1. Field of the Invention
Apparatuses and methods consistent with the present invention relate to implementing a secure clock having no internal power source.
2. Description of the Related Art
It is common for recent secure services to require accurate time information. Accurate time information also plays an important role in authentication and electronic signatures. Time information is utilized to verify a counterpart's authentication value or signature value. There are cases where the validity of the license or rights is limited using time information in Digital Rights Management (DRM). For example, the right to execute some content can be set to be valid within a specific time period. In reality, such a function is used for rights objects used in Open Mobile Alliance (OMA) DRM and licenses used in Microsoft's Windows Media DRM.
In order to meet such needs, it is necessary to implement a clock within a device. In a completely secure clock, time cannot be arbitrarily changed by a user; time information must be set only using a secure clock source. Since a clock must continuously operate even when it is implemented within a device, the device must have a battery therein. However, devices, such as a memory card and a smart card, do not have batteries therein. Furthermore, it is very difficult to update the time information of devices that cannot directly access the clock source.
The construction of a conventional secure clock includes a clock source 30, a device 1 (10) possessing a license or rights, and a device 2 (20) accessing the device 1 (10) and possessing and executing content, as shown in FIG. 1.
A clock control unit 11 included in the device 1 (10) acquires accurate time information from the external clock source 30, and sets and stores current time information in a time information unit 12 based on the acquired time information. Furthermore, the clock control unit 11 precludes a user from attempting to directly modify time information, thus preventing arbitrary manipulation that is not based on the clock source 30.
A power source 13 supplies power to the clock control unit 11 and the time information unit 12. As described above, the conventional device 1 (10) essentially requires an internal power source and does not provide a method of operating the clock when power is not supplied.
The clock source 30 exists outside the device 1 (10) and is a supply source for providing accurate current time information to the device 1 (10). The clock source 30 is generally operated by a trustworthy third party. If there are several clock sources, it is necessary to synchronize the time information of the clock sources.
In the construction of FIG. 1, the device 1 (10) and the device 2 (20) perform the following operation in order to maintain a trustworthy and secure clock.
Each of the devices 10 and 20 receives trustworthy time information from a clock source and stores the received time information therein. If the devices 10 and 20 cannot directly access the clock source but can access a counterpart device, the counterpart device receives time information from the clock source.
If the device 1 (10) and the device 2 (20) are connected to each other, they exchange and compare the pieces of stored time information and synchronize the pieces of time information based on the time information stored later. Synchronization is performed by storing the time information stored later in the time information unit 12. As a result, the two devices 10 and 20 maintain the same time information.
Such time information synchronization can be effectively used in a distributed environment. In a distributed environment such as a ubiquitous environment, devices may exist which cannot directly access a clock source. Accordingly, the devices receive and store time information stored in another device.
Meanwhile, an example of communication between the conventional device having no power source therein and a host device having a power source therein may be communication between a recordable medium such as a memory card, and the host device. A memory card device conventionally used as a simple data storage device has been used as a device for storing a rights object or a license to apply security policies.
FIG. 2 is a diagram showing a conventional operational process that occurs between a recordable medium 30 having no internal power source and a host device 40 accessing a recordable medium and receiving a rights object.
The host device 40 first requests the consumption of the rights object from the recordable medium 30 at step S1. The recordable medium 30 provides the decoding key of a DRM content object to the host device 40 in response thereto at step S2. Thereafter, the host device 40 requests the update of the DRM rights object from the recordable medium 30 at step S4 while playing the DRM content object at step S3. The recordable medium 30 transfers a rights object update acknowledgement to the host device 40 in response to the request at step S5. Steps S4 and S5 are repeated until step S3 of playing the content object is completed.
In the existing technique, one device selects the best time information and stores the selected best time information therein. Therefore, the best time information is merely selected from a plurality of pieces of external time information, and additional new time information is not created.
If only devices that cannot directly access a clock source exist, or if it is temporarily impossible to access a clock source, further update of the time information is impossible after all of the devices have been updated based on the latest time information to synchronize the devices. In addition, devices having no internal power source must frequently receive time information from another device or an external time information source, such as a clock source.
Furthermore, in the case where a process of periodically updating time information is repeated as shown in FIG. 2, communication between devices may be degraded due to the process. The time information of the recordable medium remains inaccurate until the next update.