Method and system for authorizing client devices to receive secured data streams
First Claim
1. A method, comprising:
- extracting a client key from an encrypted section of a digital certificate received at a server;
extracting an expiration timestamp by decrypting a data file associated with the digital certificate using a decryption key in the server;
sending a program key to a client after encrypting the program key using the client key;
obtaining an issuance timestamp for specific content requested by the client; and
sending the specific content, encrypted using the program key, to the client in response to the issuance timestamp being earlier than the expiration timestamp.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for authorizing client devices to receive secured data streams through the use of digital certificates embedded in the client devices. A freely distributed cryptographically signed group file with an embedded expiration date is associated with each individual digital certificate. A single group file can be associated with more than one digital certificate but each digital certificate is associated with a single group file. The group file contains cryptographic keys that can be used to decrypt a section of the digital certificate revealing a set of client keys. The client keys are then used to encrypt a program key which are then sent back to the client device. When the client device requests a specific data stream or digital content, an issuance timestamp associated with the content is compared to the expiration date in the group file. If the issuance timestamp is after the expiration date, the client device is declined. If the issuance timestamp is before the expiration date, the requested content, encrypted utilizing the program key, is sent to the client device.
24 Citations
76 Claims
-
1. A method, comprising:
-
extracting a client key from an encrypted section of a digital certificate received at a server; extracting an expiration timestamp by decrypting a data file associated with the digital certificate using a decryption key in the server; sending a program key to a client after encrypting the program key using the client key; obtaining an issuance timestamp for specific content requested by the client; and sending the specific content, encrypted using the program key, to the client in response to the issuance timestamp being earlier than the expiration timestamp. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A device, comprising:
-
means for extracting a client key from an encrypted section of a digital certificate received at a server; means for extracting an expiration timestamp by decrypting a data file associated with the digital certificate using a decryption key in the server; means for sending a program key to a client after encrypting the program key using the client key; means for obtaining an issuance timestamp for specific content requested by the client; and means for sending the specific content, encrypted using the program key, to the client in response to the issuance timestamp being earlier than the expiration timestamp. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. An article of manufacture including a computer-readable medium having instructions stored thereon that, in response to execution by a computing device, cause the computing device to perform operations comprising:
-
extracting a client key from an encrypted section of a digital certificate received at a server; extracting an expiration timestamp by decrypting a data file associated with the digital certificate using a decryption key in the server; sending a program key to a client after encrypting the program key using the client key; obtaining an issuance timestamp for specific content requested by the client; and sending the specific content, encrypted using the program key, to the client in response to the issuance timestamp being earlier than the expiration timestamp. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A server, comprising:
-
a memory configured to store program code; and a processor configured to execute the stored program code to; extract a client key from an encrypted section of a digital certificate received at the server; extract an expiration timestamp by decrypting a data file associated with the digital certificate using a decryption key stored in the memory of the server; transmit a program key to a client after encrypting the program key using the client key; obtain an issuance timestamp for specific content requested by the client; and transmit the specific content, encrypted using the program key, to the client in response to the issuance timestamp being earlier than the expiration timestamp. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
-
-
53. A method, comprising:
-
transmitting, to a server, a digital certificate including an encrypted section having a client key; receiving, from the server, a program key encrypted using the client key; transmitting, to the server, a request for content encrypted using the program key; and receiving, from the server, the content encrypted using the program key in response to an issuance timestamp being earlier than an expiration timestamp; wherein the request for content includes the issuance timestamp; and wherein the expiration timestamp is configured to be decrypted from a digital file associated with the digital certificate using a decryption key. - View Dependent Claims (54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
-
-
65. A client, comprising:
-
a memory configured to store program code; and a processor configured to execute the stored program code to; transmit, to a server, a digital certificate including an encrypted section having a client key; receive, from the server, a program key encrypted using the client key; transmit, to the server, a request for content encrypted using the program key; and receive, from the server, the content encrypted using the program key in response to an issuance timestamp being earlier than an expiration timestamp; wherein the request for content includes the issuance timestamp; and wherein the expiration timestamp is configured to be decrypted from a digital file associated with the digital certificate using a decryption key. - View Dependent Claims (66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76)
-
Specification