1. Patent Search
  2. Details

METHOD AND SYSTEM FOR IDENTIFYING A USER TERMINAL IN ORDER TO RECEIVE STREAMING PROTECTED MULTIMEDIA CONTENT

20200364317 ยท 2020-11-19

    Inventors

    Cpc classification

    International classification

    Abstract

    A method and system for identifying a user terminal, implemented within a system for provisioning multimedia content that includes a license server and a content server, the user terminal receiving multimedia content, by a digital rights management (DRM) system, that is streamed in encrypted form via an open communication network, and the user terminal retrieving, by a browser implementing a multimedia content reader and a content decryption module suitable for decrypting multimedia content that is encrypted according to the DRM system, the method including obtaining, by the license server modified to incorporate an authentication server, an identifier of the content decryption module, and generating a terminal identifier as a function of the identifier of the content decryption module.

    Claims

    1. A method comprising: identifying, within an open communication multimedia content provisioning network that includes a license server and a content server, a user terminal for (i) receiving multimedia content protected by a digital rights management system and streamed, in encrypted form via the network, and (ii) for retrieving the streamed multimedia content, by a browser implementing a multimedia content reader and a content decryption module that decrypts multimedia content that was encrypted according to the digital rights management system, the method comprising: obtaining, by an authentication server that is incorporated within the license server, an identifier of the content decryption module; and generating, by the authentication server, a user terminal identifier as a function of the identifier of the content decryption module.

    2. The method according to claim 1, wherein said obtaining comprises accessing predetermined authentication content, associated with the digital rights management system, and stored beforehand by a content authentication server the authentication content comprising or allowing access to a rights description object associated with the digital rights management system.

    3. The method according to claim 2, wherein the authentication content is generated by encrypting, according to the digital rights management system, a descriptive file containing the rights description object.

    4. The method according to claim 3, wherein the authentication content does not include any indication making it possible to access the multimedia content.

    5. The method according to claim 2, further comprising requesting the authentication content by the multimedia content reader, and transmitting an address that enables access to the authentication content.

    6. The method according to claim 2, wherein the authentication content comprises the rights description object associated with the digital rights management system, accessible directly by the multimedia content reader.

    7. The method according to claim 2, comprising, prior to said generating, receiving an authentication request containing a first element identifying the digital rights management system and a second encrypted element generated by the content decryption module, for requesting a license to access the authentication content.

    8. The method according to claim 7, wherein the second encrypted element is a first license challenge, generated by the content decryption module from the rights description object, and cryptographically protected to allow the license server to verify the authenticity and the integrity of the first license challenge.

    9. The method according to claim 7, further comprising: extracting, as a function of the first element, a unique element from the second element decryption; and allocating the value of the unique element to the content decryption module identifier.

    10. The method according to claim 9, further comprising sending to the multimedia content reader a message comprising the user terminal identifier and a license to access the authentication content.

    11. The method according to claim 1, wherein said generating comprises applying a cryptographic hash function or an encryption algorithm to the identifier of the content decryption module.

    12. The method according to claim 1, further comprising: receiving, by the multimedia content reader, a message including the user terminal identifier; and providing, by the multimedia content reader, the received user terminal identifier to an application for providing protected and encrypted multimedia content, the user terminal identifier being stored by the application.

    13. A method comprising authenticating a user terminal, within an open communication network for provisioning multimedia content the network including a license server and a content server, the authenticating comprising: providing multimedia content to a user terminal, the multimedia content being protected by a digital rights management system, and the multimedia content being streamed, in encrypted form via the network; and retrieving the multimedia content, on the user terminal, by a browser implementing a multimedia content reader and a content decryption module that decrypts multimedia content that was encrypted according to the digital rights management system; and in response to a request, sent by the user terminal, to access the multimedia content: generating a license request including (i) a first identifier of the user terminal previously stored, and obtained by the method according to claim 8, and (ii) a third encrypted element generated by the content decryption module of the user terminal for requesting a license to access the multimedia content, the third encrypted element being a second license challenge cryptographically protected to allow an authentication server, incorporated within the license server, to verify the authenticity and integrity of the second license challenge; sending the license request to the authentication server; verifying, via the authentication server, the authenticity and integrity of the third encrypted element; and in case of positive verification, obtaining a second content decryption module identifier from the third encrypted element and generating a second identifier of the user terminal as a function of the second content decryption module identifier; and comparing the first and second identifiers of the user terminal and in case of a match, authenticating the user terminal.

    14. A system for identifying a user terminal implemented within an open communication network for provisioning multimedia content, the network including a license server, a content server, and a user terminal (i) receiving multimedia content that is protected by a digital rights management system and that is streamed in encrypted form via the network, and (ii) retrieving the multimedia content, by a browser implementing a multimedia content reader associated with a content decryption module that decrypts multimedia content that was encrypted according to the digital rights management system, the system comprising an authentication server incorporated within the license server and configured to obtain an identifier of the content decryption module, and to generate a user terminal identifier as a function of the identifier of the content decryption module.

    15. The system according to claim 14, further comprising a content authentication server.

    16. A system for identifying a user terminal, the system implemented within an open communication network for provisioning multimedia content, the network including a license server, a content server, and a user terminal that receives multimedia content that is protected by a digital rights management system, that is streamed in encrypted form via the network, and that is retrieved, on the user terminal, by a browser implementing a multimedia content reader associated with a content decryption module that decrypts multimedia content that was encrypted according to the digital rights management system, the system comprising an authentication server that is incorporated within the license server, wherein, in response to a request sent by the user terminal to access the multimedia content, the multimedia content reader generates a license request including (i) a first identifier of the user terminal previously stored, and obtained by the method according to claim 8, and (ii) a third encrypted element generated by the content decryption module of the user terminal, the third element comprising a second license challenge cryptographically protected to allow said authentication server to verify the authenticity and integrity of the second license challenge, the user terminal sends the license request to said authentication server, and said authentication server: verifies the authenticity and integrity of the third encrypted element, and in case of positive verification, obtains a second identifier of the content decryption module from the third encrypted element and generates a second identifier of the user terminal as a function of the second identifier of the content decryption module, and compares the first and second identifiers of the user terminal, and in case of a match, authenticates the user terminal.

    Description

    BRIEF DESCRIPTION OF THE DRAWINGS

    [0044] Other features and advantages of the invention will emerge from the description thereof provided below, for information and non-limitingly, in reference to the appended figures, in which:

    [0045] FIG. 1 schematically illustrates a system for providing protected multimedia content via a DRM system in which the invention is applicable;

    [0046] FIG. 2 schematically illustrates the main steps of a method for identifying a client terminal according to one embodiment of the invention;

    [0047] FIG. 3 schematically illustrates the main steps of a user terminal authentication implementing a terminal identifier obtained by the method of FIG. 2.

    DETAILED DESCRIPTION

    [0048] FIG. 1 schematically illustrates a system for providing multimedia content 1 in which the invention is applicable.

    [0049] The supply system 1 comprises a server 2 for multimedia content protected by a DRM system, such a content server for example being managed by a content provider operator. The server 2 also implements access rights control to the content. The server 2 is for example a server of an operator providing digital television content.

    [0050] Of course, the server 2 can be implemented in the form of a system of servers, comprising a server controlling access rights to protected content implemented by an operator, and content servers comprising remote multimedia data.

    [0051] The supply system 1 further comprises an authentication content server 3, generated as explained in detail hereinafter.

    [0052] The supply system 1 also comprises a module 4 for formatting content that makes it possible to format the content as a function of the streaming protocol, for example DASH, HLS or MSS already mentioned above, as a function of the target DRM system, and the corresponding DRM agent, for example PlayReady, Widevine DRM or FairPlay.

    [0053] A database 6, in relation with a license server 8, is also part of the supply system 1. The license server 8 is a known license server 8b in the DRM systems of the prior art, modified in order to incorporate an authentication server 8a suitable for implementing a terminal authentication function. The authentication server 8a for example incorporates the authentication content server 3.

    [0054] In a variant, the supply system 1 comprises a terminal authentication server 8a according to the invention and a license server 8b that are separate and suitable for communicating with one another, forming an authentication and license server.

    [0055] In one embodiment, the database 6 is implemented by a storage module making it possible to store a set of registrations, for example in file form.

    [0056] Each of these registrations includes a content identifier C-ID formated by the module 4, and a cryptographic key. This cryptographic key is the encryption key with which the content C-ID has been encrypted for formatting, or if it is different from the preceding, the decryption key necessary to decrypt the content C-ID as it was encrypted for formatting, or a way to obtain this key. This database 6 is for example stored on the server 8 of the supply system 1.

    [0057] The server 8 is configured to receive requests from a web browser 10, installed on a user terminal 12.

    [0058] This web browser 10 includes a software module 14 for reading multimedia content, which implements HTML5 via JavaScript.

    [0059] The terminal 12 also comprises a software module 16 that implements an application of the content supply service. In one embodiment, this application is responsible for interactions of the user and/or terminal with the content server 2, in particular to identify the user or the terminal, to control access rights of the user of the terminal, to access the content. The software module, here referred to as application of the content service, is for example a Web TV application. The access to the content is shown schematically by the arrow 15 in FIG. 1.

    [0060] The content reader 14 communicates with a CDM 18 that implements, locally at this terminal 12, mechanisms of a DRM system, in particular the decryption of protected multimedia content. The implemented DRM system is determined by the web browser 10 used.

    [0061] FIG. 2 schematically illustrates the main steps of a method for identifying a client terminal according to one embodiment of the invention. These steps are implemented by various elements of the content supply system 1 described above in reference to FIG. 1.

    [0062] Each of the servers, as well as the user terminal, is an electronic computer that includes at least one processor suitable for executing code instructions. In a variant, the steps of the inventive method are carried out by electronic devices of the programmable logic circuit type, such as electronic boards with an FPGA or ASIC base.

    [0063] During a first step 30, the application of the content service 16 sends a user terminal identification request to the multimedia content reader 14.

    [0064] For example, in one embodiment, the application 16 performs this step 30 by means of an API (Application Programming Interface), for initializing the multimedia content reader 14.

    [0065] After receiving the identification request of the user terminal, the content reader 14 sends CDM 18 an identification request 32a of the used DRM system. For example, the EME request requestMediaKeySystem( ) is used.

    [0066] In response, in step 32b, the content reader 14 obtains a value of the parameter KeySystem that identifies the used DRM system, for example among Widevine, PlayReady and FairPlay.

    [0067] During step 34, the multimedia content reader 14 sends the server 8 an authentication content request. The request includes an identifier of the used DRM system, for example the form of the value of the parameter KeySystem.

    [0068] The authentication content is content generated beforehand, protected with the used DRM system, and stored as content offered by the authentication content server 3, with the aim that an access request to this content triggers the identification of the terminal originating this request.

    [0069] More specifically, the authentication content having been protected with the used DRM system, the request to access this authentication content causes the initialization of a DRM system, initialization on which the identification of the terminal is based, the detail of the progression of which is therefore specific to the used DRM system, and prior to the reading of the multimedia data of the content, if it includes any. Preferably, however, the authentication content does not include multimedia data.

    [0070] The authentication content comprises or makes it possible to access a Right Object associated with the used DRM system. A right object in particular contains a header specific to the used DRM system, called PSSH (Protection System Specific Header).

    [0071] For example, if it has been formatted for the DASH protocol, the authentication content is a descriptive file, also called MPD (Media Presentation Description) manifest file, which indicates a DASH initialization segment that contains a specific header, referred to as Protection System Specific Header (PSSH). The authentication content is next encrypted according to the ISO Common Encryption (CENC) standard, for example with the Widevine technology.

    [0072] Similarly, if it has been formatted for the MSS protocol, the authentication content is for example a descriptive file of the ISMC manifest type, which is next encrypted according to the CENC standard, for example with the PlayReady technology.

    [0073] Similarly, if it has been formatted for the HLS protocol, the authentication content is for example a descriptive file of the M3U8 playlist type, which is next encrypted according to the CENC standard, for example with the FairPlay technology.

    [0074] In each of these examples, the descriptive file of the authentication content includes, in a known manner for all of the content, a right object necessary to initialize a DRM section in order to lift the protection of this content. The right object contains an identifier of the DRM system with which the content is protected (KeySystem) and information making it possible to obtain the decryption key of the content.

    [0075] In each of these examples, in general, for a given content, the descriptive file of the content further contains at least one URL indicating multimedia data of this content.

    [0076] Here, preferably, the authentication content does not include multimedia data, and its descriptive file, unlike a descriptive file for any content, does not include a URL indicating multimedia data.

    [0077] According to one embodiment, an authentication content by covered DRM system is formatted by module 4, then stored in the server 3. Each authentication content is accessible by means of a URL (Uniform Resource Locator) address. The encryption key as well as an identifier of the associated DRM system are stored in combination with the URL of each authentication content.

    [0078] According to another variant, the authentication content for the used DRM system is generated and stored after receiving the request 34.

    [0079] According to another variant, several authentication contents for at least one DRM system are generated and stored, for example authentication contents also including multimedia data.

    [0080] In response to the authentication content request, the URL address by means of which it is accessible is sent to the multimedia content reader 14 during step 36.

    [0081] According to another embodiment, the content reader 14 has access directly to a right object associated with the used DRM system. In this embodiment, steps 34 and 36 are processed locally, without exchange with server 8. In this case, the authentication content is formed by the right object that is directly accessible, and the authentication content server 3 is integrated into the terminal 12.

    [0082] Following receipt of the authentication content, the multimedia content reader 14 initializes (step 38) a DRM session to read the received authentication content corresponding to the used DRM system, according to the EME standard. After this initialization, the multimedia data of the authentication content, if it includes any, are streamed in step 40, similarly to any streaming of multimedia data of multimedia content.

    [0083] The authentication content being protected by encryption, an access license according to the used DRM system is necessary, in particular including a decryption key.

    [0084] During step 42, the CDM 18 then sends a request to the content reader 14 in order to obtain a decryption key for the authentication content.

    [0085] Upon receiving the request in step 42, the content reader 14 asks the CDM 18, in step 44, to generate a license challenge based on the right object obtained from the authentication content.

    [0086] A license challenge refers to a data block generated by the CDM from the right object in order to obtain the license including the decryption key for the content. The generated license challenge can include an identifier CDM-ID of the CDM. In this case, the identifier CDM-ID is more specifically an identifier of the CDM instance initialized in the considered terminal, inserted by the CDM itself in the license challenge. The license challenge is cryptographically protected in authenticity and integrity, such that a license server can later verify its authenticity as well as its integrity.

    [0087] In step 46, the CDM 18 returns an encrypted license challenge to the content reader 14.

    [0088] In the following step 48, the content reader 14 generates and sends the server 8 an authentication request, containing a first element identifying the used DRM system and a second encrypted element generated by the CDM module 18. For example, the first element is the value of the parameter KeySystem that identifies the used DRM system, and the second element is the encrypted license challenge supplied by the CDM 18.

    [0089] In a variant, the first element of the authentication request is a URL address associated with the used DRM system.

    [0090] The authentication request is received by the license server 8.

    [0091] The server 8b of the server 8 implements a step 50 during which it extracts the license challenge from the received request, verifies the authenticity and the integrity of the license challenge, and generates the license required to read the authentication content. The license in particular contains the decryption key to be used in order to decrypt the authentication content.

    [0092] During the same step 50, when the license challenge includes an identifier CDM-ID of the CDM, the license server 8b of the server 8 extracts it according to a scheme specific to the used DRM system and sends it to the authentication server 8a.

    [0093] For example, when the DRM agent is PlayReady, the public key of the decryption module sent in the license challenge is taken as identifier CDM-ID. In a variant, any other unique element sent in the license challenge can be used as identifier.

    [0094] For example, when the DRM agent is FairPlay, the identifier CDM-ID assumes the value of the parameter HU of the SPC (Server Playback Context) challenge.

    [0095] When the license challenge does not include an identifier CDM-ID of the CDM, such an identifier is generated, stored, inserted in the license and sent to the authentication server 8a, by the license server 8b. For example, when the DRM agent is Widevine, the identifier CDM-ID assumes the value of the PCT (Provider Client Token) parameter. This identifier is generated by using a pseudo-random generator.

    [0096] Thus, the identifier CDM-ID is a unique element extracted from the license challenge after decryption.

    [0097] In step 52, the authentication server 8a of the server 8 next generates a terminal identifier, denoted T-ID, from the identifier CDM-ID.

    [0098] In one embodiment, the terminal identifier is generated by applying a cryptographic hash function, for example HMAC-SHA256, to the decryption module identifier CDM-ID:


    TID=HMAC-SHA256(CDM-ID, Ks)

    [0099] Where Ks is a secret key.

    [0100] In a variant, any other encryption algorithm applied to the identifier CDM-ID is applicable.

    [0101] A response containing the generated license and the terminal identifier T-ID is sent to the content reader 14 in step 54, which sends the received license to the CDM 18 in step 56.

    [0102] Lastly, the content reader 14 extracts the terminal identifier T-ID thus obtained, stores it, and sends it to the software module 16 in step 58. The terminal identifier is stored by the application of the content service.

    [0103] Advantageously, the terminal identifier T-ID thus generated is unique for a physical user terminal and a given web browser, since it is generated from a unique identifier associated with the CDM initialized in the terminal according to the used DRM system. In principle, for any DRM system, the CDM originating a license challenge is identified uniquely.

    [0104] The persistence of the identifier T-ID is related to the persistence of the data of the CDM as managed by the browser. More specifically, their lifetimes are the same.

    [0105] It is next possible to verify, at any moment, the authenticity of a user terminal identifier T-ID thus obtained and stored.

    [0106] FIG. 3 schematically illustrates the main steps of a user terminal authentication method using a terminal identifier previously obtained using the identification method described above.

    [0107] The content reader 14 has previously recorded a terminal identifier T-ID.sub.A, which is also recorded by the content provider operator.

    [0108] In order to read the new multimedia content, the content provider 14 generates an access request 60 that includes a content identifier C-ID and the terminal identifier T-ID.sub.A previously recorded.

    [0109] The access request 60 is sent to the server 2, which implements an access rights check. In step 62, the server verifies that the terminal identified by T-ID.sub.A has previously been registered, and in case of positive verification, next verifies the right of the terminal T-ID.sub.A to access the content C-ID. Next, only if this second verification is successful, an access token to the content identified by C-ID is sent to the content reader in step 64. The access token includes the terminal identifier T-ID.sub.A, and is cryptographically protected in authenticity and integrity, such that a content server can later verify its authenticity as well as its integrity.

    [0110] In step 66, the content reader is then able to generate a license challenge as already described above, and a license request containing the generated license challenge and the access token in step 68.

    [0111] Upon receiving this license request, the server 2 verifies the authenticity and the integrity of the access token, and in case of positive verification, extracts the identifier of the terminal T-ID.sub.A therefrom (step 70).

    [0112] The server 2 next sends (step 72) the license 8 a license request containing the license challenge and the identifier of the terminal T-ID.sub.A.

    [0113] The license server 8b of the server 8 verifies the authenticity and the integrity of the license challenge received in step 74 and, in case of positive verification, extracts a CDM identifier, CDM-ID, therefrom in step 76. The implementation of step 76 is similar to the implementation of step 50 described in reference to FIG. 2.

    [0114] Similarly to step 52, a terminal identifier T-ID is generated by the authentication server 8a of the server 8 in step 78 from the decryption module identifier CDM-ID.

    [0115] Next, in step 80, the computed identifier T-ID is compared to the received terminal identifier T-ID.sub.A.

    [0116] In case of match, the terminal is authenticated successfully, and step 80 is followed by a step 82 for generating and sending a license containing the decryption key for the encrypted multimedia content identified by C-ID. The license is sent to the server 2, which sends it (step 82a) to the multimedia content reader.

    [0117] In case of mismatch during the comparison done in step 80, an alarm is for example generated (step 86) and sent to the content service, and the license is not sent, which results in preventing the reading of the multimedia content identified by C-ID by the content reader 14 of the user terminal 12.