Secure IP based streaming in a format independent manner
    1.
    发明授权
    Secure IP based streaming in a format independent manner 有权
    安全的基于IP的流媒体格式独立的方式

    公开(公告)号:US07249264B2

    公开(公告)日:2007-07-24

    申请号:US10114140

    申请日:2002-04-02

    IPC分类号: G06F21/00 H04L29/00

    CPC分类号: H04L63/0428

    摘要: A system, method and computer readable medium for providing secure IP-based streaming in a format independent manner is disclosed. The method on a content mastering system begins with an encoded media file consisting of content data and associated metadata. First, the metadata is read from the encoded media file. Next, the encoded media file including the content data and the associated metadata is encrypted. Then, in a streaming server system, the encoded/encrypted media file is divided into more than one data packet, streamed in accordance with one or more parameters in the metadata. Each data packet includes a portion of the encoded/encrypted media file and an offset value corresponding to a location within the encoded/encrypted media file. The data packets are then streamed to a client information processing system (i.e., the client) over a network.

    摘要翻译: 公开了一种以格式独立的方式提供安全的基于IP的流传输的系统,方法和计算机可读介质。 内容母版制系统上的方法以包含内容数据和关联元数据的编码媒体文件开始。 首先,从编码的媒体文件中读取元数据。 接下来,加密包含内容数据和关联元数据的编码媒体文件。 然后,在流服务器系统中,编码/加密的媒体文件被分成多个数据包,根据元数据中的一个或多个参数流式传输。 每个数据分组包括编码/加密的媒体文件的一部分和对应于编码/加密的媒体文件内的位置的偏移值。 数据包然后通过网络流式传输到客户端信息处理系统(即,客户端)。

    Persistent access control of protected content
    2.
    发明授权
    Persistent access control of protected content 失效
    受保护内容的持续访问控制

    公开(公告)号:US07614077B2

    公开(公告)日:2009-11-03

    申请号:US10121033

    申请日:2002-04-10

    IPC分类号: G06F21/00 G06F9/44 H04L9/28

    CPC分类号: G06F21/10

    摘要: A system for providing persistent access control of protected content is disclosed. The method on a client system includes sending a first request for authentication of the client to a server system. Subsequently, the client is authenticated by the server. Next, a user on the client attempts to access a file comprising a trailer and content encrypted with an encrypting key. Then, a second request for access to the content is sent to the server by the client, wherein an identifier from the trailer is included in the second request. The identifier identifies the content or an access control policy of the content. The server determines that the second request is in accordance with an access control policy associated with the content, and grants access to the content. Lastly, the client accesses the content in accordance with the access control policy.

    摘要翻译: 公开了一种用于提供受保护内容的持续访问控制的系统。 客户端系统上的方法包括向服务器系统发送客户端认证的第一请求。 随后,客户端被服务器认证。 接下来,客户端上的用户尝试访问包括预告片的文件和用加密密钥加密的内容。 然后,客户端向服务器发送访问内容的第二请求,其中来自预告片的标识符被包括在第二请求中。 标识符识别内容的内容或访问控制策略。 服务器确定第二请求符合与内容相关联的访问控制策略,并授予对内容的访问权。 最后,客户端根据访问控制策略访问内容。

    System and method for secure authentication of external software modules provided by third parties
    3.
    发明授权
    System and method for secure authentication of external software modules provided by third parties 失效
    由第三方提供的外部软件模块的安全认证系统和方法

    公开(公告)号:US06978375B1

    公开(公告)日:2005-12-20

    申请号:US09658253

    申请日:2000-09-08

    摘要: An external module loads into an entity's memory and is transformed by two functions. These are namely, the STOMP function and the UNSTOMP function. One or both of these functions is based on the actual code that is found in a legitimate version of the external module. The STOMP-UNSTOMP pair produces an external module that works differently if even a single byte of code in the external module has been changed by an attacker. The STOMP transforms the external module and makes it temporarily unusable whilst conversely, the UNSTOMP repairs the damage and makes it workable again. Thus, if the module is not authentic, the pairing between the STOMP and UNSTOMP is broken. Therefore, a patched module from a hacker remains unusable since the STOMP and UNSTOMP transformations do not produce a working external module. Because of the STOMP and UNSTOMP technique, an application is secure because if an external module is free from tampering then the application executes normally. In the event that an illicitly patched external module is loaded then the application fails. In either case, no audio, video or information content is illegally copied because of the disablement of the external module by the STOMP-UNSTOMP procedure.

    摘要翻译: 外部模块加载到实体的存储器中,并由两个功能进行转换。 即STOMP功能和UNSTOMP功能。 这些功能中的一个或两个基于在外部模块的合法版本中找到的实际代码。 STOMP-UNSTOMP对产生一个外部模块,其工作方式不同,即使外部模块中的单个字节的代码被攻击者更改。 STOMP转换外部模块并使其暂时不可用,而相反地,UNSTOMP修复损坏并使其再次工作。 因此,如果模块不可靠,STOMP和UNSTOMP之间的配对将被破坏。 因此,来自黑客的补丁模块仍然不可用,因为STOMP和UNSTOMP转换不会产生工作的外部模块。 由于STOMP和UNSTOMP技术,应用程序是安全的,因为如果外部模块没有篡改,则应用程序正常执行。 如果加载了非法修补的外部模块,则应用程序将失败。 在任一种情况下,由于STOMP-UNSTOMP程序禁用外部模块,因此无法非法复制音频,视频或信息内容。

    System and method for secure authentication of external software modules provided by third parties
    4.
    发明授权
    System and method for secure authentication of external software modules provided by third parties 失效
    由第三方提供的外部软件模块的安全认证系统和方法

    公开(公告)号:US07500109B2

    公开(公告)日:2009-03-03

    申请号:US11123373

    申请日:2005-05-06

    IPC分类号: H04L9/00

    摘要: An external module loads into an entity's memory and is transformed by two functions. These are namely, the STOMP function and the UNSTOMP function. One or both of these functions is based on the actual code that is found in a legitimate version of the external module. The STOMP-UNSTOMP pair produces an external module that works differently if even a single byte of code in the external module has been changed by an attacker. The STOMP transforms the external module and makes it temporarily unusable whilst conversely, the UNSTOMP repairs the damage and makes it workable again. Thus, if the module is not authentic, the pairing between the STOMP and UNSTOMP is broken. Therefore, a patched module from a hacker remains unusable since the STOMP and UNSTOMP transformations do not produce a working external module. Because of the STOMP and UNSTOMP technique, an application is secure because if an external module is free from tampering then the application executes normally. In the event that an illicitly patched external module is loaded then the application fails. In either case, no audio, video or information content is illegally copied because of the disablement of the external module by the STOMP-UNSTOMP procedure.

    摘要翻译: 外部模块加载到实体的存储器中,并由两个功能进行转换。 即STOMP功能和UNSTOMP功能。 这些功能中的一个或两个基于在外部模块的合法版本中找到的实际代码。 STOMP-UNSTOMP对产生一个外部模块,其工作方式不同,即使外部模块中的单个字节的代码被攻击者更改。 STOMP转换外部模块并使其暂时不可用,而相反地,UNSTOMP修复损坏并使其再次工作。 因此,如果模块不可靠,STOMP和UNSTOMP之间的配对将被破坏。 因此,来自黑客的补丁模块仍然不可用,因为STOMP和UNSTOMP转换不会产生工作的外部模块。 由于STOMP和UNSTOMP技术,应用程序是安全的,因为如果外部模块没有篡改,则应用程序正常执行。 如果加载了非法修补的外部模块,则应用程序将失败。 在任一种情况下,由于STOMP-UNSTOMP程序禁用外部模块,因此无法非法复制音频,视频或信息内容。

    System, service, and method for enabling authorized use of distributed content on a protected media
    5.
    发明授权
    System, service, and method for enabling authorized use of distributed content on a protected media 有权
    允许在受保护媒体上授权使用分布式内容的系统,服务和方法

    公开(公告)号:US07685636B2

    公开(公告)日:2010-03-23

    申请号:US11072943

    申请日:2005-03-07

    IPC分类号: H04L9/10 H04L9/38

    CPC分类号: G06F21/10 G06F2221/0711

    摘要: A protected content distribution system utilizes media-based copy protection to support online distribution of protected content in a secure and legitimate fashion. Using a media-based copy protection scheme based on broadcast encryption, the protected content distribution system realizes online distribution of protected content such as, for example audio files, movies, etc, authorizing consumption of unlicensed content by transfer of a unique encrypted key to the protected media. This transaction is fast, involving the transfer of an encrypted binding key rather than the protected content. Content is enabled through a unique encrypted key on protected media accessed through a device separate from the media driver.

    摘要翻译: 受保护的内容分发系统利用基于媒体的复制保护来以安全和合法的方式支持受保护内容的在线分发。 使用基于广播加密的基于媒体的复制保护方案,受保护的内容分发系统实现受保护内容的在线分发,例如音频文件,电影等,授权通过将唯一的加密密钥传送到 受保护的媒体。 此事务快速,涉及转移加密的绑定密钥而不是受保护的内容。 通过与媒体驱动程序分开的设备访问的受保护媒体上的唯一加密密钥启用内容。

    SYSTEM AND METHOD FOR USER PASSWORD PROTECTION
    6.
    发明申请
    SYSTEM AND METHOD FOR USER PASSWORD PROTECTION 有权
    用户密码保护的系统和方法

    公开(公告)号:US20090106825A1

    公开(公告)日:2009-04-23

    申请号:US11876416

    申请日:2007-10-22

    IPC分类号: G06F7/04

    CPC分类号: G06F21/83 G06F21/31 G06F21/36

    摘要: A system and method are disclosed for protecting a password assigned to a user, the method comprising: providing a password entry screen having a virtual keyboard, the virtual keyboard including a plurality of character keys arranged in a non-QWERTY format; authenticating the user if a password submitted by the user accessing the password entry screen matches a user password retrieved from a password database; and denying access to the user if the submitted password does not match the retrieved user password. The system comprises a storage module and a computer program for performing the method.

    摘要翻译: 公开了一种用于保护分配给用户的密码的系统和方法,所述方法包括:提供具有虚拟键盘的密码输入屏幕,所述虚拟键盘包括以非QWERTY格式布置的多个字符键; 如果访问密码输入屏幕的用户提交的密码与从密码数据库检索的用户密码匹配,则认证用户; 如果提交的密码与检索到的用户密码不符,则拒绝对用户的访问。 该系统包括用于执行该方法的存储模块和计算机程序。

    System and method to securely store information in a recoverable manner on an untrusted system
    7.
    发明授权
    System and method to securely store information in a recoverable manner on an untrusted system 失效
    在不可信系统上以可恢复的方式安全地存储信息的系统和方法

    公开(公告)号:US06920563B2

    公开(公告)日:2005-07-19

    申请号:US09754396

    申请日:2001-01-05

    CPC分类号: H04L9/0894

    摘要: A method (and system) for storing information in a recoverable manner on an untrusted system, includes sending, by a client, a request to a recovery server for recovery of a failed database, determining whether the request is legitimate, based on the determining, sending a local key to the client, decrypting by the client the failed database with the local key, to recover the failed database, and re-encrypting the recovered database with a new key.

    摘要翻译: 一种用于在不可信系统上以可恢复的方式存储信息的方法(和系统),包括:由客户端向所述恢复服务器发送用于恢复故障数据库的请求,基于所述确定来确定所述请求是否合法, 向客户端发送本地密钥,由客户端使用本地密钥解密失败的数据库,以恢复故障的数据库,并使用新的密钥重新加密恢复的数据库。

    User password protection
    8.
    发明授权
    User password protection 有权
    用户密码保护

    公开(公告)号:US08353017B2

    公开(公告)日:2013-01-08

    申请号:US12133776

    申请日:2008-06-05

    IPC分类号: H04L29/00

    CPC分类号: G06F21/83 G06F21/31 G06F21/36

    摘要: A system and method are disclosed for protecting a password assigned to a user, the method comprising: providing a password entry screen having a virtual keyboard, the virtual keyboard including a plurality of character keys arranged in a non-QWERTY format; authenticating the user if a password submitted by the user accessing the password entry screen matches a user password retrieved from a password database; and denying access to the user if the submitted password does not match the retrieved user password. The system comprises a storage module and a computer program for performing the method.

    摘要翻译: 公开了一种用于保护分配给用户的密码的系统和方法,所述方法包括:提供具有虚拟键盘的密码输入屏幕,所述虚拟键盘包括以非QWERTY格式布置的多个字符键; 如果访问密码输入屏幕的用户提交的密码与从密码数据库检索的用户密码匹配,则认证用户; 如果提交的密码与检索到的用户密码不符,则拒绝对用户的访问。 该系统包括用于执行该方法的存储模块和计算机程序。

    SYSTEM AND METHOD FOR DYNAMICALLY EXTENDING A DRM SYSTEM USING AUTHENTICATED EXTERNAL DPR MODULES
    10.
    发明申请
    SYSTEM AND METHOD FOR DYNAMICALLY EXTENDING A DRM SYSTEM USING AUTHENTICATED EXTERNAL DPR MODULES 失效
    使用认证的外部DPR模块动态扩展DRM系统的系统和方法

    公开(公告)号:US20070208742A1

    公开(公告)日:2007-09-06

    申请号:US11464580

    申请日:2006-08-15

    IPC分类号: G06F17/30

    CPC分类号: G06F21/10

    摘要: A rights management module controls access to a data set by processing requests for flexibly defined types of access to the data set and determines if the requested access may be granted. The requester's right for the requested type of access is verified by a verification module that may be part of the rights management core or verified through expansion rights verification modules. Extension verification modules may be contained within the data set itself or obtained from a separate store. Extension verification modules are authenticated by the rights management core.

    摘要翻译: 权限管理模块通过处理对数据集的灵活定义的访问类型的请求来控制对数据集的访问,并确定是否可以授予所请求的访问。 请求者对所请求访问类型的权利由验证模块进行验证,验证模块可以是权限管理核心的一部分,或者通过扩展权限验证模块进行验证。 扩展验证模块可以包含在数据集本身内或从单独的商店获得。 扩展验证模块由权限管理核心进行认证。