Secure key management for scalable codestreams
First Claim
1. A method for securing access to levels within a codestream including a plurality of scalable access types, comprising:
- representing a first set of first levels of a fully-ordered access type, in which each lower-ranked first level is always included within each higher-ranked first level, with a fully-ordered node set;
representing a second set of second levels of a partially-ordered access type, in which each lower-ranked second level is not always included within each higher-ranked second level, with a partially-ordered node set;
combining the fully-ordered node set and the partially-ordered node set to create an access node set including a partially-ordered set in which each access node represents a combination of the first levels and the second levels;
generating a key set including a key corresponding with each node in the access node set; and
encrypting the codestream.
2 Assignments
0 Petitions
Accused Products
Abstract
Key management is performed to generate a single key allowing of the decoding of all authorized levels of a plurality of access types within a scalable codestream. An access node set is derived from sets representing access types having hierarchies representable by fully ordered sets, such as resolution and layer levels, and hierarchies representable by partially ordered sets, such as tile and precinct levels. The access node set derived is a partially ordered set representing the combinations of levels of the access types included within the codestream. A hierarchical key management system is applied to the access node set to assign a key to each of the access nodes, generate content encryption keys, and encrypt the codestream. A client receiving the codestream, access node set, and other public information uses the key to derive additional keys to decrypt the codestream.
12 Citations
20 Claims
-
1. A method for securing access to levels within a codestream including a plurality of scalable access types, comprising:
-
representing a first set of first levels of a fully-ordered access type, in which each lower-ranked first level is always included within each higher-ranked first level, with a fully-ordered node set;
representing a second set of second levels of a partially-ordered access type, in which each lower-ranked second level is not always included within each higher-ranked second level, with a partially-ordered node set;
combining the fully-ordered node set and the partially-ordered node set to create an access node set including a partially-ordered set in which each access node represents a combination of the first levels and the second levels;
generating a key set including a key corresponding with each node in the access node set; and
encrypting the codestream. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for accessing levels within a codestream including a plurality of scalable access types, comprising:
-
identifying a first desired level of access among a set of first levels of a fully-ordered access type, in which each lower-ranked first level is always included within each higher-ranked first level;
identifying a second desired level of access among a second set of second levels of a partially-ordered access type, in which each lower-ranked second level is not always included within each higher-ranked second level;
securing authorization to access the codestream at a desired level combination including the first desired level and the second desired level;
receiving an access node set including a partially-ordered set of access nodes representing a combination of a fully-ordered node set representing the fully-ordered access type and a partially ordered node set representing the partially-ordered access type; and
receiving a single key allowing access to the codestream at the desired level combination and, by using the access node set, access at least one lower combination including at least one of a lower-ranked first level and a lower-ranked second level. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A system for controlling access to levels within a codestream including a plurality of scalable access types, the system comprising:
-
a server comprising one or more computers programmed to perform actions including;
maintaining an access node set including a plurality of access nodes each representing a member of a partially ordered of set of combinations of levels to a plurality of scalable access types;
maintaining a key for each of the plurality of access nodes, each key permitting access to a combination of levels associated with an access node and any combination of levels including at least one lower-ranked level;
receiving an authorization request for a desired level combination indicating a desired access level for each of the plurality of scalable access types;
identifying set a desired access node for the desired level combination and retrieving a desired key for with the desired access node; and
communicating the access node set and the desired key; and
a client comprising one or more computers programmed to perform actions including;
selecting the desired level combination;
receiving the access node set and the desired key; and
using the desired key access to the codestream at the desired level combination and, by using the access node set and the desired key, deriving at least one additional key providing access to a combination of levels including at least one lower-ranked level. - View Dependent Claims (19, 20)
-
Specification