IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0827469
(2001-04-06)
|
발명자
/ 주소 |
- Russell,Chris
- Outten,Todd Avery
- Spaulding,Bryan Gentry
- Sherr,Scott Jeffrey
- Rubenstein,Ira Steven
- Landau,Yair
- Lakamp,Brian David
- Barnett,Jeremy Eli
- Chey,Douglas Daiseug
- Arrieta,Michael R.
- Ko
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
55 인용 특허 :
32 |
초록
▼
Embodiments of the present invention overcome the problems in the existing art described above by providing a secure digital content licensing system and method. Rental of the digital content occurs within an online environment including one or more user network-enabled devices and one or more serve
Embodiments of the present invention overcome the problems in the existing art described above by providing a secure digital content licensing system and method. Rental of the digital content occurs within an online environment including one or more user network-enabled devices and one or more server network devices connected by a communications link to the one or more user network-enabled devices. A user selects content displayed on a main website and requests download of the selected content to the user network-enabled device. To be able to access the content the user must obtain a license. The user's request for a license for specific content comprises information about a desired rental model, an expiration date for the rental model, and information that identifies the user's user network-enabled device, along with other information. A license for the content is generated which comprises the above information and also includes an encryption key for the selected movie. Media player and security technology residing on the user network-enabled device provides protection against unauthorized access to the content by ensuring that only licensed content is viewed and is accessed according to the rental model contained in the license. Media player and security technology also provides security against tampering by performing integrity checks on its various components and other components within the user network-enabled device. Revocation of access rights is made possible by revocation certificates that inhibit accessing of particular content for various reasons including compromised files or components.
대표청구항
▼
What is claimed is: 1. A system for secure licensing of content to a user on a user network-enabled device, the system comprising: at least one server network device communicatively coupled to the user network-enabled device; wherein the at least one server network device is programmed to transfer
What is claimed is: 1. A system for secure licensing of content to a user on a user network-enabled device, the system comprising: at least one server network device communicatively coupled to the user network-enabled device; wherein the at least one server network device is programmed to transfer selected encrypted content to the user network-enabled device; and a license generator, the license generator being programmed to generate an encrypted a license associated with the selected encrypted content, the encrypted license comprising access information defining conditions for controlling the user network-enabled device, and an encryption key to enable the user network-enabled device to produce a user-perceptible form of the selected encrypted content when the conditions defined by the access information conditions are met and to inhibit production of a user-perceptible form of the selected encrypted content when the conditions defined by the access information are not met; and a root key for decrypting the encrypted license to allow the access information and the encryption key in the encrypted license to be accessed by a media player and security technology programmed on the user network-enabled device, the media player and security technology controlling a specific media player on the user network-enabled device to produce the user-perceptible form of the selected encrypted content. 2. The system recited in claim 1, wherein the at least one server network device is further programmed to receive at a first node on the network a request for content from the user network-enabled device at a second node on the network, wherein the transfer of selected content comprises transferring the requested content in response to the receipt of the request from the user network-enabled device at the second node. 3. The system recited in claim 1, wherein the content is encrypted. 4. The system recited in claim 1, wherein the at least one server network device is further programmed to receive at the first node on the network a request for the license from the user network-enabled device at the second node on the network; and wherein the at least one server network device is further programmed to transfer the requested license to the user network-enabled device at the second node. 5. The system recited in claim 1, wherein the license is a data object. 6. The system recited in claim 5, wherein the data object comprises a plurality of data fields, at least a portion of the plurality of data fields containing the access information. 7. The system recited in claim 1, wherein the access information comprises at least one of a content rental model, an expiration date of the license, user network-enabled device identification information, media player identification information, a GUID identifying particular content, and an encryption key for decrypting encrypted content. 8. The system recited in claim 7, wherein the content rental model defines at least one of a specified period of time and a specified number of plays. 9. The system recited in claim 7, wherein the content rental model defines an unlimited number of plays on any user network-enabled device. 10. The system recited in claim 7, wherein the content rental model includes a watermark, the watermark allowing the user to rewind only a determined time interval from the current position in the movie. 11. The system recited in claim 1, further comprising at least one application server, the at least one application server being communicatively coupled to both the at least one server network device and the license generator; wherein the at least one application server is programmed to receive the license request from the at least one server network device and to transfer the license request to the license generator. 12. The system recited in claim 11, wherein the at least one application server is further programmed to provide business rules to the license generator, the business rules being included in the license request by the at least one application server before transferring the license request to the license generator, the business rules defining the types of licenses that the license generator may generate. 13. The system recited in claim 11, wherein the at least one application server is further programmed to gather and store personalization information about users. 14. The system recited in claim 11, wherein the at least one application server is further programmed to create dynamic Web pages. 15. The system recited in claim 11, further comprising a firewall situated between the at least one server network device and the at least one application server, the firewall preventing unauthorized access to the at least one application server. 16. The system recited in claim 11, further comprising a firewall situated between the at least one application server and the license generator, the firewall preventing unauthorized access to the license generator. 17. The system of claim 1, wherein the encrypted license is further associated with a specific user-network enabled device and the specific media player, such that the encrypted license is configured to enable the user-perceptible form of the selected encrypted content on the specific user network-enabled device and the specific media player therein. 18. A method for secure licensing of content to a user on a user network-enabled device, the method comprising: transferring selected encrypted content to the user network-enabled device; and generating a an encrypted license associated with the selected encrypted content, the encrypted license comprising: access information defining conditions for controlling the user-network enabled device; and an encryption key to enable the user network-enabled device to produce a use-perceptible form of the selected encrypted content when the conditions defined by the access information are met and to inhibit production of a user-perceptible form of the selected encrypted content when the conditions defined by the access information are not met; decrypting the encrypted license to allow the access information and the encryption key in the encrypted license to be accessed by a media player and security technology programmed on the user network-enabled device; and p1 controlling a specific media player on the user network-enabled device to produce the user-perceptible form of the selected encrypted content. 19. The method recited in claim 18, wherein the license is a data object. 20. The method recited in claim 19, wherein the data object comprises a plurality of data fields, at least a portion of the plurality of data fields containing the access information. 21. The method recited in claim 18, wherein the access information comprises at least one of a content rental model, an expiration date of the license, user network-enabled device identification information, media player identification information, a GUID identifying particular content, and an encryption key for decrypting encrypted content. 22. The method of claim 18, wherein the encrypted license associated with the selected encrypted content is further associated with a specific user-network enabled device and the specific media player, such that the encrypted license is configured to enable the user-perceptible form of the selected encrypted content on the specific user network-enabled device and the specific media player therein. 23. A system for secure licensing of content to a user on a user network-enabled device, the system comprising: at least one server network device communicatively coupled to the user network-enabled device; wherein the at least one server network device is programmed to transfer a an encrypted license associated with the selected encrypted content to the user network-enabled device, the encrypted license comprising access information which defines access rights to the selected encrypted content and an encryption key to enable the user network-enabled device to produce a use-perceptible form of the selected encrypted content; and wherein the user network-enabled device is programmed to provide media player and security technology, the media player and security technology verifying the form of the selected encrypted content only when the selected encrypted content is properly licensed and inhibiting the user network-enabled device from producing a user-perceptible form of the selected encrypted content when the selected encrypted content is not properly licensed; and a root key for decrypting the encrypted license to allow the access information and the encryption key in the encrypted license to be accessed by. the media player and security technology, the media player and security technology controlling a specific media player on the user network-enabled device to produce the user-perceptible form of the selected encrypted content. 24. The system recited in claim 23, wherein the media player and security technology comprises a media player for displaying the content in a user-perceptible form. 25. The system recited in claim 24, wherein the media player and security technology further comprises at least one of decryption code for decrypting encrypted content, a CODEC for decompressing compressed content, a monitor for displaying the media player to the user, and a hardware interface between the media player and the monitor. 26. The system recited in claim 25, wherein the media player and security technology further comprises digital rights management code for providing a secure inter-process communication data stream between the decryption code, the CODEC, the media player, the hardware interface, and the monitor. 27. The system recited in claim 26, wherein the digital rights management code is protected against tampering by at least one of code obfuscation and anti-debugging techniques. 28. The system recited in claim 26, wherein the digital rights management code provides the secure inter-process communication data stream between the decryption code, the CODEC, the media player, the hardware interface, and the monitor by performing an integrity check on at least one of the media player, the decryption code, the CODEC, the hardware interface, and the monitor in order to detect tampering. 29. The system recited in claim 28, wherein the digital rights management code inhibits the display of content in a user-perceptible form when at least one of the media player, the decryption code, the CODEC, the hardware interface, and the monitor do not pass the integrity check. 30. The system recited in claim 26, wherein the media player and security technology further comprises a protected database in communication with the digital rights management code; wherein the protected database securely stores transferred licenses. 31. The system recited in claim 30, wherein the protected database is protected by encryption methods. 32. The system recited in claim 31, wherein the digital rights management code comprises the a root key, the root key unlocking licenses within the protected database. 33. The system recited in claim 31, wherein the digital rights management code examines the access information within the unlocked license and determines the access rights to the content provided by the unlocked license. 34. The system recited in claim 24, wherein the access information comprises at least one of a content rental model, an expiration date of the license, user network-enabled device identification information, media player identification information, a GUID identifying particular content, and an encryption key for decrypting encrypted content. 35. The system recited in claim 34, wherein the digital rights management code allows the user network-enabled device to produce a user-perceptible form of the content only when the content is properly licensed by enforcing compliance by the user with the content rental model contained in the unlocked license. 36. The system recited in claim 34, wherein the digital rights management code allows the user network-enabled device to produce a user-perceptible form of the content only when the content is properly licensed by comparing user network-enabled device identification information in the unlocked license with the user network-enabled device on which the digital rights management code resides. 37. The system recited in claim 34, wherein the digital rights management code allows the user network-enabled device to produce a user-perceptible form of the content only when the content is properly licensed by comparing media player identification information in the unlocked license with the media player on the user network-enabled device on which the digital rights management code resides. 38. The system recited in claim 34, wherein the digital rights management code passes the encryption key contained in the unlocked license to the decryption code in order to decrypt the encrypted content. 39. The system of claim 23, wherein the encrypted license is further associated with a specific user-network enabled device and the specific media player, such that the encrypted license is configured to enable the user-perceptible form of the selected encrypted content on the specific user network-enabled device and the specific media player therein. 40. A method for secure licensing of content to a user on a user network-enabled device, the method comprising: transferring a an encrypted license associated with the selected encrypted content to the user network-enabled device, the encrypted license comprising access information which defines access rights to the selected encrypted content and an encryption key to enable the user network-enabled device to produce a use-perceptible form of the selected encrypted content; and providing media player and security technology on the user network-enabled device, the media player and security technology verifying the access rights and allowing the user network-enabled device to produce a user-perceptible form of the selected encrypted content only when the selected encrypted content is properly licensed and inhibiting the user network-enabled device from producing a user-perceptible form of the selected encrypted content when the selected encrypted content is not properly licensed; and decrypting the encrypted license to allow the access information and the encryption key in the encrypted license to be accessed by the media player and security technology, the media player and security technology controlling a specific media player on the user network-enabled device to produce the user-perceptible form of the selected encrypted content. 41. The method recited in claim 40, wherein the media player and security technology comprises a media player for displaying the content in a user-perceptible form. 42. The method recited in claim 41, wherein the media player and security technology further comprises at least one of decryption code for decrypting encrypted content, a CODEC for decompressing compressed content, a monitor for displaying the media player to the user, and a hardware interface between the media player and the monitor. 43. The method recited in claim 42, wherein the media player and security technology further comprises digital rights management code for providing a secure inter-process communication data stream between the decryption code, the CODEC, the media player, the hardware interface, and the monitor. 44. The method recited in claim 43, wherein the media player and security technology further comprises a protected database in communication with the digital rights management code; wherein the protected database securely stores transferred licenses. 45. The method recited in claim 44, wherein the protected database is protected by encryption methods. 46. The method recited in claim 44, wherein the digital rights management code comprises a root key, the root key unlocking licenses within the protected-database. 47. The method recited in claim 46, wherein the digital rights management code examines the access information within the unlocked license and determines the access rights to the content provided by the unlocked license. 48. The method recited in claim 41, wherein the access information comprises at least one of a content rental model, an expiration date of the license, user network-enabled device identification information, media player identification information, a GUID identifying particular content, and an encryption key for decrypting encrypted content. 49. The method recited in claim 48, wherein the digital rights management code allows the user network-enabled device to produce a user-perceptible form of the content only when the content is properly licensed by enforcing compliance by the user with the content rental model contained in the unlocked license. 50. The method recited in claim 48, wherein the digital rights management code allows the user network-enabled device to produce a user-perceptible form of the content only when the content is properly licensed by comparing user network-enabled device identification information in the unlocked license with the user network-enabled device on which the digital rights management code resides. 51. The method recited in claim 48, wherein the digital rights management code allows the user network-enabled device to produce a user-perceptible form of the content only when the content is properly licensed by comparing media player identification information in the unlocked license with the media player on the user network-enabled device on which the digital rights management code resides. 52. The method recited in claim 48, wherein the digital rights management code passes the encryption key contained in the unlocked license to the decryption code in order to decrypt the encrypted content. 53. The method of claim 40, wherein the encrypted license associated with the selected encrypted content is further associated with a specific user-network enabled device and the specific media player, such that the encrypted license is configured to enable the user-perceptible form of the selected encrypted content on the specific user network-enabled device and the specific media player therein.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.