Systems and methods are described for performing policy-managed, peer-to-peer service orchestration in a manner that supports the formation of self-organizing service networks that enable rich media experiences. In one embodiment, services are distributed across peer-to-peer communicating nodes, and
Systems and methods are described for performing policy-managed, peer-to-peer service orchestration in a manner that supports the formation of self-organizing service networks that enable rich media experiences. In one embodiment, services are distributed across peer-to-peer communicating nodes, and each node provides message routing and orchestration using a message pump and workflow collator. Distributed policy management of service interfaces helps to provide trust and security, supporting commercial exchange of value. Peer-to-peer messaging and workflow collation allow services to be dynamically created from a heterogeneous set of primitive services. The shared resources are services of many different types, using different service interface bindings beyond those typically supported in a web service deployments built on UDDI, SOAP, and WSDL. In a preferred embodiment, a media services framework is provided that enables nodes to find one another, interact, exchange value, and cooperate across tiers of networks from WANs to PANs.
대표청구항▼
1. A method of accessing content according to a DRM policy using a device, comprising: operating, by the device, a DRM engine and a cryptographic services module;receiving, by the device, an encrypted content item, a first link object signed by a link object key, and a certificate comprising a const
1. A method of accessing content according to a DRM policy using a device, comprising: operating, by the device, a DRM engine and a cryptographic services module;receiving, by the device, an encrypted content item, a first link object signed by a link object key, and a certificate comprising a constraint program for validating the link object key, wherein the first link object references a first object and a second object ;authorizing, by the device, access to the encrypted content item using the DRM engine and the cryptographic services module, authorization comprising: determining an authorization of the link object key to sign the first link object using the DRM engine by executing the constraint program using at least one of first attributes of the first object and second attributes of the second object, and based on the execution of the constraint program, determining satisfaction of usage conditions for the link object key;based on the determined authorization of the link object key to sign the first link object, verifying the certificate using the cryptographic services module;based on the verification of the certificate, constructing an authorization graph by processing two or more link objects including the first link object using the DRM engine;querying the authorization graph using the DRM engine; andbased on a result of querying the authorization graph, authorizing access to the encrypted content item using the DRM engine; andbased on the access authorization, decrypting, by the device, the encrypted content item and accessing, by the device, the content item. 2. The method of claim 1, wherein querying the authorization graph comprises executing a control program and determining by the control program an existence of a first path from a first path node to a second path node. 3. The method of claim 2, wherein querying the authorization graph further comprises determining by the control program an existence of a second path from a third path node to a fourth path node. 4. The method of claim 3, wherein the first path node and the third path node are distinct. 5. The method of claim 2, wherein the control program comprises byte code. 6. The method of claim 1, wherein the first link object represents one or more of an ownership relationship and a membership relationship. 7. The method of claim 1, wherein the DRM engine of the device and the cryptographic services module of the device communicate indirectly using a host services module of the device. 8. A system for accessing content according to a DRM policy, comprising: at least one processor; andat least one non-transitory computer-readable medium containing instructions that when executed by the at least one processor cause the at least one processor to perform operations including: operating a DRM engine and a cryptographic services module;receiving an encrypted content item, a first link object signed by a link object key, and a certificate comprising a constraint program for validating the link object key, wherein the first link object references a first object and a second object;authorizing access to the encrypted content item using the DRM engine and the cryptographic services module, authorization comprising: determining an authorization of the link object key to sign the first link object using the DRM engine by executing the constraint program using at least one of first attributes of the first object and second attributes of the second object, and based on the execution of the constraint program, determining satisfaction of usage conditions for the link object key;based on the determined authorization of the link object key to sign the first link object, verifying the certificate using the cryptographic services module;based on the verification of the certificate, constructing an authorization graph by processing two or more link objects including the first link object using the DRM engine;querying the authorization graph using the DRM engine; andbased on a result of querying the authorization graph, authorizing access to the encrypted content item using the DRM engine; andbased on the access authorization, decrypting the encrypted content item and accessing the content item. 9. The system of claim 8, wherein querying the authorization graph comprises executing a control program and determining by the control program an existence of a first path from a first path node to a second path node. 10. The system of claim 9, wherein querying the authorization graph further comprises determining by the control program an existence of a second path from a third path node to a fourth path node, wherein the first path node and the third path node are distinct. 11. The system of claim 9, wherein the control program comprises byte code. 12. A non-transitory computer readable medium containing instructions that when executed by at least one processor cause the at least one processor to perform operations for accessing content according to a DRM policy, comprising: operating a DRM engine and a cryptographic services module;receiving an encrypted content item, a first link object signed by a link object key, and a certificate comprising a constraint program for validating the link object key, wherein the first link object references a first object and a second object;authorizing access to the encrypted content item using the DRM engine and the cryptographic services module, authorization comprising: determining an authorization of the link object key to sign the first link object using the DRM engine by executing the constraint program using at least one of first attributes of the first object and second attributes of the second object, and based on the execution of the constraint program, determining satisfaction of usage conditions for the link object key;based on the determined authorization of the link object key to sign the first link object, verifying the certificate using the cryptographic services module;based on the verification of the certificate, constructing an authorization graph by processing two or more link objects including the first link object using the DRM engine;querying the authorization graph using the DRM engine; andbased on a result of querying the authorization graph, authorizing access to the encrypted content item using the DRM engine; andbased on the access authorization, decrypting the encrypted content item and accessing the content item. 13. The computer readable medium of claim 12, wherein querying the authorization graph comprises executing a control program and determining by the control program an existence of a first path from a first path node to a second path node. 14. The computer readable medium of claim 13, wherein querying the authorization graph further comprises determining by the control program an existence of a second path from a third path node to a fourth path node, wherein the first path node and the third path node are distinct.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (102)
Lal,Vishal; Singhal,Umesh; Chakravorthy,Jyothirmoy; Reddy,Rajesh T S, Application rights management in a mobile environment.
Glover John J., Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information.
Peinado, Marcus; Liu, Donna; Ganesan, Krishnamurthy, Digital rights management system operating on computing device and having black box tied to computing device.
Stefik Mark J. (Woodside CA) Russell Daniel M. (Palo Alto CA) Bobrow Daniel G. (Palo Alto CA) Henderson ; Jr. D. Austin (La Honda CA), Document processing system utilizing document service cards to provide document processing services.
Downs Edgar ; Gruse George Gregory ; Hurtado Marco M. ; Lehman Christopher T. ; Milsted Kenneth Louis ; Lotspiech Jeffrey B., Electronic content delivery system.
Abburi,Rajasekhar; Alkove,James M.; McNeill,William P.; McKune,Jeffrey R., Enforcement architecture and method for digital rights management system for roaming a license to a plurality of user devices.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Card Stuart K. (Los Altos CA) Casey Michalene M. (Morgan Hill CA) Goldstein Richard J. (San Francisco CA) Lamming Michael G. (Cambridge CA, Interactive contents revealing storage device.
Elley, Yassir K.; Anderson, Anne H.; Hanna, Stephen R.; Mullan, Sean J.; Perlman, Radia J., Method and system for dynamic issuance of group certificates.
Benantar,Messaoud, Method and system for managing a distributed trust path locator for public key certificates relating to the trust path of an X.509 attribute certificate.
Woo,Je Hak; Lee,Hwan Chul; Cho,Sang Young; Jeong,Seong Ho; Ha,Young Soo; Shin,Seog Kyoon; Kim,Seong Il, Method and system for the information protection of digital content.
Faybishenko, Yaroslav; Kan, Gene H.; Botros, Sherif; Beatty, John; Cutting, Douglass R., Method and system of routing messages in a distributed search network.
Graunke Gary L. ; Carbajal John ; Maliszewski Richard L. ; Rozas Carlos V., Method for securely distributing a conditional use private key to a trusted entity on a remote system.
Foster, Eric M.; Lotspiech, Jeffrey B.; Naor, Dalit; Nin, Sigfredo I.; Pestoni, Florian; Plouffe, Jr., Wilfred E.; Schaffa, Frank A., Method, system and program product for modifying content usage conditions during content distribution.
Day Michael Norman ; Russell Lance Warren ; Wood Donald Edwin ; Yeung Leo Yue Tak, Methods for real-time deterministic delivery of multimedia data in a client/server system.
Behm Jason L. (Kingston NY) Balakrishnan Govind (Kingston NY) Eisenhauer Daniel G. (Kingston NY), Network-based computer system with improved network scheduling system.
Rabne Michael W. ; Barker James A. ; Alrashid Tareq M.T. ; Christian Brian S. ; Cox Steven C. ; Slotta Elizabeth A. ; Upthegrove Luella R., Rights management system for digital media.
Cottrille, Scott C.; Waxman, Peter David; Krishnaswamy, Vinay; Venkatesh, Chandramouli; Narin, Attilla; Kostal, Gregory; Malik, Prashant; Yarmolenko, Vladimir; Byrum, Frank; Lindeman, Thomas K., Secure server plug-in architecture for digital rights management systems.
Puhl Larry C. ; Vogler Dean H. ; Dabbish Ezzat A., Secure wireless electronic-commerce system with digital product certificates and digital license certificates.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
David M. Van Wie ; Robert P. Weber, Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Van Wie, David M.; Weber, Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Alve,Jukka; Chiu,Peter K.; Yan,Zheng; Hietasarka,Juha, System and method for controlled copying and moving of content between devices and domains based on conditional encryption of content key depending on usage.
Koved,Lawrence; Mourad,Magda M.; Munson,Jonathan P.; Pacifici,Giovanni; Pistoia,Marco; Youssef,Alaa S., System and method for supporting digital rights management in an enhanced Java짰 2 runtime environment.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of composite digital works.
Stefik Mark J. (Woodside CA) Merkle Ralph C. (Sunnyvale CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of digital works having a fee reporting mechanism.
Valenzuela, Edgardo; Chen, Eddie J.; DeMartini, Thomas; Fung, Joseph Zhung Yee; Nguyen, Mai; Tieu, Vincent Hsiang; Tran, Duc, Systems and methods for creating, manipulating and processing rights and contract expressions using tokenized templates.
Shear Victor H. ; Van Wie David M. ; Weber Robert P., Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M., Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for the secure transaction management and electronic rights protection.
Jin, Hongxia; Leake, Jr., Donald E.; Lotspiech, Jeffrey B.; Nin, Sigfredo I.; Plouffe, Wilfred E., Tamper-resistant trusted java virtual machine and method of using the same.
King, Julie H.; Kirkman, Susan D.; Labrecque, Daniel J.; Overby, Jr., Linwood H.; Pogue, Steven Wayne, Technique for handling subsequent user identification and password requests with identity change within a certificate-based host session.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining, using and manipulating rights management data structures.
Mourad,Magda M.; Munson,Jonathan P.; Nadeem,Tamer; Pacifici,Giovanni; Pistoia,Marco; Youssef,Alaa S., Transparent digital rights management for extendible content viewers.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M. ; Weber Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M.; Weber, Robert P., Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.