WO2007102093A2 - Method and system for distributed copy administration - Google Patents

Method and system for distributed copy administration Download PDF

Info

Publication number
WO2007102093A2
WO2007102093A2 PCT/IB2007/050553 IB2007050553W WO2007102093A2 WO 2007102093 A2 WO2007102093 A2 WO 2007102093A2 IB 2007050553 W IB2007050553 W IB 2007050553W WO 2007102093 A2 WO2007102093 A2 WO 2007102093A2
Authority
WO
WIPO (PCT)
Prior art keywords
copy
data
copies
counter
item
Prior art date
Application number
PCT/IB2007/050553
Other languages
French (fr)
Other versions
WO2007102093A3 (en
Inventor
Wilhelmus J. H. J. Bronnenberg
Erwin Kragt
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Publication of WO2007102093A2 publication Critical patent/WO2007102093A2/en
Publication of WO2007102093A3 publication Critical patent/WO2007102093A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]

Definitions

  • the invention relates generally to digital rights management and similar schemes and discloses a method and a system for administration of distributed copies of licenses in a network of devices.
  • DRM Digital Rights Management
  • An example of content protected by DRM is music sold and distributed via the internet e.g. via iTunes or similar web-stores.
  • DRM Digital Rights Management
  • Such distribution systems generally employ a DRM system that enforces a set of rules that controls use and distribution.
  • Electronically downloaded content may be protected in such a way that it can only be viewed (or listened to) on a specified set of devices belonging to the domain of a user purchasing the content.
  • the DRM system may impose restrictions such as the maximum number of devices in the domain, or alternatively it may require that all devices in the domain are authorized, e.g. by a specific (trusted) user, or a trusted third party.
  • each data-item as e.g. a movie or a piece of music, has an associated license.
  • the license determines the rights associated with content (a data-item) of a user i.e. e.g. whether a user is allowed to copy a data-item to a device on the network not belonging to the user's own domain or to another device in the user's own domain, or e.g. whether the user is allowed to copy a DRM protected song to a friends laptop.
  • a dedicated server for controlling the number of licenses (and copies of associated data-items) and the position of the licenses (and copies of associated data-items) is required.
  • the central server Before a copying, deleting or moving of a data-item, the central server needs to be notified about the action to take place in order to keep the administration up-to-date and the server needs to check whether the action is permissible.
  • the server When moving a data-item to a device outside the domain of the user, the server is queried to establish whether the action is permitted i.e. if the copy of the data-item selected for movement is the only copy in the domain from which it is to be moved. Such a check can be done by querying a database in connection with the server.
  • the central administration method of administrating copies thus requires a dedicated server with a database.
  • the method is cumbersome due to the amount of information exchanged during actions such as deletion, moving, gifting and/or copying.
  • US 5,765,152 discloses a method and a system for secure electronic copyright management and automatic identification of creative works distributed as digital or electronic media over a network.
  • copyrighted electronic or digital media are packaged in a secure electronic format and registered on an associated registration server, which serves to provide online licensing and copyright management for that media.
  • a method for administration of distributed copies of a data-item in a system comprising a device characterized in that the method comprises associating a copy of the data- item with two counters, one counter representing a number-of-direct-copies made from said copy and one counter representing a generation-number of said copy.
  • the method provides an administration of distributed copies of a data-item in which the amount of administration comprises two counters per copy of a data-item, said two counters being responsible for the administration.
  • a first counter describes the number of direct copies made from a given copy of a data-item and a second counter describes the "distance" from the given copy of a data-item to the original copy of the data-item.
  • devices that store content data may also store part of the distributed copy administration.
  • the later is particularly relevant for DRM systems, where content proliferation is subject to DRM control.
  • the present invention facilitates a simple and highly efficient method for performing the aforementioned verification; gifting of a data-item is allowed if and only if the number-of-direct-copies counters and the generation-number counter associated with that copy are both zero. When this condition is met the data-item is the only remaining copy of the data-item in the system and may be gifted, thereby considerably simplifying at least part of the copy administration when gifting.
  • Updating the administration of distributed copies of data- items involves updating one or more number-of-direct-copies counters and/or one or more generation- number counters in the system.
  • Updates to the administration are usually local to one or two devices. Moreover often updates allow a choice as to which devices in the system may update the distributed copy administration, thereby simplifying distributed copy administration in systems wherein not all devices are continuously on-line.
  • the data-item comprises one of the following data- items: - a digital content, a digital license, and a digital license associated with a digital content.
  • a data-item may comprise a digital content, e.g. a mp3-song and/or a mpeg-movie, etc., a digital license, e.g. a license allowing a user to distribute a data-item to e.g. eight devices in the user's domain possibly for a limited time-period, and a digital license associated with a digital content, e.g. a license on a mp3-song and/or a mpeg-movie.
  • the present invention can be used advantageously in DRM systems it is not restricted thereto.
  • the present method may be used advantageously in other systems that maintain a distributed copy administrations for data-items, in particular embodiments wherein the operation for verifying whether a copy is a single, or the only remaining copy, is to be implemented in an efficient manner.
  • the method further comprises administrating at least one of: a copy operation, - a move operation, a delete operation, and a gifting operation.
  • the method is able to move, copy, delete or gift a data-item or a copy of a data-item.
  • the method further comprises updating the counters of a copy of a data-item to reflect the number-of-direct-copies and the generation-number of that copy.
  • the method is able to update the counters of a copy of a data-item when these counters are changed due to a move, copy, delete or gift operation.
  • the method further comprises administrating said copy operation by: increasing said number-of-direct-copies counter of a first copy by one, creating a new copy of said first copy with generation-number counter one higher than the generation-number of said first copy and a number-of-direct-copies counter equal to zero for the new copy.
  • the copy operation administration is performed by utilizing the two counters associated with the copy of the data-item.
  • the method further comprises administrating said move operation by not changing said two counters. In this way, the move operation administration is performed by utilizing the two counters associated with the copy of the data-item. In a further embodiment of the invention, the method further comprises administrating said delete operation by determining if said number-of-direct-copies counter of a copy selected for deletion is equal to zero or different from zero.
  • the delete operation checks whether the copy of a data-item selected for deletion is a leaf-copy (having number-of-direct counter equal to zero) or a non- leaf-copy (having number-of-direct counter different from zero).
  • administrating said delete operation involves: selecting a first copy with a generation-number one smaller than the generation-number of said copy selected for deletion and with a number-of-direct-copies counter larger than zero, deleting said copy selected for deletion, and decreasing the number-of-direct-copies counter of said first copy by one. In this way the method is able to administrate the deletion a leaf-copy (having number-of- direct counter equal to zero).
  • administrating said delete operation involves: selecting a first copy with number-of-direct-copies counter equal to zero, swapping said counters of said copy selected for deletion with said counters of said first copy, - selecting a second copy with a generation-number counter one smaller than the generation-number counter of said copy selected for deletion and with a number-of-direct- copies counter different from zero, deleting said copy selected for deletion, and decreasing the number-of-direct-copies counter of said second copy by one.
  • the method is able to administrate the deletion a non-leaf-copy (having number-of-direct counter different from zero).
  • the method is further characterized in that said second copy is chosen from a group of copies comprising said first copy.
  • said second copy is chosen from a group of copies comprising said first copy.
  • the system comprises a domain comprising one or more user devices to which a data-item may be copied or moved.
  • user devices are defined to belong to a domain in which data- items may be distributed by copying and/or moving operation(s). As indicated earlier typically such a domain is enforced by a DRM system.
  • the method is further arranged to move a copy of a data-item from a device in a domain to another device in another domain if said copy has number-of-direct-copies counter equal to zero and generation-number counter equal to zero.
  • the method is further arranged to move a copy of a data-item with number-of-direct-copies counter or generation-number counter different from zero from a device in one domain to another device in another domain, said moving of said copy comprising deletion of all copies except one copy in the domain, and moving said one copy to said other domain.
  • the present invention also relates to a device corresponding to the method according to the present invention.
  • the invention relates to a device arranged to operate in a system comprising one or more copies of a data-item, the device comprising memory means for storing the data-item characterized in that the device further comprising memory means for storing two counters for each of said one or more copies of the data-item, one counter representing a number-of-direct- copies made from said copy and one counter representing a generation-number of said copy.
  • a device may operate in a system comprising one or more copies of a data-item. Further, the device is able to store said data- item in a memory. Further, the device is able to store the two administrative counters associated with the data- item in a memory. A first counter describes the number of direct copies made from a given copy of a data-item and a second counter describes the "distance" from the given copy of the data-item to the original copy of the data-item. In a further embodiment of the invention, the device further comprises updating means arranged to update the respective counters of each copy of a data-item to reflect the number-of-direct-copies, and the generation-number of that copy.
  • the device is able to update the counters of a copy/instance when these counters are changed due to a move, copy, delete or gift operation as described above.
  • the device comprises communication means for communicating with other devices in order to maintain a distributed copy administration.
  • a system is arranged to maintain a distributed copy administration, the system comprising at least one of said abovementioned devices.
  • the invention also relates to a data-item comprising two counters, one counter representing a number-of-direct-copies made from said data-item and one counter representing a generation-number of said data-item.
  • the data-item provides two counters, said two counters being responsible for the administration of said data-item.
  • a first counter describes the number of direct copies made from the data-item and a second counter describing the "distance" from the data-item to the original copy of the data-item.
  • the data-item further comprises at least one of a digital content, a digital license, and a digital license associated with digital content.
  • the invention also relates to a computer program comprising program code means adapted to cause a data processing system to perform the steps of the method according to any of claims 1 to 13 when said program code means are executed by said data processing system.
  • the invention also relates to a computer readable medium having stored thereon a computer program comprising program code means adapted to cause a data processing system to perform the steps of the method according to any of claims 1 to 13 when said program code means are executed by said data processing system.
  • Figure 1 is a schematic drawing of an exemplary system for administration of distributed copies in a network.
  • Figure 2 represents an exemplary system of the counters administered to keep track of the number of copies of a data-item in a network.
  • Figure 3 represents an example of the administration of a copy operation of a distributed copy of a data-item.
  • Figure 4 represents an example of the administration of a move operation of a distributed copy of a data-item.
  • Figure 5 represents an example of the administration of a deletion of a leaf- copy operation.
  • Figure 6 represents an alternative example of the administration of a deletion of a leaf-copy operation.
  • Figure 7 represents an example of the administration of a deletion of a non- leaf-copy operation where the copy of a data-item to be deleted is marked by a cross.
  • Figure 8 represents an example of the administration of a deletion of a non- leaf-copy operation where the administration of the copy of a data-item for deletion and a leaf-copy is exchanged.
  • Figure 9 represents the situation after a deletion of a non- leaf copy of a data- item.
  • Figure 10 represents an alternative example of the administration of a deletion of a non-leaf-copy where another leaf-copy has been chosen for exchange of administration values.
  • Figure 11 represents the result of the deletion of the non- leaf-copy of Figure 10.
  • Figure 12 represents an alternative example of the administration of a deletion of a non-leaf-copy where another non- leaf-copy has been chosen for the leaf-copy-deletion part.
  • Figure 13 represents a schematic drawing of a user device according to an embodiment of the present invention.
  • FIG. 1 a schematic drawing of an exemplary system for administration of distributed copies of data-items, such as licenses, in a network, 100, is presented.
  • the system 100 comprises a domain, 105, belonging to user A and a domain, 135, belonging to user B.
  • a domain may belong to a group of users e.g. a household sharing a number of user devices.
  • a domain may comprise only one user device, 125 or 130.
  • the system comprises user devices 125 and 130 belonging to e.g. users C and D, respectively.
  • the domain 105 comprises three user devices, 110, 115 and 120, and the domain 135 comprises two user devices, 140 and 145.
  • All the domains and the user devices are connected via a wired and/or wireless communications network, 150.
  • the user devices may communicate with each other over the communication network.
  • a user device may also communicate directly with another user device using e.g. Bluetooth, infrared (IR) or other wired or wireless communication.
  • the communication between user devices may be initiated by any user device.
  • any user device communicating with another user device may terminate the communication. It is further to be understood that devices in communication need not be in continuous communication and may refrain from communication.
  • the communications network 150 may comprise any type of or any combination of networks suitable for receiving and/or transmitting information between devices, wired or wireless. Examples of such communication networks comprise local area network (LAN), extranet, intranet, the Internet, wide area networks (WAN), GSM networks, UMTS networks, or any other network.
  • the domain 105 comprises three devices: 110, 115, and 120. There may be any number of devices in a domain and the type of devices in a domain (and/or the user devices) may be any circuitry or device suitable for storing distributed copies of data-items and/or associated licenses and/or licenses. Examples of such devices comprise mobile phones, smart phones, PDAs, personal computer (PCs), laptops, desktops, car-radios, media center, mp3 players, iPods, stereo set, or the like.
  • any of the user devices may have an off-line connection to the network. This may be due to an intentional power-down and/or shut-down by the user, a malfunction of the device, due to the device being moved, due to a malfunction in the network or any of its components, or the like.
  • the device, 120 may have a broken connection to the network because it may be out of order or because it is transported from one place to another by user A (or any other person). This is illustrated by a dashed line in the figure.
  • the administration of the number of distributed copies of licenses (or other data structures) is performed by updating two counters associated with each copy of a data- item.
  • the first counter is a number-of-direct-copies counter and this counter represents the number of times a given copy of a data-item has been copied.
  • the second counter is the generation-numbers counter and this counter represents the distance between the copy of a data-item (or other data structure) with the given generation-number counter and the original copy of the data-item (or other data structure).
  • the original copy will have a zero in the counter representing the number-of-direct-copies and a zero in the counter representing the generation-number.
  • the original copy can be written as L(0, 0), where the first 0 represents the number-of-direct- copies counter and the second 0 represents the generation-number counter.
  • the license in this example represents a DRM (or similar scheme) protected data-item in which the data- item is only allowed to be gifted if L(0,0)
  • gifting would be allowed since only one copy is present of the data-item in the network or domain.
  • a data-item may comprise digital content, a digital license and/or a digital license associated with a digital content or any other type of data-item.
  • Gifting is defined as the moving of content (a data-item) from a first user device in the first domain to another user's user device in a second domain and gifting is only permissible if no other copy will be left in the first domain.
  • a move operation may be performed between devices of the same domain and between a first device in a first domain and a second device of a second domain. Further, a move operation may be performed even if a copy of the data- item (content) selected for moving remains in the domain from which the data-item is moved.
  • Gifting may be performed between a first device in a first domain and a second device of a second domain, said first and second domains being different. Further, gifting is only performed when no copy of the data-item (content) gifted away will remain in the domain from which the data-item is gifted.
  • the present invention further allows for easy management of distributed copies of e.g. a data-item in a network by keeping track of the distributed copies with a minimum of administration.
  • the minimum administration comprises two counters in connection with each of the distributed copies. No extra devices are needed to maintain the distributed copies since the administrative counters follow the distributed copies. It is further not necessary to search all devices in a network to determine whether one or more copies associated with a license are present. Further, updating the license associated with a data-item with a certain frequency is not required since the counters follow their respective copy of the data-item.
  • FIG. 2 an exemplary system of counters administered to keep track of the number of copies of a data-item or other data structure, 200, is presented.
  • 205 is an original copy of a data-item possibly with a license on user device 1.
  • 205 is the original copy since the generation-number counter, the second counter, of the given copy of the data-item is 0 i.e. the copy on user device 1 is zero "steps" away from the original copy.
  • the number-of-direct-copies counter equaling 3.
  • 210, 215 and 220 represent the children/copies of the original copy of a given data-item possibly with a license L(3,0), 205. These copies are present on user devices 2, 3 and 4, respectively. All the children of L(3,0), 205, have a generation-number counter equal to one indicating that they are only one "step" from the original copy present on user device 1, 205. 210 has two children of its own as indicated by the number-of-direct-copies counter, L(2,l). The two copies made from the copy present on user device 2, 210, are present on user device 5, 225, and on user device 6, 230. Likewise, 220 has one child of its own and therefore the counters of user device 4 are L(1, 1).
  • the copy made from the copy present on user device 4 is situated on device 7, 235.
  • 215 has no children of its own and the counters representing this device are L(0, 1).
  • a copy with no children as 215 is called a leaf- copy i.e. when the number-of-direct-copies counter is equal to zero.
  • Copies with children are called non- leaf copies and have number-of-direct-copies counter different from zero.
  • 225 and 230 represent the children of 210 on user devices 5 and 6 in the network. As these copies have no children of their own, both have number-of-direct-copies counters equaling zero L(0,2), they are both leaf copies. Further, they are both in a distance of 2 "steps" from the original copy of the license as seen from their generation-number counter. The same information applies for the copy 235 which is resident on user device 7.
  • 240 represent the two counters L(3,0), generation-number and number-of- direct-copies, of the copy of a data-item on device 1, 205.
  • 245 represents the number-of- direct-copies counter of the copy on device 5.
  • 250 represents the generation-number counter of the copy on device 6.
  • a license may represent one or more copies of a data-item.
  • the license and a first copy of the data-item may be represented by the administration-counters L(0,0) and all further copies made of the data-item represented by the license would have administration counters L(m,n), where (m,n) are different from (0,0).
  • the administration of the abovementioned counters may be maintained while allowing the following operations on copies of data- items associated with licenses or other data structures:
  • Copying making a copy of a data-item on a user device of a copy from another user device.
  • - Moving Removing a copy from one user device and placing the copy on another user device.
  • Deleting Removing a copy from a user device.
  • FIG 3 the administration of a copy operation of a distributed copy of a data-item, 300, is exemplified.
  • a copy of the leaf-copy present on device 7, 235 in Figure 2 and 335 in Figure 3 has been made and placed on user device 8, 340.
  • a copy operation of a copy of a data- item or other data structure is performed by incrementing the number-of-direct-copies counter of the parent-copy on device 7, 335, by one.
  • L(0,2) is changed to L(I, 2) when going from 235 in Figure 2 to 335 in Figure 3.
  • the new copy of the data-item on device 8, 340 is created with a number- of-direct-copies counter equaling zero and a generation-number counter equaling its parent's generation-number on user device 7, 335, incremented by one.
  • the new copy has the counter-values L(0,3).
  • the administration of the copy operation of a copy comprise the creation of a new copy, a child, with a generation-number counter one higher than the generation-number of the parent-copy from which the child-copy was copied.
  • the number- of-direct-copies counter of the child-copy is zero in the moment of creation but may change as copies of the child-copy are made. Further, the number-of-direct-copies counter of the parent-copy is increased by one.
  • the copy of a data-item residing on device 8, 440 is moved to user device 9, 445. No changes in the counters are made.
  • the parent of the copy moved, 435 still has one direct copy made of itself and therefore maintains the counter- values L(1, 2). Further, the recipient of the moved copy does not change the counter values of the copy.
  • the moved copy still has direct-number-of-copies equaling zero and the distance to the original copy has not changed either and therefore is still 3. Therefore, the counters of the moved copy remains unchanged at L(0, 3).
  • FIG. 5 the administration of a deletion of a leaf-copy operation, 500, is illustrated.
  • the deletion of a leaf-copy of a data-item comprises the selection of one arbitrary other copy with a generation-number counter one smaller than that of the leaf-copy selected for deletion and further the arbitrary other copy selected may not be a leaf-copy itself i.e. it needs to have a direct-number-of-copies counter different from zero.
  • the administration of the deletion-operation further comprises deleting the leaf-copy selected for deletion and decreasing the number-of-direct-copies counter of the selected arbitrary copy by one.
  • the copy on device 6, 530 is selected as the arbitrary copy with a generation-number counter one smaller than the generation-number counter of the copy on device 6, 530, the copy on device 6, 530, is deleted and the number- of-direct-copies counter of the copy on device 2, 510, is decreased with one from L(2,l) to L(I 5 I) as illustrated in Figure 5.
  • Figure 6 the administration of a deletion of a leaf-copy operation is illustrated.
  • the copy on device 6, 630 is deleted and the number-of-direct- copies counter of the copy on device 4, 620, is decreased with one from L(I 5 I) to L(0, 1) as illustrated in Figure 6.
  • the copy on device 7, 635 may be seen as a child of device 2, 610, instead as indicated by the arrows.
  • Figures 5 and 6 illustrates that for this delete operation there is a choice as to which devices may effectively administer the deletion. This is particularly relevant in situations wherein devices may be off-line. Even though one of the devices 2, 510, or 4, 620, may be off-line the deletion can still be effectuated.
  • Figure 7 the administration of a deletion of a non-leaf-copy operation, 700, is illustrated.
  • the deletion of a non-leaf copy of a data-item comprises replacing the administration (the number-of-direct-copies and generation-number counters) of the copy to be deleted with that of an arbitrary other leaf-copy. Thereafter, the copy of the data-item selected for deletion is deleted as explained above for deletion of leaf-copies. Therefore, an arbitrary copy with generation-number one smaller than the copy selected for deletion and with a number-of-direct-copies counter different from zero is selected, the copy to be deleted is deleted, and the number-of-direct-copies counter of the arbitrary copy selected is decreased by one.
  • the copy on device 8, 840 now a non-leaf copy after the exchange of administration with the copy 835, is chosen. It fulfils the requirements of having the number- of-direct-copies counter different from zero (it is 1) and the generation-number counter is two which is one smaller than the generation-number counter of the copy on device 7, 835, which is three.
  • the copy of device 7, 835 is deleted and, as described above under the deletion of a leaf-copy, the number-of-direct-copies counter of the copy on device 8, 840, is decreased with one from L(1, 2) to L(0,2).
  • another leaf-copy may be chosen for having its administration exchanged with the administration of the non-leaf copy selected for deletion.
  • the leaf-copy on device 6, 1030 is chosen to have its administration exchanged with the administration of the non- leaf-copy 1035 on device 7 (still selected for deletion and therefore marked with a cross).
  • the administration of the copy on device 6, 1030 is changed from L(0,2) to L(I, 2) and likewise, the administration of the copy on device 7, 1035, is changed from L(l,2) to L(0,2).
  • a non-leaf-copy with generation-number one smaller than the copy selected for deletion and with number-of- direct-copies counter different from zero is selected.
  • the number-of-direct-copies counter may as a result of a delete operation not reflect the actual number of direct copies made from this particular data-item (content). As indicated earlier on this does not affect the distributed copy administration. This is seen in the non-leaf-deletion of e.g. Figure 9 (920), Figure 11 (1130) and Figure 12 (1220, 1230). Thus, a result of the exchange of the administration in a non-leaf-deletion, the link between the number-of-direct-copies counter of a copy and the actual number of direct copies made from this particular copy of a data-item may be lost, but the maintenance of the copy administration remains unaffected.
  • a user wants to move (e.g. gift) a data-item to a domain other than the user's own (or move or gift a data-item from a domain to another user's device or between different users user devices or from a user device to another user's domain)
  • the system only needs to check the administration of the copy selected for movement to verify whether movement of the copy is allowed. If the number-of-direct-copies counter and generation- number counter both equal zero then it is permissible for the user to move (gift) the data-item to a domain other than the user's own otherwise it is not.
  • Movement of a data-item within the user's own domain can be performed freely as described above. Copying of a data-item to a domain other than the user's own is not permissible since this would lead to several copies of the same data- item on several domains. Copying within the user's own domain can be done according to the administration described above.
  • Deletion of a data-item in a domain is performed according to the administration described above.
  • the system when a user would like to gift (or otherwise move) a data-item having either or both number-of-direct-copies counter and generation-number counter different from zero to a domain other than the user's own (or from the user's domain to another user's device or between different users user devices or from a user device to another user's domain), the system will have to delete all the copies of the data-item except one from the domain of the user gifting the data-item.
  • the copy left on the user's domain will have administration L(0, 0) and the one copy is then moved to the destination device in a domain different from domain of the user gifting the copy.
  • FIG 13 a schematic drawing of a user device according to an embodiment of the present invention is presented.
  • a device (1300) comprising one or more micro-processors (1301) connected with a main memory (1302) and e.g. one storage device (1306) via an internal data/address bus (1304) or the like.
  • the device (1300) may also be connected to or comprise a display (1307) and/or communication means (1301) for communication with one or more remote systems via a network.
  • the memory (1302) and/or storage device (1306) are used to store and retrieve the relevant data together with executable computer code for providing the functionality according to the invention.
  • the micro-processor(s) (1301) is responsible for generating, handling, processing, calculating, etc. the relevant parameters according to the present invention.
  • the storage device (1306) which may be optional, comprises one or more storage devices capable of reading and possibly writing blocks of data, e.g. a USB-slot for memory cards, DVD, CD, optical disc, PVR, etc. player/recorder and/or a hard disk (IDE, ATA, etc), floppy disk, smart card, PCMCIA card, etc.
  • a copy is to be broadly understood as an imitation, transcript or reproduction of an original work also including the possibility that the "copy” is the original work itself i.e. if the administration counters equal L(0, 0) only the original work is left in the domain which could also be expressed as only one copy of a data-item is left in the domain.
  • any reference signs placed between parentheses shall not be construed as limiting the claim.
  • the word “comprising” does not exclude the presence of elements or steps other than those listed in a claim.
  • the word “a” or “an” preceding an element does not exclude the presence of a plurality of such elements.
  • the invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer.
  • the device claim enumerating several means several of these means can be embodied by one and the same item of hardware.
  • the mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Abstract

The invention relates to a method for administration of distributed copies of a data-item in a system comprising a device (110 - 130, 140, 145). The method comprises associating a copy of the data-item with two counters (240), one counter representing a number-of-direct-copies made from said copy (245) and one counter representing a generation-number of said copy (250). Hereby is achieved an administration of distributed copies with a reduced amount of administration, more specifically the administration of distributed copies is simplified in part, in particular with respect to the verification of whether or not gifting of a copy of a data-item in the system is permitted.

Description

Method and system for distributed copy administration
FIELD OF THE INVENTION
The invention relates generally to digital rights management and similar schemes and discloses a method and a system for administration of distributed copies of licenses in a network of devices.
BACKGROUND OF THE INVENTION
More and more content is distributed electronically via networks (e.g. the Internet). Such content may be protected by Digital Rights Management (DRM) and/or other methods/systems for handling digital rights. An example of content protected by DRM is music sold and distributed via the internet e.g. via iTunes or similar web-stores. Such distribution systems generally employ a DRM system that enforces a set of rules that controls use and distribution. Electronically downloaded content may be protected in such a way that it can only be viewed (or listened to) on a specified set of devices belonging to the domain of a user purchasing the content. The DRM system may impose restrictions such as the maximum number of devices in the domain, or alternatively it may require that all devices in the domain are authorized, e.g. by a specific (trusted) user, or a trusted third party.
In many DRM systems, each data-item, as e.g. a movie or a piece of music, has an associated license. In a networked and DRM protected world, the license determines the rights associated with content (a data-item) of a user i.e. e.g. whether a user is allowed to copy a data-item to a device on the network not belonging to the user's own domain or to another device in the user's own domain, or e.g. whether the user is allowed to copy a DRM protected song to a friends laptop.
Moving a DRM (or similar scheme) protected data- item to another device in a domain outside the user's domain, such as in case of gifting is only allowed if no other copy of the data-item will be left in the user's domain.
Without any administration of distributed copies of data- items with associated licenses, all devices in a domain have to be checked for copies of the data-item which is going to be gifted. This is very cumbersome and it is problematic if some of the devices in the domain are off-line (disconnected from the network), e.g. in case of a PDA, a laptop or other portable devices.
In a network with a central administration a dedicated server for controlling the number of licenses (and copies of associated data-items) and the position of the licenses (and copies of associated data-items) is required. Before a copying, deleting or moving of a data-item, the central server needs to be notified about the action to take place in order to keep the administration up-to-date and the server needs to check whether the action is permissible. When moving a data-item to a device outside the domain of the user, the server is queried to establish whether the action is permitted i.e. if the copy of the data-item selected for movement is the only copy in the domain from which it is to be moved. Such a check can be done by querying a database in connection with the server. The central administration method of administrating copies thus requires a dedicated server with a database. The method is cumbersome due to the amount of information exchanged during actions such as deletion, moving, gifting and/or copying. US 5,765,152 discloses a method and a system for secure electronic copyright management and automatic identification of creative works distributed as digital or electronic media over a network. In the patent, copyrighted electronic or digital media are packaged in a secure electronic format and registered on an associated registration server, which serves to provide online licensing and copyright management for that media. The problem of such a system and method is that it requires a dedicated server for copyright management, it requires the encryption of the media in a secure format, it requires the exchange of keys for decryption between the server and a user device as well as cumbersome and power- consuming decryption of the secure media at the user device.
Other known solutions provide methods and systems for restrictive gifting of data-items by using license renewal of time- limited licenses. If a data-item and /or associated license is/are gifted to a device outside the domain of the purchaser's domain, the associated license will not be further renewed for the purchaser's domain. The time-intervals between each license renewal need to be rather short because between each renewal the data-items associated with a license can be used in several domains simultaneously. A short time- interval between license renewals is less attractive for the user, because the user needs to redistribute the renewed license over the entire user domain after each renewal. Further, redistribution of the renewed license poses problems for devices that are off-line. The object of the present invention is to partially simplify the administration of distributed copies of a data-item, more specifically to partially simplify the administration required for gifting of a data-item.
SUMMARY OF THE INVENTION
The above goal is accomplished by:
A method for administration of distributed copies of a data-item in a system comprising a device characterized in that the method comprises associating a copy of the data- item with two counters, one counter representing a number-of-direct-copies made from said copy and one counter representing a generation-number of said copy.
The method provides an administration of distributed copies of a data-item in which the amount of administration comprises two counters per copy of a data-item, said two counters being responsible for the administration. A first counter describes the number of direct copies made from a given copy of a data-item and a second counter describes the "distance" from the given copy of a data-item to the original copy of the data-item. As a result devices that store content data may also store part of the distributed copy administration. When gifting/giving away a data-item it is often necessary to verify whether the data-item is the only data-item remaining in the system, in order to prevent unauthorized copying of such a data-item. The later is particularly relevant for DRM systems, where content proliferation is subject to DRM control. The present invention facilitates a simple and highly efficient method for performing the aforementioned verification; gifting of a data-item is allowed if and only if the number-of-direct-copies counters and the generation-number counter associated with that copy are both zero. When this condition is met the data-item is the only remaining copy of the data-item in the system and may be gifted, thereby considerably simplifying at least part of the copy administration when gifting.
Updating the administration of distributed copies of data- items, involves updating one or more number-of-direct-copies counters and/or one or more generation- number counters in the system.
The present invention offers more advantages, as will be detailed further on. Updates to the administration are usually local to one or two devices. Moreover often updates allow a choice as to which devices in the system may update the distributed copy administration, thereby simplifying distributed copy administration in systems wherein not all devices are continuously on-line.
In one embodiment of the invention, the data-item comprises one of the following data- items: - a digital content, a digital license, and a digital license associated with a digital content.
In this way a data-item may comprise a digital content, e.g. a mp3-song and/or a mpeg-movie, etc., a digital license, e.g. a license allowing a user to distribute a data-item to e.g. eight devices in the user's domain possibly for a limited time-period, and a digital license associated with a digital content, e.g. a license on a mp3-song and/or a mpeg-movie. Although the present invention can be used advantageously in DRM systems it is not restricted thereto. In fact the present method may be used advantageously in other systems that maintain a distributed copy administrations for data-items, in particular embodiments wherein the operation for verifying whether a copy is a single, or the only remaining copy, is to be implemented in an efficient manner.
In a further embodiment of the invention, the method further comprises administrating at least one of: a copy operation, - a move operation, a delete operation, and a gifting operation.
In this way the method is able to move, copy, delete or gift a data-item or a copy of a data-item. In a further embodiment of the invention, the method further comprises updating the counters of a copy of a data-item to reflect the number-of-direct-copies and the generation-number of that copy.
In this way the method is able to update the counters of a copy of a data-item when these counters are changed due to a move, copy, delete or gift operation. In a further embodiment of the invention, the method further comprises administrating said copy operation by: increasing said number-of-direct-copies counter of a first copy by one, creating a new copy of said first copy with generation-number counter one higher than the generation-number of said first copy and a number-of-direct-copies counter equal to zero for the new copy.
In this way, the copy operation administration is performed by utilizing the two counters associated with the copy of the data-item.
In a further embodiment of the invention, the method further comprises administrating said move operation by not changing said two counters. In this way, the move operation administration is performed by utilizing the two counters associated with the copy of the data-item. In a further embodiment of the invention, the method further comprises administrating said delete operation by determining if said number-of-direct-copies counter of a copy selected for deletion is equal to zero or different from zero.
In this way, the delete operation checks whether the copy of a data-item selected for deletion is a leaf-copy (having number-of-direct counter equal to zero) or a non- leaf-copy (having number-of-direct counter different from zero).
When said number-of-direct-copies counter of said copy selected for deletion is equal to zero administrating said delete operation involves: selecting a first copy with a generation-number one smaller than the generation-number of said copy selected for deletion and with a number-of-direct-copies counter larger than zero, deleting said copy selected for deletion, and decreasing the number-of-direct-copies counter of said first copy by one. In this way the method is able to administrate the deletion a leaf-copy (having number-of- direct counter equal to zero). When said number-of-direct-copies counter of said copy selected for deletion is different from zero administrating said delete operation involves: selecting a first copy with number-of-direct-copies counter equal to zero, swapping said counters of said copy selected for deletion with said counters of said first copy, - selecting a second copy with a generation-number counter one smaller than the generation-number counter of said copy selected for deletion and with a number-of-direct- copies counter different from zero, deleting said copy selected for deletion, and decreasing the number-of-direct-copies counter of said second copy by one. In this way the method is able to administrate the deletion a non-leaf-copy (having number-of-direct counter different from zero).
In a further embodiment of the invention, the method is further characterized in that said second copy is chosen from a group of copies comprising said first copy. In this way, the delete operation of a non- leaf-copy can be performed by using the same copy of a data-item as a first and a second copy.
In a further embodiment of the invention, the system comprises a domain comprising one or more user devices to which a data-item may be copied or moved.
In this way, user devices are defined to belong to a domain in which data- items may be distributed by copying and/or moving operation(s). As indicated earlier typically such a domain is enforced by a DRM system.
In a further embodiment of the invention, the method is further arranged to move a copy of a data-item from a device in a domain to another device in another domain if said copy has number-of-direct-copies counter equal to zero and generation-number counter equal to zero.
In this way a copy of a data-item may be moved from one domain to another if the copy has number-of-direct-copies counter equal to zero and generation-number counter equal to zero.
In a further embodiment of the invention, the method is further arranged to move a copy of a data-item with number-of-direct-copies counter or generation-number counter different from zero from a device in one domain to another device in another domain, said moving of said copy comprising deletion of all copies except one copy in the domain, and moving said one copy to said other domain.
In this way a copy of a data-item with an associated license may be moved from one domain to another if the copy has number-of-direct-copies counter different from zero or generation-number counter different from zero.
The present invention also relates to a device corresponding to the method according to the present invention.
More specifically, the invention relates to a device arranged to operate in a system comprising one or more copies of a data-item, the device comprising memory means for storing the data-item characterized in that the device further comprising memory means for storing two counters for each of said one or more copies of the data-item, one counter representing a number-of-direct- copies made from said copy and one counter representing a generation-number of said copy.
In this way a device is provided that may operate in a system comprising one or more copies of a data-item. Further, the device is able to store said data- item in a memory. Further, the device is able to store the two administrative counters associated with the data- item in a memory. A first counter describes the number of direct copies made from a given copy of a data-item and a second counter describes the "distance" from the given copy of the data-item to the original copy of the data-item. In a further embodiment of the invention, the device further comprises updating means arranged to update the respective counters of each copy of a data-item to reflect the number-of-direct-copies, and the generation-number of that copy.
In this way the device is able to update the counters of a copy/instance when these counters are changed due to a move, copy, delete or gift operation as described above. In a further embodiment of the invention, the device comprises communication means for communicating with other devices in order to maintain a distributed copy administration.
In this way the device is able to maintain a distributed copy administration by communication means for communicating with other devices. In a further embodiment of the invention, a system is arranged to maintain a distributed copy administration, the system comprising at least one of said abovementioned devices.
In this way a system is defined for maintaining a distributed copy administration, the system comprising a device according to an abovementioned embodiment.
Further, the invention also relates to a data-item comprising two counters, one counter representing a number-of-direct-copies made from said data-item and one counter representing a generation-number of said data-item.
The data-item provides two counters, said two counters being responsible for the administration of said data-item. A first counter describes the number of direct copies made from the data-item and a second counter describing the "distance" from the data-item to the original copy of the data-item. In a further embodiment of the invention, the data-item further comprises at least one of a digital content, a digital license, and a digital license associated with digital content.
Further, the invention also relates to a computer program comprising program code means adapted to cause a data processing system to perform the steps of the method according to any of claims 1 to 13 when said program code means are executed by said data processing system.
Further, the invention also relates to a computer readable medium having stored thereon a computer program comprising program code means adapted to cause a data processing system to perform the steps of the method according to any of claims 1 to 13 when said program code means are executed by said data processing system.
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 is a schematic drawing of an exemplary system for administration of distributed copies in a network.
Figure 2 represents an exemplary system of the counters administered to keep track of the number of copies of a data-item in a network.
Figure 3 represents an example of the administration of a copy operation of a distributed copy of a data-item. Figure 4 represents an example of the administration of a move operation of a distributed copy of a data-item.
Figure 5 represents an example of the administration of a deletion of a leaf- copy operation.
Figure 6 represents an alternative example of the administration of a deletion of a leaf-copy operation.
Figure 7 represents an example of the administration of a deletion of a non- leaf-copy operation where the copy of a data-item to be deleted is marked by a cross.
Figure 8 represents an example of the administration of a deletion of a non- leaf-copy operation where the administration of the copy of a data-item for deletion and a leaf-copy is exchanged.
Figure 9 represents the situation after a deletion of a non- leaf copy of a data- item. Figure 10 represents an alternative example of the administration of a deletion of a non-leaf-copy where another leaf-copy has been chosen for exchange of administration values.
Figure 11 represents the result of the deletion of the non- leaf-copy of Figure 10.
Figure 12 represents an alternative example of the administration of a deletion of a non-leaf-copy where another non- leaf-copy has been chosen for the leaf-copy-deletion part.
Figure 13 represents a schematic drawing of a user device according to an embodiment of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
In Figure 1 , a schematic drawing of an exemplary system for administration of distributed copies of data-items, such as licenses, in a network, 100, is presented. The system 100 comprises a domain, 105, belonging to user A and a domain, 135, belonging to user B. Alternatively, a domain may belong to a group of users e.g. a household sharing a number of user devices. Alternatively, a domain may comprise only one user device, 125 or 130. Further the system comprises user devices 125 and 130 belonging to e.g. users C and D, respectively. The domain 105 comprises three user devices, 110, 115 and 120, and the domain 135 comprises two user devices, 140 and 145. All the domains and the user devices are connected via a wired and/or wireless communications network, 150. The user devices may communicate with each other over the communication network. A user device may also communicate directly with another user device using e.g. Bluetooth, infrared (IR) or other wired or wireless communication. The communication between user devices may be initiated by any user device.
Further, any user device communicating with another user device may terminate the communication. It is further to be understood that devices in communication need not be in continuous communication and may refrain from communication.
The communications network 150 may comprise any type of or any combination of networks suitable for receiving and/or transmitting information between devices, wired or wireless. Examples of such communication networks comprise local area network (LAN), extranet, intranet, the Internet, wide area networks (WAN), GSM networks, UMTS networks, or any other network. The domain 105 comprises three devices: 110, 115, and 120. There may be any number of devices in a domain and the type of devices in a domain (and/or the user devices) may be any circuitry or device suitable for storing distributed copies of data-items and/or associated licenses and/or licenses. Examples of such devices comprise mobile phones, smart phones, PDAs, personal computer (PCs), laptops, desktops, car-radios, media center, mp3 players, iPods, stereo set, or the like.
Any of the user devices may have an off-line connection to the network. This may be due to an intentional power-down and/or shut-down by the user, a malfunction of the device, due to the device being moved, due to a malfunction in the network or any of its components, or the like. In the exemplary system 100, the device, 120, may have a broken connection to the network because it may be out of order or because it is transported from one place to another by user A (or any other person). This is illustrated by a dashed line in the figure.
The administration of the number of distributed copies of licenses (or other data structures) is performed by updating two counters associated with each copy of a data- item. The first counter is a number-of-direct-copies counter and this counter represents the number of times a given copy of a data-item has been copied. The second counter is the generation-numbers counter and this counter represents the distance between the copy of a data-item (or other data structure) with the given generation-number counter and the original copy of the data-item (or other data structure).
Using this nomenclature, if only one copy exists of a given data- item in a network or in a domain, the original copy will have a zero in the counter representing the number-of-direct-copies and a zero in the counter representing the generation-number. Thus the original copy can be written as L(0, 0), where the first 0 represents the number-of-direct- copies counter and the second 0 represents the generation-number counter. If the license in this example represents a DRM (or similar scheme) protected data-item in which the data- item is only allowed to be gifted if L(0,0), then gifting would be allowed since only one copy is present of the data-item in the network or domain.
A data-item may comprise digital content, a digital license and/or a digital license associated with a digital content or any other type of data-item.
Gifting is defined as the moving of content (a data-item) from a first user device in the first domain to another user's user device in a second domain and gifting is only permissible if no other copy will be left in the first domain. A move operation may be performed between devices of the same domain and between a first device in a first domain and a second device of a second domain. Further, a move operation may be performed even if a copy of the data- item (content) selected for moving remains in the domain from which the data-item is moved. Gifting may be performed between a first device in a first domain and a second device of a second domain, said first and second domains being different. Further, gifting is only performed when no copy of the data-item (content) gifted away will remain in the domain from which the data-item is gifted.
The present invention further allows for easy management of distributed copies of e.g. a data-item in a network by keeping track of the distributed copies with a minimum of administration. The minimum administration comprises two counters in connection with each of the distributed copies. No extra devices are needed to maintain the distributed copies since the administrative counters follow the distributed copies. It is further not necessary to search all devices in a network to determine whether one or more copies associated with a license are present. Further, updating the license associated with a data-item with a certain frequency is not required since the counters follow their respective copy of the data-item.
In Figure 2 an exemplary system of counters administered to keep track of the number of copies of a data-item or other data structure, 200, is presented. In 205 is an original copy of a data-item possibly with a license on user device 1. 205 is the original copy since the generation-number counter, the second counter, of the given copy of the data-item is 0 i.e. the copy on user device 1 is zero "steps" away from the original copy. Further, from 205 it is seen that three copies of the original copy of the data-item have been made as indicated by the first counter, the number-of-direct-copies counter, equaling 3.
210, 215 and 220 represent the children/copies of the original copy of a given data-item possibly with a license L(3,0), 205. These copies are present on user devices 2, 3 and 4, respectively. All the children of L(3,0), 205, have a generation-number counter equal to one indicating that they are only one "step" from the original copy present on user device 1, 205. 210 has two children of its own as indicated by the number-of-direct-copies counter, L(2,l). The two copies made from the copy present on user device 2, 210, are present on user device 5, 225, and on user device 6, 230. Likewise, 220 has one child of its own and therefore the counters of user device 4 are L(1, 1). The copy made from the copy present on user device 4 is situated on device 7, 235. Finally, 215 has no children of its own and the counters representing this device are L(0, 1). A copy with no children as 215 is called a leaf- copy i.e. when the number-of-direct-copies counter is equal to zero. Copies with children are called non- leaf copies and have number-of-direct-copies counter different from zero.
225 and 230 represent the children of 210 on user devices 5 and 6 in the network. As these copies have no children of their own, both have number-of-direct-copies counters equaling zero L(0,2), they are both leaf copies. Further, they are both in a distance of 2 "steps" from the original copy of the license as seen from their generation-number counter. The same information applies for the copy 235 which is resident on user device 7.
240 represent the two counters L(3,0), generation-number and number-of- direct-copies, of the copy of a data-item on device 1, 205. 245 represents the number-of- direct-copies counter of the copy on device 5. 250 represents the generation-number counter of the copy on device 6.
The arrows in Figure 2 indicate a possible way of how the copies of a data- item possibly with a license could have been created. The arrows are not used in the administration of distributed copies (or other data structures) and are only included to help the interpretation of the figure. The same applies for Figures 3 and 5-12.
A license may represent one or more copies of a data-item. The license and a first copy of the data-item may be represented by the administration-counters L(0,0) and all further copies made of the data-item represented by the license would have administration counters L(m,n), where (m,n) are different from (0,0). The administration of the abovementioned counters may be maintained while allowing the following operations on copies of data- items associated with licenses or other data structures:
Copying: making a copy of a data-item on a user device of a copy from another user device. - Moving: Removing a copy from one user device and placing the copy on another user device.
Deleting: Removing a copy from a user device.
Gifting/Giving away as a special type of move in which the copy of a data- item and associated license is moved from a first device in a first domain to a second device in a second domain, said first domain being different from said second domain.
In Figure 3 the administration of a copy operation of a distributed copy of a data-item, 300, is exemplified. In this figure a copy of the leaf-copy present on device 7, 235 in Figure 2 and 335 in Figure 3, has been made and placed on user device 8, 340. As seen from the figure, a copy operation of a copy of a data- item or other data structure is performed by incrementing the number-of-direct-copies counter of the parent-copy on device 7, 335, by one. In this case L(0,2) is changed to L(I, 2) when going from 235 in Figure 2 to 335 in Figure 3. Further, the new copy of the data-item on device 8, 340, is created with a number- of-direct-copies counter equaling zero and a generation-number counter equaling its parent's generation-number on user device 7, 335, incremented by one. Thus the new copy has the counter-values L(0,3).
Therefore, the administration of the copy operation of a copy comprise the creation of a new copy, a child, with a generation-number counter one higher than the generation-number of the parent-copy from which the child-copy was copied. The number- of-direct-copies counter of the child-copy is zero in the moment of creation but may change as copies of the child-copy are made. Further, the number-of-direct-copies counter of the parent-copy is increased by one.
In Figure 4 the administration of a move operation of a distributed copy of a data-item, 400, is exemplified. In this figure the arrows, indicating a possible way how the copies of a given data-item have been created, have been omitted to clarify the move operation.
In this figure, the copy of a data-item residing on device 8, 440, is moved to user device 9, 445. No changes in the counters are made. The parent of the copy moved, 435, still has one direct copy made of itself and therefore maintains the counter- values L(1, 2). Further, the recipient of the moved copy does not change the counter values of the copy. The moved copy still has direct-number-of-copies equaling zero and the distance to the original copy has not changed either and therefore is still 3. Therefore, the counters of the moved copy remains unchanged at L(0, 3).
The moving of a copy of a given data-item does not require any update in the administration of the copies. This also has the implication that the administration of one copy of a data-item (i.e. the counter values of one copy) can be freely exchanged with the administration of another copy of a data-item (the counter values of a second copy) since the copies with their respective counter values can be moved freely around in the network as demonstrated in the above example. Although exchanging of counter values does not affect the copy administration, it may appear to clash with the terminology used for the counters. In fact when exchanging the copy administration of a leaf cell with a non-leaf cell, the former leaf cell, that did not have children, will have children according to its new direct-number-of- copies counter. This may seem counter intuitive, but is the direct result of the liberal association of administration and actual copies. The former leaf cell, after the exchange, for all distributed copy administration purposes, is the former non-leaf cell, and vice versa.
In Figure 5 the administration of a deletion of a leaf-copy operation, 500, is illustrated. The deletion of a leaf-copy of a data-item comprises the selection of one arbitrary other copy with a generation-number counter one smaller than that of the leaf-copy selected for deletion and further the arbitrary other copy selected may not be a leaf-copy itself i.e. it needs to have a direct-number-of-copies counter different from zero. The administration of the deletion-operation further comprises deleting the leaf-copy selected for deletion and decreasing the number-of-direct-copies counter of the selected arbitrary copy by one.
In Figure 5 the same situation as in Figure 3 is presented. In this case the leaf- copy of a given data-item present on user device 6, 530, is to be deleted. Therefore, an arbitrary copy of the given data-item with a generation-number counter one smaller than the copy of the data-item on device 6, 530, is selected. In this case three possible candidates are present: The copies of the data-item present on device 2, 510, on device 3, 515, and on device 4, 520. But the further requirement that the arbitrary selected copy of the data-item may not be a leaf-copy itself rules out the copy of the data-item present on device 3, 515.
In the case the copy of the data-item present on device 2, 510, is selected as the arbitrary copy with a generation-number counter one smaller than the generation-number counter of the copy on device 6, 530, the copy on device 6, 530, is deleted and the number- of-direct-copies counter of the copy on device 2, 510, is decreased with one from L(2,l) to L(I5I) as illustrated in Figure 5.
Alternatively, in the case the copy of the data-item present on device 4, 520 (or 620 in Figure 6), is selected as the arbitrary copy with a generation-number counter one smaller than the generation-number counter of the copy on device 6, 530 (or 630 in Figure 6), 600 in Figure 6 is to be referred to.
In Figure 6 the administration of a deletion of a leaf-copy operation is illustrated. In this case, the copy on device 6, 630, is deleted and the number-of-direct- copies counter of the copy on device 4, 620, is decreased with one from L(I5I) to L(0, 1) as illustrated in Figure 6. Since the copy on device 4, 620, no longer have any children, the copy on device 7, 635, may be seen as a child of device 2, 610, instead as indicated by the arrows. Figures 5 and 6 illustrates that for this delete operation there is a choice as to which devices may effectively administer the deletion. This is particularly relevant in situations wherein devices may be off-line. Even though one of the devices 2, 510, or 4, 620, may be off-line the deletion can still be effectuated. In Figure 7 the administration of a deletion of a non-leaf-copy operation, 700, is illustrated.
The deletion of a non-leaf copy of a data-item comprises replacing the administration (the number-of-direct-copies and generation-number counters) of the copy to be deleted with that of an arbitrary other leaf-copy. Thereafter, the copy of the data-item selected for deletion is deleted as explained above for deletion of leaf-copies. Therefore, an arbitrary copy with generation-number one smaller than the copy selected for deletion and with a number-of-direct-copies counter different from zero is selected, the copy to be deleted is deleted, and the number-of-direct-copies counter of the arbitrary copy selected is decreased by one. In Figure 7, the same situation as in Figure 3 is illustrated and in Figure 7, the copy of a given data-item 735 on device 7 is to be deleted and therefore it is marked with a cross in the figure. The leaf-copy on device 8, 740, is selected for having its administration exchanged with the administration of copy 735. Thus, the counters of 740 are changed from L(0,3) to L(I, 2) and in the same way the counters of 735 are changed from L(1, 2) to L(0,3) as seen in Figure 8. Next an arbitrary non-leaf copy with generation-number one smaller than the copy up for deletion and with number-of-direct-copies counter different from zero is chosen. In this example the copy on device 8, 840, now a non-leaf copy after the exchange of administration with the copy 835, is chosen. It fulfils the requirements of having the number- of-direct-copies counter different from zero (it is 1) and the generation-number counter is two which is one smaller than the generation-number counter of the copy on device 7, 835, which is three. The copy of device 7, 835, is deleted and, as described above under the deletion of a leaf-copy, the number-of-direct-copies counter of the copy on device 8, 840, is decreased with one from L(1, 2) to L(0,2). After the deletion of the non-leaf copy of the data-item on device 7, the situation depicted in Figure 9 is the result. Alternatively, another leaf-copy may be chosen for having its administration exchanged with the administration of the non-leaf copy selected for deletion. In another example, as depicted in Figure 10, the leaf-copy on device 6, 1030, is chosen to have its administration exchanged with the administration of the non- leaf-copy 1035 on device 7 (still selected for deletion and therefore marked with a cross). Thus, the administration of the copy on device 6, 1030, is changed from L(0,2) to L(I, 2) and likewise, the administration of the copy on device 7, 1035, is changed from L(l,2) to L(0,2). Next, a non-leaf-copy with generation-number one smaller than the copy selected for deletion and with number-of- direct-copies counter different from zero is selected. Since the generation-number counter of the copy on device 7, 1035, up for deletion is two only the copies on devices 2 - 4 are possible candidates. And since the copy on device 3 has number-of-direct-copies counter equal to zero, this copy is not selectable according to the rules for deletion of a leaf-copy described above. Therefore, only the copies on devices 2 and 4 are selectable. In this example, the copy of the data-item on device 4 is chosen. Therefore, its number-of-direct- copies counter is decreased with one from L(1, 1) to L(0, 1) and the copy on device 7 is deleted. The result of the deletion of the non-leaf copy on device 7 is illustrated in Figure 11. Alternatively, if the copy on device 2 had been chosen as a non-leaf-copy with generation-number one smaller than the copy selected for deletion and with number-of- direct-copies counter different from zero, its number-of-direct-copies counter is decreased with one from L(2,l) to L(1, 1) when the copy on device 7 is deleted. After deletion of the copy on device 7, the situation would have been as illustrated in Figure 12.
The number-of-direct-copies counter may as a result of a delete operation not reflect the actual number of direct copies made from this particular data-item (content). As indicated earlier on this does not affect the distributed copy administration. This is seen in the non-leaf-deletion of e.g. Figure 9 (920), Figure 11 (1130) and Figure 12 (1220, 1230). Thus, a result of the exchange of the administration in a non-leaf-deletion, the link between the number-of-direct-copies counter of a copy and the actual number of direct copies made from this particular copy of a data-item may be lost, but the maintenance of the copy administration remains unaffected. The administration of the operations copy, move, deletion of a leaf-copy and deletion of a non-leaf-copy can in summary be written as: Copying L 1 (m,n) : L 1 (m,n) => L 1 (m+ 1 ,n)
Create new copy L2(0,n+l)
Moving: Free
Delete leaf L3(0,n): Choose arbitrary L4(m>0,n-l)
L4(m,n-l) => L4(m-l,n-l) Delete leaf-copy L3(0,n) Delete non-leaf L5(m,n): Choose arbitrary L6(0,p)
Exchange administration on L5 and L6 => L5(0,p) and L6(m,n) Delete L5(0,p) according to leaf-deletion.
When a user wants to move (e.g. gift) a data-item to a domain other than the user's own (or move or gift a data-item from a domain to another user's device or between different users user devices or from a user device to another user's domain), the system only needs to check the administration of the copy selected for movement to verify whether movement of the copy is allowed. If the number-of-direct-copies counter and generation- number counter both equal zero then it is permissible for the user to move (gift) the data-item to a domain other than the user's own otherwise it is not.
Movement of a data-item within the user's own domain can be performed freely as described above. Copying of a data-item to a domain other than the user's own is not permissible since this would lead to several copies of the same data- item on several domains. Copying within the user's own domain can be done according to the administration described above.
Deletion of a data-item in a domain is performed according to the administration described above.
Alternatively, when a user would like to gift (or otherwise move) a data-item having either or both number-of-direct-copies counter and generation-number counter different from zero to a domain other than the user's own (or from the user's domain to another user's device or between different users user devices or from a user device to another user's domain), the system will have to delete all the copies of the data-item except one from the domain of the user gifting the data-item. The copy left on the user's domain will have administration L(0, 0) and the one copy is then moved to the destination device in a domain different from domain of the user gifting the copy.
In figure 13 a schematic drawing of a user device according to an embodiment of the present invention is presented. Shown is a device (1300) according to an embodiment of the present invention, the device (1300) comprising one or more micro-processors (1301) connected with a main memory (1302) and e.g. one storage device (1306) via an internal data/address bus (1304) or the like. Additionally, the device (1300) may also be connected to or comprise a display (1307) and/or communication means (1301) for communication with one or more remote systems via a network. The memory (1302) and/or storage device (1306) are used to store and retrieve the relevant data together with executable computer code for providing the functionality according to the invention. The micro-processor(s) (1301) is responsible for generating, handling, processing, calculating, etc. the relevant parameters according to the present invention.
The storage device (1306), which may be optional, comprises one or more storage devices capable of reading and possibly writing blocks of data, e.g. a USB-slot for memory cards, DVD, CD, optical disc, PVR, etc. player/recorder and/or a hard disk (IDE, ATA, etc), floppy disk, smart card, PCMCIA card, etc. In the preceding and in the following, the wording "a copy" is to be broadly understood as an imitation, transcript or reproduction of an original work also including the possibility that the "copy" is the original work itself i.e. if the administration counters equal L(0, 0) only the original work is left in the domain which could also be expressed as only one copy of a data-item is left in the domain. It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design many alternative embodiments without departing from the scope of the appended claims.
In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps other than those listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements.
The invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the device claim enumerating several means, several of these means can be embodied by one and the same item of hardware. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Claims

CLAIMS:
1. A method for administration of distributed copies of a data-item in a system comprising a device (110 - 130, 140, 145) characterized in that the method comprises associating a copy of the data- item with two counters (240), one counter representing a number-of-direct-copies made from said copy (245) and one counter representing a generation-number of said copy (250).
2. A method according to claim 1, characterized in that updating the administration of distributed copies of data-items comprises updating at least one of a number-of-direct-copies counter and a generation-number counter in the system.
3. A method according to claim 1, characterized in that the data-item comprises one of the following data-items: digital content, a digital license, and - a digital license associated with digital content.
4. A method according to claim 1, characterized in that the method further comprises administrating at least one of: a copy operation, - a move operation, a delete operation, and a gifting operation.
5. A method according to claim 4, characterized in that the method further comprises administrating said copy operation (300) by: increasing said number-of-direct-copies counter of a first copy (335) by one, creating a new copy (340) of said first copy (335) with an associated generation-number counter one higher than the generation-number of said first copy (335) and an associated number-of-direct-copies counter equal to zero for the new copy (340).
6. A method according to claim 4,characterized in that the method further comprises administrating said move operation (400) by not changing said two counters.
7. A method according to claim 4, characterized in that the method further comprises administrating said delete operation (500 - 1200) by determining if said number- of-direct-copies counter (245) of a copy selected for deletion is equal to zero or different from zero.
8. A method according to claim 7, characterized in that if said number-of-direct- copies counter (245) of said copy selected for deletion (530) is equal to zero: selecting a first copy (510) with a generation-number one smaller than the generation-number of said copy (530) selected for deletion and with a number-of-direct- copies counter larger than zero, - deleting said copy (530) selected for deletion, and decreasing the number-of-direct-copies counter of said first copy (510) by one.
9. A method according to claim 7, characterized in that if said number-of-direct- copies counter (245) of said copy selected for deletion (735, 1035) is different from zero: - selecting a first copy (740, 1030) with number-of-direct-copies counter equal to zero, swapping said counters (835, 840, 1030, 1035) of said copy selected for deletion with said counters of said first copy, selecting a second copy (740, 1020) with a generation-number counter one smaller than the generation-number counter of said copy selected for deletion and with a number-of-direct-copies counter different from zero, deleting said copy (935, 1135) selected for deletion, and decreasing the number-of-direct-copies counter of said second copy (940, 1020, 1120) by one.
10. A method according to claim 9, characterized in that said second copy (740, 1020) is chosen from a group of copies comprising said first copy (740, 1030).
11. A method according to claim 4, characterized in that the system comprises a domain (105, 135) comprising one or more user devices (110 - 130, 140, 145) to which a copy of a data-item (205 - 235) may be copied or moved.
12. A method according to claim 11, characterized in that the method further comprises moving a copy of a data-item from a device (110 - 120, 140, 145) in one domain (105, 135) to another device (110 - 120, 140, 145) in another domain (105, 135) if said copy has number-of-direct-copies counter equal to zero and generation-number counter equal to zero.
13. A method according to claim 11, characterized in that the method further comprises moving a copy of a data-item with number-of-direct-copies counter or generation- number counter different from zero from a device (110 - 120, 140, 145) in one domain (105, 135) to another device (110 - 120, 140, 145) in another domain (105, 135), said moving of said copy comprising deletion of all copies except one copy in the domain (105, 135), and moving said one copy to said other domain (105, 135).
14. A device arranged to operate in a system comprising one or more copies of a data-item, the device comprising memory means (1302) for storing the data-item characterized in that the device further comprising memory means for storing two counters (240) for each of said one or more copies of the data-item, one counter representing a number-of- direct-copies made from said copy (245) and one counter representing a generation-number of said copy (250).
15. A device according to claim 14, characterized in that the device comprises updating means operable to update the administration of distributed copies of data-items stored on the device by updating at least one of a number-of-direct-copies counter and a generation-number counter stored on the device.
16. A system comprising one or more copies of a data-item, the system characterized in that the system is arranged to maintain a distributed copy administration, the system comprising at least one device according to claim 14.
17. A data-item characterized in that the data-item comprises two counters (240), one counter representing a number-of-direct-copies made from said data-item (245) and one counter representing a generation-number of said data-item (250).
18. A data-item according to claim 17, characterized in that the data-item further comprises at least one of digital content, a digital license, and a digital license associated with digital content.
19. A computer program comprising program code means adapted to cause a data processing system to perform the steps of the method according to any of claims 1 to 13 when said program code means are executed by said data processing system.
20. A computer readable medium having stored thereon a computer program comprising program code means adapted to cause a data processing system to perform the steps of the method according to any of claims 1 to 13 when said program code means are executed by said data processing system.
PCT/IB2007/050553 2006-03-08 2007-02-21 Method and system for distributed copy administration WO2007102093A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP06110818.9 2006-03-08
EP06110818 2006-03-08

Publications (2)

Publication Number Publication Date
WO2007102093A2 true WO2007102093A2 (en) 2007-09-13
WO2007102093A3 WO2007102093A3 (en) 2007-11-15

Family

ID=38330787

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2007/050553 WO2007102093A2 (en) 2006-03-08 2007-02-21 Method and system for distributed copy administration

Country Status (1)

Country Link
WO (1) WO2007102093A2 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5765152A (en) * 1995-10-13 1998-06-09 Trustees Of Dartmouth College System and method for managing copyrighted electronic media
US5822771A (en) * 1993-05-14 1998-10-13 Fujitsu Limited System for management of software employing memory for processing unit with regulatory information, for limiting amount of use and number of backup copies of software
WO2003021400A2 (en) * 2001-09-05 2003-03-13 Data Encryption Systems Limited Apparatus for and method of controlling propagation of decryption keys

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5822771A (en) * 1993-05-14 1998-10-13 Fujitsu Limited System for management of software employing memory for processing unit with regulatory information, for limiting amount of use and number of backup copies of software
US5765152A (en) * 1995-10-13 1998-06-09 Trustees Of Dartmouth College System and method for managing copyrighted electronic media
WO2003021400A2 (en) * 2001-09-05 2003-03-13 Data Encryption Systems Limited Apparatus for and method of controlling propagation of decryption keys

Also Published As

Publication number Publication date
WO2007102093A3 (en) 2007-11-15

Similar Documents

Publication Publication Date Title
TW563319B (en) Method and device for controlling distribution and use of digital works
CN1525373B (en) Reviewing cached user-group information in connection with issuing a digital rights management (DRM) license for content
CN1331125C (en) System and method for controlling the use and duplication of digital content distributed on removable media
CN100423015C (en) Content processing device, content processing method, and computer program
JP3763393B2 (en) COMMUNICATION SYSTEM, TERMINAL DEVICE, RECORDING MEDIUM RECORDING REPRODUCTION PROGRAM, SERVER DEVICE, AND RECORDING MEDIUM RECORDING SERVER PROGRAM
RU2500075C2 (en) Creating and validating cryptographically secured documents
CN100595777C (en) Content processing device and content processing method
EP1134670A1 (en) Information transmission system, transmitter, and transmission method as well as information reception system, receiver and reception method
JP4380480B2 (en) License processing apparatus, program, and license processing method
MX2008000576A (en) Digital application operating according to aggregation of plurality of licenses.
US11687664B2 (en) Blockchain-based file storage device and file access authorization system and method
JP2002163396A (en) Data terminal equipment
JP2003022338A (en) Method and device for managing contents
JP2009521742A (en) Method and apparatus for rights management
WO2009151751A2 (en) Embedded licenses for content
JP2006085481A (en) License processing device, program, and license transfer method
JP4389129B2 (en) Information transmission system, information transmission device, information reception device, and information transmission method
WO2009003883A1 (en) Method and device for exchanging digital content licenses
CN100378611C (en) Rent component, program, and rent component method
CN101266827A (en) Portable memory apparatus having a content protection function and method of manufacturing the same
JP2010533910A (en) Digital information memory card encryption structure and method
CN100377025C (en) Information processing apparatus, control method thereof, control program, and storage medium
US9154508B2 (en) Domain membership rights object
JP2006085482A (en) License processing device, program and license duplicating method
JP2001083874A (en) Information provision system, information regulator, information signal receiver and information provision method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07705924

Country of ref document: EP

Kind code of ref document: A2