Digital content store system
First Claim
1. A process, comprising the steps of:
- purchasing usage rights for an encrypted asset by sending purchase information from a client machine to a store server;
sending a ticket from the store server to the client machine, the ticket comprising an asset ID corresponding to the encrypted asset;
launching a download manager at the client machine with the received ticket;
sending an asset request for the encrypted asset using the asset ID from the launched download manager at the client machine to a fulfillment server;
sending the encrypted asset from the fulfillment server to the client machine in response to the received asset ID;
sending a license request from the client machine to the fulfillment server;
sending a license from the fulfillment server to the client machine, the license comprising an asset key and the usage rights associated with the encrypted asset;
encrypting the asset key and the usage rights at the client machine;
binding the encrypted asset key to the client machine;
combining the machine-bound encrypted asset key and encrypted user rights into machine-bound asset rights;
storing the machine-bound asset rights within a secure key locker within the client machine;
sending an acknowledgement of the receipt of the encrypted asset and the license from the client machine to the fulfillment server;
receiving a user request at an output module within the client machine, the user request received from a user for use of the encrypted asset;
sending an asset rights request from the output module through a tamper resistant asset rights module within the client machine to the secure key locker to get the machine-bound asset rights;
receiving the machine-bound asset rights at the tamper resistant asset rights module from the secure key locker in response to the asset rights request;
breaking the machine-bound asset rights at the tamper resistant asset rights module into the encrypted asset key and the encrypted usage rights;
sending the encrypted asset key and the encrypted usage rights from the tamper resistant asset rights module to the output module;
decrypting the machine-bound encrypted usage rights at the output module;
authenticating the user request based upon the machine-bound usage rights;
based upon the authentication of the user request, performing one of the following steps, either;
decrypting the encrypted asset key, decrypting the encrypted asset with the decrypted asset key, and serving the user request, or preventing use of the asset; and
updating the machine-bound usage rights within the secure key locker within the client machine based on the authentication of the request.
6 Assignments
0 Petitions
Accused Products
Abstract
The digital content store provides users with an opportunity to purchase authorized usage of digital content, such as single or multiple music tracks, video, movies, and/or video games. The users can also buy license to a desired track for a fixed number of times, e.g. preferably the users can listen on three different machines simultaneously. Users can also burn a play list of X number of times, for example ten. The burn limit preferably applies to the play list, not the song. Mixed media capability is provided that allows the purchase of digital content and/or physical media. The digital content store system comprises a unique digital rights management system and a back-end enabling system that controls these digital rights.
-
Citations
15 Claims
-
1. A process, comprising the steps of:
purchasing usage rights for an encrypted asset by sending purchase information from a client machine to a store server;
sending a ticket from the store server to the client machine, the ticket comprising an asset ID corresponding to the encrypted asset;
launching a download manager at the client machine with the received ticket;
sending an asset request for the encrypted asset using the asset ID from the launched download manager at the client machine to a fulfillment server;
sending the encrypted asset from the fulfillment server to the client machine in response to the received asset ID;
sending a license request from the client machine to the fulfillment server;
sending a license from the fulfillment server to the client machine, the license comprising an asset key and the usage rights associated with the encrypted asset;
encrypting the asset key and the usage rights at the client machine;
binding the encrypted asset key to the client machine;
combining the machine-bound encrypted asset key and encrypted user rights into machine-bound asset rights;
storing the machine-bound asset rights within a secure key locker within the client machine;
sending an acknowledgement of the receipt of the encrypted asset and the license from the client machine to the fulfillment server;
receiving a user request at an output module within the client machine, the user request received from a user for use of the encrypted asset;
sending an asset rights request from the output module through a tamper resistant asset rights module within the client machine to the secure key locker to get the machine-bound asset rights;
receiving the machine-bound asset rights at the tamper resistant asset rights module from the secure key locker in response to the asset rights request;
breaking the machine-bound asset rights at the tamper resistant asset rights module into the encrypted asset key and the encrypted usage rights;
sending the encrypted asset key and the encrypted usage rights from the tamper resistant asset rights module to the output module;
decrypting the machine-bound encrypted usage rights at the output module;
authenticating the user request based upon the machine-bound usage rights;
based upon the authentication of the user request, performing one of the following steps, either;
decrypting the encrypted asset key, decrypting the encrypted asset with the decrypted asset key, and serving the user request, or preventing use of the asset; and
updating the machine-bound usage rights within the secure key locker within the client machine based on the authentication of the request.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
Specification