Proactive forced renewal of content protection implementations

US 7,392,381 B2
Filed: 04/13/2004
Issued: 06/24/2008
Est. Priority Date: 04/13/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method for periodically renewing content protection implementations in devices, the method comprising:

on a first periodic basis, automatically pushing a new content protection implementation to a device that contains an existing content protection implementation;

wherein the existing content protection implementation comprises (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and

wherein the new content protection implementation comprises (a) new software to replace at least part of the existing software for presenting protected content and (b) a new key to supersede the existing key for facilitating presentation of protected content; and

on a second periodic basis, automatically pushing revocation data to the device, the revocation data to identify a revoked key, the revoked key comprising a key that has been superseded by the new key of the new content protection implementation;

wherein the revocation data to identify the revoked key is pushed to the device after a corresponding new content protection implementation has already been pushed to the device to equip the device with a replacement key for the revoked key; and

wherein the operation of pushing the new content protection implementation to the device comprises providing the new content protection implementation based on a predetermined time period, without regard to whether or not the existing key has been compromised.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for proactive forced renewal of content protection implementations in devices includes a key generation facility to generate and allocate keys for the devices, and to generate revocation data corresponding to revoked keys in response to at least one of a security compromise and on a periodic basis independent of a security compromise; and a device manufacturer to receive the keys from the key generation facility, to embed the keys in content protection implementations for the devices, to distribute the devices, and to renew the content protection implementations in devices after the devices are distributed, in response to at least one of a security compromise and on a periodic basis independent of a security compromise.

Citations

24 Claims

1. A method for periodically renewing content protection implementations in devices, the method comprising:
- on a first periodic basis, automatically pushing a new content protection implementation to a device that contains an existing content protection implementation;
  
  wherein the existing content protection implementation comprises (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and
  
  wherein the new content protection implementation comprises (a) new software to replace at least part of the existing software for presenting protected content and (b) a new key to supersede the existing key for facilitating presentation of protected content; and
  
  on a second periodic basis, automatically pushing revocation data to the device, the revocation data to identify a revoked key, the revoked key comprising a key that has been superseded by the new key of the new content protection implementation;
  
  wherein the revocation data to identify the revoked key is pushed to the device after a corresponding new content protection implementation has already been pushed to the device to equip the device with a replacement key for the revoked key; and
  
  wherein the operation of pushing the new content protection implementation to the device comprises providing the new content protection implementation based on a predetermined time period, without regard to whether or not the existing key has been compromised.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method according to claim 1, further comprising:
    - waiting a selected amount of time after pushing the new content protection implementation to the device before pushing corresponding revocation data to the device.
  - 3. A method according to claim 1, wherein the first periodic basis and the second periodic basis have substantially the same period.
  - 4. A method according to claim 1, wherein the revocation data comprises two values that identify a range of more than two revoked keys.
  - 5. A method according to claim 1, wherein the revocation data is encrypted and can only be decrypted by the new key of the new content protection implementation.
  - 6. A method according to claim 1, wherein the device comprises an information handling device from the group consisting of:
    - a consumer electronics device for accessing protected content; and
      
      a software-implemented player application for accessing protected content.
  - 7. A method according to claim 1, further comprising:
    - receiving the revocation data, at a device manufacturer, from a key generation facility; and
      
      pushing the revocation data to the device from the device manufacturer.
  - 8. A method according to claim 1, wherein the operation of pushing the new content protection implementation to the device comprises:
    - storing the new content protection implementation in a storage medium to be used by the device.
  - 9. A method according to claim 8, wherein the operation of storing the new content protection implementation in the storage medium comprises storing the new content protection implementation in at least one medium from the group consisting of:
    - a blank storage medium; and
      
      a pre-recorded storage medium.
  - 10. A method according to claim 1, further comprising:
    - receiving the revocation data, at a broadcaster, from a key generation facility; and
      
      broadcasting, for reception by multiple devices, broadcast content that includes the revocation data.

11. An apparatus, comprising:
- a tangible, machine-accessible medium; and
  
  instructions in the machine-accessible medium which, when executed by a processing system, cause the processing system to perform operations comprising;
  
  on a periodic basis, automatically pushing a new content protection implementation to a device that contains an existing content protection implementation;
  
  wherein the existing content protection implementation comprises (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and
  
  wherein the new content protection implementation comprises (a) new software to replace at least part of the existing software for presenting protected content and (b) a new key to supersede the existing key for facilitating presentation of protected content; and
  
  on a periodic basis, automatically pushing revocation data to the device, the revocation data to identify a revoked key, the revoked key comprising a key that has been superseded by the new key of the new content protection implementation;
  
  wherein the revocation data to identify a revoked key is pushed to the device after a corresponding new content protection implementation has already been pushed to the device to equip the device with a replacement key for the revoked key; and
  
  wherein the operation of pushing the new content protection implementation to the device comprises providing the new content protection implementation based on a predetermined time period, without regard to whether or not the existing key has been compromised.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. An apparatus according to claim 11, wherein the first periodic basis and the second periodic basis have substantially the same period.
  - 13. An apparatus according to claim 11, wherein the revocation data comprises two values that identify a range of more than two revoked keys.
  - 14. An apparatus according to claim 11, wherein the device comprises in information handling device from the group consisting of:
    - a consumer electronics device for accessing protected content; and
      
      a software-implemented player application for accessing protected content.
  - 15. An apparatus according to claim 11, wherein the operations comprise:
    - receiving the revocation data from a key generation facility; and
      
      pushing the received revocation data to the device.
  - 16. An apparatus according to claim 11, wherein the operation of pushing the new content protection implementation to the device comprises:
    - storing the new content protection implementation in a storage medium to be used by the device.
  - 17. An apparatus according to claim 16, wherein the storage medium comprises at least one medium from the group consisting of:
    - a blank storage medium; and
      
      a pre-recorded storage medium.
  - 18. An apparatus according to claim 11, wherein the operation of pushing the revocation data to the device comprises:
    - including the revocation data in broadcast content transmitted by a broadcaster for reception by multiple devices.

19. A device, comprising:
- a processor;
  
  a machine-accessible medium responsive to the processor;
  
  an existing content protection implementation comprising (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and
  
  instructions in the machine-accessible medium which, when executed by the device, enable to device to perform operations comprising;
  
  receiving a new content protection implementation pushed to the device, the new content protection implementation comprising (a) new software to replace at least part of the existing software for presenting protected content and (b) a new key to supersede the existing key for facilitating presentation of protected content; and
  
  receiving revocation data pushed to the device, the revocation data to identify a revoked key, the revoked key being a key that has been superseded by the new key from the new content protection implementation;
  
  wherein the device receives the new content protection implementation with the new key before receiving the revocation data to revoke the existing key; and
  
  wherein the operation of receiving the new content protection implementation comprises receiving the new content protection implementation based on a predetermined time period, without regard to whether or not the existing key has been compromised.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. A device according to claim 19, wherein the revocation data comprises two values that identify a range of more than two revoked keys.
  - 21. A device according to claim 19, wherein the device comprises in information handling device from the group consisting of:
    - a consumer electronics device for accessing protected content; and
      
      a software-implemented player application for accessing protected content.
  - 22. A device according to claim 19, wherein the operation of receiving the new content protection implementation comprises receiving the new content protection implementation from a pre-recorded storage medium.
  - 23. A device according to claim 19, wherein the operation of receiving the revocation data comprises:
    - receiving the revocation data from broadcast content transmitted by a broadcaster for reception by multiple devices.
  - 24. A device according to claim 19, wherein the operations further comprise:
    - after receiving the revocation data, processing the revocation data prior to allowing access to protected content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Traw, C. Brendan S., Ripley, Michael S.
Primary Examiner(s)
JUNG, DAVID YIUK

Application Number

US10/823,947
Publication Number

US 20050228988A1
Time in Patent Office

1,533 Days
Field of Search

713/158, 713/155, 713/156, 713/153
US Class Current

713/158
CPC Class Codes

H04L 2209/60   Digital content management,...

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

Proactive forced renewal of content protection implementations

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Proactive forced renewal of content protection implementations

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links