The present invention is generally related to digital rights management. More particularly, the present invention is directed to a downloadable DRM scheme.
Digital Rights Management (DRM) protection is important in a variety of consumer products, including mobile devices. For example, one trend is that mobile devices such as smartphone and tablets are emerging as a main driver for multimedia traffic. As one example, consumers may play videos on their mobile devices, including video which includes DRM for copy prevention (piracy preventation).
One problem that arises is that a single consumer device may need to support multiple DRM solutions across different devices and platforms. For example, in 2013 Netflix, Inc. reported that it is has had problems implementing its service on Google's Android platform because of Android's many different active OS versions. This, in turn, requires Netflix to develop DRM support for devices one at a time. That it is, the Android DRM is too fragmented for Netflix to reach all devices in a single DRM solution.
Currently service providers and eco-systems (for instance Ultra Violet or Netflix) are supporting multitudes of DRM solutions to enable different business models. This introduces costly options before an OEM. One option for an OEM is to manufacture multiple versions of the same device to meet specific content protection needs of different service providers and eco-systems. However, this has the disadvantage that it is complex to manage custom made solution for every service provider and market. Another option for an OEM is to implement multiple DRM solutions in the device at the manufacturing time. However, this has the disadvantage that it is costly to support multiple DRM solutions in a single device. Moreover, memory is limited in many mobile devices, thus making it difficult to support multiple DRM solutions in a cost-effective manner.
An ecosystem such as Ultra Violet (UV) supports multiple DRM systems so that the OEM can implement one out of a number of DRM systems being supported by an ecosystem. This still does not adequately solve the problem since there will still be a number of service providers supporting one or two DRM solutions depending upon their business model.
An alternative solution is to us a browser-based downloadable plugin DRM scheme, such as a browser plugin. Existing downloadable DRM solutions are easily deployable since a user can download the desired plugin bundled with the player application. However, this simplicity comes with the security risk. The download DRM solution provider has no way of verifying the authenticity of the underlying platform. Content providers and rights holders generally consider browser plugins as security and privacy risk especially for high-value HD content. Also, every browser does not support plugins (e.g. Safari on iOS, Internet Explorer in Metro mode on Windows 8). For example, the popular media application Silverlight incorporates a DRM solution known as Playready. Applications like Playready simply install DRM as plugin to the browser. For instance, the Playready DRM is downloaded and installed as a browser plugin with the Silverlight player application. However, content providers view browser plugins as security and privacy risks, especially for high-value HD content. Also, all browsers do not support plugins (e.g. Safari on iOS, Internet Explorer in Metro mode on Windows 8). Moreover, another disadvantage of conventional downloadable DRM solutions is that they do not make sure that appropriate hardware measures have been taken before allowing the download and installation of DRM module on the platform.
The World Wide Web Consortium (W3C) has proposed an extension to HTML5 to support DRM plugins. This proposed solution is known as the Encrypted Media Extensions (EME) which provides API support features.
Thus, conventional downloadable DRM solutions have numerous security and privacy risks. Therefore, what is desired is an improved downloadable DRM solution.
A DRM protection scheme may require a platform to have a DRM module to decrypt content for a player application. A platform is disclosed that supports downloading a DRM module into a trusted execution environment. In one embodiment, a coordination agent is provided in the trusted execution environment to coordinate download and use of a DRM module from a DRM download server. Additional browser and web player features may be provided to support the download process.
An embodiment of a platform includes a processor and a memory. A trusted execution environment (TEE) includes a DRM coordination agent responsible for coordinating download and utilization of a DRM module from a DRM download server. The platform determines if a corresponding DM module to render the content is contained within the TEE. In response to determining that the corresponding DRM module is not present, the corresponding DRM module is downloaded to the TEE. The downloaded DRM module may be used to decrypt the protected content for rendering.
An embodiment of a method of using a web player application for digital rights management (DRM) protection includes determining whether content to be rendered by a web player application is protected by a DRM scheme. A determination is made whether the required DRM content protection is currently supported by the underlying platform. In response to determining that the DRM content protection is not currently supported, a download of a DRM module to the trusted execution environment is then scheduled. The downloaded DRM module may be used to decrypt the protected content for rendering.
An embodiment of a method is for downloading a Digital Rights Management (DRM) module to a trusted execution environment of a platform. The method includes receiving, at a browser, a communication from a web player application to determine whether a DRM module required to render protected content is available in the trusted execution environment. The browser may receive an inquiry whether the underlying platform has the capability to initiate the download of the DRM module. The browser may schedule a DRM download session from a DRM download server to download the DRM module to the trusted execution environment.
The platform 200 receives DRM protected content from an application server. The protected content needs to be decrypted by the platform in order to render the content and then transmit the content to a user interface 270, such as a display and speaker.
In one embodiment the protected content is provisioned with metadata to allow a web application to pass requisite information to the underling platform to initiate a download of a DRM module appropriate for the protected content from a DRM download server.
The TEE includes a DRM coordination agent 280 (“DRM coordinator:”) within the TEE 205 to coordinate the download of a DRM module appropriate for the protected content. Additional browser support is provided for the DRM download. In one embodiment, a web-based player application queries the underlying platform regarding its security capabilities before allowing download of the DRM module. Additionally, the DRM coordinator 280 may authenticate the DRM download server 291 before allowing the device to download a DRM module.
In one embodiment, a web application may query the platform regarding the availability of content protection mechanism before initiating the download of the DRM module and installation into the TEE. The download may be performed on a demand basis. That is, a determination is made if the platform already has an appropriate DRM module 290 downloaded in the TEE and a download is initiated if required. In one embodiment HTML extensions (e.g., extensions to HTML5) are used to support the secure download of the DRM module on a demand basis.
In accordance with an embodiment of the present invention, the platform detects whether it already has the appropriate DRM module to decrypt the protected content. If not, the platform downloads the appropriate DRM module to the TEE 205. The browser and the DRM coordinator supports secure downloading of a DRM module 290 and corresponding DRM keys 295.
In an exemplary streaming session, a user first selects the content at a website for streaming In browser-based solutions, Web applications can ensure that required elements are already there in the platform to render the content before initiating the streaming. In one embodiment of a browser-based solution, the browser first downloads the initialization header containing the content protection signaling related metadata. When DRM content is provided to a client device, download information (metadata) for a DRM module is used for installing a DRM agent corresponding to the DRM system that is applied to the DRM content. Using this metadata, it is possible for the client device to download the DRM module based on the metadata information bundled with the content to install the DRM module (also known as a DRM agent), and use the DRM content. The web application can determine whether the underlying platform already has a pre-installed DRM or possesses the capability to download and install the DRM module before initiating the streaming.
An exemplary embodiment leverages off of extensions in HTML 5 that support DRM, although it will be understood that embodiments of the present invention are not limited to HTML 5 implementations. The specification for the W3C Encrypted Media Extensions allows a web page to query the platform regarding the support of a DRM module needed for the content rendering. The streaming is aborted if the platform does not have pre-installed DRM needed for the content rendering. Embodiment of the present invention provides further capabilities to HTML, whereby an application can communicate with the secure chip (TEE) and facilitate the installation of the DRM module in the TEE.
The dashed box 350 is provided to illustrate some of the new features over conventional approaches proposed by W3C for HTML5. In particular, features are provided to support a download DRM session 332. These include techniques for the web application, browser, and DRM coordinator in the TEE to communicate, determine whether the platform supports the DRM scheme of the protected content, download and utilize a DRM module appropriate for the protected content, and verify the DRM download server. Embodiments of the present invention provide further extensions to enable downloadable DRM and installation by the underlying secure trusted platform.
An exemplary sequence of requests/commands is illustrated by the arrows in
In one embodiment, popular media formats (MP4 or MPEG2 TS) carry the metadata that allows a device to download a DRM module from a DRM download server hosted by the service provider or eco-system provider. For example, a technique for downloading a DRM module for MP4 is described in US Pub. No. 20120090034, entitled “Method And Apparatus For Downloading DRM Module,” the contents of which are hereby incorporated by reference.
The media key session 334 to enable download of DRM license may include any known approach. For example, a media key session is part of the draft version of the W3C Encrypted Media Extensions.
After a DRM module is download to the TEE it may be used to decrypt protected content.
Exemplary methods are now described for determining whether the required DRM module is available and downloading the DRM module to the TEE. The method can be described from the viewpoint of the web application and browser and at different levels of detail.
Referring to
The browser then parses the extracted metadata to determine whether the content is protected. It then informs the web application or page that the content is protected. The browser also extracts 705 appropriate metadata (associated with the content protection mechanism) from the initData and passes it to the page for further processing.
The web application or page then queries the browser 710 through the method isTypeSupported ( ) whether the needed content protection is supported by the underlying platform. As previously discussed, in one implementation the underlying platform registers with the browser regarding the content protection systems currently available in the platform.
If the underlying platform does not already have (installed or implemented) any one of the content protection mechanisms needed to render the content then the web application queries 715 the browser regarding the support for downloadable DRM in the platform.
The Web application sends a downloaddrm( ) message to the browser. This message contains the initData as a parameter.
The browser, in response to receiving 720 the downloaddrm message, then creates a DownloadDRMSession object and schedules a task to generate a DRM download request message providing initData and newly created object. A user agent then queues a task to fire an event named download_drm message at the new object containing the following parameters:
a. Message: DRM module download request
b. Dest URL: DRM Downlaod Server URL
The DRM coordinator in the trusted part of the platform (Trusted Execution Environment) initiates 725 the download of the DRM module once this event is received. In one embodiment messages from the DRM Coordinator is transparently passed to the Web Application through the browser. The messages exchanged between the DRM coordinator and the Download server may take different forms. In one embodiment, this messaging may consists of a number of messages—for instance, download server may like to authenticate the integrity of DRM coordinator application before honoring its request for the DRM module.
The Web Application then securely receives the DRM module in a standard package containing the binary and the signature. The package also contains the keys needed to decrypt and verify the downloaded DRM module.
The Web application and browser transparently passes the package to the DRM Coordinator running in TEE.
The DRM coordinator unpacks the downloaded package. It then decrypts and verifies the downloaded module before installing it. Also the DRM coordinator installs the keys associated with the downloaded DRM at secure storage. The encrypted DRM module along with the signature can be stored anywhere in the device. Note that only DRM coordinator has access to the associated keys that are stored in secure storage.
The Web application is then informed regarding the installation of the DRM through the browser.
The Web Application now creates a media session and initiates the download of the DRM license as described in the W3C encrypted media extensions draft.
The Trusted Execution Environment may be implemented with a lightweight Secure OS having limited resources. Consequently, in one embodiment the DRM coordinator may uninstall the DRM module after rendering the content in view of the limited resources. This may be required, for example, if more than one DRM systems are to be supported in the device. The advantage of this mechanism is that a number of DRM solutions can be downloaded in the device and then installed in the secure environment as needed.
Referring to
If the required DRM system is not registered with the browser then the Web application enquires the browser to determine 815 the underlying platform has the capability to initiate the download of the DRM module.
If the underlying platform supports downloadable DRM then a DRM download session is scheduled 820 and the appropriate message (containing appropriate metadata) is sent to the DRM coordinator in the trusted execution environment to initiate 825 the DRM download.
The DRM module code may be packaged in a standard format containing encrypted binary and signature. In one embodiment the agent in the TEE also obtains keys to decrypt and verify the downloaded DRM module. The downloaded DRM module can be stored anywhere in the device (not necessarily in the TEE). The DRM coordinator uses the APIs of the TEE to store corresponding keys in the secure storage. These keys are indexed by UUID to identify the DRM module.
In one embodiment the DRM coordinator running in the TEE installs the DRM module in the TEE at the rendering time by copying the corresponding code in the TEE. It decrypts and verifies the code before installing the DRM module. It obtains the corresponding keys from the secure storage using the UUID of the DRM systems.
Note that there may be one or more installed DRM systems in the device at the same time. All the installed DRM systems are registered with the browser and the DRM coordinator in the TEE. As previously discussed the DRM coordinator is also registered with the browser.
While embodiment for downloading DRM modules have been described, it will be understood that additional download capabilities may be supported, such as the download of other task modules required in the end-to-end trusted media path such as Watermark detection, secure player and link protection module allowing for flexible content protection implementations.
While a browser-based implement has been described it will also be understood that one can also implement the present invention in a browser independent manner, where native or Java Code is used to download the DRM module.
While the invention has been described in conjunction with specific embodiments, it will be understood that it is not intended to limit the invention to the described embodiments. On the contrary, it is intended to cover alternatives, modifications, and equivalents as may be included within the spirit and scope of the invention as defined by the appended claims. The present invention may be practiced without some or all of these specific details. In addition, well known features may not have been described in detail to avoid unnecessarily obscuring the invention. In accordance with the present invention, the components, process steps, and/or data structures may be implemented using various types of operating systems, programming languages, computing platforms, computer programs, and/or general purpose machines. In addition, those of ordinary skill in the art will recognize that devices of a less general purpose nature, such as hardwired devices, field programmable gate arrays (FPGAs), application specific integrated circuits (ASICs), or the like, may also be used without departing from the scope and spirit of the inventive concepts disclosed herein. The present invention may also be tangibly embodied as a set of computer instructions stored on a computer readable medium, such as a memory device.