摘要:
A license is issued to a user as decryption and authorization portions. The decryption portion is accessible only by such user and has a decryption key (KD) for decrypting corresponding encrypted digital content and validating information including an identification of a root trust authority. The authorization portion sets forth rights granted in connection with the digital content and conditions that must be satisfied to exercise the rights granted, and has a digital signature that is validated according to the identified root trust authority in the decryption portion. The user issued accesses the decryption portion and employs the validation information therein to validate the digital signature of the authorization portion. If the conditions in the authorization portion so allow, the rights in the authorization portion are exercised by decrypting the encrypted content with the decryption key (KD) from the decryption portion and rendering the decrypted content.
摘要:
A license is issued to a user as decryption and authorization portions. The decryption portion is accessible only by such user and has a decryption key (KD) for decrypting corresponding encrypted digital content and validating information including an identification of a root trust authority. The authorization portion sets forth rights granted in connection with the digital content and conditions that must be satisfied to exercise the rights granted, and has a digital signature that is validated according to the identified root trust authority in the decryption portion. The user issued accesses the decryption portion and employs the validation information therein to validate the digital signature of the authorization portion. If the conditions in the authorization portion so allow, the rights in the authorization portion are exercised by decrypting the encrypted content with the decryption key (KD) from the decryption portion and rendering the decrypted content.
摘要:
Content is encrypted according to a content key (CK) ((CK(content))), (CK) is protected according to a license server public key (PU-DRM), and rights data associated with the content is protected according to (PU-DRM). The protected items are submitted as a rights label to the license server for signing. The license server validates the rights label and, if valid, digitally signs based on the protected rights data to result in a signed rights label (SRL), and returns same. The SRL is concatenated with (CK(content)) and both are distributed to a user. To render the content, the user submits the SRL to the license server to request a license. The license server verifies the SRL signature and reviews the SRL protected rights data to determine whether the user is entitled to the license, and if so issues the license, including (CK) in a protected form accessible to the user.
摘要:
Content is encrypted according to a content key (CK) ((CK(content))), (CK) is protected according to a license server public key (PU-DRM), and rights data associated with the content is retrieved from a rights template and protected according to (PU-DRM). The protected items and a digital signature from the rights template are submitted as a rights label to the license server for signing. The license server verifies the rights template signature, and if such signature verifies signs the rights label to result in a signed rights label (SRL), and returns same. The SRL is concatenated with (CK(content)) and both are distributed to a user. To render the content, the user submits the SRL to the license server to request a license.
摘要:
A trusted component on a device includes a secure HWID therein and is verified by obtaining a key from the device, and verifying each signed component of the operating system of the device therewith. A driver table is examined to locate a HWID driver which is verified as containing a pointer back to an address inside a kernel. The verified operating system is called to obtain the secure HWID from a HWID component by way of the HWID driver and to return same to the trusted component. Thereafter, the returned HWID is verified as matching the HWID included with the trusted component.
摘要:
An installation system for a multiple device, multiple application solution may include options for installing and configuring one or more of the devices as virtual machines. The installation system may start from bare hardware, install a virtual machine host, and configure one or more devices as virtual machines. The installation system may provide a set of predefined configurations from which an administrator may choose, and some embodiments may provide various algorithms or optimization routines to select an appropriate configuration based on intended uses or other factors. The configurations may be customized to create one or more documents that may be consumed during the installation process to automate many configuration settings.
摘要:
An installation system for a multiple device, multiple application solution may include options for installing and configuring one or more of the devices as virtual machines. The installation system may start from bare hardware, install a virtual machine host, and configure one or more devices as virtual machines. The installation system may provide a set of predefined configurations from which an administrator may choose, and some embodiments may provide various algorithms or optimization routines to select an appropriate configuration based on intended uses or other factors. The configurations may be customized to create one or more documents that may be consumed during the installation process to automate many configuration settings.
摘要:
Content is encrypted according to a content key (CK) to result in (CK(content)) and the content key (CK) is protected according to a public key for a license server (PU-RM). Rights data is retrieved from a rights template to be associated with the content, and rules for modifying the retrieved rights data are also retrieved from the retrieved rights template. The retrieved rights data from the rights template is modified according to the rules, and the rights data and the protected content key (CK)) are submitted as a rights label to the license server for signing thereby. The license server thus validates the rights label and, if valid, creates a digital signature based on a private key (PR-RM) corresponding to (PU-RM) and based at least in part on the rights data to result in a signed rights label (SRL), and returns the SRL.