Methods and apparatus for premises content distribution
First Claim
1. A computerized method for sharing protected digitally rendered content within an ad hoc network, comprising:
- establishing a communication channel between first and second computerized devices, at least the first and second computerized devices forming the ad hoc network when the communication channel is established, the establishing comprises causing the first and second computerized devices to be placed in data communication via a wireless interface, such that the first computerized device performs a first role and the second computerized device performs a second role with respect to the communication channel, the first and second roles each comprising one or more asymmetric data communication capabilities with respect to the other;
causing authentication of the first computerized device to the second computerized device;
enabling a user of the first computerized device to browse protected digitally rendered content stored on the second computerized device based at least in part on the authentication; and
causing transfer of at least a portion of the protected digitally rendered content from the second computerized device to the first computerized device based at least in part on;
(i) the authentication, and (ii) a request for at least the portion of the protected digitally rendered content issued by the first computerized device to the second computerized device;
wherein;
the first role comprises a premises server device, and the second role comprises a premises renderer device; and
the causing authentication comprises the premises server device determining authorization rights of the premises renderer device to access at least the portion of the protected digitally rendered content.
3 Assignments
0 Petitions
Accused Products
Abstract
Apparatus and methods for protected content access, browsing and transfer over a network. In one embodiment, the network comprises a premises (e.g., residential) Local Area Network (LAN), and the apparatus comprises a server and renderer consumer premise equipment (CPE). The renderer CPE scans the network to search for a server CPE that implements a compatible security framework. The renderer authenticates itself with the server, and the server allows content browsing and selection access only to an authorized and authenticated renderer. A negotiation and exchange protocol comprises messages exchanged between the renderer and the server that include one or more of device identification, encryption key exchange, digital certificates and information regarding security package used by each CPE.
391 Citations
18 Claims
-
1. A computerized method for sharing protected digitally rendered content within an ad hoc network, comprising:
-
establishing a communication channel between first and second computerized devices, at least the first and second computerized devices forming the ad hoc network when the communication channel is established, the establishing comprises causing the first and second computerized devices to be placed in data communication via a wireless interface, such that the first computerized device performs a first role and the second computerized device performs a second role with respect to the communication channel, the first and second roles each comprising one or more asymmetric data communication capabilities with respect to the other; causing authentication of the first computerized device to the second computerized device; enabling a user of the first computerized device to browse protected digitally rendered content stored on the second computerized device based at least in part on the authentication; and causing transfer of at least a portion of the protected digitally rendered content from the second computerized device to the first computerized device based at least in part on;
(i) the authentication, and (ii) a request for at least the portion of the protected digitally rendered content issued by the first computerized device to the second computerized device;wherein; the first role comprises a premises server device, and the second role comprises a premises renderer device; and the causing authentication comprises the premises server device determining authorization rights of the premises renderer device to access at least the portion of the protected digitally rendered content. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. Computerized network apparatus configured for enablement of two or more computerized client devices associated with a network to share protected digitally rendered content therebetween, the computerized network apparatus comprising:
-
at least one client application computer program operative to run on the two or more computerized client devices, respectively, and communicate respective security capability information therebetween; and computerized server apparatus comprising;
processor apparatus;network interface apparatus in data communication with the processor apparatus; and
storage apparatus in data communication with the processor apparatus, the storage apparatus comprising at least one computer program configured to, when executed on the processor apparatus;selectively provide access to a first one of the two or more computerized client devices to browse the protected digitally rendered content; enable transfer of the protected digitally rendered content to a protected domain associated with a user of the at least one of the two or more computerized client devices; and configure the protected domain such that; a second one of the two or more computerized client devices can authenticate the first one of the two or more computerized client devices via communication with the protected domain; the second one of the two or more computerized client devices can determine the security capabilities of the first one of the two or more computerized client devices via communication with the protected domain; and
the second one of the two or more computerized client devices can selectively transfer the protected digitally rendered content to the first one of the two or more computerized client devices when;
(i) the first one of the two or more computerized client devices is authenticated, and (ii) the security capabilities of the first one of the two or more computerized client devices meet one or more prescribed criterion to maintain protection of the protected digitally rendered content;wherein the protected domain comprises one of;
(i) a Trusted Domain (TD), and an Authorized Service Domain (ASD). - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. Computer readable apparatus comprising a non-transitory storage medium, the non-transitory medium comprising at least one computer program having a plurality of instructions configured to, when executed on a processing apparatus of a first computerized user device:
-
receive protected digitally rendered content over an interface of the first computerized user device that is in data communication with a computerized digital content provision entity of a managed content distribution network; cause storage of the protected digitally rendered content at a storage apparatus of the first computerized user device; cause authentication of a second computerized user device in communication with a premises network when the second computerized user device requests access to the stored digitally rendered content from the first computerized user device; enable the second computerized user device to browse the stored digitally rendered content; receive data representative of a request for transmission of at least a portion of the stored digitally rendered content; cause transmission of the at least portion of the stored digitally rendered content to the second computerized user device in accordance with at least one content protection scheme; and select a secure image based at least in part on a communication received from the second computerized user device, the secure image configured to manage the at least one content protection scheme, the at least one content protection scheme comprising at least one of;
(i) Trusted Domain (TD) policies or configuration, and (ii) Authorized Service Domain (ASD) policies or configuration. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification