US20120137322A1 - System and method for distributing digital rights management digital content in a controlled network ensuring digital rights - Google Patents

Abstract

A system and method for managing digital rights includes receiving a Universal Resource Identifier (URI). The URI is used to identify a location for a user selected digital media item. The digital media item is to be played in a local area network (LAN). The selected digital media item is retrieved from a content server over a network connection. If the selected digital media item is encrypted, a license to decrypt the selected media item is obtained. Access to the license is based on a plurality of access rules, which are based on the terms of the license. The plurality of access rules may also include personal owner rules. If a request for the license adheres to the access rules, the license is received via a secure out of band transfer and the selected digital media item is decrypted for playback via one or more media rendering devices.

Description

RELATED APPLICATION
• This application is a divisional application of U.S. application Ser. No. 10/616,614, entitled “SYSTEM AND METHOD FOR DISTRIBUTING DIGITAL RIGHTS MANAGEMENT DIGITAL CONTENT IN A CONTROLLED NETWORK ENSURING DIGITAL RIGHTS,” which was filed on Jul. 9, 2003.
FIELD OF THE INVENTION
• The present invention is generally related to the field of digital rights management. More particularly, the present invention is related to a system and method for distributing digital content in a controlled network ensuring digital rights.
DESCRIPTION
• In the last few years, the use of digital media of all types, such as digital audio and video, has grown in popularity. As more and more users enjoy access to digital content, the risk to content providers of losing sales to content piracy increases. In fact, many content providers refrain from providing media content over the Internet because of piracy concerns. Digital Rights Management (DRM) technology protects the rights of content owners and enforces the proper use of the content by consumers. These rights, in the form of digital information, must be distributed and enforced by media rendering devices in a network environment.
• In a typical home network, a user may have digital content stored on the user's PC (personal computer). The user may also have other devices in the home that are capable of playing digital media, such as, for example, portable MP3 players, boom boxes, home theater systems, etc. The digital content stored on the PC may be rights-managed content. In many instances, the user may want to play the rights-managed digital content on any of the rendering devices in the home.
• Rights-managed content typically contains meta information to inform media renderers of which license to acquire and where the license may be acquired. The meta information may include a keyID. The keyID is a unique identifier for the license. The meta information may also include a licenseURI. The licenseURI is a reference to a license server that the media renderer is to use to acquire the license to play the content.
• The media renderer obtains a license to play the digital content from a license server using the reference keyID. Once a client acquires the license, a cryptographic key contained in the license is used to decrypt and render the media.
• Today, the license for the digital content is managed at a device level and not at a user level. In order to play the rights-managed content on other rendering devices, the user must obtain a license for a particular device and the license is downloaded for that particular device. Thus, the file for that license can only be played on the device in which the license was obtained. In other words, the user is not licensed to play the file on any device in the home although the user is willing to pay for the license. This is a major impediment when there are many rendering devices in the home, such as, but not limited to, home A/V (audio/video) equipment, PCs, MP3 players, digital video recorders, etc. The user may have content stored, perhaps on the PC, but may also want to play the content on another device within the home. Today's digital rights management licensing technology does not support this scenario.
• Thus, what is needed is a system and method for enabling a licensed user to distribute digital content on more than one device within the home in a secure manner. What is further needed is a local license server for managing the distribution of licenses in the home to enable various devices within the home to request and receive a license to play rights-managed content.
BRIEF DESCRIPTION OF THE DRAWINGS
• The accompanying drawings, which are incorporated herein and form part of the specification, illustrate embodiments of the present invention and, together with the description, further serve to explain the principles of the invention and to enable a person skilled in the pertinent art(s) to make and use the invention. In the drawings, like reference numbers generally indicate identical, functionally similar, and/or structurally similar elements. The drawing in which an element first appears is indicated by the leftmost digit(s) in the corresponding reference number.
• FIG. 1 is a block diagram illustrating an exemplary system architecture for distributing DRM digital content in a controlled network ensuring digital rights according to an embodiment of the present invention.
• FIG. 2 is a flow diagram describing an exemplary method for distributing DRM digital content in a controlled network ensuring digital rights according to an embodiment of the present invention.
• FIG. 3 is a flow diagram describing an exemplary method for obtaining a license for a digital media item according to an embodiment of the present invention.
• FIG. 4 is a flow diagram describing an exemplary method for enabling a media renderer to acquire a license from a local license server to enable playback of digital media on a media rendering device.
DETAILED DESCRIPTION
• While the present invention is described herein with reference to illustrative embodiments for particular applications, it should be understood that the invention is not limited thereto. Those skilled in the relevant art(s) with access to the teachings provided herein will recognize additional modifications, applications, and embodiments within the scope thereof and additional fields in which embodiments of the present invention would be of significant utility.
• Reference in the specification to “one embodiment”, “an embodiment” or “another embodiment” of the present invention means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, the appearances of the phrase “in one embodiment” appearing in various places throughout the specification are not necessarily all referring to the same embodiment.
• Embodiments of the present invention are directed to a system and method for distributing digital rights management (DRM) digital content in a controlled network ensuring digital rights. This is accomplished by employing a local license server. In one embodiment, the local license server may be implemented within a home media server. In other embodiments, the local license server may be implemented anywhere in the controlled network. The local license server provides programmatic interfaces to acquire and distribute licenses to any rendering device on a home network. A media rendering device on the home network may request and receive a license to play rights-managed digital content. Other devices on the home network may also request and receive licenses to play the same rights-managed digital content. This eliminates the need to obtain a license for a particular rendering device. The local license server maintains and enforces the terms of the license agreement. All of this is accomplished with very little user intervention.
• FIG. 1 is a block diagram illustrating anexemplary system architecture100 for distributing digital rights management (DRM) digital content in a controlled network ensuring digital rights.System architecture100 comprises ahome network102 and a wide area network (WAN), such as the Internet116.Home network102 is coupled to Internet116.Home network102 may be coupled to Internet116 using dial-in connections, high-speed cable, digital subscriber lines (DSL), or any other well-known manner.
• Home network102 is a local area network (LAN) that connects computers, audio/video players, televisions, personal digital assistants (PDAs), etc. using a wired or wireless medium, such as, for example, Ethernet or Bluetooth (or any other wireless protocol based on the IEEE 802.11 standard, IEEE Standards for Information Technology—Telecommunications and Information Exchange Between Systems, ISO/IEC 8802-11 (1999)), respectively.Home network102 comprises ahome media server104, amedia renderer108, a plurality of media rendering devices, such as, for example, a media player orsound device110, a TV or othermedia display device112, and a personal computer (PC)122, and acontrol point114. Media player orsound device110 may include, but is not limited to, a compact disk (CD) player, a MPEG-audio layer3 (MP3) player, Windows Media Audio (WMA) player, etc. Other media display devices may include, but are not limited to, digital versatile disc (DVD) players, video digital recorders (VDRs), home theater systems, etc.
• Home media server104 is a server located in the home that contains references to encrypted DRM media. In one embodiment,home media server104 contains an enumeration of all of the media items, including a Universal Resource Identifier (URI) of each media item (i.e., where the media may be located) and the type of each media item, such as, for example, music, movies, video games, etc. In another embodiment,home media server104 may also contain the actual media itself. Applications, such as, but not limited to, browser applications, onhome network102 may be used to browsehome media server104. In one embodiment,home media server104 may include alocal license server106 co-located withinhome media server104. In an alternative embodiment,local license server106 may be located outside ofhome media server104, yet co-located withhome media server104.
• Local license server106 is a license server that manages digital media rights inhome network102. Local license server provides programmatic interfaces to acquire, manage, and distribute licenses to any rendering devices onhome network102.Local license server106 will be discussed in more detail below.
• Media renderer108 is a device that can play digital media or aid in playing digital media available from a wide-area network (WAN), such asInternet116. In one embodiment,media renderer108 may be a set-top box. In another embodiment,media renderer108 may be a media center. In one embodiment,media renderer108 may be a UPnP™ device, thus enablingmedia rendering devices110 and112 to also be UPnP™ devices.
• Media renderer108 is capable of recognizing media, and can retrieve the keyID and the licenseURI from encrypted media content prior to decrypting. As previously stated, the keyID is a unique identifier for a license and the licenseURI is a reference to a license server that media renderer108 may use to acquire a license to play the desired digital content.
• Control point114 is a wireless device similar to a remote control, PDA, or any other device that aids in controlling components within a home network, such ashome network102.Control point114 sends and receives control actions and responses to operate various devices onhome network102, such as, but not limited to,home media server104,local license server106, andmedia renderer108, and provides information for obtaining media licenses.Internet116 may comprise, inter alia, one or more content servers, such ascontent server120, and one or more license servers, such aslicense server118.Content server120 is an Internet-based server for storing encrypted media created by various content providers. The encrypted media stored oncontent server120 may be retrieved by clients overInternet116. In one embodiment,content server120 may be a Web server that stores and provides rights-managed content to clients. In another embodiment,content server120 may be a media server for storing and streaming digital media. In yet another embodiment,content server120 may store and stream digital media, including rights-managed digital content to clients.
• License server118 is an Internet-based server for storing and managing licenses for any form of media. A pointer to licenseserver118 is referred to as the licenseURI. The licenses inlicense server118 are indexed. The keyID identifies a particular license inlicense server118.
• Embodiments of the present invention uselocal license server106 to provide key functionalities for enabling the distribution of licenses to media rendering devices, such asmedia rendering devices110,112, and122, withinhome network102. For example,local license server106 retrieves the keyID and licenseURI of the desired license fromcontrol point114 and provides a means to acquire the license fromlicense server118.Local license server106 provides a secure method to distribute the acquired license inside the home network by making sure that the license is not being infringed. This is accomplished by managing rules underlying the license from license servers, such aslicense server118.Local license server106 also provides an interface to manage and share the digital rights management digital content.
• FIG. 2 is an exemplary flow diagram200 describing a method for distributing DRM digital content in a controlled network ensuring digital rights according to an embodiment of the present invention. The invention is not limited to the embodiment described herein with respect to flow diagram200. Rather, it will be apparent to persons skilled in the relevant art(s) after reading the teachings provided herein that other functional flow diagrams are within the scope of the invention. The process is described from the perspective ofcontrol point114. The process begins withblock202, where the process immediately proceeds to block204.
• Inblock204,control point114 enables a user to browsehome media server104 to select a media item to be played. When the media selection has been made,control point114 receives a URI fromhome media server104 for the media item selected by a user. The URI indicates a particular digital media item that the user desires to be played on one or more ofmedia renderer devices110,112, and/or122 inhome network102.
• Inblock206,control point114 sends a request tomedia renderer108 to retrieve and play the selected digital media item. The request includes the URI for the particular digital media item. Oncemedia renderer108 retrieves the desired digital media item and determines that the media item requires a license to be played (which is indicated as an event to control point114),control point114 will receive the keyID and licenseURI for the digital media item frommedia renderer108 inblock208.
• Inblock210,control point114 checkslocal license server106 to see if the license identified by the keyID and licenseURI is available atlocal license server106.
• Indecision block212, it is determined whether the license is available fromlocal license server106. If the license is not available fromlocal license server106,control point114 will send a message tolocal license server106 to retrieve the license from a license server (block214).Local license server106 will retrieve the license using the keyID and licenseURI from the license server designated by the licenseURI, such aslicense server118. The process employed bylocal license server106 to retrieve the license is described in detail below with reference toFIG. 3. The process then proceeds todecision block216.
• Indecision block216, it is determined whetherlocal license server106 has retrieved the license fromlicense server118. Iflocal license server106 has not retrieved the license, the process remains atblock216 to wait untillocal license server106 has retrieved the license. If a predetermined time has passed withoutcontrol point114 receiving an indication thatlocal license server106 has received the license, the process will timeout. Iflocal license server106 has retrieved the license,control point114 will receive an indication fromlocal license server106 that the license has arrived and the process will proceed to block218.
• Returning to decision block212, if it is determined that the license is available atlocal license server106, the process proceeds to block218.
• Inblock218,control point114 retrieves a location URI of the license fromlocal license server106. The location URI is the location of the license atlocal license server106. The location URI is then sent tomedia renderer108 to enablemedia renderer108 to acquire the license, based on the rules or terms of the license, fromlocal license server106 and decrypt the media content to enable play of the selected media item on the appropriate media device(s) (block220). The process for enabling media renderer108 to acquire the license, based on the rules of the license, is described below with reference toFIG. 4.
• FIG. 3 is an exemplary flow diagram300 describing a method for obtaining a license for a digital media item according to an embodiment of the present invention. The invention is not limited to the embodiment described herein with respect to flow diagram300. Rather, it will be apparent to persons skilled in the relevant art(s) after reading the teachings provided herein that other functional flow diagrams are within the scope of the invention. The process begins withblock302, where the process immediately proceeds to block304.
• Inblock304,local license server106 establishes a secure connection to controlpoint114 to obtain all necessary user credentials for acquiring a new license. In one embodiment, a secure sockets layer (SSL) protocol is used to establish a secure connection. One skilled in the relevant art(s) would know that other secure protocols may also be used as well. The necessary user credentials may include, but are not limited to, user name and address, credit card number, expiration date of the credit card, the terms of the new license sought to be obtained, etc. The terms of the new license may include, but are not limited to, the number of times the media item may be played, the number of devices the media item may be played on at one time, when the license expires, etc. After the secure connection is established,local license server106 retrieves the necessary user information fromcontrol point114 inblock306.
• Inblock308,local license server106 identifies a license server using the licenseURI and establishes a secure connection to the license server onInternet116.
• Inblock310,local license server106 sendslicense server118 the required information to obtain the new license. The required information includes the keyID and the necessary user information received fromcontrol point114.
• Inblock312, the local license server acquires the new license using the keyID. The new license includes the terms or rules of the license that must be adhered to bylocal license server106 in maintaining and enforcing the license. After acquiring the new license,local license server106 informscontrol point114 that the new license is now available (block314).
• FIG. 4 is an exemplary flow diagram400 further describing a method for enabling a media renderer to acquire a license from a local license server to enable play of a digital media item on a media device. The invention is not limited to the embodiment described herein with respect to flow diagram400. Rather, it will be apparent to persons skilled in the relevant art(s) after reading the teachings provided herein that other functional flow diagrams are within the scope of the invention. The process begins withblock402, where the process immediately proceeds to block404.
• Inblock404,media renderer108 receives a URI fromcontrol point114 for the user selected digital media item to be retrieved. Using the URI,media renderer108 retrieves the digital media item from a content server, such ascontent server120, inblock406. In one embodiment, a simple Hypertext Transfer Protocol (HTTP) GET request may be used to retrieve the selected digital media item. One skilled in the relevant art(s) would know that other protocols may also be used.
• The media item may be encrypted. If the media item is encrypted, a license must be obtained to enablemedia renderer108 to play the selected media item. As previously indicated, the licenseURI and keyID, which are not encrypted, but are included in the encrypted digital media item, may be obtained bymedia renderer108 to determine the location of the license. When media renderer108 determines that the media item is encrypted,media renderer108 obtains the keyID and licenseURI from the retrieved media item and sends them to control point114 (block408). As previously indicated, the keyID and licenseURI are used bylocal license server106 to retrieve the license. The process then proceeds todecision block410.
• Indecision block410, it is determined whethercontrol point114 has indicated that the license is available from the local license server. Ifcontrol point114 has not sent an indication that the license is available fromlocal license server106, thenmedia renderer108 will send a message tolocal license server106 viacontrol point114 to obtain the license from a license server, such aslicense server118, using the licenseURI and keyID (block412). In one embodiment,media renderer108 may send the message directly tolocal license server106 to obtain the license from the license server. The process then returns to decision block410 to see ifcontrol point114 has indicated that the license is available atlocal license server106.
• Indecision block410, ifcontrol point114 has provided an indication that the license is available fromlocal license server106, the indication will include a location URI. The location URI provides the location of the license withinlocal license server106. The process then proceeds to block414.
• Inblock414,media renderer108 establishes a secure connection tolocal license server106. Using the location URI, media renderer108 requests that the license be sent fromlocal license server106 to enable the decryption of the user's selected media item inblock418. Note that the license contains a key that enablesmedia renderer108 to decrypt the media content.
• Beforelocal license server106 may send the requested license,local license server106 must validate license access rules to determine whether the license may be transferred tomedia renderer108. License access rules include the terms of the license. For example, if the license was obtained for enabling play of the media item five (5) times and the media item has already been played 5 times,local license server106 will adhere to the access rules of the license and will deny the license tomedia renderer108. This requireslocal license server106 to manage the license by tracking the usage of the license. In another example, if the license requires that the media be played on a maximum of two devices,local license server106 must ensure that media renderer108 will not play the media on more than two media rendering devices before transferring the license tomedia renderer108. Thus, embodiments of the present invention allow other media devices within the home network to also play the media content if the terms of the license purchased by the user allow for multiple devices to be used. Therefore, embodiments of the present invention do not limit the playback of media content to one device on the home network, but allow multiple devices to play the media content at the same time.
• In one embodiment, license access rules may include owner rules for playing media licenses. Owner rules are personal rules that are integrated into the license access rules to be used bylocal license server106 in managing a license. Owner rules may include, but are not limited to, an indication of who can play the selected digital media, an indication of when the selected digital media can be played, and an indication as to the number of times the digital media can be played by certain individuals. For example, a parent may purchase a license to play a video game for his/her children, but the parent only wants the children to play the game on weekends. The parent may stipulate a rule tolocal license server106 that when the game is requested by his/her children, that the license be transferred tomedia renderer108 only on weekends. In this instance, local license server may only provide the license on a Saturday or Sunday.
• Indecision block416, it is determined whether the license is valid. Again, this process is performed bylocal license server106 as indicated above. If the license is valid, control passes to block418.
• Inblock418, the license is sent tomedia renderer108 via a secure out of band license transfer. The key from the license is then used bymedia renderer108 to decrypt the media content.
• Inblock420, play of the digital media item is then enabled on the desired media device(s). Once the digital media item has been played, the digital media item is no longer located atmedia renderer108.
• Returning to decision block416, iflocal license server106 determines the indicated use of the license to be invalid, the license is not sent tomedia renderer108. Therefore, the digital media item cannot be decrypted, and the process proceeds to block422, where the process ends.
• Certain aspects of embodiments of the present invention may be implemented using hardware, software, or a combination thereof and may be implemented in one or more computer systems or other processing systems. In fact, in one embodiment, the methods may be implemented in programs executing on programmable machines such as mobile or stationary computers, personal digital assistants (PDAs), set top boxes, cellular telephones and pagers, and other electronic devices that each include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and one or more output devices. Program code is applied to the data entered using the input device to perform the functions described and to generate output information. The output information may be applied to one or more output devices. One of ordinary skill in the art may appreciate that embodiments of the invention may be practiced with various computer system configurations, including multiprocessor systems, minicomputers, mainframe computers, and the like. Embodiments of the present invention may also be practiced in distributed computing environments where tasks may be performed by remote processing devices that are linked through a communications network.
• Each program may be implemented in a high level procedural or object oriented programming language to communicate with a processing system. However, programs may be implemented in assembly or machine language, if desired. In any case, the language may be compiled or interpreted.
• Program instructions may be used to cause a general-purpose or special-purpose processing system that is programmed with the instructions to perform the methods described herein. Alternatively, the methods may be performed by specific hardware components that contain hardwired logic for performing the methods, or by any combination of programmed computer components and custom hardware components. The methods described herein may be provided as a computer program product that may include a machine readable medium having stored thereon instructions that may be used to program a processing system or other electronic device to perform the methods. The term “machine readable medium” or “machine accessible medium” used herein shall include any medium that is capable of storing or encoding a sequence of instructions for execution by the machine and that causes the machine to perform any one of the methods described herein. The terms “machine readable medium” and “machine accessible medium” shall accordingly include, but not be limited to, solid-state memories, optical and magnetic disks, and a carrier wave that encodes a data signal. Furthermore, it is common in the art to speak of software, in one form or another (e.g., program, procedure, process, application, module, logic, and so on) as taking an action or causing a result. Such expressions are merely a shorthand way of stating the execution of the software by a processing system to cause the processor to perform an action or produce a result.
• While various embodiments of the present invention have been described above, it should be understood that they have been presented by way of example only, and not limitation. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined in the appended claims. Thus, the breadth and scope of the present invention should not be limited by any of the above-described exemplary embodiments, but should be defined in accordance with the following claims and their equivalents.

Claims (12)

1. A system for managing digital rights media, comprising:

a home network coupled to a wide area network, the home network including a home media server, the home media server containing references to encrypted digital media items, the home media server including a local license server, the local license server including a plurality of licenses for the encrypted digital media items, wherein the local license server manages distribution of the plurality of licenses based on key identification and distribution access rules for each of the licenses; and

a media renderer, coupled to the home media server, to retrieve, decrypt and play the encrypted digital media items, wherein the media renderer retrieves the encrypted digital media items from the wide area network and wherein the encrypted digital media items are decrypted using a key supplied by the licenses for the encrypted digital media items.

2. The system ofclaim 1, wherein the home network further comprises:

one or more media rendering devices coupled to the media renderer to enable playback of the encrypted digital media items to a user; and

a controller, wirelessly coupled to each of the home media server, the media renderer, and the media rendering devices to control the home network.

3. The system ofclaim 2, wherein the one or more media rendering devices comprises at least one of a compact disk (CD) player, a MPEG-audio layer3 (MP3) player, a Windows Media Audio (WMA) player, a digital versatile disc (DVD) player, a television (TV), a video digital recorder (VDR), and a home theater system.

4. The system ofclaim 2, wherein the media renderer to distribute the encrypted digital media items to the one or more media rendering devices.

5. The system ofclaim 2, wherein the media renderer further to extract unencrypted meta data from the encrypted digital media items corresponding to the licenses, the unencrypted meta data including a key identifier and a license Universal Resource Identifier (URI) for each of the plurality of licenses, the key identifier identifies a particular license and the license URI identifies where the particular license can be found.

6. The system ofclaim 5, wherein the media renderer to send the key identifier and the license URI for the particular license to the controller, the controller further to determine whether the particular license is available from the local license server.

7. The system ofclaim 6, wherein the local license server further to:

(i) retrieve the particular license from a license server on the wide area network using the key identifier and the license URI in response to the controller determining that the particular license is not available from the local license server; and

(ii) send the particular license retrieved to the media renderer.

8. The system ofclaim 6, wherein the local license server further to send the particular license to the media renderer in response to the controller determining that the particular license is available from the local license server.

9. The system ofclaim 1, wherein the licenses for the encrypted digital media items not located within the local license server are retrieved from a license server on the wide area network using the local license server.

10. The system ofclaim 1, wherein the local license server manages the distribution of each of the licenses by not releasing a license corresponding to an encrypted digital media item if a request for the license does not adhere to the access rules for the license, wherein the access rules for the license are based on terms of the license.

11. The system ofclaim 10, wherein the access rules include at least one of a number of times the encrypted digital media item is to be played, a number of media rendering devices the encrypted digital media item may be played on at one time, an expiration of the license, and a length of time a user may play the encrypted digital media item.

12. The system ofclaim 1, wherein the access rules are based on terms of the licenses and personal owner rules regarding playing the encrypted digital media items, wherein the personal owner rules regarding playing an encrypted digital media item include at least one of an indication of who can play the encrypted digital media item, an indication of when the encrypted digital media item can be played, and an indication as to the number of times the encrypted digital media item can be played by certain individuals.

Images