System and methods are disclosed for governing digital rights management systems and other applications through the use of supervisory governance applications and keying mechanisms. Governance is provided by enabling the supervisory applications to revoke access keys and/or to block certain file sys
System and methods are disclosed for governing digital rights management systems and other applications through the use of supervisory governance applications and keying mechanisms. Governance is provided by enabling the supervisory applications to revoke access keys and/or to block certain file system calls, thus preventing governed applications from accessing protected electronic content.
대표청구항▼
1. A method performed by a first system comprising a processor and a non-transitory computer-readable storage medium storing instructions that, when executed by the processor, cause the first system to perform the method, the method comprising: receiving, by a secure control application executing on
1. A method performed by a first system comprising a processor and a non-transitory computer-readable storage medium storing instructions that, when executed by the processor, cause the first system to perform the method, the method comprising: receiving, by a secure control application executing on the first system in a protected processing environment, a request to access protected content by a governed application executing on a second system, the second system being remote from the first system;extracting, by the secure control application executing on the first system, secret information from a secure electronic container, the secret information being configured to be used, at least in part, to decrypt the protected content, wherein extracting the secret information comprises decrypting at least a portion of the secure electronic container to generate unencrypted secret information; andsending, by the secure control application executing on the first system, the unencrypted secret information to the governed application of the second system. 2. The method of claim 1 further comprising: receiving, by the secure control application, a first control expressing that the governed application should not be provided with the secret information; andimplementing a first control action preventing the secret information from being provided to the governed application in response to a subsequent access request. 3. The method of claim 2 further comprising: receiving, by the secure control application, a second control expressing that the governed application should be provided with the secret information; andimplementing a second control action allowing the secret information to be provided to the governed application in response to the subsequent access request. 4. The method of claim 1 further comprising: prior to sending the secret information to the governed application, determining, by the secure control application, that the governed application satisfies one or more requirements. 5. The method of claim 4, wherein the one more requirements comprise at least one security requirement. 6. The method of claim 4, wherein the one or more requirements comprise at least one requirement for processing the protected content. 7. The method of claim 4, further comprising: determining, by the secure control application, that the governed application no longer satisfies the one or more requirements; andimplementing a control action preventing the secret information from being provided to the governed application in response to a subsequent access request. 8. The method of claim 1, wherein the secret information comprises one or more access keys. 9. The method of claim 1, wherein the secret information comprises a portion of an access key. 10. A non-transitory computer-readable storage medium storing instructions that, when executed by a processor of a first system, cause the first system to perform a method, the method comprising: receiving, by a secure control application executing on the first system in a protected processing environment, a request to access protected content by a governed application executing on a second system, the second system being remote from the first system;extracting, by the secure control application executing on the first system, secret information from a secure electronic container, the secret information being configured to be used, at least in part, to decrypt the protected content, wherein extracting the secret information comprises decrypting at least a portion of the secure electronic container to generate unencrypted secret information; andsending, by the secure control application executing on the first system, the unencrypted secret information to the governed application. 11. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises: receiving, by the secure control application, a first control expressing that the governed application should not be provided with the secret information; andimplementing a first control action preventing the secret information from being provided to the governed application in response to a subsequent access request. 12. The non-transitory computer-readable storage medium of claim 11, wherein the method further comprises: receiving, by the secure control application, a second control expressing that the governed application should be provided with the secret information; andimplementing a second control action allowing the secret information to be provided to the governed application in response to the subsequent access request. 13. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises: prior to sending the secret information to the governed application, determining, by the secure control application, that the governed application satisfies one or more requirements. 14. The non-transitory computer-readable storage medium of claim 13, wherein the one more requirements comprise at least one security requirement. 15. The non-transitory computer-readable storage medium of claim 13, wherein the one or more requirements comprise at least one requirement for processing the protected content. 16. The non-transitory computer-readable storage medium of claim 13, wherein the method further comprises: determining, by the secure control application, that the governed application no longer satisfies the one or more requirements; andimplementing a control action preventing the secret information from being provided to the governed application in response to a subsequent access request. 17. The non-transitory computer-readable storage medium of claim 10, wherein the secret information comprises one or more access keys. 18. The non-transitory computer-readable storage medium of claim 10, wherein the secret information comprises a portion of an access key.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (50)
Atkinson Robert G. ; Price Robert M. ; Contorer Aaron M., Code certification for network transmission.
Peinado, Marcus; Liu, Donna; Ganesan, Krishnamurthy, Digital rights management system operating on computing device and having black box tied to computing device.
Stefik Mark J. (Woodside CA) Russell Daniel M. (Palo Alto CA) Bobrow Daniel G. (Palo Alto CA) Henderson ; Jr. D. Austin (La Honda CA), Document processing system utilizing document service cards to provide document processing services.
Downs Edgar ; Gruse George Gregory ; Hurtado Marco M. ; Lehman Christopher T. ; Milsted Kenneth Louis ; Lotspiech Jeffrey B., Electronic content delivery system.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Card Stuart K. (Los Altos CA) Casey Michalene M. (Morgan Hill CA) Goldstein Richard J. (San Francisco CA) Lamming Michael G. (Cambridge CA, Interactive contents revealing storage device.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
David M. Van Wie ; Robert P. Weber, Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Van Wie, David M.; Weber, Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Doherty, Robert J.; Tierney, Peter L.; Arnaoutoglou-Andreou, Marios, System and embedded license control mechanism for the creation and distribution of digital content files and enforcement of licensed use of the digital content files.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of composite digital works.
Stefik Mark J. (Woodside CA) Merkle Ralph C. (Sunnyvale CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of digital works having a fee reporting mechanism.
Maher,David P.; Rudd,James M.; Swenson,Eric J.; Landsman,Richard A., Systems and methods for managing and protecting electronic content and applications.
Shear Victor H. ; Van Wie David M. ; Weber Robert P., Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M., Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for the secure transaction management and electronic rights protection.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining, using and manipulating rights management data structures.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M. ; Weber Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M.; Weber, Robert P., Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.