Publishing content in connection with digital rights management (DRM) architecture
First Claim
1. A method in combination with a digital rights management architecture wherein a packager packages digital content for a user and a licensor issues a digital license to the user for the content, the user rendering the content only in accordance with the license, the method for the licensor to provision the packager to package the content for the user such that the licensor can issue the license to the user and comprising:
- receiving a provisioning request from the packager;
generating a Secret to be shared with the packager, the shared Secret allowing each to calculate a content key (KD) for the content;
generating a random content key (KD-PROV);
encrypting the Secret according to (KD-PROV) to form (KD-PROV(Secret));
signing a public key of the packager (PU-PA1) with a private key of the licensor (PR-LI) to certify same ((PU-PA1) S (PR-LI)), the packager having a corresponding private key (PR-PA1) and the licensor having a corresponding public key (PU-LI); and
sending (KD-PROV(Secret)), (PU-PA1) S (PR-LI), and any associated certificate chain to the packager.
2 Assignments
0 Petitions
Accused Products
Abstract
A packager packages digital content for a user and a licensor issues a digital license to the user for the content such that the user renders the content only in accordance with the license. The licensor and packager share a Secret to allow the packager and the licensor to calculate a content key (KD) for the content. To package the content for the user, the packager calculates a content key (KD) based on the shared Secret and a content ID and encrypts the content according to (KD). To issue a license to the user for the content, the licensor also calculates (KD) based on the shared Secret and the content ID, encrypts (KD) according to a public key of the user to form the license, and sends the license to the user.
43 Citations
30 Claims
-
1. A method in combination with a digital rights management architecture wherein a packager packages digital content for a user and a licensor issues a digital license to the user for the content, the user rendering the content only in accordance with the license, the method for the licensor to provision the packager to package the content for the user such that the licensor can issue the license to the user and comprising:
-
receiving a provisioning request from the packager; generating a Secret to be shared with the packager, the shared Secret allowing each to calculate a content key (KD) for the content; generating a random content key (KD-PROV); encrypting the Secret according to (KD-PROV) to form (KD-PROV(Secret)); signing a public key of the packager (PU-PA1) with a private key of the licensor (PR-LI) to certify same ((PU-PA1) S (PR-LI)), the packager having a corresponding private key (PR-PA1) and the licensor having a corresponding public key (PU-LI); and sending (KD-PROV(Secret)), (PU-PA1) S (PR-LI), and any associated certificate chain to the packager. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method in combination with a digital rights management architecture wherein a packager packages digital content for a user and a licensor issues a digital license to the user for the content, the user rendering the content only in accordance with the license, the packager having provisioning content from the licensor including a shared Secret encrypted according to a random content key (KD-PROV) ((KD-PROV(Secret)));
- and a provisioning license from the licensor including (KD-PROV) encrypted according to a public key of the packager (PU-PA2) ((PU-PA2(KD-PROV))), the method for the packager to package the content for the user such that the licensor can issue the license to the user and comprising;
selecting the provisioning license and provisioning content from the licensor; obtaining (PU-PA2(KD-PROV)) from the provisioning license; applying a corresponding private key of the packager (PR-PA2) to (PU-PA2(KD-PROV)) to result in (KD-PROV); obtaining (KD-PROV(Secret)) from the provisioning content; applying (KD-PROV) to (KD-PROV(Secret)) to result in the shared Secret; generating a random content ID for the content; calculating a content key (KD) based on the random content ID and the Secret; encrypting the content according to, (KD) ((KD(Content))); obtaining from one of the provisioning license and the provisioning content a provisioning content ID having an identifier of the licensor; appending to (KD(Content)) the random content ID, a public key of the packager (PU-PA1), and the identifier of the licensor to form the packaged content; and distributing the packaged content to the user. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- and a provisioning license from the licensor including (KD-PROV) encrypted according to a public key of the packager (PU-PA2) ((PU-PA2(KD-PROV))), the method for the packager to package the content for the user such that the licensor can issue the license to the user and comprising;
-
23. A method in combination with a digital rights management architecture wherein a packager packages digital content for a user and a licensor issues a digital license to the user for the content, the user rendering the content only in accordance with the license, the packaged content including the content encrypted according to a content key (KD) ((KD(Content))), a content ID, and a public key of the packager (PU-PA1), the method for the licensor to issue the license to the user and comprising:
-
receiving a request for a license from the user, the request including the content ID, (PU-PA1), and a public key associated with the user (PU-US) that is to be employed to bind the license to the user, the user having a corresponding private key (PR-US); obtaining based on (PU-PA1) stored provisioning information regarding the packager including a Secret shared therewith; calculating (KD) based on the content ID received with the request and the obtained Secret; encrypting (KD) according to (PU-US) as received with the request ((PU-US(KD))); appending to (PU-US(KD)) the content ID to form the license; and sending the license to the user. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
-
Specification