Digital Rights Management (DRM)-Enabled Policy Management For An Identity Provider In A Federated Environment
First Claim
1. A method, operative at an identity provider entity, for enforcing a digital rights management (DRM) scheme associated with a piece of content, wherein the identity provider entity together with a service provider entity participate in a federation, comprising:
- obtaining and evaluating against a DRM policy a set of one or more DRM privileges associated with the end user requesting access to the piece of content;
based on the evaluation, generating a message that includes a reference to the set of one or more DRM privileges associated with an end user requesting access to the piece of content; and
forwarding the message to the service provider entity.
1 Assignment
0 Petitions
Accused Products
Abstract
A method operative at an identity provider enforces a digital rights management (DRM) scheme associated with a piece of content. The identity provider is an entity that participates in a “federation” with one or more other entities including, for example, an service provider (e.g., a content provider), a DRM privileges provider, and a DRM policy provider. In one embodiment, the method begins by having the identity provider obtain and evaluate against a DRM policy a set of DRM privileges associated with the end user requesting access to the piece of content. Based on the evaluation, the identity provider generates a single sign on (SSO) message that includes a reference to the set of DRM privileges. The message is then forward to the service provider entity, which provides the end user a response.
-
Citations
25 Claims
-
1. A method, operative at an identity provider entity, for enforcing a digital rights management (DRM) scheme associated with a piece of content, wherein the identity provider entity together with a service provider entity participate in a federation, comprising:
-
obtaining and evaluating against a DRM policy a set of one or more DRM privileges associated with the end user requesting access to the piece of content; based on the evaluation, generating a message that includes a reference to the set of one or more DRM privileges associated with an end user requesting access to the piece of content; and forwarding the message to the service provider entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method, operative at an identity provider, for enforcing a digital rights management (DRM) scheme associated with a piece of content, wherein the identity provider participates in a federation that also includes a service provider, a DRM privileges provider, and a DRM policy provider, comprising:
-
upon a given occurrence, determining whether a set of one or more DRM privileges are available for evaluation, the set of one or more DRM privileges associated with the end user requesting access to the piece of content; if the set of one or more DRM privileges are not available for evaluation, retrieving the set of one or more DRM privileges from the DRM privileges provider; determining whether a DRM policy is to be evaluated and is available; if the DRM policy is to be evaluated and is not available, retrieving the DRM policy from the DRM policy provider; evaluating the set of one or more DRM privileges against the DRM policy; and based on the evaluation, generating a message that includes a reference to the set of one or more DRM privileges associated with an end user requesting access to the piece of content; and forwarding the message to the service provider entity. - View Dependent Claims (18, 19, 20, 21, 22)
-
-
23. A data processing system for enforcing a digital rights management (DRM) scheme associated with a piece of content;
-
a processor; code executable by the processor for determining whether a set of one or more DRM privileges are available for evaluation, the set of one or more DRM privileges associated with the end user requesting access to the piece of content; code executable by the processor for retrieving the set of one or more DRM privileges from a DRM privileges provider if the set of one or more DRM privileges are not available for evaluation; code executable by the processor for determining whether a DRM policy is to be evaluated and is available; code executable by the processor for retrieving the DRM policy from a DRM policy provider if the DRM policy is to be evaluated and is not available; and code executable by the processor for evaluating the set of one or more DRM privileges against the DRM policy. - View Dependent Claims (24)
-
-
25. A computer program product stored in a computer-readable medium and executable in a processor for enforcing a digital rights management (DRM) scheme associated with a piece of content, comprising:
-
code executable by the processor for determining whether a set of one or more DRM privileges are available for evaluation, the set of one or more DRM privileges associated with the end user requesting access to the piece of content; code executable by the processor for retrieving the set of one or more DRM privileges from a DRM privileges provider if the set of one or more DRM privileges are not available for evaluation; code executable by the processor for determining whether a DRM policy is to be evaluated and is available; code executable by the processor for retrieving the DRM policy from a DRM policy provider if the DRM policy is to be evaluated and is not available; and code executable by the processor for evaluating the set of one or more DRM privileges against the DRM policy.
-
Specification