公开(公告)号：US20060126831A1

公开(公告)日：2006-06-15

申请号：US11011241

申请日：2004-12-14

申请人： Julian Cerruti ,  Matthew Rutkowski ,  Amal Shaheen

发明人： Julian Cerruti ,  Matthew Rutkowski ,  Amal Shaheen

IPC分类号： H04L9/30 ,  H04L9/00 ,  H04K1/00 ,  H04K1/06 ,  H04K1/04

CPC分类号： H04L9/0841 ,  H04L9/0891 ,  H04L2209/60

摘要： Systems, methods and media for encrypting and decrypting content files are disclosed. More particularly, hardware and/or software for adding an additional level of indirection to a title key encryption scheme are disclosed. Embodiments may include generating by a cryptographic system a binding key based on binding information. Embodiments may also include encrypting by the cryptographic system a secret key with the binding key and generating a title key associated with at least one content file. Embodiments may also include encrypting by the cryptographic system the title key with the secret key and the at least one content file with the title key. Further embodiments may include receiving an indication that the binding information has changed, generating a new binding key based on the new changed binding information, and re-encrypting the secret key with the new binding key.

摘要翻译： 公开了用于加密和解密内容文件的系统，方法和介质。 更具体地，公开了用于向标题密钥加密方案添加附加级别的间接的硬件和/或软件。 实施例可以包括由密码系统基于绑定信息生成绑定密钥。 实施例还可以包括通过密码系统加密具有绑定密钥的秘密密钥并生成与至少一个内容文件相关联的标题密钥。 实施例还可以包括通过密码系统加密具有秘密密钥的标题密钥和具有标题密钥的至少一个内容文件。 另外的实施例可以包括接收绑定信息已经改变的指示，基于新改变的绑定信息生成新的绑定密钥，并用新的绑定密钥重新加密秘密密钥。

公开(公告)号：US20060048232A1

公开(公告)日：2006-03-02

申请号：US10926600

申请日：2004-08-26

申请人： Eunjin Jung ,  Amal Shaheen

发明人： Eunjin Jung ,  Amal Shaheen

IPC分类号： H04L9/32

CPC分类号： H04L63/0428 ,  H04L9/0833 ,  H04L63/062 ,  H04L63/10 ,  H04L2209/601 ,  H04L2209/603 ,  H04L2463/101

摘要： Methods, systems, and products are disclosed for delivering broadcast encryption content. Embodiments of the present invention typically include receiving in a cluster broadcast encryption content; receiving in a cluster a rights object defining device-oriented digital rights for broadcast encryption content; and administering the broadcast encryption content on one or more network devices in the cluster in dependence upon the digital rights. In some embodiments, administering the broadcast encryption content on one or more network devices in the cluster in dependence upon the digital rights include mapping the device-oriented digital rights to digital rights supported in the cluster, excluding device-oriented rights not supported in the cluster. In some embodiments, mapping the device-oriented digital rights to digital rights supported in the cluster includes supporting in the cluster only those device-oriented digital rights having direct analogs in the cluster.

摘要翻译： 公开了用于递送广播加密内容的方法，系统和产品。 本发明的实施例通常包括：接收群集广播加密内容; 在集群中接收定义用于广播加密内容的面向设备的数字权限的权限对象; 以及根据数字权利在群集中的一个或多个网络设备上管理广播加密内容。 在一些实施例中，依照数字权利在群集中的一个或多个网络设备上管理广播加密内容包括将面向设备的数字权限映射到群集中支持的数字版权，不包括群集中不支持的面向设备的权限 。 在一些实施例中，将面向设备的数字权限映射到群集中支持的数字权利包括仅在群集中支持在集群中具有直接模拟的那些面向设备的数字权限。

公开(公告)号：US20070100843A1

公开(公告)日：2007-05-03

申请号：US11255197

申请日：2005-10-20

申请人： Daniel Chen ,  Michael Quigley ,  Amal Shaheen ,  John Woods

发明人： Daniel Chen ,  Michael Quigley ,  Amal Shaheen ,  John Woods

IPC分类号： G06F7/00

CPC分类号： G06Q10/107

摘要： Provided is a method for the standardization of information management among different information sources and different information formats. With respect to information sources that employ different information storage formats, an organizational proxy, or “shadow,” of the organization structure of the first information source is created in the second information source and a shadow of the second information source is created in the first information source. Information stored in conjunction with the first information source is copied into the shadow within the second information source. The information in the first source is then either maintained or a link to corresponding information in the second information source is created within the first information source and the first information is deleted. The claimed subject matter provides a graphical user interface (GUI) so that a user can copy information from one information source to another by executing a “drag & drop” action.

摘要翻译： 提供了不同信息源和不同信息格式之间信息管理标准化的方法。 对于采用不同信息存储格式的信息源，在第二信息源中创建第一信息源的组织结构的组织代理或“影子”，并且在第一信息源中创建第二信息源的阴影 信息来源。 与第一信息源一起存储的信息被复制到第二信息源内的阴影中。 然后维护第一源中的信息，或者在第一信息源内创建到第二信息源中的相应信息的链接，并且删除第一信息。 所要求保护的主题提供图形用户界面（GUI），使得用户可以通过执行“拖放”动作将信息从一个信息源复制到另一个信息源。

公开(公告)号：US20060233372A1

公开(公告)日：2006-10-19

申请号：US11014560

申请日：2004-12-16

申请人： Amal Shaheen ,  Tommy McGuire

发明人： Amal Shaheen ,  Tommy McGuire

IPC分类号： H04K1/00

CPC分类号： H04L63/08 ,  H04L63/0492 ,  H04L63/10 ,  H04L2463/101

摘要： A system, method and computer program for enforcing network cluster proximity requirements using a proxy is useful in preventing unauthorized devices from receiving encrypted broadcast content intended for only authorized users within a network cluster. The current art allows users to remotely establish trust via a cryptographic handshake. This results in encrypted broadcast content being delivered to unauthorized devices. The present invention assures that encrypted broadcast content is delivered to only authorized devices, allowing authorized remote devices to receive encrypted broadcast content while preventing unauthorized remote devices from doing so. The present invention enforces network proximity requirements to authorized devices within a defined area by timing the cryptographic handshaking, and by authorizing device proxies within a geographic area for retransmitting to authorized remote devices outside said geographic area.

公开(公告)号：US20060059573A1

公开(公告)日：2006-03-16

申请号：US10926599

申请日：2004-08-26

申请人： Eunjin Jung ,  Amal Shaheen

发明人： Eunjin Jung ,  Amal Shaheen

IPC分类号： G06F17/30

CPC分类号： H04L63/0428 ,  G06F21/10 ,  H04L63/10 ,  H04L2463/101

摘要： Methods, systems, and products are disclosed for controlling with rights objects delivery of broadcast encryption content for a network cluster from a content server outside the cluster that include receiving in the content server from a network device a key management block for the cluster, a unique data token for the cluster, and an encrypted cluster id; calculating a binding key for the cluster in dependence upon the key management block for the cluster, the unique data token for the cluster, and the encrypted cluster id; inserting a title key into a rights object defining rights for the broadcast encryption content; and sending the rights object to the cluster. In typical embodiments, the rights for content include an authorization for a play period and an authorized number of copies of the broadcast encryption content to devices outside the cluster.

摘要翻译： 方法，系统和产品被公开用于控制从集群外部的内容服务器向网络集群发送广播加密内容的权利对象，其中包括从内容服务器从网络设备接收用于集群的密钥管理块，唯一的 集群的数据令牌和加密的集群ID; 根据集群的密钥管理块，集群的唯一数据令牌和加密的集群ID，计算集群的绑定密钥; 将标题密钥插入到定义广播加密内容的权限的权限对象中; 并将权限对象发送到集群。 在典型的实施例中，内容的权利包括播放期限的授权以及广播加密内容的授权数量的副本到群集外的设备。

公开(公告)号：US20050226416A1

公开(公告)日：2005-10-13

申请号：US10815207

申请日：2004-03-31

申请人： Eunjin Jung ,  Amal Shaheen

发明人： Eunjin Jung ,  Amal Shaheen

IPC分类号： H04L9/08 ,  H04L9/32 ,  H04L12/18 ,  H04L29/06

CPC分类号： H04L12/18 ,  H04L9/0833 ,  H04L63/0428 ,  H04L63/065 ,  H04L2209/601

摘要： Controlling delivery of broadcast encryption content for a network cluster from a content server outside the cluster that include receiving in the content server from the network device a key management block for the cluster, a unique data token for the cluster, and an encrypted cluster id and calculating a binding key for the cluster in dependence upon the key management block for the cluster, the unique data token for the cluster, and the encrypted cluster id. In typical embod0iments, calculating a binding key includes calculating a management key from the key management block for the cluster; calculating a content server device key from the management key and the content server device id; decrypting the encrypted cluster id with the content server device key; and calculating the binding key with the management key, the unique data token for the cluster, and the cluster id.

摘要翻译： 控制从集群外部的内容服务器向网络集群传送广播加密内容，包括从内容服务器从网络设备接收集群的密钥管理块，集群的唯一数据令牌和加密的集群ID，以及 根据集群的密钥管理块，集群的唯一数据令牌和加密的集群ID，计算集群的绑定密钥。 在典型的实施例中，计算绑定密钥包括从集群的密钥管理块计算管理密钥; 从管理密钥和内容服务器设备ID计算内容服务器设备密钥; 用内容服务器设备密钥解密加密的集群ID; 并使用管理密钥，集群的唯一数据令牌和集群ID计算绑定密钥。