Methods and apparatus for premises content distribution

US 9,742,768 B2
Filed: 05/19/2014
Issued: 08/22/2017
Est. Priority Date: 11/01/2006
Status: Active Grant

First Claim

Patent Images

1. Content rendering apparatus configured for data communication with a content providing device over a premises network, said rendering apparatus comprising:

an authentication apparatus configured to facilitate authentication of said content rendering apparatus with said content providing device, said authentication comprising an exchange of messages between said content rendering apparatus and said content providing device, said exchange of said messages configured for identification of a common security framework;

a content selection apparatus configured to enable a user of said content rendering apparatus to browse and select one or more items of digital content associated with said content providing device for transmission to said content rendering apparatus; and

an adapted hardware data interface configured to allow said content rendering apparatus to receive data when a communications link has been established between said content rendering apparatus and said content providing device;

wherein said transmission of said one or more items of digital content to said content rendering apparatus is performed over said adapted hardware data interface; and

wherein said common security framework comprises at least one of;

(i) a trusted domain (TD), and/or (ii) an Authorized Service Domain (ASD).

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus and methods for protected content access, browsing and transfer over a network. In one embodiment, the network comprises a premises (e.g., residential) Local Area Network (LAN), and the apparatus comprises a server and renderer consumer premise equipment (CPE). The renderer CPE scans the network to search for a server CPE that implements a compatible security framework. The renderer authenticates itself with the server, and the server allows content browsing and selection access only to an authorized and authenticated renderer. A negotiation and exchange protocol comprises messages exchanged between the renderer and the server that include one or more of device identification, encryption key exchange, digital certificates and information regarding security package used by each CPE.

390 Citations

18 Claims

1. Content rendering apparatus configured for data communication with a content providing device over a premises network, said rendering apparatus comprising:
- an authentication apparatus configured to facilitate authentication of said content rendering apparatus with said content providing device, said authentication comprising an exchange of messages between said content rendering apparatus and said content providing device, said exchange of said messages configured for identification of a common security framework;
  
  a content selection apparatus configured to enable a user of said content rendering apparatus to browse and select one or more items of digital content associated with said content providing device for transmission to said content rendering apparatus; and
  
  an adapted hardware data interface configured to allow said content rendering apparatus to receive data when a communications link has been established between said content rendering apparatus and said content providing device;
  
  wherein said transmission of said one or more items of digital content to said content rendering apparatus is performed over said adapted hardware data interface; and
  
  wherein said common security framework comprises at least one of;
  
  (i) a trusted domain (TD), and/or (ii) an Authorized Service Domain (ASD).
- View Dependent Claims (2, 3, 4)
- - 2. The rendering apparatus of claim 1, further comprising scanning apparatus, said scanning apparatus configured to locate one or more content servers on said premises network.
  - 3. The rendering apparatus of claim 1, further comprising a software security architecture configured to protect at least portions of said one or more items of digital content after transmission thereof to said content rendering apparatus from said content providing device.
  - 4. The rendering apparatus of claim 3, wherein said one or more items of digital content are encrypted before said transmission thereof to said content rendering apparatus, and said software security architecture comprises at least one decryption algorithm and at least a portion of a public-private key pair used to decrypt said digital content.

5. A method of transferring protected content between a first media rendering device and a second media rendering device, said method comprising:
- authenticating at least one of said first media rendering device or said second media rendering device, said authenticating comprising utilizing a message exchange protocol to identify security capabilities of at least one of said first media rendering device or said second media rendering device, said message exchange protocol establishing a common security framework for maintaining protection of protected digital content;
  
  providing access to at least one of said first media rendering device or said second media rendering device for browsing said protected digital content; and
  
  transferring at least a portion of said protected digital content from at least one of said first media rendering device or said second media rendering device to one or more other media rendering devices including one of said first media rendering device or said second media rendering device;
  
  wherein said common security framework comprises at least one of;
  
  (i) a trusted domain (TD), and/or (ii) an Authorized Service Domain (ASD).
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 18)
- - 6. The method of claim 5, further comprising establishing an ad hoc communication channel between at least said first media rendering device and said second media rendering device, said first media rendering device and said second media rendering device forming at least a portion of a network when said communication channel is established.
  - 7. The method of claim 6, wherein said establishing said ad hoc communication channel comprises causing said first media rendering device and said second media rendering device to be placed in data communication via at least a plug-and-play data interface.
  - 8. The method of claim 6, wherein said establishing said ad hoc communication channel comprises causing said first media rendering device and said second media rendering device to be placed in data communication via a wireless interface such that one of said first media rendering device or said second media rendering device assumes a first role and another one of said first media rendering device or said second media rendering device assumes a second role with respect to said communication channel.
  - 9. The method of claim 8, wherein said first role comprises an access point (AP), and said second role comprises a station (STA), said AP providing data connectivity to at least one entity other than said STA.
  - 10. The method of claim 8, wherein said first role comprises a premises server device, and said second role comprises a premises renderer device, and said authenticating comprises said premises server device determining authorization rights of said premises renderer device to access at least said portion of said protected content.
  - 11. The method of claim 6, wherein at least one of said first media rendering device or said second media rendering device is in data communication with a cable television network, and said authenticating is performed based at least in part on information obtained from said cable television network.
  - 12. The method of claim 6, wherein said authenticating is performed by a same one of said first media rendering device or said second media rendering device which performs said providing access to at least one of said first media rendering device or said second media rendering device for browsing said protected digital content.
  - 13. The method of claim 6, wherein said authenticating is performed independent of an external authentication entity.
  - 14. The method of claim 6, further comprising transferring security capabilities information between said first media rendering device and said second media rendering device.
  - 18. The method of claim 13, wherein said capabilities comprise information relating to at least one of:
    - (i) a public-private key pair, and (ii) an encryption algorithm.

15. A method of transferring protected content between a first media rendering device and a second media rendering device, said method comprising:
- discovering, by said first media rendering device, said second media rendering device;
  
  querying, by said first media rendering device, capabilities associated with a security framework implemented on said second media rendering device;
  
  in response to an advertisement of said capabilities by said second media rendering device, determining whether said first media rendering device is capable of interoperating with said capabilities of said first media rendering device;
  
  based at least in part on a determination that said first media rendering device is capable of interoperating with said second media rendering device, requesting, by said first media rendering device, authentication from said second media rendering device;
  
  based at least in part on said authentication being verified by said second media rendering device, establishing a common security framework between said first media rendering device and said second media rendering device, said common security framework configured to maintain protection of said protected content and comprising at least one of;
  
  (i) a trusted domain (TD), and/or (ii) an Authorized Service Domain (ASD); and
  
  receiving said protected content from said second media rendering device.
- View Dependent Claims (16, 17)
- - 16. The method of claim 15, wherein said first and second media rendering devices are in communication with a premises network, said premises network in communication with a cable television network, and said verifying comprises determining whether said first media rendering device can be granted access to said protected content based at least in part on a conditional access scheme.
  - 17. The method of claim 15, further comprising permitting access by said first media rendering device to descriptive information relating to said protected content stored on said second media rendering device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Time Warner Cable Enterprises LLC (Charter Communications Incorporated)
Original Assignee
Time Warner Cable Enterprises LLC (Charter Communications Incorporated)
Inventors
Cholas, Chris, Helms, William L., Carlucci, John B., Markley, Jeffrey P.
Primary Examiner(s)
Rahman, Mahfuzur
Assistant Examiner(s)
Victoria, Narciso

Application Number

US14/281,759
Publication Number

US 20140344897A1
Time in Patent Office

1,191 Days
Field of Search

726 29, 726 4
US Class Current
CPC Class Codes

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 67/06   specially adapted for file ...

H04L 67/51   Discovery or management the...

Methods and apparatus for premises content distribution

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

390 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and apparatus for premises content distribution

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

390 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links