Secure multimedia transfer system

US 8,812,850 B2
Filed: 12/18/2003
Issued: 08/19/2014
Est. Priority Date: 03/02/2000
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a server, a selection of at least two client systems from a user, the selected client systems registered to the user in a database, the server being separate from the selected client systems;

creating, by the server, a digital certificate that specifically identifies the selected client systems, the digital certificate comprising at least a first unique identifier for a first client system registered to the user and a second unique identifier for a second client system registered to the user, wherein the first unique identifier is different from the second unique identifier;

sending, by the server, the digital certificate to each selected client system identified in the digital certificate;

receiving, at the first client system, the digital certificate;

sending first media content from the first client system to the second client system;

based on the first client system verifying that the digital certificate identifies the second client system, the first client system sending at least first key information necessary for decrypting the first media content to the second client system;

sending second media content from the first client system to the second client system, the second media content being different than the first media content;

based on the first client system verifying that the digital certificate identifies the second client system, the first client system sending at least second key information necessary for decrypting the second media content to the second client system, the second key information being different than the first key information.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for secure multimedia transfer provides an encrypted data transfer system that makes transferring multimedia content from a client to any incompatible system or to a system outside the location of the client very difficult.

97 Citations

View as Search Results

60 Claims

1. A method comprising:
- receiving, by a server, a selection of at least two client systems from a user, the selected client systems registered to the user in a database, the server being separate from the selected client systems;
  
  creating, by the server, a digital certificate that specifically identifies the selected client systems, the digital certificate comprising at least a first unique identifier for a first client system registered to the user and a second unique identifier for a second client system registered to the user, wherein the first unique identifier is different from the second unique identifier;
  
  sending, by the server, the digital certificate to each selected client system identified in the digital certificate;
  
  receiving, at the first client system, the digital certificate;
  
  sending first media content from the first client system to the second client system;
  
  based on the first client system verifying that the digital certificate identifies the second client system, the first client system sending at least first key information necessary for decrypting the first media content to the second client system;
  
  sending second media content from the first client system to the second client system, the second media content being different than the first media content;
  
  based on the first client system verifying that the digital certificate identifies the second client system, the first client system sending at least second key information necessary for decrypting the second media content to the second client system, the second key information being different than the first key information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. A method as recited in claim 1, wherein a name is assigned to a selected client system, and wherein the name is inserted into the digital certificate.
  - 3. A method as recited in claim 1, wherein an expiration date is included in the digital certificate.
  - 4. A method as recited in claim 1, further comprising the first client system verifying the digital certificate by decrypting the digital certificate and validating a digital signature in the digital certificate.
  - 5. A method as recited in claim 1, wherein the second client system is configured to locate the first client system using a peer discovery protocol, based on the digital certificate.
  - 6. A method as recited in claim 1, wherein the first client system and second client system are digital video recorders (DVR).
  - 7. The method of claim 1, wherein the digital certificate designates the first client system to be a content server, and wherein the first client system is one of:
    - a PC, digital video recorder (DVR), or other type of data server.
  - 8. The method of claim 1, wherein the first client system is one of:
    - a content server provided by a service provider at a location that is remote from the second client system;
      
      or a content server located on a same local area network as the second client system.
  - 9. The method of claim 1, wherein the first unique identifier and the second unique identifier are serial numbers.
  - 10. The method of claim 1, wherein the digital certificate comprises public keys for the selected client systems, including a first public key for the first client system and a second public key for the second client system, wherein each of the selected client systems is configured to use the public keys to facilitate encrypted communications with each other of the selected client systems.
  - 11. The method of claim 1, wherein the first media content includes one or more of music, photos, video, recorded broadcast television, or downloaded content.
  - 12. The method of claim 1, wherein the first client system is configured to, in response to a request from the second client system, download the first media content from a content server.
  - 13. The method recited in claim 1, further comprising:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system and the second client system sharing a secure key using public key information within the digital certificate.
  - 14. The method recited in claim 1, further comprising:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system and the second client system sharing a secure key using public key information within the digital certificate;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the secure key.
  - 15. The method recited in claim 1, further comprising:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system and the second client system sharing a secure key using public key information within the digital certificate;
      
      the first client system encrypting the first media content requested by the second client system;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the secure key.
  - 16. The method as recited in claim 1, further comprising:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system encrypting a strong key using the public key of the second client system, as specified in the digital certificate;
      
      the first client system sending the encrypted strong key to the second client system;
      
      wherein the second client system is configured to decrypt the encrypted strong key using a private key of the second client system.
  - 17. The method as recited in claim 1, further comprising:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system encrypting a strong key using the public key of the second client system, as specified in the digital certificate;
      
      the first client system sending the encrypted strong key to the second client system;
      
      wherein the second client system is configured to decrypt the encrypted strong key using a private key of the second client system;
      
      the first client system sending an encrypted recording key to the second client system;
      
      wherein the second client system is configured to decrypt the recording key using the strong key;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the recording key.
  - 18. The method as recited in claim 1, further comprising:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system encrypting a strong key using the public key of the second client system, as specified in the digital certificate;
      
      the first client system sending the encrypted strong key to the second client system;
      
      wherein the second client system is configured to decrypt the encrypted strong key using a private key of the second client system;
      
      the first client system sending an encrypted recording key to the second client system;
      
      the first client system encrypting the particular media content requested by the second client system using the recording key;
      
      wherein the second client system is configured to decrypt the recording key using the strong key;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the recording key.
  - 19. The method of claim 1, further comprising:
    - the first client system sending a list of contents accessible at the first client system to the second client system;
      
      the first client system receiving a request for the first client system to send the first media content to the second client system, the request being a selection of the first media content from the list of contents sent by the first client system.
  - 20. The method of claim 1, wherein the digital certificate indicates to each of the at least two client systems that the server has authorized the first selected client system to transfer, to any other client system identified in the digital certificate, any of a plurality of multimedia content accessible to the first client system.

21. A system comprising:
- a database, on a server, comprising client system registrations and corresponding information, the server comprising one or more processors;
  
  the server, configured to perform;
  
  receiving a selection of at least two client systems from a user, the selected client systems registered to the user in the database, the server being separate from the client systems;
  
  creating a digital certificate that specifically identifies the selected client systems, the digital certificate comprising at least a first unique identifier for a first client system registered to the user and a second unique identifier for a second client system registered to the user, wherein the first unique identifier is different from the second unique identifier;
  
  sending the digital certificate to each selected client system identified in the digital certificate;
  
  the first client system, configured to perform;
  
  receiving, at the first client system, the digital certificate;
  
  sending first media content from the first client system to the second client system;
  
  based on the first client system verifying that the digital certificate identifies the second client system, the first client system sending at least first key information necessary for decrypting the first media content to the second client system;
  
  sending second media content from the first client system to the second client system, the second media content being different than the first media content;
  
  based on the first client system verifying that the digital certificate identifies the second client system, the first client system sending at least second key information necessary for decrypting the second media content to the second client system, the second key information being different than the first key information.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 22. A system as recited in claim 21, wherein a name is assigned to a selected client system, and wherein the name is inserted into the digital certificate.
  - 23. A system as recited in claim 21, wherein an expiration date is included in the digital certificate.
  - 24. A system as recited in claim 21,wherein the server is further configured to include a digital signature in the digital certificate, and encrypt the digital certificate;
    - wherein the first client system is further configured to verify the digital certificate by decrypting the digital certificate and validating the digital signature in the digital certificate.
  - 25. A system as recited in claim 21, further comprising the second client system, wherein the second client system is configured to locate the first client system using a peer discovery protocol, based on the digital certificate.
  - 26. A system as recited in claim 21, wherein the first client system and second client system are digital video recorders (DVR).
  - 27. The system of claim 21, wherein the digital certificate designates the first client system to be a content server, and wherein the first client system is one of:
    - a PC, digital video recorder (DVR), or other type of data server.
  - 28. The system of claim 21, wherein the first client system is one of:
    - a content server provided by a service provider at a location that is remote from the second client system;
      
      or a content server located on a same local area network as the second client system.
  - 29. The system of claim 21, wherein the first unique identifier and the second unique identifier are serial numbers.
  - 30. The system of claim 21, wherein the digital certificate comprises public keys for the selected client systems, including a first public key for the first client system and a second public key for the second client system, wherein each of the selected client systems is configured to use the public keys to facilitate encrypted communications with each other of the selected client systems.
  - 31. The system of claim 21, wherein the first media content includes one or more of music, photos, video, recorded broadcast television, or downloaded content.
  - 32. The system of claim 21, wherein the first client system is further configured to, in response to the request from the second client system, download the first media content from a content server.
  - 33. The system recited in claim 21, further comprising the second client system,wherein the server is further configured to include a public key for the second client system within the digital certificate;
    - wherein the first client system and the second client system are configured to share a secure key using public key information within the digital certificate.
  - 34. The system recited in claim 21, further comprising the second client system,wherein the server is further configured to include a public key for the second client system within the digital certificate;
    - wherein the first client system and the second client system are configured to share a secure key using public key information within the digital certificate;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the secure key.
  - 35. The system recited in claim 21, further comprising the second client system,wherein the server is further configured to include a public key for the second client system within the digital certificate;
    - wherein the first client system and the second client system are configured to share a secure key using public key information within the digital certificate;
      
      wherein the first client system is further configured to encrypt the first media content requested by the second client system;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the secure key.
  - 36. The system recited in claim 21, further comprising the second client system,wherein the server is further configured to include a public key for the second client system within the digital certificate;
    - wherein the first client system is further configured to encrypt a strong key using the public key of the second client system, as specified in the digital certificate;
      
      wherein the first client system is further configured to send the encrypted strong key to the second client system;
      
      wherein the second client system is configured to decrypt the encrypted strong key using a private key of the second client system.
  - 37. The system recited in claim 21, further comprising the second client system,wherein the server is further configured to include a public key for the second client system within the digital certificate;
    - wherein the first client system is further configured to encrypt a strong key using the public key of the second client system, as specified in the digital certificate;
      
      wherein the first client system is further configured to send the encrypted strong key to the second client system;
      
      wherein the second client system is configured to decrypt the encrypted strong key using a private key of the second client system;
      
      wherein the first client system is further configured to send an encrypted recording key to the second client system;
      
      wherein the second client system is further configured to decrypt the recording key using the strong key;
      
      wherein the second client system is further configured to decrypt the particular first media content received from the first client system based on the strong recording key.
  - 38. The system recited in claim 21, further comprising the second client system,wherein the server is further configured to include a public key for the second client system within the digital certificate;
    - wherein the first client system is further configured to encrypt a strong key using the public key of the second client system, as specified in the digital certificate;
      
      wherein the first client system is further configured to send the encrypted strong key to the second client system;
      
      wherein the second client system is configured to decrypt the encrypted strong key using a private key of the second client system;
      
      wherein the first client system is further configured to send an encrypted recording key to the second client system;
      
      wherein the first client system is further configured to encrypt the particular media content requested by the second client system using the recording key;
      
      wherein the second client system is further configured to decrypt the recording key using the strong key;
      
      wherein the second client system is further configured to decrypt the first media content received from the first client system based on the recording key.
  - 39. The system recited in claim 21, further comprising the second client system,wherein the first client system is further configured to send a list of contents accessible at the first client system to the second client system;
    - wherein the first client system is further configured to receive a request for the first client system to send the first media content to the second client system, the request being a selection of the first media content from the list of contents sent by the first client system.
  - 40. The system recited in claim 21, wherein the digital certificate indicates to each of the at least two client systems that the server has authorized the first selected client system to transfer, to any other client system identified in the digital certificate, any of a plurality of multimedia content accessible to the first client system.

41. A non-transitory computer-readable medium storing one or more sequences of instructions, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
- receiving, by a server, a selection of at least two client systems from a user, the selected client systems registered to the user in a database, the server being separate from the selected client systems;
  
  creating, by the server, a digital certificate that specifically identifies the selected client systems, the digital certificate comprising at least a first unique identifier for a first client system registered to the user and a second unique identifier for a second client system registered to the user, wherein the first unique identifier is different from the second unique identifier;
  
  sending, by the server, the digital certificate to each selected client system identified in the digital certificate;
  
  receiving, at the first client system, the digital certificate;
  
  sending first media content from the first client system to the second client system;
  
  based on the first client system verifying that the digital certificate identifies the second client system, the first client system sending at least first key information necessary for decrypting the first media content to the second client system;
  
  sending second media content from the first client system to the second client system, the second media content being different than the first media content;
  
  based on the first client system verifying that the digital certificate identifies the second client system, the first client system sending at least second key information necessary for decrypting the second media content to the second client system, the second key information being different than the first key information.
- View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
- - 42. A non-transitory computer-readable medium as recited in claim 41, wherein a name is assigned to a selected client system, and wherein the name is inserted into the digital certificate.
  - 43. A non-transitory computer-readable medium as recited in claim 41, wherein an expiration date is included in the digital certificate.
  - 44. A non-transitory computer-readable medium as recited in claim 41, further comprising the first client system verifying the digital certificate by decrypting the digital certificate and validating a digital signature in the digital certificate.
  - 45. A non-transitory computer-readable medium as recited in claim 41, wherein the second client system is configured to locate the first client system using a peer discovery protocol, based on the digital certificate.
  - 46. A non-transitory computer-readable medium as recited in claim 42, wherein the first client system and second client system are digital video recorders (DVR).
  - 47. The non-transitory computer-readable medium as recited in claim 41, wherein the digital certificate designates the first client system to be a content server, and wherein the first client system is one of:
    - a PC, digital video recorder (DVR), or other type of data server.
  - 48. The non-transitory computer-readable medium as recited in claim 41, wherein the first client system is one of:
    - a content server provided by a service provider at a location that is remote from the second client system;
      
      or a content server located on a same local area network as the second client system.
  - 49. The non-transitory computer-readable medium as recited in claim 41, wherein the first unique identifier and the second unique identifier are serial numbers.
  - 50. The non-transitory computer-readable medium as recited in claim 41, wherein the digital certificate comprises public keys for the selected client systems, including a first public key for the first client system and a second public key for the second client system, wherein each of the selected client systems is configured to use the public keys to facilitate encrypted communications with each other of the selected client systems.
  - 51. The non-transitory computer-readable medium as recited in claim 41, wherein the first media content includes one or more of music, photos, video, recorded broadcast television, or downloaded content.
  - 52. The non-transitory computer-readable medium as recited in claim 41, wherein the first client system is configured to, in response to the request from the second client system, download the first media content from a content server.
  - 53. The non-transitory computer-readable medium as recited in claim 41, wherein execution of the one or more sequences of instructions by the one or more processors further causes:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system and the second client system sharing a secure key using public key information within the digital certificate.
  - 54. The non-transitory computer-readable medium as recited in claim 41, wherein execution of the one or more sequences of instructions by the one or more processors further causes:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system and the second client system sharing a secure key using public key information within the digital certificate;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the secure key.
  - 55. The non-transitory computer-readable medium as recited in claim 41, wherein execution of the one or more sequences of instructions by the one or more processors further causes:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system and the second client system sharing a secure key using public key information within the digital certificate;
      
      the first client system encrypting the first media content requested by the second client system;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the secure key.
  - 56. The non-transitory computer-readable medium as recited in claim 41, wherein execution of the one or more sequences of instructions by the one or more processors further causes:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system encrypting a strong key using the public key of the second client system, as specified in the digital certificate;
      
      the first client system sending the encrypted strong key to the second client system;
      
      wherein the second client system is configured to decrypt the encrypted strong key using a private key of the second client system.
  - 57. The non-transitory computer-readable medium as recited in claim 41, wherein execution of the one or more sequences of instructions by the one or more processors further causes:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system encrypting a strong key using the public key of the second client system, as specified in the digital certificate;
      
      the first client system sending the encrypted strong key to the second client system;
      
      wherein the second client system is configured to decrypt the encrypted strong key using a private key of the second client system;
      
      the first client system sending an encrypted recording key to the second client system;
      
      wherein the second client system is configured to decrypt the recording key using the strong key;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the recording key.
  - 58. The non-transitory computer-readable medium as recited in claim 41, wherein execution of the one or more sequences of instructions by the one or more processors further causes:
    - the server including a public key for the second client system within the digital certificate;
      
      the first client system encrypting a strong key using the public key of the second client system, as specified in the digital certificate;
      
      the first client system sending the encrypted strong key to the second client system;
      
      wherein the second client system is configured to decrypt the encrypted strong key using a private key of the second client system;
      
      the first client system sending an encrypted recording key to the second client system;
      
      the first client system encrypting the particular media content requested by the second client system using the recording key;
      
      wherein the second client system is configured to decrypt the recording key using the strong key;
      
      wherein the second client system is configured to decrypt the first media content received from the first client system based on the recording key.
  - 59. The non-transitory computer-readable medium as recited in claim 41, wherein execution of the one or more sequences of instructions by the one or more processors further causes:
    - the first client system sending a list of contents accessible at the first client system to the second client system;
      
      the first client system receiving a request for the first client system to send the first media content to the second client system, the request being a selection of the first media content from the list of contents sent by the first client system.
  - 60. The non-transitory computer-readable medium as recited in claim 41, wherein the digital certificate indicates to each of the at least two client systems that the server has authorized the first selected client system to transfer, to any other client system identified in the digital certificate, any of a plurality of multimedia content accessible to the first client system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TiVo Solutions Inc. (Adeia Inc.)
Original Assignee
TiVo Inc. (Adeia Inc.)
Inventors
Barton, James M., Platt, David C.
Primary Examiner(s)
Popham, Jeffrey D

Application Number

US10/741,596
Publication Number

US 20050108519A1
Time in Patent Office

3,897 Days
Field of Search

713/175
US Class Current

713/175
CPC Class Codes

G06F 21/33   using certificates

H04L 2209/60   Digital content management,...

H04L 2463/062   applying encryption of the ...

H04L 63/0823   using certificates cryptogr...

H04L 63/123   received data contents, e.g...

H04L 9/0897   involving additional device...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04N 21/2347   involving video stream encr...

H04N 21/25816   involving client authentica...

H04N 21/26613   for generating or managing ...

H04N 21/4405   involving video stream decr...

Secure multimedia transfer system

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

97 Citations

60 Claims

Specification

Solutions

Use Cases

Quick Links

Secure multimedia transfer system

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

60 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links