A method or service for reliably and accountably transferring useful data objects to a telecommunication terminal in a telecommunication network, wherein the telecommunication terminal takes the form of a mobile radio device or mobile telephone, in particular. In this case, the transfer or also downloading of useful data objects onto the mobile radio device is expected to take place using one of the protocols specified by the Open Mobile Alliance (OMA) or an Internet protocol (e.g., Hypertext Transfer Protocol: http). In this case, a service for the transfer can be specified in such a way that a user having an application program available on the mobile radio device (which application program can be designated as a transfer client or as a download client in the case of a simple downloading of data) should be able to transfer any useful data objects that are offered in the data communication network by one or more data provision components (e.g., servers of service providers or content providers).
The WAP Forum and its successor organization the Open Mobile Alliance (OMA) have defined various methods for managing explicit usage rights for digital content of any type, e.g., including multimedia data. In this case, it is planned to equip a useful data object, which is to be transferred, with restrictions or limitations relating to its use by the recipient or user of the mobile radio device. Therefore, the number of uses of the useful data object or also the usage duration can be limited. This is implemented in practice by describing the restrictions using a corresponding language, e.g., ODRL (Open Digital Rights Language) or the OMA DRM Rights Expression Language (REL) specified by the OMA. For the purpose of managing the rights (DRM: Digital Rights Management) associated with a (digital) useful data object, the transfer client or another special application (a so-called DRM agent) receives the rights description, analyzes it, stores it in a protected memory area (which cannot be accessed by the user on the mobile radio device) and in response to a request from the user to use the object either grants or withholds the rights in accordance with the rights description. The useful data object itself can be protected against unauthorized access either by being stored in encrypted form in a freely accessible memory area on the mobile radio device or by being managed by a special application, e.g., the DRM agent, which does not allow any unauthorized access to the object by the user.
In accordance with a variant called “Separate Delivery” which is specified for managing DRM-protected content by the Open Mobile Alliance, a useful data object that is provided by a data provision component is encrypted and packaged into a so-called container file or a so-called container object (which is assigned, e.g., the data type or content type “Application/VND.OMA.DRM.Content”) for transporting and storing on a telecommunication terminal such as a mobile radio device. Using a service for reliably transferring contents from a data provision component (content download), the encrypted useful data object which has been packaged into the container object is transferred to the telecommunication terminal by means of WAP protocols (e.g., WSP: Wireless Session Protocol) or Internet protocols (e.g., http). Separately from the encrypted useful data object, a so-called rights object is transferred to the telecommunication terminal via a secure channel and, e.g., automatically by means of WAP Push.
The rights object contains a description of the rights which are granted to the user for using the encrypted useful data object, a reference to the container object (which reference allows an assignment of the rights object to the corresponding container object) and a key with which the encrypted useful data object can be decrypted in order that it can subsequently be used. A special entity or application (which can be the aforementioned DRM agent) is required on the telecommunication terminal (e.g., the mobile radio device, in order to use the combination of the encrypted useful data object which is packaged in the container object and the rights object). Following the transfer of the rights object to the telecommunication entity, the rights object is passed directly to the DRM agent, which is responsible for the management and safeguarding of the secret (i.e., the key for decrypting the encrypted useful data object).
In practical terms, the DRM agent stores the rights object on the telecommunication terminal in such a way that it is protected against unauthorized access by other applications or users. When an encrypted useful data object is to be used, the DRM agent is activated first. The DRM agent searches the memory area which it manages in the telecommunication entity for a rights object that corresponds to the container object (using the identification which is included in the container object and in the rights object), checks whether rights can be granted for the requested type of usage (e.g., a “playback” of music data or a “display” of image data, etc.) and decrypts the useful data object using the key from the rights object if the rights can be granted.
Using the method described above (in which an encrypted useful data object and a separate rights object can be used), the value of digital data is no longer represented by the (encrypted) useful data object or the container object itself (e.g., but rather by the rights object and the key that is contained therein, without which the encrypted useful data object is clearly unusable). Consequently, the encrypted useful data objects which are packaged in the container objects can be stored in a freely accessible manner on the telecommunication terminal.
Since the (encrypted) useful data objects to be transferred can be data objects having multimedia contents (as mentioned above) and consequently involve significant amounts of data, a service offering a substantial transfer capacity is required for a corresponding transfer of such data. For example, a Multimedia Messaging Service (MMS) specified by the 3GPP (3rd Generation Partnership Project), and an OMA capable of performing switching and transfer of multimedia messages to and from mobile communication subscribers.
A combination of both DRM and MMS techniques is, therefore, beneficial. MMS allows valuable digital content to be transferred to other subscribers, wherein the actual usage rights for the content can be defined and transferred likewise. For this, the contents are packaged into the DRM container objects and optionally encrypted (depending on the selected DRM method). The use of the contents can, therefore, be restricted to the addressed recipient/recipients of the MMS message. Therefore, unwanted subsequent circulation resulting from the first recipient simply forwarding a message can be prevented.
Subscriber-based services can be seen as an example for the use of a combination of DRM and MMS. For this, a user places an order with a provider of such a service for the supply of useful data objects (including image contents, audio contents, text contents or other information contents) of any type on the basis of availability (i.e., on a regular basis if specific events occur). For example, a video sequence showing the occurrence in the case of a goal in a football match, a current weather forecast including an image of a weather map and audio information explaining the map, or the like.
As shown in FIG. 1, the provider uses its data provision component DBK (e.g., a data server in the Internet) to send the user, at his or her telecommunication terminal TG1, the desired information in the form of encrypted useful data objects NDO via MMS. For example, the useful data object/objects NDO (which are integrated in a multimedia message MM) reach the telecommunication terminal TG1 via a switching component VK (e.g., taking the form of an MMS switching unit, in Push Mode at time points which the user cannot normally predict and without the user having explicitly to initiate a loading process for the download). This example represent a significant difference in comparison with the so-called Pull Mode, in which the user must always send the provider an explicit request in order to receive a desired useful data object.
In parallel therewith, the rights provider (who can be identical to the aforementioned service provider) uses the data provision component DBK to send the rights object(s) RO assigned to the encrypted useful data object NDO to the telecommunication terminal TG1 of the user (e.g., using WAP Push via a WAP Push Proxy Gateway PPG). This means that useful data object and rights object(s) reach the terminal of the recipient on separate paths and asynchronously. In the telecommunication terminal TG1, the MMS messages MM (which are transferred via the switching component, and in particular include the useful data objects NDO) are received and processed by an MMS user application MUA, and the rights objects RO are received and managed by a DRM agent DA. The MMS user application MUA and the DRM agent DA are interconnected in order that the encrypted useful data object can be activated using the corresponding rights object. The MMS user application MUA and the DRM agent DA can be software applications, which are executed in the telecommunication terminal TG1 by a processing unit (not shown) such as a microprocessor.
As mentioned above, the encrypted useful data objects and the corresponding binary rights objects are transferred on separate independent transport channels. In this case, the transfer is normally unsynchronized relative to time. Only when both objects are present on the receiving terminal can the protected contents of a useful data object be used on the terminal. When using http or the special variant of the Open Mobile Alliance for downloading useful data objects onto mobile terminals (so-called “OMA Download”), the user actively requests a specific useful data object by means of a so-called “http Get-Request,” which useful data object is subsequently supplied to the user in the so-called “http Response-Message.” When a DRM-protected useful data object is supplied in this way, in addition to the useful data object, the provider can also supply a rights object via Short Message Service (SMS) or WAP Push.
In other words, when receiving DRM-protected useful data objects via MMS and corresponding rights objects in a manner that is unsynchronized relative to time, it was not conventionally possible to adapt the behavior of the telecommunication terminal, specifically to the considerations of DRM. An incoming MMS message MM containing DRM-protected useful data objects NDO is directly signaled to the user in a first receive message via a user interface GUI (cf. FIG. 1), which features (e.g., a display DSP and a loudspeaker LS). If the user opens the message and the required rights objects are not yet present, the use of the useful data object(s) by the user is initially refused by the terminal.
Following the arrival of the corresponding rights object(s), the user is additionally notified in a second receive message that a use of the useful data object in the multimedia message is now possible. This type of information representation on the terminal is relatively unsatisfactory for the user since although the user is initially informed of the arrival of the multimedia message, he or she is not able to use it because the required rights objects have not usually been received (as a result of the useful data object and rights object(s) being received asynchronously relative to time as described above). Only when the user is informed a second time that the required rights objects have also arrived now, can he or she actually use the message. Consequently, the user is unnecessarily informed twice, as well as being reminded on the first occasion that the useful data object is subject to a protection, i.e., certain restrictions.
The present invention, therefore, addresses the problem of producing a user-friendly possibility for signaling the receipt of a usable useful data object on a telecommunication terminal.