DIGITAL RIGHTS MANAGEMENT SYSTEM AND METHODS FOR ACCESSINGCONTENT FROM AN INTELLIGENT STORAG
First Claim
Patent Images
1. A storage device configured to provide content to a player system for rendering of the content, said storage device comprising:
- a storage medium comprising a user area that is accessible by the player system and a non-user area that is not accessible by the player system; and
a controller comprising a cryptographic module providing a hardware root of trust and a secured memory, wherein the controller is configured to authenticate the player system, establish a secured communication channel with the player system based on the authentication, provide, to the player system, a first cryptographic key, wherein the first cryptographic key is unique to the storage device, provide, to the player system, a second cryptographic key that is associated with the content, and provide, to the player system, the content in encrypted form from the user area of the storage medium, wherein the content is accessible based on a cryptographic combination of the first cryptographic key and the second cryptographic key.
8 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to accessing content stored on a storage device and protecting the content with a digital rights management (DRM) scheme. The storage device may be a disk drive, or network attached storage. The storage device can perform cryptographic operations and provide a hardware root of trust. The DRM employs a binding key, a content key, and an access key. The binding key binds the content to the storage device and is based on a key concealed on the storage device. The binding key itself is not stored anywhere on the storage device. The content key is a key assigned to the content. The access key is determined based on a cryptographic combination of the content key and binding key. In one embodiment, the content is encrypted based on the access key and stored in encrypted form in the storage device.
101 Citations
20 Claims
-
1. A storage device configured to provide content to a player system for rendering of the content, said storage device comprising:
-
a storage medium comprising a user area that is accessible by the player system and a non-user area that is not accessible by the player system; and a controller comprising a cryptographic module providing a hardware root of trust and a secured memory, wherein the controller is configured to authenticate the player system, establish a secured communication channel with the player system based on the authentication, provide, to the player system, a first cryptographic key, wherein the first cryptographic key is unique to the storage device, provide, to the player system, a second cryptographic key that is associated with the content, and provide, to the player system, the content in encrypted form from the user area of the storage medium, wherein the content is accessible based on a cryptographic combination of the first cryptographic key and the second cryptographic key. - View Dependent Claims (2, 3, 4)
-
-
5. A player system configured to play encrypted content, said system comprising:
-
a first interface configured to communicate with a storage device storing encrypted content; and a processor configured to authenticate the storage device, establish a secured communication channel with the storage device via the first interface, receive, from the storage device, a binding cryptographic key that is unique to the storage device, receive, from the storage device, a second cryptographic key that is associated with the content, determine an access key for the content based on a cryptographic combination of the binding cryptographic key and the second cryptographic key, receive, from the storage device, the encrypted content; and
decrypt the content based on the access key. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of accessing encrypted content from a storage device, said method comprising:
-
receiving, from the storage device, a binding cryptographic key that binds the content to the storage device; receiving, from the storage device, a second cryptographic key that is associated with the content; determining an access key for the content based on a cryptographic combination of the binding cryptographic key and the second cryptographic key; receiving, from the storage device, the encrypted content; and decrypting the content based on the access key. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeJP Morgan Chase Bank, N.A. (JP Morgan Chase & Co)
-
Original AssigneeWestern Digital Technologies Incorporated (Western Digital Corporation)
-
InventorsBLANKENBECKLER, David L., YBARRA, Danny, HESSELINK, Lambertus
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current713/189
-
CPC Class CodesG06F 21/1014 to tokensG06F 21/602 Providing cryptographic fac...G06F 21/71 to assure secure computing ...G06F 2221/2107 File encryptionG11B 20/00115 wherein the record carrier ...G11B 20/00123 the record carrier being id...G11B 20/00137 involving measures which re...G11B 20/00246 wherein the key is obtained...H04L 2209/603 Digital right managament [DRM]H04L 9/006 involving public key infras...H04L 9/0861 Generation of secret inform...H04L 9/0866 involving user or device id...H04L 9/0894 Escrow, recovery or storing...H04L 9/321 involving a third party or ...
