WO2015189833A1 - Streaming of secure content in a home network - Google Patents

Streaming of secure content in a home network Download PDF

Info

Publication number
WO2015189833A1
WO2015189833A1 PCT/IB2015/054513 IB2015054513W WO2015189833A1 WO 2015189833 A1 WO2015189833 A1 WO 2015189833A1 IB 2015054513 W IB2015054513 W IB 2015054513W WO 2015189833 A1 WO2015189833 A1 WO 2015189833A1
Authority
WO
WIPO (PCT)
Prior art keywords
token
asset
network device
protected
license
Prior art date
Application number
PCT/IB2015/054513
Other languages
French (fr)
Inventor
Alan John Sullivan
Grant Peter SIMMS
Shirley Elspeth SCHWIKKARD
Ashley Vincent Stanford DRIVER
Original Assignee
Altech Multimedia (Pty) Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Altech Multimedia (Pty) Limited filed Critical Altech Multimedia (Pty) Limited
Publication of WO2015189833A1 publication Critical patent/WO2015189833A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1012Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to domains
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/4104Peripherals receiving signals from specially adapted client devices
    • H04N21/4126The peripheral being portable, e.g. PDAs or mobile phones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2541Rights Management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/43615Interfacing a Home Network, e.g. for connecting the client to a plurality of peripherals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management

Definitions

  • This invention relates to a method and system for streaming secure assets such as secure media from a local data base forming part of a local network, such as a home network, to media renderer devices also forming part of the network.
  • a known, but only partial solution is to download and store media data which is not copy protected on a local data base in the form of a hard drive in the set top box and to play the media data on a single audio visual renderer device, typically a television set, which is connected to the set top box.
  • a single audio visual renderer device typically a television set
  • Such devices may include, but is not limited to a television set, a music player, a computer, tablet, multimedia mobile phone etc.
  • providers of assets such as studios place restrictions on a system and method for streaming assets, more particularly premium content within a home network.
  • These restrictions include, amongst others, a copy protection regime to be applied to the assets, a limitation on the number of network devices in the network, the network devices must be registered at a central and remote license server and at the time of streaming, the network device must be within a limited distance from the master device, to ensure that the streaming is done to a network device within the home network and not externally of the home network.
  • One known solution is to protect the asset with a copy protection system such as a digital rights management (DRM) system, such as Micro Soft (MS) PlayReady.
  • DRM digital rights management
  • MS Micro Soft
  • the solution would then employ an MS PlayReady specification whereby the set-top box acts as network device transmitter and the network device acts as network device receiver.
  • the transmitter On a request by the receiver for a licence or token to be able to decrypt the DRM protected asset, the transmitter then creates a derivative license, which is derived from its own license, and bound to the network device and transfers the asset to that network device.
  • a disadvantage of this indirect form of license acquisition is the dearth of applications developed to support the MS PlayReady specification on third party devices that would typically be used as network devices. Another may be that such an indirectly derived license may be more restricted than the original license and perhaps unnecessarily so. Another may be a possible compromise of the protected asset data.
  • asset or “assets” shall mean content in the form of media including but not limited to audio, still images, text, animation, video, and multimedia which may be a combination of any of the aforementioned such as audio visual and interactivity content forms.
  • the method may comprise, before forwarding the license message, protecting at the license server the token of the copy protection system with a token associated with the network device; and on the network device, utilizing a token corresponding to the token associated with the network device to remove the protection from the protected copy protection token, to yield the copy protection token.
  • the request for a license may be required to comply with a second set of rules, before the license server forwards the license message comprising the copy protection token.
  • the copy protection system may be a digital rights management (DRM) system and the copy protected asset may be a DRM protected asset comprising the asset encrypted with a respective DRM key, before the DRM protected asset is caused to be pre-stored on the local database.
  • DRM digital rights management
  • the DRM protected asset is streamed unaltered (including that it is not repackaged) from the database to the network device where it is decrypted and played.
  • the DRM system may be MS PlayReady and the standard MS PlayReady encryption and decryption software may be used. Also, since the DRM protection of the asset remains unaltered until received on the network device, it is believed that the security of the method is not compromised.
  • the token corresponding to the token associated with the network device may comprise a device key which is uniquely associated with the network device and which is pre-stored on the network device.
  • the device key may be pre-stored in the network device in secure memory, for example secure silicon.
  • the token associated with the network device may be derived from the device key during registration at the license server of a pairing between the master device and the network device and whereafter the token associated with the network device may be stored in the license server and associated with a unique identification number (UID) of the network device.
  • UID unique identification number
  • the method may comprise, at the license server, loading the copy protection token into one of a customer field, element and tag of the license message.
  • the method may comprise causing a proximity check to be performed between the master device and a network device requesting the asset to be streamed to it and if the check is passed, causing the master device to act as a gateway for a request from the network device to the remote license server for a license.
  • a system configured for performing the above method.
  • a computer program comprising software code portions configured for, when executed by a processor or processors of the system, performing the above method.
  • a method of streaming an asset which is protected with a unique token of a copy protection system within a local area network comprising a master device and a plurality of network devices, the method comprising he steps of, at the master device:
  • the checks may comprise one or more of a proximity test to ensure that the network device is within the network, whether the network device is paired with the master device and the network device is registered at a backend of which the license server forms part.
  • the method may include the further step of the master device acting as a gateway for the request to the license server.
  • the method may comprise the step of causing the master device to stream to the network device the asset from a database forming part of the network and on which the asset has been pre-stored.
  • a master device configured for performing the above method.
  • a computer program comprising software code portions configured for, when executed by a processor on the master device, performing the steps of the above method.
  • Also included within the scope of the invention is a method of streaming an asset which is protected with a unique token of a copy protection system within a local area network comprising a master device and a plurality of network devices, the method comprising, at the local area network:
  • the method may comprise forwarding to the master device a request for an asset to be streamed to the network device; receiving from the master device data to be incorporated in the request for a license to decrypt the asset; and including the data in the request for a license.
  • a computer program comprising software code portions configured for, when executed by a processor on the network device, performing the steps of the above method.
  • a network device configured for performing the above method.
  • a network device for receiving a data stream comprising an asset which is protected with a unique token of a copy protection system which is associated with a first set of rules and for playing the asset according to the first set of rules, the network device comprising means for receiving a license comprising the token of the copy protection system in a form protected by a token associated with the network device; a secure memory arrangement storing an associated token required to remove the protection from the protected token of the copy protection system; and a processor for using the associated token to remove the protection from the protected token of the copy protection system to yield the token of the copy protection system and for using the token of the copy protection system to process the copy protected asset and to play the asset according to the first set of rules.
  • a method of enabling streaming of an asset which is protected with a unique token of a copy protection system within a local area network comprising a master device and a plurality of network devices comprising, at a central license server:
  • the protected copy protection token may be loaded into one of a customer field, element and tag of the license message.
  • the method may comprise performing checks whether data in the request complies with prescribed rules; and if the checks are passed, forwarding to the network device the license message.
  • the license may be downloaded into said network device via an internet protocol link and via the master device.
  • the license may be downloaded via an internet protocol link directly into the network device.
  • a backend comprising a license server and a management system configured for performing the above method.
  • a central license server for a system for streaming to a network device in any of a plurality of local networks each also comprising a master device and a local database an asset which is pre-stored on the database of the local network in a form wherein the asset is protected by a unique token of a copy protection system, the central license server comprising a database storing in respect of each of the master devices and the network devices a respective device token; a processor for protecting the token of the copy protection system with the device token of the network device to be streamed to and for generating a license to play the protected asset comprising the protected token of the copy protection system.
  • FIG 1 is a high level block diagram illustrating an example embodiment of a system for streaming secure assets, more specifically digital rights management (“DRM”) protected assets, from a local database forming part of a home network to network devices also forming part of the home network;
  • DRM digital rights management
  • FIG. 2 is a more detailed block diagram of the system
  • FIG. 3 is an even more detailed block diagram
  • figure 4 is another high level block diagram of an example embodiment of the system and an associated method.
  • FIG 1 there is illustrated an example embodiment of a system 10 for streaming secure assets, more specifically digital rights management (“DRM”) protected assets, from a local database 12 forming part of a home network 14 to network devices 16.1 to 16.n also forming part of the home network.
  • DRM digital rights management
  • the home network 14 comprises a master device or node 18 which may for example be in the form of a set top box and which typically, but not necessarily, houses the local database 12 in the form of a mass data storage device which may comprise a hard disc drive and/or a solid state arrangement or drive.
  • the network 14 also comprises at least one network device 16.1. In other embodiments the network may comprise a plurality of network devices.
  • the master device 18 is communicatively connected to the network devices 16.1 to 16.n by e.g. wireless links, typically radio frequency links 20.
  • FIG 2 there is illustrated a method of streaming within the local area network 14 an asset Asseti which is protected [Assetl ]DR KI with a unique token DRMKi of a copy protection system which is associated with a first set of rules.
  • the method comprises causing the copy protected asset [Assetl ]DR KI to be pre-stored on a database 12 in the network 14 and which database is connected to the master device 18.
  • a request for a license 44 (shown in figure 4) to play the asset is forwarded from the network device 16.1 requiring the asset to be streamed to it to a remote central license server 24.
  • the token DRMKi of the copy protection system is protected [DRMKi] DK 456 at 31 by a token DK456 which is associated with the network device 16.1 and forwarded to be downloaded from the license server 24 into said network device 16.1.
  • a locally stored token DK 4 5 6 associated with the network device is used to remove at 90 the protection from the protected copy protection token, to yield the copy protection token DRMKi,
  • the copy protected asset [Assetl ]DRMKI is streamed at 50 from the database 12 to the network device 16.1.
  • the copy protection token DRMKi is used at 62 to play the copy protected asset [Assetl ] D RMKI on the network device according to the first set of rules.
  • the copy protection system may be a digital rights management (DRM) system and the raw assets may, after ingestion at backend 25, be DRM protected by DRM encryption as shown at 27.
  • Each asset, Asseti to Assetn is encrypted with a respective unique DRM key, DRMKi to DRMK n .
  • the DRM protected assets, [Asseti] D MKi to [AssetJoRMKn are stored in encrypted asset database 29 of content server 40.
  • a respective decryption key DRMKi to DRMK n is required to play the protected assets according to the first set of rules, which are the rules of the DRM system.
  • a system and method are described in the applicant's co-pending international application entitled "Delivery of DRM content to distributed user stations", the content of which are incorporated herein by this reference.
  • the master device 18 and each of the network devices could comprise one or more of an asset receiver device, an asset storage and/or server device and an asset renderer device.
  • the asset receiver is a device that can receive assets from external sources such as assets delivered via a broadcast network (which may for example be satellite based 42 or terrestrial based (not shown)), assets delivered via internet streaming, or assets uploaded from (video) cameras.
  • the asset storage and/or server device is a device that can store assets and serve as a source of assets for other devices. Such a device may for example comprise a video/audio/image recorder, a hard drive, a solid state arrangement or drive, a local music library server, a local photo archive, a mobile phone, or a personal computer.
  • the asset renderer is a device that can render or play to the user video/audio asset, such as a television set or a music player.
  • each of the master device 18 and network devices could combine functionalities of the asset receiver, asset storage and/or server device and asset renderer.
  • a tablet 16.1 or smart phone within the home network 14 could serve as both an asset storage device and an asset renderer and the master device 18 could serve as an asset receiver, an asset server and an asset renderer.
  • the master device 18 of the home network 14 is preferably permanently connected via any suitable link 22, such as an Asymmetric Digital Subscriber Line (ADSL) and/or Global System for Mobile (GSM) communications link according to Internet Protocol (IP) to a remote and central backend 25 comprising the license server 24 and a subscriber management system 26.
  • ADSL Asymmetric Digital Subscriber Line
  • GSM Global System for Mobile
  • IP Internet Protocol
  • the content provider delivers the protected assets [Asseti]oRMKi to [AssetnlDRMKn to a user station 14 by pre-loading the assets from the content server 40 via a first communications path comprising a satellite up and down link 42 onto the local database 12 of the master device 18 at the home network.
  • the master device 18 When a network device, such as tablet 16.1 requires a pre- stored protected asset [Asset1] D RiviKi for example, to be streamed from the database 12 and to be played on the network device, the master device 18 preferably acts as a gateway for the request 44 (see figure 4) from the network device 16.1 to the remote central backend 25 comprising the license server 24 for a license comprising the required decryption key DRMKi.
  • the request is forwarded via a second communications path comprising the link 22.
  • the license comprising the required decryption key DRMKT (and not an indirect or derived license) is sent at 46 from the license server 24 to the network device 16.1 via link 22, either via the master device as shown at 22.1 or directly as shown at 22.2, a shown in figure 2.
  • the decryption key DRMl i is protected by encrypting at 31 the decryption key with a device key DK ⁇ that is associated with the network device by means of a U ID, T 456 , of the network device and both of which are stored in the device key database.
  • a corresponding device key DK456, which is required at the network device 16.1 for decrypting the latter encryption, may be renewably pre-stored on the network device 16.1 at 94 in secure silicon.
  • the device key DK 45 6 is used on the network device to decrypt at decrypter 90 the protected DRM decryption key [DRMK1]DK456 to yield the DRM decryption key, DRMK1.
  • the DRM decryption key DRMK1 is used on the network device 16.1 to decrypt on the network device 16.1 the protected asset [Asset1]oRMKi which is streamed at 50 from the master device 18 to the network device 16.1 in the DRM protected form in which it is pre-stored in the database 12.
  • a license acquisition is initiated.
  • a request for a license token is made to the master device 18 (using a Secure Sockets Layer (SSL) encrypted Representational State Transfer (REST) command containing a secure pairing cookie).
  • the content URL and (if necessary) parental Personal Identification Number (PIN) are also sent.
  • the master device 18 checks parental level of the asset and if the level is above a user configured level, the master device will look for and verify the parental PIN. If the pairing and parental checks pass, a proximity check 48 (shown in figure 4) is initiated.
  • SSL Secure Sockets Layer
  • REST Representational State Transfer
  • An unencrypted nonce value is sent to the device 16.1 with an IP Time To Live (TTL) value of 1 .
  • the device 16.1 encrypts the nonce with a private RSA key (generated during pairing and registration and which are referred to below) and return same as a proximity check response.
  • the master device 18 times the response and if received within a suitable interval (for example 7ms plus RSA encryption time), it will issue to the tablet 16.1 a time- stamped and encrypted secure token containing the master device Unique Identifier (UID) and the network device or tablet UID.
  • the tablet 16.1 packages this token into its license request 44 along with the subscriber payment PIN (if required for selected payment model) and issues the license request directly to the license server 24.
  • UID master device Unique Identifier
  • the token may be packaged in a customer element or field or tag of the MS PlayReady message.
  • the license server 24 passes the token to the management system 26 (shown in figure 1 ) at the backend 25, which verifies the authenticity of the master device 1 8 using existing security mechanisms and also verifies (based on device UID) that the tablet 16.1 is registered and paired with the master device 18 that issued the token. If the tablet 16.1 passes the registration and pairing checks, subscription checks and payments checks (and account PIN verification, if necessary) are performed. If all the relevant ones of these checks are passed, the license server 24 issues the license to the tablet 16.1 as shown at 46.
  • At least the protected DRM key [DRMK1 ] D K456 may be packaged in a customer field or element or tag of the message comprising the license. If a license has already been issued to any other network device registered in the same account for the premium asset being requested, a new license will be issued (without requiring additional payment) for the tablet 16.1 for the remainder of a validity period for the premium asset. Checks for assets not authorised for mobile device streaming (e.g. HD assets) may be done prior to issuing the license, though such assets would not normally be made visible for browsing on the mobile device in the first place.
  • assets not authorised for mobile device streaming e.g. HD assets
  • the remaining validity window (time until license expires) for Transactional Video on Demand (TVoD) assets may be communicated back to the master device 18, so that it can correctly display the fact that the asset has been acquired as well as the remaining license time for users on the master device and users on other connected network devices, to access the asset.
  • TVoD Transactional Video on Demand
  • the device e.g. device 16.1
  • the device must first make a request to the master device 18 for the master device 18 to authorise the streaming.
  • the request will check that the device is paired with the master device, if a parental PIN check is required, and if the asset is in the clear (i.e. not protected e.g. a preview) or premium. If the asset is premium, checks are done (using the master device's remote service agent 76 and usage manager) to ensure that it is not already being streamed or rendered on any other device (including the master device). Once these checks pass, the device 16.1 will be allowed to request a stream for the corresponding asset from the master device.
  • the streaming format may be MS Smooth Streaming or HTTP Live Streaming (HLS). All premium assets are streamed DRM encrypted, that is, as they are pre-stored on the local database 12.
  • the master device 18 has the ability to terminate any or all streaming sessions either by user request or in the event of streaming subscription cancellation/expiry.
  • the license server 24 creates a license, adds the encrypted DRM key to the license, and signs the license by using a private signing key.
  • the license server 24 delivers the signed license to the network device 16.1 , as explained above.
  • the encrypted DRM key [DRMK 1 ] D K456 is processed as explained above and a DRM component 62 (in an example embodiment standard MS PlayReady decryption software) on the device 16.1 verifies the signature and expiration date of the certificate, and places the license in the license store.
  • the DRM component 62 decrypts packets of the requested DRM protected [Asseti]oRMKi which is streamed at 50 from the local database 12 and plays the decrypted Asseti according to the first set of rules on the display 64.
  • remote device administration services module 70 facilitates user interaction to pair and register/deregister network devices and to control streaming permission of any or all streaming sessions.
  • Usage reporting service 72 caches usage events when the master device
  • Management system calls 74 related to network devices include new device registration and deregistration, TVoD payment mode (pin based or threshold based) and usage reporting.
  • the remote device service agent 76 is accessed by network devices 16.1 to 16.n using an SSL REST interface and also indirectly via the streaming server 78.
  • the remote device service agent 80 handles licence requests, secure token data generation, device pairing/unpairing requests, proximity checks, parental PIN level and parental PIN verification, usage reporting and asset browsing for network devices. It also manages streaming request authorisation and can terminate streaming sessions.
  • Streaming server 78 uses the remote device service agent 76 for concurrent stream limit authorisation cookie check, usage reporting and parental PIN check.
  • Device pairing uniquely associates the network device 16.1 to 16.n with the master device or node (STB) 18.
  • the device pairing state is communicated to the backend 25 as well as UID's of the paired devices.
  • Device registration stores at 24 UID details (including device description details) of the network devices 16.1 to 16.n in the backend
  • Master devices 18 are discovered by network devices 16.1 to 16.n on the home network 14 using Universal Plug and Play (UPnP).
  • UPN Universal Plug and Play
  • a pairing request is sent to the master device from the network device 16.1 to 16.n at a user's request.
  • This pairing request and all subsequent communications, except for asset streaming and the proximity check, are communicated via an SSL link to the master device.
  • the master device 18 (which needs to be in a pairing Ul screen before the process begins) displays a random
  • the access/PIN code on the connected TV display.
  • the user enters the access/PIN code from the network device 16.1 to 16.n and the code is subsequently communicated to the master device 18.
  • the master device 18 verifies the PIN and requests a UID and device description details from the network device 16.1 to 16. n.
  • the UID is compatible with the operating system of the respective network device 16.1 to 16.n.
  • the network device description details include operating system details, screen size etc, as well as the public key of an RSA key pair used for proximity check cryptography.
  • the master device 18 generates a standardised network device universally unique identifier (UUID) based on the MAC or any other UID, and sends a backend registration request containing such UUID, the network device details and the device keys DK 12 3 and DK_i56 which are stored in secure silicon and securely authenticates the master device 18 and network device 16.1 respectively.
  • the backend 25 verifies that the network device UUID is not already registered with any other account. If the network device is already paired on another account, an option to unpair it and repair with the new account is offered.
  • the backend 25 also checks that the account associated with the master device 18 does not have more than n, typically 4, other network devices already associated with it.
  • the backend 25 registers the network device 16.1 to 16.n by associating its UUID with the master device 18.
  • the master device then generates a secure cookie with a random unique value as well as the network device UUID, to indicate and authorise future pairing. A copy of this cookie is stored on the master device 18 and sent to the network device 16.1 to 16. n.
  • the master device also keeps a copy of the public RSA key generated by the network device 16.1 to 16.n during registration.
  • the network device deletes any other pre-existing secure pairing cookies as well as any other persistent licenses from its license store. Unpairing of a network device ideally needs the network device 16.1 to 16.n to be connected to the master device 18 which in turn is connected to the backend 25, so that the pairing state of all three systems can be changed simultaneously, and any remaining licenses deleted from the network device.
  • Functionality to browse assets, receive parental control level from the master device 18, receive the account payment model type (PIN-less or PIN based) is managed through SSL encrypted REST web server 80 (shown in figure 3) of the master device 18.
  • the secure cookie (generated during pairing) is sent with all transactions.
  • Assets that are not permitted for network device streaming e.g. HD assets
  • the indicator for streaming permission is in the asset metadata, but the ultimate security rests within the backend 25. The backend will not issue a license to any network device 16.1 to 16.n for assets not authorised for streaming.
  • Metadata provided to the network device 16.1 to 16.n needs to include parental control level as well as information as to whether or not an existing license has already been issued to the master device (or any other network device linked to the account) for TVoD assets, and if so, the remaining viewing time for each asset.
  • Remaining TVoD license time is known to the master device 18 if the asset was purchased directly on the master device, or is communicated from network devices 16.1 to 16.n to the master device 18 at the time of license acquisition, if the asset was purchased using a network device.
  • system and method are suitable for supporting not only TVoD, but also Subscription Video on Demand (SVoD).
  • SVoD Subscription Video on Demand

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Technology Law (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

A local area network 14 comprises a master device 18 and a plurality of network devices 16.1 to 16. n. A method of streaming an asset Asset1 which is protected with a DRM key DRMK1 within the local area network 14 comprises causing the DRM encrypted asset [Asset1]DRMK1 to be pre-stored on a database 12 in the network. A request for a license to play the asset is forwarded from a network device 16.1 requiring the asset to be streamed to it to a remote central license server 24. A license message comprising the DRM key required to decrypt the protected asset is forwarded from the backend into said network device 16.1. The copy protected asset [Asset1]DRMK1 is streamed from the database 12 to the network device. The key DRMK1 is used on the network device to play the protected asset on the network device according to the DRM rules.

Description

STREAMING OF SECURE CONTENT IN A HOME NETWORK
INTRODUCTION AND BACKGROUND
This invention relates to a method and system for streaming secure assets such as secure media from a local data base forming part of a local network, such as a home network, to media renderer devices also forming part of the network.
In technologically advanced regions of the world with adequate broad bandwidth internet connectivity, protected media data is satisfactorily streamed via the internet from a remote source to be played on demand and in real time on a renderer system at a local user station (such as a home) comprising a set top box connected to an audio visual renderer device. On the other hand, in other regions of the world (which include areas in developed countries, developing countries and least developed countries) there is not adequate internet connectivity and therefore players of media data "on demand" are associated with unacceptable time delays after the demand and/or frustrating intermittent buffering.
A known, but only partial solution is to download and store media data which is not copy protected on a local data base in the form of a hard drive in the set top box and to play the media data on a single audio visual renderer device, typically a television set, which is connected to the set top box. However, there is a need also to be able to play the media data on other home network devices (including mobile devices) which may be connectable to the set top box serving as master device of the home network. Such devices may include, but is not limited to a television set, a music player, a computer, tablet, multimedia mobile phone etc.
However, providers of assets, such as studios place restrictions on a system and method for streaming assets, more particularly premium content within a home network. These restrictions include, amongst others, a copy protection regime to be applied to the assets, a limitation on the number of network devices in the network, the network devices must be registered at a central and remote license server and at the time of streaming, the network device must be within a limited distance from the master device, to ensure that the streaming is done to a network device within the home network and not externally of the home network.
One known solution is to protect the asset with a copy protection system such as a digital rights management (DRM) system, such as Micro Soft (MS) PlayReady. The solution would then employ an MS PlayReady specification whereby the set-top box acts as network device transmitter and the network device acts as network device receiver. On a request by the receiver for a licence or token to be able to decrypt the DRM protected asset, the transmitter then creates a derivative license, which is derived from its own license, and bound to the network device and transfers the asset to that network device. A disadvantage of this indirect form of license acquisition is the dearth of applications developed to support the MS PlayReady specification on third party devices that would typically be used as network devices. Another may be that such an indirectly derived license may be more restricted than the original license and perhaps unnecessarily so. Another may be a possible compromise of the protected asset data.
OBJECT OF THE INVENTION
Accordingly, it is an object of the present invention to provide a method and system for streaming secure assets in a home network with which the applicant believes the aforementioned disadvantages may at least be alleviated or which may provide a useful alternative for the known systems and methods. SUMMARY OF THE INVENTION
In this specification, unless the context otherwise indicates, the terms "asset" or "assets" shall mean content in the form of media including but not limited to audio, still images, text, animation, video, and multimedia which may be a combination of any of the aforementioned such as audio visual and interactivity content forms.
According to the invention there is provided a method of streaming an asset which is protected with a unique token of a copy protection system which is associated with a first set of rules within a local area network comprising a master device and a plurality of network devices, the method comprising:
- causing the copy protected asset to be pre-stored on a database in the network and which database is connected to the master device;
- causing a request for a license to play the asset to be forwarded from a network device requiring the asset to be streamed to it, the request being forwarded to a remote central license server;
- forwarding from the license server, a license message comprising the copy protection token to be downloaded into said network device;
- causing the copy protected asset to be streamed from the database to the network device; and
- on the network device, causing the copy protection token to be used to play the copy protected asset on the network device according to the first set of rules.
The method may comprise, before forwarding the license message, protecting at the license server the token of the copy protection system with a token associated with the network device; and on the network device, utilizing a token corresponding to the token associated with the network device to remove the protection from the protected copy protection token, to yield the copy protection token.
The request for a license may be required to comply with a second set of rules, before the license server forwards the license message comprising the copy protection token.
The copy protection system may be a digital rights management (DRM) system and the copy protected asset may be a DRM protected asset comprising the asset encrypted with a respective DRM key, before the DRM protected asset is caused to be pre-stored on the local database.
Hence, the DRM protected asset is streamed unaltered (including that it is not repackaged) from the database to the network device where it is decrypted and played. The DRM system may be MS PlayReady and the standard MS PlayReady encryption and decryption software may be used. Also, since the DRM protection of the asset remains unaltered until received on the network device, it is believed that the security of the method is not compromised.
The token corresponding to the token associated with the network device may comprise a device key which is uniquely associated with the network device and which is pre-stored on the network device. The device key may be pre-stored in the network device in secure memory, for example secure silicon.
The token associated with the network device may be derived from the device key during registration at the license server of a pairing between the master device and the network device and whereafter the token associated with the network device may be stored in the license server and associated with a unique identification number (UID) of the network device.
The method may comprise, at the license server, loading the copy protection token into one of a customer field, element and tag of the license message.
The method may comprise causing a proximity check to be performed between the master device and a network device requesting the asset to be streamed to it and if the check is passed, causing the master device to act as a gateway for a request from the network device to the remote license server for a license.
According to another aspect of the invention there is provided a system configured for performing the above method. According to yet another aspect of the invention there is provided a computer program comprising software code portions configured for, when executed by a processor or processors of the system, performing the above method.
Further according to the invention there is provided a method of streaming an asset which is protected with a unique token of a copy protection system within a local area network comprising a master device and a plurality of network devices, the method comprising he steps of, at the master device:
- receiving a request from a network device for an asset to be streamed to the network device;
- performing checks to determine if the network device is authorized to be streamed to; and
- if the checks are passed, providing the network device with data for use in a request from the network device to a remote license server for a license to play the asset.
The checks may comprise one or more of a proximity test to ensure that the network device is within the network, whether the network device is paired with the master device and the network device is registered at a backend of which the license server forms part. The method may include the further step of the master device acting as a gateway for the request to the license server.
Also, the method may comprise the step of causing the master device to stream to the network device the asset from a database forming part of the network and on which the asset has been pre-stored.
According to another aspect of the invention there is provided a master device configured for performing the above method.
Still further according to the invention there is provided a computer program comprising software code portions configured for, when executed by a processor on the master device, performing the steps of the above method.
Also included within the scope of the invention is a method of streaming an asset which is protected with a unique token of a copy protection system within a local area network comprising a master device and a plurality of network devices, the method comprising, at the local area network:
- causing the copy protected asset to be pre-stored on a database in the network and which database is connected to the master device; - causing a request for a license to play the asset to be forwarded from a network device requiring the asset to be streamed to it, the request being forwarded to a remote central license server;
- receiving at the network device from the license server a token of the copy protection system which is required to play the protected asset,
- receiving a data stream from the local database comprising the copy protected asset; and
- utilizing the copy protection token to unprotect the copy protected asset and to play the asset according to rules of the copy protection system.
The method may comprise forwarding to the master device a request for an asset to be streamed to the network device; receiving from the master device data to be incorporated in the request for a license to decrypt the asset; and including the data in the request for a license.
Still further according to the invention there is provided a computer program comprising software code portions configured for, when executed by a processor on the network device, performing the steps of the above method. According to another aspect of the invention there is provided a network device configured for performing the above method.
More particularly there is provided a network device for receiving a data stream comprising an asset which is protected with a unique token of a copy protection system which is associated with a first set of rules and for playing the asset according to the first set of rules, the network device comprising means for receiving a license comprising the token of the copy protection system in a form protected by a token associated with the network device; a secure memory arrangement storing an associated token required to remove the protection from the protected token of the copy protection system; and a processor for using the associated token to remove the protection from the protected token of the copy protection system to yield the token of the copy protection system and for using the token of the copy protection system to process the copy protected asset and to play the asset according to the first set of rules.
Further according to the invention a method of enabling streaming of an asset which is protected with a unique token of a copy protection system within a local area network comprising a master device and a plurality of network devices, the method comprising, at a central license server:
receiving from a network device a request for a license to play the copy protected asset which is pre-stored on a database in the network and to be streamed in copy protected form to the network device;
protecting the token of the copy protection system with a token associated with the network device; and
downloading from the license server into said network device, a license message comprising the protected copy protection token.
At the license server, the protected copy protection token may be loaded into one of a customer field, element and tag of the license message.
The method may comprise performing checks whether data in the request complies with prescribed rules; and if the checks are passed, forwarding to the network device the license message.
Still further according to the invention there is provided a computer program comprising software code portions configured for, when executed by a processor at the backend, performing the steps of the above method.
The license may be downloaded into said network device via an internet protocol link and via the master device. Alternatively, the license may be downloaded via an internet protocol link directly into the network device. According to another aspect of the invention there is provided a backend comprising a license server and a management system configured for performing the above method.
More particularly there is provided a central license server for a system for streaming to a network device in any of a plurality of local networks each also comprising a master device and a local database an asset which is pre-stored on the database of the local network in a form wherein the asset is protected by a unique token of a copy protection system, the central license server comprising a database storing in respect of each of the master devices and the network devices a respective device token; a processor for protecting the token of the copy protection system with the device token of the network device to be streamed to and for generating a license to play the protected asset comprising the protected token of the copy protection system.
BRIEF DESCRIPTION OF THE ACCOMPANYING DIAGRAMS
The invention will now further be described, by way of example only, with reference to the accompanying diagrams wherein:
figure 1 is a high level block diagram illustrating an example embodiment of a system for streaming secure assets, more specifically digital rights management ("DRM") protected assets, from a local database forming part of a home network to network devices also forming part of the home network;
figure 2 is a more detailed block diagram of the system;
figure 3 is an even more detailed block diagram; and
figure 4 is another high level block diagram of an example embodiment of the system and an associated method.
DESCRIPTION OF A PREFERRED EMBODIMENT OF THE INVENTION
In figure 1 there is illustrated an example embodiment of a system 10 for streaming secure assets, more specifically digital rights management ("DRM") protected assets, from a local database 12 forming part of a home network 14 to network devices 16.1 to 16.n also forming part of the home network.
The home network 14 comprises a master device or node 18 which may for example be in the form of a set top box and which typically, but not necessarily, houses the local database 12 in the form of a mass data storage device which may comprise a hard disc drive and/or a solid state arrangement or drive. The network 14 also comprises at least one network device 16.1. In other embodiments the network may comprise a plurality of network devices. The master device 18 is communicatively connected to the network devices 16.1 to 16.n by e.g. wireless links, typically radio frequency links 20. In figure 2 there is illustrated a method of streaming within the local area network 14 an asset Asseti which is protected [Assetl ]DR KI with a unique token DRMKi of a copy protection system which is associated with a first set of rules. The method comprises causing the copy protected asset [Assetl ]DR KI to be pre-stored on a database 12 in the network 14 and which database is connected to the master device 18. A request for a license 44 (shown in figure 4) to play the asset is forwarded from the network device 16.1 requiring the asset to be streamed to it to a remote central license server 24. At the license server, the token DRMKi of the copy protection system is protected [DRMKi]DK456 at 31 by a token DK456 which is associated with the network device 16.1 and forwarded to be downloaded from the license server 24 into said network device 16.1. On the network device, a locally stored token DK456 associated with the network device is used to remove at 90 the protection from the protected copy protection token, to yield the copy protection token DRMKi, The copy protected asset [Assetl ]DRMKI is streamed at 50 from the database 12 to the network device 16.1. On the network device, the copy protection token DRMKi is used at 62 to play the copy protected asset [Assetl ]DRMKI on the network device according to the first set of rules.
The copy protection system may be a digital rights management (DRM) system and the raw assets may, after ingestion at backend 25, be DRM protected by DRM encryption as shown at 27. Each asset, Asseti to Assetn, is encrypted with a respective unique DRM key, DRMKi to DRMKn. The DRM protected assets, [Asseti]D MKi to [AssetJoRMKn, are stored in encrypted asset database 29 of content server 40. A respective decryption key DRMKi to DRMKn is required to play the protected assets according to the first set of rules, which are the rules of the DRM system. A system and method are described in the applicant's co-pending international application entitled "Delivery of DRM content to distributed user stations", the content of which are incorporated herein by this reference.
The master device 18 and each of the network devices could comprise one or more of an asset receiver device, an asset storage and/or server device and an asset renderer device. The asset receiver is a device that can receive assets from external sources such as assets delivered via a broadcast network (which may for example be satellite based 42 or terrestrial based (not shown)), assets delivered via internet streaming, or assets uploaded from (video) cameras. The asset storage and/or server device is a device that can store assets and serve as a source of assets for other devices. Such a device may for example comprise a video/audio/image recorder, a hard drive, a solid state arrangement or drive, a local music library server, a local photo archive, a mobile phone, or a personal computer. The asset renderer is a device that can render or play to the user video/audio asset, such as a television set or a music player. Of course, each of the master device 18 and network devices could combine functionalities of the asset receiver, asset storage and/or server device and asset renderer. For example, a tablet 16.1 or smart phone within the home network 14 could serve as both an asset storage device and an asset renderer and the master device 18 could serve as an asset receiver, an asset server and an asset renderer.
The master device 18 of the home network 14 is preferably permanently connected via any suitable link 22, such as an Asymmetric Digital Subscriber Line (ADSL) and/or Global System for Mobile (GSM) communications link according to Internet Protocol (IP) to a remote and central backend 25 comprising the license server 24 and a subscriber management system 26.
As illustrated in figures 2 and 4, in one example embodiment of the invention, the content provider delivers the protected assets [Asseti]oRMKi to [AssetnlDRMKn to a user station 14 by pre-loading the assets from the content server 40 via a first communications path comprising a satellite up and down link 42 onto the local database 12 of the master device 18 at the home network. When a network device, such as tablet 16.1 requires a pre- stored protected asset [Asset1]DRiviKi for example, to be streamed from the database 12 and to be played on the network device, the master device 18 preferably acts as a gateway for the request 44 (see figure 4) from the network device 16.1 to the remote central backend 25 comprising the license server 24 for a license comprising the required decryption key DRMKi. The request is forwarded via a second communications path comprising the link 22. The license comprising the required decryption key DRMKT (and not an indirect or derived license) is sent at 46 from the license server 24 to the network device 16.1 via link 22, either via the master device as shown at 22.1 or directly as shown at 22.2, a shown in figure 2. However, as stated above, at the license server 24 the decryption key DRMl i is protected by encrypting at 31 the decryption key with a device key DK^ that is associated with the network device by means of a U ID, T456, of the network device and both of which are stored in the device key database. A corresponding device key DK456, which is required at the network device 16.1 for decrypting the latter encryption, may be renewably pre-stored on the network device 16.1 at 94 in secure silicon. The device key DK456 is used on the network device to decrypt at decrypter 90 the protected DRM decryption key [DRMK1]DK456 to yield the DRM decryption key, DRMK1. The DRM decryption key DRMK1 is used on the network device 16.1 to decrypt on the network device 16.1 the protected asset [Asset1]oRMKi which is streamed at 50 from the master device 18 to the network device 16.1 in the DRM protected form in which it is pre-stored in the database 12.
More particularly and referring to figure 3, when a user wants to pay for and view a premium asset on the tablet 16.1 , a license acquisition is initiated. A request for a license token is made to the master device 18 (using a Secure Sockets Layer (SSL) encrypted Representational State Transfer (REST) command containing a secure pairing cookie). The content URL and (if necessary) parental Personal Identification Number (PIN) are also sent. The master device 18 checks parental level of the asset and if the level is above a user configured level, the master device will look for and verify the parental PIN. If the pairing and parental checks pass, a proximity check 48 (shown in figure 4) is initiated. An unencrypted nonce value is sent to the device 16.1 with an IP Time To Live (TTL) value of 1 . The device 16.1 encrypts the nonce with a private RSA key (generated during pairing and registration and which are referred to below) and return same as a proximity check response. The master device 18 times the response and if received within a suitable interval (for example 7ms plus RSA encryption time), it will issue to the tablet 16.1 a time- stamped and encrypted secure token containing the master device Unique Identifier (UID) and the network device or tablet UID. The tablet 16.1 packages this token into its license request 44 along with the subscriber payment PIN (if required for selected payment model) and issues the license request directly to the license server 24. In one example embodiment wherein MS Playready is used as the DRM system, the token may be packaged in a customer element or field or tag of the MS PlayReady message. The license server 24 passes the token to the management system 26 (shown in figure 1 ) at the backend 25, which verifies the authenticity of the master device 1 8 using existing security mechanisms and also verifies (based on device UID) that the tablet 16.1 is registered and paired with the master device 18 that issued the token. If the tablet 16.1 passes the registration and pairing checks, subscription checks and payments checks (and account PIN verification, if necessary) are performed. If all the relevant ones of these checks are passed, the license server 24 issues the license to the tablet 16.1 as shown at 46. In one example embodiment wherein MS PlayReady is used as the DRM system, at least the protected DRM key [DRMK1 ]DK456 may be packaged in a customer field or element or tag of the message comprising the license. If a license has already been issued to any other network device registered in the same account for the premium asset being requested, a new license will be issued (without requiring additional payment) for the tablet 16.1 for the remainder of a validity period for the premium asset. Checks for assets not authorised for mobile device streaming (e.g. HD assets) may be done prior to issuing the license, though such assets would not normally be made visible for browsing on the mobile device in the first place. The remaining validity window (time until license expires) for Transactional Video on Demand (TVoD) assets may be communicated back to the master device 18, so that it can correctly display the fact that the asset has been acquired as well as the remaining license time for users on the master device and users on other connected network devices, to access the asset.
Hence, for streaming to a network device 16.1 to 16.n, the device, e.g. device 16.1 , must first make a request to the master device 18 for the master device 18 to authorise the streaming. The request will check that the device is paired with the master device, if a parental PIN check is required, and if the asset is in the clear (i.e. not protected e.g. a preview) or premium. If the asset is premium, checks are done (using the master device's remote service agent 76 and usage manager) to ensure that it is not already being streamed or rendered on any other device (including the master device). Once these checks pass, the device 16.1 will be allowed to request a stream for the corresponding asset from the master device. All streamed assets will have TTL=1 to limit distribution externally of the home network 14. All streaming start requests are reported via the usage service for buy data reporting. The streaming format may be MS Smooth Streaming or HTTP Live Streaming (HLS). All premium assets are streamed DRM encrypted, that is, as they are pre-stored on the local database 12. The master device 18 has the ability to terminate any or all streaming sessions either by user request or in the event of streaming subscription cancellation/expiry.
As stated above, the license server 24 creates a license, adds the encrypted DRM key to the license, and signs the license by using a private signing key. The license server 24 delivers the signed license to the network device 16.1 , as explained above. At the device 16.1 , the encrypted DRM key [DRMK1]DK456 is processed as explained above and a DRM component 62 (in an example embodiment standard MS PlayReady decryption software) on the device 16.1 verifies the signature and expiration date of the certificate, and places the license in the license store. The DRM component 62 decrypts packets of the requested DRM protected [Asseti]oRMKi which is streamed at 50 from the local database 12 and plays the decrypted Asseti according to the first set of rules on the display 64.
Still referring to figure 3, remote device administration services module 70 facilitates user interaction to pair and register/deregister network devices and to control streaming permission of any or all streaming sessions. Usage reporting service 72 caches usage events when the master device
18 is offline. Management system calls 74 related to network devices include new device registration and deregistration, TVoD payment mode (pin based or threshold based) and usage reporting. The remote device service agent 76 is accessed by network devices 16.1 to 16.n using an SSL REST interface and also indirectly via the streaming server 78. The remote device service agent 80 handles licence requests, secure token data generation, device pairing/unpairing requests, proximity checks, parental PIN level and parental PIN verification, usage reporting and asset browsing for network devices. It also manages streaming request authorisation and can terminate streaming sessions. Streaming server 78 uses the remote device service agent 76 for concurrent stream limit authorisation cookie check, usage reporting and parental PIN check.
Device pairing uniquely associates the network device 16.1 to 16.n with the master device or node (STB) 18. The device pairing state is communicated to the backend 25 as well as UID's of the paired devices. Device registration stores at 24 UID details (including device description details) of the network devices 16.1 to 16.n in the backend
25, and associates it with the device keys DK and a user or subscriber (SUB) account.
Master devices 18 are discovered by network devices 16.1 to 16.n on the home network 14 using Universal Plug and Play (UPnP). A pairing request is sent to the master device from the network device 16.1 to 16.n at a user's request. This pairing request and all subsequent communications, except for asset streaming and the proximity check, are communicated via an SSL link to the master device. The master device 18 (which needs to be in a pairing Ul screen before the process begins) displays a random
(access/PIN) code on the connected TV display. The user enters the access/PIN code from the network device 16.1 to 16.n and the code is subsequently communicated to the master device 18. The master device 18 verifies the PIN and requests a UID and device description details from the network device 16.1 to 16. n. The UID is compatible with the operating system of the respective network device 16.1 to 16.n. The network device description details include operating system details, screen size etc, as well as the public key of an RSA key pair used for proximity check cryptography.
The master device 18 generates a standardised network device universally unique identifier (UUID) based on the MAC or any other UID, and sends a backend registration request containing such UUID, the network device details and the device keys DK123 and DK_i56 which are stored in secure silicon and securely authenticates the master device 18 and network device 16.1 respectively. The backend 25 in turn verifies that the network device UUID is not already registered with any other account. If the network device is already paired on another account, an option to unpair it and repair with the new account is offered.
The backend 25 also checks that the account associated with the master device 18 does not have more than n, typically 4, other network devices already associated with it. The backend 25 then registers the network device 16.1 to 16.n by associating its UUID with the master device 18. The master device then generates a secure cookie with a random unique value as well as the network device UUID, to indicate and authorise future pairing. A copy of this cookie is stored on the master device 18 and sent to the network device 16.1 to 16. n. The master device also keeps a copy of the public RSA key generated by the network device 16.1 to 16.n during registration.
Once a network device 16.1 to 16.n is successfully paired, the network device deletes any other pre-existing secure pairing cookies as well as any other persistent licenses from its license store. Unpairing of a network device ideally needs the network device 16.1 to 16.n to be connected to the master device 18 which in turn is connected to the backend 25, so that the pairing state of all three systems can be changed simultaneously, and any remaining licenses deleted from the network device.
In the case of lost/unservicable network devices, or, user accounts that no longer exist, there are facilities to unpair a network device using the master device without the network device being connected, as well as to unpair the network device using an unpaired master device 18 registered to another account.
Functionality, to browse assets, receive parental control level from the master device 18, receive the account payment model type (PIN-less or PIN based) is managed through SSL encrypted REST web server 80 (shown in figure 3) of the master device 18. The secure cookie (generated during pairing) is sent with all transactions. Assets that are not permitted for network device streaming (e.g. HD assets) are not made available to the mobile device for browsing (or streaming). The indicator for streaming permission is in the asset metadata, but the ultimate security rests within the backend 25. The backend will not issue a license to any network device 16.1 to 16.n for assets not authorised for streaming.
Metadata provided to the network device 16.1 to 16.n needs to include parental control level as well as information as to whether or not an existing license has already been issued to the master device (or any other network device linked to the account) for TVoD assets, and if so, the remaining viewing time for each asset.
Remaining TVoD license time is known to the master device 18 if the asset was purchased directly on the master device, or is communicated from network devices 16.1 to 16.n to the master device 18 at the time of license acquisition, if the asset was purchased using a network device.
It will be appreciated that there are many variations in detail on the invention without departing from the scope and spirit of this disclosure. For example, the system and method are suitable for supporting not only TVoD, but also Subscription Video on Demand (SVoD).

Claims

Claims
1. A method of streaming an asset which is protected with a unique token of a copy protection system which is associated with a first set of rules within a local area network comprising a master device and a plurality of network devices, the method comprising:
- causing the copy protected asset to be pre-stored on a database in the network and which database is connected to the master device;
- causing a request for a license to play the asset to be forwarded from a network device requiring the asset to be streamed to it, the request being forwarded to a remote central license server;
- forwarding from the license server, a license message comprising the copy protection token to be downloaded into said network device;
- causing the copy protected asset to be streamed from the database to the network device; and
- on the network device, causing the copy protection token to be used to play the copy protected asset on the network device according to the first set of rules.
2. A method as claimed in claim 1 comprising, before forwarding the license message, protecting at the license server the token of the copy protection system with a token associated with the network device; and on the network device, utilizing a token corresponding to the token associated with the network device to remove the protection from the protected copy protection token, to yield the copy protection token.
A method as claimed in claim 1 or claim 2 wherein the request for a license is required to comply with a second set of rules before the license server forwards the license message comprising the protected copy protection token.
A method as claimed in any one of claims 1 to 3 wherein the copy protection system is a digital rights management (DRM) system and wherein the copy protected asset is a DRM protected asset comprising the asset encrypted with a respective DRM key, before the DRM protected asset is caused to be pre-stored on the local database.
A method as claimed in any one of claims 2 to 4 wherein the token corresponding to the token associated with the network device comprises a device key which is uniquely associated with the network device and which is pre-stored on the network device.
A method as claimed in claim 5 wherein the device key is presto red in the network device in secure memory.
A method as claimed in any one of claims 2 to 6 wherein the token associated with the network device is derived from the device key during registration at the license server of a pairing between the master device and the network device and whereafter the token associated with the network device is stored in the license server and associated with a unique identification number (UID) of the network device.
A method as claimed in any one of claims 1 to 7 wherein at the license server the copy protection token is loaded into one of a customer field, element and tag of the license message.
A method of streaming an asset which is protected with a unique token of a copy protection system within a local area network comprising a master device and a plurality of network devices, the method comprising, at the local area network:
- causing the copy protected asset to be pre-stored on a database in the network and which database is connected to the master device; - causing a request for a license to play the asset to be forwarded from a network device requiring the asset to be streamed to it, the request being forwarded to a remote central license server;
- receiving at the network device from the license server a token of the copy protection system which is required to play the protected asset,
- receiving a data stream from the local database comprising the copy protected asset; and
- utilizing the copy protection token to unprotect the copy protected asset and to play the asset according to rules of the copy protection system.
10. A method of enabling streaming of an asset which is protected with a unique token of a copy protection system within a local area network comprising a master device and a plurality of network devices, the method comprising, at a central license server:
receiving from a network device a request for a license to play the copy protected asset which is pre-stored on a database in the network and to be streamed in copy protected form to the network device;
protecting the token of the copy protection system with a token associated with the network device; and downloading from the license server into said network device, a license message comprising the protected copy protection token.
11. A method as claimed in claim 10 wherein the license is downloaded into said network device via an internet protocol link and via the master device.
12. A method as claimed in claim 10 wherein the license is downloaded via an internet protocol link directly into the network device.
13. A method as claimed in any one of claims 10 to 12 wherein at the license server, the protected copy protection token is loaded into one of a customer field, element and tag of the license message.
14. A central license server for a system for streaming to a network device in any of a plurality of local networks each also comprising a master device and a local database an asset which is pre-stored on the database of the local network in a form wherein the asset is protected by a unique token of a copy protection system, the central license server comprising a database storing in respect of each of the master devices and the network devices a respective device token; a processor for protecting the token of the copy protection system with the device token of the network device to be streamed to and for generating a license to play the protected asset comprising the protected token of the copy protection system.
15. A network device for receiving a data stream comprising an asset which is protected with a unique token of a copy protection system which is associated with a first set of rules and for playing the asset according to the first set of rules, the network device comprising means for receiving a license comprising the token of the copy protection system in a form protected by a token associated with the network device; a secure memory arrangement storing an associated token required to remove the protection from the protected token of the copy protection system; and a processor for using the associated token to remove the protection from the protected token of the copy protection system to yield the token of the copy protection system and for using the token of the copy protection system to process the copy protected asset and to play the asset according to the first set of rules.
PCT/IB2015/054513 2014-06-13 2015-06-15 Streaming of secure content in a home network WO2015189833A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
ZA201404375 2014-06-13
ZA2014/04375 2014-06-13
ZA201404785 2014-06-27
ZA2014/04785 2014-06-27

Publications (1)

Publication Number Publication Date
WO2015189833A1 true WO2015189833A1 (en) 2015-12-17

Family

ID=53496906

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/IB2015/054516 WO2015189834A1 (en) 2014-06-13 2015-06-15 Delivery of drm protected content to distributed user stations
PCT/IB2015/054513 WO2015189833A1 (en) 2014-06-13 2015-06-15 Streaming of secure content in a home network

Family Applications Before (1)

Application Number Title Priority Date Filing Date
PCT/IB2015/054516 WO2015189834A1 (en) 2014-06-13 2015-06-15 Delivery of drm protected content to distributed user stations

Country Status (1)

Country Link
WO (2) WO2015189834A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3474170A1 (en) * 2017-10-23 2019-04-24 Disney Enterprises, Inc. User account access management

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040139027A1 (en) * 2003-01-13 2004-07-15 Sony Corporation Real-time delivery of license for previously stored encrypted content
US20060242069A1 (en) * 2005-04-21 2006-10-26 Petr Peterka Digital rights management for local recording and home network distribution
WO2012012579A1 (en) * 2010-07-20 2012-01-26 Verimatrix, Inc. Digital rights domain management for secure content distribution in a local network

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7779482B1 (en) * 2003-02-07 2010-08-17 iGware Inc Delivery of license information using a short messaging system protocol in a closed content distribution system
JP2005057435A (en) * 2003-08-01 2005-03-03 Sony Corp Client equipment, content processing method for client equipment, and contents providing system
US20070055982A1 (en) * 2005-09-02 2007-03-08 Netgear Inc. System and method for digital content media distribution

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040139027A1 (en) * 2003-01-13 2004-07-15 Sony Corporation Real-time delivery of license for previously stored encrypted content
US20060242069A1 (en) * 2005-04-21 2006-10-26 Petr Peterka Digital rights management for local recording and home network distribution
WO2012012579A1 (en) * 2010-07-20 2012-01-26 Verimatrix, Inc. Digital rights domain management for secure content distribution in a local network

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3474170A1 (en) * 2017-10-23 2019-04-24 Disney Enterprises, Inc. User account access management
US10536440B2 (en) 2017-10-23 2020-01-14 Disney Enterprises, Inc. User account access management

Also Published As

Publication number Publication date
WO2015189834A1 (en) 2015-12-17

Similar Documents

Publication Publication Date Title
US10754930B2 (en) Remotely managed trusted execution environment for digital rights management in a distributed network with thin clients
US8413256B2 (en) Content protection and digital rights management (DRM)
US10055553B2 (en) PC secure video path
CN105075172B (en) Video distribution and playback
US9438584B2 (en) Provisioning DRM credentials on a client device using an update server
CN101938468B (en) Digital content protecting system
CA2865548C (en) Systems, methods and apparatuses for the secure transmission and restricted use of media content
US20050204038A1 (en) Method and system for distributing data within a network
JP4847145B2 (en) Method for managing consumption of digital content in a client domain and apparatus embodying the method
JP2008547312A (en) Multimedia access device registration system and method
WO2001098903A1 (en) Methods and systems to distribute content via a network utilizing distributed conditional access agents and secure agents, and to perform digital rights management (drm)
AU2001269856A1 (en) Methods and systems to distribute content via a network utilizing distributed conditional access agents and secure agents, and to perform digital rights management (drm)
JP2005539291A (en) Method for monitoring digital content provided by a content provider via a network
JP2010536298A (en) Method and apparatus for partial encryption of digital content
US10440409B2 (en) Method and device allowing an access control system to be applied to the protection of streamed video
WO2014182858A2 (en) Authorization of media content transfer between home media server and client device
US20230132485A1 (en) System for Thin Client Devices in Hybrid Edge Cloud Systems
CN103152321A (en) Digital rights management of streaming contents and services
WO2015189833A1 (en) Streaming of secure content in a home network
CN109005427B (en) Encrypted video playing method, device and equipment and storage medium
EP4242883A1 (en) Method and system for managing content data access
EP3428816A1 (en) Method and system for authorizing a mobile device to access a digital content
JP2014161043A (en) Multimedia access device registration system and method
KR20160108072A (en) System and method for providing contents

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15732959

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15732959

Country of ref document: EP

Kind code of ref document: A1