User terminals like personal computers, laptop computers, or mobile phones are developing from specialized devices, e.g. computing devices or telephony devices to so-called multimedia devices that provide a multitude of services. Mobile phones are already available that offer, additionally to traditional telephony services, data services e.g. Web browsing, Multimedia Messaging Services (MMS), MP3 music playback, video streaming, and mobile gaming. Furthermore, with the introduction of integrated or attachable cameras, such user devices are capable of generating and managing picture files and/or video files. With the increasing capability of generating and managing own digital data, the wish to exchange such data among user devices increases accordingly.
Without an efficient measure of protection, digital data can be extensively used by any recipient, e.g. being copied, modified and/or distributed arbitrary further recipients. Thus, there is a wish to protect digital data being distributed to recipients from defined unauthorized use. For such protection, so-called Digital Rights Management (DRM) technologies have been created, which refers to protection and usage control of multimedia data.
One of such DRM technologies has been proposed by the Open Mobile Alliance (OMA), a standardization organization in the field of mobile communication that addresses DRM within mobile networks. The Open Mobile Alliance has developed a series of open standards (being available under the web address http://www.openmobilealliance.org), hereunder a standard named “OMA Digital Rights Management V1.0”, in the following being referred to as OMA DRM 1.0, and a further standard named “OMA Digital Rights Management V2.0”, in the following being referred to as OMA DRM 2.0. These standards focus on the protection of data delivered from content owners and service providers, actually preventing recipient users from an unauthorized use of received content. OMA DRM 2.0 can be regarded as an extension to OMA DRM 1.0, addressing a protection of the exchanged information between the user devices and the providers.
OMA DRM 1.0 provides the ability to associate rights to the content data object (e.g. to prevent downloaded content from being forwarded or copied to further users, also being referred to as Forward-Lock). This can be achieved either by directly combining a rights object with a content object (Combined Delivery mode) or by first distributing the content object and then sending an associated rights object (Separate Delivery mode).
For Separate Delivery—SD—, generally the content (e.g. a media object) is protected by encryption (into a DRM content format—DCF—), e.g. using symmetrical encryption techniques according to the so-called Advanced Encryption Standard (AES). The decryption key, needed to render or obtain the content, is put in the rights object which may also contain definitions of usage rights for the obtained content. Such usage rights might comprise permissions (e.g. “play”, “display”, “execute”, “print”) and constraints (e.g. “count”, “datetime”, “interval”) thus expressing what the recipient is allowed to do with the content. Thus, this rights object governs the consumption of the associated content.
Technically, a usage of the content within the granted rights is ensured by a DRM Agent being realized within the user devices. Once the DRM content is received by the device, the DRM Agent enforces the associated usage rights, e.g. preventing the user from unauthorized forwarding, or from modifying DRM content or rights. The OMA DRM standards, especially OMA DRM 1.0, are supported by a considerable number of current mobile phones.
While OMA DRM standards has been defined to enable content providers to control the distribution and consumption of their content based on the classical client-server architecture, they do not consider a use control of content amongst the terminals on a peer-to-peer level.