Secure Host Interface
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a digital rights management system (40) for controlling access rights to copy protected content comprising an application unit (1, 21, 41) and a drive unit (3, 23, 43), to an application unit (1, 21, 41), to a drive unit (3, 23, 43) and to a corresponding digital rights management method. In order to allow an increased security in the management of digital rights, wherein in particular a “filter-driver”-hack is made impossible or is at least substantially complicated and a reliable confirmation about a command given in respect of digital rights and its execution, a digital rights management system (40) is proposed wherein said application unit (1, 21, 41) comprises a key storage unit (45) for storing a bus key (KB), a request generation unit (47) for generating a request (7, 27) to be carried out by said drive unit including a message regarding said access rights and a challenge (RX), a communication unit (51) for transmitting said request (7, 27) and for receiving a response (13, 33) to said request (7, 27) from said drive unit (3, 23, 43), a response verification unit (49) for verifying a link between said request (7, 27) and said response (13, 33) by decoding said response (13, 33) using said bus key (KB) and by checking for the presence of an indication of said challenge (RX) in said response (13, 33) and said drive unit (3, 23, 43) comprises a key storage unit (55) for storing a bus key (KB), a communication unit (51) for receiving a request (7, 27) including a message regarding said access rights and a challenge (RX) from said application unit (1, 21, 41) and for transmitting a response (13, 33) to said request (1, 21, 41), a request processing unit (57) for verifying said request (7, 27) and processing said message, a response generation unit (59) for generating said response (13, 33) including an indication of said challenge (RX) and a reply to said message, wherein said indication of said challenge (RX) and said reply are cryptographically linked by means of said bus key (KB) and wherein indication of said challenge (RX) in said response (13, 33) indicates that said request has been carried out.
-
Citations
30 Claims
-
1-15. -15. (canceled)
-
16. Application unit (1, 21, 41) for use in a digital rights management system (40) comprising a drive unit (3, 23, 43) for controlling access rights to copy protected content, said application unit (1, 21, 41) comprising:
-
a key storage unit (45) for storing a bus key (KB), a request generation unit (47) for generating a request (7, 27) to be carried out by said drive unit including a message regarding said access rights and a challenge (RX), a communication unit (51) for transmitting said request (7, 27) and for receiving a response (13, 33) to said request (7, 27) from said drive unit (3, 23, 43), a response verification unit (49) for verifying a link between said request (7, 27) and said response (13, 33) by decoding said response (13, 33) using said bus key (KB) and by checking for the presence of an indication of said challenge (RX) in said response (13, 33) indicating that said request has been carried out. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. Drive unit (3, 23, 43) for use in a digital rights management system (40) comprising an application unit (1, 21, 41) for controlling access rights to copy protected content, said drive unit (3, 23, 43) comprising:
-
a key storage unit (55) for storing a bus key (KB), a communication unit (51) for receiving a request (7, 27) to be carried out by said drive unit including a message regarding said access rights and a challenge (RX) from said application unit (1, 21, 41) and for transmitting a response (13, 33) to said request (1, 21, 41), a request processing unit (57) processing said message, a response generation unit (59) for generating said response (13, 33) including an indication of said challenge (RX) and a reply to said message, wherein said indication of said challenge (RX) and said reply are cryptographically linked by means of said bus key (KB) and wherein indication of said challenge (RX) in said response (13, 33) indicates that said request has been carried out. - View Dependent Claims (25, 26)
-
-
27. Digital rights management method for controlling access rights to copy protected content in a digital rights management system (40) comprising an application unit (1, 21, 41) and a drive unit (3, 23,43) sharing a bus key (KB), said method comprising the steps of:
-
a) generating (5, 25), by said application unit (1, 21, 41), a request (7, 27) to be carried out by said drive unit including a message regarding said access rights and a challenge (RX), b) communicating said request (7, 27) from said application unit (1, 21, 41) to said drive unit (3, 23,43), c) processing (11, 31) said message by said drive unit (3, 23,43), d) generating, by said drive unit (3, 23,43), a response (13, 33) including an indication of said challenge (RX) and a reply to said message, wherein said indication of said challenge (RX) and said reply are cryptographically linked together by means of said bus key (KB), e) communicating said response (13, 33) from said drive unit (3, 23, 43) to said application unit (1, 21, 41), and f) verifying (15, 35), by said application unit (1, 21, 41), a link between said request (7, 27) and said response (13, 33) by decoding said response using said bus key (KB) and by checking for the presence of an indication of said challenge (RX) in said response (13, 33) indicating that said request has been carried out by said drive unit (3, 23,43). - View Dependent Claims (29, 30)
-
-
28. Digital rights management method, further comprising a step of verifying (9, 29) said request (7, 27) after step b) and before step c).
Specification