Method and system for unified mobile content protection
First Claim
1. A method for protecting media items delivered over the Internet to mobile devices wherein a license to each media item for a given mobile device is individualized to the given mobile device, the method including:
- engaging in a device registration process with a digital rights management (DRM) agent on a mobile device, the registration process including receiving device information encrypted with a secret domain key built-in to the device from the DRM agent and establishing a device-specific secure communications channel as well as a device-specific rights encryption key, the device-specific rights encryption key being shared with the mobile device and generated using the device information and the domain key;
receiving a media rights request from the DRM agent, the media rights request being encrypted with the domain key and being received via the device-specific secure communications channel; and
in response to the media rights request, generating a media rights object and returning it to the mobile device via the device-specific secure communications channel, the media rights object being encrypted with the device-specific rights encryption key and including media location information and a media decryption key, the media location information identifying a location in a content distribution network from which an encrypted media item is to be downloaded for playback, and the media decryption key being usable by the mobile device to decrypt the encrypted media item upon being downloaded by the mobile device.
3 Assignments
0 Petitions
Accused Products
Abstract
Media content is delivered to a variety of mobile devices in a protected manner based on client-server architecture with a symmetric (private-key) encryption scheme. A media preparation server (MPS) encrypts media content and publishes and stores it on a content delivery server (CDS), such as a server in a content distribution network (CDN). Client devices can freely obtain the media content from the CDS and can also freely distribute the media content further. They cannot, however, play the content without first obtaining a decryption key and license. Access to decryption keys is via a centralized rights manager, providing a desired level of DRM control.
-
Citations
29 Claims
-
1. A method for protecting media items delivered over the Internet to mobile devices wherein a license to each media item for a given mobile device is individualized to the given mobile device, the method including:
-
engaging in a device registration process with a digital rights management (DRM) agent on a mobile device, the registration process including receiving device information encrypted with a secret domain key built-in to the device from the DRM agent and establishing a device-specific secure communications channel as well as a device-specific rights encryption key, the device-specific rights encryption key being shared with the mobile device and generated using the device information and the domain key; receiving a media rights request from the DRM agent, the media rights request being encrypted with the domain key and being received via the device-specific secure communications channel; and in response to the media rights request, generating a media rights object and returning it to the mobile device via the device-specific secure communications channel, the media rights object being encrypted with the device-specific rights encryption key and including media location information and a media decryption key, the media location information identifying a location in a content distribution network from which an encrypted media item is to be downloaded for playback, and the media decryption key being usable by the mobile device to decrypt the encrypted media item upon being downloaded by the mobile device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A method for obtaining and playing protected content on a client device, comprising:
-
registering the client device by engaging in a device registration process with a digital rights management (DRM) server, the registration process including sending device identification information encrypted with a secret domain key built-in to the device to the DRM server and establishing a device-specific secure communications channel with the DRM server as well as a device-specific rights encryption key, the device-specific rights encryption key being shared with the DRM server and generated using the device information and the domain key; obtaining the license for use of the protected content by sending a media rights request to the DRM server via the device-specific secure communications channel and receiving a media rights object via the device-specific secure communications channel in response to the media rights request, the media rights request being encrypted with the domain key, the media rights object being encrypted with the device-specific rights encryption key and including media location information and a media decryption key, the media location information identifying a location in a content distribution network from which the protected content is to be downloaded for playback, and the media decryption key being usable by the mobile device to decrypt the encrypted media item upon being downloaded by the mobile device; decrypting the received media rights object using the device-specific rights encryption key to access the media location information and media decryption key; obtaining the protected content from the content distribution network using the media location information and decrypting the protected content using the media decryption key; and playing the decrypted content using a player of the client device. - View Dependent Claims (25, 26, 27, 28, 29)
-
Specification