The proliferation of personal computers and handheld digital devices has opened a vast market for digital media. Many forms of media formerly available through conventional channels, such as books, photographs, paintings and illustrations, music, and motion pictures are now available in digital form.
The digital format presents both challenges and opportunities for those who invest in media production, the content owners. Digital media can be cheaply copied with a high degree of accuracy. It can be distributed over high-speed computing networks without regard for geographic boundaries. Copying and redistribution of digital media via the internet is rampant, despite often clear violations of copyright law. The music file sharing made popular by the now famous early NAPSTER® software is an example of the scope of potential digital file sharing that may occur, and the damage that such file sharing can visit upon producers of digital media content.
The potential deterioration of content owners' investments in digital media can give rise to reluctance in entering the digital marketplace. As digital networks continue to expand, however, consumers are coming to expect the convenience of a digital media experience. Consumers may be dismayed or deterred from purchasing media that is not available on-line. In short, as market demands for digital media continue to expand, the question is how to make media available in a digital format, not whether do so.
Software developers are therefore asked for solutions to the problems presented by digital media. While software developers support the expansion of digital media content, they are reluctant to limit the features of their products for the sake of digital media protection. Purchasers of software products have a selection of products that they can choose from, and they generally want maximum flexibility and power from their software. Purchasers do not wish to be restrained in the use of their computing devices by security features designed to protect content owners.
A number of attempts at protecting digital media have been made, with varying degrees of success. One notorious attempt was that of the Motion Picture Association of America (MPAA) to protect movies distributed as Digital Versatile Disks (DVDs). An industry-wide encryption algorithm was developed, called the Content Scrambling System (CSS). Most movies made available as DVDs were encrypted using CSS, and all DVD player devices were equipped with the ability to decrypt movies stored in this format. However, in an act widely attributed to a Norwegian teenager named Jon Johansen, a computer process capable of decrypting CSS was published on the internet in 1999. Using this program, called DeCSS, a DVD movie can be decrypted and stored in a standard file format. This file can be manipulated, stored, and exchanged in an unencrypted format.
While encryption has played a pivotal role in attempts to protect digital media, such media is vulnerable regardless of whether an encryption algorithm is cracked and published on the internet. Eventually, digital media that is distributed to consumers must be decrypted and exposed to those consumers. The decrypted signal can be intercepted by rogue computing components, i.e., software or hardware components that are designed or altered to perform such interception.
In response to the weakness of systems such as CSS, and other forms of digital media protection susceptible to interception, software products such as the MICROSOFT WINDOWS® family of operating systems have incorporated technology to further protect digital media. Such software is generally provided for personal computers (PCs), and so is explained here in that context. One system designed to provide such further protection is illustrated in FIG. 1.
FIG. 1 illustrates an exemplary computing environment that will be familiar to those of skill in the art. In general, this environment is separated into an application process space 108 and a protected process space 109. The protected process space 109 represents a protected memory space that cannot be accessed by unprivileged software. Application process space 108 represents memory space that can be manipulated by everyday applications 103, 104, and other software components, e.g., computing components 106 located in application process space 108. The applications 103, 104 can request services from an operating system via available Application Programming Interfaces (APIs) 102. The separation of the protected process space 109 and the application process space 108 helps to ensure that applications 103, 104 will not perform operations that destabilize the implemented protections.
In the computing environment of FIG. 1, a secure system is implemented in the protected process space 109 to access and replay media objects such as 100. The gray color in FIG. 1 designates technology that is designed to help protect digital media 107. Therefore, the media object 100 has a gray border, indicating that it is encased with some form of protection, such as encryption. The gray digital media access platform 101 and secure digital media playback service 105 are equipped with technology designed to securely unpack and render the protected media object 100. In this regard, a digital media object 100 can be processed by a secure digital media access platform 101 in protected process space 109 that may wholly or partially decrypt a media object 100. Media object 100 can then be passed to a secure digital media playback service 105 for further processing and for rendering the media object 100 into a consumable form. The path that a media object 100 takes from its original location to rendering is sometimes referred to as a Protected Media Path (PMP).
The system of FIG. 1 provides protection for media objects beyond encryption itself by unpacking and rendering a media object 100 in a secure environment. Ultimately, however, a configuration such as FIG. 1 shares a weakness similar to that of the bare encryption approach implemented by CSS. That is, both approaches are passive. While they present formidable barriers to unauthorized access of media objects, over time computing components can be discovered or created that overcome such barriers and compromise protected media objects 100. For example, components may be developed that are capable of peering into the protected media path to identify encryption keys and authentication algorithms. This is especially true when a system is provided in which the digital media access platform 101 is extensible—i.e., when third parties are permitted to develop tools, such as 106b, sometimes called “plug-ins” that can be used in conjunction with 101.
In FIG. 1, the black boxes 106 in both the protected process space 109 and the application process space 108 are computing components 106 on a computing device. The components 106 in the digital media access platform 101 may be referred to as “plug-ins” that perform features for the manipulation of media objects 100. These plug-ins, as well as all other components 106, are desirable to purchasers of software because they provide additional power and flexibility in manipulating digital media objects 100. However, some of the components 106 may be discovered to present a security risk. Other components 106 may be solely designed to gain unauthorized access to media objects 100, and serve no other useful purpose. For example, imagine that component 106a is a software component that bears the DeCSS program for breaking CSS protection on a DVD.
Therefore in addition to the historically passive approach to protecting media objects, which allows for eventual development of components that compromise protections on media objects and/or compromise protections implemented by digital media platforms, a lack of flexibility in media object protection is a shortcoming in the industry. The systems described above present a one-size fits all approach to protecting media when in reality various components 106 pose different levels of risk to media objects. Also, users of computing devices have differing needs that translate into differing tolerance levels for restriction in computing flexibility and power. Moreover, all digital content is not created equal, some content merits very strict protection while other content merits no protection at all. Content owners have different levels of risk that they are willing to tolerate with regard to their digital media.
In light the problems explained above, there is an unaddressed need in the industry to provide for more active protection of digital media objects that retains flexibility and power in software programs while simultaneously allowing content owners to achieve a desired level of security.