In a common arrangement, service providers supply television, motion picture, music, and other content to subscribers in digital form. This digital content may be stored for later use by a subscriber on a digital recording device, such as a digital video recorder (DVR), located in the subscriber's home.
To protect producer's and distributer's intellectual property (IP) rights, some service providers maintain control over the digital content after it has been stored in a subscriber's DVR.
Before a service provider provides content to a subscriber's DVR, the service provider must determine whether the subscriber's DVR is secure and is authenticated.
A subscriber's DVR is secure if it has a device key and an encryption system therein, wherein the encryption system is able to encrypt content with the device key. Accordingly, any content provided by service provider may be encrypted by the subscriber's DVR with the subscriber's DVR device key. This is an important feature for protecting the rights of the owner of the content. In particular, the content owner may wish to limit the use of the content, wherein the particular use has been authorized only for the subscriber's DVR. As such, the subscriber may be unable to copy or transfer the content, as it will have been encrypted with a key that is unique to the suscriber's DVR.
Authentication of the subscriber's DVR verifies the identity of the DVR. Authentication may be performed by any known method, a non-limiting example of which includes Public Key Infrastructure (PKI), which is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique within each CA domain. The binding is established through the registration and issuance process, which, depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision. The PKI role that assures this binding is called the Registration Authority. For each user, the user identity, the public key, their binding, validity conditions and other attributes are made unforgettable in public key certificates issued by the CA. The PKI may be setup through a bidirectional handshake between the service provider and the DVR, wherein public and private keys are exchanged to establish secure communications and verify the identity of the DVR.
By design, a DVR encrypts content unique to itself with a device key that is associated with the DVR and that prevents stored content from being accessed if moved to a different DVR. The new DVR does not know how to decrypt the content that was previously encrypted by an old DVR unless the new DVR also has the device key, that was used to encrypt the content, from the old DVR.
A subscriber receiving digital content from a service provider may also purchase quantified IP rights in the digital content. These rights may be unlimited for playing, copying (having a copy of the content on more than one device) or moving purposes (having only one copy of the content on one device at any one time), or may be some combination of time duration and number of instances that the digital content can be played, copied or moved.
It may become necessary for the service provider to replace the DVR in the subscriber's home with a different unit. The replacement may be due to some type of failure with the original DVR or the DVR might be replaced with a new device with enhanced capabilities.
When transferring non-encrypted content from one DVR to another DVR, there typically is no problem. In such cases, any known copying system or method may be used. However, when a DVR includes encrypted content, the IP rights associated with the content must be taken into account. Problems exist when transferring encrypted content from one DVR to another, i.e., moving encrypted content such that only one copy of the content exists on one device at any one time. These problems will now be described with reference to FIG. 1.
FIG. 1 illustrates a conventional system 100 for transferring encrypted content from one DVR to another DVR.
As illustrated in the figure, conventional system 100 includes a service provider 102, a subscriber home 104 and a communication channel 110. Subscriber home 104 includes DVR 106, a DVR 108 and a channel 112.
Channel 110 may be any known communication media. Signals within channel 110 typically embody computer-readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism and include any information-delivery media. Non-limiting examples of communications media of channel 110 include wired media, such as wired networks and direct-wired connections, and wireless media such as acoustic, radio-frequency, infrared, etc. The term “computer-readable media” as used herein includes both storage and communications media.
Service provider 102 provides content to subscriber home 104 over channel 110. Within subscriber home 104, channel 110 enables content to be distributed from service provider 102 to DVR 106 or DVR 108.
Channel 110 may be any known channel medium, non-limiting examples of which include cable, fiber optic, and satellite, over which service provider 102 distributes digital content to subscriber home 104. Subscribers access digital content received from service provider 102 through any known method, non-limiting examples of which include sound systems and television.
Within subscriber home 104, DVR 106 and DVR 108 may be used to store digital content. Once stored on DVR 106 or DVR 108, digital content can be accessed by a subscriber as described above without additional interaction with service provider 102.
Within subscriber home 104, channel 112 may be any known channel medium, non-limiting examples of which include cable and Ethernet, used to transfer digital content retrieved from DVR 106 to DVR 108.
In operation, channel 110 supports two-way communication between service provider 102 and subscriber home 104. Subscriber request information is transmitted from subscriber home 104 to service provider 102 and digital content is transmitted from service provider 102 to subscriber home 104.
Digital content transmitted to subscriber home 104 may be stored on DVR 106 or DVR 108, in which case the applicable DVR autonomously encrypts the digital content using a device key unique to itself.
If digital content is transferred from DVR 106 to DVR 108 over channel 112, without the device key from DVR 106, DVR 108 is unable to decrypt the digital content and the subscriber cannot access it.
As an alternative, digital content from DVR 106 may be transferred to DVR 108 over channel 112 along with the device key from DVR 106. In this case, however, service provider 102 would either need to allow the subscriber to access the device key from old DVR 106 or have a technician perform the transfer at subscriber home 104.
If service provider 102 allows subscriber access to the device key, it loses control of intellectual property rights in the digital content.
If a service technician manages the task, the time required to transfer digital content may be quite long, resulting in considerable expense to the subscriber. A long transfer time also would inconvenience the subscriber by preventing normal use of both DVRs.
In either case, direct transfer of digital content from DVR 106 to DVR 108 requires the presence of both DVRs in subscriber home 104 at the same time. Four separate steps are therefore needed: install DVR 108; validate and authenticate DVR 108; transfer digital content from DVR 106 to DVR 108; finally, remove DVR 106. The first and last steps usually require a service technician, again resulting in considerable expense to the subscriber. Also, if DVR 106 is failing, scheduling delays might prevent access before digital content is lost.
As discussed above, transferring digital content from a DVR to a replacement device with conventional systems is not practical, requiring either loss of control by the service provider or significant burden on the subscriber in the form of time and expense. With no practical method of transferring digital content when a subscriber's DVR is replaced, the content and subscriber's IP rights are lost.
What is needed is a method of transferring encrypted digital content from one DVR to another DVR that is controllable by a service provider and does not place an undue burden on the service provider or subscriber.