METHOD AND APPARATUS FOR POLICY-BASED CONTENT SHARING IN A PEER TO PEER MANNER USING A HARDWARE BASED ROOT OF TRUST
First Claim
1. A method of securely sharing content between a first client computing system and a second client computing system, comprising:
- establishing a hardware-based root of trust between the first client computing system and a service provider server,receiving from the service provider server, by the first client computing system, content requested by a user and an encrypted license blob associated with the content;
connecting a first sharing agent on the first client computing system with a second sharing agent on the second client computing system;
sending the encrypted license blob and a sub-license request from the first sharing agent to a first security processor on the first client computing system;
decrypting the encrypted license blob by the first security processor, validating the sub-license request, and if allowed, creating a sub-license to allow the second client computing system to play the content;
sending the sub-license by the first security processor to a second security processor on the second client computing system; and
providing, by the first client computing system, access to the content to the second client computing system.
1 Assignment
0 Petitions
Accused Products
Abstract
Securely sharing content between a first system and a second system is provided. A hardware-based root of trust is established between the first system and a server. Content requested by a user and an encrypted license blob associated with the content is received by the first system from the server. A first agent on the first system connects with a second agent on the second system. The encrypted license blob and a sub-license request are sent from the first agent to a security processor on the first system. The first security processor decrypts the encrypted license blob, validates the sub-license request, and if allowed, creates a sub-license to allow the second system to play the content. The first security processor sends the sub-license to a security processor on the second system. The first system provides access to the content to the second system for future playback according to the sub-license.
64 Citations
21 Claims
-
1. A method of securely sharing content between a first client computing system and a second client computing system, comprising:
-
establishing a hardware-based root of trust between the first client computing system and a service provider server, receiving from the service provider server, by the first client computing system, content requested by a user and an encrypted license blob associated with the content; connecting a first sharing agent on the first client computing system with a second sharing agent on the second client computing system; sending the encrypted license blob and a sub-license request from the first sharing agent to a first security processor on the first client computing system; decrypting the encrypted license blob by the first security processor, validating the sub-license request, and if allowed, creating a sub-license to allow the second client computing system to play the content; sending the sub-license by the first security processor to a second security processor on the second client computing system; and providing, by the first client computing system, access to the content to the second client computing system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A first client computing system for securely sharing content with a second client computing system comprising:
-
a first component to establish a hardware-based root of trust between the first client computing system and a service provider server, and to receive from the service provider server content requested by a user and an encrypted license blob associated with the content; a first security processor; and a first sharing agent to connect with a second sharing agent on the second client computing system, and to send the encrypted license blob and a sub-license request to the first security processor; wherein the first security processor is to decrypt the encrypted license blob, validate the sub-license request, and if allowed, create a sub-license to allow the second client computing system to play the content, and to send the sub-license to a second security processor on the second client computing system; and wherein the first component is to provide access to the content to the second client computing system. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A computer-readable storage medium comprising one or more instructions that when executed by a processor of a first client computing system configures the client computing system to securely share content with a second client computing system by
establishing a hardware-based root of trust between the first client computing system and a service provider server, receiving from the service provider server content requested by a user and an encrypted license blob associated with the content; -
connecting a first sharing agent on the first client computing system with a second sharing agent on the second client computing system; sending the encrypted license blob and a sub-license request from the first sharing agent to a first security processor on the first client computing system; causing the decrypting of the encrypted license blob by the first security processor, validating the sub-license request, and if allowed, creating a sub-license to allow the second client computing system to play the content, and causing the sending of the sub-license by the first security processor to a second security processor on the second client computing system; and providing access to the content to the second client computing system. - View Dependent Claims (14, 15)
-
-
16. A system for securely sharing content comprising:
-
a first client computing system including a first component to establish a hardware-based root of trust between the first client computing system and a service provider server, and to receive from the service provider server content requested by a user and an encrypted license blob associated with the content; a first security processor; and a first sharing agent to connect with a second sharing agent on a second client computing system, and to send the encrypted license blob and a sub-license request to the first security processor; wherein the first security processor is adapted to decrypt the encrypted license blob, validate the sub-license request, and if allowed, create a sub-license to allow the second client computing system to play the content, and to send the sub-license to a second security processor on the second client computing system; and wherein the first component is adapted to provide access to the content to the second client computing system; and a second client computing system including a memory; a second sharing agent; and a second security processor; wherein the second security processor is adapted to receive the sub-license from the first security processor, to encrypt the received sub-license, and to send the encrypted sub-license to the second sharing agent; wherein the second sharing agent is adapted to store the encrypted sub-license in the memory. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification