+

WO2006065633A2 - Method and device for digital rights management - Google Patents

Method and device for digital rights management Download PDF

Info

Publication number
WO2006065633A2
WO2006065633A2 PCT/US2005/044532 US2005044532W WO2006065633A2 WO 2006065633 A2 WO2006065633 A2 WO 2006065633A2 US 2005044532 W US2005044532 W US 2005044532W WO 2006065633 A2 WO2006065633 A2 WO 2006065633A2
Authority
WO
WIPO (PCT)
Prior art keywords
identifier
digital content
protected digital
bits
partial match
Prior art date
Application number
PCT/US2005/044532
Other languages
French (fr)
Other versions
WO2006065633A3 (en
Inventor
Yan Gao
Yu Zhu
Original Assignee
Motorola Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Motorola Inc. filed Critical Motorola Inc.
Publication of WO2006065633A2 publication Critical patent/WO2006065633A2/en
Publication of WO2006065633A3 publication Critical patent/WO2006065633A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]

Definitions

  • the present invention relates generally to Digital Rights Management (DRM) and in particular, but not necessarily limited to, a method and a device associated with DRM that allows for group access of protected digital content.
  • DRM Digital Rights Management
  • Communicating electronic devices are becoming more widespread and many new applications are being developed for these devices. Communicating electronic devices are being used to handle digital content such as music, games, video clips, pictures, books; sensitive private data, such as medical records, financial data, credit card numbers; and security and safety situations, such as industrial controls, building automation, security alarms plus other content.
  • DRM includes permissions and constraints used to protect rights related to accessing and processing digital content. Content owners hope to protect their valuable digital content using DRM that is implemented by secure, tamper-resistant electronic devices, such as cellular phones.
  • the transfer of protected digital content can be via a peer-to-peer network or by a broadcast of a service provider to a group of devices or by a content provider allowing content access to one or more devices or by any other method or combination of devices.
  • current DRM schemas and methods and devices do not allow use of protected digital content by a group unless each member the group obtains permission to use the content by listing each unique identifier in a rights object provided by a licensed provider or copyright owner of the content.
  • the terms 'comprises', 'comprising', 'including' or similar terms are intended to mean a non-exclusive inclusion, such that a method or apparatus that comprises a list of elements does not include those elements solely, but may well include other elements not listed.
  • FIG. 1 is a block diagram illustrating circuitry of a mobile telephone in accordance with the present invention
  • FIG. 2 is a detailed block diagram of a communication system that typically includes a plurality of mobile telephones as illustrated FIG. 1;
  • FIG. 3 is a conceptual block diagram of what is stored in a static memory of the mobile telephones as illustrated FIG. 1; and FIG. 4 is a flow chart showing a method of operation of providing and using protected digital content according to an exemplary embodiment of the present invention.
  • a method for DRM of protected digital content including: Requesting usage of protected digital content to be used by an application supported by an electronics device having a device identity associated therewith; reading a rights object associated with and governing allowed use of the protected digital content; Determining from the rights object an identifier and at least one partial match identifier constraint; and
  • the identifier may be a user identifier identifying a user of the device.
  • One suitable identifier is an identifier of an RUIM or SIM or USIM.
  • the identifier may be an International Mobile Subscriber Identity or an International Mobile Equipment Identity number.
  • the identifier may be a telephone number corresponding to an International Mobile Subscriber Identity.
  • the least one partial match identifier constraint may be adjacent bits in the International Mobile Subscriber Identity.
  • the adjacent bits may be adjacent least significant bits or an adjacent most significant bits.
  • the adjacent bits may identify a networks provider, or may identify a country, region, state or city.
  • the least one partial match identifier constraint may suitably include matching from one or more of the following: a 10 most significant bits of the identifier; 10 least significant bits of the identifier; n adjacent bits of the identifier; n adjacent bits i bits from the least significant bit of the identifier; n adjacent bits i bits from the most significant bit of the identifier 11 th and 12* least significant bits of the identifier; or 11 th to 15 h least significant bits of the identifier, wherein n and i are integers.
  • Each partial match identifier constraint is allowed to be a combined with one or more other partial match identifier constraints by Boolean operators.
  • a device comprising: a memory storing both a protected digital content file and associated object rights, the object rights having an identifier and at least one partial match identifier constraint; a processor operatively coupled to the memory, at least one user interface and a keypad operatively coupled to the processor, wherein in response to a user command provided at the keypad the device determines from the rights object an identifier and at least one partial match identifier constraint, and thereafter allows the use by the user interface, governed by the rights object, of the protected digital content by the device only when a device identity that identifies the device exactly matches the identifier or partially matches the identifier as stipulated by the at least one partial match identifier constraint.
  • the identifier may be a user identifier identifying a user of the device.
  • One suitable identifier is a user identifier of an RUIM or SIM or USIM.
  • the identifier may be an International Mobile Subscriber Identity or an International Mobile Equipment Identity number.
  • the identifier may be a telephone number corresponding to an International Mobile Subscriber Identity.
  • a method for providing protected digital content including:
  • the identifier may be a user identifier identifying a user of the device.
  • One suitable identifier is a user identifier of an RUIM or SIM or USIM.
  • the identifier may be an International Mobile Subscriber Identity or an International Mobile Equipment Identity number.
  • the identifier may be a telephone number corresponding to an International Mobile Subscriber Identity.
  • the least one partial match identifier constraint may be adjacent bits in the telephone number corresponding to an International Mobile Subscriber Identity,
  • the adjacent bits may be adjacent least significant bits or an adjacent most significant bits.
  • the adjacent bits may identify a networks provider, or may identify a country, region, state or city.
  • the least one partial match identifier constraint may suitably include matching from one or more of the following: a 10 most significant bits of the identifier; 10 least significant bits of the identifier; n adjacent bits of the identifier; n adjacent bits i bits from the least significant bit of the identifier; n adjacent bits i bits from the most significant bit of the identifier 11 th and 12 th least significant bits of the identifier; or 11 th to 15 h least significant bits of the identifier, wherein n and i are integers.
  • Each partial match identifier constraint is allowed to be a combined with one or more other partial match identifier constraints by Boolean operators.
  • device identity includes: an International Mobile Subscriber Identity (IMSI), an International Mobile Equipment Identity (IMEI), internet addresses or any other possible suitable identifier.
  • IMSI International Mobile Subscriber Identity
  • IMEI International Mobile Equipment Identity
  • FIG. 1 there is a schematic diagram illustrating an electronics device in the form of a mobile station or mobile telephone 100 comprising a radio frequency communications unit 102 coupled to be in communication with a processor 103.
  • the mobile telephone 100 also has a keypad 106 and a display screen
  • screen 105 coupled to be in communication with the processor 103.
  • screen 105 may be a touch screen thereby making the keypad
  • the processor 103 includes an encoder/decoder 111 with an associated code
  • the processor 103 also includes a micro-processor 1 13 coupled, by a common data and address bus 117, to the encoder/decoder 111, a character Read Only Memory (ROM) 114, a Random Access Memory (RAM) 104, programmable read and write static memory 116, a short range wireless transceiver 180, a plug in memory module and network connection interface 160 and a Removable User Identity Module (RUIM) interface 118.
  • ROM Read Only Memory
  • RAM Random Access Memory
  • RUIM Removable User Identity Module
  • the static programmable memory 116 and a RUIM card 1 19 operatively coupled to the RUIM interface 118 each can store, amongst other things, Preferred Roaming Lists (PRLs), subscriber authentication data, selected incoming text messages and a Telephone Number Database (TND phonebook) comprising a number field for telephone numbers and a name field for identifiers associated with one of the numbers in the name field.
  • PRLs Preferred Roaming Lists
  • TDD phonebook Telephone Number Database
  • the RUIM card 119 and static memory 1 16 may also store passwords for allowing accessibility to password protected functions on the mobile telephone 100.
  • the RUIM card 119 is sometimes referred to or is interchangeably referred to as a Subscriber Identity Module (SIM) or Universal Subscriber Identify Module (USIM) and has stored thereon a unique International Mobile Subscriber Identity (IMSI).
  • SIM Subscriber Identity Module
  • USIM Universal Subscriber Identify Module
  • IMSI International Mobile Subscriber Identity
  • the micro-processor 113 has ports for coupling to the keypad 106, screen 105 and an alert 115 that typically contains an alert speaker, vibrator motor and associated drivers. Also, micro-processor 113 has ports for coupling to a microphone 135, a polyphonic speaker 170 and communications speaker 140.
  • the character Read only memory 114 stores code for decoding or encoding text messages that may be received by the communications unit 102. In this embodiment the character Read Only Memory 114, RUIM card 119, and static memory 116 may also store Operating Code (OC) for the micro-processor 113 and code for performing functions associated with the mobile telephone 100. Furthermore, the static memory 116 also stores digital content with corresponding rights object files and a rights expression language described later herein.
  • the radio frequency communications unit 102 is a combined receiver and transmitter having a common antenna 107.
  • the communications unit 102 has a transceiver 108 coupled to the antenna 107 via a radio frequency amplifier 109.
  • the transceiver 108 is also coupled to a combined modulator/demodulator 110 that couples the communications unit 102 to the processor 103.
  • FIG. 2 is a block diagram of a system 200 in accordance with an embodiment of the present invention.
  • system 200 comprises a plurality of electronic devices 201,202,203 typically in form of the mobile station or mobile telephone 100.
  • the electronic devices 201,202,203 can be any suitable network connectable devices such as, but not limited to, personal digital assistants, audio players, video players, portable computers and the like.
  • one or more of the electronic devices 201,202,203 can be typically equipped to play an MPEG Video Layer 4 file with a standard MPEG video codec.
  • one or more of the devices 201,202,203 may be equipped with an application to "play" an MPEG Audio Layer 3 (MP3) file with an application such as a standard MP3 player.
  • MP3 MPEG Audio Layer 3
  • the system 200 also comprises a plurality of content providers 205, 207, 209 and a network 210 allowing communication between electronic devices 201,202,203 (peer- to-peer communications) or communication between any of the content providers 205, 207, 209 and any of the electronic devices 201,202,203.
  • the content providers 205, 207, 209 suitably have databases that provide usable protected digital content to the electronic devices 201,202,203 after executing appropriate DRM protocols governed by usage limitations.
  • content provider 205 may provide protected digital content MP3 files to the electronics device 201 utilizing a DRM protocol as is being developed in MPEG-21 (ISO/EEC TR 21000-l:2001(E) "Part 1: Vision, Technologies and Strategy", available from http://www.iso.ch/iso/en/ittf/) while content provider 207 may provide protected digital video content to the electronic device 202 utilizing a second DRM protocol as described in the Open Mobile Alliance standard as will be apparent to a person skilled in the art.
  • the digital content that may be provided by content providers 205, 207, 209 include, but are not limited to, music, games, video, pictures, books, maps, software, plus any other digital content.
  • the content providers 205, 207, 209 can be communications network providers that provide communications networks and the peer-to-peer communications connections between electronics devices 201,202,203.
  • the 205-205 takes place over network 202.
  • the network 202 may take various forms such as but not limited to a cellular network, a local-area network, a wide-area network, a hard- wired connection or any other communications network.
  • FIG. 3 is a conceptual block diagram of what is stored in the static memory
  • the static memory 116 stores programs, files or modules including protected digital content files 310, 314, 318 and respective associated rights files (rights objects) 312, 316, 320 and a DRM agent 330.
  • the static memory 116 also stores programs for system services 340 and programs for applications 305, 307,309.
  • this exemplary embodiment illustrates the static memory 116 stores, amongst others, applications 305, 307,309, protected digital content files 310, 314, 318 rights files (rights objects) 312, 316, 320 and the DRM agent 330, it should be noted that any number of storage means could be used for storing one or more of the above.
  • Such storage means can include, but are not limited to, a hard disk storage coupled to interface 160, the Random Access Memory (RAM) 104, and smart card storage device or the RUIM card 119 coupled to the RUIM interface 118, or a removable memory device such as a Multi-Media Card (MMC) or removable memory coupled to interface 160.
  • MMC Multi-Media Card
  • FIG. 3 the conceptual block diagram of FIG. 3 is for illustrative purposes only and the programs, files or modules stored in the static memory 116 may be stored by any memory mapping allocation and the mapping may be allocated contiguously or segmented.
  • the rights files 312, 316, 320 may be embedded in the protected digital content files 310, 314, 318.
  • DRM is enforced and protected, for instance, on the protected digital content file 310 by use of the associated rights file 312.
  • the rights file 312 contains usage permissions and a Content Encryption Key (CEK) for the protected digital content file 310, and the content therein can be rendered or used only by devices having a permitted identifier (ID) possessing rights defined by the corresponding rights file 312.
  • CEK Content Encryption Key
  • Such rights are given to the device via the identifier (ID) that identifies the device or a module operatively coupled to the device such as an identification code (or number) that on the mobile telephone 100 would typically be an International Mobile Subscriber Identity (IMSI) residing on the RUIM.
  • IMSI International Mobile Subscriber Identity
  • a device such as the mobile telephone 100 will use the DRM agent 330 to authenticate licenses, parse and enforce rules, and parse, decrypt and consequently access or use the protected digital content in a manner that is governed by access rights provided by the rights file 312.
  • DRM agent 330 will use the system services 340 to help perform common functions, such as file-system management or decryption of the content in the protected digital content file 310.
  • a model, schema or convention of formatted, compiled or encrypted DRM rights residing in the rights files 312, 316, 320 suitably comprises, amongst others, permission rights (PR), constraint rights (CR) and security rights (SR).
  • PR permission rights
  • CR constraint rights
  • SR security rights
  • models, schemas, or conventions for the DRM rights are generally defined in, for instance, in the Open Mobile Alliance standard DRM Rights Expression Language.
  • the present invention suitably provides for, amongst others, the following:- Constraints (CR): number_of_usages; ; expiry_date; identity; ; end.
  • the number_of_usages constraints rights specifies the number of times a permission to use an asset may be granted, wherein the permission is defined by the permission rights (PR).
  • the expiry_date constraints rights specifies a time range or time limit for the permission to use an asset may be granted.
  • the identity constraints rights specifies an identifier (ID) or identifiers that have the granted permission (PR), defined by the permission rights, to use an asset.
  • the present invention makes use of the identity constraints rights (CR), wherein the identity has the following objects:- Permitted_Identifier : ⁇ 32 bits>; Matchl : ⁇ 10 most significant bits>;
  • Match2 ⁇ 10 least significant bits>
  • Match3 ⁇ n adjacent bits>
  • n is an integer between 2 and 31
  • n and i are integers between 1 and 16
  • n and i are integers between 1 and 16 Match6 : ⁇ 11 th and 12 th least significant bits>;
  • Matcb.8 Boolean AND / OR / NOT operators for that can be used on any or all of partial Matches of Matchl to Match7.
  • FIG. 4 there is illustrated a flow chart showing a method 400 of operation of the communication system 200.
  • the method 400 is initiated at a start block 410, by a suitable connection of one of devices 201, 202, 203 to one of the content providers 205, 207, 209, by the network 210.
  • the method 400 at a block 420, performs providing protected digital content and an associated rights object at a block 420.
  • the providing is performed over the network and can be Multimedia Messaging or downloading from a website or any other form of providing.
  • the providing can be performed by the Content provider 205 (who is essentially a rights object issuer) sending the protected digital content and an associated rights object in one or more Multimedia Messages to the mobile telephone 100.
  • the Content provider 205 who is essentially a rights object issuer
  • a block 430 there is performed receiving and storing the protected digital content and an associated rights object in the static memory 116.
  • the receiving is via the radio frequency communications unit 102 and, for example, the protected digital content is stored in the protected digital content file 310 and the rights object is stored in the rights file 312.
  • the protected digital content file 310 and the rights object stored in the rights file 312 can be received separately in one transmission or they can be received in two separate transmissions. Also, the rights object may be embedded in the protected digital content file 310.
  • this identifier is the International Mobile Subscriber Identity (IMSI) stored in the RUIM 119 or SIM or USIM, however other forms of identifier (ID) can be used including an International Mobile Equipment Identity (IMEI), internet addresses or any other possible suitable identifier depending typically on the type of system 200 and requirements of the content provider 205.
  • IMSI International Mobile Subscriber Identity
  • IMEI International Mobile Equipment Identity
  • this identifier (ID) is a permitted identifier (PID) that is stored in the 32 bit Permitted_Identifier object/field in the identity constraints rights (CR) that is included in the provided rights object.
  • PID Permitted_Identifier object/field
  • permitted identifier (PID) stored in the Permitted_Identif ⁇ er object/field may be a telephone number corresponding to an International Mobile Subscriber Identity (IMSI) or any other identifier (ID) such as an IMEI, internet addresses or any other possible suitable identifier could be used.
  • IMSI International Mobile Subscriber Identity
  • ID identifier
  • Also provided in the rights object is at least one partial match identifier constraint (Match 1 to Match8) that is allowed by the identity constraints rights (CR).
  • the partial match identifier constraint may be adjacent digits (bits) in a telephone number corresponding to an International Mobile Subscriber Identity.
  • the adjacent bits may be adjacent least significant bits or an adjacent most significant bits.
  • the adjacent bits may identify a networks provider, or may identify a country, region, state or city.
  • the least one partial match identifier constraint may suitably include matching: a 10 most significant bits of the identifier; 10 least significant bits of the identifier; n adjacent bits of the identifier; n adjacent bits i bits from the least significant bit of the identifier; n adjacent bits i bits from the most significant bit of the identifier 11 th and 12 th least significant bits of the identifier; or 11 th to 15 h least significant bits of the identifier, wherein n and i are integers.
  • the method 400 may terminate or effect further providing and receiving of more protected digital content and an associated rights object may be performed.
  • the mobile telephone 100 may be sent a user command, input at the keypad 106, requesting usage of the protected digital content. As illustrated, the requesting usage is performed immediately after block 430 completes the receiving and storing.
  • the requesting usage of the protected digital content is performed at a block 440, typically in response to the user command input at the keypad 105 (or automatically upon the receiving and storing of block 430.
  • the requesting usage of the protected digital content is for the content to be used by an application supported by the mobile telephone 100 that has a device identity, for instance, the identifier (ID) obtained from the International Mobile Subscriber Identity (IMSI).
  • ID the identifier obtained from the International Mobile Subscriber Identity
  • IMSI International Mobile Subscriber Identity
  • the method 400 performs reading the rights object in rights file 312 associated with and governing allowed use of the protected digital content in file 310.
  • one of applications 305,307, 309 capable of running MPEG Video Layer 4 files is selected to be used by the mobile telephone 100.
  • the method 400 performs determining from the rights object in file 312 the DRM rights including: the permitted identifier (PID) or permitted identifiers from the Permitted_Identifier object/field; and, if included in the identity constraints rights (CR), at least one partial match identifier constraint of
  • a test is then conducted, at a match test block 470, to check if the permitted identifier (PID) in the rights object file 312 either: exactly matches the device identity obtained from the identifier (ID); or partially matches the device identity obtained from the identifier (ID) as stipulated by the at least one partial match identifier constraint defined by the allowed set/selected matches (Match 1 to Match.8).
  • PID permitted identifier
  • the method at block 480, provides for disallowing use of the protected digital content stored in file 310.
  • the method at block 490 provides for allowing the use, governed by the rights object in file 312, of the protected digital content in file 310 by the mobile telephone 100 only when the device identity obtained from the identifier (ID) exactly matches the permitted identifier (PID) or partially matches the permitted identifier (PID) as stipulated by the at least one partial match identifier constraint defined by the allowed matches (Matchl to Match8).
  • the DRM agent 330 assisted by the system services decrypts, using the Content Encryption Key (CEK) in the rights object and plays the protected digital content in file 310 (an encrypted MPEG Video Layer 4 file) using application 305 (an MPEG player) on the screen 105 complemented by the polyphonic speaker 17O.
  • CEK Content Encryption Key
  • the method 400 then terminates, after block 480 or 490, at an end block 495.
  • the content provider, or copyright owner or licensee wishes to provide or allow use of their protected digital content to specific groups or regions then a suitable one or more of the at least one partial match identifier constraints defined by the allowed matches (Matchl to Match ⁇ ) of the identity constraints rights (CR) can be set in the rights object.
  • the content provider, or copyright owner or licensee can selectively allow large groups, specific subscription tiers, and regions to use and distribute via their radio communications unit 102 over a network, by hard wired connections or plug in devices using the interface 160, or by the short range transceiver 180 or by any other means.
  • match3 is selected to be included in the rights object and n is set to 2 then any telephone number with 2 adjacent bits matching any of the two adjacent bits of 65 12345678 will be able to use the protected digital content.
  • match4 can be used such that n is set to 2 and i is set to 8, hence only telephone numbers with 65 with their 9 th and 10 th digits (bits) will be able to use the protected digital content.
  • the device identity and permitted_Identifier may be any other possible allowable identifier including, but not limited to, the identifiers specifically referred to in this specification.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A method (400) for Digital Rights management (DRM) of protected digital content. The method (400) performs requesting usage of protected digital content (310) to be used by an application supported by an electronics device (100) having a device identity and then reading a rights object (450) associated with and governing allowed use of the protected digital content . Next, the method (400) performs determining from the rights object (460) an identifier and at least one partial match identifier constraint. Thereafter, a decision (470) is provided for allowing (490) the use, governed by the rights object, of the protected digital content by the device (100) only when the device identity exactly matches the identifier or partially matches the identifier as stipulated by the at least one partial match identifier constraint.

Description

METHOD AND DEVICE FOR DIGITAL RIGHTS MANAGEMENT
Field of the Invention
The present invention relates generally to Digital Rights Management (DRM) and in particular, but not necessarily limited to, a method and a device associated with DRM that allows for group access of protected digital content.
Background of the Invention
Electronic devices equipped with microprocessors and communication capabilities are becoming more widespread and many new applications are being developed for these devices. Communicating electronic devices are being used to handle digital content such as music, games, video clips, pictures, books; sensitive private data, such as medical records, financial data, credit card numbers; and security and safety situations, such as industrial controls, building automation, security alarms plus other content.
In many situations, the digital content, information transferred or sent to these devices needs to be protected at all times. For example, content owners require content rendering devices to be trusted to protect their copyrighted works or content so that access and use of the content can be restricted. Digital content has an intrinsic value and content owners require that protection means be used to ensure that they are fairly compensated for the use of their assets. DRM includes permissions and constraints used to protect rights related to accessing and processing digital content. Content owners hope to protect their valuable digital content using DRM that is implemented by secure, tamper-resistant electronic devices, such as cellular phones.
The transfer of protected digital content can be via a peer-to-peer network or by a broadcast of a service provider to a group of devices or by a content provider allowing content access to one or more devices or by any other method or combination of devices. However, current DRM schemas and methods and devices do not allow use of protected digital content by a group unless each member the group obtains permission to use the content by listing each unique identifier in a rights object provided by a licensed provider or copyright owner of the content.
In this specification, including the claims, the terms 'comprises', 'comprising', 'including' or similar terms are intended to mean a non-exclusive inclusion, such that a method or apparatus that comprises a list of elements does not include those elements solely, but may well include other elements not listed.
Brief Description of the Drawings
In order that the present invention may be readily understood and put into practical affect, reference will now be made to an exemplary embodiment illustrated in the accompanying drawings in which:
FIG. 1 is a block diagram illustrating circuitry of a mobile telephone in accordance with the present invention;
FIG. 2 is a detailed block diagram of a communication system that typically includes a plurality of mobile telephones as illustrated FIG. 1;
FIG. 3 is a conceptual block diagram of what is stored in a static memory of the mobile telephones as illustrated FIG. 1; and FIG. 4 is a flow chart showing a method of operation of providing and using protected digital content according to an exemplary embodiment of the present invention.
Summary of The Invention
According to one aspect of the invention, there is provided a method for DRM of protected digital content, the method including: Requesting usage of protected digital content to be used by an application supported by an electronics device having a device identity associated therewith; reading a rights object associated with and governing allowed use of the protected digital content; Determining from the rights object an identifier and at least one partial match identifier constraint; and
Allowing the use, governed by the rights object, of the protected digital content by the device only when the device identity exactly matches the identifier or partially matches the identifier as stipulated by the at least one partial match identifier constraint.
Suitably, the identifier may be a user identifier identifying a user of the device. One suitable identifier is an identifier of an RUIM or SIM or USIM. Typically, the identifier may be an International Mobile Subscriber Identity or an International Mobile Equipment Identity number.
The identifier may be a telephone number corresponding to an International Mobile Subscriber Identity.
Suitably, the least one partial match identifier constraint may be adjacent bits in the International Mobile Subscriber Identity. The adjacent bits may be adjacent least significant bits or an adjacent most significant bits. The adjacent bits may identify a networks provider, or may identify a country, region, state or city. The least one partial match identifier constraint may suitably include matching from one or more of the following: a 10 most significant bits of the identifier; 10 least significant bits of the identifier; n adjacent bits of the identifier; n adjacent bits i bits from the least significant bit of the identifier; n adjacent bits i bits from the most significant bit of the identifier 11th and 12* least significant bits of the identifier; or 11th to 15h least significant bits of the identifier, wherein n and i are integers. Each partial match identifier constraint is allowed to be a combined with one or more other partial match identifier constraints by Boolean operators. According to another aspect of the invention, there is provided a device comprising: a memory storing both a protected digital content file and associated object rights, the object rights having an identifier and at least one partial match identifier constraint; a processor operatively coupled to the memory, at least one user interface and a keypad operatively coupled to the processor, wherein in response to a user command provided at the keypad the device determines from the rights object an identifier and at least one partial match identifier constraint, and thereafter allows the use by the user interface, governed by the rights object, of the protected digital content by the device only when a device identity that identifies the device exactly matches the identifier or partially matches the identifier as stipulated by the at least one partial match identifier constraint.
Suitably, the identifier may be a user identifier identifying a user of the device. One suitable identifier is a user identifier of an RUIM or SIM or USIM. The identifier may be an International Mobile Subscriber Identity or an International Mobile Equipment Identity number. The identifier may be a telephone number corresponding to an International Mobile Subscriber Identity.
According to another aspect of the invention there is provided a method for providing protected digital content, the method including:
Obtaining a device identity from a device to which the protected digital content is to be provided; and Providing the protected digital content and an associated rights object, wherein the rights object contains an identifier obtained from the device identity and at least one partial match identifier constraint.
Suitably, the identifier may be a user identifier identifying a user of the device. One suitable identifier is a user identifier of an RUIM or SIM or USIM. The identifier may be an International Mobile Subscriber Identity or an International Mobile Equipment Identity number. The identifier may be a telephone number corresponding to an International Mobile Subscriber Identity.
Suitably, the least one partial match identifier constraint may be adjacent bits in the telephone number corresponding to an International Mobile Subscriber Identity, The adjacent bits may be adjacent least significant bits or an adjacent most significant bits. The adjacent bits may identify a networks provider, or may identify a country, region, state or city. The least one partial match identifier constraint may suitably include matching from one or more of the following: a 10 most significant bits of the identifier; 10 least significant bits of the identifier; n adjacent bits of the identifier; n adjacent bits i bits from the least significant bit of the identifier; n adjacent bits i bits from the most significant bit of the identifier 11th and 12th least significant bits of the identifier; or 11th to 15h least significant bits of the identifier, wherein n and i are integers. Each partial match identifier constraint is allowed to be a combined with one or more other partial match identifier constraints by Boolean operators.
Detailed Description of the Drawings
The instant disclosure is provided to further explain in an enabling fashion the best mode of making and using at least one embodiment in accordance with the present invention. The disclosure is further offered to enhance an understanding and appreciation for the inventive principles and advantages thereof, rather than to limit in any manner the invention. It is further understood that the use of relational terms are used solely to distinguish one from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms use or using in this specification have the broad meaning that includes: viewing, executing, listening, playing, accessing data, accessing information and other similar terms. The reader is specifically drawn to the definition of "device identity" that has the broad meaning of any means, method, technique and the like associated with the identification of, or identifying, a device or a module on or coupled to a device, and "device identity" includes: an International Mobile Subscriber Identity (IMSI), an International Mobile Equipment Identity (IMEI), internet addresses or any other possible suitable identifier.
Much of the inventive functionality and many of the inventive principles are best implemented with or in software programs or instructions and integrated circuits (ICs) such as application specific ICs. It is expected that one of ordinary skill when guided by the concepts and principles disclosed herein will be readily capable of generating such software instructions and programs and ICs with minimal experimentation. Therefore, in the interest of brevity and minimization of any risk of obscuring the principles and concepts according to the present invention, further discussion of such software and ICs will be limited to the essentials with respect to the principles and concepts used by the invention.
Turning now to the drawings, wherein like numerals designate like components. Referring to FIG. 1, there is a schematic diagram illustrating an electronics device in the form of a mobile station or mobile telephone 100 comprising a radio frequency communications unit 102 coupled to be in communication with a processor 103. The mobile telephone 100 also has a keypad 106 and a display screen
105 coupled to be in communication with the processor 103. As will be apparent to a person skilled in the art, screen 105 may be a touch screen thereby making the keypad
106 optional.
The processor 103 includes an encoder/decoder 111 with an associated code
Read Only Memory (ROM) 112 for storing data for encoding and decoding voice or other signals that may be transmitted or received by the mobile telephone 100. The processor 103 also includes a micro-processor 1 13 coupled, by a common data and address bus 117, to the encoder/decoder 111, a character Read Only Memory (ROM) 114, a Random Access Memory (RAM) 104, programmable read and write static memory 116, a short range wireless transceiver 180, a plug in memory module and network connection interface 160 and a Removable User Identity Module (RUIM) interface 118. The static programmable memory 116 and a RUIM card 1 19 operatively coupled to the RUIM interface 118 each can store, amongst other things, Preferred Roaming Lists (PRLs), subscriber authentication data, selected incoming text messages and a Telephone Number Database (TND phonebook) comprising a number field for telephone numbers and a name field for identifiers associated with one of the numbers in the name field. The RUIM card 119 and static memory 1 16 may also store passwords for allowing accessibility to password protected functions on the mobile telephone 100. As will be apparent to a person skilled in the art the RUIM card 119 is sometimes referred to or is interchangeably referred to as a Subscriber Identity Module (SIM) or Universal Subscriber Identify Module (USIM) and has stored thereon a unique International Mobile Subscriber Identity (IMSI).
The micro-processor 113 has ports for coupling to the keypad 106, screen 105 and an alert 115 that typically contains an alert speaker, vibrator motor and associated drivers. Also, micro-processor 113 has ports for coupling to a microphone 135, a polyphonic speaker 170 and communications speaker 140. The character Read only memory 114 stores code for decoding or encoding text messages that may be received by the communications unit 102. In this embodiment the character Read Only Memory 114, RUIM card 119, and static memory 116 may also store Operating Code (OC) for the micro-processor 113 and code for performing functions associated with the mobile telephone 100. Furthermore, the static memory 116 also stores digital content with corresponding rights object files and a rights expression language described later herein. The radio frequency communications unit 102 is a combined receiver and transmitter having a common antenna 107. The communications unit 102 has a transceiver 108 coupled to the antenna 107 via a radio frequency amplifier 109. The transceiver 108 is also coupled to a combined modulator/demodulator 110 that couples the communications unit 102 to the processor 103.
FIG. 2 is a block diagram of a system 200 in accordance with an embodiment of the present invention. As shown, system 200 comprises a plurality of electronic devices 201,202,203 typically in form of the mobile station or mobile telephone 100. However, the electronic devices 201,202,203 can be any suitable network connectable devices such as, but not limited to, personal digital assistants, audio players, video players, portable computers and the like. Further, by way of example, one or more of the electronic devices 201,202,203 can be typically equipped to play an MPEG Video Layer 4 file with a standard MPEG video codec. Also, by way of example, one or more of the devices 201,202,203 may be equipped with an application to "play" an MPEG Audio Layer 3 (MP3) file with an application such as a standard MP3 player.
The system 200 also comprises a plurality of content providers 205, 207, 209 and a network 210 allowing communication between electronic devices 201,202,203 (peer- to-peer communications) or communication between any of the content providers 205, 207, 209 and any of the electronic devices 201,202,203. The content providers 205, 207, 209 suitably have databases that provide usable protected digital content to the electronic devices 201,202,203 after executing appropriate DRM protocols governed by usage limitations. For example, content provider 205 may provide protected digital content MP3 files to the electronics device 201 utilizing a DRM protocol as is being developed in MPEG-21 (ISO/EEC TR 21000-l:2001(E) "Part 1: Vision, Technologies and Strategy", available from http://www.iso.ch/iso/en/ittf/) while content provider 207 may provide protected digital video content to the electronic device 202 utilizing a second DRM protocol as described in the Open Mobile Alliance standard as will be apparent to a person skilled in the art. The digital content that may be provided by content providers 205, 207, 209 include, but are not limited to, music, games, video, pictures, books, maps, software, plus any other digital content. Also, the content providers 205, 207, 209 can be communications network providers that provide communications networks and the peer-to-peer communications connections between electronics devices 201,202,203.
In accordance with the exemplary embodiment of the present invention all communication between the electronics devices201,202,203. and content providers
205-205 takes place over network 202. The network 202 may take various forms such as but not limited to a cellular network, a local-area network, a wide-area network, a hard- wired connection or any other communications network.
FIG. 3 is a conceptual block diagram of what is stored in the static memory
116. As illustrated, the static memory 116 stores programs, files or modules including protected digital content files 310, 314, 318 and respective associated rights files (rights objects) 312, 316, 320 and a DRM agent 330. The static memory 116 also stores programs for system services 340 and programs for applications 305, 307,309. Although this exemplary embodiment illustrates the static memory 116 stores, amongst others, applications 305, 307,309, protected digital content files 310, 314, 318 rights files (rights objects) 312, 316, 320 and the DRM agent 330, it should be noted that any number of storage means could be used for storing one or more of the above. Such storage means can include, but are not limited to, a hard disk storage coupled to interface 160, the Random Access Memory (RAM) 104, and smart card storage device or the RUIM card 119 coupled to the RUIM interface 118, or a removable memory device such as a Multi-Media Card (MMC) or removable memory coupled to interface 160. Also, as will be apparent to a person skilled in the art, the conceptual block diagram of FIG. 3 is for illustrative purposes only and the programs, files or modules stored in the static memory 116 may be stored by any memory mapping allocation and the mapping may be allocated contiguously or segmented. It should also be noted that the rights files 312, 316, 320 may be embedded in the protected digital content files 310, 314, 318.
In general DRM is enforced and protected, for instance, on the protected digital content file 310 by use of the associated rights file 312. The rights file 312 contains usage permissions and a Content Encryption Key (CEK) for the protected digital content file 310, and the content therein can be rendered or used only by devices having a permitted identifier (ID) possessing rights defined by the corresponding rights file 312. Such rights are given to the device via the identifier (ID) that identifies the device or a module operatively coupled to the device such as an identification code (or number) that on the mobile telephone 100 would typically be an International Mobile Subscriber Identity (IMSI) residing on the RUIM.
When protected digital content on the protected digital content file 310 is required to be used by one of applications 305, 307, 309, a device such as the mobile telephone 100 will use the DRM agent 330 to authenticate licenses, parse and enforce rules, and parse, decrypt and consequently access or use the protected digital content in a manner that is governed by access rights provided by the rights file 312. The
DRM agent 330 will use the system services 340 to help perform common functions, such as file-system management or decryption of the content in the protected digital content file 310.
Consider a model, schema or convention of formatted, compiled or encrypted DRM rights residing in the rights files 312, 316, 320. Such a model, schema or convention suitably comprises, amongst others, permission rights (PR), constraint rights (CR) and security rights (SR). Such models, schemas, or conventions for the DRM rights are generally defined in, for instance, in the Open Mobile Alliance standard DRM Rights Expression Language.
Considering the constraints rights (CR), the present invention suitably provides for, amongst others, the following:- Constraints (CR): number_of_usages; ; expiry_date; identity; ; end.
The number_of_usages constraints rights (CR) specifies the number of times a permission to use an asset may be granted, wherein the permission is defined by the permission rights (PR).
The expiry_date constraints rights (CR) specifies a time range or time limit for the permission to use an asset may be granted.
The identity constraints rights (CR) specifies an identifier (ID) or identifiers that have the granted permission (PR), defined by the permission rights, to use an asset.
The present invention makes use of the identity constraints rights (CR), wherein the identity has the following objects:- Permitted_Identifier : <32 bits>; Matchl : <10 most significant bits>;
Match2 : <10 least significant bits>; Match3 : <n adjacent bits>; n is an integer between 2 and 31
Match4 <n adjacent bits i bits from the least significant bit>;
Where n and i are integers between 1 and 16
Match5 <n adjacent bits i bits from the most significant bit>;
Where n and i are integers between 1 and 16 Match6 : <11th and 12th least significant bits>;
Match7 : <l lth to 15h least significant bits>;
Matcb.8 :Boolean AND / OR / NOT operators for that can be used on any or all of partial Matches of Matchl to Match7.
From the above identity constraints rights (CR), if a Rights Object Issuer wished to allow use of protected digital content to users, devices, systems or networks that only have a identifier (ID) with specific 11th to 15th bits (i.e. 460 00) and all other bits were irrelevant, then by selecting only Match7 (all other matches Match 1 to 6 and Match8 are un-selected), the Rights Object Issuer will achieve the required protection of allowing use to only identifiers with their 1 lth to 15th bits matching 460 00. As another example, if the Rights Object Issuer wishes to allow use of protected digital content to users, devices, systems or networks who only have an identifier (ID) with both specific 11th to 15th bits and specific 3rd to 7th bits and all other bits were irrelevant, then by selecting only Matchδ (all other matches Match 1 to 7 are un- selected), the Rights Object Issuer will achieve the required protection by using Match8 Boolean operators to be coded as: Match7 AND Match3(n=4;i=6). Hence, from the above, it will be apparent that each partial match identifier constraint is allowed to be combined with one or more other partial match identifier constraints by Boolean operators.
Referring to Fig. 4 there is illustrated a flow chart showing a method 400 of operation of the communication system 200. The method 400 is initiated at a start block 410, by a suitable connection of one of devices 201, 202, 203 to one of the content providers 205, 207, 209, by the network 210. The method 400, at a block 420, performs providing protected digital content and an associated rights object at a block 420. The providing is performed over the network and can be Multimedia Messaging or downloading from a website or any other form of providing. By way of example, if the network 210 is a cellular network then the providing can be performed by the Content provider 205 (who is essentially a rights object issuer) sending the protected digital content and an associated rights object in one or more Multimedia Messages to the mobile telephone 100.
At a block 430, there is performed receiving and storing the protected digital content and an associated rights object in the static memory 116. The receiving is via the radio frequency communications unit 102 and, for example, the protected digital content is stored in the protected digital content file 310 and the rights object is stored in the rights file 312. The protected digital content file 310 and the rights object stored in the rights file 312 can be received separately in one transmission or they can be received in two separate transmissions. Also, the rights object may be embedded in the protected digital content file 310.
As will be apparent to a person skilled in the art, when the providing is performed the content provider 205 obtains an identifier (ID) from the device this identifier (ID) is the International Mobile Subscriber Identity (IMSI) stored in the RUIM 119 or SIM or USIM, however other forms of identifier (ID) can be used including an International Mobile Equipment Identity (IMEI), internet addresses or any other possible suitable identifier depending typically on the type of system 200 and requirements of the content provider 205. In this exemplary embodiment, this identifier (ID) is a permitted identifier (PID) that is stored in the 32 bit Permitted_Identifier object/field in the identity constraints rights (CR) that is included in the provided rights object. It should be noted that not all 32 bits may be used in the Permitted_Identifier object/field and in one embodiment permitted identifier (PID) stored in the Permitted_Identifϊer object/field may be a telephone number corresponding to an International Mobile Subscriber Identity (IMSI) or any other identifier (ID) such as an IMEI, internet addresses or any other possible suitable identifier could be used. Also provided in the rights object is at least one partial match identifier constraint (Match 1 to Match8) that is allowed by the identity constraints rights (CR). The partial match identifier constraint may be adjacent digits (bits) in a telephone number corresponding to an International Mobile Subscriber Identity. The adjacent bits may be adjacent least significant bits or an adjacent most significant bits. The adjacent bits may identify a networks provider, or may identify a country, region, state or city. The least one partial match identifier constraint may suitably include matching: a 10 most significant bits of the identifier; 10 least significant bits of the identifier; n adjacent bits of the identifier; n adjacent bits i bits from the least significant bit of the identifier; n adjacent bits i bits from the most significant bit of the identifier 11th and 12th least significant bits of the identifier; or 11th to 15h least significant bits of the identifier, wherein n and i are integers.
After block, 430, the method 400 may terminate or effect further providing and receiving of more protected digital content and an associated rights object may be performed. However, at some point the mobile telephone 100 may be sent a user command, input at the keypad 106, requesting usage of the protected digital content. As illustrated, the requesting usage is performed immediately after block 430 completes the receiving and storing.
The requesting usage of the protected digital content is performed at a block 440, typically in response to the user command input at the keypad 105 (or automatically upon the receiving and storing of block 430. The requesting usage of the protected digital content is for the content to be used by an application supported by the mobile telephone 100 that has a device identity, for instance, the identifier (ID) obtained from the International Mobile Subscriber Identity (IMSI). If for example the protected digital content in file 310 is an encrypted MPEG Video Layer 4 file then, at a block 450, the method 400 performs reading the rights object in rights file 312 associated with and governing allowed use of the protected digital content in file 310. Also one of applications 305,307, 309 capable of running MPEG Video Layer 4 files is selected to be used by the mobile telephone 100.
Next, at a block 460, the method 400 performs determining from the rights object in file 312 the DRM rights including: the permitted identifier (PID) or permitted identifiers from the Permitted_Identifier object/field; and, if included in the identity constraints rights (CR), at least one partial match identifier constraint of
Match 1 to Match8 that has been set/selected.
A test is then conducted, at a match test block 470, to check if the permitted identifier (PID) in the rights object file 312 either: exactly matches the device identity obtained from the identifier (ID); or partially matches the device identity obtained from the identifier (ID) as stipulated by the at least one partial match identifier constraint defined by the allowed set/selected matches (Match 1 to Match.8).
If there is no match or partial match at block 470 then the method, at block 480, provides for disallowing use of the protected digital content stored in file 310.
Alternatively, if there is a match or partial match, based on the above matching criterion, then the method, at block 490 provides for allowing the use, governed by the rights object in file 312, of the protected digital content in file 310 by the mobile telephone 100 only when the device identity obtained from the identifier (ID) exactly matches the permitted identifier (PID) or partially matches the permitted identifier (PID) as stipulated by the at least one partial match identifier constraint defined by the allowed matches (Matchl to Match8). Hence, the DRM agent 330, assisted by the system services decrypts, using the Content Encryption Key (CEK) in the rights object and plays the protected digital content in file 310 (an encrypted MPEG Video Layer 4 file) using application 305 (an MPEG player) on the screen 105 complemented by the polyphonic speaker 17O.The method 400 then terminates, after block 480 or 490, at an end block 495.
Advantageously, if the content provider, or copyright owner or licensee, wishes to provide or allow use of their protected digital content to specific groups or regions then a suitable one or more of the at least one partial match identifier constraints defined by the allowed matches (Matchl to Matchδ) of the identity constraints rights (CR) can be set in the rights object. Hence, the content provider, or copyright owner or licensee can selectively allow large groups, specific subscription tiers, and regions to use and distribute via their radio communications unit 102 over a network, by hard wired connections or plug in devices using the interface 160, or by the short range transceiver 180 or by any other means. For example, if the device identity obtained from the identifier (ID) corresponds to the telephone number 65 123456789 then if Match3 is selected to be included in the rights object and n is set to 2 then any telephone number with 2 adjacent bits matching any of the two adjacent bits of 65 12345678 will be able to use the protected digital content. However, to provide a tighter limitation on which groups can use the protected digital content then match4 can be used such that n is set to 2 and i is set to 8, hence only telephone numbers with 65 with their 9th and 10th digits (bits) will be able to use the protected digital content. Since 65 in the 9th and 10th digits (bits) of a telephone number are the country code for Singapore then the group of users are those with mobile telephones having an identifier (telephone number) with an IMSI number for Singapore. Another example targets to the different operators scenario. One of the IMSI number segments assignment to one mobile operator in China is the segment 460 00
XXXXX XXXXX, this means one International Mobile Subscriber Identity (IMSI) with the first 5 Most Significant Bits equals 460 00 belongs to this mobile operator. For another operator in China, the International Mobile Subscriber Identity (IMSI) segment starts with 460 01. Accordingly, if the partial match in the rights object was defined for the 5 bits from the first most significant bit, and the User_Identifϊer in the Rights Object was written by a Rights Object Issuer as 460 00 XXXXX XXXXX, the subscriber of any other mobile operator can not get the permission to access the protected digital content.
Only a few examples of the advantages of the present invention have been provided with specific reference to IMSI numbers providing the device identity, however, it will be apparent to a person skilled in the art that the device identity and permitted_Identifier (PID) may be any other possible allowable identifier including, but not limited to, the identifiers specifically referred to in this specification.
The above detailed description provides an exemplary embodiment only, and is not intended to limit the scope, applicability, or configuration of the present invention. Rather, the detailed description of the exemplary embodiment provides those skilled in the art with an enabling description for implementing the exemplary embodiment of the invention. It should be understood that various changes can be made in the function and arrangement of elements and steps without departing from the spirit and scope of the invention as set forth in the appended claims.

Claims

Claims
1. A method for DRM of protected digital content, the method including:
Requesting usage to protected digital content to be used by an application supported by an electronics device having a device identity associated therewith; reading a rights object associated with and governing allowed use of the protected digital content;
Determining from the rights object an identifier and at least one partial match identifier constraint; and Allowing the use, governed by the rights object, of the protected digital content by the device only when the device identity exactly matches the identifier or partially matches the identifier as stipulated by the at least one partial match identifier constraint.
2. A method for DRM of protected digital content, as claimed in claim 1, wherein the identifier is a user identifier identifying a user of the device.
3. A method for DRM of protected digital content, as claimed in claim2, wherein the identifier is a user identifier of an RUIM or SIM or USIM.
4. A method for DRM of protected digital content, as claimed in claim 1, wherein the identifier is an International Mobile Subscriber Identity or an International Mobile Equipment Identity number.
5. A method for DRM of protected digital content, as claimed in claim 4, wherein the least one partial match identifier constraint are adjacent bits in the International Mobile Subscriber Identity.
6. A method for DRM of protected digital content, as claimed in claim 5, wherein the adjacent bits are adjacent least significant bits or an adjacent most significant bits.
7. A method for DRM of protected digital content, as claimed in claim 6, wherein the adjacent bits identifies a networks provider, or may identify a country, region, state or city.
8. A method for DRM of protected digital content, as claimed in claim 1, wherein the least one partial match identifier constraint includes matching from one or more of the following: a 10 most significant bits of the identifier; 10 least significant bits of the identifier; n adjacent bits of the identifier; n adjacent bits i bits from the least significant bit of the identifier; n adjacent bits i bits from the most significant bit of the identifier 1 1th and 12th least significant bits of the identifier; or 11th to 15h least significant bits of the identifier, wherein n and i are integers.
9. A method for DRM of protected digital content, as claimed in claim 8, wherein each partial match identifier constraint is allowed to be a combined with one or more other partial match identifier constraints by Boolean operators.
10. A device comprising: a memory storing both a protected digital content file and associated object rights, the object rights having an identifier and at least one partial match identifier constraint; a processor operatively coupled to the memory, at least one user interface and a keypad operatively coupled to the processor, wherein in response to a user command provided at the keypad the device determines from the rights object an identifier and at least one partial match identifier constraint, and thereafter allows the use by the user interface, governed by the rights object, of the protected digital content by the device only when the device identity device that identifies the device exactly matches the identifier or partially matches the identifier as stipulated by the at least one partial match identifier constraint.
11. A device, as claimed in claim 10, wherein the identifier is a user identifier identifying a user of the device.
12. A device, as claimed in claim 11, wherein the identifier is a user identifier of an RUIM or SIM or USIM.
13. A device, as claimed in claim 10, wherein the identifier is an International Mobile Subscriber Identity or an International Mobile Equipment Identity number.
14. A method for providing protected digital content, the method including:
Obtaining a device identity from a device to which the protected digital content is to be provided; and
Providing the protected digital content and an associated rights object, wherein the rights object contains an identifier obtained from the device identity and at least one partial match identifier constraint.
15 A method for providing protected digital content, as claimed in claim 14, wherein the identifier is a user identifier identifying a user of the device.
16. A method for providing protected digital content, as claimed in claim 15, wherein the identifier is a user identifier of an RUIM or SIM or USIM.
17. A method for providing protected digital content, as claimed in claim 14, wherein the identifier is an International Mobile Subscriber Identity or an International Mobile Equipment Identity number.
18. A method for providing protected digital content, as claimed in claim 16, wherein the least one partial match identifier constraint is adjacent bits in a telephone number corresponding to an International Mobile Subscriber Identity.
19. A method for providing protected digital content, as claimed in claim 14, wherein he least one partial match identifier constraint may suitably include matching from one or more of the following: a 10 most significant bits of the identifier; 10 least significant bits of the identifier; n adjacent bits of the identifier; n adjacent bits i bits from the least significant bit of the identifier; n adjacent bits i bits from the most significant bit of the identifier 11th and 12th least significant bits of the identifier; or 11th to 15h least significant bits of the identifier, wherein n and i are integers.
20. A method for providing protected digital content, as claimed in claim 14, wherein each partial match identifier constraint is allowed to be a combined with one or more other partial match identifier constraints by Boolean operators.
PCT/US2005/044532 2004-12-17 2005-12-08 Method and device for digital rights management WO2006065633A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNB2004100821620A CN100412743C (en) 2004-12-17 2004-12-17 Method and apparatus for digital rights management
CN200410082162.0 2004-12-17

Publications (2)

Publication Number Publication Date
WO2006065633A2 true WO2006065633A2 (en) 2006-06-22
WO2006065633A3 WO2006065633A3 (en) 2006-10-19

Family

ID=36588392

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/044532 WO2006065633A2 (en) 2004-12-17 2005-12-08 Method and device for digital rights management

Country Status (2)

Country Link
CN (1) CN100412743C (en)
WO (1) WO2006065633A2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2465769A (en) * 2008-11-27 2010-06-02 Symbian Software Ltd Method and apparatus relating to licenses necessary for the operation of a software application on a mobile terminal
CN103476149A (en) * 2013-09-27 2013-12-25 惠州Tcl移动通信有限公司 Method and system for automatically switching user modes by identifying IMSIs
US8869289B2 (en) 2009-01-28 2014-10-21 Microsoft Corporation Software application verification
EP2779009A3 (en) * 2013-03-13 2014-12-10 Rockwell Automation Technologies, Inc. Code-enabled remote activation of software for industrial automation systems
US9519799B2 (en) 2009-06-01 2016-12-13 Koninklijke Philips N.V. Dynamic determination of access rights

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9356935B2 (en) * 2006-09-12 2016-05-31 Adobe Systems Incorporated Selective access to portions of digital content
KR20090022997A (en) * 2007-08-29 2009-03-04 삼성전자주식회사 Method and apparatus for managing the DRM rights object
WO2009086661A1 (en) * 2007-12-29 2009-07-16 Motorola, Inc. User identification method and apparatus for multimedia priority service
CN102236750B (en) 2010-04-29 2016-03-30 国际商业机器公司 The method and apparatus of control of authority is carried out in cloud storage system
CN102907114A (en) * 2010-05-25 2013-01-30 皇家飞利浦电子股份有限公司 Controlling access of user to media content
CN102301777B (en) * 2011-05-27 2013-10-09 华为技术有限公司 Method and device for controlling parameter configuration

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6044471A (en) * 1998-06-04 2000-03-28 Z4 Technologies, Inc. Method and apparatus for securing software to reduce unauthorized use
US20050021539A1 (en) * 2003-03-07 2005-01-27 Chaticom, Inc. Methods and systems for digital rights management of protected content

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ID28829A (en) * 1999-04-14 2001-07-05 Matsushita Electric Ind Co Ltd DATA SETUP APARATUS, DATA SETTING METHOD AND RECORDING MEDIUM RECORDING DATA PROGRAM
US7191153B1 (en) * 1999-09-10 2007-03-13 Dphi Acquisitions, Inc. Content distribution method and apparatus
EP1222819B1 (en) * 1999-10-19 2004-07-21 Thomson Licensing S.A. System and method of verifying authorization for communicating protected content
KR100408287B1 (en) * 2001-06-15 2003-12-03 삼성전자주식회사 A system and method for protecting content
JP3763142B2 (en) * 2002-01-30 2006-04-05 ソニー株式会社 Privileged instruction execution control device, privileged instruction execution control method, and privileged instruction execution control program
US7577999B2 (en) * 2003-02-11 2009-08-18 Microsoft Corporation Publishing digital content within a defined universe such as an organization in accordance with a digital rights management (DRM) system
DE102004004101A1 (en) * 2003-03-14 2004-09-30 Siemens Ag Method and system for protecting electronic data objects against unauthorized access

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6044471A (en) * 1998-06-04 2000-03-28 Z4 Technologies, Inc. Method and apparatus for securing software to reduce unauthorized use
US20050021539A1 (en) * 2003-03-07 2005-01-27 Chaticom, Inc. Methods and systems for digital rights management of protected content

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2465769A (en) * 2008-11-27 2010-06-02 Symbian Software Ltd Method and apparatus relating to licenses necessary for the operation of a software application on a mobile terminal
US8229505B2 (en) 2008-11-27 2012-07-24 Nokia Corporation Method and apparatus for storing a software license
US8869289B2 (en) 2009-01-28 2014-10-21 Microsoft Corporation Software application verification
US9519799B2 (en) 2009-06-01 2016-12-13 Koninklijke Philips N.V. Dynamic determination of access rights
EP2779009A3 (en) * 2013-03-13 2014-12-10 Rockwell Automation Technologies, Inc. Code-enabled remote activation of software for industrial automation systems
CN103476149A (en) * 2013-09-27 2013-12-25 惠州Tcl移动通信有限公司 Method and system for automatically switching user modes by identifying IMSIs
US9503883B2 (en) 2013-09-27 2016-11-22 Huizhou Tcl Mobile Communication Co., Ltd. Method and system for automatically switching subscriber mode through identifying IMSI

Also Published As

Publication number Publication date
WO2006065633A3 (en) 2006-10-19
CN1790218A (en) 2006-06-21
CN100412743C (en) 2008-08-20

Similar Documents

Publication Publication Date Title
RU2260918C2 (en) System and method for safe and comfortable control of digital electronic content
CN100459780C (en) Robust and flexible digital rights management involving a tamper-resistant identity module
KR101242140B1 (en) Method of and system for generating an authorized domain
KR101238490B1 (en) Binding content licenses to portable storage devices
RU2395166C2 (en) Method for provision of access to coded content of one of multiple subscriber systems, device for access provision to coded content and method for generation of protected content packets
US8484720B2 (en) Service binding method and system
CN102934118B (en) Subscriber equipment and control method thereof
US20100250388A1 (en) Method and apparatus for protecting drm contents
US20080027867A1 (en) Methods, Systems and Computer Program Products for Determining Usage Rights for Digital Content Based on Characterizing Information Thereof and Related Devices
JP2010512606A (en) Method and apparatus for license creation in a mobile digital rights management network
US20100199105A1 (en) Method for playing digital contents and managing license and apparatus therefor
JP5837219B2 (en) Method and system for lending digital content
US20070094737A1 (en) Binding content to a user
KR20070120577A (en) Security method and apparatus for managing access to multimedia contents
CN100471110C (en) Method and apparatus for managing digital rights using a portable storage device
US20030009667A1 (en) Data terminal device that can easily obtain content data again, a program executed in such terminal device, and recording medium recorded with such program
US20050138400A1 (en) Digital content protection method
US20040133632A1 (en) Method and apparatus for supporting multiple digital-rights management systems
CN101031923B (en) Method, device and computer program product for activating the right of use of at least one secured content item
JP2010509696A (en) Method and apparatus for coupling content to another memory device
CN100476845C (en) Digital copyright management method
WO2006065633A2 (en) Method and device for digital rights management
WO2006123280A2 (en) Drm system for devices communicating with a portable device.
EP2325774A1 (en) Method and device for imposing usage constraints of digital content
CN102812470A (en) Content binding on first visit

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 05853454

Country of ref document: EP

Kind code of ref document: A2

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载