Safe distribution and use of content
First Claim
1. A method, comprising:
- identifying, by one or more first server computers, a content item;
creating, by one or more first server computers, a cryptographic hash of at least a portion of the content item;
storing the content item on one or more content distributors, the one or more content distributors different from the one or more first server computers;
creating, by one or more first server computers, a ticket file including the cryptographic hash and information relating to downloading the content item from one or more second server computers, the one or more second server computers different from the one or more first server computers;
receiving, by the one or more first server computers, a request for the content item from a user system;
distributing, from the one or more first server computers, the ticket file to the user system separate from the content item;
receiving, by the one or more first server computers, a notification from the user system that a verification of the content item using the cryptographic hash has failed; and
subsequent to receiving the notification that the verification of the content item using the cryptographic hash has failed, initiating, from the one or more first server computers, a security action against the one or more content distributors in response to the failed verification.
2 Assignments
0 Petitions
Accused Products
Abstract
A cryptographic hash of content (e.g., applications, documents, widgets, software, music, videos, etc.) is created and made available for distribution over a network (or by other means) as part of a ticket file. The ticket file can be cryptographically signed to ensure its authenticity. The ticket file and content can be downloaded separately (e.g., from different websites) to a user system (e.g., a computer, mobile phone, media player/recorder, personal digital assistant (PDA), etc.). The user system verifies the signature of the ticket file and the content hash to ensure that the content has not been compromised. The ticket file can include information relating to downloading the content (e.g., a Uniform Resource Identifier (URI)) and other meta-data (e.g., hash type, content information, public key, size, version, etc.).
-
Citations
15 Claims
-
1. A method, comprising:
-
identifying, by one or more first server computers, a content item; creating, by one or more first server computers, a cryptographic hash of at least a portion of the content item; storing the content item on one or more content distributors, the one or more content distributors different from the one or more first server computers; creating, by one or more first server computers, a ticket file including the cryptographic hash and information relating to downloading the content item from one or more second server computers, the one or more second server computers different from the one or more first server computers; receiving, by the one or more first server computers, a request for the content item from a user system; distributing, from the one or more first server computers, the ticket file to the user system separate from the content item; receiving, by the one or more first server computers, a notification from the user system that a verification of the content item using the cryptographic hash has failed; and subsequent to receiving the notification that the verification of the content item using the cryptographic hash has failed, initiating, from the one or more first server computers, a security action against the one or more content distributors in response to the failed verification. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer-readable medium having stored thereon instructions which, when executed by one or more first server computers, causes the one or more first server computers to perform operations comprising:
-
identifying a content item; creating a cryptographic hash of at least a portion of the content item; storing the content item on one or more content distributors, the one or more content distributors different from the one or more first server computers; creating a ticket file including the cryptographic hash and information relating to downloading the content item from one or more second server computers, the one or more second server computers different from the one or more first server computers; receiving, by the one or more first server computers, a request for the content item from a user system; distributing, from the one or more first server computers, the ticket file to the user system separate from the content item; receiving, by the one or more first server computers, a notification from the user system that a verification of the content item using the cryptographic hash has failed; and subsequent to receiving the notification that the verification of the content item using the cryptographic hash has failed, initiating, from the one or more first server computers, a security action against the one or more content distributors in response to the failed verification. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system, comprising:
one or more first server computers configured to perform operations comprising; identifying a content item; creating a cryptographic hash of at least a portion of the content item; storing the content item on one or more content distributors, the one or more content distributors different from the one or more first server computers; creating a ticket file including the cryptographic hash and a path to the one or more content distributors, the path specifying one or more second server computers from which the content item is to be downloaded, the one or more second server computers different from the one or more first server computers; distributing, from the one or more first server computers, the ticket file to a user system upon a request to download content; receiving, by the one or more first server computers and from the user system a verification status, the verification status indicating whether the content downloaded to the user system according to the path included in the ticket file matches the cryptographic hash; and subsequent to receiving a the verification status that the verification of the content item using the cryptographic hash has failed, initiating a security action from the one or more first server computers against the one or more content distributors based on the verification status. - View Dependent Claims (12, 13, 14, 15)
Specification