Access control for digital content
First Claim
1. A recording arrangement operable to apply access control processing to input data content using a set of one or more content keys and to record access-controlled data content on a content storage medium, said arrangement comprising:
- an encryption apparatus having encryption logic to encrypt portions of said input data content in dependence upon said set of content keys to generate encrypted input data content;
and an access control memory device operable to store securely information from which a private key of a private key/public key pair associated with a data content recording user or user group is derivable;
said apparatus and said access control memory device co-operating to provide a content access control data generator, said content access control data comprising at least one encrypted version of a respective subset of said set of content keys, said content access control data comprising content recorder access control data and default access control data, said content recorder access control data being generated in dependence upon the public key corresponding to the private key derivable from information stored on said access control memory device and said default content access control data being generated in dependence upon one or more public keys of respective default public key/default private key pairs defined as default public keys by said apparatus or said access control memory device, said default content access control data providing the same level of access to said input data content via one of said default private keys as the level of access available to said data content recording user or user group; and
said apparatus being arranged to record said encrypted input data content on said content storage medium together with said content recorder access control data and said default content access control data.
1 Assignment
0 Petitions
Accused Products
Abstract
A recording arrangement is provided for applying access control processing to input data content and for recording access-controlled data content on a content storage medium. The recording arrangement comprises an encryption apparatus for encrypting portions of the input data content and an access control memory device operable to securely store information from which a private key of a public key/private key pair associated with a data content recording user or user group is derivable. The encryption apparatus and the access control memory device co-operate to provide means for generating access control data comprising content recorder access control data and default access control data. The default content access control data providing the same level of access to the input data content as the level of access available to the data content recording user/user group. A recording means is provided for recording the encrypted input data content and the content access control data on the content storage medium.
57 Citations
21 Claims
-
1. A recording arrangement operable to apply access control processing to input data content using a set of one or more content keys and to record access-controlled data content on a content storage medium, said arrangement comprising:
-
an encryption apparatus having encryption logic to encrypt portions of said input data content in dependence upon said set of content keys to generate encrypted input data content;
and an access control memory device operable to store securely information from which a private key of a private key/public key pair associated with a data content recording user or user group is derivable;
said apparatus and said access control memory device co-operating to provide a content access control data generator, said content access control data comprising at least one encrypted version of a respective subset of said set of content keys, said content access control data comprising content recorder access control data and default access control data, said content recorder access control data being generated in dependence upon the public key corresponding to the private key derivable from information stored on said access control memory device and said default content access control data being generated in dependence upon one or more public keys of respective default public key/default private key pairs defined as default public keys by said apparatus or said access control memory device, said default content access control data providing the same level of access to said input data content via one of said default private keys as the level of access available to said data content recording user or user group; and
said apparatus being arranged to record said encrypted input data content on said content storage medium together with said content recorder access control data and said default content access control data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A recording arrangement operable to apply access control processing to input data content using a set of one or more content keys and to record access-controlled data content on a content storage medium, said arrangement comprising:
-
encryption logic to encrypt portions of said input data content in dependence upon said set of content keys to generate encrypted input data content; and
an interface operable to provide a secure data connection between said encryption logic and a removable access control memory device, said access control memory device being connectable to said encryption apparatus via said interface and able to store securely, information from which a private key of a private key/public key pair associated with a data content recording user or user group is derivable;
a content access control data generator, said content access control data comprising at least one encrypted version of a respective subset of said set of content keys, said content access control data comprising content recorder access control data and default access control data, said content recorder access control data being generated in dependence upon the public key corresponding to the private key derivable from information stored on said access control memory device and said default content access control data being generated in dependence upon one or more public keys of respective default public key/default private key pairs defined as default public keys by said apparatus or said access control memory device, said default content access control data providing the same level of access to said input data content via one of said default private keys as the level of access available to said data content recording user or user group; and
said apparatus being arranged to record said encrypted input data content on said content storage medium together with said content recorder access control data and said default content access control data.
-
-
17. A recording method for applying access control processing to input data content using a set of one or more content keys and recording access-controlled data content on a content storage medium, said method comprising:
-
encrypting portions of said input data content in dependence upon said set of content keys to generate encrypted input data content;
securely storing information from which a private key of a private key/public key pair associated with a data content recording user or user group is derivable;
generating content access control data comprising at least one encrypted version of a respective subset of said set of content keys, said content access control data comprising content recorder access control data and default access control data, said content recorder access control data being generated in dependence upon the public key corresponding to the private key derivable from information stored on an access control memory device and said default content access control data being generated in dependence upon one or more public keys of respective default public key/default private key pairs defined as default public keys by said apparatus or said access control memory device, said default content access control data providing the same level of access to said input data content via one of said default private keys as the level of access available to said data content recording user or user group; and
recording said encrypted input data content on said content storage medium together with said content recorder access control data and said default content access control data. - View Dependent Claims (18, 19, 20, 21)
-
Specification