Technique for securely communicating programming content
First Claim
1. A method for protecting data content within a trusted domain, comprising:
- receiving one or more protected data content from a device of a first domain that is outside of the trusted domain, the one or more protected data content associated with a minimum security level of compliance of the first domain that is outside of the trusted domain, where the first domain comprises a first multi-layered rights arrangement, and the trusted domain comprises a second multi-layered rights arrangement different from the first multi-layered rights arrangement of the first domain, the minimum security level of compliance comprising a set of rights selected from a plurality of sets of rights of the first multi-layered rights arrangement;
invoking a mutual authentication process, the mutual authentication process comprising registering with a trusted network entity, the trusted network entity being known commonly to (i) the device of the first domain that is outside of the trusted domain and (ii) a first device of the trusted domain;
causing a creation of a rights file indicating an extent of sharing permissions within the trusted domain, the causing the creation of the rights file being based at least on the minimum security level of compliance assigned to the device of the first domain that is outside of the trusted domain; and
responsive to receiving a request to transfer the one or more protected data content within the trusted domain;
verifying that the request to transfer the one or more protected data content complies with the extent of sharing permissions and with the minimum security level of compliance assigned to the device of the first domain; and
based at least on successful completion of the verifying, causing transmitting of the one or more protected data content;
wherein all devices of the trusted domain are configured to enable consumption of the one or more protected data content within the extent of sharing permissions.
1 Assignment
0 Petitions
Accused Products
Abstract
A technique for securely transferring content from a first device in a first layer to a second device in a second layer. In one embodiment, the first device is a device in a trusted domain and the second device is outside of the trusted domain. Transfer of protected content to another device may require authentication of the receiving device. A rights file which specifies the rights of the receiving device to use the protected content, according to its security level is also transferred. These rights may concern, e.g., the number of times the receiving device may transfer the protected content to other devices, the time period within which the receiving device may play the protected content, etc. The higher the security level of the receiving device, the more rights accorded thereto. A minimum security level requirement may be imposed in order for protected content to be transferred to a device.
-
Citations
23 Claims
-
1. A method for protecting data content within a trusted domain, comprising:
-
receiving one or more protected data content from a device of a first domain that is outside of the trusted domain, the one or more protected data content associated with a minimum security level of compliance of the first domain that is outside of the trusted domain, where the first domain comprises a first multi-layered rights arrangement, and the trusted domain comprises a second multi-layered rights arrangement different from the first multi-layered rights arrangement of the first domain, the minimum security level of compliance comprising a set of rights selected from a plurality of sets of rights of the first multi-layered rights arrangement; invoking a mutual authentication process, the mutual authentication process comprising registering with a trusted network entity, the trusted network entity being known commonly to (i) the device of the first domain that is outside of the trusted domain and (ii) a first device of the trusted domain; causing a creation of a rights file indicating an extent of sharing permissions within the trusted domain, the causing the creation of the rights file being based at least on the minimum security level of compliance assigned to the device of the first domain that is outside of the trusted domain; and responsive to receiving a request to transfer the one or more protected data content within the trusted domain; verifying that the request to transfer the one or more protected data content complies with the extent of sharing permissions and with the minimum security level of compliance assigned to the device of the first domain; and based at least on successful completion of the verifying, causing transmitting of the one or more protected data content; wherein all devices of the trusted domain are configured to enable consumption of the one or more protected data content within the extent of sharing permissions. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A device configured to protect data content within a trusted domain, comprising:
-
a first interface in data communication with a first domain outside of the trusted domain; a trusted interface in data communication with the trusted domain; a processor apparatus in data communication with the first interface and the trusted interface; and a non-transitory computer readable medium in data communication with the processor apparatus and comprising at least one computer program having one or more instructions which, when executed by the processor apparatus, cause the device to; receive one or more protected data content from a client device of the first domain outside of the trusted domain, the one or more protected data content associated with a minimum security level of compliance, the minimum security level of compliance comprising prescribed one or more rights of a plurality of rights, where only the prescribed one or more rights is supported on the client device of the first domain outside of the trusted domain; invoke a mutual authorization process, the mutual authorization process comprising a registration of the device with a trusted network entity, the trusted network entity being known commonly to (i) the device and (ii) the client device of the first domain outside of the trusted domain; and cause the creation of a rights file indicating an extent of sharing permissions within the trusted domain, the causing of the creation of the rights file being based at least on the minimum security level of compliance supported on the client device of the first domain outside of the trusted domain; wherein the prescribed one or more rights supported on the client device are determined by the rights file indicating the extent of sharing permissions. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium having at least one computer program comprising a plurality of instructions stored therein, the plurality of instructions being configured to, when executed by a processor apparatus, cause a first computerized device to:
-
receive protected data content from a second computerized device, the second computerized device being disposed in an outside domain that is not within a trusted domain, the protected data content being associated with a minimum security level of compliance of the outside domain, where the outside domain comprises a first multi-layered rights arrangement, and the trusted domain comprises a second multi-layered rights arrangement different from the first multi-layered rights arrangement of the first domain, the minimum security level of compliance comprising a set of rights selected from a plurality of sets of rights of the first multi-layered rights arrangement; invoke a mutual authorization process, the mutual authorization process comprising a registration of the first computerized device with a computerized trusted network entity, the computerized trusted network entity being known commonly to (i) the first computerized device and (ii) the second computerized device operative within the outside domain; cause a creation of a rights data file indicating an extent of sharing permissions within the trusted domain, where the causation of the creation of the rights data file is based at least on the minimum security level of compliance assigned to the second computerized device of the outside domain; and based on receipt of a request to transfer the protected data content within the trusted domain; verify that the request to transfer the one or more protected data content complies with the extent of sharing permissions and with the minimum security level of compliance assigned to the second computerized device of the outside domain; and based at least on successful verification, cause transmission of the protected data content; wherein all computerized devices of the trusted domain are configured to enable consumption of the protected data content within the extent of sharing permissions. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
Specification