公开(公告)号：US09805374B2

公开(公告)日：2017-10-31

申请号：US11734694

申请日：2007-04-12

Applicant: Patrik Schnell ,  Clifford P. Strom ,  Adrian J Oney ,  Mark L. Beaubien ,  Kedarnath A. Dubhashi ,  Alexandre V. Grigorovitch ,  Anand Paka ,  Satvir Randhawa

Inventor： Patrik Schnell ,  Clifford P. Strom ,  Adrian J Oney ,  Mark L. Beaubien ,  Kedarnath A. Dubhashi ,  Alexandre V. Grigorovitch ,  Anand Paka ,  Satvir Randhawa

IPC: G06Q30/00 ,  G06Q30/02

CPC classification number: G06Q30/02 ,  G06C3/00 ,  G06Q20/00

Abstract: Techniques enable creation of a preview license for digital content. In some instances, the preview license indicates that it allows a content-consuming device to consume less than all of the content. This preview license may create a list specifying multiple portions of the digital content that the content-consuming device may consume. These techniques may also present to a device user an offer to purchase rights to consume all of the digital content after consumption of the preview-licensed portion(s). In other instances, a content server may embed the preview license into a content package that contains the digital content, allowing the server to distribute the package to multiple devices. In still other instances, the preview license may be bound to a domain rather than to individual devices. This allows member devices to share the digital content and the preview license, such that each member device may enjoy the preview experience.

公开(公告)号：US08850230B2

公开(公告)日：2014-09-30

申请号：US12014079

申请日：2008-01-14

Applicant: Patrik Schnell ,  Alexandre V Grigorovitch ,  Kedarnath A Dubhashi

Inventor： Patrik Schnell ,  Alexandre V Grigorovitch ,  Kedarnath A Dubhashi

IPC: G06F12/14 ,  H04L29/06 ,  H04L9/32 ,  H04W12/06 ,  G06F21/10

CPC classification number: H04L9/3271 ,  G06F21/10 ,  H04L9/3263 ,  H04L63/0853 ,  H04L2209/56 ,  H04L2209/603 ,  H04L2209/80 ,  H04L2463/103 ,  H04W12/04 ,  H04W12/06

Abstract: This document describes tools capable of enabling cloud-based movable-component binding. The tools, in some embodiments, bind protected media content to a movable component in a mobile computing device in a cryptographically secure manner without requiring the movable component to perform a complex cryptographic function. By so doing the mobile computing device may request access to content and receive permission to use the content quickly and in a cryptographically robust way.

Abstract translation: 本文档介绍了能够启用基于云的可移动组件绑定的工具。 在一些实施例中，这些工具将保护的媒体内容以密码安全的方式绑定到移动计算设备中的可移动组件，而不需要可移动组件来执行复杂的加密功能。 通过这样做，移动计算设备可以请求访问内容并且以加密方式鲁棒的方式快速地并且接收使用内容的许可。

公开(公告)号：US08250094B2

公开(公告)日：2012-08-21

申请号：US11490410

申请日：2006-07-19

Applicant: Simon Skaria ,  Jason T. Hunter ,  Kedarnath A. Dubhashi

Inventor： Simon Skaria ,  Jason T. Hunter ,  Kedarnath A. Dubhashi

IPC: G06F17/30

CPC classification number: G06F21/6227 ,  G06F17/30233 ,  G06F2221/2105 ,  G06F2221/2143 ,  G06F2221/2147

Abstract: Various mechanisms are provided for the lockdown of an item store. For example, a method is provided that comprises of disabling access to a relational engine for a set of users associated with a filing system utilizing the relational engine to manipulate data in an item store. Following such disabling of access, an exception is created by allowing access to the relational engine for users of the filing system based on a set of privileges the users have been assigned. The disabling of access can be accomplished by removing system users from ownership roles, and the allowing of access can be accomplished by providing certificates to users that have associated set of privileges granted to the users.

Abstract translation: 提供了用于物品存储的锁定的各种机制。 例如，提供了一种方法，其包括禁用对与关联引擎相关联的一组用户的关系引擎的访问，利用关系引擎来操纵项目存储中的数据。 在这种禁用访问之后，通过允许基于用户被分配的一组特权访问归档系统的用户来创建异常。 访问禁用可以通过将系统用户从所有权角色中删除来实现，并且允许访问可以通过向具有授予用户的相关权限集的用户提供证书来实现。

公开(公告)号：US07636851B2

公开(公告)日：2009-12-22

申请号：US11171744

申请日：2005-06-30

Applicant: Jeffrey B. Hamblin ,  Jonathan Schwartz ,  Kedarnath A. Dubhashi ,  Klaus U. Schutz ,  Peter T. Brundrett ,  Richard B. Ward ,  Thomas C. Jones

Inventor： Jeffrey B. Hamblin ,  Jonathan Schwartz ,  Kedarnath A. Dubhashi ,  Klaus U. Schutz ,  Peter T. Brundrett ,  Richard B. Ward ,  Thomas C. Jones

IPC: G06F21/00

CPC classification number: G06F21/62 ,  G06F2221/2145 ,  G06F2221/2149

Abstract: An operating system for a computing device has a first session for a user that includes a first base process that has a first privileges token attached thereto. The first privileges token includes substantially a full set of privileges of the user on the operating system. The operating system also has a second session for the user that includes a second base process that has a second privileges token attached thereto. The second privileges token is derived from the first privileges token and includes only a minimum set of privileges of the user on the operating system. Thus, the second, limited token does not have all privileges associated with the first, full token but instead has a limited set of privileges and not extra privileges that could be employed to take actions that would be harmful, deceptive, or malicious.

Abstract translation: 用于计算设备的操作系统具有用于用户的第一会话，所述第一会话包括具有连接到其的第一权限令牌的第一基本进程。 第一权限令牌在操作系统上基本上包括用户的一整套特权。 操作系统还具有用户的第二会话，其包括具有附加到其的第二权限令牌的第二基本进程。 第二个权限令牌是从第一个权限令牌导出的，并且仅包含操作系统上用户的一组最小权限。 因此，第二个有限令牌不具有与第一个完整令牌相关联的所有权限，而是具有一组有限的权限，而不是可以用于采取有害，欺骗性或恶意行为的额外权限。

公开(公告)号：US20090307780A1

公开(公告)日：2009-12-10

申请号：US12133356

申请日：2008-06-04

Applicant: Kedarnath A. Dubhashi ,  Kenneth S. Reneris

Inventor： Kedarnath A. Dubhashi ,  Kenneth S. Reneris

IPC: G06F21/00

CPC classification number: G06F21/10

Abstract: Various embodiments utilize a third party, such as a trusted third-party, to perform DRM operations such as “move” operations. In at least some embodiments, the trusted third-party is utilized for both “move” operations as well as local content access such as playback and the like. In at least some embodiments, a third-party maintains a database that includes an association of clients, content, and move version numbers. A client—termed a “source client” maintains at least a move version number locally in a secure fashion. The version number is incremented each time the source client performs a move operation. Both the source client and the third-party increment the version number each time a piece of content is moved. When the client attempts to perform a move operation, it contacts the third-party to ascertain the third-party's move version number. If the move version numbers match and the source client owns the license/content, then, in at least some embodiments, a move operation is permitted.

Abstract translation: 各种实施例利用诸如可信第三方的第三方来执行诸如“移动”操作的DRM操作。 在至少一些实施例中，可信第三方被用于“移动”操作以及本地内容访问，诸如回放等。 在至少一些实施例中，第三方维护包括客户端，内容和移动版本号的关联的数据库。 客户端称为“源客户端”以安全的方式在本地保留至少一个移动版本号。 每次源客户端执行移动操作时，版本号都会增加。 每次移动一个内容时，源客户端和第三方都会增加版本号。 当客户端尝试执行移动操作时，它会联系第三方以确定第三方的移动版本号。 如果移动版本号匹配并且源客户端拥有许可证/内容，则在至少一些实施例中允许移动操作。

公开(公告)号：US20090307254A1

公开(公告)日：2009-12-10

申请号：US12133354

申请日：2008-06-04

Applicant: Kedarnath A. Dubhashi ,  Sumedh N. Barde ,  Hany Farag

Inventor： Kedarnath A. Dubhashi ,  Sumedh N. Barde ,  Hany Farag

IPC: G06F17/30

CPC classification number: G06F21/10 ,  G06F2221/0759

Abstract: Various embodiments provide a mapping layer to translate DRM system requirements from one DRM system, such as a source system, to another DRM system, such as a target system. In at least some embodiments, DRM system requirement translation is performed using a signed data structure that maps DRM system requirements from one DRM system to one or more other DRM systems. By mapping DRM system requirements from one system to another, licenses associated with DRM-protected content and associated content can be safely transferred between systems.

Abstract translation: 各种实施例提供映射层以将DRM系统需求从诸如源系统的一个DRM系统转换到另一个DRM系统，诸如目标系统。 在至少一些实施例中，使用将DRM系统要求从一个DRM系统映射到一个或多个其他DRM系统的签名数据结构来执行DRM系统需求转换。 通过将DRM系统要求从一个系统映射到另一个系统，与DRM保护的内容和相关内容相关联的许可证可以在系统之间安全地传输。

公开(公告)号：US20080256646A1

公开(公告)日：2008-10-16

申请号：US11734704

申请日：2007-04-12

Applicant: Clifford P. Strom ,  Patrik Schnell ,  Benjamin Brooks Cutter ,  Quintin S. Burns ,  Milan M. Gada ,  Kevin Lau ,  Adrian J. Oney ,  Kedarnath A. Dubhashi

Inventor： Clifford P. Strom ,  Patrik Schnell ,  Benjamin Brooks Cutter ,  Quintin S. Burns ,  Milan M. Gada ,  Kevin Lau ,  Adrian J. Oney ,  Kedarnath A. Dubhashi

IPC: H04L9/32

CPC classification number: H04L9/0825 ,  H04L63/06 ,  H04L63/10 ,  H04L2209/60 ,  H04L2463/101

Abstract: Techniques enable seamless movement and consumption of licensed digital content amongst multiple devices. In some embodiments, these techniques allow establishment of a domain capable of having multiple member devices. Each member device of the domain typically comprises a content-consuming device such as a personal computer, a portable media player, or the like. These techniques enable a license associated with digital content to bind to a domain rather than an individual device. As such, each member device of the domain may contain a domain identity and, with the identity, may consume the content with use of the license and in accordance with policy described in the license. These tools may also enable a member device to join multiple domains and to contain an identification of each of these multiple domains.

Abstract translation: 技术可以在多个设备之间实现许可数字内容的无缝移动和消费。 在一些实施例中，这些技术允许建立能够具有多个成员设备的域。 域的每个成员设备通常包括诸如个人计算机，便携式媒体播放器等的内容消费设备。 这些技术使得与数字内容相关联的许可证能够绑定到域而不是单个设备。 因此，域的每个成员设备可以包含域身份，并且具有身份的消费者可以使用许可证并且根据许可证中描述的策略来消费该内容。 这些工具还可以使成员设备加入多个域并且包含这些多个域中的每一个的标识。

公开(公告)号：US07370050B2

公开(公告)日：2008-05-06

申请号：US11168589

申请日：2005-06-28

Applicant: Jason T. Hunter ,  Simon Skaria ,  Kedarnath A. Dubhashi

Inventor： Jason T. Hunter ,  Simon Skaria ,  Kedarnath A. Dubhashi

IPC: G06F17/30

CPC classification number: G06F21/6227 ,  Y10S707/99933 ,  Y10S707/99939

Abstract: A system that generates a per user abstraction of a store from a connection point. Filtering a view set of a hierarchically secured containment hierarchy based on the access permissions of the principal is one of the novel features of the invention. The invention can offer a collection of primitives that can operate on this aggregation that span multiple container hierarchies with potentially heterogeneous security descriptors. The model can reduce the necessity to traverse the container hierarchy to discover all the accessible items in a domain.

Abstract translation: 从连接点生成每个用户抽象存储的系统。 基于主体的访问权限来过滤层次安全的包含层次结构的视图集是本发明的新颖特征之一。 本发明可以提供可以对具有潜在的异构安全描述符跨越多个容器层次的该聚合进行操作的原语集合。 该模型可以减少遍历容器层次结构以发现域中所有可访问项目的必要性。

公开(公告)号：US08095518B2

公开(公告)日：2012-01-10

申请号：US12133354

申请日：2008-06-04

Applicant: Kedarnath A Dubhashi ,  Sumedh N Barde ,  Hany Farag

Inventor： Kedarnath A Dubhashi ,  Sumedh N Barde ,  Hany Farag

IPC: G06F17/30

CPC classification number: G06F21/10 ,  G06F2221/0759

Abstract: Various embodiments provide a mapping layer to translate DRM system requirements from one DRM system, such as a source system, to another DRM system, such as a target system. In at least some embodiments, DRM system requirement translation is performed using a signed data structure that maps DRM system requirements from one DRM system to one or more other DRM systems. By mapping DRM system requirements from one system to another, licenses associated with DRM-protected content and associated content can be safely transferred between systems.

Abstract translation: 各种实施例提供映射层以将DRM系统需求从诸如源系统的一个DRM系统转换到另一个DRM系统，诸如目标系统。 在至少一些实施例中，使用将DRM系统要求从一个DRM系统映射到一个或多个其他DRM系统的签名数据结构来执行DRM系统需求转换。 通过将DRM系统要求从一个系统映射到另一个系统，与DRM保护的内容和相关内容相关联的许可证可以在系统之间安全地传输。

公开(公告)号：US20100191974A1

公开(公告)日：2010-07-29

申请号：US12360943

申请日：2009-01-28

Applicant: Kedarnath A. Dubhashi ,  John Bocharov ,  Hany Farag ,  Gilles Khouzam ,  Kiran Kumar

Inventor： Kedarnath A. Dubhashi ,  John Bocharov ,  Hany Farag ,  Gilles Khouzam ,  Kiran Kumar

IPC: H04L9/32

CPC classification number: H04L9/3273 ,  G06F21/10 ,  G06F21/121 ,  H04L9/3247 ,  H04L2209/603

Abstract: Various embodiments for software application verification are disclosed. Software application verification applies digital rights management to applications that run protected content on a playback device. In this way, protected content may be provided to approved applications and withheld from applications that have not been approved to run the protected content.

Abstract translation: 公开了用于软件应用验证的各种实施例。 软件应用程序验证将数字权限管理应用于在播放设备上运行受保护内容的应用程序。 以这种方式，受保护的内容可以被提供给已批准的应用，并且从未被批准来运行受保护的内容的应用中被保留。