TW583568B - A secure access method and system - Google Patents

Abstract

A secure electronic content system and method is provided. The system includes a controller including an interface component, a host system coupled to the controller, the host system configured to present content under predetermined conditions, the host system operable with a navigation protocol, the host system further including a system manager operable with an associations component configured to be at least partially run by the host system, a translator configured to provide meanings and generate commands within the host system at least a first digital rights management (DRM) component configured to provide encoding and access rules for the content; and a file system component including a file system application programming interface (API) configured to provide a logical interface between a plurality of components.

Description

583568 [(ΦΗ V. Description of the invention (1) Field of the invention The present invention is related to digital rights management and data preservation, and in a Thunder 1. In particular, the present invention is a full-mode access, copying, and control of the internal environment It can ensure the description, system and method of related technologies. Since the Internet and the game, various entities (including: people, electronic devices, technology, etc.) have been introduced to the world.

Functional Personal Digital Assistant (PDA,) and? : Electric = 2: The fast transmission of Bexun is not completely without disadvantages. digit

Although m can be easily transmitted, it may also be easily accessed by many entities later. The so-called "Hacker" is widely noticed by quickly retrieving computer system information before being detected. Similarly, the website of the World Wide Web (www) may also be on the Internet Road (Interne) quickly disseminates electronic valleys, such as: music (Mp3) materials that contain copyrighted content. Therefore, 'electronic content may be transmitted to unintentional bodies for various reasons. In view of this, electronic content providers (Whether it is the company ^ number or even a single citizen) is gradually paying attention to the issue of data preservation of electronic content. At present, issues related to the preservation of electronic content and the Internet are being debated in a timely and lively manner. For example , Alanis Morissette (A1 anis Μ 〇risse 11 e) was once called "

Page 7 583568 5 Description of the invention (2)

Online Entertainment and Copyright Law ·· About to enter a nearby Digital Entertainment (Online Entertainment and Copyright Law: Coming Soon Toa Digital Device Near You) · 'At a hearing, Bai Olin Haiku (〇rrin Hatch A US Senate Divisional Law Committee led by) specifically pointed out issues related to copyright and royalties. In her congratulations, Alanis (A1 an is s) clearly pointed out that the goals of content creators, content = donors, and content users are different. Among them, most of the commercial content owners are expecting to be paid for electronic content. These contents provide "concerned about the universal content reproduction without any remuneration. = Music CD (CD) and Digital Audio-Visual Disc (DVD). In addition, u users tend to hold the opposite of content providers For the purpose, Fa Erwang can reproduce without authorization including: digital; digital, movies, digital books #, and the like. Chalk soft providers and individual content use 纟, content creators have: J content as many listeners as possible And often I- & hopes that this is enough to own the target. It will tear up the main reasons for the increase in the dissemination of targets and rewards, computers, and other technologies for dissemination of miscellaneous data. This ... valley speed It is the material that leads to trying to ensure the content and transaction; = data preservation technology is the preservation technology is to use a time stamp, ^ ♦ For example, a data counter (counter) to determine a " V ^ (Btlmesta Shuai) or one to protect the security of electronic transactions and content. The other can be identified to ensure cryptography and mathematical algorithms. The material security technology is focused on learning methods. We can provide content and transaction confidentiality and also

583568 V. Description of the invention (3) = Provide authentication, completeness (for example: confirming the transmission of a message, ir more fi, and non-repudiation (to avoid incorrect rejection of transactions)--° p is cryptographic means It is called "restrictive algorithm", which is usually used in the application of pc. Recently, the cryptographic key is a key that is used to simultaneously encrypt the content and decrypt the content to protect the security of the content = .For example, & key-based cryptography can disseminate an algorithm :: assume the risk of Beco's security gap caused by the data retention obligation in the key itself. Ί Two! F There are already many A kind of cryptographic golden means. Among them,-the type of cryptographic key :: the key means of replenishment "In this kind of system key means, one plus: Bu =": the decryption key is calculated, and vice versa. Another system means ) This kind of publicity: 2 = public gold record means (or keys not used for decryption are not the same: encrypted gold records and points. In particular, this is called the x.509 protocol ... For example, the Internet provides a framework for applying these agreements. Is an algorithm determined by n. On the contrary, each user will have the use of the ff certificate. * This rule has a signature certificate (which is ^ Shute ’s name, and will also have a certificate management center ( ca) issued: a: 3: a trusted X.509 certificate, typically block the 'open key). in an identification code, issuer, valid including. version, serial number, algorithm , Government, subject, subject public key, and signature. $ 9 pages 邡 3568 、 --- — _______ 5. Description of the invention (4) In particular, a version field is a format used to identify this certificate A serial number is proprietary to the Certificate Management Center (CA). The algorithm block is used to identify the type of algorithm used to sign the certificate and includes the parameters needed to execute the algorithm. The issuer The block is used to identify the name of the certificate management center (CA). The validity period block is used to provide the validity period of the certificate. The topic block is used to identify the user's name. This topic Public key block It is used to provide the algorithm name, parameters, and such information related to the public key. Communication using certificates based on the X.509 protocol is known to those skilled in the art. The user communicating with others receives the destination certificate through a database and confirms the authentication action. Confirming this authentication action usually involves multiple certificate management centers (CAs). There is a hierarchical relationship between (CA) and the destination certificate management center (CA). After the confirmation is completed, the 'pass' action can be started. Usually, a timestamp is used to confirm the flowability of the message. It is known that a three-way protocol is an authentication protocol that does not require the use of timestamps. However, this authentication protocol requires the user to check a random number. The user initially generates, sends back to this destination, and then receives it back from this destination. Similarly, this destination also needs to check a random number received by this user, which was originally generated at this destination. Another known data security technology is the use of fingerprint information. Generally, it refers to ^ 3568 5. Invention Description (5) Purpose: Naaru uses a hash function to achieve it. Known, miscellaneous ... h) functions. A common type of message is to provide a fixed-length hash value 'h, after a manipulating a pre-image of any length r ^ mage), a record of a, a few, a few, and two. —Way) The hash function (haSh). The second right 2) The value, h, is the message that is related to this message; = The data preservation of this hash value, h, is the number of bits in Yuting ’s hash function . Currently

The actual size is one hundred and twenty-eight bits ..., head; J f plural types of different types of hash algorithms, including: Xundong arrived 4 (MD4) algorithm, and far more than the message summary 4 ( 〇4) Algorithm ^ Complex message digest 5⑽5) Algorithm. Another type of hash is the mi function, which is an 11th-order hash (n-hash) algorithm. A hash algorithm that is far more complicated than this one-way hash. An n-hash algorithm is an implementation of an Ik machine function (randomizing functi〇n), hashing. Functions (hashing) and logical mutex functions (x〇r functiOn).

The above description of cryptographic means is a sample of a known digital data security system. Another feature of electronic content data preservation is the focus on Zhao-Rights Management (DRM). Digital Rights Management (DRM) is used to restrict the establishment and management of various rights and the consent of digital content, and is used to support the distribution of digital content. Digital Rights Management (DRM) is an indispensable part of the digital distribution of professional education, education, education, and entertainment.

Page 11 583568 V. Description of the Invention (6) Digital Rights Management (DKM), which is known in part, uses extended notation: (m) to implement access actions, and) = secure digital content transactions. In general, markup language is Achievement Markup Language (SGML). Standard Universal Markup Language 'Universal Standard Language, which defines its format in a text file ί ::: hardware, operating system architecture. The markup language file is such that f = two kinds of combined code tags, and it is embedded in the middle of describing a document element binary set. The webpage browser is used to interpret these programs; = "characters" have their own unique hardware and software functions ^ M courier, while retaining the original format of this document; SGML documents It is the DTD file, which is used to define the file type of the file type. The format code label is defined in the same meaning. Other digital DRM (weaving) Language, and other known Cheng II = Equation II, known systems include: InteFl \. 5 only added =

TexCeUj. Merleaf system, Arb0rText system = As mentioned above, the inner valley provider, content creator, are in conflict dispersal. In this electronic content, today's users are profit management (DRM) systems and cannot understand the "known digital profit management (circle) in 1", which can meet the content "monthly ^ for a digital phase allowable content a consumer Those who are reasonable users look at the stomach, including: Including: content owners and producers, the inner valley provider (Taiwan) also needs a digital rights management 583568 5. Invention Description (7) (DRM), which can Maintain content data preservation, support novel and scalable business models, and create high value in the content market. In view of this, the present invention improves the following areas, namely: how to point content users to the Internet A field of location. [Invention Summary]

With this in mind, the present invention provides a system and method for secure electronic content. This system mainly includes a controller, which includes an interface of 70 pieces, and a host system that is coupled to the controller. The host system is structured to present content under predetermined conditions. This host system = 主机Use a navigation protocol for operation. In addition, the host system π 2 includes a system management device, which uses a related component to perform = Among them, this related component is a framework to use the host system cake part action,- A transfer lesson 11, whose structure is based on this host system, (two, meaning and generating commands, at least-the first-digital rights management-a file system element: structure? Including encoding and access rules for the right content, and sheep椹 This file system application program interface (API) is a wooden structure to provide a plurality of components. According to an embodiment of the present invention, the interface includes: interface-a control 2: a method of preserving electronic content Include the host system to this system to provide input and output of the data. 'Fast access — present the content, the state of the field, and structure this host system to In this given conditions, and a host operating system to view the agreements host system to the system to operate more: a system architecture for the host system management apparatus / member connected to a host system using the execution

583568 Ze is to reduce the amount of bismuth a within the host system 4 丨 丨 Fifth, the description of the invention (8) At least: P is the action, the structure is broken, the meaning, and-generate the command, Architecting at least one-70th digital rights management GAUAN to provide coding and access rules for content, as well as constructing a unified system element, including a file system application program interface to provide a logical interface between multiple elements . The body tablet ii ^ also provides a system and method through which the debt is measured in a medium. The disc includes: an eighth: the push action, the middle of the writing content of this medium. This method consists of two parts: content and a second part located in the pre-: part of this part: 'encloses one or more sections, content, or both in this second part. It is written in this _ = whether the identification code has the predetermined type of identification. = The identification code and code are located in this second part; two, and 2 of these predetermined types The type of this identification code is ί, inside: a region of t and other = species, it is determined that one species or these predetermined classes are detected. The present invention also provides an unauthorized action. , ^ Multiple manufacturer methods. ; A media disc with a master: refers to ♦, in this media disc includes: provide this 婢] period of the host, installation = according to these instructions for the first time to solidify a unique identification mother must = Do n’t code in this media disc to-produce-manufacturer-style code of the media disc, borrow :; Do n’t pass the wheel data to a Hungarian ^ V. Description of the invention (9) for 'Read this one position'. In addition, the film can identify at least one bit that can be written. When the media disc at this position is connected to a connected position to a reply to the film, the present invention also preserves a secure conversation on the media, In the unlocking of the internal security data, this command is the identification code and is the default setting in the architecture storage model. In addition, the data on this storage medium is unlocked, and the physical data attributes are stored according to a content. In addition, the method of the present invention includes: The book must include a unique method to identify the method and a write Entering this or more or more, according to the information provided. This is determined by a storage model and a lock data corresponding to the management of this one less system package, which is based on the existence of the model to the code, one of which is a non-rewriteable entity, The entities, reservation systems, and methods of communication are the types of security for these media. These are: compound materials, engine to find and manufacture with regard to a via, the written part, and the distribution and if the Changing methods include media discs. This party disseminates this media to change the location if this happens. • A channel to receive a life at least one model into the security data to unlock access to an identification data on the lock body, and a secure content several content. Storage mode and an engine that are used to adjust this unlocking by unlocking with the full data corresponding to a data. These guarantees provide a system and set to receive and include at least one field. This method is used to identify several ones. Voucher (in which the media related to the business must have a legal system package or more individual discs related to some media discs. ○ Establish an order on a storage host to manage the rules, the stone horse, these content management types, and In order to secure a storage media order, and 〇 device. 1 'This voucher to protect

583568 V. Description of the invention (10) A digital signature from a certificate management center (CA) is reserved. The following two keys are used to identify the source of the device), and one pair is set. This one stands, the source says this, and if there is more than one conversation _ £ l, in addition, the physical (where the action in the structure of this certificate recognizes this public financial information, and if so Jin Yu's method of the present invention must be verified by using a certificate management key to confirm. Among them, one of the certificates (where this is confirmed with the certificate management center (CA) digitally, a device, digitally signed this valid data is one or more data. After the signature is confirmed, the digits are confirmed to this device, so as to establish a system and method, which receives one or more stoppers to keep a signature, and tries to confirm the receipt of an abolition list (among them The invalidation of one or more documents is valid. Includes: One signature with a digital signature $ Ninja action to the center (CA signature; the chapter, the concatenation is based on the pre-validation or κ is a valid security pass) (Confirmation is included) Open money and the use of one-to-one to determine the conditions, when it is invalid, the transmission of the signal channel. Hunting to abolish one to one voucher ( The key of the certificate or some of the information in the certificate is secure. The media includes at least a plurality of tags of the certificate, and any of them is input to the communication channel. A method of privilege management is also provided. The items that are not successfully confirmed according to this are confirmed as invalid devices (wherein the key system and method required at this time, they include: additional content, multiple levels of content privileges, and at least including this signature except The list is or is not a valid field.) During the signing or during the seal, a dialogue fee) ° By means of preserving privileges, conditions for access actions include one, one is used to identify, and if One or avoid storing more than one piece of media in the media), and agree to this 583568 V. Invention Description (11) '---- Content access operation. In addition, a device for securing content stored on a medium includes: at least one tool for transmitting content to the medium, wherein the tool is structured to add a plurality of levels of access actions, wherein content privileges and predetermined conditions Is used to manage access to this content. [Brief description of the drawings] In order to enable those skilled in the art to understand the present invention more easily, including various objects, features, advantages and advantages of the present invention, the present invention is described in conjunction with the drawings.

Ming as later. In the following drawings, the same numbers are used to indicate similar or identical elements. Fig. 1 is a diagram illustrating the interactive operation of a digital rights management (DRM) system in the secure electronic content (SEC) system according to an embodiment of the present invention. Fig. 2 is a content flow diagram according to an embodiment of the present invention. FIG. 3 illustrates a method supported by a secure electronic content (SEC) system according to an embodiment of the present invention. Figure 4 is an Open System Interconnection (OSI) model of the SECj system architecture according to an embodiment of the present invention.

Figure 5A illustrates the content flow of secure and unsecured materials according to one embodiment of the present invention. Figure 5B is a security method retrieved by the media according to an embodiment of the present invention. Beijinye Figure 5C is an introduction to a voucher according to an embodiment of the present invention Figure 6C is an introduction to the use of a voucher according to an embodiment of the present invention

Page 17 583568 V. Description of the invention (12) A procedure for establishing a safe bell channel. Fig. 7A illustrates an apparatus for performing a confirmation procedure according to an embodiment of the present invention. Figure 7B illustrates a method for securely transmitting data on a channel using a flowchart according to an embodiment of the present invention. Fig. 7C illustrates a method for abolishing a content presentation device according to an embodiment of the present invention. Fig. 7D is a flowchart illustrating the evaluation of a revocation list according to an embodiment of the present invention. Figure 7E illustrates a method performed by an engine when presenting a revocation list according to an embodiment of the present invention. FIG. 7F is an example of the results of the abolition of the listed results according to an embodiment of the present invention.

Figure 7G is the method according to the invention. An example of the organization, a kind of introduction to the content of the organization.

Embodiments = A flow chart is provided to illustrate the embodiment of the creative software package, package advertisement, and storage unit (SKU).丨 U 狂 / r W FIG. 8 is a flowchart of an application program interface (AP J) introducing the digital rights management (CKDRM) playback function according to an embodiment of the present invention.

FIG. 9 is an illustration of the ConntentKeyO according to an embodiment of the present invention.

Page 18 583568 V. Description of the invention (13) Digital Rights Management (CKDRM) A method for duplicating the application program interface (UPI) agreement. Fig. 10 illustrates a third-party digital rights management (TPDRM) copy method according to an embodiment of the present invention. Figure 11 illustrates a method for recording content using this ContentKeyO digital rights management (CKDRM) according to an embodiment of the present invention. Figure 12 illustrates a method for unlocking content according to an embodiment of the present invention.

Figure 13 illustrates a method for copying an Application Program Interface (API) agreement of the ContentKeyO digital rights management (CKDRM) according to an embodiment of the present invention. Figure 14 illustrates an engine that executes a ContentKeyO digital rights management (CKDRM) replication method to replicate content in this ContentKeyO digital rights management (CKDRM) domain according to an embodiment of the present invention. Figure 15 illustrates a recording scheme according to an embodiment of the present invention. Figure 16 is an introduction to playback according to an embodiment of the present invention.

ContentKeyO A method of content managed by Digital Rights Management (CKDRM). Figure 17 shows a more detailed playback method using commands according to an embodiment of the present invention. FIG. 18 is a flow chart showing an unlocking step of the digital profit management (CKDRM) according to an embodiment of the present invention.

Page 19 583568 V. Description of Invention (14) " " ~ ---- Figure. Fig. 19 is a block diagram of the present invention according to the present invention: the implementation example, the spear J is introduced with a flow chart-a digital copy management agreement (TPDRM) copy agreement between the two. Fig. 20 is a figure of a man & — management α_) copying according to the present invention: ：: Fang = Yi Yi ^ According to ^ Fig. 2 A is a picture of a _ pen crying into a subordinate enterprise according to the present invention For example, a flowchart of a protocol written by a host: 'Wang Bei'.

Fig. 22B is a flowchart of a method according to the first aspect of the present invention, which only introduces a method for detecting forged media. Used to provide a server, host, and to represent a writing program. Used to indicate the establishment of a security database. Figure 2 3A illustrates an embodiment of an architecture diagram engine interaction < Figure 2 3B illustrates a flowchart. Figure 2 4 illustrates a flowchart and security metadata. Figure 25 of a program is an introduction to setting up an electronic chart of 26 according to the invention. , 裎 徂, ^ a consistent example, a consumer's view ^ ^ a process for unlocking the content lock of a transaction: interface, used by a Ϊ ：:: ㈣ introduction-a sample user Content lock. "Regulations" " How to solve a transaction Figure 2 8 is launched in accordance with the SEC content of the present invention ;; ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, the, the SEC, the content of the SEC, in this security electronics One of the components that start a material removal lock program

Page 20 583568 V. Description of Invention (15) Flow chart. Fig. 29 is an introduction-capacity (SEC) flow chart according to an embodiment of the present invention. Figure 30 in Queen's Electronics is a description of the types of content available according to one embodiment of the present invention. Taking FIG. 31A in the media is a flowchart according to an embodiment of the present invention. Figure 31B of the easy type is a method according to an embodiment of the present invention. This user interface includes a global resource, location 1 (URL), which enables a user to place a media disc, It is assumed that FIG. 31C is a diagram according to an embodiment of the present invention.

A method of server. Reverse connection to a CKU FIG. 32 is a method for introducing a connection and being requested by a client according to an embodiment of the present invention. FIG. 33 illustrates a method performed according to an embodiment of the present invention. 1Guo Wang Control Server Introduce a web page and a system perspective, and an engine perspective. Figure 34 is a method of a CJU client server according to an embodiment of the present invention. Figure 35 is a method for unlocking content according to an embodiment of the present invention. Figure 36 is a method for unlocking content according to an embodiment of the present invention. Figures 37 and 7 are flowcharts of a procedure for introducing locking according to an embodiment of the present invention.疋 Releasing transaction

Page 583568

Figure 38 introduces a flowchart of a method for removing inner valley locks. Figure 39 shows a flowchart. , Means according to an embodiment to introduce an object interaction between components to introduce a transaction lock release object interaction between components. Figure 40 is a fixed flowchart according to an embodiment of the present invention. Figure 41 is a block diagram showing the [detailed description of the preferred embodiment] The summary of the invention is an example. One ... The electronic content (SEC) system is the focus of the author provider, content owner, and internal content — A solution. This secure electronic access engine, access control, access control rules, encoding, decoding, meaning, connection, navigation, and presentation-an engine, in which the standard of action must provide electronic internal A seamless security system of $ ^ The encryption and access rules disclosed in the embodiments of the present invention are to provide an invisible and seamless Joint Key 0 digital rights management (ckdrm) system. Data preservation of content and enabling the content to be carried and interacted with via appropriate electronic devices. The ContentKeyO Digital Rights Management (CKDRM) can support the reasonable use of content purchasers and users. It uses the ConntentKeyO Digital Rights Management (CKDRM) to directly support the personal use of electronic content,

Page 22 583568 5. Description of the invention (17) and agree to import and export these contents. According to the disclosed embodiment of the present invention, after the Nei Liu which is recorded and unlocked in the media is sold in advance, it can be played through a device whose ^ devices are designed to express this digital key 0 & (CKMM) or other third party digital rights management (TpDRM) s 1 content. In order to facilitate the disclosure of the present invention, the content is recorded in this manual / box, and this term also includes the main control content. In other words, the locked content pre-recorded on the media can also be unlocked through a player / player, where the device / player: receives a clearinghouse 'and performs the update according to an embodiment of the present invention ^ Operation. According to the consent and f news granted in the media, the content of any player is unlocked. What's more, the unlocked content is also expressed by a player related to ContentKeyO Digital Rights Management (CKDRM). This f 'can also be written in line J through the media, and it will not be: to express the content. According to an embodiment of the present invention, for ς pounds ^ a ContentKeyO digital rights management (ckdrm) only a ^ number of pre-recorded and unlock the: pre Cloth who license agreement, and the like household = :, which is the ... receiving Provides W ConntentKey0 Digital Rights Management (CKDRM) can also provide-a variety of content unlocking and content assistance for a variety of novel content consumers go wrong to support

ContentKeyO digital rights management (° ~ the way this s ~ s reason (CKDRM) is the use of can express electricity 583568

The sub-content device (referred to as " player, " in the description). The player is used to implement this Conntent KeyC digital rights management Λ (CKDRM) and form an interface with servers, information stations, duplicators, and the like. The player may have an engine built-in, which is matched with the ContentKeyO digital rights management (cRM) to provide data ^ full, or it can be connected to this engine, for example: a personal computer (PC). Furthermore, the player can also represent content on digital media (such as: discs). In another embodiment, a personal computer (pc) can also be used to implement a player.

This ContentKeyO Digital Rights Management (CKDRM) can also (partly) provide a flexible unlocking method and support transfer of content and rules. The Digital Rights Management (DRM) is implemented and further expanded. In particular, a broadcast Is that implements ContentKeyO Digital Rights Management (CKDRM) can further implement third party digital rights management (TPDRM). In one embodiment, a player with an embedded engine can not only implement ContentKeyO digital rights management (CKDRM.), But also present a file system and a ContentKeyO digital rights management (CKDRM) application through a general-purpose interface. Program interface (Hachiman 1). This (: 〇1 ^ 6111; 1 ^ 70) digital rights management ((:: 1 (1) 1 ^) can also be advantageously provided with many functions, including: unlocking, playback, counting the number of copies, Source import, export to voucher destination, and data preservation of stored metadata. A secure electronic content system. The ContentKeyO digital rights management (CKDRM) system also includes

Page 24 583568 V. Description of the invention (19) Data preservation and access rules as part of this secure electronic content (SEC) system. In order to facilitate the discussion of this secure electronic content (SEC) system, the terms used in this specification are listed as follows: P KI: Public gold infrastructure. AES: Advanced Encryption Standard. API: Application Programming Interface. The term application programming interface (Αρι) refers to the logical interface between different components. CA: Credential Management Center. The term Certificate Management Center (CA) refers to the entity that issues the certificate.

Content Provider: Content provider. Content provider

Provider) refers to the entity that owns the rights to the content and participates in delivering the content to the market. : DataPlay broadcast case system. In at least one embodiment of the invention

The term DataPlay File System (DFS) refers to three open application programming interfaces (APIs) to provide access to digital media and

Engine: Engine. This component is accessed using write. Bow 丨 engine. Client PC

Host: The host. This device is used to control this USB: Universal Serial Port. This device refers to the physical connection between this user (PC) and a link engine. MAC: Message Authentication Code. Message Authentication Code (M AC) is an abbreviation for Message Authentication Code.

P.25 583568 V. Invention Description (20) is the abbreviation of Secure Hash A1 gor i thm, which is defined by the Federal Information Processing Standards No. 186 Announcement Document (FIPS PUB 186) of the National Institute of Standards and Technology (NIST) .

Protected Content ° The term Protected Content is the content stored on digital media in an encrypted form under the management of Con Tent Key 0 Digital Rights Management. (CKDRM).

Unlocked Content: Unlocked content. The term “Unlocked Content” refers to protected content that can be expressed on any certificate-issuing device (which can express content). In these J situations, the unlocked content pre-recorded on this media can also be referred to as ® Primary Content.

Locked Content: Locked content. The term Locked Content refers to protected content that cannot be expressed before a ContentKeyO Digital Rights Management (CKDRM) unlocking transaction occurs (it is used to change content to unlocked content). Locked content can also be referred to as Secondary Content.

Key Complement: Golden complement. This information is used to complete a set of decryption keys to enable the locked content to become unlocked. Please refer to Table 1A, which shows the interactive operation of various parts of this secure electronic content (SEC) system. Table 1A: Interactive Operation Stack 101 User Interface 1 0 2 Presentation

Page 583568

103 Navigation 1 0 4 Connected 105 Meaning 1 0 6 Coding 1 〇 7 Access Rules 1 0 8 Encryption I 〇 9 File System II 0 Media Table 1A provides an interactive operation stack, which is used

ContentKeyO's Digital Rights Management (CKDRM) operates in multiple layers. This stack further includes the data layers provided by each of the digital rights management (TPDRM) providers (the second is a player with an appropriate engine embedded in it, and the type is coupled to the Ler, the internal amplifier In this specification, the term " engine " refers to the component of the digital media that provides read and write access. In this way, it is sufficient to include one for each embodiment that is not invented. Or more, such as: an 11¾ ^ ΛΛ early blade, software, hardware, or any combination thereof. This,

ContentKeyO Digital Rights Management (CKDRM) is focused on these six operationally stacked data layers 107 and 108. ^ Please refer to the data layer 110 for the parent's mutual information. The pre-recorded or written electronic content is Zhongren on this media and cannot reside on a playback or an engine ~ This system can start multiple methods to store data in one Media disc. For example, according to one embodiment of the present invention,-'

Page 27 583568 V. Description of the invention (22) The movie can hold the contents of the same ~~~~ on the same disc, or it can accommodate the pre-recorded at the same time. The recorded content and written data can also use large blocks or communities; In addition, each on-chip. The form of 卄 is stored on this disc. Please refer to the data layer 109, this system can have a hierarchical directory structure. In this way, through this:-A kind of data written with "writes" and written back through the file system can be stored as file data / materials. ^ (Reads) " Returned examples, only stored For the talents of the file, x, a real application programming interface (API) of the present invention is added here through the file system r and; (broadcasting; embodiment ；) to access the data ==: The application world * and the write command can be used to read the resource information w ... the file can be read through the file system. ^ The complete access action to the woodpecker.: +: Nengu engine supports this slot system ... ： Data will be Can be seen through the host, such as two T: Moon Dagger Internet, mail extension (MIME) type, A small, to

Eighty of his 70 poor materials can only be exposed through this ContentKeyO, the application programming interface (ApI) of CKDRM ^. ^ Other metadata can only be viewed through an engine. ♦ For example, according to an embodiment of the present invention, the secret media knows page 28 ^^ 568 5. Description of the invention (23) _ ^ Horse and private The metadata can only be expected to be related to a disc H like 5 丨 engine to see. By changing and managing this metadata, the disk capacity of each engine can be changed. The consumption of '9' catty is less than that of a paste and an engine that can be supplied according to the present invention, instead of being stored in the '疋 料, the raw material is linked to this, and the material is usually not able to be tied through this file ;: Yuan, Yuan ·: Use and private Jin Yu pairs. This set of gold records is produced in a well; a secure process. According to the present invention: the field update of the private storage of i =, root engine is through an example, (CKDRM) (RM) metadata and various files are stored ::: number: if necessary on the right. , You, if the other files are also :: Xing 赵 Zhao Gen; an implementation of this invention you, any metadata. Article "I; several young people and three digital rights management (~) includes a metadata management (TPDRM) metadata, each has an identification code, which matches a received &

or ^^ tKeyO Digital Rights Management (CKDRM) certificate (which-Six Brother Yue Lingzhong), to access this metadata. )of! In the embodiment, a third-party digital rights management (τρ_ 70 Bekonai is stored with each file, and therefore, a metadata system that has been used in an appropriate file system, ^

Page 29 583568 V. Description of Invention (24) Such as: · DataPlay File System (DFS). The third-party digital rights management (TPDRM) metadata node can have a bit set in a file system flag definition to identify these data as third-party digital rights management (TPDRM) metadata. A metadata packet can be as shown in Table 1B. Among them, each symbol represented by π Γ followed by a number is used to represent an unsigned value and a bit length of the value. Table 1B Type name description / use

struct META * psN ext internal index of linked lists. DFSIDDf sld file disposal with this metadata attached. DFSFLAGFlags Flags for internal use—including a bit to define this object (such as digital rights management metadata) must be set. U1 6Metadata〇wner must match the metadata owner of the received keyKey certificate to establish the identifier of the metadata ownership. SYMMETRIC —KEYMe tad at aKey is the key U16ByteCUnt metadata used to encrypt these data, U8 [] Metadata, a digital rights management (DRM) metadata itself, in one embodiment of the present invention, The metadata of) is stored in random ten thoughts. However, if the data of the third party is too large to be complete, then the present invention can use the third party digital rights management (TPDRM access memory (RAM) type of digital rights management (TPDRM) meta) to be stored in Random access memory (RAM)

583568 V. Description of Invention (25)

The storage of materials, of which the third party digital rights management (TpDRM) metadata is replaced with the storage location corresponding to this metadata object. In addition, the special data can only be accessed through the application program interface (API) of the Cntent Key Digital Rights Management (CKDRM), which includes: the data managed by this engine, including the Key and metadata to keep the copy count. According to some embodiments of the present invention, the data that can be accessed through the ContentKeyO digital rights management (CKDRM) application program interface (AP I) includes: a data managed by a second third party digital rights management (TPDRM) In this example, the data format is defined using this third party digital rights management (TpDRM).

Now refer to Figure 1, which uses a block diagram to introduce a content storage model of the electronic valley. As shown in the figure, this electronic content can be stored and managed according to a total of five basic models. Among them, one type is expressed as π unmanaged content using only the file system method. "2. Unmanaged content 120 includes basic information, such as" cleartext "data, which is like a general computer storage model. In addition, the first Figure 1 also shows that there is a third party digital rights management (TpDRM) management content "13〇. This kind of content can use the same methods and means as the unmanaged content 120. This type of content includes a third-party digital rights management (TPDRM) management content using only a file system approach. "18. In this model, this third-party digital rights management (TPDRM) must be Data is responsible for data preservation. Model 180 does not need to use this kind of CntentKey digital rights management (CKDRM) to this third party digital rights management (TPDRM

Page 583568

) Is pre-certified, so any type of third party digital rights management (TPDRM) can operate the management content of this model. This model is suitable for storing third-party digital rights management (TpDRM) management content, but there is no data retention method. In another type of electronic content storage, the third party digital rights management (TPDRM) manages the content to be accessed using the file system method, but the access action of the metadata is profitable. CKDRM) means, just like this application key interface (CKDRM) application program interface (Αρι) 182. According to this embodiment, a content storage model can provide a high level of data security for metadata and encryption keys. Block 184 is about a model that uses the metadata rules of ContentKeyO Digital Rights Management (CKDRM) and an application programming interface (API) for third-party digital rights management (TpDRM) to manage content. The three digital rights management (TPDRM) application program interfaces (Αρι) are used to manage the performance of electronic content. This model can provide a high level of data security for the content itself, while the encryption of other data layers is implemented using an engine. 0 Within the other, the storage model 14 is used to represent: content (content and meta-feed) It is managed by a third-party digital rights management (TPDRM) U and ContentKeyO digital rights management (CKDRM) rules at the same time. The eleven models 140 can accommodate an overlap between digital rights management (CKDRM) official content and third-party digital rights management (TpDRM) management content. Therefore, this system can also support transparent

Page 583568

Access to the application world of Digital Rights Management (CKD ·) (^ ΤΡΤ ^ PM \) to access and use a third-party digital rights management (TPDRM) to manage content. Storage: Fork? 1 50 is for To show that the content and metadata are managed using this Cor ^ tentKeyO Digital Rights Management (CKDRM). Model 1502 does not allow the metadata to leave the engine, so as to provide a relatively high standard for this theft. Data preservation. One type of content (which applies to this model) is pre-recorded content.

A third party digital rights management (TpDRM) controlling the content can select the model to be used to move the content to the cymbal. As familiar to this artist #, the rules governing this content may limit the choice of models to be adopted. In addition, the data preservation needs to be met may also be changed afterwards: the choice of model is adopted. Among them, the ConntentKey〇 Digital Rights Management (CKDRM) model can usually provide a higher level of data preservation. Furthermore, these ContentKeyO digital rights management (CKDRM) models can provide consumers and content providers with more effective and valuable benefits when they are sufficient to manage the necessary permissions for this content.

Figure 1 further shows that this system provides at least two types of content access actions. In particular, the access action 160 means that the content can be directly accessed if the content is accessed using a file system and is not managed. In this example, protected content can be accessed through the file system's application programming interface (API) through this access action 16. The access action 1 7 〇 means that the protected content can be accessed through this (: 〇1 ^ 6111: 1 ^ 70 digital rights management ((: 01 ^)).

Page 33 V. Description of the invention (28) = 1 :: f2 Media V It is a content flow chart 20. To introduce the flow in the ΐ (SEC) system. As shown in the figure: The second donor 202 must first decide whether it conforms to the model shown in Figure 1 = two? When an original production film is produced in vivo, one copy is produced and several copies are used for dissemination. In line with this content stream (Yi Er includes: music CD (cd), digital video optical i81> 1 叼 tilt disc optical discs, and magnetic media such as floppy disks or magnetic tapes. This duplicator 204 is One made

^ It can add any necessary information to any media to activate the data security function of this content, as always! Pictured. According to another embodiment of the present invention, this content is flowed from a content provider to a server 11206. In one embodiment of the present invention, the server 206 is used to transfer the female whole inner valley to one or more information stations 207, and directly to an engine 208 (3) to receive The safety data is also transferred to a linked host 210, which is coupled to an engine 208 (3). In an embodiment of the present invention, the connection host 21 () is a personal electric month b (PC), which can start ContentKeyO digital rights management (CKDRM), third party digital rights management (TPDRM), and files System rules. At the same time, the content will also flow from an engine 208 (3) to an embedded device 211. In one embodiment of the present invention, the embedded device 2 丨 1 can start ContentKeyO digital rights management (CKDRM) and third party digital rights management (TPDRM). In addition, as shown in Figure 2, content flow also includes flow from one engine to

Page 583568

V. Invention Description (29) Another engine between 208 (2) and 208 (3). This type of content flow occurs during a copy function and will be explained further below. System Architecture Overview This ContentKeyO Digital Rights Management (CORM) operates in the context of this secure electronic content (SEC) system. Figure 3 is a diagram illustrating the methods supported by this secure electronic content (SEC) system. These components include: a content provider 30 2. tools and processing to generate pre-recorded content 304, appropriate media (such as a disc) 306 engines 308, the players 31 previously discussed, and these digital Right of Prime Minister (DRM) 312. official

According to one embodiment of the invention, these elements are organized into a system architecture whereby the secure electronic content (SEC) system is divided and assigned its responsibilities. For example, a content provider 302 is responsible for bringing in the original content and performing all variable quality related decisions. These decisions include: those files must first be locked and unlocked; when should this file be unlocked; whether this content can be performed using a player that implements ContentKeyO Digital Rights Management (CKDRM) or a third party digital rights management (TPDRM) Playback; how many times can be copied according to ContentKey 0 digital rights management (CKDRM) or third party digital rights management (TPDRM) rules; and C ο ntent K ey 0 digital rights management (CKDRM) and third party digital rights management ( TPDRM) what rules should be managed in the field. In one embodiment of the present invention, the electronic content system can support global second-party digital rights management (TPRM) rules to limit one

Page 35 583568 V. Description of the invention (30)-The number of subsequent copies agreed by the third party digital rights management (TpDRM). In other embodiments of the invention, the electronic content system can support specific third-party digital rights management (TpDRM). The tools and programs 304 that produce the first recorded content 304 are to take all the input from a content provider 302 and generate the appropriate digital media 306 to match all the pre-recorded content requirements. This content will then be compiled into one of a plurality of formats, if not yet encoded. This content is added to the encryption layer using the funds generated and stored by a predetermined method (as described in the specification). This ContentKeyO digital rights tube

The metadata of the management (CKDfM) and the 7L data of this third party digital rights management (TPDRM), if any, are stored according to the method described in the instruction manual. According to an embodiment of the present invention, the digital media 306 includes: all information required to support all the wood models and content providers 302 to specify the license 0. According to an embodiment of the present invention, a player 3 10 is A credential host 3 1 6 'receives a $ credential 31 8 from a credential management center (CA) 3 2 0. Credential 31.8 is an authentication department used to provide these agreements

= 、 Asia establishes an authentication channel to access the secure application programming interface (API) ° 3 engine 308 presents an application programming interface (API) to these players 310, and presents a third party digital rights management (TPDRM) and ContentKeyO 々 Rights Management (CKDRM) to support multiple adopted models. In one embodiment, the engine 308 is implemented through hardware and firmware.

583568 5 Invention description (31) Application method, and also data encryption through encryption key. In a practical application of the present invention, the engines that support the present invention are exclusive to each engine, and, the second force =, these encryption funds are used. For example, each engine can store a list of signature keys shared by all engines. In one embodiment where there is a non-volatile memory, it can be an array of public disclosure. This is the signature of the heart (CA). The key is used for authentication certificate management. In one embodiment of the present invention, (API), this reference is the application program interface point. This engine 308 is used to perform decryption and encryption operations on the various encryption layers on one end of the playback authentication connection, and the disc layer in the 1-pass function performs basic deactivation. The engine can be used to manage playback and The number of copies on the Λ solution wm engines_. In an embodiment of the decrementing disc 306, the engine 308 uses a CKDM (USB) or a digital rights management and DataPlay file system (DFS) with these ConntentKeys. The application program interface (API) adopts an application program interface (Αρι) -compliant program to operate. This driver program is based on the present invention—a model; ^ This is enough to make this engine and other hosts (which include players, such as : Human package shame) carry out communication, without any hardware manufacturer of this host or why. This operating system can use a Windows registration file (WmdowsTM Register) or .inf file to communicate and connect to multiple engines When it comes to a host, determine the position of this driver 9 in a M3568 V. Invention description (32) systems. See a device of a device in c5U8

It can also be a flat two top / machine ° P knife. Or, 'A player 310 has an engine mm㈣W 31. All use this to refer to 8 = In the example, 'player r ΔΡΤ, ^ Ή take the application program interface presented by 308 plus M ^ / to access the content and presentation information on a disc 3 06 . This > device 31 is using this information to present the data to a use and to express this content. In order to access secure content, the player 3iq is an endpoint of the authenticated connection established in the secure application programming interface (Api) 3G9. Furthermore, in order to play the content, according to an embodiment of the present invention, a player 3100 must also issue a voucher to a player 3120 at a management center 3200 and require an authentication channel. The procedure for issuing this certificate includes: issuing a public key and a private key pair, and a certificate 3 1 8 to the player 31 0. This authentication channel may agree on access to a secure application programming interface (API) 309. As mentioned earlier, Content KeyO digital rights management (CKDRM) and one or more third party digital rights management (TPDRM), if the media is

The framework uses third party digital rights management (TPDRM) to manage rights and manage the operation of secure content. C n t e n t K e y 0 Digital Rights Management (CKDRM) and / or Third Party Digital Rights Management (TPDRM) are used to implement the rules specified by the content provider 302 and stored on the disc 306. To access secure content, the ContentKeyO Digital Rights Management (CKDRM) or a Third Party Digital Rights Management (TPDRM) is

Page 38 583568 V. Description of the invention (33)

An endpoint of an authenticated connection has been established in this secure application programming interface (API) 309. This third party digital rights management (TPDRM) implementation is outside of this engine 308. In addition, the engine 308 provides secure storage on the media 306 through a secure application programming interface (AP 1) 309. Furthermore, if the media system is structured to take advantage of third party digital rights management (TPDRM), then these third party digital rights management (TPDRM) need to be consistent with the disclosed secure electronic content (SEC) system. In particular, a conforming third-party digital rights management (TPDRM) must require an authentication channel before accessing content and security data. According to an embodiment of the present invention, the authentication channel is through: firstly issuing a certificate to the second party digital rights management (TPDR M), and issuing a pair of public key and private key and a ContentKeyO digital rights management (CKDRM ) Credentials, which are then generated. The C ο ntent K ey 0 digital rights management (CKDRM) certificate may include a certificate management center signature public key identification number (CA Signature Public Key ID) or public key identification code, as an engine 3 0 8 An index of a list of authentication signature keys is used in a number of different applications, which will be explained further below. This authentication channel is created for further access to a secure application programming interface (API). Please refer now to FIG. 4, which represents an open system interconnection model (0SI M0del) of the secure electronic content (SEC) system 40, so as to provide an overview of the architecture 'and to support the reference to FIG. 2 And other functions. In Figure 4, this layered open system interconnection (I) model 4 0 0 is

Page 39 583568 V. Description of the Invention (34) is used to indicate the paths supported by these hosts 3110, G3 Engine 3008, and Media 3006. As shown in the figure, the fourth diagram includes an entity layer 410, a command data layer 4 06, a data link layer 4 08, a dialog 4 0, and an application layer 4 ()2. Figure 4 is a reference—interconnected components between a host computer, an engine 308, and digital media 306, to illustrate the use of a lean layer. In addition, interconnections other than the host 308, the engine 308, and the number 306 should also fall within the scope of the present invention. For this reason, excluding such interconnections in j is not intended to limit the present invention. ° Interconnection (0SI) model 4 is referred to Figure 2?: Inner valley flow is explained later. A media 3 06 (such as: ^ ΪI ί A㈣H is permanently fixed in an engine 308 media and file system file data 47, file system metadata 472, fntentKey0 digital rights management (CKDRM) element f > 3: Take: Zha as part of the physical layer 4i. * This main detail and :: bow 4 engine 7: these data are through the physical layer interface m and 448 into = k I media 306 data is through a Data Λ in data file 460: In the optical disc embodiment, located in the optical element interpretation may be needed #Clear: Other types of media

It requires a magnetic j to "brother magnetic media, an interface ^ 2 is;? / Machine 310 and the engine 3008 in this command data :: Use f to provide this data link layer 408. Enter action 454 to Λ : ―A player reads or writes this media through reading / writing. G. You and Shi wrote this engine 308. In everybody ’s care, it ’s called “the host 308 and

Page 40 On the order layer 406, the interface agreement is 583568 V. Description of the invention (35) According to the data read in the fetch / write action 4 5 4 to implement a building case system 42 and / Or the ContentKeyO digital rights management (CKDRM) 4 3 0, especially according to an embodiment of the present invention, a host 3 1 0 must issue a certificate 4 丨 3 at the application layer to perform ContentKeyO digital rights management (CKDRM) ) 430. The sequence of issuing certificates (which will be described in more detail below) is used to determine whether the host 310 is a secure 416 or an insecure 414. A credential host can perform encryption / decryption procedures in this dialog layer 404 to authenticate a channel (which will be explained further below). An uncertified host 412 executes an insecure process 41 4 through an open file system 42 in this dialog layer 404. For insecure content, the engine 308 executes the file and metadata mapping action 44 on the application layer, and executes the open file system 42 on the command layer t06. In addition, for secure content, the k engines 3 08 will not only process the files and mapping resources at block 44〇 =: At the same time, this command will also use the cKntentK on the data layer 406 to manage and benefit (CKDRM ) Rule 430, through data preservation action 416 (2 :: secret / decryption action 418 (2) to include some encryption and decryption actions in this dialog layer. According to the present invention &-embodiments, J. and This bow, engine 3.8, is to use the server ... to C to the media 36, it should be in the dialogue hierarchy ... :: intact: set 'to act simultaneously with this media. With 402': t The secure and two-secure data can be managed in this application layer 402 using the block management device 45.

583568 5. Description of the invention (36) The fourth figure is used to show: the unauthenticated host application accesses the secure session 416⑴, performs data encryption or decryption 418⑴, and executes ContentKeyO digital rights management (CKDRM) command 43〇 ^ Figure 30 shows the certificate host application 413. This is enough to access all the file system methods provided by uncertified applications through the file system 420.

ContentKeyO Digital Rights Management Data Preservation-Overview Please refer to Figure 5A, which is an overview of the contnKeyKey Digital Rights Management (CKDRM) data preservation. The ContentKeyO digital rights management (CKDRM) is used to implement an effective lean material preservation model, in which electronic content is generated and preserved through an application 516, and is represented as file 502 and metadata 504. Subsequently, these content elements 502 and 504 perform encryption operations. Therefore, when the content file 502 is read or copied through an open application program interface (Apl), an encrypted form is returned. When content is accessed for playback or passed to a third party digital rights management (TPDRm), the content is returned in a higher encrypted form. The access to the secure content 50 2 and 504 is performed through the open application program interface (API) 50 6 and the secure application program interface (API) 508, respectively. Open Application Programming Interface (API) 5 0 6 only allows complete archival read and write access actions 512; these secure metadata and unencrypted content cannot be accessed through Open Application Programming Interface (AFM) 5 06 supply. Moreover, neither the secure application programming interface (Ap I) 508 nor the open application programming interface (AP I) 506 can reveal the original content and block the media.

Page 42 583568 V. Description of Invention (37) Take action. These secure application programming interfaces (APIs) 508 must restrict access to content 502 and 504. In this way, only secure application programming interfaces (APIs) can retrieve secure metadata 510 ^ Furthermore, this access The operation will also be restricted by the abolition operation in the method 5 1 8. These open and secure application programming interfaces (APIs) 506 and 508 emphasize a key difference between a hard disk interface and an interface that utilizes application programming interfaces (AP I) 506 and 508. According to an embodiment of the present invention, the block-level accessing action of the media content is performed through a firmware having a driver. In a computer, the contents of the hard disk, A block level access can usually only be performed through a block driver =. This firmware can avoid the problem of open access by not supporting the box driver = I port. The label Λ = γ is hierarchical. In one embodiment of the present invention, the slice can have a writable, write-once portion, and a read-only portion with the contents of the -Zhu. A media identification; record first ::::, and may or may not be the same identification ::: = In one embodiment of each month, this identification code is another one, which is taken from the film and extracted For use in a special Tinggu media disc) and / or firmware. This identification code can be a seed for helmet-road, regardless of whether the encryption block is an encryption method for C: η " 10,000 yuan. Second, figure 5B, according to the present invention is related to a media including an identification code, and ::: is a fork: block. In the embodiment of the present invention, this force: there is a solution. The double data encryption standard (trlple-DES) force can be a

Page 43 583568 V. Description of the invention (38) Security method for media retrieval. Fang 埗 Η ^% θ $ From six or two cylinders you… this 杳 4: 1 π 鬼 53 0 Nai 启动 through the Wei blade body to start the asset access action. These shells can be stored in a block driven by a block inside the firmware or cold-female & 4 sides

It is used to avoid data users other than this firmware. You can also access the data. In this embodiment, the early blade body is a sentence technique i, which is enclosed in a special application integrated circuit (ASIC). This firmware is $ 1 and amp. 利 Ricong and integrated circuit (AS I C) for a special application can be located in a host shirt j-column version of the power grid ^ 戍 邛 邛. In one embodiment of the present invention, the firmware may include: a digital slave management (TPDRM) application program interface (API), a thin "+ τ,, Q" , A ContentKeyO digital rights management (CORM) application program interface (Αρι), and / or a DataPlay file system (DFS) application program interface (Αρι). Please refer to Figure 5A again. This block diagram is used to further express these security application program interfaces (APIs) 508 and security content 502 and 504 must require a certificate 5 1 4 to further limit . According to a credential issuance procedure shown in Figure%, in block 550, the host receives a credential 514 from an entity that controls the credential of the host. This certificate 514 is used to designate the secure application interfaces j AP I) 5 0 8 that an application 516 can access. In this embodiment, a host may include any engine that owes an engine, a third party digital rights management (Tpj ^ M), an application program running in an open computing environment, or an information exchange server. Device's physical device. In particular, the contentKey0 digital rights management (CKDRM) certificate can use a private key (which is assigned based on a type of device) to perform the signing action. In one embodiment of the invention, the private key can only be used for one category, and

Page 583568

And, its corresponding public key belongs to only one category—this build category can include: engine, one inside; one: port; a host device with digital ί / Ο port, one with embedded engine and / 0 port Host device, and not all lost. The name is too respectful. ^ 1U host application of the 1U engine. In one embodiment of the present invention, the engine can set a public key, and the engine is not a host. 1 Taro value to identify an embedded Please refer to Figure 5C, in block 552, in order to start a copy action, each engine must receive a

To receive a voucher, • Do not have a built-in — a type of application. At block 554, 'the entity that controls the issue of the certificate is a plus poor', chapter certificate 514. This voucher 514 is used to indicate-the type of difference. -It is used to specify that the certificate holder host is used to receive access to the full program interface (API) 5 0 8. In one implementation of the present invention: "The certificate 5 U is used to Identify the company that issued this voucher 5 j 4. In another embodiment, the certificate 514 may also indicate one or more categories of these engines and & hosts, including: product type, 5-line, model, revision, and serial number. , ^

Table 2A shown below is to show a certificate according to an embodiment of the present invention. Table 2A Field No. Block Name Assignment Task 1 Credential Management Center (CA) identification code, version is assigned by the controlling entity 凴 action entity

583568 V. Description of the invention (40) 2 Signature key identification code (ID) is assigned by the certificate management center (CA) 3 Disclosure method is assigned by the certificate management center (CA) to limit the host license 4 The company is authorized by the certificate management center (CA) Assign 5 model identification code (ID), the revised version is assigned by the company 6 meta data identification code (ID) is set by the certificate management center (CA) 7 host signing key is assigned by the company for host signing confirmation 8 certificate management center (CA) Signature confirm all fields 1-7 9 Serial number assigned by Tian company 10 Agreement key assigned by company for secure key exchange 11 Host signature assigned by company (Host agreement public key is assigned by corresponding host Sign the private key of the public key for signing) Confirm all the fields 1-10 (CA) Signed on a device key to correspond to a seal is a three-column accreditation that has been certified and familiar with this technique Let the wrong entity account for these. The first eight items in Table 2A are supplied by a company that requires a certificate to a certificate management center (CA). A company keeps a private key, the host signing key. In the certificate management, a private key is used to generate the public key list specified in the identification code (ID), and the first eight objects are returned to the manufacturer. The last bit, 9-11, was added by this manufacturer. Then, an embodiment is started. After understanding the disclosure of the present invention, the artist should understand that this certificate is a wrong device and a device with potential defects is invalid, and controls the quality of the host and the engine. Fields 1 to 8 in the present invention are issued by entities controlling the host and engine

Page 46 583568 V. Description of Invention (41) and provided to a device manufacturer. Later, the device maker will add booths 9-11. In one embodiment of the present invention, these vouchers; the horse class is able to provide a set of methods that can be exposed, as: = 2: is the method specified by the digital rights management (CKDRM) voucher. Any combination of methods can be exposed using this credential format. However, what Table 2β provides is an example of a possible method that can be exposed through this category of credentials.

As shown in the table, these categories can include an engine, a player, a third-party digital rights management (TPDRM) domain, a ContentKeyO digital rights management (CKDRM) original video production tool leader, "a Information stations, and a clearinghouse server field. These methods are the two methods of digital rights management (TP%) and ContentKeyO digital rights management (CKDRM). Although any combination can be used in any particular category Disclosure method, Table 2β only shows one of the possible embodiments. Table 2B Category Disclosure Method

Engine ContentKeyO Digital Rights Management (CKDRM) Copy and Play HContentKeyO Digital Rights Management (CKDRM) Records ContentKeyO Digital Rights Management (CKDRM) Play Second Party Digital Rights Management (T pdr μ) C ο ntent K ey 0 Digital Rights Management (CKDRM) records Third Party Digital Rights Management (TpDRM) Copy Read Security Metadata Write Security Metadata

Page 47 583568 V. Description of the invention (42) -------- C ^ i ^ tentKeyO Digital Rights Management (CKDRM) original video production tool, poor, station ContentKeyO Digital Rights Management (CKDRM) record writing ^ full Metadata χ Clearing House ContentKeyO Digital Rights Management (CKDRM) records ContentKeyO Digital Rights Management (CKDRM) unlock σ ~ Please refer to FIG. 5C again. In one embodiment of the present invention, in block 52, a security Electronically, (SEC) systems can be used to provide the host. In particular, in the approval of the host, the cnntentKey digital security management (CKDRM) security application program interface (Αρι) can only be accessed through a host officially recognized by an entity (such as: DataPlay). In one embodiment of the present invention, this authorization action includes. In block 556, a certificate issued by this entity (such as: Dataplay Corporation) is used to indicate the ContentKey 0 digital rights management (CKDRM) security application that can be provided. Interface (Αρι). Table 2C below is another more precise form for providing a ConntentKey digital rights management (CK DRM) format. 2C epitope byte shift stop name type value 0 Voucher Management Center ID U1 6 (unsigned 丨 6-bit value) Assigned by an entity (such as: DataPlay) 2: 3 voucher format version u 丨 6 by 4 · 5 assigned by the certificate management center (c A) Signed by the certificate management center public key identifier u 丨 6 is assigned by the certificate management center (CA)

583568

V. Description of the invention (43) 6: 7 encrypted version u 1 6 assigned by the certificate management center (CA) 8: 〇 Exposure methods EXPOSED METHODS: Represents 2B # 士 β ^ — & β 1 Assigned by the Certificate Management Center (CA). Use _-, fingers / fr to encode each method horizontally to identify the disclosure method 10 ·· 15 Reserved 1U16 [3] Reserved 1 6: 1 7 Company U1 6 Assigned by the Certificate Management Center (CA) 18: 19 Department U16 Assigned by the company 2 0 · 2 1 Product line U1 6 Assigned by the company 2 2: 2 3 Model U1 6 Assigned by the company

2 4: 2 5 Revised U1 6 Assigned by the company 26: 2 7 Metadata ID U16 set by the Certificate Management Center (CA) 28: 31 Reserved 2U16 [2] Reserved and 32/77 company signature public key The public key (46 bytes) is signed by the company's 78 M21 certificate management center (44 bytes) and assigned by certificate management ~ (CA). This digit is the information signed by the private key corresponding to the public key identifier signed by the certificate management center.

1 22: 1 37 The device identification code U128 (16 1 38: 1 83 is used by the agreement public key public engine to perform public gold round encryption in some agreement steps. Bytes) assigned by the company The keys are assigned by the company. By this introduction (such as: Dialogue Key Exchange), the company's signature is signed by the company. This value is the remainder of the certificate signed by the host and the private key corresponding to the key.

583568 V. Description of the invention (44) The fields in Table 2C include: the certificate management center identification code to uniquely identify this certificate management center (CA); the certificate format version to uniquely identify this C ο nte η 1: K ey 0 Version of digital rights management (CKDRM) voucher format; certificate management center signature public balance identification code, which is selected by this certificate management center (CA); encrypted version, unique The encryption method used to identify this certificate is disclosed; the disclosure method is used to identify the Content Key 0 digital rights management (CKDRM) method that this certificate agrees to access. Table 2D is a field used to indicate these disclosure methods (EXPOSED __ METHODS type) · Description of the 2D table name HOST __CKDRM _COPY indicates whether to agree with this ContentKeyO Digital Rights Management (CKDRM) copy method HOST _CKDRM _RECORD indicates whether to agree This ContentKeyO Digital Rights Management (CKDRM) recording method HOST ___CKDRM _PLAY indicates whether to agree with this ContentKeyO Digital Rights Management (CKDRM) playback method HOST __CKDRM_UNLOCK indicates whether to agree to this ContentKeyO Digital Rights Management (CKDRM) unlock method HOST —DRM —COPY indicates whether to agree This third party digital rights management (TPDRM) replication method HOST__READ_SECURE_METADATA indicates whether to agree to this method of reading secure metadata

P.50 583568 5. Description of the invention (45) " '"-HOST-WRITE-SECURE-ME D ADATA indicates whether to agree to this method of writing secure metadata ^ The block in Table 2C includes other fields, It will further explain that in an embodiment in which the first company can uniquely identify an invention, for example 6 5 5 3 6 different companies. However, larger or smaller stops should also be included. The size of this example is evidenced by the fact that ten companies per day and three hundred per year are more suitable for the company to supply its option to the voucher management center. To uniquely identify this Certificate Management Center (CA). These values can be used to unique data and write secure metadata. Steps are explained below. This company can also supply the private key that the main company keeps its corresponding private key to generate and recognize it. The certificate of the certificate management center is the company that issued the certificate against the public key specified by the code. In this case, the size of this field can support those skilled in the art. It is within the scope of the present invention. Table 2C is valid for eighteen years and is calculated at a rate of sixty-five days. Department, product line, model, and repair (CA). At the same time, this supply information publishes the product design of this certificate. Is the number used to set the metadata identifier, which uniquely identifies the secure metadata access in this read secure element, which will sign the public key of the machine and let this. The company's signature is generated by using this correspondence. The company's signature public key is used to verify the certificate management center's signature public record.

Page 51 583568 V. Description of the Invention (46) ----- The last three fields can use this company to join based on a device followed by envy. The device identification code is a numerical value (such as a ^), which uniquely identifies the issuing device of this voucher. The agreement's public key was selected by the company; the counterpart was embedded in the device. ^ In one embodiment of the present invention, when the host public key of the digital rights management (CKDRM) is used for cryptographic operations, the present invention is to use the public key of the agreement instead of using the company signature Public key. The company signature public key can only be obtained through the company signature through the dream agreement public key. m ^ Each of the above fields can be presented as this (: 〇111: 6111:} ("〇Digital Rights Management jCKDRM) voucher. In addition, the metadata identifier block can also be used at the same time as the company block. Identifies a host that accesses the security metadata. These values can be set according to new value requirements from this company and are set using this certificate management center (CA). In this certificate, these fields are designated to host 丨3 2 6-bit public key value of the 63-bit elliptic curve encryption method. However, other sizes and encryption types should also belong to the scope of the present invention. In addition, the present invention can also use this certificate in multiple cases. An invalid device was found. Please refer to Figure 5A. An abolition method 518 includes: transmitting an encrypted identification code from the device through a communication channel; and receiving a credential to identify the device as an authentication device or a non-authentication device. ^ ^ In one embodiment of the present invention, the abolition method 5 1 8 is used to abolish the proper

Page 52 583568 V. Description of the invention (47) Agreement certificate and encryption key. Special compromise certificate and private key. Alas, the revocation method 518 is used to discontinue and / or whether the private key has been invented-in one embodiment, with the voucher medium. Thus, the abolition of action: the abolition of relevant information is stamped here. " At first glance, the application can be encrypted in a separate, disconnected environment, as shown in Figure 5A. In addition, the content] ^ face (API) 50 6 and 508 can be used for encryption keys or encryption (the process interface)) can be used for the system containing the content :. Xiao Zhu ’s Content Encryption ’open file is read and accessed without a decryption key. This archive contains. When passing through a security agreement, §W fetches and transmits this encrypted data: In this way, according to the present invention, the two keys are compromised, and they will not contain the files of the Open Application Program Interface (AP ") to perform the solution according to another implementation of the present invention. As a result, Content access follows the p :: key, which is the key that is linked to this media and will be limited to a specific media, and the access permissions are stored on this media, and it will also encrypt 婢 i. Key…, the content that is suspected to be encrypted: When the (^ body copy key is compromised by Risi Temple, it cannot have = some: content to perform the decryption action. Please refer to the figure, ... use two _ ^ to indicate how to link the key to On this media, as shown in the figure, the ghost 5 2 2 is a kind of data about the content stored on the media.

Page 53 583568 5. Description of the invention (48) The method of preservation includes the step of attaching the content rights to the media. Amplifier or engine possible. In contrast, a = content is loaded-a broadcast operation to represent the stored content on this media. Enemies or engines can only access actions under predetermined conditions. Within this ☆ $ block 554 is used as described in 5 54) can perform one or more down, access actions (such as block content playback, content copy, allow one or make,-, including: number of Copy. In box 5 5 4 specify a copy or a limited copy: a minute program shown in Figure 6, Yimuiu can include a channel for content transmission, check one, and can include: I supervise the unlocking. In one implementation of the present invention, the stop sequence and the internal operation are based on the execution between an engine and a feeder. ^ =: It will be further explained as follows. The unlocking action When the report = method is used, it may be limited to: follow a protocol & _2 to connect to a server and use this security key to unlock the content-, block 5 5 6 is to use & / / The following actions are divided into the following actions, which include: identifying a channel, checking a list of discontinued watches, and unlocking the content. Figure 6 is used to introduce an implementation of an authentication program 600. For example, according to this embodiment, the three components required to issue a certificate include: a media 602, an engine 604, and a host 606. The host 60β is used to hold a certificate 6 1 0, which has a certificate The agreement public key issued by the management center ([a). In addition, this host 606 also holds a agreement private key 612. This certificate 610 is using this engine 604 through a

Page 583568

V. Explanation of the invention (49) Pass & channel to proceed Block 6 1 2 Confirmation t Confirmation in two steps. All stops in the present invention are stamped by the Certificate Management Center 15 so these can be established. Secondly acknowledge. In the early days of the present invention, the company's signature is a double confirmation receipt, and the signature on this certificate is on the party. • Please refer to Form 2C and Figure 6 for a certificate. First of all, the signature is confirmed in block 6 12 in one embodiment. In addition to the last three stops, the signature is signed with the field certificate management center signature and the public gold record identification code in block 6 丨 2. The public account records the authentication field (including the company's signature public key), and in block 6 12 this host must also verify it. In one embodiment, the entire certificate is confirmed by the company's signed key. . Therefore, this confirmation procedure is routine. In block 614, the host must perform the abolishment action after confirmation. The abolishment action can be applied to all ranges of this certificate, for example, all blocks. In one embodiment of the present invention, this authentication action = Qiu points must check a revocation list 608 on the carcass 602. This one?丨 4 604 is the revocation list 608 retrieved from the media 602. Provided that the private order 6 1 4 can pass through the block 6 1 6, then the engine 6 0 4 = a random number generated by a random number generator 618, so 彳 ^ = a secure session key 620 A first part. Then, the engine 604 can use the first part of the secure session key 620 to perform a public key encryption action 622 on a protocol public key 624 retrieved from the certificate. Then, the host 606 will retrieve the "宓" paired live key, decode the encrypted session key at block 6 2 6: k to generate the secure session key 628. Asia

Page 55 583568 V. Description of the invention (50) Please refer to Fig. 7A and Fig. 3, which are means for performing this confirmation procedure. In one embodiment of the invention, this engine is part of 3G8. Figure 3 is used to introduce: a communication is used to transfer this engine 308 to a host holding a credential 318. Subsequently, a credential 318 can be received, and an identification code 71 (which can be implemented as a v key) can be used—an exact number 720 is compared in this engine. In particular, the disc recognition function 720 also receives & identification codes and an output from an authentication engine wo. The authentication engine 730 is used to generate a global pass / fail indication, which is further output to the confirmation function 72g. The confirmation function 720, if a failure is received by the authentication engine 730, it will reject further content access actions. If a ^ field pass indication is received, the confirmation function 72 will send a pass indication to permit block 750. The permission block 750 includes a plurality of pass / fail permissions for the player 31, which can be provided to the authentication engine. After processing these permissions, the authentication engine 73 will output a U0 to agree to the data transfer.耵 Live Key According to one embodiment of the present invention, each time when a communication channel = device is passed, an authentication procedure is started. Each device must be

Authorization is performed when this encrypted identification code is received twice. In this way, the method of giving a device to a device includes: through a communication channel: an encrypted identification code of Ϊ ::: ^, and receiving a credential to identify the 7B diagram. Representation: $ f on a channel

Page 56 583568 Description of the invention (51) Yes One way to send information. This identification of the destination of the data ... In block 702, a ^^ m of this destination is retrieved, and an identification code is used to authenticate this item. Also: will continue to send one in block 70 6 Conversation key. This pair; the predetermined conditions in this voucher 'in turn agree with the transfer of information. = So ,: "The certificate issuing procedure is used to issue a certificate to the host engine, and an authentication sequence is used to authenticate the host and the engine. One entity can confirm and authenticate another entity .: The other genus of the Π :! body can also be successfully identified. "Authentication = Full Application Programming Interface (API) can pass through = According to an embodiment of the present invention, this host is one of the following objects, including: Player, a player in a personal computer (PC). . One player, one clearing house, one server and one third party digital rights management (TPDRM) application in a device are red. According to one embodiment of the invention, an obsolete list is stored on a medium inserted into an engine. This revocation list is used in this procedure. For this reason, if a known serial number of a device is a manufacturer with a text association or a subsequent rejection, then this host cannot be used. In another embodiment of the present invention, this The revocation list is also ^ A in each device, so as to avoid that this device cannot be played, or k revocation lists can also be maintained as media related. As such, when, M pre-recorded content is released for sale, or when blank discs are manufactured, new

583568 5. In the description of invention (52), the stop list can be included on these discs, so as to find appropriate players and hosts, and refuse to authenticate these players and hosts. In addition, in another embodiment of the invention, the abolition list can also be maintained through a servo cry, so that the player communicating with a server can change the state (such as unlocking and locking), The direct revocation list is listed on this engine. Further, in another embodiment of the present invention, a plurality of files are stored on the media in a manner dependent on each other, and three or more files can be associated with it. In this embodiment, this (this) t-stop list = occurs in other programs ㈣ 乂 = = = =: = 合 = occurs in -one program and one file map, which is used to provide a Abolition of a law, law. Figure 7C starts at block 712, and the table is also taken during a case access action-one is abolished in one embodiment, each file is an entity of the invention by centralized storage Each 列 column ... ^ is marked for each file, and further restricted. The identification code of the column or refers to the revocation information (referred to as a ^ ,,, Tian is a place. This identification code is placed in the 隼. For a long time; ,,, that is, ",, accounting) is a unique identification code, without the need to store the complete waste selection =: there are listed nodes -A file access and abolition of the asset gate °: In block 7 ", the results of each node will be added on page 58 583568 during t-Pingli V. Description of Invention (53) for storage. This post: g | tongue private approval> U t private order can include: read the comment I recognize the field and re-perform a welding process ^ li ',, 0 fruit, but not the county ^ pingli action, that is: All festivals are not set aside. The spoon can be pre-evaluated in one embodiment of the present invention. As shown in block 7 1 6, the column is copied to the engine by the media, and, yes, this revocation list may be used to prevent a broadcaster from performing playback actions. This 2-, Poison " ㈣ ", the manufacturer has a defect or a potential lack of ϊ ϊ is not appropriate. When a 娆 σ ^, or in addition to this lock, this Asamoto ... __ 1 j The server is shown in the content solution 718. Ί and _ actions, such as the block must be white, ancient, and the abolition of the existing clothing must be enclosed at least one or more signature keys, this 4 shovel this insecure μ 1 Use it at the same level of enforcement: the revocation of the early signing of the second signing will also end in block 722 the use of k, or these keys to sign a profit camp. The revocation of the digital rights of the management, minister, and LontentKey, especially the signing key, also means the next day the revocation of any corresponding signing. In one embodiment of the invention

f In one embodiment of the present invention, the key signature list stored in the non-volatile memory of an engine cannot be updated outside a manufacturing process. In this embodiment, the list of key signatures can be cancelled, and a certificate index of ConntentKeyO Digital Rights Management (CKDRM) can be used to sign a specific index value in the early public surplus identifier field. One is abolished on a per-media basis. Qing refers again to Figure 7C. The abolition of the list is used to provide a mechanism to avoid access to the ContentKeyO of a given device or a group of given devices.

583568 V. Description of Invention (54) lCKDRM) ^ 0 ^ Luli (CKDRM) revocation method can make revocation action happen in any field of this master voucher. Therefore, revocation can be as clear as a strong, identification code or agreement, or it can be as broad as a whole = eight divisions, maybe a specific product line, or-two specific product models, such as Block 724 is shown. ° 疋 — As mentioned earlier, each bid can have a related abolition list. The abolition list is related to this file in create file (create_file ^. This abolition list is at this, π 卩 々 ContentKeyO Digital Rights Management (CKDRM)

Copy to this destination. ) During the method of dismantling, transmitting an abolition list can consist of an abolition node of a list. An abolition node is composed of a clause node of a table and how to invalidate the node. Each: ;;: The sentence is composed of a set of data and functions, 1, the clause is the meaning of how to apply these data and use these data to define. Block 732 is: ^ Ming-the content of the abolition of the list of evaluation (CKDRM) vouchers into the tentKey0 digital rights management ^ / Λ; Λ 5 a ^ ^ λ ^ ^ ^ obtained from these clause nodes Poor material evaluation in the spot. Subsequently, there are true and false results. In the event that this remuneration is paid to one revocation node — any revocation node in the revocation list is evaluated Page 60

Bit-shift displacement field name type value description / use 0 · 1-byte count u 1 6 (unsigned i 6-bit number to stop the number of bytes in the table ... this number: or si at 4. this The node count stop must exist. ≥ 2 · 3 node count 耵 6] · The number of nodes in this revocation list, 4 · · 1-1 revocation of the node list REVACATION—NODE [j] each] Declaring an abolished node

An embodiment is provided to abolish the node structure. Byte shift field name type value description / use 〇 ·· 1 byte count U16k & including the abolition table for this block: The two values must be greater than 4. The value of the environment is less than the leakage. Abolish the size of the node

Bytes. ID U

The 2 clause counts the number of clauses in the abolition table U81, 1. The three-clause rule U8 defines the rules related to the evaluation of quantum sentence combinations. Refer to clause rule encoding to get the required value. 4 · k 1 clause node list CL A USE —NODE [1] Each entity defines a clause. '

Page 583568

Table 2G is an embodiment used to provide a clause node structure, which is used to support complex functions with a common format. 'Table 2G Byte displacement block name type value description / use 〇: 1 byte count U1 62m + 4 includes the number of bits in the abolition list of this block, 2 m + 4. The value m must be positive. It is not allowed to 厶 + J a few sigma function data arrays. , 2 · 3 Function U16 executes the function of this abolition clause. Raising α f in Yiyi means that my function is a matching function. 4: 2m + 3 function data U1 6 [m] uses m characters of data to execute a function. This second table is used to provide an example clause node, which is used for a matching function. Table 2 Η Table Byte Shift Field Name Type Value Description / Use 0 · 1 Byte Count U1 6 2 η + 8 Includes a set number of the abolition list for this block, 2η +8. The value 11 must be positive. Do not allow ^ to occupy the Li Yuan data array. σ 2 match 2: 3 function U1 6 match The function that executes the abolition clause is the match function 4.5. The start character U16 represents the displacement of the start position of the match function in the ContentKeyO digital rights management (CKDRM) voucher. 583568

6 7 words tl count U 16η The number of matching characters at the beginning of the shift start character n 8: 2 η + 7 matching data U1 6 [η] The number of η characters that are matched. In one embodiment of the present invention, an engine The revocation list was received during the CCKMD — CREATE — FILE or CKCMD — SET — KEYBOX command. The revocation list of multiple files may also include revocation nodes that already exist on this entity. In this media, an abolition list can be regarded as this "^ inch file

An object in the system (DJS) uses a separate and different process (not a case or directory) to carry out the dimensional tank / μ, "Return & Ding Dingzun. This DataPlay file can be used as a reference for the identification of the Dfsld block. It is also a reference number for broadcasting, and it is used for this ContentKey resource from μ ^ / D χ. _ JT. The abolition identification code table 料, J, Re material list structure, J (RevocationldList) pivot 1 bit. In this embodiment, Table 2I is used to add # 7 丨 # point structure.笊 Indicates the repeal section of a target. Table 21 Type name description / use struct META * psNEXT Internal reference of the linked list _

D F S I D D f s I d Disposal of this abolished node Eight DFSFLAGFlags internal use flag a setting defines Yan —, ^ Zhu Man object is a bit of an abolition point. U8Evaluation Result means abolished, not & ^

At ^ Abolished, Not Evaluated One Three-state Flag

Page 63 583568 V. Description of the invention (58) REVOCATION NODERevocation Node Including a ——— s in each of the abolition bars f, the actual data transmitted by the host, the two engines are presented, please refer to Figure 7E, which It is used to provide: A method to be executed when the list is abolished.

Block 752 is a 16-bit identifier for a table column during the setting of the Conttent Key digital rights management (c data setting, using this node count value to generate M) metaspace, ::: Abolish the node. In block 754, for this deprecated list of nodes, the engine compares this node with each existing node. In block 756, 'if an identical node is found' is added to the number of DataPlay file system identifiers for this existing node, and to the content of the ContentKey Digital Rights Management (CKDRM) metadata structure. In block 758, if the node cannot be found, a point is generated with a unique DataPlay file system identifier. In block 762, the engine will P / the new Datapiay file. The ID value is added to this ContentKey digital rights management (ckdrm \ metadata structure. 9

Please refer to Figure 7F, which is used to elaborate the abolition of the listed results. As shown in the figure, in block 772, the revocation list is evaluated when the CCKMD-AUTHENTIC ATE command occurs, or when a new media is inserted into the engine. In the box ^, the revocation list is evaluated against a received contentKey digital right ^ (CKDRM) voucher. For each of the 583568 nodes in the revocation list, the (59) nodes of the invention description, in block 7 7 6, this evaluation action can obtain a revocation or non-revocation status of the node. Because nodes are archive-related, these states can be evaluated each time a C nt Digital Kei y Digital Rights Management (CKDRM) operation is attempted, which is proprietary to a particular archive. Therefore, the decision to abolish the result does not depend on CCKMD__AUTHENTICATE, but on CCKMD_DRM_PLAY, CKCMD GET_METADATA, CKCMD_GET_PLAY_KEY, CKCMD__PLAY, CKCMD_RECORD_APPEND, CKCMD_ SET-KEYBOX, CKCMD-SET-METADATA, and CKCMD UNLOCK FILFS. This command will be described in the following steps. In Fang Yi, ^ Fruit: will be stored in an evaluation result block of the result of the abolition node. The original video production process. According to the 7G law, this application key is used in the application, and it can be used as an example. In this case, this part is the dynamic part of the room. The other part of the system is the need for an original movie in the personal computer. In the example, the media disc described in the manual is the method shown in the figure to organize the content. As shown in the figure, block 782 begins, where 'β 容' is used on this medium. In one implementation of the present invention, the formula is to use: one attached to a machine to perform a tool. In this server key, there is a specific use of the machine key generator:

Make a secret key generator. In the s a (AjIC applications of the present invention are not the original film making skills, the two writing tool rooms are used as linked libraries (DLLs) or libraries. 者 # 一 者 writing tools fly 4 Dynamic link process 583568 5. Invention description (60) 3) * The library may require a third party to write the tool room 1 before generating ContentKey Digital Rights Management (CKDRM) content. Another embodiment _, This server key and this: Yes, Π. The two work together so that this server key does not work in a second two: type 2 (DLL) or a specific registered version of the library to work hard. In one embodiment of the present invention, the application program is implemented by generating an identification code and a ContentKey digital rights management (ckdrm) II: shown in block 784; in block 786, these are encrypted In content m8, the engine-managed copy and playback rules are added as specified by the appropriate content owner; in block 792, the number of third parties == corporal chat) is added as a proprietary rule Second, in block 794, add an abolition list, and then part, all, or, however, 'as the person skilled in the art knows, the functions performed by this master may also include items from the previously provided functions.

Therefore, the described application may be a part of an original movie. For example, for example, a part of the application system can include a kind of commercial content that generates locked and unlocked content on a disc. I + This version of the video production process follows a writing process. V followed a pre-recorded program. / 、 An embodiment +, the original film is used on this disc, and the combination is used to provide a method of pretending the price of a fake disc as a pre-recorded disc

Page 66 583568 V. Method of Inventive Explanation (61). For example, 'as described below' In one embodiment of the present invention, an identification code of a pre-recorded disc has at least a part of the identification of a stone horse which is pre-recorded. In this way, the identification code can be pretended to be detected as :, as will be further explained in the instruction manual. Please refer to Figure 7H, which is a flowchart of a procedure (including an original movie production program that generates media and sets up an information exchange type server) using a flowchart. This procedure begins with block 7002. Box 7004 is used to provide a newly published process for production and information procurement. Box 7 0 6 is used to enable two or more of the following data to be transferred to the media, including: content slots, metadata information, security information, and software collection information. The content file I may include a file that a consumer or user will play and any asset files associated with the content. In one embodiment of the present invention, it is assumed that all files are encoded using an appropriate media codec (codec). This metadata information can include =: and lyrics. In one embodiment of the invention, this structured format may or may not be all intrinsic. In one embodiment of the present invention, the two units are based on a track (Per-track) or based on the media: e. Review 1 basis. Security information transferred to this media is. Interaction with content = user: The rules for interacting with content, such as, for example, ==, performance, and processing content, plus electronic emphasis. Annotations or e-books

583568 V. Description of the invention (62)

In one embodiment of the present invention, these rules are an abolition list and a third party digital rights management (TPDRM) rule used to provide a second digital rights management (TPDRM) method. These third-party digital rights management (TPDRM) rules are used to provide consumers with rules that may limit the daily playback and reproduction of content. These third-party digital rights management (TPDRM) rules also include other details, so that the authoring and original film production procedures (as described in the instructions) can receive information related to the original locked broadcast. In one embodiment of the present invention, a revocation list is defined by a content provider, and the revocation list is used to mention all player devices, player applications, and Servo is that they have been rescinded for some reason determined by a revocation entity. The software collection information is used to provide a specification to explain how any secondary content is grouped and how the software collection information should be displayed to a user or consumer. The information collected by this package must include the specifications of each package, such as the display image and package description. The block 7008 is used to provide a writing program, in which a content file is packaged according to a predetermined specification. In one embodiment of the present invention

, ^ ^ ^ Some specifications include: organize these materials into a directory structure, such as Ann Mηητ, "Amazing α name such as a DataPlay Massive Memory Playback (MMF) directory structure. In a specification book referring to Mei # 甘 —u 士 · 刀 刀, this structure needs to have more than one eye, which includes: • coded internal guest # 查 六 其 Persimmon strike, a catalog structure, a The Nei Fen g-li device, an autóruri inf holding Anri ,,, 柃 Andu w ^ π · 1ηί file, and a content · ddl are only wood. In particular, this content camping # 门 合 & 理 装置 is used to provide files, various

583568 V. Description of the Invention (63) Such as an executable file, a micro-site, or a ownership or form as defined by a content provider, to present the content on the media to a consumer or a user. This aut〇run. Ίηί file is used for the data of the automatic operation device described in the instruction manual and the interactive device that launches the Utari official management device. The cone.ddl file can include a software package collection, advertisement, and software package inventory unit (SKU). In particular, a software package collection may include a unique identifier for all secondary content on one side of a medium, and may also include a reference to one or more advertisements. These ads can be grouped into a suit and provide a presentation layer to display this secondary content. A storage unit (SKU) described in the manual can be defined by a supplier, and can refer to one or more files of this medium: the large $ memory file (F) data description language (DDL · ) Files contain files describing the content and the relationships between asset files. ^ For a part of writing a program, a content provider must choose whether to use a kind of digital key management (ckdrm), third party data

= 雈 = Management (TPDRM), or one or two of two digital rights management (drm). After selecting the digital rights management (DRM) method, according to this (DRM) method, the content broadcast can encrypt the digital : Ϊ ϊ All the content and files it needs', so that this selected to provide S reason (_) can act properly. Block 70 1 2 is a pre-recording program ... An original movie file set is stored on a ::: body (such as a tape) and transmitted. In one embodiment of the present invention, each file set can provide 583568 V. Description of the Invention-One side of (64) media discs. Another private sequence performed in this pre-recorded program is: generating a di-file, thereby constructing a secure database, such as the security database of CKDRM digital rights officials (CKDRM). The keyC0mplement dH file can have a set of software collection identifiers, including a complete project path, a project disposal, a gold record, such as: 1: a 28-bit το number and a key version Complement. Finally, the pre-recording procedure includes transmitting the conenf file. Pre-blocks 7022 and 7026 are used to transmit a medium (such as: a suitable original film file set on a magnetic disk to a glass original film, to generate a media disc (in box 7026 ) Stamping this original glass-incorporated film will generate one or more stamping machines, generate a large number of these media discs and distribute them to consumers and 1 on the server side, block 7020 is used to Make an original video = enough to receive the data of a secure database. In particular, a server has: load a key complement and a key mapping database table: on these keys —. Dl 1 and content . dl i file: Erzhang information) software package. Referring to Figure 71 in the tea, the procedure described in Figure 7H can also be executed using another private sequence, which can be the same as the procedure described in Figure "= Yes" Figure 71 is used to generate a software package collection , Set ", and storage unit (SKU), which will be available in the soft room & Block 7028 is used to provide a start-up job for this process, to set up an Internet contractor.

Page 70 583568 V. Description of Invention (65) (eTailer). Block 7030 is to enable a content provider to perform a software package configuration and a change procedure, package software definition. In particular, in 'blocks 7032 and 7034', the content provider supplies a content, ddl rights package 7034 and package software to display graphics and u data to this retailer (eTailer), which can be presented to two consumers ^ or used Part of a software package for the developer. Generally, eTailer collects inventory unit text for a software package. Mouth (packageCollectionSKU). Zero quotient.) May not collect recognition kicks for a software package ° 81 ΐ6Γ

(packageCollectionID) is interested, and the FUN θ sphere resource locator (URL) is transmitted to this retailer (1 through an all-retailer UTailer) may send the package software H code (PaCkageCollectionID) to an intelligence device , Then discard directly.乂 Change Ke service = block 7036 is used to allow a retailer (eTaiUr) to provide a package that a content provider can provide: it is broken to change the pricing of the package software. In the present invention: this is done by creating and installing pricing and package software; the package is operated by a retailer (eTailer) completely or in a library. This architectural action can be used with this retailer (eTaUer) J 丄Make the format (such as: an " shopping cart " or 丨, an existing ::: sale of the catalog maintenance " another architectural action performed by eTailer) pay. — -Ϊ 2 Select the specified discount model and advertising marketing. This real expansion? : Bao Ling. The eTailer can use the demographics and specific consumer information 583568 V. Description of the invention (66) The user can use it for advertising marketing. Another feature of data security provided by this electronic content (SEC) system is the application of one or more random number generators. As mentioned earlier, in one embodiment of the present invention, a random number can be associated with this media through an original film making process. In another embodiment of the present invention, a random number generator may also exist inside an engine. For example, each generated engine may include a non-volatile memory holding a random, destination. One way to generate this random number is through the use of high-quality generation software, such as software compatible with the Federal Processing Standards Bulletin 186 (Flps-186). The random number generator inside an engine can be used as a seeding technique. For example,-a seed can be a random number g that generates a ^ mesh shirt; a random number generated during the manufacture of this engine π = a random number generated and embedded in;-a public-head :; Sideld);-W titles produced by the number of upspin times, one search time during servo correction; the number of bridges; one line of data DL 5 Ancestral Center (BCA) field; long-term # 术 贝科(Such as: up counting, reading blue food, etc.)-a number. Entering the W rate, or servo / read / write like this program, non-volatile memory, manufacturing two: two write -Any number generated by reading the time-series number: the number of functions generated by the input of the number β, the ratio of the cheek to the number of digits.乂 and 月 月 b 疋 The functions between the above number of engines and one host V. Description of the invention (67) Please refer to Table 3, which is a function used to introduce an exchange of information between references. This host can be a broadcast rights management (M), information station, or server. In a copy of the digital question, it will be further explained that a destination engine is a host c. Table 3

ContentKey Digital Rights Management (CKDRM) Functions Third Management (TPMM) Functions DataPlay File System (DFS) Functions ^ Rights ContentKey Digital Rights Management (CKDRM) Play 12 Third Rights Management (TPDRM) Play 320 File System Write 374 — Digital Rights

ContentKey Digital Rights Management (CKDRM) Unlocked 36-Bit Rights Management (TPDRM) Copy 34 File System Read 372 — Number

ContentKey Digital Rights Management (CKDRM) f Record unlocked content 3 6 2 Record locked content 364

ContentKey Digital Rights Management (CKDRM) record 35. As shown in Table 3, these main functions include: Digital Profit Management (CKDRM) playback 312, Third Party Digital Rights Management (TpDRM) insertion 320, ContentKey Digital Rights Management ( CKDRM) copy 330, third-party digital rights management (TpDRM) copy 34, and record content 350, including: record lock content 364, record unlock content 362, and ContentKey digital rights management (CKDRM) unlock 360. A media can selectively hold both content 362 and 364, borrowing 583568

As pre-recorded ContentKey Digital Rights Management (CKDRM) content. These authoring, pre-recording, and original movie production tools each play a role. For example, a content provider can specify these /,

ContentKey Digital Rights Management (CKDRM) features, which include:-locked / unlocked status, play / unplay status, consent to the number of copies of the ConntentK Digital Rights Management (CKDRM), consent to third party digital rights management (TPDRM) The number of copies, and the number of copies a third party digital rights management one (TPDRM) can obtain from its copies. others

Third-party digital rights management (TPDRM) can be specified by a specific third-party digital rights management (TPDRM). Play function

In particular, the ContentKey Digital Rights Management (CKDRM) playback function 312 can allow unlocked, playable contentKey Digital Rights Management (CKDRM) content to be played on any player. The ContentKey Digital Rights Management (CKDRM) playback function can transfer electronic internal integration from an engine to a player, and it is also accompanied by the information needed to undress and express this transmission format. The engine is responsible for whether or not there is a license for this playback function 312. In the embodiments of the present invention, the function 3 丨 2 does not decrement a play count and instead releases the solution and the play permission of playable Cognitive Key Digital Rights Management (CKDRM) content will not be counted. Please refer to Figure 8 for time limit. It uses a flowchart to introduce the application process of ConntentKey Digital Rights Management (CKDRM) playback function 312.

Page 74 583568 V. Description of Invention (69) ----

Interface (API). The application program interface (Αρι) will require that a player or host must issue a certificate according to a procedure for issuing certificates before opening the application program interface (Ap I). This host cannot = store this content in any way that allows any other entity to access it, even if the content is encrypted in advance before leaving the host. This dual-purpose programming interface (API) does not allow the player to temporarily store the decrypted content or transfer the decrypted content through an unsecured channel. According to a host authentication procedure 810, block 804 is used to enable a host to transmit a credential that authenticates a host. An engine coupled to this host in block 806 is used to transmit a session key 83. After the authentication procedure, the engine will select a decryption playback session key 83. Block 832 is used to transmit a playback session key from this engine to the host (such as a player). A player then receives the decryption key for this playback session for a particular file. Fang 834 is used to explain that a host uses a session key to decrypt the playback session key. Box 84〇 is used to explain that the current player is used to receive encrypted content. Block 85 is used to explain. The decryption key for the playback dialog received at block 8 32 is used to decrypt the content. '

Different from the ContentKey Digital Rights Management (CKDRM) playback function, a third-party digital rights management (TPDRM) playback function 32 can enable the ContentKey Digital Rights Management (CKDRM) content to be unlocked by one or the third party. Digital Rights Management (TPDRM) for playback. This third-level rights officer (TPDRM) playback function 320 is used to transfer electronic content from

j ^ 568 V. Description of the invention (70) '' ---- One engine transmits to this third party digital rights management (TPDRM), and 尕, only ^ day accompanied by dagger to decrypt and express the information required for the transmission format . This = Lou ^ Whether the management action of permission exists is implemented by using this third party digital authority 1 (TPDRM). The ConntentKey digital rights management (CK DRM) does not decrement the play count, or perform check actions against time systems and any other regulatory requirements. Conversely, this Digital Rights Management (TPDRM) can also manage and / or change its own 7L data 'as part of its playback function. Copy function

Another function is ContentKey Digital Rights Management (CKDRM) copy ^ number 3. Function 3 30 enables pre-recording 2 and unlocked content to be copied from one medium to another when copy permission is retained. This ContentKey Digital Rights Management (CKDRM) copy function 33〇 will—

The number of licensed copies retained on each of the original media is decremented. In particular, in one embodiment of the present invention, Content Key Digital Rights Management (CKDRM) is used to generate a limited number of copies. Any copying performed by the media (which has a limited number of copies using this ContentKey Digital Rights Management (COJM) copy function "); ^ Share the number of places where this original copy can be played in any player. However, these copies themselves may not be copied. A content provider can optionally specify the number of copies that can be made from one original. Whenever one or one copying actions are performed, this copyKeyKey Digital Rights Management (CKDRM) copying function 33 will add 583568 the number of allowable copies to be kept. Used to introduce the C0nte (CKDRM) (API) block 9 1 0 is U to provide this destination engine = confirm that this destination is indeed an authenticated engine; each destination engine sends a unique code Used to make this ... Α PIN, to link this new selection. Block 930 is used to transmit this destination—a complex copy. In block 930, the destination engine will receive and use this internal gold record. In particular, these golden recordings are the solution to this problem. In one example, these keys are transmitted in advance by linking to this: local media. Box 94O is used to duplicate this plus content. The DataPUy File System (DFS) command is used to copy these two contents. In one embodiment of the present invention, the copy function 33 is supported in an environment with one engine and sufficient buffering (for temporarily storing content), or an environment with two engines. The third-party digital rights management (TPDM) copy function 34 can enable a three-party digital rights management (TPDRM) copy to unlock the content, provided that the third-party digital rights management (TPDRM) copy license is retained. This third-party digital rights management (TPDRM) copy function 34 reduces the number of licensed copies retained by a source file. Unlike the ConnKeyKey digital rights management (CKDRM) copy function 330, the third party digital rights management (TPDRM) copy function 340 is used to generate a limited number of copies. These resulting copies are managed by this third-party digital rights management (TPDRM). A content provider can be used to specify a

583568 V. Description of the invention The number of copies that (72) files can perform. = Two copies of Rong Nai, a third party digital rights management of a voucher 41 ^ ^ ^ ^ ^ ^ (CKDRM) K brothers digital rights management (Tpdrm). = The content sent by Z will be encrypted, And, the corresponding decryption key) is also transmitted to the received digital rights management (drm). Figure 10 is used to introduce a practical step for the sister according to the present invention. In particular, as shown in Figure 6, an engine is used to ensure that a host is a digital rights management (drm) of a credential and used to receive content. Block 1020 allows a third-party digital authority (TPDRM) to specify the content that this third-party digital rights management (PDRM) requires to receive. An engine manages the number of copies that can be made based on the number of starts specified by a content provider and the number of copies previously transmitted. In block 丨 〇 3〇, an engine will respond to a valid request by transmitting keys (this content must use these keys for decryption). The key transfer is a necessary action of a third party digital rights management (TPDRM), and the number of reserved license copies is decremented. Box 1040 enables this third party digital rights management (TPDRM) to receive the content, which is encrypted using the gold records just transmitted. Record function: Another function provided by the ContentKey Digital Rights Management (CKDRM) is to record the content 350. Record content 3 62

583568 V. Description of the invention (73) The content of the original recording and original film production is copied as the unlocked content. J = "electronic data is readable and encrypted. On the contrary, the unlocked, Electronic content 'can be copied as: t: zhe-enough to play, unless it is unlocked, yes, you can also make this contentKey digital rights m. The content content is the same =; and make the paid content available Has the ability to unlock (CKDRM) management (TPDRM,) import f playback benefits, or a third-party digital rights field. Utilize ^ kinds / \ 11 怵 67 digital rights management (with 1) ")绝 In the extinct form, this content can be used in any of the following =: Inner contents are distributed electronically to obtain the content, and the second picture is displayed: ^: This is a way to record the content ... For one source, it is the following components, including the following: Digital Rights Management (TPDRM) of the three brothers, playback of tf1 ... The box 112 ° is used to make this two is a content application imported by Conte. A system write agreement or t ntKey Digital Rights Management (CKDRM) record agreement. In box ⑽, in a file format, you want to perform encryption operations: Concordance ~ on ntenUey Digital Rights Management (CKDRM) record application industry

Page 79 V. Description of the invention (74) The API (writing API) is used to write the digital rights of the Con tent Key. The total size is based on this block H40. The agreement is to be transmitted. In the application world φ (API) ° Enter = Enter the second is to use this slot case system to manage the content can use the second wire + "撒 f, 1 (CKDRM) Rights Management ™ M), which is used ;:" :: : Third party digital 疋 establishment-service H 'It is used to manage this content and method ^ m; number: standing rights management (CKDRM) note: * frrriL (CKDRM) resources; standing, in the too: all content is poor m. The third way is to create one: one embodiment of the present invention, this information station is simultaneously and severally, sincerely ... there is an engine.

ContentKey Digital Rights Management (CKDRM) unlocking 36 is another function shown in Table 3. In one embodiment of the invention, this resolution, the fixed number 360 can only be applied to locked content. An application that can be connected to an information clearing house is required in the parent of the unlock lock 1. When a user operating a medium (such as a disc) meets a predetermined transaction requirement, a secure method will change the state of the content on a medium from a locked state to an unlocked state. According to an embodiment of the present invention, the locked content can be unlocked through an authorized transaction. These authorized transactions include: those executed according to a content 583568 5. Invention Description (75) Rules selected by the provider. For example, a content provider can control whether content is played and the number of copies that can be performed through third-party digital rights management (TPDRM). Pre-recorded content in a locked state can also be unlocked. In one embodiment of the invention, in this locked state, the key set on the media is not sufficient to represent this content. This unlock method is used to transmit the complement of these keys. In another embodiment of the present invention :: The unlocking method is used to transmit information that can match the media

J = Second, the key information is used to prove that the identification of this clearing house is steep. Each breed can also be called a key complement. ί Use 2 to describe a method for unlocking content. This method is used to provide the first of this method. It is used to make a source (仃 乂 f41 do n’t private order. Method 1220 content linked to a The media, 2-13 server) can retrieve this source and can specify that J is to be unlocked: the second block 1220 is used to make the 1 230 the complement of the eye mountain key. Block-a servo, based on the validity of a request. According to the specifications provided by the donor to manage the feeding operation except the locking action = In one embodiment, the solution is executed (the content is stored in the writing and original film production, a proper unlocking guard, so that the appropriate A content provider is designated as the file system function source. A default function for management (coffee) is

Page 81

ContentKey number # Desc & 583568 V. Description of the invention (76) Using the third table, as shown in the above, the & case system can allow the file level; This API * (API) is not V ?: Dynamic: This slot system should be encrypted using the same method used by these building systems. Yes, it is only in this file; 2J :: Bid Case Letter 372. Special case system, using any of the following settings: Erji :: dou can have a building case system through this file:; === open / architecture, which requires a case of authentication host = interface? (Api) This file can be opened without the need for enforcement. According to a practical example of the present invention: a playback is performed by any host (and does not require the use of encryption methods (^ = instead of establishing an authentication connection to carry out data) :: its system is located in an engine ... case: Death: i374At is used to ▲ identify-a slot system write function, to), will til: past the application program interface (: pi) of this file system to insert shell material into this; ^ 宏 备 from w Shang, Shang also eight r / $ bar system which is not Lu private storage area, a function of reading text Shang u plus system 372, in which the door = ting a file to - an open architecture section to a write by f Second, open, and the application process of this slot system Γ ΓΓ # can be put into play, without the need to have an authentication host. In other words: his case write function 374 can be used by any host, unintentionally = -: Jian = connected "requires an engine and requires 583568 5. Inventory (77) The method executed by this engine The above-mentioned function of ContentKey Digital Rights Management (CKDRM) is used for this CononKeyKey Digital Rights Management (CKDRM) And letters ^ for an overview. An engine is a match The Secure Electronic ^

) The other parts of the system (please test the second gang%, (SEC Bismuth PLUS, > Lost brother 2)) to perform these functions: Digital media provides an element for item fetch and write access actions. This leads to the host, or is coupled to a host, f exists a line of these functions ... These commands = can d make it easy to understand, or It is based on system and design requirements: to determine j ::: can: in a host application, the components and other applications belong to the scope of the present invention. &Quot; Host application " The device to which the engines are directly connected, an application on a connected device: a personal computer (PC), and each of the 疋 N of the Digital Rights Management (CKDRM) Clearinghouse. The methods include: one or two of ConntentKey Digital Rights Management (CKDRM) and file system commands. This method will be explained as follows) can be supplied to any voucher entity and is limited by the voucher of this entity. In addition, the present invention also needs to have a built-in engine, so as to expose the file system and ContentKey Digital Rights Management (CKDRM) application program interface (API) through the data interface implemented by this device. In one embodiment of the present invention, the application of these file systems and ContentKey Digital Rights Management (CKDRM) is disclosed.

Page 83 583568

5. Description of the Invention (78) The interface (AP I) enables a device with z engines to be used as a substitute for another entity.

According to an embodiment of the present invention, communication using an engine requires a secure conversation. The authentication procedure described earlier results in a new secure conversation and a safe talk conversation record. Figure 13 is an example of how to get a secure conversation through a separate process. Block 1 320 is used to enable this security key to be transferred in an asymmetric encryption process. In this embodiment, the dialog key is a symmetric key 'through which the data is quickly encrypted and decrypted. Block 丨 3 4 〇 is used to ask whether a host change has occurred or whether the media is ejected by a device. When block 1 340 is true, this secure conversation will end in block 1 3500. If not, the secure conversation continues to block 1 3 6 0. Therefore, a secure conversation is unique to a particular entity, engine, and media combination. Every time a secure conversation is established, this engine can execute various functions. This engine firmware is used to share the functions of these Content Key Digital Rights Management (CKDRM) and Third Party Digital Rights Management (TpDRM) methods. B It includes lock / unlock, ContentKey digital rights management

Management (CKDRM) playback, ContentKey digital rights management (CKDRM) copy license, and third-party digital rights management (TpDRM) copy license. For ContentKey Digital Rights Management (CKDRM) and Third Party Digital Rights Management (TPDRM) copy licenses, this engine can perform one of the following actions, which include: · free copy, counted first-generation copy, and unlimited First generation copy.

Page 84 583568 V. Description of the invention (79) The women's full dialogue can allow an engine to enter the field of C tent κ ey digital rights management (CKDRM), which includes · implementation of these ContentKey digital rights management (C〇RM) And third-party digital rights management (TPDRM) functions. The cnntentKey Digital Rights Management (CKDRM) functions executed by an engine are performed according to the agreement. With respect to the point of view of an engine, each agreement will be further explained as follows.

ContentKey Digital Rights Management (CKDRM) Copy Figure 14 is used to introduce an engine to perform a Digital Rights Management (CKDRM) copy method, which is used to copy the contents of this ContentKey Digital Rights Management (CKDRM) field. For example, please refer to Figure 14. A source engine 1410 is used to hold official content within the ContentKey Digital Rights Management (CKDRM) field. According to an embodiment of the present invention, a source file 1 420 is sufficient to specify, so that this source file 1420 must perform an unlocking operation, and have a copy permission of retention number = rights management (CKDRM) before this method continues. . According to another embodiment of the present invention, for example, the source file 1420 state Zr 疋 of the hyper-dispersion model is not related to each other.目的地 In this example, the destination is the C⑽tentKey Digital Rights Management (CKDRM) field. In addition, get ^ = 衣 1 ^ 3 0 乃 疋 的 理 理 || and this slot case will also be unlocked ^, which has a ConntentKey Digital Rights Management (CKDRM) broadcast Xu: Wu Kedan :: ΐic: The ntentKey Digital Rights Management (CKDRM) duplication box U50 is used to perform the transfer action. According to one embodiment of the invention,

Page 85 583568 V. Description of the invention (80) During the execution of the command to transfer this key box 1 450 ’, this source file 1:20 will be: the reserved cOntentKey digital rights management (ck,

The control permits a decreasing action. 7 I According to an embodiment of this replication agreement, for example, one source engine is in two engines (a source engine 1410 and a destination engine are used to execute a secure application program interface = 来) And only disclosed in digital rights machines with ContentKey. This destination engine 1440 includes two open

:: Φ: 工 夂 Γ (AP1). In this way, this method can be exposed to all hosts. Each engine has a host. A single device can serve as the host for these source and destination engines, or each engine can have a different host. In the latter example, the two hosts must be able to communicate according to a host agreement. This ContentKey Digital Rights Management (CKDRM) duplication command is familiar to those skilled in the art, and these commands are also provided for the purpose. This agreement is to use these keyKey digital rights management (CKDRM) commands, including: CKCMD—authenticate

And CKCMD_GET_CKCMD_COPY 〇 CKCMD-AUTHENTIC ATE This command is used to enable the destination engine 1 440 to authenticate the source engine 141 〇 to establish the trust of the source engine for the destination engine. Consent to the use of the ContentKey Digital Rights Management (CKDRM) method. The source host will send the destination engine in this command packet.

Page 86 583568 V. Description of the invention (81)

Content Key Digital Rights Management (CKDRM) certificate. The source engine can then use the session key for this secure session to respond. According to the CCKMD-GET-CKCMD-COPY command, a particular case or destination may require a key box. Subsequently, the source engine 1410 will return the slot case, the golden record box and the revocation list of the destination together.

ContentKey Digital Rights Management (CKDRM) records Another method performed by an engine is this ContentKey Digital Rights Management (CKDRM) record, which is used to provide a way to bring content into this ContentKey Digital Rights Management (CKDRM) field . This approach is based on the assumption that one source is management content outside the field of ConttentKey Digital Rights Management (CKDRM). The destination is this (: 〇1 ^ 6111; 1 ^ 7 digital rights management ((: 1 (1) {^) field. And, the copy obtained is to manage content. $ This ContentKey digital rights management (CKDRM ) The recording method first establishes a secure conversation between an engine and a host. Therefore, this method is a secure application program interface (ΑΡ ί), which can only be used for hosts with ContentKey Digital Rights Management (CKDRM) recording permission The disclosure includes the following commands in this record agreement: CKCMd AUTHENTICATE, CKCMD_GET_CERTIFICATE, CKCMD ~ CREATE_FILE, CKCMD_RECORD_APPEND. In particular, the command ^ κ --AUTHENTICATE is used to supply the content The host can perform self-authentication on this engine, so as to establish this engine for ^

583568 V. Description of the invention (82)-Trust of a host computer for the use of the C ot n Ke Ke Digital Digital Rights Management (CKDRM) method. Therefore, the host will send its Content Key Digital Rights Management (CKDRm) certificate in a command packet, and the engine will also use the session key of this secure session to respond. CKCMD —GET —CERTIF I CATE This command enables the host that provides content to identify the engine, so as to establish the host's trust in the engine, so as to perform the content transmission action. The engine then transmits its digital rights management (CKDRM) credentials during the lean transfer process. The CKCMD_CREATE_FILE command is used to generate a new ContentKey Digital Rights Management (, CKDRM) file. In particular, this host is used to specify the record dialogue key for transferring content, and this content can also be transferred from this host to this engine using the command CCKMD —REC〇RD —AppEND. The command packet sent by this host includes basic file system (DFS) components (including: the location in the directory structure and the file name), which can be explicitly specified in this command packet. This command packet can clearly specify the connKeyKey digital rights management rules and an abolition list. In one embodiment of the present invention, the rest of this command f may include other objects of a file, which may be. Also 疋:, the default value and can use the DataPlay file system (dfs) command Force: to trim. In one embodiment of the invention, the received content is appended to the end of the file. 583568 V. Description of the invention (83) From the perspective of a host, the action of this recording function is referred to Figure 5 = to explain. In block 1510, a host application is used to determine the files and their directory paths to be imported into ContentKey Digital Rights Management (CKDRM). In block 1 52 0, this host is used to determine the attributes of the plan to be generated. It includes: directory path, slot name, attributes, multi-functional Internet mail extension (Μ I Μ E) type , [0 ntent Key Digital Rights Management (CKDRM) License, Revocation List ', Licensed (: 〇1 ^ 6111: 1 ^; ^ Digital Rights Management ((: 〇1 ^) Copy, and Licensed Digital Rights Management (DRM) copy. In block 丨 54, this host is used to determine the DataPlay file system (DFS) disposal of this destination directory. In block 1560, this host is used to issue the CKCMD AUTHENTICATE command, In order to initiate a secure conversation between this host and this engine, the credentials are set to this host

Content Key Digital Rights Management (CKDRM) certificate. In block 15 70, the engine is used to return this secure conversation record, namely: the ESessionKey field. In block 1 580, the host is used to issue the CCKMD_GET_CERTIFICATE command to authenticate the engine. Here, the 'certificate' is a ContentKey digital rights management (CKDRM) credential set for this engine. In block 1590, the host is used to confirm the engine and retrieve its public balance. In block 1592, the host uses the CCKMD_CREATE_FILE command to generate the destination file. In one embodiment of the invention, this generated destination file includes

583568 V. Description of Invention (84) There are materials that control the use of this file. For example, this data optionally includes the following information, such as: the disposition of the destination directory, the length of the revocation list, the coded Content Key Digital Rights Management (CKDRM) licenses and attributes, c〇ntentKey Digital Rights Management (CKDRM) copy, these licensed Digital Rights Management (dRm) copies, these encrypted secure session keys, and the engine is CKCME) — the value of this ESessionKey returned by the command _AUTHENTICATE. Other data may include: the encryption record conversation key selected by the host, the message authentication code calculated by the host for the revocation list data, the message authentication code calculated by the host for the command packet, and the code as a The file name of the DFSNΑΜΕ data type and the revocation data associated with this file. In block 1 594, this host is used to issue a dfSCMD — GET HANDLE command to retrieve the disposal of this newly generated file. In block 1 596, the host is used to set these attributes and the MIME type to the correct state. In block 1598, the host uses one or more CCKMD —RECORD — APPEND commands to write the content to the file. CKCMD —RECORD —APPEND This command is used to indicate the following blocks, including: RecordOpt ion field, which can be used to confirm the RECORD —FOREVER field, RecordFile field, which is the DataPlay to be written to the file File system (DFS) processing and the engine is the disposal field and ByteCount field returned by the previous CCKMD_CREATE_FILE command, which is the number of bytes in this file (if confirmed in the Record option

Page 583568

RECORD a FOREVER field, then the ByteCount block can be any value), ESessionKey field, which is the encrypted secure session key, and it is the same as the ESessionKey value returned by the command CKCMD-AUTHENTICATE The value, and the ErecordKey block, are the encrypted record dialogue key selected by the host, and the ErecordKey block is transmitted by the host in the CCKMD CREATE FI LE command.

In box 159, the host transmits the entire coffin in this data transfer process. In one embodiment of the present invention, if more than one CCKMD-RECORD-APPEND command is used, the ErecordKey bit must always be the same, and this data must also be used for a single record dialogue gold loss (which is expressed as a single ERecordKey Value) The contents of the encryption operation. In another embodiment of the present invention, the ErecordKey block can be changed with each CCKMD_RECORD_APPEND command.

ContentKey Digital Rights Management (CKDRM) playback The ContentKey Digital Rights Management (CKDRM) playback function is a method of playing content, where this content is managed by the ContentKey Digital Rights Management (CKDRM). As shown in Figure 16, one source is managing content within this ContentKey Digital Rights Management (CKDRM) area. According to the invention, this source file must be unlocked and have a ContentKey Digital Rights Management (CKDRM) playback license. This destination is a host that acts as a player. According to the agreement shown in Fig. 16, the c o n t e n t K ey digital rights management (CKDRM) playback protocol must first be established between a host and a host.

583568 V. Description of Invention (86) A secure conversation. According to an example of the present invention, the ContentKey digital rights management (cRM) playback method is a secure application programming interface (API), and can only be performed on a host with ContentKey digital rights management (CKDRM) playback permission Expose. The ContentKey Digital Rights Management (CKDRM) playback agreement is completed using the following commands, which include: CKCMD — AUTHENTICATE, CKCMD — GET — CKDRM — PLAY — KEY, and CKCMD — PLAY. — —

In block 1610, the method first starts with CKCM1) — the AUTHENTICATE command, which is used to enable the host player to perform self-authentication on the engine, thereby establishing the engine's trust in the destination, and performing 〇 Use of the tentKey Digital Digital Rights Management (CKDRM) method. In block 1620, the host is used to transmit digital rights management (CKDRM) credentials in the command packet. The engine can then use this conversational record of secure conversations to respond. Then, in block 1 640, the command CCKMD_GET_CKDRM_PLAY_KEY is to make these Conttent Key Digital Rights Management (CKDRM) broadcasts

The release permission enables inspection operations. In block 1 650, the playback session is established and the playback session key for a particular file is returned. In block 1660, the CCKMD-PLAY command is used to enable the engine to return the contents of this particular file. Figure 17 is used to introduce a more detailed playback method, which uses the commands described above. In block 1710, a player first decides

Page 92 583568 V. Description of the invention (87) Announcement broadcast by celebrities. A user can insert source media into this engine 'and' this host will issue a CKC0-AUTHENTICATE command 'in block 1 7 20 to initiate a secure conversation between this engine and this host. In block 1720, this certificate is also set as the Content Key Digital Rights Management (CKDRM) certificate of this host. In block 1740, the engine is used to return the secure conversation key, which is: E S e s s i ο η K e y field. In block 1750, the host is used to issue a ckco GET CKDRM-PLAY-KEY command 'to establish a playback session and obtain the playback session key for this broadcast. The ESessionKey is the encrypted secure conversation record and will have the same value as the ESessionKey value returned by the engine for AUTHENTICATE. In this block 1760, the engine is used to return the playback session key, which is the ESessionKey field. In block 1 770, this host is used to issue one or more CCKMD-PLAY commands to retrieve the corresponding content. Corresponding to these commands, the engine can return these contents in block 1780. In one embodiment of the present invention, the command CKCMD-PLAY is used to explain that these contents are for retrieving actions and do not stop the retrieving actions due to irreversible errors. In particular, in one embodiment of the present invention, a PlayOptions field is set after confirming PLAY_STREAMING, which is used to perform serial playback and does not stop due to a certain playback error. In addition, after confirming the PLAY —TO —EOF command, this content will continue to play to the end of the file, completely ignored

583568 V. Description of Invention (88)

ByteCount.

The ContentKey Digital Rights Management (CKDRM) of these playback commands cooperates with the Application Programming Interface (API) of the DataPlay File System (DFS) to perform actions. For example, the P1 ay F i 丨 e command is a D a t a P 1 a y slot system (d f S) command, which is set to specify the DataPlay file system (DFS) to play the broadcast. Just like the other methods implemented by the ContentKey Digital Rights Management (CKDRM), the playback function ESessionKey is an encrypted secure conversation record and has the same value as the ESessionKey value returned by this engine for CKCMD-AUTHENTIC ATE. Other useful data blocks include: the ByteOf f set field, which is set to zero, to start playback from the beginning of the bid, and the By teCount field, which can be set to the bytes that the host desires to receive number.

ContentKey Digital Rights Management (CKDRM) unlocking Figure 18 is another way to introduce this ContentKey Digital Rights Management (CKDRM) implementation. ContentKey Digital Rights Management (CKDRM) unlocking is a method to change a ContentKey Digital Rights Management (CKDRM) file from a locked state to an unlocked state. After this method is successfully completed, the target file will be unlocked. Otherwise, these licenses and metadata will not be changed. Figure 18 is used to introduce the contract key unlocking agreement (CKDRM). The commands used in this protocol include: CKCMD_AUTHENTICATE, CKCMD_GET_CERTIFICATE, and

583568

Information required for unlocking functions There is a secure conversation between hosts. Rights management (CKDRM) unlocking Program interface (API), and only rights management (CKDRM) unlocking CKCMD UNLOCK_FILES. This security conference requires that on one engine and one such, the C ο n t e n t Ke e y digital method can be a secure application. Only hosts with C ο n t e η 1: K e y number licenses can be disclosed. After the host decides the files to be unlocked in block I 860, the host can obtain the disposal of these locked files in a list manner in block 1 862. In one embodiment of the present invention, the list is obtained by searching the directory structure and paying attention to all the cases with locked file attributes. In another embodiment of the present invention, the related format ^ can be used to specify locked content and related to the provisioning software package. In block 1 864, the host application is used to issue the CKCMD-AUTHENTICATE command, whereby Perform self-authentication on the engine, process three, and begin a secure conversation. Here, the credential is set as an intelligence parent exchange server | § (: 〇1 ^ 6111: 1 (67 digital rights management ((; | (01 ^) credential. In block 1866, the engine is It is used to return this secure conversation key ', ie: ES essi ο η Ke ey. In block 1686, the host is used to issue the command CKCMD-GET-CERT IFI CATE to identify the engine. Here, The certificate is set as the Content Key Digital Rights Management (CKDRM) certificate of the engine. In box 1870, the host is used to recognize the engine and retrieve its public key. Then, in box 1 872, CKCM])

Page 95 583568 V. Description of the invention (90) UNLOCK —F ILES This command is used to allow this host to specify the file to be unlocked. The number of files to be unlocked is specified in a FileCount stop during data transfer. The DataPlay File System (DFS) disposal of these 1 unlocked files is specified in the Handle block of this FleSet array during data transfer. In block 1874, the engine is used to adjust the properties of these files. Among them, these files are referred to by using the FiLeSet block. Other information useful in this unlocking method includes the following shelves ...

Fi leCount field, which is set to the number of slot cases to be unlocked,

The EunlockKey field, which is the encryption and unlocking key required for the encryption and decryption of the complement of the key, the Emediald block, and the encrypted media identification code and public media identification code of the destination media, F丨 1 e $ et _ bit 'This is the list of identification codes of the building case to be unlocked: DataPlay file system (DFs) disposal of files in each entity i), and EkeyComplement field, which is Encrypted Golden Loss Complement (where the key complement is from the appropriate data base, > noon J. This unlocked key is used to encrypt the key complement value. In addition, DataMac's block is a hash function that sets this data envelope to another 'fileSet' block.

Finally, in block 1876, the host application is difficult. Ji Jiu obtains the status of the file that he wants to unlock to check whether the transaction is successful. Third-Party Digital Rights Management (TPDRM) Copy Third-party Digital Rights Management (TPDRM) copy is one of the transfer of management content in the ContentKey Digital Rights Management (CKDRM) field

Page 96 583568 V. Description of the invention (91)

Methods. This source is the management content within the Con ten tKey Digital Rights Management (CKDRM) field. This source broadcast must be unlocked and must have a third party digital rights management (TPDRM) copy license. These third party digital rights management (TPDRM) copy licenses, according to an embodiment of the present invention, include: a non-zero third party digital rights management (TPDRM) copy count value, and a third party digital rights management (TPDRM) ) Free copy status, or an unlimited first-generation third-party digital rights management (TPDRM) copy status. This destination is an area of third party digital rights management (TPDRM). And, the obtained copy is the management content managed by the third party digital rights management (TPDRM) of this destination. In one example of the present invention, the reserve third party digital rights management (TPDRM) copy count of this source file will be decremented during the CCKMD_GET_DRM_COPY command, if necessary.

Figure 19 is used to introduce this third party digital rights management (TPDRM) replication agreement. As with other methods previously described, this third-party digital rights management (TPDRM) replication requires a secure conversation between an engine and a host. In this way, this third-party digital rights management (TpDRM) replication method can become a secure application program interface (Ap!

), And can only expose hosts with digital rights management (DRM) copy permissions. Digital Rights Management (DRM) copy permission is to use the following commands, which include: CKCMD_AUTHENTICATE, CKCMD ~ GET_METADATA, CKCMD_GET_DRM_COPY, and CKCMD_PLAY. One — 583568 5. Invention description (92) "-In block 1910, the command CCKMD_AUTHENTICATE is used to enable this second party digital rights management () to enter this engine = self-authentication program, Based on this engine's trust in this third party digital rights = management (TPDRM), the use of the ConntentKey digital rights management (CKDRM) method is performed. In block 1920, the host transmits the third-party digital rights management (ding?]) 1 ^) (: 〇1 ^ 6111: 1 ^ ¥ digital rights management ((:: 1 (1) 1 ^) certificate. In block 1 930, the engine responds with the session key of the secure session.

In block 1 940, the CCKMD_GET_METADATA command is used to $ This third party digital rights management (TPDRM) can retrieve security metadata related to the coffin to be played. In block 1950, the engine is used to return a key to decrypt the metadata. In addition, the engine will also return the encrypted metadata in block 1950. In block 1 960, the command CCKMD—GET —DRM —COPY is used

$ Allows this engine to check the third party digital rights management (TpDRM) copy, create the playback session, and return the playback session key and revocation list for a specific file. In box 丨 97, the command — COPY —Count is used to decrement the value of this file, if necessary. In block 1980, the CCKMD-PLAY command was used to enable the engine to return the contents of this particular file. Figure 20 is an example method used to introduce this third party digital rights management (TpDRM) copy. As shown in the figure, this third-party digital rights management (TPDRM) application is used to determine the set of files to be copied.

Page 98 583568 V. Description of the invention (93)

In box 2 10 'a user first inserts the source media into the engine. In block 2020, this host is used to issue a CKCMD-AUTHENTICATE command to establish a secure conversation between this engine and this host. This certificate is a ContentKey digital rights management (cRM) certificate set as the third-party digital rights management (TPDRM). In block 2030, the engine is used to return the secure session key, which is the ESessionKey field. In an example of the present invention, the content key digital rights management (CKDRM) certificate of the host third party digital rights management (T p j) r μ) also includes a Metadataldentifier field. In block 2040, 'this host is used to issue a ckcmd GET ME E T A D A T A command' to retrieve the security metadata of this third party digital rights management (TPDRM) ', which is related to this coffin case. The AssociatedFile field is set by the DataPlay file system (DFS) for this related building case (ie, the project to be copied). The ESessionKey field is the encrypted secure session key, and the ESessi⑽Key bit returned by the engine for CKCMD-AUTHENTICATE has

The same value. In block 2 050, this engine is used to return metadata, that is: associated with the AssociatedFile block, and with the third party digital rights management (TPDRM) specified by the certificate retrieved in the CKCMD-AUTHENTICATE command ) Related metadata. In an example of the present invention, the third-party digital rights management (TPDRM) is used to implement the management rules (including the rules specified by the metadata) of the third-party digital rights management () and determine this

Page 99 583568 V. Description of the invention (94) Includes whether the project title Yu Yu has the permission to copy the digital rights management (Tp⑽μ) of the younger brother. In one embodiment of the present invention, the third party digital rights management (TPDRM) must not perform the content copying action unless a copying permission is not obtained.

In block 2060, this host is used to issue a ckcmd GET DRM-COPY command to establish this playback dialog and obtain a list of playback dialogs for this file. This Sour ceFi U block is handled by the DataPlay Broadcasting System (DFS) of the file to be copied. In block 207Q, the engine is used to return the playback dialog key (ie, the EsessionKey field) and the revocation list (ie, the field). In block 2 0 0 'according to an embodiment of the present invention, the host is used to issue one or more CCKMD_PLAY commands to retrieve corresponding content. The niches of these playback commands include:? 137〇1) 1; 1〇1 ^ Blocking is to confirm the PLAY — STREAM I NG command (normal playback; stop when playback error) and confirm the PLAY — TO — EOF command (play to the end of the file; ignore ByteCount This field) is set, and the P 1 ay F i 1 e block is set to specify the desired slot. It can be handled by the DataPlay Audit System (DFS) to copy the file,

The ByteOffset block can be set to any value and the ESessionKey field, which is an encrypted secure conversation record, and has the same value as the ESessionKey block returned by this engine for CKCMD-AUTHENTICATE. In block 2090, the engine is used to return the corresponding content. Read secure metadata

Page 100 V. Description of the invention (95) Reading secure metadata is a kind of ContentKey digital rights management (CKDR is located in this-a third party owns. In part m, Asia and by the subject The case must be unlocked. = Relevant files, and related to the host i specified by this security conversation, one

Just like using other methods, I said that A must be the first one to establish a secure security guard between an engine and a mainframe. L +, workers, ^, and the queen do the same. This method of reading secure metadata can be a secure application program interface (Ap 丨), and can only be used to have permission to read secure metadata. The host is exposed.

Figure 21 is used to introduce this read security metadata protocol. This read security metadata protocol is implemented using the following commands, which include: CKCMD_AUTHENTICATE, and CKCMD_GET_METADATA. As mentioned earlier, the CKCMD-AUTHENTICATE command is used to enable the host to perform a self-authentication procedure on the engine, thereby establishing the engine's trust in this destination, and performing C ο ntent K ey digital rights management (CKDRM) Use of methods. According to the CKCMD-AUTHENTICATE command, the host sends its Content Key Digital Rights Management (CKDRM) certificate in this command packet. Subsequently, this quote

The engine can use the conversation key of this secure conversation to respond. CKCMD —GET —METADATA This command is used to enable the host to read the security metadata associated with this file. According to the command CKCMD —GET —METADATA, the engine can return a key for decrypting the metadata and also return the encrypted metadata.

Page 583568

Mingshen f, Figure 21 'In block 2 u 〇, the host first decides the file associated with the material to be read. Therefore, this transaction, in block 2120, includes: a user inserts a source media into the engine.

In block 2130, this host is used to issue a (: 1 [(^ 1) —AUTHENTICATE command to establish a secure conversation between this engine and this host. This credential is set to the host's coneKey Digital Rights Authority (CKDRM) credentials. In block 21 40, the engine is used to return the secure session key, which is the ESessionKey field. In block 2150, the host is used to issue a Use the (^ 1) — GET —METADATA command to retrieve the security metadata in this host that is associated with this file ^. The AssociatedFile field is the DataPlay file system (DFS) set to the file related to these metadata ) Disposal. The block of ESessionKey is the encrypted secure conversation key and will have the same value as the ESessionKey value returned by the engine for CCKMD_AUTHENTICATE. In block 2160, the engine is used to return Metadata field, which is the file specified by the AssociatedFile block and the CCKMD — AUTHENT I CATE command specified by the receiving certificate Even the metadata off.

Write secure metadata This write secure metadata function is used to provide a method for recognizing content. 'This content is included in the ContentKey Digital Rights Management (CKDRM) domain and is owned by a third party. . In one embodiment of the invention, this related source file must be unlocked

P.102 583568 V. Description of the invention (97). However, the status of this related file may also change according to the design requirements. This metadata is associated with this file and with the host specified by this secure conversation. This protocol first establishes a secure session between an engine and a host. In this way, this method of writing secure metadata can become a secure application programming interface (API), and can only expose hosts that have permission to write secure metadata. This protocol for writing secure metadata is implemented using the following commands, including: CKCMD _ AUTHENTICATE, CKCMD_GET_CERTIFICATE, and CKCMD_SET_METADATA ° As mentioned earlier, the CKCMD _AUTHENT I CATE command is It is used to enable a host to perform a self-authentication procedure on an engine, thereby establishing the trust of this engine for this destination, and thereby using the Con Tent Key Digital Rights Management (CKDRM) method. According to the CKCMD _ AUTHENTICATE command, the host will send its ContentKey Digital Rights Management (CKDRM) certificate in this command packet. The engine then uses the conversation key of the secure conversation in response. The CKCMD _AUTHENTI CATE command is used to enable the host to supply and identify the content of the engine, so as to establish the host's trust in the engine, so as to perform the content transfer action. The engine then sends its ContentKey Digital Rights Management (CKDRM) credentials during the data transfer process. CKCMD —SET —METADATA This command is used to enable this host to

Page 103 583568 V. Description of Invention (98) Write security metadata related to this file. According to the command CKCMD —SET — METADATA, the host sends a key to decrypt the metadata and the encrypted metadata.

Figure 22A is a protocol used to introduce this method of writing secure metadata. In block 2210, the host first determines the building case related to the metadata to be written. In block 2 2 0, a user inserts the destination media into the engine. In block 2230, the host is used to issue a CCKMD_AUT HE NT I CATE command to initiate a secure conversation between the engine and the host. Here, this certificate is set as the Conttent Key Digital Rights Management (CKDRM) certificate of this host. In block 2240, the engine is used to return the secure session key, which is the ESessionKey block. In block 2250, the host is used to issue a CCKMD_GET_CERTIFICATE command to authenticate the engine. Here, this certificate is the ContentKey Digital Rights Management (CKDRM) certificate set as the engine. In block 2260, this host is used to confirm the engine and retrieve its public balance. In block 2 270, this host is used to publish a CKCMI) δΕΤ-——

The METADATA command is used to transmit security metadata related to this file in this host. Assoc i a tedFile This block is set to the DataPlay File System (DFS) location of the file associated with this metadata. The ESessionKey block is an encrypted secure session key and has the same value as the ESessionKey block returned by the engine for CCKMD-AUTHENTICATE. Metadata

Page 104 583568 V. Description of Invention (99) is about the file specified by the AssocatedFi 1 e field and the host specified by the receipt certificate in the command CKCMD-AUTHENTICATE. Please refer to Table 4 below for permission to the above order. Form 4A

Order the current secure session to lock the object host permission object permission annotation Public key) Confirmation CKCMD_CREATE_FILE needs to be unable to apply CKDRM record parent directory: DFS writes the directory to generate new files must have DEFENDANTS write permission CKCMD_GET_CERT IF I CATE is not required can not be applied can not be applied can not apply CKDRM application program interface non- Security order. CKCMD —GET —CONTENT —KEY —COPY Need to disallow CKDRM to copy non-zero CK copy, CK free copy, or unlimited first generation CK copy CKCMD — GET — CKDRM One ID is not required and cannot be applied. Security order.

CKCMD — GET — CKDRM — PLAY_KEY needs to disallow CKDRM to play CKDRM playback, DFS reads CKCMD — GET — TPDRM — COPY needs to disallow TPDRM to copy non-zero TPDRM copy, TPDRM free copy, or unlimited first-generation TPDRM copy CKCMD — GET —METADATA requires permission to read secure metadata files and must have metadata from the host. CKCMD _PLAY does not allow CKDRM to play CKDRM playback or TPDRM replay

Page 105 583568 V. Description of the invention (100) system, DFS reads CKCMD —RECORD —APPEND CKDRM records need to be licensed CKDRM records, DFS writes off DFS writes and DFS write adjustments to reject further records. CKCMD_SET_KEYBOX does not need to be unlicensed. It must not have CKDRM metadata. Non-secure commands for the CKDRM application program interface. CKCMD —SET —METADATA requires permission to write secure metadata CKCMD—UNLOCK—FILES requires permission to unlock CKDRM files must have CKDRM metadata

Please refer to Table 4A. The following commands (including: · RECORD _ APPEND 'PLAY, GET—DRM—PLAY—KEY > GET—DRM —

COPY 'GET_CKDRM_PLAY_KEY, GET_CKDRM_COPY, and CREATE_FILE'), as part of their agreement, each includes a consideration that includes a media identification code. A media identification code is a unique identification code that is generated during the production and pre-recording of the original film of a media. According to different design requirements, this unique media identification code may correspond to an original film or each media. The other media identification code is a unique identification code generated in the media's blocking application. This unique media identification number corresponds to each media, such as a media disc. In each case, however, this media identification code can be pre-recorded on a disc, corresponding to the original film production, pre-recording, or the like. Furthermore, in each case, this media identifier can also be written into the media (various

(The recorded content of the media recording system based on 583568 on page 106 will have an identification code for writing.) The total content of the system is pre-recorded. The pre-recording system is locked. An implementation identification code is used to indicate that the 4B pre-recorded pre-recorded forged content The identification code is provided by Security V. Invention Description (101) (such as a disc), so as to correspond to the identification code. Therefore, only the media part to which the data belongs belongs, and the media department to which the input data belongs provides this secure electronic type. As shown in Table 4B, there are four types of identification first recording identification code, writing identification identification code, locked content, and subsequent recording content. Only two types in this secure electronics are used in the pre-recorded example. Type, so a forged disc. Content written by Content that has been written. This pre-recorded t exists in the original film production / pre-write. This write-in media ID is only divided. Please refer to the following table 4B. The "secure electronic content (SEC)" in the valley (SEC) system may include: a pre-recorded identification code of pre-recorded content, and a write-identification code of pre-recorded content. Pre-recorded media identification code for unlocking operation. In the content (SEC) system of the present invention, there are four other two types of existence that can be used by the electronic content (SEC) system

The written media identification code forgery is used by the secure electronic content (SEc) system. Please refer to Table 4A. The following commands (including: rec〇rd — APPEND, PLAY, GET — DRM — PLAY — KEY, GET — DRM " ^ COPY, GET_CKDRM_PLAY_KEY, GET_C0NTE1T_KEY_COPY and CREATE_F ILE) 'as part of their agreement, including

Chapter 107

JOJJOO V. Description of the Invention (10 2) There is a media _-Wu Er's knowledge of Li: 1:: f. A media identification code is a unique recording process in which wf is added to the original film production and pre-production of a media. According to different design needs, this singularity. In each: sub: can f be an original film or each media is produced in a tablet κ μ, and this media identification code can be recorded in advance and recorded, or if the content is using the original film The film making and forecasting will only be prepared by a few methods. This media identifier is due to the section. ^ In the media to which the original film production / pre-recorded content belongs (sic. 7 " if4C ^), this is the type of identification code that IIA can enter. As shown in Table 4C, ΐ ::: The content (SEC) system has a total of four types of pre-recording and i-in-i. Pre-recording, pre-M with these identification codes, 丨 step on. 々 "· 70 mixed identification codes, write-only identification codes, The four types of media types for identification and forgery identification include: media that holds pre-recorded locked content of subsequent ~ ^ 疋 actions, media that only holds Jiuya from Jie Er, and media that holds both A type of mixed internal two A media. According to an unlocking agreement, when the content is released, 2 t action, the content's identification code will be pre-recorded = part of its identification code is pre-recorded and written into this identification The other part of the code is this. For those media that holds the pre-recorded locked content that is subsequently unlocked, this identification code can always have a pre-recorded identification code associated with it. Table 4C First record the mixed write forgery, page 108 583568 5 'Invention Description (103) The media cannot know whether the pre-recorded locked content that will be unlocked will have the pre-recorded unlocked content at the time of purchase No = Table 4B And Figure 22B, which is used to provide a way to borrow

: Judgment: "Inside" is forged. This method can be executed during the following 9 orders according to the design requirements f, which include: rec〇rd AppEND, PLAY, GET-DRM-PLAY-KEY, GET-Drm c 〇pY—, GET

CKDRM__PLAY__KEY ^ GET ^ CONTENT jeyIcOPY ^ CREATE —FILE, or any other command. Block 2202 is used to perform a table lookup of a key box. Box 2204 is used to retrieve a key box through a file. In one embodiment of the invention, the key box must be encrypted and linked to a location. In block 2206, an engine is used to decide whether the action expected from this command ', the media identification code, should be written or pre-recorded. In = 08, the key box link identifier flag is compared with a key box mastering method, however, this implementation will also depend on the selected command. Furthermore, in block 2208, this method based on the selected command is also compared with the media identifier associated with the command and / or with the identifier flag associated with the media identifier. If the ID or ID flag is not pre-recorded for those that require a pre-recorded ID or flag, Block 2212 can provide an abort action for some or all of the functions of this command. In the present invention

Page 109 583568 V. Description of the invention (104) --------- In the column 'When this identification code is actually located in the written content-a disc ^ solid neighbor, a forged identification code will be in Before an engine, has been identified as a pre-recorded identification code. The decision made by this engine, whether pre-recorded or written, depends on ^. How does the code identify itself and the identification code on the media. Therefore, the present invention can prevent the forged media disc from performing all functions. The following table 5 is used to provide the datapiay file system (dfs) command permission, including the pre-recorded and ContenfKey digital rights management (CKDRM) file suggested status. Table 5 File Type Read / Adjust Write / Adjust Move / Adjust Re-Delete / Adjust Comments On / off off / off off / on / off / on / off off after the recording is completed, $, and DFS write adjustments. The move, reorder, and delete functions are denied, but these permissions are allowed to be adjusted. The first part of each project is the status of the "^" file system (dfs / permission attribute), and the second part is the blocking status of the attribute adjustment mask in the DataPlay system (DFS). When the property is adjusted and the cover is closed, the 'permission property cannot be changed further. The ContentKey Digital Rights Management (CKDRM) command described earlier is

Page 110 583568 5. Description of the invention (105) This Conttent Key Digital Rights Management (CKDRM) part will act according to the following table: CKDRM-AUTHENTICATE: Confirm and authenticate the authenticity of the host and establish a secure dialog. Table 6: Command startup register name and numerical description Control register FUNCTION CODE = 011 Reset the byte count index to the low byte Byte count register CKCMD—AUTHENTICATE—SIZE command packet size control register FUNCTION—CODE = 001 Start command 丨 Table 7: Command packet | Byte shift field name type description ^ 0HostCmdU8 Command code l CkSubCmdU8 Command code 2: 241 CertificateCKDRM One CERTIFICATE CKDRM certificate of the host Table 8: Data transfer (From the engine to the host) Type description of the byte shift field name .. 3 7ESessionKeyWRAPPED A KEY session key for a new secure session. According to an embodiment of the present invention, any host can access the CKCMD-AUTHENTICATE command. This host must be able to transmit a valid

Page 111 583568 V. Description of Invention (106) '" ~

ContentKey Digital Rights Management (CKDRM) credentials to ensure the success of this command. Any current security conversation will be interrupted. A successful execution will result in a new current security conversation. The parameters and settings of this command include: H〇stCmd is set to DPICMD —CK COMMAND, CkSubCmd is set to CKCMD-AUTHENTICATE, the certificate is set to the ContentKey Digital Rights Management (CKDRM) certificate of this host, and £ 8638 1〇11 £ 67 is It is a secure conversation key that uses this host ’s (: 〇1 ^ 6111: 1 ^ 7 digital rights management (CKDRM) agreement public key to perform cryptographic actions. If this host can block the decryption correctly, it will Perform an inherently differentiating action. As mentioned in the method performed by this engine, this authentication command will enable a host to send its ConntentKey Digital Rights Management (CKDRM) credentials to this engine. This engine It is used to confirm and authenticate this certificate. In addition, the engine can also be used to retrieve these method permissions. 'The engine will then generate a secure session key and store this key and this host certificate. So far , This host can become the current host for this secure conversation and the Digital Rights Management (CKDRM) command. In an example of the invention, initiating this authentication command will interrupt all existing security conversations. Therefore, a successful command will only initiate a new security conversation. In addition, the value of the ESessionKey block can also be used to do Identify another 1J code for this secure conversation. CKCMD_GET_CERTIFICATE: Transfer the ContentKey Digital Rights Management (CKDRM) certificate of this bow to this host.

Page 112 583568 V. Description of the invention (107) Table 9: Command start register name and value description Control register FUNCTION —CODE = 011 Reset byte count index to low byte byte count temporary register CKCMD _GET _CERTIFICATE _SIZE command packet size control register FUNCTION —CODE = 001 start command table 1 0: Command packet byte shift field name type description HostHost CmdU8 command code lDf sSubCmdU8 subcommand code Table 11: Command Transfer (from engine to host) Byte shift field name type description

0: 23 9Cert if icateCKDRM—CERTIFICATE CKDRM credentials for this engine Any host can access the CKCMD —AUTHENTICATE command. The parameters used by this command include: HostCmd, which is set to

DPICMD_CK_COMMAND command, CkSubCmd, which is set to CKCMD_GET_CERTIFICATE, Certificate, which is the Content Key Digital Rights Management (CKDRM) certificate of this engine. CKCMD —GET

Page 113 583568 V. Description of the invention (108) The CERTIFICATE command is used to transfer the Conte ^ itKey Digital Rights Management (CKDRM) certificate of this engine to this host, so that the certificates of these hosts can be made (through Ccmd AUTHENTICATE) It is transmitted to another engine so that if necessary, it is used as part of the CKDRM copying method, recording method, writing metadata method, and unlocking method. CKCMD_CREATE_F ILE: Check the ContentKey Digital Rights Management (CKDRM) record permission, generate a new ContentKey Digital Rights Management (cRM) file object in a given directory, and establish a write / record dialog. Table 12: Command Start Register Name Value Description Control Register FUNCTION_CODE = 011 Reset Byte Count Index to Low Byte Byte Count Register CKCMD —CREATE_FILE —SIZE —NO — NAME + n command packet size control temporary storage HFUNCTI ON_CODE = 001 start command brother 1 3 table: command packet byte shift field name type description 0 HostCmdU8 command code lDfsSubCmdU8 secondary command code 2: 3RevocationByteCountU16 expected in the revocation list Number of bytes

Page 114 583568 V. Description of the invention (109) 4: 7ParentDFSHANDLE Directory of slot case 8: 9CKDRMStateCKCMD_STA_TE Encoded CKDRM attribute and file permission. Please refer to the encoding method. 10CKDRMCopiesU8 agrees the number of CKDRM copies llDrmCopiesU8 agrees the number of DRM copies 12: 15ReservedU16 〔2〕 reserves 16: 31ESes si onKey WRAPPED _KEY security dialogue key 32: 4 7ERecordKey WRAPPED _KEY record dialogue key 48: 67RevocationMacMAC MAC 68: 8 7 CommandMacMAC Message Authentication Code 88: n + 87NameDFSNAMEn Byte Case Name Table 14: CKDRMState Field (CKCMD _STATE Type) Bit Name Description FILE _CKDRM _C0PY _FREELY indicates whether these CKDRM can be copied without restriction Execute FILE_CKDRM_LOCKEDO = Generate an unlocked file 1 = Generate a locked file FILE_CKDRM_PLAY indicates whether to agree with this CKDRM playback method FILE __DRM _C0PY _FREELY indicates whether these DRM copies can be performed without restriction FILE _UNLIMITED _FIRST _GENERATION _CK _C0PIES indicates Whether the first generation of CKDRM replication can be performed without limit FILE UNLIMITED FIRST GENERATION _DRM _C0PIES table

Page 115 583568 V. Description of the invention αιο) --- Shows whether the first-generation DRM copy can be performed without limit Table 15: Data transfer (from host to engine) Byte displacement field name type description 0: RevocationByteCount — 1 Abolition of the list file Abolition of the list CKCMD_CREATE_FILE This command may require a current security dialog. Therefore, only the host with the permission of the Conttent Key digital rights management (ckdrm) recording method can access the CKCMD-CREATE F I LE command. parent must specify a directory with write permissions. This command parameter with equipment includes: HstCmd, which is set to DPICMD_CK_COMMAND 'CkSubCmd, which is set to CKCMD_CREATE_FILE, Rev_cationByteCount, which is expected in the data phase of this command Number of bytes, Parent, which is the directory disposal written in the broadcast. CKDRMState is the contractKey Digital Rights Management (CKDRM) attribute and permission for this project. CKDRMStai: The member block of the e field is specified using the CKDRMState block table. CKDRMCopies is used to refer to the number of C 0 n ^ e n Ke y Digital Rights Management (CKDRM) copies that this file can perform. This number is the starting value of the ContentKey Digital Rights Management (CKDRM) copy count value. This ContentKey Digital Rights Management (CKDRM) replication method must be able to use a non-zero value.

Page 116 583568

DrmCopies is used to specify the number of digital rights management (DRM) copies that this file can perform. This value is the copy count value of this Digital Rights Management (DRM). This digital rights management (⑽%) replication method must be able to use a non-zero value. ESessionKey is the current secure session key, and it is the CORM — AUTHENTICATE command related to this ContentKey Digital Rights Management (CKDRM) method. — ERecordKey is the record conversation key of this file, and it uses the engine's public key to perform encryption operations. This 5:] ^ £ 〇1 ^ 1 ^ 7 value is the value that all CKDRM-RECORD —APPEND commands in this file must use. This value is used to imply that the CKCMD —RECORD —APPEND command data of this file is encrypted using this record conversation key. RevocationMac is the message identification code of this data phase. CommandMac is the message authentication code for this command packet. This message identification code is calculated using the previous field of this command packet and includes: byte 0 to byte 67. Name is for this file

DataPlay Broadcasting System (DFS) name. Revocati〇nList is the abolition list for this slot case. The CKDRM_CREATE_FILE command is used to generate a ContentKey Digital Rights Management (CKDRM) file in this specified directory. This file has zero file length at the beginning. The location of the generated file can be obtained using the command DFSCMD -GETHANDLE. Subsequently, this process is applied to the following CCMMD —RECORD — append command. These project attributes and multiple Internet mail extensions

Page 117 583568 V. Description of the Invention (112) (MIME) type is set to the default value. In addition, the metadata of this coontentKey digital rights management (CKDRM) is set to CKDRMState 'CKDRMCopies, Drmc〇Pies, and

RevocationList The values specified by these fields. CKDRM — GET — CKDRM COPY: Checks the copy rights of Conttent Key Digital Rights Management (CKDRM), and transfers out the key box and destination ID of a specific file. In addition, the file's copyKey digital rights management (CKDRM) copy count will be decremented as needed. This transfer action is transferred from this engine to this host.

Table 16 ········································ Control register FUNCTION_CODE = 011 resets the byte count index to the low byte byte count register CKCMD GET —CKDRM —COPY — SI ZE command packet size control register FUNCTION_CODE = 001 start command

Table 17: Command packet Byte shift field name type description 〇 HostCmdU8 command code lDfsSubCmdU8 command code 2: 3ReservedU16 Reserved 4: 7 SourceFi leDFSHANDLE Get file of key box 8: 39CKDRMIdU2 5 6 Copy destination identifier

Page 118 583568 V. Description of the invention (113) 4〇: 5 5 £ 8633: [〇111 ^ ”1 ^ ?? £ 1) _1 (£ ¥ Current security conversation key Table 18: Data transfer (by engine To host) Byte displacement field name type description]: nKeyBoxSorcefile and destination Jinyu box In one embodiment of the present invention, the command CKCMD — GET — CKDRM — COPY can only operate in a current security dialog. 1. In addition, only hosts that have the ContentKey Digital Rights Management (CKDRM) copy method permission can access the CKCMD_GET_CKDRM_COPY command. Source must have one of the following three states, which include: : Non-zero ConntentKey Digital Rights Management (CKDRM) copy count value, a free copy status of a Connent Key Digital Rights Management (c KDR Μ), or a first generation ConnKeyKey digital rights management ( CKDR Μ) unlimited state of replication. In one embodiment of the present invention ^ 'CKCMD_GET_CKDRM_COPY is used for locked files, or files whose copy count is zero, false The destination file is marked as locked. The field parameters provided in these tables include: H ° stCm (i, which is set to DPICMD_CK_COMMAND, CkSubCmd, which is set to CCKMD_HT_CKDKM_COPY , SourceFile, which is the DataPlay File System (DFS) disposal to obtain the slot of this key box, and CKDRMId 'It is the identification code of the destination to which this transmission key box belongs. This identification code must be a CCKMD— GET-CKDRM-ID command

583568 V. Description of invention (114) Transmission result to this destination engine. In addition, E S e s s i ο η K e y is the current secure conversation key. KeyBox is generated using this engine. In addition, KeyBox is the key and revocation list of the file specified by SourceFile and the destination specified by CKDRMId. The engine then returns the KeyBox to the host. CKCMD — GET — CKDRM — COPY This command is used in the Conttent Key Digital Rights Management (CKDRM) replication method to obtain a key box that can be transmitted to a destination. This golden record box is related to SourceFile. In addition, this key box is used to provide the information needed to access (play) this content, which is kept in the copied file at this destination. If SourFiie has a free copy status of Content Key Digital Rights Management (CKDRm), then the resulting copy will also have a free copy status of ContentKey Digital Rights Management (CKDRM). Otherwise, the obtained copy will not have any ContentKey digital rights management (CKDRm) copy permission. If the hurceFi le has an unlimited first-generation contentKey digital rights f official management (CKDRM) copy status, then the cOntentKey digital The weight fg principle (CKDRM) copy count can then be maintained. Otherwise, if the number of Cji ^ tentKey digital rights management (CKDRM) copy counts is not the same, the value of the backup binary digital rights management (CKDRM) copy counts is decremented, and the countdown tM is stored before the command is completed. yBQX㈣㈣ will be related to this copy

Page 120 583568 V. Description of the invention (115) "-If the SourceFile has a ContentKey Digital Rights Management (CKDRM) free copy status, the resulting copy will also have a Content Key Digital Rights Management (CKDRM) freedom Copy status. Otherwise, the obtained copy will not have any digital rights management (DRM) copy permission. In addition, the Key Box field must then be transmitted to the destination engine to complete the Conttent Key Digital Rights Management (CKDRM) copy transaction 'as described previously by the ContentKey Digital Rights Management (CKDRM) copy method . CKCMD —GET —CKCRM — ID: Returns the information of the currently inserted media. Table 19: Command start register name and value description Control register FUNCTION —CODE = 011 Reset byte count index to low byte byte count register (: 1 ^% 0_6 £ 1'_ (： 1 ^ {^ _ 10_312 £ command packet size control register FUNCTION _C0DE = 001 start command brother 2 0 table · command packet byte shift block name type description 0 Η 〇st C md U 8 (unsigned Octet value) command code lDf sSubCmdU8 command code 2: 3ReservedU16 Reserved 4: 19SourceFi leWRAPPED _KEY current secure session key

Page 121 583568 V. Description of the invention (116) " ~ Table 21: Data transfer (from engine to host) Byte displacement field name type description 〇 ~ 31 <: KDRM —IdU25 6 CKDRM identification of currently inserted media According to an embodiment of the present invention, the command CKCMD — GET — CKDRM — ID allows any host to perform the access operation with the command aCKCMD — GET — CKDRM — ID. However, this engine does not need to be inserted into the media in advance. The parameters indicated in the above tables include: HostCmd, which can be set to DPICMD_CK_COMMAND eCkSubCmd, which can be set to CKCMD_GET_CKDRM_ID. In addition, Esession is the current security pair = key. In addition, CKDRM Id is an identification code used to indicate the currently inserted media and the current secure conversation. CKCMD_get_ckdrm_⑺ is used to return the media-specific information and can be used by various ContentKey Digital Rights Management (CKDRM) methods to use the media-specific information. In addition, other identification codes (such as: 9 a public media identification code) can also be supplied through this DataPla system (案 广 开 的 应用 程序 网络 (A P I)).

CKCMD — GET — CKDRM — PLAY — KEY: Check the content license management (CKDRM) playback permission, and establish a playback question Table 2 2 · Command start, register name numerical description control register FUNCTION_CODE = 0 11 Reset the byte count indicator to the low byte $

583568 V. Description of the invention an) Byte count register CKCMD —GET —CKDRM —PLAY —KEY —SIZE Command packet size control register FUNCTION CODE = 001 Start command Table 2 ： Command packet byte shift block Bit name type description 0 HostCmdU8 command code lDfsSubCmdU 8 times command code 2: 3ReservedU16 reserved 4: 7 PlayFileDFSHANDLE file processing required for this key 8: 23EssesionKeyWRAPPED—KEY current secure session key Table 24: Data transfer (from engine to host) Bit Tuple shift field name type description 0: 15EPlayKeyAES_KEY Play dialog key for a specific file. According to an embodiment of the present invention, this command will require the establishment of a secure session. In addition, only the host that has the permission of the ConntentKey Digital Rights Management Rule (CKDRM) playback method can access the command with the command [^^ —get CKDRM —PLAY_KEY]. In addition, ~ PlayFile must specify an unlocked file, or 1 ContentKey digital rights management (CKDRM) playback and "饨" 捭, with permission to read by the system (DFS). % Case The parameters used in this command include: H ° stCmd, which is set to

Page 123 583568 V. Description of the invention (118) DPICMD__CK__COMMAND, CkSubCmd, which are set to CKCMD_GET—CKDRM—PLAY—KEY, PlayFile, which is the DataPlay file system (DFS) disposal of files that want to return to play the conversation key,

Esession, which is the current secure conversation key. In addition, EPlayKey is a playback session key that uses this secure session key to perform encryption operations. This playback session key is proprietary to this file designated by P 1 ay F i 1 e. In particular, the play dialogue key is the gold used by P 1 ayF i 1 e in the subsequent CKCMD-Play command to encrypt the file. In addition, the command CKCMD GET —CKDRM —PLAY —KEY is used to decrypt a specific file key from this engine to this host. Moreover, this command must be issued before each C nt n Ke Ky y Digital Rights Management (CKDRM) play dialog. This host cannot assume: the media and the file will have the same key each time it is played. Then the content of this file (which is stored in a form that can be decrypted by using this playback dialog) can be obtained using the command CKCM ^ -PLAY. CKCMD GET —DRM —COPY: Check the copy permission of the third party digital rights management (TPDRM), and establish a playback session. Otherwise this = the third party digital rights management (TPDRM) copy count is decremented as needed. "Table 25: Command Start Value Description of Register Name Control Register FUNCH0N —C0DE = 01 丨 Reset the byte count index to

Page 124 583568 V. Description of the invention (119) Low byte byte count register CKCMD —GET —DRM —COPY —SIZE command packet size control register FUNCTION _C0DE = 001 start command Table 2 ： Command packet Byte shift field name type description 0 HostCmdU8 Command code lDfsSubCmdU8 Command code 2: 3ReservedU16 Reserved 4: 7 SourceFileDFSHANDLE File 8 to obtain this key 8: 23EssesionKeyWRAPPED —KEY Current Security Dial Key Table 27: Data Transfer (by Engine to host) Byte shift field name type description 0: 15EPlayKeyAES—KEY Play session key for a specific file 16: nRevocationList Related to this file CKDRM revocation list CKCMD-GET-DRM-COPY This command will require a current security dialogue. In addition, only hosts that have the third-party digital rights management (TPDRM) copy command method permission can access the CKCM]) —get a DRM —COPY command. Subsequently, S u r c e F i 丨 e must specify an unlocked file. The source file must have one of the following statuses, including: a non-zero third-party digital rights management (TPDRM)

Page 125 583568 V. Description of the invention (120) counts, a free copy status of a third-party digital rights management (TPDRM), and a first-generation third-party digital rights management (TPDRM) copy status without an upper limit. CKCMD —GET —DRM —COPY The parameters and settings required by this command include: HostCmd, which is set to DPICMD_CK_COMMAND, CkSubCmd, which is set to CKCMD_GET_DRM_COPY,

SourceFile, which is the DataPiay File System (DFS) disposition and EsessionKey, of the file to obtain the key, is the current secure dialog. The field Epl ay aKey is the playback session key that uses this secure session key for encryption. This playback session key is exclusive to the file designated by sourceFile. That is, this play dialogue record is the key used to encrypt the content in the subsequent CCKMD-PLAY command of SourceFile. In addition, RevocationList is the revocation list of this file. CKCMD —GET —DRM —COPY This command is used to get the key of a file. The command CKCMD_GET_DRM_COPY is used in the copy method of Digital Rights Management (DRM). If the digital rights management (DRM) copy count value associated with this case is not zero, the digital rights management (DRM) copy count will be decremented and rewritten into the media before the order is completed. The CKCMD_GET_DRM COPY command is applied during the digital rights management (DRM ~) method to obtain a playback session key, which can be stored with these contents via a ckcmd-PLAY command. In addition, the revocation list of this file can also be obtained through this and must be transmitted when the content is imported into ContentKey Digital Rights Management (CKDRM). if

Page 126 583568 V. Description of the invention (121)

SourceFi 1 e has a free copying state of cntentKey digital rights management (CKdrm), and the resulting copy will also have a free copying state of cnntentKey digital rights management (CORM). Otherwise, the obtained copy will not have ConntentKey Digital Rights Management (CKDRM) copy permission. Provided SourceFiie has a third-party digital rights management (TPDRM) free copy status or an unlimited first generation

ContentKey Digital Rights Management (CKDRM) copy status, the third digital rights management (TPDRM) copy count will remain unchanged. Otherwise, if the third party digital rights management (TpDRM) copy count is not f ", the engine will decrement the third party digital rights management (TPDRm) copy count and decrement the third party before the command is completed Digital Rights Management (TPDRM) copies the count back to the media. therefore,

The transmission of the Ep lay Key will be accompanied by the decrement of the third party digital rights management (TPDRM) copy count.

CjCMD_GET_METADATA: Check the permission to read the security metadata, and transfer the security metadata proprietary to the second party and the host from this media to these two machines. ^ Table 28: Command start register name and value description FUNCTI 0 N — C 0 DE = 0 11 Reset the byte count index to 4 low byte and 70 count register CKCMD — GET — METADATA — SIZE command seal size ^ control register FUNCTION a CODE = 001 start command

Page 127 583568 V. Description of the invention (122) Brother 29 Table: Command packet byte shift field name type description 0 HostCmdU8 Command code lDfsSubCmdU8 Subcommand code 2: 3ReservedU16 Reserved 4: 7AssociatedFileDFSHANDLE File processing related to the metadata 8: 23EssesionKeyWRAPPED KEY Current Security Dialogue Table 30: Data Transfer (from Engine to Host) Byte Shift Field Name Type Description 0: η — IMetadata metadata related to a specific file and host; n bytes CKCMD —GET —MET AD AT A This command is operated during a current security session. In addition, only the host that has permission to read the secure metadata method can access the CCKMD_GET_METADATA command. SourceFile must specify an unlocked broadcast. SourceFlie must specify a file with metadata specific to the value of this host's Metadataldentif ier field. The parameters and settings required for this command include: HostCmd, its settings

DPICMD-CK-COMMAND, CkSubCmd, which is set to CKCMD

Page 128 583568 V. Description of the Invention (123). See CKCMD—AUTHENTICATE for more information,

Metadata is the metadata of this securely stored file. In addition, this metadata can be limited to each host and each file has 24 bytes. In addition, the command CKCMD_GET_METADATA can also return third-party, host-specific security metadata associated with a file. The returned metadata can be written by the host and the last CKCMD —SET_metadata command of the file. If no such order has been issued, the files and metadata pre-recorded by the host will be returned. In one example, this engine doesn't know the answer in any way. In addition, this metadata can only be accessed by the current security pair, a meta-asset bank, and only the metadata of a specific host can be entered into the host of CKCMD —PLAY: In an established playback dialog, it will be ordered access. The engine is transferred to this host. The entire contents are listed in Table 31. · Command Start Register Name and Value Description Control Register FUNCTION —CODE = 〇11 Reset Byte Low Byte | Index to Byte Count Register CKCMD — PLAY — SIZE Command packet control register FUNCTION_CODE = 〇〇1 Start command size Table 2 ： Command packet byte shift block name type description OHostCmdU8 command code lDfsSubCmdU8 command code

Chapter 129

583568 V. Description of the invention (124) 2 ·· 3PlayOptionsU16 play options. Please refer to the special coding procedures. 4: 7PlayFileDFSHANDLE File to be played 8: 15ByteOffset U64 Byte shift within the file to be played 1 6 · 2 3ByteCount U64 Number of bytes to be transferred 24: 3 9 £ 86 53: 1〇111 ^ 7 ¥ 1 ^ ?? £ 0-1 (£ ¥ current security dialogue gold 40 · 55EP 1 ayKeyAES-KEY current playback dialogue gold, ... Table 3 3: Play option encoding byte shift field name description 0PLAY-STREAMING0 = normal playback; Interruption 1 = sequence playback when playback error occurs; 1PLAY—TO—EOFO = interruption when playback error occurs; interruption when reaching the positioning tuple count = playback to the end of the file; ByteC〇unt in the command packet is ignored Block 2: 1 5 is reserved according to an embodiment of the present invention, this command is to operate during a current secure conversation. In addition, only digital rights management (CKDRM) playback or digital rights management ( DRM) Only the host permitted by the copy method can access the CCKMD-PLAY command. Pi ayF 1 1 e must specify an unlocked file. In addition,

Pl ^ Fi l ^ e must also specify a file with a Datapiay file system (dfs can continue to retrieve files that can be used in the afternoon. In addition, p 1 丨 1 e must also specify a Content Rights digital rights management (CKDRM) playback or digital rights Tube 583568

Management (DRM) copying a licensed slot. In this method of CKDRM (CKDRM) playback, the received content may not need to be stored; in addition, in this digital rights management (DRM) copy method, the received content needs to be stored. The parameters required for this command include: HostCmd, which can be set to

DPICMD-CK-COMMAND, CkSubCmd, which can be set to CKCMD PLAY, Play 〇ptions, which are options for this command. In addition, ~ PlayFile is the datapiay file system (dfs) for file access, and Byt e0 f f se 1: is the position where you want to start the transfer operation in this project. Due to the encryption action of this file, the value of gyte〇ffset can be a multiple of sixteen. In one embodiment of the invention, this value must be a multiple of sixteen. In addition, ByteCount is the number of bytes to be transferred. if? 1 ^^ — 0— £ (^ This bit can be confirmed in 10: 00131; 10115, then this block is odd to ignore; otherwise, ByteCount must be a multiple of sixteen. ESessionKey is the current secure session key. Please refer to CKCMD-AUTHENTICATE for more information. EplayKey is the playback session key of the file specified by PlayFile, which is used to perform encryption operations using this secure session key. This value can be used with This engine returns the same value in the EP 1 ayKey block of a command before the same eaves. For this Content Key Digital Rights Management (CKDRM) playback method, the previous command is CKC. —CKDRM—PLAY—KEY. For the Digital Rights Management (DRM) copy method, this previous command is CKCMD—GET—DRM—c0pY.

Page 131 583568 V. Description of the invention (126) In addition, the returned data is the content of the file, which is the encryption action using the playback session key. CKCMD —PLAY is used to return the content of this file, which is used to encrypt the playback dialogue record. In addition to content encryption, the CKCMD-PLAY command is functionally equivalent to DSF-READFILE. Please refer to the DataPlay File System Command Specification for a complete description of these options and end-of-file behavior. CKCMD_RECORD —APPEND: Check the ContentKey Digital Rights Management (CKDRM) license and transfer the secure content from a host to the end of a file. Table 34: Command start register name value description Control register FUNCTION _C0DE = 011 Reset byte count index to low byte byte count register CKCMD _REC0RD _APPEND _SIZE command packet size control register FUNCTION _C0DE = 001 Start Command Table 35: Command Packet Byte Shift Field Name Type Description HostCmdU8 Command Code lDfsSubCmdU8 Command Code 2: 3Record0ptionsU16 recording options. Please refer to the encoding procedure. 4: 7RecordFileDFSHANDLE

Page 132 583568 V. Description of the invention (127) 8: 1 5By teCountU64 Number of bytes to be transferred 16: 31ESessionKey WRAPPED—KEY current security dialogue gold 32: 47ERecordKeyWRAPPED KEY current record dialogue gold record Table 3 6 : Record option encoding byte shift field name description ORECORD_FOREVERO = record is normal; transfer the number of bytes specified by ByteCount 1 = always record; ignore Byte C 〇unt this field 1 ·· 1 5 reserved

The command CKCMD_RECORD_APPEND, in one embodiment of the present invention, will require a current secure session. In addition, only the host that has permission of the ContentKey Digital Rights Management (CKDRM) recording method can access the CCKMD —RECORD —APPEND command. In addition, Re dFile must specify a file with ContentKey Digital Rights Management (CKDRM) records and DataPlay File System (DFS) write permission. This file can be locked or unlocked.

The parameters used in this command include: Host Cmd, which can be set to DPICMD_CK_COMMAND, CkSubCmd, which can be set to CKCMD_RECORD_APPEND, RecordOptions, which are options of this command and are based on a Rec. rd 〇pti ο ns code the form described in the action, RecordFile, which is the DataPlay slot system (DFS) to access the slot case, ByteCount, which is the number of bytes to be transferred

Page 133 583568 V. Description of Invention (128), however, if the bit RECORD _FOREVER can be confirmed in Rec 0rd 0 pti ο ns, this field can be ignored, ESessionKey, which is the current The secure conversation record, ERecordKey, is the current record conversation key, and can use the engine's protocol key to perform encryption operations. In one embodiment of the present invention, all examples of this command can use the same recording session key, and the recording session key must be the same as the recording session key of the command CCMMD —CREATE —FILE that generated the file. Match each other. In addition, the received information is the content of the file to be added. Furthermore, this data will at least be encrypted using this recorded conversation surplus. According to an embodiment of the present invention, the CCKMD_RECORD_APPEND command is used to add content to the end of the specified file. In addition, the function of the CKCMD _REC0RD _APPEND command is exactly the opposite of the command of CKCMD _ PLAY. The function of the CKCMD _REC0RD _APPEND command is roughly equivalent to 0? 80110 _? {? 1 丁 £ _4 ?? £ 0, except for the method of data encryption. CKCMD_SET_KEYBOX: The key box for transferring a specific file by this host. This key box is used to provide the key to unlock the data, and can be linked to this media if the content is pre-recorded. Table 3 7 ·· Command start Register name value description Control register FUNCTION _C0DE = 011 Reset byte count index to

Page 134 583568 V. Description of the invention (129) Low byte byte count register CKCMD —SET —KEYBOX —SIZE command packet size control register FUNCTION_CODE = 001 Start command younger table 38: Command packet bit Group displacement field name type description 0 HostCmdU8 command code lDfsSubCmdU8 secondary command code 2: 3ReservedU16 reserved 4: 7AssociatedFileDFSHANDLE file related to KEYBOX Table 3 9: Record option encoding byte displacement field name type description 0: nKeyBox slot key The box must have a current secure conversation here. Any host can access the command CKCMD —SET_KEYBOX.

Assoc iat edFile must specify an unlocked file and cannot have a key box or ContentKey Digital Rights Management (CKDRM) metadata. The parameters required for this command include: HostCmd, which is set to

DPICMD-CK-COMMAND, CkSubCmd, which is set to CKCMD-SET-KEYBOX, Assoc iatedFUe, which is related to the KeyB0x case.

Page 135 583568

DataPlay File System (DFS) disposal, KeyBox, is a spare box for files specified by AssociatedFile and destinations specified by CKDRMId. The XI commands are used to explain: the engine is used to write the key box to the media and associate the key box with a specific file to allow the slot of the ContentKey Digital Rights Management (CKDRM) method to be licensed The case can be launched. CKCMD_SET_METADATA · Check the permission to write secure metadata, and transfer the third party, host-specific security metadata from this host to this medium. Table 40: Command Start Register Name Value Description Control Register FUNCTION_CODE = 011 Reset Byte Count Index to Low Byte Byte Count Register CKCMD_SET_METADATA_SIZE Command Packet Size Control Register FUNCTION _C0DE = 001 Start command brother 41: Command packet byte shift field name type description HostHost CmdU8 command code lDfsSubCmdU8 secondary command code 2: 3ReservedU16 reserved 4: 7AssociatedFi leDFSHANDLE metadata related files

Page 136 583568 V. Description of the invention (131) 8: 23ESessionKeyWRAPPED KEY Current secure session key Table 42: Data transfer (from host to engine) Byte displacement field name type description 0: η — IMetadata and a Security metadata associated with a particular file and host; n bytes must have a current security conversation here. In addition, only hosts that have permission to write secure metadata methods can access the command aCKCMD —SET — METADATA. assoc iatedFile must specify an unlocked file. In addition, AssociatedFile may already have metadata specific to the metadata of this host. The parameters required for this command include: HstCmd, which is set to

DPICMD_CK_COMMAND, CkSubCmd, which is set to CKCMD_SET_KEYB0X, AssociatedFile, which is the DataPlay slot system (DFS) disposal, EsessionKey, which is the current security dialog key. Please refer to "]!) -AUTHENTICATE for more information. In addition, Metadata is the metadata stored in the secure host and related to this eaves. CKCMD-SET-MET AD AT A This command is CKCMD GET Complementary function of the metadata command. This command is used to write digital rights management (DRM) or host-specific security metadata into a Da taP 1 ay media for a specific case. The received metadata will be here. Host

583568 V. Description of the invention (132) and subsequent follow-up of the CKCMD —GET —METADATA command of the broadcast case, the media body is used, and the host computer is responsible for the metadata. If the AssociatedFile already has metadata specific to this host Metadataldentifier value, it will use this new metadata to perform the replication action. This engine is used to write this metadata to this media file and to this specified file and this current secure conversation. In addition, the engine does not interpret this action in any way. In addition, this secure metadata can only be passed through the ^ master in the current secure conversation, machine ContentKey Digital Rights Management (CKDRM) certificate

The host specified by the Metadataldentifier field performs an access operation. CKCMD_UNLOCK_FILES: Check the unlock permission of the Content Key Digital Rights Management (CKDRM) and unlock the eaves case. Table 4 3 ... Command Start Register Name Value Description Control Register FUNCTION_CODE = 011 Reset Byte Count to Distinguish Low Byte 卞 to Byte Count Register CKCMD — UNLOCK —SIZE command packet size control register FUNCTION_CODE = 001 start command Table 4 · command packet byte shift field name type description 〇H〇stCmdU8 command code

Page 138 583568

lDfsSubCmdU8 command code 2: 3FileC〇untU16 The number of files to be unlocked, η. 4: 7ReservedU16 〔2〕 Reserved 8: 23EunlockKeyWRAPPED_KEYEkeyComplement Encrypted Knife 24: 39EmediaIdU128 Public and unique media identification Ma 40: 59DataMacMAC Data transfer message authentication code Table 45: Data transfer (from host to engine) Byte shift Unit name type description

0 .24n — lFileSetFILE — SET [η] A list of columns to be unlocked Table 46: F ILE —SET data structure byte shift field name type description 0: 3HandleDFSHANDLE File to be unlocked 4: 23EKeyComplementU160 of this file Complement of the key set

There must be a current security dialogue here. In addition, only hosts with ContentKey Digital Rights Management (CKDRM) unlocking method permission can access the CKCMD —UNLOCK —FILES command. In addition, the Handle block in the FileSet list must also specify a file and must have metadata for the Conttent Key Digital Rights Management (CKDRM).

583568 5. Description of the invention (134) The parameters required for the CCKMD_UNLOCK_FILES command include: HostCmd, which is set to DPICMD_CK_COMMAND, CkSubCmd, which is set to CCKMD_UNLOCK_FILES, FileCount, which is the The number of unlocked podcasts and EunlockKey are encrypted records of unlocked gold and encrypted Golden Yu complements to form EkeyComplement values,

Emedia, which is the encrypted media identification code, and DataMac, which is the message authentication code for this data packet. In addition, F i 1 eSet is used for calculation. F i 1 e Set is an array of unlocked file identifiers. The number of items is the value specified by FileCount, and each item is a FileSet. The component and Handle fields are for the DataPlay File System (DFS) disposal of the files to be unlocked,

The EkeyComplement field is this file, that is, the complete key box does not exist. This bit is used to provide the rest of the gold for decrypting this file. EkeyComplement is the complement value that uses the engine's public action. The complement of the key group (also on the media, and this key box), and the amount of money used for encryption CKCMD-UNLOCK-FILES This command is used to unlock a group of files. Here, the two engines must be able to start a secure session, and this host must have a ContentKey Digital Rights Management (CKDRM) ', and must have a successful CKCMD, UNLOCK_FILES command, and eight lock permissions. . In the key box used to complete each file, the engine is unlocked. Change its attribute from locked state to encryption algorithm

Page 140 583568 V. Description of the invention (135) The above methods of these third party digital rights management (TPDRM), ContentKey digital rights management (CKDRM), and Da taP I ay slot system (DFS) are based on the use of encryption algorithms To implement. The way these cryptographic algorithms are applied in these methods depends on the requirements of the design. Therefore, the encryption technology described in the specification is used as an example of the present invention. The number of bits applied to the encryption technology is a function related to the available bit space and cost efficiency. In one embodiment of the invention, the Advanced Encryption Standard (AES) function can use a 128-bit key. This public key encryption can be elliptic curve encryption, or another type of encryption method. @ 法 ， 金 的 's key will ask for clear: The method of golden key (AES) (AES) is transmitted in this method. The use of the first advanced tea test agContentKey digital rights management (CKDRM) key addition is applied in these unlocking (UNLOCK) methods ^. For example, the method of CCKMD_UNL0CK_FILES is discussed. Therefore, one embodiment of the present invention is to use the supplementary L-Kenna to transmit in the ^ bit. This entry / Λ uses no unlocking key and works with an advanced encryption standard == solution 2. As for the other stops of this advanced encryption standard, it includes the unlocked (UNL〇CK) statement. · Media ID and Emedia ID field. It is used to explain :::: Don't have 2 kinds of 彳 ⑽-UNLOCK-F 1LES. In addition, the second code of this body is to be encrypted in the EmediaId block; ^ Don't drink it-a secure dialogue Key, Encryption Standard (AES) Gold: Encryption and decryption action, as this 583568

The message authentication code, CommandMac, DataMac, and RevOcatiOnMac can also be applied in the method of unlocking, and can also be applied in the method of CCKMD_CREATED_FILE. In particular, the message clock codes are transmitted in the blocks of CommandMac, DataMac, and RevocatiOnMac. In addition, this message authentication code can also be generated by using a secure hashing algorithm 1 (SHA — 1) message authentication code (MAC) function. Furthermore, the key of this message authentication code () function is the current secure conversation key. Playback is added to the inner valley, and is applied to CCKMD-PLAY of this c 0 n t e n t κ e y Digital Rights Management (CKDRM) method. In particular, the playback pair content can be transmitted in the data transfer phase of the CCKMD-PLAY method. In addition, the inner valley can also play the conversation key, and use the Advanced Encryption Standard (AES) to perform encryption and decryption operations, just like the Advanced Encryption Standard (AES) gold record. Encryption for playing and encryption is applied to this Connent Key digital rights management

(CKDRM) of CKCMD-GET-CKDRM-PLAY-KEY, CKCMD-GET-DRM-COPY, and CKCMD-PL AY. In one embodiment of the present invention, the playback session key may be transmitted in the EplayKey field or another appropriate stop. In addition, the playback session key can also use this secure session key to perform encryption and decryption using the Advanced Encryption Standard (AES), just like this Advanced Encryption Standard (AES) key. For the encryption of recorded conversation content, this ConntentKey digital rights management (CKDRM) uses the method CCKMD-RECORD-APPEND. In addition, the recorded conversation content can also be found in CCKMD —RECORD —APPEND

Page 142 583568 V. Description of the invention (137) The data is transferred in the phase of data transfer. Moreover, this content can also use this secure conversation key to perform encryption and decryption using the Advanced Encryption Standard (AES), just like this Advanced Encryption Standard (AES) key. Similarly, for record conversation key encryption,

ErecordKey, this ContentKey Digital Rights Management (CKDRM) is a spear. J uses CKCMD_CREATE_FILE and CKCMD_RECORD_APPEND. The gold record of conversations is transmitted in the niches of Ere cor dKey. For an embodiment of the present invention, the record dialogue gold is encrypted with the public key of the engine as the public key and using the public key encryption function. The public key is a Content Key Digital Rights Management (CKDRM) certificate from this engine. In addition, the encrypted record conversation key can be decrypted by using this engine's private key corresponding to the engine's protocol public key and using this private key decryption function. For secure session key encryption, the Essi ο η Ke ey field is applied to these ContentKey digital rights management (CKDRM) methods, which include: CKCMD_AUTHENTICATE, CKCMD_CREATE_FILE, CKCMD_GET_ CKDRM — COPY, CKCMD — GET — CKDRM — PLAY — KEY, CKCMD — GET — CKDRM — ID, CKCMD — GET — DRM — COPY, CKCMD — GET — METADATA, CKCMD — PLAY, CKCMD — RECORD — APPEND, CKCMD — SET — METADATA, and CKCMD — UNLOCK_FILES. In addition, the security dialogue gold record can be transmitted in the E s e s s i ο η K e y field.

Page 143 583568 V. Description of the invention (138) Action This female pair of living gold is based on the agreement public key of this host as the public record, and uses the public key encryption function to perform the encryption action. Yu Nai is the ConttentKey digital rights officer (CKDRM) certificate from this host, which is used for the current secure conversation. In addition, the encrypted secure session key can also use the private key corresponding to the host agreement public record, and use the private key decryption function to perform the decryption operation.

For unlocking encryption, an embodiment of the present invention is CCKMD_UNLCK with this ContentKey Digital Rights Management (CKDRM) method

A FILES, using these EunlockKey blocks. For this method, 5 ′ these unlocked gold balances are transmitted in the EulenckKey field. For an embodiment of the present invention, the unlocked golden balance is the public key of the engine as the public key, and the public key encryption function is used to perform the encryption operation. In addition, the public key can come from the ContentKey Digital Rights Management (CKDRM) certificate of the engine. The encrypted unlocking key is a private key of the engine corresponding to the public key of the engine agreement, and a decryption function is performed using the private key to perform a decryption operation.

Furthermore, an embodiment of the present invention includes a clear routine having the following code, and a person skilled in the art can also obtain any other code that does not conflict. The following clear routine is used as an example of non-conflicting codes. … / _ _ _ _ _ _ _ _ __________ / · —— —— ——_ —Simple Type Definition — — _________. ^

Page 144 583568 V. Description of the invention (139)

---------------- * / // CKDRM standard type definitions and bit mask definitions. // Cer ti com types (sb — Publickey, sb — SignatureECDSA) are defined in Cert i com headers.

TYPEDEF (U128, AES_KEY); // a 128 —bit AES key TYPEDEF (U160, MAC); // a 160 -bit Message Authentication Code EXPOSED_METHODS definition, methods exposed by CKDRM TYPEDEF # de fi ne Certificate. (U16, EXPOSED— METHODS); HOST_CKDRM_COPYOXOOO! / / B it 0 # de fi ne HOST. — CKDRM _PLAY0X0002 / / b it 1 # de fi ne HOST. _DRM_ COPY0X0004 / / bit 2 # de fi ne bit 3 # de fi ne bit 4 # de fi ne HOST. —READ 1 —SECURE —METADATA0X00 08 / HOST. —WRITE _SECURE_METADATA 0X0010 HOST. — CKDRM _RECORD0X0020 / / bit 5 # de fi ne HOST. — CKDRM _UNLOCK0X 0 040 / / bit 6 CKDRM_STATE permission, CKRM

Page 145 583568

5. Description of the invention (140) and attribute flags. TYPEDEF (U16, CKDRM _STATE); # de fi ne FILE. _CKDRM —COPY _FREELY0X0001 / / bit # de fi ne FILE. — CKDRM _LOCKED0X0002 / / bit 1 # de fi ne FILE . —CKDRM _PLAY0X0004 / / bit 2 #def ine FILE. —DRM_ COPY — FREELY0X0 0 0 8 / / bit 3 # de fi ne FILE. — UNLIMITED — FIRST — one GENERATION — _CK — COPIESOXOOIO / / bit 4 # de fi ne FILE UNLIMITED FIRST GENERATION DRM CQPIES0X0020 bi 氺

Constants

氺 # def i ne CPICMD. _CK_ _COMMAND0X10 // CKDRM sub — command opcode definitions. # De fi ne CKDRM — _AUTHENTICATE0XF2 # def i ne CKDRM — .CREATE _FILE0XF3 # de fi ne CKDRM — • GET — —CERTIFICATE 0F iXF — GET _ —CKDRM _COPYOXF5 # de fi ne CKDRM — _GET_ —CKDRM _ID0XF6 # de fi ne CKDRM — _GET_ —CKDRM —PLAY —KEY0XF7 # de fi ne CKDRM GET DRM COPYOXF8 Page 146 583568 Description of the invention (141)

# de fi ne CKDRM. —GET _DRM __PLAY _KEY0XF9 # de fi ne CKDRM. —GET—METADATAOXFA # def ine CKDRM— —PLAYOXFB # de fi ne CKDRM— _RECORD_APPENDOXFC # de fi ne CKDRM— _SET _KEYBOXOXD # de fi ne # de fi ne CKDRM— —UNLOCK FILESOXFF / * ------------------ General CKDRM Data Structures ---------------* // // CKDRM Certificate typedef struct {// Bytes U16CAIdentifier; // 0: 1 U16CertificateFormatVersion; // 2: 3 U16CASignaturePublicKeyId; // 4: 5 U16CryptographyVersion; // 6: 7 EXPOSED_METHODSExposedMethods; / / 8: 9 U16Reservedl 〔3] ; / / 10 ·· 15 U16C〇mpany; // 16: 17 U16Division; // 18: 19 U16ProductLine; // 20: 21 U16Model; / 22: 23

Page 147 583568 V. Description of the invention (142) U16Revision; // 24: 25 U16MetadataIdentifier; // 26: 27 U16Reserved2 〔2〕; // 28: 31

Sb_Pub 1icKeyCompanySignaturePub1icKey; // 32: 77 Sb_SignatureECDSACASignature; // 78: 121 U128DeviceIdentif ier; // 122: 137 Sb_Pub 1icKeyProtoco1 Pub 1icKey; // 138: 183 Sb_SignatureECDSACompanySignature; /}: // Bytes U8HostCmd // 0, value = DPICMD_CK_COMMAND U8CkSubCmd // l, value = CKCMD_AUTHENTICATE CKDRM_CERTIFICATE_C0MMAND_PACKET // 2: 241} CKCMD —AUTHENTICATE —COMMAND—PACKET; // REC_MD_Definition value = DPICMD_CK_COMMAND U8CkSubCmd; // 1, value = CKCMD_CREATE_FILE U16RevocationByteCount; // / 1: 3 DFSHANDLEParent; // 4: 7 CKDRM__STATECKDRMState; // 8: 9

Page 148 583568 V. Description of the invention (143) U8CKDRMCopies; // 10 U8DrmCopies; // 11 U16Reserved [2]; // 12: 15 AES_KEYESessionKey; // 16: 31 AES-KEYERecordKey; // 32: 47 MACRevocationMac; / / 48 ·· 67 MACCommandMac; // 68: 87 DFSNAMEName; // 88: n + 87} CKCMD _CREATE _FILE _C0MMAND _PACKET; // CKCMD_GET _CERTIFICATE definitions typedef struct {/ / Bytes U8HostCmd; // 0, value = DPICMD_k_COMMANDmd8 // 1, value = CKCMD_GET__CERTIFICATE} CKDRM_GET_CERTIFICATE_COMMAND_PACKET; // CKCMD _GET _CKDRM _C0PY definitions typedef struct {/ / Bytes

U8HostCmd; // 0, value = DPICMD_CK_COMMAND

U8CkSubCmd; // 1, va 1 ue = CKCMD_GET_CKDRM_COPY U16Reserved; // 2: 3 DFSHANDLESourceFi le; // 4: 7 U256CKDRMId; / / 8: 39 AES_KEYESessionKey; / / 40: 55

Page 149 583568 V. Description of the invention (144)} CKCMD —GET—CKDRM —COPY —COMMAND —PACKET; // CKCMD_GET_CKDRM_ID definitions typedef struct {/ / Bytes U8HostCmd; // 0, va 1 ue = DP I CMD-CK— COMMAND U8CkSubCmd; // 1, value = CKCMD_GET_CKDRM_ID U16Reserved; // 2: 3 AES__KEYESessionKey; // 4: 19} CKDRM —GET—DKDRM — ID —COMMAND —PACKET; // CKCMD_GET_CKDRM_PLAY_KEY definitions typedef struct { // Bytes

U8HostCmd; // 0, value = DPICMD_CK_COMMAND U8CkSubCmd; // 1, value = CKCMD_GET_CKDRM_PLAY _KEY U16Reserved; / / 2: 3 DFSHANDLEPlayFile; / / 4: 7 AES _KEYESessionKey; // 8: 23} CKCMD__D_________ {/ / Bytes

U8HostCmd; // 0, va1ue = DP ICMD_CK_COMMAND U8CkSubCmd; // 1, value = CKCMD_GET —DRM_COPY

Page 583568

V. Description of the invention (145) U16Reserved; / / 2: 3 DFSHANDLESourceFile; // 4: 7 AES—KEYESessionKey; / / 8: 23} CKCMD_GET_DRM_COPY_COMMAND_PACKET; // CKCMD _GET__METADATA definitions typedef struct {/ / Bytes U8HostCmd; // 0 value = DPICMD U8CkSubCmd; // 1, value = CKCMD U16Reserved; // 2: 3 DFSHANDLEAssociatedFile; // 4: AES__KEYESessionKey; // 8: 23} CKCMD _GET _METADATA _C0MMAND // // CKCMD _PLAY definitions typedef struct {/ mds UByte // 0, value = DPICMD U8CkSubCmd; // 1, value = CKCMD

_CK_ GET

COMMAND METADATA PACKET;

CK —COMMAND PLAY «U16Play0pti〇ns; // 2: 3, definitions below DFSHANDLEPlayFi le; // 4: 7 U64Byte0ffset; // 8: 15 U64ByteC〇unt; // 16: 23 AES__KEYESessionKey; // 24 · 39 see bit field

Page 151 583568 V. Description of the invention (146) AES—KEYEPlayKey; // 40: 55} CKCMD—PLAY—COMMAND—PACKET; // P 1 ayOp t ions bit fields. #Define PLAY_STREAMING0X0001 / / bit 0 #define PLA Y _TO _EOF 0 X 0 0 0 2 / / bit 1 // CKCMD__RECORD_APPEND definitions typedef struct {/ / Bytes U8HostCmd; // 0, value = DPICMD_CK_COMMAND U8CkSubCmd; // 1, value = CKCMD_RECORD_APPEND U16Record0ptions; // 2: 3, see bit field definitions below DFSHANDLERecordFile; // 4: 7 U64ByteC〇unt; // 8: 15 AES_KEYESessionKey; // 16: 31 AES—KEYERecordKey; // 32: 47} CKCMD_RECORD_APPEND_COMMAND_PACKET; // RecordOpt ions bit fields. #define RECORD_ / FOREVEROX001 bit 0 // CKCMD_SET_KEYBOX definitions typedef struct {/ / Bytes

Page 152 583568 V. Description of the invention (147) U8HostCmd; // 0, value = DP I CMD _CK _COMMAND U8CkSubCmd; // 1, value = CKCMD _SET _KEYBOX U16Reserved; // 2: 3 DFSHANDLEAssociatedFi le; // 4: 7 } CKCMD_SET_KEYBOX_COMMAND_PACKET; // CKCMD_SET_METADATA definitions typedef struct {/ / Bytes U8HostCmd; // 0, va1ue = DP ICMD_CK_COMMAND U8CkSubCmd; // 1, value = CKCMD_SET_METADATA U16Reserved; / / 2 · · 3 DFSHANDLEAssociatedFi le; // 4: 7 AES _KEYESessionKey; // 8: 23} CKCMD_SET_METADATA_COMMAND_PACKET; TYPEDEF (CKCMD —SET —METADATA —COMMAND —PACKET, sCKCMD _SET_METADATA _C0MMD_FILE_Byte_def_Bytes // Bytes_def_bytes; // Bytes_definition_Parameters} ; / / 0, value = DPICMD_CK_COMMAND U8CkSubCmd; // 1, value = CKCMD_UNLOCK_FILES U16FileCount; / / 2: 3 U16Reserved 〔2〕; // 4: 7 AES_KEYESessionKey; // 8: 23

Page 153 583568

U128EMediaId; // 24: 39 MACDataMac; // 40: 59

} CKCMD_UNLOCK_FILES_COMMA ND PACKET Method executed by a server 1 Another embodiment of the present invention is related to the interaction between the server and others (such as a player). Therefore, this secure electronic content system can include the interaction between the server and the host and the engine.

The security contents are unlocked and displayed. In addition, the above mentioned parties can also interact with ConterUKey Digital Rights Management (CKDRM), DatapUy (DFS), and Third Party Digital Rights Management (TpDRM) to perform content in a secure environment. Unlock 2 lines, please refer to Figure 23A, which is used to provide the server and host. A system architecture diagram of an embodiment of the interaction. For example, ^: Serving device (such as a digital information exchange feeding device 2394): It is: a communication connection initiated by. ,, Kushiro, 2 3 60 to interact with an electronic retailer, and, and Will be performed simultaneously via a Full Access < 2334 to a device connected to a personal computer (pc) 2398

The device connected to this personal computer (pc) 23 98 is to receive communication messages from server 2394 through a computer, Kushiro sword Λ device 2318. In the middle, a CKU client 2322 is used to receive this communication message. In addition, this :: 路 丨 刘 档 器 2318 further includes an electronic retailer (—M) 2354 I!: T dynamic webpage, which is used to receive the k number of an application server 54. The application server 2354, in an embodiment of the present invention, further includes a document markup language (HTML) and a graphic

583568 5. Description of the invention (149) User interface (GUI) generator object, _piece 2338, a consumer management object 2344, a pair of, less than 1 value 2346, a credit card authorization object 2348, a digital officer , Object server (DCS) interface 2352, and a database connection layer ;: parent to second server application server 2354 lightly connected to a number of databases 235 6 wrong this will be = 2356 and this application server 2354 is This electronic zero-beauty library J e-retailer (eTaUer) online store storefront 2: two and so on: 2362, and a dialogue and transaction information. The price is understood by the shell material warehouse, however, this electron; 1: 6T4: Guang Ru, who is familiar with this skill τ 丄-The poor material warehouse in the e-tail + e-tailer network merchant temple is based on Design requirements, and objects and databases. Please refer to the connection to a computer (pc) ^ device. As mentioned above, the connection to this personal channel 2334, the web browser in the car is through a secure access to a server, such as a digital information exchange server = 2394. This web page browser 2318 further connects to a universal serial bus through a secure access ^ driver 2316) driver: it will also assemble this universal serial ^ driver according to a secure access protocol ^ 2 31 2 is connected to a universal serial bus / B) port / sub-connected to a lead coupled to a device 2304 = 3 0 6. A device 2304 is coupled to the media. This universal sequence, rain bus (USB) driver 2312 is not only for securely accessing k 2323, but also for coupling to a _ page 155 583568 via a signal line 2313. 5. Description of the invention (150) Installable bidding system (IFS) 2314. The installable file system (IFS) 2314 is coupled to an automatic execution process 2328 (as described in the instruction manual) and a content management device 2326. The content management device is; to receive the signal of the installable file system (IF S) and the automatic execution processing 2 3 2 8, and also provide the content managed by the content management device 2 3 2 6 to this web browser器 2 3 1 8. This server 2 3 9 4 (which receives signals through signal line 2360 and signal line 2334 at the same time) is used to facilitate the use of Hyper File Transfer Protocol (HTTp) or other appropriate protocols in the network environment. Communicate with this e-tailer (eTailer) online store ^ 23 6 and a device connected to this personal computer (pc) 2398. The application server 2354 is coupled to the digital information. 3 = Ϊ IS Ϊ Line 2360 is used to receive an information exchange servo for an electronic retailer (eTailer) interface 2382 in 23 9 9 = bit = The server 2394 includes an information exchange server; the server 23 99. In addition, the t-monthly report exchange server 23 99 includes the eTailer interface 2382, so that 13 software packages can be ordered with a plurality of data. Database 2386, a consumer and electronic retailer eTaUer database 2388, a consumer database, a dialogue and transaction database 2392) for communication actions. The information exchange server 2399 also includes a backup # Weep a ^ =. This information exchange ™ 9 is;: = = Integrated heart-worn software. In addition, 2376 is also included in the integrated object 2376 == Page 156 583568 V. Description of the invention (151) or application program interface (AP I ) 2 3 7 8. The communication protocol object is coupled to a CKU original video production server 2368 and the package software database 2386 inside this information exchange server 2399. In addition, the CKU original video production server 2368 is It is located inside this content key server 23 74. The content key, server 2374 includes at least a key complement database 2370 and another easy database 2 3 7 2 which are respectively coupled to the original version of c κ υ Video production server 2 3 6 8. Furthermore, the original CKU video server 2 3 6 8 is further connected to a CKU server 2366, which is connected to the personal computer (PC) 23 98 through a signal line 2334. The co client 2 3 2 2 in the device performs a communication action. Figure 23B depicts a process from a creative perspective.

= ,: 230. . Box 231〇 is used to write content, borrow: use item ,: Valley Provider (which has a choice of solutions including secondary content in box 232; Enter this action to perform the original film production action on the media. If the unlocking on the media includes secondary content, then block 2350 will distribute the media content, then = 2 valleys. If this media includes secondary In the middle, there will be a key, which is locked in the block 2330; the original video production is made to get it. Therefore, there is a key supplement:! Output for each lock slot on this media- Installation software ^ Τ) That is, these key complements (with side two of the associated supply set 丨 :: DFS file processing, and media additions) can be collected in the box 234G and Wang Jin Key complement poor library, which can only pass through this page 157 583568

The original CKU video acts as a server for access. According to one embodiment of the present invention, the media device is set as a part of the original movie production program; change: "in the feeding embodiment, as a setting process of a feeding device and the media, in other practical tests Figure 24, which is a process: can pay a security database and a media hunt to indicate a film setting procedure. This information exchange service 4 material = media disc map is used to provide a setting a Type of information exchange; class: method of construction. In particular, 'this program is used by the 2240 private server to enable a content provider to collect in one': "Block 2404 is the" asset " And information procurement " procedures, ^ sequence (such as: map to this server. In this procurement procedure, there are = f of a new version of the content project, metadata information, and some of the complements include: Data (if required): =, news, and files linked to the type or category of the software package. Some of these contents are described in a specific embodiment, which can also include a Shida ^ In this Inventor (⑶dec). In addition, metadata information Include Arita companion / body-encoding description of any element of the content, such as: graphics or song ancient. In one embodiment, the "this metadata is clear-in other embodiments of the invention" The format can be: a structured format. The decision is made by the author. Furthermore, one embodiment of the present invention: Per-track or per-album is required to perform this data preservation one by one. Information refers to consumers and content; supply metadata. Rules. For example, this service can be managed in a magical way 583568 V. Description of the invention (153) Number one, Digital Rights Management (TPDRM) ) & c〇ntentKey Digital Principles (CKDRM) see the rules. In addition, this revocation list can be defined by —provider plus =, and can include a list of players to install, play, and play 1§ application Programs, and servers that have been discontinued. In addition, ^, two components received by a content provider will also include the == rule ⑽M) rule, in order to provide the relevant players with playback and replay ^ Cui Neli Valley restrictions. In addition, these digital rights management (DRM) rules can also include other details, so that the original film production process can understand the constructions that need to be initially locked. In addition, the cube lake also includes software U-information, 'how to determine the secondary content should be grouped', and how the secondary content should be presented to this user. Fang, 2-408 is about a writing procedure, which can be done by or second party. In particular, this writing procedure also includes: package all files received by a content provider according to a predetermined specification? Actions. In one embodiment of the present invention, the 'directory is created using the following materials, which include: Θ capacity file (encoded), directory structure, content management device, aut〇run inf, and contents.ddl 〇

The k inner valley official management devices include: files used to present content or media to consumers (such as an executable, it's your website, or some form defined by the content provider ^). The autommf is used to start the internal integration and management. This is stored in a common area for any digital edition management (DRM). In addition, this cnntents.ddi can also include a software package

Chapter 159

JOJJOO V. Description of the Invention (154) Notice and Storage Unit (SKlJ) One or more files. The early inventory (ZKU) of Zhuang Er can be referred to in the embodiment, but it is all = fixed, collected by software, an identification code (PCID) in the present invention. Another one, one or more advertisements on the side of the content, or media, packaged software collection can also include a packaged software collection: solid, relationship (for example, referring to a writing program includes Note: Box 24 1 0 is used to explain the relationship between some data description language volume memory files (MMF) files. The actions of the files are used to explain the content and assets. In addition, box 2412 is the county six a μ

), Used to start a writing program (such as the pre-recorded program system described in block 2408, including pre-recorded programs. In particular, this pre-2414 refers to the two ^^ 2414, 2416, and 2418. Flag einenuH1 The function 'of which is also called ^ library. Another ★, this is the e-ent.ddi file 石 / L set of software collection identification code. In this embodiment of the set of software collection identification, including a complete ㈣ two Private: a Tan case disposal, a gold record complement (which can be π &), and a key version. In addition, this pre-recorded second sequence further includes: transmitting a function of CDntents. D (H (which is generated in the writing sequence) along a file. This file jents · dd 1 241 6 and then, Enter to the next program (that is, a software program). The other part of this pre-recorded program 2412 is a DataPlay media original film production program, which is on page 160 583568 V. Description of the invention (155) 'File It is set on a magnetic tape. In particular, the file setting is generated in block 2418, which is an embodiment of the fundamental invention of performing storage and transmission actions on B. In addition, this original film production slot is also Can be located on another type of media. Each original film production refers to a single side on a media disc. According to the present invention—one and another, the block 2420 (shown in the figure) is a light access to this beyer J Co ^ knts · fdi block 2416 and this KeyC〇mp〇nent · block gold theory H:-T ^ 2420 especially refers to an original video production server cry # 1 ^ 疋 ^, which can also be called a digital intelligence cross Servo = again, y, there is data migration about the connection security database. The process of setting up the balance of the server is to load a table of the balance mapping database, so that these tables can / 1: Some 1 ^ 7 (: 〇1111) 01 ^ 1 ^. (1 (11 and .〇1 ^ 61 ^. (1 (11 file refers to Canton & D) for loading action. This Box 2418 (the original film production project setting on the tape) is connected to this pre-recording 2 (as shown in the figure). In particular, the original film production slot setting in a tape program 2418 ^ refers to : Generate one or more congratulations ^ Original movie "" If this media is a CD-ROM ... In this two other embodiments "The setting of this original movie production eaves will be set on the media type * The original film production process. In addition, in the two embodiments, the 'glass original film' is used to generate a two T '娀 Γ machine. Subsequently, the' stamp machine 'can be used to mass produce media, government or Supply for trading. Here, this war-printing program 583568 V. Invention Ming (156) 'is a manufacturing process. Please refer to Figure 25 and Figure 23B, which use a flowchart to explain a setting procedure to set up the e-tailer. Please refer to Figure 23B, the e-retailer (eTaUer) website store storefront 2396, as shown in the figure, includes an application server 2354 and a database 2356. Figure 25 is used to explain the setting action of this process. In particular, the process starts at block 2502. Subsequently, Fang 2504 is used to explain that the content provider package software system is set and a change program system related to the definition of a package software begins. This e-tailer (eTailer) usually requires a storage unit (SKU) collected by the package software for auditing and other purposes, and may also collect the identification code without using a package software (as described earlier). Furthermore, the identification code collected by the software package is transmitted to an e-retailer (eTaUer) through a global resource locator (URL), and the e-retailer (e T ai 1 er) will continue to hold the identification code 'Until it is transmitted to a digital information exchange server. In one embodiment of the invention, the e-tailer (eTailer) will discard the software package to collect the identification code. The content provider (as described earlier) will supply Contents.ddl (see Figure 24) and any graphics that will be part of the package presentation in blocks 2508 and 2506 to this e-retailer (ETailer). As shown in the figure, blocks 2506 and 2508 are coupled to block 2510, which is the e-tailer's software package and pricing setting and change procedure "pricing definition π. In particular, 'to be a content provider Available package software

ill

583568 V. Description of the invention (157)

Then, the e-tailer (eTailer) can set its pricing role. The details of using a software package, pricing, and software package to structure a database can be fully defined by an e-tailer (eTailer), and can also be used with an existing " shopping cart "and / or the electronic ETailer's catalog maintenance functions are consistent with each other. In addition to pricing, in one embodiment of the present invention, an electronic retailer (eTailer) can also choose to specify discount models and advertising specifications. For example, 'a customer You can choose a package software and match it with an advertisement suitable for this consumer. As shown in the figure, box 2 5 丨 〇 is coupled to the asset, ^ 2512, eTailer security database package software, pricing And the presentation form, that is: the end product of the eTai Ur database. The eTailer security database table shown in box 2512 is the software package and the poor in Figure 23β The material bank 2352, and may further include consumer information. Z 3 5 8 〇 f In addition to lock = a transaction. In particular, program 2_ is received at block 2610, black stand-by, and the supply is presented to a consumer. Block 2620 is used to pick up the two locks and pieces to unlock the action. . For example, 'a unlocked father-ease strain can θ ^ τ 2630 7¾ e% pieces to provide payment and / or statistics. The block key supplements the Bisexual Women ’s All-Party Channel (SAC)' to transmit This material is written into this Jf example. Then the engine will change to unlock state: to change the state of this content from the locked state

DESCRIPTION OF THE INVENTION (158) Please refer to FIG. 27, 2700. This user = indicates an example user interface: it includes a user network, the server generates, and decides not to use this media, so that the user can present if the user chooses to enter Some types of supply. As shown, this use == required, resulting in a note. As shown in the embodiment. In particular ^, Nai Yi used to start unlocking a transaction with a hyperlink: page Zhu: a: user interface 27. . It can also be-with the necessary information to enter &: The user points to an activation center, borrows In addition, on this webpage I also: enclosed hyperlink 273 °. Indicate 271. , Because the status of this interface is the same or interpreted. If there is a locked and unlocked file on this media, the purchase of a 2750 hyperlink will fix the file f to the locked state. For a file pointed to, this $ ^^ is given to a user. For unlocking so that the user can. = = = A hyperlink, borrowing this secure electronic content (SEC \ body-a selection fragment. The common tool component of a framework ^ The material ^ The fixed part is the production of several versions of the video 解: 解; ::: : "; It is a depositor-action to produce a secondary original video. Among them, an example of this secondary original is on this media. According to this hairpin platform, Fuding 'As a result, you have the flexibility to choose between the client and the field at the same time. In addition, according to a 583568 embodiment of the invention (159), these communication protocols can also support various business model locking and information exchange actions. It is mainly used to release and hold different components on different related components. Figure 2δ is an example of the second component, the connection relationship, and the port / elements. A broader view of the system, we ... Sub-content (SEC) As shown in Figure 28, this unlocking system includes an original movie production server crying information Shen., ^ ^ Beco library of an MJ service. In An implementation of the invention 'J' These faces connected to the database of the original film making feeder includes a key, number database 281., a transaction t database m., And one, only table 歹 J shell database 2 8 3 0. This original video production server 2 8 4 〇 is coupled to a web server 2850, which is further a full CKU server. The CKU original video production server 2840 can refer to a revocation list The check operation of the column is conducted by a certificate management center (CA) or other entity responsible for identifying the engine certificate and the CKU server certificate. In addition,

The CKU original video production server 2840 can also be responsible for safely transmitting the key complement from an original video production key complement database 2 8 i 〇 to these CKU servers 2 6 60, which can be transmitted to Engine 289 8. Therefore, a (2) feed server 2860 can be a server-side execution (1 ^ 111: 11116) object 'which is related to a web application server 2 8 5 0 and several databases 2870, 2880 , And 289 0 common tools to manage the part of this ContentKey unlocking action. In addition, the CKU server 2860 can also be hosted by any entity that needs these capabilities to use secondary content of ContentKey Digital Rights Management (CKDRM), such as :

Page 165 583568

V. Description of the invention (160) An information exchange partner (Reciprocal, DWS, Magex, etc.), rain seller's website, or DataPlay for trading and unlocking actions. ^ In addition, each CKU server 2860 can issue a unique ContentKey Digital Rights Management (CKDRm) certificate and a public-private encryption key pair, which can be used with this engine 2898 and this CKU original ^ reference production server 2840 Establish these security authentication channels (SAC). Furthermore ~ This CKU server 2860 can also be equipped with encryption function. For example, the CKU server 2860 may include the following functions, such as: Public Key Infrastructure (PKI), Advanced Encryption Standard (AES), Triple Data Encryption Standard (triple — DES), and Message Authentication Code (MAC) Algorithm. Furthermore, a random number generator (RNG) algorithm, such as an algorithm consistent with " Federal Information Processing Standards Document 140 (FIPS-14), " may also be appropriate. This web server 2850 is coupled to one or more databases according to the requirements of the system, such as a common brand component 2870 of a third party dealer, a poor supply database 2880, and a transaction database 289 〇. The CKU server 2860 is coupled to a client server 2896 and a webpage 2892 hosted by the client server 2896. This webpage 2892 is used to provide an interface for a user to communicate with other elements in the King's Sub Content (SEC) system. In particular, a host device 2894 holding an engine can also perform communication actions through this webpage 2892. Communication between these components can also be carried out through a standard TCP / IP protocol. Moreover, the user interface can also be presented to a browser through a browser and a web server 2850.

166 V. Description of the invention (161) The end user of the letter 1. : Familiar with: administrative and reporting tools may also be appropriate to include # MI 疋 to represent a supply database 2880, which can be exemplified by: daughter: the media disc recorded first 1, the secondary content available ( Information such as price, title, description, and so on. Parallel maintenance ^ ^ 2. Both the provider and the retailer can feed this database and include an exchange database 2890, which is used to provide information ; == Place where transactions are locked. In addition, some of the collected data may also be used by "an entity participating in the unlocked transaction value chain for payment of i; :: solid transaction database 2890 can also store transactions in progress 2850 ϊτ w ί In addition, these CKU servers 2860 and web servers * & 1 will request access to this temporary data. A user interface component database 2870 can also be used to create a server 2850 Customized brand web pages may include: tagging at the retailer level, and ": specific inventory units (SKUs) for media supply for individual tagging. The library key complement database 2810 may also include: unlocking Anatomy Film production media). In addition, each = counts a unique media side that is transmitted all over and stored with the media side content identifier (SCID) information corresponding to this media 583568

The access operation of a poor library also needs to be closely guarded. Because: the video production server can only access this area. 7 # Furthermore, this revocation database 2830 may also include information related to the revocation and revocation of CKU server certificates. This revocation /, in an embodiment of the present invention, is to ensure that only authorized participants can participate in this private sequence of unlocking in each transaction. The f father-prone materials warehouse 2820 can also record the CKU server 2860 and

A transaction between 2840 original cku video production servers. In one embodiment of the present invention, the cku original video production server 284 has exclusive access rights to each key complement database. In addition, the original CKU video production server 2840 may also be similar in structure to this CKU server 2860 and set an active, listening, and slot = received incoming connection state. This slot is used to accept the connection of the server 2860, and it is used to obtain the key complement to perform various operations for releasing.

FIG. 29 is an example of a program (which is started when a media disc is inserted into an engine 2952 through a personal computer (pc) 2950), in which the program is performed The clearinghouse web server 2960 presents a record label or retail brand website 2910 to provide supplies 2920, transactions 29 30, and unlocking content 2 940 'and the clearing house web server 2 96 is coupled to A transaction database 2980 and a supply database 2970. How is this media

Page 168 583568 V. Description of the invention (163) Pointing this engine to a specific website is a method according to an embodiment of the present invention. In particular, please refer to Figure 30. This media (such as DataPlay disc 3010) is available for purchase. Among them, the user may have paid for the main content 3020, and the secondary content 3030 may be available. Includes red, content 3 (M0. Or, one of the major and minor content OR; can also be locked or unlocked, which depends on the requirements of the two inner valley providers. For example, a content Provider can receive 2 charges: 1 'It has a minimum amount of unlocked internal $. Therefore :, a minimum amount of content. It can be started to play only-please refer to Figure 3 1 A, according to this cigarette Every day α, a number of institutions make purchases, such as / embodiments, the media can be used in the consumer can be shown in a 3D 2 ° in a main two-way.-And show this available content , Buy a pre-recorded disc, secondary transactions 31 40, shown in this block 31 30. In addition, a connection (which is coupled to 1 / in 3140 can be accessed through a variety of Internet A variety of supplies through which ^ engine), Optional execution is presented = Rong 31 51 performs the unlocking action of a security information clearing house 3150. Please refer to Figure 31B for this use. A user interface related to the user interface, and, in particular, a 3 0 〇. This automatic execution of disposal (disposal is used to execute the method disc) Insert a connection one by one 疋 responsible for detecting the media (such as: when it is detected that the media is inserted into the device = computer (PC) time To an engine and decide this: the state of the media will be connected since this self-executing disposal. This state can include 583568 V. Invention Description (164) includes: identifying the specific media and side, supply or sell to this consumer $. ^, If there is any content, you can check the user ’s system or; "I ’ve asked whether you have requested that you do n’t have to present this disc = why use X and say Z to have locked content. There are two or two examples through a consistent example of the ancient, the soil never & the moon :: refined to enable a user interface to pass through-an introduction :: 3 program for operation (Or when this auto-executing system is activated or selected by the user) to operate. Alternatively, it can also display menu options for this purpose. It includes the following options: play (pLAY), jump out (EJECT, PURCHASE ADD ITIONAL CONTENT), and leave (Ε χ i τ ). If there is locked content, the interface will determine in box 3 1 3 2 whether the user has previously requested not to see the different supplies of this media again. If so, this method will be used in Block 3 1 33 ends. If not, then block 3 1 4 2 will let this interface determine the side content code (Sc ID) and lock status flag of this media. Block 3 1 5 2 is used to connect the port Wang Qiuyinyuan Positioning | § (URL) 'such as: a C ο ntent Ke y Digital Rights Management (CKDRM) compatible unlock server address or associated server address, which can use the original video production process Take the recording to this media and send this information to this server, such as: through a sentence, a string in a global resource locator (URL). In other embodiments of the present invention, box 3丨 5 2 It is connected to a Universal Resource Locator

P.170 583568 V. Description of the invention (165) _) ”is recorded here according to the use of the original film making program 这个 = This recording using the original film making program is a time stamp (indicating-;: i 号 器 _Related *, for example, the lock-up dealer of this order to control the media, so that the media ^; pre-recorded "foreign = 2 is used to connect a global asset; J 位 器 (^ Solve;; mey Digital Rights Management (c_) compatible with the original video production program to record to this media. (Γ) ΤΛ ^ is connected to the other implementation examples of-Ming, block 3152 version video production: The locator (URL) is based on the use of the original original film system: Di: a =-a serial number. This time stamp (; :: ;; the number on the body can be-one hour). I ca n’t say a day of the original movie ^ (URL) f =: Γ :: It is helpful for the distributor of the pre-recorded media to borrow it; the method is related to the method including: Provide this supplier on page 171 Five i invention description (166) two have a global resource locator (url), or provide and external , A code associated with the URL source locator. In addition, '... ΐ ΐ The media disc is installed on a host video according to these instructions to install an identification code on this media. The disc k identification codes can be used to identify this supply: ★ Children and recording; a media disc is provided by this supplier; (including hidden content) ❸ an address of a supplier,: find An address related to this supplier, in #, this bit fish: the supplier of a media disc is 4, and is independent of any vendor that is not related to the media disc. The order for this media disc can be = disc has : Identify the actions of a supplier, # In this media, this vendor purchases: For example, this media disc can be listed with instructions' includes.-A code, a global cry, (URL), and this Vendor-linked one encryption key / Vendor-related-a part of an encryption key, which can be, respectively, or implied bit 4. In addition, a line according to this method; monthly includes this media disc Film instructions, and with this Body disc, related: two software installation elements, of which this software installation component can be installed on a host according to these instructions. This medium is that this software installation component can :::: 期 特-A code associated with this supplier! In the brackets and, this identification code is related to the supply bank == one μ Example address of the supplier, so that 583568 5. Description of the invention (167) :: J :: Each link can add "operation," to lock the web pages, and the disc storage content can be released to provide a selective library. # Each Internet location can also be released. The moon dagger can be accessed on the Internet. In another embodiment of the present invention, the method of another location is to use a media disc to write a part and a non-capable piece. What does it have at least? A method includes: in this second embodiment, this is to distribute one or more media discs to a part of the surface, and this position is used to connect the media discs to a continuum, wherein the volume, and If these media discs occur one or more actual conditions to change this position. This position is available, = work, according to the pre- (URL), and these predetermined conditions can be a market share of these entities. Change this bit to be completed by this or this content provider. To this end, this content 2 action can be performed by a media disc (including one or more media discs. After receiving this operation, the returned media are first The same or different entities that are magnetically dispersed and are changing. For example, this μ or one of these physical media discs is a lease contract, and the ζ solidification 1 action can be based on the unsold media discs. &Amp; The solid lease contract can also allow, in general, the content provider is through a contract, the dealer only needs to pay 隹 φ π, 〇C in this co-sold media to confirm the purchase price),

The videos that hold the content will be returned to these internal U dealers. In addition, unsold media discs are recorded media providers. In this embodiment, the holiness of the pre-content provider may or may not always identify a dealer or unlock action. URL (URL) 'This is related to this: the distribution of a pre-recorded media disc is now provided with a variety of supply = device (called a media dealer stamped in time can receive a serial number and / Or hour

The dealer is also ϊίϊίΐΓίΐ11 (URL). In addition, one of the other times of unlocking action = fine to identify the content — — a global resource locator (URL). In the present invention and the consistent target example, the global resource location cry of this master server () is the use of the original film making process by the water distance = with a serial number and time stamp. When the distributor returns one or more media discs to a content provider for re-distribution, the time stamp associated with the serial number is printed; to more clearly identify a group of media with the same serial number The disc, or this serial number can also be used to identify these media discs individually. ^ "These identified media discs can be redirected to the global resource locator of a second distributor by this distributor's global resource locator (URL)". Although it is accepted, it accepts multiple content providers and / or authorized distributors Instructions to identify the Global Resource Locator of the distributor associated with the serial number () said

URL (URL) or a generic global resource locator (URL).

583568

V. Description of the invention (169) 2 In another embodiment of the invention, each medium

The main server, and according to a market share = door _ 1U Du Quji >, poor hands re-pointing, so that the number of access to a global resource locator (url) of a dealer can be directly proportional to The market share this dealer holds. In block 31 60, if the green of this media does not have locked content, or if the user chooses to no longer see this media ^ supply, this interface will determine whether there is a written AUTORUN · INF on this media file.

If the user selects the PLAY option, block 318 will execute the PLAY method. This automated execution can result in a Global Resource Locator (URL) connection. Subsequently, a web server can also generate a client-side description language (script), which uses a variable of the client-side object application program interface (Αρι), internally an object or calls an entry point (Entry point). Furthermore, the f command of this object can include · ConnedcwkH

ContentID, UNIT USBDriverlD). In an implementation of the invention

r v e r IP is a string variable, which is used to describe this object (the king ball I source locator (CDRL)). ? 〇 忖 is this CKU servo, 7 port number. The Session ID is a unique identifier assigned by this server. This Session ID can connect a socket,, and, to each specific website conversation, and it must be initialized to ensure that the server can synchronize its state. In addition, this ess ionID can also be stored as a temporary part of a transaction database

Page 175 583568 V. Gold records in the description of the invention (170) (such as: database 2890), such as the 28th website server 2850 and the CKU server 2860 master's / fine. In addition, ContentlD is an identification code for this side and the disc that includes the Nebe supply to a consumer). The USBDriver is an identification card, so that a single moment can be used to locate a disc drive, so that the terminal 2j96 can insert a notification to start an unlocking session. ^ Generate a self-executing example, this is a true content ID (SC ID) and a lock-off flag 俨 24, which is transmitted by _ inquiry ^ ^^ (ORL) on a suitable disc, by -A user specifies, or values, clothes to connect to-a CKU server 2860. In the present invention, the global resource locator (URL) is connected using "She A e Executing '. To this end, the global resource locator (rl) is attached to a user system. Launch a browser and connect ^ 2860. This Global Resource Locating Stomach (URL) can be selected as a ... entry, which can be a smart re-pointing = ground =:: re-pointing: the device can be based on 'for example, media identification information to determine 2 The client will: the connected web server. Please refer to Section 3ΐβ2 again. Block 3 182 is based on this global resource locator (AURUN) or other presentations. 枇 Yong Zhan De Zhuang 丨 ^ Consumers present a variety of supplies. See the various supply mechanisms, which are illustrated in Figure 31C of the 22nd test. It is used to indicate a method of connecting the CK server. In one embodiment of the invention, this method can utilize a

583568 V. Description of the invention (171)

The description language (S c r i p t) executed by each client object is called. In addition, block 3 1 1 4 is a driver for setting a connected device. Furthermore, block 3 124 is used to connect to an engine and retrieve a ContentKey Digital Edition Management (CKDRM) certificate, such as those previously described. In addition, block 3 1 2 6 is used, for example, a slot mode group (such as: BSD / WinSock and SOCKET-STREAM mode group) to connect a CKU server 2860. In addition, block 3 128 is used to wait for a confirmation message from the CKU server 2860. In addition, block 3 134 is used to transmit the Conttent Key Digital Edition Management (CKDRM) certificate of this engine to this CKU server 2860. In addition, block 3 144 is used to receive the ContentKey Digital Edition Management (CKDRM) certificate of this CKU server 2660. Block 3 154 uses CKCMD-AUTHENTICATE to send this server certificate to this engine 2698. Furthermore, block 3164 is used to receive an ESessionKey and send it to the cku server 2860. Block 3 174 is used to receive the unlocked data from this server 2860 and send it to this engine 2898 using CCKMD_UNLOCK_FILES. In addition, block 3184 is used to report the status of the unlock operation to the server 2860. Box 3 194 is used to update the media

A list above is coupled to this engine 2898 to include newly unlocked content. Now refer to Figure 32 and Figure 28. This CKU server 28 6 0 is used to manage many simultaneous connections and unlock transactions, as described earlier Y example: Figure 31). Whenever a client requests a connection κ, this server must accept the connection and continue to execute the 32nd

Page 177 583568 V. Description of the Invention (172) This method is shown in the figure. As shown in the figure, in block 3202, the CKU server 2860 is used to confirm a client connection. In block 3204, the CKli server 2860 receives the Engine Key Digital Edition Management (CKDRM) certificate and session identification code (S e s s i ο η I D) from the client 2896 which receives an engine. In block 3 2 06, this ContentKey Digital Edition Management (CKDRM) uses the Session ID as an indicator or key to receive the side content ID (SCID) from the transaction database 2890. ) And a list of DataPlay File System (DFS) files to be unlocked. At block 3208, the CKU server 2860 is connected to the original CKU video server 2840. In addition, in block 32 10, the CKU server 2860 is used to wait for a confirmation message from the CKU original shadow server 2840. In block 3212, the CKU server 286 0 sends a server

ContentKey Digital Edition Management (CKDRM) certificate, this engine 2898's (: 01 ^ 6111: 1 ^ Ya Digital Edition Management ((: 1 ^ [^) certificate, media side content identification code (SCID), and DataPlay file system (DFS ) The files are processed to the original video CKU server 2840. In addition, in block 3214, the CKU server receives these key complements from the CK11 original video server 2840. In one embodiment of the present invention , These Jinyu use the public key of the CKU original video server 2 8 4 0 for encryption. In addition, in box 3216, the CKU server 2860 is used to confirm the CKU original video server 2840 In block 32 18, the CKU server 2860 will then disconnect the connection with the original CKU video server 2840. In addition, in block 3220, the CKU server 28 60 will send this

Page 178 583568 5. Description of the invention '(173) The ContentKey Digital Edition Management (CKDRM) certificate of the server is transmitted to this client 2898. In block 3222, the CKU server 2860 receives the ESessionKey by the client 2898, which can use the public key of the CKU server 2860 to perform the decryption action. In block 3224,

C K U Servo Zhai 2 860 is to decrypt the session key by using the private record of a server. In addition, in box 32 2 6 'CKU server 2 8 6 0 is, for example, using public key infrastructure (PKI), using a server's private key and adding dialogue record information to The complement performs the decryption operation. In addition, in block 3 2 2 8, the CKU server 2860 uses, for example, Advanced Encryption Standard (AES) and / or Triple Data Encryption Standard (Triple-DES) to generate the key complement used to re-encrypt the key. A random key to provide Unlock 2 capability. Furthermore, block 323〇 is used to enable this CKU server 2860 to 'use, for example, the Advanced Encryption Standard (AES) and / or the Triple Data Force Γ (Tripie-DES) to utilize this unlocking The key encrypts these key complements. In addition, in block 3232, the CKU server 2860 uses, for example, the public key infrastructure j P K I—) and the engine's public key to add the unlock key to the action. Furthermore, in block 3234, the CKU server 2860 is used to create a CCKMD_UNLOCK_FILESf data block and pass it to the client 2896 as f ,, a. In the box, the server is used to create a message authentication code for the data part of the box (MAc ancient block 3238, CKU server 286 0 is used to send this data

Taxi to this client 2896. Additionally, in block 3240, the CKU

Page 179 583568 V. Description of the invention (Π4) The servo is 2860 but it is unlocked by receiving from the client 2896. And, in block 3242, the transaction status is marked in the transaction database 2890. Finally, at block 3244, the CKU server 2860 will disconnect from the client. In one embodiment of the present invention, in block 3245, when a web server is 2 8 50 and the CKU client 2 896 receives an instruction that the unlocking action has been completed, the web server 2850 completes the rest. Financial transactions. Please refer to Figure 33, which is a method used to represent the original movie serving benefit 2840 in Figure 28. Among them, the block 331〇 is used to allow the original video server 2 840 to accept the connection of the CKU server 2 860. In addition, in block 3320, the original video server 2840 is used to confirm the connection action. Then, in block 333〇, the original video server 2840 can receive the CKU server by the CKU server 286. § 28 6 0 (: 〇1 ^ 6111: 1 ^ 7 digital rights management ((: 1 ( ]) Question) Vouchers, Conttent Key Digital Rights Management (CKDRM) vouchers for this engine, media content identification code (SCID), and DataPlay file system (DFS). Cases are also handled. In addition, in box 3334, the original The video server 2840 uses' for example, the signature verification (MAC) and public key infrastructure (PKI) signature check operations to verify the validity of these two certificates. Furthermore, at block 3336 The original video server 2840 checks the revocation database 2530 to confirm that there is no participation in the revocation certificate. In block 3340, the original video server 2840 is retrieved from the key complement database 281 (). The required gold record complement.

Page 180 583568 V. Description of the invention (175) 33 50. The original video server 2840 uses the public key of this CKU server 2 8 60 to encrypt the complement of these keys. Also, in block 3360, the original video server 2840 is used to send the encrypted data to the CKU server 2860. In addition, in block 3370, the original video server 2840 retrieves a confirmation message from the CKU server 2860 and terminates the connection with the CKU server 2860. The methods used for the server in Figure 28 are started by a client, such as CKU client 289 6 and a method. Please refer to Figure 34, which illustrates the method of webpage 2892 and CKU client server 2896. In block 3410, a client 2896 accesses a formatted global resource locator (URL) (such as a global resource locator (URL) on a media disc, as previously described) Or a Global Resource Locator (URL) 'associated with a serial number on a media disc or other source to enable this method. Then, in block W20, the client 2896 presents a query string including the side content identification code (sc D) and the locked content status. In addition, in block 3 430, the web server 2850 is used to create a web page, which uses this provisioning database 28800 and this user interface component data ^ 28 7 0 to present a variety of provisioning To a consumer. Wait until the user in box 34 40 chooses to complete and the conditions of this transaction are also fulfilled. The web server 2850 will send a "Unlocking page in progress" to this client. In block 3 4 5 Q, this website m week 2850 is used to generate a unique dialogue identification service (SeSS10nID), which will be used after confirmation of this unlocking process on page 181 583568. DESCRIPTION OF THE INVENTION (176) Entering two parents. In block 43 54, this webpage 2892 is embedded with an S r client 2 8: 6 object and includes the client's description language ⑽ U t 1 to inform the CKU client 2 8 9 6 that it can start this Two d 疋 right order. In addition, this web server 2850 can also be indexed at box = 4 = storing this side content identification * (sgid) and a list of 1 (DFS) ^ after ^ #, speech identification code (SeSSi〇nID) for indexing By using ^ ^, U servo Is object is used. In addition, the CKU client 2896 == an internal editor inside the webpage, which is sent to a system and Netscape P1: an object can be developed into an ActiveX client loop. Another recognition, / Μ, in order to support most browser language (scri t Y extended some object methods and features can also be described through Java or error I 2 to access. This object is completed after this transaction When the 'transmit-an object link is embedded (㈣ event to when this site feeds a crying mountain y received a link; by I: the homepage in the server Liu Lanji with media information. In some examples ^ Website feed 11 The establishment of this supply showing the locked status flag will determine the content identification (SCID) and his example ", the identification of Γ). In its label-a code, or two = not to enter this packaging should be priced It is the retailer who supplies the discs = discs. It is retrieved from the supply becoco and presented to the consumer as a brand webpage on page 182 583568 5. Invention Description (177). This user It is from these supplies that all the conditions of the transaction are selected. These conditions must meet this statistic 'in exchange for this content to enter payment information or once all conditions of this transaction can be met, you can build "A" is being solved. The web server page is embedded with a co client object server .. Fang Yuejian entered the parent database, and the two confrontation identification codes (Sess i on ID), side, meat ^…,), using the authorization code of the card parent, and a list to unlock the DataPlay file system (DFS) file disposal. …,: 5 T: This is an example of a method from a systematic point of view, i? The content performs an unlocking operation. Its ρκϋ θ @% 疋 is used to send a web page to this client. This knowledge object uses these conversation identification codes (Sessinomic ID), side content identification codes (SCID), and ιρ of this CKU feeder: P〇RT = address as an example and start. At block 3512, the CKU user immediately includes a Cont Kent Digital Rights Management (CfDRM) certificate for the engine. At block 3516, the CKU client then establishes a connection to a listening port on the CKU feeder (for example: one = slot connection). In block 3518, the CKU server will accept the incoming connection by the client and use a confirmation message to confirm the connection. In addition, in block 3520, this CKU client will use

Page 183 583568 V. Description of the invention (178) A connection §fl information 'is used to transmit the cnntent Ke ey digital rights management (CKDRM) certificate of this engine and the session identification code (Sessi〇nID) to the CKIM server Device. In block 3522, the CKU server responds with a confirmation message or a resend message. Then, in block 3534, the CKU server indexes the unique conversation identifier (Sessión ID) of the conversation to set the corresponding record in the transaction database. In box 3536, the CKU server can also use a slot 璋 to connect to this CKU original video server listening port. In fblock 3538, the original CKU video server accepts this connection and responds with a confirmation message. In block 3540, the CKU server f-packs the request key and sends it to the original CKU video rights. This packet can also include an engine key.

Vlri (CKDRM) '^^^^^^ ContentKey ^ (SCinT (CKDRM) voucher, the side content identification code of this media ΐ ί: In one embodiment, the CKU server sends the original version of the CKU to the 47th The remaining message used to request unlocked content is displayed in two forms: In this embodiment, the message shown in Table 47 is the same as the certificate, the scoop = f engine, and the ConntentKey digital rights management (CKDRM ), And the media content identifiers (SC ID), (DFS Y _) of each of these files, the htaPUy file system table 47 of each broadcast plan to be unlocked &

Page 184 583568 V. Description of the invention (179) Byte displacement type Block name description 0: 1 U1 6MessageID = 5 0X00 05 CKU_REQ_KEYS 2: 3U1 6MessageLength includes the entire byte length of the header 4: 7U32Reserved is reserved as Future use of 8: 247 (: 1 (10ba 1 ^) ^ 1〇 people £ 361 ^ 61 ^ 61 * 1 :(: 101 (1) (certificate 248: 487CK-CK of CERTIF ICATEEngineCert engine) Voucher 488: 491 U32 NumHandles DFS number of disposals 492: 11 0? 8_1 ^ 01 ^ 11 & 11 (1161 ^ 3 seven 0? 3 list of disposals

Please refer to Figure 35 again. At block 3542, the original CKU video server responds with a confirmation message or a retransmission packet (if any problems occur).

In block 3544, the CKU original video server authenticates or rejects the engine and the 00 server ’s (: 〇1 ^ 6111: 1 (67 digital rights management ((; 1 ^ 1 ^) certificate. This authentication action includes: : Use, for example, CerticomTM to confirm the digital signature. In block 3546, the original CKU video server line checks whether these certificates exist in this revocation database. If these vouchers are invalid or have been revoked, this c κ 影片 The original video server will respond with an error message in box 3548. If these credentials are valid, then in box 3550, the CKU original video server will ^ retrieve gold from an associated database Key complements, and encrypts these key complements with, for example, a public key infrastructure (PKI) with a server public key in, for example, a server certificate. Additionally, In block 3552, the original CKU video server then

Page 185 583568 5. The invention description (180) will send these key complements to the CKU server. Please refer to Table 48. The message sent by the original CKU video server can be an encrypted list, used to request the key complement of the file, as shown in the table. In addition, these key complements can also be encrypted using the CKU server's public gold loss or another appropriate public gold record. ‘Brother 4 8 Byte displacement type field name description 〇: 1U16Message ID = 60X00 0 6 CKU_KEYS 2: 3U16MessageLength = 8 including the entire byte length of the header 4: 7U32Reserved reserved for future use

8: 1 1 U3 2 Number of key complements in the NumKeys table B 12: nU160EKeyComplimentList

In block 3 5 54, the CKU server is used to receive these golden complements, confirm the receipt of this data by sending a confirmation message, and interrupt the connection with the original CK U server. When a data mismatch occurs or an error message is received, the CKU server responds in boxes 35 56 with a resend message. In block 3558, the CKU server uses an authentication message ′ to send its C o n t k n y Digital Rights Management (CKDRM) certificate to the CKU client. In block 3560, the CKU client is used to respond with a confirmation message or a resend message. In block 3 562, the CKU client is used to create an authentication command packet for transmission to the engine through this driver. For this reason, in block 3 5 6 4 the engine will respond with an encrypted session

Page 186 583568 V. Description of the invention (181) key, and ′ In block 3566, this will record the message TT A to record the message t, and this will be done; =, the two ends will cry in a conversation. * 5 D ° The ancient key is transmitted to this CKU server ΪΓΓ68: Cao server is used to respond or use a private key; in 2 blocks of 3570, the CKU server complements the decryption operation. Immediately, 1 conversation * record and these gold balances 3572 φ., T ¾ CKU server will generate a random key in block 3572, for example: a one-eight-bit Advanced Encryption Standard (AES) gold Key, data, re-encryption. In addition), a pair of gold and guns: a pair of key complements an unlocking key, and the encryption-information can include an unlocking message sent to this engine. In the present invention: the seal & it is passed C2 plus one time. In the last example of bismuth, this command can also be used to calculate the message authentication code (MAc). In 3574, the CKU server is used to send an unlock to the client. In blocks 35 to 76, the client is either a confirmation message or a resend message. In the box π "σ the CKU client is using this data to pass the command of the‘ locking action ’. Cancel Φ ΐ ΐ ^ ΐ ΐ ΐ? ^ ^^ ^ ^ ^ ^ 3578 ^ ^ ^ ^ J1 A decision message will be sent to the CKU server. The server in 580 is used to make a state of unlocking operation in this transaction database and interrupt the connection with this CKU user Z. In box 35 90, the CKU client is on this page, borrowing

583568 V. Description of Invention (182) Sends an event to an event disposition to report the status of the transaction to this webpage. In box 3 5 9 2 this page is used to display the status of the transaction. In the embodiment shown in Figures 35, there are multiple opportunities for errors. As shown in Table 49, the errors transmitted in a message include the following types. Table 49 Error code name description 0CKU _ — ERR 1 — UNKNOWN An unknown or undefined error occurred 1 CKU — — ERR 1. INVALID _DATA part of the data in the last packet is invalid 2 CKU — — ERR 1 — INVALID __MESSAGE is invalid Message ID 3CKU _ —ERR — —ECERT — INVALID invalid engine certificate 4CKU _ —ERR — —SCERT — INVALID server certificate 5CKU _ —ERR One —ECERT — REVOKED Revoke engine certificate 6CKU _ —ERR — —SCERT — REV 0 KED revoke server certificate 7CKU _ —ERR — —INVALID —MED IA media identification and 8CKU with invalid J code _ —ERR a —INVALID _HANDLE has an invalid disposition in the DFS file disposal list. Report this bad disposal index in the ContextData field. 9CKU _ERR _SAUTH _FAILED server authentication failed (either engine or original CKU video) 10CKU_ERR_UNLOCK_FAILED For some reason, this engine reports a failed unlock. Report this quote in the Context Data field

583568 V. Description of the invention (183) Engine status code. In one or more embodiments of the present invention, the data security of the secure electronic content (SEC) system is enhanced with a plurality of identification codes set on the medium. These identification codes can be public, private, or both. As mentioned earlier, these identifiers can be generated during a movie production process or during other subsequent transactions, and their completion depends on the requirements of the system, as shown in Table 50. Table 50 Location and description of access action

The public IDD framework that generates the original stamps is generated by the original video GUID production process. In this field, generate a fi X έΑ I ι unique, statistically unique identification code, private identification, identification code structure. Produced by the original film

Original copy of ContentKey content ^. Each with this identification code is the pre-game # _ & +, first count the unique identification code. Broad ID Code Architecture. In this field: Γ 2 ... Conten'Key's content of independent media. J ::: Write to death The other code is written or blocked, independent ..., one. What is the identification code linked to the content? ^ Original video production, non-pre-recorded, private, non-volatile memory. The GU ID of the engine is generated by this solid engine manufacturing process. Various properties

583568 ----- V. Description of the invention (184) The method of unlocking the contents stored on the system $ is used to introduce an authentication protocol, and is implemented as shown in Figure 35). From an engine point of view, this solution is based on the method shown in Figure 36. In block 3610, this:: is a gold containing the first disposition, & a key box, and is used to receive the identification J complement that the child can link to a write. This key box engine is used to execute a golden money box look-up table 2 block 3620, this quote 3 and 63 solution 0 :, the gold money inside this key money box;: ;; blocks and solutions action. Then, at box 364〇, the order will be unlinked, and the remaining funds will be reconnected, and the transaction will complete the method shown in the figure. These application interfaces are 2 疋 ° because the 35th and 36th servers send data. Protect it when it comes. (1P) will be able to perform authentication actions from one or two sides, and the transaction will be locked; then, this communication will pass through two private gold records, and it will be decrypted. One by one secret dialogue golden record. This secret conversation was received by a receiving block (such as: an advanced plus, a cryptographic party = optional, 1 can be a box) sub-block, and locked according to another; a: Example: a release procedure is started Instruct 3702 to start. 'Jl 可 = 图 37 °° 是 由-A tool can include: start a device.

Page 190 583568

Block 3704 is used for media (through, for example, a universal plug-in connection_ a personal computer (PC box 3 7 0 6 is used to start a server in an embodiment of the invention, which It is installed in a disc insertion event such as ... inserting media into this 5 case system after automatic execution of processing, so as to receive instructions with ^^ π content management device "0 Fang Li device, which is used to present the locking example, this The content management device allows the user to interact with it. 5 By borrowing this content management device, you can dynamically use a contents • ddl tag for locked content and 5 the insider hunts with a link 5 to unlock the location of the content. The reading operation of a file to a content management device starts with • in. In one embodiment of the present invention, the media is in an information station Or the download model has a plurality of devices associated with these supplies. If there are multiple global resources, such as: a portable disc, a device capable of serial bus (USB) port, and then) a device +. This process is automatically executed Disposal, as described previously. This automatic execution of disposal is an event waiting in the drive heap® to wait for an entry into a device. Once the automatic execution of disposal is started, it will pass through an aut0.inf file in this file to start the block. 3708 is related to this content management. One implementation of the present invention is a presentation layer, so that one can play the content of a media disc. The content of a table is created to distinguish locked and unlocked content. The content management device can provide the consumer or user to point to an allowable 'automatic execution of disposal 3706. You can also accumulate and execute a continents.ddl resource locator (URL) data. You can also include multiple supplies (Chengdu (Middle), and may or may not have a global resource locator (URL). URL (URL), then this consumer

583568

Or the user can continue to choose any one of them. The content management device in block 3710 is used to provide an optional ContentKey Digital Rights Management (CKDRM) entry for those ContentKey Digital Rights Management (CORM) content files. ^

In an embodiment, a contentKey digital rights management requirement only exists when the following situations occur. First, a set of software for a global resource locator (URL) collects and recognizes ^ then points to a set of software or a combination thereof, which can be unlocked using at least five, e-tailers (eTai ler), For example: a second music transaction by a μ electronic retailer (eTailer) = lock action. Secondly, a package software collection identifier can also be attached \ This global resource locator (URL) 'is used to point to two or more package software that can be unlocked by a different electronic retailer (eTaUer) . Regardless of the example, the presence of a selective e-tailer (eTailer) will require a user or consumer to select an e-tailer (eTailer) before continuing the transaction. In addition, block 3712 is used to provide a login action in the field of digital rights management (CKDRM). In particular, a login program can also be based on this particular e-tailer. Therefore, if a consumer or user does not have an account for the desired e-tailer, then they can create an account in box 3712 or select a visitor based on the e-tailer Log in to access permissions and provide valid billing information to authorize transactions with the requested credit card authorization. After a registration process is completed 583568 5. Invention Description (187) " ----, block 3714 will provide a packaged software / pricing presentation to a consumer or other user. The consumer or user can then choose what to unlock, or end the process, if nothing is selected. A software package list in block 3714 is used to provide a procedure whereby a consumer can select the software package or software packages to be unlocked. In addition, in box 37 丨 6, a consumption f information questionnaire will be presented to this consumer / user when it is necessary or required to enter bills or other information. Furthermore, blocks 3 7 丨 8 are, for example, based on the data entered in this questionnaire to provide a presentation of the transaction summary. In addition, block 3729 is used to provide credit card authorization actions, which may or may not be required, depending on the system requirements. For example, a code could allow free unlocking of content, 2 in exchange for other compensation for this questionnaire 3716, even without any compensation. In addition, the box 3 7 2 2 is used to provide digital information for this transaction, and the server notifies. In particular, an electronic retailer (eTailer) may be responsible for using a protocol required by a digital information exchange server to communicate, and an unlocked transaction occurs in it. In one embodiment of the present invention, an electronic retailer (eTaier) must provide the digital information exchange server with the software package to collect the identification code and a software package that the consumer / user wants / purchases. Table Column. In addition, the digital information exchange server can also request a certain degree of consumer information. Block 3 724 is used to provide the Content Key Digital Rights Management (CKDRM) activation status to this user or consumer. In addition, blocks 3 7 2 6 are

583568

^ According to-an authentication procedure '# to provide-an engine and-a server pair, hexadecimal = outside' box 3728 is used to provide-a key complement look-up table and pass 2 works, and this gold Write the supplementary number to write this setting / disc or you need one: ^ Record supplementary text to complete other places where encryption is required. Block 373.0 is used to update the contents.ddl file. In addition, Block 3/32 is used to provide a program to complete the unlocking of content. The ConntentKey Digital Rights Management (CKDRM) transaction. Block 3734 is a transaction provided by an eTailer (such as a group that retails on the Internet) to complete the transaction

Notification action. In addition, block 3736 provides an optional congratulations presentation to the user or consumer.

Please refer to FIGS. 38 and 39 at the same time. FIG. 38 is a flowchart of a method, which is an embodiment of a program for unlocking content according to the present invention. In addition, in this secure electronic content (SEC) system, object interactions between components are shown in Figure 39. In particular, please refer to Figure 38. The block 3802 is used to enable this digital information exchange server (DCS) 4 to manage the server 2 9 0 8 to record DCS with or without a media identification code—STAGE The form is inserted into the DataPlay (DP) data security database 3914 shown in Figure 39, as shown in INSERT_INTO_DCS_STAGE 3918. In particular, please refer to this DataPlay (DP) data security database 3 9 1 4. An example of a summary of this database is provided in Tables 51A to 51D below. Form 51 A

Page 194 583568 V. Description of the invention (189)

CKDRM—MASTER-KEY

H

MASTER_ITEM_IDNUMERIC (0 ^ 0) NOT NULL PC_IDVARCHAR (40) NOT NULL ITEM—NAMEVARCHAR (400) NOT NULL ITEM—HANDLEVARCHAR (8) NOT NULL KEY _COMPLEMENTVARCHAR (50) NULL KEY_VERSIONNUMERIC (3,0) NULL BUSINESS_ENTITYID ) NULL CHANGE—IDVARCHAR (8) NOT NULL CHANGE—DTDATENOT NULL Table 5 IB

CKDRM—MASTER—PKG

MASTER_PKG_IDNUMERIC (0 ^ 0) NOT NULL PC—IDVARCHAR (40) NOT NULL PKG—IDVARCHAR (40) NOT NULL CHANGE—IDVARCHAR (8) NOT NULL CHANGE DTDATENOT NULL _ Table 51C

CKDRM —MASTER —PKG —KEY

MASTER—PKG—ID (FK) NUMERIC (0,0) NOT NULL MASTER—ITEM—ID (FK) NUMERIC (0,0) NOT NULL CHANGE—IDVARCHAR (8) NOT NULL

Page 195 183568 V. Description of the Invention (190)

CHANGE DTDATENOT NULL

TABLE 51D DCS _STAGE

TRANSACTION_IDVARCHAR (2 0 0) NOT NULL PCIDVARCHAR (40) NOT NULL PKGIDVARCHAR (40) NOT NULL MEDIA—IDVARCHAR (36) NULL STATUSNUMERIC (1, 0) NOT NULL CREATE—DTDATENOT NULL KEY__REQUEST_DTDATENOT NULL COMPLETE —DATE ) NOT NULL CHANGE DTDATENOT NULL

Please refer to Figure 38 again. Block 3804 is used to enable this Digital Information Exchange Server (DCS) order management server 3 908 to generate a web page. Among them, a client server 3 904 uses a transaction. The ID is used as an example. The connection 3916 of this brand webpage with the CKU client embedded is shown in the figure. Among them, block 3806 is used to enable the CKU client 3904 to obtain the Con ten tKey Digital Rights Management (CKDRM) certificate of the engine 3 902, as shown in the CKCMD_GET_CERTIFICATE command connection 3920. In addition, block 38 06 is used to enable this engine 3 902 to transmit a Con ten tKey Digital Rights Management (CKDRM

Page 196 583568 V. Description of the invention (191)) The certificate is given to the CKU client 39G4, and the response action is completed, as shown in connection 3922 in the figure. In addition, the CKU client 3904 sends the DFS ^ CMD_GET_MEDIA_METADAT command to the Gong Engine 3902 to retrieve this unique media identification code. Block 38008 is used to allow the CKU client 3904 to obtain the unique media identification code, as shown in the connection 3 9 16 in the figure. In one embodiment of the present invention, if the obtaining action of the unique media identification code cannot be established, the engine 3902 will obtain the identification code.

After obtaining this unique media identification number, the CKU client 3904 sends a hyperfile transfer protocol (Ηττρ) notice 3928, or a notice based on another protocol (which is suitable for client server communication) to CKU server 3906. Based on this notice, the CKU server 3906 will use a GetServerCert program (Servlet) 3930 as an example, which is used to execute a CKU original movie 391 () (in one embodiment of the present invention, This function is a Java version of the original movie) GetServerContentKeyCert () function 3 932, and

Take the required string. The original CKU movie 3910 applies the GetServerContentKeyCert () function 3 9 32 to the Crypto Library 3912 through the connection 3934, and obtains the required certificate from the Crypto Library 3912. In addition, block 3810 is used to enable the CKU client 3904 to obtain the content key certificate of the server 3906. As shown in Figure 39, whether it is a credential or an error, it will be returned to the original CKU by the Crypt〇 Library 3912 and the connections 3938 and 3 936.

Page 197 583568 V. Description of the invention (192) '~ Edition video 3910. 〇 (11 The client 3904 uses the CKCMD-AUTHENTICATE command (ie, server certificate) in the connection 3940 and is transmitted from the client 3904 to the engine 3902 to request a conversation record (ES) with the receiving certificate. essi ο η K ey). Block 3812 is used to enable the CKU client 3904 to connect via 3 9 4 0 and use the C KIM server 3 9 0 C ο ntent K ey Digital Rights Management (CKDRM ) The credentials are used to retrieve the ESessionKey from the engine 39002 via the connection 3942. In addition, 'block 3 814 is used to enable the client 3904 to generate a request for unlocking for authentication and / or Update a table with the media identifier. In one embodiment of the invention, the table is a DCS-STAGE table. Furthermore, block 3814 is used to enable the client 3904 to request the engine 3902 The authentication action, obtain the slot disposal / key complement / version list, and wrap the file combination: In addition, the CKU client 3904 uses the connection 39 44 is used to send a Hyper File Transfer Protocol (HTTP) announcement to the CKU server 39 06, which includes: for example, ESessionKey, engine certificate, media identification code, and transaction identification code The CKU server 3906 inside those unlocked content programs (gervlet) 3946 is through the connection 3 948, the use of unlocked content (uniock Content) functions (which includes ESess i onKey), engine credentials , Media identification code, and transaction identification code) to issue an unlock request for the original CKU movie 3910. In addition, the original CKU movie 3910 is connected to 2950 to access the DataPlay (DP) data security database 3914, and Will this

Page 198 583568 V. Description of the invention (193) P-KEY commands (including the transaction ID, media ID, password, and result set (Re suit Set) output) are transmitted. The DataPlay (DP) data security database 3914 responds to a ResultSet (File Handling-Key-Version) or an error by connecting 3952. In addition, the original CKU video can also be connected to the encrypted library (Crypto Library) through WrapFileSet functions (which include: ESessi0nKey), engine certificates, file combination strings, key counts, and media identifiers. ) 3912's connection 3 9 5 4 to request this wrap broadcast combination. In addition, the block 3816 is used to enable the CKU client 3904 to transmit the wrapped wall case to the engine 3902 ′, so that the engine 3902 can perform an unlocking action on the inner valley. In particular, the crypto library (C r y p 七 〇

Library) 3912 is connected to the original CKU video 3910 3 9 60 to send the package slot combination or an error message. The original CKU scene 3910 uses the connection 3958 to transmit the transmission content to the CKU server 390 6 and then uses the connection 3960 to transmit from the CKU server 3906 to the CKU client 3904. In addition, the CKU client 3 9 0 4 uses this package file combination to transmit a CCKMD-UNLOCK-F ILES command to the engine 3902 via the connection 3 9 6 2. Subsequently, the engine 3902 will use the connection 3964 to send a success message, a success message with authentication, or a failure message to the CKlJ client 3904. Block 3818 is used to enable the CKU client 3 9 0 4 to transmit a final transaction status message to c K U " server 3 9 0 6 and to a consumer / user

Page 199 583568 V. Description of the Invention (194) The user displays a message that the completion is completed with a parent ("Transfer completed"). In particular, the CKU client 39 04 will also send a Hyper File Transfer Protocol (HTTp) announcement to the CK U Temple server 3 9 0 ′, which includes: a transaction identifier and a status message 3 9 6 6. Block 3 8 2 0 is used to make this digital information exchange server cry (d c s) order management server 3908 can receive this status to complete the communication :, and delete the DCS-STAGE record of that transaction and update the transaction. The UpdateStatus program (Servlet) 396 8 sends the UpdateStatus function (which includes: transaction ID and status information) to the digital information exchange server (DCS) order management server 3809 using the connection 3970 'in response to this Bulletin 3966. In addition, the Updatestatus program (Servlet) 3968 uses the updated SQl syntax identifier, status information) to connect with these two two :: guang (DP) materials security database 3 9 j 4. Now please refer to the figure to make it easy, and the middle and each are used for a play movie), which automatically executes the Contents engine 4102. The reference to Figures 40 and 41 shows that according to the present invention, a 'Figure 41 is in this element Receiving interaction between objects includes locking the internal device or device (the coupling tool is transferred to a lead processor 4104 (or a file). Please refer to *, one of which implements a safe Ang 4 U diagram is a process An example of a block diagram of an unlocked electronic content (SEC) system. Among them, a disk engine 4 102 in the body of block 40 02 (for example, placed in a medium to a personal computer) 102 content tube FIG. 41 A signal to this magnetic plug box 4004 is used to allow the device to be able to request a 'this request is to use the automatic execution of the event

583568 V. Description of the invention (not shown for connection 4 1 1 4). Subsequently, this automatic execution process 4104 will send a 1) 1 ^ (: 0 — (^ 了 —1? 1] ^ 8 command to the engine 4102. The engine 4102 sends a ^ 111; 6111: 3 (^ 1 file and respond to it, as shown in 4 11 8. In addition, block 4006 is used to allow the automated execution process 4104 (or content management device) to scan the contents ddl file to obtain one or more identification stones. Horse, which includes: package software collection identification code (PaCkageC〇llectionID), package software collection inventory unit (PaCkageC〇llectionSKU), unlocked global resource locator (UnlockURL), main package software inventory unit (packageSKu) list and Business entity identification code and a previously unlocked Software Package Storage Unit (PackageSKU). In addition, the automated execution process 4104 also includes an internal logic circuit 4120 to operate after returning the conntents ddl file. In addition ^ Block 4008 is used to enable this automatic execution process 4104 or an Inner Valley official device to attach data to a Global Resource Locator (URL) and open a A preset browser to display a web page generated by an e-tailer. The selection of the e-tailer (e Taier) is based on an embodiment described previously. In addition, block 4010 It is used to enable this e-tailer (eTailer) 4106 to present a sequence of web pages to users / consumers to process an e-commerce transaction. A user / consumer is through this e-tailer (eTai ler ) 41 06's "Shopping Cart" page 4122 for interaction.

Page 201 583568 V. Description of the invention (196) In addition, the box 4 0 12 is used to explain: In a user / consumer, for example, through buttons and prompts eTaiier 41〇6 to Upon completion of this transaction, the e-tailer (eTailer) 4106 should be requested to notify the Digital Information Exchange Server (DCS) of the result of the ContentKey unlocking transaction. The electronic retailer (e T ai 1 er) sends the PC ID to the digital information exchange server (DCS) and lists a software package inventory unit to be unlocked, such as HTTP Bulletin 4124 (PCID, package software As shown in the table), it is transmitted to the digital information exchange server (DCS) order management server 4 108 via the electronic retailer (eTailer) 4106. In addition, block 4 0 1 4 is used to enable this Digital Information Exchange Server (DCS) order management component to generate a unique transaction identification number and insert a record for each software package purchased. The command 4126 (transaction identification code, PCID, package software identification code) inserted into the SQL syntax is transmitted by this digital information exchange server (Dcs) order management feeder 4108 to this digital information exchange servo write (secondary database) Chuan ... At this time, the media identification number; it will include a NULL value. In addition, 'block 4016 is used to explain: this digital information exchange servo cry (DCS) order management feeder 4 丨 〇8 A failure message or a ° Global Tribute Locator (URL) 41 28 responds to this e-tailer (eTailer) 4106. A user / consumer can then use this Global Resource Locator (URL) To unlock content. This unlocked Global Resource Locator (URL) includes this

583568 V. Description of the invention (197) f and f: 戠 different code ’, which is generated by the digital information exchange server (DCS) order management server 41 08. In addition, 'block 4 0 1 8 is used to explain ... This electronic retailer (eTa 1 1 er) 4 1 0 6 is used to generate a final confirmation message, and to include this unlocked global resource locator (url 3〇 The webpage performs the unlocking action. # 实施 Other Embodiment 3:: ί 5: Understand ·· The embodiments mentioned in the book can be used by software programs, which can be one or more program products, Generated in various forms). In addition, the present invention can also be used in the S-1 1M2 example, and is not necessarily limited to the implementation of the above-mentioned dissemination behavior and the two storage media or signal storage media. Program storage media! Examples of 2 types of media include: recordable types of media (such as ^ π ^ _ μ *, IROM), and tape-type media (such as: ι, Tonghua Link), and other Media storage and distribution system. In addition: The detailed description is to use block diagrams, processes ®, and / or = sub & = to present various embodiments of the present invention. Those skilled in the art should understand-f block diagram elements , Flowchart steps, and the operations described and / f70 彳, = 疋 are used as examples of these embodiments, which can be individually or through a wider range of hardware, software, firmware, or any combination thereof). : 22; ΐ. $ 外 'People who are fully or partially familiar with the following fields (including: Standard 2: Post-application Special Application Integrated Circuit (ASIC)) After clearing the road and clearing the road ^ Understand' The invention can Implemented as

Page 203 Fifth, the invention description (198) body (such as: one or Zheng Xi & ,, 裎 代,: I? Ι 髀, · ^ Gan Xi personal computer) general purpose machine executed on the general machinery , Or any one of them, ^ ^ ^ ^ -V 'μ ^%, combination, sub-software or firmware circuit and / or private writing should also be familiar to those skilled in this art. The invention has been used to practice this skill through a specific embodiment. Those skilled in the art should also be able to explain the scope and characteristics of the above-mentioned thermal range and characteristics on the basis of the description of the above, and without departing from the present invention. Therefore, the following patent application scope is Use and perform various adjustments and changes. Including its adjustments and changes), and these two include the scope of the present invention (including the scope of the invention. Zhou iE and changes should also be regarded as a simple explanation of what is called 568 type 1-^ to make it easier for those skilled in the invention Understand the present invention, including the various purposes, features, and advantages of the present invention. The present invention is described below with reference to the drawings. In the following drawings, the same numbering is used to indicate similar elements. = 1 Figure root, An embodiment of the present invention introduces the digital rights management (DRM) system within the secure electronic = (SEC) system. The diagram is based on an embodiment of the present invention, introduces one, and introduces one secure electronic. Internal = 3 is a method supported by the (SEC) system according to an embodiment of the present invention. 筮 U 筮, an open system interconnection (OSI) model of the prior architecture = is the content flow of the material according to the present invention King Wen and his daughter Quan Fan, 纟 σ retrieved data from the media and introduced a voucher program. 丨 How to use a voucher to execute a confirmation process according to one embodiment of the present invention Method: Figure 5C is an embodiment according to the present invention. Figure 6 is an example according to the present invention with two bismuth immersed in a safe, consistent embodiment. Outline: i; channel-a program -An embodiment of the present invention is described by using a flow chart to introduce the abolition of a content shoulder == a method according to the Chu 7C picture system of the present invention. The 7C picture is an embodiment of the present invention 583568

A way to discover the device. Fig. 7D is a hug; ^ Shiwen Explodes an embodiment of the present invention and introduces a flowchart for evaluating a revocation list. J, according to an embodiment of the present invention, introduces two methods performed by an engine when it divides two lists. ^ μ 1 糸 According to an embodiment of the present invention, the results of the abolition of the listing are introduced. An embodiment of the present invention, a kind of organization content is introduced. FIG. 7G is a method according to the present invention. Fig. 7 is a program flow chart showing An / y ^, Ό, which shows an embodiment of a main control program. = 7, ⅠI introduces a process flow chart, which is a consistent example of a process for creating a software package, receiving software advertisements, and a storage unit (SKU). : ° is a flowchart of an application program interface () that introduces the playback function of the Con Tent Key 0 t rights management (CKDRM) according to an embodiment of the present invention. FIG. 9 illustrates a method for copying [CKDRM] application program interface (API) agreement according to one embodiment of the present invention. FIG. 10 illustrates a third-party digital profit management (TPDRM) copy method according to an embodiment of the present invention. FIG. 11 illustrates a method for recording content using the ContentKeyO digital rights management (CKDRM) according to an embodiment of the present invention.

Page 206 583568

The 12th ® is a method for releasing content lock according to one embodiment of the present invention. Figure 13 illustrates a method for copying an Application Program Interface (API) agreement of the ContentKeyO digital rights management (CKDRM) according to an embodiment of the present invention. Fig. 14 is a diagram illustrating the implementation of a method according to an embodiment of the present invention.

ContentKeyO Digital Rights Management (CKDRM) replication method, an engine whereby content is copied within this ContentKeyO Digital Rights Management (CKDRM) domain. Figure 15 illustrates a recording scheme according to an embodiment of the present invention. FIG. 16 is an introduction to the playback according to an embodiment of the present invention.

ContentKey0 A method of content managed by Digital Rights Management (CKDRM) 0 苐 17 is a more detailed playback method using commands according to an embodiment of the present invention. Fig. 18 is a flow chart showing an unlocking step of the cnntentKey digital rights officer (CKDRM) according to an embodiment of the present invention. Figure 19 illustrates a third party digital rights management (TPDRM) replication agreement using a flowchart according to an embodiment of the present invention. Figure 20 is a flowchart illustrating a method of third party digital rights management (TPDRM) copying according to an embodiment of the present invention. Figure 21 is an illustration of a read security element according to an embodiment of the present invention.

Page 207 583568 Schematic Brief Information (RSM) Agreement. Figure A-is a flow chart describing an agreement for the security of materials in accordance with one embodiment of the present invention. The writing of 2 2 B 0 is a flow chart describing a method of extracting according to an embodiment of the present invention. "," Pseudo-media "is used for the server, host, and" "to indicate a writing program. Use table 5 to create another one ^ into a women's full database. Figure 2 3 A introduces an embodiment of an architecture diagram engine interaction < Figure 2 3B introduces a flowchart Figure 2 4 illustrates a process Figure:

And a procedure for security metadata Figure 25 illustrates a procedure for setting up an e-retailer. Figure 26 is a flowchart of unlocking content by a consumer, #point ', according to an embodiment of the present invention. View Fig. 27 is an introduction to a field interface according to an embodiment of the present invention, which is used to introduce a user from the perspective of a consumer in addition to content locking. Don't know how to solve it. Figure 2-8 is a flow chart of the King Wen electronic for initiating an unlocking procedure in this SEC system according to an embodiment of the present invention. One thousand

Fig. 29 is an introduction (SEC) flowchart according to an embodiment of the present invention. The solid female all electronic brother 30 picture is an introduction to the available content types according to an embodiment of the present invention. Λ is taken on the media. Figure 3 1 Α is an example of a cross-shaped shape according to an embodiment of the present invention.

Figure 31B is based on a method presented in this article, an example of #Ga, introducing a user interface and a media tablet user interface, including a method to set 漦 Ή 漦 Ή 尨: the world connected by the disc Resource locator (URL).

Back, according to an embodiment of the present invention, a method of connecting to a server is described. Snap to a CKU Figure 32 is a method according to an embodiment of the present invention, which is requested by a client after connection.叩 Figure 33 illustrates a method performed by the master server according to an embodiment of the present invention. Figure 34 illustrates a method for introducing a web page and a CKU client server according to an embodiment of the present invention. Figures 3 and 5 illustrate a method for unlocking content locks from the perspective of a system according to an embodiment of the present invention. "Figures 3 and 6 show a method for unlocking content lock according to one embodiment of the present invention. 3 Brother 37 is a flow chart of a program that introduces a complete unlocking of transactions in accordance with an embodiment of the present invention. Fig. 38 is a flowchart showing a method for removing the inner valley lock according to an embodiment. Figures 3 and 9 show a flow chart for describing an object interaction between components. Fig. 40 is a flow chart describing the release of a transaction lock according to an embodiment of the present invention.

Page 209 583568

Brief Description of Drawings Figure 41 is a block diagram showing the interaction of objects between components. Schematic symbols · Figure 1

ContentKey Lock access restrictions a ContentKey

Lock access limited to 100 a content storage model

120 a Use only unmanaged content of the DataPlay File System (DFS) 130 a Use management content of the Non-ContentKey Digital Rights Management (DRM) 180 a Use only management content of the DataPlay File System (DFS) 182 a DataPlay slot system (DFS) and ContentKey Metadata Application Programming Interface 184 a ContentKey Metadata and Digital Rights Management (DRM) Playback Application Programming Interface 140 a Use ContentKey and another Digital Rights Management (drm) to manage content 150 a ContentKey Application Programming Interface 150 a ContentKey manage content 160 a DataPlay slot system (DFS) access action 170 a ContentKey access action

Figure 2 202 a Content Provider 204 a Replicator 20 6 a Server 2 0 7 a Information Station

Page 210 583568 Schematic description of 208 (1), 208 (2), 208 (3) a Engine 209 (1), 209 (2), 209 (3) a Media 2 1 0 a Connect to the host Content Key digital Rights Management 2 11 a Embedded Device Con tent Key Digital Rights Management Figure 3 0 2 a Inner Valley Provider decides the level of data preservation 304 a Tool and program to generate pre-recorded content

306 a Including the media determined by the content provider and its use 308 a Engine 309 a Application program interface 310 a Player 3 1 2 a Digital rights management 3 1 6 a Voucher host 3 1 8 a Voucher layers a Format encoding encryption Floor

320 a Certificate Management Center Foimat encoding encryption Figure 4 0 6 a Media 308 a Engine 3 1 0 a Host 4 0 2 a Application layer 4 0 4 a Dialogue layer

Page 211 583568 Brief description of the diagram 4 0 6 a Command data layer 4 0 8 a Data link layer 410 a Entity layer 4 1 2 a Uncertified 4 1 3 a Certificate 4 1 4 a Insecure 416 (1), 416 ( 2) a security 418 (1), 418 (2) a encryption-decryption 420 (1), 420 (2) a file system 430 (1), 430 (2) a ContentKey digital rights management 422 (1), 422 (1) 2) a protocol interface 424 (1), 424 (2) a physical interface 450 a block management device 4 5 2 a servo positioning action 454 a read / write action 46 0 a optical element 470 a file system (FS) file Data 472 a File System (FS) Metadata 470aContentKey Metadata Figure 5A Figure 502 File 5 0 4 a Metadata 5 0 6 a Open Application Programming Interface 508 a Security Application Programming Interface

Page 212 583568 Brief description of the diagram 510 a 512 a 514 a 516 a Security metadata action Thoroughly broadcast the case Read / write access to the certificate of the secure application 5 1 8 a Abolition method 5 B Figure 530 a Start the data access action through the firmware 5 # 32 a Avoid data access actions outside the firmware 5 C Figure 5 5 0 a Host receives the certificate (5 丨 4) 5 5 2 a Add content rights to the media 554 a Agree to access action under predetermined conditions 5 5 6 a Perform one or more of the following actions, which include: • checking another J channels, checking an abolition list; and unlocking the content μ Figure 7 0 2 a media 604 a engine 6 0 6 a host 6 0 8 a repeal list 610 a Content Key certificate with agreement public key record signed by DataPlay Certificate Management Center (CA) 612 a agreement private money I 626 a private key decryption

Page 213 583568 Brief description of the diagram 628 a Secure conversation key 6 1 2 a Confirmation signature 6 1 4 a Authentication host 6 1 6 a Pass? 6 1 8 a Random number generator 6 2 0 a Secure session key 6 2 2 a Public record encryption 624 a Agreement public key Figure 7A 8 a Engine 3 1 8 a Certificate 71 0 a Identification code 7 2 0 a Confirmation action 730 a Authentication engine 75 0 a Permit block decides multiple pass / fail permits 7 8 0 a Dialogue gold pass a pass global pass / fail a Global channel / fail Figure 7B Figure 7 0 2 a Destination receives credentials 7 0 4 a Use an identification code to authenticate the destination 7 0 6 a Transferring Dialogue Records 7C Figure 7 1 2a Perform revocation list evaluation during file access

Page 214 583568 Brief description of the diagram 714 a Access and repeal results in the slot case 71 6 a The revocation list will be listed by the media as π poison '' to avoid the player's proper player or manufacturer's equipment 71 8 a When the player is connected to the servo, update the revocation list 722 a — One or more signatures or more (_CKDRM) certificates signed by the key 724 a The revocation action is to abolish the early device Identification code or agreement line, specific product model Figure 7D 732 a When evaluating against the ContentKey content, according to the true and false 7 3 4 a According to the clause rules in group 736 a If any of the hosts listed in Figure 7E is abolished During the evaluation period, the replicas of each node are stored on the engine, and the main actions are performed. It is estimated that the revocation list can be used if the player is extended and has a defect or potential defect, is suitable or is The content is unlocked. The key revocation action is to revoke the use of a set of ContentKey digital rights to manage one or more of the following fields. The public key, the entire company, and the specific ^ = Digital Rights Management (CKDRM) certificate Function knot Construction of the """ data in the quantum sentence node The results of the syntactic node Why the abolition node is evaluated as true, then it is abolished

75 2 a Set period 754 a In the ContentKey Digital Rights Management (CKDRM) element, use the node count value to generate enough memory space. For each node in the abolition list, compare this node

583568

If each node in the revocation list is identical, then the DataP1ay file of the existing node will be killed. Ϊ =; The target is added to the ConnexKey Digital Rights Management (CK_). 'Then generate a new node 762 a with unique-Qiaocai Tianmu system identification code. The engine adds the new "饨 ^ # file system identification code value = ntentKey Digital Rights Management (CKDRM) metadata structure. 7 F Figure

772 a Each time a CKCMD-AUTHENTICATE command occurs, or when new media is inserted into the engine, perform an evaluation action on the abolishment list Abolished or not abolished status 778 a Evaluation results are stored in the abolished node structure column Figure 7G

782 a Use predetermined applications to organize content on the media 784 a Generate public identification code and cnntentKey Digital Rights Management (CKDRM) identification code 786 a Encrypted content file 7 88 a Add engine management content and playback rules, as the content owner Designate 7 92 a to add third party digital rights management (TPDRM) specific rules, as specified by the content owner

Page 216 583568

Add valid signature key list and abolish the list 794 a Figure 7H Figure 7 0 0 2 a Procedure starts asset and information procurement "7004 a Content provider new release procedure 7 0 0 6 a Content file (encoding) Metadata information Security information package software collects information 7008 a DataPlay or third-party writing process, writing ,,

7010 a DataPlay large memory file (MMF 7 mesh DataPlay large memory file (MMF) file) Behr description language (DDL) file safety information 7012 a DataPlay pre-recording program "pre-record 7014 a keycomp1ement.dd 1 7 016 a content .dd1 7fl8 a DataPlay media face is the original video production team on a tape 7020 a DataPlay ContentKey original video production server Golden Bell

Data setting procedure "Digital information exchange server setting" 7022 a DataPlay glass original film and stamping process, manufacturing, 7024 a DataPlay security database a key complement table 袼 7026 a DataPlay media Figure 71

583568 Schematic description of 7 0 2 8 a program start 7 0 3 0 a content provider package software setting and change program "package software definition, | 7 0 3 2 a package software displays graphics and information 7 0 3 4 a content. dd1 70 3 6 a Retailer (eTailer) package software and pricing setting and change process "Pricing Definition" 70 38 a Retailer (eTailer) security database-Package software, pricing and package software presentation form 8 Figure 8 1 0 a Host authentication 8 0 4 a Host transmits credentials for authenticating the host 80 6 a Engine transmits a session key 830 a Engine selects a playback session key 8 3 2 a Host receives an encrypted playback session key 8 3 4 a The decryption of the playback session is more than 840 a. The host receives the encrypted content 8 5 0 a The host uses the playback session key to decrypt the content. Figure 9 1 0 a Destination engine starts the authentication process 9 2 0 a The destination engine transmits the media identification code 93 0 a Key box 940 transmitting this destination a Encrypted content transmitting this destination Figure 10

583568 on page 218, "Simple description of the drawing" " --- 1 〇a Authentication host a allows the younger brother's digital rights management (T pdr μ) to specify the third party digital rights management (TPDRM) content required to receive 1030 a The engine responds to the valid request by transmitting the key 1 0 i 0 a. The second digital rights management (tpdrm) receives the content, which is encrypted using the key just sent. Figure I 1! 0 a Third party digital rights management (TpDRM), player, server, or information station II γ a source decides whether to apply the file system writing agreement or ContentKey digital rights management (CKDRM) recording agreement 1130 a to the content to be recorded ContentKey Digital Rights Management (CKDRM) agreement, part 1 of the transmission file format, which is to be encrypted and to use the ContentKey Digital Rights Management (CKDRM) to record the application program interface (API) for playback actions, 1 ± 0 a using the bidding system Application program interface (ap I), write part that you want to keep as unencrypted]. 2 Figure 1 2 1 〇a interactive identification process of source and destination 1 2 2 〇a source extraction The source media ID 123〇a source specifies the content to be unlocked and the complement key of the encryption key. U40a destination (such as Gongyi Engine) manages the request through the server according to the content provider's specifications. Sex Figure 1 3

Chapter 219

1320 a 1340 Use asymmetric encryption method to transfer host changes Did not pass the same session key Security check or the media popped out? TRUE a false 1350 a 1360 a Figure 1 4 Figure 141〇 a 1450 a 1420 a 1440 a 1430 a Figure 15 Yes No End Continue Source Engine Key Box Licensed Source File Destination Copy

51 〇a 1520 machine application decides the file to be imported 1540 2 host application decides the attributes to generate the broadcast system host application determines the destination directory DataPlay file system FS) dispose 1 560 a ic: 7n King Machine releases CKCMD_AUTHENTICATE 158. The engine returns a full security dialogue key 159. The host releases CKCMD_GET_CERTIFICATE 1592. The host confirms the engine and retrieves the public key # 1 592. Does the engine confirm and retrieves 1504? The machine generates the destination file. The machine generates the destination file. It releases DFSCMD_GETHANDLE to retrieve the disposal of the new file.-One'1-one page 220 583568 Brief description of the diagram 1 5 9 6 a host setting properties 1598 a host will Write to file 1599 a Host sends files in the data transfer process Figure 16 ', 1610 a Host player authenticates the engine 1 1 = Command sends CGn tentKey digital rights management in the packet 1 6 3 0 Key to respond 1 640 a to check the playback permission "1 6 5 0 a Use the playback dialog key to establish playback for each 1 660 a engine returns content ... Figure 17 Figure 1 Π〇a playback Determine the file to be played 1 720 a Engine and host identification to start a 174 〇 Engine returns the dialogue key 1 queen to establish a dialogue 1 760 a The engine returns to play the dialogue key 1 770 a Access content / 178 〇 A engine returns the content Figure 18 I860 a host specifies the slot to be unlocked 1 862 a host disposes of the lock file "is determined to be on the machine six applications to identify the engine by itself, and the certificate Han ~ > ContentKey Digital Rights Management for Reporting Parent Exchange Server

Page 221 583568

Schematic Description (CKDRM) certificate 18 66 a engine returns server session key 1868 a host authentication engine 18 7 0 a host confirms the engine and retrieves the public key 1872 a host issues a command to unlock the file 18 74 a The engine adjusts the lock attribute of the file 1876 a Host application checks the success of the transaction Figure 19 Figure 10a a third party digital rights management (TpDRM) self-authenticates the engine ... 1 920 a host transmits a third party digital Rights Management (TpDRM) certificate 1 9 3 0 a The engine uses a conversation key to respond a Second party digital rights management (TPDRM) retrieves secure metadata 1 95a The engine returns a key to decrypt the metadata and encrypt the metadata I 96 0 a Third party digital rights management (TpDRM) checks the permission, and returns the playback dialogue key and revocation list of the coffin case 1 9 7 〇a decrements the file value 1980 a engine returns the file content Figure 20

2010 a user inserts the source media into the engine 20 2 0 a host issues a CKCMD_AUTHENTICATE command to start a secure conversation 2030 a engine returns a secure conversation key 2040 a host issues a CKCMD_GET_METADATA command to retrieve the file

Chapter 222

583568

The diagram briefly illustrates the third party digital rights management (TPDRM) security metadata 2050 a engine return metadata-2060 a host issues a CKCMD_GET_DRM_COPY command to establish a powerful dialogue 2070 a engine returns to play the dialogue key and Abolish the list 2080 a host captures the corresponding content 2090 a engine returns the corresponding content Figure 21

2 11 0 a Host decides the file related to the metadata to be read 2120 a User inserts the source media into the engine = 130 a Host issues ckcmd_authenticate to start 2140 a The engine returns the session key to the active ^ 1 ^ & ^ The machine issues a command to retrieve the security metadata of the file in the host & W Engine returns the metadata. Figure 22A 2210 a 2220 a 2230 a 2240 a 2250 a 2 2 6 0 a 2270 a Figure 22B 2202 a Archival users who want to write metadata insert destination media into the engine == Publish CKCMD —AUTHENTI CATE to start secure conversation

51 Engine returns to the security dialogue. The host authenticates the engine. The machine confirms the engine and retrieves the public key. The host sends the file's security metadata. Performs a key box lookup.

Page 223 583568

Brief description of the drawing ^ ----- 2204 a key box for retrieving the file 2 2 6 6 a The engine determines that the media ID is written or pre-recorded 2 2 0 8 a Compares the key box connection ID flag and Key box side 2212 a Some or all functions of the revocation order 23A Figure 2398 a Device connected to a personal computer (PC) 2 3 0 2 a Media 2304 a Device 2306 a Engine 2 308 a Universal Serial Bus (USB) port 2312 a Universal Serial Bus (USb) driver 2314 a Installable file system 2316 a Secure Access Channel (SAC) 2 3 1 8 a Web browser 2322 a CKU client 2 324 a eTailer The generated dynamic webpage 2326a content management device, 2328a automatically performs processing 2332a Hyper File Transfer Protocol (HTTP)

2.334 3 Secure Access Channel over Hyper File Transfer Protocol (HTTP) (SAC 239 6 a 2354 a eShop iSub-Retailer (eTa i 1 er) Application Server Hyper Document Markup Language (HTML) and Graphics User interface

Page 224 583568 Graphical Simple Description (GUI) generator 2338 a software package display and pricing 2344 a consumer management 2346 a dialogue management 2348 a credit card authorization 2342 a digital information exchange server (DCS) interface 2342 a database connection layer 2356 a database 2358 a consumer database 2352 a package software and pricing database 2364 a dialogue and transaction database 2360 a hyper file transfer protocol (HTTP) 2394 a digital information exchange server (DCS) 236 6 a CKU server 2 368 a CKU original film production server 2370 a key complement database 2372 a transaction database 2374a ContentKey server 2378 a communication protocol or application programming interface (API) 2380 a key mapping database package software 2376 a integration Object 2399 a Information exchange server 2382 a eTailer interface 2 3 8 4 a Digital information exchange service

Page 225 583568 Simple illustration 2386 a package software database 2388 a consumer and electronic retailer (eTaUer) database 2 3 9 0 a consumer database 2392 a dialogue and transaction database 23B Figure 2310 a Compiled in the media 2320 a Include secondary content? 2330 a Includes the key on the content-locked media 2340 a Collects and adds the key complement, information, and supply to the database 2350 a Distributes the unlocked content to the media Figure 24 2a Program start 2404 a Content provider Open a new version of the program " Procurement of assets and information 2 4 0 6 a Content files (encoded), metadata information, data security information, packaged software collection information, 2408 a DataPlay or third party writing procedures, write 2410 a DataPlay Mass Memory File (MMF) directory structure,

DataPlay Massive Memory File (MMF) Data Description Language (DDL) files, safety information 2412 a DataPlay pre-recording process, pre-recording n 2414 a KeyComponent.ddl 2416 a Contents.ddl 2418 a original version on the tape of DataPlay media side Video production / setup page 226 583568 Schematic description of 2420 a DataPlay ContentKey original video production feeder golden balance setting process "digital information exchange server setting" 2422 a DataPlay glass original video production and stamping process "manufacturing ”2424 a DataPlay Security Database One Gold Complement—Form 2426 a DataPlay Media Figure 25 The program starts the valley provider package software setting and changes the procedure, the package software is set to 2502, within 2504; meaning 丨 丨 2 5 0 6 a Package software display graphics and information 2508 a Contents.ddl 2510 a e-tailer (eTail) change procedure " definition definition " for clothing rights and price setting and 2512 a e-tailer (eTaUer) ^ price and package software Presentation form, software package, > FIG. 26 ° 2610 a Presentation 2620 with unlocking a satisfactory solution Locker 2 630 a sends the key complement to the engine 2640 a. The engine changes to dismiss the picture 2 7 in order to respond to the problem. Figure 2810 a key complement database 2820 a transaction database 583568 Simple description of the formula 2830 a Abolition of the list database 2 84 0 a CKU original video production server 2 8 5 0 a website server 286 0 a CKU server 28 70 a and the same brand user interface component database 2880 a supply Database 289 0 a Transaction database 2896 a CKU client 2892 a Web page 2898 a DataPlay engine 2894 a DataPlay host device Figure 29 9 1 0 a Record label / retail brand website 2 9 2 0 a Supply 2930 a Transaction 2940 a Unlock 2950 a personal computer 2952 a DataP1 ay engine 2 9 6 0 a clearing house website server 2970 a secure ContentKey server (DataPlay) 2980 a certificate management center (LMI) 2972 a DataPlay secure gold record database 2980 a transaction Database 2 9 7 0 a Supply database

Page 228 583568 Brief description of the drawings Figure 3010 a DataPlay disc side A a A side s i d e B a B side 3020 a Main content

Newest Album a latest record 3030 a minor content early release a early interview bonus interview a bonus view video a video tertiary content a third content downloaded release a download version 31A Figure 3110 a main transaction Primary content a main content Newest Album a Latest Records Side A a A Side S i de B a B Side

Secondary content a Earlier release a early version Bonus interview a bonus review V i d e o a video 3140 a secondary transaction 3 1 5 0 a Security Clearing House

Chapter 229

3 1 5 1 a Consumer unlocked content Figure 31B Figure 3122 a interface determines whether there is 3132 a User previously: Dagger = supply to consumers? Various types of media for this media should no longer be seen. 3 1 3 3 a Ending content identification code (SCID) and lock 3142 a Interface determines the side status flag of the media 3152 a Unlocks the server bit based on a digital key. Address and related (in DRM) Aitani = recorded in 4 sequence on the media) to connect-a global resource +: L, Asia to send data to the server (such as by querying the Global Resource Locator (URL) Words and Telegrams 7. Pulling the global resource positioning 丄 Heart related to the serial number of the rejected supply 3160 a Does the media not have locked content or requests? 3180 a Performs a play method 3182 a Presents various supplies Figure 31C 3 11 4 a Set up the driver of the connected device 3124 a Connect bow and take the ContentKey Digital Edition Management (CKDRM) certificate 3 1 26 a Use, for example, the slot mode group (such as: BSD /

WinSock and SOCKET-STREAM mode group) to connect to CKU server

Page 230 583568 Simple illustration of the diagram 3128 a Waiting for confirmation from the CKU server 3134 a ContentKey Digital Edition Management (CKDRM) certificate of the transmission engine to the CKU server

3144 a Receive the ContentKey Digital Edition Management (CKDRM) certificate from the CKU server 3154 a Use CKCMD-AUTHENTICATE to send the server certificate to the engine 3164 a Retrieve the ESessionKey and send it to the CKU server

31 74 a The server retrieves the unlocked content and sends it to the engine using CCKMD — UNLOCK — FILES 31 8 4 a Reports the status of the unlock operation to the feeder 3194 a Updates the playlist on the media. Coupling engine to include newly unlocked content Figure 32 3202 a 3204 a bit right 320 6 a code for SCID (DFS) 3208 a 3210 a information 3212 a CKU server confirms that the client is connected to the CKU server by the user The client receives a engine ’s cnntentKey number management (CKDRM) voucher and session identification code (Sessioon ID). ContentKey digital rights management (CKDRM) uses the session to identify the key or key, and receives the side content identification code from the transaction database

) And want to perform the unlock action]) 31: 3 {51 acridine file system file disposal 'CKU server connection CKU original video server CKU server waits for CKU Dundan / uh ^ ^ inch line original video server connection confirmation CKU server sends ^ ^ of servo 3 !, Co n tent key digital rights management for U server

Page 231 583568 Simple illustration

(CKDRM) voucher, Engine ’s ContentKey Digital Rights Management (CKDRM) voucher, media side content identification code (SCII)), and “饨 ^” rights case system (DFS) building case are disposed to the original movie c κ U server 3214 a The CKU temple server receives the gold record complement from the CKU original video server. In one embodiment of the present invention, the key is an encryption operation using a public key of the server. 321 6 a CKU server | § Confirm the receipt of the original CKU video server 3218 a The CKU server interrupts the connection with the original CKU video server 3220 a The CKU server sends the server ’s cOntentKey Digital Rights Management (CKDRM) certificate to the user End 3222 8 () 1 (11 > [The server is connected to you by the user 1;? (;! · Chuanguangnuo receives bSessionKey, which can use the public balance of the CKU server to perform encryption operations 3 224 a CKU server The device uses the private key "Renren 399R. Γ1Π 丨 π server-m Renshan key pair to decrypt the live key 3226 a CKU servo benefits decrypt the key complement 3228 a CKU server generates Γ, Ren Jiong, Zhuang α 徂 徂 蚀 蚀 蚀 Random gold ore used to re-encrypt the gold record complement ^ 耩 for unlocking ability 3 2 3 0 a to allow the CKU feeder to win one sentence spear J Encryption operation for unlocking records and performing full inspection only ~ i Compilation number 323 2 a CKU server uses the public records of the encryption operation engine to establish CKCM for unlocking records 3234 a CKU server]) It sends UNLOCK_FILES data to the client and sends 3236 a CKIM server Establish Zijindou 3238 a CKU server sends data part of the message authentication code to the client (MAC)

Page 232 p3568 Schematic description " ~ " " 1 ------ 3 24 0 a CKU server receives unlocked content by the client 3 242 a Marks the transaction status in the transaction database 3244 a CKU The server interrupted the connection with the client 3245 a. After the fKU client received the instructions to complete the unlocking, the website " server completes the financial transaction. Figure 33 Figure 3310 a. The original video server accepts the connection to the CKU server 3320 a The original video server confirms this connection action 3330 a The original video server receives the CKU server from the CKU server

ContentKey Digital Rights Management (CKDRM) voucher, engine's σ

ContentKey Digital Rights Management (CKDRM) voucher, media profile identifier (SCID), and file handling of the DataPlay file system (DFS) v, 3 3 34 a Original video server use, for example, message authentication code (MAC ) And Public Key Infrastructure (PKI) signature check to confirm the validity of the two certificates ^ 3 3 3 6 a The original video server checks the revocation database to confirm that there is no revocation certificate pending 3 3 4 0 a Original video server The device retrieves the requested record complement from the record complement database 3350 a The original video server uses the public key of the CKU server to encrypt the key complement 3360 a The original video server sends the encrypted data to cku server 3370 a original video server receives confirmation message from CKu server, and

The diagram on page 233 briefly explains the interruption of the connection with the CKU server. Picture 34: Access to format the global resource locator (URL) in the media, access to the global resource locator (3L), or disk media. · 3420 a㊉ Client presentation sentence includes right:: Ball source locator (fox) Except the content status query string 哉 biema (sc ID) and solution 3430 a web server uses the supply and use to create a web page to Various types | The surface material warehouse is paced with 3440 a web server "down" * ☆ y brother, consumer, client is performing unlocking action "web page to 3 4 5 0 a unique unique web server Helmet — (SessionID), which can be used to re-transform, talk, and ID transactions can be used to execute the 3454a web page embedded CKU client end, ^, yan (scriPt) The notification CKUm ^ includes the client-side descriptor 3 4 5 6 a. The web server stores this copy of the awn + w ^ two side content identification code (SCID) and ^ DataPiay Building Case System (DFS). Is the father, the conversation in the database identifies the stone horse (Sess to the CKU server Object use 51 measures Figure 35 Figure 3 = 夂 Send a web page to the client, the client is based on the session identification code (SeSS10nID), the IP address of the side content server: PORT address

Page 234 583568 Schematic description of driver for 3512 a CKU client setting device, which includes media with content to be supplied 3514 a CK certificate for CKU client acquisition engine 3516 a CKU client establishment connection 3518 a CKU server accept The client enters the connection and uses a confirmation message to confirm the connection. 3 52 0 a CK certificate and Session ID of the CKU client transmission engine to the CKU server 3 52 2 a The CKU server responds with a confirmation or resend message 3 5 24 a CKU server sets the corresponding record in the transaction database 3536 a CKU server connects to the listening port of the original CKU video server 3 5 38 a The original CKU server accepts the connection and responds with a confirmation message 3 54 0 a CKU The server combines the message packet to request the key and send the money to the original CKU video server 3 54 2 a The original CKU video server responds with a confirmation message or resends the message (if any problems occur) 35 44 a CKU original video server certification And rejection engine and CKDRM certificate service port 3546 a CKU original video server checks whether the certificate exists revocation database 3548 a Certificate is invalid or abolished, CKU original movie server responds with an error message w μ 3550 a certificate if valid, CKU original movie database servers connected by a number of gold lose up to capture and encrypt action

Page 235 583568

The key complement is received by the CKU server to confirm the receipt of the data. The CKU server responds with a re-request. 35 52 a CKU original video server sends money 3 5 54 a The CKU server retrieves the key complement, 355 6 a if the data does not match or is received Error, send message to send CKDRM certificate to CKU with 3 5 58 a CKIM server uses authentication message client 3 560 0 a CKU client responds to confirm or resend message 3 5 6 2 a CKU user 鳊 creates authentication command packet Send to the engine through the driver 3 5 64 a The engine responds with an encrypted conversation record 356 6 a The CKU client sends the conversation key to the CKU server in the conversation key message 35 68 a The CKU server responds with the server The server confirms or resends the message 3570 a The CKU server uses the private key to decrypt the conversation key and the key complement 3 5 7 2 a The CKU server generates a random gold record 3574 a The CKU server sends an unlock message to the CKU client 3576 a CKU client responds to confirm or resend the message 3 5 78 a CKU client sends an error or unlocked completion message to the CKU server 3 58 0 a CKU server signals the unlocking of the transaction database Operation state, and interrupts the connection with the UE CKU 3 59 0 a CKU page transmitted by UE events to an event handler, and the transaction into the status report to a web page display 3592 a transaction status

Page 236 583568

Figure 36 3 61 0 a The engine receives the key and the key complement of the key box 3620 a The engine performs the key box lookup operation 3630 a The key system in the key box is unlinked and decrypted 3 6 4 0 a Gold Record is reconnected, encrypted, and locked. Figure 37. 3702 a. Program starts. 3704 a. DataPlay media is inserted into the DataPlay boot device. It is connected to a personal computer (pc) through the universal serial bus (USB) port. 3706 a is automatically executed. Dispose of 3 708 a Content-Locked Content Management Device Presentation 3710 a ContentKey Entry 0 (Not Required) 3712 a ContentKey Login 3 71 4 a Set of Software / Pricing Presentation—Consumer selects content to unlock 3 71 6 a Enter bill and / Or Consumer information questionnaire 3718 a Presentation of transaction summary 3720 a Credit card authorization (optional) 3 7 2 2 a Digital information exchange server notification 3724 a Presentation of ContentKey activation status 3726 a ContentKey engine and server identification 3728 a Gold record Complementary table lookup, transmission, and writing 3730 a Contents.ddl slot update 3732 a ContentKey transaction completion event

Page 237 583568 Schematic description 3734 a Electronic retailer (eTailer) transaction completion notice 3 7 3 6 a π Congratulations π Presentation of the web page Figure 38 380 2a Digital Information Exchange Server (DCS) Order Management Server Insert with Records without or without a media identification code DCS — STAGE form 38 0 4 a The Digital Information Exchange Server (DCS) order management server generates a web page where a CKU client uses a transaction identification code as an example 3806 a CKU The client obtains the Engine ’s ContentKey Digital Rights Management (CKDRM) certificate 3808 a CKU client obtains a unique media identification code (if not already created, then this engine executes) 3810 a CKU client obtains the ContentKey digital rights of this server Management (CKDRM) certificate 3812 ^ The CKU client uses the ContentKey digital rights officer (CKDRM) certificate of the CKU server to obtain this session session record (ESessionKey) 3814 a CKU client generates a final unlock request, thereby Authenticate and / or update this DCS STAGE table with media identification code, # 别 γ 加 引Get this file and ask for it / ren Yu ,; ^ / 口 ^ ^ Don't do it each time, koubao tired disposal / key complement / version list, and Bai Ai this file combination to take ~ and cover 3816 a CKU The client enables the engine to send 3818 a CKU client to send the wrapper file to decode the content. The final transaction combination is sent to the engine, and the lock action status message is sent to the server.

583568

And Ya showed a "transmission completed" to the consumer / user, and the message was sent from (DCS), so a solid notice of sadness, Yuri · I, Shijiashan Yueya, and deleted the old DCS STAGE. Record and update transactions-Figure 39. 3902 a engine 3904 a CKU client (implied browser) 3906 a CKIM server (3 java servlets) 3908 a digital information exchange server (DCS) 3 91 0 a CKU original video (Java category) 3912 a C ++ Library 3914 a DataPlay (DP) data security database 3916 a Brand webpage with CKU client embedded 3918 a DCS —STAGE (transaction identification code, pc id, package) Software Stock Unit (PackageSKU), Selective Media Identifier 3 920 a CKCMD_GET_CERTIFICATE 3922 a Engine Certificate 3924 a DFSCMD_GET_MEDIA_METADAT 3 926 a Unique Media Identifier 3928 a HTTP Host 3930 a GetServerCert Program (Servlet) 3932 a String GetServerContentKeyCertificate () 3934 a string GetServerContentKeyCertificate () 3 9 3 6 a certificate or error certificate or error

Page 239 583568 Simple illustration of the diagram 3 9 3 8 a certificate or error 3940 a CKCMD—AUTHENTICATE (temple server, certificate) 3942 a session key (ESessionKey) 3944 a HTTP announcement: session record (ESessionKey), engine certificate , Media ID, transaction ID 3946 a Unlock Content program (Servlet) 3948 a string UnlockContent (ESessionKey, engine certificate, media ID, transaction ID) 395 0 a P —KEY (transaction ID , Media identification code, password, and result combination rotation) 3952 a result combination (one key and one version of the case) or error 3954 a 3956 a 3958 a 3960 a 3962 a 3964 a 396 6 a 3968 a 3970 a 3972 a Figure 40 4002 a string WrapFi leSet (conversation key, engine certificate, file group, key count, media identifier) Wrapped file combination or wrongly wrapped file combination or wrongly wrapped file combination or error CKCMD_UNLOCK_FILES ( Package file combination) Success message, authentication success message, or failure message HTTP announcement: transaction ID and status message Update Status program (Servlet) Update SQL syntax (transaction ID, status message) UpdateStatus (transaction ID, status message) Receive media including locked content

P.240 583568 Brief description of the diagram 4004 a Automatic execution of disposal (or content management device) requirements and obtain a content.ddl broadcast 4006 a Automatic execution of disposal (or content management device) Scan content · ddl file to obtain package software collection Identification code (PackageCollectionID), package software collection inventory unit (PackageColectionSKU), unlocked global resource locator (UnlockURL), main package software inventory unit (packagesKU) list and commercial μ body identification code, and a previous release Locked package software inventory unit (PackageSKU) 4008 a Automatically perform processing (or content management device) additional data to this king ball resource locator (URL), and open the default browser to display this e-tailer (eTailer) A generated web page 4010 a e-tailer (eTai 1 er) presents a series of web pages to the user / consumer, so as to perform an e-commerce transaction 4012 a to wait for the user / consumer to complete the transaction (such as a button and prompt the e-retailer) After that, the e-tailer (eTailer) was required to notify this number of the 72 unlock transaction. The e-tailer (eTailer) sends pciD and a set of software inventory units (DCS) that are to be unlocked. The number of digital exchange servers (DCS) is 4014 a. (DCS) subscription-a unique-unique transaction identification Shima, and :: Lifan pieces of production insert-a record. & In this match, Pui ’s suit has-deleted LL value, the media identification code is unknown, so it will have

4 01 6 a This digital user or user / consumer goes to the field server (DCS) to respond to a failure message device (URL), and * unlocks the contents of a global resource location locked by a global resource. Retailer (eTailer). The URL (URL) painted by the cancellation server (DCS) includes the transaction ID 4018 a generated by the digital information exchange 4ni0. The electronic information is also released, and a final confirmation page including the cancellation W (eTailer) is released. ^^ Global Resource Locator 11 (Hunger) Instruction 41 Figure 4102 a Engine

4104 a Automatic execution of disposal 4106 a Electronic retailer (implied browser) 4108 a Digital information exchange server (DCS) order management server 411 〇a Digital information exchange server (DCS) order management information ^ 411 2 a Digital information exchange Magneto-magnetic insertion event of server (DCS) element 411 4 a

4116 a DFSCMD-GET-FILE 4118 a Return to Contents.ddl Audit 4120 a Internal logic circuit 4122 a `` Shopping cart '' web page 4124 a HTTP announcement (PC ID, software package list) 4126 a Insert SQL syntax (transaction identification Code, PCID, package software identification code) 4128 aUnlock the global resource locator (URL) or failure message

Page 242 583568 Simple illustration of the fixed action 4 1 3 0 a π Unlock Designation "Web page 1Η111Ι

Chapter 243

Claims (1)

583568 6. Scope of patent application 1-A secure electronic content system, the system includes: a controller 'which includes an interface element; a host system which is coupled to the controller, the host presents the internal $ under predetermined conditions, the host "The system can and is configured to operate. The host system further includes a system management v2 protocol to operate with the following elements, including: 'Eight available-related elements whose architecture is controlled by the host system at least: translator' Its structure is to provide meaning and generate the host :: execute; order; order at least one first digital rights management (DRM) element in the residual system, add content coding and access rules; and "timber structure to provide the file A system element, which includes a file system application, is structured to provide a logical boundary between a plurality of elements. The system is as described in Patent Application Scope lJS. The host system and the controller can be used to make / make a media, which is to hold the content in a file, which can be accessed through the first media media, the file system element, and the following: DRM) for access. First digital rights management 3. Use the first digital rights management (Dr ^ l, j ,, Chinese, as described in item 丨 of the scope of patent application), the content is profitable, and use the second digital rights to manage the (_) element. One of the components to manage. Components and file system page 244 583568 6. Application for patent scope 4 · The system described in item 3 of Shen Qing's patent scope, where > Rights Management (DRM) component system Through a secure application ^ the first digit to access the access action of the pre-recorded content on the media (API) 5. The system described in item 3 of the scope of patent application, its s. F profit: management (DRM) The components are managed via a security application program interface (Ap "B-priority" (pre-recorded content access on the DRM body) that is associated with the first-numbered-two-valued value. The system described in item i of the patent scope, i is available—a computer system is used to operate the host δ host system ’s brain system to avoid access to the content. The machine system uses the electricity as described in patent application scope 2 The system described in the above, using the host The system can be operated and manufactured in the system. The system can be two media discs as described in item 丨 of the scope of application for patents. It also includes an engine. The systematic approach to the engine is to include the predetermined metadata, which has no security layer. Ding Zi action, the engine is structured to provide an encrypted 9 series = U; Fan's system, where the host system refers to the engine component The system includes pre-determined metadata, which includes 71 access operations. 10 · — A method to secure the electronic content interface-the controller provides the data method. The method includes: • connecting-host system input: and output; and The content is presented below, and the host system is constructed using #Theft to schedule the agreement to operate the host system. Page 245 583568 A host management device is operated on the host system to: & 1 The host system is operable to construct a related element to be used by the host system at least. Construct a translator to provide meaning and generate the two executions. First digital rights management (commands in DRI ^ system; encoding and access rules; and everything to provide the content framework a file system element, which includes an archive (API) to provide between multiple elements-logic 1 Application program interface as described in item 10 of the scope of patent application ^ Second. The host system and the controller to operate a media. Including 'the use of the r by the first digital rights: the tube and the first digital core Profit management (at least one of DRM, -pieces for access. M) Where 1 2 · Reuse the first digital rights management (DRM) component and == is a management (DRM) element, using the first digital rights management ^ drm bit, and using the second digital rights management (DRM) element and one of the 7 system elements for management. 1 3. The method as described in item 2 of the patent application scope, wherein the first rights management (DRM) component manages access to pre-recorded content on a medium via a secure application program interface) . 1 4. The method as described in item 2 of the patent application scope, wherein the second digital rights management (DRM) component is a secure application programming interface (API) connected to the first digital rights management (DRM) component. ), So right Page 246 583568 6. Scope of Patent Application 1. The access to pre-recorded content on the media is managed. 15 · The method as described in item No. 0 of the scope of patent application, wherein the upper system can use a computer system to perform the operation, and the host computer and the host computer system are computer systems to avoid access to the content.糸 、 Firstly, use the 16 method. As described in item 10 of the scope of patent application, you can use a computer system to perform the operation. The controller ^ controller controller host system to avoid the content. Access action. The method described in item 17 of the scope of patent application can be used, and the main virtue can be used in the media film of the price of 0, 5 and 0.彡 Host system 心 heart work, and the control system _Media Disc 1 8. As described in the scope of the patent application, the system also includes-engine components, the engine components include pre-secondary, host system It is not possible to perform access operations outside of this engine, the engine :: its security layer. $ 朱 筑 以 & for one plus 19. According to the method described in item 10 of the scope of patent application, the i system can be coupled to a servo piano directly equipped with one engine element in the eight DX mainframe system :, :; Integrate: Provide encrypted data to the master and h: engine, the engine components include predetermined metadata, ... method to perform access operations outside the engine. One kind of media is a media disc. Unauthorized action of encrypted data. The disc includes the first part of the pre-recorded content and the second part of the written ^ valley. The method includes ... An identification code on a sports disc. In this case, the identification code includes to: t: it is located in the first part of the pre-recorded content, the first part of the name written in the internal content, and the first part of the pre-recorded content. And write Page 247 583568 VI. One of the second part of the scope of patent application; Determine whether the identification code includes a section, which is located in the written content; ^ Brother one than the vehicle owner, the identification code and at least one reservation Type identification, in which an area is located in the second part of the written content; and if the identification code is one of the at least one predetermined type of identification code, an unauthorized action is detected. Zhen 21 · The method as described in Item 20 of the scope of patent application, wherein the reading action of the identification code on the media disc is during a media disc access operation period, which includes recording, playback, and acquisition Play at least one of Kim Won, copy, open, > 5 lacquer command 7 / Λγ-VS, close between 丨, _ η, and generate action. 2 2. The method as described in item 21 of the scope of patent application, wherein the function of the media access disc operation is to abolish the check after detecting the unauthorized action. 23. If item 20 of the scope of patent application The method, wherein each identification number of the identification number is related to both the media and the written content file, and the side file includes the pre-recorded content 24. Such as the scope of patent application No. 2〇 The method according to the item, wherein an identification code of the content is recorded in 3, and the identification code is written in a position on the media disc. 25. The method as described in item 20 of the scope of the patent application. Film series-media disc #, a disc, a digital video and audio media other disc: one of the storage media. Shore and other digits 26. The method as described in item 20 of the scope of patent application, wherein the identification code Page 248 583568 ---- 6. The scope of the patent application ί is pre-recorded on the media disc, and the media disc is pre-recorded 〇 = · As described in the 20th method of Shen-eye patent scope Among them, in the predetermined category, one of the contents does not write an identification code, and the identification code relates to a position of the write 2 inner valley on the media disc, which is unique to the media disc. 2. The method as described in item 20 of the Shenhu patent scope, wherein the identification code is a seed of a key generator, and the key generator retrieves at least one key from a key box, These keys are used for at least one of unlocking and decrypting files on a media disc. 29. The method as described in item 20 of the scope of patent application, wherein the identification code is retrieved by two media discs and used in a bow to perform an authentication function, and the function is to execute the identification code Compare the actions of a predetermined type of identifier and detect an unauthorized action. 3) The method as described in claim 20 of the patent scope, wherein an unauthorized subscription of the detection action results in an authentication function that provides a failure indication. 3 1 · The method as described in item 21 of Shenyan's patent scope, wherein an unauthorized actuation of the detection action causes the function of the media disc access operation to be discontinued. 3 j. The method as described in item 20 of the scope of patent application, wherein the method of detecting unauthorized actions occurs when a media disc 'is accessed under a digital rights management agreement using an engine. 33. The method according to item 20 of the scope of patent application, wherein the identification code is located on a media disc, which can be coupled to a host, the host being a Read the I 丨 Read the speech and the identification name 583568 6. Scope of patent application? 丨 engine, embedded-bow 丨 engine-installation I, a certain, an open computing environment ^ ^ brother digital rights management One of the server. w Use a private type and a clearing house I 34 ·: a type of detection on a media disc, the media disc is included, the section of the unauthorized operation of the equipment :; the use-the second part, the :;-The-part of the content and the writing device for reading the media magnetic code includes at least _ P p identification code, where the identification points, written content = 4; the content of the first -Part: Dividing and writing the second u; Recording the content first-Zhong Ruo 哕: Two: t The identification code and at least one predetermined type of identification code, its section, which is located in the written content The second device uses an unauthorized part of the second part of the second part; and ^ ^ α to detect an unauthorized action, if the identification code is the at least one pre-type identification code One of them. 2 · The device as described in item 34 of the patent application scope, further including: "clothing device" is used to determine whether the identification code is a pre-recorded identification code, or an identification code with a combination of pre-recorded data and written data One copy 3 6 · The device as described in claim 34 of the patent scope, wherein the device of reading-unique code includes a media disc access element. 37. The device according to item 34 of the scope of patent application, wherein the device of another code is operated during an access operation. 38. The device according to item 34 of the scope of patent application, wherein the identification is one of a plurality of identification codes on a media disc, and each identification code is related to Chapter 250 583568 --——. Scope of patent application At least file speed on the disc ’These files include one of pre-recorded content and written content. … 39. The device according to item 38 of the scope of patent application, wherein at least one of the identification codes is unique to the media disc. 40. The device according to item 34 of the scope of application for a patent, wherein the identification code is a seed of an encryption key box, and the key generator uses the identification code to retrieve at least one key to match one Unlock the files on the media disc. 41 · An engine designed to detect unauthorized actions on encrypted data on a media disc, the media disc includes a first part of pre-recorded content and a second part of written content. The engine includes ... A firmware component is disposed on a special-purpose integrated circuit (AS IC). The firmware component includes a block that is structured to read an identification code on the media disc, wherein the identification code Includes at least one section, which is one of the first part of the pre-recorded content, the second part of the written content, and the first part of the pre-recorded content and the first part of the written content; a box, It is structured to compare the identification code with at least one predetermined type of identification code, where if the identification code includes a section, it is located in the second part of the written content and in an area of the second part of the written content Section is not awarded Rights; and-a block 'which is structured to detect an unauthorized action' if the identification code is one of the at least one predetermined type of identification code. 4 2. —A kind of computer program product, the computer program product includes: Page 251 583568 6. The patent-bearing signal-bearing media carrying digital information includes programs. The digital information includes: a block that reads an identification code on the media disc, where the identification The code system includes at least one section, which is one of the first part of the pre-recorded content, the second part of the written content, and the first part of the pre-recorded content and the second part of the written content; A block that is structured to compare the identification code with at least one predetermined type of identification code, where if the identification code includes a section, it is located in the second part of the written content and in the second part of the written content A section is unauthorized; and a block is structured to detect an unauthorized action if the identification code is one of the at least one predetermined type of identification code. 4 3 A method of identifying a location that is associated with a manufacturer of a media disc, the media disc holds content, the method includes: providing instructions for the media disc; on the media disc During the installation of the film to a host according to the instructions, an identification code is installed on the media disc, the identification code includes a code associated with the manufacturer; and After the round data is transmitted to a server, the identification code is read to find a location associated with the manufacturer, the location is related to the manufacturer of the media card and is independent of the manufacturer who is not associated with the media disc. Any manufacturer. 44. The method according to item 43 of the scope of patent application, wherein the instructions for the media disc include: identifying a manufacturer who purchased the media disc. 4 5 · The method described in item 43 of the scope of patent application, wherein the media is purchased Page 252 583568 6. The identification action of the manufacturer of the patent-applied volume disc includes: providing a code, a global resource locator (URL) in these instructions, and an encryption associated with the manufacturer One of the keys and one of the cryptographic keys associated with the manufacturer. 4 6. —A system for identifying a location that is associated with a manufacturer of a media disc that holds content. The system includes: instructions for the media disc; and a software installation component , Which is related to the media disc, the software installation element can be exemplified during the installation of the media disc to a host according to the instructions, and the software installation element is operable to install an identification code on the media disc The identification code includes a code associated with the manufacturer, and the identification code relates to a location of the manufacturer, so that a connection between the host and a server can be operated to open the location. 47. The system as described in item 46 of the scope of patent application, wherein the instructions of the media disc include: identifying a manufacturer who purchased the media disc. 4 8. The system according to item 46 of the scope of patent application, wherein the identifying action of the manufacturer who purchased the media disc includes: providing a code, a global resource locator (URL) in the instructions ), One of the cryptographic records associated with the manufacturer, and one of the cryptographic records associated with the manufacturer. 49. The system according to item 46 of the scope of patent application, wherein the location is an Internet location that includes a webpage to unlock the stored content on the media disc, and the Internet location provides Selective supply to enable the manufacturer to buy on the Internet. Page 253 583568 50. For example, the system described in Item 46 of the scope of patent application 'wherein the host is an engine, a device embedded with an engine, a third-party digital rights management agreement, and an open computing environment. One of the apps. 5 1 · —A method for identifying a position by a media disc, the media disc including at least a writable part and a rewrite part, the method includes: writing the position to the writable part ; Distribute at least one media disc to at least one entity, the location is related to the media discs to the entities; and, If one of these media discs is unloaded, the location is changed according to predetermined conditions. 52. The method according to item 51 of the scope of patent application, wherein the location is a global resource locator (URL), and wherein the predetermined conditions include: determining a market share of one of these entities. 5 3. The method according to item 51 of the scope of patent application, wherein the change of position is performed by a content provider that receives the media discs, including at least one media disc, and After the change, the returned media discs are distributed to the same or different entities of those entities. ’ 54. The method as described in item 53 of the scope of patent application, wherein the distributing operation is based on a lease contract of one of the media discs, and the lease contract is the return of unsold media discs. 5 5 ·· ^ A system for identifying a location, the system includes · a media disc having at least a writable portion and a non-rewritable portion. The media disc is to write the position to the frame. Write part;… knife 'to distribute at least one media disc to at least the entity, this position is related to such media Page 254 583568 6. Scope of patent application -------- body discs to these entities; and if one of the 4 media discs returns to the day guard ', the position will be micro-scaled according to predetermined conditions. ′, Ai 56. The system according to item 55 of the scope of patent application, wherein the media disc is one of a media disc, an optical disc, a digital video disc, and other digital storage media. _ 57. The system as described in item 55 of the scope of patent application, wherein an identification is recorded in advance on the media disc, and the media disc is pre-recorded, and the present identification code is provided to the location / link. 'μ 5 8 · —A computer program product, the computer program product includes: a signal bearing medium, which has a program, is used as a model during the installation of the signal bearing medium to a host according to instructions and ^ install an identification Code to the signal bearing medium, the identification code includes a type code associated with a manufacturer of hidden content on the signal bearing medium, the identification code is associated with a location of the manufacturer, so that the host and the One connection between the two servers is operable to open the position. 59. A method for changing security information on a storage medium, the method includes: establishing a secure conversation with a host; receiving; receiving, through a communication channel, unlocking the security information The content storage model is managed; and = T 王 二 料 进 定 Unlock, where the order is in response to the order of the media ', the identification code is structured to manage the access action of the security data, and at least one The content storage model is a secure content management device. Page 255 583568 6. The scope of patent application for establishing a secure dialogue system includes the method described by the host through the k channel to distinguish the host. Among them, establishing a 60 with a host · The method described in item 59 of the scope of patent application Among them, it is built with a host "~ called, ○ ·· CW 6 1 · A secure dialogue system as set out in the scope of patent application No. 59 includes: transmitting authentication information to this host. 62 · If the scope of patent application is 59 The method described in the above item further includes: receiving an instruction from the host to indicate the content to be unlocked. 6 3 · The method described in item 59 of the patent application scope further includes: determining the content to be unlocked This is achieved by scanning a directory structure and paying attention to security information. 64. The method as described in claim 59, wherein the secure content management device is a digital rights management agreement. 65. The method according to item 59 of the scope of patent application, wherein the content storage model includes at least two digital rights management agreements. 66. The method of claim 59, wherein the security management device is one of a proprietary and a third party digital rights management agreement. 67. The method as described in item 59 of the scope of patent application, whose taking action is managed by the _JiCan system. 1 枓 之 存 6: 之: Λ frame to unlock the security data on a storage medium, the system includes: Guo = Content storage model, used for the security data stored on the storage medium; the system can unlock the security data, among which the material pushes the second = the attribute of the data on the storage medium, which is based on f + xi枓 Into the unlock action, root = 该 贡 分 ㈣ # 槟 型 to right Page 256 583568 6. Scope of patent application The security data will be unlocked. 69. The system according to item 68 of the scope of application for a patent, wherein the bow receives the command to perform an unlocking action on the data in a message, and the double edge information is received via a communication channel. 70. The system according to item 69 of the scope of patent application, wherein the system is an Internet channel, a satellite communication channel, and a wireless network. < Force one of the wired channels. And 71. The system described in item 69 of the scope of patent application, wherein the confidential. u W plus 72. The system as described in item “Scope of the patent application”, wherein the storage model includes at least two digit rights management agreements. " Content storage 73. The model of the system is a proprietary and-third party digital rights management agreement. Each one is stored in 74. The system described in item 68 of Shenyan's patent scope, in which the capturing operation is performed by the file system. Management .... Haibei Material Storage 7 5 · A computer program product including: a storage medium; a plurality of content storage models for use on the storage medium :: brain type, the computer program includes: ， 7 ， It is to adjust the attribute of the data on the storage medium. The security data of each storage model in the a is unlocked. ^ Pu Bing according to # a, = is a communication with a host through a communication channel. ·, 'Said 々, /, is a command received by the host, to °, and to remove the lock action. Solution to the security data Page 257 Όδ, application for ashamed 1 |, γ 0 Stone · works D. The computer program product described in item 75 of the patent application scope, of which. It is one of an Internet channel, a satellite communication channel, a wireless communication channel, and a wired channel. The computer program product described in the 75th item of the patent scope, wherein the "Pan Bayi" further includes: instructions, which are used to track a directory structure and identify Wang Yumiao & to determine the information to be unlocked. The computer program product described in Lei Sun's "Scope of Patent Application No. 75", wherein the 70 further includes: a command for establishing a secure dialogue with the host. Lei Shen 4 requested the computer program product described in item 75 of the patent scope, wherein the Clang 1 further includes: an instruction for decrypting the command for unlocking the security data. The computer program product described in item 75 of the H claim range, wherein the valley: submodel includes at least two digital rights management agreements. 81 · The computer program product described in item 75 of the scope of the patent application, where to = :: capacity storage model is _proprietary and a third party digital rights management agreement. A device for unlocking security data on a medium, the device being used to establish a secure conversation with a host; i: 'One of the two receivers, through one communication channel, performs one of the unlocking actions on the security data. The basin is managed by the model —: and the poor materials are stored by at least the content library. ϊ' 22 The unlocking of the security data on the storage medium was performed, and the 'the order was in response to the identification code on the medium, the identification code is frame II page 258 583568 6. Scope of patent application :::: The access action of the security data, and at least one content is a female full content management device. hi 83 methods of identifying a device, the method includes: receiving by the device-a voucher, the voucher includes a plurality of stops, which are digitally signed by one of the certificate management centers; In the special digital signature, the confirmation action includes at least: using the public key of the child certificate management center to confirm the digital signature of the certificate; and Y using the public key of a device to confirm the digital signature of a device. ; Receiving authentication information from a source, the authentication information identifying at least one piece of information in the certificate as valid or invalid according to predetermined conditions; and w if the digital signatures are confirmed to be valid, transmitting a conversation key to the Attack to establish a secure communication channel. 8 4 · The method according to item 83 of the scope of patent application, wherein the source is one of a portable media and a body. 8 5 · The method described in item 83 of the scope of patent application, wherein the device is an engine, a device embedded with an engine, a third party digital rights management agreement, and an application / application executed in an open computing environment One of a program and a clearing-house server, the certificate is used to identify at least one secure application program interface (AP I), whereby one device can be accessed by using the device for operation . 86. The method according to item 83 of the scope of patent application, wherein the certificate is digitally signed by a private golden wheel assigned according to a device category, which includes: an engine, an embedded bow, Without external digital I / 〇 port 583568 6. Scope of patent application Device, an engine embedded, a device with ί / O port, a device application without an engine embedded, a third party digital rights management agreement, and a clearinghouse server. 87. The method according to item 83 of the scope of application for a patent, wherein the certificate action of the device includes: a certificate connects a host to a second host in the second host secure '" communication channel, and the certificate action agrees to the A copy function between the host and the second host. 88. The method according to item 83 of the scope of patent application, wherein the ^ data is used to specify at least one of a product category of the device, a product model, a revision, and a serial number. % ^ / Declaration of the method described in item 88 of the patent scope 'wherein, the source authentication bucket is compared with the information in the voucher, whereby the device's product category, the product line, the model, the The amendment and the identification of one of the serial numbers are invalid. The method according to item 83 of the scope of patent application, wherein the voucher is a package, a voucher management center identification code stop, a version stop, a signature gold mine horse stop, an exposure method stop, a company Block, a model identification j bit, a revised field, a meta data ID block, a device digital early key field, a certificate management center digital signature field, a serial number ~~, an agreement is disclosed The key block and at least one of the digital signature fields of a device ~, wherein the digital signature of the certificate management center confirms the ^ ~ block in the certificate, and the digital signature of the device confirms the certificate At least one of the methods described in item 83 of the scope of patent application, wherein the certificate management 583568 6. The center of patent application scope allows an entity to receive the certificate, and the brigade controls the device through invalid errors or devices with potential defects. Device quality. 9 2 · The method according to item 88 of the scope of patent application, wherein the certificate is more packaged, and the stop provided by a device manufacturer includes the company's public key, where ^ the company's public key is the certificate Digital signature of management center. = · The method as described in item 88 of the scope of patent application, wherein the voucher is more repairable—the device manufacturer provided a stop, such stops include the device open gold 9 Yang, of which the device open gold record system Digitally signed by the company. = · The method as described in item 88 of the scope of patent application, wherein the ^ category, the product line, the molding, the amendment, and the serial number of the device are set; After the device transmits an authentication procedure, it provides a certificate to generate ^ 9 ^ · The method described in item 83 of the scope of patent application, wherein the certificate ^ = one less certificate type, and these certificate types provide a Organizing party = ° complex can θ revealed after passing the dialogue gold. Method 'It can • The method described in item 95 of the scope of patent application includes digital rights management (rigid) method, which includes two methods: two methods, metadata methods, and-unlock method: = write to Amway Management ⑽) The method can be based on the device, a type 97 method as described in item 96 of the scope of patent application i this = 3 ::;!, Related to a feeder of a clearing house; 1 method related to L and Available-Second Digit Page 26〗 583568 One of the first digital rights management (DRM) applications; and the recording method is related to a player, an original video production tool, Bexun Station, and an intelligence At least one of the clearinghouse servers. 98. The method according to item 83 of the scope of patent application, wherein each block holds 326 bits of 163-bit elliptic curve encryption. ', 99. The method according to item 83 of the scope of patent application, wherein the central public key of the certificate refers to one of the certificates. Brother Lu 100. The method as described in claim 83, wherein the central public key system is located on the firmware element. The certificate management 101 · is a device of a certificate and a device. The device includes: a device including at least a package, which receives a certificate request from the device, and the certificate requires a number of fields, including one of holding an agreement public key Stop; π device for confirming the digital signature in the certificate, the confirmation action is to use the certificate to manage the signature; and Q Q A gold record to confirm that the certificate management center digitally uses one of the devices in the certificate to make it public The key is used to confirm the device, which is received by a source to confirm the batch of I digits; the condition is to identify the arrival of the certificate ;: a data ::: two: according to the predetermined device, it is a transmission key to This ~ 枓 is; and the passage, when the digital signatures are confirmed to be there. Secure communication 102 · — an engine with a structure of Feng 供: another ^ a firmware component, including: heart a machine, the engine includes ... ^ 3568 6, the scope of the patent application, the structure of the host by the host Receive a certificate, which includes a block, including a block holding an agreement public key;: = block 'which is structured to confirm at least one digital signature in the certificate, which includes:, = -One of the certificate management center's public keys, the certificate management center is digitally early; and one of the device's public funds, one of the remaining digital signatures, and a gang block, which is structured to receive authentication data from a source, the certificate The information is based on predetermined conditions to identify that at least one of the vouchers is valid or not =, and A block, which is structured to transmit a conversation key to the device, thereby establishing a secure communication channel. # These digital signatures are valid :. Build 10 3. — A computer program product, the computer program product includes: a signal bearing medium carrying digital information, which holds a firmware component, the firmware component includes: a block, which is structured by the device Receive a voucher, which includes a plurality of fields, including a block holding an agreed public record; a box, which is structured to confirm the digital signature in the voucher, which includes at least: Φ management using the voucher A digital signature of the certificate management center, one of the public keys of the center; and a digital signature of the remaining one of the devices, using a device in the delta certificate; and a box, which is structured to receive authentication data from a source, which is based on Predetermined conditions to identify at least one piece of information in the voucher as valid or invalid 583568 And a block, which is structured to pass one or two links =, when the numbers ❺ should be based on the item ♦: the computer program product described above, where in, ^ ^ τ A refers to a column of the certificate Bit. The computer program product described in the item, wherein the A-A key is located in the firmware component. # Two. A method for revoking a device, the method includes: γ device receives a voucher, the voucher includes at least one stop holding at least one signature; trying to confirm the signature; ^ source receiving-revocation list , The revocation list is valid until the two-tribute material is valid, and the data includes the first stop; and the lesser one is the key to confirm the conversation. f At least one of the signatures cannot be successfully identified and at least < is invalid, avoid transmitting a session key to the device, which is necessary to establish a secure communication channel. The method of the abolition table, wherein the abolition table is 107. As described in item 106 of the scope of patent application, the list is evaluated during file access. 108. The rows as described in item 7 of the scope of patent application are stored when the file is created. 109. The method as described in item 106 of the scope of patent application, wherein each of the grasses has a revocation list and the repetition list having a plurality of revocation lists has duplicate items. ^ The method according to item 106 of the scope of patent application, wherein the revocation list is accompanied by the file for storage in the media. 11 5 · The method according to item 6 of the patent application scope, wherein the revocation list is copied to each device. 11 The method as described in item 106 of the scope of patent application, wherein the revocation list is ^ a feeder maintenance so that the content presentation device that communicates with the server can receive updates directly transmitted to the device Repeal of listing. 117. The method according to item 10 of the scope of patent application, wherein the plurality of revocation lists are based on one-by-one files to be stored on the medium, so that the 583568 Scope of patent application At least one case can have an abolition list associated with that case. 11 8 · The method as described in Patent Application Scope Nos. 1 to 7), wherein the revocation list is an access operation performed during a combination of a file access procedure and / or authentication and a file access procedure. 119. The method as described in claim 6 in the patent application scope, wherein the revocation list includes a poison to prevent a content presentation device from operating. 120. The method of claim 106, wherein the revocation list is updated when the content presentation device is connected to a server. 1 21 · The method according to item 6 of the patent application scope, wherein a content table The revocation action of the current device includes at least: the revocation action of at least one public gold record, of which the revocation action of one public gold repeal is the revocation of any corresponding signature. 1 2 2 The method as described in item 106 of the scope of patent application, wherein the revocation list uses a unique disposal to maintain an object in the file system on the medium. 123. The method according to item 106 of the scope of patent application, wherein the abolition information is centralized. 124. The method according to item 106 of the scope of patent application, wherein the source is one of portable media and firmware. 125. The method as described in item 106 of the scope of patent application, wherein Whether the relevant information has been revoked by the public key is stamped on the media. ', 126. The method as described in item 106 of the scope of patent application, wherein the device is an engine, an element embedded in an engine, a third-party digital rights management agreement, and an open computing environment. An application and an exchange of information Page 266 VI. Application scope of patents (4API of the server), to save 127 by i. • If the application is based on the device ~ the device includes: engine embedded ~ engine and: after applying the application mode, such as the application; read: material system 129 4 Orders • If the application is related to this category, the property category is invalid. 30. If the application includes the following block, version, wheel identification code, identification code, master agreement key, one, The certificate identifies at least one secure application program interface, and one of the application program operations can be performed by using the device. The method described in item 106 of the patent scope, wherein the certificate is a private gold record assigned by the category for signature, the device category is a component with an embedded engine and no external digital I / 0 port, and a digital I The components of the / 0 port, and the main patent model that does not contain an engine designate this, and a patent model certificate in the product line,. From the patent scope to the certificate management, the method described in item 106 of the machine signature and host, wherein at least one product category of a device and a product line module of the certificate are placed in the certificate. 1 3 1 · The method according to item 128 of at least one of the application serial number, wherein the information of the source certification is compared to thereby at least one of the product, the model, the revision, and the serial number of the device. The method according to item 129, wherein the voucher is one of the less, and includes: the voucher management center identification key public key, the voucher management center public key method, company, model identification code, revision, metadata public key , Certificate management center signature, serial number, signature, of which the certificate management center signature is the confirmation field, and the host signature is the method described in item 106 of the patent scope in the certificate, where the certificate system P.267 ^ 3568 VI 'Scope of patent application-" Is the dagger full enough to receive the voucher and bury it? Whoever trapped ρg is invalid or has clothes that control the quality of the device. The missing part is as described in item 130 of the scope of patent application: the field provided by the device manufacturer, including the installation: 'More 13, the public key of the clothing is signed by a private key. '' Key,-* If the product in the scope of the patent application No. 丨 30 _ this product _ such as points * ^ ^ ^ Wan Ru, of which, the host is small-those are / /: product line, the model, the amendment, and The serial number is split. System, after the host transmits the —authentication procedure, to —the certificate is generated 1 3 4 Refers to the method described in item 106 of C !! i, wherein the certificate is disclosed after c round of the conversation key. Method, which can be, the method described in the patent application scope item 丨% includes digital rights management, method, method of writing security metadata, and unlocking, and the 1 3 β according to the device One of the types to operate. The solution: the method described in item 135 of the scope of interest, in which the ancient sea, I system, and method are related to an information exchange server; Management (c is related to-the engine and one of the second digital rights management (DRM, application to operate-first digital rights management) applications; and ΐ 程式 入 方法 related to a playback At least one of a video camera, an original video production tool, a 7 ° station, and a clearinghouse server. • The method as described in item 106 of the scope of patent application, wherein each field 583568 6. Scope of patent application: It is a 32-bit value of 16-bit elliptic curve encryption. 138 · — A device for abolishing a host, the device includes: a device that receives a certificate by a host, the certificate includes a plurality of stops, including a publicly recorded record of an agreement signed by a certificate management center A block; a device for confirming the signature on the certificate, the confirmation action includes: using the agreement public key to confirm the certificate management center signature; and using a host public key on the certificate to confirm A host signature; A device that receives authentication data from a source that recognizes at least one of the data on the certificate as valid or invalid according to a revocation list; and a device that avoids transmitting a session key to the host In order to establish a secure communication channel, if the signatures are invalid. 1 3 9 · An engine that is structured to abolish a host. The engine includes: A block that is structured to receive a certificate from a host. The certificate includes multiple fields, including holding a certificate management center. One of the signatures is one of the sheds of the public gold record; a box that is structured to confirm the signature on the voucher, and the confirmation action includes ... Using the public key of the agreement to confirm the signature of the certificate management center; and using a public key of the host on the certificate to confirm a signature of the host; a block that is structured to receive authentication information from a source, the authentication information Based on a revocation list to identify at least one piece of information on the voucher as valid or invalid; and Page 269 583568 6. Scope of patent application A block, which is structured to avoid transmitting a conversation key to the host computer through a secure communication channel if the signatures are invalid. Create WO · — a kind of computer program product, the computer program product includes: a signal bearing medium carrying digital information, which can be used as a moving body, the digital information includes a program, which includes: — an operation block, which is structured A host receives a voucher, and the voucher is a number of stops, including holding a voucher of a voucher management center signature; 疋 aThe signature of a gold wheel, the confirmation action is a scoop. A block which is used to confirm the certificate includes: using the public key of the agreement to confirm the certificate management center, = using a public key of the host on the certificate to confirm a host signature ^ The source receives the authentication information, which is not valid; and the frame is valid or block, and the system is structured to avoid transmission of the JuL 1 secure communication channel if the signatures are invalid. Jiang 1 stores data on two types of smart media, including: access operations; and% is the management of plural levels to agree to the content according to the privileges and predetermined conditions of the content described in item 141, etc. The method, where is the content of $ Find? And access actions of _ 5 to evening include playing, copying, and processing the Page 270 583568 6. One of the contents of patent application scope. 143. The method as described in item 142 of the scope of patent application, where ^ = includes copying a limited number, or an unlimited number of members; f system Kariya copying. The method described in item 143 of the patent scope is that the unlimited number of coats is one of the original source copy of the content and one of the original source copy. 145. The method conditions described in item 141 of the scope of application for patents include at least: ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, 4.The temple pre-identified a channel to transmit the content; and Previously, an abolition index was obtained, where the existence of the tail end h ^ was used to exclude access allowed. The method described in item 141 of Shenjing's patent scope can be operated by using a data management system: its attachments: Valley system is stored on the media for management; eight is for internal operation. On the version, 3 & management system officials Li Rong content access-^ ^ control state of the firmware, the firmware at least ', application program interface (API) and an open application heart program Interface (API) system to perform access operations; and < Insertion system = full application and interface (AP " is based on at least one of the media's, to save the security information on the media with the same thinking Take action. Recognize 583568 6. The scope of patent application is the method described in item 147 of the patent scope, in which the security response Wang Gong, and the surface (ΑΡί) include a first security application program interface (API ^ to one additional A security application programming interface (API), the first security application], t H plane, (AP 1) can be operated by using at least one additional security application ^, the at least one additional security application programming interface provides an additional security layer The first security application programming interface API) uses the additional security layer to control the access action of the content. The method described in item 147 of the scope, in which the chapter blade system is included in the special application product Body Circuit (A SIC) 150: The method described in item 146 of the scope of patent application, wherein the asset management system uses at least one application program interface (Αρι) to manage content = program interface UPI) is used-host to limit 151. The method described in item 15 of the scope of patent application, wherein the 誃 -style interface (AP I) is able to avoid the block level of the content being stored ^ 152. The method described in item 15 of the scope of patent application, Its sub-interface (AP I) is only capable of performing two = w operations through an authentication channel. Extending access 153. The method described in item 14 of the scope of the patent application-a portable medium, including an optical disc, and the content; j is a spoon-based system that uses the media system to make content, record ... copy content, Unlock: at least one of the original contents. Closing and releasing 154 · The method described in item 147 of the scope of the patent application is replied to "5,568". 6. The scope of the patent application is to provide a seed of a golden box, which provides unlocked content and The balance of at least one of the decrypted content. 155. The method according to item 154 of the scope of patent application, wherein the media holds at least one of the original movie production content and the recorded content, and the original movie production content and the recorded content are respectively related to a key box, And the golden record box is linked to the media. 156. The method according to item 155 of the scope of patent application, wherein the original video production content and the recorded content, along with its associated key box, each provide a complete access system. 15 7. The method according to item 155 of the scope of patent application, wherein the gold loss box can be unlinked from a first medium and reconnected to a second medium to generate a complete deposit on the second medium. Take the system, it's the same as the 'fish' to the key box. 158 · —A device for storing content on a secure medium, the device includes: ^ two tools for transmitting content to the medium, the tool is structured with multiple levels of access actions, wherein the content privileges and predetermined conditions are Manage content access actions. The device described in item 158 of the patent application park further includes: a combination lock coupled to the tool, the combination lock is structured to connect a metal to the media. '' ^ Meng 160. The device described in item 159 of the scope of patent application, further comprising: a special application integrated circuit (ASIC), which is coupled to the combination lock; and a random key generator, which is embedded With this special application integrated circuit (MW, 忒 random key generator is to provide at least one of the media's secret gold loss. 583568 VI. Application for a patent scope 162 ^ please refer to the scope of the patent scope 161 second G-inside The content copy includes " copy-limited number of specific content copies .: The device described in item 158 of the scope, wherein these are scheduled to perform the content transfer operation; and · Γ51 sound: vc, Pizhong ^ t ^, before the door core access action, obtain a waste soil handle, ^^ said that the existence of no is used to exclude the access action. The scope of interest is described in item 158 The device, # 中, ㉟, etc. additionally use a data management split to operate, wherein the inner shell material is stored on the medium, and the management system is managed by the object on the special integrated circuit (ASIC) The box data, to avoid the Content access action. 165. The device described in claim 164, wherein the special application integrated circuit (ASIC) is placed in a controller, and the special application integrated circuit (ASIC) The tough system includes at least a secure application program interface (API) and an open application program interface (Αρι), among which: the open application program interface (API) agrees to the access action of the file system data on the media; and the full-text application The program interface (AP 丨) is based on at least one knowledge of the media, so as to agree to the access to the saved data on the media. 6. The device described in the scope of patent application No. 165, wherein the security The programming interface (API) includes a first secure application programming interface (API) Page 274 583568% ^ ------ — VI. Scope of patent application-) and at least one additional security application program interface (Αρί), the first security application = program interface (API) is the use of the at least one additional The security application program (API) is used for operation. The at least one additional security application program interface (AP I) provides additional security layers. The first security application program interface (AP I) uses these additional security layers to control the security layer. Access to content. = 7. The device according to item 164 of the scope of patent application, wherein the flexible system j is from J / an application program interface (Ap 丨) to manage content access actions, which: use the autumn interface (AP I) This is to prevent a host from performing party-level access to the media. 168. The device according to item 167 of the scope of patent application, wherein the application program and interface (API) prevent a host from performing block-level access to the content. ^ 9 The device as described in item 167 of the scope of patent application, wherein the application program II. Interface (AP I) can only access through an authentication channel. 1 ^ 0 / The device according to item 158 of the scope of patent application, wherein the medium is a portable medium, including an optical disc, and the content includes the original film clothing content, recorded content, copied content, At least one of unlocked content and unlocked content. ^: The device according to item 165 of the scope of patent application, wherein the identification code is a seed for a key box, and the key box is provided with at least one of unlocking content and decrypting content key. 1 ^ 2 · The device described in the scope of patent application No. 1 71, wherein the media is at least one of the original video production content and recorded content, the original video Page 275 583568 The related golden record box is to separately produce the production content and the recorded content, which together with it provides a complete access system. A 173. As described in item 171 of the scope of patent application, where the child can be unlinked from a first media and reconnected to '_; the second, f is the key box. ^ Access system, which is also linked to 174.-a method for pre-recorded content preservation of original movie production, which includes ... encrypting the pre-recorded content; and Connecting a key box and at least one identification code to a media disc, the key box is structured to use the identification code having the key box, wherein the ^ different codes include a complete identification code and a part of the identification The identification code of at least one of the codes is required to be completed through one-time submission before using the key box. 175. The method according to item 174 of the scope of patent application, wherein the golden wheel box subsystem architecture provides operation of a triple data encryption standard (t r i p 丨 e _ ) The key of the block. The triple data encryption standard (triple_DES) block receives the output of one of the random gold record generators. The random key generator uses the complete identification code of the media disc to seed. The data encryption standard (triple-DES) block uses the complete identification code with the key box to decrypt and encrypt the content. 176. The method according to item 174 of the scope of patent application, wherein the identification codes include public and private identification codes. Chapter 276