Method for offline DRM authentication and a system thereof

US 9,906,509 B2
Filed: 11/12/2008
Issued: 02/27/2018
Est. Priority Date: 01/16/2008
Status: Active Grant

First Claim

Patent Images

1. A method for offline DRM authentication, wherein the method comprises:

encrypting, by a content provider, a data file with a DRM encryption standard, wherein the data file is delivered to a local computer;

storing, by the content provider, internal information into a third party authentication device in the form of hardware before distributing the third party authentication device to a user, wherein the internal information includes a seed ID, a key, a public key, a key ID, a public key ID, developer information and/or a certificate name;

distributing the third party authentication device to the user;

connecting the third party authentication device to the local computer;

performing offline DRM authentication between the local computer and the third party authentication device after the third party authentication device is delivered to the user, wherein the third party authentication device enables the user to use the data file encrypted with the DRM encryption standard and stored on the local computer without a network connection, wherein performing offline DRM authentication includes;

1) determining, by the local computer connected with the third party authentication device, whether a copyright license for reading the data file is requested by a software program operating on the local computer and includes a seed ID, a public key ID, a contents ID, a properties and/or address, and if so, sending a license request to the third party authentication device, wherein the license request is generated from the data file, and the license request comprises the seed ID, the public key ID, the contents ID, the properties and/or the address;

2) offline verifying, by the third party authentication device, a legitimacy of the license request by decrypting the license request using a pre-stored decryption algorithm inside the third party authentication device, and by comparing information from the decrypted license request with the internal information stored in the third party authentication device after the third party authentication device receives the license request sent from the software program; and

returning a license information to the local computer by the third party authentication device; and

3) analyzing the license information received from the third party authentication device by the local computer and generating a corresponding copyright license based on the license information by the local computer, decrypting the data file which is encrypted with the DRM encryption standard by using a key of the copyright license, opening the data file and responding to an operation of a user by the software program;

wherein the third party authentication device is external to the local computer and the content provider.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for offline DRM authentication and a system thereof relates to the information security field. In order to solve the problem that a license must be requested from the server in the process of DRM authentication, the invention provides a method for offline DRM authentication, in which, the method comprises: a content provider encrypts the data file with DRM standard and stores the internal information in an authentication device, the authentication device is connected to the local computer, the software program on the local computer opens and reads the data file. A system for offline DRM authentication, in which, the system comprises an authentication device, a client PC and content provider side, the authentication device comprises the DRM service module and authentication communication module. Compared with the prior art, the present invention allows the user to use the DRM protected information without a network connection.

Citations

15 Claims

1. A method for offline DRM authentication, wherein the method comprises:
- encrypting, by a content provider, a data file with a DRM encryption standard, wherein the data file is delivered to a local computer;
  
  storing, by the content provider, internal information into a third party authentication device in the form of hardware before distributing the third party authentication device to a user, wherein the internal information includes a seed ID, a key, a public key, a key ID, a public key ID, developer information and/or a certificate name;
  
  distributing the third party authentication device to the user;
  
  connecting the third party authentication device to the local computer;
  
  performing offline DRM authentication between the local computer and the third party authentication device after the third party authentication device is delivered to the user, wherein the third party authentication device enables the user to use the data file encrypted with the DRM encryption standard and stored on the local computer without a network connection, wherein performing offline DRM authentication includes;
  
  1) determining, by the local computer connected with the third party authentication device, whether a copyright license for reading the data file is requested by a software program operating on the local computer and includes a seed ID, a public key ID, a contents ID, a properties and/or address, and if so, sending a license request to the third party authentication device, wherein the license request is generated from the data file, and the license request comprises the seed ID, the public key ID, the contents ID, the properties and/or the address;
  
  2) offline verifying, by the third party authentication device, a legitimacy of the license request by decrypting the license request using a pre-stored decryption algorithm inside the third party authentication device, and by comparing information from the decrypted license request with the internal information stored in the third party authentication device after the third party authentication device receives the license request sent from the software program; and
  
  returning a license information to the local computer by the third party authentication device; and
  
  3) analyzing the license information received from the third party authentication device by the local computer and generating a corresponding copyright license based on the license information by the local computer, decrypting the data file which is encrypted with the DRM encryption standard by using a key of the copyright license, opening the data file and responding to an operation of a user by the software program;
  
  wherein the third party authentication device is external to the local computer and the content provider.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein a Microsoft DRM authentication is supported by the software program.
  - 3. The method of claim 1, wherein the step 1) comprises:
    - searching for the copyright license of the data file by the software program of the local computer, and if the copyright license is found, decrypting the data file which is encrypted with the DRM encryption standard by the software program by using of the key of the copyright license and opening the data file;
      
      otherwise, sending a license request to the third party authentication device via a service program which is preinstalled on the local computer by the software program;
      
      the step
      
      3) of analyzing the license information returned from the third party authentication device and generating the corresponding copyright license by the local computer comprises;
      
      analyzing the license information returned from the third party authentication device to generate the corresponding copyright license by the service program supporting the HTTP protocol.
  - 4. The method of claim 3, wherein searching for the copyright license of the data file by the software program of the local computer comprises:
    - searching for a backup copyright license saved in the process of the former request for the copyright license on the disk of the local computer by the software program.
  - 5. The method of claim 3, wherein the method further comprises:
    - after the copyright license is found by the software program, connecting the software program to the third party authentication device to verify the legitimacy of the copyright license via the service program, and if legitimate, decrypting the data file which is encrypted with the DRM encryption standard by the software program by using the key of the copyright license and opening the data file;
      
      otherwise, returning an error message.
  - 6. The method of claim 1, wherein the step 1) comprises:
    - reading information of the data file by the software program to determine whether the data file is encrypted, and if the data file is not encrypted with the DRM encryption standard, opening the data file normally by the software program, otherwise, sending the license request to the third party authentication device directly by the software program;
      
      the step
      
      3) of analyzing the license information returned from the third party authentication device and generating the corresponding copyright license by the local computer comprises;
      
      analyzing the license information returned from the third party authentication device directly by the software program on the local computer to generate the corresponding copyright license.
  - 7. The method of claim 1, wherein the license information includes a key, a right, client information, a priority and/or a certificate.
  - 8. The method of claim 1, wherein the third party authentication device is a USB key.

9. A system for offline DRM authentication, wherein the system comprises:
- a third party authentication device in the form of hardware that is distributed to a user, a content provider computing device and a client PC with a preinstalled software program, wherein the third party authentication device is connectable to the client PC and enables a user to use DRM protected content without a network connection, the third party authentication device is external to the local computer and the content provider;
  
  the content provider computing device is adapted to encrypt a data file with a DRM encryption standard and store internal information into the third party authentication device before distributing the third party authentication device to the user, wherein the data file is delivered to the client PC,the client PC with the preinstalled software program opens and reads the data file which is encrypted with the DRM encryption standard and provided by the content provider computing device after the third party authentication device is connected to the client PC and verifies that an offline license request from a software program on the client PC is legitimate according to the internal information pre-stored in the third party authentication device, wherein the internal information includes a seed ID, a key, a public key, a key ID, a public key ID, developer information and/or a certificate namewherein, the client PC comprises;
  
  a determination module adapted to determine whether a copyright license for the data file is requested, the copyright license including a seed ID, a public key ID, a contents ID, a properties and/or address, wherein the software program sends the license request to the third party authentication device, wherein the license request is generated from the data file, and the license request comprises the seed ID, the public key ID, the contents ID, the properties and/or the address;
  
  a communication module, which is adapted to receive an encrypted data file sent from an encryption module and license information sent from the third party authentication device; and
  
  an analysis module adapted to analyze the license information received by the communication module and generate the corresponding copyright license based on the license information, decrypt the data file encrypted with the DRM encryption standard by using the copyright license and open the data file, and respond to an operation of a user as well;
  
  the third party authentication device comprises;
  
  a DRM service module adapted to offline verify legitimacy of the license request, after the license request is received by the third party authentication device, by decrypting the license request using a pre-stored decryption algorithm inside the third party authentication device, and by comparing information from the decrypted license request with the internal information pre-stored in the third party authentication device, wherein the DRM service module returns the license information to the client PC for a legitimate license request; and
  
  an authentication communication module adapted to connect the client PC to the third party authentication device and receive the license request sent from the determination module; and
  
  the content provider computing device comprises;
  
  an encryption module adapted to encrypt the data file with the DRM encryption standard and send the encrypted data file to the client PC; and
  
  a storage module adapted to store the internal information into the third party authentication device.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The system of claim 9, wherein the determination module is a copyright license determination module, which is adapted to determine whether the data file has the copyright license by the software program, and if so, the software program decrypts the data file which is encrypted with the DRM encryption standard by using a key of the copyright license and opens the data file;
    - otherwise, the software program sends the license request to a service program preinstalled on the client PC and requests for the copyright license again;
      
      the analysis module is a service program analysis module, which is adapted to send the license request to the third party authentication device when the service program preinstalled on the client PC receives the license request sent from the copyright license determination module, and analyze the license information returned from the third party authentication device to generate the corresponding copyright license, the software program decrypts the data file encrypted with the DRM encryption standard by using the key of the copyright license, opens the data file and responds to the operation of the user as well.
  - 11. The system of claim 10, wherein the DRM service module is adapted to store key data comprising a digital certificate, a key and/or private data of a user.
  - 12. The system of claim 10, wherein the DRM service module is also adapted to store a user program which writes and calls an algorithm customized by the user.
  - 13. The system of claim 10, wherein the service program preinstalled on the client PC in the program service analysis module is capable of receiving a request of HTTP protocol, accessing the third party authentication device and generating license information.
  - 14. The system of claim 9, wherein the determination module is an encryption determination module, which is adapted to determine whether the data file is encrypted with the DRM encryption standard, and if so, the software program sends the license request to the analysis module;
    - otherwise, the software program opens the data file which is not encrypted with the DRM encryption standard;
      
      the analysis module is a software sending and analysis module, which is adapted to send the license request to the third party authentication device directly when it receives the license request sent from the encryption determination module, and analyze the license information returned from the third party authentication device to generate the corresponding copyright license, the software program decrypts the data file encrypted with the DRM encryption standard by using the key of the copyright license and opens it and responds to the operation of the user as well.
  - 15. The system of claim 9, wherein the third party authentication device is a USB key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Feitian Technologies Company Limited
Original Assignee
Feitian Technologies Company Limited
Inventors
Lu, Zhou, Yu, Hua Zhang
Primary Examiner(s)
Siddiqi, Mohammad A

Application Number

US12/269,701
Publication Number

US 20090183001A1
Time in Patent Office

3,394 Days
Field of Search

713168, 726 27
US Class Current
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04L 2463/101   applying security measures ...

H04L 63/08   for authentication of entit...

Method for offline DRM authentication and a system thereof

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Method for offline DRM authentication and a system thereof

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links