Portion-level digital rights management in digital content

US 10,599,817 B2
Filed: 03/08/2016
Issued: 03/24/2020
Est. Priority Date: 03/08/2016
Status: Active Grant

First Claim

Patent Images

1. In a digital medium environment, a method implemented by at least one computing device to implement portion-level digital rights management (DRM) to control access to portions of digital content, the method comprising:

receiving, by the at least one computing device, a selection of a first portion of the digital content, the digital content including a second portion;

assigning, by the at least one computing device, a policy to the first portion of the digital content by at least adding a markup element with an identifier to the first portion;

encrypting, by the at least one computing device, the first portion based on the policy without encrypting the second portion;

receiving, by the at least one computing device, a call to open the digital content from a user that does not have a user identity associated with the policy; and

controlling, by the at least one computing device, access to the digital content, the controlling including configuring the digital content to,display the second portion,replace the first portion of the digital content with a visual indication that access is denied to the first portion,display in real time, upon a selection of the second portion, visual indications of one or more permissions specific to the second portion, andupdate, in real time, the visual indications of the one or more permissions specific to the second portion.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Portion-level digital rights management (DRM) in digital content is described. In one or more embodiments, a selection of a portion of the digital content is received at a computing device. Then, a policy is assigned to the selected portion by adding a markup element with an identifier to the selected portion. Based on the assigned policy, the selected portion is encrypted without encrypting another portion of the digital content. Subsequently, access to the selected portion is controlled based on the policy independently of the other portion. In this way, different portions of a single document can be protected with different policies. Different users may then have access to different portions of the digital content based on their user ID being associated with a particular policy, which improves security and management of distributable digital content.

78 Citations

20 Claims

1. In a digital medium environment, a method implemented by at least one computing device to implement portion-level digital rights management (DRM) to control access to portions of digital content, the method comprising:
- receiving, by the at least one computing device, a selection of a first portion of the digital content, the digital content including a second portion;
  
  assigning, by the at least one computing device, a policy to the first portion of the digital content by at least adding a markup element with an identifier to the first portion;
  
  encrypting, by the at least one computing device, the first portion based on the policy without encrypting the second portion;
  
  receiving, by the at least one computing device, a call to open the digital content from a user that does not have a user identity associated with the policy; and
  
  controlling, by the at least one computing device, access to the digital content, the controlling including configuring the digital content to,display the second portion,replace the first portion of the digital content with a visual indication that access is denied to the first portion,display in real time, upon a selection of the second portion, visual indications of one or more permissions specific to the second portion, andupdate, in real time, the visual indications of the one or more permissions specific to the second portion.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method as described in claim 1, wherein the policy includes a mapping between permissions provided to at least one user and a user identity associated with the at least one user.
  - 3. A method as described in claim 1, wherein access provided as part of opening the digital content includes one or more of viewing, copying, printing, or modifying the second portion.
  - 4. A method as described in claim 1, wherein encrypting the first portion of the digital content includes encrypting, using the policy, at least one extensible markup language (XML) structure corresponding to the first portion of the digital content.
  - 5. A method as described in claim 1, wherein the controlling further configures the digital content to perform operations comprising:
    - receiving, from another user, another call to open the digital content;
      
      intercepting the another call to open the digital content;
      
      parsing the digital content;
      
      identifying at least one protected extensible markup language (XML) structure associated with the first portion of the digital content, wherein the at least one protected XML structure is encrypted with the policy;
      
      authenticating the another user based on a user identity of the another user; and
      
      decrypting the first portion of the digital content based on authentication of the another user.
  - 6. A method as described in claim 1, wherein the controlling further configures the digital content to perform operations comprising:
    - intercepting a call to save the digital content from the user; and
      
      encrypting the first portion of the digital content in response to the call.
  - 7. A method as described in claim 1, further comprising providing different renditions of the digital content to different users based on access rights of each of the different users.
  - 8. A method as described in claim 7, wherein the access rights of the different users are controllable subsequent to distribution of the digital content to the different users.

9. In a digital medium environment, a method implemented by at least one computing device to implement portion-level digital rights management (DRM) to control access to portions of digital content, the method comprising:
- receiving, by the at least one computing device, the digital content having a first portion encrypted based on a policy and a second portion that is not encrypted, the policy assigned to the first portion by adding a markup element with an identifier to the first portion;
  
  receiving, by the at least one computing device, an open call initiated by a user to open the digital content;
  
  determining, by the at least one computing device, that the user does not have a user identity associated with the policy; and
  
  controlling access, by the at least one computing device, to the digital content, the controlling including;
  
  displaying the second portion,replacing the first portion of the digital content with a visual indication that access is denied to the first portion,displaying in real time, upon a selection of the second portion, visual indications of one or more permissions specific to the second portion, andupdating, in real time, the visual indications of the one or more permissions specific to the second portion.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. A method as described in claim 9, wherein the policy includes a mapping between permissions provided to at least one user and a user identity associated with the at least one user.
  - 11. A method as described in claim 9, wherein access provided as part of opening the digital content includes one or more of viewing, copying, printing, or modifying the second portion.
  - 12. A method as described in claim 9, wherein encrypting the first portion of the digital content includes encrypting, using the policy, at least one extensible markup language (XML) structure corresponding to the first portion of the digital content.
  - 13. A method as described in claim 9, further comprising:
    - receiving, from another user, another call to open the digital content;
      
      intercepting the another open call from the another user;
      
      parsing the digital content;
      
      identifying at least one protected extensible markup language (XML) structure associated with the first portion of the digital content, wherein the at least one protected XML structure is encrypted with the policy;
      
      authenticating the another user based on a user identity of the another user; and
      
      decrypting the first portion of the digital content based on authentication of the other user.
  - 14. A method as described in claim 9, further comprising:
    - intercepting a call to save the digital content from the user; and
      
      encrypting the first portion of the digital content in response to the call.
  - 15. A method as described in claim 14, wherein the access rights of the different users are controllable subsequent to distribution of the digital content to the different users.
  - 16. A method as described in claim 9, further comprising providing different renditions of the digital content to different users based on access rights of each of the different users.

17. In a digital medium environment, a system implemented to control portion-level digital rights management (DRM) in digital content, the system comprising:
- a processor; and
  
  non-transitory computer-readable storage media having thereon multiple instructions that, responsive to execution by the processor, cause the processor to perform operations including;
  
  receiving the digital content having a first portion encrypted based on a policy and a second portion that is not encrypted, the policy assigned to the first portion of the digital content by adding a markup element with an identifier to the first portion of the digital content;
  
  receiving an open call initiated by a user to open the digital content;
  
  determining that the user does not have a user identity associated with the policy; and
  
  controlling access to the digital content by;
  
  displaying the second portion,replacing the first portion of the digital content with a visual indication that access is denied to the first portion,displaying in real time, upon a selection of the second portion, visual indications of one or more permissions specific to the second portion, andupdating, in real time, the visual indications of the one or more permissions specific to the second portion.
- View Dependent Claims (18, 19, 20)
- - 18. The system as described in claim 17, wherein the policy includes a mapping between permissions provided to at least one user and a user identity associated with the at least one user.
  - 19. The system as described in claim 17, wherein access provided as part of opening the digital content includes one or more of viewing, copying, printing, or modifying the second portion.
  - 20. The system as described in claim 17, wherein the operations further comprising:
    - receiving, from another user, another call to open the digital content;
      
      intercepting the another open call from the another user;
      
      parsing the digital content;
      
      identifying at least one protected extensible markup language (XML) structure associated with the first portion of the digital content, wherein the at least one protected XML structure is encrypted with the policy;
      
      authenticating the another user based on a user identity of the another user; and
      
      decrypting the first portion of the digital content based on authentication of the another user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Adobe Inc.
Original Assignee
Adobe Inc.
Inventors
Taneja, Salil, Jain, Arneh
Primary Examiner(s)
Zaidi, Syed A

Application Number

US15/063,996
Publication Number

US 20170262619A1
Time in Patent Office

1,477 Days
Field of Search

726 28
US Class Current
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/1015   to users

G06F 21/31   User authentication

G06F 21/602   Providing cryptographic fac...

Portion-level digital rights management in digital content

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

78 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Portion-level digital rights management in digital content

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others