Method and apparatus for secure content delivery over broadband access networks
First Claim
1. A method for creating an activator for processing a content title into executable form, comprising:
- generating, by a computer system, an activator, the activator including cryptographic data for decrypting content title data, the cryptographic data is encoded in obfuscated bytecode to inhibit unauthorized extraction of the cryptographic data, wherein the obfuscated bytecode implements executable instructions for decrypting content title data and the obfuscated bytecode is consumable by a bytecode interpreter that is configured to interpret and execute the obfuscated bytecode to obtain the cryptographic data for decrypting the content title data;
adding authorization data to the activator, the authorization data identifying a time period in which the content title remains in an executable form;
sending the generated activator in the form of the obfuscated bytecode to a client; and
sending the content title data to the client, the content title data including a downloadable file system that includes files associated with the content and simulated registry values, wherein the content is configured to be executed by using the files stored in the downloadable file system and using the simulated registry values to simulate an installation of the content in a client file system.
6 Assignments
0 Petitions
Accused Products
Abstract
A system for secure delivery of on-demand content over broadband access networks utilizes a pair of servers of security mechanisms to prevent client processes from accessing and executing content without authorization. A plurality of encrypted titles are stored on a content server coupled to the network. An access server also coupled to the network contains the network addresses of the titles and various keying and authorization data necessary to decrypt and execute title. A client application executing on a user'"'"'s local computer system is required to retrieve the address, keying and authorization data from the access server before retrieving a title from the content server and enabling execution of the title on a user'"'"'s local computer system.
-
Citations
13 Claims
-
1. A method for creating an activator for processing a content title into executable form, comprising:
-
generating, by a computer system, an activator, the activator including cryptographic data for decrypting content title data, the cryptographic data is encoded in obfuscated bytecode to inhibit unauthorized extraction of the cryptographic data, wherein the obfuscated bytecode implements executable instructions for decrypting content title data and the obfuscated bytecode is consumable by a bytecode interpreter that is configured to interpret and execute the obfuscated bytecode to obtain the cryptographic data for decrypting the content title data; adding authorization data to the activator, the authorization data identifying a time period in which the content title remains in an executable form; sending the generated activator in the form of the obfuscated bytecode to a client; and sending the content title data to the client, the content title data including a downloadable file system that includes files associated with the content and simulated registry values, wherein the content is configured to be executed by using the files stored in the downloadable file system and using the simulated registry values to simulate an installation of the content in a client file system. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method, comprising:
-
receiving by a client computer system, an activator, said activator providing cryptographic data for decrypting content title data, said cryptographic data embedded in obfuscated bytecode to inhibit unauthorized extraction of the cryptographic data, said obfuscated bytecode implements executable instructions for decryption of content data; receiving authorization data, the authorization data identifying a time period in which the content title remains in executable form; receiving the content title data, the content title data including content, a downloaded file system, and simulated registry values for an executing instance of the content; executing a virtual machine, the virtual machine including executable instructions for interpreting and executing obfuscated bytecode; executing, by the virtual machine, the accessed activator in the form of the obfuscated bytecode to generate the cryptographic data for decrypting content title data; decrypting the content title data using the generated cryptographic data; mounting the downloaded file system; executing, by using information stored in the downloaded file system, the content; intercepting an operating system request for a registry value associated with the execution of the content; and sending a simulated registry value to the operating system thereby simulating an instillation of the content on the client. - View Dependent Claims (7, 8, 9)
-
-
10. A method comprising:
-
generating, by a computer system, an activator, the activator including cryptographic data for content title data in obfuscated bytecode to inhibit unauthorized extraction of the cryptographic data, wherein the obfuscated bytecode implements executable instructions for decrypting content title data, the obfuscated bytecode consumable by a virtual machine that is configured to interpret and execute the obfuscated bytecode to obtain the cryptographic data for decrypting the content title data; storing the generated activator in the form of the obfuscated bytecode; wherein the activator includes authorization data, the authorization data identifying a time period in which the content title remains in executable form, said generated cryptographic data being valid only for the identified time period; wherein the content title data includes content, a downloadable file system that includes files associated with the content, and simulated registry values; and wherein the content is configured to be executed by using the files stored in the downloadable file system and using the simulated registry values to simulate an instillation of the content in a client file system. - View Dependent Claims (11, 12, 13)
-
Specification