1. Field of the Invention
The present invention relates generally to protecting digital information from mass, free distribution while allowing an authorized user to utilize said information on a variety of devices.
2. Description of the Related Art
Digital Rights Management
The term “Digital Rights Management” (DRM) has been used since the late 1990s by vendors and industry analysts. The term encompasses the management of legal rights, rightsholders, licenses, sales, agents, royalties and their associated terms and conditions. Copyright law gives the owner of copyright the exclusive right to do and to authorize (1) the reproduction of the copyrighted work; (2) the preparation of derivative works based upon the copyrighted work; (3) the distribution of copies of the copyrighted work to the public by sale or other transfer of ownership or by rental, lease, or lending; (4) the public performance of the copyrighted work; and (5) the public display of the copyrighted work. DRM is all about controlling those rights in consideration for the owner of those rights.
Prior to the widespread popularity of the Internet, content was physically distributed and therefore carried a set of implicit rights. Consumers could purchase an album from the record store. Album rights owners obtained consideration for this in the form of the consumer's money. The initial consumer could then sell his copy of the album to another person, but having done so he lost his right to listen to the album.
Digital copies of the content combined with peer-to-peer network services, however, such as the famed Napster, have removed almost all of the distribution constraints associated with the traditional model.
This section provides some background terminology used in the remainder of the document. These terms were defined long before the advent of the digital age, but their definitions remain constant.
Rights: The privilege, to which one is justly entitled, to perform some action involving the intellectual property of some entity.
Owner: The legal entity that owns the rights in some intellectual property by virtue of a copyright, trademark, patent and so on. These rightsholders may enter into legal arrangements whereby they either sell or license those rights or subset of rights to another party. When the rightsholder sells the rights they act as a seller or grantor of rights. When the rightsholder licenses those rights they act as a licensor.
Licensee: The legal entity that has either licensed or purchased rights for some type of content. If the user is licensing the rights, they act as a licensee.
Rights Transaction: The act of legally transferring rights from one entity to another. These rights transactions can be as simple as purchasing a DVD movie (right to view unlimited times), or complex business-to-business (B2B) transactions where many types of rights with complex provision are exchanged.
Rights models require more information than just the type of rights that have been granted to a user for a particular instance of content. For each right granted, there are additional rights attributes associated that express limitations, qualifications and/or compensation for the use of those rights.
Consideration defines the necessary compensation required in return for utilizing the associated right. Typically the consideration is monetary, but could also take any other form relevant to the content owner. The content owner may require that the user enter its demographics into their web site for example.
The extent of the right defines information such as how many times, for how long, during what periods or in what locations the right is valid. For example, a user might have purchased the right to play a video five times, or all weekend, or is only permitted to view a sampling of the video. In another example, a user of an e-book article might have the right to view the content unlimited times, but can only print the content twice. Due to export restrictions, some content rights might only apply in certain states or countries.
The last major attribute category is the type of user attribute, which provides the ability to group rights into different categories and provide those sets of rights to different users based on their user type. A user authenticated as a valid agent might have a license to copy a movie, while another user may only have the right to store the movie on a particular device and view the movie on that device.
Applications in a Digital World
The burgeoning Internet is entering a transitional phase between the early years of a wild-west free-for-all mentality to more secure, orderly, high speed and ubiquitous tool for everyone. In addition to this movement, the advent of Wireless Local Area Networks (WLAN) is extending the reach of the Internet beyond the tethered personal computers into the consumer's workspace and home environments. As many more consumer devices are being sold with standard WLAN and Bluetooth functionality, these devices are capable of collaboration in a Personal Area Network (PAN) that exists in the proximity of the device and may intermittently be connected to the Internet.
However, the Internet has not yet migrated over to a secure digital highway. The resulting networks of interconnected and intermittently connected devices have become a breeding ground for digital copyright infringement that extends throughout the entire worldwide network of devices. Over the past few years, a number of attempts have been made to provide some type of governance of the digital content that courses through the Internet and within the consumer's environments. The governance of these digital works is the crux of the Digital Rights Management (DRM) movement being pushed by the large copyright holders such as Sony and Disney. These rightsholders have seen the likes of the peer-to-peer network Napster single-handedly affecting their corporate bottom lines by reducing their sales revenues. Without a DRM solution in place, consumers can easily search the Internet for music, movies and publications that can be downloaded to a plethora of devices without paying compensation to the rightsholders.
The concept of rights to content was first introduced in the paper “Letting Loose the Light”, which appeared in the 1996 book: “Archetypes, Myths, and Metaphors”, by Dr. Mark Stefik of Xerox PARC research labs.
The problem with the early DRM systems is that they focused on preventing the consumer from duplicating the digital content from its original distribution medium. These mechanisms were eventually circumvented. The current generation of DRM solutions offered by IBM, Microsoft, InterTrust, RealNetworks and many others continue to alienate the consumers by imposing complex rights management processes and inflexible rules for the management and distribution of rights within the consumer's network of devices.
Paid Downloads
The paid download model was the original DRM business model. Customers could enter a provider's website, shop for content, enter their credit card and after validation download their requested content. This interaction model is similar to the business model where the consumer enters a store and immediately pays for some item. DRM systems can enforce the rights purchased by the consumer once the content is resident on the consumer's device.
Even though this business model closely aligns with the consumer's typical business model in the physical world, the paid download model has not fared well in the open market. Three limitations have hampered this model. Often, purchasing the content has been too complex for consumers. The DRM technologies have added to the complexity of the model. Finally, many consumers do not want to be tethered to their PC while viewing or playing content.
Subscriptions
The subscription business model is starting to make its way into the DRM world. An example of a music service offering a subscription service is PressPlay. In the subscription model, the consumer creates an account on the provider's website and typically picks a specific price plan. The plans offered by the provider allow the consumer to acquire a given set of rights on a monthly basis for content offered through the provider's website. The DRM system on the client enforces the rights allowed by the subscription the consumer has purchased.
Pay-per-Access
The pay-per-access business model has two forms: pay-per-view and pay-per-listen. Most consumers are familiar with the pay-per-view model as it has been around for many years. The pay-per-view model has been used for one-time events on television, such as boxing events and concerts. The model is also used in the cable and motel industry to offer movies on-demand. This model has existed even longer as a pay-per-listen model for the music industry. One of the oldest DRM technologies is the jukebox. Encased in a tamper-resistant device, the rights to play content one time was offered for the consideration of a nickel. Once the song ended, the right was revoked. The model has remained the same, but the technology has improved along with the complexity.
Usage Metering
The usage-based metering business model has been around for decades. As a result, consumers are very familiar with the model. The telecommunications industry has used the usage model for many years. However, the trend has been a reduction in the usage model in favor of a flat fee model. Consumers are starting to favor the flat subscription model over the usage-based model because they know what their costs will be at the end of the month.
The DRM methodology and the usage-based business model are well suited for each other. DRM technology provides the mechanism to capture the usage information as rights are invoked on the consumer devices. However, this raises some privacy concerns as consumers may not want to have their each and every content interaction, effectively watched. There are many programs today that include ‘spyware’ performing the same task by monitoring the user's activities. Consumers have responded by running software to remove the spyware from their devices.
However, consumer usage data is precisely the marketing information that Content Providers (430) covet. The ability for these providers to dissect their markets and tune their pricing structure would be extremely beneficial to those providers.
DRM Standards
There are many competing ‘standards’ in the evolving landscape of DRM technology. In this section, only two of those are presented as a sampling. The invention itself does not depend on one particular standard or another. These two standards are presented because they address two areas in which the invention may extract information to drive its processing. These standards are representative of the set of their respective standards in that each standard provides the type of functionality required by the invention.
All DRM systems must have the capability to uniquely identify a piece of content. One promising standard in this area is the Digital Object Identifier (DOI). The DOI standard stems from the Association of American Publishers (AAP) work on their online copyright management initiative. Bill Rosenblatt published the 1997 paper, “The Digital Object Identifier: Solving the Dilemma of Copyright Protection Online” which outlines the governing precepts for DOI. Any standard which substantially fulfills these requirements would also work.
The second important standards area relevant to the invention governs the rights document structure. One of the most complete standards for expressing rights within an XML document is the Extensible Rights Markup Language (XrML) standard. The XrML standard has its roots in the Xerox PARC research labs. Dr. Mark Stefik's work at Xerox focused on the concept of ‘trusted systems’, which can render content according to a precise definition. That definition turned out to be the Digital Property Rights Language (DPRL).
Cryptography
The main objective of incorporating cryptography in a DRM solution is to prevent the content from being accessed outside the control of the DRM solution. By forcing the access of content through the DRM solution, the rights, extents and conditions will be honored.
Symmetric Key Cryptography
When the key value used to encrypt and decrypt the data is the same value, a symmetric key algorithm is being used. The key in this case is termed the ‘shared secret’. Any person or system having access to the shared secret can decrypt and re-encrypt the data. DES, Triple DES, RC4, RC5 and RC6 are common symmetric algorithms.
Asymmetric Key Cryptography
In the asymmetric encryption model, two different keys are used to perform the encryption process. One key, termed the ‘public key’ is provided to the recipient for use in decrypting messages sent from the source system as well as encrypting messages that can only be decrypted by the source system. The second key, termed the ‘private key’ is securely retained by the source system and is never revealed. The private key is used to encrypt the messages for systems possessing the public key and for decrypting messages sent from targets using the public key. These keys are also referred to as a key pair and are generated at the same time by the source system.
Message Digests
Another aspect to digital security is the aspect of tampering with data. An algorithm that uses a secret key can be used to create a one-way hash value that represents the exact value of the data. In order to recreate the same one-way hash value, the same data value must be provided again. Message digests don't prevent data from being tampered with, they only alert systems that the data has been altered in some way.
Digital Signatures
A digital signature combines the functionality of the asymmetric cryptography and message digests to mimic the real world handwritten signing of a document. The legal entity performing the signing function must have generated an asymmetric key pair and an associated certificate. The certificate containing the signer's public key is distributed to other entities that will need to verify the digital signature of the signer.
Smart Cards
Smart cards are often referred to as chip cards, or integrated circuit cards. The integrated circuit incorporated in either a plastic substrate or cellular phone SIM card contains elements necessary for data transmission, storage and processing. Typically the smart cards do not contain their own power supply, display mechanism, input device or system clock. Smart cards can be either simple memory cards or microprocessor cards. They can further be classified based on the access type: contact cards and contactless cards. The memory cards are used to store information and don't provide any processing power on the card itself. The microprocessor cards however, provide the ability to load software onto the card where it can securely execute within its own processor. The microprocessor cards are type suitable for the invention presented in this document.
Code Obfuscation
A common technique used today to secure software is obfuscating the code instructions. As opposed to the smart card scenario, code obfuscation attempts to prevent attacks against the software that executes in standard operating environments easily accessible to the attacker. A typical software attack is to reverse engineer the distributed software into a form that can be modified and then substituted by the attacker.
Trusted Computing Platforms
The computing industry has awakened to the need of a distributed computing environment where software providers can be assured that their software will not be altered, examined or spoofed by other software and hardware components. Industry consortiums, such as the Trusted Computing Platform Alliance (TCPA), and individual hardware manufactures, such as IBM and Texas Instruments, are currently delivering specifications, chips and peripherals that support this type of trusted environment.
The trust in a platform is measured by integrity metrics of that platform. The metrics consist of data expressing the integrity of the system component that can be reliably measured and reported. Software can then query the client component first to determine if it satisfies the required security metrics before trusting the client component. The trusted platform specification provides a complete set of secure cryptographic functions, including the storage of keys and data.
DRM Shortcomings
Initially the DRM industry has focused primarily on blocking the ability of consumers to duplicate and redistribute their digital content. Another more recent set of the industry has focused on the creation of a centralized model for DRM. A centralized license server (120) creates an encrypted license that authorizes a single user to access content. The license is typically tied to a specific device. These centralized models have proven to be very inflexible from the end consumer's point of view. For example, many of these centralized systems require a tethered approach where the device is constantly connected to the Internet. Additionally, it is difficult, if not impossible, to get the license to work on another device owned by the same consumer.
Another breed of DRM systems aims to separate content from license rights. Among these DRM systems is U.S. Pat. No. 6,385,596, issued May 7, 2002, to Wiser (the Wiser Patent) for a “Secure Online Music Distribution System”. This system enhances security through the use of a personal, digital passport in each media player. The digital passport contains identifying information that identifies the purchaser, along with confidential information, such as a credit card number, along with the encryption keys. The media player displays the confidential information during playback of the decrypted material. In order to pass the encryption keys to another party, the original party's confidential information would necessarily be exposed to them as well. The superdistribution model is a powerful business model, but, to be completely effective, it requires additional abilities to manage the process and insure the proper settlement of royalties for each rights transaction.
The physical distribution of content and the associated rights have two fundamental models. In one case, the rights and content are conjoined entities and cannot be separated. As conjoined entities, these distributions are packaged for each individual device that purchases the content. The distributed file is valid only on the target device for which the content was packaged. The second fundamental model of distribution separates the rights and content into their respective parts. The rights are packaged into a file termed the license document. There are variations in this model as to when the license document (370) is acquired and if the content file is encrypted for the specific device. The salient point is that distribution of the content and the license document (370) can be two different actions.