Digital content distribution, transmission and protection system and method, and portable device for use therewith

US 6,697,944 B1
Filed: 10/01/1999
Issued: 02/24/2004
Est. Priority Date: 10/01/1999
Status: Expired due to Term

First Claim

Patent Images

1. A computer readable medium having computer-executable components, comprising:

a storage component for storing a digital content file;

a file system component for storing and retrieving the digital content file;

a communication component for communicating via a USB port;

a first authentication interface component for establishing a trusted relationship with a device through communications via the USB port, the trusted relationship being established at one of at least three levels of trust; and

a digital rights management component for ensuring management of digital rights for digital content files based on an inverse relationship to the level of the trusted relationship.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A digital content file distribution, transmission, and protection system comprises a digital content provider having stored therein a digital content file such as an audio file, video file, literature, program file, etc. The digital content provider includes an authentication interface and a USB port from which the digital content file may be downloaded. The system also contemplates a portable device to which the digital content file will be transferred. This portable device includes an authentication interface and a USB port, and conforms to the USB storage device class. The portable device communicates with the digital content provider via the USB interface and, pending the establishment of a trusted relationship, downloads the digital content file therefrom. The establishment of the trusted relationship with the portable device is accomplished through communications between the authentication interfaces over the USB. If the level of the trusted relationship is high, the digital content provider may transmit unencrypted digital content to the portable device without fear of violation of the DRM associated with this content. A medium level requires some form of encryption, and a low level only allows downloading of digital content with a low level requirement for DRM. The digital content provider may be a PC, a kiosk, a server, etc.

1037 Citations

58 Claims

1. A computer readable medium having computer-executable components, comprising:
- a storage component for storing a digital content file;
  
  a file system component for storing and retrieving the digital content file;
  
  a communication component for communicating via a USB port;
  
  a first authentication interface component for establishing a trusted relationship with a device through communications via the USB port, the trusted relationship being established at one of at least three levels of trust; and
  
  a digital rights management component for ensuring management of digital rights for digital content files based on an inverse relationship to the level of the trusted relationship.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer readable medium of claim 1, wherein if a level of the trusted relationship is established as high, transmitting the digital content file to the device without encryption thereof via the USB port.
  - 3. The computer readable medium of claim 1, further comprising:
4. The computer readable medium of claim 1, wherein if the level of the trusted relationship is established as medium, transmitting a decryption key and the digital content file via the USB port.
5. The computer readable medium of claim 1, further comprising:
- an encryption component for encrypting digital content of the digital content file; and
  
  wherein if the level of the trusted relationship is established as medium, encrypting at least a portion of the digital content file, and transmitting a decryption key and at least the portion via the USB port.
6. The computer readable medium of claim 1, wherein if the level of the trusted relationship is established as low, refusing to transmit the digital content file.
7. The computer readable medium of claim 1, wherein if the digital content file does not require DRM, transmitting the digital content file to via the USB port.
8. The computer readable medium of claim 1, wherein if a request for authentication is received via the USB port, transmitting identification information and an authentication flag via the USB port.
9. The computer readable medium of claim 1, further comprising:
- a decryption component for decrypting at least a portion of the digital content file to allow proper outputting thereof.
10. The computer readable medium of claim 1, wherein said file system component designates at least a portion of said storage component as protected space for storage of digital content files, said file system component further prohibiting access to the protected space.

11. A digital content distribution, transmission, and protection system, comprising:
- a digital content provider having stored therein a digital content file, said digital content provider including a first authentication interface, said digital content provider further including a first USB port;
  
  a portable device conforming to a USB storage device class and including a second authentication interface and a second USB port, said portable device in communication with said digital content provider via said second USB port to receive at least the digital content file therefrom; and
  
  wherein said digital content provider establishes a trusted relationship at one of at least three levels of trust with said portable device through communications between said first and said second authentication interfaces via said first and said second USB ports; and
  
  wherein said digital content provider ensures management of digital rights for the digital content file based on an inverse relationship to said level of said trusted relationship.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 12. The system of claim 11, wherein said digital content provider is a personal computer.
  - 13. The system of claim 11, wherein said digital content provider is a kiosk.
  - 14. The system of claim 11, wherein said digital content provider generates a request for portable device identification information and transmits said request via said first USB port, and wherein said portable device responds to said request by transmitting identification information and an authentication flag to said digital content provider via said second USB port.
  - 15. The system of claim 14, wherein said identification information includes a digital certificate provided by a trusted third party.
  - 16. The system of claim 14, wherein said digital content provider generates a challenge and transmits said challenge to said portable device via said first USB port, and wherein said portable device generates a response to said challenge and transmits said response to said digital content provider via said second USB port, said digital content provider thereafter analyzing said response to establish a level at which said portable device shall be trusted.
  - 17. The system of claim 16, wherein said level is established as high, said digital content provider thereafter transmitting said digital content file to said portable device without encryption thereof via said first USB port.
  - 18. The system of claim 16, wherein said digital content file contains encrypted content, wherein said digital content provider further comprises decryption circuitry, wherein said level is established as high, and wherein said digital content provider decrypts at least a portion of said encrypted content and transmits at least said portion to said portable device via said first USB port.
  - 19. The system of claim 16, wherein said digital content file contains encrypted content, wherein said portable device includes decryption circuitry, wherein said level is established as medium, and wherein said digital content provider transmits a decryption key and at least said encrypted content to said portable device via first said USB port.
  - 20. The system of claim 16, wherein said portable device includes decryption circuitry, wherein said level is established as medium, wherein said digital content provider further comprises encryption circuitry, wherein said digital content provider encrypts at least a portion of said digital content file, and further wherein said digital content provider transmits a decryption key and at least said portion to said portable device via first said USB port.
  - 21. The system of claim 16, wherein said portable device includes decryption circuitry utilizing a public/private key pair, said public key being transmitted to said digital content provider via said second USB port, wherein said level is established as medium, wherein said digital content provider further comprises encryption circuitry, wherein said digital content provider encrypts at least a portion of said digital content file with said public key, and further wherein said digital content provider transmits at least said portion to said portable device via said first USB port.
  - 22. The system of claim 16, wherein said level is established as low, and wherein said digital content provider refuses to transmit said digital content file to said portable device.
  - 23. The system of claim 16, wherein said level is established as low, wherein the digital content file does not require DRM, and wherein said digital content provider transmits the digital content file to said portable device via said first USB port.
  - 24. The system of claim 16, wherein said level is established as low, wherein said digital content provider contains a second digital content file which does not require DRM, and wherein said digital content provider refuses to transmit the digital content file, said digital content provider further transmitting the second digital content file to said portable device via said first USB port.
  - 25. The system of claim 11, wherein said portable device further comprises a file system stack and storage media accessible by said file system stack, said file system stack designating at least a portion of said storage media as protected space for storage of digital content files, said file system stack further prohibiting access to said protected space.
  - 26. The system of claim 11, wherein said portable device further comprises a file system trap, a file system stack, and storage media accessible by said file system stack, said file system trap monitoring access to said storage media.
  - 27. The system of claim 26, wherein said file system trap prohibits at least COPY and DELETE access to said storage media.
  - 28. The system of claim 11, wherein said authentication interface includes at least one of the following commands:
    - PROTECT_FILE <
      
      filename>
      
      ;
      
      UNPROTECT_FILE <
      
      filename>
      
      ;
      
      LIST_PROTECTED_FILES;
      
      ZERO_PROTECTED_FILE <
      
      filename>
      
      ; and
      
      DECRYPT_PROTECTED_FILE <
      
      filename>
      
      , <
      
      key>
      
      .
  - 29. The system of claim 11, further comprising a digital content originator maintaining a website on an Internet, said website providing access to digital content files, and wherein said digital content provider includes an Internet connection, and further wherein said digital content provider obtained the digital content file stored therein from said website via the Internet.

30. A computerized digital content provider, comprising:
- storage media;
  
  a file system controlling the storage and retrieval of at least one digital content file to and from said storage media;
  
  a USB interface;
  
  an authentication system enabling said file system to transfer digital content files to said USB interface in accordance with a USB storage device class, said authentication system defining an authentication interface for said USB interface wherein management of digital rights for each digital content file is based on an inverse relationship to a level of trust established by said authentication system with an external device to which the digital content file is to be provided.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
- - 31. The computerized digital content provider of claim 30, further comprising decryption circuitry operable to decrypt a digital content file during transfer thereof to said USB interface.
  - 32. The computerized digital content provider of claim 30, further comprising encryption circuitry operable to encrypt a digital content file during transfer thereof to said USB interface.
  - 33. The computerized digital content provider of claim 32, wherein said encryption circuitry utilizes a secret key to encrypt a digital content file, said secret key being provided by said authentication system to said USB interface.
  - 34. The computerized digital content provider of claim 32, wherein said encryption circuitry utilizes a public key to encrypt a digital content file, said public key being provided by said authentication system from said USB interface.
  - 35. The computerized digital content provider of claim 30, wherein said authentication interface is defined by at least one of the following commands:
36. The computerized digital content provider of claim 30, wherein said authentication system establishes a trusted relationship at one of at least three levels of trust with an external device in response to connection of the external device to said USB interface.
37. The computerized digital content provider of claim 36, wherein said authentication system transmits a request for identification information to the external device over said USB interface.
38. The computerized digital content provider of claim 37, wherein said authentication system transmits a challenge over said USB interface in response to receipt of an “
- I can authenticate”
  
  flag from the external device over said USB interface.
39. The computerized digital content provider of claim 38, wherein said authentication system analyzes a digital certificate received from the external device via said USB interface to establish said level at which to trust the external device with a digital content file.
40. The computerized digital content provider of claim 39, wherein said level is high, and wherein said authentication system enables said file system to transmit a digital content file to said USB interface without encryption thereof.
41. The computerized digital content provider of claim 39, further comprising encryption circuitry operable to encrypt a digital content file during transfer thereof to said USB interface, wherein said level is medium, and wherein said authentication system enables said file system to transmit a digital content file to said USB interface with encryption thereof.
42. The computerized digital content provider of claim 39, wherein said level is low, and wherein said authentication system prohibits said file system from transmitting a digital content file to said USB interface.
43. The computerized digital content provider of claim 39, wherein said level is low, and wherein said authentication system enables said file system to transmit only digital content files which do not require DRM to said USB interface.

44. A computerized portable device, comprising:
- storage media;
  
  a file system controlling the storage and retrieval of digital content files to and from said storage media;
  
  a USB interface;
  
  an authentication system regulating access to said storage media provided by said file system for transferring digital content files to and from said USB interface in accordance with a USB storage device class, said authentication system defining an authentication interface for said USB interface.
- View Dependent Claims (45, 46, 47, 48, 49, 50, 51)
- - 45. The computerized portable device of claim 44, wherein said authentication system includes a file system trap, said file system trap preventing at least COPY access to digital content stored on said storage media.
  - 46. The computerized portable device of claim 44, wherein said authentication interface is defined by at least one of the following commands:
47. The computerized portable device of claim 44, wherein said authentication system includes a digital certificate issued by a trusted authority.
48. The computerized portable device of claim 44, further including decryption circuitry capable of decrypting encrypted digital content files in accordance with a secret key received by said authentication system via said USB interface.
49. The computerized portable device of claim 44, further including decryption circuitry capable of decrypting encrypted digital content files in accordance with a private key.
50. The computerized portable device of claim 44, wherein said authentication system transmits device identification information and an “
- I can authenticate”
  
  flag over said USB interface in response to a request for device identification information received on said USB interface.
51. The computerized portable device of claim 45, wherein said authentication system generates and digitally signs a unique response in response to a challenge received on said USB interface, said authentication system further transmitting said response over said USB interface.

52. A method of communication between a computer and a portable device, the computer having a digital content file stored therein, a first authentication interface, and a first USB port, the portable device conforming to a USB storage device class, having a second authentication interface and a second USB port, the method comprising:
- coupling the first USB port to the second USB port forming a USB interface;
  
  transmitting a request for device identification information from the first authentication interface over the USB interface to the portable device;
  
  setting an “
  
  I can authenticate”
  
  flag in the second authentication interface in response to receipt of the request for device identification information;
  
  transmitting device identification information and the “
  
  I can authenticate”
  
  flag from the second authentication interface over the USB interface to the computer;
  
  generating a challenge in the first authentication interface;
  
  transmitting the challenge over the USB interface to the portable device;
  
  generating a unique response to the challenge in the second authentication interface;
  
  transmitting the unique response over the USB interface to the computer;
  
  analyzing the unique response in the first authentication interface to determine a level at which to trust the portable device.
- View Dependent Claims (53, 54, 55, 56, 57, 58)
- - 53. The method of claim 52, wherein the level is determined to be high, further comprising the step of transmitting the digital content file in an unencrypted form over the USB interface to the portable device.
  - 54. The method of claim 53, wherein the digital content file is stored in the computer in an encrypted state, further comprising the step of decrypting the digital content file prior to the step of transmitting the digital content file over the USB interface.
  - 55. The method of claim 52, wherein the level is determined to be medium, further comprising the steps of:
56. The method of claim 52, wherein the level is determined to be medium, further comprising the steps of:
- extracting a public key from the unique response;
  
  encrypting the digital content file with the public key; and
  
  transmitting the encrypted digital content file over the USB interface to the portable device.
57. The method of claim 52, wherein the level is determined to be low, further comprising the step of refusing to transmit the digital content file over the USB interface to the portable device.
58. The method of claim 52, wherein the level is determined to be low, further comprising the steps of:
- examining the digital content file to determine its requirement for DRM; and
  
  transmitting the digital content file over the USB interface to the portable device only if the requirement for DRM is low.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Jones, Thomas C., Brackenridge, Billy
Primary Examiner(s)
Trammell, James P.
Assistant Examiner(s)
Greene, Daniel L

Application Number

US09/411,166
Time in Patent Office

1,607 Days
Field of Search

705/1, 705/50, 705/56, 705/57, 713/2, 713/168
US Class Current

713/168
CPC Class Codes

G06F 21/10 Protecting distributed prog...

G06F 21/445 by mutual authentication, e...

Digital content distribution, transmission and protection system and method, and portable device for use therewith

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

1037 Citations

58 Claims

Specification

Solutions

Use Cases

Quick Links

Digital content distribution, transmission and protection system and method, and portable device for use therewith

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

1037 Citations

58 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links