Protecting digital media of various content types
First Claim
Patent Images
1. A computer-implemented method with a client-receiver computer having a public/private key pair, and at least one server-transmitter computer having a public key of the client-receiver computer, the method comprising steps of:
- generating a root content key using the public key of the client-receiver computer;
transmitting the root content key to the client-receiver computer, the root content key being decryptable using the client-receiver computer'"'"'s private key and usable by the client-receiver computer to decrypt leaf content keys;
dividing a single media file into multiple data segments, each data segment associated with a different digital rights management policy;
encrypting each of the data segments with a respective leaf content key to provide encrypted data segmentsappending a descriptor to each of the encrypted data segments, each descriptor identifying the leaf content key with which the data segment was encrypted and the associated digital rights management policy; and
transmitting the encrypted data segments and descriptors to the client-receiver computer.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and/or methods (“tools”) are described that enable a digital rights management policy to be associated with digital media having an arbitrary content type or transfer control protocol. In some embodiments, the tools encrypt data segments of a media file and add a descriptor to each of those segments. These descriptors can enable a receiver of the encrypted media file to decrypt the file and consume it according to the correct digital rights management policy.
-
Citations
18 Claims
-
1. A computer-implemented method with a client-receiver computer having a public/private key pair, and at least one server-transmitter computer having a public key of the client-receiver computer, the method comprising steps of:
-
generating a root content key using the public key of the client-receiver computer; transmitting the root content key to the client-receiver computer, the root content key being decryptable using the client-receiver computer'"'"'s private key and usable by the client-receiver computer to decrypt leaf content keys; dividing a single media file into multiple data segments, each data segment associated with a different digital rights management policy; encrypting each of the data segments with a respective leaf content key to provide encrypted data segments appending a descriptor to each of the encrypted data segments, each descriptor identifying the leaf content key with which the data segment was encrypted and the associated digital rights management policy; and transmitting the encrypted data segments and descriptors to the client-receiver computer. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising one or more computer-readable media not consisting of a propagated signal, the one or more computer-readable media comprising:
a digital media file comprising; one or more data segments, each data segment having a different digital rights management policy, each of the data segments added to a descriptor and comprising; payload data encrypted with a respective leaf content key, each leaf content key encrypted by a root content key that is encrypted using a public key and decryptable using a private key of a public-private key pair, wherein each descriptor includes at least the associated leaf content key enabling decryption of the encrypted payload data and association of the encrypted payload data with the digital rights management policy. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
15. A computer-implemented method for communicating a media file with multiple portions to a client-receiver computer from a server-transmitter computer performing the steps of:
-
encrypting a root content key using a public key of the client-receiver computer, the root content key being decryptable with a private key of the client-receiver computer; transmitting the root content key to the client-receiver computer; dividing the media file into multiple portions, each portion having a different designated rights policy indicating permitted usage of the associated portion; generating multiple leaf content keys, each leaf content key being generated for an associated portion of the media file, wherein generating each leaf content key comprises encrypting each leaf content key with the root content key; building a descriptor for each portion of the media file, each descriptor identifying the leaf content key and the associated designated rights policy; encrypting each portion of the media file with the associated leaf content key; transmitting the encrypted portions and the descriptors to the client-receiver computer; and the client-receiver computer decrypting each leaf content key using the root content key and decrypting each of the portions using the associated leaf content key specified in the descriptor associated with each portion. - View Dependent Claims (16, 17, 18)
-
Specification