Provisioning a computing system for digital rights management
    2.
    发明授权
    Provisioning a computing system for digital rights management 有权
    为数字版权管理提供计算系统

    公开(公告)号:US08661552B2

    公开(公告)日:2014-02-25

    申请号:US11823572

    申请日:2007-06-28

    IPC分类号: H04L29/06 G06F21/00

    摘要: Various embodiments utilize hardware-enforced boundaries to provide various aspects of digital rights management or DRM in an open computing environment. Against the backdrop of these hardware-enforced boundaries, DRM provisioning techniques are employed to provision such things as keys and DRM software code in a secure and robust way. Further, at least some embodiments utilize secure time provisioning techniques to provision time to the computing environment, as well as techniques that provide for tamper-resistant storage.

    摘要翻译: 各种实施例利用硬件实施的边界来在开放式计算环境中提供数字版权管理或DRM的各个方面。 在这些硬件实施的边界的背景下,采用DRM配置技术以安全和鲁棒的方式提供诸如密钥和DRM软件代码的东西。 此外,至少一些实施例利用安全时间供应技术来为计算环境提供时间,以及提供防篡改存储的技术。

    Secure time source operations for digital rights management
    3.
    发明授权
    Secure time source operations for digital rights management 有权
    数字版权管理的安全时间源操作

    公开(公告)号:US08646096B2

    公开(公告)日:2014-02-04

    申请号:US11823594

    申请日:2007-06-28

    IPC分类号: H04L29/06

    CPC分类号: G06F21/10 G06F2221/2151

    摘要: Various embodiments utilize hardware-enforced boundaries to provide various aspects of digital rights management or DRM in an open computing environment. Against the backdrop of these hardware-enforced boundaries, DRM provisioning techniques are employed to provision such things as keys and DRM software code in a secure and robust way. Further, at least some embodiments utilize secure time provisioning techniques to provision time to the computing environment, as well as techniques that provide for robustly secure storage.

    摘要翻译: 各种实施例利用硬件实施的边界来在开放式计算环境中提供数字版权管理或DRM的各个方面。 在这些硬件实施的边界的背景下,采用DRM配置技术以安全和鲁棒的方式提供诸如密钥和DRM软件代码的东西。 此外,至少一些实施例利用安全时间供应技术来为计算环境提供时间,以及提供鲁棒安全存储的技术。

    Key Escrow Service
    4.
    发明申请
    Key Escrow Service 审中-公开
    主要托管服务

    公开(公告)号:US20090327702A1

    公开(公告)日:2009-12-31

    申请号:US12163681

    申请日:2008-06-27

    申请人: Patrik Schnell

    发明人: Patrik Schnell

    摘要: A key escrow service is described. In embodiment(s), the key escrow service maintains an escrow license that includes an escrow content key that is associated with protected media content which is distributed from a content distributor to a media device. A content key that is associated with the protected media content can be received from the content distributor, and the content key can then be encrypted with a public escrow key to generate the escrow content key. The escrow license can be generated to include the escrow content key, and the escrow content key can then be communicated back to the content distributor that provides a digital rights management (DRM) license to the media device. The DRM license can include both the escrow content key and the content key encrypted with a public key that corresponds to the media device.

    摘要翻译: 描述密钥托管服务。 在实施例中,密钥托管服务维护托管许可证,其包括与从内容分发者分发到媒体设备的受保护媒体内容相关联的托管内容密钥。 可以从内容分发器接收与受保护的媒体内容相关联的内容密钥,然后可以用公共托管密钥加密内容密钥以生成托管内容密钥。 可以生成托管许可证以包括托管内容密钥,然后可以将托管内容密钥传送回向媒体设备提供数字权限管理(DRM)许可证的内容分发者。 DRM许可证可以包括托管内容密钥和用与媒体设备对应的公开密钥加密的内容密钥。

    Content Preview
    5.
    发明申请
    Content Preview 有权
    内容预览

    公开(公告)号:US20080255994A1

    公开(公告)日:2008-10-16

    申请号:US11734694

    申请日:2007-04-12

    IPC分类号: G06Q99/00 H04L9/00

    CPC分类号: G06Q30/02 G06C3/00 G06Q20/00

    摘要: Techniques enable creation of a preview license for digital content. In some instances, the preview license indicates that it allows a content-consuming device to consume less than all of the content. This preview license may create a list specifying multiple portions of the digital content that the content-consuming device may consume. These techniques may also present to a device user an offer to purchase rights to consume all of the digital content after consumption of the preview-licensed portion(s). In other instances, a content server may embed the preview license into a content package that contains the digital content, allowing the server to distribute the package to multiple devices. In still other instances, the preview license may be bound to a domain rather than to individual devices. This allows member devices to share the digital content and the preview license, such that each member device may enjoy the preview experience.

    摘要翻译: 技术能够为数字内容创建预览许可。 在某些情况下,预览许可证表示允许内容消耗设备消耗的内容少于所有内容。 该预览许可证可以创建指定内容消费设备可能消耗的数字内容的多个部分的列表。 这些技术还可以向设备用户提供购买在消费预览许可部分之后消费所有数字内容的权利的提议。 在其他情况下,内容服务器可以将预览许可嵌入到包含数字内容的内容包中,允许服务器将包分发到多个设备。 在其他情况下,预览许可证可能会绑定到域而不是单个设备。 这允许成员设备共享数字内容和预览许可,使得每个成员设备可以享受预览体验。

    Trusted intermediary for network layer claims-enabled access control
    6.
    发明授权
    Trusted intermediary for network layer claims-enabled access control 有权
    支持网络层声明的访问控制的可信中介

    公开(公告)号:US08918856B2

    公开(公告)日:2014-12-23

    申请号:US12822745

    申请日:2010-06-24

    IPC分类号: G06F21/00 H04L29/06

    CPC分类号: H04L63/102 H04L63/164

    摘要: Embodiments of the invention provide a trusted intermediary for use in a system in which access control decisions may be based at least in part on information provided in claims. The intermediary may request claims on behalf of a network resource to which access is requested, and submit the claims for a decision whether to grant or deny access. The decision may be based at least in part on one or more access control policies, which may be pre-set or dynamically generated. Because the intermediary requests the claims and submits the claims for an access control decision, the network resource (e.g., a server application) need not be configured to process claims information.

    摘要翻译: 本发明的实施例提供了一种在系统中使用的可信中介,其中访问控制决定可以至少部分地基于权利要求中提供的信息。 中介人可以代表要求访问的网络资源请求索赔,并提交索赔以作决定是否授予或拒绝访问。 该决定可以至少部分地基于可以被预先设置或动态生成的一个或多个访问控制策略。 因为中介请求权并提交用于访问控制决定的权利要求,所以不需要将网络资源(例如,服务器应用)配置为处理权利要求信息。

    File format for media distribution and presentation
    7.
    发明授权
    File format for media distribution and presentation 有权
    用于媒体分发和演示的文件格式

    公开(公告)号:US08775566B2

    公开(公告)日:2014-07-08

    申请号:US12143768

    申请日:2008-06-21

    申请人: Patrik Schnell

    发明人: Patrik Schnell

    摘要: A file format supports distribution, presentation, and storage of media presentations (“MPs”). A sequence of a MP is composed of segments of media data referred to by segmentIDs. Segments are defined as movie fragments, pursuant to the “ISO base media file format”. Multiple instances of a segment, each having a unique instanceID, are created by encoding the media data based on different encoding characteristics, referred to as encodingIDs. A sequence map box (“SMB”) stores the arrangement of a sequence's segmentIDs-to-instanceIDs, including encodingIDs. The SMB is distributed to a client-side media processing unit (“MPU”). Information regarding an instance selected for distribution to the MPU is encapsulated in an instance identifier box (“IIB”), along with the arrangement of instanceIDs for the segment, and distributed to the MPU. At the time of distribution and/or playback of the MP, the MPU interchange instances based on the contents of the SMB and/or the IIB.

    摘要翻译: 文件格式支持媒体演示(“MP”)的分发,演示和存储。 MP的序列由segmentID引用的媒体数据段组成。 根据“ISO基础媒体文件格式”,片段被定义为电影片段。 通过对基于不同的编码特性(称为编码ID)对媒体数据进行编码来创建每个具有唯一的instanceID的段的多个实例。 序列映射框(“SMB”)存储序列的片段ID到实例ID的排列,包括encodingID。 SMB被分发到客户端媒体处理单元(“MPU”)。 关于选择分发给MPU的实例的信息与实例标识符框(“IIB”)一起被封装,并且被分配给MPU。 在MP的分发和/或播放时,MPU根据SMB和/或IIB的内容交换实例。

    Hardware-based output protection of multiple video streams
    10.
    发明授权
    Hardware-based output protection of multiple video streams 有权
    基于硬件的多个视频流的输出保护

    公开(公告)号:US08393008B2

    公开(公告)日:2013-03-05

    申请号:US12124899

    申请日:2008-05-21

    IPC分类号: G06F21/00

    摘要: Computer-readable media, computerized methods, and computer systems for managing dynamic allocation of one or more protected memory segments for storing content of secure data are provided. Initially, the secure data is recognized as being carried by a media stream being communicated from a media-reading device. One or more protected target segments and protected target segments are instantiated, where these protected memory segments are protected from illicit access by hardware-based rules. Regions of hardware memory are dynamically allocated to hold these protected memory segments and the secure data is iteratively written thereto. The protected source segments are associating with the media stream based on a license attached thereto, while the protected target segments are associating with presentation devices based on a standard of output protection supported thereby. Accordingly, the protected source segments are mapped to the protected target segments according to whether the license encompasses the standard of the output protection.

    摘要翻译: 提供了用于管理用于存储安全数据的内容的一个或多个受保护的存储器段的动态分配的计算机可读介质,计算机化方法和计算机系统。 最初,安全数据被识别为由从媒体读取设备传送的媒体流携带。 一个或多个受保护的目标段和受保护的目标段被实例化,其中这些受保护的存储器段被基于硬件的规则保护而不被非法访问。 动态地分配硬件存储器的区域以保存这些受保护的存储器段,并且将安全数据迭代地写入其中。 受保护的源段基于附加到其上的许可证与媒体流相关联,而受保护的目标段基于由其支持的输出保护的标准与呈现设备相关联。 因此,根据许可证是否包含输出保护的标准,受保护的源段被映射到受保护的目标段。