WO2016068577A1

WO2016068577A1 - Method and apparatus for managing content in storage-based security system

Info

Publication number: WO2016068577A1
Application number: PCT/KR2015/011381
Authority: WO
Inventors: 조성현; 이교윤; 신아영
Original assignee: 엘지전자(주)
Priority date: 2014-10-27
Filing date: 2015-10-27
Publication date: 2016-05-06

Abstract

The present invention provides a method for reproducing a content stored in a storage device connected through at least one interface, the method comprising the steps of: transmitting transaction information stored in a detected storage device to a license server, wherein the transaction information includes a transaction identification file which identifies at least one of a corresponding transaction, a seller, and a user; receiving, from the license server, license information which grants permission to reproduce the content; and reproducing the content on the basis of the license information, wherein the license information includes a license file and a license key.

Description

Method and device for managing content in storage-based security systems

The present invention relates to a method and apparatus for managing content in a storage-based security system. In particular, the present invention relates to a method of loaning or returning content in a storage medium, a method of migrating a content library of a storage device, and a device thereof.

Recently, UHD (Ultra High Definition) technology has been introduced into smartphones, smart TVs, etc., beyond full HD (High Definition), so that high-resolution and ultra-high resolution that is secured in various fields such as movies, concerts, sports, etc. You will encounter various types of content (hereinafter referred to as 'secure high-quality content').

However, if existing playback devices cannot play secure high definition content, the user cannot use such content. Therefore, a playback device must be able to play secure high definition content, and a method for enabling playback on existing playback devices will be needed. In order to play the secured high definition content, the user needs to have a legal authority, and for more efficient management, a user may also need a management method for the secured high definition content. In addition, there will be a need for a copy protection scheme for the legitimate distribution and use of secure high definition content, and a method for managing license information for playing secure high definition content.

In addition, in order to utilize various secure high-quality content, there is a need for a method of copying or moving to another storage or another playback device, and also a method of renting or returning the secured high-quality content. You will need it.

Furthermore, if a storage device is to be upgraded or a failure occurs and a storage device needs to be replaced in a system that plays or manages secure high definition content, a library migration method will be needed.

An object of the present invention is to propose a method for enabling playback of secure high definition content even in a conventional playback device.

The present invention also proposes a method for efficiently managing secure high definition content.

In addition, the present invention is to propose a copy protection method for the legitimate distribution and use of secure high-definition content and a method for managing license information necessary for reproduction.

In addition, the present invention is to propose a method for copying or moving to another storage or another playback device, as well as a method of renting or returning the secure high definition content for various applications of the secure high definition content.

In addition, the present invention is to propose a method for performing a library migration (Library Migration) in order to more efficiently play or manage the security-applied high-definition content.

The present invention provides a system architecture including a configuration of a device capable of playing secure high definition content, a network configuration, and a transmission protocol between a server and a device.

In addition, the present invention provides a method of obtaining license information for playing secure high definition content.

In addition, the present invention provides a method for defining a session for transmitting information between devices in a secure high-definition content playback system.

The present invention also provides a method for copying or moving secure high definition content to another storage or other playback device.

In addition, the present invention provides a method for renting or returning secure high definition content.

In addition, the present invention provides a method for performing a library migration of secure high definition content.

Even when connected to a storage device that stores content in a format or profile that is not supported by the user's device, the user can automatically retrieve and / or download content on the You can play.

As a result, when the user device cannot reproduce the content stored in the storage device, the user does not have to go through a cumbersome procedure such as accessing the download server to search for the content or selecting and downloading the searched content.

In addition, even a playback device having poor performance can search for and play replaceable content so that a user can be provided with more various content services.

In addition, by providing a directory structure and a file format of high definition content, it is possible to more efficiently manage and play secure high definition content data.

In addition, by obtaining the license information of the high definition content from the license server, it is possible to use the high definition content by adding a function to an existing authenticated device and linking the added function without receiving a separate certification.

In addition, the playback device may periodically check the playback right to provide an enhanced license management function for high quality content playback.

1 is an embodiment to which the present invention is applied and is intended to describe a system for using a secure high definition content service.

2 is an embodiment to which the present invention is applied and shows a schematic internal block diagram of a reproducing apparatus for reproducing secure high definition content.

3 is an embodiment to which the present invention is applied and shows a schematic internal block diagram of a storage device capable of storing secure high definition content.

FIG. 4 is an embodiment to which the present invention is applied and is a flowchart illustrating a process of automatically turning on the power of the second playback device when the storage device is inserted into the first playback device.

5 is an embodiment to which the present invention is applied and shows a network system structure for obtaining license information for playing secure high definition content stored in a storage device.

FIG. 6 is an embodiment to which the present invention is applied and is a flowchart illustrating a licensed copy and an unlicensed copy process of secure high definition content between storage devices.

FIG. 7 is an embodiment to which the present invention is applied and is a flowchart illustrating a licensed move and an unlicensed move process of secure high definition content between storage devices.

8 is an embodiment to which the present invention is applied and is a flowchart illustrating a process of acquiring license information for playing secure high definition content stored in a storage device.

9 is an embodiment to which the present invention is applied and is a flowchart illustrating a process of providing content through a session formed between devices.

10 is an embodiment to which the present invention is applied and is a flowchart illustrating a process of providing license information through a session formed between devices.

11 is an embodiment to which the present invention is applied and shows an internal functional block diagram of a playback device and an authentication device for managing content playback rights.

FIG. 12 is an embodiment to which the present invention is applied and shows a data structure for defining a right field for loan or return in a transaction handle file.

FIG. 13 illustrates an embodiment to which the present invention is applied and includes a right field, a period field, and an encryption key field for loaning or returning a license file. Represents a data structure for defining for a field and a version field.

FIG. 14 is an embodiment to which the present invention is applied and shows a block diagram illustrating a process of renting secure high definition content from a source storage device point of view. Referring to FIG.

FIG. 15 is an embodiment to which the present invention is applied and shows a structure of a transaction handle file used when performing rental of secure high definition content.

FIG. 16 is an embodiment to which the present invention is applied and shows a structure of a license file before and after renting when renting secure high definition content.

FIG. 17 is an embodiment to which the present invention is applied and shows a block diagram for explaining a process of renting secure high definition content from a standpoint of a loan storage device. Referring to FIG.

FIG. 18 is a block diagram for describing a return process of a source storage device and a loan storage device according to an embodiment to which the present invention is applied.

19 is an embodiment to which the present invention is applied and is for explaining a process of checking rental version information when granting multiple rentals.

20 is an embodiment to which the present invention is applied and is for explaining a process of performing a rental for each profile of secure high definition content.

FIG. 21 is an embodiment to which the present invention is applied and shows a flowchart illustrating a process of borrowing a license for high definition content secured based on a source storage standard.

FIG. 22 is an embodiment to which the present invention is applied and shows a block diagram illustrating a process of renting a license for secure high definition content in a loan storage criterion.

FIG. 23 is an embodiment to which the present invention is applied and shows a flowchart illustrating a process of playing secure high definition content through a license server connection on a loan storage basis.

FIG. 24 is an embodiment to which the present invention is applied and shows a flowchart illustrating a process of playing secure high definition content without access to a license server on a loan storage basis.

FIG. 25 is an embodiment to which the present invention is applied and shows a flowchart illustrating a process of terminating rental of secure high definition content based on a source storage standard.

FIG. 26 is a flowchart illustrating a process of performing an early return on a loan storage basis according to an embodiment to which the present invention is applied.

FIG. 27 is a block diagram illustrating a rental and return process in terms of source storage and loan storage according to another embodiment to which the present invention is applied.

FIG. 28 is a flowchart illustrating a process of delivering a transaction identification file to a license server according to an embodiment to which the present invention is applied.

FIG. 29 is a block diagram illustrating a method of performing content library migration when copying or moving secure high definition content according to an embodiment to which the present invention is applied.

30 is an embodiment to which the present invention is applied and shows a structure of a transaction handle file used when performing content library migration.

FIG. 31 is a block diagram illustrating a method of performing a content library migration when a storage device is lost according to an embodiment to which the present invention is applied.

32 is an embodiment to which the present invention is applied and is a table for explaining an error code generated when a content library migration is performed.

33 is a flowchart illustrating a method of performing a content library migration for secure high definition content according to an embodiment to which the present invention is applied.

The present invention provides a method of playing content stored in a storage device connected through at least one interface, the method further comprising: transmitting transaction information stored in the detected storage device to a license server, wherein the transaction information is a corresponding transaction, seller, and user. A transaction identification file identifying at least one of the; Receiving license information for allowing the reproduction of the content from the license server; And playing the content on the basis of the license information, wherein the license information includes a license file and a license key.

In addition, the present invention, the step of requesting the license server the rental permission of the content; And receiving a response to the request from the license server.

Further, in the present invention, at least one of the transaction identification file or the license file includes a rights information field indicating a type of license, wherein the license type is for checking whether the license for the content is an original license or a rental license. It is characterized by being used.

In addition, in the present invention, the transaction identification file is characterized in that it further comprises rental version information.

In the present invention, the license file comprises at least one of rental time information, return time information, content encryption key for rental or return, and rental version information for the content.

In addition, in the present invention, if a user wants to migrate the content to another storage device, the method includes: checking whether the user is authorized to migrate the content through the license server; And as a result of the checking, migrating the content to the other storage device when there is a right to the migration of the content.

Also, in the present invention, the transaction identification file includes a migration count field, and the migration count field indicates a number of times migration is performed.

In addition, in the present invention, when the content is migrated to the other storage device, the migration count field value is increased by one.

The present invention may further include comparing the storage capacity of the other storage device with the storage capacity of the storage device. When the storage capacity of the other storage device is smaller, the migration is performed without excluding duplicated content. It is characterized by.

In the present invention, when the content is migrated, the method further includes receiving migration error information, wherein the error information includes a transaction identification file error, a license error, a content file error, a continuous file error, a secret key value error, And at least one of a title error or an authentication list error.

The present invention also provides a device for playing content stored in a storage device connected through at least one interface, the apparatus comprising: an interface unit for detecting a connection of the storage device; A control unit for transmitting transaction information stored in the detected storage device to a license server, receiving license information for allowing the reproduction of the content from the license server, and playing the content based on the license information; And a display unit for outputting the reproduced content, wherein the transaction information includes a transaction identification file for identifying at least one of a corresponding transaction, a seller, and a user, wherein the license information includes a license file and a license key. Provided is an apparatus.

Further, in the present invention, the control unit, the license server requests the rental permission of the content, it characterized in that for receiving the response to the request from the license server.

In addition, in the present invention, when a user wants to migrate the content to another storage device, the controller: checks whether or not there is a right to the migration of the content through the license server, and the right to migrate the content If so, the content is migrated to the other storage device.

Also, in the present invention, the control unit compares the storage capacity of the other storage device with the storage capacity of the storage device, and if the storage capacity of the other storage device is smaller, performing migration without excluding duplicated content. It is characterized by.

Also, in the present invention, the control unit receives migration error information when the content is migrated, and the error information includes a transaction identification file error, a license error, a content file error, a continuous file error, a secret key value error, and a title error. , Or at least one of an authentication list error.

Hereinafter, the configuration and operation of the embodiments of the present invention with reference to the accompanying drawings, the configuration and operation of the present invention described by the drawings will be described as one embodiment, whereby the technical spirit of the present invention And its core composition and operation are not limited.

In addition, the terminology used in the present invention was selected as a general term widely used as possible now, in a specific case will be described using terms arbitrarily selected by the applicant. In such a case, since the meaning is clearly described in the detailed description of the part, it should not be interpreted simply by the name of the term used in the description of the present invention, and it should be understood that the meaning of the term should be understood and interpreted. .

The system to which the present invention is applied includes: a user 100 who purchases and uses highly secure high definition content, and a playback device 200-1, 200-2, capable of playing the content, 200-3), a storage device 300 that stores or stores the content, a content provider 400 that provides the content, and a retailer that receives the content and provides the content to a user. 500 and / or electronic kiosk 700, a download server 600 storing the content for download of the content, and license information permitting playback of the content. It may include a license server (800). In addition, the system may further include an external interface 900, for example, a remote controller, for controlling the operation of the playback device.

As an embodiment to which the present invention is applied, a user who wants to use a secure high definition content service may use the service through various methods. Here, an example of secure high definition content may include Secure Content Storage Association (SCSA) content, and the content referred to herein may include the SCSA content.

As a first example, the user 100 may use the service by purchasing a storage device in which the secure high definition content is already stored. For example, the content provider 400 may provide a content to be provided by a portable hard drive such as a hard disk drive (HDD), a solid state drive (SSD), a USB flash drive, or an SD card. The user may pre-install and sell a flash memory product such as a flash memory product, and the user 100 may use the service by purchasing the storage device that stores desired content.

As a second example, the user 100 may use the service by purchasing content from a retailer 500 that provides the secure high definition content service. For example, the retailer 500 may receive content from the content provider 400 and provide the content service online or offline, and the user 100 The service may be utilized by legally purchasing content from a retailer 500. In addition, the user 100 may use the service by purchasing the storage device from the retailer 500.

In this case, the retailer 500 may provide the user 100 with transaction information corresponding to the content purchase. Here, transaction information refers to information on content transaction activity, and may mean aggregate information of right information. For example, the right information may represent information indicating a state in which a license can be issued to a storage device. The transaction information may include transaction identification information identifying at least one of a corresponding transaction, a seller, and a user, and authorization information indicating an authorization information item of the corresponding content. Here, the transaction identification information may provide a unique link for the transaction.

As a third example, the user 100 may play the content by inserting the storage device 300 storing the secure high definition content into the playback device 200-1. For example, the playback device may be any device capable of playing multimedia content such as a mobile device, a TV, a computer, a notebook, a tablet, and the like.

As a fourth example, the user 100 may insert a storage device 300 storing or storing secure high definition content into the first playback device 200-1 and play the content on the second playback device 200-2. have. In this case, the first playback device 200-1 and the second playback device 200-2 may be connected to a network, and the storage device 300 is inserted into the first playback device 200-1. The second reproducing apparatus 200-2 may be automatically turned on. In addition, content playback in the second playback device 200-2 may be possible through an external interface (eg, the remote controller 800) or a user interface (eg, a touch screen, voice, gesture, etc.). have.

As a fifth example, the user 100 may play the content by inserting a storage device 300 capable of storing secure high definition content into the playback device 200-3 and downloading the content from an external content server. In this case, the content may be stored in the storage device 300, and the external content server may be a content server of the content provider 400 or the retailer 500.

Meanwhile, a specific application may be required to play the secure high definition content. The specific application referred to herein may refer to a software program for playing high-definition content with security. For example, the specific application means a software program capable of playing high-definition copy-protected content stored in or stored in a portable hard drive such as an HDD or an SSD, and a flash memory product such as a USB flash drive or an SD card. can do.

In particular, in the case of a playback device that cannot play the high-definition content to which the security is applied, it may be necessary to install the specific application to play the content.

The playback device 200 is largely comprised of a communication unit 210, a user interface 220, an external input / output terminal 230, an output unit 240, an encoder / decoder 250, a memory 260, an authentication unit 270, The power supply unit 280 and the control unit 290 may be included. The communication unit 210 may include a receiver 211 and a transmitter 212, and the output unit 240 may include a display unit 241 and a speaker 242.

The communication unit 210 may include one or more modules that enable wired and wireless communication between the playback device 200 and a content server or other electronic device connected to the playback device 200 through a network. For example, the receiver 211 may receive a signal transmitted from the content server or the other electronic device through a channel. Here, the signal may include secure high definition content data. The transmitter 212 may transmit information necessary for downloading or streaming the secured high definition content data to the content server or the other electronic device. For example, the information required for downloading or streaming the secured high definition content data may include at least one of identification information, transaction information, license information, level information, and authentication information of the playback device and / or storage device. . Here, the license information indicates information for allowing the playback of the purchased content, and may include, for example, at least one of license file information and license key information.

The user interface 220 delivers input information from a user to the playback device 200. For example, the user interface 220 may be used to control the playback of the secured high definition content, to input information required for a purchase or authentication process, or to set up for playback on another electronic device. have. The user interface 220 may include a touch screen unit (not shown), a voice recognition unit (not shown), or a gesture recognition unit (not shown), or may be a separate external device such as a remote controller.

The external input / output terminal 230 serves as a path to an external device connected to the playback device 200. The external input / output terminal 230 receives data from an external device or receives power and transfers the data to each component inside the reproducing apparatus 200 or transmits the data inside the reproducing apparatus 200 to an external device. . For example, the external input / output terminal 230 may represent a connection terminal for connection with the storage device 300. For example, the USB port, HDMI port, wired / wireless headset port, external charger port, wired / At least one of a wireless data port, a memory card port, an audio input / output (I / O) port, a video input / output (I / O) port, and an earphone port may be included. Communication between the storage device 300 and the playback device 200 may be performed through the external input / output terminal 230.

The output unit 240 is to generate an output related to vision, hearing, and the like, and may include a display unit 241 and a speaker 242.

The display unit 241 may output visual information processed by the playback apparatus 200. For example, the secure high definition content may be output, information indicating that the storage device 300 is plugged in, or information necessary for purchasing or authenticating content may be output. The display unit 241 may be a liquid crystal display, a thin film transistor liquid crystal display, an organic light emitting diode, a flexible display, or a 3D display. It may include at least one of.

The speaker 242 may output auditory information processed by the playback apparatus 200. For example, audio information of content may be output or information necessary for reproduction of the content may be output as voice information.

The encoder / decoder 250 may be used to decode to display the secure high definition content or to encode a video signal or an audio signal input from the playback apparatus 200.

The memory 260 may store a program for the operation of the controller 290, and may temporarily store input / output data. For example, a specific application for playing the secure high definition content may be stored, and identification information, profile information, level information, authentication information, and metadata of the content of the playback device 200 may be stored. And so on.

The memory 260 may include a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (eg, SD or XD memory), At least one of Random Access Memory (RAM), Static Random Access Memory (SRAM), ReadOnly Memory (ROM), Electrically Erasable Programmable ReadOnly Memory (EEPROM), Programmable ReadOnly Memory (PROM) magnetic memory, magnetic disk, optical disk It may include a storage medium of the type. In addition, the playback device 200 may operate in connection with a web storage that performs a storage function of the memory 260 on the Internet.

The authenticator 270 may decrypt the encrypted content to play the encrypted content. At this time, the authentication unit 270 may perform a response check process for key information, and may transmit and receive certificate information of a storage device or a playback device.

The power supply unit 280 receives an external power source and / or an internal power source under the control of the control unit 290 to supply power for operation of each component.

The controller 290 controls the overall operation of the playback device 200. For example, the controller 290 detects a connection of the storage device 300, receives a storage device certificate from the detected storage device, or transmits the received authentication information to a server. You can control the operation. The controller 290 may receive an encrypted media file and a certificate revision list (CRL) from the server based on the authentication information, store the encrypted media file in the storage device, or The authentication list may be updated or an operation of playing the encrypted media file may be controlled based on the updated authentication list.

The storage device 300 to which the present invention is applied may largely include an interface 310, a file system 330, and a security information manager 350. The file system 330 may include a data storage unit 331 and an update unit 333, and the security information manager 350 may include a control unit 351, a decryption unit 353, and a storage unit 355. It may include.

The interface 310 serves as a path to an external device connected to the storage device 300. For example, when the storage device 300 is plugged into a playback device, the storage device 300 receives data from the playback device through the interface 310 or data in the storage device 300. To the playback device.

The data storage unit 331 may store encrypted multimedia content data, license information and encryption information necessary for playing the encrypted multimedia content data, and a latest Certificate Revision List (CRL).

The updater 333 may receive the latest certificate list (CRL) and perform an update by synchronizing with a previously stored certificate list. At this time, the latest authentication list may be received from a playback apparatus or an external server.

The security information manager 350 accesses a license server through a playback device, and processes a handshake process with the license server for license information, password information, and a certificate revision list (CRL) necessary for content playback. ) Can be performed. The control unit 351 in the security information management unit 350 may control the above process, and the decryption unit 353 may decrypt the license information or the encryption information. The storage unit 355 may store the license information and / or the encryption information, and the storage unit 355 may be a security area in the storage device 300.

Referring to FIG. 4, when the storage device 300, which stores high-definition content with security applied thereto, is plugged into the first playback device 200-1 (S410), the first playback device 200-1 is automatically activated. The storage device plugged in may be searched for and the storage device 300 may be checked (S420).

When the first playback device 200-1 checks the plug-in of the storage device 300, the first playback device 200-1 displays a message indicating that the storage device 300 is plugged in. This may be output in the form of a pop-up message (S430). In addition, the first playback device 200-1 may display a list of content included in the storage device 300, and select content to play back through communication with the input device (media browsing).

In addition, when the first reproducing apparatus 200-1 checks the plug-in of the storage device 300, the first reproducing apparatus 200-1 identifies another reproducing apparatus connected to the first reproducing apparatus 200-1. The connection interface with the playback device can be checked (S440). For example, the first playback device 200-1 may be a media player, and the second playback device 200-2 may be a TV, and the first playback device 200-1 and the second playback device may be used. The 200-2 may be connected through a wired / wireless interface such as HDMI (High Definition Multimedia Interface), Wake-on-Lan, or Bluetooth.

Meanwhile, when the first reproducing apparatus 200-1 checks the connection interface with the second reproducing apparatus 200-2, the power of the second reproducing apparatus 200-2 may be automatically turned on ( S450). When requesting to play the corresponding content through the second playback device 200-2 (S460), the first playback device 200-1 plays the content (S470). In this case, the first playback device 200-1 may play the content by a playback start request of an external input device, and the content may be selected from the displayed content list.

A user must acquire at least one of transaction information and license information corresponding to the high definition content in order to purchase the high definition content and play the same in the reproduction device. Here, transaction information refers to information on content transaction activity, and may mean aggregate information of right information. For example, the right information may represent information indicating a state in which a license can be issued to a storage device.

The transaction information may include transaction identification information identifying at least one of a corresponding transaction, a seller, and a user, and authorization information indicating an authorization information item of the corresponding content. Here, the transaction identification information may provide a unique link (unique) for the transaction. The license information indicates information for allowing the playback of the purchased content and may include, for example, at least one of license file information and license key information.

In this embodiment, a process of acquiring license information for playing high definition content will be described.

Referring to FIG. 5, the user 100 may purchase secure high definition content from the retailer 500 (501). Although the retailer 500 is taken as an example in this embodiment, it is natural that the content can be purchased through other roots or other content holders, for example, the content provider 400 or another user.

In addition, the retailer 500 may request the content provider 400 or the other retailer 500 to purchase content (503), and receive the content therefrom (504).

The retailer 500 receiving the purchase request from the user 100 may authorize the user to play the high definition content through the transaction information generation at the license server 800. For example, the retailer 500 may provide transaction information to the user 100 (502) and provide transaction details to the license server 800 (505). In this case, the provided transaction information may be stored in the storage device 300 and may correspond to one high definition content. The high definition content may be provided as a plurality of versions of content, for example, at least one of SD, HD, and UHD content. In addition, the retailer 500 may provide high definition content to the storage device 300 (operation 506).

The license server 800 may be configured with data and interfaces necessary for determining whether the storage device has a right to play content. The license server 800 receives the transaction details from the retailer 500, receives content encryption information from the content provider 400 (507), and receives the transaction information from the storage device 300. May be 508.

The license server 800 may generate transaction information based on the transaction details. In addition, the transaction information may be generated in the retailer 500.

Meanwhile, the user 100 may request playback of the high definition content purchased from the playback device 200 through the interface. In this case, the transaction information stored in the storage device 300 may be transmitted to the license server 800, and the license server 800 may check the reproduction right based on the transaction information. When it is determined that the license server 800 has a reproduction right, the license server 800 may generate right information and license information and transmit the generated right information and license information to the storage device 300 (operation 509). Here, the license information indicates information for allowing the playback of the purchased content, and may include at least one of license file information and license key information.

The storage device 300 that receives the right information and license information may play the high definition content.

The secured high definition content may be copied or moved from one storage device to another. At this time, the license server may grant a right for valid copying or moving.

First, when the storage medium 1 purchases secure high definition content from the retailer 1 (S610), the retailer 1 may report content purchase contents to a server. Here, the server may mean a license server. The server may provide the retailer 1 with a valid license for the content purchase and update the authentication list stored in the server (S611). Here, the authentication list may include at least one of a content title authentication list, a storage device authentication list, a playback device authentication list, and a license authentication list.

The retailer 1 may provide the storage media 1 with a valid license for the content purchase and update the authentication list stored in the retailer 1 (S612).

In another embodiment, when the content that is legally purchased in the storage medium 1 is attempted to be copied to the storage medium 2 by using the playback device (S620), the server has a right to play the content in the storage medium 2 or the content is stored. It can be checked whether it can be copied (S621). As a result of the check, if the storage medium 2 has the authority to play the content or the content can be copied, the content copy of the storage medium 2 is in progress, and the server can play the content in the storage medium 2. There is a license information can be given (S622). At this time, the storage medium 2 should have the ability to play the content.

In another embodiment, when the storage media 2 tries to unlicense the copy of the content to the storage media 3 by using another playback device (S620), only the data file of the content is stored. Only copying from the media 2 to the storage media 3, the authentication process through the server is not performed (S630). However, if you want to play the content on the storage media 3, a new license may be issued.

In another embodiment, when the storage media 3 is to play the content, the storage media 3 may request the server to grant permission to play the content (S641), and thus the server may store the content. The content playback right may be granted to the media 3 (S642).

However, when the content reproduction right is exhausted, the storage media 3 must purchase new content from the retailer 2 (S650). When the purchase of new content through the retailer 2 is completed, the retailer 2 may transmit new purchase information to the server, and the server may update the authentication list stored in the server based on the new purchase information (S651). . The retailer 2 may provide the storage media 3 with a valid license for the content purchase and update the authentication list stored in the retailer 2 (S652).

The secured high definition content may be moved from one storage device to another. Here, moving may mean that a content file is delivered to a destination storage medium having an activated license. The movement may be performed by a playback device having the ability to play the secure high definition content. The destination storage media should be able to store the secure high definition content. At this time, the server may grant the right for valid movement.

First, when the storage medium 1 purchases secure high definition content from the retailer 1 (S710), the retailer 1 may report content purchase contents to a server. The server may provide the retailer 1 with a valid license for the content purchase and update the authentication list stored in the server (S711). Here, the authentication list may include at least one of a content title authentication list, a storage device authentication list, a playback device authentication list, and a license authentication list.

The retailer 1 may provide the storage media 1 with a valid license for the content purchase and update the authentication list stored in the retailer 1 (S712).

In another embodiment, when the content legally purchased in the storage medium 1 is attempted to be moved to the storage medium 2 by using the playback device (S720), the server has a right to play the content in the storage medium 2, or the content is stored. It can be checked whether it can be moved (S721). As a result of the check, if the storage medium 2 has the authority to play the content or the content can be moved, the content movement of the storage medium 2 is in progress, and the server deactivates the license granted to the storage medium 1. In operation S722, new storage information for reproducing the content may be given to the storage medium 2 (S723).

In another embodiment, when the storage media 2 attempts to make an unlicensed move of the content to the storage media 3 using another playback device (S730), only the data file of the content is the storage media. Only from 2 to the storage media 3, the authentication procedure through the server is not performed. However, if you want to play the content on the storage media 3, a new license may be issued.

In another embodiment, when the storage medium 3 intends to play the content, the storage medium 3 may request authorization of the server to play the content (S740). Accordingly, the server may deactivate the license granted to the storage medium 2 (S741), and may assign new license information for playing the content to the storage medium 3 (S742).

A user must acquire at least one of transaction information and license information corresponding to the high definition content in order to purchase the high definition content and play the same in the reproduction device.

First, when a storage device that stores security-definition content is plugged into a playback device, the playback device may detect the plugged-in storage device (S801). When the storage device is detected, the playback device may transmit transaction information stored in the storage device to the license server (S803). Here, transaction information refers to information on content transaction activity, and may mean aggregate information of right information. For example, the right information may represent information indicating a state in which a license can be issued to a storage device. The transaction information may include transaction identification information identifying at least one of a corresponding transaction, a seller, and a user, and authorization information indicating an authorization information item of the corresponding content. Here, the transaction identification information may provide a unique link (unique) for the transaction.

The license server that has received the transaction information may check the reproduction right based on the transaction information. If the storage server determines that the storage device has a right to play the high definition content, the license server may generate right information and license information and transmit the generated right information and license information to the storage device (S805). Here, the license information indicates information for allowing the playback of the purchased content, and may include at least one of license file information and license key information.

The playback apparatus may play the high definition content based on at least one of the right information and the license information (S807).

To reproduce secure high definition content, the playback device 200 may use at least one of an authentication list, encryption information, device identification information, device authentication information, storage device authentication information, and storage device identification information. have.

First, when the storage device 300 that stores secure high definition content is plugged into the playback device 200, the playback device 200 transmits the device authentication information of the storage device 300 to the storage device 300. Can request (S910). When the storage device 300 receives the request for the device authentication information from the playback device 200, the storage device 300 transmits the device authentication information to the playback device 200 (S920). The device authentication information is transmitted to the download server 600 (S930). Here, the download server 600 represents a server storing a content file, and the download server 600 may include an authentication server (not shown) for performing content authentication, storage device authentication, or playback device authentication. Can be.

The download server 600 may determine whether the device is valid by receiving device authentication information of the storage device 300. For example, the device authentication information of the storage device 300 may be performed by checking whether the device authentication information is the same as any one of the device authentication information managed by the download server 600. As a result of the determination, when the device authentication information of the storage device 300 is not valid, the playback device 200 cannot play the secure high definition content.

On the other hand, if the device authentication information of the storage device 300 is valid as a result of the determination, the download server 600 transmits an encrypted content file to the playback device 200 (S940), and the playback device 200 ) Transmits the encrypted content file to the storage device 300 (S950).

The storage device 300 may store the encrypted content file, and at this time, the received encrypted content file may be stored in a file system in the storage device 300 (S960).

The encrypted content file may include content level information, and the content level information indicates categorized content attribute information. The content file provided in the system to which the present invention is applied may be provided in another profile according to the content level information. For example, when the content level information indicates 'Level 1', the corresponding content may correspond to a standard definition (SD) profile, and when the content level information indicates 'Level 2', the corresponding content corresponds to a high definition (HD) profile. In the case of indicating 'Level 3', the corresponding content may correspond to a quad high definition (QHD) profile.

In addition, the playback apparatus 200 may be provided at various levels according to the capability of the apparatus. For example, when the device level information indicates 'Level 1', the corresponding playback device may play content corresponding to the content level information 'Level 1', and when the device level information indicates 'Level 2', the corresponding playback device indicates the above level. The content corresponding to the content level information 'Level 1' and 'Level 2' may be played back, and when the level is represented as 'Level 3', the corresponding playback device may play the content corresponding to all the content level information.

On the other hand, the download server 600 transmits the latest authentication list to the playback device 200 with the transmission of the encrypted content file (S970), the playback device 200 to the storage device 300 The latest authentication list will be sent. The storage device 300 may update the authentication list by receiving the latest authentication list and synchronizing with the previously stored authentication list (S980). Here, the authentication list indicates a list of authentication information required for playing secure high definition content. For example, the authentication list may include a content title authentication list, a storage device authentication list, a playback device authentication list, and the like. It may include at least one of the license authentication list. The authentication list may be used to authenticate eligibility for at least one of a playback device, a storage device, and a server, and may be stored in a secure area of the storage device.

As described above, the authentication list in the storage device 300 is updated, thereby creating a secure session between the storage device 300 and the playback device 200 or between the storage device 300 and the download server 600. Security information, such as a license key, may be transmitted and received through the secure session.

Therefore, based on the update of the authentication list, the playback device 200 can play the encrypted content file stored in the storage device 300. The encrypted content file may be played based on a specific application installed in the playback device 200.

As such, a session is created when information is transmitted between devices in the system to which the present invention is applied, and a command can be transmitted and a response can be received through the session. In this case, the session may be identified by session identification information, and the session identification information may be defined according to whether to exchange key information protecting content or may indicate whether to exchange key information protecting content.

For example, the session identification information may indicate one of at least two types of session states, and the at least two types of session states may include a secure session and a non-secure session. Can be. Here, the secure session refers to a session capable of exchanging key information protecting content, and the non-secure session refers to a session in which exchange of key information protecting content is impossible. That is, in the case of insecure session, an independent command is allowed in the authentication process for key information exchange.

Here, the secure session and the non-secure session are terms defined herein, and of course, may be replaced with other terms having the meanings. For example, it may be referred to as a local session and a network session.

In an embodiment to which the present invention is applied, the session identification information may be displayed in hexadecimal, but is not limited thereto. For example, the first session identification information indicating the secure session may be indicated by 0x0001, and the second session identification information indicating the non-secure session may be indicated by 0x0000.

Meanwhile, the session identification information may be included in a command or a response message and transmitted. The session identification information included in the command may mean a session identifier assigned by the storage device, and the session identification information included in the response message for the command may have the same value as the session identification information included in the command. .

In order to play an encrypted content file in the file system of the storage device, the storage device needs to obtain license information. In FIG. 10, a process of obtaining license information by the storage device will be described.

In order to receive the license information, the storage device 300 may first connect to the license server 800. In this case, the storage device 300 may be connected through a playback device. The license server 800 may receive an authentication list of the storage device 300 from the storage device 300 and check whether the license server 800 is the latest authentication list. As a result of the check, if the authentication list of the storage device 300 is not the latest authentication list, the license server 800 may request the storage device 300 to update the authentication list (S1010). In this case, the authentication list may be a latest authentication list obtained from a key issuance center.

The storage device 300 may update the authentication list by receiving the latest authentication list and synchronizing with the previously stored authentication list. Here, the authentication list indicates a list of authentication information required for playing secure high definition content. For example, the authentication list may include a content title authentication list, a storage device authentication list, a playback device authentication list, and the like. It may include at least one of the license authentication list. The authentication list may be used to authenticate eligibility for at least one of a playback device, a storage device, and a server, and may be stored in a secure area of the storage device.

The license server 800 and the storage device 300 may check whether the storage device 300 is an authenticated storage device by exchanging authentication information of the storage device 300 (S1020). Thereafter, the license server 800 and the storage device 300 may exchange a public key (S1030).

After the public key exchange, the license server 800 may encrypt the license key (S1040). The license server 800 may transmit the encrypted license key and the license file to the storage device 300 (S1050, S1070).

The storage device 300 that receives the encrypted license key and the license file may decrypt the encrypted license key (S1060), and the license file may be stored in a secure area of the storage device 300 (S1080).

As described above, by updating the authentication list in the storage device 300, a secure session between the storage device 300 and the license server 800 may be created, and secure information such as a license key through the secure session. Can be transmitted and received. Therefore, based on the update of the authentication list, the playback device can play back the encrypted content file stored in the storage device 300.

The playback apparatus 200 and the authentication device 1100 to which the present invention is applied perform a connection setup so as to be connected to a network, transmit and receive a request message and a response message when the network is connected, and periodically check whether network connection is maintained. By checking, you can continue to output content.

The playback device may largely include a storage device manager 291, a playback device manager 292, a security protocol manager 293, an authentication device manager 294, and a password manager 295.

The storage device manager 291 detects the connection and disconnection of the storage device and provides a security protocol command API.

The playback device manager 292 may perform a control command such as playback or termination of content in association with a content license manager, a security protocol manager, and an authentication device manager.

The security protocol manager 293 performs a role of processing a security protocol such as providing a license, providing a reproduction right, and the like.

The authentication device manager 294 periodically checks whether the connection between the playback device and the authentication device is maintained. If the connection is lost, the authentication device manager 294 may generate an event and transmit an event message to the playback device. If a plurality of authentication devices exist, a list for managing the plurality of authentication devices may be generated.

The password manager 295 may call an API of a cryptographic module to perform a password related function.

The authentication device 1100 may include a content license manager 1101, a license update manager 1102, and an authentication key manager 1103.

The content license management unit 1101 may manage a content list having a reproduction right and transmit a content license list when a reproduction right confirmation request comes from a playback device.

The license update management unit 1102 may check the change in the content license and update the authentication key. For example, when a user purchases new content, the user may add the content to the content list of the content license manager 1101. In addition, when the validity period of the content purchased by the user has expired, the corresponding content may be deleted from the content list of the content license management unit 1101.

The authentication key manager 1103 may store and manage an authentication key required when a protocol between a playback device and a storage device is applied.

The rental function is not supported for contents stored in existing SD, USB memory and HDD. If the rental function is supported, the content may not be played in the original storage, but may be played only in the loaned storage (hereinafter referred to as 'rental storage'). Therefore, the license for the content must be temporarily suspended on the original storage and the license must be activated on the loan storage. In addition, upon return, only licenses to the contents of the original storage must be activated. When you rent or return content in this way, you can protect the content and implement these features by temporarily activating / deactivating licenses, by automatically activating / deactivating licenses after the rental period, and by the original storage during the rental period. You need a definition for the ability to request a return.

The playback device to which the present invention is applied may have a secure memory area that can store a license in the playback device. The license information stored in the secured memory area may include content information and return information of the content right as well as the right to play the content.

The present invention defines a start / end date of content playback, a check in / check out for a content playback right, a key for giving and receiving rights, and the like. You can define the concept of loan or return for the right to play content.

In one embodiment of the invention, the content in the original storage can be rented to another storage with a license. When the content is rented, the original license is changed to inactive, so the content cannot be played on the original storage.

When the rental period ends, the license stored in the original storage is reactivated, and the license stored in the rental storage is deactivated again. In addition, the original storage can be made to terminate the rental at any time.

In addition, the original and the rental can be displayed in the content information, and the rental period or the use period for the license can be displayed in the content license information. During the rental period, the original license can be activated or deactivated by comparing the rental period. The original content may request the retrieval of licenses for the loaned content, and may prevent multiple loans of the content to various storage media.

In addition, the present invention may define metadata and authority information for content in secured storage. For example, the authority information may include a storage CRL, a player CRL, a title CRL, address information, a key set, a loan release date, and a loan release date. It may include at least one of a Loan Expiry Date and a Loan Release Key.

In addition, the present invention may define a transaction handle file (Transaction Handle File) for the purchase information, the transaction identification file may include a rental right or a return right.

In addition, the present invention may define a playback device that can borrow and return content playback rights. For example, after a player level is verified through a player device CRL, it may be determined whether playback is possible in the player according to the rental authority. The output control of the rental right may be verified, and a playback map may be verified after generating a playback map by the rental right.

In addition, the present invention can define the content to return the content playback authority to the original playback device. For example, a license transaction record, a device identification information, a device identification list (CRL), and a license release date may be defined to return a content reproduction right.

The present invention can be applied to all of the security-applied storage systems, and can be applied to various codec (MPEG-2, 4, AVC, HEVC, VC-1) playback and trick play. In addition, the present invention can be extended to other forms of streaming format transmission in addition to file play.

The present invention can extend a method for providing a content playback function in an AVC / HEVC stream based media service. To this end, it is necessary to define a key, a license release date, and a license expiry date required for a function of transferring content reproduction authority to not only the original playback device but also other playback devices. It is possible to verify the player level, output control information, and the like of the playback device to see if there is no problem in generating a playback map through a single purchase information in the storage system to which the corresponding permission is secured. . After checking the transaction record of the license server to transfer the right to the original playback device, the license may be delivered to the original playback device.

In one embodiment of the invention, to borrow a license from storage A to B, the storage may be secured storage (eg, SCSA storage). As shown in FIG. 12, a Rights field S1200 may be added to a transaction handle file used to communicate with a license server to confirm whether a license of content in storage is an original or a loan. . If the value of the right field is 0, the content license is original, and if 1, it is a loan. Also, the transaction handle file may include at least one of transaction handle information, a title, and a transaction ID.

The right field value in the transaction handle file may be replaced by another field in the license file.

Referring to FIG. 13, the present invention may add a new field value of identification numbers 1310 to 1370 to the structure of a license file system, which contains license information of content. For example, the added field includes a reserved field 1310, an authorization field 1320, a rental start time field 1330, a rental return time field 1340, and an encrypted rental return key field. 1350, a rental version field 1360, and an additional reserved field 1370.

Meanwhile, the exact release date and time field 1390 in the file may be used after decryption using the time-release keys 1380 for enhanced security. The rental / return period field value may be determined by comparing the exact release date and time field 1390 and the time-release keys 1380.

Referring to FIG. 14, A represents original storage and B represents rental storage.

First, you can apply for a loan from your original storage A to your retailer. At this time, the information of the borrowed person or the information of the original storage A applying for a rental can be provided to the retailer, and the rental / return time value can be set for the license server. When the retailer receives the rental application, the retailer may transmit the rental application information to a license server.

The license server performs a license provision process and updates a license file registered with a rental / return time field value in a license server to the original storage A. .

In an embodiment of the present invention, as shown in FIG. 15, a structure of a transaction handle file may be defined. The transaction handle file may include at least one of a transaction handle field, a title field, a transaction ID field, and an authority field.

The transaction handle file may be used to communicate with a license server to determine whether the license of the content in the storage is an original or a loaned copy.

For example, when the value of the right field is 0, it may indicate that the content license is original, and when 1, it may indicate that it is a rental copy.

Alternatively, the right field may mean whether a content license can be borrowed or not.

Referring to FIG. 16, a structure of a license file stored in the original storage A of FIG. 14 is illustrated. The license file may include an loan time field (Exact loan date and time), a return time field (Exact return date and time).

Fig. 16A shows the structure of a license file before borrowing content from the original storage A. Figs. Since the license file is still active on the original storage A, the original loan time and field (1610) is represented by 0x0000000000000000, and the return time field (1620). Can be expressed as 0x000000000000000.

Fig. 16 (b) shows the structure of the license file after borrowing the content from the original storage A. Since the loan, the loan time field (Exact loan date and time) 1630 may be represented by 0x3F42768C93D7F372, and the return time field (Exact Return date and time) 1640 may be represented by 0x4074E3A123B7324F.

In this case, when the authority field value is 0 in FIG. 15, playback cannot be performed between the rental time and the return time. In addition, the loan time field (Exact loan date and time) 1630 and the return time field (Exact Return date and time) 1640 is encrypted using an encrypted time-release key field value. Can be.

Referring to FIG. 17, B denotes rental storage, and illustrates a process of downloading licenses and contents from rental storage B. FIG.

If you rent the content on Rental Storage B, Rental Storage B can request the retailer to download it, and you can obtain the Transaction Handle File, License File, and License Key for that content from the license server. ) At least one of

This may prevent the license-related information from being congested with each other when the same content has been borrowed from a user (or storage) other than the original storage A.

In order to rent the contents, the rental storage B must receive the license-related information, and for this purpose, it should be understood that the rental storage B is allowed to rent from the original storage A. For example, the retailer may prove that the storage (or user) is authenticated through the storage (or user) ID.

If approved through a retailer, at least one of a transaction handle file, a license file, and a license key may be downloaded through a license server. In this case, the right field value of the transaction handle file may indicate 1. The same process as the license provisioning process for general content is performed.The license server sets a Loan / Return Date and Time field value in a license file and uses a key value. Can be filled with encrypted data.

In another embodiment to which the present invention is applied. This section explains how to play content using a borrowed license. When playing using the rental storage B, the following two methods can be used.

(1) If you need access to a license server

If the authority field value in the transaction handle file is 2, the license server may be accessed to check whether the borrowing of the license is still available. In this case, the original storage A may request a return of the license even if the return date has not been reached. Even if the return date of the license file of the rental storage B has not passed, playback may be disabled if there is no request for a loan from the license server.

When playing back from rental storage B, you can connect to the license server and check whether the original storage A requested a return. When requesting a return, the rental storage B may delete at least one of a license file, a transaction identification file, and a license key.

If the original storage A requests a return and the second rental storage C is rented again, a problem may occur in which the second rental storage C is accessed and played on the first rental storage B before the license information is downloaded. . Therefore, it is necessary to additionally determine the second rental storage. To solve the above problem, the version field can be added in the transaction identification file as shown in Table 1 below.

Table 1

Key name	Format
TransactionHandle
Title	Double-quote Delimited String
transactionID	UUID
Rights
	0
Loan Version	One

The Loan Version can increment that number by 1 on the License Server whenever a loan is requested from the original storage A to the License Server. And when the rental storage is connected and you download the license, you can insert that number into the license file.

For example, if the loaned version (Loan Version) of the first loaned storage B is 100, the loaned version that the license server has when requesting a mid-term return from the original storage A and renting the second loaned storage C (Loan Version) ) Can be 101. At this time, since the loaned version (Loan Version) of the license server and the loaned version (Loan Version) of the first loaned storage B do not match, the corresponding content does not have a right to play. The content will only be available after a new license has been downloaded to the user's storage allowed by original storage A.

(2) Playback is possible without access to License Server

If playback is allowed without access to the license server, no return can be requested from the original storage A before the return date. In this case, the borrowing or return of the license may be determined by the value set in the license file.

If the value of the authority field in the transaction identification file is 0, the content cannot be played during the rental / return period in the license file. You must request a return to the license server to play the content. On the contrary, when the authority field value is 1, the content may be played only within the rental / return time in the license file.

When the return date passes, at least one of a transaction identification file, a license file, and a license key of the corresponding content may be deleted or deactivated from storage through a playback device or a license server.

The license server may check the number of each authority field value of the transaction identification file. That is, when the first content is purchased, one of the authority fields of the corresponding transaction identification file has a value of zero. If you later rent, the number of 1 will increase by 1. This allows you to understand how the license of the content is being distributed. This field may be extended in the case of a copy later, and may limit the number of license copies.

License borrowing temporarily deactivates the license on the original storage and activates the license on the borrowed storage. This may mean that there may be no simultaneous rental to multiple storages.

18 illustrates a case of requesting early return of content from the rental storage. In other words, the rental storage may return the borrowed license before the return time.

For example, in FIG. 18A, the rental storage B may request an early return before the return time. Upon requesting a return to the license server using rental storage B, the license server deactivates the license for the corresponding content of rental storage B or at least one of the license information, for example, a transaction identification file, a license file, a license key. You can invalidate this license by deleting it.

Referring to FIG. 18 (b), when the user wants to play back on the original storage A, if the user is connected to the license server, the content may be played through the original storage A after recognizing the return and updating the license file.

In an embodiment of the present invention, when multiple loans are possible, the license server may have the currently accepted loan version information. The content can be played only when the currently available rental version (Loan Version). Loan Versions can be verified through a license server connection.

If multiple licenses do not require access to the license server, when you request the right to rent the content, you can decide whether to borrow the license for the content from the rental version and how much storage. Therefore, when the license is borrowed through the license server, the number of license downs can be counted so that only the number of rentals set for the first time can be downloaded.

For example, referring to FIG. 19, assuming that the license server manages three rental rights (right 0, right 1, and right 2) of the corresponding content, the license server manages the content license distribution status. .

In FIG. 19A, it can be confirmed that the number of rentals for authority 0 is one, and in FIG. 19B, it can be confirmed that the number of rentals for authority 1 is three. In this case, the rental version information may be checked for each of

authority

0, 1, and 2. For example, the permission version 0 may indicate a rental version 101, the permission 1 may be a rental version 102, and the permission 3 may be a rental version 103.

In FIG. 19 (c), when the new version is rented again after returning the right of the borrowed version 102, the rented version is updated. For example, for rights 1, you can see that the rental version has been updated from 102 to 104.

In addition, when multiple rentals are possible, the rental / return time may not be set so that the original storage can be reproduced.

When purchasing content, there may be several profiles depending on the quality of the corresponding content.

If you have multiple profiles of the relevant content, you can request a loan / return selectively for each license. The license file exists for each profile, so even if you rent level 1 content from storage A to storage B, you can let A watch the contents of another profile.

For example, referring to FIG. 20, assume that storage A includes three levels of content and to rent level 2 content. In this case, the license server may borrow a license for the level 2 content from storage B, and storage B may download at least one of license information, for example, a license file, a transaction identification file, and a license key from the license server. .

Meanwhile, the license server may update the license file by releasing a license for level 2 of storage A. In this case, the storage A may not play the contents of the level 2, but the contents of the level 1 and the level 3 may be played.

The original storage A may request a rental permission from the license server (S2110). The license server receiving the rental permission request may check the value of the permission field (S2120). Here, the permission field may be included in a transaction handle file. For example, when the value of the permission field is 0, it may indicate that the content license is original, and in case of 1, it may mean a loan. Alternatively, the right field may mean whether a content license can be borrowed or not.

The license server may send a response to the rental permission request to the original storage A. For example, when the value of the right field is 0, the license server may transmit a response that the loan is possible. On the other hand, if the value of the right field is not 0, it may mean that the content license is not original or is in a state in which rental is impossible, and thus, an answer indicating that rental is impossible may be transmitted to the original storage A.

In another embodiment, the original storage A may check the authority field value on its own and then perform the rental authorization request. For example, the original storage A may determine that the loan is available when the authority field value of the transaction handle file stored in the transaction handle file is 0, and may request a rental permission from the license server.

The license server may request additional information from at least one of the retailer or the original storage A (S2140), but this may not be necessary. For example, the additional information may include at least one of user information and device information of the original storage A.

In addition, a license provisioning process may be performed between the original storage A and the license server (S2150). Here, the license providing process refers to a process of exchanging and receiving license information necessary for playing encrypted content in the storage device, and the storage device must have a license file and a license key required for playing the content.

The license server may manage license information of the original storage A (S2160). For example, the license information of the original storage A may be changed, encrypted or updated as appropriate. The license information may include at least one of a license file and a license key.

The license server may encrypt loan time information of the original storage A (S2170), and transmit the updated license file to the original storage A (S2180).

The rental storage B may request a rental permission from the retailer (S2210). Upon receiving the rental permission request, the retailer may check whether the rental storage B is an authorized user (S2220).

The retailer may transmit a response to the rental permission request to at least one of the rental storage B or the license server (S2230). For example, when the rental storage B is an authorized user, the retailer may transmit an answer indicating that the rental is available to at least one of the rental storage B or the license server. On the other hand, if the rental storage B is not an authorized user, a response that the rental is impossible may be transmitted to the rental storage B.

In another embodiment, the rental storage B may request a rental permission from the license server. In this case, the license server may request additional information from at least one of the retailer or the rental storage B, but this may not be necessary. For example, the additional information may include at least one of user information and device information about the rental storage B.

In addition, a license provisioning process may be performed between the rental storage B and the license server (S2240). Here, the license providing process refers to a process of exchanging and receiving license information necessary for playing encrypted content in the storage device, and the storage device must have a license file and a license key required for playing the content.

The license server may manage license information of the rental storage B (S2250). For example, the license information of the rental storage B may be appropriately changed, encrypted or updated according to a situation. The license information may include at least one of a license file and a license key.

The license server may transmit at least one of encrypted loan time information or an updated license file to the rental storage B (S2260).

As described above with reference to FIG. 22, when the rental storage has received the rental permission from the retailer or the license server, the rental storage may play content stored in the original storage.

First, the rental storage may update a Certificate Revision List (CRL) for content reproduction (S2310).

In addition, the rental storage may check an authority field value in the transaction identification file by itself or through a license server (S2320).

When the authority field value indicates that the rental is allowed, the current time and the rental / return time may be compared (S2330). As a result of the comparison, if the current time corresponds to the rental period, the rental storage may play the content.

In this case, when it is necessary for the rental storage to access the license server to play the content, the rental storage should access the license server (S2340).

Then, the validity of the content rental can be confirmed (S2350). For example, the validity of the content rental may be determined by checking at least one of the rental / return status and the same version information.

If the content rental is valid according to the determination result, the playback device may generate a playback map and play the content (S2360).

On the other hand, as a result of the comparison in step S2330, if the current time does not correspond within the rental period, the rental storage may not play the content. For example, if the current time has passed the return time, the license server may delete or deactivate the license information.

Unlike the embodiment of FIG. 23, the present embodiment describes a method of playing secure high definition content without accessing a license server.

First, the rental storage may update a Certificate Revision List (CRL) for content reproduction (S2410).

In addition, the rental storage may check the value of the authority field in the transaction identification file by itself or through a license server (S2420).

When the authority field value indicates that the rental is permitted, the current time and the rental / return time may be compared (S2430). As a result of the comparison, if the current time corresponds to the rental period, the playback device may play the content through the rental storage (S2450). That is, unlike the embodiment of FIG. 23, if the current time corresponds to the rental period, it is determined that the content rental is valid, and thus a playback map may be generated and the content may be played.

The original storage A may request a license termination from the license server (S2510). The license server receiving the rental termination request may check the value of the authority field (S2520). Here, the right field may be included in a transaction handle file. For example, the right field may mean whether a content license can be loaned or not.

The license server may transmit an answer to the rental termination request to the original storage A (S2530). For example, when the value of the right field is not 0, the license server may transmit an answer indicating that rental termination is impossible.

On the other hand, if the authority field value is 0, the license server may perform the rental termination process according to the rental termination request.

In another embodiment, the original storage A may check the authority field value on its own and then perform the rental termination request. For example, the original storage A may determine that the current loan status is in the case where the authority field value of the transaction handle file stored in the transaction handle file is 0, and request the license server to terminate the rental.

The license server may request additional information from at least one of the retailer or the original storage A, but this may not be necessary. For example, the additional information may include at least one of user information and device information of the original storage A.

In addition, a license provisioning process may be performed between the original storage A and the license server (S2540). Here, the license providing process refers to a process of exchanging and receiving license information necessary for playing encrypted content in the storage device, and the storage device must have a license file and a license key required for playing the content.

The license server may manage license information of the original storage A (S2550). For example, the license information of the original storage A may be changed, encrypted or updated as appropriate. The license information may include at least one of a license file and a license key.

The license server may encrypt loan ending time information of the original storage A (S2560), and transmit the updated license file to the original storage A (S2570).

Referring to FIG. 26, the rental storage B may perform a return request to the license server for early return of content (S2610).

The license server receiving the return request may check the value of the permission field (S2620). Here, the right field may be included in a transaction handle file. For example, the right field may mean whether a content license can be returned or not. As a specific example, when the right field value is 2, the license server may proceed with the return process.

The license server may transmit an answer to the return request to the rental storage B (S2630). For example, if the value of the right field is not 2, the license server may transmit an answer indicating that it cannot be returned.

On the other hand, when the right field value is 2, the license server may perform a return process according to the return request.

In another embodiment, the rental storage B may check the authority field value by itself and then perform the rental termination request. For example, the rental storage B may determine that the permission field is 2 in the transaction handle file stored in the transaction handle file, and request the license server to return the license.

The license server may manage license information of the rental storage B (S2640). For example, the license information of the rental storage B may be appropriately changed, encrypted or updated according to a situation. The license information may include at least one of transaction information, a license file, and a license key.

The license server may transmit the updated license information to the rental storage B (S2650). In detail, the license server may delete or deactivate at least one of the transaction information, a license file, or a license key.

FIG. 27 is a block diagram illustrating a rental and return process in terms of a source storage device and a loan storage device according to another embodiment to which the present invention is applied.

FIG. 27A illustrates an embodiment in which the license server deactivates a license of the original storage A when the original storage A makes a rental request. At this time, the transaction handle (transaction handle) of the license represents "xxxx-xxxx-xxxx-xxxx", which may mean that the license is "rental status".

FIG. 27B illustrates an embodiment in which the target storage B downloads at least one of license information, for example, transaction information, a license file, and a license key, from the license server when the target storage B makes a rental request.

FIG. 27C illustrates an embodiment in which the license server deletes or deactivates a license of the target storage B and activates a license of the original storage A when the target storage B requests a return. In this case, the transaction handle of the license represents "yyyy-yyyy-yyyy-yyyy", which may mean that the license is "owned state".

Loan / Return Examples

The source storage or the original storage may force the return of the license to the loan storage or the target storage, but the present invention is not limited thereto.

For example, if you do not define a rental period or any other return method, the source storage cannot be returned to the license until the rental storage returns in a fixed period.

When returning a license, a transaction number or transaction handle information may be required from a license server in order to deactivate a license currently used by the rental storage. In this case, the transaction number or transaction handle information may be stored in a license server and may be mapped to a license file and a license key.

If the target storage does not have a transaction handle file, the target storage may request deactivation or unbind of a license held by the license server.

On the other hand, the license server may set a restriction on the rental.

For example, the license server may be configured to limit at least one of the number of rentals, rental periods, rental areas, or the number of rental storages. This limit may be set for each period. For example, in the case of a rental area, the license server can be set so that only storage within the home network can be rented, and can be set to automatically unbind after returning.

In addition, the unbind of the existing authority can be deactivated without a transaction handle file. If there is no transaction identification file in the rental storage when the rental storage wants to return, the license server may control the binding / unbind of the transaction number and license information through the transaction record.

In another embodiment to which the present invention is applied, when both the source storage A and the target storage B are connected to one player, the devices are regarded as devices in one network and the target storage B is stored through the transaction identification file of the source storage A. Rentals may be available. The transaction identification file may be stored in a general file system of non-SCSA storage or may be stored in a file system of SCSA storage.

In addition, the transaction identification file in the source storage may be copied to the target storage before the rental process begins and delivered to the license server via the retailer.

In another embodiment of the present invention, a method of delivering a transaction identification file is provided.

If there is a transaction identification file within the source storage, the target storage can be accessed through the transaction identification file of the source player (or storage) through a secure connection between storage and retailer, between storage and license server, between player and retailer, or between player and license server. Rentals may be available.

After checking the transaction identification file of the source storage, the license server can transmit the license key and the license file. In this case, after creating a secure session between the license server and the target storage, the license key and the license file can be transferred from the license server to the target storage. Here, the storage may be SCSA storage or non-SCSA storage.

In another embodiment of the present invention, in order to enable simple rental / return without modification of the existing system, the license file or transaction identification file in the existing system may be maintained as it is. When the original storage is connected, the player indicates that it can be rented. If the rental is selected, the rental can be made to another player described above or another storage connected to the same player. The borrowed storage can download license files and license keys except for transaction identification files containing purchase information (or transaction information).

In rental storage, content can be played using only license files and license keys without transaction information. After the loan, the license server deactivates the license on the original storage.

The content in the rental storage is activated on the player with the return button, and executes the return API of the license server. During the return of the license, the license file and license key for the contents of the rental storage are sent to the server, which can then use it to find transaction handles. When contacting the license server to replay from the original storage, the license server can confirm that the license of the original storage has been returned and can reactivate the license. The license file and license key of the borrowed content may be deleted.

In order to determine whether a license is borrowed from a specific player, a new file may be added to the license file or displayed in the content.

How to deliver a transaction identification file to target storage

According to an embodiment to which the present invention is applied, when source storage A and target storage B are connected on a network, it may be possible to rent to target storage B based on a transaction identification file of source storage A.

How to Navigate and Deal the Transaction Identification File to the License Server

First, it may be checked whether a transaction identification file exists in the source storage (S2810). In addition, whether to further search may be determined according to whether the transaction identification file of the source storage is detected.

If a transaction identification file is found in the source storage (S2820), the transaction identification file of the source storage may be transferred to the license server (S2830).

However, when the transaction identification file is not found in the source storage (S2820), it may be checked whether a transaction identification file exists in the target storage through the target player (S2840). If a transaction identification file exists in the target storage, the transaction identification file of the target storage may be delivered to the license server (S2850).

In an embodiment of the present invention, if there is no transaction identification file, the device may record a transaction record through the license server.

In addition, if the transaction identification file exists only in the source player (for example, SCSA player) or source storage, and no transaction identification file exists in other target player or target storage, the license information and license The key is stored, and a separate secure session may be required to transfer transaction related information or to disconnect / deactivate the license.

The license server may deactivate a license of the target device or the target storage based on the received transaction related information. Thereafter, the license server may update a transaction record and update transaction identification information of the source device.

In the present specification, the transaction related information may include all information related to a transaction, such as license information, key values, storage information, and player information.

Also, in the present specification, the target device may mean at least one of a target player or target storage, and the source device may mean at least one of a source player or source storage. In addition, in the case of describing the target storage, it may be applied to the target player according to the embodiment, and vice versa. Even if it is described as source storage, it may be replaced by the source player according to the embodiment, and vice versa.

Referring to FIG. 30, a copy or move from a storage device 1 to a storage device 2 is illustrated.

First, the storage device 1 may request a first migration to another device from the license server (S2910).

In operation S2920, the storage device 2 may request a second migration from the license server to download the previously purchased content.

After checking the migration field of the transaction identification file of the corresponding content, the license server may grant the content download right to the storage device 2 (S2930).

In addition, the present invention defines a structure for moving a content library of an external storage device connected to the playback device to another secured external device when the playback device reads or plays back content from a secured external storage device or server.

In addition, the present invention provides content usage rights, history, authority history, expiration data, right release, usage file (resume file) for the content library migration (Migration) of the storage-based security content playback system It is possible to define transaction information and the like and manage security information necessary for reproduction.

In the existing playback device, content rights of high-definition content (eg, UHD 4K and 8K) can be shared with other playback devices by using a copy function. In this case, the storage device that purchased the content has license information and purchase information that can play the content, and there is no need for a separate restriction or definition for the library. However, in order to upgrade or replace the HDD, it is necessary to move not only the content right information but also the library information.

In the past, there was no definition related to copying / moving between HDDs of a user because the number of subtractions for copying / moving between HDDs existed without any conditions. The concept of migration is needed to protect the rights of consumers who purchase contents in connection with copy / move between multiple HDDs of a user.

In the present invention, it is possible to send and receive content without deducting the number of copies when moving and copying contents between a plurality of HDDs owned by one user through the definition of migration.

It can also solve problems caused by loss or failure of HDD.

In addition, the present invention intends to define a migration target of a reproduction system including secured storage.

In addition, the present invention intends to define a library object and a library migration error code to be migrated.

In addition, the present invention seeks to define new field values for migration in a Transaction Handle File.

In addition, the present invention is applicable to all security systems based on a secured storage system, and is applicable to both AVC or HEVC playback and trick play.

In addition, the present invention can be extended to other forms of streaming format transmission in addition to file play.

In addition, the present invention can define a scenario for a migration target of a reproduction system including a secured storage, that is, a presentation. For example, when a presentation collection ID (hereinafter, referred to as a 'PCID') already includes a PID (Presentation ID), the duplicated PID may be migrated. Alternatively, if the PCID already includes the PID, a separate alarm message may be used to determine whether to perform the duplicate migration or exclude the duplicate PID.

In addition, the present invention may define various scenarios of migration.

For example, all objects associated with content playback can be moved from one storage device to another for HDD upgrade and replacement. Here, the library migration object may include a content file, a transaction identification file, a license file, a continuous file, a playback map, a CRL, an Ops block, and the like.

In addition, the present invention may define library migration elements.

The migration element may be a player or conduit, a storage device, a license server, or the like.

In addition, the present invention provides an embodiment of migration that is considered when content is purchased through different retailers.

For example, if the PCID already includes a PID and has a duplicate PID, when the duplicate PID is content acquired through one retailer, the duplicate PID may be removed and the migration may be performed.

On the other hand, if you have duplicate PIDs through different retailers, you can migrate so that the duplicate PIDs move with you.

The present invention also provides an embodiment of migration that is considered when a license is downloaded through different license servers.

For example, if the PCID already has a PID that includes the PID and the corresponding PID is the content acquired through one license server, the duplicate PID may be removed and the migration may be performed.

On the other hand, if you have duplicate PIDs through different license servers, you can migrate so that duplicate PIDs move with you.

In addition, the present invention can perform migration to prevent misuse when the HDD is lost.

For example, you can add fields related to migration to help you distinguish whether or not it is a migration. If lost, at least one of a content file, a transaction identification file, a license file, and a continuation file for the old HDD may be registered in the license server so that the old HDD is no longer available.

In addition, the present invention can define the scope of the library for migration.

For example, the migration can be divided into storage of the same capacity and storage of the same capacity. That is, when the capacity of the original storage is larger than the storage to be moved, the migration can be performed separately.

In addition, when performing the migration, it is possible to assume that the migration for one title is the basis.

If you are migrating to an entire title, you will need to verify storage capacity, you may need to scope your migration library or define a bulk area.

In this case, library migration can be performed only for the selected title. Alternatively, some titles may be deleted after library migration. Deleting titles after migration may require accompanying movement of transaction identification files, license files, and so on.

In addition, the present invention may define a bundle field for migration. For example, a bundle ID for migration may be defined, and a bundle may mean a package including all media levels 1 to 3 of a specific content title.

In addition, according to the present invention, a storage device having a secured area has content purchase information, authorization information, and the like in the secured area, and the connected playback device can reproduce the secured content.

The storage device must provide the reproduction device with license information and specific rights information based on the purchase information in order to interwork the corresponding rights information. When upgrading storage devices in these systems, or replacing failed storage devices, library migration is required.

Library migration may mean moving transaction identification files, license files, contiguous files, etc. from one storage device to another. In this case, the moving object may include a reproduction map, a CRL, an Ops block, and the like. Defining a library migration in this way allows for smooth content playback through a valid library. Valid library validation fields allow you to verify license files, CRLs, and encrypted content files.

The transaction identification file to which the present invention is applied may include at least one of a transaction information field, a title field, a transaction identification information field, and a migration count field.

Here, the migration count field may indicate the number of migrations. In addition, the transaction information field indicates a transaction handle of 16 bytes, the title field indicates title information, and the transaction identification information field indicates an ID of a generated transaction.

In this case, the transaction information field may be an essential element, and the rest may be an optional element, but the present invention is not limited thereto.

Referring to FIG. 31, a case in which storage device 1 is lost (or malfunctioned) and is downloaded to a new storage device 2 again.

First, the storage device 2 may request authentication for content purchased through a retailer (S3110).

The retailer may register the information about the storage device 2 and the content purchase history on the license server (S3120).

After checking the migration field of the transaction identification file of the corresponding content in the license server, the storage device 2 may be given a right to download the content (S3130).

Here, the retailer may store storage device information, matching information between the user and the storage device, content purchased by the user, information about a content transaction identification file, or migration.

According to the present invention, a library migration error code may be defined.

For example, with a Transaction Handle File Error, it is necessary to determine whether the license server should perform an update of the information of the purchased storage device in the migration of purchase information. have. In this case, you need to update the transaction record on the license server.

The license error may indicate that the license slot is not empty or not stored when the license key and the license file are stored in the license slot of the new storage.

The content file error represents an error that may occur when the PID of the content is not identified or the entire migration is not performed.

Resume File Error indicates an error that may occur when the Resume File does not match the PID.

Secret Key Value Error indicates an error that may occur when a reproduction map is not generated.

A title mismatch error ("Title dose not match" error) indicates an error when an error occurs in the title.

The title overlap error indicates an error when PIDs of content overlap.

The storage CRL error indicates an error that occurs when a CRL update for a new storage device fails or a CRL cannot be found.

The title CRL error is an error indicating that the content and title CRL should be downloaded again if the title CRL file is damaged.

Referring to FIG. 33, a case where an existing storage device 1 exists and a case where it is lost or broken when a user wants to download previously purchased content from the storage device 2 will be described.

First, the storage device 2 may request to download a previously purchased content (S3310).

The storage device 2 may check whether the storage device 1 exists (S3320).

If the storage device 1 does not exist, it is possible to check whether the content is purchased through the retailer (S3340). Information necessary for reproduction can then be moved to the storage device 2 (S3341). Here, the information necessary for the reproduction may include at least one of a transaction identification file and a license file.

Thereafter, the count value of the migration field of the transaction identification file of the corresponding content may be modified (S3350).

In operation S3360, the storage device 2 may play the previously purchased content.

In operation S3320, when the storage device 1 exists, the storage capacity of the storage device 2 may be checked (S3330). In response to the content download request, the PID may be checked (S3331), the duplicated PID may be removed, and re-downloaded (S3332).

Thereafter, after modifying the count value of the migration field of the transaction identification file of the corresponding content (S3350), the storage device 2 can play the previously purchased content (S3360).

In another embodiment of the present invention, disconnection may be performed after library migration.

Unbinds to existing permissions may be deactivated without a transaction identification file.

For example, the license server may control connection / disconnection of the transaction number and the license through the transaction record.

In addition, the library migration may be controlled only between devices included in a specific area of the home network.

As mentioned above, preferred embodiments of the present invention are disclosed for purposes of illustration, and those skilled in the art can improve and change various other embodiments within the spirit and technical scope of the present invention disclosed in the appended claims below. , Replacement or addition would be possible.

Claims

A method of playing content stored in a storage device connected through at least one interface,

Transmitting transaction information stored in the detected storage device to a license server, wherein the transaction information includes a transaction identification file identifying at least one of a corresponding transaction, a seller, and a user;

Receiving license information for allowing the reproduction of the content from the license server; And

Playing the content based on the license information;

Including,

The license information comprises a license file and a license key.
The method of claim 1,

Requesting a license server to rent the content; And

Receiving a response to the request from the license server

Method further comprising a.
The method of claim 2,

At least one of the transaction identification file or the license file includes a rights information field indicating a type of a license, wherein the license type is used to determine whether a license for the content is an original license or a rental license. Way.
The method of claim 3,

The transaction identification file further comprises a rental version information.
The method of claim 3,

And the license file includes at least one of rental time information, return time information, encryption key for rental or return, and rental version information for the content.
The method of claim 1,

If the user wishes to migrate the content to another storage device, the method is:

Checking whether there is a right to the migration of the content through the license server; And

Migrating the content to the other storage device when there is a right to migrate the content as a result of the checking;

Method further comprising a.
The method of claim 6,

Wherein the transaction identification file includes a migration count field, wherein the migration count field indicates the number of times migration is performed.
The method of claim 7, wherein

If the content is migrated to the other storage device, the migration count field value is increased by one.
The method of claim 6,

Comparing the storage capacity of the other storage device and the storage capacity of the storage device,

And when the storage capacity of the other storage device is smaller, migration is performed without excluding duplicated content.
The method of claim 6,

Receiving the migration error information when the content is migrated,

Wherein the error information comprises at least one of a transaction identification file error, a license error, a content file error, a sequential file error, a secret key value error, a title error, or an authentication list error.
An apparatus for playing content stored in a storage device connected through at least one interface,

An interface unit for detecting a connection of the storage device;

A control unit for transmitting transaction information stored in the detected storage device to a license server, receiving license information for allowing the reproduction of the content from the license server, and playing the content based on the license information;

And a display unit for outputting the played content.

Including,

The transaction information includes a transaction identification file that identifies at least one of the corresponding transaction, seller, and user,

The license information comprises a license file and a license key.
The method of claim 11,

The controller may request a license server for permission to rent the content, and receive a response to the request from the license server.
The method of claim 12,

At least one of the transaction identification file or the license file includes a rights information field indicating a type of a license, wherein the license type is used to determine whether a license for the content is an original license or a rental license. Device.
The method of claim 13,

The transaction identification file further comprises a rental version information.
The method of claim 13,

And the license file includes at least one of rental time information, return time information, encryption key for rental or return, and rental version information of the content.
The method of claim 11,

If the user wants to migrate the content to another storage device, the controller:

Check whether there is a right to migrate the content through the license server, and if there is a right to migrate the content, migrate the content to the other storage device.
The method of claim 16,

And the transaction identification file includes a migration count field, wherein the migration count field indicates the number of times migration is performed.
The method of claim 17,

And when the content is migrated to the other storage device, the migration count field value is increased by one.
The method of claim 16,

The controller may compare the storage capacity of the other storage device with the storage capacity of the storage device,

And when the storage capacity of the other storage device is smaller, performing migration while excluding duplicated content.
The method of claim 16,

The control unit receives migration error information when the content is migrated,

Wherein the error information includes at least one of a transaction identification file error, a license error, a content file error, a sequential file error, a secret key value error, a title error, or an authentication list error.