Method and apparatus for content protection within an open architecture system
DC CAFCFirst Claim
1. A method for content protection in an apparatus comprising:
- receiving encrypted data in the apparatus according to a first encryption protocol wherein the apparatus comprises;
an open system architecture configured to allow end users to add or remove hardware components, software modules, or both;
a closed subsystem of the apparatus to receive the encrypted data, wherein the closed subsystem does not allow end users to add hardware components or software modules thereto or remove hardware components or software modules therefrom; and
combiner circuitry that may add unprotected graphics and audio data to raw data;
generating raw data in a closed subsystem of the apparatus within the open system architecture, the raw data being generated in the closed subsystem by decrypting the encrypted data and performing additional processing on the encrypted data wherein the additional processing comprises;
decompressing the encrypted data if compressed encrypted data is received;
and manipulating the encrypted data for output;
preventing access to the raw data outside of the closed subsystem;
adding any applicable unprotected graphics and audio data to the raw data using the combiner circuitry;
generating protected data in the closed subsystem by re-encrypting the raw data using a second encryption protocol to generate protected data with any added graphics and audio data; and
asserting the protected data from the closed subsystem to an external device or system.
3 Assignments
Litigations
2 Petitions
Accused Products
Abstract
In a class of embodiments, the invention is an open computing system (e.g., a PC) in which a protected, closed subsystem is embedded. The closed subsystem typically includes multiple parts that ensure that content protection keys and protected content are never revealed outside the closed subsystem. Content (e.g., high-definition digital video) that enters the closed subsystem (and is typically decrypted and re-encrypted within the closed subsystem) is afforded a similar level of protection within the open system as can be obtained in standalone closed systems. Other aspects of the invention are methods for protecting content within an open computing system, a closed system (or disk drive thereof) configured to be embedded in an open computing system, and circuitry configured to be embedded in an open computing system for combining the output of a closed subsystem with other output (e.g., graphics and/or audio output) of the open computing system.
49 Citations
33 Claims
-
1. A method for content protection in an apparatus comprising:
-
receiving encrypted data in the apparatus according to a first encryption protocol wherein the apparatus comprises; an open system architecture configured to allow end users to add or remove hardware components, software modules, or both; a closed subsystem of the apparatus to receive the encrypted data, wherein the closed subsystem does not allow end users to add hardware components or software modules thereto or remove hardware components or software modules therefrom; and combiner circuitry that may add unprotected graphics and audio data to raw data; generating raw data in a closed subsystem of the apparatus within the open system architecture, the raw data being generated in the closed subsystem by decrypting the encrypted data and performing additional processing on the encrypted data wherein the additional processing comprises; decompressing the encrypted data if compressed encrypted data is received; and manipulating the encrypted data for output; preventing access to the raw data outside of the closed subsystem; adding any applicable unprotected graphics and audio data to the raw data using the combiner circuitry; generating protected data in the closed subsystem by re-encrypting the raw data using a second encryption protocol to generate protected data with any added graphics and audio data; and asserting the protected data from the closed subsystem to an external device or system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus comprising:
-
an open system architecture configured to allow end users to add or remove hardware components, software modules, or both; combiner circuitry that may add unprotected graphics and audio data to raw data; a closed subsystem within the open system architecture wherein the closed subsystem does not allow end users to add hardware components or software modules thereto or remove hardware components or software modules therefrom, the closed subsystem configured to; receive encrypted data according to a first encryption protocol, decrypt and perform additional processing on the encrypted data to generate raw data wherein the additional processing comprises; decompressing the encrypted data if compressed encrypted data is received, and manipulating the encrypted data for output, add any applicable unprotected graphics and audio data to the raw data using the combiner circuitry, and re-encrypt the raw data to generate protected data usin a second encryption protocol to generate protected data with any added graphics and audio data, further wherein the closed system prevents access to the raw data outside of the closed subsystem; and an output, the closed subsystem to assert the protected data to an external device or system via the output. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A system comprising:
-
a first apparatus with an open system architecture configured to allow end users to add or remove hardware components, software modules, or both, the first apparatus including combiner circuitry that may add unprotected graphics and audio data to raw data, a closed subsystem within the open system architecture wherein the closed subsystem does not allow end users to add hardware components or software modules thereto or remove hardware components or software modules therefrom, the closed subsystem configured to receive encrypted content according to a first encryption protocol, decrypt and perform additional processing on the encrypted data to generate raw data wherein the additional processing comprises; decompressing the encrypted data if compressed encrypted data is received, and manipulating the encrypted data for output, add any applicable unprotected graphics and audio data to the raw data using the combiner circuitry, re-encrypt the raw content to generate protected content using a second encryption protocol to generate protected data with any added graphics and audio data, and transmit the protected data via an output, the closed system preventing access to the raw content outside of the closed subsystem; and a second apparatus including an input to receive the protected content and decryption circuitry to generate raw content by decrypting the encrypted video data. - View Dependent Claims (30, 31, 32, 33)
-
Specification