Hybrid device and person based authorized domain architecture
First Claim
1. A method of generating an Authorized Domain (AD), the method comprising the steps of selecting a domain identifier (Domain_ID) uniquely identifying the Authorized Domain (100), binding at least one user (P1, P2, . . . , PN1) to the domain identifier (Domain_ID), and binding at least one device (D1, D2, . . . , DM) to the domain identifier (Domain_ID), and thereby obtaining a number of devices (D1, D2, . . . , DM) and a number of persons (P1, P2, . . . , PN1) that is authorized to access a content item of said Authorized Domain (100).
1 Assignment
0 Petitions
Accused Products
Abstract
This invention relates to a system and a method of generating an Authorized Domain (AD) by selecting a domain identifier, and binding at least one user (P1, P, PN1), at least one device (D1, D2, . . . , DM), and at least one content item (C1, C2, . . . , CNZ) to the Authorized Domain (AD) given by the domain identifier (Domain ID). Hereby, a number of verified devices (D1, D2, . . . , DM) and a number of verified persons (P1, P2, . . . , PN1) that is authorized to access a content item of said Authorized Domain (100) is obtained. In this way, access to a content item of an authorized domain by a user operating a device is obtained either by verifying that the content item and the user is linked the same domain or by verifying that the device and the content item is linked to the same domain. Thereby, enhanced flexibility for one or more users when accessing content in an authorized domain is obtained while security of the content is still maintaining. This is further done in a simple, secure and reliable way.
76 Citations
23 Claims
-
1. A method of generating an Authorized Domain (AD), the method comprising the steps of
selecting a domain identifier (Domain_ID) uniquely identifying the Authorized Domain (100), binding at least one user (P1, P2, . . . , PN1) to the domain identifier (Domain_ID), and binding at least one device (D1, D2, . . . , DM) to the domain identifier (Domain_ID), and thereby obtaining a number of devices (D1, D2, . . . , DM) and a number of persons (P1, P2, . . . , PN1) that is authorized to access a content item of said Authorized Domain (100).
-
12. A system for generating an Authorized Domain (AD), the system comprising:
-
means for obtaining a domain identifier (Domain_ID) uniquely identifying the Authorized Domain (100), means for binding at least one user (P1, P2, . . . , PN1) to the domain identifier (Domain_ID), and means for binding at least one device (D1, D2, . . . , DM) to the domain identifier (Domain_ID), and thereby obtaining a number of devices (D1, D2, . . . , DM) and a number of persons (P1, P2, . . . , PN1) that is authorized to access a content item of said Authorized Domain (100). - View Dependent Claims (14, 18, 19, 20, 21)
-
-
22. A system according to claim 24, characterized in that
the Domain Users List (DUC) is implemented as or included in a Domain Users Certificate, and/or the Domain Devices List (DDC) is implemented as or included in a Domain Devices Certificate, and/or the User Right (URC1, URC2, . . . , URCN2) is implemented as or included in a User Right Certificate, and/or the Device Right (DevRC) is implemented as or included in a Device Right Certificate, and/or the Domain Rights (DRC1, DRC2, . . . , DRCN2) is implemented/included in a Domain Rights Certificate.
Specification