Token passing technique for media playback devices

US 20080168568A1
Filed: 01/08/2007
Published: 07/10/2008
Est. Priority Date: 01/08/2007
Status: Active Grant

First Claim

Patent Images

1. A computer enabled method for controlling distribution of media content between a source, a host device, and a player associated with the host device, the method comprising the acts of:

exchanging authentication data between the player and the host device;

transmitting a request for a token from the host device to the source;

receiving the token at the host device;

sending the token to the player;

sending identification data from the player to the host source including the token; and

receiving at the player, in response to the token, at least one key relating to encryption or decryption of the content to be distributed.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A digital rights management (DRM) system for distribution of digital content such as audio or video uses a token passing scheme to enhance security of the content from unauthorized access and use, including access by unauthorized players. The token is requested from the central content or DRM server by a host device such as a user'"'"'s computer, using security related information. The token is then passed to a media player associated with the host device, the token being encrypted using a key special to that particular player. Upon receipt of the token, the player transmits back to the server certain related security information confirming receipt of the token and in return receives keys for decryption of the associated digital content. In the absence of proper passing of the token, player access to the content, or further access to other content, is denied. This also allows the player to communicate directly with the server for obtaining the keys.

64 Citations

View as Search Results

44 Claims

1. A computer enabled method for controlling distribution of media content between a source, a host device, and a player associated with the host device, the method comprising the acts of:
- exchanging authentication data between the player and the host device;
  
  transmitting a request for a token from the host device to the source;
  
  receiving the token at the host device;
  
  sending the token to the player;
  
  sending identification data from the player to the host source including the token; and
  
  receiving at the player, in response to the token, at least one key relating to encryption or decryption of the content to be distributed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the player is one of a media player, cellular telephone, or PDA.
  - 3. The method of claim 1, wherein the authentication data includes an authentication certificate and an encryption key.
  - 4. The method of claim 1, wherein the token request includes a global universal identifier of each of the server and the player, and additional authentication information pertaining to the global universal identifiers.
  - 5. The method of claim 1, wherein the token when received at the player is encrypted with a key, the key pertaining to a predefined aspect of the player.
  - 6. The method of claim 1, wherein the token when sent to the player is encrypted with a session key relating to the exchanged authentication data.
  - 7. The method of claim 1, wherein the identification data includes the token and a global universal identifier of each of the player and host device.
  - 8. The method of claim 7, wherein the identification data further includes data for verifying the token, and an authentication certificate of the player.
  - 9. The method of claim 1, wherein the act of receiving at the player further includes receiving an additional token.
  - 10. A computer readable medium carrying computer code for performing the portions of the method of claim 1 to be carried out by the source.
  - 11. A computer readable medium carrying computer code for performing the portions of the method of claim 1 to be carried out by the player or host device.
  - 12. A programmed apparatus programmed to perform the portions of the method of claim 1 to be carried out by the player or host device.
  - 13. The method of claim 1, wherein the source is a server.
  - 14. The method of claim 1, wherein the host device communicates with the source via the Internet, and with the player via a local connection.
  - 15. The method of claim 14, wherein the local connection is one of a universal serial bus, a wireless connection, and a local area network.

16. A computer enabled method for controlling distribution of media content to a player from a source, the player having an associated host device, the method comprising the acts of:
- the player exchanging authentication data with the host device;
  
  receiving at the player a token originating at the source, via the host device;
  
  sending identification data from the player to the source, the data including the token; and
  
  receiving at the player, in response to the token, at least one key relating to encryption or decryption of the content to be distributed.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 17. The method of claim 16, wherein the player is one of a media player, cellular telephone, or PDA.
  - 18. The method of claim 16, wherein the authentication data includes an authentication certificate and an encryption key.
  - 19. The method of claim 16, wherein the token is provided per a request which includes a global universal identifier of each of the server and the player, and additional authentication information pertaining to the global universal identifiers.
  - 20. The method of claim 16, wherein the token is first received at the host device as encrypted with a key, the key pertaining to a predefined aspect of the player.
  - 21. The method of claim 16, wherein the token when sent to the player is encrypted with a session key relating to the exchanged authentication data.
  - 22. The method of claim 16, wherein the identification data includes the token and a global universal identifier of each of the player and host device.
  - 23. The method of claim 22, wherein the identification data further includes data for verifying the token, and an authentication certificate of the player.
  - 24. The method of claim 16, wherein the act of receiving at the player further includes receiving an additional token.
  - 25. A computer readable medium carrying computer code for carrying out the method of claim 16.
  - 26. A programmed apparatus programmed to carry out the method of claim 16.
  - 27. The method of claim 16, wherein the source is a server.
  - 28. The method of claim 16, wherein the host device communicates with the source via the Internet, and with the player via a local connection.
  - 29. The method of claim 28, wherein the local connection is one of a universal serial bus, a wireless connection, and a local area network.

30. A computer enabled method for controlling distribution of media content to a host device for playing on an associated player, the method comprising the acts of:
- the host device exchanging authentication data with the player;
  
  transmitting from the host device a request for a token from the host device to the source;
  
  receiving the token at the host device; and
  
  sending the token from the host device to the player; and
  
  thereby the player being enabled to decrypt or encrypt the content to be distributed.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
- - 31. The method of claim 30, wherein the player is one of a media player, cellular telephone, or PDA.
  - 32. The method of claim 30, wherein the authentication data includes an authentication certificate and an encryption key.
  - 33. The method of claim 30, wherein the token request includes a global universal identifier of each of the server and the player, and additional authentication information pertaining to the global universal identifiers.
  - 34. The method of claim 30, wherein the token when received at the host device is encrypted with a key, the key pertaining to a predefined aspect of the player.
  - 35. The method of claim 30, wherein the token when sent to the player is encrypted with a session key relating to the exchanged authentication data.
  - 36. The method of claim 30, wherein the player sends identification data to the host device, and the identification data includes the token and a global universal identifier of each of the player and host device.
  - 37. The method of claim 36, wherein the identification data further includes data for verifying the token, and an authentication certificate of the player.
  - 38. The method of claim 30, wherein the host device sends an additional token to the player.
  - 39. A computer readable medium carrying computer code for performing the method of claim 30.
  - 40. A programmed apparatus programmed to carry out the method of claim 30.
  - 41. The method of claim 30, wherein the source is a server.
  - 42. The method of claim 30, wherein the host device communicates with the source via the Internet, and with the player via a local connection.
  - 43. The method of claim 44, 42 wherein the local connection is one of a universal serial bus, a wireless connection, and a local area network.

44. A player for storing and playing media content received from an external source, and having a digital rights management (DRM) portion, the DRM portion comprising:
- an input/output port adapted to receive the media content and to send and receive DRM information;
  
  a storage for an authentication certificate of the player, coupled to the port;
  
  a storage for a global identifier of the player, coupled to the port;
  
  a storage for a token received from the source, coupled to the port;
  
  a key repository, coupled to the port for storing keys for decrypting the media content;
  
  a storage for an additional token, coupled to the port; and
  
  a processor coupled to the port and to the global identifier storage and to the token storage, and for assembling identification data including the global identifier, the token, a signature of the token, the authentication certificate, and a size of the token signature and a size of the authentication certificate to be transmitted from the port.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Farrugia, Augustin J., Brodersen, Rainer, Schultz, Rod, Robbin, Jeffrey

Granted Patent

US 7,975,312 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/30
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04N 21/4126   The peripheral being portab...

H04N 21/4405   involving video stream decr...

H04N 21/63345   by transmitting keys key di...

H04N 21/8355   involving usage data, e.g. ...

H04N 7/1675   Providing digital key or au...

Token passing technique for media playback devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

44 Claims

Specification

Use Cases

Quick Links

Others

Token passing technique for media playback devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

44 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others