The present invention relates generally to the field of data communication and more specifically to rights management and securing data communicated in a network.
A growing interest in streaming distribution of multimedia streaming content over Internet Protocol (IP) networks has resulted in a growing need for key management systems. One such streaming distribution system is the Aerocast Network™ developed by Aerocast, Inc. of San Diego, Calif. As discussed with reference to FIG. 1, although the existing phase 1 Aerocast Network facilitates delivery of content, it lacks security and key management for the network.
FIG. 1 is a block diagram of a network 100 (by Aerocast) for facilitating streaming of content over a communication network.
Among other components, network 100 includes a content provider 102 for generating content intended for a consumer 116, Internet 114 through which content is streamed, and a central server 104 to which content provider 102 publishes its contents. Central server 104 contains a database 108 for storing content information, and a search engine 110 for searching database 108. Network 100 further comprises a provisioning center 106, and caching servers 112, 113 and 115.
In operation, consumer 116 wishing to access content by content provider 102, streams the content from the closest caching server, in this case, caching server 115. In conventional systems without caching servers, consumer 116 desiring such content streams obtains content directly from content provider 102. Not only does this result in poor content quality, delays associated with inadequate bandwidth may result. By using the caching servers, network 100 avoids disadvantages associated with direct streaming of digital content from content provider 202. Caching servers 112, 113 and 115 may be local DSL (digital subscriber line) providers, for example.
Network 100 provides a further advantage. When searching for content, consumer 116 need not search any and all databases on Internet 114. All content providers (including content provider 102) on network 100 publish descriptions of their content to a single central database 108. For streaming video content, for example, such descriptions may include the movie name, actors, etc. In this manner, when content is desired, consumer 116 uses search engine 110 to search database 108. When the content is found, database 108 thereafter provides a link to content provider 202 having the desired streaming content. Content provider 102 is then accessed by consumer 116 to obtain more detail. Such details include pricing information, etc.
A mechanism is provided whereby consumer 116 provides a list of caching servers closest to it to content provider 102. In response to consumer 116's request, content provider 102 selects the appropriate caching server closest to consumer 116 for streaming the content. It should be observed, however, that in today's Aerocast network content is streamed in the clear by network 100. Disadvantageously, because it is unprotected, the content may be intercepted by an unauthorized consumer resulting in substantial losses to content providers and consumers. Some of these disadvantages are resolved by the aforementioned related patent applications commonly owned and concurrently filed herewith, and hereby incorporated by reference as if set forth in its entirety in the present specification.
Generally, to deliver, manage and control streaming content, several different protocols may be employed. For example, a collection of protocols are RTP (real-time protocol), RTCP (real-time control protocol) and RTSP (real-time streaming protocol) may be employed for stream real-time data. RTP which is specified in RFC (request for comments) 1889, which runs on top of UDP (user datagram protocol).
Among other functionalities, RTP provides end to end transport functions for real time transmission of content such as audio and video over point to point or multicast services. RTCP (Real-time Control Protocol) is a companion protocol providing QoS (quality of service) monitoring and delivering statistics on the media stream session, which may be used by the sender to adjust its timing. In addition, at least in a point-to-point case (and possibly in the multicast case) RTP and RTCP are accompanied by RTSP (Real-time Session Protocol), used to request particular content, provide content description, pause and re-start the media stream for point-to-point connections, etc.
While protection for RTP packets are provided, conventional digital rights management systems provide little or no protection for RTSP and RTCP packets. Disadvantageously, such a system would be open to additional denial of service attacks due to lack of RTCP and RTSP message integrity and would not provide user privacy (e.g. for user viewing patterns). Moreover, there is no single key negotiation for each streaming session that would provide all of the keys necessary for each of the protocols associated with the media streaming (e.g. RTP/RTCP/RTSP).
Therefore, there is a need to resolve one or more of the aforementioned problems and the present invention meets this need.