公开(公告)号：US09124422B2

公开(公告)日：2015-09-01

申请号：US12475325

申请日：2009-05-29

申请人： Florian Pestoni ,  Sunil C. Agrawal ,  Pritham Shetty

发明人： Florian Pestoni ,  Sunil C. Agrawal ,  Pritham Shetty

IPC分类号： H04L9/32 ,  H04L9/08 ,  G06F21/12 ,  G06F21/10 ,  G06F9/455

CPC分类号： H04L9/0825 ,  G06F9/455 ,  G06F21/10 ,  G06F21/121 ,  H04L2209/603

摘要： Various embodiments of a system and method for digital rights management with secure application-content binding are described. Various embodiments may include a system configured to decrypt an encrypted application key with a private key. The system may also be configured to decrypt an encrypted application including a binding key with the decrypted application key. The system may also be configured to decrypt an encrypted content key with the binding key from the decrypted application. The system may be further configured to decrypt encrypted content with the decrypted content key. In various embodiments, the system may also be configured to consume the decrypted content with the decrypted application.

摘要翻译： 描述了具有安全的应用内容绑定的用于数字权限管理的系统和方法的各种实施例。 各种实施例可以包括被配置为用私钥对加密的应用密钥进行解密的系统。 系统还可以被配置为使用解密的应用密钥对包括绑定密钥的加密应用进行解密。 该系统还可以被配置为使用来自解密应用的绑定密钥来解密加密的内容密钥。 该系统还可以被配置为利用解密的内容密钥来解密加密的内容。 在各种实施例中，系统还可以被配置为使用解密的应用来消费解密的内容。

公开(公告)号：US08578157B2

公开(公告)日：2013-11-05

申请号：US12475317

申请日：2009-05-29

申请人： Florian Pestoni ,  Sunil C. Agrawal ,  Pritham Shetty

发明人： Florian Pestoni ,  Sunil C. Agrawal ,  Pritham Shetty

IPC分类号： H04L29/06

CPC分类号： H04L63/065 ,  H04L9/0825 ,  H04L2209/603 ,  H04L2463/101

摘要： Various embodiments of a system and method of digital rights management with authorized device groups are described. Various embodiments may include a system including a digital rights management (DRM) component configured to receive a private key of an authorized device group. In various embodiments, the receipt of the private key of the authorized device group may indicate the system is an authorized member of a group of devices permitted to access content items protected by a common public key associated with the authorized device group. In various embodiments the DRM component may be configured to, for each given content item of multiple content items that are encrypted with different content keys, decrypt an encrypted content key from the given content item with the private key of the authorized device group and decrypt content from the given content item with the decrypted content key.

摘要翻译： 描述了具有授权设备组的数字版权管理的系统和方法的各种实施例。 各种实施例可以包括包括被配置为接收授权设备组的私钥的数字版权管理（DRM）组件的系统。 在各种实施例中，授权设备组的私钥的接收可以指示系统是允许访问由与授权设备组相关联的公共公钥保护的内容项的一组设备的授权成员。 在各种实施例中，DRM组件可以被配置为，对于使用不同内容密钥加密的多个内容项的每个给定内容项，使用所授权设备组的私钥从给定内容项中解密加密的内容密钥并解密内容 从具有解密的内容密钥的给定内容项目。

公开(公告)号：US20130124859A1

公开(公告)日：2013-05-16

申请号：US12475317

申请日：2009-05-29

申请人： Florian Pestoni ,  Sunil C. Agrawal ,  Pritham Shetty

发明人： Florian Pestoni ,  Sunil C. Agrawal ,  Pritham Shetty

IPC分类号： H04L9/00 ,  H04L9/32 ,  H04L9/14

CPC分类号： H04L63/065 ,  H04L9/0825 ,  H04L2209/603 ,  H04L2463/101

摘要： Various embodiments of a system and method of digital rights management with authorized device groups are described. Various embodiments may include a system including a digital rights management (DRM) component configured to receive a private key of an authorized device group. In various embodiments, the receipt of the private key of the authorized device group may indicate the system is an authorized member of a group of devices permitted to access content items protected by a common public key associated with the authorized device group. In various embodiments the DRM component may be configured to, for each given content item of multiple content items that are encrypted with different content keys, decrypt an encrypted content key from the given content item with the private key of the authorized device group and decrypt content from the given content item with the decrypted content key.

摘要翻译： 描述了具有授权设备组的数字版权管理的系统和方法的各种实施例。 各种实施例可以包括包括被配置为接收授权设备组的私钥的数字版权管理（DRM）组件的系统。 在各种实施例中，授权设备组的私钥的接收可以指示系统是允许访问由与授权设备组相关联的公共公钥保护的内容项的一组设备的授权成员。 在各种实施例中，DRM组件可以被配置为，对于使用不同内容密钥加密的多个内容项的每个给定内容项，使用所授权设备组的私钥从给定内容项中解密加密的内容密钥并解密内容 从具有解密的内容密钥的给定内容项目。

公开(公告)号：US20130132232A1

公开(公告)日：2013-05-23

申请号：US12545578

申请日：2009-08-21

申请人： Florian Pestoni ,  Pritham Shetty ,  Sunil C. Agrawal ,  Katherine K. Nadell

发明人： Florian Pestoni ,  Pritham Shetty ,  Sunil C. Agrawal ,  Katherine K. Nadell

IPC分类号： G06Q50/00 ,  G06Q30/00 ,  G06F21/00

CPC分类号： G06F21/10 ,  G06F2221/2117 ,  G06F2221/2141 ,  H04L63/10 ,  H04L63/108 ,  H04L2463/101

摘要： Various embodiments of a system and method for digital rights management with delegated authorization for content access are described. Such embodiments may include a runtime component configured to receive protected content. The runtime component may be configured to submit a request for a delegation token to a first entity, such as a content merchant or some other entity. The runtime component may be configured to receive the delegation token from the first entity. The runtime component may also be configured to submit a request for a content license for the protected content to a second entity, such as an access coordinator or some other entity. The submitted request may include the received delegation token. The runtime component may be configured to receive the content license from the second entity. The runtime component may also be configured to provide access to the protected content in accordance with the received content license.

摘要翻译： 描述了具有用于内容访问的委托授权的数字版权管理的系统和方法的各种实施例。 这样的实施例可以包括被配置为接收受保护内容的运行时组件。 运行时组件可以被配置为向诸如内容商家或某个其他实体的第一实体提交授权令牌的请求。 可以将运行时组件配置为从第一实体接收委托令牌。 运行时组件还可以被配置为向第二实体（诸如访问协调器或某个其他实体）提交对受保护内容的内容许可的请求。 提交的请求可以包括接收到的委托令牌。 运行时组件可以被配置为从第二实体接收内容许可证。 运行时组件还可以被配置为根据接收到的内容许可证提供对受保护内容的访问。

公开(公告)号：US20130124862A1

公开(公告)日：2013-05-16

申请号：US12475325

申请日：2009-05-29

申请人： Florian Pestoni ,  Sunil C. Agrawal ,  Pritham Shetty

发明人： Florian Pestoni ,  Sunil C. Agrawal ,  Pritham Shetty

IPC分类号： H04L9/32 ,  H04L9/14 ,  G06F21/24 ,  H04L9/08 ,  G06F9/455

CPC分类号： H04L9/0825 ,  G06F9/455 ,  G06F21/10 ,  G06F21/121 ,  H04L2209/603

摘要： Various embodiments of a system and method for digital rights management with secure application-content binding are described. Various embodiments may include a system configured to decrypt an encrypted application key with a private key. The system may also be configured to decrypt an encrypted application including a binding key with the decrypted application key. The system may also be configured to decrypt an encrypted content key with the binding key from the decrypted application. The system may be further configured to decrypt encrypted content with the decrypted content key. In various embodiments, the system may also be configured to consume the decrypted content with the decrypted application.

摘要翻译： 描述了具有安全的应用内容绑定的用于数字权限管理的系统和方法的各种实施例。 各种实施例可以包括被配置为用私钥对加密的应用密钥进行解密的系统。 系统还可以被配置为使用解密的应用密钥对包括绑定密钥的加密应用进行解密。 该系统还可以被配置为使用来自解密应用的绑定密钥来解密加密的内容密钥。 该系统还可以被配置为利用解密的内容密钥来解密加密的内容。 在各种实施例中，系统还可以被配置为使用解密的应用来消费解密的内容。

公开(公告)号：US08789196B2

公开(公告)日：2014-07-22

申请号：US12790529

申请日：2010-05-28

申请人： Florian Pestoni ,  Sunil C. Agrawal ,  Viswanathan Swaminathan

发明人： Florian Pestoni ,  Sunil C. Agrawal ,  Viswanathan Swaminathan

IPC分类号： H04L29/06 ,  H04N21/8355 ,  H04L9/08 ,  H04N21/845 ,  H04N21/4627 ,  H04N21/2347

CPC分类号： H04L9/0822 ,  H04L63/06 ,  H04L63/10 ,  H04L2209/603 ,  H04L2463/101 ,  H04N21/2347 ,  H04N21/4627 ,  H04N21/8355 ,  H04N21/8456

摘要： Embodiments may include a content provider system configured to provide electronic content that includes multiple encrypted content items to a playback device. A playback device may be configured to acquire root licenses and/or content licenses from a license server; such licenses may cryptographically protect the content items that a playback device receives from a content provider system. In various embodiments, the electronic content may be content that is to be linearly consumed, such as a channel within a broadcast environment. In various embodiments, the playback device may explicitly request a license for one or more of the content items that it receives; such request may be issued to a license server. The license server may evaluate the request and respond to the playback device with the license for a content item. In various embodiments, the playback device may utilize the received license to decrypt and consume the respective content item.

摘要翻译： 实施例可以包括被配置为向回放设备提供包括多个加密内容项的电子内容的内容提供者系统。 回放设备可以被配置为从许可证服务器获取根许可证和/或内容许可证; 这样的许可证可以密码地保护播放设备从内容提供商系统接收的内容项目。 在各种实施例中，电子内容可以是线性消费的内容，诸如广播环境中的频道。 在各种实施例中，播放设备可以明确地请求其接收的一个或多个内容项目的许可证; 这样的请求可以被发布到许可证服务器。 许可证服务器可以评估请求并且对具有内容项目的许可证的播放设备进行响应。 在各种实施例中，回放设备可以利用所接收的许可证来解密并消费相应的内容项目。

公开(公告)号：US20130121489A1

公开(公告)日：2013-05-16

申请号：US12790529

申请日：2010-05-28

申请人： Florian Pestoni ,  Sunil C. Agrawal ,  Viswanathan Swaminathan

发明人： Florian Pestoni ,  Sunil C. Agrawal ,  Viswanathan Swaminathan

IPC分类号： H04N7/167 ,  H04L9/08 ,  H04L29/06

CPC分类号： H04L9/0822 ,  H04L63/06 ,  H04L63/10 ,  H04L2209/603 ,  H04L2463/101 ,  H04N21/2347 ,  H04N21/4627 ,  H04N21/8355 ,  H04N21/8456

摘要： Embodiments may include a content provider system configured to provide electronic content that includes multiple encrypted content items to a playback device. A playback device may be configured to acquire root licenses and/or content licenses from a license server; such licenses may cryptographically protect the content items that a playback device receives from a content provider system. In various embodiments, the electronic content may be content that is to be linearly consumed, such as a channel within a broadcast environment. In various embodiments, the playback device may explicitly request a license for one or more of the content items that it receives; such request may be issued to a license server. The license server may evaluate the request and respond to the playback device with the license for a content item. In various embodiments, the playback device may utilize the received license to decrypt and consume the respective content item.

摘要翻译： 实施例可以包括被配置为向回放设备提供包括多个加密内容项的电子内容的内容提供者系统。 回放设备可以被配置为从许可证服务器获取根许可证和/或内容许可证; 这样的许可证可以密码地保护播放设备从内容提供商系统接收的内容项目。 在各种实施例中，电子内容可以是线性消费的内容，诸如广播环境中的频道。 在各种实施例中，播放设备可以明确地请求其接收的一个或多个内容项目的许可证; 这样的请求可以被发布到许可证服务器。 许可证服务器可以评估请求并且对具有内容项目的许可证的播放设备进行响应。 在各种实施例中，回放设备可以利用所接收的许可证来解密并消费相应的内容项目。

公开(公告)号：US20110238983A1

公开(公告)日：2011-09-29

申请号：US13153603

申请日：2011-06-06

申请人： Jeffrey Bruce Lotspiech ,  Kevin Snow McCurley ,  Florian Pestoni

发明人： Jeffrey Bruce Lotspiech ,  Kevin Snow McCurley ,  Florian Pestoni

IPC分类号： H04L29/06

CPC分类号： H04L9/0891 ,  H04L9/0822 ,  H04L2209/60

摘要： A device removal system securely removes an item of content or a device from a content-protected home network. An authorization table maintains a list of devices in the content-protected home network in addition to removed devices. The authorization table also maintains a list of deleted content. Through management of various cryptographic keys and techniques, devices and content will not play on a content-protected home network after they have been removed. A secret network ID reduces the possibility of unauthorized playing of content on the content-protected home network. A web server may join the content-protected home network as a device, providing backup for the secret network ID. Otherwise, the device manufacturer will provide the secret network ID in case of a device failure. Storing a verification value in each device ensures integrity of critical cryptographic values. This verification value is compared to network values to ensure network values have not been corrupted.

摘要翻译： 设备移除系统从内容保护的家庭网络安全地移除内容项或设备。 除了已删除的设备之外，授权表维护受保护内容的家庭网络中的设备列表。 授权表还维护已删除内容的列表。 通过管理各种加密密钥和技术，设备和内容在被删除后不会在内容保护的家庭网络上播放。 秘密网络ID减少了内容受保护的家庭网络上未经授权播放内容的可能性。 网络服务器可以加入作为设备的内容保护的家庭网络，为秘密网络ID提供备份。 否则，设备制造商将在设备故障的情况下提供秘密网络ID。 在每个设备中存储验证值可确保关键加密值的完整性。 将此验证值与网络值进行比较，以确保网络值未被损坏。

公开(公告)号：US20080313264A1

公开(公告)日：2008-12-18

申请号：US11811843

申请日：2007-06-12

申请人： Florian Pestoni

发明人： Florian Pestoni

IPC分类号： G06F15/16 ,  H04L9/00

CPC分类号： G06F21/10 ,  G06F2221/0717 ,  H04L9/321 ,  H04L9/3263 ,  H04L63/0823 ,  H04L63/10 ,  H04L2209/603 ,  H04L2209/80 ,  H04L2463/101

摘要： In accordance with the domain management for digital media, a device accesses a domain administrator in order to obtain a domain membership license. The domain membership license indicates that the device is part of a domain that includes multiple devices associated with a user of the device. The device also obtains multiple pieces of protected content from multiple content providers, with two or more of the multiple content providers employing different digital rights management systems. The device also accesses a license server to obtain, for each piece of protected content, a content license that is bound to the domain. The content license permits the device to play back the piece of content to the user.

摘要翻译： 根据数字媒体的域名管理，设备访问域管理员以获取域成员许可证。 域成员许可证指示该设备是包含与该设备的用户相关联的多个设备的域的一部分。 该设备还从多个内容提供商获得多个受保护内容，其中两个或多个多个内容提供商使用不同的数字版权管理系统。 该设备还访问许可证服务器，以便为每个受保护内容获取绑定到域的内容许可证。 内容许可证允许设备向用户回放该内容。

公开(公告)号：US20080273702A1

公开(公告)日：2008-11-06

申请号：US12034421

申请日：2008-02-20

申请人： Eric M. Foster ,  Jeffrey B. Lotspiech ,  Florian Pestoni ,  Wilfred E. Plouffe ,  Frank A. Schaffa

发明人： Eric M. Foster ,  Jeffrey B. Lotspiech ,  Florian Pestoni ,  Wilfred E. Plouffe ,  Frank A. Schaffa

IPC分类号： H04L9/06

CPC分类号： H04L9/0822 ,  G11B20/0021 ,  G11B20/00362 ,  H04L9/083 ,  H04L9/12 ,  H04L63/045 ,  H04L2209/603 ,  H04L2463/101

摘要： A method and system for attaching a title key to encrypted content for synchronized transmission to, or storage by, a recipient is provided. Specifically, under the present invention, an elementary media stream is parceled into content units that each include a content packet and a header. The content packets are encrypted with one or more title keys. Once the content packets have been encrypted, the title keys are themselves encrypted with a key encrypting key. The encrypted title keys are then attached to the corresponding encrypted content packets for synchronized transmission to a recipient.

摘要翻译： 提供了一种用于将标题密钥附加到加密内容以用于同步发送到或由接收者存储的方法和系统。 具体地说，在本发明中，将基本媒体流分解成各自包含内容分组和头部的内容单元。 内容分组用一个或多个标题密钥加密。 一旦内容分组被加密，标题密钥本身就用密钥加密密钥加密。 然后将加密的标题密钥附加到相应的加密内容分组，以便同步发送给接收方。