[go: up one dir, main page]

WO2009015607A1 - Procédé, système et dispositif assurant la gestion de domaine pour un dispositif utilisateur par un gestionnaire de domaine - Google Patents

Procédé, système et dispositif assurant la gestion de domaine pour un dispositif utilisateur par un gestionnaire de domaine Download PDF

Info

Publication number
WO2009015607A1
WO2009015607A1 PCT/CN2008/071828 CN2008071828W WO2009015607A1 WO 2009015607 A1 WO2009015607 A1 WO 2009015607A1 CN 2008071828 W CN2008071828 W CN 2008071828W WO 2009015607 A1 WO2009015607 A1 WO 2009015607A1
Authority
WO
WIPO (PCT)
Prior art keywords
domain
user equipment
information
interaction
management
Prior art date
Application number
PCT/CN2008/071828
Other languages
English (en)
Chinese (zh)
Inventor
Haojun Zhou
Wenjie Feng
Pei Dang
Chen Huang
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN2007101357266A external-priority patent/CN101364871B/zh
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2009015607A1 publication Critical patent/WO2009015607A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Definitions

  • the present invention relates to digital rights management (DRM) technology in a network, and in particular, to a method, system and device for domain management of a user equipment by a domain manager.
  • DRM digital rights management
  • DRM technology is used.
  • DRM technology is a new technology that has evolved with the spread of digital media content on the Internet.
  • the purpose of DRM technology is to protect the copyright of digital media content, technically improve the technical threshold and cost of piracy, and ensure that only users who purchase copyrights consume digital media content in digital media under the conditions of copyright regulations, thereby ensuring digital media content.
  • the interests of publishers and digital media license publishers are prerequisites for the sale of digital media content over the Internet.
  • the basic principle of DRM is: The media content publisher encrypts the media content on the Internet to provide downloading.
  • a license corresponding to the digital media content is required, and the license is issued by the license server ( RI, Rights Issuer) Management, RI owns the decryption key for digital media content.
  • the RI issues a license to the user, it collects the decryption key of the digital media content and the authority to use the license, and signs the issued license private key.
  • the user equipment decrypts and verifies the integrity with the RI public key. If the verification is passed, the license is allowed to be installed and the digital media content is only consumed under the license-defined usage rights.
  • DRM technology will ensure the distribution of digital media content, in a controlled state, using licenses that comply with the rights object.
  • the rights information included in the license is information such as rights and restrictions, wherein the rights indicate what operations the user equipment can perform on the digital media content, such as allowing the user device to print and browse digital media content, etc., while the restriction indicates what the user equipment is.
  • Digital media content can be manipulated under conditions, such as allowing up to several times of viewing digital media content.
  • a domain is a collection of user devices. User devices in the same domain can share some domain information, such as domain licenses. Domain licenses can include domain identifiers and domain keys. User devices in the same domain can obtain domain licenses, which can be used by user devices in the domain. Inter-distribution sharing, after the user device authenticates according to the domain license, the digital media content can be consumed under the usage rights defined by the domain license.
  • OMA Open Mobile Alliance
  • the DRM team proposed a framework for the DRM management domain. As shown in Figure 1, the framework includes a domain manager, an RI, and a user device, where the domain manager is used to manage multiple domains.
  • the user equipment can request to join/leave the domain through the RI; the domain manager can establish a trust relationship with multiple RIs, so that these RIs can obtain domain information of different domains from the domain manager, and manage the domain in the domain.
  • the domain license is sent to the user device requesting to join the domain.
  • the RI proxy user equipment requests the domain manager to join/leave the domain, thereby enabling the DRM2.0-based user.
  • the device can also enjoy the domain services provided by the domain manager.
  • the following process of joining a domain with a DRM2.0-based user device shows how the DRM2.0-based user device interacts with the domain manager through the RI.
  • 2 is a flow chart of a method for joining a user equipment based on DRM 2..0 to a domain in the prior art, and the specific steps are as follows:
  • Step 201 The DRM2.0-based user equipment sends a join domain request message to the RI, where the request message carries the domain identifier of the domain to be joined and the user equipment identifier.
  • Step 202 After receiving the message, the RI obtains the user equipment identifier and the domain identifier to be joined to the domain, and sends a proxy join domain request message to the domain manager, where the request message carries the i or the identifier of the i or i to be added by the user equipment. And the user equipment identifier;
  • Step 203 After receiving the proxy join message request message, the domain manager adds the user equipment corresponding to the user equipment identifier to the domain corresponding to the domain identifier, and returns a proxy join domain response message to the RI, where the response message may carry the domain license. .
  • the domain controller can also authenticate the user equipment corresponding to the user equipment identifier, and then execute the authentication.
  • Step 204 After receiving the domain manager returning proxy to join the domain response message, the RI sends the domain response message to the user equipment, and the user equipment has joined the domain, and the domain license can be used to consume the digital media content published for the domain.
  • the embodiment of the invention provides a method for the domain manager to perform domain management on the user equipment, and the method can enable the domain manager to actively manage the user equipment in the managed domain.
  • the embodiment of the invention further provides a system for the domain manager to perform domain management on the user equipment, and the system enables the domain manager to actively manage the user equipment in the managed domain.
  • the embodiment of the present invention further provides a domain manager and an RI.
  • the domain manager and the RI enable the domain manager to actively manage user equipment in the managed domain.
  • the technical solution of the embodiment of the present invention includes the following different aspects:
  • a method for domain management of a user equipment comprising:
  • the domain manager sends an interaction trigger message to the license server, where the message carries information for domain management of the user equipment;
  • the license server After receiving the message, the license server performs domain management interaction with the user equipment according to the carried information of domain management of the user equipment.
  • a second aspect the method for performing domain management on a user equipment, which is replaceable with the foregoing method of the first aspect, the method includes:
  • the domain manager sends an interaction trigger message to the user equipment, where the message carries information about domain management of the user equipment;
  • the user equipment After receiving the message, the user equipment performs domain management interaction through the license server proxy and the domain manager according to the carried information for domain management of the user equipment.
  • a system for performing domain management on a user equipment may be applied to the domain management method of the user equipment according to the foregoing first aspect, where the system includes: a domain manager, a user equipment, and a license server, where
  • a domain manager configured to send an interaction trigger message to the license server, where the message carries information about domain management of the user equipment
  • the license server is configured to receive the interaction trigger message sent by the domain manager, and perform domain management interaction with the user equipment according to the information about the domain management carried by the user equipment.
  • the system for performing domain management on the user equipment may apply the method for performing domain management on the user equipment according to the foregoing second aspect, where the system includes: And user equipment, wherein a domain manager, configured to send an interaction trigger message to the user equipment, where the message carries information about domain management of the user equipment;
  • the user equipment After receiving the interaction trigger message sent by the domain manager, the user equipment performs domain management interaction with the license server according to the carried domain management information of the user equipment.
  • a fifth aspect the method for performing domain management on a user equipment according to the foregoing first aspect or the second aspect, or a domain manager in a system for performing domain management on a user equipment in the foregoing third aspect or the fourth aspect
  • the device includes: a transceiver module and a processing module, wherein
  • a processing module configured to construct an interaction trigger message, where the message carries information about domain management of the user equipment, and sends the information to the transceiver module;
  • the transceiver module is configured to receive an interaction trigger message sent by the processing module and send the message to the license server or the user equipment.
  • the sixth aspect the method for performing domain management on the user equipment in the foregoing first aspect or the second aspect, or the RI in the system for performing domain management on the user equipment in the foregoing third aspect or the fourth aspect,
  • the device includes: a transceiver module and a processing module, wherein
  • the transceiver module is configured to receive an interaction trigger message sent by the domain manager, where the message carries information about domain management of the user equipment, and sends the information to the processing module.
  • the processing module is configured to perform domain management interaction with the user equipment according to the information about domain management performed by the user equipment carried in the interaction trigger message received from the transceiver module.
  • the seventh aspect the method for performing domain management on the user equipment in the foregoing first aspect or the second aspect, or the user equipment in the system for performing domain management on the user equipment in the foregoing third aspect or the fourth aspect,
  • the device includes: a transceiver module and a processing module, wherein
  • the transceiver module is configured to receive an interaction trigger message sent by the domain manager, where the message carries information about domain management of the user equipment, and sends the information to the processing module.
  • the processing module is configured to perform domain management interaction by using the license server proxy and the domain manager according to the information about domain management of the user equipment carried by the interaction trigger message received from the transceiver module.
  • the domain manager of the embodiment of the present invention interacts with the DRM2.0-based user equipment in the managed domain to complete management of the user equipment. Therefore, the method, system and device provided by the embodiments of the present invention enable the domain manager to actively manage the DRM2.0-based user equipment in the managed domain.
  • FIG. 1 is a schematic diagram of a framework of a DRM management domain of the prior art
  • FIG. 2 is a flow chart of a method for joining a domain of a user equipment based on DRM2.0 in the prior art
  • FIG. 3 is a flowchart of a method for domain management of a user equipment by a domain manager according to an embodiment of the present invention
  • FIG. 4 is a flow chart of a method for recording a correspondence between a user equipment and an RI in a domain manager according to an embodiment of the present invention
  • FIG. 5 is a flowchart of a method for performing domain management on a user equipment by a domain manager by using an RI to independently interact with a user equipment according to an embodiment of the present invention
  • FIG. 6 is a flowchart of a method for directly triggering a domain manager to perform domain management on a user equipment by using a domain manager to directly trigger a user equipment and an RI to interact with each other;
  • FIG. 7 is a schematic diagram of a system for performing domain management on a user equipment by a domain manager according to an embodiment of the present invention
  • FIG. 8 is a schematic diagram of a domain manager according to an embodiment of the present invention
  • FIG. 9 is a schematic diagram of an RI according to an embodiment of the present invention.
  • FIG. 10 is a schematic diagram of a user equipment according to an embodiment of the present invention. DETAILED DESCRIPTION OF THE EMBODIMENTS In order to make the objects, technical solutions, and advantages of the present invention more comprehensible, the embodiments of the present invention are further described in detail below.
  • the DRM2.0-based user equipment can interact with the domain manager to implement the join/leave domain, and the domain manager cannot actively interact with the user equipment to perform domain management on the user equipment.
  • the domain manager in the embodiment of the present invention actively interacts with the DRM2.0-based user equipment in the managed domain through the RI.
  • the process of the domain manager interacting with the DRM2.0-based user equipment in the managed domain by the RI is: The domain manager sends an interaction trigger message to the RI, where the message carries information for domain management of the user equipment; After the message, the domain management interaction with the user equipment is performed according to the carried information of the domain management of the user equipment.
  • the domain manager of the embodiment of the present invention can also directly interact with the DRM2.0-based user equipment in the managed domain to complete management of the user equipment.
  • Domain manager directly and in the managed domain
  • the process of the DRM2.0-based user equipment is: The domain manager sends an interaction trigger message to the user equipment, where the message carries information about domain management of the user equipment; after receiving the message, the user equipment performs the user equipment according to the carried Domain-managed information is used for domain management interaction through the license server agent.
  • the management of the user equipment may include the user equipment joining the domain, leaving the domain, adding the user equipment in the original domain to the upgraded domain when the domain is upgraded, and separating the user equipment from the domain and the domain when the domain is deleted. Add user devices in the original domain to the merged domain, and so on.
  • the management of the user equipment is essentially to leave the user equipment in the domain or join the domain.
  • the user equipment based on DRM2.0 is simply referred to as a user equipment.
  • the domain manager actively interacts with user devices in the managed domain through the RI.
  • FIG. 3 is a flowchart of a method for domain management of a user equipment by a domain manager according to an embodiment of the present invention, where the entity includes a user equipment, an RI, and a domain manager, and the specific steps are as follows:
  • Step 301 The domain manager sends an interaction trigger message to the RI, where at least the domain information and the interaction type are carried.
  • the domain information may include a domain name and/or a domain identifier, etc., for identifying the domain;
  • the interaction triggering message may further include user equipment information, and the user equipment information includes a user equipment identifier, etc., for identifying the user equipment.
  • the information carried in the interaction trigger message may also be sent in the interaction trigger message after the digital signature is performed.
  • Step 302 After receiving the interaction trigger message, the RI determines the management type of the user equipment according to the interaction type: adding or leaving the domain, generating and sending a join/leave domain trigger message that the user equipment can identify to the user equipment, where the trigger message is sent. Carry domain information to join/leave the domain.
  • the join domain/leave domain trigger message may be a new trigger message that is regenerated by the RI according to the determined management type (joining domain or leaving domain), or may be an interaction trigger message provided by the direct forwarding domain manager. In the latter case, the interaction trigger message generated by the domain manager must be compatible with the join domain/leave domain trigger message that the user device can recognize.
  • the management type of the user device can be the join domain.
  • the interaction type is the domain delete or leave the domain
  • the management type of the user device is domain deletion.
  • the RI may determine the user equipment according to the user information, and send the join/leave domain trigger message to the determined user equipment. If the interaction trigger message does not carry the user equipment information, Send to all user devices in the domain corresponding to the domain information Leave the domain to trigger the message.
  • the RI After the RI receives the interaction trigger message, the RI can authenticate the message by using the digital signature carried in the interaction trigger message, and then process the interaction trigger message.
  • Step 303 Receive one of the user equipments of the join/leave domain trigger message sent by the RI, determine that the domain manager requires itself to join/leave the domain, and determine the domain to join/leave according to the carried domain information, and send the join to the RI. / Leave the domain request message, the request message carries the domain identifier of the domain to be joined/departed and the user equipment identity.
  • Step 304 After receiving the message, the RI obtains the user equipment identifier and the domain identifier of the domain to be joined/departed, and sends a proxy join/leave domain request message to the domain manager, where the request message carries the user equipment to join/leave.
  • the domain ID of the domain and the user device ID The domain ID of the domain and the user device ID.
  • Step 305 After receiving the proxy join/leave domain request message, the domain manager joins/leaves the user equipment corresponding to the user equipment identifier to the domain corresponding to the domain identifier, and returns a proxy join/leave domain response message to the RI.
  • Step 306 After receiving the domain manager returning proxy join/leave domain response message, the RI sends a join/leave domain response message, and the user equipment joins/leaves the domain.
  • steps 303-306 only the processing procedure of one of the user equipments that receives the join/leave domain trigger message sent by the RI is described. If the RI sends the join/leave domain trigger message to multiple user equipments, the multiple users Each user device in the device performs this process until all user devices are managed.
  • the domain manager in order for the domain manager to actively manage the user equipment in the managed domain, the domain manager needs to construct an interaction trigger message, and the constructed interaction trigger message may include:
  • DAID Domain Manager ID
  • the RI ID ( RI ID ) is used to identify the RI. After receiving the cross-trigger message, the RI checks the validity of the RI ID. If the RI ID matches the RI ID, the RI identifies the RI ID. If yes, the message is processed. Discard the message, which can be defaulted;
  • the domain ID (Domain ID) is used to identify the domain managed by this interaction trigger message.
  • the user ID (Device ID) is used to identify the user equipment in the domain managed by the interaction trigger message.
  • the identifier may be multiple or may be the default.
  • Interacting generally interacting with all user equipments in the domain managed by the interaction trigger message;
  • the interaction type (Type) is used to identify the interaction type triggered by the interaction trigger message, and may be a join domain or a leave domain, and may also include other types of domain management.
  • the session identifier (Session ID) is used to identify the current interaction trigger message, and can be used to match the interaction result notification message.
  • the session identifier can be a random number, which can be defaulted in the method described in FIG. 3;
  • the interaction type may include an interaction type such as a join domain, a leave domain, a domain upgrade, a domain delete, and a domain merge.
  • the interaction type of the domain upgrade, the domain merge, and the domain deletion the RI can be completed by the basic operation interaction of the join/leave domain.
  • the interaction trigger message may also be included.
  • the domain identifier may further include algebra of the domain, for example, the last three digits of the domain identifier identify the algebra of the domain, the algebra starts from 0, and each domain upgrade algebra is incremented by one.
  • the user equipment identifier carried in the interaction triggering message may be one or more, which is used to indicate which user equipments are to be interacted with by the domain manager, and the management of the user equipment by the domain manager is completed; of course, it may also be omitted.
  • the embodiment of the present invention needs to record the correspondence between the user equipment and the RI in the domain manager when the user equipment joins the domain managed by the domain manager.
  • the domain manager can be made to know which RI can send an interactive trigger message.
  • FIG. 4 is a flow chart of a method for recording a correspondence between a user equipment and an RI in a domain manager according to an embodiment of the present invention, where specific steps are as follows:
  • Step 401 The user equipment sends a join domain request message to the RI, where the domain request message carries the domain identifier of the domain to be joined and the user equipment identifier.
  • Step 402 After receiving the message, the RI obtains the user equipment identifier and the domain identifier to be joined to the domain, and sends a proxy join domain request message to the domain manager, where the request message carries the domain identifier of the domain to which the user equipment belongs.
  • User equipment identification and RI identification After receiving the message, the RI obtains the user equipment identifier and the domain identifier to be joined to the domain, and sends a proxy join domain request message to the domain manager, where the request message carries the domain identifier of the domain to which the user equipment belongs.
  • Step 403 After receiving the domain join request message, the domain manager associates the user equipment identifier with the RI identifier, and stores the information locally.
  • Step 404 The domain manager adds the user equipment corresponding to the user equipment identifier to the domain corresponding to the domain identifier, and returns a domain join response message to the RI returning proxy, where the response message may carry the domain license.
  • Step 405 After receiving the domain manager returning proxy to join the domain response message, the RI carries the domain license in the join domain response message, and sends the domain license to the user equipment, where the user equipment joins the domain, and the domain license can be used for Digital media content published by the domain.
  • a specific embodiment illustrates the correspondence between user equipment and RI in a domain maintained by the domain manager, as shown in Table 1:
  • user equipment A does not have a corresponding RI, indicating that the user equipment directly joins the domain through the domain manager; and user equipment B and user equipment C correspond to RI1 and RI2, respectively, indicating that the two user equipments respectively pass RI1. And the RI2 proxy joins the domain.
  • the user equipment of the domain when the user equipment leaves the domain, the user equipment of the domain is deleted, and the corresponding relationship between the user equipment and the RI identifier in Table 1 is deleted.
  • the user equipment identifier may not be carried in the interaction triggering message.
  • the RI is required to locally store the user equipment as a domain member of a domain when the user equipment is joined to the domain, that is, the user is stored in the RI.
  • the mapping between the device information and the domain information of the domain is added.
  • the user device list in a domain can be saved locally for each domain.
  • the user device identifier is added to the list. .
  • the RI receives the interaction trigger message that does not carry the identifier of the user equipment, the user equipment identifier in the domain corresponding to the domain identifier is carried according to the locally stored message, and the user equipment is determined to interact with the user equipment. Management of user equipment.
  • the RI interacts with multiple user devices, and the RI proxy user device interacts with the domain management during each interaction.
  • the RI may also independently interact with multiple user equipments according to the interaction trigger message received from the domain manager, and finally notify the domain manager of the result, thereby implementing the domain manager pair management. Management of user devices in the domain.
  • FIG. 5 is a flowchart of a method for performing domain management on a user equipment by a domain manager by using an RI to interact with a user equipment in an embodiment of the present invention. The specific steps are as follows:
  • Step 501 The domain manager sends an interaction trigger message to the RI, where at least the domain information and the interaction type are carried.
  • the domain information may include a domain name and a domain identifier, and the like, and is used to identify the domain.
  • the interaction triggering message may further include user equipment information, and the user equipment information includes a user equipment identifier, etc., for identifying the user equipment.
  • the information carried in the interaction trigger message may also be digitally signed, and then the digital signature is carried in the interaction trigger message.
  • Step 502 After receiving the interaction trigger message, the RI determines, according to the interaction type, a management type of the user equipment: adding or leaving the domain, and sending a join/leave domain trigger message to the user equipment.
  • the RI may determine the user equipment according to the user information, and send the join/leave domain trigger message to the determined user equipment. If the interaction trigger message does not carry the user equipment information, All users in the domain corresponding to the domain information send a join/leave domain trigger message.
  • the RI may perform the authentication by using the digital signature carried in the interaction trigger message, and then process the interaction trigger message.
  • Step 503 Receive one of the user equipments of the join/leave domain trigger message sent by the RI, determine that the domain manager requests to join/leave the domain, and send a join/leave domain request message to the RI, where the request message carries the join/leave domain.
  • the domain ID and the user device ID are the domain ID and the user device ID.
  • Step 504 After receiving the message, the RI stores the information carried by the message, and returns an add/leave i or response message to the user equipment.
  • Step 505 The RI determines whether interaction has been performed with all the determined user equipments. If yes, step 506 is performed; if no, proceed to step 503 to continue.
  • the user equipment when the RI interacts with the determined user equipment, the user equipment may not be successfully managed for some reason. In this case, the value of the user equipment management failure may be applied to the application.
  • User device ID storage when the RI interacts with the determined user equipment, the user equipment may not be successfully managed for some reason. In this case, the value of the user equipment management failure may be applied to the application.
  • Step 506 The RI receives the information carried in the join/leave domain response message returned by the determined user equipment, and the stored cause value of the user equipment management failure of the corresponding user equipment identifier, and carries the status value identifier, and then carries the interaction result notification. In the message, send to the domain manager.
  • the information carried in the interaction result notification message may also be digitally signed.
  • Step 507 After receiving the interaction result notification message, the domain manager adds the user equipment determined by the RI to the domain corresponding to the domain to be joined/departed according to the carried information, and returns an interaction result response message to the RI.
  • the domain manager may also process the message after the digital signature authentication of the message is passed.
  • the RI since the RI is independent and the determined user equipment completes the interaction, the RI does not need to acquire domain information (such as domain-related information such as domain permissions) in advance for the user equipment to leave the domain.
  • domain information such as domain-related information such as domain permissions
  • the RI may need to obtain the domain information in advance.
  • the information is directly obtained from the domain manager through other messages, or may be carried by the domain manager to the RI in the interaction trigger message.
  • the method illustrated in FIG. 5 is compared with the method illustrated in FIG. 3, and the method illustrated in FIG. 5 sends an interaction result response message to the domain manager after only the RI and all the determined user equipments complete the interaction, without The domain manager is contacted each time it interacts, reducing the number of interactions between the RI and the domain manager, but the approach described in Figure 5 also increases the complexity of RI local processing.
  • the information carried in the interaction result notification message in FIG. 5 includes:
  • Status value used to identify the interaction result of the RI and all the determined user equipments, including: success, failure or partial success;
  • a domain manager identifier configured to identify a domain manager that receives the interaction result notification message
  • an RI identifier used to identify an RI
  • the session identifier (Session ID) is used to match the interaction trigger message received by the RI, and the value thereof must be equal to the session identifier carried in the corresponding interaction trigger message, which may be a random number, and the value is applied in FIG. 5;
  • the failure information exists in the case that the status value is equal to the partial failure.
  • the information is used to identify the user equipment and the failure of the user equipment.
  • the information includes the user equipment identifier and the failure reason.
  • the user equipment identifier is used to indicate that the interaction fails.
  • the reason for failure is used to identify the user equipment Why the failure, the user equipment identifier and the failure cause pair may be one or more; the failure reason is that the user equipment identifier is not recognized, the corresponding user equipment cannot be contacted, and the signature of the interaction trigger message is incorrect;
  • a digital signature (Sigature) is used to digitally sign the status value, domain manager identifier, RI identifier, session identifier, and failure information to ensure secure transmission of the interaction result notification message.
  • FIG. 6 is a flowchart of a method for directly triggering a domain manager to perform domain management on a user equipment by using a domain manager to directly trigger a user equipment and an RI to perform interaction according to an embodiment of the present invention. The specific steps are as follows:
  • Step 601 The domain manager sends an interaction trigger message to the user equipment.
  • the interaction trigger message In order to enable the user equipment to identify the interaction trigger message, the interaction trigger message must be compatible with the trigger message that the user equipment can recognize. Specifically, the interaction trigger message should include information for triggering the joining domain or triggering the information of the leaving domain.
  • the interaction trigger message includes an identifier of the RI and an identifier of the domain, and may also include a name of the RI, an address of the RI, and a name of the domain.
  • Step 602 After receiving the interaction trigger message, the user equipment determines the RI address, and sends a join/leave domain request message to the RI according to the address.
  • the interaction trigger message carries the identifier of the RI, and obtains the address of the locally saved RI according to the carried RI identifier or directly obtains the corresponding address from the interaction trigger message.
  • Step 603 After receiving the message, the RI obtains the user equipment identifier and the domain identifier of the domain to be joined/departed, and sends a proxy join/leave domain request message to the domain manager having the domain identifier to join/leave the domain.
  • the request message carries the domain identifier of the user equipment to join/leave the domain and the user equipment identifier.
  • Step 604 After receiving the proxy join/leave domain request message, the domain manager joins/leaves the user equipment corresponding to the user equipment identifier to the domain corresponding to the domain identifier, and returns a proxy join/off response message to the RI.
  • Step 605 After receiving the domain manager returning the proxy join/leave domain response message, the RI sends a join/leave domain response message, and the user equipment joins/leaves the domain.
  • the method illustrated in Figure 6 is compared to the method illustrated in Figure 3, which omits the process of forwarding a trigger message by the RI or regenerating the join domain/leave domain trigger message.
  • the method described in FIG. 6 requires the domain manager to know the address information of the user equipment, so that the address information of the user equipment can be exchanged between the domain manager and the RI.
  • the RI For the method described in FIG. 3, only the RI itself needs to be maintained. The address information of the user device is sufficient.
  • the embodiment of the invention further provides a system for domain management of the user equipment 3 by the domain manager, such as As shown in FIG. 7, the license server (RI) 1 and the domain manager 2 are included, wherein
  • the domain manager 2 is configured to send an interaction trigger message carrying the domain identifier and the interaction type to the RI 1;
  • the RI 1 is configured to receive the interaction trigger message sent by the domain manager 2, determine the join/leave domain according to the type of interaction carried, and perform interaction with the user equipment to join/leave the domain, and complete domain management of the user equipment 3.
  • the user equipment 3 is further configured to receive the join/leave domain trigger message sent by the RI 1, send the join/leave domain request message, and receive the join/leave domain response message sent by the RI 1.
  • the RI 1 is further configured to: send a join/leave domain trigger message to the user equipment 3, receive the join/leave domain request message sent by the user equipment 3, construct a proxy join/leave domain request message according to the domain request message, and send After the domain manager 2 receives the proxy join/leave domain response message sent by the domain manager 2, constructs a join/leave domain response message and sends it to the user equipment 3.
  • the domain manager 2 is further configured to: after receiving the join/leave domain request message sent by the RI 1, perform domain management on the user equipment 3, and return a proxy join/leave domain response message to the RI.
  • the user equipment 3 is configured to receive the join/leave domain trigger message sent by the RI 1, send a join/leave domain request message, and receive the join/leave domain response message sent by the RI 1.
  • the RI 1 is further configured to: send the join/leave domain trigger message to the user equipment 3, receive the join/leave domain request message sent by the user equipment 3, and perform domain management on the user equipment 3, and then send the join/leave domain response message. To the user equipment; send an interaction result notification message to the domain manager 2.
  • the domain manager 2 is further configured to receive an interaction result notification message sent by the RI 1, and perform domain management on the user equipment 3.
  • the domain manager 2 in one embodiment of the present invention may include a transceiver module 20 and a processing module 22, where
  • the processing module 20 is configured to generate an interaction trigger message, and send the message to the transceiver module 22;
  • the transceiver module 22 is configured to send an interaction trigger message to the RI 1 or the user equipment 3.
  • the transceiver module 22 is further configured to send the join/leave domain request message to the processing module 20, and send the proxy join/leave domain response message sent by the processing module 20 to the RI 1 or the user equipment 3 Or receive the interaction result notification message and send it to the processing module 20.
  • the processing module 20 is further configured to perform domain management on the user equipment 3, generate a proxy join/leave domain response message, and send the proxy to the transceiver module 22; or receive an interaction result notification message from the transceiver module 22, and perform domain management on the user equipment 3.
  • FIG. 9 is a schematic diagram of an RI according to an embodiment of the present invention, including a transceiver module 10 and a processing module 12, where The transceiver module 10 is configured to receive the interaction trigger message sent by the domain manager 2, and send the message to the processing module 12, and complete the user equipment according to the determined joining domain information received from the processing module 12 and the user equipment to perform the joining/departing domain interaction. Domain management of 3;
  • the processing module 12 is configured to determine the join/leave domain according to the interaction type carried by the interaction trigger message received from the transceiver module 10, and send the determined join/leave domain information to the transceiver module 12.
  • the transceiver module 10 of the RI 1 is further configured to send a join/leave domain trigger message to the user equipment 3, and receive the join/leave domain request message sent by the user equipment 3 to be sent to the processing module 12 of the RI.
  • the processing module 12 of the RI sends a proxy join/leave domain request message according to the domain request message, and sends the message to the domain manager 2 through the transceiver module 10 of the RI.
  • the transceiver module 10 of the RI receives the domain manager 2
  • the sending proxy join/leave domain response message is sent to the processing module 12 of the RI to construct a join/leave domain response message, which is sent to the user equipment 3 through the transceiver module 10 of the RI.
  • the transceiver module 10 of the RI is further configured to send a join/leave domain trigger message to the user equipment 3, and receive the join/leave domain request message sent by the user equipment 3 to be sent to the processing module 12 of the RI. After performing domain management on the user equipment 3, the transceiver module 10 of the RI sends a join/leave domain response message to the user equipment 3, and sends an interaction result notification message to the domain manager 2.
  • FIG. 10 is a schematic diagram of a user equipment 3 according to an embodiment of the present invention, including a triggering module 30 and a transceiver module 32, wherein the transceiver module 32 is configured to send a receiving join/leave domain trigger message to the triggering module 30;
  • the triggering module 30 is configured to receive the join/leave domain trigger message sent by the transceiver module 32, trigger the interaction with the RI 1 to join/leave the domain, and complete the domain management of the user equipment 3.
  • the triggering module 30 is further configured to: send a join/leave domain request message, and receive a join/leave domain response message.
  • the method, the system and the device provided by the embodiment of the present invention enable the domain manager to trigger the domain management interaction between the RI and the user equipment, so that the compatible domain controller cannot directly trigger the user equipment for domain management.
  • the system and device (except the domain manager) described in FIG. 7 to FIG. 10 are all systems and devices that use the domain manager to interact with the user equipment in the managed domain through the domain manager (corresponding to the application)
  • the method for performing domain management shown in FIG. 3 to FIG. 5 when the domain manager directly interacts with the user equipment in the managed domain (corresponding to the method for performing domain management shown in FIG. 6)
  • the system includes a domain manager, configured to send an interaction trigger message to the user equipment, where the message carries information for performing domain management on the user equipment, and the user equipment is configured to receive the interaction trigger message sent by the domain manager, according to the carried
  • the domain management information of the user equipment interacts with the RI for domain management.
  • the user equipment includes: a transceiver module, configured to receive an interaction trigger message sent by the domain manager, where the message carries information about domain management of the user equipment, and sends the information to the processing module; and the processing module is configured to trigger according to the interaction received from the transceiver module.
  • the information carried on the domain management of the user equipment carried by the message is subjected to domain management interaction by the license server proxy.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)

Abstract

La présente invention concerne un procédé, un système et un dispositif effectuant la gestion de domaine sur des dispositifs utilisateur par un gestionnaire de domaine. Le procédé se déroule comme suit: le gestionnaire de domaine envoie un message d'initialisation interactif au serveur de licence, le message portant les informations relatives à l'exécution de la gestion de domaine sur le dispositif utilisateur; le serveur de domaine interagit dans le cadre de la gestion de domaine, avec le dispositif utilisateur en fonction des informations transportées relatives à la gestion de domaine sur le dispositif utilisateur après la réception du message. Le procédé, le système et le dispositif selon la présente invention permettent au gestionnaire de domaine d'effectuer activement la gestion sur les dispositifs utilisateur basés sur DRM2.0 dans le domaine géré.
PCT/CN2008/071828 2007-07-31 2008-07-31 Procédé, système et dispositif assurant la gestion de domaine pour un dispositif utilisateur par un gestionnaire de domaine WO2009015607A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN200710141520 2007-07-31
CN200710141520.4 2007-07-31
CN200710135726.6 2007-08-10
CN2007101357266A CN101364871B (zh) 2007-08-10 2007-08-10 域管理器对用户设备进行域管理的方法、系统及装置

Publications (1)

Publication Number Publication Date
WO2009015607A1 true WO2009015607A1 (fr) 2009-02-05

Family

ID=40303907

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/071828 WO2009015607A1 (fr) 2007-07-31 2008-07-31 Procédé, système et dispositif assurant la gestion de domaine pour un dispositif utilisateur par un gestionnaire de domaine

Country Status (1)

Country Link
WO (1) WO2009015607A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1539117A (zh) * 2001-06-07 2004-10-20 ��̹�е¿عɹɷ����޹�˾ 在数字权利管理系统中支持多个委托区域的方法和装置
CN1658554A (zh) * 2004-02-13 2005-08-24 微软公司 将内容绑定到域
CN1717642A (zh) * 2003-02-28 2006-01-04 松下电器产业株式会社 终端装置、服务器装置和使用这些装置的许可证流通系统
CN1878092A (zh) * 2006-07-12 2006-12-13 华为技术有限公司 域管理系统、建立本地域的方法和获取本地域许可的方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1539117A (zh) * 2001-06-07 2004-10-20 ��̹�е¿عɹɷ����޹�˾ 在数字权利管理系统中支持多个委托区域的方法和装置
CN1717642A (zh) * 2003-02-28 2006-01-04 松下电器产业株式会社 终端装置、服务器装置和使用这些装置的许可证流通系统
CN1658554A (zh) * 2004-02-13 2005-08-24 微软公司 将内容绑定到域
CN1878092A (zh) * 2006-07-12 2006-12-13 华为技术有限公司 域管理系统、建立本地域的方法和获取本地域许可的方法

Similar Documents

Publication Publication Date Title
JP5181094B2 (ja) 信頼される処理技術を使用したデジタル権利管理
US7971261B2 (en) Domain management for digital media
RU2375748C2 (ru) Представление защищенного цифрового контента в рамках сети вычислительных устройств или т.п.
CN103154956B (zh) 用于下载数字版权管理模块的方法和装置
US8719956B2 (en) Method and apparatus for sharing licenses between secure removable media
US7995766B2 (en) Group subordinate terminal, group managing terminal, server, key updating system, and key updating method therefor
JP2009015852A (ja) ライセンス管理システムおよび方法
KR101452708B1 (ko) Ce 장치 관리 서버, ce 장치 관리 서버를 이용한drm 키 발급 방법, 및 그 방법을 실행하기 위한프로그램 기록매체
WO2007019760A1 (fr) Methode et systeme pour terminal mobile se joignant a un domaine et obtenant un objet droits
WO2010003328A1 (fr) Procédé et dispositif de traitement d'objet à droits
WO2007036129A1 (fr) Procédé, système, terminal mobile et serveur ri destinés à révoquer l'objet des droits
US20100017888A1 (en) Method, device and system for transferring license
Kravitz et al. Achieving media portability through local content translation and end-to-end rights management
CN101184087A (zh) 域变换的方法、设备及系统
CN101364871A (zh) 域管理器对用户设备进行域管理的方法、系统及装置
CN101118578B (zh) 设备与许可服务器交互的方法和系统
WO2009015607A1 (fr) Procédé, système et dispositif assurant la gestion de domaine pour un dispositif utilisateur par un gestionnaire de domaine
CN101290641B (zh) 触发设备执行操作的方法、设备及系统
JP2004030325A (ja) オブジェクト利用管理システム、オブジェクトを利用し又は提供する情報処理装置又は情報処理方法、並びにコンピュータ・プログラム
CN101261662A (zh) 共享许可的方法、设备及系统
CN101246528B (zh) 执行域业务的方法、设备及系统
HK1136412B (en) Digital rights management using trusted processing techniques

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08783821

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08783821

Country of ref document: EP

Kind code of ref document: A1