WO2008014565A1 - Appareil et procédés de systèmes de distribution de contenu numérique - Google Patents

Appareil et procédés de systèmes de distribution de contenu numérique Download PDF

Info

Publication number
WO2008014565A1
WO2008014565A1 PCT/AU2007/001093 AU2007001093W WO2008014565A1 WO 2008014565 A1 WO2008014565 A1 WO 2008014565A1 AU 2007001093 W AU2007001093 W AU 2007001093W WO 2008014565 A1 WO2008014565 A1 WO 2008014565A1
Authority
WO
WIPO (PCT)
Prior art keywords
local
digital content
controller
central control
local controller
Prior art date
Application number
PCT/AU2007/001093
Other languages
English (en)
Inventor
Stephen Robert Hogben
Wendy Elizabeth Hogben
Original Assignee
The Content Factory Pty Ltd
Mobilesoft (Aust.) Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2006904282A external-priority patent/AU2006904282A0/en
Application filed by The Content Factory Pty Ltd, Mobilesoft (Aust.) Pty Ltd filed Critical The Content Factory Pty Ltd
Priority to AU2007281039A priority Critical patent/AU2007281039A1/en
Publication of WO2008014565A1 publication Critical patent/WO2008014565A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2543Billing, e.g. for subscription services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/47End-user applications
    • H04N21/478Supplemental services, e.g. displaying phone caller identification, shopping application
    • H04N21/4781Games
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/61Network physical structure; Signal processing
    • H04N21/6106Network physical structure; Signal processing specially adapted to the downstream path of the transmission network
    • H04N21/6125Network physical structure; Signal processing specially adapted to the downstream path of the transmission network involving transmission via Internet
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management

Definitions

  • the present invention relates to systems, apparatus and methods for the distribution of digital content.
  • the recording and storage of motion pictures and television programmes in digital form provides many advantages. It also however increases the opportunity for piracy due to the ease and fidelity with which digital content can be copied. The possibility of increased piracy has been of great concern to digital content owners, and fear of piracy has inhibited the use of potential new distribution channels, such as for example distribution over the Internet.
  • the present invention aims to provide novel systems, apparatus and methods for distributing digital content, which, in their various aspects, may provide a number of advantages.
  • the present invention provides a digital content distribution system for distributing digital content to consumers, including: a central rights control for providing digital rights management; and a local rights controller remote from the central rights control, the local rights controller being associated with a consumer; wherein the local rights controller stores items of digital content for use by the consumer; and wherein the central rights control and the local rights controller communicate with one another through a communications network to manage the items of digital content.
  • Such a system allows for content to be stored locally but managed centrally, and provides a core structure around which may be built distribution systems having a number of advantageous features.
  • the system will utilise a number of local controllers at a number of different consumer locations, with the central control serving each of them.
  • the digital content may be audio and/or video products in general, e.g. movies, TV programs, music, songs, and audio books, and may be software, e.g. computer applications, gaming software or data. It could also take other forms, e.g. electronic books. It may be any digital data that needs to be distributed but also controlled.
  • the system may be used for a variety of content delivery arrangements, for example, renting for a period of time, renting per use and purchase outright.
  • the local controller includes a port for communicating with a portable storage device, so that digital content may be physically distributed to the local controller via the portable storage device.
  • content downloaded to a local controller from the portable storage device may only be accessible after the local controller has contacted the central controller over the communications network.
  • the communication network may be a broadband, telephony, wireless data or other communications network.
  • the digital content may be stored on the portable storage device in an encrypted manner using a controller key related to the local controller, and the local controller may download or otherwise receive this controller key from the central control.
  • the encryption aids in security, and prevents content intended for one controller from being accessed by another controller or other apparatus.
  • the controller key may be used to encrypt all, or a suitable portion, e.g. a critical portion, of the content being distributed so that content use can be controlled by the supply of the key.
  • the controller key is preferably a symmetric key, although other keys types, including public/private keys, could also be used.
  • a controller key could also be used to encrypt content downloaded online from the central control.
  • the controller key is issued to the local controller prior to the connection of the portable storage device to it so that the local controller can immediately unencrypt data downloaded to it. It would however also be possible for the local controller to connect with the central control to obtain the key after the portable storage device has docked with it.
  • a content supplier may obtain the key associated with a controller from the central control in order to provide the correct encryption when loading data onto the portable storage device.
  • the controller key may be changed frequently, and changes may be regular or random, e.g. whenever there is a connection with the central control.
  • the key may be stored in a tamperproof section of the device.
  • the key may be stored on the local controller in an area of memory that is protected by a battery and circuit. Opening the controller's case, disconnecting the power or removing components may open the circuit, thereby depowering the memory and erasing the key.
  • the key may be used to encrypt the whole package of files bound for a local controller or could encrypt files individually.
  • a content provider or the like itself to generate or assign a controller key to a particular controller when providing encrypted content to that controller, and for the content provider to then pass that key to the central control for on-transfer to the local controller.
  • the portable storage device when the portable storage device is connected to the local controller, it may prompt the local controller to connect with the central control in order to collect the key that originated from the content provider.
  • the portable storage device could be a dedicated device for use only with the local controller, but is preferably a generic device usable to store data in general and may have multiple functions.
  • the use of an encryption process that links the local controller and the portable storage device facilitates operation of the latter.
  • the portable storage device could be any device having a suitable storage medium, and may include mp3 players, PDAs, mobile phones, digital cameras, memory sticks or cards, hard disk devices, flash memory, CD-ROMs, or DVDs, e.g. DVD -R, -RW, +R, +RW.
  • DVDs When DVDs are used, it will be noted that the content is not DVD-Video that can be played in a normal DVD player, but may be encrypted data that must be converted by the local controller.
  • the portable storage device will generally not be able to access or play the content, and content will only become playable on download to the local controller.
  • the portable storage device may be re-usable or may be a one-time use device only.
  • the portable storage device may have a dedicated internal file structure for the digital content, so as not to interfere with any other data on the device.
  • the local controller may act on content downloaded from the portable storage device in accordance with the location of the content in the file structure, and different content may cause different applications to launch in the local controller to process them. Thus, movies may be processed differently from software.
  • the local controller may initiate a routine for the automatic transfer of digital data from the portable storage device when a connection is made, without user intervention. This may provide additional security. As another security feature, the local controller may automatically delete content from the portable storage device after the content has been downloaded and verified. The local controller may also communicate with the central control for approval to download digital content from the portable storage device. As well as receiving digital content, the local controller may receive controller software via the portable storage device, which may be in the form of a complete application or an update. Such data could also be provided online over the communications network. The software may be self-loading to prevent tampering, and the local controller may download and activate software from a portable storage device prior to downloading or decrypting digital content. This software may also contain additional security functions - such as the automatic deletion of downloaded content after a prescribed period of time.
  • the system may provide a catalogue to assist a consumer in selecting available content.
  • Catalogue data may be distributed online and/or may be distributed to the local controller through the portable storage device.
  • the local controller may utilize the catalogue data to allow a consumer to select digital content items for download.
  • the catalogue data may be a whole new catalogue or updates only. It may be provided as a local catalogue stored on the local controller and/or may be provided online. It may include pictures or video clips, especially when provided online.
  • the local controllers and the central control can also communicate via the portable storage device, and the local controller may store files on the portable storage device that provide information on the local controller, e.g. a request for content, e.g. content ordered from a catalogue, controller ID, an inventory of the controller, such as hardware, software, file sizes and file structure details, logs of activities, messages and the like. Also, the local controller may receive files from the portable storage device that provide instructions and/or messages to the local controller, which may include software updates, rules, messages, e.g. errors in download of content, and new catalogue information.
  • the portable storage device may receive digital content for transfer to the local controller from a digital contents download station remote from the central control and local controller.
  • the portable storage device may connect to the download station, and may automatically download content in accordance with user requirements, e.g. as detailed on a control file on the portable storage device.
  • the download station may also transfer other data discussed above, including e.g. messages, new software, catalogue information, control files, inventory and the like.
  • the download station may take the form of a kiosk or the like, and may be provided in a supermarket, shopping centre, post office, music or video retail or hire shop, or the like. This provides a convenient and fast way of obtaining content for local controllers, especially where the consumer does not have a high speed communications link.
  • the data may be suitably compressed and stored for fast access and may be cached on fast access servers of the kiosk, for download as and when a user requests it.
  • the download station could provide access to a high speed communications channel for download of data.
  • the portable storage device may connect to the download server by a variety of links and protocols which may include USB 2.0 and Firewire 400 and Firewire 800 and eSata.
  • the download stations may run checks on the local controller and consumer using data provided on the portable storage device and by contacting the central control.
  • the consumer may also need to input data, e.g. a PIN or the like, and may e.g. need an identification card with User ID or membership details or the like.
  • the identification card may store information on a barcode or encoded magnetic strip. For example, a customer may be given a membership card and ID on joining a video/DVD rental service or the like that implements the present system.
  • the download station may encrypt the content downloaded onto the portable storage device using a controller key associated with the local controller that it obtains from the central controller.
  • content could be recorded onto a portable storage device, e.g. a DVD, memory card or stick or the like and sent out to a consumer, e.g. by mail, in response to a content request that could for example be made online or in accordance with pre- registered information.
  • a portable storage device e.g. a DVD, memory card or stick or the like
  • the content may be encrypted by the content provider obtaining a local controller key from the central control.
  • pre-recorded storage devices compiled by content providers without user selection could be sold or bundled in magazines or the like. Keys for the storage devices could be notified to the central control by the content provider, and the local controller could obtain a key for a storage device connected to it by reading an ID of the storage device and passing it to the central control, which would then obtain the key associated with the ID and pass it on to the local controller. The central control could then associate the ID and key with that controller, and not allow another controller to receive it.
  • local controllers could be located in hotel rooms or other accommodation, and the portable storage devices could be used by the proprietor of the premise to load movies into each local controller periodically, for example, once per month. This may provide a very satisfactory Hotel In Room Movie service as it may avoid the necessity for a hotel to put expensive network cabling into each room to support in Room Movies and may provide a low cost, cost effective, reliable, secure, and efficient system.
  • the local controller may communicate with the central control to request authorisation to perform an action with respect to an item of digital content, e.g. to download it from the portable storage device, to decrypt it, or to play or copy it.
  • the authorisation may be a one time authorisation or authorisation may be required every time an action is required. Authorisations may also occur during play or copying of a device, e.g. at regular or random times.
  • a local controller may need to be in contact with the central controller throughout access of the content or may only require a connection at the start of access or at the start and end of access.
  • Different authorisation regimes may be used to implement different content delivery arrangements, such as renting for a period of time, renting per use and purchase outright.
  • DRM Digital Rights Management
  • the DRM key may be item specific so that different keys are used for different movies, different copies of movies, etc, and may also be controller specific, so that the key for an item on one controller cannot be used to play the same item on another controller.
  • the DRM key may be individualised to an item of content and may be individualised to a specific user, e.g. using standard DRM technologies. It may also be configured as a one-time use key, again using known DRM technology.
  • the system can support many different types of DRM and is adaptable to new types of DRM control.
  • DRM controls can be implemented through a DRM application on a server of the central control, and DRM controls can be modified or replaced by suitable updating of the DRM server application.
  • the system is able to deliver DRM encrypted content in an encrypted payload/envelope on a portable storage device, with the local controller converting the payload into the DRM encrypted content.
  • the system may monitor the local controller to check for tampering and may execute a tamper regime in respect of the local controller if it is found to have been tampered with.
  • the central control may note the controller as compromised, and may refuse to provide authorisations or to issue keys to the controller, and may instruct the controller to delete content and to lock-up until an appropriate reset is provided.
  • an attempt to tamper with the local controller may leave the perpetrator with doubly-encrypted data and no local controller.
  • Tamper monitoring may include monitoring of the file structure and hardware of a local controller, and may also include monitoring of any connected hardware.
  • the local controller may send data to the central control, e.g. inventory data and the like, which may for example relate to the controller's hardware, software, file sizes and file structure.
  • the central control may use this data to check for tampering, e.g. an unauthorised change in the inventory or the appearance of a proscribed item of hardware or software.
  • the local controller may also itself check for tampering in a self-check routine. It may inform the central control when tampering is detected, and/or may independently take any other necessary action, e.g. deletion of files and lock-up. Self-checks may occur on start-up, on power down, and when in use, as may checks with the central control.
  • a local controller may determine that it has been tampered with and render its own tamper alarm if a preset period of time elapses without it being connected to the central control or a download station, e.g. in order to obtain updates or the like, or if its internal clock is tampered with.
  • the system may track usage of digital content on the local controller, and may manage the content based on the tracked usage.
  • the central control may provide rules to the local controller regarding the deletion of files and the like and may monitor for compliance with the rules, or may directly instruct the local controller regarding deletions and the like.
  • Content may for example be deleted after it has been accessed an allowed number of times or after its end use date has expired.
  • the central control may use its own time clock to determine the age of digital content that is on a local controller, rather than rely on the clock of the local controller.
  • the local controller may also have its clock updated to accord with the clock of the central control.
  • the system e.g. the central control, may track usage for billing purposes and for paying out royalties and other reconciliation and reporting services.
  • Billings may be in respect of the outright purchase of content or the rental of content. Payment may be made on a per use basis, or for a period of use, and may be charged only when the central control receives confirmation that use has been made of the content.
  • a user may download a number of items of content, but may only access a few of them.
  • the central control may monitor this, and may charge only for the content consumed. This could allow a content provider to push content, e.g. in a free storage device, and a consumer could then charge only for the content used.
  • Content could expire after a set time, and be deleted by the local controller, so that content is not left indefinitely on the local controller, and the content could be automatically deleted by the local controller from the supplied storage device after download and verification.
  • the local controller may allow content stored thereon to be transferred to a further local device, e.g. to a personal computer, games machine, PDA or the like.
  • the content may be transferred with suitable DRM information, so that the further local device must activate the content prior to its use, e.g. online with a central DRM system.
  • the local controller may run a check of the local device to check for proscribed hardware, software or the like, and/or to compare the local device's configuration to approved configuration forms. This may also or alternatively be carried out during the activation process by the DRM system.
  • the system may allow for local burning of downloaded digital content or some other fixation of the content. It may also allow for the content to be transferred to a secondary local device using the method outlined earlier and then locally burned on that device. This may for example be for back-up purposes or for providing a hard copy separately of the local controller.
  • the local controller or the secondary local device may for example include a suitably trusted burning application that is authorised for use by the digital content owners.
  • the present system can deliver, install and verify the fixation/burning software and any required protection technology software of the local controller and the secondary local device.
  • the local controller may store the digital content using a local key based upon configuration data associated with the local controller. When access to the content is required, the local controller may generate the key locally using the local configuration and then store the decrypted content ready for use. This decrypted content may be deleted when access is no longer required, and deletion of unencrypted content may also occur on start-up and/or shut-down of the controller.
  • the local encryption prevents for example a hard drive of the controller from being removed and read by another controller or other apparatus.
  • the central control may take many different forms, and could include various applications, servers and databases or have access to them, and the local controller may be a dedicated unit, e.g. a set-top-box, or may be a computing device running an appropriate rights management application or applications. Applications on the set-top-box or computing device may be trusted applications that may be subject to various verification routines, and the present system can allow for delivery, installation and verification of these applications.
  • the communications network between the central control and the local controller may take any suitable form and could be a computer network, power line carrier, and/or a telecommunications network such as PSTN or cellular networks.
  • the present invention provides a central control for a digital rights management system, the system including a plurality of local rights controllers that store digital content locally and communicate with the central control to provide digital rights management of the locally stored content, wherein the central control includes: means for receiving and storing data relating to the local controllers, means for monitoring the validity of the local controllers, and means for authorising the local controllers to perform a function in relation to the digital content.
  • the central control may issue a controller key to each local controller, and the local controllers may decrypt content, e.g. received from portable storage devices, with the controller keys. Items of digital content may be encrypted with DRM item keys, and the central control may issue DRM item keys to the local controllers on request, e.g. after a validation of the local controllers. The central control may monitor the usage of the digital content by the local controllers.
  • the present invention provides a local controller for storing items of digital content for use by a consumer, the local controller including means for connecting with a remote central control, means for issuing a request to the remote central control to perform an action on an item of digital content, and means for receiving an authorisation from the remote central control to perform the action.
  • the local controller may include a port for communication with a portable storage device for receiving digital content, and the local controller may access, e.g. download, decrypt, play or copy, content from the portable storage device only after receiving authorisation from the central control, and the local controller may obtain a controller key from the central control to decrypt digital content on the portable storage device.
  • the local controller may place an order for digital content on the portable storage device, may obtain catalogue data from the portable storage device, and may load controller data, e.g. identification and configuration data, onto the portable storage device.
  • the local controller may perform a tamper detection routine, and enter a contents protection regime when tampering is detected.
  • the present invention provides a download station for supplying items of digital content to a plurality of remote local rights controllers that manage digital content under the control of a remote central control, the download station including a dock for connecting with a portable storage device for downloading digital content to the portable storage device for transfer to a local controller, the download station including means for determining a local controller associated with a portable storage device and for determining the digital content required by the portable storage device.
  • the download station may include means for communicating with the central control, e.g. to request authorisation from the central control to download data to the portable storage device.
  • the supply station may request a controller key associated with a particular local controller from the central control and may encrypt the digital content with the controller key.
  • the supply station may include digital content in a local storage means, e.g. server, or may access the data online over a high speed connection.
  • the present invention provides a method of distributing digital content to a consumer including providing a rights controller locally at a consumer location, storing digital content to the local controller, and obtaining authorisation from a remote digital rights management central control before allowing access to the downloaded digital content, the central control monitoring the local controllers, e.g. to conduct security checks, to ensure DRM compliance, and/or to determine content usage.
  • the method may include the supply of digital content to the local controller through a portable storage device, and the encryption of digital content on the portable storage device using a controller key associated with the local controller by the central control.
  • the digital content may be downloaded to the portable storage device from a digital content download station remote from the local controllers and central control, the download station contacting the central control to determine consumer information and/or authorisation for the download.
  • the central control may be supplied with a digital rights management system, with the digital content encrypted in accordance with the digital rights management system and with the central control issuing decryption keys to the local controllers for decryption of the content.
  • the local controllers may be monitored for tampering, and if tampering is detected, a content protection regime may be initiated, e.g. to delete content and lock-out the relevant controller.
  • the present invention provides a digital content distribution system for distributing digital content to consumers, including: a central rights control, a plurality of local rights controllers remote from the central rights control, and a plurality of digital content download stations remote from the central control and from the local rights controllers; wherein each local rights controller is associated with a consumer; wherein a consumer obtains digital content for storage on a local rights controller from a download station utilising a portable storage device; wherein digital content is stored on the portable storage device in encrypted form using controller keys associated with the local controllers; and wherein the local controllers communicate with the central control via a communications network so as to obtain the controller keys.
  • the download stations obtain controller keys from the central control when supplying digital content, and encrypt the digital content using the controller keys.
  • the contents may be DRM encrypted, and the central control may include a DRM system for providing access to the DRM encrypted digital content.
  • the local controllers may receive catalogue data and software via the portable storage devices, and the local controllers may send configuration or inventory data to the central control via the portable storage devices. Downloaded software may be run by the local controllers prior to downloading of digital content from the portable storage devices.
  • the local controllers may obtain permission from the central control to perform an action on the digital content, e.g. to download digital content from the portable storage devices or to play or copy digital content on the controllers.
  • the present invention provides a system of local controllers for managing digital content, each local controller having a first communications channel for receiving DRM instructions from a central control over an electronic communications network and a second communications channel for receiving digital content provided on a physical storage device.
  • the present invention provides a digital content distribution system including a central control and a plurality of local controllers, wherein the local controllers store digital content for use by a consumer, and wherein the central control administers a digital rights management system in respect of the content stored on the local controllers.
  • the present invention provides a digital content distribution system including a central control and a plurality of local controllers, wherein the local controllers store digital content for use by a consumer, and wherein the central control monitors the local controllers to determine whether the local controllers have been tampered with.
  • the present invention provides a digital content distribution system including a plurality of local rights controllers, the controllers receiving digital content from portable storage devices and communicating with a central control through the portable storage devices, the local controllers uploading control files to the portable storage devices for requesting digital content and for providing information regarding the status of the local controllers, and possibly downloading control files for use by the central control.
  • any one of the aspects mentioned above may include any of the features of any of the other aspects mentioned above and may include any of the features of any of the embodiments described below, as appropriate.
  • Figure 1 is a schematic block diagram of a digital content distribution system
  • Figure 2 is a schematic block diagram of file types interchanged between a local digital rights controller and a central control
  • Figure 3 is a schematic diagram of a catalogue contents ordering sequence
  • Figure 4 is a schematic diagram showing steps in a local controller verification procedure
  • Figure 5 is a schematic representation of the handling of digital content on downloading content to a local controller from a portable storage device
  • FIG. 6 is a schematic diagram showing the steps in an on-transfer of content from a local controller to a further local device.
  • a digital contents distribution system for example for distributing movies, includes a local controller 10 that is located at a consumer's premises and that stores items of digital content 20 for use by the consumer.
  • the controller 10 may for example be connected to a display device 30, e.g. a television screen, projector or the like for the screening of movies.
  • the local controller 10 communicates with a remote central control 40 via a communications network 50 so as to manage digital content 20 in accordance with digital rights management (DRM) regimes applicable to the content.
  • DRM digital rights management
  • the digital content 20 may not only relate to movies, but may for example relate to other types of product, such as video and audio products in general, including video and television products, music products, audio books newspapers and the like. It may also relate to software, including computer applications and electronic/video games, and may relate to electronic books and to data, e.g. information for a database. It may relate generally to digital content that needs to be distributed to consumers and that needs to be managed with regard to its use.
  • the local controller 10 may be a dedicated unit, such as a set-top box, and may be separate from or part of a larger home entertainment system. It could also be a computing device running appropriate software, e.g. a suitably programmed personal computer. A dedicated unit is preferred for added security.
  • the central control 40 may take many forms, and may include or communicate with various servers, systems and databases.
  • the central control 40 is shown communicating with a digital contents database 60 that may hold digital content for distribution, a consumer database 70 that may hold information regarding consumers and their associated local controllers 10, a digital rights management (DRM) system 80 for controlling the use of content, a billing service 90 that may charge consumers for content usage, and a report and settlement service 1 10 that may for example report content usage and provide royalty settlement services to content rights owners, and that might also provide management reporting and marketing services based on consumer usage information gathered.
  • the central control 40 may include appropriate web applications and the like to link to the local controller 10 and to any other appropriate applications and services.
  • the system has a number of advantageous features that may enable the distribution of digital content to consumers who have been excluded from such services previously, that may provide secure environments within which to distribute digital content, and that may ensure that rights in the content are respected and adhered to.
  • the digital content 20 may be distributed to the local controller 10 in any suitable manner, and may be provided over the communications network 50, e.g. as a downloadable file provided over the Internet.
  • the digital content 20 is downloaded to the local controller 20 using a portable storage device 1 10.
  • a portable storage device 1 10 This allows for the download of large content files through a transportable storage medium, whilst allowing for DRM control over an electronic communications network. It divorces DRM control and content delivery, and may provide a separate channel for each. It provides a framework within which DRM rights can be managed, whilst facilitating the distribution of content to consumers who do not have fast broadband services, and who may only have for example a dial-up internet connection or a low speed broadband connection. In such situations, it would be difficult to distribute movies or the like over such links, as download times would be prohibitively long. Indeed, the system may also be advantageous to consumers who have high speed internet connections, as even with such connections, download times can be inconveniently long.
  • the communications network 50 may be a broadband, telephony, wireless data or other communications network.
  • the system also allows the communications network 50 to take other low bandwidth forms, e.g. a mobile phone link or the like, including GSM mobile (GPRS or other) or "3G" phone links.
  • the portable storage device 1 10 may be provided as a dedicated device associated uniquely with the local controller 10, and not usable for any other purpose. In one advantageous form, however, the portable storage device 1 10 is a general-purpose device that may be used for other purposes also.
  • the portable storage device may for example take the form of an MP3 player, mobile phone, PDA, laptop, smart phone, digital camera or any other suitable portable device that has digital storage facilities. It may take the form of a basic memory device, e.g. a memory stick or general memory card, and could be flash memory or a hard disk. It could be a CD or a DVD, and e.g. could be a DVD -R, -RW, +R, +RW. It could be a one-time use only device, or may be reusable.
  • the portable storage device 1 10 itself may not be able to play the digital content stored on it and, with respect to the content being transferred, may provide a distribution function only, e.g. because of the form in which the digital content is stored and/or because the device is a purely memory device.
  • a consumer may order digital content from a content supplier, e.g. from the central control 40 or some other supplier, who may then issue the content to the local controller 10 on an appropriate storage medium, e.g. on a DVD.
  • the DVD or other device 1 10 could for example be posted to the consumer, or the consumer could collect the device from a local distribution point, e.g. at an appropriate retail outlet.
  • Content could also be sent out to consumers without any ordering, e.g. by providing the storage device with a magazine or the like, or by providing content on media that may be purchased in retail establishments.
  • the portable storage device 1 10 downloads content from a content download or supply station 120.
  • stations 120 may be provided in convenient locations, such as in retail establishments, and for example may take the form of a kiosk. They may for example be located in video or DVD retail or hire stores, in music stores, or in post offices, shopping centres, railway or bus stations or the like. Thus, a consumer would bring in their storage device 1 10, e.g. a memory card, and connect it to the station 120.
  • the station 120 would then upload the required contents, and the consumer would remove their storage device and take it home for loading onto the local controller 10.
  • the consumer could order the content at the download station 120, or could pre-order, e.g. online through the central control 40, which may in turn communicate the order to the appropriate download station 120.
  • the content may be available on storage media at the download station 1 10, e.g. in a suitable cache, or may be retrieved by the download station on-demand through a high-speed communications link with an appropriate contents database.
  • the download station could also provide a high speed connection directly between the storage device 1 10 and an appropriate contents provider. Pre-ordering of content, and the storage of content at a download station 120, provides for a particularly fast and efficient service.
  • a consumer may order content at home using the local controller 10, which may then store the order information on the portable storage device 1 10, so that the download station 120 can download the order information from the device 1 10 when the consumer connects it to the station 120.
  • the supply station-storage device link is a Firewire 800 or USB 2 link and has a minimum speed of 300 Mbit/s.
  • This will generally require the use of station servers with appropriate bus speeds and hard drive access speeds, e.g. SATA drives.
  • content may be suitably compressed, and preproduction and compression configurations may be used to maximise compression. Compression could for example utilise MPEG4 (Part 10), i.e. H264 compression technology at 1 .2-1.5 Mbit/s.
  • the content transfer process may be automatic upon connection of the storage device 1 10 to the download station 120, and may be outside the control of the consumer.
  • Such systems provide for a very convenient and fast way of obtaining content using a portable storage device 1 10 that a consumer may already own and carry, e.g. an MP3 player, whilst also allowing for DRM compliance through connection with the central control 40.
  • the central control 40 may communicate with the download stations 120, or any other issuer of content, to log content that has been distributed and to note the content and consumer details.
  • the central control 40 may then track the content, e.g. when a consumer downloads the content to their local controller 10.
  • the central control 40 may instruct the stations 120 as to what should and should not be downloaded to a specific consumer's device, e.g. based on a stored user profile.
  • the central control 40 may store consumer data to allow for the station 120 or the central control 40 to run an identification process to ensure that the storage device 1 10 is associated with a particular consumer and local controller 10.
  • the portable storage device 1 10 may have identification information stored thereon by the local controller 10 prior to it being used to obtain content, and when connected to a download station 120, the information may be read and confirmed.
  • Identification data could include a local controller identifier, such as a
  • MAC address of the local controller 10 consumer identification, such as a PIN, and could include information, e.g. a "fingerprint", of the local controller's set-up, e.g. information derived from the configuration of the local controller 10, such as from its hardware, software and file structure.
  • This data may be stored by the central control 40, e.g. in the consumer database 70, and could be obtained from interrogation of the local controller 10 over the communications network 50. The data may be accessed for checking purposes when a consumer attends a download station 120.
  • a consumer could also or alternatively be requested to input a PIN or other suitable identification at the download station 120, and may provide a User ID or membership card associated with an entity that is implementing the system, e.g. a membership card or ID for a customer of a video/DVD rental company or the like.
  • the membership card may store information on a barcode or encoded magnetic strip.
  • the digital content 20 is distributed in an encrypted form.
  • content on the portable storage device 1 10 may be encrypted with a controller key allocated to the local controller 10. This would allow content downloaded onto the storage device 1 10 to be accessed only by a local controller 10 having the corresponding controller key.
  • This controller key may be downloaded to the local controller 10 by the central control 40, and may be stored in the local controller 10 in a secure location, e.g. in an area of memory protected by a battery and circuit, such that tampering with the local controller 10 would open the circuit and erase the key.
  • the controller key could alternatively be accessed as and when needed by communication with the central control 40, without being locally stored.
  • the content provider may assign an ID to each DVD, and the central control 40 may have access to a database of DVD IDs and encryption keys.
  • the controller may go on-line, advise of the DVD ID, and will then receive the appropriate key for the DVD's ID.
  • the central control 40 can also mark the key as relating to the first local controller to request it, so that no further controllers could receive it.
  • the controller key may be changed over time as a security measure, and may be changed on each connection with the central control 40 or at other regular or random times.
  • the controller key will be separate from any digital rights management encryption that is associated with the content 20 itself, e.g. provided by the contents owners or producers, and for example may be administered by the central control 40 itself independently of any DRM system 80.
  • the controller key may be stored in the consumer database 70 with consumer and controller information.
  • the download station 120 or other content provider may also obtain the controller key from the central control 40, so as to encrypt the content prior to storing it on the portable storage device 1 10.
  • the download station 120 or other content provider could generate/determine a controller key, encrypt and send out the digital content using the key and then separately send out the key to the local controller 10, e.g. via the central control 40.
  • the content to be transferred to the portable storage device 1 10 may be encrypted as a single packet of data, or each item of digital content and any other files could each be encrypted individually. All of the content could be encrypted, or only a critical portion or portions of the content needs to be encrypted, such that usage without the key would not be possible.
  • Other files could include messages for the consumer, software for the local controller 10, e.g. updates, and catalogue information to allow for ordering of content.
  • software is provided, it is preferably to have the controller key stored on the local controller 10, so that the software can be downloaded and installed as soon as the portable storage device 1 10 is connected to the local controller 10 and before the local controller 10 goes online to connect with the central control 40.
  • the device may go online first for authorisation before decrypting the digital content. Both arrangements may be used at different times, and one function of online authorisation is to co-ordinate implementations.
  • the software may contain security functions - such as the automatic deletion of downloaded content after a prescribed period of time.
  • the local controller 10 may retain both keys, in case the timing of a content download is such that the older key is still required. Thus, the encrypted content will be time-stamped and the local controller 10 will use the key corresponding with the time stamp to unencrypt it.
  • Keys may for example be held for a 24 hour period, so that a consumer must download content from the portable storage device 1 10 within this time.
  • the time-stamping may be synchronised, e.g. by having the local controller 10 and the download stations 120 update their system clocks using a system clock of the central control 40.
  • the controller-specific keys may be loaded on the local controller at installation, and may be updated at the instigation of the central control, e.g. when the local controller goes online to obtain a DRM key (discussed below).
  • the controller key may be a symmetric key, as it can be sent to the local controller 10 over the communications network 40 and so is delivered over a separate channel from the encrypted content on the storage device 1 10.
  • Other encryption systems could however also be used, including private/public key systems, combinations of key types and the like.
  • the consumer will connect the portable storage device 1 10 with the local controller 10 through a suitable port of the controller 10. Preferably, this causes the local controller 10 to automatically enter a download routine that is outside of the control of the consumer.
  • the local controller 10 may assume that all data on the storage device 1 10 is encrypted and may unencrypt it using the appropriate controller-specific key.
  • Data transfer between the local controller 10 and the portable storage device 1 10 need not be as fast as that at the download station 120, but will generally be significantly faster than that achievable over the communications network 50.
  • the local controller 10 may initiate various routines that are again outside of a consumer's control. As said, the first of these may be to install any necessary software upgrades, which may include a reboot of the system. The next action may be for the local controller 10 to connect with the central control 40 to note that the download has occurred and to implement any desired security measures, e.g. to appropriately identify itself and obtain online activation of the software. Software activation is preferably carried out prior to the download and/or decryption of other content. Activation may require a restart of the local controller.
  • Software updates may also be requested manually by a consumer, and these updates may be provided online through the network 50. This permits software regression and consumer initiated restoration. It is also a precaution against accidental promulgation of faulty software.
  • the connection with the central control 40 may also take place prior to the download and decryption of content on the portable storage system, so that the local controller must validate itself to the central control 40 prior to downloading content, rather than afterwards.
  • a specific directory structure may be used to store the content on the portable storage device 1 10, so that different content may be identified and acted on by different applications in the local controller 10.
  • the local controller 10 may provide a set of trusted applications that are called automatically to act on specific types of content stored on the storage device 1 10.
  • a specific directory structure also allows the system to be used with general-purpose storage media that may hold other content, e.g. mp3 music files or the like, which are not for download to the local controller 10.
  • the local controller 10 may delete the content and any other desired files from the portable storage device 1 10 before the storage device is allowed to be removed. Should premature removal occur, the local controller 10 may log this for communication to the central control 40 and may run a suitable tamper routine, e.g. a deletion of content and other appropriate files or data and/or a lock-down of the controller's operations.
  • a suitable tamper routine e.g. a deletion of content and other appropriate files or data and/or a lock-down of the controller's operations.
  • the local controller 10 and central control 40 may run various security and validation routines.
  • the local controller 10 may be configured to run self-diagnostics and inventory routines, so as to determine if it has been tampered with. These routines may run on start-up, on power down, and/or during use, and on a request to utilise an item of digital content, e.g. to play or copy a movie.
  • the local controller 10 may for example monitor for proscribed hardware or software installations and may monitor changes in its hardware and software configuration and in its file structure. If the local controller 10 determines that it has been tampered with, it may log this for communication to the central control 40 and/or may enter a tamper routine, e.g. to delete content, files and data, as deemed necessary.
  • the central control 40 may run diagnostics and inventory routines in respect of the local controller 10, and may receive suitable data to allow this to occur. It may for example receive updates of the local controller's configuration, e.g. hardware, software, file structure and the like, and may compare this with a list of proscribed items and/or with prior inventories so as to determine unauthorised changes. If problems are found, the central control 40 may deny the local controller 10 permission to utilize content, and may instruct the local controller to take various actions such as deletion of content, files and data.
  • the central control 40 may issue rules to the local controller 10 for managing the digital content stored on it, and/or may issue direct commands to the local controller 10 to take some particular action with regard to the digital content on it.
  • a local controller may automatically enter a tamper condition and may render a tamper alarm or the like if it has not connected to the central control or to a download station in a required manner, e.g. with a preset period of time, e.g. to obtain updates or the like. It may also enter a tamper condition if its internal clock has been tampered with, e.g. does not match that of a central control.
  • the local controller 10 may contact the central control 40 for permission to perform a function in relation to an item of digital content, e.g. to play a movie. Permission may for example only be allowed if the local controller 10 is in a valid, e.g. untampered, state, and if the DRM data indicates that the item of content can be used in the requested manner.
  • the local controller 10 contacts the central control 40 whenever a consumer wishes to utilize content, so that required checks may be carried out for each use. Contact could also be made during use, e.g. regularly or at random intervals, so as to provide on-going or continuous monitoring.
  • the connection between the local controller 10 and central control 30 may be always-on during usage of the digital content to allow for such communications, or alternatively a connection and check could be made only at the start of and possibly also at the end of content usage.
  • the local controller 10 may include a number of trusted applications that are used to process the digital content, and each type of content may be related to a particular application.
  • the present system provides a particularly effective way of distributing and installing these trusted applications, and the distribution can be monitored through the central control and e.g. download stations. Part of the security and tampering regimes initiated by the central control 40 or local controller 10 may be to positively verify the integrity of such applications to ensure that they have not been tampered with.
  • the items of digital content 20 stored on the local controller 10 are individually encrypted, and the permission of the central control 40 to use the item includes the provision of DRM item key data associated with the item, so that the local controller 10 may decrypt the item 20 and e.g. play it.
  • These item keys are advantageously stored centrally, e.g. by the DRM system 80, and are not retained by the local controller 10.
  • the item keys are advantageously both item and controller specific. Therefore, an item key may only be used in relation to an item on one controller 10, and not in relation to the same item on any other controller 10.
  • This arrangement allows for DRM regimes to be exercised by encryption of files and by decryption of files through the use of keys supplied online, e.g. within a trusted application.
  • the ability to hack into the system and obtain items keys is reduced, and if an item key is taken, then it may only be used in relation to one specific item of content on one specific controller, and that item may in any case be inaccessible due to lock-up of the controller.
  • the item key may be a one-time-use only key. It may also be transferred using an "individualised” process that renders the key unusable to anyone except one individual. Such keys can be provided using known DRM technology.
  • An advantage of the overall system is that it may use any approved DRM encryption for the digital content. Therefore, as DTM technologies and methodologies change, they may still be used as one level of security in the overall framework provided by the current system.
  • the DRM protected content can be distributed to the local controllers in a further layer of encryption (using the controller keys), and can be managed on-line at the local controllers using
  • DRM systems 80 and applications supported at the central control 40 can therefore be adapted and replaced over time by updating the DRM systems 80 at the central control 40.
  • the DRM technologies used may for example be any system approved by the content providers, owners or distributors, e.g. as used by MPA (the Motion Picture Association) or MPAA (the Motion Picture Association of America) accredited post-production services.
  • MPA the Motion Picture Association
  • MPAA the Motion Picture Association of America
  • the items of digital content 20 may be stored on the local controller 10 in an encrypted form through the use of a further key (in addition to the item DRM keys and the controller keys).
  • This further "local" key may be generated by the local controller 10 based on characteristics of the local controller 10, e.g. of the controller's hardware, software or file structure.
  • this local key is not stored on the controller 10, but rather is generated from local data, when required, by a routine run by the local controller 10.
  • the local controller 10 collects the local data and generates the local key. This protects against an attempt to remove the storage medium, e.g. hard drive, of the controller 10 and use it in some other machine or controller.
  • the content items may be partially encrypted only, for speed of access, and e.g. a 5% level of encryption may be used throughout the file.
  • the file directory of the controller 10 may be similarly encrypted, and all read and write operations may be subject to this encryption/decryption process.
  • the same local key may be used for all content and files sent to the local controller.
  • the system may also monitor and record usage of content for billing purposes and the like.
  • the local controller 10 may monitor the usage of the content 20 stored on it, and may record it appropriately. This information may be transferred to the central control at appropriate times, e.g. on each connection, and the central control 40 may arrange for the issuance of invoices and the billing of credit cards or the like as appropriate, e.g. through the use of billing service 80.
  • the central control 10 may also monitor usage by recording the authorisation requests made by the local controller 10 for each usage of content.
  • Billing may occur when content is used, and content products may relate to an outright purchase, rental for a period of time, or rental for a number of views.
  • a consumer may also download a number of content items, and may only pay for them if they are used.
  • To prevent product from remaining in distribution indefinitely either relating to used or unused content, it may be deleted after a set period of time. This may be effected either by the central control ordering deletion, or within the local controller by expiration of a preset period of time. Time periods may be monitored using a central control clock, which may be used to update and check on the clock of a local controller.
  • the usage of the content may be monitored for other DRM purposes.
  • content may be provided for a limited number of uses, and after this time, the content may be deleted.
  • a determination to delete may be the responsibility of the local controller 10, and may be monitored by the central control 40, or may be the responsibility of the central control 40, which may issue a deletion instruction to the local controller 10 at the appropriate time.
  • the central control 40 may also control royalty payments to digital rights owners based on usage, e.g. through a service management system 90.
  • the distribution system may also be used to distribute content to other local devices 130 through the local controller 10.
  • These other devices may for example be a personal computer, a laptop, an mp3 player, a games machine or the like, and generally may be any device requiring software or other digital content downloads.
  • the content may be first securely transferred to the local controller 10 and to the associated consumer, and from there, the controller 10 may on- transfer the content to an appropriate local device 130 that is connected to it.
  • Content that is for on-transfer may be controlled by a trusted application on the local controller 10, and may be stored on the portable storage device 1 10 under a specific file heading, so that on download the trusted on-transfer application is launched.
  • the local controller 10 may erase the content from its memory, and the transferred content may be suitably protected in accordance with a DRM regime implemented on the target device 130, which may or may not be the same as that used by the local controller 10 for other content.
  • the content may require activation. This may e.g. be achieved through an online connection to a web application via the internet. Activation may include the transfer of a DRM key to the local device 130. The activation may also require the examination of the configuration of the local device 130, e.g. software configuration information, drivers and processes that are operating and information regarding connected hardware. The activation party may then make a determination as to the acceptability of the configuration before e.g. issuing a licence and a key to unlock the content. It may for example check for ripping software, unknown memory resident software processes, unauthorised media players, recording hardware or the like. Activation may be a one-time activation or may occur each time the content is to be used. In a Microsoft WindowsTM environment, configuration detection may be through for example an ActiveX control embedded in the authorisation web page, which will interact with the local device, e.g. personal computer, e.g. through the Microsoft WMI (Windows Media Instrumentation) interface.
  • Configuration may be through for example an ActiveX control embedded in the authorisation
  • the local controller 10 may also make the above determinations, e.g. may query the local device 130 for proscribed features or configurations.
  • the local controller 10 and local device 130 may also allow for burning of content, e.g. onto a DVD, for permanent storage, and may include a DVD burner for such purposes.
  • the present system provides an advantageous means of delivering, installing and verifying that only an approved DVD burning and protection technology software application is installed and used on the local controller 10 or local device 130 for this purpose.
  • the portable storage device 1 10 may be used to communicate between the local controller 10 and the central control 40.
  • the portable storage device could include inventory and content use information downloaded from the local controller 10.
  • the portable storage device 1 10 carries catalogue information that may be downloaded from the supply stations 120 for use by the local controller 10 to allow a consumer to select content for download. The selected content may then be uploaded to the portable storage device 1 10 from the local controller 10, and read at the supply station 120. The catalogue may also however be sent online via network 50.
  • the catalogue may be used to control rights, e.g. by only allowing a user to choose content from the catalogue, and by limiting the content displayed as available to only that content which the consumer is able to validly download.
  • Catalogues may be time-limited, e.g. only valid for 30 days from the current date, and the local controller may use a local clock to determine this, although this clock may be updated by the central control 40. This capability might be required to ensure that content is only available between certain dates, e.g. due to content rights. It also reduces the risk of piracy by not allowing encrypted content files to be kept indefinitely.
  • the digital content products sold through this system may be for rental or purchase, and may for example be rented for a set period of time or for a set number of plays.
  • the system allows a consumer to download a number of movies or the like to their controller, they may then choose later which movies to watch, and pay for the content when they actually watch it.
  • the content, both watched and unwatched movies may expire after a set time so that large numbers of movies or the like do not remain in distribution, and if desired a consumer may purchase a product and e.g. burn it to disc with its DRM information for storage or back-up, or transfer it to a technically compatible portable device.
  • the original portable storage medium used to download the movies or the like will have the content deleted after download to the local controller and/or could have a memory of limited lifetime, e.g. a degradable disc.
  • the system could advantageously use discs that can store large amounts of content, e.g. Blu-rayTM or HD-DVDTM discs.
  • Fig. 2 shows a possible file interchange between a local controller 10
  • the portable storage device 1 10 (transfer device) uploads a first file "Upfile 1 " that includes service information, client information and logs. It also uploads a second file "Upfile 2" that includes the titles of the digital content that the consumer has selected for download. Further files,
  • Upfile 3 may include titles of digital content that a consumer has selected split into different content types (for example, movies, music videos, music audio, games, electronic books).
  • the portable storage device 1 10 downloads a first file “Downfile 1 " that contains service information and commands and a second file “Downfile 2" that contains messages to the local controller 10 and to the consumer, as well as a list of any error events (e.g. the inability to download some files due to memory availability).
  • a third file “Downfile 3" includes a replacement catalogue or catalogue updates, and further "content” files may include various types of digital contents that may be split according to their handling needs, e.g. split according to the applications on the local controller 10 that are to process the content.
  • a "Downfile 4" may contain videos e.g. in mp4 format
  • a "Downfile 5" may contain pictures e.g.
  • a "Downfile 6" may contain text e.g. in txt format
  • a "Downfile 7" may contain content that is to be on- transferred to a local device 130.
  • the local controller 10 then downloads the files from portable storage device 1 10. Each file will be read and understood by the local controller 10, and suitable applications will be launched to action them.
  • the scripted actions that occur upon connection of the portable storage device 1 10 with a kiosk download station 120 and the local controller 10 may be for example:
  • ⁇ Downfile 1 > identify local controller 10, match local controller 10 with the customer account (scan of user ID or service membership card), Note required actions on ⁇ Downfile 1 >
  • Local controller 10 (requesting) 1 In customer ordering process, mount the portable storage device 1 10 on the local controller 10 when prompted
  • the Upfiles and Downfiles may be as follows:
  • ⁇ Upfile2> contains the content ordered.
  • Other Upfiles can be identified for other content categories - which have a specific handling process (e.g. sell through, music, games, applications). In this event, they constitute ⁇ Upfile3>, ⁇ Upfile4>, etc.
  • ⁇ Downfile1 > - contains actions required regarding software updates
  • Downfiles can be identified for the various content categories which have a specific handling process, as ⁇ Downfile4>, ⁇ Downfile5>, ⁇ Downfile6>, etc.
  • Fig. 3 shows how a consumer may order content. Ordering may be carried out through access to a catalogue and order screens 300 generated by the local controller 10.
  • the catalogue may be a central catalogue 310 accessed online, e.g. through the communications network 50, such as the internet, and the central control 40.
  • catalogue information may be obtained via the portable storage device 1 10 and a supply station 120, with the controller 10 downloading updated catalogue data to provide a local offline catalogue 320.
  • the local offline catalogue 320 may also be updated via an online download over network 50. When online, the catalogue may provide pictures and video, e.g. in jpg and mp4 formats. Such features could also be provided via download of such content from the transfer device 1 10 to the local catalogue 320.
  • the catalogue on the local controller 10 may be modified by a catalogue file "Downfile 3", which may take the form of a single file (DF31 ) that replaces all the existing elements in a catalogue, or may take the form of single updated catalogue items (DF32), which will add or delete elements in the catalogue, e.g. indexed by their unique asset ID.
  • DF31 single file
  • DF32 single updated catalogue items
  • a consumer may order content during or after their review of the catalogue.
  • the consumer's order may be downloaded onto the transfer device
  • 1 10 for upload to a content supply station 120, and/or may be sent to the central control 40 for monitoring purposes and/or for instructing a content supply station 120 to provide the content.
  • the catalogue data may include a number of catalogue elements each of which may include various information regarding a title or asset, including category information (e.g. Movie, Coming Soon), sub-category information (e.g. Action), title, actors, licence information (e.g. period of use, such as Start, Finish), runtime, classification rating (e.g. M) and a unique asset ID that identifies the content.
  • category information e.g. Movie, Coming Soon
  • sub-category information e.g. Action
  • title e.g. Action
  • actors e.g. period of use, such as Start, Finish
  • runtime e.g. M
  • classification rating e.g. M
  • Fig. 4 shows a local controller verification routine, in which a system inventory SI is taken, which includes an inventory of the controller's software file directory and hardware components.
  • the inventory SI is sent direct to the central control 40 for storage in e.g. consumer database 70, via the communications network 50, and/or is sent via the portable storage device 1 10 in a file "Upfile 1 ".
  • the DRM system 80 associated with or part of the central control 40 will deny a request made by the local controller 10 in respect of digital content under its management where the SI of the controller 10 is inconsistent with the controller history stored in the database 70 or indicates that inappropriate changes have been made to the controller 10.
  • Fig. 5 is a representation of the handling of files between the local controller 10 and the portable storage device 1 10.
  • each downloadable file DFI -DFn on the portable storage device 1 10 may be associated with a specific application of the controller 10, e.g. a trusted application that is subject to various positive verification routines.
  • Each uploaded file UF1 ,UF2 may be generated by a specific software application also.
  • Fig. 6 shows the steps in the on-transfer of content to another local device 130 from the controller 10.
  • a downloadable file "DFn" on the portable storage device 1 10 is assigned to content for on-transfer, and is processed by a trusted application associated with such files on the controller 10.
  • the resulting file 20 that is stored on the local controller 10 is a DRM protected file that may be transferred to the local device 130, e.g. a personal computer. Transfer may be through a direct connection between the local device 130 and the controller 10, in which case the controller 10 may interrogate the local device 130 with regard to its configuration, and may deny download of the content 20 if proscribed apparatus or software is associated with it. Alternatively, the content 20 may be freely downloaded, in which case the content may be transferred to the local device 130 via a memory card or stick or the like. Once transferred, the consumer may need to activate the content 20, e.g. by connecting to a DRM service 600 that may or may not be the same DRM system 80 associated with the central control 40.
  • the activation steps may include a DRM request from the local device 130, the download of an ActiveX control from the DRM service 600, an appropriate response to the ActiveX interrogation by the local device 130, and the issuance of a suitable DRM key to release the content 20.
  • the above content distribution systems provide a number of advantages, and may be secure, fast, simple to implement and to use, and adaptable. They may allow content owners and distributors to more fully exploit their digital rights in safe environment, and provide a single overall security framework that can be used with current and future DRM and copy-protect technologies and does not require multiplication of different types of solution for different types of storage media, content or products (e.g. sale or rental products).
  • the systems may failsafe so that only individual content is affected by security breaches, and allows for varied payment options. They allow for distribution to various home devices through on-transfer of content, and require a consumer only to purchase an appropriate set-top-box or the like. They can overcome the need for high speed home internet connections or the like.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Technology Law (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Des contrôleurs locaux (10) communiquent avec un contrôle centralisé (40) en vue de gérer le contenu numérique stocké localement, par exemple afin de supprimer le contenu et la facture pour utilisation. Les contrôleurs (10) peuvent recevoir du contenu via des dispositifs de stockage mobiles (100), par exemple des lecteurs mp3, des DVD, des cartes mémoire et similaires, qui peuvent à leur tour recevoir du contenu à partir de stations de téléchargement (110), par exemple dans des établissements de vente au détail, qui communiquent avec le contrôle centralisé (40). Le contenu peut être crypté à l'aide de clés spécifiques au contrôleur qui peuvent être délivrées aux contrôleurs (10) par contrôle centralisé (40). Les éléments de contenu individuels (20) peuvent être cryptés à l'aide de clés DRM que les contrôleurs (10) peuvent récupérer auprès du contrôle centralisé (40), chaque fois qu'un accès au contenu est requis. Des contrôles peuvent garantir que les contrôleurs locaux (10) ne sont pas altérés, par exemple avant le téléchargement de contenu ou l'accès au contenu. D'autres fonctions incluent la fourniture de données de catalogue et de mises à niveau logicielles, la génération de clés locale basée sur la configuration du contrôleur et le transfert de contenu vers d'autres dispositifs locaux.
PCT/AU2007/001093 2006-08-04 2007-08-03 Appareil et procédés de systèmes de distribution de contenu numérique WO2008014565A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2007281039A AU2007281039A1 (en) 2006-08-04 2007-08-03 Digital content distribution systems apparatus and methods

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2006904282A AU2006904282A0 (en) 2006-08-04 Digital Content Distribution Systems Apparatus and Methods
AU2006904282 2006-08-04

Publications (1)

Publication Number Publication Date
WO2008014565A1 true WO2008014565A1 (fr) 2008-02-07

Family

ID=38996793

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2007/001093 WO2008014565A1 (fr) 2006-08-04 2007-08-03 Appareil et procédés de systèmes de distribution de contenu numérique

Country Status (2)

Country Link
AU (1) AU2007281039A1 (fr)
WO (1) WO2008014565A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111698080A (zh) * 2019-03-14 2020-09-22 西安诺瓦电子科技有限公司 节目文件导出、导入方法及其装置和多媒体播放盒

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115351A1 (en) * 2001-12-14 2003-06-19 Giobbi John J. Digital content distribution system and method
DE10203098A1 (de) * 2002-01-25 2003-08-14 Datacargo Ges Fuer Elektronisc Verfahren und Einrichtung zum Bereitstellen eines Video/Audio-on-Demand
WO2003075568A2 (fr) * 2002-02-12 2003-09-12 David Beran Remise des donnees par transmission numerique omnidirectionnelle

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115351A1 (en) * 2001-12-14 2003-06-19 Giobbi John J. Digital content distribution system and method
DE10203098A1 (de) * 2002-01-25 2003-08-14 Datacargo Ges Fuer Elektronisc Verfahren und Einrichtung zum Bereitstellen eines Video/Audio-on-Demand
WO2003075568A2 (fr) * 2002-02-12 2003-09-12 David Beran Remise des donnees par transmission numerique omnidirectionnelle

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111698080A (zh) * 2019-03-14 2020-09-22 西安诺瓦电子科技有限公司 节目文件导出、导入方法及其装置和多媒体播放盒
CN111698080B (zh) * 2019-03-14 2024-03-15 西安诺瓦星云科技股份有限公司 节目文件导出、导入方法及其装置和多媒体播放盒

Also Published As

Publication number Publication date
AU2007281039A1 (en) 2008-02-07

Similar Documents

Publication Publication Date Title
US7685636B2 (en) System, service, and method for enabling authorized use of distributed content on a protected media
USRE48313E1 (en) Physical digital media delivery
US20080279533A1 (en) Process and apparatus for securing and retrieving digital data with a Portable Data Storage Device (PDSD) and Playback Device (PD)
US20080168515A1 (en) System and method for delivery of media content to a user
US7421412B2 (en) Computerized method and system for monitoring use of a licensed digital good
US20050204019A1 (en) Content distribution using CD/DVD burners, high speed interconnects, and a burn and return policy
CN101308532B (zh) 内容下载系统、内容提供装置、内容接收装置及其方法
CN101488352B (zh) 信息处理设备和信息处理方法
US20080215491A1 (en) Content Distribution on Storage Media For Sale, Rental and Resale
WO2004066155A1 (fr) Systeme de livraison de contenu, appareil de traitement d'informations ou procede de traitement d'informations et programme informatique
JP2002032685A (ja) コンテンツレンタルシステム
US8775825B2 (en) Digital content management and delivery
US9064096B2 (en) Methods and apparatus for secure distribution of protected content
AU2008314487B2 (en) Method, system and apparatus for distributing digital content
US9740552B2 (en) Method and system for error correction utilized with a system for distribution of media
WO2008014565A1 (fr) Appareil et procédés de systèmes de distribution de contenu numérique
JP2002133144A (ja) 大容量データ販売/仲介/購入方法、システム、サーバ、端末、およびこのプログラムを記録した記録媒体
US9633391B2 (en) Secure pre-loaded drive management at kiosk
US8626669B2 (en) Secure physical billing system
US9396464B2 (en) Updating multi-media content in a digital download kiosk
US20120023587A1 (en) Secure kiosk based digital content delivery
JP4712369B2 (ja) コンテンツ配信方法
CN102144402A (zh) 用于管理数字版权管理模块的方法和设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07784733

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

WWE Wipo information: entry into national phase

Ref document number: 2007281039

Country of ref document: AU

ENP Entry into the national phase

Ref document number: 2007281039

Country of ref document: AU

Date of ref document: 20070803

Kind code of ref document: A

122 Ep: pct application non-entry in european phase

Ref document number: 07784733

Country of ref document: EP

Kind code of ref document: A1