Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels
First Claim
1. A method including:
- at a first apparatus, receiving (1) a secure digital container including a file and information steganographically encoded into the file, and (2) a first control set made up of at least one control;
at the first apparatus, opening the secure digital container to retrieve at least a first portion of the file, the step of opening being at least in part controlled by the first control set; and
recording information relating to the opening of the secure digital container, the recording occurring at least in part under control of the first control set.
2 Assignments
0 Petitions
Accused Products
Abstract
Electronic steganographic techniques can be used to encode a rights management control signal onto an information signal carried over an insecure communications channel. Steganographic techniques ensure that the digital control information is substantially invisibly and substantially indelibly carried by the information signal. These techniques can provide end-to-end rights management protection of an information signal irrespective of transformations between analog and digital. An electronic appliance can recover the control information and use it for electronic rights management to provide compatibility with a Virtual Distribution Environment. In one example, the system encodes low data rate pointers within high bandwidth time periods of the content signal to improve overall control information read/seek times.
767 Citations
49 Claims
-
1. A method including:
-
at a first apparatus, receiving (1) a secure digital container including a file and information steganographically encoded into the file, and (2) a first control set made up of at least one control;
at the first apparatus, opening the secure digital container to retrieve at least a first portion of the file, the step of opening being at least in part controlled by the first control set; and
recording information relating to the opening of the secure digital container, the recording occurring at least in part under control of the first control set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
the recorded information includes usage information relating to the date or time of the opening of the secure digital container.
-
-
3. A method as in claim 1 in which:
the recorded information includes usage information relating to the identity of a user of the first apparatus.
-
4. A method as in claim 1 in which the file consists of the first portion and a second portion, and the method further including:
receiving a second control set made up of at least one control, the second control set at least in part governing access to or other use of the second portion, but not governing the first portion.
-
5. A method as in claim 4 further including:
at the first apparatus, opening the secure digital container to retrieve at least the second portion of the file, the step of opening being at least in part controlled by the second control set.
-
6. A method as in claim 5 in which:
the second portion of the file contains a description of the first portion of the file.
-
7. A method as in claim 1 further including:
steganographically decoding the file to recover at least a portion of the steganographically-encoded information.
-
8. A method as in claim 1 in which:
the steganographically-encoded information includes information relating to the number of times the file may be accessed or used.
-
9. A method as in claim 1, further including:
transmitting at least a portion of the file to a second apparatus, the transmission being at least in part controlled by the first control set.
-
10. A method including the following:
-
at a first apparatus, receiving (1) a secure digital container including a file and information steganographically encoded into the file, and (2) a control set made up of at least one control;
at the first apparatus, opening the secure digital container to retrieve at least a portion of the file, the step of opening being at least in part controlled by the control set; and
transmitting information relating to the opening of the secure digital container to a remote site, the transmission occurring at least in part under control of the control set. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
the transmitted information includes usage information relating to the date or time of the opening of the secure digital container.
-
-
12. A method as in claim 10 in which:
the transmitted information includes usage information relating to the identity of a user of the first apparatus.
-
13. A method as in claim 10 in which:
the control set includes a first control governing a first portion of the file and a second control governing a second portion of the file.
-
14. A method as in claim 10 in which:
the first file portion contains a description of at least a portion of the second file portion.
-
15. A method as in claim 10 in which:
the transmitted information includes usage information relating to the number of times the file has been accessed or used.
-
16. A method as in claim 10 further including:
steganographically decoding the file to recover at least a portion of the steganographically-encoded information.
-
17. A method as in claim 10 in which:
the steganographically-encoded information includes information relating to the number of times the file may be accessed or used.
-
18. A method as in claim 10, further including:
transmitting at least a portion of the file to a second apparatus, the transmission being at least in part controlled by the control set.
-
19. A method as in claim 18, in which:
the transmitted file portion includes at least a portion of the steganographically-encoded information.
-
20. A method including:
-
at a first apparatus, receiving a first secure digital container including a file and information steganographically encoded into the file;
at the first apparatus, receiving a first control set made up of at least one control;
at the first apparatus, performing the following steps at least in part under the control of the first control set;
(a) locating at least a portion of the steganographically-encoded information;
(b) retrieving at least a portion of the steganographically-encoded information;
(c) evaluating at least a portion of the retrieved information;
(d) based at least in part on the evaluation, determining whether a user of the first apparatus may access or otherwise use at least a portion of the file; and
(e) based on the determination, authorizing or blocking use of the file. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
(f) if use of the file is authorized, transmitting at least a portion of the file to a second apparatus.
-
-
22. A method as in claim 20, further including:
(f) if use of the file is authorized, converting at least a portion of the file to a different format.
-
23. A method as in claim 20, further including:
(f) if use of the file is authorized, transmitting information relating to the use of the file to a remote location.
-
24. A method as in claim 23, in which:
the transmitted information includes usage information.
-
25. A method as in claim 23, in which:
the usage information includes information relating to relating to a user of the first apparatus.
-
26. A method as in claim 20 in which:
the usage information includes information relating to the date or time of the opening to the secure digital container.
-
27. A method as in claim 20 in which:
the steganographically-encoded information includes information relating to the number of times the file may be accessed or used.
-
28. A method as in claim 20 further including:
transmitting at least a portion of the file to a second apparatus, the transmission being at least in part controlled by the first control set.
-
29. A method as in claim 20 in which:
the steganographically-encoded information includes a second control set made up of at least one control.
-
30. A method including:
-
at a first apparatus, receiving a signal including governed information and a steganographically-encoded first rule;
at the first apparatus, steganographically decoding the signal to recover the first rule;
at the first apparatus, receiving a second rule in a communication with a second apparatus; and
using the first rule or the second rule to govern an aspect of access to or other use of at least a portion of the governed information. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39)
the first rule specifies a first payment amount, and the second rule specifies a second payment amount.
-
-
32. A method as in claim 30, in which:
-
the first rule includes a requirement related to a digital certificate, and the second rule relates to a payment method.
-
-
33. A method as in claim 32, in which:
the digital certificate includes information relating to the capabilities of a device.
-
34. A method as in claim 30, in which:
the first rule and the second rule each relate to the number of times at least a portion of the governed information may be used.
-
35. A method as in claim 30, in which:
-
the first rule relates to a payment; and
the second rule relates to permission for a user or class of users to use at least a portion of the governed information.
-
-
36. A method as in claim 30, in which:
-
the governed information includes a first portion and a second portion;
the first rule governs use of the first portion; and
the second rule governs use of the second portion.
-
-
37. A method as in claim 36, in which:
the first rule relates to the number of times the first portion may be used.
-
38. A method as in claim 36, in which:
the first rule relates to transmission of the first portion to a third apparatus.
-
39. A method as in claim 36, in which:
the first rule relates to conversion of the first portion from a first format to a second format.
-
40. A method including:
-
at a first apparatus, receiving a signal including governed information and a steganographically-encoded first rule, the first rule requiring payment to a remote site prior to an access to or other use of at least a portion of the governed information;
at the first apparatus, initiating an attempt to access at least a portion of the governed information; and
communicating payment information from the first apparatus to a remote second apparatus, the payment information relating to the access to the governed information portion. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49)
at the second apparatus, checking to determine that payment information has been received from the first apparatus; and
communicating authorization information from the second apparatus to the first apparatus, the authorization information allowing the access to proceed.
-
-
42. A method as in claim 40, further including:
-
making an analog copy of at least a portion of the governed information; and
steganographically incorporating a second rule into the analog copy, the second rule at least in part governing use of the analog copy.
-
-
43. A method as in claim 40, in which:
the signal also includes a steganographically-encoded watermark.
-
44. A method as in claim 43, in which:
the watermark includes information relating to the identity of a user of the governed information.
-
45. A method as in claim 40, in which:
the signal also includes a steganographically-encoded copy indicator.
-
46. A method as in claim 40, in which:
-
the governed information includes a first portion and a second portion;
the first rule governs use of the first portion but not the second portion; and
the attempt to access and the payment both relate to use of the first portion.
-
-
47. A method as in claim 40, further including:
-
communicating permission information from the second apparatus to the first apparatus, the permission information being communicated after receipt of the payment information, the permission information authorizing use of at least a portion of the governed information;
the first apparatus receiving the permission information; and
at the first apparatus, completing access to at least a portion of the governed information.
-
-
48. A method as in claim 40, further including:
-
communicating a second rule from the second apparatus to the first apparatus, the second rule being communicated after the second apparatus receives the payment information;
the first apparatus receiving the second rule; and
at the first apparatus, making use of at least a portion of the governed information, the use being governed at least in part by the second rule.
-
-
49. A method as in claim 48, in which:
the second rule specifies the number of times the governed information portion may be used.
Specification