The DRM mainly controls the use of digital content through a permission control and content protection scheme, so as to protect legal rights of a content owner. A digital content issuer (CI) encrypts the digital content with a content encryption key (CEK), and packages the encrypted digital content into a content data packet. An RI distributes an RO corresponding to the digital content, which includes the encrypted CEK and corresponding permissions and constraints. As long as a DRM Agent owns both the content data packet and the RO, the DRM Agent can consume the purchased digital content according to the permissions and constraints in the RO.
Currently, encapsulation formats of the contents and the ROs of different DRM systems are varied, such that the DRM device cannot directly consume the contents and the ROs of the other DRM systems. In secure content exchange (SCE) defined by Open Mobile Alliance (OMA) standard organization, in order to enable the DRM device defined by the OMA to consume the contents and the ROs obtained through the other DRM systems, a local rights manager (LRM) is introduced to import the contents and the ROs of the other DRM systems to the OMA system. The LRM may import the RO for the SCE domain and the SCE device, and the LRM directly generates and provides the RO for the SCE device. Alternatively, the LRM may import the RO for the OMA DRM2.0 domain and the OMA DRM2.0 device, and as the OMA DRM2.0 device cannot identify the LRM, the LRM needs to generate the imported RO through the RI.
Referring to FIG. 1, the system includes an RI, an LRM, and an OMA DRM2.0 device. When the LRM imports the RO for the OMA DRM2.0 device, a process including the following steps is implemented.
1. The LRM registers with the RI. The LRM receives data of other DRM systems, and converts contents of other DRM formats into a content format (Packetized) DRM content format ((P)DCF) defined by the OMA.
2. The LRM requests the RI to generate an RO according to the data of the other DRM systems. The LRM and the RI exchange an ID of the OMA DRM2.0 device as well as permissions and constraints, key information, and other information (for example, RightsIssuerURL, SilentURLs, and other metadata) in the RO. The RI creates the RO according to the above information, and returns the RO to the LRM.
3. The LRM transmits the (P)DCF to the device, for example, in a super-distribution mode. The device requests and obtains the RO from the RI through a silent header in the (P)DCF.
The inventors find in the above process that, the RI obtains the key information, and thus the un-trust RI can continuously generate the illegal RO with the key information.
Similarly, in the circumstance that the SCE device moves the RO generated by the LRM through the RI, the un-trust RI may generate the illegal RO after obtaining the key information due to the same reason.