Systems and methods are provided for protecting electronic content from the time it is packaged through the time it is experienced by an end user. Protection against content misuse is accomplished using a combination of encryption, watermark screening, detection of invalid content processing softwar
Systems and methods are provided for protecting electronic content from the time it is packaged through the time it is experienced by an end user. Protection against content misuse is accomplished using a combination of encryption, watermark screening, detection of invalid content processing software and hardware, and/or detection of invalid content flows. Encryption protects the secrecy of content while it is being transferred or stored. Watermark screening protects against the unauthorized use of content. Watermark screening is provided by invoking a filter module to examine content for the presence of a watermark before the content is delivered to output hardware or software. The filter module is operable to prevent delivery of the content to the output hardware or software if it detects a predefined protection mark. Invalid content processing software is detected by a monitoring mechanism that validates the software involved in processing protected electronic content. Invalid content flows can be detected by scanning the information passed across system interfaces for the attempted transfer of bit patterns that were released from an application and/or a piece of content management software.
대표청구항▼
What is claimed is: 1. A method for protecting electronic media content from unauthorized use by a user of a computer system, the method including: receiving a request from a user of the computer system to use a piece of electronic media content; identifying one or more software modules responsible
What is claimed is: 1. A method for protecting electronic media content from unauthorized use by a user of a computer system, the method including: receiving a request from a user of the computer system to use a piece of electronic media content; identifying one or more software modules responsible for processing the piece of electronic media content and enabling use of the piece of electronic media content by the user; processing at least a portion of said piece of electronic media content using at least one of the one or more software modules; evaluating whether the at least one of the one or more software modules process the portion of the electronic media content in an authorized manner, the evaluating including at least one action selected from the group consisting of: evaluating whether the at least one of the one or more software modules make calls to certain system interfaces; evaluating whether the at least one of the one or more software modules direct data to certain channels; analyzing dynamic timing characteristics of the at least one of the one or more software modules for anomalous timing characteristics indicative of invalid or malicious activity; denying the request to use the piece of electronic media content if the evaluation indicates that the at least one of the one or more software modules fail to satisfy a set of predefined criteria. 2. A method as in claim 1, further including: using the predefined criteria to evaluate the at least one of the one or more software modules according to a predefined policy, and basing a decision to deny the request on the outcome of this evaluation. 3. A method as in claim 1, further comprising computing a cryptographic hash of at least one of the one or more software modules. 4. A system for protecting electronic media content and enabling use of the electronic media content by a user, the system comprising: means for evaluating one or more predefined characteristics of one or more drivers responsible for handling the electronic media content, the means for evaluating including means for operating a protection mechanism selected from the group consisting of: means for evaluating whether the one or more drivers make calls to certain system interfaces; means for determining whether the one or more drivers include one or more predefined code sequences associated with undesirable behavior; means for analyzing dynamic timing characteristics of the one or more drivers for anomalous timing characteristics indicative of invalid or malicious activity; means for determining whether the one or more drivers are included on a list of trusted drivers; means for determining whether the one or more drivers are included on a list of untrusted drivers; and means for determining whether the one or more drivers have been digitally signed by a trusted party; means for denying effective access to the electronic media content based on an output of said means for evaluating one or more predefined characteristics of the drivers responsible for handling the electronic media content; means for generating an identifier associated with the electronic media content; means for monitoring a predefined system interface for data to be transferred to an output device to determine if the data to be transferred to an output device contains the identifier; and means for preventing effective access to data containing the identifier via the predefined system interface. 5. A method for protecting electronic media content from unauthorized use, the method including: receiving a request to access a piece of electronic media content; generating a first identifier associated with the piece of electronic media content; and monitoring at least one system interface for electronic data to be transferred to an output device, the monitoring including: receiving at least a portion of the electronic data to be transferred to the output device; generating a second identifier associated with the at least a portion of the electronic data; comparing the second identifier with the first identifier; and taking a predefined defensive action if the second identifier is related to the first identifier in a predefined manner, wherein the predefined defensive action is selected from the group consisting of: modifying at least a portion of the piece of electronic data, and preventing the transfer of at least a portion of the piece of electronic data to the output device via the system interface. 6. A method as in claim 5, wherein the piece of electronic media content is encrypted, the method further including: decrypting the piece of electronic media content. 7. A method as in claim 5, in which the first identifier comprises a hash of at least a portion of the piece of electronic media content, and in which the second identifier comprises a hash of at least the portion of the electronic data to be transferred to the output device. 8. A method as in claim 5, in which the first identifier comprises a predefined portion of the piece of electronic media content. 9. A method as in claim 5, in which the system interface comprises a file system interface to one or more device drivers. 10. A method as in claim 9, in which the one or more device drivers are selected from the group consisting of: video display driver, sound driver, SCSI driver, IDE driver, network driver, video capture driver, floppy disk driver, and scanner driver. 11. A method as in claim 5, in which the predefined defensive action comprises modifying at least a portion of the electronic data to be transferred to the output device. 12. A method as in claim 11, in which modifying at least a portion of the electronic data to be transferred to the output device includes scrambling at least a portion of the electronic data. 13. A method as in claim 5, in which the predefined defensive action comprises adding noise to at least a portion of the electronic data to be transferred to the output device. 14. A method as in claim 5, in which the predefined defensive action comprises adding an electronic watermark or fingerprint to at least a portion of the electronic data to be transferred to the output device. 15. A method as in claim 5, in which the predefined defensive action comprises preventing the transfer of at least a portion of the electronic data to an output device via the system interface. 16. A method as in claim 5, in which the predefined relation between the first identifier and the second identifier comprises the first identifier being equal to the second identifier. 17. A method as in claim 5, in which the at least one system interface is selected using rules associated with the piece of electronic media content, the rules being operable to identify certain system interfaces to which the piece of electronic media content is not allowed to be sent. 18. A method as in claim 5, further including: inserting a cryptographic fingerprint into the piece of electronic media content, the cryptographic fingerprint containing information relating to the request to access said piece of electronic media content. 19. A method as in claim 18, in which inserting said cryptographic fingerprint into the piece of electronic media content includes: authenticating a fingerprinting engine using a cryptographic credential; and using the fingerprinting engine to insert the cryptographic fingerprint into the piece of electronic media content. 20. A method as in claim 19, in which the fingerprinting engine is operable to authenticate a calling application using a cryptographic credential.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (47)
Hall Donald R. (309 N. Fillmore St. Arlington VA 22201), ADP security device for labeled data.
Ciacelli Mark Louis ; Urda John William ; Lam Wai Man ; Kouloheris Jack Lawrence ; Fetkovich John Edward, Apparatus, method and computer program product for protecting copyright data within a computer system.
Gopinath Bhaskarpillai (Watchung NJ) Kurshan David (Sea Bright NJ), Composition of systems of objects by interlocking coordination, projection, and distribution.
Glover John J., Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information.
Talati Kirit K. (207 Sun Ray La. Sunnyvale TX 75102), Control system and method for direct execution of software application information models without code generation.
Stefik Mark J. (Woodside CA) Russell Daniel M. (Palo Alto CA) Bobrow Daniel G. (Palo Alto CA) Henderson ; Jr. D. Austin (La Honda CA), Document processing system utilizing document service cards to provide document processing services.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Card Stuart K. (Los Altos CA) Casey Michalene M. (Morgan Hill CA) Goldstein Richard J. (San Francisco CA) Lamming Michael G. (Cambridge CA, Interactive contents revealing storage device.
Halter Bernard J. (Longmont CO) Bracco Alphonse M. (Reston VA) Johnson Donald B. (Manassas VA) Le An V. (Manassas VA) Matyas Stephen M. (Manassas VA) Prymak ; deceased Rostislaw (late of Dumfries VA , Method and system for multimedia access control enablement.
Herzberg Amir ; Krawczyk Hugo Mario ; Kutten Shay ; Le An Van ; Matyas Stephen Michael ; Yung Marcel Mordechay, Method and system for the secured distribution of multimedia titles.
Gasser Morrie (Saugus MA) Goldstein Andrew C. (Hudson MA) Kaufman Charles W. (Northborough MA) Lampson Butler W. (Cambridge MA), Method for delegating authorization from one entity to another through the use of session encryption keys.
Walker Jay S. ; Case T. Scott ; Jorasch James A. ; Sparico Thomas M., Method, apparatus, and program for pricing, selling, and exercising options to purchase airline tickets.
Goldsmith Amy M. (Los Gatos CA) Goldsmith David B. (Los Gatos CA) Pettus Christopher E. (San Francisco CA), Object-oriented remote procedure call networking system.
Ketcham Larry R. (Laguna Niguel CA), Software security system for maintaining integrity of compiled object code by restricting users ability to define compil.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
McManis Charles E. (Sunnyvale CA), System and method for executing verifiable programs with facility for using non-verifiable programs from trusted sources.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of composite digital works.
Stefik Mark J. (Woodside CA) Merkle Ralph C. (Sunnyvale CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of digital works having a fee reporting mechanism.
Shear Victor H. ; Van Wie David M. ; Weber Robert P., Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M. ; Weber Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
Bharadwaj, Vijay G.; Ferguson, Niels T; Ellison, Carl M.; Nyström, Magnus Bo Gustaf; Zhou, Dayi; Issoupov, Denis; Ureche, Octavian T.; Novotney, Peter J.; Ilac, Cristian M., Cryptographic key management.
Goldfarb, Scott Nathaniel; Beecham, James Douglas, Transparent client application to arbitrate data storage between mutable and immutable data repositories.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.