WO2009045037A2 - Method of controlling time related constraints in memory card with security function and system thereof - Google Patents

Method of controlling time related constraints in memory card with security function and system thereof Download PDF

Info

Publication number
WO2009045037A2
WO2009045037A2 PCT/KR2008/005757 KR2008005757W WO2009045037A2 WO 2009045037 A2 WO2009045037 A2 WO 2009045037A2 KR 2008005757 W KR2008005757 W KR 2008005757W WO 2009045037 A2 WO2009045037 A2 WO 2009045037A2
Authority
WO
WIPO (PCT)
Prior art keywords
contents
manager
memory card
host application
time
Prior art date
Application number
PCT/KR2008/005757
Other languages
French (fr)
Other versions
WO2009045037A3 (en
Inventor
Tae Sung Kim
Jae Bum Park
Byung Seok Hwang
Original Assignee
Sk Telecom Co., Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sk Telecom Co., Ltd filed Critical Sk Telecom Co., Ltd
Publication of WO2009045037A2 publication Critical patent/WO2009045037A2/en
Publication of WO2009045037A3 publication Critical patent/WO2009045037A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1014Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to tokens
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]

Definitions

  • the present invention relates to a method of controlling time-related constraints in a memory card with a security function, and more particularly to a method of controlling time-related constraints in a memory card with a security function, which securely controls the time-related constraints out of use authorities for Digital Rights Management(DRM) contents in the memory card with the security function.
  • DRM Digital Rights Management
  • IMT-2000 International Mobile Telecommunication 2000
  • WCDMA Wideband CDMA
  • WCDMA Wideband CDMA
  • IMT-2000 International Mobile Telecommunication 2000
  • a wireless internet with a transfer rate of maximum 307.2 Kbps, which is much faster than 14.4 Kbps or 56 Kbps, which can be supported in an IS-95A or the IS-95B network.
  • IMT-2000 services can enhance the existing voice and WAP service quality as well as provide various multimedia services, such as AoD, VoD, and so on, at a faster rate.
  • the DRM Agent exists in a device with a timer, and is in charge of managing the Rights object(RO) for protected contents and their corresponding contents.
  • external memory cards are used for storage of only protected contents in place of an internal memory which is generally insufficient.
  • an RO is rightfully purchased by a user
  • time- related constraints are not controlled in a memory card
  • the DRM Agent cannot be mounted in a memory card. Disclosure of Invention Technical Problem
  • the present invention is created in consideration of the above, and an object of the present invention is to provide a method of controlling time-related constraints in a memory card with a security function, which securely controls the time-related constraints of use authorities for DRM contents in the memory card with the security function.
  • the memory card can automatically decrypt and send contents to the host, using a contents encryption key in an RO.
  • the present invention is created in consideration of the above, and another object of the present invention is to provide a method of controlling time-related constraints in a DRM Agent-mountable memory card with a security function, by building a DRM Agent managed by a terminal in the memory card and designing a protocol capable of controlling the time-related constraints.
  • the present invention is created in consideration of the above, and a further object of the present invention is to provide a method of controlling time-related constraints in a memory card with a security function, which can efficiently use an insufficient memory card capacity by changing it into a binary format and managing an RO in the memory card with the security function as well as provide the extendibility of a device.
  • a method of controlling time-related constraints in a memory card with a security function includes the steps of:
  • a method of controlling time-related constraints in a memory card with a security function in a method of controlling the time-related constraints in a memory card having an RO manager, includes the steps of: [19] i) forming a channel with the RO manager and recognizing The RO status as
  • a method of controlling time-related constraints in a memory card with a security function in a method of controlling the time-related constraints in a memory card having an RO manager, includes the steps of:
  • a method of controlling time-related constraints in a memory card with a security function in a method of controlling the time-related constraints in a memory card having an RO manager, includes the steps of:
  • a system using a method of controlling time-related constraints in a memory card with a security function in a terminal having a memory card storing contents and a host application playing back the contents, includes the memory card having an RO manager for checking a contents use authorization, and updating and storing information on a count received from the host application, and a playback manager for decrypting the contents, if the RO manager verifies that the contents use authorization is valid; and the host application for forming a channel with the RO manager, in order to play back the contents, recognizing an RO status as a time-count through the channel, and, after receiving the decrypted contents from the RO manager and if a predetermined time lapses according to time count information, sending a count decrease message to the RO manager to decrease the count.
  • a system using a method of controlling time-related constraints in a memory card with a security function in a terminal having a memory card storing contents and a host application playing back the contents, includes the memory card having an RO manager for checking a contents use authorization, and a playback manager for decrypting the contents if the RO manager verifies that the contents use authorization is valid; and the host application for forming a channel with the RO manager, in order to play back the contents, recognizing an RO status as Datetime through the channel, and, after receiving the decrypted contents from the RO manager, playing back the contents according the Datetime information.
  • a system using a method of controlling time-related constraints in a memory card with a security function in a terminal having a memory card for storing contents and a host application for playing back the contents, includes the memory card having
  • an RO manager for checking a contents use authorization, and a playback manager for decrypting the contents if the RO manager verifies that the contents use authorization is valid; and the host application for forming a channel with the RO manager, in order to play back the contents, recognizing an RO status as a time interval, and, after receiving the decrypted contents, ending the playback of the contents if a predetermined time lapses according to the time interval information.
  • a system using a method of controlling time-related constraints in a memory card with a security function in a terminal having a memory card for storing contents and a host application for playing back the contents, includes the memory card having an RO manager for checking a contents use authorization, and updating and storing the accumulated time information received from the host application, and a playback manager for decrypting the contents if the RO manager verifies that the contents use authorization is valid; and the host application for forming a channel with the RO manager, in order to play back the contents, recognizing the RO status as accumulated time through the channel, and, after receiving the decrypted contents from the RO manager, sending the accumulated time information to the RO manager to decrease the accumulated time every predetermined time.
  • a method of controlling time-related constraints in a memory card with a security function can securely control the time -related constraints of use authorities for DRM contents in the memory card with a security function, as well as enable a DRM Agent to be mounted in the memory card by building in the memory card the DRM Agent managed by a terminal (a host) and by designing a protocol capable of controlling the time-related constraints, so as to have an effect capable of providing the extensibility of a device.
  • FIG. 1 is a flow chart explaining a time-count applied to DRM contents according to a first embodiment of the present invention.
  • FIG. 2 is a flow chart explaining Datetime applied to DRM contents according to a second embodiment of the present invention.
  • FIG. 3 is a flow chart explaining a time interval applied to DRM contents according to a third embodiment of the present invention.
  • FIG. 4 is a flow chart explaining the information of an accumulated time applied to
  • the present invention is to build a binary-formatted RO manager in a memory card storing contents in order for an authorization for data to be stored in the memory card together with contents, and, when the contents are played back in an application (hereinafter, called a host application) built in a terminal, the present invention is to enable the information of time-related constraints to be updated in the memory card.
  • a host application an application built in a terminal
  • FIG. 1 is a flow chart explaining a time-count applied to DRM contents according to a first embodiment of the present invention.
  • a time-count refers to the number of counts set by decreasing a count until DRM contents are rendered, but, in case the time-count is set to a predetermined time, such as 30 seconds, according to the first embodiment of the present invention, the time- count is managed to be decreased after the predetermined time lapses, that is, after contents are rendered for 30 seconds, which is available since a count can decrease only when a command manually notifying of time information is received from a host since a storage device such as a memory card storing contents cannot recognize time information.
  • a terminal such as a mobile terminal or a non- wireless terminal, to which a memory card with a security function can be inserted or connected, includes a host application 100.
  • the memory card includes a playback manager 300 and an RO manager 400 of binary-formatted data.
  • a binary Rights Object manager(BRO manager) 400 is shown, to which it is not limited, and called an RO manager 400.
  • the host application 100 forms a channel with the RO manager 400 and sends a Pass
  • the RO manager 400 of the memory card forming a channel with the host application 100 provides the host application 100 with an RO status (S 120).
  • the host application 100 reads the RO status and recognizes the RO status as a time- count, opens streams with the playback manager 300 of the memory card, and the playback manager 300 requests the RO manager 400 to check if a contents use authorization is valid (S 125 and S 130).
  • the RO manager 400 checks if the contents use authorization is valid, and, if the contents use authorization is valid, sends the playback manager 300 the validation of the contents use authorization (S 135 and S 140).
  • the playback manager 300 decrypts encrypted contents in a single-block or a multi- block manner, then reads and sends the decrypted contents to a terminal, that is, the host application 100 (S 145).
  • the host application 100 After a predetermined time lapses, that is, after time set as a time-count lapses, the host application 100 sends the PT Command message to the RO manager 400, and decreases the count (S155 and S160).
  • the RO manager 400 updates and stores the count in the memory card, and sends a result of its completion to the host application 100 (S 170).
  • FIG. 2 is a flow chart explaining Datetime applied to DRM contents according to the second embodiment of the present invention.
  • Datetime is defined as a time limit for authorization, that is, as a time range.
  • Datetime has a ⁇ START> and/or an ⁇ END> parameter as an option
  • existence of the ⁇ START> parameter means that no contents playback is possible before a set Datetime
  • existence of the ⁇ END> parameter means that no contents playback is possible after a set Datetime.
  • the host sends "current Datetime authorization" information to the RO manager 400 before the contents are played back or at the time the contents are played back.
  • the host application 100 forms a channel with the RO manager
  • the RO manager 400 of a memory card with a security function which forms a channel with the host application 100, sends an RO status to the host application 100 (S220).
  • the host application 100 opens streams with the playback manager 300 of the memory card, and sends a current Datetime parameter to the playback manager 300 (S225).
  • the playback manager 300 requests the RO manager 400 to check if the contents use authorization is valid (S230).
  • the playback manager 300 decrypts in a multi-block manner and sends contents to the host application 100 (S245).
  • FIG. 3 is a flow chart explaining time intervals applied to DRM contents according to the third embodiment of the present invention.
  • a time interval defines time information during processing of authorization to contents, the duration of a time interval has to begin when a relevant authorization is initially processed, and authorization can be processed several times within the duration of a time interval.
  • a host In order to control a time interval, a host provides information on a "current Datetime authorization" when contents begin for the first time, that is, before the contents are played back. [78] Thereafter, if START and END times are provided to the playback manager 300 of the memory card with the security function for the first time according to the time interval information, a flow progresses that is similar to a call flow by the Datetime described in detail in the above second embodiment.
  • the host application 100 forms a channel with the RO manager
  • the RO manager 400 of the memory card which forms a channel with the host application 100, sends an RO status to the host application 100 (S320).
  • the host application 100 reads an RO status, and recognizes the RO status as a time interval.
  • the host application 100 can get time information of the time when authentication begins for the first time, and calculates END time information through the time information of the START time and the time interval. Further, the host application 100 sends END time information to the RO manager 400 (S325).
  • the RO manager 400 receiving the information stores the END time information
  • the host application 100 opens streams with the playback manager 300 of the memory card (S335).
  • the playback manager 300 requests the RO manager 400 to check if a contents use authorization is valid (S340).
  • the playback manager 300 decrypts in a single-block or in a multi-block manner and sends the encrypted contents to the host application 100 (S345, S350, and S355).
  • FIG. 4 is a flow chart explaining accumulated time information applied to DRM contents according to the fourth embodiment of the present invention.
  • Accumulated time information is defined as a maximum period of a use time measured while authorization to contents is progressing, and, in general, the accumulated time information is decreased by the time used after a playback time.
  • Sending a host a use time measured after a playback time may form an illegal use, so that, in order to prevent such a use, the accumulated time information is regularly updated for a playback time period. Accordingly, the host sends a memory card a Command message for updating accumulated time information during a playback of contents.
  • the host application 100 forms a channel with the RO manager 400 before playing back contents, and sends a PT Command message (S410).
  • the RO manager 400 of a memory card with a security function which forms a channel with the host application 100, sends an RO status to the host application 100 (S420).
  • the host application 100 After the host application 100 reads and recognizes the RO status as an accumulated time, the host application 100 opens streams with the playback manager 300 of the memory card, and the playback manager 300 requests the RO manager 400 to check if a contents use authorization is valid (S425 and S430).
  • the RO manager 400 checks if the contents use authorization is valid and the contents use authorization is valid, and, if the RO manager 400 sends the validation of the contents use authorization to the playback manager 300, the playback manager 300 decrypts in a single-block or in a multi-block manner and sends contents to the host application 100 (S435, S440, and S445).
  • the host application 100 decreases the accumulated time (S460).
  • the RO manager 400 receiving information on the decrease of the accumulated time updates the accumulated time information, and sends a result of its completion to the host application 100 (S465 and S470).
  • the host application 100 refers to any thing built in a terminal which has functions of playing back contents, forming a channel with the RO manager 400, and giving and taking messages.
  • the host application 100 may be developed in one application, or there may be separately developed for example a contents playback application, such as a media player playing back contents, and a communications application forming a channel with the RO manager 400 and communicating encrypted data, which can be connected to each other.
  • a contents playback application such as a media player playing back contents
  • a communications application forming a channel with the RO manager 400 and communicating encrypted data, which can be connected to each other.
  • a contents playback application such as a media player playing back contents
  • a communications application forming a channel with the RO manager 400 and communicating encrypted data
  • a method of controlling time-related constraints in a memory card with a security function builds in a memory card a DRM Agent managed in a terminal (host), and enables the DRM Agent to be mounted in the memory card by designing a protocol capable of controlling time-related constraints, so as to have an advantage capable of providing the extendibility of a device.

Abstract

Disclosed is a method of controlling time-related constraints in a memory card with a security function. The method of the present invention of controlling time-related constraints in a memory card with a Rights Object(RO) manager includes a step of forming a channel with the RO manager in order to play back contents, by a host application; b) a step of reading an RO status through the channel and recognizing a time-related RO status, by the host application; c) a step of checking a content use authorization by the RO manager upon request for playback of the contents by the host application; d) a step of decrypting and sending the contents to the host ap¬ plication, if the contents use authorization is valid; and e) a step of sending a count decrease message to the RO manager, by the host application, to decrease a count if a predetermined time lapses, according to the time-related information.

Description

Description
METHOD OF CONTROLLING TIME RELATED
CONSTRAINTS IN MEMORY CARD WITH SECURITY
FUNCTION AND SYSTEM THEREOF
Technical Field
[1] The present invention relates to a method of controlling time-related constraints in a memory card with a security function, and more particularly to a method of controlling time-related constraints in a memory card with a security function, which securely controls the time-related constraints out of use authorities for Digital Rights Management(DRM) contents in the memory card with the security function. Background Art
[2] Recently, with the development of information communications, there has been commercialization of the International Mobile Telecommunication 2000 (IMT-2000) standard, such as CDMA2000 IX, 3X, EV-DO, Wideband CDMA(WCDMA), and the like, of the third generation mobile systems, which is defined as a standard by the ITU- R. Recently, with use of the IS-95C network advanced from the existing IS-95A or IS- 95B network, there is provided a wireless internet with a transfer rate of maximum 307.2 Kbps, which is much faster than 14.4 Kbps or 56 Kbps, which can be supported in an IS-95A or the IS-95B network. Especially, the use of IMT-2000 services can enhance the existing voice and WAP service quality as well as provide various multimedia services, such as AoD, VoD, and so on, at a faster rate.
[3] There has been development of services to provide contents to a terminal and play back the contents on the terminal, using such a wireless or non- wireless internet, and the content is stored in a built-in memory or a detachable memory card of the terminal.
[4] In general, the DRM Agent exists in a device with a timer, and is in charge of managing the Rights object(RO) for protected contents and their corresponding contents. In many cases, external memory cards are used for storage of only protected contents in place of an internal memory which is generally insufficient. In such cases, even if an RO is rightfully purchased by a user, there has been limitation to devices since contents have to be played back in only a specific device. Also, since time- related constraints are not controlled in a memory card, there exists a drawback in that the DRM Agent cannot be mounted in a memory card. Disclosure of Invention Technical Problem
[5] The present invention is created in consideration of the above, and an object of the present invention is to provide a method of controlling time-related constraints in a memory card with a security function, which securely controls the time-related constraints of use authorities for DRM contents in the memory card with the security function.
[6] Here, upon a request by contents playback application in a host, the memory card can automatically decrypt and send contents to the host, using a contents encryption key in an RO.
[7] The present invention is created in consideration of the above, and another object of the present invention is to provide a method of controlling time-related constraints in a DRM Agent-mountable memory card with a security function, by building a DRM Agent managed by a terminal in the memory card and designing a protocol capable of controlling the time-related constraints.
[8] The present invention is created in consideration of the above, and a further object of the present invention is to provide a method of controlling time-related constraints in a memory card with a security function, which can efficiently use an insufficient memory card capacity by changing it into a binary format and managing an RO in the memory card with the security function as well as provide the extendibility of a device. Technical Solution
[9] In order to achieve the above objects, a method of controlling time-related constraints in a memory card with a security function according to the first aspect of the present invention, in a method of controlling the time-related constraints in the memory card having an RO manager, includes the steps of:
[10] a) forming a channel with the RO manager, by a host application, to play back contents;
[11] b) reading an RO status through the channel, by the host application, and recognizing the RO status as a time-count;
[12] c) requesting to play back the contents by the host application;
[13] d) checking a content use authorization by the RO manager;
[14] e) decrypting the contents if the contents use authorization is valid;
[15] f) sending the decrypted contents to the host application; and
[16] e) sending a count decrease message to the RO manager, by the host application, to decrease a count if a predetermined time lapses according to time-count information.
[17]
[18] In order to achieve the above objects, a method of controlling time-related constraints in a memory card with a security function according to the second aspect of the present invention, in a method of controlling the time-related constraints in a memory card having an RO manager, includes the steps of: [19] i) forming a channel with the RO manager and recognizing The RO status as
Datetime from the RO manager, in order to play back contents, by a host application;
[20] ii) requesting a playback manager of the contents to play back the contents, by the host application;
[21] iii) requesting the RO manger of the memory card to check a contents use authorization, by the playback manager;
[22] iv) decrypting the contents if the playback manager verifies that the contents use authorization is valid;
[23] v) sending the decrypted contents to the host application; and
[24] vi) playing back the contents according to Datetime information.
[25]
[26] In order to achieve the above objects, a method of controlling time-related constraints in a memory card with a security function according to the third aspect of the present invention, in a method of controlling the time-related constraints in a memory card having an RO manager, includes the steps of:
[27] forming a channel with the RO manager to play back contents, by a host application;
[28] reading an RO status through the channel and recognizing the RO status as a time interval, by the host application;
[29] calculating an END time and sending the END time to the RO manager, by the host application, and storing the received END time by the RO manager;
[30] opening streams with a playback manager of the memory card;
[31] requesting the RO manager to check a contents use authorization by the playback manager of the memory card which opens streams with the host application;
[32] decrypting the contents if the playback manager receives a validation of the contents use authorization from the RO manager;
[33] sending the decrypted contents to the host application; and
[34] ending the playback of the contents if a predetermined time lapses according to time interval information.
[35]
[36] In order to achieve the above objects, a method of controlling time-related constraints in a memory card with a security function according to the fourth aspect of the present invention, in a method of controlling the time-related constraints in a memory card having an RO manager, includes the steps of:
[37] forming a channel with the RO manager, reading an RO status through the channel, and recognizing the RO status as accumulated time, in order to play back contents, by a host application;
[38] requesting a playback manager of the memory card to play back the contents, by the host application; [39] requesting the RO manager to check a contents use authorization, by the playback manager;
[40] decrypting the contents by the playback manager if the contents use authorization is valid;
[41] sending the decrypted contents to the host application; and
[42] notifying the RO manager of time information every predetermined time and decreasing the accumulated time, by the host application.
[43]
[44] Further, in order to achieve the above objects, a system using a method of controlling time-related constraints in a memory card with a security function according to another embodiment of the present invention, in a terminal having a memory card storing contents and a host application playing back the contents, includes the memory card having an RO manager for checking a contents use authorization, and updating and storing information on a count received from the host application, and a playback manager for decrypting the contents, if the RO manager verifies that the contents use authorization is valid; and the host application for forming a channel with the RO manager, in order to play back the contents, recognizing an RO status as a time-count through the channel, and, after receiving the decrypted contents from the RO manager and if a predetermined time lapses according to time count information, sending a count decrease message to the RO manager to decrease the count.
[45] Further, in order to achieve the above objects, a system using a method of controlling time-related constraints in a memory card with a security function according to still another embodiment of the present invention, in a terminal having a memory card storing contents and a host application playing back the contents, includes the memory card having an RO manager for checking a contents use authorization, and a playback manager for decrypting the contents if the RO manager verifies that the contents use authorization is valid; and the host application for forming a channel with the RO manager, in order to play back the contents, recognizing an RO status as Datetime through the channel, and, after receiving the decrypted contents from the RO manager, playing back the contents according the Datetime information.
[46] Further, in order to achieve the above objects, a system using a method of controlling time-related constraints in a memory card with a security function according to a further embodiment of the present invention, in a terminal having a memory card for storing contents and a host application for playing back the contents, includes the memory card having
[47] an RO manager for checking a contents use authorization, and a playback manager for decrypting the contents if the RO manager verifies that the contents use authorization is valid; and the host application for forming a channel with the RO manager, in order to play back the contents, recognizing an RO status as a time interval, and, after receiving the decrypted contents, ending the playback of the contents if a predetermined time lapses according to the time interval information. [48] Further, a system using a method of controlling time-related constraints in a memory card with a security function according to further another embodiment of the present invention, in a terminal having a memory card for storing contents and a host application for playing back the contents, includes the memory card having an RO manager for checking a contents use authorization, and updating and storing the accumulated time information received from the host application, and a playback manager for decrypting the contents if the RO manager verifies that the contents use authorization is valid; and the host application for forming a channel with the RO manager, in order to play back the contents, recognizing the RO status as accumulated time through the channel, and, after receiving the decrypted contents from the RO manager, sending the accumulated time information to the RO manager to decrease the accumulated time every predetermined time.
Advantageous Effects
[49] As described in detail above, a method of controlling time-related constraints in a memory card with a security function according to the present invention can securely control the time -related constraints of use authorities for DRM contents in the memory card with a security function, as well as enable a DRM Agent to be mounted in the memory card by building in the memory card the DRM Agent managed by a terminal (a host) and by designing a protocol capable of controlling the time-related constraints, so as to have an effect capable of providing the extensibility of a device. Brief Description of the Drawings
[50] FIG. 1 is a flow chart explaining a time-count applied to DRM contents according to a first embodiment of the present invention.
[51] FIG. 2 is a flow chart explaining Datetime applied to DRM contents according to a second embodiment of the present invention.
[52] FIG. 3 is a flow chart explaining a time interval applied to DRM contents according to a third embodiment of the present invention.
[53] FIG. 4 is a flow chart explaining the information of an accumulated time applied to
DRM contents according to a fourth embodiment of the present invention. Best Mode for Carrying Out the Invention
[54] The present invention is to build a binary-formatted RO manager in a memory card storing contents in order for an authorization for data to be stored in the memory card together with contents, and, when the contents are played back in an application (hereinafter, called a host application) built in a terminal, the present invention is to enable the information of time-related constraints to be updated in the memory card.
[55] FIG. 1 is a flow chart explaining a time-count applied to DRM contents according to a first embodiment of the present invention.
[56] A time-count refers to the number of counts set by decreasing a count until DRM contents are rendered, but, in case the time-count is set to a predetermined time, such as 30 seconds, according to the first embodiment of the present invention, the time- count is managed to be decreased after the predetermined time lapses, that is, after contents are rendered for 30 seconds, which is available since a count can decrease only when a command manually notifying of time information is received from a host since a storage device such as a memory card storing contents cannot recognize time information.
[57] Referring to FIG. 1, a terminal such as a mobile terminal or a non- wireless terminal, to which a memory card with a security function can be inserted or connected, includes a host application 100.
[58] Further, the memory card includes a playback manager 300 and an RO manager 400 of binary-formatted data.
[59] In the drawings, a binary Rights Object manager(BRO manager) 400 is shown, to which it is not limited, and called an RO manager 400.
[60] The host application 100 forms a channel with the RO manager 400 and sends a Pass
Through(PT) Command message, before playing back contents (Sl 10). The RO manager 400 of the memory card forming a channel with the host application 100 provides the host application 100 with an RO status (S 120).
[61] The host application 100 reads the RO status and recognizes the RO status as a time- count, opens streams with the playback manager 300 of the memory card, and the playback manager 300 requests the RO manager 400 to check if a contents use authorization is valid (S 125 and S 130).
[62] The RO manager 400 checks if the contents use authorization is valid, and, if the contents use authorization is valid, sends the playback manager 300 the validation of the contents use authorization (S 135 and S 140).
[63] The playback manager 300 decrypts encrypted contents in a single-block or a multi- block manner, then reads and sends the decrypted contents to a terminal, that is, the host application 100 (S 145).
[64] After a predetermined time lapses, that is, after time set as a time-count lapses, the host application 100 sends the PT Command message to the RO manager 400, and decreases the count (S155 and S160).
[65] The RO manager 400 updates and stores the count in the memory card, and sends a result of its completion to the host application 100 (S 170).
[66] FIG. 2 is a flow chart explaining Datetime applied to DRM contents according to the second embodiment of the present invention.
[67] Datetime is defined as a time limit for authorization, that is, as a time range. The
Datetime has a <START> and/or an <END> parameter as an option, existence of the < START> parameter means that no contents playback is possible before a set Datetime, and existence of the <END> parameter means that no contents playback is possible after a set Datetime.
[68] Therefore, in case the <END> parameter is set to 14:00:00 on June 14th, 2007 and contents are rendered at 13:59:00 on June 14 , 2007, the host sends a predetermined command to the RO manager 400 to end readout operations at 14:00:00.
[69] As stated above, in case the playback of contents is carried out just before the <END
> time, even though a contents provider allows the contents to be rendered after the < END> time, the host sends "current Datetime authorization" information to the RO manager 400 before the contents are played back or at the time the contents are played back.
[70] Referring to FIG. 2, the host application 100 forms a channel with the RO manager
400 before playing back contents, and sends a PT Command message (S210). The RO manager 400 of a memory card with a security function, which forms a channel with the host application 100, sends an RO status to the host application 100 (S220).
[71] After the host application 100 reads the RO status and recognizes the RO status as
Datetime, the host application 100 opens streams with the playback manager 300 of the memory card, and sends a current Datetime parameter to the playback manager 300 (S225).
[72] The playback manager 300 requests the RO manager 400 to check if the contents use authorization is valid (S230).
[73] In case the contents use authorization is valid when the RO manager 400 checks if the contents use authorization is valid, the RO manager 400 sends the validation of the contents use authorization to the playback manager 300 (S235 and S240).
[74] The playback manager 300 decrypts in a multi-block manner and sends contents to the host application 100 (S245).
[75] FIG. 3 is a flow chart explaining time intervals applied to DRM contents according to the third embodiment of the present invention.
[76] A time interval defines time information during processing of authorization to contents, the duration of a time interval has to begin when a relevant authorization is initially processed, and authorization can be processed several times within the duration of a time interval.
[77] In order to control a time interval, a host provides information on a "current Datetime authorization" when contents begin for the first time, that is, before the contents are played back. [78] Thereafter, if START and END times are provided to the playback manager 300 of the memory card with the security function for the first time according to the time interval information, a flow progresses that is similar to a call flow by the Datetime described in detail in the above second embodiment.
[79] Referring to FIG. 3, the host application 100 forms a channel with the RO manager
400 before playing back contents, and sends a PT Command message (S310). The RO manager 400 of the memory card, which forms a channel with the host application 100, sends an RO status to the host application 100 (S320).
[80] The host application 100 reads an RO status, and recognizes the RO status as a time interval.
[81] Thereafter, the host application 100 can get time information of the time when authentication begins for the first time, and calculates END time information through the time information of the START time and the time interval. Further, the host application 100 sends END time information to the RO manager 400 (S325).
[82] The RO manager 400 receiving the information stores the END time information
(S330). By doing so, the RO manager 400 has the END time information, and then, accordingly, a flow progresses that is similar to a call flow by the Datetime.
[83] Again, the host application 100 opens streams with the playback manager 300 of the memory card (S335). The playback manager 300 requests the RO manager 400 to check if a contents use authorization is valid (S340).
[84] In case that, when the RO manager 400 checks if the contents use authorization is valid, if the contents use authorization is valid as well as if the RO manager 400 sends the validation of the contents use authorization to the playback manager 300, the playback manager 300 decrypts in a single-block or in a multi-block manner and sends the encrypted contents to the host application 100 (S345, S350, and S355).
[85] After a predetermined time lapses, that is, after a time set as a time interval lapses, the host application 100 bans the playback of the contents (S365).
[86] FIG. 4 is a flow chart explaining accumulated time information applied to DRM contents according to the fourth embodiment of the present invention.
[87] Accumulated time information is defined as a maximum period of a use time measured while authorization to contents is progressing, and, in general, the accumulated time information is decreased by the time used after a playback time.
[88] Sending a host a use time measured after a playback time may form an illegal use, so that, in order to prevent such a use, the accumulated time information is regularly updated for a playback time period. Accordingly, the host sends a memory card a Command message for updating accumulated time information during a playback of contents.
[89] Referring to FIG. 4, the host application 100 forms a channel with the RO manager 400 before playing back contents, and sends a PT Command message (S410). The RO manager 400 of a memory card with a security function, which forms a channel with the host application 100, sends an RO status to the host application 100 (S420).
[90] After the host application 100 reads and recognizes the RO status as an accumulated time, the host application 100 opens streams with the playback manager 300 of the memory card, and the playback manager 300 requests the RO manager 400 to check if a contents use authorization is valid (S425 and S430).
[91] In case the RO manager 400 checks if the contents use authorization is valid and the contents use authorization is valid, and, if the RO manager 400 sends the validation of the contents use authorization to the playback manager 300, the playback manager 300 decrypts in a single-block or in a multi-block manner and sends contents to the host application 100 (S435, S440, and S445).
[92] Accordingly, after a predetermined time lapses, that is, after time set by a contents provider lapses, by sending a PT Command message to the RO manager through an established channel, the host application 100 decreases the accumulated time (S460).
[93] The RO manager 400 receiving information on the decrease of the accumulated time updates the accumulated time information, and sends a result of its completion to the host application 100 (S465 and S470).
[94] In the present invention, the host application 100 refers to any thing built in a terminal which has functions of playing back contents, forming a channel with the RO manager 400, and giving and taking messages. However, it is not necessary that the functions as described above have to be carried out in one application. Accordingly, the host application 100 may be developed in one application, or there may be separately developed for example a contents playback application, such as a media player playing back contents, and a communications application forming a channel with the RO manager 400 and communicating encrypted data, which can be connected to each other. Substantially, for the convenience of developments, there is separately developed a contents playback application alone, and, in case of a module forming the channel and communicating encrypted data, there may be a development method using the Host Software Development Kit(SDK).
[95] So far, the present invention is described in detail with reference to the preferred embodiments, but the present invention is not defined by the above embodiments, and it will be apparent that the technical idea of the present invention encompasses the scope of diverse changes and modifications by those skilled in the art without departing from the gist of the present invention claimed in the appended claims.
[96]
Industrial Applicability [97] A method of controlling time-related constraints in a memory card with a security function according to the present invention builds in a memory card a DRM Agent managed in a terminal (host), and enables the DRM Agent to be mounted in the memory card by designing a protocol capable of controlling time-related constraints, so as to have an advantage capable of providing the extendibility of a device.
[98]
[99]

Claims

Claims
[1] A method of controlling time-related constraints in a memory card with a security function, the memory card having a Rights Object(RO) manager, comprising the steps of: a) forming a channel with the RO manager, by a host application, to play back contents; b) reading an RO status through the channel and recognizing the RO status as a time-count, by the host application; c) requesting the RO manager to check a contents use authorization; d) decrypting the contents if the contents use authorization is valid; e) sending the decrypted contents to the host application; and f) sending a count decrease message to the RO manager, by the host application, to decrease the count as a predetermined time lapses according to time-count information.
[2] The method as claimed in claim 1, wherein, in the step d), a playback manager of the memory card decrypts the contents.
[3] The method as claimed in claim 2, further comprising a step of g) updating and storing information of the decreased count, by the RO manager.
[4] The method as claimed in claim 1, wherein the RO is managed in a binary format.
[5] A method of controlling time-related constraints in a memory card with a security function, the memory card having a Rights Obect(RO) manager, comprising the steps of: i) forming a channel with the RO manager and recognizing an RO status as
Datetime from the RO manager, by a host application, in order to play back contents; ii) requesting the RO manager of the memory card, by the playback manager, to check a contents use authorization; iii) decrypting the contents if the playback manager verifies that the contents use authorization is valid; iv) sending the decrypted contents to the host application; and v) playing back the contents according to the Datetime information.
[6] The method as claimed in claim 5, further comprising a step of opening streams with the playback manager by the host application, wherein, upon opening the streams, the application sends a Datetime parameter to the playback manager together.
[7] The method as claimed in claim 5, wherein the RO is managed in a binary format.
[8] A method of controlling time-related constraints in a memory card with a security function, the memory card having a Rights Object(RO) manager, comprising the steps of: forming a channel with the RO manager, by a host application, to play back contents; reading an RO state through the channel and recognizing the RO status as a time interval, by the host application; calculating and sending an END time to the RO manager, by the host application, and storing the received END time by the RO manager; opening streams with a playback manager of the memory card; requesting the RO manager to check a contents use authorization by the playback manager of the memory card which opens streams with the host application; decrypting the contents if the playback manager receives a validation of the contents use authorization from the RO manager; sending the decrypted contents to the host application; and ending playback of the contents if a predetermined time lapses according to the time interval information.
[9] The method as claimed in claim 8, wherein the RO is managed in a binary format.
[10] A method of controlling time-related constraints in a memory card with a security function, the memory card having a Rights Object(RO) manager, comprising the steps of: forming a channel with the RO manager to play back contents, reading an RO status through the channel, and recognizing the RO status as an accumulated time, by a host application; requesting a playback manager of the memory card to open streams, by the host application; requesting the RO manager to check a contents use authorization, by the playback manager; decrypting the contents, by the playback manager, if the contents use authorization is valid; sending the decrypted contents to the host application; and notifying the RO manager of time information every predetermined time, by the host application, to decrease the accumulated time.
[11] The method as claimed in claim 10, wherein the RO is managed in a binary format.
[12] A system using time-related constraints in a memory card with a security function, in a terminal having the memory card storing contents and a host application playing back the contents, wherein the memory card includes a Rights Object(RO) manager checking a contents use authorization, and updating and storing information about a count received from the host application, and a playback manager decrypting the contents if the RO manager verifies that the contents use authorization is valid; and the host application forms a channel with the RO manager, in order to play back the contents, recognizes an RO status as a time-count through the channel, and, after receiving decrypted contents from the playback manager and if a predetermined time lapses, sends a count decrease message to the RO manager to decrease the count according to information of the time-count.
[13] A system using a method of controlling time-related constraints in a memory card with a security function, a terminal having the memory card storing contents and a host application playing back the contents, wherein the memory card includes a Rights Object(RO) manager checking a contents use authorization, and a playback manager decrypting the contents, if the RO manager verifies that the contents use authorization is valid; and the host application forms a channel with the RO manager, in order to play back the contents, recognizes an RO status as Datetime through the channel, and, after receiving the decrypted contents from the playback manager, plays back the contents according to information of the Datetime.
[14] A system using a method of controlling time-related constraints in a memory card with a security function, a terminal having the memory card storing contents and a host application playing back the contents, wherein the memory card includes a Rights Object(RO) manager checking a contents use authorization and storing an END time received from the host application, and a playback manager decrypting the contents if the RO manager verifies that the contents use authorization is valid; and the host application forms a channel with the RO manager, in order to play back the contents, recognizes an RO status as a time interval through the channel, calculates an END time and then sends the END time to the RO manager, and, after receiving the decrypted contents and if a predetermined time lapses, ends the playback of the contents according to information on the time interval.
[15] A system using a method of controlling time-related constraints in a memory card with a security function, a terminal having the memory card storing contents and a host application playing back the contents, wherein the memory card includes a Rights Object(RO) manager checking a contents use authorization, and updating and storing the accumulated time received from the host ap- plication, and a playback manager decrypting the contents if the RO manager verifies that the contents use authorization is valid; and the host application forms a channel with the RO manager, in order to play back the contents, reads an RO status as an accumulated time through the channel, and, after receiving the decrypted contents from the RO manager, sends information of the accumulated time to the RO manager to decrease the accumulated time every predetermined time.
PCT/KR2008/005757 2007-10-01 2008-09-30 Method of controlling time related constraints in memory card with security function and system thereof WO2009045037A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020070098930A KR20090033747A (en) 2007-10-01 2007-10-01 Method of controlling time related constraints in memory card with security function
KR10-2007-0098930 2007-10-01

Publications (2)

Publication Number Publication Date
WO2009045037A2 true WO2009045037A2 (en) 2009-04-09
WO2009045037A3 WO2009045037A3 (en) 2009-06-11

Family

ID=40526822

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2008/005757 WO2009045037A2 (en) 2007-10-01 2008-09-30 Method of controlling time related constraints in memory card with security function and system thereof

Country Status (2)

Country Link
KR (1) KR20090033747A (en)
WO (1) WO2009045037A2 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040186853A1 (en) * 2003-01-14 2004-09-23 Masaya Yamamoto Content reproduction apparatus, license issue server, and content reproduction system
KR20050114442A (en) * 2004-06-01 2005-12-06 삼성전자주식회사 Method for playbacking content using portable storage by digital rights management, and portable storage for the same
KR20070053032A (en) * 2005-11-18 2007-05-23 엘지전자 주식회사 Method and system for digital rights management among apparatuses

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040186853A1 (en) * 2003-01-14 2004-09-23 Masaya Yamamoto Content reproduction apparatus, license issue server, and content reproduction system
KR20050114442A (en) * 2004-06-01 2005-12-06 삼성전자주식회사 Method for playbacking content using portable storage by digital rights management, and portable storage for the same
KR20070053032A (en) * 2005-11-18 2007-05-23 엘지전자 주식회사 Method and system for digital rights management among apparatuses

Also Published As

Publication number Publication date
KR20090033747A (en) 2009-04-06
WO2009045037A3 (en) 2009-06-11

Similar Documents

Publication Publication Date Title
US7917946B2 (en) Method and network for securely delivering streaming data
EP3010175B1 (en) Replay of a batch of secure commands in a secure channel
JP4570620B2 (en) Method and system for registration of licensing modules in a mobile device
US9165121B2 (en) Concept of efficiently distributing access authorization information
EP2534603B1 (en) Apparatuses and methods for enabling a user to consume protected contents of a content provider
EP1983459A2 (en) Digital rights management method and digital rights management-enabled portable device
AU2005203126A1 (en) Method of providing access to encrypted content to one of a plurality of consumer systems, device for providing access to encrypted content and method of generating a secure content package
JP2006050623A (en) Method of providing rights data object
EP2036234A2 (en) Method and apparatus for effecting the return of a rights management object
CN101201878A (en) Method and device for providing the device with access rights to access rights controlled digital content
FR3039738A1 (en) METHOD OF MANAGING A PROFILE RECORDED IN A SECURE ELEMENT, AND CORRESPONDING SECURE ELEMENT
JP2001092927A (en) Semiconductor memory device and operation setting method for the same
JP2006079213A (en) Relay device, authentication server, and authentication method
US20090320142A1 (en) Data processor
WO2007077478A2 (en) Method and system for content based obligation enforcement in an electronic equipment
KR100995731B1 (en) Method and system for managing authentication and payment for use of broadcast material
WO2009045037A2 (en) Method of controlling time related constraints in memory card with security function and system thereof
EP1967023A1 (en) Processing proprietary data transmitted over a radio communication network to a mobile terminal under the control of a smart card
EP1503560B1 (en) Method for controlled delivery of a service and devices for performing this method
JP2008048059A (en) Content distribution system
KR20130079484A (en) Method and system for storing flow media file in portable terminal
US20100125713A1 (en) Data backup system and data backup method thereof
KR100827070B1 (en) Apparatus for management license data and method thereof
EP2448235B1 (en) Electronic entity managing a credit for using a resource in which access to same is controlled by a control device
WO2004071008A1 (en) Method for setting up a secure connection using public and private key generated in user terminal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08835649

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC OF 050710

122 Ep: pct application non-entry in european phase

Ref document number: 08835649

Country of ref document: EP

Kind code of ref document: A2