Separate authentication processes to secure content

US 7,415,721 B2
Filed: 02/16/2005
Issued: 08/19/2008
Est. Priority Date: 06/16/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method including:

associating a first authentication process with content, the first authentication process to protect the content from access by an unauthorized user; and

associating a second authentication process with the content, the second authentication process to protect the content from access by an unauthorized device,wherein the first authentication process and the second authentication process comprise separate and distinct authentication processes thereby enabling an authorized user to access the content on an authorized device and preventing the authorized user from accessing the content on the unauthorized device.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes associating a first authentication process with content, the first authentication process to protect the content from access by an unauthorized user. A second authentication process is also associated with the content, the second authentication process to protect the content from access by an unauthorized device. The first authentication process and the second authentication process are separate and distinct authentication processes. This enables an authorized user to access the content on an authorized device and prevents the authorized user from accessing the content on the unauthorized device.

103 Citations

View as Search Results

40 Claims

1. A method including:
- associating a first authentication process with content, the first authentication process to protect the content from access by an unauthorized user; and
  
  associating a second authentication process with the content, the second authentication process to protect the content from access by an unauthorized device,wherein the first authentication process and the second authentication process comprise separate and distinct authentication processes thereby enabling an authorized user to access the content on an authorized device and preventing the authorized user from accessing the content on the unauthorized device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1 wherein the first process includes verification of a user device certificate.
  - 3. The method of claim 2 wherein the verification of the user device certificate occurs at an agent remote from a user device.
  - 4. The method of claim 2 wherein the verification of the user device certificate occurs at a user device.
  - 5. The method of claim 1 wherein the first process includes verification of the user credentials against content access criteria.
  - 6. The method of claim 1 wherein the second process includes verification of a copy-protected device certificate.
  - 7. The method of claim 6 wherein the verification of the copy-protected device certificate occurs at an agent remote from a copy-protected device.
  - 8. The method of claim 6 wherein the verification of the copy-protected device certificate occurs at a copy-protected device.
  - 9. The method of claim 1 including, upon successful completion of the first and second processes, encrypting a product key, with which the content is encrypted, with a public key of a copy-protected device.
  - 10. The method of claim 1 wherein the associating of both the first and second processes with the content includes encrypting a product key, to access the content, with both a public key of a user device and a public key of a copy-protected device to create a twice-encrypted product key.
  - 11. The method of claim 10 wherein the twice-encrypted product key is first encrypted with the public key of a user device to create a once-encrypted product key, and second encrypted with the public key of a copy-protected device to create the twice-encrypted product key.
  - 12. The method of claim 10 wherein the twice-encrypted product key is included within a license associated with the content.
  - 13. The method of claim 12 wherein the license includes any one of a group of data items including the user device public key, a certificate serial number, and issuer authentication information.
  - 14. The method of claim 13 wherein the issuer authentication information includes a signature by a license issuer and a certificate of the license issuer.
  - 15. The method of claim 10 wherein the first process includes decryption of the twice-encrypted product key by the user device to reveal a once-encrypted product key.
  - 16. The method of claim 15 wherein the user device decrypts the twice-encrypted product key utilizing a private key of a user device.
  - 17. The method of claim 16 wherein the copy-protected device issues a request to the user device to decrypt the twice-encrypted product key, the request including a challenge to the twice-encrypted product key.
  - 18. The method of claim 17 wherein the challenge includes a private key of the user device.
  - 19. The method of claim 15 wherein the second process includes decryption of the once-encrypted product key by the copy-protected device to reveal the product key.
  - 20. The method of claim 15 wherein the copy-protected device decrypts the once-encrypted product key utilizing a private key of the copy-protected device.

21. A system including:
- a user device;
  
  a copy-protected device; and
  
  a content distributor, coupled via a network to both the user and copy-protected devices, to perform a first process to protect the content from access by an unauthorized user and a second process to protect the content from access by an unauthorized device with respect to content,wherein the first process and the second process comprise separate and distinct processes thereby enabling an authorized user device to access the content on the copy-protected device if the copy-protected device is authorized.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 22. The system of claim 21 wherein the first process includes verification of a user device certificate associated with the user device.
  - 23. The system of claim 21 wherein the first process includes verification of the user credentials against content access criteria.
  - 24. The system of claim 21 wherein the second process includes verification of a copy-protected device certificate associated with the copy-protected device.
  - 25. The system of claim 24 wherein the verification of the copy-protected device certificate occurs at an agent remote from the copy-protected device.
  - 26. The system of claim 24 wherein the verification of the copy-protected device certificate occurs at the copy-protected device.
  - 27. The system of claim 21 wherein the content distributor, upon successful completion of the first and second processes, is to encrypt a product key, with which the content is encrypted, with a public key of the copy-protected device.
  - 28. The system of claim 21 wherein the content distributor, upon successful completion of the first and second processes, is to encrypt a product key, with which the content is encrypted, with both a public key of the user device and a public key of the copy-protected device to create a twice-encrypted product key.
  - 29. The system of claim 28 wherein the twice-encrypted product key is first encrypted with the public key of the user device to create a once-encrypted product key, and second encrypted with the public key of the copy-protected device to create the twice-encrypted product key.
  - 30. The system of claim 28 wherein the content distributor is to include the twice-encrypted product key within a license associated with the content.
  - 31. The system of claim 30 wherein the license includes any one of a group of data items including a user device public key, a certificate serial number, and issuer authentication information.
  - 32. The system of claim 31 wherein the issuer authentication information includes a signature by a license issuer and a certificate of the license issuer.
  - 33. The system of claim 29 wherein the first process includes decryption of the twice-encrypted product key by the user device to reveal the once-encrypted product key.
  - 34. The system of claim 33 wherein the user device decrypts the twice-encrypted product key utilizing a private key of the user device.
  - 35. The system of claim 28 wherein the copy-protected device issues a request to the user device to decrypt the twice-encrypted product key, the request including a challenge to the twice-encrypted product key.
  - 36. The system of claim 35 wherein the challenge includes a private key of the user device.
  - 37. The system of claim 33 wherein the second process includes decryption of the once-encrypted product key by the copy-protected device to reveal the product key.
  - 38. The system of claim 29 wherein the copy-protected device is to decrypt the once-encrypted product key utilizing a private key of the copy-protected device.

39. A system including:
- a user means;
  
  a copy-protected means; and
  
  a content distributor means, coupled via a network to both the user and copy-protected means, to perform a first process to protect the content from access by an unauthorized user means and a second to protect the content from access by an unauthorized device process with respect to the content,wherein the first process and the second process comprise separate and distinct authentication processes thereby enabling an authorized user means to access the content on the copy-protected means, if the copy-protected means is authorized.

40. A machine readable storage medium storing a sequence of instructions that, when executed by a machine, cause the machine to:
- associate a first authentication process with content, the first authentication process to protect the content from access by an unauthorized user; and
  
  associate a second authentication process with the content, the second authentication process to protect the content from access by an unauthorized device,wherein the first authentication process and the second authentication process comprise separate and distinct authentication processes thereby enabling an authorized user to access the content on an authorized device and preventing the authorized user from accessing the content on the unauthorized device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
MIH Technology Holdings BV
Original Assignee
Entriq Incorporated
Inventors
Fransdonk, Robert W.
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US11/060,728
Publication Number

US 20050131832A1
Time in Patent Office

1,280 Days
Field of Search

None
US Class Current

726/4
CPC Class Codes

G06F 21/107   License processing; Key pro...

G06Q 20/1235   with control of digital rig...

G06Q 20/3823   combining multiple encrypti...

H04L 2463/101   applying security measures ...

H04L 2463/102   applying security measure f...

H04L 63/0442   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/0876   based on the identity of th...

H04L 63/10   for controlling access to d...

H04L 63/12   Applying verification of th...

Separate authentication processes to secure content

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

103 Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Separate authentication processes to secure content

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

103 Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links