Embodiment
The present invention has defined the framework and the agreement of the safety management that is used for LAN.For example, this framework can be applicable to the digital copyright management (DRM) that home network is used with agreement.Equipment is used as server logic, distributed, limited function, the function of its co-simulation webserver.Server capability is the value-added service in the equipment, rather than the major function of equipment.Server capability only is responsible for key management and authentication.
Different with the solution of other safety managements in LAN, our solution is used media device as webserver logic, distributed, limited function.Through with two primary clusterings; Be that key management is coordinated with issue; Add media device to, do not need independently, under the situation of server special-purpose, that concentrate, equipment has solved problem relevant with safety management in the LAN with distributed, cooperation way.
This framework has carried out balance with agreement to the needs of supplier's control and the needs of owner's privacy.And this framework and agreement are based on distributed system and method, and it has avoided the use private server.In addition, this framework allows when the home network received content, to close mobile phone with agreement.In addition, this framework and agreement be not except needing user's intervention from medium supplier chosen content.All all carry out on the backstage alternately automatically.Especially, the user does not need network is configured or any media device is programmed.
One side of the present invention is to be used for media content rights is sent to the controller of second media device from first media device, and first media device has the one or more authorities that are associated with media content therein.Controller comprises storer, user interface and transceiver.Memory configurations be can storage media devices tabulation, this media device can receive the authority that is associated with media content from first media device, and storer can be stored and is used for encryption key that authority is encrypted.Be configured to detect user's selection to second media device from list of media devices to user interface.Be sent to first media device to transceiver configuration for the address and the encryption key that will be associated with second media device; So that first media device can use encryption key to come authority is encrypted, and the authority after will encrypting sends to the address that is associated with second media device.
Another aspect of the present invention is the controller method that is used for media content rights is sent to from first media device second media device.First media device has the one or more authorities that are associated with media content.Confirm to receive from first media device tabulation of the media device of the authority that is associated with media content.Then, detect user's selection to second media device from list of media devices.Definite address that is associated with second media device.Then, address and encryption key are offered first media device.Therefore, first media device can use encryption key to come authority is encrypted, and the authority after will encrypting sends to the address that is associated with second media device.
With reference to Fig. 1, the corresponding to exemplary numbers security system 100 with the present invention is shown.System 100 comprises the wide area network (WAN) 102 of interconnection, is used for communicating with Local Area Network 104.Wide area network 102 typically is based on public and Internet Protocol (IP), and WAN has the mechanism that some are connected to LAN104.LAN104 and the nonessential IP that is based on.The instance of LAN104 is aforesaid home network.Details and the present invention of WAN102 being connected to the mechanism of LAN104 have nothing to do, but we suppose that WAN102 can communicate with at least one public ip address of mechanism.As shown in Figure 1, to an embodiment, WAN102 comprises that a plurality of wired and wireless communication networks transmit data on the Internet, and LAN104 is the home network with media device, and this media device can communicate through the Internet.
WAN102 comprises the medium supplier, or particularly, medium supplier's media server 106.Can obtain media content and creative work from media server 106, the user can visit media server 106 through using WAN102.The potential user can use remote agent or communication facilities 108, for example mobile phone or PDA(Personal Digital Assistant)) browse by medium supplier and content that media server provided thereof.Remote agent 108 can be a wireline equipment, but wireless device is more convenient for the purposes of the present disclosure.The instance of Wireless Telecom Equipment includes but not limited to, the computing equipment of mobile phone, PDA and one of use or multinomial following technology: analogue communication (using AMPS), digital communication (using CDMA, TDMA, GSM, iDEN, GRRS or EDGE) and next generation communication (using UMTS or WCDMA) and growth thereof; Equity or group (ad hoc) communication certainly, for example HomeRF, bluetooth and IEEE802.11 (a, b or g); And other wireless forms of communication.
Have mobile device 108, be labeled as supvr (Majordomo) in the drawings, the user can leave user's LAN104, and can the browsing media supplier, the media catalog that promptly on media server 106, provides.The user can determine to buy the content of multimedia such as film, play with the special time after the user goes home, but the user possibly want the different piece of content of multimedia is turned to the different media devices of LAN104.For example, the user possibly want display video part on such as the video media device 110 of flat panel TV; Audio plays part on such as the audio media device 112 of stero set; Videotex on such as the text media device 114 of computing machine.In addition, the user possibly want on audio media device 112, after the audio plays part, on the recording medium equipment 116 such as digital video recorder (DVR), to catch audio-frequency unit.
Can explain with reference to Fig. 1 and be used to realize that the user is the particular step of distribute media content to the aforesaid operations of LAN104.The user can use communication facilities 108 to communicate by letter with media server 106, and browses the various media contents or the content object that can obtain from the medium supplier.Then, communication facilities 108 can send to media server 106 with request and buys selected content object (CO), for example film from the medium supplier.In step 118, content object can comprise several compositions, for example video composition, audio frequency component and text composition.And request can comprise the request time that content object is offered user's LAN104.Then, in step 120, the medium supplier can be through confirming that sending to communication facilities 108 from media server 106 acknowledges receipt of order.At step 122-126, at request time, the medium supplier can with three independently object or stream offer LAN104 from media server 106, it can appear within the same number of frames or be synchronized with each other.For example, in step 122, the medium supplier can send to video media device 110 with the video composition, in step 124, audio frequency component is sent to audio frequency apparatus 112, and in step 126, the text composition is sent to text media device 114.If the user of communication facilities 108 hopes to store this one or more objects or stream, then LAN104 can comprise recording medium equipment 116, and it receives these objects or stream simultaneously, perhaps after other media devices 110-114, receives.For example, in step 128, the time after request time, audio media device 112 can be transmitted to recording medium equipment 116 with audio frequency component and record.
In Fig. 1, can be classified as three types: supvr (Majordomos), recluse (Recluse) and anonymous device (Hermit) with user-dependent equipment.The supvr, promptly communication facilities 108, are subscriber equipmenies, and it has the necessary assembly of the communications infrastructure of direct visit LAN104, and it enables the basis instrument with visit LAN by lan management person; It has the necessary assembly of visit WAN102, and its keeper by LAN enables with visit WAN; And it has the digital encryption certificate.Recluse, such as text media device 114, except it only allows the equipment among the LAN104 is received and sends the safe key, it has the characteristic the same with the supvr.Anonymous device such as equipment 110,112 and 116, is the media device among the LAN104, and it does not have the digital encryption certificate.
The embodiments of the invention balance requirement of two kinds of potential conflicts: supplier's control requires and possessory privacy requirement.From supplier's control requirement, which equipment the medium supplier must be able to control and consume shielded content.This requirement needs, because possibly safety defect arranged more known equipment, and the medium supplier possibly not hope to come content of consumption by these equipment.From possessory privacy requirement, the home network owner will those details that belong to the equipment of home network not reveal to the medium supplier.This requirement needs, to be used for guaranteeing the possessory privacy of home network.
With reference to Fig. 2, it illustrates the corresponding to exemplary numbers security system 200 with the present invention.Content owner 202 creates media content, and media content is offered content packager and/or distributor 204.Even should be appreciated that in Fig. 2 content packager and/or distributor 204 are shown single entity, but the function of content packager and/or distributor can be by sharing more than an entity.Content packager and/or distributor 204 offer LAN206 with media content, and the license location relevant with media content offered communication facilities 208.The media device of LAN206 can not use the media content that receives under licence 210 situation that media content are not fit to.So communication facilities 208 is retrieval licence 210 at the license location place, and licence is offered LAN206, receive media content so that the media device on the LAN can use from content packager and/or distributor.
Especially, content owner 202 creates or obtains digital document 212.Then, content owner 202 uses scrambler 214 that digital document 212 is encoded to the expressible form of media player, and promptly player can be used (player-ready) file 216.Content owner 202 offers content packager and distributor 204 with player file available 216.Content packager and/or distributor 204 use encryption device 218, through using contents encryption key or object encryption key formatted file are encrypted, so form content encrypted file 220.Content encrypted file is offered LAN206, or particularly, the media device of LAN.Content packager and/or distributor 204 are also confirmed address 222; The one or more positions that can find the licence relevant with content encrypted file 210 can be discerned in this address 222, and content packager and/or distributor 204 offer communication facilities 208 with this address.For example, the address can be URL (uniform resource locator), and it has stipulated to buy the position of the licence that comprises content decryption key.
If content encrypted file 220 is not found licence 210, communication facilities 208 is followed licence address 222 card that asks for permission so.Licence 210 comprises authority or authority set 224, that is, the type of service that the content owner allows also comprises content decryption key 226.Then, communication facilities 208 can be encrypted the known network privacy of one or more assemblies of content decryption key 226 usefulness LAN206, and the key after will encrypting offers LAN.In case receive the key after the encryption from communication facilities 208, the media device of LAN206 can use the content decryption key after network privacy is come enabling decryption of encrypted, and consumes media content according to the authority 224 of certificate 210.
About communication facilities 208, communication facilities comprises storer 228, transceiver 230 and is connected to storer and the processor of transceiver 232.The digital security certificate that storer 228 storages are associated with communication facilities, the certificate information that is associated with media device and the network privacy to the visit of media device is provided.Transceiver 230 sends digital security certificate and certificate information to the medium supplier, and receives and media content associated content key from the medium supplier.Processor 232 comes content key is encrypted according to network privacy, and the indication transceiver offers media device with encrypted content key.
With reference to Fig. 3, digital safety system 300 of the present invention comprises WAN302 and LAN304, and is based on public/private key encryption.WAN302 comprises the medium supplier, or particularly, medium supplier's media server 306.Communication facilities 308, promptly the media device 310-316 of supvr and LAN304 shares a network privacy, for example LAN decruption key or home network group key (HNGK).Group key is as the private key of between media device 310-316, sharing.Even in LAN304 inside a plurality of independent physical equipment 310-316 are arranged, copyright publisher (RI) and content publisher (CI) only need TSM Security Agent of authentication, and for example communication facilities 308.Communication facilities and publisher mutual only is the address of authentication LAN304, define objective LAN media device 310-316 and obtains content decryption key from RI.Communication facilities 302 need not stored any right objects (RO) or content object (CO) project.Should be noted that CI by medium supplier representative, but RI maybe be by medium supplier or the third party's representative that is associated with the medium supplier.
Still with reference to Fig. 3, in step 318, communication facilities or supvr 308 will send to media server 306 to the request of content object, and wherein request can comprise the transmission requests for content time.As response, in step 320, media server 306 sends to communication facilities 308 receiving Confirmation of Orders.Then, in step 322, communication facilities 308 is created the security association with media server 306, and obtains content decryption key from media server.In step 324; Communication facilities 308 obtains and media content associated content decruption key; Use the network privacy that is associated with the media device of LAN304 that content decryption key is encrypted, and the content decryption key after will encrypting send to one or more equipment of LAN.At request time, media server 306 can send to media device 310-316 with encrypted media content.For example, media server 306 sends to the video section of encrypting video media device 310, the audio-frequency unit of encrypting is sent to audio media device 312 and the textual portions of encrypting is sent to text media device 314.And recording medium equipment 316 can be recorded one or more parts.
With reference to Fig. 4, exemplary sequential chart 400 is provided, be illustrated in communication facilities of the present invention or supvr 402 and publisher 404, contingent signaling between 406.As stated, CI is by medium supplier representative, but RI can be by medium supplier or the third party's representative that is associated with the medium supplier.In step 408, communication facilities 402 sends to the content publisher with content object sign (COID), common apparatus title and LAN address.Because equipment can be selected from a plurality of media contents, so CO ID identification communication equipment 402 needed specific media content.Generic device name is called to transmit selectes media content and recognition objective equipment, for example dull and stereotyped TV, stero set and notebook computer.The LAN address is that LAN reaches media device identification transfer address, for example the IP address that is associated with it.In step 410, in response to request, CI404 returns order and identifies and confirm an order.
After CI receives affirmation, communication facilities 402 obtains the licence that is associated with the media content of LAN.In step 412, except the common apparatus title with the LAN address, communication facilities 402 also provides certificate that is associated with himself and the certificate that is associated with each media device, with himself with these equipment to the RI406 authentication.So communication facilities 402 also offers RI406 with the certificate information of media device.The certificate information that is associated with media device is the tabulation or the digital security certificate itself of the digital security certificate of a plurality of media devices of identification.This makes RI406 can check the voucher of media device.Notice that this step has been safeguarded the possessory privacy of LAN, is that which network equipment is associated with certificate because communication facilities 402 can not revealed.In step 414, if RI406 confirms that all certificates that are associated with communication facilities 402 and media device all are effectively, RI returns security association acceptance so.On the other hand, be effectively if RI406 fails to confirm the certificate that is associated with communication facilities 402, the failure of the security association between communication facilities and the RI so.Even the certificate that is associated with communication facilities 402 is effectively, if but finding that the certificate of one or more media devices is invalid, RI406 can confirm the security association failure, this depends on the mode of RI configuration.
In case the RI406 authentication communication device certificate and media device certificates, in step 416, communication facilities 402 is from RI406 request object key.In step 418, RI406 is with object key, and for example content decryption key sends to communication facilities 402, and will not send to communication facilities by RO.Then, communication facilities 402 is encrypted through using network privacy key to hold decruption key, and it is sent to the media device of LAN with affairs ID (transaction ID).
With reference to Fig. 5, provide with corresponding to another of the present invention to be used for the digital safety system 500 of media content delivery system.Digital safety system 500 of the present invention comprises WAN502 and LAN504, and is based on public/private key encryption.WAN502 comprises the medium supplier, or particularly, medium supplier's media server 506.Communication facilities 508, promptly the media device 510-516 of supvr and LAN504 shares a network privacy.Even a plurality of independently physical equipment 510-516 are arranged in LAN504 inside, but copyright publisher (RI) and content publisher (CI) only need TSM Security Agent of authentication, for example communication facilities 508.Communication facilities and publisher mutual only is the address of authentication LAN504, define objective LAN media device 510-516 and obtains content decryption key from RI.
For example, in step 518,508 pairs of content objects of communication facilities (CO), for example film sends request.Communication facilities 508 is the common apparatus title, and for example α, β and δ send to medium supplier's media server 506.Medium supplier and its media server 506 are not known the ability of media device alpha, β and δ, so the possessory privacy of LAN504 obtains maximization.Communication facilities 508 also offers RI to the certificate information of media device 504-516.This allows RI to check the voucher of media device 504-516.The certificate information of media device is the tabulation or the digital security certificate itself of the digital security certificate of a plurality of media devices of identification.In response to request, in step 520,506 pairs of communication facilitiess of medium supplier's media server 508 are confirmed to accept an order.
Then, in step 522, communication facilities 508 is created the security association with media server 506.Then, in step 524, communication facilities 508 obtains the object encryption key from media server 506, or particularly, content decryption key.And in step 524, communication facilities 508 uses network privacy, and for example home network group key (HNGK) is encrypted the object encryption key, and sends it to the mandate media device among the LAN504.After this, shown in step 526, medium supplier's media server 506 sends to media device 510-516 at request time with the encrypted media content.For example, media server 506 can send to the video section of encrypting video media device 510, the audio-frequency unit of encrypting is sent to audio media device 512 and the textual portions of encrypting is sent to text media device 514.
Digital safety system 500 shown in Figure 5 has several places different with system shown in the preceding figure.The main concern is module 528, and it is called agency network and inserts converter (proxy NAT).Module 528 is positioned among the gateway or router that is present among the LAN504.Should be noted that LAN504 can be a kind of among following three types of networks: public ip address is used based on IP and to equipment in (1), and private IP address is used based on IP and to equipment in (2), and perhaps (3) are non-based on IP.Shall also be noted that WAN502 is preferably IP-based.To the LAN504 of type (2) or (3), LAN must have gateway or the router that is connected to WAN502.To type (2), gateway or router are changed between the public ip address of the private IP address of LAN and WAN.To type (3), gateway or router are interconnected to employed technology among the LAN with IP-based WAN.So, act on behalf of in the existing gateway and router that NAT modular cartridge 528 can join the LAN504 that uses network type (2) or (3) configuration.Only in type (1), LAN possibly not have router or gateway.So the LAN with type (1) configuration need increase router or gateway support is acted on behalf of NAT module 528.
With reference to Fig. 6, can scheme to understand the function of acting on behalf of NAT module 528,628 with reference to this.As stated, communication facilities 608 is the common apparatus title, and for example α, β and δ send to medium supplier's media server 606.The medium supplier does not know the address of these media devices 610-614, but knows the address of the LAN604 that they belong to.So the medium supplier can link together the network address and common apparatus title, and the NAT module 628 of acting on behalf of that depends among the LAN604 is a physical device address with this address translation.Then, act on behalf of NAT module 628 and convert generic device names alpha, β and δ into physical address, and will be from the relays messages of medium supplier's media server 606 to media device 610-614.This process has been hidden the inner structure of LAN604 to medium supplier and its media server 606, and allows the user to name its media device and needn't consider the medium supplier.
For example, in step 618, communication facilities or supvr 608 be the common apparatus title, and for example α, β and δ send to medium supplier's media server 606.At this moment, the medium supplier does not know the ability of media device alpha, β and δ.Then, in step 620, medium supplier's media server 606 sends to the ability that LAN604 inquires media device alpha, β and δ with inquiry.Then, in step 622, each media device replys its ability to media server 606.For example, media device alpha 610 can be only to support the equipment of analog video to reply through indicating its ability.After this, in step 624, medium supplier's media server 606 was customized to CO the ability of each medium media device 610-614 before suitable content object (CO) being sent to corresponding media device.
With reference to Fig. 7, when copyright publisher (RI) 702 is ready to right objects (RO) when sending to media device 706, the ability of RI inquiry media device.Note because all media devices 706 and the shared identical network privacy of communication facilities, so equipment not need to RI702 come authentication himself.So in step 708,710, RI702 sends to each media device 706 to trigger messages (triggermessage), wherein trigger messages comprises affairs ID.Affairs ID will communicate by letter and the special object encryption key connects.In the step 418 of Fig. 4, affairs ID is exactly the ID that RI406 sends to supvr 402.In case media device 706 has been located affairs ID, in step 712,714, media device uses the description to the media device ability to respond RI702.This is described and allows RI702 to media device 706 customization CO.Then, in step 716,718, RI702 encrypts RO, and sends it to media device 706.
To other embodiment, act on behalf of NAT module 528,628 and can comprise and be used for form that media device is associated with particular address and/or ability.For example, acting on behalf of NAT module 528,628 can comprise media device identification and form corresponding to the address of media device.So the medium supplier can only know device identification to each media device of LAN, and does not know the complete characteristic or the ability of each media device.Yet acting on behalf of NAT module 528,628 can be through searching device characteristics in form, and each device identifier that the medium supplier is inquired about and the address of media device connect, so communication is sent to suitable equipment.
Act on behalf of NAT module 528,628 and can comprise form, this form comprises the ability of each media device, so when the medium supplier asks, need not inquire about each media device.For example, when the ability of medium supplier's media server request particular media device, act on behalf of NAT module 528,628 and can only in table, search the respective capabilities that device characteristics find media device.Refer again to Fig. 7, to this embodiment, because NAT module 528,628 do not need contact media equipment, so 710 in the step, 714 and 718 parts also no longer need.Certainly, in proper working order, acting on behalf of the form that NAT module 528,628 relied on need install additional in advance, and/or be updated periodically the ability of each media device.
The instance of the ability of media device includes but not limited to: video, picture, audio frequency and text capabilities.In each example, for example, ability comprises the expressible media formats of equipment.The instance of video format comprises: pure simulation, MPEG-2, MPEG-4, DivX, MJPEG, MJPEG2000, H.263, H.264, Sorenson etc.The instance of audio format comprises: monophony, stereo, surround sound, MP3, AAC, Ogg Vorbis etc.The instance of text formatting comprises: language, closed caption (closed-captioning), comment etc.
The present invention provides benefit to user, content provider and device manufacturers.The user can be benefited from the simplicity of using and disposing.Each user only needs configuration management person, and does not need configure user possibly join other equipment in the home network.Accomplish every other mutual between CI or RI and home network through the assembly of having implemented our solutions.Each user also enjoys multimedia and experiences.The user can buy any equipment and with any way that it is liked it named, and under the situation that does not have customer-side to play an active part in, the user can buy and use and it is play on various home network devices.
Content provider's copyright is through guaranteeing to use the home network key to come right objects and content object are encrypted, guaranteed home network process authentication, guarantee publisher's process authentication and guarantee that the authority of observing content is protected.In a sense, even when content was physically located on the subscriber equipment, the content provider continued controlling content.The real consumption that the DRM agency follows the trail of medium in the home network, and the authority of execution copyright owner defined.
The content provider also can provide content of multimedia, and wherein they charge separately to each part of content.They can charge to audio frequency, video and textual portions, if on the equipment that these contents are being separated, be used.In a sense, the supplier can be by the content charging of program request, rather than whole contents is carried out primary charging.Other instances comprise subscription business models, and wherein the user needs regularly to pay in its family, to keep content.
Device manufacturers also can benefit, because be used for the simple protocol of housed device low processing and storage overhead is provided, so to equipment lower cost is provided.The device access content is only needed simple configuration, and this has brought the property accepted extensively of product in user and content provider.
With reference to Fig. 8, digital safety system 800 is shown, be similar to other above-mentioned embodiment, the wide area network (WAN) 802 that it comprises interconnection is used for communicating with Local Area Network 804.WAN802 comprises the medium supplier, or particularly, medium supplier's media server 806.Can obtain media content and creative work from media server 106, the user can visit media server 106 through using WAN102.Media server 806 offers LAN804 with media content and/or creative work, so that the different piece of content of multimedia turns to the different media devices among the LAN.For example, can video section 808 be offered the video media device 810 such as flat panel TV; Audio-frequency unit 812 is offered the audio media device 814 such as stero set; Textual portions 816 is offered the text media device 818 such as computing machine.In addition, on audio media device 814 after the audio plays part, can be through catching audio-frequency unit such as the recording medium equipment 820 of digital video recorder (DVR).
The digital safety system 800 of Fig. 8 also comprises controller 822, can use it for and between audio and video medium equipment 814, networked media equipment 810, come transfers media content copyright 824.In Fig. 8, controller 822 is shown Wireless Telecom Equipment, such as above-described Wireless Telecom Equipment, it connects to come through radio communication and one or more media devices 810,814,818,820 communicate.Although controller 822 can be mobile phone, PDA or the computing equipment that uses various wireless communication technologys; But controller 822 is preferably used for equity or self-assembly; For example HomeRF, bluetooth and IEEE 802.11 (a, b or g); And the radio communication of other types, for example infrared and the technology of using non-permission/non-control frequency range.Although not shown in Fig. 8, should be appreciated that also and can controller 822 be connected to one or more media devices, or be integrated among these equipment.
For the digital safety system 800 of Fig. 8, can media content and/or one or more authority that is associated with media content be sent to target device from inchoation equipment.For example, but the audio-frequency unit 812 that user's listening to audio media device 814 of controller 822 is play, and possibly hope to come the listening to audio part through the loudspeaker of video media device 810 (it is actually the multimedia media device).Audio-frequency unit 812 can be stored on the audio media device 814, perhaps can it be flowed into audio media device in real time.If audio-frequency unit 812 is to be stored on the audio media device 814, controller 822 indicative audio media devices 814 are sent to video media device 810 with the authority of audio plays part so.If need, but controller 822 also indicative audio media device 814 audio-frequency unit 812 is sent to video media part 810, perhaps indicate media server 806 that streaming medium content is offered target device, perhaps as above example offers video media device 810.
When with media content or its part when a media device is sent to another media device, the user possibly hope that target device collects media content in the place that inchoation equipment suspends.For example, the user possibly hope to make a start media content when the midpoint one of media content stops to play, and target device just begins to play in the midpoint of media content.And, when with a part of media content when a media device is sent to another media device, the user possibly hope that target device carries out the translator unit and the remainder of media content synchronously.For example, when with audio-frequency unit 812 when audio media device 814 is sent to video media device 810, video media device should be carried out the execution of audio-frequency unit 812 with the corresponding video and/or the execution of textual portions 808,816 synchronously.From these reasons, if desired, also should synchronous and interim point information be offered target device.
Fig. 9 is the block scheme of example components 900 that the controller 822 of Fig. 8 is shown.Example components 900 comprises: one or more wired or wireless transceiver 902, processor 904, storer 906, one or more output device 908 and one or more input equipment 910.Each embodiment can comprise user interface, and it comprises one or more output devices 908 and one or more input equipments 910.Intraware 900 also can comprise the power supply 912 such as battery, is used for electric energy is offered other assemblies, and when controller 822 is mutually not integrated with one or more media devices, and making that controller 822 becomes can be portable.
The input and output device 908,910 of assembly 900 can comprise various video, audio frequency and/or machinery output.For example, output device 908 can comprise: picture output device, for example LCD and light emitting diode indicator; Audio output apparatus, for example loudspeaker, warning horn and/or hummer; And/or mechanical output device, for example vibrating mechanism.Likewise, for instance, input equipment 910 can comprise: video input apparatus, for example optical sensor (for example, camera); Audio input device, for example microphone; And mechanical input equipment, for example tilt sensor (flipsensor), keyboard, keypad, selector button, touch pad, touch-screen, capacitance type sensor, motion sensor and switch.Through using one or more these equipment 908,910, user interface detects the user to being stored in the selection of one or more media devices in the list of media devices in the storer 906.
Processor 904 can use the storer 906 of assembly 900 to store and retrieving information.Storer 906 storable information include but not limited to: operating system, application program and data.Particularly, storer 906 storage particular datas comprise: the address 916 of the tabulation 914 of media device, one or more equipment and safe key 918.914 pairs of media devices of list of media devices identify, and this media device can receive the authority that is associated with interested media content from a particular media device.Particularly, when inchoation equipment consumption media content or its part, if inchoation equipment sends list of media devices, so 914 pairs of list of media devices in LAN804 any or all other can consume media content or its part media device discern.The network address of address 916 identification medium equipment comprises inchoation equipment, if necessary, and target device.When from external unit, the for example acting server of other media devices, LAN804 (for example Fig. 5 act on behalf of NAT module) or media server 806, when receiving address 916, controller 822 is memory address 916 for good and all, or with its temporary transient storage.Can key 918, especially encryption key safe in utilization, the authority of the current media equipment that will be associated with media content is encrypted, and when being sent to other media devices to authority with box lunch, any possible security breach is minimized.Also can be on receiving media equipment, key 918, especially decruption key safe in utilization, it can be identical with encryption key or corresponding with it, comes authority is deciphered.
One or more transceivers 902 can be sent to inchoation equipment with address that is associated with target device and encryption key.After doing like this, inchoation equipment can use encryption key to come authority is encrypted, and the authority after will encrypting sends to the address that is associated with target device.Address that transceiver 902 will be associated with target device and safety or encryption key 918 are sent to the address that is associated with inchoation equipment, and also can decruption key 918 be sent to and make a start or target device.Transceiver 902 directly offers target device with decruption key 918, perhaps offers target device indirectly through inchoation equipment, so inchoation equipment can be transmitted to target device with decruption key.Transceiver also can offer inchoation equipment with signal, and this inchoation equipment can offer target device with the intermediate point of media content.
Perhaps, storer 906 also can be with storing with the authority 920 of media content or its part correlation couplet.For other embodiment, controller 822 need not stored the authority to any media device.To this alternate embodiment, if one or more media device can not be stored such information, controller 822 can be the central equipment that is used to store authority.And if these media devices can not carry out safe transmission, then controller can temporarily be stored from the authority that inchoation equipment receives, and it is forwarded to target device.
Be to be understood that Fig. 9 only is used for illustration purpose, and be the assembly that is used to explain the controller consistent 822, and be not intended to become the complete synoptic diagram of the desired various assemblies of controller with the present invention.So controller 822 can comprise not shown in Fig. 9 but still various other assemblies within the scope of the present invention.
Figure 10 is the process flow diagram that a kind of running 1000 of digital safety system 800 is shown.To this running, the user of controller 822 possibly hope that promptly inchoation equipment is sent to another media device, i.e. target device with media content or its a part media device from LAN804.In step 1010, when the user has expressed this hope to controller 822, controller is at its output device 908, and its display for example provides the tabulation of possible target device.Then, in step 1020, controller 822 waits for that the user selects particular target device from tabulation.Then, in step 1030, the address of 822 pairs of inchoation equipments of controller and selected target equipment is discerned.As stated, controller 822 can store the addresses in its storer 906,916, perhaps retrieves one or more addresses from external unit.Then, in step 1040, controller 822 can send to encryption key the address of inchoation equipment, and if decruption key different with encryption key, decruption key is sent to the address of target device.
In case slave controller 822 receives above-mentioned information, in step 1050, the encryption key that inchoation equipment can use slave controller to receive comes encrypting with one or more authorities of media content or its part correlation couplet.Then, in step 1060, inchoation equipment can be sent to target device with the authority with media content or its part correlation couplet.Inchoation equipment must means safe in utilization be sent to target device with authority, for example key encryption scheme or dedicated communication line.To an embodiment, as above-mentioned said with reference to Fig. 8, inchoation equipment also can send synchronizing information or interim point information to target device.
In step 1070; In response to the above-mentioned information that slave controller 822 and inchoation equipment receive, decruption key or public keys that target device can use slave controller to receive are deciphered the authority with media content or its part correlation couplet that receives from target device.After this, in step 1080, target device can be consumed media content or its part of deciphering.If the synchronizing information of receiving and/or interim point information, target device can use this information to confirm starting point and/or timing as content of consumption or its part so.
Figure 11 is the process flow diagram that the another kind running 1100 of digital safety system 800 is shown.In step 1110, same, at output device 908 places of controller, controller provides the tabulation of possible target device.Then, in step 1120, controller 822 waits for that the user selects particular target device from tabulation.Then, in step 1130, the address of controller 822 identification inchoation equipments, and if desired, the address of identification selected target equipment.As stated, controller 822 can store the addresses in its storer 906,916, perhaps retrieves one or more addresses from external unit.Then, in step 1140, controller 822 can send to encryption key and decruption key (if decruption key is different with encryption key) address of inchoation equipment.If inchoation equipment has, maybe can confirm, the address of target device, controller 822 can be only to inchoation equipment recognition objective equipment so.If inchoation equipment does not have, or be not sure of, the address of target device, controller 822 can offer inchoation equipment with the address of target device so.
In case slave controller 822 receives above-mentioned information, in step 1150, the encryption key that inchoation equipment can use slave controller to receive comes encrypting with one or more authorities of media content or its part correlation couplet.Then, in step 1160, inchoation equipment can be with the authority that joins with media content or its part correlation, and decruption key, and it maybe be identical or different with encryption key, is sent to target device.Inchoation equipment must means safe in utilization be sent to target device with authority, for example key encryption scheme or dedicated communication line.To an embodiment, as above-mentioned said with reference to Fig. 8, inchoation equipment also can send synchronizing information or interim point information to target device.
In step 1170, in response to the above-mentioned information that receives from inchoation equipment, target device can use the decruption key that receives from inchoation equipment or public keys that the authority that joins with media content or its part correlation is deciphered.After this, in step 1180, target device can be consumed media content or its part of deciphering.If the synchronizing information of receiving and/or interim point information, target device can use this information to confirm starting point and/or timing as content of consumption or its part so.
Although illustrated and described the preferred embodiments of the present invention, should be appreciated that the present invention is not limited to this.Do not departing under the prerequisite of liking the defined the spirit and scope of the present invention of claim enclosed, those those skilled in the art can implement various modifications, change, variation, replacement and equivalent.