Access control for digital content

US 20050180573A1
Filed: 07/30/2004
Published: 08/18/2005
Est. Priority Date: 07/31/2003
Status: Active Grant

First Claim

Patent Images

1. A recording arrangement operable to apply access control processing to input data content using a set of one or more content keys and to record access-controlled data content on a content storage medium, said arrangement comprising:

an encryption apparatus having encryption logic to encrypt portions of said input data content in dependence upon said set of content keys to generate encrypted input data content;

and an access control memory device operable to store securely information from which a private key of a private key/public key pair associated with a data content recording user or user group is derivable;

said apparatus and said access control memory device co-operating to provide a content access control data generator, said content access control data comprising at least one encrypted version of a respective subset of said set of content keys, said content access control data comprising content recorder access control data and default access control data, said content recorder access control data being generated in dependence upon the public key corresponding to the private key derivable from information stored on said access control memory device and said default content access control data being generated in dependence upon one or more public keys of respective default public key/default private key pairs defined as default public keys by said apparatus or said access control memory device, said default content access control data providing the same level of access to said input data content via one of said default private keys as the level of access available to said data content recording user or user group; and

said apparatus being arranged to record said encrypted input data content on said content storage medium together with said content recorder access control data and said default content access control data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A recording arrangement is provided for applying access control processing to input data content and for recording access-controlled data content on a content storage medium. The recording arrangement comprises an encryption apparatus for encrypting portions of the input data content and an access control memory device operable to securely store information from which a private key of a public key/private key pair associated with a data content recording user or user group is derivable. The encryption apparatus and the access control memory device co-operate to provide means for generating access control data comprising content recorder access control data and default access control data. The default content access control data providing the same level of access to the input data content as the level of access available to the data content recording user/user group. A recording means is provided for recording the encrypted input data content and the content access control data on the content storage medium.

57 Citations

View as Search Results

21 Claims

1. A recording arrangement operable to apply access control processing to input data content using a set of one or more content keys and to record access-controlled data content on a content storage medium, said arrangement comprising:
- an encryption apparatus having encryption logic to encrypt portions of said input data content in dependence upon said set of content keys to generate encrypted input data content;
  
  and an access control memory device operable to store securely information from which a private key of a private key/public key pair associated with a data content recording user or user group is derivable;
  
  said apparatus and said access control memory device co-operating to provide a content access control data generator, said content access control data comprising at least one encrypted version of a respective subset of said set of content keys, said content access control data comprising content recorder access control data and default access control data, said content recorder access control data being generated in dependence upon the public key corresponding to the private key derivable from information stored on said access control memory device and said default content access control data being generated in dependence upon one or more public keys of respective default public key/default private key pairs defined as default public keys by said apparatus or said access control memory device, said default content access control data providing the same level of access to said input data content via one of said default private keys as the level of access available to said data content recording user or user group; and
  
  said apparatus being arranged to record said encrypted input data content on said content storage medium together with said content recorder access control data and said default content access control data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. An arrangement according to claim 1, in which said encryption logic is operable to apply a symmetric encryption to portions of said data content using a set of one or more content keys.
  - 3. An arrangement according to claim 1, in which said content access control data generator is operable to symmetrically encrypt said at least one subset of the set of one or more content keys using a content session key and to asymmetrically encrypt the content session key using the public key of a respective public key/private key pair.
  - 4. An arrangement according to claim 1, in which said content access control data generator is operable to asymmetrically encrypt said at least one subset of said set of one or more content keys using the public key of a respective public key/private key pair.
  - 5. An arrangement according to claim 1, said apparatus comprising logic to generate said set of one or more content keys.
  - 6. An arrangement according to claim 1, in which at least one of said access control memory device and said encryption apparatus comprises memory for storing public keys associated with a respective plurality of access control memory devices.
  - 7. An arrangement according to claim 1, in which said access control memory device stores public keys associated with private keys held by other access control memory devices.
  - 8. An arrangement according to claim 1, in which said access control memory device is a removable memory device and said encryption apparatus comprises an interface to provide a secure data connection between said encryption apparatus and said removable memory device.
  - 9. An arrangement according to claim 8, in which said encryption apparatus comprises memory for storing said plurality of public keys associated with said respective plurality of removable memory devices and said removable memory device stores identification data associating that removable memory device with a respective public key held by said encryption apparatus.
  - 10. An arrangement according to claim 8, in which said removable memory device comprises a data processing module operable to perform encryption on said information content and/or for the purpose of generating said content access control data.
  - 11. An arrangement according to claim 8, in which said removable memory device is a smart card.
  - 12. An arrangement according to claim 8, in which said removable memory device is a MagicGate™
    - Memory Stick™
      
      device.
  - 13. An arrangement according to claim 8, in which said removable memory device is a secure digital card.
  - 14. An arrangement according to claim 1, in which said encrypting apparatus comprises an audio and/or video capture or processing apparatus.
  - 15. An arrangement according to claim 1, in which said input data content comprises video images and said encryption logic is operable to apply at least one of symmetric encryption, asymmetric encryption and visible watermarking to said video images.

16. A recording arrangement operable to apply access control processing to input data content using a set of one or more content keys and to record access-controlled data content on a content storage medium, said arrangement comprising:
- encryption logic to encrypt portions of said input data content in dependence upon said set of content keys to generate encrypted input data content; and
  
  an interface operable to provide a secure data connection between said encryption logic and a removable access control memory device, said access control memory device being connectable to said encryption apparatus via said interface and able to store securely, information from which a private key of a private key/public key pair associated with a data content recording user or user group is derivable;
  
  a content access control data generator, said content access control data comprising at least one encrypted version of a respective subset of said set of content keys, said content access control data comprising content recorder access control data and default access control data, said content recorder access control data being generated in dependence upon the public key corresponding to the private key derivable from information stored on said access control memory device and said default content access control data being generated in dependence upon one or more public keys of respective default public key/default private key pairs defined as default public keys by said apparatus or said access control memory device, said default content access control data providing the same level of access to said input data content via one of said default private keys as the level of access available to said data content recording user or user group; and
  
  said apparatus being arranged to record said encrypted input data content on said content storage medium together with said content recorder access control data and said default content access control data.

17. A recording method for applying access control processing to input data content using a set of one or more content keys and recording access-controlled data content on a content storage medium, said method comprising:
- encrypting portions of said input data content in dependence upon said set of content keys to generate encrypted input data content;
  
  securely storing information from which a private key of a private key/public key pair associated with a data content recording user or user group is derivable;
  
  generating content access control data comprising at least one encrypted version of a respective subset of said set of content keys, said content access control data comprising content recorder access control data and default access control data, said content recorder access control data being generated in dependence upon the public key corresponding to the private key derivable from information stored on an access control memory device and said default content access control data being generated in dependence upon one or more public keys of respective default public key/default private key pairs defined as default public keys by said apparatus or said access control memory device, said default content access control data providing the same level of access to said input data content via one of said default private keys as the level of access available to said data content recording user or user group; and
  
  recording said encrypted input data content on said content storage medium together with said content recorder access control data and said default content access control data.
- View Dependent Claims (18, 19, 20, 21)
- - 18. Computer software having program code for carrying out a method according to claim 17.
  - 19. A providing medium by which software according to claim 18 is provided.
  - 20. A medium according to claim 19, said medium being a storage medium.
  - 21. A medium according to claim 19, said medium being a transmission medium.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony United Kingdom Limited (Sony Group Corp.)
Original Assignee
Sony United Kingdom Limited (Sony Group Corp.)
Inventors
Tapson, Daniel Warren, Pelly, Jason Charles, Hooper, Daniel Luke, Taylor, Andrew Robert, Alves-Moreira, Emmanuel

Granted Patent

US 7,461,406 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

G06F 21/1014   to tokens

G06F 21/109   by using specially-adapted ...

G06F 21/16   Program or content traceabi...

G11B 20/00086   Circuits for prevention of ...

G11B 20/00115   wherein the record carrier ...

G11B 20/0021   involving encryption or dec...

G11B 20/00347   wherein the medium identifi...

G11B 20/00492   wherein content or user dat...

G11B 20/00536   wherein encrypted content d...

G11B 20/00884   involving a watermark, i.e....

G11B 2220/17   Card-like record carriers

G11B 2220/2537   Optical discs

G11B 2220/90   Tape-like record carriers

H04L 2209/60   Digital content management,...

H04L 9/0836   using tree structure or hie...

H04L 9/0894   Escrow, recovery or storing...

H04N 2005/91364   the video signal being scra...

H04N 5/772   the recording apparatus and...

H04N 5/913   for scrambling ; for copy p...

Access control for digital content

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

57 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Access control for digital content

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links