Cryptographic methods, apparatus and systems for storage media electronic rights management in closed and connected appliances
First Claim
1. An electronic appliance for accessing or otherwise using protected information stored on a storage medium, the electronic appliance comprising:
- a disk drive configured to read the protected information from the storage medium; and
a protected processing environment communicatively coupled to the disk drive, the protected processing environment being configured to (a) access a control set associated with the protected information, the control set including two or more controls specifying one or more permitted uses of the protected information, the control set including at least (i) a first control requiring for its application one or more capabilities of the electronic appliance, and (ii) a second control that does not require, for its application, said one or more capabilities, (b) determine that the electronic appliance has the one or more capabilities, and (c) selectively permit the electronic appliance to access or otherwise use the protected information in accordance with at least the first control.
0 Assignments
0 Petitions
Accused Products
Abstract
A rights management arrangement for storage media such as optical digital video disks (DVDs, also called digital versatile disks) provides adequate copy protection in a limited, inexpensive mass-produceable, low-capability platform such as a dedicated home consumer disk player and also provides enhanced, more flexible security techniques and methods when the same media are used with platforms having higher security capabilities. A control object (or set) defines plural rights management rules for instance, price for performance or rules governing redistribution. Low capability platforms may enable only a subset of the control rules such as controls on copying or marking of played material. Higher capability platforms may enable all (or different subsets) of the rules. Cryptographically strong security is provided by encrypting at least some of the information carried by the media and enabling decryption based on the control set and/or other limitations. A secure “software container” can be used to protectively encapsulate (e.g., by cryptographic techniques) various digital property content (e.g., audio, video, game, etc.) and control object (i.e., set of rules) information. A standardized container format is provided for general use on/with various mediums and platforms. In addition, a special purpose container may be provided for DVD medium and appliances (e.g., recorders, players, etc.) that contains DVD program content (digital property) and DVD medium specific rules. The techniques, systems and methods disclosed herein are capable of achieving compatibility with other protection standards, such as for example, CGMA and Matsushita data protection standards adopted for DVDs. Cooperative rights management may also be provided, where plural networked rights management arrangements collectively control a rights management event on one or more of such arrangements.
-
Citations
108 Claims
-
1. An electronic appliance for accessing or otherwise using protected information stored on a storage medium, the electronic appliance comprising:
-
a disk drive configured to read the protected information from the storage medium; and
a protected processing environment communicatively coupled to the disk drive, the protected processing environment being configured to (a) access a control set associated with the protected information, the control set including two or more controls specifying one or more permitted uses of the protected information, the control set including at least (i) a first control requiring for its application one or more capabilities of the electronic appliance, and (ii) a second control that does not require, for its application, said one or more capabilities, (b) determine that the electronic appliance has the one or more capabilities, and (c) selectively permit the electronic appliance to access or otherwise use the protected information in accordance with at least the first control. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method of accessing or otherwise using protected information, the method comprising:
-
receiving a request from a user of an electronic appliance to access or otherwise use protected information;
using a protected processing environment of the electronic appliance to access a control set associated with the protected information, the control set including two or more controls specifying one or more permitted uses of the protected information, the control set including at least (i) a first control requiring, for its application, one or more capabilities of the electronic appliance, and (ii) a second control that does not require, for its application, said one or more capabilities;
determining that the electronic appliance is capable of applying the first control; and
using the protected processing environment to selectively grant or deny the request in accordance with at least the first control. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method performed by an electronic appliance, the method comprising:
-
receiving a removable storage medium in a drive of the electronic appliance, the removable storage medium containing a protected content item and a control set comprising at least two controls, each of said at least two controls specifying one or more permitted or prohibited uses of the protected content item;
parsing the control set;
disregarding at least one control that the electronic appliance is unable to enforce; and
in response to a request to access the protected content item, responding to the request in accordance with at least one control that the electronic appliance is able to enforce. - View Dependent Claims (40, 41, 42, 43, 44, 45)
-
-
46. A method performed by an electronic appliance, the method comprising:
-
receiving a protected content item and a control set comprising at least two controls, each of the at least two controls specifying one or more permitted or prohibited uses of the protected content item, the control set including a first control that the electronic appliance is unable to enforce and a second control that the electronic appliance is able to enforce;
receiving a request from a user of the electronic appliance to use the protected content item; and
responding to the request in accordance with at least the second control. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53)
-
-
54. A method performed by an electronic appliance, the method comprising:
-
receiving a protected content item and a control set comprising at least two controls, each of the at least two controls specifying one or more permitted or prohibited uses of the protected content item;
receiving a first request from a user of the electronic appliance to make a use of the protected content item that is specified in a control that the electronic appliance is unable to enforce; and
denying the first request. - View Dependent Claims (55)
-
-
56. A method performed by an electronic appliance, the method comprising:
-
receiving a protected content item and a control set specifying one or more permitted uses of the protected content item;
receiving a request to make a requested use of the protected content item;
parsing the control set;
determining that the control set includes a control permitting the requested use, but that the control set further includes a condition associated with the requested use;
determining that the electronic appliance is unable to enforce the condition; and
denying the request. - View Dependent Claims (57, 58, 59, 60, 61)
-
-
62. An electronic appliance comprising:
-
an input for receiving protected digital information;
a user interface for receiving a request from a user of the electronic appliance to make a requested use of the protected digital information;
hardware and/or software configured to;
(a) access a control set associated with the protected digital information, the control set including at least (i) a first control specifying a first permitted use of the protected digital information, and (ii) a second control specifying a second permitted use of the protected digital information and a condition associated with the second permitted use, wherein the electronic appliance is not configured to enforce the condition;
(b) determine whether the requested use corresponds to the first permitted use or the second permitted use;
(c) grant the request in accordance with at least the first control if the requested use corresponds to the first permitted use; and
(d) deny the request if the requested use corresponds to the second permitted use; and
an output for presenting the protected digital information to the user. - View Dependent Claims (63, 64, 65, 66, 67)
-
-
68. An electronic appliance comprising:
-
an input for receiving protected digital information;
a user interface for receiving a request from a user of the electronic appliance to use the protected digital information;
a rights management component configured to (a) access a control set associated with the protected digital information, the control set including two or more controls specifying one or more permitted uses of the protected digital information, the control set including at least (i) a first control requiring, for its application, one or more capabilities of the electronic appliance, and (ii) a second control that does not require, for its application, said one or more capabilities, (b) determine that the electronic appliance has the one or more capabilities, and (c) selectively permit the user to use the protected digital information in accordance with at least the first control; and
an output for presenting the protected digital information to the user. - View Dependent Claims (69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88)
-
-
89. A system comprising:
-
a control set for governing use of protected digital information, the control set including two or more subsets of rights management rules, the two or more subsets being based, at least in part, on one or more electronic appliance capabilities related to complying with rights management rules; and
an electronic appliance adapted to apply the control set to govern use of the protected digital information, the electronic appliance including a processor adapted to (a) make a selection of at least one of the two or more subsets of rights management rules, the selection being based at least in part on one or more capabilities of the electronic appliance, and (b) use at least a part of the protected digital information in accordance with the selection of rights management rules. - View Dependent Claims (90, 91, 92, 93, 94, 95, 96, 97, 98)
-
-
99. A method of governing use of protected digital information by an electronic appliance, the method comprising:
-
determining one or more capabilities of the electronic appliance in complying with rights management rules included in a control set; and
using a subset of the rights management rules included in the control set to govern use of the protected digital information by the electronic appliance, the subset of rights management rules corresponding to capabilities of the electronic appliance in complying therewith. - View Dependent Claims (100, 101, 102, 103, 104, 105, 106, 107, 108)
-
Specification