There is a growing market for supplying different types of computer codes or media products by transferring data over a communication network. Typical examples are downloading of e.g. music recordings, computer code, images, video sequences or literal creations. Most such data entities are related to some kind of copyrights. However, the fast development in computer network technology has opened up for unauthorized distribution and copying.
In this technical field, there is a need for content providers and operators to control the usage of downloaded media objects. Download is the means by which a media object is delivered to the device where it is going to be utilized. In order to provide such a protection, different Digital Rights Management (DRM) concepts have been developed. DRM is thus the means to control the usage of the media object once it has been downloaded.
An association of different actors in this field has cooperated within an organization Open Mobile Alliance (OMA) to provide different DRM solutions. The presently available DRM specifications are, however, not fully secured when it comes to protecting the content. Today, the usage of DRM is targeted to devices that are closed, in that sense that it is not possible to change any of the programs in the terminal, e.g. a phone. An example of such a closed phone is the SONY ERICSSON T68i. Such a device should then be suitable for handling DRM (even if the present release doesn't).
The protection of the content is in such cases guaranteed by the hardware or software of that particular type of device. If the receiving device states that it is a particular device, having a device software or supporting different DRM-associated applications, the receiving party commits itself to follow certain rules. Such statements are therefore related to some type of device-type associated commitment.
Before a media object content with DRM is sent to a receiving party, the content provider will receive information about the capability of the receiving terminal. This is typically performed using e.g. HTTP (“HypeiText Transfer Protocol”) headers such as Accept, User Agent or UAProf. The content provider uses this information to prevent sending content to terminals that does not guarantee to follow DRM guidelines.
In the published US patent application 2003/0014496 A1, a closed-loop delivery system for digital media is disclosed. Device-identifying information is provided to a content server. The content server controls or authenticates the device-identifying information against databases comprising information about devices, users and usage rights. If the particular device and its user have usage rights and appropriate functional capabilities, media content is returned. The authentication is made on the identifying information based on data stored and available only at the content provider side. This is thus a typical example of the state-of-the-art described above.