Content protection for data as a service (DaaS)
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-029/06
G06F-021/10
H04N-021/4405
H04N-021/4627
G06F-021/60
출원번호
US-0361759
(2013-12-24)
등록번호
US-9832172
(2017-11-28)
국제출원번호
PCT/US2013/077656
(2013-12-24)
국제공개번호
WO2015/099698
(2015-07-02)
발명자
/ 주소
Smith, Ned M.
Heldt-Sheller, Nathan
Michelis, Pablo A.
Zimmer, Vincent J.
Wood, Matthew D.
Beckwith, Richard T.
Rothman, Michael A.
출원인 / 주소
INTEL CORPORATION
대리인 / 주소
Grossman, Tucker, Perreault & Pfleger, PLLC
인용정보
피인용 횟수 :
2인용 특허 :
5
초록▼
The present disclosure is directed to content protection for Data as a Service (DaaS). A device may receive encrypted data from a content provider via DaaS, the encrypted data comprising at least content for presentation on the device. For example, the content provider may utilize a secure multiplex
The present disclosure is directed to content protection for Data as a Service (DaaS). A device may receive encrypted data from a content provider via DaaS, the encrypted data comprising at least content for presentation on the device. For example, the content provider may utilize a secure multiplex transform (SMT) module in a trusted execution environment (TEE) module to generate encoded data from the content and digital rights management (DRM) data and to generate the encrypted data from the encoded data. The device may also comprise a TEE module including a secure demultiplex transform (SDT) module to decrypt the encoded data from the encrypted data and to decode the content and DRM data from the encoded data. The SMT and SDT modules may interact via a secure communication session to validate security, distribute decryption key(s), etc. In one embodiment, a trust broker may perform TEE module validation and key distribution.
대표청구항▼
1. A device configured for content protection, comprising: communication circuitry to at least receive data encrypted using a first encryption protocol, the received encrypted data including content, the content comprising at least a first portion associated with a display of a plurality of displays
1. A device configured for content protection, comprising: communication circuitry to at least receive data encrypted using a first encryption protocol, the received encrypted data including content, the content comprising at least a first portion associated with a display of a plurality of displays that collectively form a composite display, and a second portion unassociated with the display for presenting the content;user interface (UI) circuitry coupled to the display of the plurality of displays to at least present the first portion of the content; andtrusted execution environment (TEE) circuitry including at least a secure demultiplex transform (SDT) circuitry to generate the first portion of the content and digital rights management (DRM) data corresponding to the first portion of the content from the encrypted data, and encrypt at least the first portion of the content using a content protection encryption protocol prior to providing the first portion of the content and DRM data to the UI circuitry,wherein the UI circuitry includes at least a presentation engine to decrypt the encrypted first portion of the content, generate presentation data from the decrypted first portion of content and encrypt the presentation data using a DRM encryption protocol, and decrypt the encrypted presentation data and present the presentation data via the display of the plurality of displays based on the DRM data. 2. The device of claim 1, wherein the TEE circuitry comprises at least a secure memory space accessible to only applications in the device verified as safe by the TEE circuitry. 3. The device of claim 1, wherein the SDT comprises: decryption circuitry to generate encoded data by decrypting the encrypted data; anddecoder circuitry to generate at least the first portion of the content by decoding the encoded data. 4. The device of claim 3, wherein the decoder circuitry is further to generate digital rights management (DRM) data corresponding to the first portion of the content from the encoded data. 5. The device of claim 4, wherein the communication circuitry receives the encrypted data from a content provider. 6. The device of claim 5, wherein the communication circuitry is further to receive the encrypted data from the content provider via a Data as a Service (DaaS) display controller. 7. The device of claim 5, wherein the SDT circuitry further comprises attestation circuitry to communicate via a secure communication session to at least provide data for validating the TEE circuitry and/or to receive at least one key for use in generating the content. 8. The device of claim 7, wherein the attestation circuitry is further to cause the communication circuitry to establish the secure communication session with at least one of the content provider or a trust broker. 9. A method for content protection, comprising: receiving data encrypted using a first encryption protocol in a device including at least trusted execution environment (TEE) circuitry, the received encrypted data including content, the content comprising at least a first portion associated with a display of a plurality of displays that collectively form a composite display, and a second portion unassociated with the display for presenting the content;decrypting the encrypted data in a secure demultiplex transform (SDT) circuitry in the TEE circuitry;generating the first portion of the content and digital rights management (DRM) data corresponding to the first portion of the content from the decrypted data in the SDT circuitry;encrypting at least the first portion of the content using a content protection encryption protocol in the SDT circuitry;decrypting at least the encrypted first portion of the content in user interface (UI) circuitry in the device, wherein the UI circuitry is coupled to the display of the plurality of displays;generating presentation data based on the decrypted first portion of the content;encrypting the presentation data based on a DRM encryption protocol;decrypting the encrypted presentation data in the display associated with the UI circuitry; andpresenting the decrypted presentation data based on the DRM data via the display. 10. The method of claim 9, further comprising: determining if Data as a Service (DaaS) is available in the device; andprovisioning a presentation device sharing engine in the device if it is determined that DaaS is available in the device. 11. The method of claim 10, further comprising: determining if a trust broker is handling TEE circuitry validation and key distribution if it is determined that DaaS is available in the device. 12. The method of claim 11, further comprising: providing at least data for validating the TEE circuitry to the trust broker if it is determined that the trust broker is handling TEE circuitry validation and key distribution. 13. The method of claim 12, further comprising: requesting at least one key for use in decoding the encrypted data, the at least one key being requested from the trust broker or a content provider. 14. At least one non-transitory machine-readable storage medium having stored thereon, individually or in combination, instructions that when executed by one or more processors result in the following operations for content protection, comprising: receiving data encrypted using a first encryption protocol in a device including at least trusted execution environment (TEE) circuitry, the received encrypted data including content, the content comprising at least a first portion associated with a display of a plurality of displays that collectively form a composite display, and a second portion unassociated with the display for presenting the content;decrypting the encrypted data in a secure demultiplex transform (SDT) module in the TEE circuitry;generating content and digital rights management (DRM) data corresponding to the content from the decrypted data in the SDT circuitry;encrypting at least the first portion of the content using a content protection encryption protocol in the SDT circuitry;decrypting at least the encrypted first portion of the content in user interface (UI) circuitry in the device, wherein the UI circuitry is coupled to the display of the plurality of displays;generating presentation data based on the decrypted first portion of the content;encrypting the presentation data based on a DRM encryption protocol;decrypting the encrypted presentation data in the display associated with the UI circuitry; andpresenting the decrypted presentation data based on the DRM data via the display. 15. The medium of claim 14, further comprising instructions that when executed by one or more processors result in the following operations comprising: determining if Data as a Service (DaaS) is available in the device; andprovisioning a presentation device sharing engine in the device if it is determined that DaaS is available in the device. 16. The medium of claim 15, further comprising instructions that when executed by one or more processors result in the following operations comprising: determining if a trust broker is handling TEE circuitry validation and key distribution if it is determined that DaaS is available in the device. 17. The medium of claim 16, further comprising instructions that when executed by one or more processors result in the following operations comprising: providing at least data for validating the TEE circuitry to the trust broker if it is determined that the trust broker is handling TEE circuitry validation and key distribution. 18. The medium of claim 17, further comprising instructions that when executed by one or more processors result in the following operations comprising: requesting at least one key for use in decoding the encrypted data, the at least one key being requested from the trust broker or a content provider.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (5)
Kamibayashi, Tooru; Kato, Taku; Isozaki, Hiroshi; Matsushita, Tatsuyuki; Ishihara, Atsushi; Kashihara, Yutaka; Nagai, Yuji; Haruki, Kosuke; Tobita, Yoshikata; Nakamura, Seiichi; Mawatari, Masahiko, Apparatus, method, and computer program product for playing back content.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.