1. Field of the Invention
The present invention generally relates to Digital Rights Management (DRM) in devices communicating with portable devices, and more specifically to a mechanism that allows a Rights Issuer to be sure that his conditions for access to digital content by a device communicating with a portable device are enforced.
“Digital Rights Management” (DRM) is a set of technologies that provides the means to control the distribution and consumption of the digital media and other digital content. It allows content providers to define conditional access to the content. Examples for such conditions are “the content may only be rendered if it has not yet been rendered more than x times” or “the content may be rendered if the current date is between day y and day z”.
A DRM system enables “Content Issuers” to distribute protected content and “Rights Issuers” to issue to a user rights objects comprising the conditions for access to or usage of the delivered protected media (usage rights), which may contain permissions and/or constraints. The protection of the content is usually achieved by encryption. The decryption key or any other information necessary to access the content is also comprised by the rights objects.
Most DRM systems rely on trusted hardware. While protected (encrypted) content may be freely distributed, rights objects comprising the information necessary to access the content (e.g. the decryption keys) are only delivered to devices which are believed to be “DRM compliant”, which means that (1) the device accesses the content only if the access is covered by the usage rights comprised by the rights object, and 2 content cannot be extracted from the device and distributed to others in unprotected form, e.g. decrypted.
The type of content referred to by the examples of this document is broadcast video content. However, the invention can be applied to any type of digital content. Furthermore, in the examples of this document, the device accessing the digital content is a mobile telephone, and the portable device with which the device accessing the content communicates is a smart card. Smart cards are intrinsically secure computing platforms ideally suited for providing enhanced security and privacy functionality to applications. At the same time, they provide an isolated processing facility capable of using this information without exposing it within the host environment. They are therefore ideal candidates for trusted, DRM compliant devices. However, the invention can equally be applied to any other device accessing digital content like e.g. a PDA, a PC, or a consumer electronics device with multimedia rendering capabilities, and to any other portable device, like e.g. a Multi Media Memory card.
2. Background Art
Conditional access is enabled today in set-top boxes, which are used to perform the deciphering of video streams to be displayed on a TV set. Furthermore, smart cards are used in the set-top boxes which facilitate conditional access in pay TV. The smart card helps to identify the user and to attribute to the user conditional access rights for TV channels or video on demand.
Rendering streamed or broadcast video now is also enabled on mobile devices like mobile phones or PDAs (mobile handsets hereafter). The handsets receive the video using the DVB-H (Digital Video Broadcasting-Handheld) technology for video broadcast, or other streaming video technologies that are available on fast UMTS communication channels.
There is a growing need for DRM systems in the mobile industry to enable operators and content providers to make digital content available to consumers in a controlled manner. As we will see below, smart cards can play a role in managing conditional access in video broadcast for handsets, as they do already today in Pay TV using set-top boxes. The handset may already be connected to a smart card like a SIM (Subscriber Identity Module) used in GSM.
In some DRM solutions that apply to mobile handsets, i.e. OMA (Open Mobile Alliance) DRM, a Rights Issuer can authenticate a handset as DRM compliant. Only after successful authentication the Rights Issuer delivers rights objects to the handset. The rights objects then are stored and managed on the handset.
Within such a solution, rights objects are associated with a device (the handset), and not with a user. This means that if the user changes handset he has to ask the Rights Issuer to install the rights objects again—on the new device.
This problem is overcome if the rights objects are stored and managed on the smart card communicating with the device. Since the smart card usually is personalized, the rights objects can be associated directly with the user identity. Portability of the rights objects when using other handsets is facilitated. Furthermore, if the smart card is hacked, a new generation of smart cards with new security features can be deployed very rapidly, for little extra costs. It is far cheaper to replace the smart card than to replace the handset.
However, the Rights Issuers are interested in that the smart card makes sure that a handset can be trusted before passing on to it decryption keys or entire rights objects to enable the handset to render the content. The smart card and the handset together have to provide the same level of trust as or a better level of trust than a trusted handset alone.
The approach of existing set-top boxes, where communication between the set-top box and the smart card is channeled by proprietary software/hardware which ensures that the box can be trusted, cannot be adopted in the mobile communications world, where any smart card has to be able to cooperate with the handsets of any manufacturer, because the smart card does not know which device is trusted by the Rights Issuer.