This section is intended to provide a background or context to the invention that is recited in the claims. The description herein may include concepts that could be pursued, but are not necessarily ones that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, what is described in this section is not prior art to the description and claims in this application and is not admitted to be prior art by inclusion in this section.
The Open Mobile Alliance (OMA) Broadcast (BCAST) group has defined smartcard-based and digital rights management (DRM)-based profiles to address service and content protection issues in broadcast networks. In a conventional smartcard profile, the smartcard is trusted to store long-term secrets that are associated with a particular broadcast service. The device within which the smartcard is located is typically not trusted to generate and store a content encryption key required for content protection.
The current OMA BCAST protection system only works with the ISMACryp-based service protection mechanism promulgated by the Internet Streaming Media Alliance. The current OMA BCAST specification provides content protection for an ISMACryp-protected stream with direct recording, meaning that an ISMACryp-protected stream can be recorded directly into a modified packetized DRM content format (PDCF) along with encrypted traffic keys (protected by a service key). This content protection process is depicted in FIG. 4, where a mobile terminal illustrated as a mobile telephone 12 or other electronic device interacts with a smartcard 46. As shown in FIG. 4, the mobile telephone 12 transmits encrypted traffic encryption keys (TEKs) and a service encryption key identifier (SEK_id) to the smartcard 46, and the smartcard returns TEKs to the mobile telephone 12. A secured entity in the mobile telephone 12 can then decrypt the content using the received TEKs. This system, unfortunately, does not work with the IP Security (Ipsec) and Secure Real-Time Transport Protocol (SRTP)-based protection systems.
In addition, the current OMA BCAST content protection system for smartcards unfortunately possesses a number of severe security problems. One such problem occurs in a “rental phone” scenario, where a first person rents a mobile telephone and subscribes to a broadcast service, which allows him to view recorded content, which is stored on the telephone. At some later point in time, the first person will remove the smartcard from the telephone and return the telephone to a rental company. However, the first person will occasionally forget to transfer or delete some of the recorded content from the telephone. At some later point in time, a second person may rent the same telephone, insert his own smartcard, and subscribe to the same broadcast service. As part of this subscription, the broadcast service will deliver a service key to the second person. In this situation, and assuming that the service key is still valid, the second person would be able to view the content that was purchased by the first person, even if the second person did not pay for that content.
Another problem area for the current OMA BCAST protection system involves the viewing of recorded content before a subscription is initiated. Currently, any device with an active broadcast interface can record broadcasted content in a PDCF format. Assuming that a broadcaster changes its SEK at the beginning of each month, a user can keep the broadcast interface in his telephone active and record content at will. However, if the user subscribes to the broadcast service near the end of a month and obtains the SEK from the service provider, he will be able to play all previously-recorded content that is located on the telephone, even though he is subscribing to the service for only a few days.
It would therefore be desirable to develop a system and method which addresses the shortcomings identified above.