Key management protocol and authentication system for secure internet protocol rights management architecture
First Claim
1. A rights management architecture for securely delivering content to authorized consumers, the architecture comprising:
- a content provider;
a consumer system for requesting content from the content provider;
the content provider generating a session rights object for accessing the content;
a KDC (key distribution center) for providing authorization data to the consumer system, the authorization data for accessing the content;
a caching server for comparing information in the session rights object with the authorization data; and
the caching server forwarding the requested content to the consumer system if the information matches the authorization data.
4 Assignments
0 Petitions
Accused Products
Abstract
A digital rights management architecture for securely delivering content to authorized consumers. The architecture includes a content provider and a consumer system for requesting content from the content provider. The content provider generates a session rights object having purchase options selected by the consumer. A KDC thereafter provides authorization data to the consumer system. Also, a caching server is provided for comparing the purchase options with the authorization data. The caching server forwards the requested content to the consumer system if the purchase options match the authorization data. Note that the caching server employs real time streaming for securely forwarding the encrypted content, and the requested content is encrypted for forwarding to the consumer system. Further, the caching server and the consumer system exchange encrypted control messages (and authenticated) for supporting transfer of the requested content. In this manner, all interfaces between components are protected by encryption and/authenticated.
-
Citations
23 Claims
-
1. A rights management architecture for securely delivering content to authorized consumers, the architecture comprising:
-
a content provider;
a consumer system for requesting content from the content provider;
the content provider generating a session rights object for accessing the content;
a KDC (key distribution center) for providing authorization data to the consumer system, the authorization data for accessing the content;
a caching server for comparing information in the session rights object with the authorization data; and
the caching server forwarding the requested content to the consumer system if the information matches the authorization data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A rights management method for securely delivering content upon request from a caching server, the method comprising:
-
providing a content provider communicably coupled to the a caching server;
providing a key management protocol comprising the steps of, forwarding a ticket challenge message from the caching server to the content provider, the challenge message for initiating key management;
responsive thereof, sending a key request message from the content provider to the caching server;
responsive thereof, sending a key reply message from the caching server to the content provider;
responsive thereof, sending a security established message from the content provider to the caching server; and
responsive thereof, sending a security established message from the content provider to the caching server; and
establishing a set of keys for securely delivering content from the content provider to the caching server. - View Dependent Claims (15, 16)
-
-
17. A rights management method for securely pre-positioning content at a caching server, the method comprising:
-
providing a content provider communicably coupled to the a caching server;
providing a key management protocol comprising the steps of, forwarding a key request message from the content provider to the caching server, the key request message for initiating key management;
responsive thereof, sending a key reply message from the caching server to the content provider; and
establishing a set of keys for securely delivering content from the content provider to the caching server. - View Dependent Claims (18, 19)
-
-
20. An authentication system allowing an authorized user to stream content from a caching server within a computing network, the system comprising:
-
a content provider for providing the content to the caching server for access by the user;
a key distribution center receiving from the content provider, a first request to access the caching server, and if authenticated the content provider delivers the content to the caching server; and
the key distribution center receiving from the user, a second request to access the caching server, and if authenticated the user is allowed to stream the content from the caching server. - View Dependent Claims (21)
-
-
22. A protocol for securing data transfer between components of a communication network:
-
a) providing a central server having a database;
b) publishing content metadata from a content provider to the central server;
c) providing a billing center server, communicably coupled to the central server;
d) reporting billing information from a caching server to the billing center server;
e)providing a provisioning database, coupled to the central server;
f) updating the provisioning database with consumer information; and
g) using a key management protocol to securely transfer data during any one or more of step b), step d), and step f). - View Dependent Claims (23)
-
Specification