System and method for parts-based digital rights management
First Claim
1. A computer-implemented method, comprising:
- receiving a content item that is encrypted with a master decryption key;
receiving a license for the content item, wherein the license comprises (a) a user identifier that identifies a user authorized to receive the content item, (b) an encrypted version of the master decryption key, wherein the encrypted version is generated using a user-specific key that is derived by applying a cryptographic hash function to the user identifier, and (c) a plurality of permissions each specific to a respective portion of the content item;
receiving a digital signature for the license;
validating the digital signature to determine that the permissions have not been modified; and
in response to validating the digital signature, providing access to the content item in accordance with the license by (a) applying the cryptographic hash function to the user identifier included in the license to generate the user-specific key, (b) decrypting the encrypted version of the master decryption key using the user-specific key, and (c) decrypting at least a portion of the content item using the master decryption key.
2 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of a system and method for parts-based digital rights management are described. Various embodiments may include a digital rights management component configured to receive content comprising a plurality of portions of content. The digital rights management component may also receive a license for the encrypted content; the license may include a plurality of permissions each specific to a respective portion of the content. Additionally, each permission may specify one or more access privileges for the respective portion of the content. The digital rights management component may receive a digital signature for the entire license. The digital rights management component may validate the digital signature to determine that the permissions have not been modified. The digital rights management component may also be configured to, in response to determining that said permissions have not been modified, provide access to content in accordance with said license including said permissions.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
receiving a content item that is encrypted with a master decryption key; receiving a license for the content item, wherein the license comprises (a) a user identifier that identifies a user authorized to receive the content item, (b) an encrypted version of the master decryption key, wherein the encrypted version is generated using a user-specific key that is derived by applying a cryptographic hash function to the user identifier, and (c) a plurality of permissions each specific to a respective portion of the content item; receiving a digital signature for the license; validating the digital signature to determine that the permissions have not been modified; and in response to validating the digital signature, providing access to the content item in accordance with the license by (a) applying the cryptographic hash function to the user identifier included in the license to generate the user-specific key, (b) decrypting the encrypted version of the master decryption key using the user-specific key, and (c) decrypting at least a portion of the content item using the master decryption key. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method, comprising:
-
receiving encrypted content that comprises a plurality of content segments, wherein each content segment is associated with a segment identifier; receiving a license for the encrypted content, wherein the license comprises (a) a plurality of permissions, each of which is specific to one of the content segments, and (b) a master decryption key; generating a portion-specific decryption key by performing a cryptographic hash function on a combination of the master decryption key and a particular segment identifier for a particular content segment; decrypting the particular content segment using the portion-specific decryption key; and providing access to the particular content segment in accordance with a particular permission that corresponds to the particular content segment. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer readable medium storing program instructions that are computer-executable to implement a digital rights management component that is configured to:
-
receive a content item that is encrypted with a master decryption key; receive a license for the content item, wherein the license comprises (a) a user identifier that identifies a user requesting the content item, and (b) an encrypted version of the master decryption key, wherein the encrypted version is generated using a user-specific key that is derived by applying a cryptographic hash function to the user identifier; receive a digital signature for the license; validate the digital signature to determine that the license has not been modified; and in response to validating the digital signature, provide access to the content item by (a) applying the cryptographic hash function to the user identifier included in the license to generate the user-specific key, (b) decrypting the encrypted version of the master decryption key using the user-specific key, and (c) decrypting at least a portion of the content item using the master decryption key. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification