Method and system for enabling content security in a distributed system
First Claim
Patent Images
1. A system for securing content over a network, comprising:
- a data store that is configured to store content;
an update manager that is coupled to the data store and configured to change content in the data store at a pre-set rate, and to tag a portion of the content as exclusively memory resident at a client; and
a content manager coupled to the update manager and the data store that is configured to perform actions, including;
receiving a request for content from the client that includes an authenticator that is associated to the client through a concatenation of the client'"'"'s remote Internet Protocol (IP) address and the client'"'"'s local IP address, the concatenation being hashed to generate a digest and the digest being subsequently combined with a timestamp; and
determining if the client is authentic, and if the client is authentic, providing content from the data store to the client at a predetermined rate, wherein the tagged portion of the content remains absent from a client'"'"'s permanent data store thereby reducing theft of the content.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system are directed towards enabling content security in a distributed environment. The system includes a data store for content associated with an application that may be tagged as exclusively memory resident at a client. The content may also be encrypted and digitally signed. When an authenticated client requests the content, it is provided at a constrained rate that enables a portion of the content to start execution on the client before the application associated with the content is completely downloaded. Additional portions of the content are provided to the client when the additional portions are required for execution by the application.
-
Citations
25 Claims
-
1. A system for securing content over a network, comprising:
-
a data store that is configured to store content; an update manager that is coupled to the data store and configured to change content in the data store at a pre-set rate, and to tag a portion of the content as exclusively memory resident at a client; and a content manager coupled to the update manager and the data store that is configured to perform actions, including; receiving a request for content from the client that includes an authenticator that is associated to the client through a concatenation of the client'"'"'s remote Internet Protocol (IP) address and the client'"'"'s local IP address, the concatenation being hashed to generate a digest and the digest being subsequently combined with a timestamp; and determining if the client is authentic, and if the client is authentic, providing content from the data store to the client at a predetermined rate, wherein the tagged portion of the content remains absent from a client'"'"'s permanent data store thereby reducing theft of the content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of securing content over a network, comprising:
-
(a) receiving a request from a client for content associated with an application; (b) tagging a portion of the content as exclusively memory resident on the client; (c) determining if the client is authentic, by; determining a remote address and a local address associated with the client; concatenating the determine remote address and local address; hashing the results of the concatenation to generate a digest; receiving an authenticator from the client; combining the authenticator with the digest to generate a timestamp; and determining, in part, whether the client is authentic based on whether a value of the timestamp is within a window; and
if the client is authentic,(i) providing the requested content to the client at a predetermined rate, wherein the provided content enables an application to start execution on the client before the content associated with the application is completely provided; and (ii)enabling the tagged portion of the content to execute on the client, wherein the tagged portion of the content remains absent from a client'"'"'s permanent data store thereby reducing theft of the content. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An apparatus for securing content over a network, comprising:
-
(a) an interface configured to send the content and to receive a request for content associated with an application; and (b) coupled to the interface, a server configured to perform acts, comprising; receiving the request from a client for content associated with the application, wherein the request includes an authenticator that is associated to the client through a concatenation of the client'"'"'s remote Internet Protocol (IP) address and the client'"'"'s local IP address, the concatenation being hashed to generate a digest and the digest being subsequently combined with a timestamp; tagging a portion of the content as exclusively memory resident on the client; and determining if the client is authentic, and if the client is authentic, (1) providing the requested content to the client at a predetermined rate, wherein the provided content enables an application to start execution on the client before the content associated with the application is completely provided; and (2) enabling the tagged portion of the content to execute on the client, wherein the tagged portion of the content remains absent from a client'"'"'s permanent data store thereby reducing theft of the content. - View Dependent Claims (21, 22, 23, 24)
-
-
25. An apparatus securing content over a network, comprising:
-
(a) a means for receiving a request from a client for content associated with an application, wherein the request includes an authenticator that is associated to the client though a concatenation of the client'"'"'s remote Internet Protocol (IP) address and the client'"'"'s local IP address, the concatenation being hashed to generate a digest and the digest being subsequently combined with a timestamp; (b) a means for determining if the client is authentic, and if the client is authentic, (i) a means for tagging a portion of the content as exclusively memory resident on the client; (ii) a means for providing the requested content to the client at a predetermined rate, wherein the provided content enables an application to start execution on the client before the content associated with the application is completely provided; (iii) a means for enabling the portion of the content to execute on the client, wherein the tagged portion of the content remains absent from a client'"'"'s permanent data store thereby reducing theft of the content; and (iv) a means for ensuring that the client stores only a portion of content that is associated with the application.
-
Specification