Hybrid device and person based authorized domain architecture
First Claim
1. A method of generating an Authorized Domain (AD) comprises:
- selecting a domain identifier (Domain_ID) uniquely identifying the Authorized Domain (AD),binding at least one person (P1, P2, . . . , PN1) to the domain identifier (Domain_ID) comprising obtaining or generating a domain users list (DUC) comprising the domain identifier and a unique identifier,binding at least one device (D1, D2, . . . , DM) to the domain identifier (Domain_ID), andbinding at least one content item (C1, C2, . . . , CN2) to the Authorized Domain (AD) given by the domain identifier (Domain_ID),thereby obtaining a number of devices (D1, D2, . . . , DM) and a number of persons (P1, P2, . . . , PN1) that are authorized to access content items (C1, C2, . . . , CN2) of said Authorized Domain (AD),wherein access to the at least one content item (C1, C2, . . . , CN2) is obtained, via an authorization certificate, by verifying that the at least one content item (C1, C2, . . . , CN2) and the at least one person (P1, P2, . . . , PN1) are linked to the same domain identifier (Domain_ID) or by verifying that the at least one device (D1, D2, . . . , DM) and the at least one content item (C1, C2, . . . , CN2) are linked to the same domain identifier (Domain_ID);
wherein the authorization certificate includes the domain identifier (Domain_ID) in a holder field of the authorization certificate, andwherein the authorization certificate comprises rights data specifying rules, rights and conditions pertaining to access to certain content items for the at least one person in the domain or for every user in the domain and therefore creates or defines part of the domain.
3 Assignments
0 Petitions
Accused Products
Abstract
This invention relates to a system and a method of generating an Authorized Domain (AD) by selecting a domain identifier, and binding at least one person (P1, P, PN1), at least one device (D1, D2, . . . , DM), and at least one content item (C1, C2, . . . , CNZ) to the Authorized Domain (AD) given by the domain identifier (Domain ID). Hereby, a number of verified devices (D1, D2, . . . , DM) and a number of verified persons (P1, P2, . . . , PN1) that is authorized to access a content item of the Authorized Domain (100) is obtained. In this way, access to a content item of an authorized domain by a person operating a device is obtained either by verifying that the content item and the person are linked to the same domain or by verifying that the device and the content item are linked to the same domain. Thereby, enhanced flexibility for one or more persons when accessing content in an authorized domain is obtained while security of the content is still maintaining. This is further done in a simple, secure and reliable way.
-
Citations
22 Claims
-
1. A method of generating an Authorized Domain (AD) comprises:
-
selecting a domain identifier (Domain_ID) uniquely identifying the Authorized Domain (AD), binding at least one person (P1, P2, . . . , PN1) to the domain identifier (Domain_ID) comprising obtaining or generating a domain users list (DUC) comprising the domain identifier and a unique identifier, binding at least one device (D1, D2, . . . , DM) to the domain identifier (Domain_ID), and binding at least one content item (C1, C2, . . . , CN2) to the Authorized Domain (AD) given by the domain identifier (Domain_ID), thereby obtaining a number of devices (D1, D2, . . . , DM) and a number of persons (P1, P2, . . . , PN1) that are authorized to access content items (C1, C2, . . . , CN2) of said Authorized Domain (AD), wherein access to the at least one content item (C1, C2, . . . , CN2) is obtained, via an authorization certificate, by verifying that the at least one content item (C1, C2, . . . , CN2) and the at least one person (P1, P2, . . . , PN1) are linked to the same domain identifier (Domain_ID) or by verifying that the at least one device (D1, D2, . . . , DM) and the at least one content item (C1, C2, . . . , CN2) are linked to the same domain identifier (Domain_ID); wherein the authorization certificate includes the domain identifier (Domain_ID) in a holder field of the authorization certificate, and wherein the authorization certificate comprises rights data specifying rules, rights and conditions pertaining to access to certain content items for the at least one person in the domain or for every user in the domain and therefore creates or defines part of the domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for generating an Authorized Domain (AD), the system comprising:
-
at least one hardware processor; and means for obtaining a domain identifier (Domain_ID) uniquely identifying the Authorized Domain (AD), means for binding at least one person (P1, P2, . . . , PN1) to the domain identifier (Domain_ID) comprising obtaining or generating a domain users list (DUC) comprising the domain identifier and a unique identifier, means for binding at least one device (D1, D2, . . . , DM) to the domain identifier (Domain_ID), and means for binding at least one content item (C1, C2, . . . , CN2) to the Authorized Domain (AD) given by the domain identifier (Domain_ID), thereby obtaining a number of devices (D1, D2, . . . , DM) and a number of persons (P1, P2, . . . , PN1) that is authorized to access content items (C1, C2, . . . , CN2) of said Authorized Domain (AD), wherein access to the at least one content item (C1, C2, . . . , CN2) is obtained, via an authorization certificate, by verifying that the at least one content item (C1, C2, . . . , CN2) and the at least one person (P1, P2, . . . , PN1) are linked to the same domain identifier (Domain_ID) or by verifying that the at least one device (D1, D2, . . . , DM) and the at least one content item (C1, C2, . . . , CN2) are linked to the same domain identifier (Domain_ID); wherein the authorization certificate includes the domain identifier (Domain_ID) in a holder field of the authorization certificate, and wherein the authorization certificate comprises rights data specifying rules, rights and conditions pertaining to access to certain content items for the at least one person in the domain or for every user in the domain and therefore creates or defines part of the domain. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of operating an Authorized Domain (AD), the method comprises:
-
obtaining a domain identifier (Domain_ID) uniquely identifying the Authorized Domain (AD), binding an identification of at least one person (P1, P2, . . . , PN1) to the domain identifier (Domain_ID) comprising obtaining or generating a domain users list (DUC) comprising the domain identifier and a unique identifier, binding an identification of at least one device (D1, D2, . . . , DM) to the domain identifier (Domain_ID), and binding the identification of at least one content item (C1, C2, . . . , CN2) to the Authorized Domain (AD) given by the domain identifier (Domain_ID), thereby obtaining a number of devices (D1, D2, . . . , DM) and a number of persons (P1, P2, . . . , PN1) that are authorized to access content items (C1, C2, . . . , CN2) of said Authorized Domain (AD), controlling access to the at least one content item (C1, C2, . . . , CN2) depending on an authorization certificate, by verifying that the identification of the at least one content item (C1, C2, . . . , CN2) and the identification of the at least one person (P1, P2, . . . , PN1) are linked to the same domain identifier (Domain_ID) or by verifying that the identification of the at least one device (D1, D2, . . . , DM) and the identification of the at least one content item (C1, C2, . . . , CN2) are linked to the same domain identifier (Domain_ID); wherein the authorization certificate includes the domain identifier (Domain_ID) in a holder field of the authorization certificate, and wherein the authorization certificate comprises rights data specifying rules, rights and conditions pertaining to access to certain content items for the at least one person in the domain or for every user in the domain and therefore creates or defines part of the Authorized Domain.
-
-
21. An Authorized Domain (AD), comprising:
-
at least one hardware processor; and means for obtaining a domain identifier (Domain_ID) uniquely identifying the Authorized Domain (AD), means for binding an identification of at least one person (P1, P2, . . . , PN1) to the domain identifier (Domain_ID) comprising obtaining or generating a domain users list (DUC) comprising the domain identifier and a unique identifier, means for binding an identification of at least one device (D1, D2, . . . , DM) to the domain identifier (Domain_ID), and means for binding an identification of at least one content item (C1, C2, . . . , CN2) to the Authorized Domain (AD) given by the domain identifier (Domain_ID), thereby obtaining a number of devices (D1, D2, . . . , DM) and a number of persons (P1, P2, . . . , PN1) that is authorized to access content items (C1, C2, . . . , CN2) of said Authorized Domain (AD), means for allowing access to the at least one content item (C1, C2, . . . , CN2) depending on an authorization certificate, by verifying that the identification of the at least one content item (C1, C2, . . . , CN2) and the identification of the at least one person (P1, P2, . . . , PN1) are linked to the same domain identifier (Domain_ID) or by verifying that the identification of the at least one device (D1, D2, . . . , DM) and the identification of the at least one content item (C1, C2, . . . , CN2) are linked to the same domain identifier (Domain_ID); wherein the authorization certificate includes the domain identifier (Domain_ID) in a holder field of the authorization certificate, and wherein the authorization certificate comprises rights data specifying rules, rights and conditions pertaining to access to certain content items for the at least one person in the domain or for every user in the domain and therefore creates or defines part of the domain.
-
-
22. A non-transitory computer readable media encoded with control instructions to control an Authorized Domain (AD) to operate a method comprising:
-
obtaining a domain identifier (Domain_ID) uniquely identifying the Authorized Domain (AD), binding an identification of at least one person (P1, P2, . . . , PN1) to the domain identifier (Domain_ID) comprising obtaining or generating a domain users list (DUC) comprising the domain identifier and a unique identifier, binding an identification of at least one device (D1, D2, . . . , DM) to the domain identifier (Domain_ID), and binding the identification of at least one content item (C1, C2, . . . , CN2) to the Authorized Domain (AD) given by the domain identifier (Domain_ID), thereby obtaining a number of devices (D1, D2, . . . , DM) and a number of persons (P1, P2, . . . , PN1) that are authorized to access content items (C1, C2, . . . , CN2) of said Authorized Domain (AD), controlling access to the at least one content item (C1, C2, . . . , CN2) depending on an authorization certificate, by verifying that the identification of the at least one content item (C1, C2, . . . , CN2) and the identification of the at least one person (P1, P2, . . . , PN1) are linked to the same domain identifier (Domain_ID) or by verifying that the identification of the at least one device (D1, D2, . . . , DM) and the identification of the at least one content item (C1, C2, . . . , CN2) are linked to the same domain identifier (Domain_ID); wherein the authorization certificate includes the domain identifier (Domain_ID) in a holder field of the authorization certificate, and wherein the authorization certificate comprises rights data specifying rules, rights and conditions pertaining to access to certain content items for the at least one person in the domain or for every user in the domain and therefore creates or defines part of the Authorized Domain.
-
Specification