Security framework for HTTP streaming architecture
First Claim
1. A computer-implemented method for authenticating a client player application, the method comprising:
- receiving, at a server, a request for streaming content from a client player application;
sending at least one portion of the streaming content to the client player application;
sending a program to the client player application for execution thereby, the program being embedded in the at least one portion of streaming content and comprising one or more computer-readable instructions that, when executed by the client player application, cause the client player application to send information identifying the client player application to the server;
receiving the information identifying the client player application and determining whether the client player application is recognized as an authentic client player application, based at least in part on the content of the information identifying the client player application that was sent because of the embedded program'"'"'s one or more computer-readable instructions.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatus for preventing unauthorized access to online content, including in particular streaming video and other media, are provided. In various embodiments, techniques are provided to authorize users and to authenticate clients (e.g., client media players) to a content delivery system. The content delivery system may comprise a content delivery network with one or more content or “edge” servers therein. The requesting client is sent a program at the time of content delivery. The program may be embedded in the content stream, or sent outside of the stream. The program contains instructions that are executed by the client and cause it to return identifying information to the content delivery system, which can then determine whether the client player is recognized and, if so, authorized to view the content. Unrecognized and/or altered players may be prevented from viewing the content.
-
Citations
26 Claims
-
1. A computer-implemented method for authenticating a client player application, the method comprising:
-
receiving, at a server, a request for streaming content from a client player application; sending at least one portion of the streaming content to the client player application; sending a program to the client player application for execution thereby, the program being embedded in the at least one portion of streaming content and comprising one or more computer-readable instructions that, when executed by the client player application, cause the client player application to send information identifying the client player application to the server; receiving the information identifying the client player application and determining whether the client player application is recognized as an authentic client player application, based at least in part on the content of the information identifying the client player application that was sent because of the embedded program'"'"'s one or more computer-readable instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for authenticating a client player application that requests streaming content from a content delivery system having one or more servers, comprising:
-
at least one of one or more servers that receives a request from a client player application for streaming content; the one or more servers comprising at least one processor and a memory storing instructions that, when executed, configure the one or more servers to send at least one portion of the streaming content to the client player application and to send a program to the client player application that is embedded in the at least one portion of the streaming content and comprises one or more computer-readable instructions for execution by the client player application; the one or more computer-readable instructions in the program, when executed by the client player application, causing the client player application to send information identifying the client player application to at least one of the one or more servers; the one or more servers further configured by the executed instructions to receive the information identifying the client player application and to determine whether the client player application is recognized as an authentic client, based at least in part on the content of the information identifying the client player application that was sent because of the embedded program'"'"'s one or more computer-readable instructions. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
Specification