METHOD AND SYSTEM FOR CONTROLLED INTERNET DISTRIBUTION OF DIGITAL MEDIA
Technical Field The present invention relates to a method and system for controlled distribution of digital media, such video and music signals, to prevent unauthorized digital copying or distribution.
Background Information and Summary of the Invention
Illegal and unauthorized digital copying of media files, such as music and video signals, is a growing problem. In particular, with the event of the Internet, it is increasingly difficult to control such unauthorized activity and protect the copyright owners of such media signals.
Despite many attempts to overcome this problem, unauthorized digital copying and distribution are still rampant. For example, complicated systems have been developed that provide the user with a decryption key to gain access to secured data. However, users still manage to conduct illegal copying and distribution of media files without compensating the owner of the content on the media files. There is a need for an efficient solution to enable a secure Internet distribution and copy protection of digital media signals. The method and system of the present invention provides a secure and reliable solution to the above-outlined problems. More particularly, the method is for encrypting
media signals in a safe manner to prevent unauthorized copying and distribution of digital media signals. A computer system sends a retrieval signal to a file/administration system to retrieve a media signal. The file/administration system encrypts the media signal to an encrypted file and creates an encryption key and a decryption key associated with the encrypted file. The file/administration system sends the file and the encryption key to the user' s system that sends a request signal the administration system to identify the decryption key. The encryption key and the decryption key are used to gain access to session keys of the decryption key that are sent to the user' s system to decrypt the file so that the computer system can play the media signal.
Brief Description of the Drawings
Fig. 1 is a schematic overview of the information flow of the system of the present invention;
Fig. 2 is a schematic illustration of a process flow of the present invention; and Fig. 3 is a schematic illustration of a process flow of the present invention.
Detailed Description
With reference to Fig. 1-3, the present invention is a unique monitoring and control system 10 that provides for a secure and controlled Internet distribution of digital media. One unique feature of the present invention is that the user
has an encryption key stored in the computer while the corresponding decryption key is stored in a remote server of the content owner of the media. This is in contrast to conventional technology where the decryption key is often stored on the user' s computer while the encryption key is stored in a remote server so that the encryption key is normally used for encryption and the decryption key is used for decryption. In the system 10 of the present invention, the decryption, by using the decryption key, takes place in the remote server.
More particularly, the system 10 has a communication system 12 such as a computer system that may be connected to a file transformation server system 14 and a key administration server system 16. The systems 14, 16 could be a single integrated system.
The system 12 may include a computer unit 18 and a computer monitor 20. The system 12 may include a mobile telephone 22, a hand held computer 24 or any other suitable communication device 25. The system 12 may include specific plug-in software 33 for the standard media players used by the system 12. The system 12 may further include soft- and hardware for writing data to CD, DVD discs or any other carriers of digital content that may be used. The computer unit 18 may include soft- and hardware enabling direct connection to the devices 22, 24 and/or any other suitable communication device 25. The computer unit 18 may also include software to enable the transformation of media files
to formats supported by the standard media players used by devices such as the devices 22 and 24. The system 12 may be equipped with hardware copy protection systems.
The operator of the system 12 may be connected to the system server 14 via a public network 15 such as the
Internet. For example, the system 12 may be connected to a web site 26 that is associated with a content database 28. The database 28 may include downloadable music and video files that have not been encrypted. For example, the system 12 may request a download of a music file 30 from the database 28 that may be stored in a MP3 format 32. The system may also request a download of a video file in an AVI format 34 or any other suitable format.
An important aspect of the present invention is that the music file 30 that has been retrieved from the database 28 is first encrypted in an encryption server device 36 before it is sent to the system 12. In this way, the encrypted file cannot be listened to without the proper decryption key or keys. It should be noted that the server device 36 may encrypt any type of file with any type of content. The plug- in software 33 for all standard media players in the system 12 enables the decryption process of the encrypted version of the file 30, as described below.
More particularly, when the user 11 of the system 12 requests the music file 30 in a request signal 29 to the system 14, the server 36 receives the signal 29 and retrieves the file from the database 28 and encrypts the requested media
file with asymmetrical 128-bits encryption. The encryption ensures that the file cannot be accessed without authorization from the content owner or licensed distributor of the music file. However, the encrypted file version 31 of the music file 30 may be copied as much as the user 11 wants on other devices, such as the devices 22, 24, because the user cannot play or access the content of the file 31 without the necessary session keys, as explained below.
The server 36 may create the uniquely encrypted file 31 in a crypted media file (cmf) or any other suitable format. The server 36 also creates an encryption key 38 and a decryption key 40 that are associated with the file 30. The encryption key 38 and the file 31 are sent to the system 12 in a response signal 42. Preferably, the decryption key 40 is never sent to the system 12. As explained below, the decryption key 40 may include a plurality of session keys that can be used to decrypt the requested song of the file 31. It should be noted that the file 31 and the encryption key 38 could be provided to the user 11 of the system 12 in many ways such as via a secured Internet connection, a CD, a mobile network or a memory card. The corresponding decryption key 40 is sent in a signal 44 to a key database 46 of the system 16. Preferably, the database 46 is inaccessible by the user 11. When the system 12 receives the signal 42, it may store the file 31 and the encryption key 38 on a hard drive. The user 11 of the system 12 may activate a software program such as a Windows media player 35 or Winamp to attempt to play
the music file 31. The plug-in software 33 in the media player 35 recognizes the file 31 and establishes a secure connection 48 with a key server 50 of the system 16. The secure connection 48 may be any suitable solution using 128- bits asymmetric encryption, such as SSL. If the system 12 does not have the plug-in software 33, the file 31 may direct the media player to download the plug-in software 33. The plug-in software may be automatically installed and activated in the system 12. The plug-in software 33 also checks the media player 35 of the system 12 and the user status such as a limited number of key settings of the system 12 including the sound card output. The plug-in software 33 sends a request including the encryption key 38 associated with the file 31 and information on the starting point in the file 31. For example, the user may want to start listening to the last half of the music- piece in the file 31 and may not need the session keys that are used for the first half of the music piece. The plug-in software 33 may also send user data information to the server 50. The server 50 receives the request signal 48 and the associated encryption key 38 so that the server can identify which decryption key is associated with the music file 31. The key 40 also includes the encrypted symmetrical session keys 60. The decryption key 40 and the encryption key 38 are used to gain access to or decrypt the session keys. The decryption process by using the combination of the decryption key 40 and the encryption key 38 keys may be done in a key
server 51. A feature of the present invention is that the session keys 60, in turn, are encrypted with the encryption key 38 and the decryption key 40 at the time of the creation in the server 36 so that both keys must be used to decrypt the session keys 60. This also means that the operator of the server 50, such as a distributor, cannot conduct any unauthorized copying either as long as the server 50 does not have access to the encryption key 38.
More particularly, the server 50 sends a request signal 52 to the key database 46 to retrieve the decryption key 40 in a response signal 54 that is forwarded, together with the encryption key 38, to the server 51 in a signal 55. The server 50 checks that the user data settings are correct. The server 50 also sends a signal 56 to a billing system 58 to check if the user of the system 12 is authorized and has paid for the services related to the file 31. The user may be charged in a variety of ways such as through a time-limited subscription, customer account, per download, per time period, per stream instance, per copy and any combination of these and other parameters.
Upon approval from the system 58, the server 50 may receive the session key 60 in a signal 57 from the server 51. A first session key 60a may be sent to the system 12 to enable the decryption of a portion of the file 31 so that the user can listen to the decrypted portion of the file 31. One reason for using several session keys 60 is to make it more difficult for unauthorized use because the decryption of one
session key only permits the listening of, for example, about thirty seconds on the song that is represented by the file 31. The server 50 sends a decryption signal 62 including the first session key 60a to the file 31 of the computer 20. Upon completion of the access of the content provided by the session key 60a, a second session key 60b may be send to the computer 20 to continue playing the music file 31.
The decryption data, the private and encryption keys are unique to the music file 31 and cannot be used to decrypt any other music file. Each session key corresponds to a portion of the song in the music file 31 so that it may be necessary to gain access to 5-10 session keys to be able to listen to an entire song. The server 50 may be programmed to send session keys at certain time intervals, such as every 30 seconds, so that the user can listen to the music without interruption. It may also be possible for the plug-in software 33 to request new session keys each time a session key is running out of time.
The plug-in software 33 receives the signal 62 including the key 60 and decrypts the corresponding portion of the song of the file 31. The decrypted portion of the file 31 is sent to the media player of the computer 20 that transforms the Mp3 format to raw format. Instead of sending the decrypted portion of the file 31 to the operative system, the plug-in software 33 receives the sound data and sends it directly to a sound-card 64. By sending the sound data directly to the sound card, there is a reduced risk of
unauthorized copying in the operative system of the system 12. The plug-in file repeats the client status check a number of times during the playback to prevent unauthorized copying of the audio in the file 31. Another feature of the present invention is that two different users will receive different encrypted files although the same content is requested from the database 28. If the same user wants to access the same content twice, the same encryption key and the same session keys may be used. However, the same user is required to send request signals to the server 50 to obtain the session keys the second time the same song is played.
The system 10 ensures that the copyright owners of the music files are compensated each time the song is played digitally. By keeping the decryption keys and the session keys in the database 46, the user of the system 12 will never be able to decrypt the file 31 without requesting the session keys from the server 16. This eliminates or dramatically reduces the risk for unauthorized decryption of the file 31. In this way, the system 10 ensures that the user must request the session keys every time the song is played and the decryption key is never sent to the user of the system 12. The system 10 may have a feature to monitor that there is no tampering of the session keys while a song is being played on the system 12. For example, the plug-in software 33 may send regular status reports of the song that is being played to the server 50. The plug-in software 33 may
initiate the need for a new session key 60 and report whether there is any tampering with any of the session keys to avoid copying while the song is being played. The status report is also used to authorize the creation of new session keys as the song is being played so that the listener can listen to the entire song that is represented by the file 31.
It is also possible to stream the media signals to the system 12. The user of the system 12 simply buys the rights to access the streamed media signals and may obtain a certificate therefor. When the stream service is requested, the server 50 receives a modified signal 38 including the stream certificate and the necessary client status data from the plug-in software 33. The server 50 checks the status data and the certificate with the billing system 58 to make sure the certificate is up to date and paid for. The server 50 then retrieves the encryption key from a database of the server and the corresponding decryption key to decrypt the necessary session keys as outlined above and the stream system is notified to start streaming encrypted files to the plug-in software 33 in the system 12. In this way, the user of the system 12 does not have the encryption key. The server 50 also starts sending decryption or session keys to the plug-in software 33.
If the system 12 includes standard soft- and hardware systems for writing data to other carriers of digital content, such as a CD, digital content may be used by other devices, such as a car stereo. The plug-in software in system
12 may connect to these standard write-enabling systems and include them in the same tamper-proof area as the media player, soundcard etc. If the user wishes to copy a content, for example by writing the raw audio from the file 31 on an audio CD, the plug-in software 33 may repeat the same process as with playback. In addition, the plug-in software 33 may include vital data from the write enabling systems in the request signal 48 to the server 50. Thus, the user of the system 12 may copy the decrypted music of file 31 to an audio CD if the content owner and distributor allow it. The content owner/distributor may regulate such information as the number of copies and price per copy for each individual user and content file. The plug-in software 33 may also connect to file transformation software that copies content and changes the format to function with a specific device such as devices 22 or 24.
The content owner/distributor may also combine the system 10 with other copy protection systems. For example, the file 30 may be a music data file associated with a hardware copy protection technology, such as "watermarking". If the user copies this music file to a CD, as described, the CD may only function with devices such as the device 25 if the device is equipped with the necessary hardware and the content on the disc may not be copied. Thus, the content owner/distributor may create a secure and controlled distribution channel of copy protected content that the user may access in a number of ways using various devices.
The components of the system 10 do not require a single provider to own or host all of the components. For example, a large media publisher may host the database 46 and the server 50. A network of retailers may each own an encryption server 36 and several content owners, such as music companies, may each own a content database and a encryption key database. All the above components may be associated with the system 10. The content owner may be paid a royalty each time a media piece or encryption key is streamed at the publisher's request. Every time a retailer requests a encryption key, such as the encryption key 38, from the key database 46 the retailer's account is being credited.
It is also possible for an individual content owner, such as a musician, to host an encryption server as part of an e-commerce business concept. The Internet service provider (ISP) of the musician may host the other components of the system 10. The ISP may charge the musician for its services for every encryption key the ISP receives and the musician may be credited a royalty payment when a user downloads a music file owned by the musician.
In summary, the server device 36 encrypts each part or session of the media file 31. The device 36 also creates corresponding decryption session keys 60 and the pair of encryption key 38 and the decryption key 40. The server device 36 then encrypts the session keys 60 with the encryption key 38 and stores the encryption key 38 with the media file 31. The server device 36 send the decryption key
40 to the database 46 and the encrypted session keys 60 to the session key database 51. The encrypted media file 31 and the encryption key 38 is sent to the communication device 12 of the user 11. The plug-in device 33 in the media player of the communication device 12 sends the encryption key 38 and client status data 37 to the server device 50. The server device 50 checks the client status data 37 and retrieves the decryption key 40, that corresponds to the encryption key 38, and the session keys 60 from the databases 46, 51, respectively. The server device 50 decrypts the session keys 60 with the decryption key 40, together with the encryption key 38, and send the first session key 60a to the plug-in device 33. The device 33 decrypts the first part of the media file 31, with the first session key 60a, and the client media player 35 decodes and plays the file, such as a first part of a song.
While the present invention has been described in accordance with preferred compositions and embodiments, it is to be understood that certain substitutions and alterations may be made thereto without departing from the spirit and scope of the following claims.