Data protection systems and methods

US 8,510,849 B2
Filed: 06/14/2010
Issued: 08/13/2013
Est. Priority Date: 08/31/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method for protecting electronic content from unauthorized use, the method comprising:

monitoring at least one system interface through which electronic data is transferred to a peripheral device, the monitoring comprising;

obtaining a first identifier associated with at least a portion of the electronic data, wherein the first identifier is a distillation of some part of the electronic data;

comparing the first identifier with a second identifier;

determining that the first identifier is related to the second identifier in a predefined manner and that the peripheral device is not permitted to receive the electronic data based on one or more rules associated with the electronic data; and

taking at least one action to protect the electronic content from unauthorized use based on the determination.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for protecting electronic content from the time it is packaged through the time it is experienced by an end user. Protection against content misuse is accomplished using a combination of encryption, watermark screening, detection of invalid content processing software and hardware, and/or detection of invalid content flows. Encryption protects the secrecy of content while it is being transferred or stored. Watermark screening protects against the unauthorized use of content. Watermark screening is provided by invoking a filter module to examine content for the presence of a watermark before the content is delivered to output hardware or software. The filter module is operable to prevent delivery of the content to the output hardware or software if it detects a predefined protection mark. Invalid content processing software is detected by a monitoring mechanism that validates the software involved in processing protected electronic content. Invalid content flows can be detected by scanning the information passed across system interfaces for the attempted transfer of bit patterns that were released from an application and/or a piece of content management software.

54 Citations

View as Search Results

36 Claims

1. A method for protecting electronic content from unauthorized use, the method comprising:
- monitoring at least one system interface through which electronic data is transferred to a peripheral device, the monitoring comprising;
  
  obtaining a first identifier associated with at least a portion of the electronic data, wherein the first identifier is a distillation of some part of the electronic data;
  
  comparing the first identifier with a second identifier;
  
  determining that the first identifier is related to the second identifier in a predefined manner and that the peripheral device is not permitted to receive the electronic data based on one or more rules associated with the electronic data; and
  
  taking at least one action to protect the electronic content from unauthorized use based on the determination.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, wherein the at least one action comprises modifying at least a portion of the electronic data before it is transferred to the peripheral device.
  - 3. The method of claim 2, wherein the modifying comprises scrambling at least a portion of the electronic data.
  - 4. The method of claim 1, wherein the at least one action comprises preventing the transfer of at least a portion of the electronic data from the system interface.
  - 5. The method of claim 1, wherein the at least one action comprises adding noise to at least a portion of the electronic data before it is transferred to the peripheral device.
  - 6. The method of claim 1, wherein the at least one action comprises adding an electronic watermark or fingerprint to at least a portion of the electronic data.
  - 7. The method of claim 1, wherein the electronic content is electronic media content.
  - 8. The method of claim 1, wherein the method further comprises receiving a request to access the electronic content.
  - 9. The method of claim 1, wherein the electronic content is encrypted and the method further comprises decrypting the electronic content.
  - 10. The method of claim 1, wherein the second identifier comprises a hash of at least a portion of the electronic content and the first identifier comprises a hash of at least a portion of the electronic data to be transferred from the system interface.
  - 11. The method of claim 1, wherein the second identifier comprises a predefined portion of the electronic content.
  - 12. The method of claim 1, wherein the system interface comprises a file system interface to one or more device drivers.
  - 13. The method of claim 12, wherein the one or more device drivers are selected from the group consisting of:
    - video display driver, sound driver, SCSI driver, IDE driver, network driver, video capture driver, floppy disk driver, and scanner driver.
  - 14. The method of claim 1, wherein the at least one system interface is selected using the one or more rules, the one or more rules being configured to identify certain system interfaces to which the electronic content is not allowed to be sent.
  - 15. The method of claim 1, wherein the predefined relation between the first identifier and the second identifier comprises the first identifier being equal to the second identifier.
  - 16. The method of claim 1 further comprising:
    - inserting a cryptographic fingerprint into the electronic content, the cryptographic fingerprint comprising information relating to a request to access the electronic content.
  - 17. The method of claim 16, wherein inserting the cryptographic fingerprint into the electronic content further comprises:
    - authenticating a fingerprinting engine using a cryptographic credential; and
      
      using the fingerprinting engine to insert the cryptographic fingerprint into the electronic content.
  - 18. The method of claim 17, wherein the fingerprinting engine is configured to authenticate a calling application using a cryptographic credential.

19. A non-transitory computer-readable medium storing executable program instructions that, when executed by a processor of a computer system, are configured to cause the computer system to perform a method for protecting electronic content from unauthorized use, the method comprising:
- monitoring at least one system interface through which electronic data is transferred to a peripheral device, the monitoring comprising;
  
  comparing a first identifier associated with at least a portion of the electronic data with a second identifier, wherein the first identifier is a distillation of some part of the electronic data;
  
  determining that the first identifier is related to the second identifier in a predefined manner and that the peripheral device is not permitted to receive the electronic data based on one or more rules associated with the electronic data; and
  
  taking at least one action to protect the electronic content from unauthorized use based on the determination.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 20. The non-transitory computer-readable medium of claim 19, wherein the at least one action comprises modifying at least a portion of the electronic data before it is transferred to the peripheral device.
  - 21. The non-transitory computer-readable medium of claim 20, wherein the modifying comprises scrambling at least a portion of the electronic data.
  - 22. The non-transitory computer-readable medium of claim 19, wherein the at least one action comprises preventing the transfer of at least a portion of the electronic data from the system interface.
  - 23. The non-transitory computer-readable medium of claim 19, wherein the at least one action comprises adding noise to at least a portion of the electronic data.
  - 24. The non-transitory computer-readable medium of claim 19, wherein the at least one action comprises adding an electronic watermark or fingerprint to at least a portion of the electronic data.
  - 25. The non-transitory computer-readable medium of claim 19, wherein the electronic content is electronic media content.
  - 26. The non-transitory computer-readable medium of claim 19, wherein the method further comprises receiving a request to access the electronic content.
  - 27. The non-transitory computer-readable medium of claim 19, wherein the electronic content is encrypted and the method further comprises decrypting the electronic content.
  - 28. The non-transitory computer-readable medium of claim 19, wherein the second identifier comprises a hash of at least a portion of the electronic content and the first identifier comprises a hash of at least a portion of the electronic data to be transferred from the system interface.
  - 29. The non-transitory computer-readable medium of claim 19, wherein the second identifier comprises a predefined portion of the electronic content.
  - 30. The non-transitory computer-readable medium of claim 19, wherein the system interface comprises a file system interface to one or more device drivers.
  - 31. The non-transitory computer-readable medium of claim 30, wherein the one or more device drivers are selected from the group consisting of:
    - video display driver, sound driver, SCSI driver, IDE driver, network driver, video capture driver, floppy disk driver, and scanner driver.
  - 32. The non-transitory computer-readable medium of claim 19, wherein the at least one system interface is selected using the one or more rules, the one or more rules being configured to identify certain system interfaces to which the electronic content is not allowed to be sent.
  - 33. The non-transitory computer-readable medium of claim 19, wherein the predefined relation between the first identifier and the second identifier comprises the first identifier being equal to the second identifier.
  - 34. The non-transitory computer-readable medium of claim 19, wherein the method further comprises:
    - inserting a cryptographic fingerprint into the electronic content, the cryptographic fingerprint comprising information relating to a request to access the electronic content.
  - 35. The non-transitory computer-readable medium of claim 34, wherein inserting the cryptographic fingerprint into the electronic content further comprises:
    - authenticating a fingerprinting engine using a cryptographic credential; and
      
      using the fingerprinting engine to insert the cryptographic fingerprint into the electronic content.
  - 36. The non-transitory computer-readable medium of claim 35, wherein the fingerprinting engine is configured to authenticate a calling application using a cryptographic credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PLS IV, LLC (Pretium Partners, LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
MacKay, Michael K., Sibert, W. Olin, Landsman, Richard A., Swenson, Eric J., Hunt, William
Primary Examiner(s)
CHEN, SHIN HON

Application Number

US12/815,121
Publication Number

US 20110246782A1
Time in Patent Office

1,156 Days
Field of Search

None
US Class Current

726/26
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/1064   Restricting content process...

G06F 21/16   Program or content traceabi...

G06F 21/55   Detecting local intrusion o...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/6218   to a system of files or obj...

Data protection systems and methods

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

54 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Data protection systems and methods

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links