Reprogrammable security for controlling piracy and enabling interactive content
First Claim
1. A method for regulating access to nonvolatile digital storage contained in a device executing instructions in a Touring-complete interpreter, said method comprising:
- (a) receiving a request from said instructions being executed, wherein said request specifies;
(i) a portion of said storage for which access is requested, and (ii) a plurality of additional executable instructions;
(b) applying a cryptographic hash function to said additional executable instructions to obtain a hash value;
(c) authenticating said hash value; and
(d) provided that said authentication is successful, enabling access to said requested portion of said storage while executing said additional executable instructions.
10 Assignments
0 Petitions
Accused Products
Abstract
Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc (200) carries an encrypted digital video title combined with data processing operations that implement the title'"'"'s security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations (225), access secure non-volatile storage, submit data to CODECs for output (250), and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.
-
Citations
11 Claims
-
1. A method for regulating access to nonvolatile digital storage contained in a device executing instructions in a Touring-complete interpreter, said method comprising:
-
(a) receiving a request from said instructions being executed, wherein said request specifies;
(i) a portion of said storage for which access is requested, and (ii) a plurality of additional executable instructions;
(b) applying a cryptographic hash function to said additional executable instructions to obtain a hash value;
(c) authenticating said hash value; and
(d) provided that said authentication is successful, enabling access to said requested portion of said storage while executing said additional executable instructions. - View Dependent Claims (2, 3, 4)
-
-
5. A digital optical disc medium containing encrypted audiovisual content for playback on any of a plurality of device architectures, said digital optical disc medium comprising program logic configured to:
-
(a) identify at least one characteristic of a device executing said program logic;
(b) use said at least one characteristic to determine which, if any, of a plurality of security weaknesses are present in said executing device;
(c) when said determination indicates a suspected weakness, (i) select at least one of a plurality of software countermeasures, wherein said selected countermeasure corresponds to said suspected weakness and is compatible with said executing device;
(ii) mitigate said suspected weakness by directing said executing device to invoke said selected countermeasure; and
(iii) decode said encrypted audiovisual content, wherein said decoding includes a result produced by successful operation of said countermeasure logic; and
(d) when said determination does not indicate a suspected weakness, decode said audiovisual content using at least one decryption key derived using at least one cryptographic key associated with said executing device. - View Dependent Claims (6, 7)
-
-
8. An automated method for enabling a playback device containing a nonvolatile memory to determine whether permission to use digital optical disc media has been revoked, said method comprising:
-
(a) reading a media identifier from a digital optical disc medium;
(b) verifying that said media identifier is not represented in a revocation list stored in nonvolatile memory;
(c) storing said media identifier in a playback history contained in said nonvolatile memory;
(d) reading a list of revoked media identifiers from said digital optical disc media;
(e) noting any media identifier that is represented in said playback history and is also represented on said read list of revoked media identifiers; and
(f) adding any said noted media identifier to said revocation list contained in said nonvolatile memory. - View Dependent Claims (9, 10)
-
-
11. An automated method for determining whether to allow a portion of software stored in a computer-readable memory to access a portion of a nonvolatile memory, the method comprising:
-
(a) receiving a reference to said portion of software;
(b) computing a cryptographic hash of said software portion;
(c) comparing said computed cryptographic hash with a value stored in said nonvolatile memory;
(d) when said computed cryptographic hash matches said stored value, allowing said software portion to access said nonvolatile memory portion; and
(e) when said computed cryptographic hash does not match said stored value, not allowing said software portion to access said nonvolatile memory.
-
Specification