Secure storage for digital rights management
First Claim
Patent Images
1. A method, implemented at least in part by a computer, comprising:
- providing a computing device with digital rights management (DRM) software that has been remotely provisioned;
providing, in secure storage on the computing device, a signing key and a counter that maintains a counter value that is to be used for verification;
associating a counter value with DRM data that is to be protected;
signing, under the influence of the DRM software, the DRM data and associated counter value using the signing key, said signing providing signed DRM data and the associated counter value; and
storing signed DRM data and the associated counter value in local storage on the computing device.
2 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments utilize hardware-enforced boundaries to provide various aspects of digital rights management or DRM in an open computing environment. Against the backdrop of these hardware-enforced boundaries, DRM provisioning techniques are employed to provision such things as keys and DRM software code in a secure and robust way. Further, at least some embodiments utilize secure time provisioning techniques to provision time to the computing environment, as well as techniques that provide for robustly secure storage.
-
Citations
20 Claims
-
1. A method, implemented at least in part by a computer, comprising:
-
providing a computing device with digital rights management (DRM) software that has been remotely provisioned; providing, in secure storage on the computing device, a signing key and a counter that maintains a counter value that is to be used for verification; associating a counter value with DRM data that is to be protected; signing, under the influence of the DRM software, the DRM data and associated counter value using the signing key, said signing providing signed DRM data and the associated counter value; and storing signed DRM data and the associated counter value in local storage on the computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method implemented, at least in part, by a computer, comprising:
-
providing a computing device with digital rights management (DRM) software that has been remotely provisioned; providing, in secure storage on the computing device, a signing key and a counter that maintains a counter value; providing a table having a counter value and multiple other values individual ones of which being associated with DRM data portions that are to be protected in local storage on the computing device; computing signatures for individual DRM data portions by using the signing key to sign a DRM data portion and its associated other value; and storing the individual DRM data portions and associated signatures in local storage on the computing device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system comprising:
-
one or more computer-readable media; computer-readable instructions on the one or more computer-readable media which, when executed, implement a digital rights management (DRM) partition; secure storage hardware for storing a signing key and a counter that holds counter values; local storage that holds DRM data; DRM software executable in the DRM partition, wherein the DRM software is configured to implement secure storage functionality using the local storage and the secure storage hardware, wherein the secure storage functionality is implemented by utilizing a system in which counter values stored in the secure storage are checked against counter values stored with the DRM data, and wherein when counter values match, DRM operations are permitted and when counter values do not match, DRM operations are not permitted. - View Dependent Claims (20)
-
Specification