Digital Rights Management (DRM) refers to a set of methods that ensures that certain content and services can only be accessed or used by a mobile device operator when the relevant conditions (e.g., access conditions) have been met. DRM Rights Objects (ROs) are the collections of permissions, keys and other attributes that are linked to various items of the content and services. These ROs have certain time constraints for specifying when the rights are valid, and at certain points during the protected content consumption cycle, the ROs will need to be changed. For example, a standard cycle for RO change in IP Datacast systems is one month. (See “IP Datacast over DVB-H: Service Purchase and Protection (SPP),” DVB Document A1OO, December 2005, available at http://www.dvb-h.org/PDF/a100.tm3455r3.cbms1476.IPDC SPP.pdf.) In current systems, a user may receive two ROs, one for the current month and one for the next month.
In order to determine, therefore, whether a mobile device operator has the necessary access rights to particular items of content or of a service, the mobile device needs to be able to accurately and securely keep track of time. More specifically, the mobile device needs to be able to accurately know when each RO is no longer valid and, therefore, when to start a new RO.
In many mobile devices, a specific DRM clock, or DRM time, is used to check the validity of a user's DRM rights. The DRM clock, or time, represents a secure, non user-changeable time source that measures time in the UTC (Universal Time Coordinated—e.g., zulu or Greenwich Mean Time (GMT)) time scale. One problem associated with this, and generally any, secure time source, however, is that it is susceptible to drift. In other words, if a clock or time source, such as the DRM time, is not regularly updated, the time provided is likely to drift away from its originally-set time and, therefore, no longer provide the correct time. If the DRM time is wrong or old, a user may be prevented from consuming ORM protected content, since the current RO associated with that content may no longer be valid, and a new RO may not have been started appropriately.
One solution to this problem has been to use the NITZ (Network Identity and Time Zone) network time to update the DRM time. However, not all operators have access to the NITZ time, and one cannot easily determine which operators have access and at what locations.
A need, therefore, exists for a way to consistently and accurately update a secure time source that is associated with a mobile device and may be used to determine whether a user has rights to certain items of content or of a service.