System for secure decryption of streaming media using selective decryption of header information and decryption of reassembled content

US 7,251,328 B2
Filed: 01/14/2003
Issued: 07/31/2007
Est. Priority Date: 01/14/2003
Status: Active Grant

First Claim

Patent Images

1. An apparatus for decrypting encrypted, encoded digital media information for presentation, the apparatus comprising;

a reassembler for receiving encrypted packets from a packet source, wherein a plurality of the packets include encoded digital media information and a first packet of the plurality of packets includes first information describing a size of a rendering window for playing-back the encoded digital media information wherein the reassembler generates access units from the encoded digital media information;

a decoder coupled to the reassembler for decoding the encoded digital media information wherein the decoder receives decrypted first information from the reassembler and the access units from the reassembler; and

a decryption resource coupled to the reassembler and to the decoder for decrypting the first information for the reassembler and for decrypting second information for the decoder.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system provides improved security in a streaming media decoder includes decryption of encoded media information at the media layer, within a decoder component of a playback device. A content source, such as an MPEG-4 media stream from a network, or a file on a local storage device, etc. that contain packetized content, and supplies encrypted and encoded media information. For example, digital sound and image information can be conveyed for presentation. A reassembler component is used to initiate decryption of a nominal amount of information needed to perform further processing at the QuickTime player. Encrypted access units are sent from the reassembler to the decoder, where the decoder causes decryption of the access unit information. This approach prevents decrypted, encoded information from being transferred from the reassembler to the decoder. Such decrypted and encoded information is especially susceptible to copying. Instead, the information transferred from the reassembler to the decoder is largely still encrypted. In a preferred embodiment, an Internet Protocol rights management system (IPRM) is used to perform the decryption processing. The reassembler makes requests of the IPRM process to open a decryption session and decrypt selected packets to identify the window rendering size. The decoder makes requests of the IPRM process to decrypt access units within the same decryption session and to close the decryption session. Because content is encrypted on packet boundaries, and when called upon by the decoder, the IPRM component must recreate the packet boundaries from the access unit before decryption is possible. The IPRM system component is able to do so because the encrypted packets contain an IPRM header that is used by the IPRM system to calculate the packet length. After decrypting all the packets, the IPRM system component reconstructs the decrypted access unit and returns decrypted content to the decoder.

14 Citations

View as Search Results

23 Claims

1. An apparatus for decrypting encrypted, encoded digital media information for presentation, the apparatus comprising;
- a reassembler for receiving encrypted packets from a packet source, wherein a plurality of the packets include encoded digital media information and a first packet of the plurality of packets includes first information describing a size of a rendering window for playing-back the encoded digital media information wherein the reassembler generates access units from the encoded digital media information;
  
  a decoder coupled to the reassembler for decoding the encoded digital media information wherein the decoder receives decrypted first information from the reassembler and the access units from the reassembler; and
  
  a decryption resource coupled to the reassembler and to the decoder for decrypting the first information for the reassembler and for decrypting second information for the decoder.
- View Dependent Claims (2, 3, 4)
- - 2. The apparatus of claim 1, wherein MPLG-4 format is used to encode the digital media information.
  - 3. The apparatus of claim 2, wherein the size of the rendering window is included in a VOL header of the MPLG-4 format.
  - 4. The apparatus of claim 1, wherein the digital media information includes streaming media.

5. A method for decrypting media information in a presentation device, wherein the presentation device includes a reassembler coupled to a decoder, the method comprising:
- decrypting a first portion of the media information at the reassembler;
  
  decrypting a second portion of the media information at the decoder which includes re-decrypting content that was already decrypted by the reassembler and forwarded in an original encrypted state to the decoder;
  
  passing an encrypted access unit from the reassembler to the decoder;
  
  decrypting the encrypted access unit at the decoder; and
  
  wherein at least a portion of the media information is in MPLG-4 video access units format.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 6. The method of claim 5, further comprising:
    - decrypting a first portion of the media information in the reassembler to obtain a size of a rendering window to be used for playback of the media information.
  - 7. The method of claim 6, wherein the first portion of the media information is included in an MPLG-4 VOL header.
  - 8. The method of claim 7, wherein the media information is delivered as video-on-demand content, the method further comprising obtaining the VOL header from a first packet.
  - 9. The method of claim 7, wherein the media information is obtained as a live broadcast, the method further comprising decrypting packets in the reassembler until an I-frame containing the VOL header is obtained.
  - 10. The method of claim 5, wherein information is decrypted at the reassembler until initial header information is obtained.
  - 11. The method of claim 5, further comprising using an Internet Protocol Rights Management, IPRM, process to perform decryption, wherein the IPRM process is in communication with the reassembler and the decoder.
  - 12. The method of claim 5, further comprising using the reassembler to initiate a decryption session with an Internet Protocol Rights Management, IPRM, process.
  - 13. The method of claim 12, further comprising using the decoder to close the decryption session with the IPRM process.
  - 14. The method of claim 13, further comprising using the reassembler to request decryption of a packet containing volume header information from the IPRM process.
  - 15. The method of claim 14, further comprising using the decoder to request decryption of access unit information.
  - 16. The method of claim 15, wherein the access unit information is included into a plurality of packets.
  - 17. The method of claim 15, wherein access unit information sent to the IPRM process does not include packet header information that delineates packet boundaries.
  - 18. The method of claim 15, further comprising decomposing an access unit sent to the IPRM process into packet payload boundaries used during encryption;
    - and decrypting the packets resulting from the step of decomposing.
  - 19. The method of claim 18, further comprising passing the length of an access unit to the IPRM process.
  - 20. The method of claim 18, further comprising using the IPRM system to extract IPRM header information from the access unit to identify the length of a packet.
  - 21. The method of claim 20, further comprising using the identified length of a packet to determine the starting point of a next packet payload boundary.
  - 22. The method of claim 15, wherein the IPRM process is used to decrypt packets and reassemble the decrypted packets into an access unit.
  - 23. The method of claim 15, wherein the IPRM process is used to return a decrypted access unit to the decoder.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
General Instrument Corporation (CommScope Holding Company, Inc.)
Inventors
Peterka, Petr, Diamand, Joseph
Primary Examiner(s)
Barrón, Jr.; Gilberto
Assistant Examiner(s)
Perungavoor; Venkat

Application Number

US10/342,539
Publication Number

US 20040139335A1
Time in Patent Office

1,659 Days
Field of Search

380/205, 380/239, 380/240
US Class Current

380/205
CPC Class Codes

H04N 2005/91364   the video signal being scra...

H04N 21/4334   Recording operations record...

H04N 21/44055   by partially decrypting, e....

H04N 21/6125   involving transmission via ...

H04N 5/913   for scrambling ; for copy p...

H04N 7/162   Authorising the user termin...

H04N 9/8042   involving data reduction

System for secure decryption of streaming media using selective decryption of header information and decryption of reassembled content

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

System for secure decryption of streaming media using selective decryption of header information and decryption of reassembled content

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links