Technique for securely communicating programming content
First Claim
1. A computer readable device having a storage medium and a hardware processor, the hardware processor configured to execute a plurality of instructions which are configured to, when executed:
- send to a module apparatus a request to record program content;
receive from the module apparatus a response to the request to record, the response comprising;
a data package comprising at least a version of a cryptographic element;
a rights file configured to define one or more transfer rights configured to control a device'"'"'s ability to provide the requested program content to other devices; and
an indicator that the device associated to the request to record is allowed to record the requested program content based at least in part on a plurality of rules; and
encrypt the program content with a second version of the cryptographic element derived from the data package;
store the encrypted program content in association with the data package;
register one or more display devices with the device based at least in part on a verification of data in a digital certificate provided by the one or more display devices;
receive a request to transfer the encrypted program content to the one or more display devices;
determine, before the encrypted content is transferred to the one or more display devices, whether an extent of security of the one or more display devices meets a certain one of the plurality of rules; and
based on the determination, transfer the encrypted program content to the one or more display devices.
1 Assignment
0 Petitions
Accused Products
Abstract
Technique for securely transferring programming content from a first device in a first layer to a second device in a second layer. Upon request to transfer protected content to the second device, the first device authenticates the second device. After authentication, the first device transfers the protected content and a rights file associated therewith to the second device. The rights file specifies the rights of the second device to use the protected content, according to its security level. These rights may concern, the number of times that the second device may subsequently transfer the protected content to other devices, the time period within which the second device may play the protected content, etc. The higher the security level of the second device is, the more rights accorded thereto. The second device may further need to meet a minimum security level in order for it to receive the protected content.
-
Citations
17 Claims
-
1. A computer readable device having a storage medium and a hardware processor, the hardware processor configured to execute a plurality of instructions which are configured to, when executed:
-
send to a module apparatus a request to record program content; receive from the module apparatus a response to the request to record, the response comprising; a data package comprising at least a version of a cryptographic element; a rights file configured to define one or more transfer rights configured to control a device'"'"'s ability to provide the requested program content to other devices; and an indicator that the device associated to the request to record is allowed to record the requested program content based at least in part on a plurality of rules; and encrypt the program content with a second version of the cryptographic element derived from the data package; store the encrypted program content in association with the data package; register one or more display devices with the device based at least in part on a verification of data in a digital certificate provided by the one or more display devices; receive a request to transfer the encrypted program content to the one or more display devices; determine, before the encrypted content is transferred to the one or more display devices, whether an extent of security of the one or more display devices meets a certain one of the plurality of rules; and based on the determination, transfer the encrypted program content to the one or more display devices. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for use in a device connectable to a module apparatus, the device having storage therein, the method comprising:
-
sending to the module apparatus a request to record a selected programming content; receiving from the module apparatus a response to the request, the response comprising; a data package containing at least an encrypted version of a first encryption key; and an indicator of a determination that the device is allowed to record the selected programming content, the determination based at least in part on a security measure associated with the selected programming content; based at least in part on the indicator of the determination, recording the selected programming content; encrypting the recorded programming content with a second encryption key, the second encryption key being derived from the encrypted version of the first encryption key contained within the data package; storing the encrypted programming content in association with the data package in the storage; authenticating one or more display devices registered with the device by verifying data in a digital certificate provided by individual ones of the one or more display devices; and based at least in part on said act of authenticating, making the encrypted programming content available to view on one or more display devices registered with the device. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. A device connectable to a module apparatus, the device comprising:
-
a processor which generates a request to record selected programming content; an interface which; transmits the request to the module apparatus; and receives, from the module apparatus, a response to the request, the response comprising a data package containing at least an encrypted version of a first encryption key, and a determination that the device is entitled to record the selected programming content based at least in part on at least one first security measure associated with the selected programming content, the selected programming content being recorded based on the determination; an encryption apparatus which causes the processing unit to encrypt the recorded programming content with a second encryption key, the second encryption key being derived from the encrypted version of the first encryption key contained within the data package; storage which stores the encrypted programming content in association with the data package therein; and logic which causes the interface to; authenticate the one or more second devices via verification of data in a digital certificate provided by individual ones of the one or more second devices; and transfer the recorded programming content to one or more second devices in communication therewith via at least one in band transmission channel of a hybrid fiber coaxial (HFC) network, only when it is determined that the first security measure meets a certain one of a plurality of rules. - View Dependent Claims (14, 15, 16, 17)
-
Specification