Method and system for binding enhanced software features to a persona
First Claim
1. A method of enabling the use of a first digital work on plural computing devices, said method comprising the acts of:
- receiving, at an activation server from a first computing device, a user'"'"'s credentials and a request to authenticate the first computing device;
retrieving activation information associated with the user'"'"'s credentials, wherein the activation information identifies a number of previously activated computing devices associated with the user'"'"'s credentials;
comparing the activation information identifying the number of activated computing devices associated with the user'"'"'s credentials to an activation limit number;
when the activation limit number has been reached, denying the authentication request received from the first computing device, otherwise;
authenticating said credentials by querying a namespace authority;
providing a first activation certificate to said first computing device, wherein the activation certificate includes an activation private key encrypted by a public key associated with a secure repository, wherein the secure repository includes a repository private key and the public key;
providing the secure repository to said first computing device, wherein the secure repository, when executed, decrypts the activation private key using the repository private key securely;
decrypting a symmetric key, bound to said first digital work, using the activation private key wherein the symmetric key operable to decrypt said first digital work; and
persisting an association between said credentials and at least some information included in said first activation certificate, wherein said computing device stores software having an activated state and a non-activated state, wherein said first activation certificate transforms said software to said activated state, wherein said software renders a second digital work regardless of whether it is in the activated state, and wherein said software renders said first digital work only if said software is in the activated state.
1 Assignment
0 Petitions
Accused Products
Abstract
A server architecture for a digital rights management system that distributes and protects rights in content. The server architecture includes a retail site which sells content items to consumers, a fulfillment site which provides to consumers the content items sold by the retail site, and an activation site which enables consumer reading devices to use content items having an enhanced level of copy protection. Each retail site is equipped with a URL encryption object, which encrypts, according to a secret symmetric key shared between the retail site and the fulfillment site, information that is needed by the fulfillment site to process an order for content sold by the retail site. Upon selling a content item, the retail site transmits to the purchaser a web page having a link to a URL comprising the address of the fulfillment site and a parameter having the encrypted information. Upon following the link, the fulfillment site downloads the ordered content to the consumer, preparing the content if necessary in accordance with the type of security to be carried with the content. The fulfillment site includes an asynchronous fulfillment pipeline which logs information about processed transactions using a store-and-forward messaging service.
-
Citations
6 Claims
-
1. A method of enabling the use of a first digital work on plural computing devices, said method comprising the acts of:
-
receiving, at an activation server from a first computing device, a user'"'"'s credentials and a request to authenticate the first computing device; retrieving activation information associated with the user'"'"'s credentials, wherein the activation information identifies a number of previously activated computing devices associated with the user'"'"'s credentials; comparing the activation information identifying the number of activated computing devices associated with the user'"'"'s credentials to an activation limit number; when the activation limit number has been reached, denying the authentication request received from the first computing device, otherwise; authenticating said credentials by querying a namespace authority; providing a first activation certificate to said first computing device, wherein the activation certificate includes an activation private key encrypted by a public key associated with a secure repository, wherein the secure repository includes a repository private key and the public key; providing the secure repository to said first computing device, wherein the secure repository, when executed, decrypts the activation private key using the repository private key securely; decrypting a symmetric key, bound to said first digital work, using the activation private key wherein the symmetric key operable to decrypt said first digital work; and persisting an association between said credentials and at least some information included in said first activation certificate, wherein said computing device stores software having an activated state and a non-activated state, wherein said first activation certificate transforms said software to said activated state, wherein said software renders a second digital work regardless of whether it is in the activated state, and wherein said software renders said first digital work only if said software is in the activated state. - View Dependent Claims (2, 3)
-
-
4. A computer readable storage medium having stored thereon, instructions for enabling the use of a first digital work on plural computing devices, the computer readable medium comprising instructions for:
-
receiving, at an activation server from a first computing device, a user'"'"'s credentials and a request to authenticate the first computing device; retrieving activation information associated with the user'"'"'s credentials, wherein the activation information identifies a number of previously activated computing devices associated with the user'"'"'s credentials; comparing the activation information identifying the number of activated computing devices associated with the user'"'"'s credentials to an activation limit number; when the activation limit number has been reached, denying the authentication request received from the first computing device, otherwise; authenticating said credentials by querying a namespace authority; providing a first activation certificate to said first computing device, wherein the activation certificate includes an activation private key encrypted by a public key associated with a secure repository, wherein the secure repository includes a repository private key and the public key; providing the secure repository to said first computing device, wherein the secure repository, when executed, decrypts the activation private key using the repository private key securely; decrypting a symmetric key, bound to said first digital work, using the activation private key wherein the symmetric key operable to decrypt said first digital work; and persisting an association between said credentials and at least some information included in said first activation certificate, wherein said computing device stores software having an activated state and a non-activated state, wherein said first activation certificate transforms said software to said activated state, wherein said software renders a second digital work regardless of whether it is in the activated state, and wherein said software renders said first digital work only if said software is in the activated state. - View Dependent Claims (5, 6)
-
Specification