Content distribution and aggregation
First Claim
Patent Images
1. A method comprising:
- receiving a license number associated with a client device;
retrieving a hardware fingerprint associated with the client device based on the license number, the hardware fingerprint being a unique identifier associated with the client device that indicates that the client device includes an installed client renderer;
determining that the client device is registered with a secure publishing system based on one or more of the hardware fingerprint and the license number;
retrieving content which is configured for consumption based a first policy that indicates to the client renderer that the client device must maintain a tethered connection in order to consume the content;
encrypting the content with a media key to generate encrypted content, the encrypted content being encrypted using a single type of encryption and including a first sub-container and a second sub-container that are included in a same media stream, the different sub-containers corresponding to different portions of the content and the first policy configured to apply to the first sub-container and the second policy configured to apply to the second sub-container;
and providing the encrypted content to the client device associated with a private key and a public key, wherein the private key is encrypted based on the hardware fingerprint of the client device and the private key is stored at the client device;
encrypting the media key with the public key;
providing the encrypted media key to the client device;
wherein the private key is stored on the client device as an obfuscated private key and the client device is configured to;
rearrange the bits of the obfuscated private key in memory of the client device to generate the private key without ever saving the private key in the clear in non-volatile storage of the client device;
decrypt the encrypted media key using the private key;
decrypt the encrypted content using the decrypted media key; and
render the decrypted content on the client device.
5 Assignments
0 Petitions
Accused Products
Abstract
In an example, a method for secure publication of content is described. The method may include encrypting content with a media key. The method may also include providing the encrypted content to a client device associated with a private key and a public key. The private key may be stored at the client device. The method may also include encrypting the media key with the public key. The method may also include providing the encrypted media key to the client device.
-
Citations
19 Claims
-
1. A method comprising:
-
receiving a license number associated with a client device; retrieving a hardware fingerprint associated with the client device based on the license number, the hardware fingerprint being a unique identifier associated with the client device that indicates that the client device includes an installed client renderer; determining that the client device is registered with a secure publishing system based on one or more of the hardware fingerprint and the license number; retrieving content which is configured for consumption based a first policy that indicates to the client renderer that the client device must maintain a tethered connection in order to consume the content; encrypting the content with a media key to generate encrypted content, the encrypted content being encrypted using a single type of encryption and including a first sub-container and a second sub-container that are included in a same media stream, the different sub-containers corresponding to different portions of the content and the first policy configured to apply to the first sub-container and the second policy configured to apply to the second sub-container; and providing the encrypted content to the client device associated with a private key and a public key, wherein the private key is encrypted based on the hardware fingerprint of the client device and the private key is stored at the client device; encrypting the media key with the public key; providing the encrypted media key to the client device; wherein the private key is stored on the client device as an obfuscated private key and the client device is configured to; rearrange the bits of the obfuscated private key in memory of the client device to generate the private key without ever saving the private key in the clear in non-volatile storage of the client device; decrypt the encrypted media key using the private key; decrypt the encrypted content using the decrypted media key; and render the decrypted content on the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer program product comprising a non-transitory computer usable medium including a computer readable program, wherein the computer readable program when executed on a computer causes the computer to:
-
receive a license number associated with a client device; retrieve a hardware fingerprint associated with the client device based on the license number, the hardware fingerprint being a unique identifier generated based on two or more hardware elements of the client device and indicating that the client device includes an installed client renderer; determine that the client device is registered with a secure publishing system based on one or more of the hardware fingerprint and the license number; retrieving content which is configured for consumption based a first policy that indicates to the client renderer that the client device must maintain a tethered connection in order to consume the content; encrypt the content with a media key to generate encrypted content, the encrypted content being encrypted using a single type of encryption and including a first sub-container and a second sub-container corresponding to different portions of the content that are included in a same media stream, the different sub-containers corresponding to different portions of the content and the first policy configured to apply to the first sub-container and the second policy configured to apply to the second sub-container; provide the encrypted content to a client device associated with a private key and a public key, wherein the private key is encrypted based on the hardware fingerprint of the client device and the private key stored at the client device; encrypt the media key with the public key; provide the encrypted media key to the client device; wherein the private key is stored on the client device as an obfuscated private key and the client device is configured to; rearrange the bits of the obfuscated private key in memory of the client device to generate the private key without ever saving the private key in the clear in non-volatile storage of the client device; decrypt the encrypted media key using the private key; decrypt the encrypted content using the decrypted media key; and render the decrypted content on the client device.
-
-
19. A system comprising:
-
a processor; and a memory storing instructions that, when executed, cause the system to; receive a license number associated with a client device; retrieve a hardware fingerprint associated with the client device based on the license number, the hardware fingerprint being derived from a hardware token associated with the client device that indicates that the client device includes an installed client renderer; determine that the client device is registered with a secure publishing system based on one or more of the hardware fingerprint and the license number; retrieving content which is configured for consumption based a first policy that indicates to the client renderer that the client device must maintain a tethered connection in order to consume the content; encrypt the content with a media key to generate encrypted content, the encrypted content being encrypted using a single type of encryption and including a first sub-container and a second sub-container corresponding to different portions of the content that are included in a same media stream, the different sub-containers corresponding to different portions of the content and the first policy configured to apply to the first sub-container and the second policy configured to apply to the second sub-container; provide the encrypted content to a client device associated with a private key and a public key, wherein the private key is encrypted based on the hardware fingerprint of the client device and the private key stored at the client device; encrypt the media key with the public key; provide the encrypted media key to the client device; wherein the private key is stored on the client device as an obfuscated private key and the client device is configured to; rearrange the bits of the obfuscated private key in memory of the client device to generate the private key without ever saving the private key in the clear in non-volatile storage of the client device; decrypt the encrypted media key using the private key; decrypt the encrypted content using the decrypted media key; and render the decrypted content on the client device.
-
Specification