BREIVIK OEYVIND (NO)
| WO2000028398A1 | 2000-05-18 | |||
| WO2001076181A2 | 2001-10-11 | |||
| WO2000078004A2 | 2000-12-21 |
| EP1217591A1 | 2002-06-26 | |||
| US6286052B1 | 2001-09-04 |
| 1. | An arrangement for execution and control of policies for Multimedia Message Service (MMS) messages or elements of such (from now on referred to as MMS messages) being transferred in a communication network to and/or from terminals connected thereto, characterized in a first means adapted to associate a policy with one or more of said MMS messages, a second means adapted to detect whether MMS messages in transfer in said communication network are associated with policies, and to transmit a request for executing a policy to the third means when detecting that that policy is associated with an MMS message, a third means adapted to execute a policy on an MMS message to which the policy is detected as being associated, a fourth means adapted to ensure that an MMS message associated with a policy is retained associated with that policy when the MMS message is received, stored and/or forwarded in/from one of the terminals, whereby said means are connected to and/or integrated in an MMS architecture connected to said communication network. |
| 2. | Arrangement according to claim 1, c h a r a c t e r i z e d i n that said first means associates the policy to one or more of said MMS messages by inserting a reference to the policy in a heading of a file/files representing said one or more MMS messages. |
| 3. | Arrangement according to claim 2, c h a r a c t e r i z e d i n that the header is an XML header and the reference is a URL. |
| 4. | Arrangement according to claim 2 or 3, c h a r a c t e r i z e d i n that the second means detects whether MMS messages in transfer in said communication network are associated with policies by monitoring all MMS messages arriving at the MMSC of the MMS architecture. |
| 5. | Arrangement according to claim 4, c h a r a c t e r i z e d i n that the second means is adapted to place the MMS message on hold and that said request contains said reference to the policy, user and terminal data of the MMS message's intended receiver and a content or a content reference of the MMS message. |
| 6. | Arrangement according to any of the preceding claims, c h a r a c t e r i z e d i n that the fourth means is implemented in one or more of the terminals. |
| 7. | Arrangement according to one of the claims 26, c h a r a c t e r i z e d i n that the third means executes the policy by: a) checking if the MMS message's intended receiver is allowed to receive the MMS message, b) checking if a terminal of the intended receiver comprises said fourth means, c) checking if the MMS message's sender is allowed to send the MMS message, d) generating charging information to charge the sender or intended receiver for the MMS message, and according to step a) c) ; e) instructing said second means whether it should forward the MMS message to the intended receiver or not. |
| 8. | Arrangement according to one of the preceding claims, c h a r a c t e r i z e d i n that the fourth means ensures that the MMS message associated with the policy is retained associated with that policy by: f) monitoring receiving MMS messages for associated policies in a terminal in which said fourth means is implemented, g) storing detected policies together with references to associated MMS messages in a reference list in said terminal, h) upon sending the MMS messages from the terminal, checking the reference list if the MMS messages have references to policies, and i) associating policies to MMS messages according to the reference list. |
| 9. | A method in an MMS architecture for execution and control of policies for MMS messages or elements of such (from now on referred to as MMS messages) being transferred in a communication network to and/or from terminals connected thereto, characterized in a) associating a policy to one or more of said MMS messages, b) detecting whether MMS messages in transfer in said communication network are associated with policies and transmitting a request for executing a policy when detecting that that policy is associated with an MMS message, c) executing a policy on an MMS message to which the policy is detected as being associated, and d) ensuring that an MMS message associated with a policy is retained associated with that policy when the MMS message is received, stored and/or forwarded in/from one of the terminals. |
Background of the invention The recent exponential growth of value added Short-Messag- ing-Services (SMS) was triggered by the introduction of distribution and billing opportunities, provided by the mobile operators, to 3rd party value added service (VAS) and content providers. Some examples of VAS SMS are jokes (text format), stock quotes (text format), simple ringing tones (binary format) and black and white logos (binary format).
The next generation of messaging services, namely the mobile Multimedia Messaging Service (MMS) [1] standardized by the WAP forum and 3GPP, will support transfer and deliv- ery of value added multimedia content (e. g. sounds, video and images) to mobile terminals. To owners of such content, this represents a new channel where their content can be sold.
The future of VAS MMS services has an even greater growth potential compared to SMS services due to the advanced con- tent capabilities of the MMS technology. Sophisticated mul- timedia content can be provided with VAS MMS services. Some examples of envisaged value added MMS and content are
"mobile greeting card portal" (such as sending pictures/ animations, with or without sound from a portal to a mobile terminal), "famous cartoon messages" (such as animations, with or without colours/audio),"visual/audio quiz mes sages" (such as picture/audio messaging games), "talking head message" (such as rendering a personal text with a predefined animation). VAS MMS will be offered to the end users by operators and by independent 3rd party service and content providers (e. g. media houses, portals, broadcasting corporations) that utilise the wireless MMS infrastructure of the operators.
Multimedia content has an inherently greater value to the content owners than plain text content (cf. SMS). When mak- ing such value added content available to end-users, it is therefore important to the content owners that the content is protected, and its distribution rules controlled and en- forced according to the content owner's content policies, so that their intellectual property and revenue streams are secured. Examples of such content policies are:"content is to be charged the end-user on purchase and download, for- warding to other users is not allowed","the sender is to be charged an extra fee if content is forwarded to another user","content is not to be distributed (download or for- <BR> <BR> warded) to end-users under the age of 18", "content can be distributed to mobile terminals with MS-ISDN addressing, content shall not be distributed (downloaded or forwarded) to e-mail addresses","content can only be distributed (downloaded or forwarded) to female end-users","content is not to be edited by end-user", and so on.
The mobile operator has to provide a total solution to sup- port these requirements so that content owners can securely make their content available for value added MMS with de- fined policies and thereby protect their intellectual property and their revenue streams.
Policy detection and enforcement of value added content of today are essentially adapted to Internet models.
One example of access control is the platform for Internet Content Selection (PICS) [2] and Digital Signature (DSiG) [3], which is a standard solution for defining and control- ling meta-data for web content. This solution defines a language and a set of processing rules for controlling ac- cess to content. This allows, e. g. , parents to control what content their kids can access.
Policy binding to content is handled by the content pro- vider, including meta-data in web files. Detection of the policy is handled by functionality within the web client by screening web files downloaded for meta-data. PICS and DSiG detects the rating policy statements (e. g. , suitable for persons under the age of 18) and gives presentation-access to the content according to allowed policies set within the web-client (e. g. , only to present content that is suitable for users under the age of 18).
Two strategies are established for usage control of Inter- net content. These are: Digital watermark [4] that is a process where a pattern is added to the content itself to represent the policy. This pattern shall ideally be invisible for the end-user. Spe- cial web-clients or applications filter and recognise this pattern and they give usage rights to the end-user accord- ing to the policy detected.
The clearinghouse [5] model is a model where the content is packaged into an encoded container. When reading the con- tent with a client that can interpret the container, the container will authorize usage rights according to the policy handling of a remote clearinghouse.
The problems with the above mentioned solutions of prior art are that they do not handle policies with respect to the delivery-transaction of content. They only solve: a) Self-imposed access-control to content, i. e. what can be presented or rendered after a download of content. The end-user can determine which policies should be enforced by configuring the presentation tool (i. e. , the web client). b) Usage-control to content. How the content can be used after the content has been downloaded/received and when the content is at- tempted to be used.
They do not solve policies enforcement with respect to who is allowed to send or forward value added content, who is allowed to receive value added content, and which value added content is allowed being sent or received. These are problems that have to be solved in a mobile messaging envi- ronment, where value added content will have policies asso- ciated with message delivery transactions.
Consequently, there is a need for a solution for policy de- tection and enforcement of value added content in a mobile multimedia-messaging environment.
Summary of the invention The main object of the present invention is to provide an arrangement and a method that meets the requirements for content policy enforcement in the MMS architecture. The features defined in the claims enclosed characterize this arrangement.
The present invention discloses an arrangement and a method for binding policies to MMS content to be distributed as MMS message transactions and gives content policy enforce-
ment on MMS message transactions by controlling the trans- action-transfer in the mobile network. Further, the ar- rangement provides retention of content policy bindings when MMS messages re-enters the mobile network as new mes- sage transactions providing a trusted environment for policy and content rights handling.
The present invention presents an arrangement and a method consisting of four main components in an arrangement giving trusted environment characteristics: - Policy Binding Method (PBM), that is used to bind policies to MMS content - Policy Detection Filter (PDF), that detects MMS con- tent policies in transaction-transfer - Policy Agency (PA), that parse policies - Trusted Client Method (TCM), that retains policy bindings on the client The PBM is used to add meta-data to the MMS message and message elements to give policy associations with the con- tent when the MMS is distributed from a service provider to an end-user, via the mobile operator's infrastructure. PBM allows for the PDF to detect policies on the MMS in trans- fer within the mobile infrastructure.
The PDF monitors the MMS in transfer within the mobile in- frastructure. It resides within, or is closely coupled with, the MMS-C. PDF filters on the MMS and detects any policy meta-data, according to the PBM encoding, of mes- sages passing through. MMS with policies detected are stalled in the delivery-transaction and held until the PA has processed the policies. The PDF requests the PA to process the policies.
The PA enables or disables the message to be passed through to the end-user by informing the PDF of the action to be taken according to the PA result of the parsed policy. The
PA receives the content policy references from the PDF and one or more of the following as input to the parsing: end- user data from the PDF, message content element references or content from the PDF, and end-user client profiles from the PDF.
The TCM ensures that the meta-data of messages and message elements received on the mobile terminal will be retained if the message or message elements are sent back into the wireless network by the mobile terminal.
Brief description of the drawings In order to make the invention more readily understandable, the discussion that follows will refer to the accompanying drawings.
Figure 1 illustrates the MMS architecture and the compo- nents involved in message transfer between mobile handsets (peer-peer and forwarding) and from a network server to a mobile handset (publishing).
Figure 2 illustrates the components involved according to the present invention and how they interact. The figure also illustrates how these components are placed in the MMS architecture.
Detailed description of preferred embodiments In the following, a preferred embodiment of the present in- vention will be described in an MMS environment, referring to the above-mentioned figures. However, this does not rep- resent any limitations to the invention. The present inven- tion may be utilized in other similar applications, envi- ronments and contexts with other variations and substitu- tions without departing from the scope of the invention as defined by the attached independent claims.
The MMS message delivery process for value added content is depicted in Figure 1. As illustrated, the message transfer can either be initiated from the network (i. e. published from a service provider) or it can be initiated from a peer terminal (user-agent).
For value added content that is to be subject to policy control, the first delivery will always be initiated from the network (published). The content may then be distri- buted (forwarded) in a peer-peer fashion. The invention builds on this nature for the distribution of value added content.
In order to describe the process of policy enforcement, a typical usage scenario will now be described. The typical scenario consists of three steps, being the policy defini- tion, the publishing process and the forwarding control process.
The policy definition process consists of the following: - The content owner makes the value added content available (store in database) - The content owner defines the content policy and binds it to the content (store in database) The publishing process consists of the following: - The mobile user requests value added content - The content owner publishes the content onto the mo- bile infrastructure with its policies - The MMS is in transfer, and: For each of the requested content-elements the con- tent policy is detected - The policies are enforced - The value added content is sent to and retrieved by the mobile users, if allowed according to policy
The forwarding control process consists of the following: - The mobile user forwards some value added content to another peer user - The MMS is in transfer, and: - The message is relayed through the mobile infrastruc- ture - The policies are detected and enforced - The value added content is sent to and retrieved by the user to whom the content was being forwarded to, if allowed according to policy Examples of content and content elements that may comprise value added content/service data are audio files, pictures, animations, videos, and texts, and any combination of these [6,7, 8,9, 10].
The present invention provides functions that are used by the publishing process, when MMSs are in transfer, when published and when forwarded.
The Publishing Process The publishing process applies to content being delivered from a network server to a client terminal and its user- agent. The traffic flow is depicted in Figure 1 and la- belled with (A).
Policy Binding The present invention introduces policy binding to the con- tent when the content is being published. The policy-bind- ing component of the invention is depicted in Figure 2 and referred to as PBM.
The Policy Binding Method (PBM) is used to bind the poli- cies to the content when the content is published. The PBM defines the formatting rules to be used.
The formatting rules may for instance be implemented using XML-header [11] fields such as those found in SMIL [12] or WML [13], so that content policy identifiers can be included as meta-data and thereby associated with the message.
The policy identifier may be represented in different ways: a) As a URL [14] reference to a policy database containing policies. b) As a URL reference to wrapper files containing both the reference to the content and to the pol- icy. c) As a policy-flag or tag in combination with a shadow policy directory. In this case, all content URLs have a shadow policy URL, where there is a fixed relation between the two URLs (e. g.
/image/cool. gif->/image/cool_gif. policy).
After the policy binding, the message is published (e. g., via the MMS-C MM7 interface) and introduced into the mobile operator's infrastructure. The message is then in transfer within the mobile infrastructure.
Transfer Control All MMS messages pass through the MMS-C according to the standardised MMS architecture. This also applies for MMSs that are published and that are forwarded.
The present invention introduces message transfer control to enforce policies associated with message transactions.
These functions of the invention are depicted in Figure 2 and are referred to as PDF and PA.
The Policy Detection Filter (PDF) carries out control of content and resides within or is closely coupled to the MMS-C. The PDF checks if MMS content in transfer (both for MMSs published and MMSs in the forwarding process) has a
defined policy and makes sure that the policy is enforced and activated by requesting the PA to do so. The PDF car- ries out the detection by screening for policy meta-data, formatted according to the PBM implementation. When the PDF identifies a content element with a policy, it will request the Policy Agency (PA) to process the policy. In doing so, the PDF puts the message transaction on hold, and provides a reference to the policy and one or more of the following as input to the parsing: end-user data from the PDF, mes- sage content element references or content from the PDF, and end-user client profiles from the PDF.
The PA may use different techniques to identify the policy of a content element. The technique used in this embodiment is determined by, and corresponds to, the policy represen- tation implementation of the policy identifiers used by the PBM.
The PA will then process this policy and return an ok status code to the PDF if the content is allowed in this context. Content that is not allowed in the given context will be removed or replaced with a screening message by the PDF before a message is delivered (e. g. ,"Content requested not allowed"or"Content forwarded not allowed).
When the Policy Agency (PA) is invoked to enforce a policy, it will perform the following steps (or any combinations thereof) to enforce the policy: a) Check if the receiver is allowed to receive the content element from the sender.
The check is performed by retrieving user informa- tion (e. g. , address, age, prepaid account level), either from an independent database containing such information, or from the database of the mo- bile operator, and checking the user information with the content policy (e. g. , age group allowed, price policy, number series allowed).
b) Check if the receiver-client is allowed to re- trieve the content element. The check is performed by retrieving client information when the re- ceiver-client initiates contact with the MMS-C, and checking the client information with the con- tent policy. c) Check if the sender is allowed to send the content element. The check is performed by retrieving user information (as in a) ), and checking this with the content policy. d) Generate charging information to charge the sender or receiver for use of the content element.
When a client terminal initiates contact with the MMS-C to retrieve an MMS, the PDF can retrieve information about the client (e. g. , via a User Agent Profile, UAProf [13]), put the message transaction on hold, and pass the client infor- mation to the PA for policy handling. The PA can then re- turn an ok status code to the PDF if the client is trusted and allowed in this context. For instance, if the particu- lar client does not have the TCM implemented, the PA can deny access to the content, according to defined policy.
Content that is not allowed in this context will be removed or replaced with a screening message (e. g.,"Content re- quested not allowed on this terminal") by the PDF before the message is delivered.
Trusted Client Method The invention introduces a function on the terminal that retains MMSs with policy bindings. The function is depicted in Figure 2 and referred to as TCM.
The Trusted Client Method (TCM) is integrated as a function within the terminal (e. g. , as an integrated part of the terminal's MMS client or the terminal's WAP [13] browser).
It is used to ensure that terminals can be trusted to re- tain MMS policy bindings originated in the publishing proc- ess by the PBM implementation and contained within MMSs re- ceived/retrieved on the terminal.
By retaining the MMS policy bindings, the MMS policies can be detected and enforced again if the MMS is sent back into the mobile messaging infrastructure. The PDF, as previously described, is able to retrieve the information about a ter- minal client, whether or not TCM is implemented, and may pass this on to the PA for policy enforcement in a trusted environment. The components and the arrangement of inven- tion provide for a trusted environment for policy handling.
The TCM may be implemented by the following procedure: 1. MMS that is retrieved by the terminal is screened for policies according to the encoding of the PBM.
2. Detected policies together with the message element file references are stored in a list within the termi- nal's non-volatile memory.
3. When the terminal is to send a new MMS, the content element file references of the MMS are compared with the file references in the list.
4. If any match in the list is found, the associated policies are included in the MMS encoding according to the PBM implementation before the MMS is sent into the mobile messaging infrastructure.
The present invention provides a solution for policy en- forcement of value added content in a mobile multimedia- messaging environment, extending the business potential for MMS. It handles enforcement of the message transaction-de- livery, which is paramount to a mobile messaging environ- ment.
The invention provides a solution that is secure, ensuring not only that published content is enforced, but also that
value added content that re-enters the mobile network in a peer-to-peer fashion can be securely enforced by retaining the policy bindings within the mobile client. This brings a trusted environment for policy handling and enforcement to MMS.
Further, the present invention provides a solution that easily can be integrated with existing mobile technology (i. e. , terminals and MMS-clients, MMS-C infrastructure), thus enhancing and optimising the existing technologies with the important functionality for content policy han- dling.
The invention provides an efficient solution for policy binding, policy detection, and policy enforcement, not re- quiring policies to be included within content in a pro- prietary and processing demanding way.
Also, the invention provides a solution that is compatible with all MMS content formats, comprising both existing and new formats.
The invention provides a solution that gives flexible pol- icy enforcement functions by decoupling the policy enforce- ment functions from policy detection functions.
Abbreviations and references [1] MMS 3GPP TS 23.140 v4.2. 0 (2001-03), 3rd Generation Partnership Project; Technical Specification Group Terminals; Multimedia Messaging Service (MMS); Functional description; Stage 2 (Release 4) [2] PICS Rating Services and Rating Systems (and Their Machine Readable Descriptions), REC-PICS-services- 961031, version 1.1, World Wide Web Consortium (W3C), Recommendation 31-October-1996 [3] DSig PICS Signed Labels (DSig) 1.0 Specification, REC-DSig-label-19980527, World Wide Web Consortium (W3C), Recommendation 27-May-1998 [4] Digital Watermark"Digital Watermarks Copyright Protection for Online Artists", PC Magazine, Febru- ary 18,1997 [5] Clearinghouse"Digital Rights for all media types", Internetcontent. net, 2/20/2001 [6] GIF, Graphics Interchange Format (Version 89a), Compuserve Inc. , Columbus, Ohio, 1990 [7] JPEG, ITU-T Rec. T. 81/ISO/IEC 10918-1: 1992, "Information Technology-Digital Compression and Coding of Continuous-Tone Still Images- Requirements and Guidelines" [8] MP3 MPEG1-Audio ISO/IEC 11172-3, MPEG2-Audio ISO/IEC 11172-3 [9] MPEG4, ISO/IEC 14496-1 (1999): Information Technology-Generic Coding of Audio-Visual Objects AND 3GPP TR 26.911 :"Codec (s) for Circuite Switched
Multimedia Telephony Service; Terminal Implementor's Guide" [10] AMR 3GPP TS 26.090 :"AMR Speech Codec Speech Transcoding Functions" [11] XML Extensible Markup Language (XML) 1.0 (Second Edition), World Wide Web Consortium (W3C), Recommendation 6 October 2000 [12] Synchronized Multimedia Integration Language (SMIL) 1.0 Specification, World Wide Web Consortium (W3C), Recommendation 15-June-1998 [13] Wireless Application Protocol, Wireless Markup Language Specification Version 1.1, WAP WML Version 16-Jun-1999, Wireless Application Protocol Forum [14] URL/URI, Uniform Resource Identifiers (URI): Generic Syntax, Internet Engineering Task Force (IETF), Request For Comment (RFC) 2396, August 1998