Binding a digital license to a portable device or the like in a digital rights management (DRM) system and checking out/checking in the digital license to/from the portable device or the like
First Claim
1. A method for a user at a second computing device to render encrypted digital content on a first computing device distinct from the second device, the first device having a public key (PU1) and a corresponding private key (PR1), the second device having a public key (PU2) and a corresponding private key (PR2), the digital content being encrypted according to a content key (KD), the method comprising:
- the user at the second device obtaining from a licensor distinct from the second device a digital license corresponding to the content and the second device the digital license including the content key (KD) therein encrypted according to the public key (PU2) of the second device (PU2 (KD)), and also including rules for determining whether the license permits issuance of a sub-license from the second device to the first device;
the user at the second device determining that the rules of the license do in fact permit issuance of a sub-license from the second device to the first device;
the user at the second device decrypting (PU2 (KD)) from the digital license with the corresponding private key (PR2) to produce the content key (KD);
the user at the second device obtaining from the first device the public key thereof (PU1);
the user at the second device encrypting the content key (KD) according to the public key (PU1) of the first device (PU1 (KD)); and
the user at the second device composing the sub-license corresponding to and based on the obtained license for the first device, the sub-license including (PU1 (KD)), and transferring the composed sub-license to the first device, wherein the first device can decrypt (PU1 (KD)) with the private key thereof (PR1) to produce the content key (KD), and can render the encrypted content on the first device with the produced content key (KD).
2 Assignments
0 Petitions
Accused Products
Abstract
To render digital content encrypted according to a content key (KD) on a first device having a public key (PU1) and a corresponding private key (PR1), a digital license corresponding to the content is obtained, where the digital license includes the content key (KD) therein in an encrypted form. The encrypted content key (KD) from the digital license is decrypted to produce the content key (KD), and the public key (PU1) of the first device is obtained therefrom. The content key (KD) is then encrypted according to the public key (PU1) of the first device (PU1 (KD)), and a sub-license corresponding to and based on the obtained license is composed, where the sub-license includes (PU1 (KD)). The composed sub-license is then transferred to the first device.
295 Citations
22 Claims
-
1. A method for a user at a second computing device to render encrypted digital content on a first computing device distinct from the second device, the first device having a public key (PU1) and a corresponding private key (PR1), the second device having a public key (PU2) and a corresponding private key (PR2), the digital content being encrypted according to a content key (KD), the method comprising:
-
the user at the second device obtaining from a licensor distinct from the second device a digital license corresponding to the content and the second device the digital license including the content key (KD) therein encrypted according to the public key (PU2) of the second device (PU2 (KD)), and also including rules for determining whether the license permits issuance of a sub-license from the second device to the first device; the user at the second device determining that the rules of the license do in fact permit issuance of a sub-license from the second device to the first device; the user at the second device decrypting (PU2 (KD)) from the digital license with the corresponding private key (PR2) to produce the content key (KD); the user at the second device obtaining from the first device the public key thereof (PU1); the user at the second device encrypting the content key (KD) according to the public key (PU1) of the first device (PU1 (KD)); and the user at the second device composing the sub-license corresponding to and based on the obtained license for the first device, the sub-license including (PU1 (KD)), and transferring the composed sub-license to the first device, wherein the first device can decrypt (PU1 (KD)) with the private key thereof (PR1) to produce the content key (KD), and can render the encrypted content on the first device with the produced content key (KD). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for a user at first and second devices to render encrypted digital content on a first device computing having a public key (PU1) and a corresponding private key (PR1) by way of a second device distinct from the first device, the second device having a public key (PU1) and a corresponding private key (PR2), the digital content being encrypted according to a content key (KD), the method comprising:
-
the user at the second device obtaining from a licensor distinct from the second device a digital license corresponding to the content and the second device, the digital license including the content key (KD) therein encrypted according to the public key (PU2) of the second device (PU2 (KD)), and also including rules for determining whether the license permits issuance of a sub-license from the second device to the first device; the user at the second device determining that the rules of the license do in fact permit issuance of a sub-license from the second device to the first device; the user at the second device decrypting (PU2) (KD)) from the digital license with the corresponding private key (PR2) to produce the content key (KD); the user at the second device obtaining from the first device the public key thereof (PU1); the user at the second device encrypting the content key (KD) according to the public key (PU1) of the first device (PU1 (KD)); and the user at the second device composing the sub-license corresponding to and based on the obtained license for the first device, the sub-license including (PU1 (KD)), and transferring the composed sub-license to the first device; the user at the first device receiving the composed sub-license from the second device; the user at the first device obtaining (PU1 (KD)) from the received sub-license; the user at the first device applying (PR1) to (PU1 (KD)) to obtain the content key (KD); the user at the first device applying (KD) to decrypt the encrypted content; and the user at the first device rendering the decrypted content. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
Specification