Binding content to a domain
First Claim
1. At a central domain server in a rights management system that protects content from being consumed by unauthorized devices in a wide area network, the central domain server configured to enforce domain membership for other computing devices that request access to digitally protected content in the wide area network, a method of enforcing digital rights within the confines of a content license used when consuming content within a domain by validating domain membership criteria set by a content provider, the method comprising acts of:
- the central domain server receiving a first request from a first computing device for creating a domain and for receiving a domain identification for the domain;
in response to the first request, the central domain server creating a first domain certificate for the first computing device, the first domain certificate including the domain identification, the domain identification uniquely binding content licenses to the domain, the content licenses comprising one or more usage rights that define how content associated with the licenses may be consumed by any members of the domain;
the central domain server sending the first domain certificate to the first computing device such that the first computing device is established as a member of and the domain manager for the domain;
the central domain server subsequently receiving a second request generated by the second computing device, the second request for the second computing device becoming a member of the domain and for the second computing device receiving the domain identification, the second request including device specific information uniquely identifying the second computing device;
in response to the second request, the central domain server enforcing digital rights by validating domain membership criteria set by the content provider through at least both of (1) a velocity check that determines how many requestors have both joined and unjoined from the domain within a predetermined period of time; and
(2) a proximity check that checks how close the second computing device is to the first computing device, the domain membership criteria defines a minimum proximal closeness required of the second computing device relative to the first computing device;
upon validation of the domain membership criteria that a predetermined frequency of requestors both joining and unjoining the domain over the predetermined period of time has not been exceeded, the central domain server creating a second domain certificate for the second computing device, the second domain certificate including the device specific information and the domain identification;
the central domain server sending the second domain certificate to the second computing device for establishing the second computing device as member of the domain;
the central domain server receiving a third request from the content provider for verifying the domain identification, the third request including the domain identification sent by the content provider when the content provider receives a request for content from a member of the domain; and
in response to the third request, the central domain server sending a verification to the content provider that the domain identification is valid, such that the central domain server centrally regulates content access for both the first and second computing devices through membership in the domain in accordance with the desires of the content provider.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides for a digital rights management system with a centralized domain service capable of creating and managing membership criteria for joining a domain in accordance with business rules defined by a content owner. A domain identification is created that allows a content provider to uniquely bind content licenses to a domain. The content licenses include usage rights that define how content associated with the licenses may be consumed by one or more members of the domain. The centralized domain service can enforce digital rights by validating membership criteria including at least one of a domain proximity check for validating that a requestor is in close proximity to the domain, a total number of requestors, or the frequency that the requests have been made by various requestors to join the domain and unjoin from the domain.
-
Citations
19 Claims
-
1. At a central domain server in a rights management system that protects content from being consumed by unauthorized devices in a wide area network, the central domain server configured to enforce domain membership for other computing devices that request access to digitally protected content in the wide area network, a method of enforcing digital rights within the confines of a content license used when consuming content within a domain by validating domain membership criteria set by a content provider, the method comprising acts of:
-
the central domain server receiving a first request from a first computing device for creating a domain and for receiving a domain identification for the domain; in response to the first request, the central domain server creating a first domain certificate for the first computing device, the first domain certificate including the domain identification, the domain identification uniquely binding content licenses to the domain, the content licenses comprising one or more usage rights that define how content associated with the licenses may be consumed by any members of the domain; the central domain server sending the first domain certificate to the first computing device such that the first computing device is established as a member of and the domain manager for the domain; the central domain server subsequently receiving a second request generated by the second computing device, the second request for the second computing device becoming a member of the domain and for the second computing device receiving the domain identification, the second request including device specific information uniquely identifying the second computing device; in response to the second request, the central domain server enforcing digital rights by validating domain membership criteria set by the content provider through at least both of (1) a velocity check that determines how many requestors have both joined and unjoined from the domain within a predetermined period of time; and
(2) a proximity check that checks how close the second computing device is to the first computing device, the domain membership criteria defines a minimum proximal closeness required of the second computing device relative to the first computing device;upon validation of the domain membership criteria that a predetermined frequency of requestors both joining and unjoining the domain over the predetermined period of time has not been exceeded, the central domain server creating a second domain certificate for the second computing device, the second domain certificate including the device specific information and the domain identification; the central domain server sending the second domain certificate to the second computing device for establishing the second computing device as member of the domain; the central domain server receiving a third request from the content provider for verifying the domain identification, the third request including the domain identification sent by the content provider when the content provider receives a request for content from a member of the domain; and in response to the third request, the central domain server sending a verification to the content provider that the domain identification is valid, such that the central domain server centrally regulates content access for both the first and second computing devices through membership in the domain in accordance with the desires of the content provider. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 17)
-
-
9. A computer program product for use at a central domain server in a rights management system that protects content from being consumed by unauthorized devices in a wide area network, the central domain server configured to enforce domain membership for other computing devices that request access to digitally protected content in the wide area network, the computer program product of implementing a method of enforcing digital rights within the confines of a content license used when consuming content within a domain by validating domain membership criteria set by a content provider, the computer program product comprising one or more computer hardware storage devices having stored thereon computer-executable instructions that, when executed at a processor, cause the central domain server to the perform the method, including the follow:
-
receive a first request from a first computing device for creating a domain and for receiving a domain identification for the domain; in response to the first request, create a first domain certificate for the first computing device, the first domain certificate including the domain identification, the domain identification uniquely binding content licenses to the domain, the content licenses comprising one or more usage rights that define how content associated with the licenses may be consumed by any members of the domain; send the first domain certificate to the first computing device such that the first computing device is established as a member of and the domain manager for the domain; subsequently receive a second request generated by the second computing device, the second request for the second computing device becoming a member of the domain and for the second computing device receiving the domain identification, the second request including device specific information uniquely identifying the second computing device; in response to the second request, the central domain server enforcing digital rights by validating domain membership criteria set by the content provider through at least both of (1) a velocity check that determines how many requestors have both joined and unjoined from the domain within a predetermined period of time; and
(2) a proximity check that checks how close the second computing device is to the first computing device, the domain membership criteria defines a minimum proximal closeness required of the second computing device relative to the first computing device;upon validation of the domain membership criteria that a predetermined frequency of requestors both joining and unjoining the domain over the predetermined period of time has not been exceeded, the central domain server creating a second domain certificate for the second computing device, the second domain certificate including the device specific information and the domain identification; the central domain server sending the second domain certificate to the second computing device for establishing the second computing device as member of the domain; the central domain server receiving a third request from the content provider for verifying the domain identification, the third request including the domain identification sent by the content provider when the content provider receives a request for content from a member of the domain; and in response to the third request, the central domain server sending a verification to the content provider that the domain identification is valid, such that the central domain server centrally regulates content access for both the first and second computing devices through membership in the domain in accordance with the desires of the content provider. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 18)
-
-
19. A rights management system that protects content from being consumed by unauthorized devices in a wide area network, the rights management system configured to enforce domain membership for other computing devices that request access to digitally protected content in the wide area network, the system comprising:
-
a central domain server; a first membership computing device; a second membership computing device; a content provider computing device, wherein the central domain server, the first membership computing device, the second membership computing device and the content provider computing device include one or more processors and one or more physical computer readable media having stored thereon computer executable instructions that are configured to be executed by the one or more processors to cause the following; the first membership computing device to provide a first request to the central domain server, the first request including a request that the central domain server create a domain and provide a domain identification to the first membership computing device; the central domain server to receive the first request and create a first domain certificate for the first membership computing device, the first domain certificate including the domain identification, the domain identification uniquely binding content licenses to the domain, the content licenses comprising one or more usage rights that define how content associated with the licenses may be consumed by any members of the domain; the central domain server to send the first domain certificate to the first membership computing device; the first membership computing device to receive the first domain certificate and upon receipt, to be established as a member of and the domain manager for the domain; the first membership computing device to generate a token including proximity data indicative of the network proximity of the second membership computing device relative to the first membership computing device upon receipt of a domain membership request from the second membership computing device; the second membership computing device to provide a domain membership request to the first membership computing device and, in response to the membership request, to receive the token from the first membership computing device; the second membership computing device to send a second request to the central domain server, the second request including device specific information uniquely identifying the second membership computing device and the token, the second request including a request that the central domain server allow the second membership computing device to become a member of the domain and to provide the domain identification to the second membership computing device; the content provider computing device to send domain membership criteria to the central domain server; the central domain server to receive the second request and to receive the domain membership criteria and in response enforce digital rights by validating the domain membership criteria through at least both of (1) a velocity check that determines how many requestors have both joined and unjoined from the domain within a predetermined period of time; and
(2) a proximity check that checks how close the second computing device is to the first computing device, the domain membership criteria defines a minimum proximal closeness required of the second computing device relative to the first computing device;the central domain server to, upon validation of the domain membership criteria including a determination that a predetermined frequency of requestors both joining and unjoining the domain over the predetermined period of time has not been exceeded, create a second domain certificate for the second membership computing device, the second domain certificate including the device specific information and the domain identification, and to send the second domain certificate to the second membership computing device; the second membership computing device to receive the second domain certificate and upon receipt, to be established as a member of the domain; the content provider computing device to receive a request for content from the first or second membership computing devices in response to the request for content, send a third request to the central domain server, the third request including the domain identification and a request to verify the domain identification; and the central domain server to receive the third request from the content provider computing device and in response to the third request, send a verification to the content provider computing device that the domain identification is valid, such that the central domain server is configured to centrally regulate content access for both the first and second membership computing devices through membership in the domain in accordance with the desires of the content provider computing device.
-
Specification