Today content is distributed over the fixed Internet to portable devices such as mobile telephones and hand held devices. To prevent unauthorized copying etc., a digital rights management (DRM) scheme is used to protect the content. In the prior art, the content has been delivered in a session over a channel established between a computer, such as a content server, belonging the content provider or rights issuer, and a mobile device. The content is encrypted with a key and this key is sent to the mobile device separately and further encrypted with another key, which is associated with a mobile device. To form the encrypted key, the computer needs information from the mobile device, usually an identity number/public key and a random number. The content provider sends the encrypted key together with rights and permissions in a so called rights object. The mobile device will then be able to decrypt the content using information contained in the rights object.
One problem for a manufacturer of portable devices is that there is no established DRM standard. Open Mobile Alliance has put forth a standard for DRM targeted at download over the wireless network and peer-to-peer distribution using Obex and Bluetooth. The main problem with the OMA specification is that it does not cover the use of file-based DRM, e.g. using USB and memory cards. This effectively makes the specification useless for the case when a personal computer is connected to a content provider server for later delivery to the mobile device, or the case when the content is first downloaded to an external memory for later delivery to the mobile device.