Data protection systems and methods
DC CAFCFirst Claim
1. A method for protecting electronic media content from unauthorized use by a user of a computer system, the method including:
- receiving a request from a user of the computer system to use a piece of electronic media content;
identifying one or more software modules responsible for processing the piece of electronic media content and enabling use of the piece of electronic media content by the user;
processing at least a portion of said piece of electronic media content using at least one of the one or more software modules;
evaluating whether the at least one of the one or more software modules process the portion of the electronic media content in an authorized manner, the evaluating including at least one action selected from the group consisting of;
evaluating whether the at least one of the one or more software modules make calls to certain system interfaces;
evaluating whether the at least one of the one or more software modules direct data to certain channels;
analyzing dynamic timing characteristics of the at least one of the one or more software modules for anomalous timing characteristics indicative of invalid or malicious activity;
denying the request to use the piece of electronic media content if the evaluation indicates that the at least one of the one or more software modules fail to satisfy a set of predefined criteria.
4 Assignments
Litigations
1 Petition
Reexamination
Accused Products
Abstract
Systems and methods are provided for protecting electronic content from the time it is packaged through the time it is experienced by an end user. Protection against content misuse is accomplished using a combination of encryption, watermark screening, detection of invalid content processing software and hardware, and/or detection of invalid content flows. Encryption protects the secrecy of content while it is being transferred or stored. Watermark screening protects against the unauthorized use of content. Watermark screening is provided by invoking a filter module to examine content for the presence of a watermark before the content is delivered to output hardware or software. The filter module is operable to prevent delivery of the content to the output hardware or software if it detects a predefined protection mark. Invalid content processing software is detected by a monitoring mechanism that validates the software involved in processing protected electronic content. Invalid content flows can be detected by scanning the information passed across system interfaces for the attempted transfer of bit patterns that were released from an application and/or a piece of content management software.
148 Citations
20 Claims
-
1. A method for protecting electronic media content from unauthorized use by a user of a computer system, the method including:
-
receiving a request from a user of the computer system to use a piece of electronic media content; identifying one or more software modules responsible for processing the piece of electronic media content and enabling use of the piece of electronic media content by the user; processing at least a portion of said piece of electronic media content using at least one of the one or more software modules; evaluating whether the at least one of the one or more software modules process the portion of the electronic media content in an authorized manner, the evaluating including at least one action selected from the group consisting of; evaluating whether the at least one of the one or more software modules make calls to certain system interfaces; evaluating whether the at least one of the one or more software modules direct data to certain channels; analyzing dynamic timing characteristics of the at least one of the one or more software modules for anomalous timing characteristics indicative of invalid or malicious activity; denying the request to use the piece of electronic media content if the evaluation indicates that the at least one of the one or more software modules fail to satisfy a set of predefined criteria. - View Dependent Claims (2, 3)
-
-
4. A system for protecting electronic media content and enabling use of the electronic media content by a user, the system comprising:
-
means for evaluating one or more predefined characteristics of one or more drivers responsible for handling the electronic media content, the means for evaluating including means for operating a protection mechanism selected from the group consisting of; means for evaluating whether the one or more drivers make calls to certain system interfaces; means for determining whether the one or more drivers include one or more predefined code sequences associated with undesirable behavior; means for analyzing dynamic timing characteristics of the one or more drivers for anomalous timing characteristics indicative of invalid or malicious activity; means for determining whether the one or more drivers are included on a list of trusted drivers; means for determining whether the one or more drivers are included on a list of untrusted drivers; and means for determining whether the one or more drivers have been digitally signed by a trusted party; means for denying effective access to the electronic media content based on an output of said means for evaluating one or more predefined characteristics of the drivers responsible for handling the electronic media content; means for generating an identifier associated with the electronic media content; means for monitoring a predefined system interface for data to be transferred to an output device to determine if the data to be transferred to an output device contains the identifier; and means for preventing effective access to data containing the identifier via the predefined system interface.
-
-
5. A method for protecting electronic media content from unauthorized use, the method including:
-
receiving a request to access a piece of electronic media content; generating a first identifier associated with the piece of electronic media content; and monitoring at least one system interface for electronic data to be transferred to an output device, the monitoring including; receiving at least a portion of the electronic data to be transferred to the output device; generating a second identifier associated with the at least a portion of the electronic data; comparing the second identifier with the first identifier; and taking a predefined defensive action if the second identifier is related to the first identifier in a predefined manner, wherein the predefined defensive action is selected from the group consisting of; modifying at least a portion of the piece of electronic data, and preventing the transfer of at least a portion of the piece of electronic data to the output device via the system interface. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification