公开(公告)号：WO2011066531A2

公开(公告)日：2011-06-03

申请号：PCT/US2010/058318

申请日：2010-11-30

Applicant: GENERAL INSTRUMENT CORPORATION ,  ZHANG, Jiang ,  MANGALORE, Geetha ,  PETERKA, Petr

Inventor： ZHANG, Jiang ,  MANGALORE, Geetha ,  PETERKA, Petr

IPC: G06F21/00

CPC classification number: H04N21/2541 ,  G06F21/10 ,  H04L9/0869 ,  H04L63/062 ,  H04L2209/30 ,  H04L2209/603 ,  H04L2463/061 ,  H04L2463/101 ,  H04N7/1675 ,  H04N21/2347 ,  H04N21/2353 ,  H04N21/4405 ,  H04N21/835 ,  H04N21/85406

Abstract: A method is provided for creating an encrypted data file (700) from a data file having a sample entry box and a media data box. The sample entry box has description information therein. The media data box includes media data therein. The method includes: receiving the data file; encrypting the media data within the media data box with an encryption key; replacing the sample entry box with an encoded box (302); creating a sinf box (702) within the encoded box (302); creating a frma box (306) within the sinf box (702); and creating an schm box (704) within the sinf box (702). The schm box (704) indicates the type of formatting of the encrypted media data. The encoded box (302) does not include an initial counter that may be used to decrypt the encrypted media data.

Abstract translation: 提供了一种用于从具有样本输入框和媒体数据框的数据文件创建加密数据文件（700）的方法。 样本输入框中包含描述信息。 媒体数据盒包括其中的媒体数据。 该方法包括：接收数据文件; 用加密密钥加密媒体数据盒内的媒体数据; 用编码框替换样本输入框（302）; 在编码框（302）内创建sinf框（702）; 创建sinf盒（702）内的frma盒（306）; 并在sinf框（702）内创建一个schm框（704）。 schm框（704）指示加密媒体数据的格式化类型。 编码框（302）不包括可用于解密加密的媒体数据的初始计数器。

公开(公告)号：WO2011090630A1

公开(公告)日：2011-07-28

申请号：PCT/US2010/060932

申请日：2010-12-17

Applicant: GENERAL INSTRUMENT CORPORATION ,  ZHANG, Jiang ,  MEDVINSKY, Alexander ,  MORONEY, Paul ,  PETERKA, Petr

Inventor： ZHANG, Jiang ,  MEDVINSKY, Alexander ,  MORONEY, Paul ,  PETERKA, Petr

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04L63/061 ,  H04L9/0841 ,  H04L9/3226 ,  H04L9/3263 ,  H04L9/3271 ,  H04L63/0442 ,  H04L63/0823 ,  H04L63/0869 ,  H04L63/123 ,  H04L2463/061

Abstract: In a method of temporarily registering a second device with a first device, in which the first device includes a temporary registration mode, the temporary registration mode in the first device is activated, a temporary registration operation in the first device is initiated from the second device, a determination as to whether the second device is authorized to register with the first device is made, and the second device is temporarily registered with the first device in response to a determination that the second device is authorized to register with the first device, in which the temporary registration requires that at least one of the second device and the first device delete information required for the temporary registration following at least one of a determination of a network connection between the first device and the second device and a powering off of at least one of the first device and the second device.

Abstract translation: 在第一设备暂时注册第二设备的方法中，其中第一设备包括临时注册模式，激活第一设备中的临时注册模式，从第二设备启动第一设备中的临时注册操作 进行关于第二设备是否被授权向第一设备注册的确定，并且响应于第二设备被授权向第一设备注册的确定，第二设备被临时登记到第一设备， 所述暂时注册要求所述第二设备和所述第一设备中的至少一个删除在所述第一设备和所述第二设备之间的网络连接的确定中的至少一个之后临时注册所需的信息，以及至少 第一个设备和第二个设备之一。

公开(公告)号：WO2010077547A2

公开(公告)日：2010-07-08

申请号：PCT/US2009/066529

申请日：2009-12-03

Applicant: GENERAL INSTRUMENT CORPORATION ,  ZHANG, Jiang ,  PETERKA, Petr

Inventor： ZHANG, Jiang ,  PETERKA, Petr

IPC: H04W60/00 ,  H04L12/28

CPC classification number: H04N21/43615 ,  H04L9/0822 ,  H04L9/3226 ,  H04L9/3263 ,  H04L12/2809 ,  H04L2209/56 ,  H04L2209/60 ,  H04L2209/80 ,  H04N21/4334 ,  H04N21/4367 ,  H04N21/4623

Abstract: A device configured to communicate with a second device may register a second device using one of multiple registration modes including a domain- registration mode, a device-registration mode, and a no-registration mode. The domain-registration mode allows the second device to register with the device and at least one other device registered with the device, the device-registration mode allows the second device to register with the device and with no other devices, and the no-registration mode does not allow any device to register with the device. The device receives a selection of one of the multiple registration modes and places the device in the selected registration mode.

Abstract translation: 被配置为与第二设备进行通信的设备可以使用包括域注册模式，设备注册模式和无注册模式的多个注册模式之一来注册第二设备。 域注册模式允许第二设备向设备注册和至少一个其他设备注册，设备注册模式允许第二设备向设备注册并且不使用其他设备，并且不注册 模式不允许任何设备向设备注册。 设备接收多个注册模式之一的选择，并将设备置于所选择的注册模式。

公开(公告)号：WO2005031547A2

公开(公告)日：2005-04-07

申请号：PCT/US2004/031347

申请日：2004-09-24

Applicant: GENERAL INSTRUMENT CORPORATION ,  MEDVINSKY, Alexander ,  PETERKA, Petr ,  ZHANG, Jiang

Inventor： MEDVINSKY, Alexander ,  PETERKA, Petr ,  ZHANG, Jiang

IPC: G06F1/00

CPC classification number: H04N21/43615 ,  G06F21/10 ,  H04N21/8355

Abstract: Management of rights to content is provided within an authorized domain. In a single authorized domain, where a plurality of domain interfaces are protected using a common rights management system, a copy of particular content may be allowed to be provided on all devices or only on specific devices coupled to the domain via the interfaces. Copy protection information, for outputs to external devices not protected by the common rights management system, is also specified. Rules can be provided for specifying whether particular content may be copied or moved to another protected domain. A number of rendering devices permitted to render the content simultaneously may be specified. Content rules are provided for use in managing rights to content within an authorized domain. Such rules can be associated with content that is persistently stored by a consumer device, as well as with content that is only rendered by a consumer device.

Abstract translation:

在授权域内提供对内容权利的管理。 在单个授权域中，其中多个域接口使用公共权限管理系统来保护，特定内容的副本可以被允许在所有设备上或仅在通过接口耦合到域的特定设备上提供。 复制保护信息，输出到不受通用权限管理系统保护的外部设备。 可以提供规则来指定特定内容是否可以被复制或移动到另一个受保护的域。 可以指定允许同时呈现内容的许多呈现设备。 内容规则用于管理授权域内的内容权限。 这些规则可以与由消费者设备持久存储的内容以及仅由消费者设备呈现的内容相关联。

公开(公告)号：WO2012094487A2

公开(公告)日：2012-07-12

申请号：PCT/US2012/020320

申请日：2012-01-05

Applicant: GENERAL INSTRUMENT CORPORATION ,  CHEN, Kuang M. ,  ZHANG, Jiang

Inventor： CHEN, Kuang M. ,  ZHANG, Jiang

IPC: H04N21/835 ,  H04L9/28

CPC classification number: H04N21/4325 ,  H04N21/41407 ,  H04N21/4147 ,  H04N21/4334 ,  H04N21/43615 ,  H04N21/4405 ,  H04N21/4408 ,  H04N21/835

Abstract: In embodiments of secure progressive download for media content playback, a client device (128) implements a media player (142) and a proxy application (144). The proxy application is implemented to receive media content (136) from a media server (126), and the media player controls playback of media content (148) on the client device. The proxy application receives the media content (136) encrypted and formatted by the media server for playback by the media player, and the proxy application initiates storing segments of the media content (148) as encrypted media content on the client device. The proxy application also requests an encryption key (124) to decrypt the encrypted media content for playback by the media player. The proxy application receives the encryption key from a key server (122) and stores the encryption key on the client device to decrypt the encrypted media content when requested by the media player.

Abstract translation: 在用于媒体内容播放的安全逐行下载的实施例中，客户端设备（128）实现媒体播放器（142）和代理应用（144）。 代理应用被实现为从媒体服务器（126）接收媒体内容（136），并且媒体播放器控制客户端设备上的媒体内容（148）的回放。 代理应用程序接收由媒体服务器加密和格式化以由媒体播放器回放的媒体内容（136），并且代理应用程序发起将媒体内容（148）的段作为加密的媒体内容存储在客户端设备上。 代理应用还请求加密密钥（124）来解密加密的媒体内容以供媒体播放器重放。 代理应用程序从密钥服务器（122）接收加密密钥，并将加密密钥存储在客户端设备上，以在媒体播放器请求时解密加密的媒体内容。

公开(公告)号：WO2012087719A1

公开(公告)日：2012-06-28

申请号：PCT/US2011/065010

申请日：2011-12-15

Applicant: GENERAL INSTRUMENT CORPORATION ,  PETERKA, Petr ,  CHEN, Kuang M. ,  MAKAM, Ambikacharan P. ,  ZHANG, Jiang

Inventor： PETERKA, Petr ,  CHEN, Kuang M. ,  MAKAM, Ambikacharan P. ,  ZHANG, Jiang

IPC: H04L9/08

CPC classification number: H04L9/083 ,  H04L9/0822 ,  H04L2209/60

Abstract: A Service Key Delivery (SKD) system for delivering a service keys to client devices in a communications network. The delivered service keys are operable to be used to decrypt an encrypted key operable to be used to decrypt an encrypted digital content. The SKD system includes a data input interface for receiving a distribution time frame for the keys and a listing of client device identifications. The SKD system also includes a scheduling module to partition at least part of the distribution time frame into a number of time slots in which the number may be based on a variety of factors. The scheduling module assigns the time slots in the partitioned part of the distribution time frame to the client devices based on the identifications in the listing. The SKD system also includes a message generator configured to send key delivery messages to the client devices.

Abstract translation: 用于向通信网络中的客户端设备传送服务密钥的服务密钥传递（SKD）系统。 递送的服务密钥可操作用于解密可操作以用于解密加密的数字内容的加密密钥。 SKD系统包括用于接收密钥的发布时间帧的数据输入接口和客户端设备标识的列表。 SKD系统还包括调度模块，用于将至少部分分发时间段划分成多个时隙，其中该数可基于各种因素。 调度模块基于列表中的标识将分发时间帧的分割部分中的时隙分配给客户端设备。 SKD系统还包括被配置为向客户端设备发送密钥传递消息的消息发生器。

公开(公告)号：WO2010148178A1

公开(公告)日：2010-12-23

申请号：PCT/US2010/038963

申请日：2010-06-17

Applicant: GENERAL INSTRUMENT CORPORATION ,  MORONEY, Paul ,  ZHANG, Jiang

Inventor： MORONEY, Paul ,  ZHANG, Jiang

IPC: H04W12/06

CPC classification number: H04W12/06 ,  H04L12/281 ,  H04L63/065 ,  H04L63/0823 ,  H04L63/0838

Abstract: A method for registering a first device with a second device over a wireless network includes receiving a registration request from the first device and sending one or more user input choices to the first device. The user input choices each specify a user input action available though a user interface associated with the second device. A device description describing the second device is sent to the first device in a manner that allows it to be presented to the user by the first device. At least one of the user input actions are sequentially received through the user interface in response to instructions provided to the user by the first device. The first device is registered with the second device if the user input actions received by the second device correctly reflect the instructions provided to the user by the first device.

Abstract translation: 用于通过无线网络向第二设备注册第一设备的方法包括从第一设备接收注册请求并向第一设备发送一个或多个用户输入选择。 用户输入选择各自通过与第二设备相关联的用户界面来指定可用的用户输入动作。 描述第二设备的设备描述以允许其由第一设备呈现给用户的方式被发送到第一设备。 响应于由第一设备提供给用户的指令，通过用户界面顺序地接收至少一个用户输入动作。 如果由第二设备接收的用户输入动作正确地反映由第一设备提供给用户的指令，则第一设备被注册到第二设备。

公开(公告)号：WO2010077515A3

公开(公告)日：2010-07-08

申请号：PCT/US2009/066178

申请日：2009-12-01

Applicant: GENERAL INSTRUMENT CORPORATION ,  ZHANG, Jiang ,  MEDVINSKY, Alexander

Inventor： ZHANG, Jiang ,  MEDVINSKY, Alexander

IPC: H04L9/32 ,  H04L9/08

Abstract: A domain key is securely distributed from a device in an existing network to a device outside the network. Each device generates the session key on its own using the first random number, the second random number, the Personal Identification Number, and the same key generation function. The device in the existing network sends the domain key encrypted with the session key to the other device.

公开(公告)号：WO2012087953A1

公开(公告)日：2012-06-28

申请号：PCT/US2011/065880

申请日：2011-12-19

Applicant: GENERAL INSTRUMENT CORPORATION ,  SHAMSAASEF, Rafie ,  ZHANG, Jiang ,  PETERKA, Petr

Inventor： SHAMSAASEF, Rafie ,  ZHANG, Jiang ,  PETERKA, Petr

IPC: G06F21/00

CPC classification number: G06F21/10

Abstract: A domain controller is provided for use with a content source and a media device. The content source can provide encrypted content and rights data corresponding to the encrypted content. The media device can provide a request for the encrypted content and the rights data. The domain controller includes a communication portion, a digital rights management portion and a memory portion. The communication portion can engage in a first bi-directional communication with the content source and can engage in a second bi-directional communication with the media device. The digital rights management portion can receive the rights data. The memory portion can store the encrypted content. The second bi-directional communication includes an authorization and authentication communication between the communication portion and the media device, a secure move message exchange between the communication portion and the media device and a content download from the communication portion to the media device.

Abstract translation: 域控制器被提供用于与内容源和媒体设备一起使用。 内容源可以提供对应于加密内容的加密内容和权限数据。 媒体设备可以提供对加密内容和权限数据的请求。 域控制器包括通信部分，数字版权管理部分和存储器部分。 通信部分可以与内容源进行第一双向通信，并且可以与媒体设备进行第二双向通信。 数字版权管理部分可以接收权限数据。 存储器部分可以存储加密的内容。 第二双向通信包括通信部分和媒体设备之间的授权和认证通信，通信部分和媒体设备之间的安全移动消息交换以及从通信部分到媒体设备的内容下载。

公开(公告)号：WO2012071143A1

公开(公告)日：2012-05-31

申请号：PCT/US2011/058753

申请日：2011-11-01

Applicant: GENERAL INSTRUMENT CORPORATION ,  ZHANG, Jiang ,  MORONEY, Paul ,  PETERKA, Petr

Inventor： ZHANG, Jiang ,  MORONEY, Paul ,  PETERKA, Petr

IPC: H04N21/4627 ,  H04N21/266 ,  H04L9/08

CPC classification number: H04N21/26613 ,  H04L9/0825 ,  H04L9/3263 ,  H04L2209/603 ,  H04N21/4627

Abstract: A method is provided by which a client device obtains authorized access to content delivered over a content delivery network. The method includes receiving an entitlement management message (EMM). The EMM includes at least one cryptographic key and a device registration server certificate ID (DRSCID) identifying a currently valid device registration server (DRS) public key certificate. The DRSCID obtained from the EMM is compared to a stored DRSCID value. An entitlement control message (ECM), which includes an encrypted traffic key for decrypting content, is received. If the DRSCID obtained from the EMM is determined to match the stored DRSCID, the traffic key is decrypted with the cryptographic key or a key derived from the cryptographic key to thereby access the content.

Abstract translation: 提供一种方法，通过该方法，客户端设备获得对通过内容传送网络传送的内容的授权访问。 该方法包括接收授权管理消息（EMM）。 EMM包括标识当前有效的设备注册服务器（DRS）公钥证书的至少一个加密密钥和设备注册服务器证书ID（DRSCID）。 将从EMM获得的DRSCID与存储的DRSCID值进行比较。 接收包括用于解密内容的加密业务密钥的授权控制消息（ECM）。 如果确定从EMM获得的DRSCID与存储的DRSCID匹配，则使用加密密钥或从加密密钥导出的密钥对流量密钥进行解密，从而访问内容。