Use of generic (browser) encryption API to do key exchange (for media files and player)

US 8,984,285 B1
Filed: 12/12/2012
Issued: 03/17/2015
Est. Priority Date: 12/12/2011
Status: Active Grant

First Claim

Patent Images

1. A method for managing content with a computing device that is operative to perform actions, comprising:

providing a key to an application that is separately operating on a user agent which is executing on the computing device;

providing the key to at least one of the user agent and a generic cryptography application program interface (GCAPI) that is employed by the user agent, which includes;

employing the GCAPI to generate another key based on the key;

based on a media element, instructing the user agent to utilize a current key stored by the GCAPI, wherein the current key is the other key; and

in response to a key request that is both based on the media element and from the user agent to the GCAPI, employing the GCAPI to provide the other key to the user agent;

providing encrypted content based on the media element of a markup language that is operatively supported by the user agent;

decrypting the encrypted content based on both the other key and the media element; and

displaying the decrypted content with the user agent.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments are directed towards decrypting encrypted content. A key for decrypting the encrypted content may be provided to a web application executing within a browser. The application may employ a generic cryptography application program interface (GCAPI) to perform actions on the key, including, storing the key, decrypting an encrypted key, generating another key, converting the key to a different encryption type, or the like. The GCAPI may or may not be enabled to explicitly share the key with the browser'"'"'s media engine. In response to receiving encrypted content, the GCAPI may provide the key to the application, explicitly or inexplicitly to the browser'"'"'s media engine, or the like. The key may be utilized by the application, the browser, the media element, browser'"'"'s media engine, and/or the GCAPI to decrypt the encrypted content. The decrypted content may be displayed within the browser to a user of a client device.

Citations

22 Claims

1. A method for managing content with a computing device that is operative to perform actions, comprising:
- providing a key to an application that is separately operating on a user agent which is executing on the computing device;
  
  providing the key to at least one of the user agent and a generic cryptography application program interface (GCAPI) that is employed by the user agent, which includes;
  
  employing the GCAPI to generate another key based on the key;
  
  based on a media element, instructing the user agent to utilize a current key stored by the GCAPI, wherein the current key is the other key; and
  
  in response to a key request that is both based on the media element and from the user agent to the GCAPI, employing the GCAPI to provide the other key to the user agent;
  
  providing encrypted content based on the media element of a markup language that is operatively supported by the user agent;
  
  decrypting the encrypted content based on both the other key and the media element; and
  
  displaying the decrypted content with the user agent.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein employing the GCAPI to provide the other key to the user agent, further includes employing the GCAPI to provide a reference to the other key to the user agent.
  - 3. The method of claim 1, wherein decrypting the encrypted content based on both the other key and the media element, further comprises:
    - employing a media engine of the user agent to perform the decryption of the encrypted content.
  - 4. The method of claim 1, further comprising:
    - employing an encrypted media extension application program interface to access the other key stored by the GCAPI.
  - 5. The method of claim 1, further comprising:
    - enabling the application to provide the encrypted content to the GCAPI;
      
      employing the GCAPI to enable decryption of the encrypted content; and
      
      enabling the GCAPI to provide the decrypted content to the application.
  - 6. The method of claim 1, further comprising:
    - enabling the application to provide the encrypted content to the GCAPI, wherein the encrypted content includes a stream of content;
      
      employing the GCAPI to enable decryption of the encrypted content; and
      
      enabling the GCAPI to provide the decrypted content to the media element.
  - 7. The method of claim 1, wherein providing the key to at least one of the user agent and the GCAPI, further comprises:
    - based on the media element, instructing the GCAPI that the other key is associated with the media element; and
      
      in response to a key request both based on the media element and from the user agent, employing the GCAPI to determine if the media element is associated with the other key.
  - 8. The method of claim 1, wherein providing the key to at least one of the user agent and the GCAPI, further includes:
    - based on the media element, providing the user agent with a key ID associated with the encrypted content and the other key; and
      
      based on the media element, employing the user agent to request the other key from the GCAPI based on the key ID.
  - 9. The method of claim 1, wherein decrypting the encrypted content based on both the other key and the media element, further comprises:
    - employing the application to perform the decryption of the encrypted content.
  - 10. The method of claim 1, wherein the user agent is a browser application.

11. A computing device for managing content, comprising:
- a memory for storing data and instructions; and
  
  a processor that executes the instructions to enable actions, including;
  
  providing a key to an application that is separately operating on a user agent which is executing on the computing device;
  
  providing the key to at least one of the user agent and a generic cryptography application program interface (GCAPI) that is employed by the user agent, which includes;
  
  employing the GCAPI to generate another key based on the key;
  
  based on a media element, instructing the user agent to utilize a current key stored by the GCAPI, wherein the current key is the other key; and
  
  in response to a key request that is both based on the media element and from the user agent to the GCAPI, employing the GCAPI to provide the other key to the user agent;
  
  providing encrypted content based on the media element of a markup language that is operatively supported by the user agent;
  
  decrypting the encrypted content based on both the key and the media element; and
  
  displaying the decrypted content with the user agent.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The computing device of claim 11, wherein providing the key to at least one of the user agent and the GCAPI, further includes providing a reference to the other key to the user agent.
  - 13. The computing device of claim 11, wherein decrypting the encrypted content based on both the other key and the media element, further comprises:
    - employing a media engine of the user agent to perform the decryption of the encrypted content.
  - 14. The computing device of claim 11, further comprising:
    - employing an encrypted media extension application program interface to access the other-key stored by the GCAPI.
  - 15. The computing device of claim 11, further comprising:
    - enabling the application to provide the encrypted content to the GCAPI;
      
      employing the GCAPI to enable decryption of the encrypted content; and
      
      enabling the GCAPI to provide the decrypted content to the application.
  - 16. The computing device of claim 11, wherein providing the key to at least one of the user agent and the GCAPI, further comprises:
    - based on the media element, instructing the GCAPI that the other key is associated with the media element; and
      
      in response to a key request both based on the media element and from the user agent, employing the GCAPI to determine if the media element is associated with the other key.
  - 17. The computing device of claim 11, wherein providing the key to at least one of the user agent and the GCAPI, further includes:
    - based on the media element, providing the user agent with a key ID associated with the encrypted content and the other key; and
      
      based on the media element, employing the user agent to request the other key from the GCAPI based on the key ID.

18. A system for managing content, comprising:
- a server device that is operative to provide the content over the network;
  
  a network device, including;
  
  a memory for storing data and instructions;
  
  a processor that is operative to execute the instructions that enable actions, including;
  
  providing a key to an application that is separately operating on a user agent which is executing on the network device;
  
  providing the key to at least one of the user agent and a generic cryptography application program interface (GCAPI) that is employed by the user agent, which includes;
  
  employing the GCAPI to generate another key based on the key; and
  
  based on a media element, instructing the user agent to utilize a current key stored by the GCAPI, wherein the current key is the other key; and
  
  in response to a key request that is both based on the media element and from the user agent to the GCAPI, employing the GCAPI to provide the other key to the user agent;
  
  providing encrypted content based on the media element of a markup language that is operatively supported by the user agent;
  
  decrypting the encrypted content based on both the key and the media element; and
  
  displaying the decrypted content with the user agent.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The system of claim 18, wherein decrypting the encrypted content based on both the other key and the media element, further comprises:
    - employing a media engine of the user agent to perform the decryption of the encrypted content.
  - 20. The system of claim 18, further comprising:
    - enabling the application to provide the encrypted content to the GCAPI;
      
      employing the GCAPI to enable decryption of the encrypted content; and
      
      enabling the GCAPI to provide the decrypted content to the application.
  - 21. The system of claim 18, wherein providing the key to at least one of the user agent and the GCAPI, further comprises:
    - based on the media element, instructing the GCAPI that the other key is associated with the media element; and
      
      in response to a key request both based on the media element and from the user agent, employing the GCAPI to determine if the media element is associated with the other key.
  - 22. The system of claim 18, wherein providing the key to at least one of the user agent and the GCAPI, further includes:
    - based on the media element, providing the user agent with a key ID associated with the encrypted content and the other key; and
      
      based on the media element, employing the user agent to request the other key from the GCAPI based on the key ID.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Dorwin, David Kimbal, Sleevi, Ryan David, Scherkus, Andrew Martin
Primary Examiner(s)
WILLIAMS, JEFFERY L

Application Number

US13/712,764
Time in Patent Office

825 Days
Field of Search

None
US Class Current

713/164
CPC Class Codes

G06F 11/3003   Monitoring arrangements spe...

G06F 21/105   Arrangements for software l...

G06F 21/1062   Editing

G06F 21/1073   Conversion

G06F 21/50   Monitoring users, programs ...

G06F 21/60   Protecting data

G06F 21/602   Providing cryptographic fac...

G06F 21/62   Protecting access to data v...

G06F 21/6209   to a single file or object,...

G06F 40/143   Markup, e.g. Standard Gener...

G06T 11/00   2D [Two Dimensional] image ...

G11B 20/00086   Circuits for prevention of ...

H04L 2209/603   Digital right managament [DRM]

H04L 2463/101   applying security measures ...

H04L 2463/103   applying security measure f...

H04L 47/801   Real time traffic

H04L 47/805   QOS or priority aware

H04L 63/00   Network architectures or ne...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/0876 : based on the identity of th...

H04L 63/102 : Entity profiles

H04L 65/1101 : Session protocols

H04L 65/1108 : Web based protocols, e.g. w...

H04L 65/613 : for the control of the sour...

H04L 65/762 : at the source reformatting...

H04L 65/80 : Responding to QoS

H04L 9/0631 : Substitution permutation ne...

H04L 9/0861 : Generation of secret inform...

H04L 9/32 : including means for verifyi...

H04N 21/2347 : involving video stream encr...

H04N 21/24 : Monitoring of processes or ...

H04N 21/25825 : involving client display ca...

H04N 21/25833 : involving client hardware c...

H04N 21/41407 : embedded in a portable devi...

H04N 21/4405 : involving video stream decr...

H04N 21/4516 : involving client characteri...

View All

Use of generic (browser) encryption API to do key exchange (for media files and player)

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Use of generic (browser) encryption API to do key exchange (for media files and player)

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links