1. Field of the Invention
Methods and apparatuses consistent with the present invention relate to receiving software for using digital content from a software transmission server and installing the software, and more particularly, to transmitting security information indicating the security status of a device to a software transmission server, and if the security information of the device satisfies a security condition required by software, the software transmission server transmits the software to a device so that the software can be installed in the device.
2. Description of the Related Art
As illegal copying of digital content in the digital content industry has recently increased, a variety of technologies for protecting digital content have been studied and developed. Such technologies include a conditional access system (CAS) for protecting broadcasting contents, digital rights management (DRM) for determining whether to allow digital content to be used according to rights on the digital content, and digital content protection technologies for storage media such as a content scrambling system (CSS), content protection for recordable media (CPRM), and an advanced access content system (AACS).
These technologies for protecting digital content usually employ encryption technologies and the like, and control the use of digital content so that only an authorized user or device can use the digital content only by a permitted method.
In most current content devices, a predetermined content protection system is fixedly mounted and used. In this fixed content protection system, digital content that can be used is also fixed beforehand, thereby hindering a user from freely using digital content and selecting a service. In other words, if the DRM technology is applied to digital content and a device does not support the DRM technology, then the digital content cannot be used in the device. Also, digital content used by the device cannot be moved to and used in another device supporting other DRM technologies. For example, digital content to which a DRM solution of a company A is applied cannot be used in a device in which a DRM solution of a company B is implemented.
That is, in this fixed content protection system, the types of digital content that can be used in the device are limited, thereby causing inconvenience to users.
This inconvenience is expected to become more serious in the case of networks including digital content devices. Nowadays, broadcasting services through the Internet such as Internet protocol television (IPTV) services are provided, and it is also expected that digital content devices will access a variety of services through wired and/or wireless networks. In this environment, if a predetermined content protection technology such as a predetermined DRM is mounted in a predetermined device, more services that can be used by a user will be restricted.
As a method of solving this problem, a content protection system can be provided in the form of software or firmware so that the content protection system can be installed in a device. For example, a user is allowed to freely install and use a software content protection system, which is applied to digital content which the user wants to use, in a device. Accordingly, the user can use a variety of digital contents irrespective of the type of the content protection system.
FIG. 1 is a diagram illustrating a conceptual internal structure of a content device 100 which plays digital content by installing a software digital content protection system according to conventional technology.
The content device 100 has a structure in which one or more different software content protection systems can be installed, and when digital content is desired to be used, the digital content is decrypted or the use of the digital content is controlled by operating a software content protection system such as DRM software.
The content device 100 includes a software execution unit 110 capable of executing software and a software storage unit 120 capable of storing software. DRM software, which is executed in the software execution unit 110, includes a license processing unit 111 processing a content key or license, a content decrypting unit 112 decrypting digital content encrypted for protection, and a content output unit 113 for playing digital content or transferring digital content to an external device.
The structure for using digital content protected by DRM in the content device 100 will now be explained. When the use of digital content such as playing or transferring to an external device of the digital content is requested, the content device 100 executes DRM software for controlling the use of the digital content in the software execution unit 110. The license processing unit 111 of the DRM software interprets a license for the usage right of the digital content, thereby determining whether the content can be used. If the use is permitted, the digital content is decrypted in the content decrypting unit 112 of the DRM software. The decrypted digital content is played or transferred to an external device through the content output unit 113. The example of the DRM software is explained here in order to help the understanding of the present invention, but the content protection software may be other software content protection systems such as CAS software.
The content protection system such as the DRM, defines the requirements that the devices should comply with for the safe distribution of digital content, and the device should be manufactured in accordance with these requirements. Representative examples of these requirements include a robustness rule and a compliance rule. Each content protection system standardization organization or DRM solution company defines the robustness rule and compliance rule for each system. If a device implementing the content protection system does not comply with these requirements, the device cannot be certified by the standardization organizations or DRM companies.
In particular, the robustness rule relates to a security level which a system should comply with. For example, robustness rule describes how strongly a secret key of a device or a key for digital content or a decrypted digital content must be protected in the device.
Different software content protection systems may have different robustness rules. Content protection software handling more important data requires a higher security level, while content protection software handling less important data requires a relatively lower security level.
However, since the security feature of a content device is determined when the device is manufactured, it is difficult for a content device in which a variety of content protection software systems are to be installed to satisfy the security levels of all content protection software system at the time of manufacturing the content device. Nevertheless, content protection software should not be used in a device which does not satisfy the security defined by the robustness rule; therefore it is necessary to solve this problem.