Systems and methods for governing content rendering, protection, and management applications

DC CAFC

US 9,569,627 B2
Filed: 03/25/2016
Issued: 02/14/2017
Est. Priority Date: 06/04/2000
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method performed by a system comprising a processor and a non-transitory computer-readable storage medium storing instructions that, when executed by the processor, cause the system to perform the method, the method comprising:

receiving, by a secure control application executing on the system in a protected processing environment, a request to access protected content by a governed application executing on the system in a processing environment separate from the protected processing environment;

extracting, by the secure control application, secret information from a secure electronic container, the secret information being configured to be used, at least in part, to decrypt the protected content, wherein extracting the secret information comprises decrypting at least a portion of the secure electronic container to generate unencrypted secret information; and

sending, by the secure control application, the unencrypted secret information from the protected processing environment to the governed application executing in the processing environment separate from the protected processing environment.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

System and methods are disclosed for governing digital rights management systems and other applications through the use of supervisory governance applications and keying mechanisms. Governance is provided by enabling the supervisory applications to revoke access keys and/or to block certain file system calls, thus preventing governed applications from accessing protected electronic content.

78 Citations

18 Claims

1. A method performed by a system comprising a processor and a non-transitory computer-readable storage medium storing instructions that, when executed by the processor, cause the system to perform the method, the method comprising:
- receiving, by a secure control application executing on the system in a protected processing environment, a request to access protected content by a governed application executing on the system in a processing environment separate from the protected processing environment;
  
  extracting, by the secure control application, secret information from a secure electronic container, the secret information being configured to be used, at least in part, to decrypt the protected content, wherein extracting the secret information comprises decrypting at least a portion of the secure electronic container to generate unencrypted secret information; and
  
  sending, by the secure control application, the unencrypted secret information from the protected processing environment to the governed application executing in the processing environment separate from the protected processing environment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 further comprising:
    - receiving, by the secure control application, a first control expressing that the governed application should not be provided with the secret information; and
      
      implementing a first control action preventing the secret information from being provided to the governed application in response to a subsequent access request.
  - 3. The method of claim 2 further comprising:
    - receiving, by the secure control application, a second control expressing that the governed application should be provided with the secret information; and
      
      implementing a second control action allowing the secret information to be provided to the governed application in response to the subsequent access request.
  - 4. The method of claim 1 further comprising:
    - prior to sending the secret information to the governed application, determining, by the secure control application, that the governed application satisfies one or more requirements.
  - 5. The method of claim 4, wherein the one more requirements comprise at least one security requirement.
  - 6. The method of claim 4, wherein the one or more requirements comprise at least one requirement for processing the protected content.
  - 7. The method of claim 4, further comprising:
    - determining, by the secure control application, that the governed application no longer satisfies the one or more requirements; and
      
      implementing a control action preventing the secret information from being provided to the governed application in response to a subsequent access request.
  - 8. The method of claim 1, wherein the secret information comprises one or more access keys.
  - 9. The method of claim 1, wherein the secret information comprises a portion of an access key.

10. A non-transitory computer-readable storage medium storing instructions that, when executed by a processor of a system, cause the system to perform a method, the method comprising:
- receiving, by a secure control application executing on the system in a protected processing environment, a request to access protected content by a governed application executing on the system in a processing environment separate from the protected processing environment;
  
  extracting, by the secure control application, secret information from a secure electronic container, the secret information being configured to be used, at least in part, to decrypt the protected content, wherein extracting the secret information comprises decrypting at least a portion of the secure electronic container to generate unencrypted secret information; and
  
  sending, by the secure control application, the unencrypted secret information from the protected processing environment to the governed application executing in the processing environment separate from the protected processing environment.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises:
    - receiving, by the secure control application, a first control expressing that the governed application should not be provided with the secret information; and
      
      implementing a first control action preventing the secret information from being provided to the governed application in response to a subsequent access request.
  - 12. The non-transitory computer-readable storage medium of claim 11, wherein the method further comprises:
    - receiving, by the secure control application, a second control expressing that the governed application should be provided with the secret information; and
      
      implementing a second control action allowing the secret information to be provided to the governed application in response to the subsequent access request.
  - 13. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises:
    - prior to sending the secret information to the governed application, determining, by the secure control application, that the governed application satisfies one or more requirements.
  - 14. The non-transitory computer-readable storage medium of claim 13, wherein the one more requirements comprise at least one security requirement.
  - 15. The non-transitory computer-readable storage medium of claim 13, wherein the one or more requirements comprise at least one requirement for processing the protected content.
  - 16. The non-transitory computer-readable storage medium of claim 13, wherein the method further comprises:
    - determining, by the secure control application, that the governed application no longer satisfies the one or more requirements; and
      
      implementing a control action preventing the secret information from being provided to the governed application in response to a subsequent access request.
  - 17. The non-transitory computer-readable storage medium of claim 10, wherein the secret information comprises one or more access keys.
  - 18. The non-transitory computer-readable storage medium of claim 10, wherein the secret information comprises a portion of an access key.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
MacKay, Michael K., Maher, David P.
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
GYORFI, THOMAS A

Application Number

US15/081,637
Publication Number

US 20160210459A1
Time in Patent Office

326 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/60   Protecting data

H04L 2209/603   Digital right managament [DRM]

H04L 2463/101   applying security measures ...

H04L 63/062   for key distribution, e.g. ...

H04L 9/0822   using key encryption key

H04L 9/0877   using additional device, e....

H04L 9/0891   Revocation or update of sec...

Systems and methods for governing content rendering, protection, and management applications

First Claim

2 Assignments

Litigations

1 Petition

Accused Products

Abstract

78 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for governing content rendering, protection, and management applications

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links