System and method for authorized digital content distribution
First Claim
1. A method for authorized distribution of digital content from a first user to a second user in communication with a digital rights management (DRM) controller computing device wherein the DRM controller computing device does not possess a copy of the digital content and does possess a key/hash pair provided by a third party associated with the digital content in a key/hash database, the method comprising the steps of:
- receiving at the DRM controller computing device a request from a first computing device to transfer the digital content to a second computing device;
sending an encryption key from the DRM controller computing device to the first computing device, which is usable to encrypt the digital content at the first computing device;
receiving a hash of encrypted digital content at the DRM controller computing device from the second computing device after the encrypted digital content has been transferred from the first computing device to the second computing device;
determining at the DRM controller computing device if the result of the hash is correct for the digital content by comparing the key/hash pair provided by the third party associated with the digital content in the key/hash database to the hash received from the second computing device; and
if the hash received from the second computing device corresponds to the key/hash pair associated with the digital content in the key/hash database, sending a decryption key to the second computing device from the DRM controller computing device that is usable to decrypt the digital content at the second computing device.
4 Assignments
0 Petitions
Accused Products
Abstract
A digital content distribution system uses a Digital Rights Management Controller that performs a set of arbitrary tests against the transfer request from one user to another such as user A to user B. Assuming these tests are successful, the DRM sends an encryption key to transferring user A. This encryption key E is taken from a table of encryption key/hash pairs which have been provided to the DRM Controller by an external authority such as the content rights holder. User A encrypts the content using they key provided by the DRM controller and then optionally calculates a hash over the encrypted form of the content E(X) and returns this value to the DRM Controller. On checking the returned hash against the hash from the table the DRM controller knows that user A does indeed have the digital content X in good condition. The DRM Controller then instructs both users A and B that the transfer may proceed. The encrypted form of the content E(X) is transferred from A to B. Once the content transfer has completed B ensures that the received content has been physically written to non-volatile storage (to account for crashes etc. during the next step). B then calculates a hash over the received content and returns this value to the DRM Controller. If this value matches the value previously given then the transfer has been successful and the DRM Controller updates whatever central records are appropriate, while also returning a decrypt key to B to allow it to decrypt the content.
51 Citations
14 Claims
-
1. A method for authorized distribution of digital content from a first user to a second user in communication with a digital rights management (DRM) controller computing device wherein the DRM controller computing device does not possess a copy of the digital content and does possess a key/hash pair provided by a third party associated with the digital content in a key/hash database, the method comprising the steps of:
-
receiving at the DRM controller computing device a request from a first computing device to transfer the digital content to a second computing device; sending an encryption key from the DRM controller computing device to the first computing device, which is usable to encrypt the digital content at the first computing device; receiving a hash of encrypted digital content at the DRM controller computing device from the second computing device after the encrypted digital content has been transferred from the first computing device to the second computing device; determining at the DRM controller computing device if the result of the hash is correct for the digital content by comparing the key/hash pair provided by the third party associated with the digital content in the key/hash database to the hash received from the second computing device; and if the hash received from the second computing device corresponds to the key/hash pair associated with the digital content in the key/hash database, sending a decryption key to the second computing device from the DRM controller computing device that is usable to decrypt the digital content at the second computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification