SYSTEM AND METHOD FOR DECENTRALIZED MANAGEMENT OF KEYS AND POLICIES
3 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of a system and method for decentralized management of keys and policies are described. Various embodiments may include a computer system configured to receive a request from a remote computer system associated with a recipient of content. Such request may include an encrypted content encryption key that is encrypted with a packaging key utilized by a packaging entity. The request may also include an identifier identifying the packaging entity. In some embodiments, the request may also include policy information specifying one or more usage rights of the content. The computer system may be configured to, in response to determining the recipient is authorized to access the content, generate the packaging key based on the identifier and a secret root seed, utilize the generated packaging key to decrypt the encrypted content encryption key, and provide the decrypted content encryption key to the remote computer system.
-
Citations
87 Claims
-
1-45. -45. (canceled)
-
46. A computer-implemented method, comprising:
-
receiving, by a licensing system, an encrypted content encryption key from a remote computer system and a packaging entity identifier, wherein the packaging entity identifier identifies a packaging entity providing encrypted content to a content recipient associated with the remote computer system, wherein the encrypted content encryption key is encrypted by the packaging entity using a packaging key; generating, by the licensing system, the packaging key based on the packaging entity identifier and a secret root seed, wherein the secret root seed is inaccessible to the remote computer system and the packaging entity; decrypting, by the licensing system, the encrypted content encryption key with the generated packaging key to generate a decrypted content encryption key; and providing, by the licensing system, the decrypted content encryption key to the remote computer system for decrypting the encrypted content. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
-
-
57. A licensing system comprising:
-
a memory; and at least one processor coupled to the memory, wherein the at least one processor is configured to execute program instructions stored in the memory, wherein the program instructions are configured for; receiving an encrypted content encryption key from a remote computer system and a packaging entity identifier, wherein the packaging entity identifier identifies a packaging entity providing encrypted content to a content recipient associated with the remote computer system, wherein the encrypted content encryption key is encrypted by the packaging entity using a packaging key, generating the packaging key based on the packaging entity identifier and a secret root seed, wherein the secret root seed is inaccessible to the remote computer system and the packaging entity, decrypting the encrypted content encryption key with the generated packaging key to generate a decrypted content encryption key, and providing the decrypted content encryption key to the remote computer system for decrypting the encrypted content. - View Dependent Claims (58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72)
-
-
73. A non-transitory computer-readable medium storing program instructions computer-executable on a computer system, the program instructions comprising:
-
program instructions for receiving an encrypted content encryption key from a remote computer system and a packaging entity identifier, wherein the packaging entity identifier identifies a packaging entity providing encrypted content to a content recipient associated with the remote computer system, wherein the encrypted content encryption key is encrypted by the packaging entity using a packaging key; program instructions for receiving generating the packaging key based on the packaging entity identifier and a secret root seed, wherein the secret root seed is inaccessible to the remote computer system and the packaging entity; program instructions for receiving decrypting the encrypted content encryption key with the generated packaging key to generate a decrypted content encryption key; and program instructions for receiving providing the decrypted content encryption key to the remote computer system for decrypting the encrypted content. - View Dependent Claims (74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87)
-
Specification