KEY ROTATION SCHEME FOR DRM SYSTEM IN DASH-BASED MEDIA SERVICE
First Claim
1. A method for managing secure distribution of media content in a system for a Dynamic Adaptive Streaming over Hypertext transfer protocol (DASH)-based media service, comprising:
- generating, by a DASH encoder, pairs of key identifiers(KID) and media decryption keys and providing, by the DASH encoder, a key list including the generated pairs to a Content Protection (CP) manager, wherein each of the media decryption keys is corresponded to each of the key identifiers (KID);
delivering, by the CP manager, the key list received from the DASH encoder to a license server;
creating, by the license server, multiple Entitlement Control Licenses (ECLs) based on the key list, and delivering, by the license server, an ECL list including the created ECLs to the CP manager, wherein each of the ECLs in the ECL list includes an encrypted media decryption key and an encrypted KID;
generating, by the CP manager, a Protection System Specific Header (pssh) box in which the ECL list is inserted into a data field, and delivering, by the CP manager, the generated pssh box to the DASH encoder;
delivering, by the DASH encoder, the pssh box to a client device, with the pssh box being included in a DASH Media Presentation Description (MPD) or a media segment;
delivering, by a DASH decoder, the pssh box to a DRM client by parsing a DASH stream, wherein the DASH decoder and the DRM client are included in the client device; and
decrypting, by the DRM client, the key list, from multiple ECLs included in the pssh box, using a decryption key included in a Entitlement Management License (EML).
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed herein is a key rotation scheme for a DRM system in a DASH-based media content service. A DASH encoder generates media decryption keys and provides a key list including the media decryption keys to a CP manager. Each media decryption key is identified by a key identifier (KID). The CP manager delivers the key list to a license server. The license server creates ECLs based on the key list, and delivers an ECL list including ECLs to the CP manager. Each ECL is identified by KID and includes an encrypted media decryption key and an encrypted KID. The CP manager generates a pssh box in which the ECL list is inserted into a data field, and delivers the pssh box to the DASH encoder. The DASH encoder delivers the pssh box to a client device, with the pssh box being included in a DASH MPD or media segment.
-
Citations
5 Claims
-
1. A method for managing secure distribution of media content in a system for a Dynamic Adaptive Streaming over Hypertext transfer protocol (DASH)-based media service, comprising:
-
generating, by a DASH encoder, pairs of key identifiers(KID) and media decryption keys and providing, by the DASH encoder, a key list including the generated pairs to a Content Protection (CP) manager, wherein each of the media decryption keys is corresponded to each of the key identifiers (KID); delivering, by the CP manager, the key list received from the DASH encoder to a license server; creating, by the license server, multiple Entitlement Control Licenses (ECLs) based on the key list, and delivering, by the license server, an ECL list including the created ECLs to the CP manager, wherein each of the ECLs in the ECL list includes an encrypted media decryption key and an encrypted KID; generating, by the CP manager, a Protection System Specific Header (pssh) box in which the ECL list is inserted into a data field, and delivering, by the CP manager, the generated pssh box to the DASH encoder; delivering, by the DASH encoder, the pssh box to a client device, with the pssh box being included in a DASH Media Presentation Description (MPD) or a media segment; delivering, by a DASH decoder, the pssh box to a DRM client by parsing a DASH stream, wherein the DASH decoder and the DRM client are included in the client device; and decrypting, by the DRM client, the key list, from multiple ECLs included in the pssh box, using a decryption key included in a Entitlement Management License (EML). - View Dependent Claims (2)
-
-
3. A method for managing secure distribution of media content in a system for a Dynamic Adaptive Streaming over Hypertext transfer protocol (DASH)-based media service, comprising:
-
generating, by a DASH encoder, pairs of key identifiers(KID) and media decryption keys and providing, by the DASH encoder, a key list including the generated pairs to a CP manager, wherein each of the media decryption keys is corresponded to each of the key identifier (KID); delivering, by the CP manager, the key list received from the DASH encoder to a license server; creating, by the license server, multiple ECLs based on the key list, and delivering, by the license server, an ECL list including the created ECLs to the CP manager, wherein each of the ECLs includes an encrypted media decryption key and an encrypted KID; generating, by the CP manager, a pssh box in which the ECL list is inserted into a data field, and delivering, by the CP manager, the generated pssh box to the DASH encoder; and delivering, by the DASH encoder, the pssh box to a client device, with the pssh box being included in a DASH MPD or a media segment.
-
-
4. A computerized device functioning as a CP manager for managing secure distribution of media content in a system for a DASH-based media service, comprising:
-
memory for storing computer program instructions; one or more processors; an input/output interface circuit; and one or more data buses for mutually connecting the memory, the processors, and the input/output interface circuit, wherein each of the processors executes the computer program instructions and then allows the computerized device to perform a method comprising; delivering a key list including pairs of key identifiers(KID) and media decryption keys from a DASH encoder to a license server, wherein each of the media decryption keys is corresponded to each of the key identifier (KID); receiving an ECL list created based on the key list from the license server, wherein each of ECLs includes an encrypted media decryption key and an encrypted KID; and generating a pssh box in which the ECL list is inserted into a data field, and delivering the generated pssh box to the DASH encoder, wherein the pssh box is delivered by the DASH encoder to a client device, with the pssh box being included in a DASH MPD or a media segment.
-
-
5. A system for a DASH-based media service, comprising:
-
one or more server computers connected to a client device over a content delivery network, the server computers each including a DASH encoder, a CP manager, and a license server, wherein the DASH encoder is configured to generate a key list including pairs of key identifiers(KID) and media decryption keys, and deliver a pssh box received from the license server to the client device, with the pssh box being included in a DASH MPD or a media segment, wherein the license server is configured to create multiple ECLs based on the key list and deliver an ECL list including the created ECLs to the CP manager, wherein each of the ECLs includes an encrypted media decryption key and an encrypted KID that correspond to each other, and wherein the CP manager is configured to receive the key list from the DASH encoder, deliver the key list to the license server, generate a pssh box in which the ECL list received from the license server is inserted, and deliver the generated pssh box to the DASH encoder, wherein KID/ECL pairs are included in a data field of the pssh box.
-
Specification