-
公开(公告)号:US20130091353A1
公开(公告)日:2013-04-11
申请号:US13564643
申请日:2012-08-01
申请人: Jiang Zhang , Alexander Medvinsky , Kwan Chen , Paul Moroney , Petr Peterka
发明人: Jiang Zhang , Alexander Medvinsky , Kwan Chen , Paul Moroney , Petr Peterka
CPC分类号: H04L9/3268 , H04L9/0825 , H04L9/083 , H04L2209/16
摘要: A method and apparatus are for transferring a client device certificate and an associated encrypted client private key to a client device from a secure device. The secure device receives over a secure connection, a secure device certificate, a secure device private key and a plurality of client device certificates. Each client certificate is associated with a bootstrap public key but is not assigned to any particular client device. A plurality of encrypted client private keys is also received. Each of the encrypted client private keys comprises a client private key associated with one of the client device certificates encrypted with the bootstrap public key. The plurality of client device certificates is stored. The encrypted client private keys are stored in double encrypted protected form. A client device certificate and an associated encrypted client private key are transferred to a client device that has successfully registered with the secure device.
摘要翻译: 一种方法和装置用于将客户端设备证书和相关联的加密的客户端私钥从安全设备传送到客户端设备。 安全设备通过安全连接,安全设备证书,安全设备私钥和多个客户端设备证书接收。 每个客户端证书与引导公钥相关联,但不分配给任何特定的客户端设备。 还接收多个加密的客户端私钥。 每个加密的客户端专用密钥包括与用引导公钥加密的客户端设备证书之一相关联的客户端专用密钥。 存储多个客户端设备证书。 加密的客户端私钥以双加密保护形式存储。 客户端设备证书和相关联的加密客户端私钥被传送到已经成功地向安全设备注册的客户端设备。
-
公开(公告)号:US20120303951A1
公开(公告)日:2012-11-29
申请号:US13170261
申请日:2011-06-28
IPC分类号: H04L9/32
CPC分类号: H04L9/3247 , G06F21/10 , H04L9/3265 , H04L63/123 , H04L2209/603 , H04L2463/101
摘要: A client, method and system for registering a DRM client is disclosed. The method (100) includes the steps of: initiating (110) a registration request via a DRM client with an encrypted registration message including an asymmetric key cryptographic identity, a customer identifier and an application specific information (AINFO) field including a digital signature and a device certificate chain; validating (120) information in the application specific information (AINFO) field by a DRM registration server; and receiving (130) a registration response, the registration response being encrypted and including access information, to obtain content. Advantageously, this method provides an enhanced and reliable means of authentication.
摘要翻译: 公开了用于注册DRM客户端的客户端,方法和系统。 所述方法(100)包括以下步骤:通过DRM客户端发起(110)注册请求,所述注册请求具有加密的注册消息,所述加密的注册消息包括非对称密钥加密标识,客户标识符和包括数字签名的应用专用信息(AINFO) 设备证书链; 通过DRM注册服务器验证应用程序特定信息(AINFO)字段中的信息(120); 并且接收(130)注册响应,所述注册响应被加密并包括访问信息,以获得内容。 有利地,该方法提供了增强和可靠的认证手段。
-
23.发明申请Method and Apparatus for Handling of Content that includes a Mix of CCI Segments 审中-公开处理含有CCI段的混合物的内容的方法和装置公开(公告)号:US20080271153A1
公开(公告)日:2008-10-30
申请号:US11950698
申请日:2007-12-05
申请人: Petr Peterka , Alexander Medvinsky , Paul Moroney
发明人: Petr Peterka , Alexander Medvinsky , Paul Moroney
IPC分类号: G06F21/00
CPC分类号: G06F21/10
摘要: A process is provided. The process stores, on a first device, each segment of a set of content having corresponding copy control information. Further, the process receives, from a second device, a request for a copy of the set of content. In addition, the process analyzes a list of the copy control information associated with each segment of the set of content. The process also establishes a restriction indicator, based on the request for the copy of the set of content, for one or more segments of the set of content having a corresponding copy control information value. Finally, the process provides to the second device, the content, the list of copy control information, and the restriction indicator for the one or more segments.
摘要翻译: 提供了一个过程。 该过程在第一设备上存储具有相应复制控制信息的一组内容的每个段。 此外,该过程从第二设备接收对该组内容的副本的请求。 此外,该过程分析与该组内容的每个片段相关联的复制控制信息的列表。 该过程还基于对该组内容的复制的请求,针对该组内容的一个或多个段具有相应的复制控制信息值建立限制指示符。 最后,该过程向第二设备提供一个或多个段的内容,复制控制信息列表和限制指示符。
-
公开(公告)号:US20070294526A1
公开(公告)日:2007-12-20
申请号:US11455574
申请日:2006-06-19
申请人: Alexander Medvinsky , Paul Moroney
发明人: Alexander Medvinsky , Paul Moroney
IPC分类号: H04L9/00
CPC分类号: H04L9/3268 , H04L2209/601 , H04N21/235 , H04N21/2541 , H04N21/2585 , H04N21/435 , H04N21/43615 , H04N21/835
摘要: The present invention discloses an apparatus and method for delivering a revocation list over a one-way broadcast network to receivers with limited memory capabilities. In one example, the revocation list is partitioned to form a first certificate revocation list (CRL) sequence if the number of entries in the revocation list exceeds a predetermined value. Individual identification numbers belonging to a first identification number series are subsequently assigned to partitions of the first CRL sequence. Afterwards, the first CRL sequence is interleaved into a first content transport stream.
摘要翻译: 本发明公开了一种用于通过单向广播网络将撤销列表递送到具有有限存储能力的接收机的装置和方法。 在一个示例中,如果撤销列表中的条目数超过预定值,则撤销列表被分割以形成第一证书撤销列表(CRL)序列。 属于第一标识号序列的个体标识号随后被分配给第一CRL序列的分区。 之后,第一CRL序列被交织到第一内容传输流中。
-
公开(公告)号:US09171569B2
公开(公告)日:2015-10-27
申请号:US12108719
申请日:2008-04-24
IPC分类号: G11B20/00 , G11B27/30 , H04N7/167 , H04N21/254 , H04N21/4147 , H04N21/436 , H04N21/4367 , H04N21/4408 , H04N21/4627 , H04N21/835 , H04N21/8355 , H04N21/845
CPC分类号: G11B20/00086 , G11B20/00166 , G11B20/0021 , G11B20/00507 , G11B20/00731 , G11B27/30 , G11B2220/2516 , H04N7/1675 , H04N21/2541 , H04N21/4135 , H04N21/4147 , H04N21/43615 , H04N21/43622 , H04N21/4367 , H04N21/4408 , H04N21/4627 , H04N21/835 , H04N21/8355 , H04N21/8456
摘要: A process may be utilized by the DVR. The process receives a plurality of segments of a set of content and a plurality of corresponding content rule sets. Further, the process provides one or more instructions to record and encrypt the plurality of segments of the set of content on a storage medium. In addition, the process provides the plurality of content rule sets to the DRM component to be inserted into a locally generated and secured content license associated with the encryption of the set of content. The secured content license includes a master key and a list of the plurality of corresponding content rule sets that have been received in order of reception. The process receives a plurality of marker tokens from the DRM component in order to facilitate trick mode playback.
摘要翻译: DVR可以利用一个过程。 该过程接收一组内容和多个对应的内容规则集合的多个片段。 此外,该过程提供一个或多个指令以在存储介质上记录和加密该组内容的多个段。 此外,该过程向DRM组件提供多个内容规则集以被插入到与该组内容的加密相关联的本地生成和安全的内容许可中。 安全内容许可证包括主密钥和已经按照接收顺序接收的多个对应的内容规则集的列表。 该过程从DRM组件接收多个标记符号以便于特技模式回放。
-
公开(公告)号:US08255989B2
公开(公告)日:2012-08-28
申请号:US10170951
申请日:2002-06-12
申请人: Alexander Medvinsky , Petr Peterka , Paul Moroney
发明人: Alexander Medvinsky , Petr Peterka , Paul Moroney
IPC分类号: G06F7/04
CPC分类号: H04L63/0457 , G06F21/10 , G06F21/602 , G06F21/606 , H04L63/0407 , H04L63/062 , H04L63/0807 , H04L65/607 , H04L65/608
摘要: A session rights object and authorization data are used for defining a consumer's access right to a media content stream. The access rights are determined at a caching server remotely located from the consumer rather than locally at the end user site. In a first aspect, in a computing network having a content provider, a key distribution center, a caching server and a client, a method for controlling client access to a real-time data stream from the caching server, is disclosed. The method includes receiving, by the client, a session rights object from a content provider, the session rights object defining access rules for accessing the real-time data stream; receiving, by the client, authorization data from the key distribution center, the authorization data defining the client's access rights to the real-time data stream; forwarding to the caching server the session rights object and the authorization data; comparing, by the caching server, the session rights object with the authorization data to determine client authorization; and if the client is authorized, streaming, by the caching server, the real-time data stream to the client.
摘要翻译: 会话权限对象和授权数据用于定义消费者对媒体内容流的访问权限。 访问权限在远程位于消费者的缓存服务器上确定,而不是在最终用户站点本地。 在第一方面,在具有内容提供商,密钥分配中心,高速缓存服务器和客户端的计算网络中,公开了一种用于控制来自高速缓存服务器的客户端对实时数据流的访问的方法。 该方法包括从客户端接收来自内容提供商的会话权限对象,会话权限对象定义用于访问实时数据流的访问规则; 由客户端从密钥分配中心接收授权数据,定义客户端对实时数据流的访问权限; 转发到缓存服务器会话权限对象和授权数据; 通过缓存服务器比较会话权限对象与授权数据,以确定客户端授权; 并且如果客户端被授权,则通过缓存服务器流式传输到客户端的实时数据流。
-
公开(公告)号:US20110161660A1
公开(公告)日:2011-06-30
申请号:US12648768
申请日:2009-12-29
申请人: Jiang Zhang , Alexander Medvinsky , Paul Moroney , Petr Peterka
发明人: Jiang Zhang , Alexander Medvinsky , Paul Moroney , Petr Peterka
CPC分类号: H04L63/061 , H04L9/0841 , H04L9/3226 , H04L9/3263 , H04L9/3271 , H04L63/0442 , H04L63/0823 , H04L63/0869 , H04L63/123 , H04L2463/061
摘要: In a method of temporarily registering a second device with a first device, in which the first device includes a temporary registration mode, the temporary registration mode in the first device is activated, a temporary registration operation in the first device is initiated from the second device, a determination as to whether the second device is authorized to register with the first device is made, and the second device is temporarily registered with the first device in response to a determination that the second device is authorized to register with the first device, in which the temporary registration requires that at least one of the second device and the first device delete information required for the temporary registration following at least one of a determination of a network connection between the first device and the second device and a powering off of at least one of the first device and the second device.
摘要翻译: 在第一设备暂时注册第二设备的方法中,其中第一设备包括临时注册模式,激活第一设备中的临时注册模式,从第二设备启动第一设备中的临时注册操作 进行关于第二设备是否被授权向第一设备注册的确定,并且响应于第二设备被授权向第一设备注册的确定,第二设备被临时登记到第一设备, 所述暂时注册要求所述第二设备和所述第一设备中的至少一个删除在所述第一设备和所述第二设备之间的网络连接的确定中的至少一个之后临时注册所需的信息,以及至少 第一个设备和第二个设备之一。
-
公开(公告)号:US08788810B2
公开(公告)日:2014-07-22
申请号:US12648768
申请日:2009-12-29
申请人: Jiang Zhang , Alexander Medvinsky , Paul Moroney , Petr Peterka
发明人: Jiang Zhang , Alexander Medvinsky , Paul Moroney , Petr Peterka
IPC分类号: G06F11/30
CPC分类号: H04L63/061 , H04L9/0841 , H04L9/3226 , H04L9/3263 , H04L9/3271 , H04L63/0442 , H04L63/0823 , H04L63/0869 , H04L63/123 , H04L2463/061
摘要: In a method of temporarily registering a second device with a first device, in which the first device includes a temporary registration mode, the temporary registration mode in the first device is activated, a temporary registration operation in the first device is initiated from the second device, a determination as to whether the second device is authorized to register with the first device is made, and the second device is temporarily registered with the first device in response to a determination that the second device is authorized to register with the first device, in which the temporary registration requires that at least one of the second device and the first device delete information required for the temporary registration following at least one of a determination of a network connection between the first device and the second device and a powering off of at least one of the first device and the second device.
摘要翻译: 在第一设备暂时注册第二设备的方法中,其中第一设备包括临时注册模式,激活第一设备中的临时注册模式,从第二设备启动第一设备中的临时注册操作 进行关于第二设备是否被授权向第一设备注册的确定,并且响应于第二设备被授权向第一设备注册的确定,第二设备被临时登记到第一设备, 所述暂时注册要求所述第二设备和所述第一设备中的至少一个删除在所述第一设备和所述第二设备之间的网络连接的确定中的至少一个之后临时注册所需的信息,以及至少 第一个设备和第二个设备之一。
-
公开(公告)号:US08364964B2
公开(公告)日:2013-01-29
申请号:US12648416
申请日:2009-12-29
申请人: Alexander Medvinsky , Paul Moroney , Jiang Zhang
发明人: Alexander Medvinsky , Paul Moroney , Jiang Zhang
CPC分类号: H04L9/0833 , H04L9/0844 , H04L9/3263 , H04L63/06 , H04L63/0823 , H04L63/10 , H04L2209/80 , H04N21/26606 , H04N21/26613 , H04W12/04
摘要: In a method of registering a plurality of client devices with a device registration server for secure data communications, a unique symmetric key is generated for each of the client devices using a cryptographic function on a private key of the device registration server and a respective public key of each of the client devices, and a broadcast message containing the public key of the device registration server is sent to the client devices, in which the client devices are configured to generate a respective unique symmetric key from the public key of the device registration server and its own private key using a cryptographic function, and in which the unique symmetric key generated by each client device matches the respective unique symmetric key generated by the device registration server for the respective client device.
摘要翻译: 在使用用于安全数据通信的设备注册服务器登记多个客户端设备的方法中,使用设备注册服务器的私钥的密码功能和相应的公钥来为每个客户端设备生成独特的对称密钥 并且将包含设备注册服务器的公开密钥的广播消息发送到客户端设备,其中客户端设备被配置为从设备注册服务器的公开密钥生成相应的唯一对称密钥 和其自己的私钥使用加密功能,并且其中由每个客户端设备生成的唯一对称密钥与由相应客户端设备的设备注册服务器生成的相应唯一对称密钥匹配。
-
公开(公告)号:US20080270308A1
公开(公告)日:2008-10-30
申请号:US11843335
申请日:2007-08-22
申请人: Petr Peterka , Alexander Medvinsky , Paul Moroney
发明人: Petr Peterka , Alexander Medvinsky , Paul Moroney
IPC分类号: G06Q10/00
CPC分类号: H04N21/440281 , G06F21/10 , G06F2221/0784 , G06F2221/2137 , G06F2221/2151 , H04N21/4147 , H04N21/4408 , H04N21/4627 , H04N21/8456
摘要: A process may be utilized by a DVR. The process characterizes a set of content as a plurality of segments as the set of content is received. Each of the segments has a segment length according to a predetermined time interval. Further, the process encrypts each of the segments with a corresponding content encryption key to generate a plurality of encrypted segments. The corresponding content encryption key for each of the segments is generated by the DRM component. In addition, the process stores each of the encrypted segments for playback with trick play features in accordance with an expiration content rule having a time limit on the temporary playability of the set of content.
摘要翻译: DVR可以利用进程。 当接收到内容集合时,该过程将一组内容表征为多个段。 每个段具有根据预定时间间隔的段长度。 此外,该过程使用对应的内容加密密钥来加密每个段,以生成多个加密段。 每个段的相应内容加密密钥由DRM组件产生。 此外,该过程根据具有对该组内容的临时播放性具有时间限制的期满内容规则,将每个加密段用于播放特技播放特征。
-
-
-
-
-
-
-
-
-
搜索结果
99 条记录 (耗时 0.03 秒)
