Server for an electronic distribution system and method of operating same
First Claim
1. A method of using a first computing device to provide a content item to a second computing device:
- receiving, at said first computing device from said second computing device via a network, a communication, said communication comprising encrypted information, said communication being initiated at said second computing device based on a universal record locator, said universal record locator comprising an address of said first computing device and said encrypted information;
using a secret to decrypt at least some of said encrypted information, said secret being shared between said first computing device and a third computing device; and
providing said electronic content item to said second computing devices.
3 Assignments
0 Petitions
Accused Products
Abstract
A server architecture for a digital rights management system that distributes and protects rights in content. The server architecture includes a retail site which sells content items to consumers, a fulfillment site which provides to consumers the content items sold by the retail site, and an activation site which enables consumer reading devices to use content items having an enhanced level of copy protection. Each retail site is equipped with a URL encryption object, which encrypts, according to a secret symmetric key shared between the retail site and the fulfillment site, information that is needed by the fulfillment site to process an order for content sold by the retail site. Upon selling a content items, the retail site transmits to the purchase a web page having a link to a URL comprising the address of the fulfillment site and a parameter having the encrypted information. Upon the following the link, the fulfillment site downloads the ordered content to the consumer preparing the content if necessary in accordance with the type of security to be carried with the content. The fulfillment site includes an asynchronous fulfillment pipeline which logs information about processed transactions using a store-and-forward messaging service. The fulfillment site may be implemented as several server devices, each having a cache which stores frequently downloaded content items, in which case the asynchronous fulfillment pipeline may also be used to invalidate the cache if a change is made at one server that affects the cached content items. An activation site provides an activation certificate and a secure repository executable to consumer content-rendering devices which enable those content rendering devices to render content having an enhanced level of copy-resistance. The activation site “activates” client-reading devices in a way that binds them to a persona, and limits the number of devices that may be activated for a particular persona, or the rate at which such devices may be activated for a particular persona.
368 Citations
63 Claims
-
1. A method of using a first computing device to provide a content item to a second computing device:
-
receiving, at said first computing device from said second computing device via a network, a communication, said communication comprising encrypted information, said communication being initiated at said second computing device based on a universal record locator, said universal record locator comprising an address of said first computing device and said encrypted information;
using a secret to decrypt at least some of said encrypted information, said secret being shared between said first computing device and a third computing device; and
providing said electronic content item to said second computing devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of providing electronic content, said method comprising the acts of:
-
receiving, via a network, a communication, said communication comprising a universal record locator and originating at a first computing device, said universal record locator having information relating to an electronic content item, said information being included in said universal record locator in an encrypted form;
decrypting said encrypted information; and
providing said electronic content item to said first computing device based at least in part on at least some of said information. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A method of providing an electronic content item, said method comprising the acts of:
-
receiving, from a first computing device, a first cryptographic key;
retrieving said electronic content item from storage, said electronic content item comprising encrypted content decryptable with said second cryptographic key;
encrypting said second cryptographic key with said first cryptographic key to produce an encrypted cryptographic key;
including said encrypted cryptographic key in the retrieved electronic content item; and
transmitting, to said first computing device, the retrieved electronic content item including said encrypted cryptographic key. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
-
38. A method of preventing unauthorized distribution of content, said method comprising the acts of:
-
receiving a first communication from a first computing device, said first communication comprising first encrypted information, said first communication being initiated at said first computing device based on a first universal record locator, said first universal record locator comprising an address of said first computing device and said first encrypted information, said first encrypted information comprising first time information;
decrypting said first encrypted information to retrieve said first time information;
determining, based on said first time information, that a time limit has not expired; and
providing a first electronic content item to said first computing device. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45)
-
-
46. A method of electronic distribution, said method comprising the acts of:
-
a first party receiving an order for an item from a third party;
said first party creating information relating to said item;
said first party encrypting said information with a secret to produce encrypted information, said secret being shared between said first party and a second party;
.said first party transmitting to said third party a universal record locator, said universal record locator comprising said encrypted information and a network address of a server associated with said second party;
said second party receiving a transmission comprising said encrypted information, said transmission being actuated by said third party based on said universal record locator;
said second party using said secret to decrypt said encrypted information; and
said second party performing at least one action in furtherance of fulfilling said order based on said decrypted information. - View Dependent Claims (47, 48, 49)
-
-
50. A method of providing content item individualized for a user, said method comprising the acts of:
-
retrieving, from a storage device, a content item, said content item comprising;
meta-data, a decryption key sealed with said meta-data, and encrypted content decryptable with said decryption key;
unsealing said decryption key;
adding at least some personal information pertaining said user to said meta-data to produce new meta-data; and
resealing said decryption key with said new meta-data. - View Dependent Claims (51, 52, 53, 54)
-
-
55. A download server adapted to deliver electronic content to client devices, comprising:
-
a validation module that validates incoming requests for the electronic content;
a content store module that determines a location on the download server of the requested electronic content;
a security level determination module that determines the level of protection the electronic content is to receive; and
a sealing module that seals the electronic content in accordance with a determined level of security for downloading to the client devices. - View Dependent Claims (56, 57, 58, 59)
-
-
60. A method of preventing unauthorized distribution of content, said method comprising the acts of:
-
receiving a first communication from a first computing device, said first communication comprising first encrypted information, said first communication being initiated at said first computing device based on a first HTTP request, said first HTTP request comprising an address of said first computing device and said first encrypted information, said HTTP request further comprising a hash of said first encrypted information computed prior to the encryption of said encrypted information;
decrypting said first encrypted information;
determining, based on a comparision of the computed hash with the decrypted information that said encrypted information has not been tampered with; and
providing a first electronic content item to said first computing device. - View Dependent Claims (61, 62, 63)
-
Specification