-
公开(公告)号:US07404082B2
公开(公告)日:2008-07-22
申请号:US11228180
申请日:2005-09-16
申请人: Alexander Medvinsky , Paul Moroney , Eric Sprunk , Petr Peterka
发明人: Alexander Medvinsky , Paul Moroney , Eric Sprunk , Petr Peterka
IPC分类号: H04L9/00
CPC分类号: H04L9/0825 , G11B20/0021 , G11B20/00731 , H04L9/0822 , H04L9/083 , H04L2209/603 , H04N21/26606 , H04N21/26613 , H04N21/4181 , H04N21/63345 , H04N21/8355
摘要: Described herein are embodiments that provide an approach to cryptographic key management for a digital rights management (DRM) architecture that includes multiple levels of key management for minimizing bandwidth usage while maximizing security for the DRM architecture. In one embodiment, there is provided a data structure for cryptographic key management that includes a public/private key pair and three additional layers of symmetric keys for authorizing access to a plurality of contents.
摘要翻译: 这里描述的是提供用于数字版权管理(DRM)架构的加密密钥管理的方法的实施例,其包括用于最小化带宽使用的多级密钥管理,同时最大化DRM架构的安全性。 在一个实施例中,提供了一种用于加密密钥管理的数据结构,其包括用于授权访问多个内容的公钥/私钥对和三个对称密钥层。
-
公开(公告)号:US20060059342A1
公开(公告)日:2006-03-16
申请号:US11228180
申请日:2005-09-16
申请人: Alexander Medvinsky , Paul Moroney , Eric Sprunk , Petr Peterka
发明人: Alexander Medvinsky , Paul Moroney , Eric Sprunk , Petr Peterka
IPC分类号: H04L9/00
CPC分类号: H04L9/0825 , G11B20/0021 , G11B20/00731 , H04L9/0822 , H04L9/083 , H04L2209/603 , H04N21/26606 , H04N21/26613 , H04N21/4181 , H04N21/63345 , H04N21/8355
摘要: Described herein are embodiments that provide an approach to cryptographic key management for a digital rights management (DRM) architecture that includes multiple levels of key management for minimizing bandwidth usage while maximizing security for the DRM architecture. In one embodiment, there is provided a data structure for cryptographic key management that includes a public/private key pair and three additional layers of symmetric keys for authorizing access to a plurality of contents.
摘要翻译: 这里描述的是提供用于数字版权管理(DRM)架构的加密密钥管理的方法的实施例,其包括用于最小化带宽使用的多级密钥管理,同时最大化DRM架构的安全性。 在一个实施例中,提供了一种用于加密密钥管理的数据结构,其包括用于授权访问多个内容的公钥/私钥对和三个对称密钥层。
-
3.发明授权Key management protocol and authentication system for secure internet protocol rights management architecture 有权用于安全互联网协议权限管理架构的密钥管理协议和认证系统公开(公告)号:US07243366B2
公开(公告)日:2007-07-10
申请号:US10092347
申请日:2002-03-04
申请人: Alexander Medvinsky , Petr Peterka , Paul Moroney , Eric Sprunk
发明人: Alexander Medvinsky , Petr Peterka , Paul Moroney , Eric Sprunk
CPC分类号: H04L63/04 , G06Q20/367 , H04L63/062 , H04L63/08 , H04L2463/101
摘要: A digital rights management architecture for securely delivering content to authorized consumers. The architecture includes a content provider and a consumer system for requesting content from the content provider. The content provider generates a session rights object having purchase options selected by the consumer. A KDC thereafter provides authorization data to the consumer system. Also, a caching server is provided for comparing the purchase options with the authorization data. The caching server forwards the requested content to the consumer system if the purchase options match the authorization data. Note that the caching server employs real time streaming for securely forwarding the encrypted content, and the requested content is encrypted for forwarding to the consumer system. Further, the caching server and the consumer system exchange encrypted control messages (and authenticated) for supporting transfer of the requested content. In this manner, all interfaces between components are protected by encryption and/authenticated.
摘要翻译: 数字版权管理架构,用于将权限安全地传递给授权消费者。 该架构包括内容提供商和用于从内容提供商请求内容的消费者系统。 内容提供商生成具有由消费者选择的购买选项的会话权限对象。 KDC此后向消费者系统提供授权数据。 此外,还提供了一个缓存服务器,用于将购买选项与授权数据进行比较。 如果购买选项与授权数据匹配,则缓存服务器将所请求的内容转发到消费者系统。 请注意,缓存服务器采用实时流式传输安全地转发加密的内容,并且所请求的内容被加密以转发到消费者系统。 此外,缓存服务器和消费者系统交换加密的控制消息(并被认证)以支持所请求的内容的传送。 以这种方式,组件之间的所有接口都受到加密和/或认证的保护。
-
公开(公告)号:US09171569B2
公开(公告)日:2015-10-27
申请号:US12108719
申请日:2008-04-24
IPC分类号: G11B20/00 , G11B27/30 , H04N7/167 , H04N21/254 , H04N21/4147 , H04N21/436 , H04N21/4367 , H04N21/4408 , H04N21/4627 , H04N21/835 , H04N21/8355 , H04N21/845
CPC分类号: G11B20/00086 , G11B20/00166 , G11B20/0021 , G11B20/00507 , G11B20/00731 , G11B27/30 , G11B2220/2516 , H04N7/1675 , H04N21/2541 , H04N21/4135 , H04N21/4147 , H04N21/43615 , H04N21/43622 , H04N21/4367 , H04N21/4408 , H04N21/4627 , H04N21/835 , H04N21/8355 , H04N21/8456
摘要: A process may be utilized by the DVR. The process receives a plurality of segments of a set of content and a plurality of corresponding content rule sets. Further, the process provides one or more instructions to record and encrypt the plurality of segments of the set of content on a storage medium. In addition, the process provides the plurality of content rule sets to the DRM component to be inserted into a locally generated and secured content license associated with the encryption of the set of content. The secured content license includes a master key and a list of the plurality of corresponding content rule sets that have been received in order of reception. The process receives a plurality of marker tokens from the DRM component in order to facilitate trick mode playback.
摘要翻译: DVR可以利用一个过程。 该过程接收一组内容和多个对应的内容规则集合的多个片段。 此外,该过程提供一个或多个指令以在存储介质上记录和加密该组内容的多个段。 此外,该过程向DRM组件提供多个内容规则集以被插入到与该组内容的加密相关联的本地生成和安全的内容许可中。 安全内容许可证包括主密钥和已经按照接收顺序接收的多个对应的内容规则集的列表。 该过程从DRM组件接收多个标记符号以便于特技模式回放。
-
公开(公告)号:US08255989B2
公开(公告)日:2012-08-28
申请号:US10170951
申请日:2002-06-12
申请人: Alexander Medvinsky , Petr Peterka , Paul Moroney
发明人: Alexander Medvinsky , Petr Peterka , Paul Moroney
IPC分类号: G06F7/04
CPC分类号: H04L63/0457 , G06F21/10 , G06F21/602 , G06F21/606 , H04L63/0407 , H04L63/062 , H04L63/0807 , H04L65/607 , H04L65/608
摘要: A session rights object and authorization data are used for defining a consumer's access right to a media content stream. The access rights are determined at a caching server remotely located from the consumer rather than locally at the end user site. In a first aspect, in a computing network having a content provider, a key distribution center, a caching server and a client, a method for controlling client access to a real-time data stream from the caching server, is disclosed. The method includes receiving, by the client, a session rights object from a content provider, the session rights object defining access rules for accessing the real-time data stream; receiving, by the client, authorization data from the key distribution center, the authorization data defining the client's access rights to the real-time data stream; forwarding to the caching server the session rights object and the authorization data; comparing, by the caching server, the session rights object with the authorization data to determine client authorization; and if the client is authorized, streaming, by the caching server, the real-time data stream to the client.
摘要翻译: 会话权限对象和授权数据用于定义消费者对媒体内容流的访问权限。 访问权限在远程位于消费者的缓存服务器上确定,而不是在最终用户站点本地。 在第一方面,在具有内容提供商,密钥分配中心,高速缓存服务器和客户端的计算网络中,公开了一种用于控制来自高速缓存服务器的客户端对实时数据流的访问的方法。 该方法包括从客户端接收来自内容提供商的会话权限对象,会话权限对象定义用于访问实时数据流的访问规则; 由客户端从密钥分配中心接收授权数据,定义客户端对实时数据流的访问权限; 转发到缓存服务器会话权限对象和授权数据; 通过缓存服务器比较会话权限对象与授权数据,以确定客户端授权; 并且如果客户端被授权,则通过缓存服务器流式传输到客户端的实时数据流。
-
公开(公告)号:US20110161660A1
公开(公告)日:2011-06-30
申请号:US12648768
申请日:2009-12-29
申请人: Jiang Zhang , Alexander Medvinsky , Paul Moroney , Petr Peterka
发明人: Jiang Zhang , Alexander Medvinsky , Paul Moroney , Petr Peterka
CPC分类号: H04L63/061 , H04L9/0841 , H04L9/3226 , H04L9/3263 , H04L9/3271 , H04L63/0442 , H04L63/0823 , H04L63/0869 , H04L63/123 , H04L2463/061
摘要: In a method of temporarily registering a second device with a first device, in which the first device includes a temporary registration mode, the temporary registration mode in the first device is activated, a temporary registration operation in the first device is initiated from the second device, a determination as to whether the second device is authorized to register with the first device is made, and the second device is temporarily registered with the first device in response to a determination that the second device is authorized to register with the first device, in which the temporary registration requires that at least one of the second device and the first device delete information required for the temporary registration following at least one of a determination of a network connection between the first device and the second device and a powering off of at least one of the first device and the second device.
摘要翻译: 在第一设备暂时注册第二设备的方法中,其中第一设备包括临时注册模式,激活第一设备中的临时注册模式,从第二设备启动第一设备中的临时注册操作 进行关于第二设备是否被授权向第一设备注册的确定,并且响应于第二设备被授权向第一设备注册的确定,第二设备被临时登记到第一设备, 所述暂时注册要求所述第二设备和所述第一设备中的至少一个删除在所述第一设备和所述第二设备之间的网络连接的确定中的至少一个之后临时注册所需的信息,以及至少 第一个设备和第二个设备之一。
-
7.发明申请Method and Apparatus for Composing a Digital Rights Management License Format 审中-公开构建数字版权管理许可证格式的方法和装置公开(公告)号:US20080270311A1
公开(公告)日:2008-10-30
申请号:US11843312
申请日:2007-08-22
申请人: Petr Peterka , Alexander Medvinsky , Paul Moroney
发明人: Petr Peterka , Alexander Medvinsky , Paul Moroney
IPC分类号: G06Q10/00
摘要: A process composes a content license for a set of content. The content license has a static portion and a dynamic portion. Further, the process inserts a master key into the static portion. In addition, the process inserts a plurality of content rule sets of values into the dynamic portion and composes a unique content encryption key for each segment of content associated with one of the content rule sets of values as each of the content rule sets of values is sequentially received during recording of the content. The unique content encryption key is based on the master key and at least a subset of the content rule set of values for a corresponding segment of the content. The unique content encryption key is utilized for encryption of each segment of the content to generate a plurality of encrypted content segments for storage on the storage medium.
摘要翻译: 一个进程组成一组内容的内容许可证。 内容许可证具有静态部分和动态部分。 此外,该过程将主密钥插入静态部分。 此外,该过程将多个内容规则集值集合插入到动态部分中,并且对于与内容规则集值之一相关联的每个内容段,构成唯一内容加密密钥,因为每个内容规则集值是 在记录内容期间顺序地接收。 唯一内容加密密钥基于主密钥以及内容的相应段的内容规则集合的集合的至少一个子集。 独特的内容加密密钥用于加密内容的每个段,以生成用于存储在存储介质上的多个加密的内容段。
-
公开(公告)号:US20080267398A1
公开(公告)日:2008-10-30
申请号:US12108719
申请日:2008-04-24
IPC分类号: H04N7/167
CPC分类号: G11B20/00086 , G11B20/00166 , G11B20/0021 , G11B20/00507 , G11B20/00731 , G11B27/30 , G11B2220/2516 , H04N7/1675 , H04N21/2541 , H04N21/4135 , H04N21/4147 , H04N21/43615 , H04N21/43622 , H04N21/4367 , H04N21/4408 , H04N21/4627 , H04N21/835 , H04N21/8355 , H04N21/8456
摘要: A process may be utilized by the DVR. The process receives a plurality of segments of a set of content and a plurality of corresponding content rule sets. Further, the process provides one or more instructions to record and encrypt the plurality of segments of the set of content on a storage medium. In addition, the process provides the plurality of content rule sets to the DRM component to be inserted into a locally generated and secured content license associated with the encryption of the set of content. The secured content license includes a master key and a list of the plurality of corresponding content rule sets that have been received in order of reception. The process receives a plurality of marker tokens from the DRM component in order to facilitate trick mode playback.
摘要翻译: DVR可以利用一个过程。 该过程接收一组内容和多个对应的内容规则集合的多个片段。 此外,该过程提供一个或多个指令以在存储介质上记录和加密该组内容的多个段。 此外,该过程向DRM组件提供多个内容规则集以被插入到与该组内容的加密相关联的本地生成和安全的内容许可中。 安全内容许可证包括主密钥和已经按照接收顺序接收的多个对应的内容规则集的列表。 该过程从DRM组件接收多个标记符号以便于特技模式回放。
-
公开(公告)号:US20130091353A1
公开(公告)日:2013-04-11
申请号:US13564643
申请日:2012-08-01
申请人: Jiang Zhang , Alexander Medvinsky , Kwan Chen , Paul Moroney , Petr Peterka
发明人: Jiang Zhang , Alexander Medvinsky , Kwan Chen , Paul Moroney , Petr Peterka
CPC分类号: H04L9/3268 , H04L9/0825 , H04L9/083 , H04L2209/16
摘要: A method and apparatus are for transferring a client device certificate and an associated encrypted client private key to a client device from a secure device. The secure device receives over a secure connection, a secure device certificate, a secure device private key and a plurality of client device certificates. Each client certificate is associated with a bootstrap public key but is not assigned to any particular client device. A plurality of encrypted client private keys is also received. Each of the encrypted client private keys comprises a client private key associated with one of the client device certificates encrypted with the bootstrap public key. The plurality of client device certificates is stored. The encrypted client private keys are stored in double encrypted protected form. A client device certificate and an associated encrypted client private key are transferred to a client device that has successfully registered with the secure device.
摘要翻译: 一种方法和装置用于将客户端设备证书和相关联的加密的客户端私钥从安全设备传送到客户端设备。 安全设备通过安全连接,安全设备证书,安全设备私钥和多个客户端设备证书接收。 每个客户端证书与引导公钥相关联,但不分配给任何特定的客户端设备。 还接收多个加密的客户端私钥。 每个加密的客户端专用密钥包括与用引导公钥加密的客户端设备证书之一相关联的客户端专用密钥。 存储多个客户端设备证书。 加密的客户端私钥以双加密保护形式存储。 客户端设备证书和相关联的加密客户端私钥被传送到已经成功地向安全设备注册的客户端设备。
-
10.发明申请Method and Apparatus for Handling of Content that includes a Mix of CCI Segments 审中-公开处理含有CCI段的混合物的内容的方法和装置公开(公告)号:US20080271153A1
公开(公告)日:2008-10-30
申请号:US11950698
申请日:2007-12-05
申请人: Petr Peterka , Alexander Medvinsky , Paul Moroney
发明人: Petr Peterka , Alexander Medvinsky , Paul Moroney
IPC分类号: G06F21/00
CPC分类号: G06F21/10
摘要: A process is provided. The process stores, on a first device, each segment of a set of content having corresponding copy control information. Further, the process receives, from a second device, a request for a copy of the set of content. In addition, the process analyzes a list of the copy control information associated with each segment of the set of content. The process also establishes a restriction indicator, based on the request for the copy of the set of content, for one or more segments of the set of content having a corresponding copy control information value. Finally, the process provides to the second device, the content, the list of copy control information, and the restriction indicator for the one or more segments.
摘要翻译: 提供了一个过程。 该过程在第一设备上存储具有相应复制控制信息的一组内容的每个段。 此外,该过程从第二设备接收对该组内容的副本的请求。 此外,该过程分析与该组内容的每个片段相关联的复制控制信息的列表。 该过程还基于对该组内容的复制的请求,针对该组内容的一个或多个段具有相应的复制控制信息值建立限制指示符。 最后,该过程向第二设备提供一个或多个段的内容,复制控制信息列表和限制指示符。
-
-
-
-
-
-
-
-
-
搜索结果
128 条记录 (耗时 0.021 秒)
