Proactive forced renewal of content protection implementations
First Claim
1. A method for periodically renewing content protection implementations in devices, the method comprising:
- on a first periodic basis, automatically pushing a new content protection implementation to a device that contains an existing content protection implementation;
wherein the existing content protection implementation comprises (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and
wherein the new content protection implementation comprises (a) new software to replace at least part of the existing software for presenting protected content and (b) a new key to supersede the existing key for facilitating presentation of protected content; and
on a second periodic basis, automatically pushing revocation data to the device, the revocation data to identify a revoked key, the revoked key comprising a key that has been superseded by the new key of the new content protection implementation;
wherein the revocation data to identify the revoked key is pushed to the device after a corresponding new content protection implementation has already been pushed to the device to equip the device with a replacement key for the revoked key; and
wherein the operation of pushing the new content protection implementation to the device comprises providing the new content protection implementation based on a predetermined time period, without regard to whether or not the existing key has been compromised.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for proactive forced renewal of content protection implementations in devices includes a key generation facility to generate and allocate keys for the devices, and to generate revocation data corresponding to revoked keys in response to at least one of a security compromise and on a periodic basis independent of a security compromise; and a device manufacturer to receive the keys from the key generation facility, to embed the keys in content protection implementations for the devices, to distribute the devices, and to renew the content protection implementations in devices after the devices are distributed, in response to at least one of a security compromise and on a periodic basis independent of a security compromise.
-
Citations
24 Claims
-
1. A method for periodically renewing content protection implementations in devices, the method comprising:
-
on a first periodic basis, automatically pushing a new content protection implementation to a device that contains an existing content protection implementation; wherein the existing content protection implementation comprises (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and wherein the new content protection implementation comprises (a) new software to replace at least part of the existing software for presenting protected content and (b) a new key to supersede the existing key for facilitating presentation of protected content; and on a second periodic basis, automatically pushing revocation data to the device, the revocation data to identify a revoked key, the revoked key comprising a key that has been superseded by the new key of the new content protection implementation; wherein the revocation data to identify the revoked key is pushed to the device after a corresponding new content protection implementation has already been pushed to the device to equip the device with a replacement key for the revoked key; and wherein the operation of pushing the new content protection implementation to the device comprises providing the new content protection implementation based on a predetermined time period, without regard to whether or not the existing key has been compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus, comprising:
-
a tangible, machine-accessible medium; and instructions in the machine-accessible medium which, when executed by a processing system, cause the processing system to perform operations comprising; on a periodic basis, automatically pushing a new content protection implementation to a device that contains an existing content protection implementation; wherein the existing content protection implementation comprises (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and wherein the new content protection implementation comprises (a) new software to replace at least part of the existing software for presenting protected content and (b) a new key to supersede the existing key for facilitating presentation of protected content; and on a periodic basis, automatically pushing revocation data to the device, the revocation data to identify a revoked key, the revoked key comprising a key that has been superseded by the new key of the new content protection implementation; wherein the revocation data to identify a revoked key is pushed to the device after a corresponding new content protection implementation has already been pushed to the device to equip the device with a replacement key for the revoked key; and wherein the operation of pushing the new content protection implementation to the device comprises providing the new content protection implementation based on a predetermined time period, without regard to whether or not the existing key has been compromised. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A device, comprising:
-
a processor; a machine-accessible medium responsive to the processor; an existing content protection implementation comprising (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and instructions in the machine-accessible medium which, when executed by the device, enable to device to perform operations comprising; receiving a new content protection implementation pushed to the device, the new content protection implementation comprising (a) new software to replace at least part of the existing software for presenting protected content and (b) a new key to supersede the existing key for facilitating presentation of protected content; and receiving revocation data pushed to the device, the revocation data to identify a revoked key, the revoked key being a key that has been superseded by the new key from the new content protection implementation; wherein the device receives the new content protection implementation with the new key before receiving the revocation data to revoke the existing key; and wherein the operation of receiving the new content protection implementation comprises receiving the new content protection implementation based on a predetermined time period, without regard to whether or not the existing key has been compromised. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification