TAMPER PREVENTION AND DETECTION FOR VIDEO PROVIDED OVER A NETWORK TO A CLIENT
First Claim
1. A server for use in detecting tampering on a client device over a network, comprising:
- a repository that is configured to store tamper event objects;
a processor that is configured to perform actions, including;
providing at least one publisher component to the client device, wherein the at least one publisher component is configured to monitor for an unauthorized action on the client device, and if the unauthorized action is detected, to publish a tamper event object to the repository; and
providing at least one subscriber component to the client device, wherein at least one subscriber component is configured to subscribe to the repository, receive published tamper event objects, and based on the tamper event objects, and at least one business rule, to perform at least one defensive action.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, apparatus, and method are directed to providing digital copy protection of media using a subscriber/publisher architecture. In one embodiment, a publisher employs various dynamic and/or static tamper detection, including, filter graph change detectors, ICE detectors, screen scraping detectors, debugger detectors, pattern recognizers, or the like. When a tampering event is detected by one or more of the publishers, the tamper event may be published for access by a subscriber. Published tamper events may be pushed to or pulled by the subscribers. When one or more subscribers receive the tamper event, the subscriber(s) may perform one or more tamper response actions according to various business rules, and/or other core rules.
80 Citations
20 Claims
-
1. A server for use in detecting tampering on a client device over a network, comprising:
-
a repository that is configured to store tamper event objects;
a processor that is configured to perform actions, including;
providing at least one publisher component to the client device, wherein the at least one publisher component is configured to monitor for an unauthorized action on the client device, and if the unauthorized action is detected, to publish a tamper event object to the repository; and
providing at least one subscriber component to the client device, wherein at least one subscriber component is configured to subscribe to the repository, receive published tamper event objects, and based on the tamper event objects, and at least one business rule, to perform at least one defensive action. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system that is arranged to respond to unauthorized actions on a client device, the system comprising:
-
a repository that is configured to store tamper event objects;
a publisher component that is configured to monitor for an unauthorized action on the client device, and if the unauthorized action is detected, to publish a tamper event object to the repository; and
a subscriber component that is configured to subscribe to the repository, receive published tamper event objects, and based on the tamper event objects, and at least one business rule, to perform at least one defensive action to inhibit the unauthorized action. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A method for managing responses to unauthorized actions on a client device over a network, the method comprising:
-
providing to the client device a plurality of different publisher components, each publisher component being configured to employ a different detection mechanism for detecting unauthorized actions;
if an unauthorized action is detected on the client device by at least one of the plurality of different publisher components, publishing information about the unauthorized action in a tamper event object;
receiving the published tamper event object by a subscriber component; and
in response to receiving the published tamper event object, performing at least one action that is directed towards deterring the detected unauthorized action on the client device. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A computer-readable storage medium having computer-executable instructions for managing responses to unauthorized actions, the computer-executable instructions when installed onto a computing device enable the computing device to perform actions, comprising:
-
receiving a publisher component that is configured to detect an unauthorized action on the computing device;
if the publisher component detects an unauthorized action on the computing device, publishing a tamper event object that includes at least a time of detection of the unauthorized action, and an identifier associated with the unauthorized action; and
receiving by a subscriber component the tamper event object, wherein the subscriber component is configured to perform at least one action directed to deterring the unauthorized action on the computing device. - View Dependent Claims (18, 19, 20)
-
Specification