Digital Rights Management (DRM) is a technique for avoiding illegal distribution and copying of digital contents so that only legitimate users can use the contents, and for managing rights of digital contents by using an accounting service or the like.
Open Mobile Alliance (OMA) DRM widely used as a de factor standard of the DRM technique is currently being standardized by an OMA international standard organization. A standard document of the OMA DRM technique contains technical descriptions regarding encryption of contents and reliable transmission to a device such as a portable terminal by packaging a key used for encryption in a format of a Rights Object (RO). Since the release of the OMA DRM version 1.0 in 2002, the OMA DRM version 2.0 was released in 2006, followed by the OMA DRM version 2.1 in 2007. The Secure Removable Media (SRM) technical standard version 1.0 was released in 2008, and in this standard, the DRM technique can be extended to an external memory (e.g., a memory card, a smart card, etc.) in addition to a portable phone. Examples of functions provided in the SRM 1.0 extended from the OMA DRM 2.0 include a function of moving an RO from a mobile device to a memory card or a smart card (i.e., Device to SRM Move), a function of moving the RO from the memory card or the smart card to the mobile device (i.e., SRM to Device Move), and a function of consuming the RO stored in the memory card or the smart card to reproduce contents by the device (i.e., Local Rights Consumption).
In the OMA DRM 2.0 and its subsequent versions, a contents encryption key is managed using a Public Key Infrastructure (PKI) scheme. The PKI scheme uses secure asymmetric key encryption such as a Rivest-Shamir-Adleman (RSA) encryption algorithm and is recognized as a very secure key management system. Disadvantageously, however, the PKI scheme is not managed by a strongly reliable organization. Therefore, there is a need for a system in which a key is issued and managed by a strongly reliable organization (e.g., a governmental organization).
The OMA DRM 2.0 provides various functions, for example, protocol messaging for delivering an RO from a service/contents provider to a device, protection of a contents encryption key and packaging of the RO, contents encryption and packaging, sharing of the RO between devices, etc.
In general, the RO contains a Contents IDentifier (CID) as contents information so as to manage the RO on a contents basis.
When the RO contains only the CID as the contents information, if the RO does not exist together with corresponding contents, that is, if only the RO is moved to another storage medium, a problem arises in that information on the contents cannot be determined using the CID.
Further, there is another problem in that an access path of contents or its equivalent information does not exist in information related to the RO.
Accordingly, to solve the aforementioned problems, there is a need for an apparatus and method for transmitting additional information on the contents together with the transmission of an RO.