METHOD FOR OFFLINE DRM AUTHENTICATION AND A SYSTEM THEREOF

US 20090183001A1
Filed: 11/12/2008
Published: 07/16/2009
Est. Priority Date: 01/16/2008
Status: Active Grant

First Claim

Patent Images

1. A method for offline DRM authentication, wherein the method comprises:

encrypting a data file with a DRM encryption standard and storing internal information into an authentication device;

verifying a legitimacy of the internal information in the authentication device by a software program on a local computer to which the authentication device is connected; and

if legitimate, opening and reading the data file encrypted with the DRM encryption standard.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for offline DRM authentication and a system thereof relates to the information security field. In order to solve the problem that a license must be requested from the server in the process of DRM authentication, the invention provides a method for offline DRM authentication, in which, the method comprises: a content provider encrypts the data file with DRM standard and stores the internal information in an authentication device, the authentication device is connected to the local computer, the software program on the local computer opens and reads the data file. A system for offline DRM authentication, in which, the system comprises an authentication device, a client PC and content provider side, the authentication device comprises the DRM service module and authentication communication module. Compared with the prior art, the present invention allows the user to use the DRM protected information without a network connection.

Citations

20 Claims

1. A method for offline DRM authentication, wherein the method comprises:
- encrypting a data file with a DRM encryption standard and storing internal information into an authentication device;
  
  verifying a legitimacy of the internal information in the authentication device by a software program on a local computer to which the authentication device is connected; and
  
  if legitimate, opening and reading the data file encrypted with the DRM encryption standard.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein opening and reading the data file comprises the steps of:
    - 1) determining whether a copyright license for reading the data file is requested by the software program, and if so, sending a license request to the authentication device and go to step
      
      2);
      
      otherwise, reading the data file directly and ending;
      
      2) verifying legitimacy of the internal information after the authentication device receiving the license request sent from the software program, and if legitimate, returning a license information to the local computer by the authentication device and go to step
      
      3);
      
      otherwise, returning an error message and ending; and
      
      3) analyzing the license information from the authentication device and generating a corresponding copyright license by the local computer, decrypting the data file which is encrypted with the DRM encryption standard by using a key of the copyright license, opening the data file and responding to an operation of a user by the software program.
  - 3. The method of claim 1, wherein a Microsoft DRM authentication is supported by the software program;
    - the internal information includes a seed ID, a key, a public key, a key ID, a public key ID, developer information and/or a certificate name.
  - 4. The method of claim 2, wherein the license request is generated from the data file, and the license request comprises a seed ID, a public key ID, a contents ID, a properties and/or address.
  - 5. The method of claim 2, wherein the step 1) comprises:
    - searching for the copyright license of the data file by the software program of the local computer, and if the copyright license is found, decrypting the data file which is encrypted with the DRM encryption standard by the software program by using of the key of the copyright license and opening the data file;
      
      otherwise, sending a license request to the authentication device via a service program which is preinstalled on the local computer by the software program;
      
      the step
      
      3) of analyzing the license information returned from the authentication device and generating the corresponding copyright license by the local computer comprises;
      
      analyzing the license information returned from the authentication device to generate the corresponding copyright license by the service program supporting the HTTP protocol.
  - 6. The method of claim 5, wherein searching for the copyright license of the data file by the software program of the local computer comprises:
    - searching for a backup copyright license saved in the process of the former request for the copyright license on the disk of the local computer by the software program.
  - 7. The method of claim 5, wherein the method further comprises:
    - after the copyright license is found by the software program, connecting the software program to the authentication device to verify the legitimacy of the copyright license via the service program, and if legitimate, decrypting the data file which is encrypted with the DRM encryption standard by the software program by using the key of the copyright license and opening the data file;
      
      otherwise, returning an error message.
  - 8. The method of claim 2, wherein the step 1) comprises:
    - reading information of the data file by the software program to determine whether the data file is encrypted, and if the data file is not encrypted with the DRM encryption standard, opening the data file normally by the software program, otherwise, sending the license request to the authentication device directly by the software program;
      
      the step
      
      3) of analyzing the license information returned from the authentication device and generating the corresponding copyright license by the local computer comprises;
      
      analyzing the license information returned from the authentication device directly by the software program on the local computer to generate the corresponding copyright license.
  - 9. The method of claim 2, wherein the step 2) comprises:
    - receiving the license request by the authentication device and decrypting the license request by using the pre-stored decryption algorithm inside the authentication device, and verifying whether the decrypted license request is legitimate by comparing it with the internal information stored in the authentication device, and if so, returning the license information to the local computer by the authentication device, otherwise, returning an error message.
  - 10. The method of claim 2, wherein the license information includes a key, a right, client information, a priority and/or a certificate.
  - 11. The method of claim 1, wherein the authentication device is a USB key.

12. A system for offline DRM authentication, wherein the system comprises an authentication device, content provider side and a client PC with a preinstalled software program,the content provider side is adapted to encrypt a data file with a DRM encryption standard and store internal information into the authentication device,the client PC with the preinstalled software program opens and reads the data file which is encrypted with the DRM encryption standard and provided by the content provider side after the preinstalled software program verifies that the internal information pre-stored in the authentication device by the content provider side is legitimate.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The system of claim 12, whereinthe client PC comprises:
    - a determination module adapted to determine whether a copyright license for the data file is requested; and
      
      if so, the software program sends the copyright license request to the authentication device;
      
      otherwise, the software program opens the data file directly;
      
      a communication module, which is adapted to receive an encrypted data file sent from an encryption module and license information sent from the authentication device; and
      
      an analysis module adapted to analyze the license information received by the communication module to generate the corresponding copyright license, decrypt the data file encrypted with the DRM encryption standard by using the copyright license and open the data file, and respond to an operation of a user as well;
      
      the authentication device comprises;
      
      a DRM service module adapted to verify legitimacy of the internal information when the license request is received by an authentication communication module, if the internal information is legitimate, the DRM service module returns the license information to the client PC, otherwise, an exceptional processing will be performed; and
      
      an authentication communication module adapted to connect the client PC to the authentication device and receive the license information sent from the determination module; and
      
      the content provider side comprises;
      
      an encryption module adapted to encrypt the data file with the DRM encryption standard and send the encrypted data file to the client PC; and
      
      a storage module adapted to store the internal information into the authentication device.
  - 14. The system of claim 13, wherein the determination module is a copyright license determination module, which is adapted to determine whether the data file has the copyright license by the software program, and if so, the software program decrypts the data file which is encrypted with the DRM encryption standard by using a key of the copyright license and opens the data file;
    - otherwise, the software program sends the license request to a service program preinstalled on the client PC and requests for the copyright license again;
      
      the analysis module is a service program analysis module, which is adapted to send the license request to the authentication device when the service program preinstalled on the client PC receives the license request sent from the copyright license determination module, and analyze the license information returned from the authentication device to generate the corresponding copyright license, the software program decrypts the data file encrypted with the DRM encryption standard by using the key of the copyright license, opens the data file and responds to the operation of the user as well.
  - 15. The system of claim 13, wherein the determination module is an encryption determination module, which is adapted to determine whether the data file is encrypted with the DRM encryption standard, and if so, the software program sends the license request to the analysis module;
    - otherwise, the software program opens the data file which is not encrypted with the DRM encryption standard;
      
      the analysis module is a software sending and analysis module, which is adapted to send the license request to the authentication device directly when it receives the license request sent from the encryption determination module, and analyze the license information returned from the authentication device to generate the corresponding copyright license, the software program decrypts the data file encrypted with the DRM encryption standard by using the key of the copyright license and opens it and responds to the operation of the user as well.
  - 16. The system of claim 14, wherein the DRM service module is adapted to store key data comprising a digital certificate, a key and/or private data of a user.
  - 17. The system of claim 14, wherein the DRM service module is also adapted to store a user program which writes and calls an algorithm customized by the user.
  - 18. The system of claim 14, wherein the service program preinstalled on the client PC in the program service analysis module is capable of receiving a request of HTTP protocol, accessing the authentication device and generating license information.
  - 19. The system of claim 14, wherein the license request is generated from the data file and comprises a seed ID, a public key ID, a contents ID, a contents identifier, properties and/or an address;
    - the license information includes a key, a right, client information, a priority and/or a certificate.
  - 20. The system of claim 12, wherein the authentication device is a USB key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Feitian Technologies Company Limited
Original Assignee
Feitian Technologies Company Limited
Inventors
YU, Hua Zhang, LU, Zhou

Granted Patent

US 9,906,509 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04L 2463/101   applying security measures ...

H04L 63/08   for authentication of entit...

METHOD FOR OFFLINE DRM AUTHENTICATION AND A SYSTEM THEREOF

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR OFFLINE DRM AUTHENTICATION AND A SYSTEM THEREOF

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links