current time of the Device X obtained from the Timestamp with a current time on its DRM Time. Then, the Device Z checks whether a difference value between the current time of the Device X and the current time of the Device Z is within a preset allowable range (e.g., within one hour). If the difference value between the current time of the
Device X and the current time of the Device Z is not within the preset allowable range (e.g., the difference value is more than one hour), the Device
Z accesses the Rl thus to synchronize its DRM Time. That is, the Device Z is connected to the Rl thus to perform a registration again. The registration has the same procedure as that of the aforementioned embodiment.
The Device Z sends a RegistrationRequest Message to the Rl so as to synchronize its DRM Time managed by a DRM Agent thereof. Then, the Rl analyzes the DRM Time of the Device Z included in the RegistrationRequest Message. The Rl transceives a certain message (i.e., an OCSP Request message and an OCSP Response message) with an OCSP Responder, and then sends a current time provided from the OCSP Responder to the Device
Z through a RegistrationResponse Message. Then, the Device Z synchronizes its DRM Time with the current time provided from the OCSP Responder. Then, in order to use a specific DRM content (e.g., DRM content accessible by the RO transmitted from the Device X), the Device Z determines whether a corresponding RO (e.g., the RO transmitted from the Device X) is valid or not in the same manner as that of the first embodiment shown in FIG. 4. Accordingly, detailed explanation for the determining whether RO is valid or not according to the second embodiment will be omitted.
FIGS. 7 to 9 are signal flowcharts schematically showing DRM time synchronization between devices according to fourth to sixth embodiments of the present invention. A first DRM Agent 10 is an entity mounted on the Device 1 , and a second DRM Agent 20 is an entity mounted on the Device 2. The same reference numerals shown in FIGS. 7 to 9 have the same operation and construction.
Referring to FIG. 7 according to the fourth embodiment of the present invention, both the Device 1 and the Device 2 are a Connected Device, respectively.
Referring to FIG. 7 according to the fourth embodiment, Devices are synchronized with each other (the same DRM Time, S10), and the Devices are not synchronized with each other (S20). The S10 and S20 are implemented as independent procedures having no relation therebetween.
The S10 of FIG. 7 is similar to FIG. 6 of the third embodiment.
Hereinafter, the S10 will be explained in more detail with reference to FIG. 7.
Once the first DRM Agent 10 transmits RO, Timestamp, and an Agent Profile to the second DRM Agent 20 (S11), the second DRM Agent 20 compares DRM Time of the first DRM Agent 10 with its DRM Time (S12). Herein, the DRM Time of the first DRM Agent 10 is obtained by using the Timestamp transmitted to the second DRM Agent 20 in step S11. The second DRM Agent 20 calculates a difference value between the DRM Time of the first DRM Agent 10 and its DRM Time. Then, the second DRM Agent 20 determines whether the calculated difference value is within a preset allowable range, thereby determining whether the first DRM Agent and the second DRM Agent are synchronized with each other. The S11 may be performed by a Trigger message of the second DRM Agent 20. When the difference value between the DRM Time of the first DRM
Agent 10 and the DRM Time of the second DRM agent 20 is not within a preset allowable range in S12 (e.g., the difference value is more than one hour), the second DRM Agent 20 sends a failure message to the first DRM Agent 10 (S13). Then, the first DRM Agent 10 and the second DRM Agent 20 register into an Rl 30 (ROAP REGISTRATION), thereby synchronizing each DRM Time thereof with a current time provided from an OCSP Responder 40 (S14).
The process for synchronizing DRM time of the second DRM Agent 20 in S14 will be explained in more detail. The Rl 30 transceives an OCSP Request message and an OCSP Response message with the OCSP Responder 40. The Rl 30 sends a current time provided from the OCSP Responder 40 to the second DRM Agent 20 through a ROAP-Registration Response message. Then, the second DRM Agent 20 synchronizes its DRM Time with the current time provided from the OCSP Responder 40. The process for synchronizing DRM Time of the first DRM Agent 10 is equal to the process for synchronizing DRM Time of the second DRM Agent 20.
As aforementioned, in S10, the first DRM Agent 10 and the second DRM Agent 20 synchronize their current times on the DRM Times to the current time provided from the OCSP Responder 40.
Hereinafter, the S20 of FIG. 7 will be explained in more detail. Lower steps S11 and S12 of S20 are equal to those of S10, and thus detailed explanation thereof will be omitted. Only a difference between the S10 and the S20 will be explained. When a difference value between DRM Time of the first DRM Agent 10 and DRM Time of the second DRM Agent 20 is within a preset allowable range (e.g., within one hour), the second DRM Agent 20 sends an ok message to the first DRM Agent 10 (S13).
FIG. 8 is a signal flowchart schematically showing DRM time synchronization between devices according to a fifth embodiment of the present invention. Referring to FIG. 8, a Device 1 is a Connected Device, and a Device 2 is an Unconnected Device.
The FIG. 8 of the fifth embodiment is different from the FIG. 7 of the fourth embodiment in that the Device 2 including the second DRM Agent 20 is an Unconnected Device. That is, the first DRM Agent 10 is directly connected to the Rl 30 thus to independently perform ROAP REGISTRATION for DRM
Time synchronization differently from the second DRM Agent 20. Accordingly, the second DRM Agent 20 is connected to the Rl 30 via the first DRM Agent
10. That is, the first DRM Agent 10 is operated as a proxy for the second DRM Agent 20. Referring to FIG. 8 according to the fifth embodiment of the present invention, Devices are synchronized with each other (the same DRM Time,
S20), and the Devices are unsynchronized with each other (S 10'). The S20 of
FIG. 8 has the same operation as the S20 of FIG. 7, and thus only the S10' of FIG. 8 different form the S10 of FIG. 7 will be explained.
Referring to FIG. 8, after the S11 to S13, the first DRM Agent 10 performs an ROAP-Registration process and an OCSP process like in the S14 thus to synchronize its DRM Time with a current time provided from an OCSP Responder 40. However, after the S11 to S13, the second DRM Agent 20 is not directly connected to the Rl 30. Accordingly, the second DRM Agent 20 is connected to the Rl 30 by serving the first DRM Agent 10 as a proxy thus to perform an ROAP-Registration process, and to perform an OCSP process with the OCSP Responder 40 (S14'). As shown in S14 of FIG. 7, the first DRM Agent 10 and the second DRM Agent 20 synchronize each of their DRM Times with a current time provided from the OCSP Responder 40.
In FIG. 7 of the fourth embodiment and FIG. 8 of the fifth embodiment, the first DRM Agent 10 may synchronize DRM Time with the Rl 30 just before RO is transmitted to the second DRM Agent 20 (prior to the S11 ) so as to obtain a precise DRM Time. That is, the first DRM Agent 10 is connected to the Rl 30 by using an ROAP-Registration Protocol thus to obtain an OCSP Response. Then, the first DRM Agent 10 synchronizes its DRM Time with the Rl 30 by using Timestamp inside the obtained OCSP Response. However, if the Device 1 of the first DRM Agent 10 is an Unconnected Device, the first DRM Agent 10 performs an ROAP-Registration by serving the second DRM Agent 20 as a proxy. If synchronized time between the first DRM Agent 10 ad the Rl 30 is within a preset period (e.g., a preset time), DRM Time synchronization between the first DRM Agent 10 and the Rl 30 just before RO is transmitted to the second DRM Agent 20 (prior to the S11 ) may be omitted. FIG. 9 is a flowchart schematically showing DRM Time synchronization between devices according to a sixth embodiment of the present invention. Referring to FIG. 9, both a Device 1 and a Device 2 are an Unconnected Device, respectively.
The method for DRM Time synchronization between devices in FIG. 9 includes S10" in which a difference value between the first DRM Agent 10 and the second DRM Agent 20 is within a preset allowable range (e.g., within one hour), and S20' in which the difference value between the first DRM Agent 10 and the second DRM Agent 20 is not within the preset allowable range (e.g., more than one hour).
The S10" will be explained in more detail. Once the first DRM Agent 10 transmits RO, Timestamp, and an Agent
Profile to the second DRM Agent 20 (S11 ), the second DRM Agent 20 compares DRM Time of the first DRM Agent 10 with its DRM Time (S12). Herein, the DRM Time of the first DRM Agent 10 is obtained by using the Timestamp transmitted to the second DRM Agent 20 in step S11. The second DRM Agent 20 calculates a difference value between the DRM Time of the first DRM Agent 10 and its DRM Time. The S11 may be performed by a Trigger message of the second DRM Agent 20.
When a difference value between the DRM Time of the first DRM
Agent 10 and the DRM Time of the second DRM Agent 20 is within a preset allowable range, the second DRM Agent 20 stores RO received from the first DRM Agent 10 in a memory thereof (S121). Then, the second DRM Agent 20 sends an ok message to the first DRM Agent 10 (S13).
Hereinafter, the S20' will be explained in more detail.
The S20' of FIG. 9 is similar to the S10" except the following. When a difference value between the DRM Time of the first DRM Agent 10 and the
DRM Time of the second DRM Agent 20 is not within a preset allowable range, the second DRM Agent 20 stores the RO received from the first DRM
Agent 10 together with virtual time in a memory thereof (S121). The virtual time denotes the difference value between the DRM Time of the first DRM Agent 10 and the DRM Time of the second DRM Agent 20. For instance, the second DRM Agent 20 can calculate a difference value from the DRM Time of the first DRM Agent 10 based on its DRM Time thus to store it as the virtual time. Then, the second DRM Agent 20 performs DRM Time synchronization by using the virtual time. As aforementioned, in the present invention, even an Unconnected
Device having not received time information from the OCSP Responder can provide time information of the source Device to the target Device, thereby performing DRM synchronization between devices.
Second, even the Unconnected Device having not received time information from the OCSP Responder can generate a virtual clock, thereby performing DRM synchronization between devices.
Third, when a difference value between a current time of DRM Time of the source device and a current time of DRM Time of the target device is not within a preset allowable range, the DRM Time of the source device and the DRM Time of the target device can be synchronized with each other. Fourth, regardless whether the Device is a Connected Device or an
Unconnected Device, when a difference value between each DRM Time of
Devices is not within a preset allowable range at the time of transmitting RO between Devices, the Devices are connected to the Rl thus to perform DRM Time synchronization.
In the present invention, since DRM Time synchronization between devices is performed, only a Device having an access to RO can consume the RO. Accordingly, a right of a Content Provider (CP) can be protected from illegal damage. As present invention may be embodied in several forms without departing from the spirit or essential characteristics thereof, it should also be understood that the above-described embodiments are not limited by any of the details of the foregoing description, unless otherwise specified, but rather should be construed broadly within its spirit and scope as defined in the appended claims, and therefore all changes and modifications that fall within the metes and bounds of the claims, or equivalence of such metes and bounds are therefore intended to be embraced by the appended claims.

Claims

1. A method for DRM Time synchronization between devices, comprising: transmitting time information to a target device by at least one source device, the time information corresponding to the at least one source device; and generating, by the target device, at least one virtual clock using the time information.
2. The method of claim 1 , wherein the time information is transmitted to the target device by being included in a Timestamp parameter.
3. The method of claim 1 , wherein the source device transmits to the target device an ID and RO thereof together with the time information.
4. The method of claim 3, wherein the target device records the ID of the source device having transmitted the RO in the RO.
5. The method of claim 1 , wherein the source device transmits to the target device RO together with the time information.
6. The method of claim 1 , wherein in generating at least one virtual clock, the target device generates one or more virtual clocks, each of the virtual clocks corresponding to each source device.
7. The method of claim 1 , wherein in generating at least one virtual clock, the target device generates one or more virtual clocks, each of the virtual clocks corresponding to each RO transmitted by the source device.
8. The method of claim 1 , wherein the virtual clock is generated by using a difference value between a first time on a DRM Time of the target device and a second time on a DRM time of the source device.
9. The method of claim 1 , wherein the generating at least one virtual clock for each source device based on the time information by the target device, in case that the target device consumes RO received from the source device, further comprises: checking an ID of the source device recorded in the RO by the target device; checking, by the target device, whether the virtual clock for the source device having transmitted the RO exists or not; if the virtual clock for the source device exists, calculating a current time by using the virtual clock for the source device; and determining whether the RO is valid or not based on the calculated current time.
10. The method of claim 9, wherein the checking, by the target, whether a virtual clock for the source device having transmitted the RO exists or not device further comprises generating a certain error by the target device if the virtual clock for the source device doesn't exists.
11. The method of claim 1 , wherein the generating, by the target device, a virtual clock for each RO transmitted from the source device, in case that the target device consumes the RO, further comprises: checking, by the target device, whether a virtual clock for the RO exists or not; if a virtual clock for the RO exists, calculating a current time by using the virtual clock for the RO; and determining whether the RO is valid or not based on the calculated current time.
12. The method of claim 11 , wherein the checking, by the target device, whether a virtual clock for the source device having transmitted the RO exists or not further comprises generating a certain error by the target device if the virtual clock for the source device does not exist.
13. The method of claim 1 , wherein the target device is an
Unconnected Device.
14. A method for DRM Time synchronization between a first device and a second device in a DRM system including an Rl and an OCSP Responder, the method comprising: receiving, from the second device, time information of the second device together with RO; calculating a current time on a DRM Time of the second using the time information; comparing the calculated current time of the second device with a current time of a DRM Time of the first device; synchronizing, the current time of a DRM Time of the first device thereby registering at the Rl, if difference between the current time of the first device and the current time of the second device is over the range as a result of the comparison.
15. The method of claim 14, wherein the range is pre-set by a user of the first device, the range indicating limit capable of absorbing the difference between the current time of the first device and the current time of the second device.
16. The method of claim 14, wherein in the registering into the Rl by the first device thereby synchronizing the DRM Time of the first device, the first device is synchronized with a current time provided from the OCSP Responder through the Rl .
17. The method of claim 14, wherein the first device is a connected device.
18. A device for DRM Time synchronization between devices, in which time information is transmitted from at least one source device, and at least one virtual clock is generated based on the time information.
19. The device of claim 18, wherein a virtual clock is generated at each source device.
20. The device of claim 18, wherein not only the time information but also an ID and RO of the source device are transmitted.
21. The device of claim 20, wherein a virtual clock is generated for each RO transmitted from the source device.
22. The device of claim 18, further comprising a DRM Time managed by a DRM Agent.
23. The device of claim 22, wherein the DRM Time is synchronized by registering into an Rl when a difference value between a current time on the DRM Time and a current time on the virtual clock is not within a preset allowably range.
24. The device of claim 23, wherein the* DRM time is synchronized with time provided from an OCSP Responder through the Rl after the registration into the Rl.
25. The device of claim 20, wherein whether the generated virtual clock exists or not is checked when the RO is consumed, and if the virtual clock exists, whether the RO is valid or not is determined by using a current time on the virtual clock.
26. A method for DRM Time synchronization between devices in
DRM, comprises: transmitting time information to a second device by a first device; comparing whether the first device and the second device are synchronized with each other based on the time information by the second device; synchronizing each DRT Time by the first device and the second device, when the first device and the second device are not synchronized with each other.
27. The method of claim 26, wherein the first device transmits RO and an Agent Profile together with the time information to the second device.
28. The method of claim 27, wherein the time information is included in a Timestamp parameter.
29. The method of claim 26, wherein the comparing comprises:
(A) obtaining DRM Time of the first device from the time information by the second device;
(B) the second device's calculating a difference value between its DRM Time and the DRM Time of the first device; (C) determining whether the calculated difference value is within a preset range; and
(D) determining as that the first device and the second device are not synchronized with each other by the second device, when the calculated difference value is not within the preset range.
30. The method of claim 26, wherein when the first device and the second device are not synchronized with each other in the (C) step, further comprising sending a failure message to the first device by the second device.
31. The method of claim 26, wherein when both the first device and the second device are connected devices in the (C) step, further comprising: registering into an Rl by the first device and the second device; and receiving a current time from the Rl thereby synchronizing each DRM
Time by the first device and the second device.
32. The method of claim 31 , wherein the current time from the Rl is provided from an OCSP Responder.
33. The method of claim 26, wherein when the first device is a connected device and the second device is an unconnected device in the (C) step, further comprising: the first device's directly accessing to an Rl thereby registering into the Rl, and the second device's registering into the Rl via the first device; the first device's directly receiving a current time from the Rl, and the second device's directly receiving a current time from the Rl via the first device; and the first and second devices' synchronizing each DRM Time by using the current time from the Rl.
34. The method of claim 33, wherein the first device is operated as a proxy of the second device.
35. The method of claim 26, wherein the transmitting is performed by a Trigger message for the second device's requesting RO and time information from the first device.
36. A method for DRM Time synchronization between devices in DRM, comprising: transmitting, by a first device, time information together with RO to a second device; obtaining, by the second device, DRM Time of the first device from the time information; calculating, by the second device, a difference value between its DRM
Time and the DRM Time of the first device; and determining whether the calculated difference value is within a preset range.
37. The method of claim 36, wherein both of the first device and the second device are an unconnected device, respectively.
38. The method of claim 36, wherein if the calculated difference value is within a preset range, the second device stores the RO.
39. The method of claim 36, wherein if the calculated difference value is not within a preset range, the second device stores virtual time together with the RO.
40. The method of claim 39, wherein the virtual time is generated by using a difference value between DRM Time of the first device and DRM Time of the second device.
PCT/KR2006/004461 2005-11-30 2006-10-30 Method and device for drm time synchronization between devices in digital rights management WO2007064086A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2006800435473A CN101313297B (en) 2005-11-30 2006-10-30 Method for drm time synchronization between devices in digital rights management

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US74067205P 2005-11-30 2005-11-30
US60/740,672 2005-11-30
KR10-2006-0077767 2006-08-17
KR1020060077767A KR101305282B1 (en) 2005-11-30 2006-08-17 Method and device for drm time synchronization beween devices in digital rights management

Publications (1)

Publication Number Publication Date
WO2007064086A1 true WO2007064086A1 (en) 2007-06-07

Family

ID=38092397

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2006/004461 WO2007064086A1 (en) 2005-11-30 2006-10-30 Method and device for drm time synchronization between devices in digital rights management

Country Status (1)

Country Link
WO (1) WO2007064086A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010096391A1 (en) * 2009-02-18 2010-08-26 Dolby Laboratories Licensing Corporation Method and system for synchronizing multiple secure clocks

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001230821A (en) * 2000-02-16 2001-08-24 Sony Corp Data repeater and method, and serving medium
WO2004030364A1 (en) * 2002-09-30 2004-04-08 Matsushita Electric Industrial Co., Ltd. Content using apparatus
WO2004098833A2 (en) * 2003-04-30 2004-11-18 Pem Management, Inc. Tool for installing blind threaded fasteners
KR20040101085A (en) * 2003-05-23 2004-12-02 인더스트리얼 테크놀로지 리서치 인스티튜트 Personal authentication device and system and method thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001230821A (en) * 2000-02-16 2001-08-24 Sony Corp Data repeater and method, and serving medium
WO2004030364A1 (en) * 2002-09-30 2004-04-08 Matsushita Electric Industrial Co., Ltd. Content using apparatus
WO2004098833A2 (en) * 2003-04-30 2004-11-18 Pem Management, Inc. Tool for installing blind threaded fasteners
KR20040101085A (en) * 2003-05-23 2004-12-02 인더스트리얼 테크놀로지 리서치 인스티튜트 Personal authentication device and system and method thereof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010096391A1 (en) * 2009-02-18 2010-08-26 Dolby Laboratories Licensing Corporation Method and system for synchronizing multiple secure clocks
US8533515B2 (en) 2009-02-18 2013-09-10 Dolby Laboratories Licensing Corporation Method and system for synchronizing multiple secure clocks using an average adjusted time of the secure clocks if the average adjusted time is within the limit intersection and using a substitute average adjusted time if the averaged adjusted time is outside the limit intersection

Similar Documents

Publication Publication Date Title
CN101340278B (en) License management system and method
US8266684B2 (en) Tokenized resource access
JP4907718B2 (en) Method and apparatus for supporting multiple certificate revocation lists for digital rights management
TWI484769B (en) Secure time functionality for a wireless device
KR101099192B1 (en) Method and system for secure communication
US20030088516A1 (en) Software anti-piracy licensing
US20110087882A1 (en) Apparatus and methods for protecting network resources
US20080307508A1 (en) Method for using time from a trusted host device
US20070110012A1 (en) Device and method for tracking usage of content distributed to media devices of a local area network
CN112926082A (en) Information processing method and device based on block chain
JP5404501B2 (en) Encrypted information expiration date extension system, expiration date extension method and program
JP2011082727A (en) Information processor
WO2007064086A1 (en) Method and device for drm time synchronization between devices in digital rights management
JP2004302835A (en) Digital contents managing system, user terminal device and rights management method
KR101305282B1 (en) Method and device for drm time synchronization beween devices in digital rights management
TWI386947B (en) Memory device using time from a trusted host device and method for use therewith
KR20100035702A (en) Memory device with circuitry for improving accuracy of a time estimate used in digital rights management (drm) license validation and method for use therewith
JP2002229869A (en) Time synchronizing method and system therefor, and time synchronizing program medium
KR101465555B1 (en) Memory device with circuitry for improving accuracy of a time estimate used to authenticate an entity and method for use therewith
CN102546302B (en) Detection method and system of clone terminal devices
US9602546B2 (en) Accurate license counting in synchronized servers
KR20090036498A (en) Method for managing key in user domain and method for using content in user domain
JP2009253860A (en) Standard time distribution system, time stamp device, device for time stamp user, time authentication system, time authentication method, and time authentication program
KR20110077944A (en) A method of clone box checking for drm client based on two-way service
JP2008217270A (en) Secure apparatus, its secure equipment and electronic equipment

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200680043547.3

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06812300

Country of ref document: EP

Kind code of ref document: A1