Ensuring authenticity in a closed content distribution system
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/00
H04L-009/08
G06F-021/10
H04L-009/32
G06F-021/78
G06F-021/60
H04L-009/16
출원번호
US-0973449
(2018-05-07)
등록번호
US-10263774
(2019-04-16)
발명자
/ 주소
Princen, John
Srinivasan, Pramila
Blythe, David
Yen, Wei
출원인 / 주소
Acer Cloud Technology, Inc.
대리인 / 주소
Sheppard, Mullin, Richter & Hampton, LLP
인용정보
피인용 횟수 :
0인용 특허 :
133
초록
A technique for maintaining encrypted content received over a network in a secure processor without exposing a key used to decrypt the content in the clear is disclosed.
대표청구항▼
1. A method executed by a secure player comprising: receiving encrypted content comprising a plurality of data portions in an encrypted format, the encrypted content being sent from a content server;receiving a license package including one or more first cryptographic keys and a plurality of signatu
1. A method executed by a secure player comprising: receiving encrypted content comprising a plurality of data portions in an encrypted format, the encrypted content being sent from a content server;receiving a license package including one or more first cryptographic keys and a plurality of signatures corresponding to the plurality of data portions, the license package being sent from a license server;performing decryption of the encrypted content using the one or more first cryptographic keys;verifying validity of the plurality of data portions using the plurality of signatures;after verifying the validity, generating one or more second cryptographic keys independent of the one or more first cryptographic keys, the one or more second cryptographic keys being unique to the plurality of data portions and the license package;storing the one or more second cryptographic keys;performing re-encryption of the encrypted content using the one or more second cryptographic keys to obtain re-encrypted content;storing the re-encrypted content. 2. The method of claim 1, wherein the generating the one or more second cryptographic keys comprises generating a plurality of the second cryptographic keys corresponding to the plurality of data portions, respectively, and the performing the re-encryption of the encrypted content comprises performing re-encryption of the encrypted content using the plurality of the second cryptographic keys to obtain the re-encrypted content. 3. The method of claim 1, wherein the one or more second cryptographic keys are stored in secure memory. 4. The method of claim 1, wherein the re-encrypted content is stored in external storage external to the secure player. 5. The method of claim 1, further comprising: generating a third cryptographic key independent of the one or more first cryptographic keys and the one or more second cryptographic keys;performing encryption of a list of the one or more second cryptographic keys using the third cryptographic key to construct a re-encryption key package;storing the third cryptographic key in secure memory. 6. The method of claim 1, further comprising: generating a third cryptographic key independent of the one or more first cryptographic keys and the one or more second cryptographic keys;performing encryption of a list of the one or more second cryptographic keys using the third cryptographic key to construct a re-encryption key package;storing the re-encryption key package in external storage external to the secure player;storing the third cryptographic key in secure memory. 7. The method of claim 1, further comprising, after verifying the validity, determining whether or not re-encryption of the encrypted content has been previously performed, wherein the generating the one or more second cryptographic keys is carried out upon determining that re-encryption of the encrypted content has not been previously performed. 8. The method of claim 1, wherein the license package is encrypted using a user-specific encryption key, and the method further comprises performing decryption of the license package using the user-specific encryption key. 9. The method of claim 1, wherein the plurality of data portions comprises a streaming sequence of data portions and is received sequentially by the secure player. 10. The method of claim 1, wherein the license package includes a plurality of licenses corresponding to the plurality of data portions, respectively, and the plurality of licenses is received separately by the secure player. 11. A secure player comprising: one or more processors;memory storing instructions, when executed by the one or more processors, configured to cause the one or more processors to execute a computer-implemented method, the computer-implemented method comprising:receiving encrypted content comprising a plurality of data portions in an encrypted format, the encrypted content being sent from a content server;receiving a license package including one or more first cryptographic keys and a plurality of signatures corresponding to the plurality of data portions, the license package being sent from a license server;performing decryption of the encrypted content using the one or more first cryptographic keys;verifying validity of the plurality of data portions using the plurality of signatures;after verifying the validity, generating one or more second cryptographic keys independent of the one or more first cryptographic keys, the one or more second cryptographic keys being unique to the plurality of data portions and the license package;storing the one or more second cryptographic keys;performing re-encryption of the encrypted content using the one or more second cryptographic keys to obtain re-encrypted content;storing the re-encrypted content. 12. The secure player of claim 11, wherein the generating the one or more second cryptographic keys comprises generating a plurality of the second cryptographic keys corresponding to the plurality of data portions, respectively, and the performing the re-encryption of the encrypted content comprises performing re-encryption of the encrypted content using the plurality of the second cryptographic keys to obtain the re-encrypted content. 13. The secure player of claim 11, wherein the one or more second cryptographic keys are stored in secure memory. 14. The secure player of claim 11, wherein the re-encrypted content is stored in external storage external to the secure player. 15. The secure player of claim 11, wherein the computer-implemented method further comprises: generating a third cryptographic key independent of the one or more first cryptographic keys and the one or more second cryptographic keys;performing encryption of a list of the one or more second cryptographic keys using the third cryptographic key to construct a re-encryption key package;storing the third cryptographic key in secure memory. 16. The secure player of claim 11, wherein the computer-implemented method further comprises: generating a third cryptographic key independent of the one or more first cryptographic keys and the one or more second cryptographic keys;performing encryption of a list of the one or more second cryptographic keys using the third cryptographic key to construct a re-encryption key package;storing the re-encryption key package in external storage external to the secure player;storing the third cryptographic key in secure memory. 17. The secure player of claim 11, wherein the computer-implemented method further comprises, after verifying the validity, determining whether or not re-encryption of the encrypted content has been previously performed, wherein the generating the one or more second cryptographic keys is carried out upon determining that re-encryption of the encrypted content has not been previously performed. 18. The secure player of claim 11, wherein the license package is encrypted using a user-specific encryption key, and the method further comprises performing decryption of the license package using the user-specific encryption key. 19. The secure player of claim 11, wherein the plurality of data portions comprises a streaming sequence of data portions and is received sequentially by the secure player. 20. A secure player comprising: a means for receiving encrypted content comprising a plurality of data portions in an encrypted format, the encrypted content being sent from a content server;a means for receiving a license package including one or more first cryptographic keys and a plurality of signatures corresponding to the plurality of data portions, the license package being sent from a license server;a means for performing decryption of the encrypted content using the one or more first cryptographic keys;a means for verifying validity of the plurality of data portions using the plurality of signatures;a means for, after verifying the validity, generating one or more second cryptographic keys independent of the one or more first cryptographic keys, the one or more second cryptographic keys being unique to the plurality of data portions and the license package;a means for storing the one or more second cryptographic keys;a means for performing re-encryption of the encrypted content using the one or more second cryptographic keys to obtain re-encrypted content;a means for storing the re-encrypted content.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (133)
Hogan, Kenneth; Polucha, Micheal; Pham, Trieu; Vollum, Steve; Johnston, Jessee, Airborne e-mail data transfer protocol.
Knobl,Karl Heinz; Menzenbach,Christof; Eibach,Wolfgang G; Nuttall,Mark Patrick; Phippen,Robert William, Apparatus and method for establishing communication in a computer network.
Boyle John M. (Cranford NJ) Maiwald Eric S. (Southfields NY) Snow David W. (Convent Station NJ), Apparatus and method for providing multi-level security for communication among computers and terminals on a network.
Peterson, Leonard J.; Freedman, Steven J.; Partovi, Hadi; Endres, Raymond E.; D'Souza, David J.; Ellerman, Erik Castedo; Jiggins, Julian P., Client-side system for scheduling delivery of web content and locally managing the web content.
Karolak Dale W. (Ft. Wayne IN) Shirey Carl L. (Ft. Wayne IN) Steiner Wesley D. (Ft. Wayne IN) Rue Robert T. (Ft. Wayne IN), Communications management system architecture.
Acharya, Swarup; Korth, Henry F.; Poosala, Viswanath, Computer implemented method and apparatus for fulfilling a request for information content with a user-selectable version of a file containing that information content.
Hatakeyama, Takahisa; Yoshioka, Makoto; Miyazawa, Yuji, Content usage control system, content usage apparatus, computer readable recording medium with program recorded for computer to execute usage method.
Ikuta Masanao,JPX ; Kambe Tomoaki,JPX ; Takida Satoshi,JPX, Data caching apparatus, data caching method and medium recorded with data caching program in client/server distributed system.
Blatter Harold ; Horlander Thomas Edward ; Bridgewater Kevin Elliott ; Deiss Michael Scott, Decoding system and data format for processing and storing encrypted broadcast, cable or satellite video data.
Yen, Wei; Princen, John; Lo, Raymond; Srinivasan, Pramila, Delivery of license information using a short messaging system protocol in a closed content distribution system.
Downs Edgar ; Gruse George Gregory ; Hurtado Marco M. ; Lehman Christopher T. ; Milsted Kenneth Louis ; Lotspiech Jeffrey B., Electronic content delivery system.
Krajewski ; Jr. Marjan (Acton MA) Chipchak John C. (Dracut MA) Chodorow David A. (Groton MA) Trostle Jonathan T. (Lexington MA) Baldwin Peter T. (Rowley MA), Electronic information network user authentication and authorization system.
Shaw David E. ; Ardai Charles E. ; Marsh Brian D. ; Moraes Mark A. ; Rudolph Dana B. ; Mc Auliffe Jon D., Electronic mail system for displaying advertisement at local computer received from remote system while the local compu.
Traversat Bernard A. ; Saulpaugh Tom ; Schmidt Jeffrey A. ; Slaughter Gregory L. ; Tracey William J. ; Woodward Steve, Generic schema for storing configuration information on a server computer.
Asano, Tomoyuki; Osawa, Yoshitomo, Information transmission system and method, drive device and access method, information recording medium, device and method for producing recording medium.
Ishibashi,Yoshihito; Oishi,Tateo; Matsuyama,Shinako; Asano,Tomoyuki; Muto,Akihiro; Kitahara,Jun, Information transmission system, transmitter, and transmission method as well as information reception system, receiver and reception method.
Khan Raheel Ahmed ; Burleson David Brent ; Filion John Thomas ; Cheek Donald Scott, Method and apparatus for a game delivery service including flash memory and a game back-up module.
Christopher H. Stewart ; Svilen B. Pronev ; Darrell J. Starnes, Method and apparatus for efficient storage and retrieval of objects in and from an object storage device.
Lambert Mark L. ; van der Rijn Daniel J. G. ; Kemper David J. ; Verkler Jay L., Method and apparatus for storing and delivering documents on the internet.
Sanjay Agraharam ; Robert Edward Markowitz ; Kenneth H. Rosen ; David Hilton Shur ; Joel A. Winthrop, Method and apparatus to enhance a multicast information stream in a communication network.
Arnold Thomas Andrew ; Pettitt John Philip ; Rendleman ; Jr. Jesse Noel ; Lewis ; Jr. Robert Lincoln, Method and system for delivering digital products electronically.
Fields, Duane Kimbell; Gregg, Thomas Preston; Hassinger, Sebastian Daniel; Hurley, II, William Walter; Kolb, Mark Andrew; Vu, Stacy Braden, Method and system for distributing image-based content on the internet.
Spagna,Richard L.; Zhao,Ting; Geisler,Douglas R.; Mahlbacher,James C., Method and system for securing local database file of local content stored on end-user system.
Scott, Mark; Cheng, Anita; Ho, Simon; Irimescu, George; Voineag, Dorel; Wong, William; Yao, Min; Zadeh, Row J., Method, system, and computer program product for providing voice over the internet communication.
Shear, Victor H.; Van Wie, David M.; Weber, Robert P., Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
Uesaka Yasushi,JPX ; Yamauchi Kazuhiko,JPX ; Kozuka Masayuki,JPX ; Higaki Nobuo,JPX ; Horiuchi Koichi,JPX ; Haruna Syusuke,JPX, Microprocessor suitable for reproducing AV data while protecting the AV data from illegal copy and image information processing system using the microprocessor.
Webber Neil F. (Hudson MA) Israel Robert K. (Westford MA) Kenley Gregory (Northborough MA) Taylor Tracy M. (Upton MA) Foster Antony W. (Framingham MA), Network file migration system.
Lin Mengjou, Process scheduling for streaming data through scheduling of disk jobs and network jobs and the relationship of the scheduling between these types of jobs.
Theriault Roger ; Lockhart Thomas Wayne,CAX ; Battin Robert D., Proxy host computer and method for accessing and retrieving information between a browser and a proxy.
Bel,Hendrik Jan; Lokhoff,Gerardus Cornelis Petrus; Breugom,Michel Ronald; Engelen,Dirk Valentinus Rene; Van De Poel,Peter, Receiving device for securely storing a content item, and playback device.
Gidron,Yoad; Holder,Ophir; Teichholtz,Haim; Reich,Benny; Gur Ari,Yaron; Schiller,Michael, Rule-based system and method for managing the provisioning of user applications on limited-resource and/or wireless devices.
Tso Michael Man-Hak ; Jing Jin ; Knauerhase Robert Conrad ; Romrell David Alfred ; Gillespie Daniel Joshua ; Bakshi Bikram Singh ; Sathyanarayan Seshardi, Scaling proxy server sending to the client a graphical user interface for establishing object encoding preferences after receiving the client's request for the object.
Vaitzblit Lev (Concord MA) Ramakrishnan Kadangode K. (Maynard MA) Tzelnic Percy (Concord MA), Scheduling and admission control policy for a continuous media server.
Doherty, Robert J.; Tierney, Peter L.; Arnaoutoglou-Andreou, Marios, System and embedded license control mechanism for the creation and distribution of digital content files and enforcement of licensed use of the digital content files.
England,Paul; DeTreville,John D.; Lampson,Butler W., System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party.
Duane Kimbell Fields ; Thomas Preston Gregg ; Sebastian Daniel Hassinger ; William Walter Hurley, System and method for cooperative client/server customization of web pages.
Pasquali Sandro, System and method for providing a dynamic advertising content window within a window based content manifestation environment provided in a browser.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
Ford, Daniel A.; Kraft, Reiner; Tewari, Gaurav, System and technique for dynamic information gathering and targeted advertising in a web based model using a live information selection and analysis tool.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of composite digital works.
LeVine,Richard B.; Lee,Andrew R.; Howard,Daniel G.; Goldman,Daniel M.; Hart, III,John J., Systems and methods for preventing unauthorized use of digital content.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter,Karl L.; Shear,Victor H.; Spahn,Francis J.; Van Wie,David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter,Karl L.; Shear,Victor H.; Spahn,Francis J.; Van Wie,David M., Systems and methods for secure transaction management and electronic rights protection.
Hall,Edwin J.; Shear,Victor H.; Tomasello,Luke S.; Van Wie,David M.; Weber,Robert P.; Worsencroft,Kim; Xu,Xuejun, Techniques for defining, using and manipulating rights management data structures.
Ginter,Karl L.; Shear,Victor H.; Spahn,Francis J.; Van Wie,David M.; Weber,Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
Nakamura Hiroki,JPX ; Kusumi Yuki,JPX ; Oashi Masahiro,JPX ; Shimoji Tatsuya,JPX, Video on demand system with a transmission schedule table in the video server including entries for client identifiers,.
Belknap William R. (San Jose CA) Henley Martha R. (Morgan Hill CA) Falcon ; Jr. Lorenzo (San Jose CA) Frayne Thomas E. (San Jose CA) Luo Mei-Lan (San Jose CA) Saxena Ashok R. (San Jose CA), Video optimized media streamer with cache management.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.