As is known, and referring now to FIG. 1, a content protection and enforcement system is highly desirable in connection with digital content 12 such as digital audio, digital video, digital text, digital data, digital multimedia, etc., where such digital content 12 is to be distributed to users. Upon being received by the user, such user renders or ‘plays’ the digital content with the aid of an appropriate rendering device such as a media player on a personal computer 14, a portable playback device or the like.
Typically, a content owner distributing such digital content 12 wishes to restrict what the user can do with such distributed digital content 12. For example, the content owner may wish to restrict the user from copying and re-distributing such content 12 to a second user, or may wish to allow distributed digital content 12 to be played only a limited number of times, only for a certain total time, only on a certain type of machine, only on a certain type of media player, only by a certain type of user, etc.
However, after distribution has occurred, such content owner has very little if any control over the digital content 12. A copy protection system 10, then, allows the controlled rendering or playing of arbitrary forms of digital content 12, where such control is flexible and definable by the content owner of such digital content. Typically, content 12 is distributed to the user in the form of a package 13 by way of any appropriate distribution channel. The digital content package 13 as distributed may include the digital content 12 encrypted with a symmetric encryption/decryption key (KD), (i.e., (KD(CONTENT))), as well as other information identifying the content, how to acquire a license for such content, etc.
The trust-based copy protection system 10 allows an owner of digital content 12 to specify rules that must be satisfied before such digital content 12 is allowed to be rendered. Such rules can include the aforementioned requirements and/or others, and may be embodied within a digital license 16 that the user/user's computing device 14 (hereinafter, such terms are interchangeable unless circumstances require otherwise) must obtain from the content owner or an agent thereof, or such rules may already be attached to the content 12. Such license 16 and/or rules may for example include the decryption key (KD) for decrypting the digital content 12, perhaps encrypted according to another key decryptable by the user's computing device or other playback device.
The content owner for a piece of digital content 12 would prefer to distribute the content 12 to the user unless such owner can trust that the user will abide by the rules specified by such content owner in the license 16 or elsewhere. Preferably, then, the user's computing device 14 or other playback device is provided with a trusted component or mechanism 18 that will not render the digital content 12 except according to such rules.
The trusted component 18 typically has an evaluator 20 that reviews the rules, and determines based on the reviewed rules whether the requesting user has the right to render the requested digital content 12 in the manner sought, among other things. As should be understood, the evaluator 20 is trusted in the copy protection system 10 to carry out the wishes of the owner of the digital content 12 according to the rules, and the user should be able to easily alter such trusted component 18 and/or the evaluator 20 for any purpose, nefarious or otherwise.
As should be understood, the rules for rendering the content 12 can specify whether the user has rights to so render based on any of several factors, including who the user is, where the user is located, what type of computing device 14 or other playback device the user is using, what rendering application is calling the copy protection system 10, the date, the time, etc. In addition, the rules may limit rendering to a pre-determined number of plays, or pre-determined play time, for example.
The rules may be specified according to any appropriate language and syntax. For example, the language may simply specify attributes and values that must be satisfied (DATE must be later than X, e.g.), or may require the performance of functions according to a specified script (IF DATE greater than X, THEN DO . . . , e.g.).
Upon the evaluator 20 determining that rules are satisfied, the digital content 12 can then be rendered. In particular, to render the content 12, the decryption key (KD) is obtained from a pre-defined source such as the aforementioned license 16 and is applied to (KD(CONTENT)) from the content package 13 to result in the actual content 12, and the actual content 12 is then in fact rendered.
Note that the trusted component 18 may at times be required to maintain state information relevant to the rendering of a particular piece of content 12 and/or the use of a particular license 16. For example, it may be the case that a particular license 16 has a play count requirement, and accordingly the trusted component 18 must remember how many times the license 16 has been employed to render corresponding content 12 or how many more times the license 16 may be employed to render the corresponding content 12. Accordingly, the trusted component 18 may also include at least one persistent secure store 22 within which such state information is persistently maintained in a secure manner. Thus, the trusted component 18 stores such state information in such secure store 22 in a persistent manner so that such state information is maintained even across sessions of use on the computing device 14. Such secure store 22 is likely located on the computing device 14 of the trusted component 18, although such secure store 22 may alternately be located elsewhere.
In a copy protection system 10, content 12 is packaged for use by a user by encrypting such content 12 and associating a set of rules with the content 12, whereby the content 12 can be rendered only in accordance with the rules. Because the content 12 can only be rendered in accordance with the rules, then, the content 12 may be freely distributed. Typically, the content 12 is encrypted according to a symmetric key such as the aforementioned key (KD) to result in (KD(content)), and (KD(content)) therefore is also decrypted according to (KD) to result in the content 12. Such (KD) is in turn included within the license 16 corresponding to the content 12. Oftentimes, such (KD) is encrypted according to a public key such as the public key of the computing device 14 (PU-C) upon which the content 12 is to be rendered, resulting in (PU-C(KD)). Note, though, that other public keys may be employed, such as for example a public key of a user, a public key of a group of which the user is a member, etc.
Note that in addition to restricting what a user can do with distributed digital content 12, a content owner or the like may also wish to meter the use of such content 12 by such user, by such computing device, or the like. For example, the content owner may wish to know how many times the content 12 has been rendered for the reason that the user is charged a fee based thereon, for the reason that the content owner is owed a fee based thereon, or the like. Correspondingly, the content owner may wish to know how many times the content 12 has been copied, presuming such an option is available, how many times the content 12 has been incorporated into another piece of content, again presuming such an option is available, how long the content is rendered, the time of day the content is rendered, etc. In short, the content owner or the like may wish to meter the use of such content in any manner that in fact may be metered or otherwise counted or accumulated. Thus, the trusted component 18 on the computing device 14 may be employed to perform such metering function and store metered data obtained therefrom in the secure store 22.
In general, metering may be referred to as counting or otherwise accumulating an amount in relation to a piece of content 12, where the amount is representative of a quantity that is to be measured according to the wishes of the content owner or the like. As was set forth above, metering may typically be based on the number of times content 12 is accessed, either by being rendered, copied, transferred, or the like, an amount of time the content 12 is rendered, or the like. Of course, other forms of metering exist, and any other such form of metering may be employed in connection with the present invention as set forth below.
As may be appreciated, metering is useful for many reasons including feedback, monetary bases, and the like. For one example, statistics on usage of a piece of content 12 may be important to a content owner as an indication of whether the content 12 is popular, useful, appreciated, enjoyed, and the like. For another example, statistics on usage of a piece of content 12 may be employed to reward an author of a piece of content 12, even when such author is one of many, many authors. For yet another example, statistics on usage of a piece of content 12 may be employed to calculate a monetary value owed to a content owner. In the latter case in particular, it is to be appreciated that content 12 such as a musical composition can be licensed based on a per use basis, a single payment basis, or a combination thereof. Thus, the license fee as generated to the content owner by use of the content 12 can vary radically based on the licensing basis, and in particular based on whether license fee is based on a fixed amount or a per use amount.
Moreover, inasmuch as detailed metering has not as yet been performed, it is entirely likely that providing the ability to perform such detailed metering will create future business models heretofore unavailable. For one example, the cost to present an advertisement (content 12), which is now based primarily on a preset and fixed rate, can now be based on how many renderings of the advertisement/content 12 are achieved as metered by way of the present invention. For another example, a television program (content 12) is now rated based at least in part upon a market share thereof as measured through a rating service, but such rating is merely an estimate based on a fairly small statistical sampling, while with the present invention such rating could be based on a highly detailed metered measurement of viewers/users of such program/content 12.
Note though that while accessing and usage of content 12 by a user on a computing device 14 may be metered in a relatively straightforward manner, no architecture or method exists for (1) defining what is to be metered, (2) defining how data derived from metering is to be stored on a computing device 14, (3) defining a metering service for collecting metered data from each of several computing devices, or (4) defining how the metered data is to be reported out to the metering service.
Accordingly, a need exists for an architecture and method that effectuate metering data and reporting out metered data to a metering service. In particular, a need exists for an architecture and method that defining what is to be metered, define how data derived from metering is to be stored on a computing device 14, define a metering service for collecting metered data from each of several computing devices, and define how the metered data is to be reported out to the metering service.