CN1908922B - Method and device for obtaining controlled content or information in DVD disc and method for operating DVD device - Google Patents

Method and device for obtaining controlled content or information in DVD disc and method for operating DVD device Download PDF

Info

Publication number
CN1908922B
CN1908922B CN2006101014647A CN200610101464A CN1908922B CN 1908922 B CN1908922 B CN 1908922B CN 2006101014647 A CN2006101014647 A CN 2006101014647A CN 200610101464 A CN200610101464 A CN 200610101464A CN 1908922 B CN1908922 B CN 1908922B
Authority
CN
China
Prior art keywords
control
information
equipment
shielded
dvd
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CN2006101014647A
Other languages
Chinese (zh)
Other versions
CN1908922A (en
Inventor
V·H·希尔
O·W·西伯特
D·M·范维
R·P·维伯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Intertrust Technologies Corp
Original Assignee
Intertrust Technologies Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US08/689,754 external-priority patent/US6157721A/en
Priority claimed from US08/689,606 external-priority patent/US5943422A/en
Priority claimed from PCT/US1996/014262 external-priority patent/WO1998010381A1/en
Application filed by Intertrust Technologies Corp filed Critical Intertrust Technologies Corp
Publication of CN1908922A publication Critical patent/CN1908922A/en
Application granted granted Critical
Publication of CN1908922B publication Critical patent/CN1908922B/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Abstract

A rights management arrangement for storage media such as optical digital video disks (DVDs, also called digital versatile disks) provides adequate copy protection in a limited, inexpensive mass-production, low-capability platform such as a dedicated home consumer disk player and also provides enhanced, more flexible security techniques and methods when the same media are used with platforms having higher security capabilities. A control object (or set) defines plural rights management rules for instance, price for performance or rules governing redistribution. Low capability platforms may enable only a subset of the control rules such as controls on copying or marking of played material. Higher capability platforms may enable all (or different subsets) of the rules. Cryptographically strong security is provided by encrypting at least some of the information carried by the media and enabling decryption based on the control set and/or other limitations. A secure 'software container' can be used to protectively encapsulate (e.g. by cryptographic techniques) various digital property content (e.g. audio, video, game, etc) and control object (i.e. set of rules) information. A standardized container format is provided for general use on/with various mediums and platforms. In addition, a special purpose container may be provided for DVD medium and appliances (e.g., recorders, players, etc) that contains DVD program content (digital property) and DVD medium specific rules. The techniques, systems and methods disclosed herein are capable of achieving compatibility with other protection standards, such as CGMA and Matsushita data protection standards adopted for DVDs. Cooperative rights management may also be provided, where plural networked rights management arrangements collectively control a rights management event on one or more of such arrangements.

Description

Obtain method and the device of DVD disc controlled content or information, the method for operating dvd apparatus
The application is that the application number submitted on Dec 31st, 2002 is 02160594.7, denomination of invention is divided an application for the one Chinese patent application of " obtaining method and the device of DVD disc controlled content or information, the method for operating dvd apparatus ".
Cross reference about application and patent
This instructions is quoted the instructions and the accompanying drawing of following publication formerly, common transfer.
PCT publication number WO96/27155; Submission date is on September 6th, 1996; Name is called " in the system and method for secure transaction management and electronic rights protection ", and this is based on the people's such as Ginter of PCT application PCT/US96/02303 that submitted on February 13rd, 1996 and submission on February 13 nineteen ninety-five U.S. Patent application (series number is 08/388107) (below be called people such as Ginter patent);
U.S. Patent number 4827508, name is called " method ", and the submission date is on May 2nd, 1989;
U.S. Patent number 4977594, name is called " method ", and the submission date is Dec 11 nineteen ninety;
U.S. Patent number 5050213, name is called " method ", and the submission date is on September 17th, 1991;
U.S. Patent number 5410598, name is called " method ", and the submission date is April 25 nineteen ninety-five;
European patent number EP329681, name is called " method ", and the submission date is on January 17th, 1996.
In addition, this instructions is quoted the instructions and the accompanying drawing of following publication formerly, common transfer.
PCT application number PCT/US96/14262, the submission date is on September 4th, 1996, name is called "
Formula is calculated and be commissioned foundation structure back-up system, method and the technology of managing entitlement ", the U.S. Patent Application Serial 08/699712 that it was submitted to corresponding on August 12nd, 1996 (below be called people's such as Shear);
The PCT application number _ _ _ _ _ _ _; Submission date be 1997 _ _ _ month _ _ _ day; Name is called " in hidden (steganographic) technology of on the insecure communication passage, transmitting the control information of electronic digit managing entitlement safely ", and it is corresponding to the U.S. Patent Application Serial 08/689606 of Van Wie that submitted on August 12nd, 1996 and Weber etc. (below be called people's such as Van Wie and Weber); And
The PCT application number _ _ _ _ _ _ _ _; Submission date be 1997 _ _ month _ _ day; It is based on people's such as the Silbett that submitted on August 12nd, 1996 and Van Wie U.S. Patent Application Serial 08/689754, and name is called " system and method for protecting secured computing environment with cryptography " (below be called people's such as Silbert and Van Wie).
Technical field
The present invention relates to adopt the information protective technology of cryptography; More particularly relating to encrypting the technology-portable medium manage the right of canned data on the portable medium for example is optical medium, such as digital video disk (also claiming " digital multi-purpose disk " and or " DVD ").It is technological to the present invention also relates to have information protection and the managing entitlement that can select to use according to other attribute that for example is the device resource (for example PC or independent play-out machine) that uses of consumer, equipment (such as whether connecting and/or generally connect certain information network (" connections " is with respect to " connecting ")) and available right.Further partly relating to cooperation managing entitlement-wherein a plurality of networking managing entitlement equipment jointly controls a managing entitlement incident on one or more this equipment in the present invention.In addition, adopted the managing entitlement of importance of the present invention, be applicable to through broadcasting and/or network download and/or with-independently still be the electronic information that obtains with portable medium combination-non-portable storage media no matter with portable medium.
Background technology
The household consumption electronic equipment that can play the video/audio in the prerecording medium has made show business obtain changing.This transformation 20 beginnings of the century owing to phonographic invention begin-phonograph makes the consumer be able to select the random time to listen to its band of liking, orchestra or singer's program at home first.Begin the beginning of the eighties to have the boxlike that the charge is small to record/put machine, the deep reform that this has caused film and broadcast service has produced household consumption markets such as brand-new film, documentary film, music movie and television film, physical training movie and television film.
Show business is being pursued the best medium to family consumer's propagating contents always.By Thomas. the early stage phonograph cylinder of Edison and other phonograph pioneer invention has the advantage of the difficulty of duplicating; But have various shortcomings, for example manufacturing cost is high, resistanee to rupture is low, playback duration is very limited, playback quality is relatively low, it is frayed to be prone to, infringement that scrape or melt.The cake wax of exploitation and vinyl disc record can hold more multitone pleasure afterwards, but many shortcomings same as described above are arranged.On the other hand, the manufacturing cost of tape is very low, can hold a large amount of programme content (for example 2,4 even 6 hours image and/or sound).The quality of this tape playback of programs content is higher relatively, not fragile or wearing and tearing.Yet although tape has many obvious advantages than other medium, show business never is regarded as a kind of ideal or best medium with it, and reason is that it is very easy to duplicate.
Tape has very flexible characteristics, is to record the tape ratio and is easier to.Really, it is the same with the playback prerecorded content easy that the process of recording tape is close to.Because it is relatively easy to record tape, so household consumption tape unit manufacturer provides the equipment with double-mode always, can record tape again can the playback tape.So family's sound-track engraving apparatus and video tape recorder all have " a recording " button traditionally, allow the consumer on empty tape, to record its oneself programme content.Although this recording function (for example gives consumer's more flexibility; Can write down language confession later the listening of future generation that the child says the earliest; Can record the soap opera that broadcasts afternoon supplies see evening), but unfortunately, this also is the hotbed of pirate industry; The annual illegal imitated tape of producing of illegal piracy industry has millions of, and amount of money involved has multi-million dollar.The scope of this illegal piracy activity is international, and all seized huge profit every year from the main entertainment content in world manufacturer hand.Show business must be with these loss transfers to consumer's head of honesty, and the result causes the box office price higher, and the price and the rent of video-tape and audiotape are higher.
The mid-80, audio entertain mem have already been developed CD, as a kind of response of this type problems to some.CD is the thin dishes of the silver color plastics of a kind of diameter number inch, can store one hour or music or other audio program of longer time with digital format.This type CD also was used to storing computer data afterwards.This dish manufacturing cost can be very low, owing to adopt digital technology record and recovering information, so noise resistance, playback quality is high.Because CD can be made of plastic, so in light weight, frangible is not good at tolerating the damage (vinyl records unlike former scratches easily, even receives the phonographic wearing and tearing of normal running) that the normal use of user causes.And, because it is bigger than the difficulty of playback CD to record CD so far, so; Household consumption equipment will possess to be recorded and the playback dual-use function; Simultaneously expense usefulness is the same worthwhile, also impossible in the recent period with equipment that can only playback, thereby has significantly reduced the possibility of bootlegging.Because these unrivaled advantages, music industry has promptly been accepted the old vinyl records of this new optical digital disk technology-almost replaced in recent years.
Really; Owing to there is not the managing entitlement technology; Unauthorized replication is simply easy, is widely current, and this threat clearly is to cause data audio tape (DAT) as medium as family's recording of the medium of music communication-a more important thing is-move towards key factor of extinction.The right owner of recording music comes down hard upon to lack the widespread commercialization of the cheap DAT technology of managing entitlement function, and this is because the faithful to fully digital source on music CD for example of digital recording.Certainly, lacking managing entitlement is not to be unique acting factor, because compare with CD, magnetic tape format makes the random access difficulty, for example played songs out of turn.
Video entertainment already is faced with a similar change that causes with music CD, and its basis is the digital format film that on high capacity read-only optical medium, distributes.For example, the optical digital disk technology has developed into such stage, now except can recording the out of Memory to digitizing, can also with whole pictures (adding sound accompaniment) digitizing of a film be recorded on the one side of 5 inches plastic discs.Same CD also can hold a plurality of quality digital sound channels (for example, record home theater multichannel " around " sound and/or on same Zhang Guangpan, record multilingual film dialogue).Same technology makes individual frame or the picture of access movie become possibility to reproduce still image, more excitingly is, it provides a kind of unprecedented " random access " playback function, and former household consumption equipment is had no precedent this function.This " random access " playback function for example can be used for deletion violence, obscene words or bare content when playback, makes child's father and mother just can select " PG " playback version of one " R " grade film by individual button." random access " function (for example allows fitness enthusiasts only to select to help in the body-building movie and television film that part of content of specific certain day exercise) aspect allowing spectators and prerecording the content exchange effect also has exciting possibility.This respect content for example can be read " application requirements of new video program design " literary composition in the DVD plenary lecture compilation, and (this conference is held by Interactive Multimedia Association; Date: October 19~20 nineteen ninety-five, place: the Sheraton Universal restaurant in California, USA Universal city).
The part example of the DVD series of products of optical medium:
● DVD (digital video disk, digital multi-purpose disk), an one of which indefiniteness example comprise the consumer device of the film of recording on the ability DVD playing back dish;
● DVD-ROM (DVD ROM (read-only memory)), an one of which indefiniteness example comprise DVD read driver and the dish that links to each other with computing machine or miscellaneous equipment;
● DVD-RAM (DVD RAS); An one of which indefiniteness example comprises one to be read-write driver and optical medium, is installed in consumer device and the computing machine that for example is used for family's program recording or is used for the miscellaneous equipment of the widest scope of application-specific;
● current known or unknown any other high capacity optical medium.
Certainly, DVD series is not limited to be used on the film.The same with CD series, they also can be used to store other kinds of information, for example:
● recording
● software
● database
● recreation
● Karaoke
● multimedia
● long-distance education
● document
● policy and handbook
● the numerical data of any kind of or out of Memory
● the combination in any of various numerical datas or out of Memory
● any current other known or unknown purposes.
DVD purposes scope extensive proposed a technological challenge: the image of the information content of on this type DVD dish, propagating-possibly be any kind of, sound or other data or information in broad terms; Or the sufficient protection of any combination between them-how to access; Meanwhile keep even farthest improve consumer's dirigibility? The extensive requirement that new technology (mainly being aspect the video) is proposed is; With regard to the degree that allows to duplicate; (a) allow the consumer that programme content is made the one-level copy, give over to personally, but forbid that the consumer makes " copy of copy "; Promptly given property is made many generation copies (making honest person keep honest like this), otherwise (b) allow the right owner is not hoped copy protection or the home built property of consumer make unconfined copy.
Yet; Only this simple and limited copy protection is provided with inextensible mode; Possibly be very shortsighted-because no matter now or in the future; Complicated more protection and/or managing entitlement target can be very useful (for example: more sound with optionally use copy protection technology and other resist technology; Realize paying and watch mode, the consumer can utilize enhancement function, just can extract programme content or interactively such as the payment extra cost and watch program, accepts credit of propagating again or the like).In addition, when solving protection and managing entitlement target best, for example, still do not network according to available device resource and/or equipment networking, distinguishing and take seriously with the relevant commercial opportunity of information is provided through dvd media is exceedingly useful with becoming the side of body.
More complicated managing entitlement function also will allow acoustic image make and other film and/or the owner of a right of disc manage these assets better; For example; Allow the side of being authorized to duplicate digital movie, acoustic image works-no matter be special or optional works; Be used to create derivative works, wherein multimedia game for example.The solution of the protection dvd content that proposes up to now generally just concentrates on the limited copyright protection target, fails fully to relate to even do not recognize more the managing entitlement target and the requirement of complicacy.More particularly; The copyright protection scheme that the initial generation of a kind of DVD of being used for equipment and medium is arranged; Its basis is at first by a kind of encryption method and simple CGMA control routine of the exploitation of Matsushita company, and the copy type that the latter indicates permission has: a generation is duplicated, must not be duplicated, infinite copy.
Summary of the invention
Will solve the information protection and the problem of management that have comprised such as in the system of the high capacity optical medium of DVD comprehensively, wherein require to have the method and system that can solve following two big types of problems: (a) number-Mo changes (or on the contrary); (b) in the environment of networking and not networking, use this type optical medium.The invention that this paper discloses relates to these problems and other problem.For example, with regard to mould one number conversion (or opposite), according to the present invention, some information that imagination has at least some to be used to protect property and/or describe the digital form of managing entitlement and/or control information also can be transmitted with simulating signal.For example, make the equipment of conversion to another kind of form/medium, comprise some or all control and identification information in the new context, perhaps in transfer process, initiatively do not delete this information at least from a kind of form and/or medium.In addition, the present invention provides control, managing entitlement and/or the sign solution that field generally is provided, and the critical that can in subscriber equipment, computing machine and miscellaneous equipment, implement technology is provided.An object of the present invention is, provide not only useful but also in the useful powerful managing entitlement technology of computer market, and differentiation becomes possibility with commerce model to make technical capability in the future in consumer electronics market.Another indefiniteness purpose is, provides a kind of and existing limited function copy protection and the industrial standard that is used to encrypt of being used for compatible as far as possible, comprehensively control, managing entitlement and/or sign solution.
Managing entitlement provided by the invention and resist technology satisfy the limited copy protection target to film that current show business requires fully, also have dirigibility and extensibility simultaneously, can extensive more complicated managing entitlement selection scheme and the function of accommodation.
Importances more of the present invention (will discuss in more detail in addition among the application) comprising:
● (for example rule and the consequences for use control information of information recorded associated control information on selection and the dvd media; It comprises the key element example of the virtual communication environments (VDE) of indefiniteness); Its at least part based on the classification of equipment, the for example type of equipment, available resources and/or right;
● allow this type selection control information at least part be a sub-set of control information used on miscellaneous equipment and/or equipment class, or diverse control information;
● protection is from the information of DVD equipment output, such as with people's such as Ginter and the managing entitlement technical application that the application disclosed to the signal that on DVD player, transmits with IEEE1394 port (or other serial line interface);
● on the basis of dummy source, create protected digit content;
● reflect country variant and/or regional different use right and/or content availability in the world;
● manage the information on the dvd media reliably; Make some part to go up and to use, and other part can go up and use the equipment of identical or different classification (for example independently DVD player or PC) one type or multi-class device (for example independently DVD player);
● store reliably and/or transmit and pay, check, control and/or manage the content-related information that DVD goes up storage, comprise with in the relevant technology disclosed in people's such as people such as Ginter and Shear the patent;
● the encryption key that renewal and/or replacement are used in the operation of equipment process, with modification equipment and/or the employable range of information of equipment class;
● protection information in all processes of creating, propagating and use, its method for example are that the information that initial protection is gathered by digital camera continues to carry out protection and managing entitlement in all processes of editor, production, propagation, use and operation report.
● allow to share some and/or whole managing entitlement of single and/or a plurality of nodes by " the virtual right machine " participated in and cooperative a plurality of equipment and/or other system form in permanent network that connects or the temporary transient network that connects; For example; Allow the available resources in a plurality of this equipment and/or other system; And/or with a plurality of litiganies and/or the related right of tissue of using and/or control this equipment and/or other system; Be applied to concert (according to rule relevant and control) with right; So that manage in this equipment and/or other system any one or a plurality of on one or more electron events, this incident management for example comprises: watch, edit, classify, compile, print, duplicate, name, pluck choosing, preserve and/or propagate the digital content that receives rights protection.
● allow the exchange of right between reciprocity equipment and/or other system; Wherein equipment and/or other system add the permanent or temporary transient network that connects; And wherein the exchanged form of this right is the dealing of barter business, currency, and/or be worth and/or consideration exchange-wherein this value and/or remuneration are between the commerce of the participation network of equity and/or consumer device and/or other system, to exchange.
Large capacity digital medium rights protection and management that general DVD/ cost-effectiveness is suitable
The present invention described herein can be used for any mass storage device that the suitable propagation medium of employing effectiveness-cost is provided of commerce and/or consumption numerical information, and DVD as herein described should be understood to include any this type systematic.
Copy protection and managing entitlement are important in the dvd system of reality, and, in current known or unknown other high capacity storage, playback and recording system, still be important in the future.Provide (or writing) information on most dvd medias some or need protection all.This anti-copy protection is an aspect of managing entitlement.Others comprise and allow right holder and other people to manage their commercial interest (and with/space length their are realized in the potential time), no matter are what propagation medium and/or channel, also regardless of the special properties of receiving equipment.The managing entitlement solution of this combination DVD, along with the appearance of readable dvd media generation upon generation of and equipment in the future, it is more important to become.Can select under the situation of recording arrangement on the market, and for example record, record and other digital properties will be from a device transmission to another equipment the time, at this moment, right holder will hope to safeguard and propose their right.
Consumer device combines with the obvious of computing machine; The raising of network and modem speed; The decline of the expense of computer capacity and bandwidth, and the increase of optical medium capacity, these factors combine has created a world of mixing business model; In this world, all various digital contents can be propagated on the optical medium of playing on equipment that connects at least once in a while and/or the computing machine; In this world, common disposable purchasing model during music CD sells with initial DVD film obtains replenishing of other pattern, the latter for example leases, pay watch, lease purchase, or the like.The consumer can select these and other pattern from same or different distribution persons or other suppliers.Usage charges can and/or connect on other communications conduit of certain paying clearing operation at network to be paid.Consumer's use and fox message can be back to developer, distribution person and/or other participant.The basic copy protection technology of introducing now that is used for DVD can not be supported these and other complex patterns.
Along with writing the appearance in market of DVD equipment and medium, other mixed mode also is possible, for example comprises via satellite and cable system spreading digital film.After recording a film, the consumer can select to lease, lease, pay and watch or appropriate mode that other is possible.Along with the appearance of DTV, can write the DVD loyalty and duplicate the ability of on-air program and produced other possible pattern and/or managing entitlement requirement.To this, the current simple copy protection mechanism of using for initial read-only DVD is technological can not be satisfied the demand equally.Encryption is means, is not purpose
Encryption is applicable to the knowledge property of protection digital format; No matter be in the activity store of magnetic medium, digital device of the optical medium, disc driver and so on of DVD and so on, still just through the network of computing machine, cable, satellite or other kind or the knowledge property of delivery means transmission.In the past, encryption technology is owing to send secret information.For DVD, a fundamental purpose of encryption is that a kind of control and right management system of duplicating used in requirement, with the content of having guaranteed to have only the talent who is authorized by the right holder can use really and encrypting.
But, be purpose encrypt, not equal to be means.Central issue is how to design method; On maximum as far as possible degree; Ensure only to be authorized to equipment, and/or with other method use information in the scope of other party concerned's permission of right owner and/or protected content with the litigant could decipher shielded content.
The invention provides powerful managing entitlement function.According to an aspect provided by the invention; Can the digital properties of encrypting be left in the software " container " of a kind of anti-destruction on the DVD; For example in " Digibox " safety container, the rule of depositing together that can use in addition and implement by consumer device about " must not duplicate " and/or " duplicating " and/or " allow duplicate number of times ".The rule that these are identical and/or more flexible and/or different rules; Can be by computer equipment or other system implementation, provide more and/or choosing, one or more payment methods, (storage of increase is used for capacity of detailed inspection information or the like) are for example edited, plucked to different functions (.In addition, for example " software container " of " Digibox " safety container can be stored certain plaintext (promptly without encryption format) content.For example, film or music title, copyright statement, sound equipment sample, preview and/or advertisement can expressly be stored, and/or can be come out by any suitable application or device plays.This information is when being provided for watching, duplicate and/or other can be protected for authenticity when movable.Simultaneously; Various valuable digital properties one films, image, image, text, software and multimedia can be that part is encrypted storage at least; Can only can only under by the situation of permission (for example after the right owner agrees), use by being authorized to equipment and/or using and use.
According to another aspect provided by the invention (combine to disclose in people's patent such as Ginter some functions) is that same on the DVD dish " container " is interior can store a plurality of rule sets.Software is used these rules then as the case may be; Concrete condition is: for example film is play by consumer device or computing machine; Whether particular device has back passage (for example online connection); Player position and/or film are play country and/or other law or the geographic zone at place, and/or whether equipment contain the parts that can discern and use this rule.For example, when information was play by consumer device, some service regeulations was suitable for, and when being play by computing machine, other service regeulations are suitable for.The right owner is depended in the selection of rule and/or other participant-perhaps, some rule can be predesignated (for example maybe should be used for being scheduled to according to specific environment).For example, the film right owner can hope that restriction duplicates, and guarantees that content is not taken passages, no matter this property residing be what situation.This restriction possibly only used at certain law or geographic zone.Other way is, the right owner of sound goods can hope to allow to extract the content of predetermined length (for example in 20 seconds), and these extractions must not be used to make new commercial works.In some cases; Government can require to have only the film of " PG " version and/or could on the local equipment of government, play the TV programme of grade, and if/or to the content request recorded on the DVD with/(for example the use of film, recreation, database, software product etc. is paid to carry out charge; And/or according to the order at least partially in the catalogue of storing on the dvd media, or the like), the expenses of taxation that are suitable for, usage charges or the like will be calculated and/or collect automatically.
In microprocessor control (or enhancing) digital consumer device down; The enforcement of this rule that the present invention relates to; For example only needing increases a little equipment to central authorities, processor controls (or other CPU, IEEE1394 port controller or other contents processing control circuit), and/or utilizes some ROM or quick internal memory to store necessary software.In addition, each ROM quick internal memory or other internal memory of this control circuit that is the unitary system forging piece (or can be connected to reliably or be integrated into) for example can store one or more digital document or " certificates " that can identify particular device, personal identification, compass of competency, equipment class and/or other selected parameter uniquely.Equipment for example can be programmed to and can only give another digital device with encryption format with the duplicate of digital properties, and can only be placed in " software container " of new anti-destruction.Container for example also can have expression, and present what send is the code of a duplicate rather than original paper.Equipment also can be put into identical safety container with the exclusive identifier of receiving equipment and/or equipment class.As a result, for example in an ad hoc arrangement, this duplicate only can be play on the equipment of equipment, equipment class and/or particular locality that desire receives, and the relevant right of using this duplicate can be according to these and/or other variable and difference.
Receiving equipment for example can be programmed to not make other duplicate that can on consumer device and/or miscellaneous equipment class, play when detecting this digital properties and be duplicate really.If Equipment Inspection is not original equipment of planning broadcast to the equipment that will play digital properties and/or equipment class, it can be programmed to refusal and play this duplicate (if desired).
The same rule of using in the consumer device for example can be implemented having possessed on the computing machine that provides according to managing entitlement of the present invention protection.In this example, rule can must not stipulate certain film and/or other content of broadcast on any equipment that for example is not consumer device and/or equipment class.Another kind of way is; This strong functions can be used for the hope by the right owner; Different service regeulations and payment scheme that regulation is suitable for when (and/or in miscellaneous equipment and/or equipment class) play on computers for example carry out price discrimination according to the different geography or the law zone at play content place.
In addition, consider if desired or require independent delivery if having " back passage " (backchannel)-for example to have the STB of two-way communication or be attached to the computing machine of network-the present invention for the electronics of the new regulation of given property.These new regulations for example can tariff discount, time-limited sale, advertisement subsidy and/or other information that needs.Preamble said, the rule of these independent delivery confirm to depend on fully other people in right owner and/or the given pattern.
Be two object lessons below about several aspects of the invention described above:
1. The example that analog to digital duplicates
(a) Bob has a dish to buy the vhs video band of (or leasing), and he wants to copy portion and gives over to personal.The control routine of duplicating of this simulation film is embedded, not overslaugh quality of signals.Bob has the DVD equipment that can write, and the outfit of this equipment can provide according to managing entitlement protection of the present invention.The DVD register of Bob detects control routine embedded in the simulating signal (for example this register can detect watermark and/or the fingerprint that contains the control relevant with right and/or the information of use); Creating a new safety container deposits content rule and describes encoded movies; And create new control law and (and/or be delivered to a safe VDE system with storage and report the information that some is relevant with using history; Such as address name, time or the like); Its detected simulation control routine and/or out of Memory that follow, they are stored then in Digibox and/or the safe VDE device data storer such as safety database.Bob at any time can both be on its DVD equipment this duplicate of playback.
(b) Bob coils its DVD that records to Jennifer, and the latter wants on the computing machine of band DVD driver, to play this dish.The outfit of her computing machine can provide according to managing entitlement protection of the present invention.Her computing machine is opened Digibox, and detecting the equipment that uses this replicating disk is not the equipment (being undelegated equipment therefore) of this dish of record, so refusal is play this replicating disk.
(c) Bob coils its this DVD to Jennifer once more; But the latter has this time obtained with the relevant person who works out new regulation and consequences for use through the electronics mode and has got in touch, and this relevant person possibly be film manufacturer, retail trader and/or right and permission switching station (perhaps also maybe she had enough rights and come this replicating disk of its player plays of usefulness).The relevant person sends a Digibox container to Jennifer; Rule that is loaded with above and consequence allow her on its computing machine, to play this film; To charge to her simultaneously, although this film is recorded to DVD by Bob rather than by film manufacturer or other value chain participant.
2. The example of numeral one analoging reproduction
(a) Jennifer comes home from work, with dish DVD that lease or own insert one link to each other with TV or with the integrated player of TV, play and should coil.Film is deciphered with complete transparent way, and form becomes simulation by digital conversion, on its simulated television, shows.
(b) Jennifer wants to copy portion and gives over to personal.She plays this film on the DVD equipment that contains with good grounds managing entitlement protection of the present invention.This equipment is opened the Digibox safety container, and access control information is deciphered this film.She writes down simulating signal on video cassette recorder, obtain a high-quality duplicate.
(c) Jennifer copies this VCR to Doug, and the latter hopes with this simulation tape copy a personal, but it is very low to simulate the quality that control information duplicates VCR, perhaps reproducible not.In another indefiniteness example, can more comprehensive digital rights management information be coded in the simulation output, method is to adopt in Van Wie that preceding text quote and the Weber patented claim method and/or system in greater detail.
According to an aspect provided by the invention, same portable storage media, for example DVD can be used for a series of environment different, that certain protection is arranged, and the different protection function is provided.Managing entitlement technology and/or function that each varying environment can both be supported according to this specific environment are used the information of carrying in the portable storage media.For example, the disk player of household consumption simple in structure, that the charge is small can be supported copy protection, need not to relate to the inaccessible complicated content rights of the function of player own.Stronger and/or the safer platform of technical functionality (for example possibly connect the PC of supporting that contains the safe handling parts by network; The perhaps equipment of " more clever "); For example can use identical portable storage media, and (for example require the outer usage charges of amount paid, provide the safety of the chosen content part of taking passages or selecting and compile to extract according to more complicated managing entitlement technology; Or the like), the use right of the enhancing relevant with the use of the contained content of medium is provided.For example, can adapt to the senior or complicated more use of various functions of use one with portable storage media associated control collection correspondingly requires to have only some platform just to have and protection that do not have, senior more of other platform and managing entitlement.As another example; The environment of low-function can be ignored (or do not start or do not attempt use) control and concentrate their vague rights, and H.D environment (they know the repertoire that oneself has) for example can start the right of being ignored by the environment of low-function and corresponding resist technology.
According to another aspect provided by the invention; Can stretch to a function and a performance that is independent of the safety component of medium and platform, make that the fundamental right management expectancy of consumer-elcetronics devices is one group of subclass of more enriching function that can be applied to more senior platform.This safety component both can be a physics, hardware component, also can be " software simulation " of parts.According to these characteristics, medium instance (or rather, the contents version with media independent) can be transmitted client, no matter their equipment or Platform Type are how, content will be protected certainly.The more not senior platform in safety and/or technical functionality aspect can only provide the right of limited use content, and more senior platform then can provide the more right of expansion according to corresponding suitable safety condition and safety practice.
According to another aspect provided by the invention; The DVD player of large-lot production, the household consumption that the charge is small (such as those for example structural complexity minimum with the minimum player of package count); Can be transformed compatiblely, and do not reduced the senior managing entitlement function that this storage medium and binding energy more senior and/or security platform provide with identical DVD or other portable storage media strong and/or that security platform (for example PC) is used.The managing entitlement and the protective device that provide and support according to the present invention; So basic copy protection that support price is inexpensive; And can be further as commercial convergent technology; Support to allow according to the use of the right of identical content cross-over connection by the limited resources consumer device; Simultaneously, be useful on equipment and/or the equipment that (b) is connected of the more large resource of safe rights management through (a), protect content and the further more safe level and the function of complicacy of support fully with miscellaneous equipment that further safe rights management resource can be provided or system.This aspect of the present invention allows to participate in and a plurality of equipment of cooperation operation in the permanent or temporary transient network that connects and/or other system are shared in the managing entitlement of at least one or a plurality of electron event that take place on single or a plurality of nodes (for example managing through the processing environment that uses the protection of describing in people's patent such as Ginter), and allows and use and/or right that litigant and/or the group of this a plurality of equipment and/or other system of controlling is related can be used according to the potential rule of being correlated with right and control.This just for example allows; The right that can obtain through company manager's equipment can combine with one or more subordinate office workers' of company right with certain mode; Perhaps replace the latter, condition is that their calculating or miscellaneous equipment connects into a temporary transient networking relation and in suitable scope, operate.In general, this aspect of the present invention allows the content distributed, the protection of ad eundem managing entitlement that receives of the distributed managing entitlement of DVD or encapsulation and transmission.No matter DVD equipment or other electronic information use equipment whether to add the permanent or temporary transient network that connects; Whether the equipment and/or the relation between other system of also no matter participating in distributed managing entitlement arrangement are temporary transient or have more lasting operative relationship that this distributed managing entitlement can both move.Like this; Identical equipment just can (for example have different rights according to the scope at operation of equipment place; In such as a company's environment of cooperating with other people and/or group; Within the family in portion's environment and/or home environment of cooperating with other outside individual and/or other litiganies, in a retail store environment, in the device of student's classroom-its middle school student's notebook cooperating with the server in classroom and/or teacher's PC aspect the managing entitlement; In library environment-wherein a plurality of litigant's cooperations ground uses the right of different use data searchings; In the handheld device and the opertaing device cooperation of factory's flooring-wherein, safety is also suitably carried out proprietary feature, or the like).
For example; With the limited resources apparatus; DVD equipment for example; Link to each other with network computer (NC) or the PC (PC) that the charge is small, can allow the peculiar right of managing entitlement function and/or litigant and/or equipment to be enhanced (or replacement), method is that the allowance managing entitlement is the part of DVD equipment and/or the right or the combined result of managing entitlement function of whole right and/or managing entitlement function and network or personal computer (NC or PC).This right can further be strengthened, revised or replaced owing to the availability of the managing entitlement function that is provided by reliable (safety) telecommunication network managing entitlement mechanism.
These aspects of the present invention can allow in same equipment-this example be DVD equipment-support break off with coupling arrangement in the different arrangements of managing entitlement function; For example in various degree, and allow to produce available right from the right that produces by managing entitlement equipment and/or other system in combination and/or the availability of managing entitlement function.This can comprise through use one " more no " safety and/or the equipment of natural resources shortage or one or more combinations of the part or all of right that system obtains; Wherein " more no " safety and/or equipment of natural resources shortage or system through safety with one " " or safety " degree is different " and/or resourceful and/or have the equipment of different rights or the connection of system is enhanced, replaces or revises, wherein this connection is adopted right dependency rule one of them equipment and/or these two equipment, the shared managing entitlement arrangement of description and is controlled determined right and/or management function.
Under latter event; Be connected in logic and/or physically long-range managing entitlement function, can expand (for example increasing available safe rights management resource) and/or change DVD equipment or the characteristic of the right that the user of the DVD equipment that links to each other with NC, PC home server and/or long-range managing entitlement mechanism can use.In the situation that this right strengthens, extra content part can obtain, and price can change, and propagates right again and can change (for example being expanded), and the contents extraction right can obtain increasing, or the like.
This " networking managing entitlement " can allow the combination of the managing entitlement resource of a plurality of logics and/or the panoramic equipment of physical relation and/or other system; Through with the enhancing resource that provides that is connected of one or more " long-range " managing entitlement mechanism; Produce bigger right, perhaps produce different rights.In addition; When managing entitlement functions increase and/or different and/or right are provided; This based on the managing entitlement arrangement that connects can also support the content availability in many places, method provide long-range available content-for example long-range, the content of storing in based on the World Wide Web of the Internet content memorizer (world wide web), supporting database-with one or more DVD dishes on local content seamless integrated.
In this instance, the user can not only experience rights increase or different, and can use local DVD and supplemental content (promptly more popular from the time viewpoint, price is higher, more variation or say content with complementarity or the like from other meaning).In this case; The user of DVD equipment and/or DVD equipment (or miscellaneous equipment or system of connecting with this equipment) can identical right, discrepant and/or different rights be applied on the content that Local or Remote can use, and Local or Remote can with content part this in by user and/or equipment use the time, can be limited by discrepant or different rights.This arrangement is through adopting the managing entitlement and the content resource of a plurality of continuous devices, can support that the user can effectively obtain in content retrieval and/or use activity by whole great increase of the chance of seamless integrated user content.
The telemanagement mechanism that this right strengthens can be directly connected to DVD equipment and/or miscellaneous equipment with modulator-demodular unit; The I/O interface that perhaps direct or turned is crossed use such as serial 1394 compatible controllers (for example connects; Through communicating by letter between the 1394 DVD equipment that start and the local PC; Wherein, PC is useed an intelligent synchronization or asynchronous information communication interface as, connects one or more telemanagement mechanism, comprises as the local PC or NC or the server that strengthen and/or provide the local right management structure of managing entitlement in the DVD equipment).
According to another aspect provided by the invention; Participant and/or participate in DVD equipment or right that other system is provided, that buy or that obtain with other method; Can be through the equipment of one or more permanent or temporary transient networkings, between the equipment of this peer-to-peer and/or other system, exchange.In this case; As long as this kind equipment and/or other system participate in right management system; The virtual communication environments of for example describing in people's patent such as Ginter; And adopt the subrogation and other managing entitlement function wherein described, then right just can be by barter business, betray, otherwise have valency exchange and/or taxi.For example, this aspect of the present invention allows the litigant to exchange recreation or the film that they have bought right.Still in this example; The someone can buy the right that a part is watched film from neighbours; Maybe will transfer the opposing party with the super several acquaintances that propagate into that will play from the credit that recreation publisher receives, this credit can be transferred the possession of (exchange) and given certain friend, to have bought this friend's part right; Different recreation is played on certain number of times ground, or the like.According to another aspect provided by the invention, the content that the portable storage media of DVD and so on contains is related with one or more encryption keys and a secure content identifier.Content itself (or using the desired information of this content) part is at least encrypted-before using content, is needed with related this content of decruption key deciphering with enciphered method.Decruption key itself also can be encrypted with the form of encryption key block.According to used platform, can use different key managements and access technique.
According to another aspect provided by the invention; Digital camera/video recorder of the electronic equipment of " establishment " digital content (even analog content)-for example or sound-track engraving apparatus can be equipped with suitable hardware and/or software easily, so that generate the content that in safety container, provides at the beginning.For example, can, it be encapsulated into safety container when writing down immediately by video camera by the digital camera content recorded.Video camera just can be exported the content that has been encapsulated in the safety container then.This just need be later or in the production phase encapsulated content, so in the overall realization according to electronic rights management of the present invention, saved a production procedure step.In addition, in the production of routine and many stages of communication process (for example in what is called " compacting " process at editor and/or DVD or audio disc stamper) possibly take place all owing in the managing entitlement environment, " read " this process of content for use.Correspondingly, another significant advantage of the present invention is that the managing entitlement of content can expand to each stage that content generates, edits, distributes and use basically, with the seamless content protecting system that provides can protect the right of whole contents life cycle.
In one embodiment, storage medium itself contains the key block decruption key, and decruption key is hidden in the storage medium, generally gets to come out with general access and/or reproduction technology.This key of hiding can be used to decipher selectively content and relevant information on the medium then by the key block that driver is used for the encrypted secret key piece is deciphered a this deciphering.Driver can design with a kind of safe, anti-mode of destroying, and makes the key of hiding can not expose driver, and an extra protective seam is provided.
According to another embodiment, the key of an encryption key block can be stored and be kept for deciphering to the optic disk driver.This key block decruption key can be stored in the crypto key memory of driver, if the optic disk driver uses communication port, the network port or other communicating route that is for example provided by STB at least once in a while, decruption key can also upgrade.
According to another embodiment, a virtual assigned Environmental security node comprises a shielded processing environment, such as a hardware based secure processing units.This safe handling node can according to be delivered to medium originally on one's body security node and/or the security node that on independent communication passage, transmits such as network, by the control law and the method for one or more safety containers regulations, the use of control such as the content on the portable storage medias such as digital video disk.
The CGMA copy protection control routine that some combines with some encryption technology that is obviously proposed first by Matsushita company to the current prediction of conventional copy protection of DVD.Although this method is limited to the benefit of digital safeguarding of assets, the present invention can provide additional, compatible and more comprehensive right management system also provides other and/or different selection and solutions simultaneously.Be some other examples below according to advantage provided by the invention:
● meet the tight security of content provider's needs fully.
● the value chain management robotization that comprises distributed rights protection and efficient, " timing burst " paying disaggregation (" piece of tick " paymentdisaggregation), cost-microcosmic transaction management efficiently and to the little paying of off line of the equipment that is connected at least once in a while and the super propagation that little transaction is supported to the value chain participator.
● concisely, channel management efficiently, comprise support to use can be at limited resources, more resources, independently and/or the identical content that transmits on the equipment that connects.
● can be used for content and the content model of any medium and application type and/or form of ownership-be not only the compressed video and the sound such in some prior art; And be supported in the duplicate that uses identical or identical in fact content container between various medium broadcasting systems (for example broadcasting, storehouse, the Internet device, CD or the like), be used for going up operation at various distinct electronic apparatuses (for example digital camera, digital editing equipment, sound pick-up outfit, sound editing equipment, cinema's projector, DVD equipment, broadcasting tape player, PC, intelligent television or the like).
● consider the raising of chance and value chain efficiency of operation through important new content income and/or other, make asset management and income and/or other consider maximization.
● can be absolutely compatible other resist technology, for example CGMA protected code and/or Matsushita are to the data perturbation method of DVD copy protection.
● can use with various existing data perturbations or protection system, very high compatible and/or very senior function is provided.
● allow the DVD technology to become reusable, the programmable resource of panoramic amusement, infomercial and PC World's business model.
● make manufacturer and/or retail trader and/or other increment participant of DVD driver and/or semiconductor device; Become the supplier and the right owner of the physical basis structure that is connected the world of emerging the Internet and in-house network, part distribution, the physical basis structure that they can require people to use with compensation to join commercial network (for example they provide a part).These manufacturers and/or retail trader and/or other increment participant can enjoy economic interests from participate in " timing burst ", this interests are freed from the accumulation of the sub-fraction income of participating in business and obtaining.
● automatic internationalization, regionalization and managing entitlement are provided, wherein:
-dvd content can have the combination of Different Rule collection, is used for using automatically according to user's right and identity;
-can handle the social right that comprises tax revenue pellucidly.
In addition, DVD right management method of the present invention has increased interests with device for medium recording person/publisher, specifically is:
● meet the philosophy of " let honest people honest ".
● can absolutely compatible other protection scheme, for example the data perturbation method of Matsushita and/or CGMA code-wheel.
● can work and/or, the degree and/or the function of expectation is provided with other protection scheme, maybe can be used for replenishing or replace other method to provide extra and/or different functions or characteristic as replenishing.
● provide powerful, extendible, surmount managing entitlement the limited copy protection pattern of the managing entitlement in the convergent world of numeral.
● give record/publishing house creates the ability of complicated asset management tool.
● through being used, the control of recording property outside the multimedia environment creates the important commercial chance.
● uniquely with internationalization, regionalization, super propagation, heavily enterpriseization is related to content creation process and/or is used control.
The right owner of other type is benefited in other invention of the present invention, for example:
● in the world digital content is carried out lasting, transparent protection through value chain and procedure level.
● significantly reduce because of duplicating and propagate the revenue losses that causes.
● " propagation " duplicated with the copyright infringement of many forms be transformed into the important commercial chance by strategic commercial the threat.
● with medium and/or place to use and other right variable single standard irrelevant, all digital contents.
● the main scale economics of inter-trade, channel of distribution, medium and content type.
● can support local use and management and inspection in the DVD player, allow high efficiency little transaction support, comprise little in many ways transaction and transparent little in many ways transaction.
● the entitle owner adopts the ability of price, business model and market strategy the most widely as the case may be.
The present invention to DVD with the favourable others of other digital media equipment manufacturers is:
● the compatibility with existing dish bit-by-bit can be provided.
● content type is independent.
● medium is independent and able to programme/and reusable.
● be converted to the equipment that the next generation has high-density equipment more and/or can write DVD and/or other optical media formats highly easily.
● participate in the revenue stream that generates with this equipment.
But ● to the single extension standards of all digital content devices.
● prepare at any time to face following " advolution " world, in this world, many equipment in family for example with IEEE 1394 interfaces or other device be connected together (for example some equipment extraordinary image computing machine, and some computing machine extraordinary image equipment).
Content of the present invention provides many benefits to computing machine and OS manufacturer, for example:
● for example, in computing machine, realize, need not change computer hardware and/or operating system as expansion to operating system through at least one transparent plug-in unit.
● seamlessly be integrated in operating system and the equipment easily.
● extremely powerful security one is particularly when strengthening with " safe silicon chip " (hardware/firmware protective device of promptly on chip, making).
● subscriber equipment is transformed into genuine e-business equipment.
● be provided for reliable, the safe managing entitlement and the platform of event handling.
● by the programmability of special requirement customization.
Other characteristics provided by the invention and advantage for example comprise:
● the information on the medium (for example property and metadata) can be encrypted also and can not encrypted.
● the available different secret key encryption of different information (for example property and metadata).This is not merely to prevent to divulge a secret provides more protection, also is supported in the optionally use right in the complicated right management system.
● can be on medium storage encryption key, though this and inessential.These keys can be used for deciphering shielded property and metadata.Why the key of having encrypted possibly be used, and is because this permission information itself has more security information, meanwhile remains on the access under the single cipher controlled.
● can on medium, store many group encryptions key; Different set of keys is associated with different information; Allow a plurality of control modes to use identical information, wherein each control mode can go to decipher the set of its used encryption key with one or more different keys.
● can visit container and/or the content that receives managing entitlement in order to support player, can the decruption key of encryption key be hidden in the medium visit usually less than one or more positions on.The position of this " usually visit less than " is physically open to the driver of installing on the player, and the computing machine of installing on the player is forbidden.The available different firmware of this startup or the wire jumper on the driver or the like are realized.
● the player access receives the container of managing entitlement and/or the ability of content also can be supported that these keys can be deciphered some encryption key on the medium by one or more keys in the player memory storage.
● the key in the player can allow other different properties of some player plays.Key connects (for example be connected to people's computer one by one, cable system and/or modulator-demodular unit and be connected to new and/or other a key and/or a key cancellation information) through network and is added to player and/or from the player deletion, is perhaps packed into automatically through " broadcast " encryption key distribution DVD.
● control computer is used can controlled player content and/or some or all constructed support of the use of digital rights management information.
● control computer can make computing machine receive one or more suitable keys and supported through a right management system of being commissioned to the use of content and/or digital rights management information.
● computing machine can accept to allow other keys that some encryption key on the medium is deciphered.
● computing machine can accept to allow direct other keys that one or more parts of enciphered data are deciphered.This is with regard to allowing the information on the working medium selectively and do not expose key (for example can decipher the player keys of any encryption key).
According to another aspect provided by the invention, a secure ' ' software container ' ' is provided, it allows:
● with the content of encryption method protection, the encapsulation that right is regular and use is controlled.
● be used to transport, store and the lasting protection of value chain management.
● the complex rule interface structure.
Element can transmit independently; For example about discount price (for example sell price, special user and group discount, based on the price of the pattern of use, or the like) and/or the new control that changes of other business models; (this is useful especially for a large amount of properties and physical allocation propagation medium (for example DVD, CD-ROM) can be propagated the back transmission at property; Because can avoid the expense propagated again, and the consumer can continue to use the dish of their collections).In addition, enciphered data can be positioned in container " outside ".This just can for example allow to use " flow " data of separate, stored of content and " legacy " system (for example CGMS) of Self Control and support.
Description of drawings
Better these inventions of thorough have these with other characteristics and advantage, can combine the detailed description of following advantages to most preferred embodiment:
Figure 1A representes to use the household consumption electronic equipment example of portable storage media such as digital video disk;
Figure 1B representes to use identical portable storage media but the more example of the security node equipment of advanced person's managing entitlement function is provided;
Fig. 1 C representes the process of the protected CD of an example manufacturing;
Fig. 2 A representes a routine structure of the consumer-elcetronics devices of Figure 1A;
Fig. 2 B representes a routine structure of the security node equipment of Figure 1B;
Fig. 3 representes the example of the used data structure of Figure 1A equipment;
Fig. 3 A and Fig. 3 B represent to control the example of collection definition;
Fig. 4 A and Fig. 4 B represent the example of the operation technique that Figure 1A equipment provides.
Fig. 5 representes that Figure 1B is used for the example of the data structure of information on the access storage media by security node;
Fig. 6 representes the routine operation technique that Figure 1B security node is carried out;
Fig. 7 is the block diagram of the example of a specific safety software container that contains on the DVD of expression;
Fig. 8 is the routine safety container stored on the dvd media of expression and the block diagram of video property content;
Fig. 9 is the block diagram of another example of a volumetric standard containing on the dvd media of expression, and this DVD comprises an extra container, and it has a more complex rule scheme of for example using with security node;
Figure 10 representes to have a container, and the DVD of (its exist this medium on) is used to be furnished with the DVD player of safe rights management node, and this figure has also shown same DVD and the DVD player use of not being furnished with the safe rights management node;
Figure 11 is that DVD that does not have container and the contrast block diagram that uses identical DVD at the DVD player that does not have security node are used in an expression according to the present invention on the DVD player of being furnished with the managing entitlement security node;
The example of Figure 12~14 expression network configuration;
Figure 15 A~15C representes a routine virtual right process.
Embodiment
The example that Figure 1A representes is to produce the household consumption electronic equipment 50 that the charge is small in enormous quantities, and it can use the information on the storage medium 100 of such as portable digital coding CD (for example digital video disk or DVD).Consumer device 50 comprises a special-purpose cd player 52, and in some embodiments, Disc player also can have ability to the optical medium write data (can write the DVD dish, or " DVD-RAM "), and Disc player links to each other with family CTV 54.A RCU can be used for controlling this disk player 52 and/or televisor 54.
In one embodiment, dish 100 can be stored minister's feature film or other video contents.Want to watch the people of content in the dish 100 can buy or lease this dish, should coil and insert player 52, with telepilot 56 (and/or the controller 58 that possibly have on the player 52), the controls playing device is through this content of family's colour TV 54 playback.
In some embodiments, telepilot 56 (and/or the controller 58 that possibly have on the equipment 52) can be controlled for example recording film.Player 52 reads dish 100 contained digitized video and audio-frequency informations, is converted into the signal compatible with family colour TV 54, and offers family's colour TV to these signals.
In some embodiments, televisor 54 (and/or a STB) provides vision signal, can write optical medium-for example record on the DVD-RAM by equipment 52.The signal that televisor 54 provides to televisor according to player 52 generates image and plays sound accompaniment through loudspeaker 54b on screen 54a.
Same dish 100 also can be used by the more senior platform among Figure 1B 60.Platform 60 for example can comprise PC 62, keyboard 66, Genius mouse 68 and the loudspeaker 70 that links to each other with display monitor 64.In this example, platform 60 also can be as the content of storage on the special-purpose disk player 52 playback dishes 100, and owing in the platform security node 72 is arranged, so more complicacy and/or more senior this content of using.(in some embodiments, platform 60 possibly also can write optical medium, and for example DVD-RAM goes up recorded content.) for example, with platform 60 and its security node 72, just possible interactively movie or other guide make the user to select through keyboard 66 and/or Genius mouse 68, change the image that provides through display 64 and loudspeaker 60 in real time.
For instance, make one's options in the options that the user of platform 60 shows on display 64, the order of content image is changed (in many different final results for example is provided, allows the visual play stream of user-interactive ground control, or the like).Computing machine 62 possibly also can use and handle numerical data, and these data for example comprise computer program and/or other information storage, that player 52 can not be handled on the dish 100.
Security node 72 provides a safe rights management equipment, the content that it for example allows the ground of aggressiveness more or stores on the use dish up hill and dale.For example, special player 52 can stop that any of memory contents duplicates on 100 to coiling, and perhaps allows this content to be replicated once, and then can not duplicate.The platform 60 that comprises security node 72 allows then repeatedly to duplicate that part or all of content-only (for example the user of equipment 60 belongs to specific one type people when satisfying certain condition certainly; To duplicate the price defrayment that guarantees by deciding through consultation at every turn; Specific plucking in the reproducting content selected part; All keep and report that reliably inspection is followed the tracks of duplicate at every turn; Or the like) (in some embodiments, special player 52 can only send to the authenticated equipment that can carry out the managing entitlement rule reliably and bear consequences for use with protected content.In some embodiments, device authentication can be used digital certificate, in a non-limitative example, for example meets the X.509 certificate of standard.) therefore, the content that the platform that comprises security node 72 60 in this example can provide with various flexible, safe mode use dishes 100 is then impossible with special player 52-or any other equipment that does not contain security node.
The dish of safety is created and communication process is given an example
Fig. 1 C representes process that is used for the multimedia DVD stamper 100 of player 50,60 of an example safety establishment.In this example, digital camera 350 converts light image (for example photo) to the numerical information 351 of representing one or a sequence image.Digital camera 350 in this example comprises a security node 72A, and it protected numerical information before numerical information 351 is left camera 350.The method that realizes this protection for example is, in one or more containers, encapsulates numerical information, and/or will control related with numerical information.
In this example, digital camera 350 offers a memory device with shielded digital image information 351, for example a Digital Video Tape Recorder 352.Video tape recorder 352 stores digital image information (together with any phase related control information) on the storage medium into, for example on the magnetic tape cassette.Video tape recorder 352 also can comprise a security node 72B.Security node 72B in this example can understand and combine digital camera security node 72A is suitable for and/or the control relevant with numerical information 351, and/or can apply its oneself control to canned data.
Identical or different video tape recorders 352 can be played back to digital mixing console 356 with protected numerical information 351.Numeral mixing console 356 can mix, edit, strengthens or the numerical information 351 of processing otherwise, and the numerical information 358 of the processing of or a sequence image is represented in generation.Numeral mixing console 356 can accept from other tape recording/cameras of other equipment-for example, other digital cameras, character generator, pattern generator, cartoon maker or any other equipment based on image-other inputs.Any or all these kind equipments also can comprise security node 72, with the information of protecting them to generate.In some embodiments, some numerical information can obtain from the equipment that includes security node, and other numerical informations never obtain in the equipment of security node.In further embodiments, the numerical information that is provided to digital mixer 356 is shielded a bit, and some is not shielded.
In this example, digital mixing console 356 also can include a security node 72C.Numeral mixing console security node 72C implements the control that applied by digital camera security node 72A and video tape recorder security node, and/or it can be added to its protection the numerical information 358 of its generation.
In this example, audio microphone 361 is accepted the sound, and to the simulating signal of converting.In this example, sound signal is imported into a digital audio tape recorder 362, and in embodiment illustrated, blattnerphone 362 is digital devices with Audio mixer 364.Yet, in other embodiments, in these equipment one of them or the two can operate with analog form.In illustrated embodiment, digital audio tape recorder 362 converts simulated audio signal to represent the sound numerical information, and stores numerical information (and any relevant control information) into tape 363.
In this example, blattnerphone 362 include can control information is related with tape 363 canned datas security node 72E.This control information can be stored in the tape 363 with this information.In another embodiment, microphone 361 can include its oneself can control information is related with audio-frequency information (for example through audio-frequency information and control information hidden (steganogrphically) be encoded) internal security node 72.Blattnerphone 362 can be implemented this control that is applied by microphone 361.
Another way is; Microphone 361 can be operated by digital form, with the numeral of audio frequency, possibly also comprise the control information that the security node 72 that is included in alternatively in the microphone 361 is provided; Directly offer continuous equipment, such as blattnerphone 362.In Fig. 1 C example, the randomly analog representation of arbitrary signal between the alternate device of numeral.
Identical or different blattnerphone 362 can playback tape 363 on information recorded 366, and this information offered Audio mixer 364.Audio mixer 364 can mix, edit or process information 366 otherwise, generates the information 368 of representing one or a sequence sound.Audio mixer 364 can accept from other blattnerphone of other equipment-for example, other microphones, sound generator, music synthesizer or any other equipment based on audio frequency-input.Any or all these kind equipments also can comprise security node 72, with the information of protecting them to generate.In some embodiments, some numerical information can obtain from the equipment that includes security node, and other numerical informations never obtain in the equipment of security node.In further embodiments, the numerical information that is provided to Audio mixer 364 is shielded a bit, and some is not shielded.
In this example, Audio mixer 364 includes a security node 72F, and its implements-if any-control that applied by blattnerphone security node 72E, and/or implement its oneself control.
Digital image mixer 356 provides numerical information 358 to " DVD-RAM " equipment 360, and this equipment can be write stamper 100 and/or write the dish that can be generated stamper by it.Similarly, Audio mixer 364 can provide numerical information 368 to equipment 360, and equipment 360 records picture information 358 and audio-frequency information 368 on the stamper 100.In this example; Equipment 360 can include a security node 72D; Its implements the control that applied by digital camera security node 72A, video tape recorder security node 72B, digital mixer security node 72C, blattnerphone security node 72E and/or Audio mixer security node 72F, and/or it also can add its oneself protection information in its numerical information of writing stamper 100 358 to.Disc manufacturer then just can be with conventional mass production of optical discs equipment, and large-lot production is used for propagating (for example through Audio-Video Shop, web network address, cinema or the like) through any channel based on the CD 100 (1)~100 (N) of stamper 100.Consumer device 50 shown in Figure 1A and Figure 1B can be implemented the control that canned data applies on dish 100 by playback dish 100-.Security node 72 in all processes of manufacturing, propagation and use dish 100, is keeping end-to-end, lasting security control like this on the image that is generated by digital camera 350 and the sound by microphone 361 generations.
In the example of Fig. 1 C, can communicate through so-called " IEEE1394 " high-speed figure universal serial bus between various device is mutual.Here, " IEEE 1394 " refer to the hardware and software standard that proposes in the standards standard that this paper quotes: 1394-high performance serial bus 1995 Ieee standard1-55937-583-3 number (International Power EEA Eelectronic Eengineering Association nineteen ninety-five).This specification description a kind of self-configuring, can heat insert, low-cost, scalable HSM mapping digital serial bus.Synchronous and the asynchronous transmission of this bus support 100,200 or 400Mbps, and support many different topological structures neatly.This specification description a Physical layer that includes two power leads and two pairs of signal dual-hinge lines.This standard has further described physics, connection and the transaction layer protocol that comprises serial bus management.
On the other hand; Also can come " IEEE 1394 " medium shown in the alternate figures 1C, comprise other wire medium (for example Ethernet, USB) and/or wireless medium, infrared signal and/or any other electronic communication device and/or the type transmitted based on radio frequency (RF) with other suitable electronic communication device.
The special player structure for example
Fig. 2 A representes a configuration example of special player 52.In this example, player 52 comprises an optic disk driver 80, controller 82 (for example comprise microprocessor 84, storer-such as ROM (read-only memory) 86 and user interface 88) and video/audio processing block 90.Optic disk driver 80 through with the optics and the physical action of CD 100, read numerical information from this dish.Controller 82 control optic disk drivers 80 are according to the programmed instruction that is stored in the storer 86 and carried out by microprocessor 84 (and further according to connect 88 user's inputs of providing by the user that can connect control 58 and/or telepilot 56).The standard technique of video/audio processing block 90 usefulness videos and audio decompression and so on, digital video that optic disk driver 80 is read and audio-frequency information convert the signal compatible with family colour TV 54 to.Video/audio processing block 90 also can insert an expression to the entitlement of this video program and/or the visable indicia of protection.Piece 90 adopts a kind of figure notation to come must not indicate to the standard recording arrangement to record this content.
The security node topology example
Fig. 2 B representes that the used routine structure of platform shown in Figure 1B 60-it is to make up around-Tai PC in this example, but can comprises the dissimilar equipment of any amount.In this example, PC 62 can be connected to an electric network 150 such as the Internet through communication block 152.Computer equipment 62 can comprise optic disk driver 80 (it can be similar or identical with the optic disk driver 80 that comprises in player 52 examples).Computer equipment 62 further can comprise microprocessor 154, storer 156 (for example comprising RAS and ROM (read-only memory)), disc driver 158, video/audio processing block 160.In addition, computer equipment 62 can also comprise anti-secure processing units 64 or other the shielded processing environment that destroys.Like this, the security node shown in Figure 1B 72 just can be by the software of carrying out on secure processing units 164, the microprocessor 154 or this two combine and provide.With only with software, only the different implementation methods such as scheme with the mixing of hardware or software and hardware all can realize security node 72.
Security node 72 in this example can provide and support a kind of employing can re-use the general right operating system of kernel and rights language parts.This can commercial right operating system possess following required function and the integration of advanced commercial operation system.At developing electronic applications, the e-business function general, that can re-use that all participants can both rely on, any other function that becomes with operating system is the same important.In addition, the right operating system of right and checked operation systemic-function is provided also except other function, can handles the task of the wider range relevant safely with virtual communication environments.Secure processing units for example can provide or support the many security functions in right and the checked operation systemic-function.Other operation system function for example can be handled general functions of the equipments.Overall OS for example can add other operation system function being designed to include right and checked operation systemic-function at the beginning; Perhaps; In another embodiment, right and checked operation systemic-function can be used as and add part and be added in the operating system that is pre-existing in of the operation system function that other is provided.Any part of these characteristics or whole, the invention that can combine this paper to disclose is used.
The dish data structure is given an example with relevant protection
The example of some data structures of storage on Fig. 3 indicating panel 100.In this example, dish 100 can be stored property or other content 200 of one or more protected forms or unprotect form.In general; In this example,, property 200 encrypts, and/or to use the required related information of this property be that part is encrypted at least if being part at least; And/or do not satisfy certain condition in other cases and just can not use, then this property is shielded.For example, property 200 (1) can be with all or part of encryption of conventional safety encipher technology.Another property 200 (2) possibly be unshielded fully, therefore can have no restrictedly freely to use.Therefore; According to this example; Dish 100 can be stored two kinds of contents simultaneously, and a kind of is film as protected property 200 (1) storages, a kind of be as 200 (2) storages of unprotect property will not protect to performer and producer's interview program perhaps " film advance notice advertisement ".Shown in this example, dish 100 can be stored the different properties 200 of the protected of any amount or unprotect form, and quantity only receives the restriction of capacity of optical storage.
In one embodiment, can use any part of the protection described in the patent of the Shear that preceding text quote (and/or other) structure and/or technology or all by dish 100 protection mechanisms that provide.The patent of Shear has been described to solve and how have been protected digital content not by the method for the problem of unauthorized use through non-exhaustive for example.For example, wherein described in the patent specification of Shear-through the distribution Control Node in the client computer-with the method for electronically " supervision " digital content operating position.This comprises can realize the apparatus and method to the consequence of any this use.
The non-limitative example of some key element comprises in the patent specification of Shear:
(a) deciphering of enciphered message,
(b) statistics,
(c) use that the rule of setting according to the statistical information and the content supplier of derivation combines to draw is controlled,
(d) report content uses information safely,
(e) database technology is in the storage of protected information with the use of transmitting,
(f) local security of budget is safeguarded, for example comprises the credit budget,
(g) encryption key and content are used this locality, the safety storing of information,
(h) local security of control and treatment is carried out,
(i) in many non-limitative examples, the use of optical medium
Any part of these characteristics or can be used in combination with the invention of this paper narration all.
It is local or long-range problem to the user that the instructions of authorizing the patent of Shear also relates to data-base content.In the storage of an end user's system place and by the additional database information of long-range " online " database information, for example can be used to strengthen local information, in one embodiment, local information can be stored in the optical medium (for example DVD and/or CD-ROM).For example the semiconductor hardware of available dedicated provides a secure execution environments, guarantees that the digital business activity has a safe and reliable basis.
The patent of Shear has wherein also been described the database that carries out through the use of safety, statistics and use and management function and has been used control.Especially described a kind of statistics and control system in the instructions, in this system, part ciphered data storehouse is sent out to the user (for example on optical medium) at least.The indefiniteness example of this type optical medium for example comprises DVD and CD-ROM.Use subsequently for example can be added up and control with the whole bag of tricks, and result's use information can be transferred to a party responsible (as an example).
The patent specification of Shear has also been described according to information transmitted and has been generated bill.Other embodiment of the patent of Shear for example provides the invention of unique information security, and these inventions for example relate to according to the use pattern and restricted digital content is used, such as the quantity of specific use kind.These functions comprise that monitoring is used " propinquity " and/or " logical interdependency " of information, with the right of its permission of electronics " behavior " insurmountability of guaranteeing someone.The others of Shear patent have especially also been described can make organization security ground, managing electronic information uses the function of right partly.When the part of a database or database was passed to a customer address, some embodiment of Shear patent for example provided optical storage (wherein the example of non-limit comprises DVD and CD-ROM) as transmission mechanism.This memory storage can be with for example a collection of video, audio frequency, image, software program, recreation etc.; Be stored on the optical medium; For example on DVD and/or the CD-ROM; In addition also store other content, such as a collection of text, Documentary Records, parts catalogue and various copyright material and non-copyright material.These characteristics any one or all can both be used for the embodiment of this paper.
A specific indefiniteness embodiment for example possibly relate to a supplier who prepares a collection of recreation.The supplier prepares the database " index " of a storage gaming-related information, and the information content for example is game name, introduction, producer identification symbol, price and in registration or the maximum access times or the T.T. of each recreation before the register request again.This information some or can for example be stored on the optical medium by encryption format all, the indefiniteness example of optical medium comprises DVD and CD-ROM.So the supplier can be with some part or all of encryption of recreation, only if make that one or more encryption sections are deciphered, otherwise recreation just can not be used.In general, only if supplier's defined terms is met, for example, only if can obtain paying the credit of cost of use and reflect that the fox message of recreation operating position is stored, otherwise deciphering just can not take place.Whether the supplier can determine that for example, which User Activity is its permission, be that inspection and/or control purpose are added up this type activity, needs, and set what restriction for the activity that is allowed.This possibly comprise, for example, and the time of the number of times of playing games and each recreation.Price can give a discount, and whether total degree, the client of the use recreation of its T.T. of using according to recreation, current registration also login other service that this same supplier provides, or the like.
In the indefiniteness example of discussing in the above, the supplier for example can be assembled together ready recreation and other for information about, and this set is distributed on the optical medium, and the indefiniteness example of optical medium comprises DVD and/or CD-ROM.The supplier can sell this DVD dish to the client of expection then.So client can select to want the recreation played, gets in touch with the supplier then.So the supplier just can be according to its business model; Log-on message is issued each authorize client; For example comprise that wherein (another way is that the mandate of using recreation is with DVD dish and/or the arrival of CD-ROM dish, perhaps for the log-on message of use, the decruption key of selected encryption section of playing;, confirm automatically according to the for example user class of the check of user's participation by the user's security client) according to the standard that the supplier sets.Client adopts user's client's deciphering and statistical organization, so just can utilize these recreation.This mechanism can write down use information then, the number of times of for example playing and being used, and for example each time span of playing.It can send this information to the recreation supplier termly, and reality has reduced the management overhead requirement of supplier's central server like this.The recreation supplier can collect the recreation usage charges according to the fox message of receiving.This information both can be used for client collects account, and also can be used for the rent is to be paid from the credit supplier.
Recreation provides a kind of example of indefiniteness easily, yet many these identical thoughts can easily be applied to the content of all kinds, and the property of all kinds for example comprises:
● video,
● digital movie,
● audio frequency,
● image,
● multimedia,
● software
● recreation,
● any other property,
● any property combination
Other indefiniteness embodiment of Shear patent specification for example supports to control different types of User Activity safely, for example shows, printing, electronics mode store, communicate by letter or the like.Some aspect is further to these different use activity application Different control standards.For example, can with the information of being browsed with duplicate, modification and remote transmission be the information difference that purpose is read in principal computer, different activities is suitable for different usage charges (expense of like this, for example browsing just is significantly less than the expense of duplicating or printing).
The Shear patent specification has for example also been described the information management of the organization internal that is undertaken by publisher and client.For example, there is a kind of optional security system to can be used for allowing tissue to prevent to use all or part of information bank, only if the user has imported security code.Can support multi-level security code to allow secret use of authorizing level to come limited subscriber according to the user.An embodiment for example can combine with software with hardware and improve survivability, and another embodiment can adopt a kind of complete system based on software.Although the dedicated hardware/software system can guarantee anti-destruction in some cases, to use for some, the technology that on non-dedicated system, realizes with software executing just can provide enough anti-damage performances.Any or all these characteristics can explain that the technology of disclosure is used in combination with the present invention.
Fig. 3 CD also can storing metadata (metadata), control and other information
In this example, dish 100 also can store " metadata " of protection and/or unprotect form.One or more properties 200 of player 52 usefulness metadata 202 auxiliary use dish 100 storages.For example, dish 100 meta data block 202 (1) that can store a unprotect form has the meta data block 202 (2) of protecting form with another.Dish 100 can be stored any amount of " metadata " piece 202 that protection and/or unprotect form are arranged, and quantity only receives the restriction of CD capacity.In this example, metadata 202 comprises the information that is used to visit property 200.This metadata 202 for example can comprise frame sequential or " navigation " information that is used for the playback sequence of one or more properties 200 of storage on the console panel 100.For instance; Unprotect meta data block 202 can be visited the selected part of protected property 200 to generate " preview " image of a breviary; Meanwhile, shielded meta data block 202 can contain the picture frame playback sequence of all videos of property 200.Another example is different meta data block 202 to be provided for the difference " montage " (for example R level version, PG level version, director's edited versions etc.) of same film property 200.
In this example, dish 100 can be stored other data that are used for security purpose.For example, dish 100 can be stored the control law of control collection 204 forms, and these control laws can be packaged together with the form of one or more safety containers 206.Business model participant can provide representative the electronics rule and the control of " electronics " interests separately safely.These rules and control have enlarged a kind of " virtual presence TM" (Virtual presenct TM), commercial participant can come to manage long-range value chain activity according to the right that they are arranged mutually separately through it.This virtual presence can adopt the form of the electronics condition that the participant stipulates (for example rule and control), and before electron event took place, these conditions must satisfy.These rules can be used for the right enforcement litigant between " downstream " e-business active stage with control.That the VDE content container is provided and/or otherwise use the obtainable control information of VDE content container; For example can constitute one or more " proposal " electronic protocol; This agreement is used to manage to the use of this content and/or uses the consequence of this content, and can work out the terms of agreement that relate to litigant in many ways and rights and obligations thereof.
In many ways litigant's rule for example can be used for forming centralized control collection (" cooperation virtual presence with control TM"-Cooperative Virtual presence TM), guarantee that the e-business activity among the value chain participant is consistent with agreement.These control collection for example can be stipulated management and the interactive condition of protected digital content (digital content of propagation, device control message etc.).These conditions for example can not only be used for the use of control figure information itself, also can control the consequence of this use.The result is, commercial participant's interests separately are protected, and cooperation, efficiently is able to formation with electronic business mode flexibly.These patterns can be used in combination with the present invention.
Dish can storage encryption information
Dish 100 also can be stored an encryption key block 208.In this example, dish 100 can further be stored one or more secrete keys 210.In this example, encryption key block 208 provides one or more encryption keys, is used to decipher one or more properties 200 and/or meta data block 202.Key block 208 can provide different encryption keys, is used to decipher different property 200 and/or meta data block 202 or identical property and/or the different piece of meta data block.So key block 208 just can comprise many encryption keys, if all the elements of use dish 100 storages just require maybe may require to use all cryptographic keys.Although key block shown in Figure 3 208 separates with container 206, if desired, it also can be included in the container or the part of container.
Encryption key block 208 itself will be used one or more encryption keys.In order to make any protected information of storage on the player 52 ability use dishes 100, at first must the counterpart keys in the encryption key block be deciphered-go to decipher corresponding content with the key of deciphering in the key block then.
In this example, several different one of (possibly be optional) source can be arranged to the required key of the deciphering of encryption key block.In the example shown in Figure 3, the one or more forms of dish 100 storages are the decruption key of secrete key 210, are used for originally on one's body the deciphering of key block 208 of medium.Secrete key 210 for example can be stored in general visit on the dish 100 less than the position.This " general visit less than " position is driver 80 gatings to installing in the player 52 physically for example, and the driver 80 that is installed in the personal computer 62 is closed.Gating can be by the realizations such as wire jumper on different firmwares, the driver 80.Secrete key 210 can be placed on the dish 100 like this, makes the attempt of any this dish of physical copy cause copying this secrete key.In one embodiment; Secrete key can be according to the description of J.Hogan; Be hidden in the one or more bit stream coded sequence and (consult Josh Hogan " DVD copy protection "; This is the report of author in the conference of the 4th DVD copy protection technology, on May 30th, 96, California, USA Burbank).
A kind of optional method and/or addition method are that the key required to the deciphering of encryption key block 208 can be provided by disk drive 80.In this example, CD drive 80 possibly comprise small-sized deciphering parts, and for example an integrated circuit decryption engine includes a small-sized safe internal key storer 212 of storing key.CD drive 212 can come encryption key block 208 is deciphered with this crypto key memory 212; Neither expose key 212 and do not expose the key block of having deciphered 208 again, then with the deciphering in the key block 208 key to protected content 200,202 deciphering.
Dish can be stored and/or container safe in utilization
In another example, deciphering protected content 200,202 required key provide in safety container 206 inside.The example that Fig. 3 A expresses possibility comprise the information content 304 safety container 206 (property 200 and metadata 202 for this container can be outside-perhaps, the data structure of optic disk 100 storages all or most parts that can be used as logic and/or actual protected container).Control collection 204 shown in Figure 3 can comprise one or more permissions record 306, one or more budget 308 and/or one or more method 310, shown in Fig. 3 A.The example control collection 204 that Fig. 3 B representes provides one or more encryption key 208, one or more content designator 220 and one or more control 222.In this example, Different control 222 can be applied to different equipment and/or equipment class, such as player 52 and/or computer equipment 62, specifically looks particular platform and/or platform-relevant function and decides.In addition, control 222 also can be applied to different property 200 and/or different meta data block 202.For example, control 222 (1) can allow property 200 (1) to be duplicated once as backup by player 52 or computer equipment 62.(it possibly ignored by player 52 fully, because the latter's technology and/or function of keeping secret are not enough in control 222 (2); But it can be used for its security node 72 by computer equipment 62) can allow the user to ask; Allow openly to perform identical property 200 (1) (for example in the bar or other public place), and make user's credit or other account's book borrow certain usage charges for perform in a radio or TV programme at every turn automatically.The 3rd control 222 (3) for example can allow security node 72 (rather than player 52) to agree that certain user class (advertiser who for example checks and approves and reporter) extracts or some part of the protected property 200 (1) of selected parts is used for propaganda.Another control 222 (4) for example can allow VDisc player 52 and security node 72 the two can both watch some tableaux in property 200 (1) scopes-but possibly only allow security node 72 under the condition of the usage charges of payment certain level, to duplicate tableaux.
CD and/or system can utilize the example of the foundation structure of being commissioned
Control 222 can contain points to the pointer that is used for the source of the additional control collection of other content on one or more properties, control, metadata and/or the CD.In an example; The acquisition approach of these additional controls can be from a third party who is commissioned; For example right and permission switching station, and/or authorize value chain participant that at least one additional control collection is provided by at least one right holder from any other.This right is several kinds of distributed electronic management and one of reinforcement service with the permission switching station.The distributed electronic management can be called " distributed business application " with the reinforcement service, and one of its characteristics are that it is a kind of integrated module array that is used for the management and the reinforcement service of e-business and electronic rights and trade management.These management and reinforcement service can be used for for carry out Financial Management, managing entitlement, license, rule clearance, use clearance, security catalog service and other and large-scale electric network (such as the Internet) and/or in-house in-house network, perhaps in addition the relevant function of transaction of working on the electronic equipment network in the family foundation for security is provided.The indefiniteness example of these electronic equipments comprises at least once in a while the optical media device that connects, for example comprise read-only and/or can write in DVD player and the computing machine the DVD driver with comprise DTV for example and contain the convergent equipment (convergent devices) of the STB of DVD driver.
These management and reinforcement services for example can adapt to e-business value chain in any amount of vertical market-the comprise special requirement of omnifarious entertainment applications after transforming.The e-business participant for example can support its interests with the reinforcement service with these management, and/or they can also form and re-use their service according to commercial reality with keen competition.The example of ecommerce participant's the non-limit of some of them comprises individual creator, video display and music making chamber, retail trader, program gatherer, broadcaster, cable and satellite operator.
The distributed business application examples if can be utilized the use and management resource with the highest efficient, and at least in some embodiments, can confirm scale pragmaticly, adapts to the demand that e-business increases best.
The distributed business application examples is as comprising many commercial systems for applications.These commercial systems for applications can provide a foundation structure to support net, supply whole electronics circle and/or its many or whole participants to use or re-use.Different support functions for example can be put together by level and/or cyberrelationship to adapt to various business models and/or other purpose.The modularization support function for example can be combined into different series, forms to adapt to the different design realizations and the different commercial systems for applications of purpose.These commercial systems for applications for example can be distributed in the electronic equipment that various distributed degrees differ.
Many additional functions and benefit that " distributed business application " provides can combine use with the specific embodiment shown in the application's the accompanying drawing, and the non-exhaustive examples of wherein some comprises:
● can make e-business and managing entitlement efficient and practical.
● the service of managing safely and supporting electronic reciprocal effect and consequence is provided.
● be provided for e-business and the human electronic reciprocal effect of other form and the fundamental mechanism of relation.
● optimally bring into play modern Distribution calculation and networks efficiency.
● automatic electronic and distribution process are provided.
● support modularization, e-business able to programme, distributed and computerized best and communication infrastructure.
● provide scope comprehensive function combinations series, support the service of carrying out various management and support effect.
● adopt the benefit of automatic electronic and distribution process to greatest extent, the optimum allocation of realization system and Internet resources and use.
● efficient, flexibly, cost-high efficiency, configurable, can be again with, can revise, can promote.
● can reflect user's commercial affairs and security requirements economically.
● optimally distribution process-permission business model be provided with flexibly, convergent-divergent as required, adapt to and satisfy user's needs.
● can handle comings and goings and volume of services efficiently.
● can combine to distribute and to focus on, be every kind of business model customization and operation.
● provide can form uniquely and can condition of compatibility change and a whole set of this locality of reinventing, concentrate and networked comprehensive function.
● support generic resource and can be used further to many different patterns; The foundation structure that has been provided with can be had the different value chains of demands of different and used.
● can support any amount of commerce and communication pattern.
● utilization efficiently is local, concentrate and networked resource satisfies the requirement of each value chain.
● the shared expense of having shared of public resource makes maximizing efficiency.
● support hybrid, distributed, reciprocity, centralized network functions.
● can carry out this locality, long-range and/or central operation.
● can be synchronously, operation asynchronously, or support this two kinds of operator schemes.
● variable flexibly, to adapt to commercial opportunity, relation and the constraint of instantaneous ten thousand changes in " PC World ".
These characteristics partly or entirely can be used in combination with the present invention that this paper discloses.
One of advantage that the distributed business application provides is, for e-business and other form electronic reciprocation provide comprehensively integrated management and reinforcement service.Distributed business is used these electronic reciprocal effects of supporting; At least in some embodiments need use the equipment and the propagation medium of wide region; Their indefiniteness example comprises; The network of all current forms and form in the future and other communication port, consumer device, computing machine, such as convergent equipment and the optical medium of WebTV, for example CD-ROM and DVD.
The example of access technique
Fig. 3,4A and 4B represent the example of the access technique that player 52 provides.In this example, when dish 100 was loaded into the CD drive 80 (Fig. 4 A, frame 400) of player, player controller 82 can indicate driver 80 to extract secrete key 210 from coiling 100, goes decryption portion or whole encryption key block 208 (Fig. 4 A, frame 402) with them.In this example; Driver 80 is storage key like this; Can they be exposed to player controller 82 (for example key being stored in such as in the crypto key memory 212 based on the secure decryption part interior of the decryption engine of integrated circuit) (Fig. 4 A, piece 404) when making deciphering.Player 52 can Control Driver 80 be read control collection 204 (can encrypt also and can not encrypt) from coiling 100.But player microprocessor 82 analysis and Control collection are ignored or are abandoned the control 222 that those surpass its envelop of function, and will preserve with corresponding permission and/or the digital rights management information of control subclass (for example " duplicating once " control 222 (1)) that it can be implemented.
Player 52 can wait for that then the user files a request through control input 58 and/or telepilot 56.If the control input is duplicate requests (decision block 408 " being " outlet among Fig. 4 A), the just inquiry control 222 (1) of the microprocessor 84 of player judges whether to allow to duplicate; And if allow, what (decision block 410 of Fig. 4 A) is condition be.Then, if corresponding control 222 (1) copy (decision block 410 " denying " outlet among Fig. 4 A), player 52 is just refused replicating disk 100; If corresponding control 222 (1) allows to duplicate (decision block 410 " being " outlet among Fig. 4 A; Decision block 412), just allow to duplicate (for example all information on the Control Driver 80 sequential access dishes 100 and be sent to not shown output port with information).In this example, player 52 when duplicating, can be in the nonvolatile memory of inside (for example in the controller storage 86) or control one of 222 (1) other the local storage that requires and dish 100 identifier associated.The restriction that the identifier of this storage can be used for implementing " duplicating once " by player 52 (for example; If the user attempts repeatedly to duplicate same CD with same player; Or promising control 222 (1) other when attempt of forbidding, player can be refused this request).
If the user asks to play or reads a property 200 (decision block 414 " being " outlet among Fig. 4 A); Player controller 82 just can Control Driver 80 be read corresponding information (order of for example stipulating by metadata 202) from selected property 200; And the decrypts information to reading optionally, decipher the key (frame 416 of Fig. 4 A) the used crypto key memory 212 that after key block 208 is obtained, is stored in driver when being beginning.
Fig. 4 B is a kind of version of Fig. 4 A process, and the situation of its adaptation is that player 52 itself provides the decruption key to encryption key block 208 deciphering.In this example; Controller 82 can provide one or more decruption keys to driver 80; Method is to use a kind of security protocol; Such as the Diffie-Hellman key protocol, or through use that driver links to each other or linked to each other with player 52 with some other systems or all known shared key (frame 403 of Fig. 4 B) of parts.Driver 80 can be deciphered the encryption key block 208 shown in Fig. 4 A center 404 with these keys that provide, and perhaps also can directly decipher the content of protected property 2000 and/or protected metadata 202 (2) and so on the key that is provided.
Another example is, player 52 can be programmed to its duplicate to the digital properties of film of encrypted form and so on is placed in the anti-software container of destroying.Contain a code in this software container, indicating this digital properties is duplicate plate rather than master.The player 52 that sends also can it is own exclusive identifier (perhaps equipment that is intended to receive-such as another player 52, boxlike video player or equipment 50-exclusive identifier) be placed in the identical safety container to realize only on this equipment that is intended to receive, playing the requirement of this duplicate plate.Player 52 (or other receiving equipment) can be programmed to, and does not duplicate (or not extra duplicating) when digital properties is duplicate plate rather than master when detecting.Need, player can be with being programmed to the digital properties that the refusal broadcast is not packed with the exclusive identifier of this player.
Use the example of analog encoding technology
In another example, more comprehensive digital rights management information can be by player 52 coding in simulation output, and method is to adopt watermark and/or fingerprint method.It all is simulation rather than digital that present " real world " has suitable part.Although simulating signal is omnipresent, existing in simulation field management right and the protection method of copyright or very original, perhaps do not have at all.For example:
● how do not stop tens dollars pirate industry in vogue for deterioration intrinsic in the analoging reproduction.
● some attempts to prevent fully that about video-tape copy protection and the method watch protection of paying the content to commercial distribution from duplicating, and perhaps only allows a generation to duplicate.These methods generally are easy to overcome by the people.
● be not that all existing equipments are all made correct reaction to copying protection signals.
● existing scheme for example is confined to " allowing to duplicate/must not duplicate " such control.
● to the copy protection of phonogram as yet not in commercial implementation.
Have one with analog and digital signal between the relevant problem of information translation.Even because of adopting powerful digital rights management technology to receive effective protection and control, the analoging reproduction version of identical information possibly no longer receive safe protection to information at the beginning.
For example, for the somebody, generally be possible to carrying out analogue recording with the program material of digital format distribution at first.Some is fairly good according to the analogue recording quality of digital master.For example, a kind of digital universal disc (DVD) player can become analog format with the movie conversion of digital format, and this simulating signal is offered high-quality simulated domestic videocassette recorder (VCR).Family expenses VCR records this simulating signal.Like this, the consumer has just obtained the high-quality analoging reproduction version to the master digital properties.People can record the simulating signal among the DVD-RAM once more.Under many situation, this recording has suitable quality-and no longer receives the constraint of " paying is watched ", or receives the constraint of other digital rights management control related with the identical content of digital version.
In view of analog format will be followed our long time, the right owner of film studio and so on, image taxi and distribution company, music making company and retail trader and other value chain participant can enjoy a lot the remarkable managing entitlement function that better is used to simulate film, image, sound goods and other content.Address this problem and generally need a kind of method and come really with digital rights management information and protected content associated.
After watermark and/or fingerprint and other right function combinations; " end-to-end " safe rights administrative protection can be provided, allow content provider and right owner to guarantee that their content receives enough protections--regardless of how in the character of type, signal format and the signal Processing of content propagation chain internal unit.The analog machine that this " end-to-end " protection allow to be authorized by easily, seamlessly, high being integrated in the modern managing entitlement structure of expense-usefulness.
Watermark and/or fingerprint for example can contain can be as the control information on the basis of virtual communication environments (" VDE "), and the electronic rights management control information can be transmitted on unsafe (for example simulation) communication port in this virtual communication environments.This virtual communication environments high flexible is convenient; Adapt to existing and new business model; Simultaneously unprecedented flexibility ratio is provided also, especially be convenient between e-business and value chain participant, set up new arrangement and relation-no matter content propagate with numeral and/or analog format.
Watermark combines with distributed reciprocity administrative skill and has many advantages, comprising:
● be used to provide a kind of unsuppressible-suppression and the sightless safety technique of digital rights management information.
● a kind of unsuppressible method that the control of e-business and/or managing entitlement is associated with analog content such as film, image and sound goods.
● the content of the control of commerce and/or managing entitlement and the end to end of broadcasting system lasting related, no matter the quantity of conversion between the signaling format (for example analog-to-digital conversion, number-Mo change) and type are how.
● the ability of regulation " must not duplicate/once duplicate/repeatedly duplicate " managing entitlement rule and more complicated right and transaction pricing model (for example " paying is watched " and other).
● all seamlessly with the integrated ability of comprehensive, general electronic rights management solution.
● with the simulation of mandate and the security control information transmission that other is nonnumeric and/or the non-vital data signal transmission mechanism combines
● in content more complicacy and/or commerce and/or the regular ability of managing entitlement more flexibly, analog-converted are provided when changing for digital or opposite direction.
● will implement commerce new, that upgrade or additional business model and/or simulation that the managing entitlement rule is sent to mandate and/or the flexible ability of digital device.
The use that partly or entirely can combine of these characteristics with the present invention that instructions of the present invention discloses.
In brief; Watermark and/or fingerprint method can be used " hidden " (" steganographical ") technology; Basically unsuppressible-suppression and can not see that basically insight is in information signal in-line coding managing entitlement and/or e-business rule and control; Information signal for example is simulating signal or Analog signals'digitalization (for example sampling) form, and non-limitative example wherein comprises the video and/or audio data, and this information signal is then by local device decoding and use.This analog information and have much with the transmission means of the digital rights management information of shorthand coding, non-limitative example wherein comprises that broadcasting, CATV and/or physical medium one one of them indefiniteness example are the VCR tape.
The use that partly or entirely can combine of these characteristics with the present invention that instructions of the present invention discloses.
Watermark and/or fingerprint method can make some digital rights management information carry out remaining after analog-digital conversion and the digital-to-analog conversion at video and/or out of Memory at least.Like this, in one embodiment, the safe rights management process that two or more simulations and/or digital device can participate in being commissioned and/or the end-to-end tissue of incident.
Embodiment with better function
As stated, the control collection example shown in Fig. 3 B provides a kind of comprehensive, flexible and extendible control collection, can supply player 52 and computer equipment 62 (or other platform) to use, and this depends on particular technology, safety and other function of platform.In this example, player 52 requirement with complicacy because the large-lot production consumer appliance will reduce cost, so have only limited technology and security function, therefore can ignore basically or some of the control 222 that do not provide in the start-up control collection 204 part or all of.In another example, because the cost of storer and/or processor constantly descends, the manufacturer selects to increase the technology and the security function of player 52 possibly.That the more player 52 of function will provide will be more powerful, sound and managing entitlement function flexibly.
Fig. 5 shows the platform 60 that allows to comprise security node 72 and has information and/or device example enhancing and/or different functions of digital rights management information on the use dish 100.Referring to Fig. 5; Security node 72 can be connected to network 150; And player 52 cannot, this makes security node have other great dirigibility at relevant communication security message context, requires or information-related compensation such as order such as inspection clue, the relevant paying.This connection of security node 72 and network 150, (it might be replaced by other the communication technology in any application; Such as the technology of inserting an interchangeable memory bar) allow security node 72 to accept and preserve safely the managing entitlement control information, such as comprise extra control collection 204 ' extra container 206 '.Security node 72 can also use control collection 204 ' or with control collection 204 ' replace control to collect 204 except the control collection 204 that coils on 100 storage is.Security node 72 also can keep the encryption key storer 212 of a safety, by its provide on the replacement dish 100 storage any key 208,210 or key 208,210 outside additional encryption key.Since the raising of safety and/or technical functionality, security node 72 just possibly use player 52 ignore or out of use control collection 204 in control 222--and can control collection 204 ' the basis on be equipped with further and/or the right that strengthens and/or managing entitlement function (they for example can by the user special specify and can be applied to be stored in coil property 200 specific on 100 and/or specific CD collection).
The example of security node access technique
Fig. 6 shows the example (for example it can be carried out by the platform 60 that adopts security node 72) of access technique, and it comprises in this example; Security node 72 extracts property identification informations 220 (frames 502 of Fig. 6) from coiling 100, seek then the control collection that is suitable for and/or rule 204 (they possibly be stored on the dish 100, in the security node 72, security node 72 through in one or more memory locations of network 150 visits and/or these technological any or whole combinations) (frame 504 of Fig. 6).Pack into then necessary decruption key and come decryption information (Fig. 6 center 500) with them as required of security node 72.In an example; Security node 72 obtains necessary key from safety container 206 and/or 206; And they are kept among protected processing environment such as the SPU 164 or are kept in the protected processing environment of a software emulation, and be not exposed to them outside this environment.In another example; Security node 72 can be used key (or its subclass) the pack CD drive of a security key exchange agreement with necessity; Supply disk drive to be used for decryption information, its mode is identical with generation in player 52, to keep the complete compatibility of driver hardware.
Security node 72 can supervisory user input and according to action that specific control collection 204,204 ' execution is asked.For example when receiving a user and ask; Security node 72 can inquire about control collection 204,204 '; To confirm its action (Fig. 6 center 508) that whether allows the user to ask,, whether carry out the required condition of this requested operation and be met (Fig. 6 center 510) if allow.In this example; Security node 72 can start to satisfying the necessary operation of any this required condition; This operational example as; In the stored value card of subscriber's local storage, keep accounts, through network 150 ask an account to keep accounts, obtain safely and/or the inspection user certificate with guarantee this user belong to appropriate users class or he and honour one's word or the like-words of needs can use network 150 (Fig. 6 center 510).When the condition that is necessary all satisfies; Security node 72 is just carried out institute's requested operation (and/or going executable operations with microprocessor 154) (for example discharging content); Generate the safety inspection record then; This record can be preserved by security node, and/or at this moment or later on through network 150 reports (Fig. 6 center 512).
If institute's solicit operation is to discharge content (for example this content once being duplicated), platform 60 (perhaps going up the player 52 in the example) is just at least partly carried out institute's requested operation according to the specific control of this content being implemented right.For example; This control can stop platform 60 to discharge content to the equipment that some can not be used to duplicate beyond the output device of particular type of this content, perhaps lets it be unfavorable for that with a kind of the mode of duplicating discharges content and (for example on duplicate, embeds " fingerprint " of expression duplicator identity; Have a mind to reduce the quality that is released content, make to it duplicate with low quality, or the like).A concrete example is that a videocassette recorder that links to each other with platform 60 (do not give among the figure and illustrating) can be the output device that is used to duplicate.If duplicate because current analog machine series such as videocassette recorder carries out many generations; Will inevitably greatly reduce quality, so the content provider can provide and allows content by this analoglike device replication but do not allow the control (not reducing quality because digital device can unrestrictedly duplicate) of being duplicated by digital device.For example; Platform 60 is under the numerically controlled control that security node 72 is preserved; Only to this platform a digital ID is provided at videocassette recorder; When representing that this output device is a videocassette recorder, just confirm that this output device is an analog machine that quality is lower, otherwise can refuse to provide any output only if can discharge content-this digital ID to videocassette recorder.Perhaps another kind of in addition optional way is, platform 60 can deliberately reduce the quality of the content that provides to videocassette recorder, and is unacceptable to guarantee the quality that the second generation duplicates.In another example, can be by platform 60 usefulness watermarks and/or the more comprehensive digital rights management information of fingerprint technique coding in simulation output.
Other example that safety container uses
Fig. 7 be expression according to the present invention, contain a ground instance of the dvd media 700 of a safety container 701 that is used for using at DVD.Shown in this example, container 701 (" DigiBox of DVD ") can be specially for being used for the professional version of " standard " container that DVD and/or other media design, and perhaps also can be (scheme as shown in Figure 8) complete " standard " container.Shown in this example, professional container 701 has such characteristics, promptly allow its with content information, metadata and dvd media 700 on the encryption and/or the protection information of storage be used in combination, used just the same when its mode does not exist as container 701.Like this, professional container 701 possessed with DVD and/or other medium on the available data form that uses and the compatibility of tissue.In addition, can professional container 701 be customized to and only support those to be used to support DVD and/or the necessary characteristics of other medium, so that can use than support fully the needed more powerful or more not cheap computational resource of " standard " container object to handle and/or control.
In this example; Specialty " only DVD " container 701 comprises content object (property) 703; The latter comprises " external reference " 705 of pointing to video title content 707, and it can be stored in DVD and/or other medium with the same way as of the used that kind of the medium that does not comprise container 701.Video title content 707 can comprise MPEG-2 with or AC-3 content 708, and upset (protection) information 710 and stem, structure and/or metadata 711.The information that external reference 705 contains can be specified (point to, identify and/or describe) the specific external process that will use or carry out in order to use the out of Memory of not storing on content and the container 701.In this example, external reference 705 designated title contents 707 and parts 708,710 and 711 thereof.Another kind of way is, container 701 can container self EMS memory storage video title content partly or entirely, used form is special-purpose a kind of form and a tissue of container 701, rather than the used form of DVD and/or other medium 700.
In this example, container 701 also comprises a controlling object (control collection) 705, and its regulation is used 707 rules that will use of video title content.Shown in solid line arrow 702, controlling object 707 " is applied to " content object (property) 703.Shown in this example, rule 704 can stipulate the protection process that will apply, for example CGMA or Matsushita data perturbation process, and can pass through regular 704 contained external references 709, specify in data perturbation information 710 used when carrying out protection scheme.Expression that cutline in the rule 704 " is carried out CGMA "; The standard C GMA protection scheme that this rule request will be used for content on the dvd media is used in combination with video title content 707; But in the different example except " carry out CGMA " rule; Can also in controlling object 705, stipulate any Else Rule; Perhaps any Else Rule of regulation replaces " carrying out CGMA " rule in controlling object 705, and this any Else Rule comprises other standard DVD protection mechanism, such as Matsushita data perturbation scheme and other managing entitlement mechanism.External reference 709 allows rule 704 to be based upon on the basis of protection information 710, the form of its storage and control and mode with do not contain container 701 and/or only in the context of container handling 701 DVD of the significant protection information of ability identical.
The example of representing Fig. 8 contains the dvd media 800 of " standard " safety container 801.In this example; " standard " container provides all functions (if necessary) of Fig. 7 container, but can also provide additional and/or than getable managing entitlement widely and/or content functions of use on " only DVD " container (function of for example operating with the various different platforms of node safe in utilization).
Fig. 9 representes the dvd media 800 that an example is more complicated; The volumetric standard 901 that it has provides all functions (if necessary) of Fig. 7 container; And can work with other volumetric standard 902, no matter this other volumetric standard 902 is positioned on the identical dvd media or from another telesecurity node or network the samely.In this example, volumetric standard 902 can comprise a replenishment control object 904 that applies to the content object 902 of volumetric standard 901.Equally in this example, container 902 can provide additional rule, and such as a kind of rule of permission/expanded rights, it allows the content on the DVD 900 is carried out duplicating of certain number of times (for example 5 times).This scheme has increased between a plurality of platforms the dirigibility of the managing entitlement of dvd content being controlled through visit " back passage " (such as the hardware that can communicate by letter with other network or computer bidirectional through STB or other).
Tool is with other purposes of the DVD dish of safety container
Figure 10 represent to use " new " DVD coil-be the DVD dish that includes special DVD safety container in the medium.In an example, this container uses under two kinds of possible situation: first kind of situation is that what to use CD is " old-fashioned " player (DVD equipment promptly is not equipped with the DVD equipment that the security node of managing entitlement is provided according to the present invention); Second kind of situation be, what use CD is " new-type " player-promptly be equipped with DVD equipment that the security node of managing entitlement is provided according to the present invention.In this example, the security node in " new-type " player has disposed necessary function and has handled other copy protection information, for example CGMA control code and the data perturbation form that is mainly proposed and developed by Matsushita company.
For example, under situation shown in Figure 10, " new-type " player (it contains according to security node of the present invention) can be discerned the existence of safety container on dish.So player should special use DVD safety container from the dish resident security node of packing into.Security node is opened this container, and through using the rule from controlling object, realize and/or implement suitable rule and with the consequences for use of relevance.These rules are very flexible.In an example, rule for example can be called other protection mechanism (wherein for example, the data perturbation method of CGMA protected code and Matsushita company), and the latter can find in content (or property) part of container.
In another example shown in Figure 10, the special-purpose DVD container on the dish still allows " old-fashioned " player to use the content material according to the operable predetermined limits quantity of routine.
Do not have security node DVD dish make use-case
Referring now to Figure 11,, another kind of situation is discussed.Figure 11 represent to have two kinds can applicable " old-fashioned " DVD dish make use-case: in first example, what use CD is " old-fashioned " player-promptly be not equipped with DVD equipment that the security node of managing entitlement is provided according to the present invention); In second example, what use CD is " new-type " player (promptly being equipped with security node).
Under first kind of situation, broadcast dvd content by usual manner in " old-fashioned " player.Under second kind of situation, " new-type " player will identify and in medium, not store a container.So it just makes up " virtual " container in the resident memory of equipment.For this reason, it makes up a container contents object, and makes up a controlling object that contains suitable rule.In a specific examples, the unique applicable rule that it need be used be " carry out CGMA "-but in other example, can adopt more and/or different rules.The security node that then virtual container is offered in " new-type " player goes to carry out according to use managing entitlement of the present invention.Although not expression also can provide the use of " external reference " in Figure 10 and 11 in the virtual and non-virtual container that in the DVD context, uses.
Being used for sharing the exemplary device with right combination intermediary when operating between at least or under the situation about connecting gives an example.
As stated, can the managing entitlement resource of several distinct devices and/or other system be made up according to different logical and/or physical relation flexibly, thereby for example produce more and/or different rights.The combination of this managing entitlement resource can be through realizing with being connected of one or more long-range managing entitlement mechanism.Figure 12~14th, some the indefiniteness examples how expression managing entitlement mechanism uses in various contexts.
For example, Figure 12 shows an intermediary of managing entitlement mechanism 1000 that is connected with Local Area Network 1002.The words that LAN 1002 needs can be connected to wide area network.LAN 1002 connects any amount of equipment with intermediary of managing entitlement mechanism 1000, wherein for example player 50, PC 60, CD " tower " type server 1004.LAN 1002 comprises a modulator-demodular unit group (and/or network protocol service device, expression among the figure) 1006 in illustrated example, and its allows laptop computer 1008 to link to each other with intermediary of managing entitlement mechanism 1000 through dial-up telephone line 1010.In addition, laptop computer 1008 can be taked other network and/or communicator with being connected also of intermediary of managing entitlement mechanism 1000, for example the Internet and/or other wide area network (WANs).Disc player 50A can link to each other in that the user is above-knee with laptop computer 1008.According to above narration, any or all equipment among Figure 12 can comprise one or more security nodes 72.
The arbitrator and/or the coordinator of right can serve as in intermediary of managing entitlement mechanism 1000.For example, laptop computer 1008 possibly have only limited use right with relevant player 50A when being in separate configurations.Yet; When laptop computer 1008 is connected intermediary 1000 of managing entitlement mechanism through modulator-demodular unit group 1006 with LAN 1002 and/or through other communicator; This laptop computer just can obtain the right different and/or expansion of use dish 100 (for example can visit different content parts; Different prices, different extractions and/or propagate right again, or the like).Similarly, player 50, equipment 60 and equipment 1004 also can through on LAN 1002 with the communicating by letter of intermediary of managing entitlement mechanism 1000, what be equipped with an enhancing uses right to gather with/different CD.Preferably, guarantee to communicate by letter with the dealing of intermediary of managing entitlement mechanism 1000 through the container of the type that discloses in the patent specification that uses the people such as Ginter that preceding text quote.
Figure 13 representes the use of another example intermediary of managing entitlement mechanism 1000 in home environment.In this example, laptop computer 1008 can be through high-speed serial I EEE 1394 buses and/or through other communicator, are connected with intermediary of managing entitlement mechanism 1000 based on family.In addition, intermediary of managing entitlement mechanism 1000 can link to each other with following any or armamentarium:
● high-definition television 1100
● one or more loudspeakers 1102 or other tonepad
● one or more PCs 60
● one or more STBs 1030
● one or more Disc players 50
● one or more 1000A~1000N of other intermediary of managing entitlement mechanism
● any other family expenses or consumer device
The above-mentioned equipment of enumerating is any or all can comprise a security node 72.
Figure 14 representes another example use of intermediary of managing entitlement mechanism 1000.In this example, intermediary of managing entitlement mechanism 1000 connects a network 1020, such as LAN, wide area network, the Internet or the like.Network 1020 can provide intermediary of managing entitlement mechanism 1000 with following any/or being connected of armamentarium:
● one or more connections or the Disc player 50A, the 50B that connect once in a while;
● the computing machine 1022 of one or more networkings;
● one or more disc reader tower/servers 1004;
● one or more laptop computers 1008;
● one or more such as the commercial systems for applications (" reliable basis structure ... " instructions of the people such as Shear that referring to preceding text quote) of right with the permission switching station;
● one or more satellites or other communication uplink 1026;
● one or more cable television head ends 1028;
● one or more STBs 1030 (can be connected to satellite downlink 1032 and/or Disc player 50C);
● one or more personal computer equipments;
● one or more portable optic disk players 1034 (can connect, directly and/or break off once in a while) through miscellaneous equipment;
● the 1000A~1000N of intermediary of one or more managing entitlement mechanism;
● any other equipment needed thereby.
The above-mentioned equipment of enumerating is any or all can comprise a security node 72.Intermediary of managing entitlement mechanism 1000 can distribute and/or make up right, is used by any or all other parts shown in Figure 14.For example, intermediary of managing entitlement mechanism 1000 can provide further safe rights management resource to the equipment that is connected with intermediary through network 1020.A plurality of equipment shown in Figure 14 can be participated in and in permanent or temporary transient network 1020 co-operation that connect, shared the managing entitlement of single node.With use and/or right that litigant and/or the group of this a plurality of equipment and/or other system of controlling is related can be used according to the potential rule of being correlated with right and control.For instance; The right that can obtain through company manager's laptop computer 1008 can combine with one or more subordinate office workers' of company right with certain mode; Perhaps replace the latter, condition is that office worker's computing machine or miscellaneous equipment 60 is connected to network 1020 with interim networking relation.In general, this aspect of the present invention allow the distributed managing entitlement of DVD or otherwise encapsulate and send receive content distributed, the reciprocity administrative protection.No matter DVD equipment or other content are used equipment whether to add permanent or temporary transient network 1020, the equipment of no matter participating in distributed managing entitlement arrangement and/or the relation between other system that connects whether to be temporary transient or to have more lasting operative relationship that this distributed managing entitlement can both move.
For example, laptop computer 1008 can have the operation of equipment looked place context and fixed obtainable different right.For example, in such as main office's environment shown in Figure 12, laptop computer 1008 can have a right set.Yet when identical laptop computer 1008 is cooperated with other people and/or group in the company, when being connected to more comprehensive network 1020, can be endowed a different right set.When identical laptop computer 1008 is connected in the general home environment, can be endowed another different rights set shown in example among Figure 13.When identical laptop computer 1008 is connected in other environment, can be endowed more different right set, the indefiniteness example of this other environment is:
● with specify the individual/or the home environment cooperated of group,
● retail environment,
● as student's classroom device,
● the classroom device of in library environment, cooperating with a teacher,
● factory's flooring,
● with factory's flooring of the device cooperation that can carry out proprietary feature, or the like.
As particular example more; To link to each other with the network computer (NC) 1022 that the charge is small such as the limited resources apparatus of the equipment of DVD shown in Figure 14 50; Can allow the peculiar right of managing entitlement function and/or litigant and/or equipment to be enhanced (or replacement), method is to permit part and/or whole right and/or managing entitlement function and network or the combined result of personal computer (NC or PC) that managing entitlement is a DVD equipment.This right can further be strengthened or replaced owing to the availability of the managing entitlement function that is provided by reliable (safety) telecommunication network managing entitlement mechanism 1000.
In example of same equipment is DVD equipment 50; So just can support the different arrangements of managing entitlement function in disconnection and the coupling arrangement; For example in various degree, and allow to produce available right from the right that produces by managing entitlement equipment and/or other system in combination and/or the availability of managing entitlement function.This can comprise through use one " more no " safety and/or the equipment of natural resources shortage or one or more combinations of the part or all of right that system obtains; Wherein " more no " safety and/or equipment of natural resources shortage or system through safety with one " more " or safety " degree is different " and/or resourceful and/or have the equipment of different rights or the connection of system is enhanced, replaces or revises, wherein this connection adopt one of them equipment and/or these two equipment, the right dependency rule of sharing the managing entitlement arrangement and the right and/or the management function of control described.
Under latter event; Be connected in logic and/or physically long-range managing entitlement function, can expand (for example increasing available safe rights management resource) and/or change DVD equipment 50 or the characteristic of the user's of the DVD equipment that links to each other with NC 1022, PC 60 and/or long-range managing entitlement mechanism 1000 available right.In the situation that this right strengthens, extra content part can obtain, and price can change, and propagates right again and can change (for example being expanded), and the contents extraction right can obtain increasing, or the like.
This " networking managing entitlement " can allow the combination of the managing entitlement resource of a plurality of logics and/or the panoramic equipment of physical relation and/or other system; Through with the enhancing resource that provides that is connected of one or more " long-range " managing entitlement mechanism; Produce bigger right, or produce different rights.In addition; When managing entitlement functions increase and/or different and/or right are provided; Thisly can also support the content availability in many places, method to provide long-range available content-for example in long-range, the content of storing in based on the World Wide Web of the Internet content memorizer (world wide web), supporting database-coil the seamless integrated of local content on 100 with one or more DVD based on the managing entitlement arrangement that connects.
In this instance; The user can not only experience rights increase or different, and can use local dvd content and supplemental content (promptly more popular from the time viewpoint, be worth higher, more variation or say content with complementarity or the like from other meaning).In this case; The user of DVD equipment 50 and/or DVD equipment (or miscellaneous equipment or system of connecting with this equipment) can be applied to the content that Local or Remote can be used with identical right, discrepant and/or different rights, and the part of local and long-range available content can be limited by discrepant or different rights in by user and/or equipment use the time.Thisly arrange to support greatly to increase generally that the user can effectively obtain by the chance of seamless integrated user content in content retrieval and/or use activity.
The telemanagement mechanism 1000 of this enhancing right can use modulator-demodular unit (seeing the item 1006 among Figure 12) to be directly connected to DVD equipment 50 and/or miscellaneous equipment; And/or through (for example using such as the I/O interface of serial 1394 compatible controllers; Through can be with communicating by letter between the 1394 DVD equipment that start and the local PC; Wherein, PC is useed an intelligent synchronization or asynchronous information communication interface as; Connect one or more telemanagement mechanism, comprise as the local PC 60 or the NC 1022 that strengthen and/or provide the local right management structure of managing entitlement in the DVD equipment) and/or through such as other digital communication apparatus wired and/or that wireless network connects, directly or indirectly connect.That the DVD equipment 50 of participant and/or participation or other system are provided, buy or can between this reciprocity relevant device and/or other system, exchange one as long as their participate in the network 1020 of a permanent or temporary transient connection with the right that other method obtains.In this case; As long as this kind equipment and/or other system participate in right management system; The virtual communication environments of for example describing in people's patent such as Ginter; And adopt the subrogation and other managing entitlement function wherein described, then right just can be by barter business, betray, otherwise have valency exchange and/or taxi.For example, this aspect of the present invention allows the litigant to exchange recreation or the film that they have bought right.Still in this example; The someone can buy the right that a part is watched film from neighbours; Maybe will transferring another from the credit received of recreation publisher, credit is provided is for the super several acquaintances that propagate into that will plays, and this credit can be transferred the possession of (exchange) to certain friend, to have bought this friend's part right; Different recreation is played on certain number of times ground, or the like.
The example of virtual right process
In the process that Figure 15 A~15C representes, the managing entitlement parts of two or more equipment or miscellaneous equipment set up one with an incident, operation and/or the related virtual right machine environment of other action.This process has many Starting mode.In an example; Equipment user (and/or representative of consumer, user group and/or automatically perform the computer software of the system of action) with first equipment carry out an action (for example ask a safety container of this device plays content, extract a part of content element, move a protected computer program; Authorize a operation on a workflow process step, the instrument that starts the machine, play a song bent or the like), cause startup (Figure 15 A center 1500) with managing entitlement parts of this first device association.In other example, the startup of this process follows an incident that automatically generates (for example according to certain time of one day or the like), one at random or pseudorandom incident and/or this type incident and user start the combination of incident.
Process Once you begin; The managing entitlement parts, (SPE and/or the HPE that for example disclose in people's patent such as Ginter) just confirms such as security node 72, should move; This user can use which right (Figure 15 A center 1502) with this first device association, if any.The coordination that the action that the managing entitlement parts are also confirmed can to use with the user who is positioned at miscellaneous equipment wholly or in part is related and/or the right (Figure 15 A center 1502) of cooperation.
In an example, the method for carrying out these steps is to send a request safely to give managing entitlement authority server 1000, identifies first equipment, intends character and the necessary or required out of Memory of this managing entitlement authority server of carrying out action.This out of Memory for example comprises:
● the date and time of request,
● user's identity,
● the character that network connects,
● acceptable operating lag or the like, and
● any out of Memory.
1000 pairs of these request responding of managing entitlement authority server are to beam back a tabulation (or other suitable structure) to first equipment.This tabulation for example can contain the sign of miscellaneous equipment, and they maybe possibly have relevant right and/or the right relevant information of carrying out with this plan of action really.
In another embodiment, first equipment can be with request notice (for example polling) network to miscellaneous equipment, and this miscellaneous equipment has really maybe possibly have relevant right and/or the right relevant information of carrying out with this plan of action.Less relatively and/or not during frequent variations when number of devices, polling is desirable.When the function of right authority server 1000 was distributed on several equipment, polling also was desirable.
In this example, can check then that with the managing entitlement parts of first device association the equipment that maybe possibly have right relevant with this action and/or right relevant information and/or the user's security level (and/or type) (Figure 15 A center 1506) of miscellaneous equipment are arranged really.This step for example can be carried out according to the safe level of the Patent publish of Silbert and Van Wie and/or authority of a user, safe name service and the safety communication technology of people's Patent publish such as device type administrative skill and Ginter.Equipment and/or user security level really usual practice as can be all or part of according to equipment and/or user class.
The managing entitlement parts can determine then whether each miscellaneous equipment and/or user have enough safe level, form right set and/or the right relevant information (Figure 15 A center 1508) related with this action with cooperation.After each equipment assessed, possible some equipment and/or user had enough safe level, and other does not then have.In this example; If there are not enough safe level (" denying " outlet of decision block 1508); The managing entitlement parts can be created an inspection record (the for example inspection record of the form of people's Patent publish such as Ginter) (Figure 15 A center 1510), and terminal procedure (Figure 15 A center 1512).This inspection record is used for or is transferred to a responsible management organization immediately, or the storage in this locality, later on transmission again.The inspection record step for example can comprise, increases progressively the counter (such as in people's patents such as Ginter and the counter summary service association) of a record security level fault.
If equipment/or the user have the safe level (frame 1508 " being " outlet) of requirement, the managing entitlement parts in this example are just further judged (Figure 15 B center 1514) according to equipment and/or user class and/or other configuration and/or characteristics.This judgement can be according to any amount of factor, such as:
● equipment has only through the not enough network interface of a handling capacity and could visit;
● general its resource of the equipment of this type is not enough to accomplish the maybe relevant portion of this action of this action, perhaps has acceptable performance, quality or other characteristics;
● because various conditions, user class suitable (these conditions for example: age, security clearance, nationality, the administration of justice or any other class-based or other user's characteristics); And/or
● other factors.
For instance, the part method of the execution of decision block 1514 is, proposes a selection to the user, and the user refuses this selection.
If the process in the managing entitlement parts is confirmed this equipment and/or user class unsuitable (" denying " outlet of frame 1514); If desired or the words of hoping; The managing entitlement parts are write an inspection record (Figure 15 B center 1516), and process can finish (Figure 15 B center 1518) then.
But; Continue (" being " outlet of frame 1514) if the managing entitlement parts are confirmed this equipment and/or user class is suitable, the managing entitlement parts can confirm to carry out used right and the resource (Figure 15 B center 1520) of action on first equipment and other coefficient equipment.The execution of this step for example can be adopted arbitrary or whole treatment technology of people's Patent publish such as Ginter.For example, methodological function can comprise can work out an event handling function to the request of each relevant devices, this request to describe with move or part action is relevant, overall or partly be suitable for potentially by the information of this outfit of equipment or section processes.In this example, this type request and relevant response can be managed with the exchange method technology of people's Patent publish such as Ginter.If this reciprocation needs more information; Perhaps the result is indeterminate; Then the managing entitlement parts for example just can with telex network; Allow the user to select, for example in various selections available, that function is different, select, and/or the managing entitlement parts can carry out the negotiation negotiation technology of people's Patent publish such as Ginter (for example with) of a relevant resource, right and/or right relevant information.
Next step judges whether that enough rights and/or resource can be used for carrying out the action (decision block 1522 among Figure 15 B) of being asked the managing entitlement parts.If can be used for carrying out the right and/or the resource not enough (" denying " outlet of frame 1522) of this action, the managing entitlement parts are just write an inspection record (Figure 15 B center 1524), finish this process (Figure 15 B center 1526) then.
In this example, if having enough rights and/or resource can use (" being " outlet of frame 1522), the managing entitlement parts are just judged, in order to accomplish whole action, whether also will be handled other incident (Figure 15 B center 1528).For example, if can not get necessary right of execution and/or resource, the part that possibly hope only to carry out whole action.If desired and/or require more incident (frame 1528 " being " outlet), the managing entitlement parts can repeat frame 1520,1522 (possibly also carry out frame 1524,1526) to each this incident.
If have enough rights and/or resource to can be used for each incident (" denying " outlet of frame 1528); Then if desired or require, the managing entitlement parts just provide one about moving the selection (Figure 15 B center 1530) of required right and/or other available alternative of resource to carrying out this to the user.In addition and/or method in addition be that the managing entitlement parts rely on user's preference information (and/or default information) representative of consumer " automatically " to make this judgement (for example overall expenses, performance, quality or the like).In another embodiment, can utilize class of subscriber to filter or otherwise assist in possibility and make one's options.In another embodiment, can adopt artificial intelligence (for example comprising expert system technology) to assist in possibility makes one's options.In another embodiment, can above-mentioned (and/or other) combinations any or whole technology be used for this selection course.
If right and/or resource are not had other selection of acceptable; Perhaps since other negative factor of selection course (for example; " cancellation " button, user interaction procedure that the user presses in the graphic user interface have surpassed regulation pot life of selecting or the like) (" denying " outlet of frame 1530); The managing entitlement parts are just write an inspection record (Figure 15 B center 1532), finish this process (Figure 15 B center 1534) then.
But; If the one or more acceptable right that selection course has confirmed to be used to carry out action is sure (" being " outlet of frame 1530) with/resource group and handled judgement; The managing entitlement parts just use first equipment or first equipment to carry out the action of intending execution, (Figure 15 C center 1536) with the combination of any miscellaneous equipment (for example managing entitlement mechanism 1000 or any equipment that other links to each other) separately according to selected right and/or resource.For example comprise intending this cooperation execution of carrying out action:
● carry out the part or all of of this action with first equipment;
● carry out the part or all of of this action with the one or more miscellaneous equipments (for example managing entitlement mechanism 1000 and/or some miscellaneous equipments) beyond first equipment;
● with the part of first this action of equipment execution, one or more miscellaneous equipments are carried out the part of these actions; Perhaps
● any combination of aforesaid way.
For example, this step can be carried out with the event processing that discloses in people's patents such as Ginter.
For instance, first equipment possibly have the required whole resources of completion particular task (for example reading certain information from CD), but does not accomplish the right of this required by task.In this case, first equipment obtains other right that it carries out this required by task through above-mentioned steps.In another illustrative example, first equipment possibly have the required whole rights of the particular task of completion, but does not accomplish the resource of this required by task.For example, first equipment possibly not have enough hardware and/or software resource to can be used for access, processing or uses information with some mode.In this example, step 1536 can or partly or entirely be carried out according to the equipment of right that first equipment provides partly or entirely by some miscellaneous equipment.In another example, first equipment will be carried out certain action and not only lack essential right but also lack essential resource, relies on one or more miscellaneous equipments that this resource and right are provided possibly.
In this example, the managing entitlement parts are write one or more inspection records (Figure 15 C center 1538) when release, finish this process (Figure 15 C center 1540) then.
This paper has described a kind of device; But it has not only fully satisfied the requirement of current show business to the copy protection scheme of the digital video disk of low expense large-scale production or other huge capacity compact discs, is used for more advanced person and/or enhancing security platform and that be used for the cooperation managing entitlement between less, the more and/or different equipment of right resource, extendible managing entitlement function but also provide.Although the present invention combines to it seems at present that most realistic, the most desirable embodiment describes, should be understood that the present invention is not limited to the embodiment that is disclosed, on the contrary, be intended to comprise various improvement and the equivalent arrangements that is comprised by the spirit and scope of the present invention.

Claims (13)

1. electronic equipment that is used for access, duplicates or uses the shielded numerical information of storing on the portable storage media, said electronic equipment comprises:
Be configured to read the optic disk driver of shielded numerical information from said portable storage media; And
Be connected to the secure processing units of the anti-destruction of said optic disk driver with communication mode; The secure processing units of said anti-destruction is configured to from portable storage media to extract the property identification information, finds out suitable control collection, the necessary decruption key of packing into, as required use decruption key come that input and the basis of decryption information, supervisory user are associated with shielded numerical information, be stored in control collection and extra control collection on the portable storage media and confirm to be stored in the action whether control collection and extra control collection on the portable storage media allow the user to ask; If be allowed to and when all necessary conditions are met, carry out the action of being asked so that allow said electronic equipment to use shielded numerical information.
2. electronic equipment as claimed in claim 1; Wherein, The secure processing units of said anti-destruction is configured to obtain the identification information of the shielded numerical information of storing on the said portable storage media; And the secure processing units of wherein said anti-destruction is connected to a network, and is configured at least partly obtain control collection through said network from remote site based on said identification information.
3. electronic equipment as claimed in claim 2, wherein, said remote site comprises right and permission clearing house.
4. electronic equipment as claimed in claim 1; Wherein, the control collection that is stored on the portable storage media comprises that one or more permission records, one or more budget and/or one or more method, the control collection that perhaps is stored on the portable storage media provide one or more encryption keys, one or more content designator and one or more control that is applied to distinct device and/or equipment class.
5. electronic equipment as claimed in claim 1 wherein is used for one or more keys that the content decryption key of one or more encryptions of storing on the said portable storage media is deciphered are stored in said optic disk driver.
6. electronic equipment as claimed in claim 1; Wherein, said control collection comprises one or more controls of from following group, selecting: the control of the said shielded numerical information of copy, only allow to duplicate once said shielded numerical information control, allow to duplicate repeatedly said shielded numerical information control, allow certain user or certain type of user to play the control of said shielded numerical information and allow certain user or certain type of control that the user extracted or took passages the said shielded numerical information of at least a portion.
7. an access, duplicate or the method for the shielded numerical information using to store on the portable storage media, said method comprises:
Receive access, duplicate or use the request of shielded numerical information from the user of electronic equipment;
Utilize the secure processing units of the anti-destruction of said electronic equipment; From portable storage media, extract the property identification information, find out suitable control collection, the necessary decruption key of packing into, as required use decruption key come that input and the basis of decryption information, supervisory user are associated with shielded numerical information, be stored in control collection and extra control collection on the portable storage media and confirm to be stored in the action whether control collection and extra control collection on the portable storage media allow the user to ask; If be allowed to and when all necessary conditions are met, carry out the action of being asked so that allow said electronic equipment to use shielded numerical information.
8. method as claimed in claim 7; Wherein, the control collection that is stored on the portable storage media comprises that one or more permission records, one or more budget and/or one or more method, the control collection that perhaps is stored on the portable storage media provide one or more encryption keys, one or more content designator and one or more control that is applied to distinct device and/or equipment class.
9. method as claimed in claim 8, wherein, control allows to duplicate once said shielded numerical information and is used for backup.
10. method as claimed in claim 9, the request of wherein, visiting, duplicate or use shielded numerical information are the requests of duplicating said shielded numerical information, and said method also comprises:
Confirm that said control allows to duplicate said shielded numerical information;
Said shielded numerical information is duplicated.
11. an access, duplicate or the method for the protected digit content item that uses to store on the movable storage medium, said method comprises:
In the driver of electronic equipment, hold said movable storage medium; Said movable storage medium is stored said protected digit content item and the control collection of one or more controls is provided, and said control regulation is duplicated once or the usage of the said protected digit content item of copy;
From movable storage medium, extract the key of hiding;
Store when said key makes deciphering and can said key be exposed to said electronic equipment;
Read said control collection;
Said control collection is analyzed;
Ignore impracticable at least one control of said electronic equipment;
Safeguard that at least one that can implement with said electronic equipment control corresponding permission and/or digital rights management information; And
Reception is from user's request,
If described request is a duplicate requests, then inquiry control judges whether to allow to duplicate, if be allowed to, then carry out and duplicate the protected digit content item that is stored on the movable storage medium,
If described request is to use request, then from movable storage medium, reads corresponding information and use said key to decipher the information that is read as required.
12. method as claimed in claim 11; Wherein, Described request comprises the request of duplicating said protected digit content item, and at least one control that can implement of wherein said electronic equipment comprises that regulation can duplicate the control of said protected digit content item, and said method also comprises:
Said protected digit content item is duplicated.
13. an electronic equipment comprises:
Be used to read the optic disk driver (80 ') of the shielded numerical information of storing on the portable storage media;
Be used for receiving access, duplicate or using the requesting users interface (66,68) of shielded numerical information from the user of electronic equipment;
The anti-secure processing units (72 or 164) that destroys; Be configured to from portable storage media to extract the property identification information, find out suitable control collection, the necessary decruption key of packing into, as required use decruption key come that input and the basis of decryption information, supervisory user are associated with shielded numerical information, be stored in control collection and extra control collection on the portable storage media and confirm to be stored in the action whether control collection and extra control collection on the portable storage media allow the user to ask; If be allowed to and when all necessary conditions are met, carry out the action of being asked so that allow said electronic equipment to use shielded numerical information; And
The display that presents said shielded numerical information to said user.
CN2006101014647A 1996-05-15 1997-05-15 Method and device for obtaining controlled content or information in DVD disc and method for operating DVD device Expired - Lifetime CN1908922B (en)

Applications Claiming Priority (14)

Application Number Priority Date Filing Date Title
US1772296P 1996-05-15 1996-05-15
US60/017722 1996-05-15
US1813296P 1996-05-22 1996-05-22
US60/018132 1996-05-22
US69971296A 1996-08-12 1996-08-12
US08/689,754 US6157721A (en) 1996-08-12 1996-08-12 Systems and methods using cryptography to protect secure computing environments
US08/699712 1996-08-12
US08/689754 1996-08-12
US08/689606 1996-08-12
US08/689,606 US5943422A (en) 1996-08-12 1996-08-12 Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels
PCT/US1996/014262 WO1998010381A1 (en) 1996-09-04 1996-09-04 Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing, and rights management
USPCT/US96/14262 1996-09-04
US3793197P 1997-02-14 1997-02-14
US60/037931 1997-02-14

Related Parent Applications (2)

Application Number Title Priority Date Filing Date
CNB971964874A Division CN1139067C (en) 1996-05-15 1997-05-15 Cryptographic method, apparatus and systems for storage media electronic rights management in closed and connected appliances
CNB021605947A Division CN100470653C (en) 1996-05-15 1997-05-15 Method and device for obtaining DVD disc controlled content or information and method for controlling DVD device

Publications (2)

Publication Number Publication Date
CN1908922A CN1908922A (en) 2007-02-07
CN1908922B true CN1908922B (en) 2012-11-07

Family

ID=37700034

Family Applications (3)

Application Number Title Priority Date Filing Date
CNB2006101014632A Expired - Lifetime CN100501713C (en) 1996-05-15 1997-05-15 Method and device for acquiring controlled content and information of DVD, method for operating DVD apparatus
CN200610101460.9A Expired - Lifetime CN1908921B (en) 1996-05-15 1997-05-15 Method and device for obtaining controlled content or information in DVD disc and method for operating DVD device
CN2006101014647A Expired - Lifetime CN1908922B (en) 1996-05-15 1997-05-15 Method and device for obtaining controlled content or information in DVD disc and method for operating DVD device

Family Applications Before (2)

Application Number Title Priority Date Filing Date
CNB2006101014632A Expired - Lifetime CN100501713C (en) 1996-05-15 1997-05-15 Method and device for acquiring controlled content and information of DVD, method for operating DVD apparatus
CN200610101460.9A Expired - Lifetime CN1908921B (en) 1996-05-15 1997-05-15 Method and device for obtaining controlled content or information in DVD disc and method for operating DVD device

Country Status (1)

Country Link
CN (3) CN100501713C (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9589124B2 (en) 2014-05-29 2017-03-07 Comcast Cable Communications, Llc Steganographic access controls

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5502766A (en) * 1992-04-17 1996-03-26 Secure Computing Corporation Data enclave and trusted path system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1038787C (en) * 1994-10-12 1998-06-17 联华电子股份有限公司 method and device for software protective lock

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5502766A (en) * 1992-04-17 1996-03-26 Secure Computing Corporation Data enclave and trusted path system

Also Published As

Publication number Publication date
CN1908921A (en) 2007-02-07
CN1908921B (en) 2014-09-03
CN1916878A (en) 2007-02-21
CN100501713C (en) 2009-06-17
CN1908922A (en) 2007-02-07

Similar Documents

Publication Publication Date Title
CN100470653C (en) Method and device for obtaining DVD disc controlled content or information and method for controlling DVD device
US20150006403A1 (en) Cryptographic methods, apparatus and systems for storage media electronic rights management in closed and connected appliances
US20100174652A1 (en) Cryptographic methods, apparatus and systems for storage media electronic right management in closed and connected appliances
US20060206397A1 (en) Cryptographic methods, apparatus and systems for storage media electronic right management in closed and connected appliances
EP1405148B1 (en) Secure super distribution of user data
CN1908922B (en) Method and device for obtaining controlled content or information in DVD disc and method for operating DVD device
KR20030047559A (en) System for production and regeneration of encrypted file regardless of a media players
RU2251146C2 (en) Copy protection system for digital data
RU2287851C2 (en) Distribution device, terminal device, program and method used in these devices
JP2005222556A (en) Method, equipment, and system for cryptography for storage medium electronic right management of closed and connected equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CX01 Expiry of patent term

Granted publication date: 20121107

CX01 Expiry of patent term