-
公开(公告)号:US07174021B2
公开(公告)日:2007-02-06
申请号:US10185641
申请日:2002-06-28
IPC分类号: H04L9/00
CPC分类号: H04L63/0428 , H04L63/0464 , H04L63/0823 , H04L63/12 , H04L2463/101
摘要: A key management interface that allows for different key protection schemes to be plugged into a digital rights management system is disclosed. The interface exposes the functionality of signing data, decrypting data encrypted using a public key, and re-encrypting data encrypted using the public key exported by the interface to a different authenticated principal (i.e., a different public key). Thus, a secure interface can be provided such that the data does not enter or leave the interface in the clear. Such an interface exports private key operations of signing and decryption, and provides security and authentication for the digital asset server in licensing and publishing. During publishing, a client can encrypt asset keys such that only a specified entity can decrypt it, using a plug-in, for example, that implements the aforementioned interface. During licensing, the license issuing entity can use the interface to decrypt keys for assets and to sign licenses and rights labels such that the asset is protected and consumable by a host digital rights management platform. The interface thus provides an abstraction for key operations.
摘要翻译: 公开了一种允许将不同密钥保护方案插入数字版权管理系统的密钥管理接口。 该接口公开了签名数据的功能,解密使用公共密钥加密的数据,并且使用由该接口导出的公共密钥加密的数据重新加密到不同的认证主体(即不同的公钥)。 因此,可以提供安全接口,使得数据不会进入或离开界面清楚。 这样的接口导出签名和解密的私钥操作,并为许可和发布中的数字资产服务器提供安全和身份验证。 在发布期间,客户端可以加密资产密钥,使得只有指定的实体可以使用例如实现上述接口的插件来对其进行解密。 在许可期间,许可证发放实体可以使用接口解密资产的密钥,并签署许可证和权利标签,以使资产受到主机数字版权管理平台的保护和消耗。 因此,该接口为关键操作提供了一个抽象。
-
42.发明申请System and method for activating a rendering device in a multi-level rights-management architecture 审中-公开用于在多级权限管理架构中激活呈现设备的系统和方法公开(公告)号:US20060123025A1
公开(公告)日:2006-06-08
申请号:US11339705
申请日:2006-01-25
申请人: Marco DeMello , Attila Narin , Venkateshaiah Setty , Pavel Zeman , Vinay Krishnaswamy , John Manferdelli , Frank Byrum , Leroy Keely , Yoram Yaacovi , Jeffrey Alger
发明人: Marco DeMello , Attila Narin , Venkateshaiah Setty , Pavel Zeman , Vinay Krishnaswamy , John Manferdelli , Frank Byrum , Leroy Keely , Yoram Yaacovi , Jeffrey Alger
IPC分类号: G06F7/00
CPC分类号: G06F21/10 , G06F2221/0704 , G06F2221/0737 , G06F2221/0797 , G06F2221/2117
摘要: A digital rights management system for the distribution, protection and use of electronic content. The system includes a client architecture which receives content, where the content is preferably protected by encryption and may include a license and individualization features. Content is protected at several levels, including: no protection; source-sealed; individually-sealed (or “inscribed”); source-signed; and fully-individualized (or “owner exclusive”). The client also includes and/or receives components which permit the access and protection of the encrypted content, as well as components that allow content to be provided to the client in a form that is individualized for the client. In some cases, access to the content will be governed by a rights construct defined in the license bound to the content. The client components include an object which accesses encrypted content, an object that parses the license and enforces the rights in the license, an object which obtains protection software and data that is individualized for the client and/or the persona operating the client, and a script of instructions that provides individualization information to a distributor of content so that the content may be individualized for the client and/or its operating persona. Content is generally protected by encrypting it with a key and then sealing the key into the content in a way that binds it to the meta-data associated with the content. In some instances, the key may also be encrypted in such a way as to be accessible only by the use of individualized protection software installed on the client, thereby binding use of the content to a particular client or set of clients.
摘要翻译: 数字版权管理系统,用于分发,保护和使用电子内容。 该系统包括接收内容的客户端架构,其中优选地通过加密保护内容,并且可以包括许可证和个性化特征。 内容受到多个级别的保护,包括:无保护; 源密封; 单独密封(或“铭刻”); 源代码; 和完全个性化(或“所有者独占”)。 客户端还包括和/或接收允许加密内容的访问和保护的组件以及允许以为客户端个性化的形式向客户端提供内容的组件。 在某些情况下,访问内容将受到绑定到内容的许可证中定义的权利结构的约束。 客户端组件包括访问加密内容的对象,解析许可证并执行许可证中的权限的对象,获得保护软件的对象和为客户端和/或操作客户端的个人化的数据,以及 向内容分发者提供个性化信息的指令脚本,使得可以为客户端和/或其操作人员个性化内容。 内容通常通过用密钥加密来保护,然后以将其绑定到与内容相关联的元数据的方式将密钥密封到内容中。 在某些情况下,密钥还可以以仅通过使用安装在客户端上的个性化保护软件才能访问的方式进行加密,从而将内容的使用绑定到特定客户端或客户端集合。
-
43.发明授权System and method for client interaction in a multi-level rights-management architecture 有权用于多级权限管理架构中的客户端交互的系统和方法公开(公告)号:US06981262B1
公开(公告)日:2005-12-27
申请号:US09604636
申请日:2000-06-27
CPC分类号: H04L63/045 , G06F21/10 , G06F2211/007 , G06F2221/2117 , H04L63/0823 , H04L63/123 , H04L2463/101
摘要: A digital rights management system for the distribution, protection and use of electronic content. The system includes a client architecture which receives content, where the content is preferably protected by encryption and may include a license and individualization features. Content is protected at several levels, including: no protection; source-sealed; individually-sealed (or “inscribed”); source-signed; and fully-individualized (or “owner exclusive”). The client components include a script of instructions that provides individualization information to a distributor of content so that the content may be individualized for the client and/or its operating persona.
摘要翻译: 数字版权管理系统,用于分发,保护和使用电子内容。 该系统包括接收内容的客户端架构,其中优选地通过加密保护内容,并且可以包括许可证和个性化特征。 内容受到多个级别的保护,包括:无保护; 源密封; 单独密封(或“铭刻”); 源代码; 和完全个性化(或“所有者独占”)。 客户端组件包括向内容分发者提供个性化信息的指令脚本,使得可以为客户端和/或其操作人员个性化内容。
-
公开(公告)号:US06691176B1
公开(公告)日:2004-02-10
申请号:US09433995
申请日:1999-11-04
申请人: Attila Narin , Donald J. Clore , Keith A. Kegley
发明人: Attila Narin , Donald J. Clore , Keith A. Kegley
IPC分类号: G06F954
CPC分类号: G06F17/30899 , G06F9/542 , G06F9/547 , G06F9/548 , G06F2209/543
摘要: A service manager for managing services and objects called by browser scripts is employed. The Web browser script is not in direct communication with the service manager; instead, a connector object is mapped by the script into the scripting space. For function calls that the script would previously make to the service or object directly, the script makes a call to a connector object. Depending on the browser brand, the connector object is of a different format e.g., an ActiveX control or a Plug-In. The first time such a connector object is created and mapped into a scripting space, the service manager is initiated and all of the services and objects that are managed by the service manager are loaded. The connector object packages the function call to a service for interpretation by the service manager. A script wrapper is a small object between the scripting space and the connector object, and allows script to be written without regard to different browser brands. The service manager then forwards the service call to the corresponding service or object within its control. The service then performs according to the call and information can flow back to the script via the service manager and connector object e.g., an ActiveX control interface or Plug-In interface. Services managed by the service manager can also send information regarding events to the scripting space by way of the service manager, the connector object, and the script wrapper. An event handler can be implemented by the script author if the event is of interest to the script. As a result of the service manager managing the objects, the destruction and re-creation of objects that typically occurs when objects are mapped directly into the scripting space are avoided. All that is destroyed and re-created are the communication channels (namely the connector object and the script wrapper) between the scripting space and the services that are managed by the service manager. This allows any state within the service to persist across different Web pages, thereby improving users' browsing experience and/or increasing the efficient use of computing resources.
-
-
-
搜索结果
44 条记录 (耗时 0.018 秒)
