System for secure decryption of streaming media using selective decryption of header information and decryption of reassembled content
First Claim
1. An apparatus for decrypting encrypted, encoded digital media information for presentation, the apparatus comprising;
- a reassembler for receiving encrypted packets from a packet source, wherein a plurality of the packets include encoded digital media information and a first packet of the plurality of packets includes first information describing a size of a rendering window for playing-back the encoded digital media information wherein the reassembler generates access units from the encoded digital media information;
a decoder coupled to the reassembler for decoding the encoded digital media information wherein the decoder receives decrypted first information from the reassembler and the access units from the reassembler; and
a decryption resource coupled to the reassembler and to the decoder for decrypting the first information for the reassembler and for decrypting second information for the decoder.
4 Assignments
0 Petitions
Accused Products
Abstract
A system provides improved security in a streaming media decoder includes decryption of encoded media information at the media layer, within a decoder component of a playback device. A content source, such as an MPEG-4 media stream from a network, or a file on a local storage device, etc. that contain packetized content, and supplies encrypted and encoded media information. For example, digital sound and image information can be conveyed for presentation. A reassembler component is used to initiate decryption of a nominal amount of information needed to perform further processing at the QuickTime player. Encrypted access units are sent from the reassembler to the decoder, where the decoder causes decryption of the access unit information. This approach prevents decrypted, encoded information from being transferred from the reassembler to the decoder. Such decrypted and encoded information is especially susceptible to copying. Instead, the information transferred from the reassembler to the decoder is largely still encrypted. In a preferred embodiment, an Internet Protocol rights management system (IPRM) is used to perform the decryption processing. The reassembler makes requests of the IPRM process to open a decryption session and decrypt selected packets to identify the window rendering size. The decoder makes requests of the IPRM process to decrypt access units within the same decryption session and to close the decryption session. Because content is encrypted on packet boundaries, and when called upon by the decoder, the IPRM component must recreate the packet boundaries from the access unit before decryption is possible. The IPRM system component is able to do so because the encrypted packets contain an IPRM header that is used by the IPRM system to calculate the packet length. After decrypting all the packets, the IPRM system component reconstructs the decrypted access unit and returns decrypted content to the decoder.
14 Citations
23 Claims
-
1. An apparatus for decrypting encrypted, encoded digital media information for presentation, the apparatus comprising;
-
a reassembler for receiving encrypted packets from a packet source, wherein a plurality of the packets include encoded digital media information and a first packet of the plurality of packets includes first information describing a size of a rendering window for playing-back the encoded digital media information wherein the reassembler generates access units from the encoded digital media information; a decoder coupled to the reassembler for decoding the encoded digital media information wherein the decoder receives decrypted first information from the reassembler and the access units from the reassembler; and a decryption resource coupled to the reassembler and to the decoder for decrypting the first information for the reassembler and for decrypting second information for the decoder. - View Dependent Claims (2, 3, 4)
-
-
5. A method for decrypting media information in a presentation device, wherein the presentation device includes a reassembler coupled to a decoder, the method comprising:
-
decrypting a first portion of the media information at the reassembler; decrypting a second portion of the media information at the decoder which includes re-decrypting content that was already decrypted by the reassembler and forwarded in an original encrypted state to the decoder; passing an encrypted access unit from the reassembler to the decoder; decrypting the encrypted access unit at the decoder; and wherein at least a portion of the media information is in MPLG-4 video access units format. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification