Digital rights management system transfer of content and distribution

US 9,424,400 B1
Filed: 12/15/2014
Issued: 08/23/2016
Est. Priority Date: 04/10/2012
Status: Active Grant

- Alert
- Pin

First Claim

Patent Images

1. A kiosk for provisioning secure media content to a plurality of portable data storage devices, the kiosk comprising:

a first data interface configured to communicate with a portable data storage device;

a second data interface configured to communicate, over a network, with a remote trusted server; and

a processor configured to;

obtain a unique identifier from the portable data storage device, wherein the unique identifier is specific to the portable data storage device and is concealed by the portable data storage device;

authenticate the portable data storage device, using at least the unique identifier, by communicating with the remote trusted server over the second data interface; and

in response to the authentication, provide to the portable data storage device an encrypted first media content and a corresponding access key.

View all claims

10 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

The present invention relates to digital rights management (DRM) for content that may be downloaded and securely transferred from one storage to another storage. The storage may be a disk drive, or network attached storage. The storage performs cryptographic operations and provides a root of trust. The DRM system enables secure copying or transfer of content from one storage device to another storage device. In this embodiment, a trusted server that is authenticated and trusted by both storage devices brokers the transfer of content. The trusted server may be a separate entity of the DRM system or may be a component or function of an existing server of the DRM system. In another embodiment, the storage devices may transfer content in a peer-to-peer fashion. The transfer of content may be authorized and controlled based on a digital certificate associated with the content.

Citations

17 Claims

1. A kiosk for provisioning secure media content to a plurality of portable data storage devices, the kiosk comprising:
- a first data interface configured to communicate with a portable data storage device;
  
  a second data interface configured to communicate, over a network, with a remote trusted server; and
  
  a processor configured to;
  
  obtain a unique identifier from the portable data storage device, wherein the unique identifier is specific to the portable data storage device and is concealed by the portable data storage device;
  
  authenticate the portable data storage device, using at least the unique identifier, by communicating with the remote trusted server over the second data interface; and
  
  in response to the authentication, provide to the portable data storage device an encrypted first media content and a corresponding access key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The kiosk of claim 1, further comprising a local data storage storing a plurality of encrypted media content.
  - 3. The kiosk of claim 2, further comprising a user interface for receiving a selection of the first media content from the local data storage, wherein the selection causes the kiosk to provide the encrypted first media content to the portable data storage device.
  - 4. The kiosk of claim 1, wherein the portable data storage device comprises:
    - a user area for storing the encrypted first media content that is accessible by a playback device; and
      
      a non-user area for storing cryptographic data that is not accessible by the playback device.
  - 5. The kiosk of claim 1, wherein the first data interface is a USB interface.
  - 6. The kiosk of claim 1, wherein the second data interface is a network interface.
  - 7. The kiosk of claim 1, wherein the access key is an ephemeral key that is not stored on the kiosk after being generated.
  - 8. The kiosk of claim 1, wherein the kiosk is located in a public environment.

9. A method for provisioning secure media content to a plurality of portable data storage devices from a kiosk, the method comprising:
- establishing communications with a portable data storage device over a first data interface;
  
  establishing communications with a remote trusted server via a second data interface over a network;
  
  obtaining a unique identifier from the portable data storage device, wherein the unique identifier is specific to the portable data storage device and is concealed by the portable data storage device;
  
  authenticating the portable data storage device, using at least the unique identifier, by communicating with the remote trusted server over the second data interface; and
  
  in response to the authentication, providing to the portable data storage device an encrypted first media content and a corresponding access key.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The method of claim 9, wherein the kiosk comprises a local data storage storing a plurality of encrypted media content.
  - 11. The method of claim 10, further comprising:
    - receiving, on a user interface, a selection of the first media content from the local data storage; and
      
      in response to the selection, providing the encrypted first media content to the portable data storage device.
  - 12. The method of claim 9, wherein the first data interface is a USB interface.
  - 13. The method of claim 9, wherein the second data interface is a network interface.
  - 14. The method of claim 9, wherein the access key is an ephemeral key that is not stored on the kiosk after being generated.
  - 15. The method of claim 9, further comprising authorizing copying of the content based on at least one of a digital certificate or a permission specified in secure metadata of the content.
  - 16. The method of claim 9, further comprising encrypting a digital certificate and storing the encrypted digital certificate in a secure area of the portable data storage device.
  - 17. The method of claim 9, wherein the kiosk is located in a public environment.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Sandisk Technologies Incorporated (Western Digital Corporation)
Original Assignee
Western Digital Technologies Incorporated (Western Digital Corporation)
Inventors
Blankenbeckler, David L., Ybarra, Danny O., Hesselink, Lambertus
Primary Examiner(s)
HOFFMAN, BRANDON S

Application Number

US14/571,178
Time in Patent Office

617 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04L 2209/603   Digital right managament [DRM]

H04L 9/006   involving public key infras...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/321   involving a third party or ...

Digital rights management system transfer of content and distribution

First Claim

10 Assignments

Litigations

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Digital rights management system transfer of content and distribution

First Claim

10 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links