IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0437789
(2012-04-02)
|
등록번호 |
US-8751800
(2014-06-10)
|
발명자
/ 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
4 인용 특허 :
102 |
초록
▼
Embodiments are directed towards providing interoperability by establishing a trust relationship between a provider of a media player usable by a consumer and a content provider. A trust relationship is verified through using a public-private key certification authority. When a request for content i
Embodiments are directed towards providing interoperability by establishing a trust relationship between a provider of a media player usable by a consumer and a content provider. A trust relationship is verified through using a public-private key certification authority. When a request for content is received from a consumer, the request might indicate what content protection mechanisms are available in the consumer's device. When a trust relationship is determined to exist between the content provider and the media player providers, the content provider encrypts a license separately for each of a plurality of different content protection mechanisms available at the consumer's device. The encrypted licenses are provided to the consumer's device, where the media player may be selected to play the content based on a self integrity check the media player may perform, and its ability to use a private key associated with a corresponding public key to decrypt the license.
대표청구항
▼
1. A system, comprising: a network device associated with a content provider, having one or more processors configured to perform actions, including: establishing a trust relationship using a cryptographic protocol with a content decryption module (CDM) provider's network device for a version of a C
1. A system, comprising: a network device associated with a content provider, having one or more processors configured to perform actions, including: establishing a trust relationship using a cryptographic protocol with a content decryption module (CDM) provider's network device for a version of a CDM and the network device associated with the content provider;when information is received from a client device indicating that the client device supports at least the version of the CDM; determining for which of the supported CDMs the network device has an established trust relationship with a corresponding CDM provider;using the established trust relationships for the supported CDMs, accessing a public key associated with the version of the CDM supported by the client device; andencrypting a license using the accessed public key, the license protecting access to media content; andwhen it is determined that no information is received from the client device indicating the client device supports at least the version of the CDM: using trust relationships established between the network device and a plurality of different CDM providers to access respective public keys associated with CDMs from the plurality of different CDM providers,encrypting the license with each of the accessed public keys to generate a plurality of encrypted licenses, andproviding each of the encrypted licenses to the client device; andthe client device, comprising: a plurality of CDMs, wherein one of the plurality of CDMs is the version of the CDM, and wherein the version of the CDM performs actions, including: receiving from the network device, the encrypted license;determining an integrity of the version of the CDM and a media player against tampering;in response to determining that the integrity of the version of the CDM and the media player is confirmed, decrypting the license using a private key associated with the public key, and using the decrypted license to enable access to media content protected by the license; andin response to determining that the integrity of the version of the media player is not confirmed, denying access to the private key for decryption of the license and access to the media content protected by the license. 2. The system of claim 1, wherein the network device performs actions, wherein sending each of the plurality of encrypted licenses to the client device, comprises wherein at least one other CDM in the plurality of CDMs is selected at the client device to decrypt one of the plurality of encrypted licenses using a private key associated with a corresponding public key for the other CDM. 3. The system of claim 1, wherein the network device performs actions, further including: querying the client device to determine which of the plurality of CDMs the client device supports. 4. The system of claim 1, wherein the network device performs actions, further including: receiving from the client device, information indicating that the client device supports the version of the CDM absent sending a query request to the client device to determine which version of the CDM is supported by the client device. 5. The system of claim 1, wherein encrypting the license, further comprises encrypting one or more content decryption keys that are configured to enable decryption of the media content at the client device by using the private key to decrypt the one or more content decryption keys. 6. The system of claim 1, wherein the client device further comprises: one or more media players that is configured to select one or more of the plurality of CDMs to access the media content. 7. A network device, comprising: a memory for storing protected content; andone or more processors that perform actions, including: establishing a trust relationship cryptographically with a network device associated with a content decryption module (CDM) provider for a version of a CDM and the network device, wherein the network device is associated with a provider of the protected content;when information is received from a client device indicating that the client device supports at least the version of the CDM; determining for which of the supported CDMs the network device has an established trust relationship with a corresponding CDM provider;using the established trust relationships for the supported CDMs, accessing a public key associated with the version of the CDM;encrypting a license/decryption key to access content using the accessed public key; andproviding the encrypted license/decryption key to a client device having at least the version of CDM, wherein the version of the CDM is configured to access a protected private key corresponding to the public key, decrypt the encrypted license/decryption key using the private key, and enable access to the content, based in part on an integrity of the client device including the integrity of at least the version of the CDM, the integrity being determined by at least the version of the CDM; andwhen it is determined that no information is received from the client device indicating the client device supports at least the version of the CDM: using trust relationships established between the network device and a plurality of different CDM providers to access respective public keys associated with CDMs from the plurality of different CDM providers,encrypting the license/decryption key with each of the accessed public keys to generate a plurality of encrypted licenses/decryption keys, andproviding each of the encrypted licenses/decryption keys to the client device. 8. The network device of claim 7, wherein the one or more processors perform actions, further including: sending each of the plurality of encrypted licenses/decryption keys to the client device, wherein at least one other CDM in the plurality of CDMs is selected by the client device to decrypt one of the plurality of encrypted licenses/decryption keys using a private key associated with a corresponding public key for the other CDM. 9. The network device of claim 7, wherein the one or more processors perform actions, further including: querying the client device to determine which of a plurality of CDMs the client device supports; and wherein providing each of the encrypted licenses/decryption keys to the client device, further comprises the client device selects which CDM to employ to decrypt one of the plurality of encrypted licenses/decryption keys to enable access to the content. 10. The network device of claim 7, wherein the one or more processors perform actions, further including: receiving from the client device, information indicating that the client device supports another CDM absent sending a query request to the client device to determine which CDM is supported by the client device. 11. The network device of claim 7, wherein the one or more processors perform actions, further including: determining that a trust relationship is not established for at least one other CDM provider for another CDM; andbased on the determination of no established trust relationship for the one other CDM provider, refusing to employ another public key associated with the other CDM provider to encrypt and send to the client device the license/decryption key. 12. The network device of claim 7, wherein the one or more processors perform actions, further including: receiving information indicating that at least one of a private key is compromised or an integrity of at least one component of the client device is compromised, and based on the received information refusing to use the compromised public key or to send the license/decryption key to the compromised client device. 13. The network device of claim 7, wherein establishing the trust relationship further comprises receiving at least one attestation from a third-party indicating a level of quality of the CDM provider or version of the CDM. 14. An apparatus comprising a non-transitory computer readable medium, having computer-executable instructions stored thereon, that in response to execution by a computing device, cause the computing device to perform operations, comprising: establishing a trust relationship over a network using a cryptographic mechanism with a network device associated with a content decryption module (CDM) provider for a version of a CDM and the computing device that is associated with a content provider;when information is received from a client device indicating that the client device supports at least the version of the CDM; determining for which of the supported CDMs the network device has an established trust relationship with a corresponding CDM provider;using the established trust relationships for the supported CDMs, accessing a public key associated with the version of the CDM;encrypting a license/decryption key to access content using the accessed public key; andproviding the encrypted license/decryption key to a client device having at least the version of CDM, wherein the version of the CDM is configured to access a protected private key corresponding to the public key, decrypt the encrypted license/decryption key using the private key, and enable access to the content, based in part on an integrity of the client device from tampering including the version of the CDM, the integrity being determined by the version of the CDM; andwhen it is determined that no information is received from the client device indicating the client device supports at least the version of the CDM: using trust relationships established between the network device and a plurality of different CDM providers to access respective public keys associated with CDMs from the plurality of different CDM providers,encrypting the license/decryption key with each of the accessed public keys to generate a plurality of encrypted licenses/decryption keys, andproviding each of the encrypted licenses/decryption keys to the client device. 15. The apparatus of claim 14, wherein sending each of the plurality of encrypted licenses/decryption keys to the client device, further comprises wherein at least one other CDM in the plurality of CDMs is selected by the client device to decrypt an one of the plurality encrypted licenses/decryption keys using a private key associated with a corresponding public key for the other CDM. 16. The apparatus of claim 14, wherein the operations further comprise: querying the client device to determine which of a plurality of CDMs the client device supports; and wherein providing each of the encrypted licenses/decryption keys to the client device, further comprises the client device selects which CDM to employ to decrypt one of the plurality of encrypted licenses/decryption keys to enable access to the media content. 17. The apparatus of claim 14, wherein the operations further comprise: receiving from the client device, information indicating that the client device supports another CDM;determining that a trust relationship is established for the supported other CDM;based on the results of the determination of the trust relationship for the supported other CDM, encrypting the license/decryption key using another public key associated with the other CDM; anddetermining that a trust relationship is not established for at least one other CDM provider for another CDM; andbased on the determination of no established trust relationship, refusing to employ another public key associated with the other CDM provider to encrypt and send to the client device the license/decryption key;sending to the client device the license/decryption key encrypted with the other public key, wherein the client device selects which CDM to employ to decrypt the encrypted license/decryption key. 18. The apparatus of claim 14, wherein the operations further comprise: receiving information indicating that at least one of a public key is compromised, an integrity of at least one component of the client device is compromised, and based on the received information refusing to use the compromised public key, or to send the license/decryption key to the compromised client device. 19. The apparatus of claim 14, wherein establishing the trust relationship comprises receiving at least one attestation from a third-party indicating a level of quality of the CDM provider or version of the CDM. 20. The apparatus of claim 14, wherein the trust relationship is based at least in part on a contract agreement between a content provider and the CDM provider.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.