Controlling access to content based on certificates and access predicates
First Claim
1. A system for enforcing digital rights on content downloaded from a provider comprising:
- means for downloading the content from the provider encrypted for a particular combination of an operating system and a central processing unit (CPU) of the computer;
means for downloading an access predicate, for the content, that specifies properties an application running on a computer is to have in order to process the content;
means for checking the access predicate against a rights manager certificate for the application requesting access to the content;
means for checking the access predicate against a certificate for the operating system running on the computer;
means for permitting access to the content only if both the rights manager certificate and the certificate for the operating system satisfy the access predicate wherein accessing the content comprises decrypting the content.
1 Assignment
0 Petitions
Accused Products
Abstract
Digital rights for content downloaded to a subscriber computer from a provider are specified in an access predicate. The access predicate is compared with a rights manager certificate associated with an entity, such as an application, that wants access to the content. If the rights manager certificate satisfies the access predicate, the entity is allowed access to the content. A license that specifies limitations on the use of the content can also be associated with the content and provided to the entity. The use the entity makes of the content is monitored and terminated if the entity violates the license limitations. In one aspect of the invention, the access predicate and the license are protected from tampering through cryptographic techniques.
-
Citations
17 Claims
-
1. A system for enforcing digital rights on content downloaded from a provider comprising:
-
means for downloading the content from the provider encrypted for a particular combination of an operating system and a central processing unit (CPU) of the computer;
means for downloading an access predicate, for the content, that specifies properties an application running on a computer is to have in order to process the content;
means for checking the access predicate against a rights manager certificate for the application requesting access to the content;
means for checking the access predicate against a certificate for the operating system running on the computer;
means for permitting access to the content only if both the rights manager certificate and the certificate for the operating system satisfy the access predicate wherein accessing the content comprises decrypting the content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
Specification