In general, the DRM, a technique for stably protecting RO with respect to a digital content and systematically managing the digital content (or digital contents), provides a system for preventing the content from being illegally duplicated (copied), obtaining the RO with respect to the content, and protecting and managing a usage process of the content.
FIG. 1 shows a general structure of a DRM system.
The general DRM system controls a user, upon receiving digital content from a contents provider, to use the received digital content as much as the RO given to the user. In this respect, the contents provider is an entity corresponding to a contents issuer (CI) and/or a rights issuer (RI).
The CI issues content (referred to hereinafter as ‘DRM content’ (or ‘digital content’)) protected by using a particular coding key to protect the content against a non-authorized user, and the RI issues the RO required for allowing using of the DRM content.
A DRM agent installed in a terminal receives the DRM content and the RO from the CI and the RI respectively, and controls using of the DRM content in the corresponding terminal by interpreting permission and/or constraint included in the RO.
The RO is divided into a stateful RO and a stateless RO (or a Non-stateful RO). The stateless RO is an RO that the terminal does not manage state information. The stateful RO is an RO that the terminal should elucidatorily manage state information so that permission(s) and constraint(s) indicated in the RO can be accurately applied. The constraint(s) managed by the state information include(s) at least one of <interval>, <count>, <timed-count> and <accumulated>.
The state information is information that indicates an amount available to use the content in the future and single state information is managed for each stateful RO. For example, the state information can be managed in the form of the spent usage number, and a spent usage time, etc., or can be managed in the form of the available usage number or a available usage time.
In general, the RO is encoded (or encrypted) by a public key of a particular device, so if a device does not have a private key that makes a pair with the public key, it cannot decode or use (or play) the DRM content related to the RO.
Thus, the general DRM system has many problems. That is, when the RO and its related DRM content are stored in a secure removable media (SRM) or a memory card such as a multimedia card, etc., if the RO is not issued for a terminal, the terminal cannot read the DRM content from the memory card (or SRM) to use it, although the memory card (or SRM) is inserted into the terminal.
In addition, in the general DRAM system, a certain RO is issued for a particular terminal, so if the secure removable media (SRM) stores the RO and its DRM content, only the particular terminal can read the DRM content and the RO from the SRM to use the DRM content, degrading utilization of the SRM.