Apparatus and methods for content transfer protection
First Claim
1. Computerized bridging apparatus configured to provide digitally rendered content to a computerized client device, the computerized bridging apparatus comprising:
- a first data interface configured to enable data communication between the computerized apparatus and a managed content delivery network;
a second data interface configured to enable data communication with the computerized client device;
digital processor apparatus in data communication with the first data interface and the second data interface; and
storage apparatus in data communication with the digital processor apparatus, the storage apparatus comprising at least one computer program configured to, when executed on the digital processor apparatus;
receive data representative of a request from at least one of the computerized client device for the digitally rendered content;
cause generation and transmission of a data communication to the managed content delivery network via at least the first interface, the data communication configured to request at least the digitally rendered content;
receive, at the computerized bridging apparatus and from a headend entity of the managed content delivery network, (i) the digitally rendered content, and (ii) a copy of cryptographic data relating to the digitally rendered content; and
based on the received data representative of the request for the digitally rendered content;
(i) decrypt the received digitally rendered content;
(ii) re-encrypt the digitally rendered content using at least the received copy of the cryptographic data; and
(iii) provide the re-encrypted digitally rendered content to the computerized client device via at least the second interface;
wherein the cryptographic data is required by the computerized client device to de-crypt the re-encrypted digitally rendered content for playback thereof by the computerized client device; and
wherein the cryptographic data is received by the computerized client device from a network entity of the managed content delivery network.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for ensuring protection of transferred content. In one embodiment, content is transferred while enabling a network operator (e.g., MSO) to control and change rights and restrictions at any time, and irrespective of subsequent transfers. This is accomplished in one implementation by providing a premises device configured to receive content in a first encryption format and encodes using a first codec, with an ability to transcrypt and/or transcode the content into an encryption format and encoding format compatible with a device which requests the content therefrom (e.g., from PowerKey/MPEG-2 content to DRM/MPEG-4 content). The premises device uses the same content key to encrypt the content as is used by the requesting device to decrypt the content.
421 Citations
23 Claims
-
1. Computerized bridging apparatus configured to provide digitally rendered content to a computerized client device, the computerized bridging apparatus comprising:
-
a first data interface configured to enable data communication between the computerized apparatus and a managed content delivery network; a second data interface configured to enable data communication with the computerized client device; digital processor apparatus in data communication with the first data interface and the second data interface; and storage apparatus in data communication with the digital processor apparatus, the storage apparatus comprising at least one computer program configured to, when executed on the digital processor apparatus; receive data representative of a request from at least one of the computerized client device for the digitally rendered content; cause generation and transmission of a data communication to the managed content delivery network via at least the first interface, the data communication configured to request at least the digitally rendered content; receive, at the computerized bridging apparatus and from a headend entity of the managed content delivery network, (i) the digitally rendered content, and (ii) a copy of cryptographic data relating to the digitally rendered content; and based on the received data representative of the request for the digitally rendered content; (i) decrypt the received digitally rendered content; (ii) re-encrypt the digitally rendered content using at least the received copy of the cryptographic data; and (iii) provide the re-encrypted digitally rendered content to the computerized client device via at least the second interface; wherein the cryptographic data is required by the computerized client device to de-crypt the re-encrypted digitally rendered content for playback thereof by the computerized client device; and wherein the cryptographic data is received by the computerized client device from a network entity of the managed content delivery network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 21)
-
-
8. A computerized method for securely providing digitally rendered content to one or more computerized client devices associated with a content delivery network, the method comprising:
-
receiving, at an intermediary computerized apparatus and from the one or more computerized client devices, data representative of a request for the digitally rendered content; using at least a portion of the received data for requesting, and responsive to the requesting receiving, the digitally rendered content from a first entity of the content delivery network, the digitally rendered content received in a first encrypted format; using at least a portion of the received data for requesting, and responsive to the requesting, receiving first cryptographic data from a second entity of the content delivery network, the requesting and receiving of the first cryptographic data being conducted at least via a digital rights management (DRM) client application run on the intermediary computerized apparatus; utilizing at least second cryptographic data to decrypt the digitally rendered content in the first encrypted format; utilizing at least the first cryptographic data to re-encrypt the digitally rendered content to a second encrypted format; and providing the digitally rendered content in the second encrypted format to the one or more computerized client devices; wherein the second encrypted format necessitates the one or more computerized client devices to issue a request to the second entity, via a DRM client application configured to obtain third cryptographic data from the second entity that is the same as the first cryptographic data obtained the DRM client application run on the intermediary computerized apparatus, for the third cryptographic data in order to enable playback of the digitally rendered content at the one or more computerized client devices. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. Computer readable apparatus comprising a non-transitory storage medium, the non-transitory storage medium comprising at least one computer program having a plurality of instructions, the plurality of instructions configured to, when executed on a processing apparatus:
-
utilize a Digital Rights Management (DRM) client application on either a Digital Video Recorder (DVR) apparatus or a gateway apparatus in data communication with a premises network associated with a computerized client device, the DRM client application utilizing an identical protected content access algorithm as a DRM client application utilized by the computerized client device; receive data representative of a request for digitally rendered content from the computerized client device; receive the digitally rendered content from a content server of a managed content delivery network, the digitally rendered content being encrypted according to a first access control standard; receive first content protection data from an entity of the managed content delivery network; receive second content protection data from the entity of the managed content delivery network; and based at least on determination of at least one of;
(i) that a user associated with the computerized client device is authenticated to receive access to the digitally rendered content, and/or (ii) that the computerized client device is authenticated to receive access to the digitally rendered content;decrypt the digitally rendered content via use of the first content protection data; translate the digitally rendered content from a first encoding format to a second encoding format; re-encrypt, via use of the second content protection data, the digitally rendered content according to a second access control standard; and provide the re-encrypted digitally rendered content to the computerized client device; wherein both the second content protection data and the DRM client application utilized by the computerized client device are required for decryption and playback of the digitally rendered content at the computerized client device; and wherein the second content protection data is received by the computerized client device from the entity of the managed content delivery network. - View Dependent Claims (17, 18, 19, 22)
-
-
20. A computerized method of providing digital content to a computerized client device of a content delivery network irrespective of whether the computerized client device requests the digital content directly from the content delivery network or from a computerized intermediary device in data communication with the content delivery network, the method comprising:
-
providing to the computerized intermediary device the digital content rendered in a first protection format; using the computerized intermediary device as a computerized proxy for a digital rights management (DRM) entity of the content delivery network, the computerized intermediary device configured for protecting the digital content, after receipt thereof from the content delivery network, in a second protection format, the second protection format comprising a format utilized by the DRM entity for content protection, the protecting the digital content comprising using a same content protection cryptographic data structure as used by the DRM entity, the protection cryptographic data structure unique to at least one of the computerized client device or a user thereof; and utilizing a same DRM algorithm executed on both the computerized client device and the computerized intermediary device for controlling and/or changing usage rights and/or restrictions at any time up through playback of the digital content on the computerized client device, and irrespective of any transfer of the digital content between the computerized client device and the computerized intermediary device; wherein the second protection format requires the computerized client device to obtain the content protection cryptographic data structure from the DRM entity of the content delivery network, the content protection cryptographic data structure being required to decrypt the digital content at the computerized client device. - View Dependent Claims (23)
-
Specification