Safe distribution and use of content

US 20070101146A1
Filed: 04/20/2006
Published: 05/03/2007
Est. Priority Date: 10/27/2005
Status: Active Grant

First Claim

Patent Images

1. A method of distributing content, comprising:

creating a cryptographic hash of at least a portion of content;

creating a ticket file including the cryptographic hash; and

distributing the ticket file to a user system.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic hash of content (e.g., applications, documents, widgets, software, music, videos, etc.) is created and made available for distribution over a network (or by other means) as part of a ticket file. The ticket file can be cryptographically signed to ensure its authenticity. The ticket file and content can be downloaded separately (e.g., from different websites) to a user system (e.g., a computer, mobile phone, media player/recorder, personal digital assistant (PDA), etc.). The user system verifies the signature of the ticket file and the content hash to ensure that the content has not been compromised. The ticket file can include information relating to downloading the content (e.g., a Uniform Resource Identifier (URI)) and other meta-data (e.g., hash type, content information, public key, size, version, etc.).

228 Citations

26 Claims

1. A method of distributing content, comprising:
- creating a cryptographic hash of at least a portion of content;
  
  creating a ticket file including the cryptographic hash; and
  
  distributing the ticket file to a user system.
- View Dependent Claims (2, 3, 4, 5, 12)
- - 2. The method of claim 1, where creating a ticket file comprises:
    - including in the ticket file information relating to downloading the content from a distribution site over the network;
      
      digitally signing the ticket file;
      
      receiving a request for the content from the user system; and
      
      sending the user system the ticket file separate from the content.
  - 3. The method of claim 1, further comprising:
    - receiving notification from the user system that verification of the digital signature has failed; and
      
      initiating a security action in response to the notification.
  - 4. The method of claim 3, where initiating a security action comprises:
    - initiating a revocation service.
  - 5. The method of claim 3, where initiating a security action comprises:
    - preventing user systems from downloading the content.
  - 12. The method of claim 1, further comprising:
    - creating a security log on the user system that includes a history of content installation.

6. A method of downloading content from a network, comprising:
- sending a request for content to a content aggregator site; and
  
  receiving from the content aggregator site a digitally signed ticket file including a first cryptographic hash of at least a portion of content.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The method of claim 6, further comprising:
    - downloading the content to a user system over a network, where the content is downloaded separately from the ticket file; and
      
      verifying the digital signature of the ticket file.
  - 8. The method of claim 7, where verifying the digital signature comprises:
    - creating a second cryptographic hash of the downloaded content;
      
      comparing the second cryptographic hash with the first cryptographic hash; and
      
      if the hashes do not match, initiating a security action.
  - 9. The method of claim 8, where initiating a security action comprises:
    - deleting the content from the user system.
  - 10. The method of claim 8, where initiating a security action comprises:
    - notifying the content aggregator site of a failed verification if the hashes do not match; and
      
      receiving a command for revoking the digital signature of the ticket file.
  - 11. The method of claim 8, where initiating a security action comprises:
    - scanning the user system for instances of revoked content.

13. A computer-readable medium having stored thereon instructions which, when executed by a processor, causes the processor to perform the operations of:
- creating a cryptographic hash of at least a portion of content;
  
  creating a ticket file including the cryptographic hash; and
  
  distributing the ticket file to a user system.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer-readable medium of claim 13, where creating a ticket file comprises:
    - including in the ticket file information relating to downloading the content from a distribution site over the network;
      
      digitally signing the ticket file;
      
      receiving a request for the content from the user system; and
      
      sending the user system the ticket file separate from the content.
  - 15. The computer-readable medium of claim 13, further comprising:
    - receiving notification from the user system that verification of the digital signature has failed; and
      
      initiating a security action in response to the notification.
  - 16. The computer-readable medium of claim 15, where initiating a security action comprises:
    - initiating a revocation service.
  - 17. The computer-readable medium of claim 15, where initiating a security action comprises:
    - preventing user systems from downloading the content.

18. A computer-readable medium having stored thereon instructions which, when executed by a processor, causes the processor to perform the operations of:
- sending a request for content to a content aggregator site; and
  
  receiving from the content aggregator site a digitally signed ticket file including a first cryptographic hash of at least a portion of content.
- View Dependent Claims (19, 20, 21, 22, 23, 24)
- - 19. The computer-readable medium of claim 18, further comprising:
    - downloading the content to a user system over a network, where the content is downloaded separately from the ticket file; and
      
      verifying the digital signature of the ticket file.
  - 20. The computer-readable medium of claim 18, where verifying the digital signature comprises:
    - creating a second cryptographic hash of the downloaded content;
      
      comparing the second cryptographic hash with the first cryptographic hash; and
      
      if the hashes do not match, initiating a security action.
  - 21. The computer-readable medium of claim 20, where initiating a security action comprises:
    - deleting the content from the user system.
  - 22. The computer-readable medium of claim 20, where initiating a security action comprises:
    - notifying the content aggregator site of a failed verification if the hashes do not match; and
      
      receiving a command for revoking the digital signature of the ticket file.
  - 23. The computer-readable medium of claim 20, where initiating a security action comprises:
    - scanning the user system for instances of revoked content.
  - 24. The computer-readable medium of claim 18, further comprising:
    - creating a security log on the user system that includes a history of content installation.

25. A method of installing content, comprising:
- receiving content from a content distributor, the content including a first cryptographic hash of the content;
  
  creating a second cryptographic hash of the content;
  
  comparing the second cryptographic hash with the first cryptographic hash; and
  
  if the hashes do not match, initiating a security action.
- View Dependent Claims (26)
- - 26. The method of claim 25, further comprising:
    - comparing the content to one or more lists of content to determine if the content can be safely installed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Louch, John, Stachowiak, Maciej, Sigel, Aaron

Granted Patent

US 8,543,824 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 63/10 for controlling access to d...

H04L 63/126 the source of the received ...

Safe distribution and use of content

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

228 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Safe distribution and use of content

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

228 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links