TW200533141A - Method and system for session based watermarking of encrypted content - Google Patents

Abstract

A method and apparatus applies a variety of session based watermarks in real-time to content that is streamed from a server towards a client. The invention employs content where differing targeted portions are selectively encrypted, such that other portions remain in the clear (unencrypted). Session information, such as an intended client, end-user, operator of a content server, content owner, and the like, may be used to generate the various watermarks. The watermarks may also be digitally signed and/or encrypted. The watermarks may be applied to the portions of the clear content as the content is streamed towards the client. In one embodiment, a bridge server is configured to modify packets of streaming media data files with the variety of watermarks. In another embodiment, the content server for the streaming media data includes a plug-in component that dynamically modifies the packets of streaming media data files with the variety of watermarks.

Description

200533141 IX. Description of the invention: L ·. JSb 4] Technical Field of the Invention The present invention relates generally to the technology of preventing digital piracy, and more specifically, the present invention relates to dynamically using watermarking to modify stream target selection. Technology for Sexually Encrypted Content.

The technical background of L. J. Manpen The development of the Internet has created a great opportunity for the sharing of digital information. In recent years, digital information on audio and video in the form of streaming media has been widely available on the Internet, thereby increasing the universality of the Internet. Streaming media is an Internet data transmission technology that allows end users to view and listen to audio and video information without requiring lengthy download times. The host or source will on the Internet end to the content of an end user who can access the content as soon as it receives the content, 'streaming' small packets of information. Typically, for large streaming media data files, temporary files cannot be generated on the end-user device. Conversely, small packets of streaming media information are typically cached in the buffer of the end-user device, and these packets are discarded quickly after the information has been viewed or heard. Many businesses, entertainers, and individuals post copyright-protected material on the Internet in the form of streaming media every day. Essentially, anyone with a personal computer can read, copy, edit, and even repost streaming media data files they get from the Internet. Unfortunately, every day, 200533141, thousands of copyrighted streaming media files are copied by unauthorized persons. This type of digital media piracy is becoming increasingly serious, leading to serious losses for businesses and individuals. Furthermore, because it is possible to transmit unauthorized streaming media data files to up to 5 more Internet users, it is often quite difficult to determine the original source of digital media problems. Therefore, the present invention is disclosed in view of the above and other considerations. Explanation of Related Skills This application claims priority based on US Provisional Patent Application No. 60 / 535,357 filed on January 9, 2004, and priority is based on US Law 35U.S.C_§119 (e) Instead, it is claimed that the US case is incorporated in the present invention by reference. [Summary of the Invention] SUMMARY OF THE INVENTION The present invention discloses a system for disseminating content on a network, which includes 15 a client device configured to perform the following actions ... requesting the content; and providing and Dialog information associated with the request; and a computer computing device configured to: receive the dialog information associated with the request; encrypt at least a portion of the content, wherein at least another portion of the content remains unopened Encrypted; at least in part based on the conversation information to determine a 20 watermark mark; and when the encrypted and unencrypted portion of the content is streamed to the client device, the watermark mark is immediately applied to the unencrypted At least part of the content. Brief Description of the Drawings 200533141 The following is a description of non-limiting and incomplete embodiments of the present invention with reference to the drawings. In the drawings, the same component numbers refer to the same components unless specifically noted. In order to understand the present invention more clearly, it will be described below with reference to the detailed description of the present invention and with reference to the drawings, in which: Figure 1 is a functional block diagram showing a method for implementing the present invention An embodiment of the environment; FIG. 2 shows an embodiment of a server device that can be used in a system implementing the present invention; 10 FIG. 3 shows the contents of functional components in various stages of the progress of the present invention An embodiment; and FIG. 4 is a logic flow diagram that schematically shows an embodiment of a program for managing a dialog watermark mark on a target selectively pre-encrypted content according to the present invention. 15 [Embodiment] Detailed description of the preferred embodiment The present invention will be explained more fully with reference to the drawings which form a part of the present invention, and a specific exemplary embodiment in which the present invention can be implemented will be described using a presenter. However, the present invention may be embodied in many different forms, and should not be construed as being limited to the embodiments disclosed by the present invention; on the contrary, these embodiments are provided in order to explain the present invention more clearly and completely. And, these embodiments will completely convey the contents of the present invention to those skilled in the art. Furthermore, the present invention may be embodied as a method or an apparatus. Therefore, the present invention may be in the form of a complete hardware embodiment, or may be in the form of a complete software implementation, or may be an embodiment combining software and hardware. The detailed description below is therefore not restrictive. In brief, the present invention relates generally to a method and apparatus for applying a dialog watermark to content streamed from a server to a client in real time. The present invention uses content whose different target portions have been selectively encrypted so that the other portions of the content can be maintained in the clear " (i.e., unencrypted). The dialogue information including information associated with the intended content server, end user, content server operator, content owner, etc. may be used to generate at least one unique watermark. When streaming the content to the client, the watermark can be applied to a portion of the pure content. The watermark can then be used to track the source of the content, ownership of the content, inappropriate access to the content, inappropriate modification of the content, and so on. In one embodiment, a watermark tag bridge can be configured to use multiple different conversational watermark tags to modify packets of streaming content. In another embodiment, the content server of the streaming content includes a watermark tag plugin component, which dynamically uses at least one interactive watermark tag to modify the streaming content packet. In addition, at least a portion of the watermark mark may be encrypted and / or digitally signed. Verification and / or non-repudiation of the watermark can be further enabled during the debate analysis. In addition, by overlaying the content with a watermark on a server 20 rather than a client, the present invention can actually reduce the need for a trusted watermark client. Example Environment Figure 1 is a functional block diagram showing an embodiment of an operating environment 100 for implementing the present invention. The operating environment 100 is only an example suitable for 200533141, and it is not intended to limit the scope of use of the present invention or the force of the moon. Therefore, other known environments and configurations may be used without departing from the spirit or scope of the invention. ^ As shown in the figure, the operating environment 100 includes a content server 102, a watermark U-bridge 1004, a network 105, and a client Gage to Ghost. The network 105 communicates with the watermark tag bridge 104 and the clients 106 to 108. The watermark tag bridge 104 communicates with the content server. Each of the internal servers 102 essentially includes any electronic computing device configured to be used by manufacturers, developers, and / or owners who disseminate content 106 to 108 to clients. This type of content includes, but is not limited to, dynamic videos, movies, videos, music, pay per view (PPV), video on demand (VOD), interactive media audio still images, text, graphics , And other forms of digital content that can be disseminated to users of the client (eg, 15 client devices 106 to 108). For example, any of a number of different streaming mechanisms may be utilized to stream that content to a requesting client device. The content server 102 may also be structured for use by an enterprise, system, etc. that obtains rights from the content owner to copy and distribute the content. Content 20 Feeder 102 may acquire rights to copy and distribute from one or more content owners. The content feeder 102 can be repackaged, stocked, and scheduled for subsequent sales, decentralization, and authorization of other content providers, users, etc. of the client devices 106 to 108. Therefore, although not shown in 200533141, the content server 102 can receive content from an upstream device. The content server 102 may be configured to receive (for example, the client installs money 8) a _pair_ item request, and stream the content to the request client device. In the embodiment, the content 10 15 20: the device is encrypted in a pre-encrypted mode, such as Dingjin-Qianshu. In another embodiment, before the client device is required to stream the content, the content server may be configured to selectively encrypt at least some of the content, such as the client device 10 The content server 102 may encrypt the content while the requesting client device is streaming the inner valley. The content-feeding clothes that work like that include personal computers, desktop computers, computer systems, micro-processors, or programmable network PCs, servers, etc. It does n’t matter if you buy them on a monthly basis. You have a bridge 104 can successfully receive streaming content, such as receiving content from the content server 1G2, and dynamically partially modify the streaming content by including at least one watermark in the streaming content. _ 中 '水印 Token Bridging The device 104 will receive the selectively encrypted content of the second target of the watermark mark. The watermark mark bridge 104 may be followed; the dagger performs continuous watermark marking of the stream content for the client 4 to the H client 106 to 108. Watermark The tag bridge 104 can be additionally connected to the end user, content owner, content server Γ, owner of the client farm, etc., and apply at least some of the received information to generate at least one 7 ^ Ερ 丨 Private 5. It is also possible to configure the watermark tag bridge 104 to be able to 10 200533141. A watermark tag can include the application of multiple financial congruent tags _ to make it at least in the stream content. It works like 104 Device includes wafer-based manufacturing Personal computers, desktop computers, multi-processor systems, micro- or programmable & electronic devices, network PCs, server applications, and so on. In one embodiment, the watermark marks the bridge 104 includes a memory, a device, and a transceiver H, which is a processor that can guess the application program.

Furthermore, although the watermark mark bridge H 1G4 is shown as being separated from the inner valley server 102 in the first figure, the present invention is not limited to this. For example, the watermark bridged to 104 may be included in the content server 102 as a plug-in type, application type, chip, circuit board, and the like. Therefore, a fifteenth embodiment of the watermark marking unit in the server device will be described in more detail with reference to FIG. Furthermore, the watermark tag bridge 104 (and / or the watermark tag plug-in) can be configured to reside in a verifiable and trusted environment. The network 105 can be configured to enable one computer computing device to be coupled to another computer computing device so that they can communicate. The enabling network 105 is any form of computer-readable medium that is used to transfer information from one electronic device to another. Similarly, the network 105 includes a wireless interface and / or a wired interface, such as an Internet other than a local area network (LAN) and a wide area network (WAN), such as via a universal serial bus (USB) communication port Direct links, other forms of computer-readable media, or any combination of these. On ~ groups of interconnected LANs', including LANs based on different architectures and protocols, a router will act as a link between the LANs, thereby enabling messages to be transmitted from one LAN 11 200533141 to another-LAN. Similarly, the communication link in a LAN typically includes a twisted pair or coaxial cable, and the communication links between the networks can use analog electronics, wires, including all or part of TI, T2, T3, and T4 Dedicated to teach road reduction, overall service digital network _N), digital subscriber line (DSL), wireless link including satellite | 5 links, links according to a variety of different standards, including God 802.lla, 80. 2.llg, say llb, or any other communication link known to those skilled in the art. Furthermore, remote computers and other related electronic devices can be remotely connected to the LAN ^ WAN through a modem and a temporary telephone link. In essence, the network 105 includes any communication mechanism used to transfer information between the client device 108 and the content server 102. As mentioned above, the media used to transmit information in the communication link is a computer-readable medium, ie, communication media. Broadly speaking, computer read media includes any media that can be accessed by computer computing devices. Computer-readable media includes computer storage media, communication media, or a combination of these. 15 In addition, communication media typically embodies computer-readable instructions, data structures, φ program modules, or other data in modulated data signals, such as carrier waves, data k 5 tigers, or other transmission mechanisms' and includes any information delivery media. The so-called u-modulation data signal and "carrier signal" include signals having one or more characteristic groups, or can be changed to encode information, instructions, data 20, etc. in the signal. For example, communication media include cable media , Such as twisted pairs, coaxial cables, optical fibers, waveguides, and other wired and wireless media, such as sound, RF, infrared, and other wireless media. Client devices 106 to 108 essentially include the ability to be on a network (such as a network 105) Any computer computing that receives content from another computer computing device 12 200533141 devices, such as from content server 102, watermark tag bridge 104, etc. Client devices 106 to 108 also include Utani who can receive applications other mechanisms Any computer computing device, including but not limited to CD, DVD, magnetic tape, digital memory device, etc. «devices include devices typically connected to communication media such as personal computers, multiprocessor systems, microcomputers Processor-based or programmable consumer electronics, networked PCs, etc. Such devices also include devices that typically use wireless communication media to connect Devices, such as cellular phones, smart phones, pagers, portable wireless handsets, radio frequency (RF) devices, infrared (IR) devices, CBs, integrated devices combining one or more of the foregoing devices10 v. Client devices 106 to 108 are also any devices that can be connected using wired or wireless communication media, such as PDAs, handheld computers, wearable computers, and any other devices Access-a device that receives and plays content. 15 Client devices 106 to 108 include a client that is structured to enable end users to request content, receive the content, and play the content. ^ The machine also provides other Actions, which include but are not limited to: an interface that enables other components of the client to execute and enable communication with another component, device, end user, etc. Therefore, 'client devices 106 to 108 may The application of 20 live in a variety of different devices _ soil species to receive this content, including but not limited to: computer display system, system, jukebox, set-top box (STB), television, video display Devices ^ For example, the client devices 106 to 108 may include a VoD media player configured to receive various data packets within the disaster. The client devices 106 to 108 apply the VoD media player (and / or another A Pei device) to process the data packets in the stream 13 200533141 to convert them into sound and / or image. The client devices 106 to 108 can also be configured to treat the streaming content as a fixed stream and Provides another option for end-users to convert the content into sound or pictures — 1 application. (Not shown). 5 Client devices 106 to 108 can additionally receive the content as the target selectively encrypted content, so it must be Decode content before you can enjoy it. Therefore, in one embodiment, 'the client devices 106 to 108 include an application that constitutes a group that selectively decrypts the target selectively encrypted content. Exemplary computerized fecal metering. Fig. 2 shows an embodiment of a computer calculating jealousy according to an embodiment of the present invention. In addition to the components shown, the computer computing device 2000 may include more components. However, the components shown are sufficient to disclose an exemplary embodiment for implementing the present invention. For example, the computer computing device 2000 may represent another embodiment of a content server having a watermark tag plugin component. • The computer computing device 200 includes a processing unit 212, a video display adapter 214, and a large memory, all of which are connected to each other through a bus 222. The large memory generally includes RAM 216, ROM 232, and one or more permanent large storage devices such as hard drive 228, tape drive, optical drive, 20 and / or floppy drive. The large memory stores an operating system 220 for controlling the operation of the computer computing device 200. Any general-purpose operating system can be applied. A basic input / output system (,, BIOS ") 218 is also provided to control the low-level operation of the computer computing device 200. As shown in FIG. 2, the computer computing device 200 is also connected to the Internet or some via the network interface unit 210 (which is constructed for use in combination with various different communication protocols including the TCP / IP protocol 14 200533141). Other communication networks (such as network 105 shown in Figure 1) communicate. The network interface unit 210 is sometimes referred to as a transceiver, a transceiver, or a network interface card (NIC). 5 As mentioned above, this large memory exhibits another type of computer-readable media ', namely computer storage media. Computer storage media includes dependent, non-dependent, removable, and non-removable media that can be implemented using any method or technology to store information, such as computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include RAM, rqm, 10 EEPROM, flash memory or other memory technology, cD_ROM, digital versatile disc (DVD) or other optical storage, magnetic cassette, magnetic tape, magnetic disc storage Mass media or other magnetic storage devices, or any other media that can be used to store a desired device and accessible by a computer computing device. The computer computing device 200 also includes 15 SMTP handler applications to send and receive emails, ηγγτρ handler applications to receive and process Ηπρ requests, and HTTps handler applications to handle secure connections . The HTTPS handler application can use a secure method to initiate communication with external applications. Computer computing device 200 also includes 20 input / output interfaces 224 for communicating with external devices, such as a mouse, keyboard, scanner, or other input devices not shown in FIG. Similarly, the computer computing device 2000 also includes additional large storage devices, such as a CD-ROM / DVD-ROM drive 226 and a hard drive 228. The hard drive 228 can be used to store applications, databases, client device configuration information, policy guidelines, and the like. 15 200533141 ‘_read miscellaneous and _. Pure _ or several applications Γί person into type A memory, and make it work in the office 220 5

Alas. Examples of applications include, but are not limited to: transcoding programs, scheduling programs, sundial, data county-style, word processing programs, audio programs, audio players, video players, vOD players, decoders, Decryptor, PPV player, interface program connected to STB, interface program connected to TV, video camera, etc. Type A storage additionally includes

Device (SM) 252, internal money depository 254, and an application program for marking the program L with a fortune. 10. The SM 252 group can be configured to manage a request for content from a client device. Therefore, the SM 252 can receive the request, find the content, and provide the content to a watermark tag component, such as a watermark tag plugin 256, a watermark tag bridge, and the like.

The SM 252 may additionally receive dialog information such as an identifier of a prospective client device, an end user, a content server operator, a content identifier of a content owner, and the like. The SM 252 may then provide the dialog information to the watermark target component for generating a watermark. SM 252 also receives content from an uplink provider. In one embodiment, the 'received content is selectively pre-encrypted by the target. SM 252 may then store target selectively pre-encrypted content in content storage 254. In another embodiment, the SM 252 group may be configured to receive unencrypted content and perform a targeted selective encryption operation for the content. For example, SM 252 can view, parse, and selectively encrypt different target portions of the content. In an embodiment, when the content is received and / or the watermarking component is added, the 20052005141141 may be 2: 2 ::: selectively added to the content_subordinate__two: selective encryption, and In essence, " is not limited to target selection, a conditional content store 254 that can encrypt the spirit or scope of the content can be applied. Essentially: any other mechanism. Summit, database: two = parts that can be stored and retrieved, etc.). * Type folder, file, directory 10 15 20 Client 1 = 2 === Private machine to ask for customers. The operation of the program is essentially the same as the operation of the T: Γ mark plug-in. For example, the watermark marker bridge rule N * §21 of Figure 21 can be used by the plug-in program 256 :: Calculate == more than _ dialogue such as ^: 10 to 200 when the content is streamed to the requesting client. & Immediately apply the watermark to the content. The X PL plug-in program 256 can select and apply various watermark marks to the pure part of the content, as described below with reference to FIG. 3. Furthermore, the watermark tag plug-in 256 may use a cryptographic key different from the golden wheel used to encrypt / decrypt the content to additionally encrypt and / or digitally sign the salt watermark tag. The watermark token key is typically the requesting client, unknown and unavailable, so it can protect the watermark token from rat attacks or bad thoughts' and enable the watermark token when the content is debated and analyzed = Verification and / or non-repudiation. As a result, the client device cannot be tagged. In the "real key", the cryptographic key is a __symmetric golden wheel; 17 200533141 It is also possible to use non- 'symmetric golden keys under conditions that deviate from the spirit of the invention or _. It is shown that the plug-in program 256 is an application program of Dian Cong Jing Yi device 200, the plug-in program, and the present invention is not limited to this. For example, the status of the 'watermark tag plug-in' program may reside on a separate card, chip, etc. of the computer system 200.

10 Furthermore, although the SM 252, the content storage place 254, and the watermark markup plug-in 256 are shown as different components, the present invention is not limited thereto. For example, SM 252 and content storage can be implemented as a single integration = two watermark mark plug-ins can reside on another computer (such as the first _watermark mark bridge iQ4), and different from the computer Computing device 200. Watermark Tag Stream 媪 g

To put it simply, —conversational watermarks include digital money or patterns inserted into digital images, audio and / or video files, or streaming towels. Because the inserted digital signal or pattern does not appear in the unchanged copy of the original data file, the digital watermark mark can be used as a digital signature for the copied data slot. For example, a watermark can be used to embed a copyright notice in the data file. For each copy of the data file, a given watermark 20 mark may be unique to identify the intended recipient, or the predetermined watermark mark may be common to multiple copies of the data file so that the source of the file can be identified . Furthermore, to the average viewer, the watermark may be invisible, thereby promoting claims of ownership, receiving copyright proceeds, or being able to successfully sue against unauthorized use of data files. 18 200533141 In the case of streaming media data broadcast 5

10 15 Need to know the media file format. In some traditional methods, it is necessary to shrink a stream of media data files (or some of its methods need to be decommissioned and then reused or partially). However, the markup: Carcass data file format remains proprietary and discernible. The value of traditional watermarking methods today. The present invention provides several types of conversational watermarking content = restrictions. However, the file format is generally known. In addition, there is no need for the present invention. The present invention allows to add the stream content mark ::: in advance to the security level of the content. The following methods are used in the present invention to generate interactive watermark marks in the production auditing process. Because the technique is gradually being used because of unsuitable components, the water-time recording method, m, and m are provided for multiple counterparts. 'Operationally', the present invention can use two types of U-pairs-digital watermarking of a predetermined content stream. Methods.

20 This method stores 敎 stream_potential replacement 2 for subsequent replacement. The stream media to be watermarked will be scanned, and the selected frame will be extracted. In an implementation of the present invention, each of the extracted frames of the L media data file is provided with a love order knife, such as a single number. The serial number can represent a unique identifier for the source of the file or the recipient of the pre-1 client. The serial number part can be located in several subtractions to reduce the process of transmitting frames to the client device.

15 20 200533141 The missing dilemma occurred. Also mouth ^ The farewell box. ’, The serial number can be attached to the distribution one by one. When a client requests—the selected watermark mark frame to stream the media data file, the 5 unmarked frame can be used. ， 5 In the original streaming media data file ... 1々 潦 The system can be used in the k server. The second program resides in the content file to find out the relevant information. You can analyze the unique information of the streaming media to On the go = seeking unique information from the client and using 102_dynamic media to generate a frame with a watermark. Re-streaming data: The file is decompressed, modified, and the packet is transmitted to the requesting client's packet. Corrected: fine file data packet. Original streaming media resources | 3_Tondo money: In this method, the stereo video data file includes g, all long-streaming women, and Pakistan §fL boxes.

In the case of streaming video selection & example, the H box will be used. In another aspect of the present invention, when the source is:! =, It is convenient to use a unique request for the client identifier II: stream "color frame. When streaming media is sent to the black frame with 'f' watermark, please replace the selected one during the travel. Use this button. • This method: wish box. The watermark of the device can be modified. Field format or still image 20 200533141 B. Generate watermarks for individual frames 1. Image / audio watermark: This method is provided to insert watermarks into still image data format and audio format. 2. Define Data Modification: The definition data provides information about the type of digital 5 data being streamed. For example, the definition data includes information about the frame rate of the streaming media file. In one embodiment of this method, unused data will be inserted into the definition data to provide a unique watermark for the streaming media. In another embodiment of this method, the definition data will be recorded using a valid but unnatural sequence of encoded watermark marks. 10 3. Removable watermark marks: This method intentionally discards the streaming media data frame in a pattern that is statistically identified as a watermark mark. In one embodiment of this method, the intermediate frame (referred to as an I-frame) can be discarded with minimal negative impact on the quality of the streaming media. 4. Frame insertion: In this embodiment, a data frame that cannot be seen or heard but has a watermark mark is inserted into the streaming media data file. 5. Attach useless data to the packet: additional unnecessary information bytes will be added to the end of the data packet to indicate a watermark. This watermark will be marked in the number of foreign bytes added. 6. Attach useful data to the packet: This embodiment will attach useful data with 20 watermarks to the selected streaming media data packet. C. Generate a serial number for inserting action: The embodiment for embedding a watermark mark provides a selected number of a unique recipient identifier, or a source identifier of a different streaming media 21 200533141 body frame, so that A combination of watermarked data frames can include the entire unique identifier. However, the present invention is not limited to the digital dialogue watermarking technique described above. For example, without deviating from the spirit or scope of the present invention, using Fourier transform technology, discrete cosine transform technology, and the like. General Operation Lu Hereinafter, the operation of some aspects of the present invention will be described with reference to FIGS. 3 and 4. Fig. 3 shows an embodiment of 10 content functional units in various stages of the present invention. Figure 3 can be used as an example of converting content when the content undergoes a dialogue watermarking mechanism, such as the way shown in Figure 4. As shown in Figure 3, the content conversion 300 includes pure content 302, target • and selectively encrypted content 304, conversational watermarked content 306, and the resolved horse watermark; In one embodiment, the pure content 3Q2 and 15 targets and the selectively encrypted content 304 may reside on a computer computing device managed by the content owner. The pure content 302 includes pure portions 320 to 323. The clean sections 320 to 323 represent any of a number of different sections of the content 302. In addition, the,,,, and inner net valley 302 represent a variety of different content formats. For example, pure content 302 may be formatted using the Motion Picture Experts Group (MPEG) format. Each of the pure contents 302 is not limited to the MPEG content format, and other content formats may be used without departing from the spirit or scope of the present invention, including the JPEG format, the MP3 format, and the like. However, the MPEG format used in the present invention is only an example 'and is used for the purpose of illustration. 22 200533141 In simple terms, MPEG is an encoding and compression standard for digitally transmitted content. MPEG provides compression support for TV-quality transmission of video content. Furthermore, MPEG provides compressed audio, control, and even user dissemination of content. 5 The MpEG content stream includes a packetized elementary stream (PES '), which typically includes an integer number of fixed (or variable size) blocks or frames of elementary stream (ES) access units. The ES is typically the basic component of an MPEG content stream and includes digital control data, digital audio, digital video, and other digital content (synchronous or asynchronous). A set of tightly coupled PES packets (which are essentially called 10 for the same time base) contains MPEG program streams (PS). Individual PES packets can also be divided into fixed-size transport packets called MPEG Transport Streams (TS). This forms a general-purpose method of combining one or more content streams, which may include independent time bases. Furthermore, the MPEG frame includes an intermediate frame (frame_frame), a forward prediction frame (P-frame), and a bidirectional prediction frame (B_frame). 15 Therefore, the clean sections 320 to 323 each include a clean content 302 section that can be divided into multiple data units according to different criteria. For example, the pure parts 320 to 323 include data parts extracted from any component of the video elementary stream (ES), audio ES, digital data ES, and content stream of video, audio, and data elementary streams. For example, the clean parts 320 to 323 may be composed of the second part of the ten video ES. Furthermore, the pure parts 302 to 323 may not need to include the same length, density, etc. as the pure content 302. Targets and selective encryption can be applied to any component of video basic audio (ES), audio ES, digital data ES, and any part of video, audio, data basic streaming (which contains pure content 302) to convert it For the eyesight with 23 200533141 Selective encryption within $ 304. The target and selective encryption also include the selective encryption of at least eight adjacent ports of the I-frame, P-frame, and B-frame, and any combination of P-frame, B-frame, and frame ' To produce a target with selectively encrypted content 304. However, in some cases, it is desirable that the pure content, such as some parts, be kept pure, so that the requesting client can set up special trick play methods for the content, such as revolving, replaying, smart temporary Wait

As shown in Figure 3, the target and selectively encrypted content 304 shows two parts = encrypted parts (330 and 332). … When the target and the selectively encrypted content 304 are streamed to the first figure ㈤ watermark mark 10 bridge 104, the second figure watermark mark plug-in component 256, etc., at least one dialog watermark mark will be applied to In at least-part (331 and / or 323) of this pure content. By including at least-conversational watermarking as described below, the target and selectively encrypted content 304 can be converted to conversational watermarking content 306. 15 In the embodiment, the target and selective encryption can also be applied to the -watermark ^ ticket. For example, the watermark can be decompressed into at least two parts. A P knife can include the most significant bits of the client device address. This section can be the target of selective encryption. Other parts may include less important elements of the information such as the client name. For example, this part of the watermark can be kept pure and contentious. Therefore, the watermarked clean portions 341 and 343 additionally include sub-portions that are maintained as pure or further encrypted. However, this encryption method 2 can & use a cryptographic key different from the fee code key used to additionally encrypt the encrypted parts 33Q and 332. 24 200533141 When the dialog client watermarked content is received by the requesting client device, the encrypted portions 330 and 332 will be decrypted to generate a decrypted watermark. If the decrypted watermark content 308 includes encrypted private activity, the watermark is maintained as encrypted. 5 However, what's new is that the present invention is not therefore limited to target selective encryption technology. For example, a selective encryption technique can also be used, sometimes called " soft encryption partial encryption ", or " fragment encryption ". This selective encryption technique typically seeks to identify the smallest subset of the compressed bitstream, which may degrade the content on the decoder (e.g., on a client device). However, selecting the smallest subgroup of this bit stream may reduce the security level. Therefore, there is an exchange condition for using this method. Therefore, a selective encryption operation can receive compressed content and use an encryption algorithm to encrypt a predetermined minimum number of bit streams, which is a balance of the problem of degradation against the desired security level. 15 In any case, the present invention may use any of a variety of different encryption mechanisms to encrypt the content and / or at least a portion of the watermark mark, including asymmetric encryption mechanisms (e.g. Diffie-Hellman, RSA, Merkle-Hellman, POP ), And symmetric encryption mechanisms (such as Advanced Encryption Standard (AES), RC6, IDEA, DES, RC2, RC5, Skipjack), etc. 20 The requesting client device may then be provided with a corresponding content decryption key using any of a number of different mechanisms, including out-of-band methods, trusted third parties, and so on. Figure 4 is a logic flow diagram that roughly shows the implementation of a program to manage dialog watermarking on target-selective pre-encrypted content. The program 400 of FIG. 4 can be executed on the computer computing device 2000 of FIG. 2 and the program 400 of FIG. 4 can be executed on the content server 102 and the watermark tag bridge-104 of FIG. • As shown in Figure 4, procedure 400 will begin after content 5 is received in block 402. This content can be received from a number of different sources. For example, the content may be received from upstream content owners, providers, and the like. In block 402, the content is reviewed to determine whether it is compressed. If not, the delta contents are compressed in the square block 402. The compressed content action can use any of a variety of compression / decompression mechanisms suitable for a given content type. For example, block 402 may use Motion Picture Experts Group (MPEG), Joint Graphic Experts Group (jpeg), wavelets, and other mechanisms to compress received content. Processing will continue to block 404 where a determination will be made as to whether the compressed inner valley has been targeted for selective encryption. If not, any of the methods described above with reference to Figure 3 can be used to inspect, analyze, and selectively encrypt different target portions of the content. In one embodiment, block 404 will operate to perform encryption operations in real time. In another known example, 'the encryption operation will be performed offline, and the target selectively encrypted content is stored for subsequent access. In another embodiment, a selective encryption method will be used instead of using target selective encryption. The 200% task 400 will then proceed to decision block 406, where a determination will be made as to whether a request for the content has been received. If a request for the content has not been received, the processing action will repeatedly execute decision block 406 until a request is received. If a request for the content has been received, processing proceeds to block 408, 26 200533141 where the dialog information has been received. Session information can be received from the requesting client. For example, the dialog information includes the client's unique identifier, the end-user identifier, the digital rights associated with the content and the end user, and so on. In the embodiment, the client unique identifier includes a name, a 5-password, a hash, a credit card number, an Internet mosquito (IP), and the like associated with the client device. Dialogue information can also be received from content owners, content providers, etc. For example, the information includes an identifier of a content owner, a content encryptor, a content provider, and the like. ^ The processing action will continue to block 41Q, where when the content is streamed to the 10 machine, the dialogue information will be used to make at least-the conversational watermark mark included in the optional part of the content. As described above, a variety of different mechanisms are used to generate multiple watermarks for the stream content. Alternatively, the watermark can be digitally signed and / or encrypted. Processing will continue to block 412, where the watermark 15 tag content will be continuously streamed to the requesting client, and the requesting client will decrypt the content. Upon completion of block 412, the routine 400 will return to the calling routine for other actions. It can be understood that the blocks shown above in the flowchart and the combination of the blocks shown above in the flowchart can be implemented by computer program instructions. The program instructions may be provided to the processor to generate the machine, so that when the instructions are executed on the cough processor, a component for performing the operations in the flowchart blocks is generated. The computer program instructions can be executed by the processor, so that the processor can perform a series of operation steps to generate a computer execution program, and when the instructions are executed on the processor, the instructions for performing the actions in the flowchart blocks are provided. step. 27 200533141 Therefore, the blocks of the flowchart can support constructive combinations for pointing actions, combinations of steps for pointing actions, and program instruction components for pointing actions. It can also be understood that each block of the flowchart for performing specified actions or steps can be implemented by a special hardware system, or a combination of blocks and flowchart blocks, or a combination of special-purpose hardware and computer instructions. The foregoing description, examples, and materials provide a complete description of the construction and use of the invention. Many embodiments of the present invention can be carried out without departing from the spirit and scope of the present invention, and the present invention is defined by the following application patents. [Brief description of the drawings] FIG. 1 is a functional block diagram showing an embodiment of the environment to realize the present invention; FIG. 2 shows an embodiment of a server device, which can be used to implement 15 books In a system of the invention; FIG. 3 shows an embodiment of the functional components of content in various stages of the progress of the invention; and FIG. 4 is a series of flowcharts' which shows roughly according to the invention- An embodiment of 20 procedures for selectively pre-encrypting conversational watermarks on content with management objectives. [Key component symbol descriptions 1 100 Operating environment 105 WAN / LAN 102 Content server 106 Client device 104 Watermark tag bridge 107 Client device 28 200533141

108 Client device 256 Watermark markup plug-in 200 Computer computing device 300 Content conversion 210 Network interface unit 302 Pure content 212 Central processing unit 304 Target and selective encryption inside 214 Video display adapter capacity 216 RAM 306 Conversational watermark markup content 218 Basic I / O system 308 decoded watermark mark content (`` BIOS ") 320 clean section 220 operating system 321 clean section 222 bus 322 clean section 224 input / output interface 323 clean section 226 CD-R0M / DVD-R0M light 330 has Encrypted Part Drive 331 Pure Part 228 Hard Drive 332 Encrypted Part 232 ROM 341 Watermarked Pure Part 250 Application 343 Watermarked Pure Part 252 Dialogue Manager (SM) 400 Program 254 Content Store 400 ~ 412 Step Block 29

Claims (1)

200533141 X. Patent application scope. A system for distributing content on a network, which includes: " Client devices that are configured to perform the following operations: • request the content; and 5 provide and Request the associated dialogue information; and-a computer computing device configured to:-receive the dialogue information associated with the request;-encrypt at least-part of the content, where at least another of the content- # 分 Maintenance is unencrypted; 10 to J are determined in part based on the longevity information—watermarks and σ. U Tian applies the encrypted and encrypted part of the content to the client in violation of the content, and applies it immediately The watermark is marked into at least a portion of the unencrypted port. Valley 15 20 2. ^ Please refer to the pureness of item 1 in the scope. The action of the knife at least 8P also includes selectively picking at least that part of the content for worse. H. The system of item 1 of the patent scope, wherein the ^ applied with the watermark mark also includes the application-different watermark marks to a different part of the unencrypted content Φ. The system of item, in which the same watermark mark is applied to the unencrypted content as the watermark mark is applied. 4. If the first action of the patent application scope includes the application of a different part. 30 200533141. The system of the first item in the range of 1: 1 benefit 'wherein the L to which the watermark mark is applied contains at least one part of the watermark mark and at least two other actions of digitally signing the δΛ watermark mark. One action. 6_ As described in item i of the patent application scope, wherein the computer computing device uses at least one of a watermark tag plug-in and a watermark tag bridge to apply the watermark tag. 10 15 20 7. The system according to item 1 of the scope of patent application, wherein the watermark mark is encrypted using a password Jin Yu different from the password gold key used to encrypt the part of the content. 8. The system of claim 1, wherein the client device is a mobile device. 9. If the system under the scope of patent application M, the dialogue information further includes at least one of the following items: a client device identifier, an end user identifier, a digital right attacking the-end user, A terminal user name, '1 hash, —hash, —credit card number, and an Internet Protocol (IP) address. For example, in the system of applying for the scope of the patent, the action of determining the watermark mark further includes determining the watermark mark based on additional dialogue information including at least one of the following items: an identifier of a content owner,-content encryption -An identifier of the user, an identifier of the content provider, and an identifier of the content. 11_ A system for disseminating content on a network, comprising: a content server configured to perform the following actions: 31 200533141 Receive a request for capacity from a metering device—a request, and receive a request related to the request Encrypting at least a portion of the content; wherein at least another 4 points of the content remain unencrypted; and the computer computing device streams the encrypted and unencrypted content of the content Is configured to intercept the streamed content and perform the following dynamic watermark marking components: receiving the dialogue information; 10 based at least in part on the spoken information-watermark marking; and, ... when streaming to the computer computing device When the # encrypted and unencrypted parts of the content, the watermark is applied to at least a part of the unencrypted inner valley in real time. 5 12. The system of claim 11 in which the watermark marking component is at least one of a watermark marking bridge and a watermark marking plug-in component. 3. A system as claimed in item u of the patent scope, wherein the electronic computing device associated with the request further includes a 0 wireless communication for receiving the streaming content. 14. A system for distributing content on a network, comprising: a processor in communication with a transceiver; 32 200533141 a memory in communication with the processor and used to store data and machine instructions, such as The instruction will cause the processing example to perform the following multiple operations:-receiving a content stream, wherein at least a portion of the content stream is encrypted and at least another portion of the content stream is unencrypted; receiving is associated with the content stream Dialogue information; determine a watermark based at least in part on the dialogue information; 20 When the content stream is in the stream, "Ding Bar Stamp is marked on at least a part of the unencrypted content stream. 15. If the device of the scope of the patent application is applied for, the device is a warp, It can be used as an electronic computing device like a watermark marking bridge to operate with at least one of the meaning of a watermark marking component. For example, the device in the scope of patent application No. 14 uses a visual inspection selective encryption to selectively Encrypt the content stream. 17. Please request the device of the scope of patent No. 14, wherein applying the watermark marking action also includes applying—different watermark marking to a different part of the unencrypted content. = · The device surrounding item 14, Among them, the watermark mark h is used to encrypt at least one part of the watermark mark and at least one other part of the digital watermark mark. At least 33 200533141 19. If the device of the scope of application for patent No. 14 is used, it is different from A cryptographic key that is used to encrypt a cryptographic key for that part of the content to encrypt the watermark. 20 · —A system for distributing content on a network It includes: 5 receiving dialog information associated with a request for one of the content; encrypting at least a portion of the content, wherein at least another portion of the content remains unencrypted; determining a watermark based at least in part on the dialog information And when the encrypted 10 and unencrypted content is streamed to a computer computing device associated with the request, the watermark is applied to at least a portion of the unencrypted content in real time. Method, wherein the dialog information further includes at least one of the following items: a client device identifier, an end user identifier, a digital right associated with an end user, 15-end user name, a A password, a hash, a credit card number, an Internet Protocol (IP) address, an identifier of a content owner, an identifier of a content encryptor, an identifier of a content provider, and the content 22_—A modulation data signal used to propagate content on a network, the modulation 20 data signal contains a command A computer computing device instructs the following actions: to transmit a request for the content from a client device; to transmit dialog information associated with the request from the client device; 34 200533141 to receive a string on a watermark marking component The content of the stream, wherein at least a portion of the content is encrypted and at least another portion of the content is unencrypted; enabling the watermark marking component to determine a watermark mark based at least in part on the conversation information; and When the content is streamed to the client device on the network, the watermark marking component can apply the watermark to at least a part of the unencrypted content in real time. Variable data signal, wherein the watermark 10 mark component further includes at least one of a watermark mark bridge and a watermark mark plug-in component. 24. A device for distributing content on a network, comprising: a component for receiving a request for the content; 15 components for receiving dialogue information associated with the request for the content A component to receive the content, wherein at least a portion of the content is encrypted and at least another portion of the content is unencrypted; a component to determine a watermark mark based at least in part on the dialog information ; And 20 when the content is streamed on the network, a component for instantly applying the at least one watermark to at least a portion of the unencrypted content. 35