Browse Prior Art Database

Storage device and system with content revocation mechanism

IP.com Disclosure Number: IPCOM000225631D
Publication Date: 2013-Feb-22
Document File: 3 page(s) / 78K

Publishing Venue

The IP.com Prior Art Database

Abstract

1. Content Revocation List (CRL) checking will be carried out by the storage device itself to achieve a safer checking. A CRL checking unit will be added in the storage device. 2. Content ID (CID) is concatenated with a content key (Kc) as an element of usage rule object (URO) We call this data Usage Rule Object to clearly distinguish it from general word “usage rules.”. When the storage device receives the URO transfer request, the CRL checking unit extracts the CID from the requested URO and decides whether to send the related URO or not. 3. The storage device will decide whether to send the URO to the host device or not. An URO sending (writing / reading) unit will be added in the storage device.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 55% of the total text.

Page 01 of 3

Storage device and system with content revocation mechanism

  Devices, that want to write/read URO and/or CRL to/from the storage device, must establish a secure connection (secure session) with the storage device. URO and CRL must be transferred through the secure connection. Authentication units will be added in devices to establish secure connection with other devices.

Recording Device

Secure Data Writing

Content Writing Unit

URO Writing Unit

CRL Writing Unit

Authentication Unit of Recording

Device

Storage Device

Storage Area for Content

Storage Area for URO

Storage Area for CRL

URO Sending Unit

 URO / CRL Checking Unit

Authentication Unit of Storage

Device

Host Dvice

Content Reading Unit

Content

Decryption Unit

URO Receiving Unit

Authentication Unit of Host

Device

Encrypted Content

CRL

Version CID 1 CID 2

URO

Kc

CID

etc

Non-secure transfer

Secure transfer

Inside transfer (secure)

Secure connection (session) establishment

Fig.1 Configulation diagram

Encrypted content

Decryption is possible = Playback is possible

CRL

Version

CID 1 CID 2

URO Kc 1

CID 1 etc

Decryption is impossible = Playback is impossible

URO Kc 3

CID 3 etc

Resisted in CRL
= Prohibit URO transfer

Not resisted in CRL
= Permit URO transfer

Fig. 2 Robust linkage between encrypted

There are 5 problems in the traditional technology:


1. The CRL checking, which is carried out by the host device, is not safe, because the host device is relatively vulnerable. In addition, the plaintext

1


Page 02 of 3

content is kept in the host device memory. After the cracking, the host device will probably allow the playback, even if the content has been revoked.


2. The CC's signature verification is carried out. It will consume relatively a lot of computations.


3. As is similar to 2, the CRL 's signature verification will be carried out. It will also consume a lot of computations.

It takes the operating cost to generate and issue the content certificate for
all contents.

The proposed method resolves the above five problems of current content revocation mechanism. The main ideas of the proposal method are the following.


1. Robustness of data transfer related with content revocation
In this method, only authorized devices which have established secure connection (session) with the partner devices, can write CRL and URO to the storage device. T...