-
公开(公告)号:US07464270B2
公开(公告)日:2008-12-09
申请号:US10625312
申请日:2003-07-23
申请人: Vishnu A. Patankar , Robert Reichel , John J. Lambert , Kedarnath A. Dubhashi , Jim E. Thatcher
发明人: Vishnu A. Patankar , Robert Reichel , John J. Lambert , Kedarnath A. Dubhashi , Jim E. Thatcher
CPC分类号: G06F21/57
摘要: The restriction of particular resources includes providing a digital signature for unauthorized resources based on a structure-related parameter of the resource. Thus, attempts at circumventing recognition of such resource will likely result in altering the overall functionality of the resource. Further, such digital signatures are encoded in a critical file required for loading of a resource, thus ensuring that the identity of the resource is considered before execution thereof. Enforcement of the resource restriction includes generating a verification signature for a resource that requests loading. The verification signature is compared to the signature coded into the critical file, and a positive match results in the resource being blocked from loading.
摘要翻译: 特定资源的限制包括基于资源的结构相关参数为未授权资源提供数字签名。 因此,绕过这种资源的识别的尝试可能导致改变资源的整体功能。 此外,这样的数字签名被编码在加载资源所需的关键文件中,从而确保在执行资源之前考虑资源的身份。 资源限制的执行包括为请求加载的资源生成验证签名。 将验证签名与编码到关键文件中的签名进行比较,并且肯定匹配导致资源被阻止加载。
-
公开(公告)号:US20080256592A1
公开(公告)日:2008-10-16
申请号:US11734715
申请日:2007-04-12
申请人: Patrik Schnell , Clifford P. Strom , Kedarnath A. Dubhashi , Daniel Rosenstein , Mark L. Beaubien , Alex McKelvey , Alexandre V. Grigorovitch , Anand Paka , Satvir Randhawa
发明人: Patrik Schnell , Clifford P. Strom , Kedarnath A. Dubhashi , Daniel Rosenstein , Mark L. Beaubien , Alex McKelvey , Alexandre V. Grigorovitch , Anand Paka , Satvir Randhawa
IPC分类号: G06F17/00
CPC分类号: G06F21/10 , G06F2221/0706
摘要: Techniques enable building a collection of data that defines an asset, with the data possibly having differing data types. These techniques are then capable of assigning arbitrary policy to that asset, regardless of which data types are present within the asset. In addition, these techniques enable packaging of this first asset with one or more additional assets in a self-contained envelope. Each asset within the envelope may similarly include data of differing data types. Furthermore, each of these assets may be assigned a policy that may be different than the policy assigned to the first asset. This envelope, or a collection of envelopes, may then be provided to a content-consuming device to consume the assets in accordance with each asset's specified policy.
摘要翻译: 技术可以构建定义资产的数据集合,数据可能具有不同的数据类型。 然后,这些技术能够为该资产分配任意策略,无论资产中存在哪些数据类型。 此外,这些技术使得第一资产与一个或多个额外的资产在自包含的信封中进行包装。 信封内的每个资产可以类似地包括不同数据类型的数据。 此外,这些资产中的每一个可能被分配一个可能与分配给第一个资产的策略不同的策略。 然后可以将该信封或信封集合提供给消费内容的设备,以根据每个资产的指定策略来消费资产。
-
公开(公告)号:US09805374B2
公开(公告)日:2017-10-31
申请号:US11734694
申请日:2007-04-12
申请人: Patrik Schnell , Clifford P. Strom , Adrian J Oney , Mark L. Beaubien , Kedarnath A. Dubhashi , Alexandre V. Grigorovitch , Anand Paka , Satvir Randhawa
发明人: Patrik Schnell , Clifford P. Strom , Adrian J Oney , Mark L. Beaubien , Kedarnath A. Dubhashi , Alexandre V. Grigorovitch , Anand Paka , Satvir Randhawa
摘要: Techniques enable creation of a preview license for digital content. In some instances, the preview license indicates that it allows a content-consuming device to consume less than all of the content. This preview license may create a list specifying multiple portions of the digital content that the content-consuming device may consume. These techniques may also present to a device user an offer to purchase rights to consume all of the digital content after consumption of the preview-licensed portion(s). In other instances, a content server may embed the preview license into a content package that contains the digital content, allowing the server to distribute the package to multiple devices. In still other instances, the preview license may be bound to a domain rather than to individual devices. This allows member devices to share the digital content and the preview license, such that each member device may enjoy the preview experience.
-
公开(公告)号:US08250094B2
公开(公告)日:2012-08-21
申请号:US11490410
申请日:2006-07-19
IPC分类号: G06F17/30
CPC分类号: G06F21/6227 , G06F17/30233 , G06F2221/2105 , G06F2221/2143 , G06F2221/2147
摘要: Various mechanisms are provided for the lockdown of an item store. For example, a method is provided that comprises of disabling access to a relational engine for a set of users associated with a filing system utilizing the relational engine to manipulate data in an item store. Following such disabling of access, an exception is created by allowing access to the relational engine for users of the filing system based on a set of privileges the users have been assigned. The disabling of access can be accomplished by removing system users from ownership roles, and the allowing of access can be accomplished by providing certificates to users that have associated set of privileges granted to the users.
摘要翻译: 提供了用于物品存储的锁定的各种机制。 例如,提供了一种方法,其包括禁用对与关联引擎相关联的一组用户的关系引擎的访问,利用关系引擎来操纵项目存储中的数据。 在这种禁用访问之后,通过允许基于用户被分配的一组特权访问归档系统的用户来创建异常。 访问禁用可以通过将系统用户从所有权角色中删除来实现,并且允许访问可以通过向具有授予用户的相关权限集的用户提供证书来实现。
-
公开(公告)号:US20090307780A1
公开(公告)日:2009-12-10
申请号:US12133356
申请日:2008-06-04
IPC分类号: G06F21/00
CPC分类号: G06F21/10
摘要: Various embodiments utilize a third party, such as a trusted third-party, to perform DRM operations such as “move” operations. In at least some embodiments, the trusted third-party is utilized for both “move” operations as well as local content access such as playback and the like. In at least some embodiments, a third-party maintains a database that includes an association of clients, content, and move version numbers. A client—termed a “source client” maintains at least a move version number locally in a secure fashion. The version number is incremented each time the source client performs a move operation. Both the source client and the third-party increment the version number each time a piece of content is moved. When the client attempts to perform a move operation, it contacts the third-party to ascertain the third-party's move version number. If the move version numbers match and the source client owns the license/content, then, in at least some embodiments, a move operation is permitted.
摘要翻译: 各种实施例利用诸如可信第三方的第三方来执行诸如“移动”操作的DRM操作。 在至少一些实施例中,可信第三方被用于“移动”操作以及本地内容访问,诸如回放等。 在至少一些实施例中,第三方维护包括客户端,内容和移动版本号的关联的数据库。 客户端称为“源客户端”以安全的方式在本地保留至少一个移动版本号。 每次源客户端执行移动操作时,版本号都会增加。 每次移动一个内容时,源客户端和第三方都会增加版本号。 当客户端尝试执行移动操作时,它会联系第三方以确定第三方的移动版本号。 如果移动版本号匹配并且源客户端拥有许可证/内容,则在至少一些实施例中允许移动操作。
-
公开(公告)号:US20090307254A1
公开(公告)日:2009-12-10
申请号:US12133354
申请日:2008-06-04
IPC分类号: G06F17/30
CPC分类号: G06F21/10 , G06F2221/0759
摘要: Various embodiments provide a mapping layer to translate DRM system requirements from one DRM system, such as a source system, to another DRM system, such as a target system. In at least some embodiments, DRM system requirement translation is performed using a signed data structure that maps DRM system requirements from one DRM system to one or more other DRM systems. By mapping DRM system requirements from one system to another, licenses associated with DRM-protected content and associated content can be safely transferred between systems.
摘要翻译: 各种实施例提供映射层以将DRM系统需求从诸如源系统的一个DRM系统转换到另一个DRM系统,诸如目标系统。 在至少一些实施例中,使用将DRM系统要求从一个DRM系统映射到一个或多个其他DRM系统的签名数据结构来执行DRM系统需求转换。 通过将DRM系统要求从一个系统映射到另一个系统,与DRM保护的内容和相关内容相关联的许可证可以在系统之间安全地传输。
-
公开(公告)号:US20080256646A1
公开(公告)日:2008-10-16
申请号:US11734704
申请日:2007-04-12
申请人: Clifford P. Strom , Patrik Schnell , Benjamin Brooks Cutter , Quintin S. Burns , Milan M. Gada , Kevin Lau , Adrian J. Oney , Kedarnath A. Dubhashi
发明人: Clifford P. Strom , Patrik Schnell , Benjamin Brooks Cutter , Quintin S. Burns , Milan M. Gada , Kevin Lau , Adrian J. Oney , Kedarnath A. Dubhashi
IPC分类号: H04L9/32
CPC分类号: H04L9/0825 , H04L63/06 , H04L63/10 , H04L2209/60 , H04L2463/101
摘要: Techniques enable seamless movement and consumption of licensed digital content amongst multiple devices. In some embodiments, these techniques allow establishment of a domain capable of having multiple member devices. Each member device of the domain typically comprises a content-consuming device such as a personal computer, a portable media player, or the like. These techniques enable a license associated with digital content to bind to a domain rather than an individual device. As such, each member device of the domain may contain a domain identity and, with the identity, may consume the content with use of the license and in accordance with policy described in the license. These tools may also enable a member device to join multiple domains and to contain an identification of each of these multiple domains.
摘要翻译: 技术可以在多个设备之间实现许可数字内容的无缝移动和消费。 在一些实施例中,这些技术允许建立能够具有多个成员设备的域。 域的每个成员设备通常包括诸如个人计算机,便携式媒体播放器等的内容消费设备。 这些技术使得与数字内容相关联的许可证能够绑定到域而不是单个设备。 因此,域的每个成员设备可以包含域身份,并且具有身份的消费者可以使用许可证并且根据许可证中描述的策略来消费该内容。 这些工具还可以使成员设备加入多个域并且包含这些多个域中的每一个的标识。
-
18.发明授权Discoverability and enumeration mechanisms in a hierarchically secure storage system 有权分层安全存储系统中的可发现性和枚举机制公开(公告)号:US07370050B2
公开(公告)日:2008-05-06
申请号:US11168589
申请日:2005-06-28
IPC分类号: G06F17/30
CPC分类号: G06F21/6227 , Y10S707/99933 , Y10S707/99939
摘要: A system that generates a per user abstraction of a store from a connection point. Filtering a view set of a hierarchically secured containment hierarchy based on the access permissions of the principal is one of the novel features of the invention. The invention can offer a collection of primitives that can operate on this aggregation that span multiple container hierarchies with potentially heterogeneous security descriptors. The model can reduce the necessity to traverse the container hierarchy to discover all the accessible items in a domain.
摘要翻译: 从连接点生成每个用户抽象存储的系统。 基于主体的访问权限来过滤层次安全的包含层次结构的视图集是本发明的新颖特征之一。 本发明可以提供可以对具有潜在的异构安全描述符跨越多个容器层次的该聚合进行操作的原语集合。 该模型可以减少遍历容器层次结构以发现域中所有可访问项目的必要性。
-
公开(公告)号:US09276935B2
公开(公告)日:2016-03-01
申请号:US12473102
申请日:2009-05-27
CPC分类号: H04L63/10 , G06F21/10 , G06F21/105 , G06F2221/2107 , G06F2221/2115 , H04L29/12047 , H04L61/15 , H04L63/062 , H04L2463/101
摘要: A system is disclosed for providing trusted third-party management of user device domains in a digital rights management environment. The system includes a plurality of content providers that distribute digital content items via user accounts having associated user device domains. The user device domains are managed by an independent domain manager. The domain manager includes a device registrar which is operative, for a given user device domain, to receive a request to add a device to the user device domain. If the request is grantable, a domain controller of the domain manager is operative to cause a domain private key to be transmitted to the device being added to the user device domain. The domain private key is usable at the device to decrypt a content key which was previously released to the user device domain for decrypting protected digital content.
摘要翻译: 公开了一种用于在数字版权管理环境中提供用户设备域的受信任的第三方管理的系统。 该系统包括通过具有相关联的用户设备域的用户帐户分发数字内容的多个内容提供商。 用户设备域由独立的域管理器管理。 域管理器包括设备注册器,对于给定的用户设备域,该设备注册器可以接收向用户设备域添加设备的请求。 如果请求是可授权的,则域管理器的域控制器可操作地使域私有密钥被发送到被添加到用户设备域的设备。 域私钥在设备上可用于解密之前已被释放到用户设备域以解密受保护的数字内容的内容密钥。
-
公开(公告)号:US20090192943A1
公开(公告)日:2009-07-30
申请号:US12021281
申请日:2008-01-28
CPC分类号: H04L9/3247 , H04L2209/603 , H04L2209/80
摘要: This document describes tools capable of renewing an expired license to entertainment content. The tools, in some embodiments, may repeatedly renew a license using very little resources, such as by forgoing retention of the license, encryption keys, or the entertainment content between renewals. The tools, for example, may provide a license to a particular content receiver (e.g., a laptop computer), and, when that license expires, renew the license with as little as a single retained secret. By so doing the tools enable, among other things, fewer computing resources to be used in renewing a license while maintaining the security of that license's entertainment content.
摘要翻译: 本文档描述了能够将已过期许可证更新为娱乐内容的工具。 在一些实施例中,这些工具可以使用非常少的资源来重复地更新许可证,例如通过在续订之前保留许可证,加密密钥或娱乐内容。 例如,这些工具可以向特定内容接收器(例如,膝上型计算机)提供许可证,并且当该许可证到期时,以仅一个保留的秘密来更新许可证。 通过这样做,除了别的以外,这些工具还能够在维护许可证娱乐内容的安全性的同时更新许可证中使用的更少的计算资源。
-
-
-
-
-
-
-
-
-
搜索结果
32 条记录 (耗时 0.034 秒)
