Patent Application
20050246777
The present invention relates to a record carrier having a program memory area for storing administrative data, a lead in area, a program area for storing user data and a lead out area. The present invention relates further to a method of accessing digital rights management data stored in the program area of such a record carrier, a method of recording digital rights management data on such a record carrier, a corresponding drive and recording device as well as to a computer program for implementing said methods.
According to adaption layer specifications for implementing a security system for read-only and rewritable optical discs digital rights management data is located in the lead in of the disc volume. The entry point for the digital rights management (DRM) data is contained in a DRM pointer entry, in particular in an adaption layer parameter space (ALP). Therein the physical locations of all key locker duplicates are listed, the key locker being the structure that contains both the rights and the keys to the protected data. For the read-only and rewritable access type discs the DRM pointer, in particular the ALP, is located at an address that is more or less fixed relative to the beginning of the program area. In these cases the DRM pointer entry can be easily found.
For a recordable (write once) access type optical disc DRM data can be located anywhere in the program area, and the DRM pointer entry can be located anywhere after the DRM data. Finding the DRM pointer entry on a recordable disc is thus not straight forward. Without additional measures it would involve scanning the whole of the recorded program area until the DRM pointer entry is found, which can take a lot of time. A complication is that the drive is responsible for writing the DRM data and the DRM pointer entry. A simple file containing a reference to the DRM pointer entry is therefore not a solution to the problem as the drive has no knowledge of files. It is possible to devise a mechanism by which the drive writes the DRM pointer entry and communicates the location to the application that subsequently writes it to a file. However, this remains a non-optimal solution as it is relatively complicated, involves additional communication between drive and application and is less secure. In addition, locating the file entry that describes the DRM pointer entry file can in itself be a time-consuming process that could involve jumping across the program area several times.
Another complication is that it is possible that a disc written using the recordable access type is finalized using a non-compliant drive. If this occurs a problem that exists for an open session remains after finalization.
A related problem is how the drive can detect, at mount time, that a disc contains DRM data. This is useful because it offers the opportunity to retrieve the key locker pre-emptively. In case of a read-only or rewritable disc mounting the disc would start with scanning the lead in to retrieve the session parameters that are stored in the Q subchannel. By choosing the standard location of the area that contains the DRM pointer entry as a starting point a drive can detect whether the disc contains DRM data at the same time.
It is therefore an object of the present invention to provide a record carrier which solves the above problems and, in particular, which allows a drive to make use of file system structures without in-depths knowledge of the file system itself. Further, corresponding methods of accessing or recording digital rights management data on a record carrier and corresponding devices shall be provided.
This object is achieved according to the present invention by a record carrier wherein
The present invention is based on the idea to introduce a drive-readable entry pointing to the DRM pointer entry in particular to the ALP, which enables the drive to find the DRM pointer entry and, by using that entry, to find and access the DRM data. That drive-readable entry may either be stored in the program area or the program memory area, whereby both implementations have to ensure that the entry can be read by the drive. For this the drive can use a file system structure without actually knowing the file system. In that case even non-compliant or unaware implementations maintain the information.
It should be noted that the present invention is not restricted to recordable (write-once) CDs (CD-R), but can be applied to other optical discs as well, like other access type CDs or DVDs, such as a recordable DVD (DVD-R) in which case the area for storing administrative data is referred to as recording management area (RMA) instead of program memory area (PMA). Thus, the term “program memory area” used in this application show include such a recording management area as well.
Preferred embodiments of the invention are defined in the dependant claims.
According to the first preferred embodiment of the invention an ALP pointer entry is stored in the program memory area which either comprises the address of the DRM pointer entry or a reference to a virtual allocation table entry (VAT) pointing to said DRM pointer entry (ALP). In particular, the actual physical address of the DRM pointer entry or the sequence number or byte position of the virtual allocation table entry that contains the ALP pointer entry is stored in the program memory area. This solution is very robust. It is shielded from any activity of the application or file system driver. However, once the session is finalized the program memory area is no longer in the common mount path and the value stored in it will only be retrieved if the drive is told explicitly, e. g. by the application, to retrieve the pointer from the program memory area. Therefore, compliant drives could as a standard practise scan the program memory area but this would introduce an undesirable delay in the mounting of non-compliant discs.
Storing the physical address of the DRM pointer entry is file system independent and will also work if UDF (universal disc format) which is currently used as standard file system, is not used as the actual file system. However, currently there is no alternative for UDF for the described program domain, and the number of PMA entries that can be used is currently limited to 100. This means that only at most 100 different ALP pointer entries can be stored in this way.
Storing the virtual allocation table entry that points to the DRM pointer entry is tied to UDF. Using the ALP pointer entry stored in the program memory area to enable the drive to make use of a file system structure, in particular the virtual allocation table, without knowing anything of the file system is one preferred option.
According to another embodiment of the invention a descriptor, in particular an implementation use volume descriptor (IUVD), storing a reference to a virtual allocation table entry (VAT) pointing to the DRM pointer entry is stored in the program area. The descriptor preferably holds the sequence number of the virtual allocation table entry that is used or the byte position of the address in the sector holding the virtual allocation table, in particular the logical address of the DRM pointer entry counted from the beginning of the partition or the physical address of the DRM pointer entry. By this solution a compliant UDF file system implementation initialises the session. The advantage is that the IUVD will remain in the common mount path even after a non-compliant drive has finalized the session.
One option to achieve an entry in the virtual allocation table pointing to the DRM pointer entry is to let the drive insert or create a virtual allocation table entry pointing to the DRM pointer entry. The danger of this solution is that, if a UDF repair utility is used, it will detect that the thus created virtual allocation table entry does not point to an actual file and may remove it. The latter will not invalidate the disc, but it will make mounting less efficient. Furthermore, the occurrence of such an event is unlikely.
Determining which virtual allocation table entry points to the DRM pointer entry can be achieved in several ways. An option, as defined in claim 7, is to include two entries in the virtual allocation table, one identifying that the next entry is the DRM pointer entry, e. g. because it contains a magic number outside the valid address range of the medium it is recorded on, and another entry containing the actual DRM pointer entry.
According to still another preferred embodiment a file entry comprising a pointer to said virtual allocation table entry, to said DRM pointer entry or to a file storing the address of such DRM pointer entry is stored in the program area. Preferably the file resides in virtual space only if the file entry uses the VAT table entry pointer as the address of the file. The first step is to define a file. Either the ALP itself is called a file or a file is created that contains the address of the ALP. The second step is to create a file entry that describes the file in the file system. This file entry contains of the file either a virtual address or a physical address. Within standard UDF implementations for data usually a physical address is used. If a virtual address is used then the file resides in virtual space, which is not common for data but useful here. The virtual address is a pointer to an entry in the VAT. In other words, the address recorded in the file entry for that file is the VAT entry (sequence number) holding the physical address of the actual file (the data).
This solution is robust against UDF repair utilities as the virtual allocation table entry still points to actual data and a file entry still exists for that data, i. e. the data is in a file within the file system. The ALP pointer entry can thus be found using the file system since the DRM pointer entry is given a certain file name that is included in the file system.
A method of accessing digital rights management data according to the present invention comprises the steps of:
A method of recording digital rights management data according to the present invention comprises the steps of:
A drive according to the present invention comprises:
Further, the present invention relates to a recording device for recording digital rights management data comprising recording means for said digital rights management data in the program area, for storing a DRM pointer entry in the program area after said digital rights management data, said DRM pointer entry comprising the entry point for said digital rights management data and for storing a drive-readable entry in said program area or said program memory area, said drive-readable entry comprising an information allowing the drive to find said DRM pointer entry and to access said digital rights management data.
The present invention also relates to a computer program comprising computer program code means for causing a computer to perform the steps of the methods according to the invention when that computer program is run on a computer.
The invention will now be explained in more detail with reference to the drawings in which
In particular for a recordable optical record carrier the DRM data can be located anywhere in the program area, and the adaption layer parameter space (ALP) which is used as DRM pointer entry comprising the entry point for that DRM data is located anywhere after the DRM data. It will always be possible to find the ALP by scanning backwards starting from the last valid block on the disc. However, this procedure can be very time-consuming. In the following, different measures shall be explained for enabling a drive to access the DRM data stored in the program area of a disc.
a shows a layout of an empty disc where the power calibration area (PCA) has been left out. From left to right reserved spaces provided for the program memory area PMA, the lead in area, the program area and the lead out area are shown.
b shows the layout of an initialised disc which, in the particular example, is unaware of a particular standard, e. g. a CD2 standard or the Orange Book part II standard. A CD2 unaware initialisation of a CD-R for sequential access means that there are no CD2 specific structures on disc and any host (drive, application) will recognize the disc as being a standard (non-CD2) disc. It also means that CD2 content placed on this disc, e. g. by some form of super-distribution, cannot be accessed for rendering until a CD2 aware application activates the content using a CD2 drive. As shown in
If it is assumed that the UDF implementation used is CD2 unaware, then no CD2 specific structures are included in the initialisation. At that time the system cannot by itself determine if the CD will be used for storing CD2 content in the future and, therefore, a CD2 PMA entry cannot be included in the initialisation procedure preemptively. If the UDF implementation used is CD2 aware then the CD2 implementation use volume descriptor (IUVD) can be recorded as shown in
a shows a storage layout after a CD2 unaware UDF implementation has added CD2 data. Just prior to physically ejecting a disc or upon detection of the writing of the VAT the key lockers KL and the ALP are written and the VAT is reproduced as shown in
Any subsequent addition of data is independent from the history of the disc.
It should be noted that the maximum number of entries in the PMA limits the number of times the ALP pointer entry can be updated (in practice to about 100). The described scheme is very robust and requires no driver or application support. However, the translation and alteration of the VAT is a sensitive issue. The VAT ICB is the last structure on the disc it is a pointer to the VAT. If the size of the VAT and the VAT ICB combined is smaller than the logical block size (2 KB on CD) then the VAT ICB contains the VAT itself.
The latter is almost always the case and in case of CD2 it is required. While in the above described embodiment the ALP pointer entry stored in the PMA comprises a reference to the ALP, in particular the address of the ALP, in a slightly different embodiment the ALP pointer entry may comprise a reference to the VAT entry which points to that ALP. Both embodiments lead to the same results, i. e. allow a drive which is able to read the ALP pointer entry to finally find the DRM data.
According to another embodiment the above-mentioned implementation use volume descriptor IUVD shall be used for that purpose. The CD2 specific IUVD is optional.
The use of the IUVD requires the initialising UDF implementation to be CD2 aware. The scheme that the IUVD is part of also requires the insertion of the physical block number (PBN) of the ALP in the VAT. The IUVD indicates which VAT entry identifies the location of the ALP. Although generic UDF implementations will preserve the link, it will not be updated. Hence, if the ALP is rewritten using a CD2 unaware UDF implementation the value of the PBN of the ALP in the VAT will not be correct unless a special procedure is in place that allows the drive to update the physical address of the ALP in the VAT. Failing to guarantee that means that the value recorded in the PMA must always take precedence over the value recorded in the VAT. It should be noted that this influences the procedure for the localization of the ALP only. In any case there is only one valid ALP.
a shows the layout of the disc structure where an IUVD, an UDF data entry and a VAT ICB are recorded in the program area. The IUVD holds the number of the entry in the VAT that identifies the physical address of the ALP pointer, indicated by the arrow. If, as shown in
This is illustrated in
Any subsequent addition of data is independent from the history of the disc. If non-CD2 data is added the ALP VAT entry is preserved. If CD2 data is added a CD2 drive is required. This is illustrated in
According to still another embodiment which shall be illustrated with reference to
In still another embodiment of the invention an entry in the VAT pointing to the ALP is achieved by creating a file entry in the virtual partition. The first step is to define a file. Either the ALP itself is called a file or a file that contains the address of the ALP is created. The second step is to create a file entry FE that describes the file in the file system. This FE contains of the file either a virtual address or a physical address. Within standard UDF implementations for data usually a physical address is used. If a virtual address is used then the file resides in virtual space, which is not common for data but useful here. The virtual address is a pointer to an entry in the VAT. In other words, the address recorded in the FE for that file is the VAT entry (sequence number) holding the physical address of the actual file (the data).
This is illustrated in
According to a variation it is possible to let the application create a file with a virtual address. The virtual address as stored in the VAT will point to either a file containing the physical address of the ALP or to the physical location of the ALP directly. The actual finalization process for the embodiments as described above will be initiated from an application. This application can be CD2 aware or not. The drive that performs the finalization can also be either CD2 aware or not.
Another issue is how the drive determines when to write the key locker area (KLA) comprising the KL and ALP. Ideally, this is done just prior to the writing of the VAT before the disc is ejected.
However, the drive has no way of knowing when the VAT is written. It creates too much overhead to inspect each block to determine if it might be the VAT. The drive cannot rely on the application to tell it when the VAT is written because the application itself does not know. Furthermore, the VAT is not only written if the disc is to be ejected, the KLA ideally is.
A feasible solution is to detect the eject command. Any stable and reliable UDF implementation will write the VAT before it releases the disc for ejection. Hence, if the drive knows it needs to write the KLA to a disc with a sequential access type and the UDF driver has released the disc for ejection, the drive can safely assume that the VAT has been written and that it will be the last valid block on disc. Another option is to let the application give a command to the drive telling it to write the KLA.
According to the present invention the drive is able to access the digital rights management data which are stored in the program area by using a file system level structure without actually knowing the file system. The advantage is that even non-compliant or unaware implementations maintain the information.
| Number | Date | Country | Kind |
|---|---|---|---|
| 1021352 | Aug 2002 | NL | national |
| Filing Document | Filing Date | Country | Kind | 371c Date |
|---|---|---|---|---|
| PCT/IB03/03337 | 7/24/2003 | WO | 2/23/2005 |
