EP0968585A1 - Technique de gestion des droits sur des produits numeriques - Google Patents

Technique de gestion des droits sur des produits numeriques

Info

Publication number
EP0968585A1
EP0968585A1 EP98912914A EP98912914A EP0968585A1 EP 0968585 A1 EP0968585 A1 EP 0968585A1 EP 98912914 A EP98912914 A EP 98912914A EP 98912914 A EP98912914 A EP 98912914A EP 0968585 A1 EP0968585 A1 EP 0968585A1
Authority
EP
European Patent Office
Prior art keywords
product
reader system
signature
encrypted
fragment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP98912914A
Other languages
German (de)
English (en)
Inventor
John H. Lebourgeois
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cryptoworks Inc
Original Assignee
Cryptoworks Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cryptoworks Inc filed Critical Cryptoworks Inc
Publication of EP0968585A1 publication Critical patent/EP0968585A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1011Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/108Transfer of content, software, digital rights or licenses
    • G06F21/1083Partial license transfers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • G06Q20/123Shopping for digital content
    • G06Q20/1235Shopping for digital content with control of digital rights management [DRM]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/0014Coin-freed apparatus for hiring articles; Coin-freed facilities or services for vending, access and use of specific services not covered anywhere else in G07F17/00
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/103Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for protecting copy right

Definitions

  • the invention relates to controlled distribution of digital products in a manner that tends to ensure that authors receive proper royalty payments for their work.
  • Digitally encoded products such as software, music, images and video segments are extremely important in today's economy.
  • the ease and economy with which perfect copies can be made of digitally encoded products has promoted the widespread unauthorized copying and distribution of such products through such channels as user-to-user copying and sharing, digital data networks such as the Internet, and CD-ROM publishing.
  • These distribution channels have made it difficult for the creators and copyright holders of such products to regulate the use of their products or to receive payment and registration information from their users. Consequently, digital product producers often forfeit substantial revenues and valuable information about their customer base and potential markets, while businesses and universities find themselves subject to legal prosecution and intimidation for copyright infringement.
  • Copy protection mechanisms Built into hardware or software.
  • Copy protection mechanisms sometimes can inconvenience users who have a legitimate need for making copies.
  • Copy protection mechanisms also can prevent digital product developers from taking advantage of the new distribution channels, such as the Internet.
  • the CDI technique suffers from at least two problems. First, while the encryption of a data product during transmission may be very strong, it is still theoretically possible for an unauthorized third party to decipher it. Second, even if the product remains secure during transmission, once it is decrypted by the customer, CDI ' s strong encryption techniques no longer protect the product against further unauthorized distribution.
  • the above- cited documents indicate that content as well as executables can be "locked" to a specific registered machine while still allowing for unrestricted distribution of the software in a crippled or time-dated mode, but the documents do not explain how this is to be accomplished.
  • Schull describes a technique for distributing digital products (specifically software) by selling a password to the user.
  • the user uses the password to unlock advanced features of the product, but the password is usable only on one machine.
  • the technique allows users to freely distribute software to other machines and other potential users, but does not allow other users to take advantage of advanced features of the software without obtaining a new password which is specific to the new machine.
  • the user generates a "passwordable- ID" either from the user's voice, by reading the serial number of the machine's CPU, or by any of a number of other suggested methods.
  • the passwordable-ID is transmitted to a licensing system which uses the passwordable-ID to generate an encrypting seed for the software advanced features.
  • the encrypted encrypting seed is then transmitted back to the user as a key for unlocking the advanced features of the software.
  • a digital product is freely distributed through uncontrolled channels in encrypted form.
  • Unencrypted preview material may also be provided in order to help the customer decide whether to purchase a license.
  • one or more fragments of the encrypted product are withheld from uncontrolled distribution, and provided only upon communication with a license server.
  • the technique of the present invention renders it literally impossible for an eavesdropper to recover the complete decrypted product without contacting the licensor.
  • the product is not merely encrypted; to the extent of the security fragments, it is not even there.
  • the customer purchases a license through the use of reader software which examines the components then present on the reader system to develop a reader system signature (RSS) .
  • the reader system signature is transmitted to a license server which uses it either to encrypt the product decryption key, or to further encrypt the security fragments, or both, before sending them to the reader system.
  • the reader system signature is not stored on the reader system. Rather, at the time that the customer would like to use the digital product (view an image or movie, listen to a sound or execute software, for example) , a new reader system signature is generated in the same manner as the original reader system signature.
  • the new reader system signature is used to decrypt the product decryption key and/or the double-encrypted security fragments, only at the time of use. If the user is attempting to use the digital product on a different machine, such as would be the case in the event of unauthorized distribution, then the new reader system signature will not work properly and the unauthorized user will not be able to use the digital product.
  • the above second aspect of the invention could be problematical in the event that the user upgrades or modifies the reader system.
  • a mechanism that regenerates the reader system signature each time a digital product is to be used could prevent a legitimate user from using the product after such an upgrade.
  • the machine authorization of the reader system allows a certain amount of "upgrade drift" before it is deemed advisable to check for unauthorized use.
  • the reader system signature is determined by examining various components (hardware and/or software) of the reader system, to determine individual signatures for each component.
  • the individual component signatures are then combined to form the overall reader system signature, for example by a weighted sum of the individual component signatures or by concatenating the individual component signatures together. If the reader system signature is determined on the basis of a weighted sum (or equivalently, a weighted average) of the individual component signatures, then the amount of permissible upgrade drift can be expressed as a percentage; that is, if the reader system signature generated upon usage of the digital product differs from the reader system signature generated at the time the product is purchased by no more than a predetermined percentage or fraction, then the usage is considered authorized.
  • the reader system signature is generated as a concatenation of the individual component signatures, then the number of components which differ at usage time relative to purchase time can be specified not to exceed a specific count.
  • the reader system signature generated at the time of purchase is not stored on the reader system, it can instead be uploaded to a license server. If the reader system signature generated at usage time is found by the reader system not to properly decrypt either the product decryption key or the product itself, then in an embodiment, the reader system can automatically contact the license server for reauthorization. The reader system uploads the newly generated reader system signature, and the license server performs the upgrade drift test in comparison with the reader system signature that was stored on the license server at the time of purchase.
  • the license server determines that the newly generated reader system signature is within the permissible upgrade drift parameter, then it transmits a new product decryption key and/or new product security fragments, back to the reader system, encrypted according to the new reader system signature.
  • the reader system is then able to decrypt the digital product and play, view or otherwise use it in the desired manner.
  • one embodiment of the reader system also uploads the raw component signatures of the computer system. This allows customer support to determine which components have changed.
  • the reader system signature is generated in dependence upon a component whose individual component signature carries with it external assurances of substantial uniqueness among all computer systems which could reasonably pose as authorized reader systems.
  • a component signature can be used by itself, or in conjunction with other component signatures, in order to generate the overall reader system signature. If used by itself, then upgrade drift is usually not permissible without manual re-validation.
  • Fig. 1 is an overall symbolic diagram of a system according to the invention.
  • Fig. 2 is a block diagram illustrating the structure of a typical reader system of Fig. 1.
  • Fig. 3 illustrates the overall system flow for the authoring system of Fig. 1.
  • Fig. 4 is a flow chart illustrating the flow of a product registration segment of Fig. 3.
  • Fig. 5 is a flow chart illustrating the general operation of the reader system of Fig. 1.
  • Fig. 6 is a flow chart of the product purchase preparation step of Fig. 5.
  • Fig. 7 is a flow chart illustrating one technique for generating the reader system signature.
  • Figs. 8 and 9 together constitute a flow chart of steps which takes place in the license server 104 in response to receipt of a product purchase package.
  • Fig. 10 is a flow chart of the step in Fig. 8 in which the license server processes the customer's payment information.
  • Figs. 11-13 together constitute a flow chart of the step in Fig. 5 in which the reader system plays the digital product.
  • Fig. 14 is a flow chart illustrating the license server's operations in response to receipt of a re- validation package.
  • Figs. 15 and 16 are alternative details of the step in Fig. 14 in which the license server determines whether the difference between the two RSS's exceeds a threshold.
  • Fig. 1 is an overall symbolic diagram of a system according to the invention.
  • the system has three primary components: an authoring system 102, a license server 104 and a reader system 106.
  • the overall system is most useful when used with an uncontrolled distribution channel such as an insecure public distribution network 108 (e.g., the Internet).
  • an insecure public distribution network 108 e.g., the Internet.
  • the author or proprietor of one or more digital products first uses the authoring system 102 to register with the license server 104 as an author.
  • Author registration information is transmitted from the authoring system 102 to the license server 104, and an author ID is returned to the authoring system.
  • the product When the author has a digital product to market, the product is provided to the authoring system 102, together with certain usage parameters .
  • the usage parameters include a set of free usage parameters and one or more sets of paid usage parameters .
  • the authoring system compresses and encrypts the digital product (compression is optional) , extracts one or more security fragments from the encrypted product and then packages the product for broadcast via the uncontrolled distribution network 108 and for upload to the license server 104.
  • the authoring system then transmits the product registration package up to the license server 104 and receives a product ID in return.
  • the authoring system also makes the product broadcast package available on the uncontrolled distribution network 108.
  • a "product” can include one or more sub-products, all of which are considered herein to themselves be “products”.
  • the customer utilizes the reading system 106 to perform those functions of the digital product which are freely authorized according to the free usage parameters that were previously specified by the author.
  • Such functions can include, among other things, a preview of the digital product, and an indication of one or more licensing options which the customer can purchase. If the customer chooses to purchase one of the license options, the reader system 106 examines certain components of the reader system and, in dependence thereon, generates a reader system signature (RSS) .
  • RSS reader system signature
  • the reader system assembles a product purchase package including the RSS and payment information, and uploads it to the license server 104.
  • the license server 104 processes the payment information and, if successful, transmits a product server download package back to the reader system.
  • the reader system uses the product server download package to unlock the functions of the digital product which are authorized under the license option that the customer has purchased, and allows the user to use the product accordingly.
  • the reader system 106 performs fingerprint and/or watermark insertion as described hereinafter.
  • the license server 104 performs a number of functions, including maintaining a database of registered authors and storing all of the product registration packages.
  • the license server 104 also stores reader system signatures from customers, performs customer payment validation, as well as certain fraud detection functions as described below.
  • the license server 104 also performs the functions of royalty payment clearing. Specifically, license royalties received from (or on behalf of) customers are properly accounted for and transferred to the proper authors after deduction of a commission.
  • the authoring system 102, the license server 104 and the reader system 106 are each illustrated as a respective individual block. Depending on the embodiment, each block might contain no more than a single computer, or in different embodiments, different blocks can contain more than one computer.
  • one or more of the blocks 102, 104 and 106 contains a number of computers spread out over a great geographical area and interconnected by a network.
  • the illustration of the authoring system 102, the license server 104, and the reader system 106 as single blocks is not intended to indicate that each must constitute only a single computer system or that each must be located at a respective single location.
  • FIG. 2 is a symbolic block diagram illustrating the structure of a typical computer system which may be used as an authoring system, a reader system or a license server. It comprises a CPU 202 and cache memory 204, both connected to a CPU bus 206. Interface circuitry 208 is also connected to the CPU bus 206. The interface circuitry 208 is further connected to a main memory 210, as well as to two I/O buses: PCI-bus 212 and ISA-bus 214.
  • a PCI-bus 212 Connected to the PCI-bus 212 are sound and game controllers 216, a network adapter 232 and a display adapter 218, the last of which is further connected to a monitor 220.
  • a hard disk drive controller 222 Connected to the ISA-bus 214 is a hard disk drive controller 222, a CD-ROM drive controller 224, a floppy disk drive controller 226, various I/O ports 228, and a boot PROM 230.
  • Most of the peripheral components illustrated in Fig. 2 include on-board configuration data which can be read by the CPU 202.
  • the boot PROM 230 includes a portion which is writeable by the CPU 202 to store configuration data.
  • the software to operate the authoring system 102, the license server 104 or the reader system 106 is stored on the disk drive controlled by the disk drive controller 222, and brought into main memory 210 as needed for execution.
  • the computer system of Fig. 2 communicates with the other systems of Fig. 1, and with the distribution network 108, if appropriate, via the network adapter 232.
  • Fig. 3 illustrates the overall system flow for the authoring system 102.
  • the authoring system flow is generally divided into two segments: an author registration segment 302 followed by one or more product registration segments 304.
  • the author (or other proprietor) of one or more digital products enters his or her identification information.
  • Such information can include, for example, the author's name, address, Social Security or other tax ID number, password or other challenge information (for confirmation of identity during customer service calls) , e-mail address and/or telephone number (step 306) .
  • the authoring system uses this information to create an author registration package which is transmitted, in step 310, to the license server 104.
  • the license server 104 adds the author and the author's identification information to its registered author database, and in step 312, the authoring system 102 receives and stores and author ID from the license server 104.
  • the communication between the authoring system 102 and the license server 104 in the author registration segment 302 should take place via digital certificate and one-time secure channel, or by secure, signed electronic mail.
  • Fig. 4 is a flow chart illustrating the flow of a product registration segment 304 (Fig. 3) .
  • the author identifies one of possibly many digital products to the authoring system 102 and enters usage parameters.
  • the digital product is identified, for example, by identifying a filename within which the digital product is stored.
  • the usage parameters can include such parameters as the number of copies which will be permitted to be made on the reader system, whether the reader system will be authorized to save the digital product to a hard disk, whether printing will be enabled, whether preview is enabled, and the amount of RSS drift which will be permitted on a reader system before manual reauthorization will be required.
  • the usage parameters may be specified as several options, including a set of free usage parameters (for which no payment is required) and one or more options of purchasable usage parameters (functions requiring a purchased license) .
  • the author can also indicate at this point whether the product should be compressed.
  • the reader system extracts the appropriate preview material with the assistance of the author.
  • the entire digital product is then encrypted in a step 406.
  • the product is first compressed (step 408) by any known algorithm.
  • the product can be compressed using a Lempel- Ziv algorithm or by a Huffman encoding algorithm.
  • the compression step 408 is considered part of the product encryption step 406 because compression is, in effect, a form of encryption; it is very difficult to recover the original uncompressed product unless the algorithm used for compression is known. Compression is optional because for certain kinds of products, the benefits to be gained by compression are outweighed by the performance degradation that compression/decompression often entails.
  • a product encryption key is generated.
  • the key can be generated in any known manner; for example, by a pseudo-random number generator using a seed derived from the time period between two successive user key strokes.
  • the compressed digital product is encrypted using the encryption key developed in step 410.
  • any known key-based symmetric encryption algorithm can be used (as long as the correct complementary algorithm is used for decryption on the reader system 106) .
  • One such well-known encryption algorithm is DES, described in National Institutes of Standards and Technology, "Data Encryption Standard," FIPS Publication No. 46-1 (January 1988) , incorporated by reference herein.
  • Triple DES also known as DES-3)
  • yet another is RC-5.
  • RC-5 is described in R. W. Baldwin and R. Rivest, "The RC5, RC5-CBC,- RC5-CBC-Pad, and RC5-CTS Algorithms", INTERNET-DRAFT (March 1996) , available from ftp: //ftp.nordu.net/internet-drafts/draft-baldwin- rc5-00.txt, visited March 4, 1997, incorporated herein by reference.
  • the result of product encryption step 406 is referred to herein as an encrypted "version" of the digital product.
  • a “version” of a digital product is still considered to be the digital product, because it continues to include all the information of the digital product.
  • a native "version” of a product also is nevertheless “the product”.
  • a digital product can exist in several versions, each of which is a reversibly processed version of the native version.
  • the authoring system 102 After the product encryption step 406, in step 414, the authoring system 102 generates a digest of the encrypted product. Any- suitable digesting algorithm can be used for this purpose including, for example, an error-correcting code (ECC) generator or the well-known SHA-1 algorithm.
  • ECC error-correcting code
  • the SHA-1 digesting algorithm is described National Institute of Standards and Technology (NIST) , FIPS Publication 180: Secure Hash Standard (SHS) (May 1993), as amended by National Institute of Standards and Technology (NIST) Announcement of Weakness in the Secure Hash Standard (May 1994) , both incorporated herein by reference.
  • SHS Secure Hash Standard
  • NIST National Institute of Standards and Technology
  • the authoring system 102 separates one or more "security fragments" in the encrypting product.
  • the security fragments preferably constitute only a small portion of the overall digital products; for example, 1-5% of the byte count of the overall product not to exceed, for example, 3OK bytes.
  • the number and size of the security fragments can be predetermined and constant for all digital products, or it can be dynamically selected or optimized for different digital products. It is desirable to minimize the size of the security fragments while maximizing the effect that their absence would have in helping to prevent unauthorized usage of the digital products. One way of maximizing such effect is to include the beginning of the digital product in one of the security fragments.
  • the authoring system 102 In a step 418, the authoring system 102 generates a digest of the encrypted product less the security fragments. Again any digesting algorithm, such as SHA- 1, can be used in this step.
  • the authoring system 102 creates a product registration package and transmits it to the license server in step 422.
  • the license registration package can form part of a digital certificate in one embodiment.
  • the license server stores the product registration package and returns a product ID to the authoring system 102 (step 424) .
  • the reason that the security fragments should be kept as small as possible is to minimize the storage capacity requirements of the license server.
  • the authoring system 102 creates a product broadcast package for the digital product and makes it available (step 428) via any uncontrolled distribution network, such as the Internet.
  • the product registration package which can also be digitally certified, includes the following items:
  • usage parameters both the free usage parameters and the usage parameters at various purchasable options
  • the product decryption key referred to above is whatever key is required to decrypt the results of the encryption process of step 412.
  • the product decryption key will be the same as the key used for product encryption in step 410; for asymmetric encryption algorithms (such as for public key encryption) , the product decryption key might be different than the product encryption key (such as for RSA encryption) .
  • the product decryption key is referred to herein as being "complementary" to the key used for product encryption in step 410.
  • the product decryption key is the only segment of the product registration package which should be transmitted to the license server securely. Other segments can be transmitted securely if desired or convenient, but this is not necessary. Security of the product decryption key can be ensured, for example, by public/private key encryption of the product decryption key itself, or by connecting to the license server 104 via a secure network.
  • the product broadcast package contains the following items. If more than one sub-product is included in the product broadcast package, then the package contains a set of these items for each sub- product . product ID preview material (unencrypted) free usage parameters purchasable usage parameter options
  • Fig. 5 is a flow chart illustrating the general operation of the reader system 106.
  • the reader software automatically generates an installation ID.
  • the installation ID which is stored on disk in the reader system 106, is a substantially unique identifier of the installation.
  • the installation ID is stored in such a way that if the particular installation of the reader system software was to be copied to a different system, the installation ID would likely be copied as well.
  • the customer/user of the reader system 106 downloads the product broadcast package for a digital product that he or she wishes to examine .
  • the customer performs one or more of the freely authorized functions, including a preview of the material in the digital product (if available) .
  • the preview material might be a portion of that sound.
  • the preview might be a portion of the movie, or a trailer.
  • the digital product is an image, then the preview material might include a thumb nail of the image.
  • the digital product is text, then the preview material might include an abstract .
  • a step 506 the customer chooses to buy a license in accordance with one of the license options made available in the usage parameters.
  • the customer enters his or her identification information, payment and contact information.
  • the identification information can include the customer's name, address and phone, or optionally an arbitrary privacy ID. Such identification is desirable so that the licensing authority can identify the customer if and when the customer calls in for support.
  • the payment information can include a credit card number and authorization and/or digital money information.
  • Various forms of digital money are described in Daniel C. Lynch, "Digital Money” (John Wiley & Sons, 1996) , incorporated herein by reference.
  • the reader system 106 prepares a product purchase package described hereinafter, and in a step 512, the reader system 106 uploads the product purchase package to the license server 104 at the URL identified in the product broadcast package. Note that multiple or bounce URLs may be available for this purpose.
  • the product purchase package may be transmitted by secure channel and/or encrypted in a digital certificate.
  • the reader system receives the product server download package for the desired digital product.
  • the product server download package need not be transmitted by secure channel.
  • the reader system stores the product broadcast package on the reader system (or at least accessibly to the reader system) in conjunction with the product server download package. Either at that time or at a later time, at the customer's request, the reader system plays (or otherwise uses) the product (step 518) . All further use of the product by the customer occurs on the reader system 106 through the reader system software.
  • Fig. 6 is a flow chart of the step 510 (Fig. 5) in which the reader system 106 prepares the product purchase package.
  • the reader system 106 generates a reader system signature (RSS) for the reading system 106. The manner in which the RSS is generated is described hereinafter.
  • the reader system 106 retrieves the previously generated installation ID, and in a step 606, the reader system generates a digest of the encrypted product less the security fragments (as obtained from the product broadcast package) .
  • the digest performed in step 606 should be the same as that performed by the authoring system 102 in step 418 (Fig. 4) .
  • the reader system 106 extracts the product ID from the product broadcast package and in a step 610, the reader system assembles the product purchase package.
  • the product purchase package includes the following items: product ID customer's installation ID customer's identification information (or privacy ID) customer's payment information customer's contact information (including information on where to send the product server download package)
  • RSS of the reader system 106 generated digest of the encrypted product less security fragments
  • the reader system signature can be generated in a number of different ways in different embodiments.
  • the system takes advantage of serial numbers or other identifying data which may be present in the reader computer system, and which carry external assurances of substantial uniqueness. That is, many computers when manufactured are assigned a serial number or other indicator which the manufacturer of the computer, or some other authority, guarantees to be unique. For example, Apple Macintosh computers, when manufactured, are assigned an Ethernet address which is unique to that specific computer.
  • the identifier can be assigned in software, such as in the operating system of the computer.
  • serial number it is not essential that whatever authority assigns the serial number guarantee uniqueness; it is sufficient only in that it be extremely unlikely that two computer systems which can act as reader systems 106 carry the same identifier. This is the case where, for example, the number carries external assurances of substantial uniqueness, such as in the case of Ethernet addresses.
  • the reader system signature does not rely on a component having an identifier that carries external assurances of substantial uniqueness. Instead, a plurality of components (hardware or software) are examined to determine individual component signatures. The individual component signatures are then combined to form the overall reader system signature. In one embodiment, the individual component signatures are all concatenated together in a predetermined sequence to form the overall reader system signature. The individual component signatures may be digested prior to concatenation in order to limit their size to the predefined field size. In another embodiment, optionally after digesting, the individual component signatures are averaged or summed together to form the overall reader system signature.
  • the individual component signatures can be weighted prior to combination, in order to reduce the impact on the reader system signature that would result from changes in components that are more frequently subject to upgrade or replacement.
  • the reader system 106 generates the reader system signature in dependence upon component signatures from the following components, to the extent present in the system. Except as indicated below, most of the component signatures set forth in this list are readable either from the CMOS or from a device manager driver. This is only an illustrative list; other embodiments can refer to other components not on this list.
  • Hard Disk Drive drive ID numbers of cylinders, sectors and heads drive defective sector map (obtained from sector 0) • drive name drive manufacturer
  • a combination of individual component signatures also includes one or more component signatures that carry external assurances of substantial uniqueness, to the extent such a component exists in the machine.
  • Fig. 7 is a flow chart illustrating one technique for generating the reader system signature for reader system 106.
  • a step 704 it is determined whether the reader system 106 includes a component which has an ID that carries external assurances of substantial uniqueness. If so, then the reader system signature is given by the component ID of that component (step 706) . If not, then in step 708, the reader system 106 obtains the data regarding the above-listed components to the extent present in the reader system 106.
  • each of the individual component signatures is digested, and they are combined in step 712 to form the reader system signature.
  • Fig. 8 is a flow chart of the steps which takes place in the license server 104 in response to receipt of a product purchase package. As used herein, steps which take place "in response to" a predecessor event, do so if the predecessor event influenced the performance of such steps. If there is an intervening time period, the performance of the steps can still be considered "responsive" to the predecessor event. If the performance of the steps depends on more than one predecessor event, then the steps are considered performed in response to each of the predecessor events .
  • the license server 104 compares the digest from the product purchase package with the digest of the encrypted product less security fragments as stored on the server 104 with the product registration package for the product ID referred to in the newly received product purchase package. If the two digests do not match, then it is very likely that either the product broadcast package has been tampered with prior to generation of the digest on the reader system 106, or the customer is attempting to obtain the product server download package fraudulently. In this case, the license server 104 returns a package to the reader system 106 indicating that the attempt to purchase a license was unsuccessful (step 804) .
  • step 806 the license server 104 processes the customer's payment information. If there is an error in this process, then again the license server returns an indication to the reader system 106 that the customer's attempt to purchase a license has been unsuccessful (step 804) .
  • the license server 104 stores the customer's RSS obtained from the product purchase package in conjunction with the customer's installation ID, also obtained from the product purchase package. This information need not be stored “on” the license server 104 itself, as long as it is stored in a manner in which it is "accessible” to the license server 104 at a future time.
  • the license server 104 performs certain fraud detection checks. This step is optional in different embodiments, as indicated by the dotted line surrounding the box in Fig. 8. If performed, the fraud detection step 810 can include a check of the installation ID from the product purchase package against the installation IDs that have been stored previously on the license server for other product purchases . If a large number of purchases have been made using product purchase packages specifying the same installation ID, then it is likely that someone has altered an installation of the reader system software and is passing it around to different customers who are using it to purchase licenses. The same is true if the same license has been purchased several times from the same installation ID, or if several significantly varying reader system signatures have been stored in the license server's database in conjunction with the same installation ID. A number of other fraud detection mechanisms can also be employed. In any event, an investigation is warranted if step 810 suggests that an altered version of the reader system software might be being distributed.
  • Fig. 8 continues after step 810 with step 902 in Fig. 9, as indicated by the symbol "9" in both Figs. 8 and 9.
  • step 902 the license server 104 further encrypts the already once-encrypted security fragments (from the product registration package) using the customer's RSS as a key.
  • the key used in step 902 need not be the RSS exactly; it can be some other number which depends on the RSS. For example, it can be a digest reduction of the RSS from the customer's product purchase package. In any event, step 902 results in "double-encrypted" security fragments from the digital product.
  • step 902 the product decryption key from the product registration package is also encrypted using the customer's RSS (or a number derived therefrom) as a key. Note that in a different embodiment, either step 902 or step 904 can be omitted, although such an omission would likely reduce the security of the overall system.
  • the license server 104 assembles the product server download package, and in a step 908, it transmits the product server download package back to the reader system 106. Processing then resumes in the reader system 106 at step 514 (Fig. 5) .
  • the product server download package includes the following items:
  • Fig. 10 is a flow chart of the step 806 (Fig. 8) , in which the license server 104 processes the customer's payment information.
  • Fig. 10 illustrates the process where the customer is paying by credit card; a similar process would take place where the customer is paying with digital money or in some other payment form.
  • step 1002 the license server 104 transmits the charge information to a credit card clearing house.
  • the credit card clearing house returns either an approval code or an error.
  • step 1004 if an error was received, then the license server 104 returns an error to step 806 (Fig. 8) (Step 1006) . If an approval code was received, then in step 1008, the license server 104 credits the author's account with the amount of the approved purchase price less a commission. In step 1010, the license server 104 returns successfully to the step 806 (Fig. 8) .
  • Fig. 11 is a flow chart of the step 518 in which the reader system plays the digital product. (The terms “play”, “view” and “use” are used interchangeably herein as regards a digital product.)
  • the reader system 106 regenerates the RSS for the reader system. This step takes place using the same algorithm that was used in step 602 (Fig. 6) when the RSS was generated for preparation of the product purchase package.
  • the reader system 106 decrypts the double-encrypted security fragments using the new
  • the key used in step 1104 need not be the RSS identically; another number which depends on the RSS can be used instead. However, whatever algorithm is used to derive the key from the RSS in step 1104 should be the same as that used in step 904.
  • step 1106 the reader system 106 merges the encrypted security fragments into the encrypted product less the encrypted security fragments, thereby assembling a complete, but still encrypted, version of the digital product.
  • step 1108 the full encrypted digital product is digested using the same algorithm as was used originally by the authoring system 102 in step 414 (Fig. 4) .
  • step 1110 the reader system 106 determines whether the newly calculated digest matches the digest which was provided by the license server 104 in the product server download package. If so, then usage of the product on the reader system 106 is authorized. Flow continues with the flowchart of Fig. 12 (as indicated by the number "12" in the small circles in both Figs. 11 and 12) . If the two digests do not match in step 1110, then usage of the product on the reader system 106 is not immediately authorized. Flow continues with the flowchart of Fig. 13, as indicated by the number "13" in the small circles in both Figs. 11 and 13.
  • the current reader system signature has been confirmed to be the same as that which was used when the reader system 106 first uploaded its product purchase package in step 512 (Fig. 5) . It is also the same RSS that was used to encrypt the product decryption key as downloaded from the license server 104 to the reader system 106 in steps 908 and 514. Accordingly, in step 1202, the reader system 106 decrypts the product decryption key from the product server download package using the current RSS.
  • the actual key used to decrypt the product decryption key in step 1202 need not be identical to the current RSS, as long as it is dependent thereon, and as long as the algorithm to generate the key is the same as that which was used to generate the key with which the product decryption key was originally encrypted in step 904 (Fig. 9) .
  • step 1204 the reader system 106 decrypts the merged encrypted product using the product decryption key that was decrypted in step 1202.
  • step 1206 if the decrypted product was compressed, it is now decompressed using an algorithm complementary to that used by the authoring system in step 408 (Fig. 4) .
  • the resulting decompressed digital product is transmitted in step 1210 to an appropriate viewer. It will be appreciated that once the digital product is transmitted in step 1210 to a viewer, which may be any standard viewer appropriate to the content of the digital product, the output stream is no longer secured by the mechanisms built into the overall system as described herein. Accordingly, a step 1208 is optionally inserted between steps 1206 and 1210 of Fig. 12.
  • a fingerprint and/or a watermark is (are) inserted into the digital output stream prior to or while it is being provided to the viewer.
  • Watermarking is a technique using a visible identifier that will let the user know that he or she has been associated with this particular instance of the content . It acts primarily as a deterrent.
  • Fingerprinting embeds and hides codes into the output stream itself that are retrievable only by the author or by the licensing authority. Such codes uniquely associate the particular copy of the digital product with the individual who purchased it . Fingerprinting is used primarily for criminal prosecution and court proceedings.
  • the fingerprint is inserted in a manner which does not affect the resulting viewing experience.
  • the output stream includes CD audio
  • the fingerprint can be spread over a large number of the audio samples, either substituting for the low-order bit or modifying the low-order bit in an exclusive OR manner in each sample.
  • the data stream can be transformed into the frequency domain, modified in the frequency domain to insert the fingerprint codes, and then transformed back to the time domain.
  • steganographic techniques can be used to insert the fingerprint into the image. Steganography is described in Neil F.
  • the fingerprint to be inserted in the digital output stream should preferably be either the installation ID of the reader system 106, or the reader system signature that was generated at the time of product usage (step 1102) .
  • the output stream can also be randomly seeded to further hamper differential cryptanalysis. In this manner, if pirated copies of a digital product do begin to appear, the author of the product or the licensing authority should be able to determine the original source of the pirated copies by examining the fingerprint.
  • the reader system 106 determines that the newly generated reader system signature is not the same as that which was generated in step 602 (Fig. 6) at the time of product purchase. In an aspect of the invention, this determination does not immediately preclude usage of the product by the customer on the reader system 106. Instead, proceeding in Fig. 13, in a step 1302, the reader system 106 prepares a re-validation package.
  • the re-validation package can be the same as set forth above with respect to the product purchase package, except that the customer's payment information can be omitted.
  • the reader system 106 uploads the re-validation package to the license server 104 at the URL identified in the product broadcast package.
  • Fig. 14 The license server's operations in response to receipt of a re-validation package are set forth in Fig. 14.
  • a step 1402 it is first determined whether the RSS in the re-validation package was based on a component in the reader system 106 having external assurances of substantial uniqueness. If so, then re-validation is considered unsuccessful (step 1404) and this result is returned to the reader system 106. If the RSS in the re-validation package was not based on a component having external assurances of substantial uniqueness, then in step 1406, the license server 104 compares the new RSS from the re- validation package to the RSS previously stored accessibly to the server for the same reader system 106 (as identified by the installation ID specified in the re-validation package) .
  • the threshold can be specified as a percentage of one or the other RSS, or as a number of component signatures which differ between the two RSS's, or by a number of other different specifications . If the difference between the two RSS's does not exceed the designated threshold (step 1408) , then the re-validation is considered successful.
  • the license server 104 prepares a new product server download package using the same algorithms as set forth above with respect to Fig.
  • the license server 104 also stores the new RSS in conjunction with the installation ID specified in the re-validation package. A history of such ostensible reader system upgrades is maintained on the server 104.
  • Fig. 15 is a detail of step 1408 (Fig. 14) in which the license server 104 determines whether the difference between the two RSS ' s exceeds the threshold specified by the author in the usage parameters for the digital product.
  • the flowchart set forth in Fig. 15 represents one embodiment, in which the threshold has been specified as a percentage.
  • the server 104 calculates the weighted sum of the RSS received in the product re-validation package.
  • the server 104 makes the same calculation with respect to the RSS previously stored on the server 104.
  • the license server 106 determines whether the difference between the two calculated values exceeds the threshold specified by the author in the usage parameters. If so, then in step 1508, the routine returns to Fig. 14 affirmatively.
  • Fig. 16 is a detail of step 1408 (Fig. 14) as performed in a second embodiment, in which the upgrade drift percentage is specified as a maximum number of components whose individual component signatures can differ between the two RSS's.
  • the server 104 counts the number of components of the RSS in the re-validation package, which differ from the corresponding components of the RSS previously stored on the server 106 from the original product purchase package. If the count exceeds the predetermined drift threshold, then the routine returns affirmatively (step 1606) . If not, then it returns negatively (step 1608) . Returning to the reader system flow as illustrated in Fig.
  • step 1306 the reader system 106 receives the re-validation result. If the re-validation was unsuccessful (step 1308) , then the reader system displays an error message to the user and requests the customer to call customer service of the licensing authority (step 1310) . In this situation, automatic re-validation has failed, and manual re-validation as in step 1310 is necessary. During the call, a customer service representative can determine whether the customer's license should be extended to cover the reader system 106 as it now stands. If automatic re- validation was successful (step 1308) , then the reader system returns to step 514 (as indicated by the numeral "5" in the small circle in both Figs. 13 and 5) to store and process the new product server download package in the same manner as it processed the original product server download package received upon purchase.

Abstract

Un produit numérique est distribué librement sous forme cryptée (108) sur des voies non contrôlées. Un ou plusieurs fragments protégés du produit crypté sont retenus (102) et fournis seulement sur communication avec le serveur de licences (104). Le client utilise le logiciel lecteur (106) pour acheter une licence. Ledit logiciel (106) examine ensuite les composantes présentes sur le système lecteur pour créer une signature de système lecteur, que ledit serveur (106) utilise pour crypter la clé de décryptage du produit et les fragments protégés avant de les envoyer au système lecteur. Lorsque le client souhaite utiliser le produit, une nouvelle signature de système lecteur est générée et utilisée pour le décryptage des fragments de produit.
EP98912914A 1997-03-14 1998-03-11 Technique de gestion des droits sur des produits numeriques Withdrawn EP0968585A1 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US81813297A 1997-03-14 1997-03-14
US818132 1997-03-14
PCT/US1998/004658 WO1998042098A1 (fr) 1997-03-14 1998-03-11 Technique de gestion des droits sur des produits numeriques

Publications (1)

Publication Number Publication Date
EP0968585A1 true EP0968585A1 (fr) 2000-01-05

Family

ID=25224756

Family Applications (1)

Application Number Title Priority Date Filing Date
EP98912914A Withdrawn EP0968585A1 (fr) 1997-03-14 1998-03-11 Technique de gestion des droits sur des produits numeriques

Country Status (4)

Country Link
EP (1) EP0968585A1 (fr)
AU (1) AU6759198A (fr)
IL (1) IL131876A0 (fr)
WO (1) WO1998042098A1 (fr)

Families Citing this family (130)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH08263438A (ja) 1994-11-23 1996-10-11 Xerox Corp ディジタルワークの配給及び使用制御システム並びにディジタルワークへのアクセス制御方法
US6907407B1 (en) 1998-07-02 2005-06-14 Sharp Kabushiki Kaisha Copyright management apparatus
US6519700B1 (en) * 1998-10-23 2003-02-11 Contentguard Holdings, Inc. Self-protecting documents
US6510513B1 (en) 1999-01-13 2003-01-21 Microsoft Corporation Security services and policy enforcement for electronic data
AU2004229005B2 (en) * 1999-03-01 2006-12-14 Quark Media House Sarl Digital media asset management system and process
US20020019814A1 (en) 2001-03-01 2002-02-14 Krishnamurthy Ganesan Specifying rights in a digital rights license according to events
US6973444B1 (en) 1999-03-27 2005-12-06 Microsoft Corporation Method for interdependently validating a digital content package and a corresponding digital license
US6829708B1 (en) 1999-03-27 2004-12-07 Microsoft Corporation Specifying security for an element by assigning a scaled value representative of the relative security thereof
US7136838B1 (en) * 1999-03-27 2006-11-14 Microsoft Corporation Digital license and method for obtaining/providing a digital license
US7103574B1 (en) * 1999-03-27 2006-09-05 Microsoft Corporation Enforcement architecture and method for digital rights management
US6889208B1 (en) * 1999-04-15 2005-05-03 Victor Company Of Japan, Ltd. Contents sale system
US6922781B1 (en) 1999-04-30 2005-07-26 Ideaflood, Inc. Method and apparatus for identifying and characterizing errant electronic files
JP2000330783A (ja) * 1999-05-20 2000-11-30 Nec Corp ソフトウェア不正コピー防止システムおよびソフト不正コピー防止プログラムを記録した記録媒体
JP2003501745A (ja) * 1999-06-05 2003-01-14 パク,ヒョ− ジョ−ン 独立的ディジタル商品登録サーバーを利用したディジタル商品使用権管理システム
AU5334500A (en) * 1999-06-07 2000-12-28 Firepad, Inc. Method and system for preventing the unauthorized use of software
US7197144B1 (en) 1999-06-08 2007-03-27 Ethos Technologies, Inc. Method and apparatus to authenticate a user's system to prevent unauthorized use of software products distributed to users
AU5328900A (en) * 1999-06-08 2000-12-28 Ethos Technologies, Inc. Protection against unauthorized use of software products
US6938154B1 (en) 2000-06-19 2005-08-30 Xerox Corporation System, method and article of manufacture for a cryptographic key infrastructure for networked devices
GB9916212D0 (en) * 1999-07-09 1999-09-15 Simmons Douglas M A system and method for distributing electronic publications
JP2001092721A (ja) 1999-09-17 2001-04-06 Fujitsu Ltd コンテンツ利用制御装置、コンテンツ利用制御システムおよびコンテンツ利用制御プログラムを記録したコンピュータ読み取り可能な記録媒体
US8311946B1 (en) 1999-10-15 2012-11-13 Ebrary Method and apparatus for improved information transactions
US7536561B2 (en) 1999-10-15 2009-05-19 Ebrary, Inc. Method and apparatus for improved information transactions
JP3934941B2 (ja) * 1999-11-30 2007-06-20 三洋電機株式会社 記録装置
EP1237323A4 (fr) * 1999-12-07 2005-09-07 Sanyo Electric Co Dispositif de reproduction de donnees
US6792113B1 (en) 1999-12-20 2004-09-14 Microsoft Corporation Adaptable security mechanism for preventing unauthorized access of digital data
US6832230B1 (en) * 1999-12-22 2004-12-14 Nokia Corporation Apparatus and associated method for downloading an application with a variable lifetime to a mobile terminal
US6789188B1 (en) * 2000-02-07 2004-09-07 Koninklijke Philips Electronics N.V. Methods and apparatus for secure content distribution
SG97852A1 (en) 2000-02-25 2003-08-20 Kent Ridge Digital Labs Method and apparatus for digital content copy protection
US7249105B1 (en) * 2000-03-14 2007-07-24 Microsoft Corporation BORE-resistant digital goods configuration and distribution methods and arrangements
EP1139196B1 (fr) * 2000-03-30 2007-10-10 Siemens Aktiengesellschaft Procédé et système d'activation d'un fichier de données cryptées
EP1338943A3 (fr) * 2000-03-30 2006-09-27 Siemens Aktiengesellschaft Procédé pour activer un fichier de données dans un système de navigation
US6636966B1 (en) * 2000-04-03 2003-10-21 Dphi Acquisitions, Inc. Digital rights management within an embedded storage device
DE60134842D1 (de) * 2000-04-11 2008-08-28 Thomson Licensing Vorrichtung zum sicheren speichern geheimer informationen
US20020032664A1 (en) * 2000-04-28 2002-03-14 Tatsuhiko Ikuta Accounting system, accounting method, content executing device, accounting monitoring device, accounting control device and recording medium
US7051199B1 (en) 2000-06-19 2006-05-23 Xerox Corporation System, method and article of manufacture for providing cryptographic services utilizing a network
US6990468B1 (en) 2000-06-19 2006-01-24 Xerox Corporation System, method and article of manufacture for cryptoserver-based auction
US6754821B1 (en) 2000-06-19 2004-06-22 Xerox Corporation System, method and article of manufacture for transition state-based cryptography
US7421583B1 (en) 2000-06-19 2008-09-02 Xerox Corp System, method and article of manufacture for determining a price of cryptograph IC services based on a computational burden thereof
AU2001271704A1 (en) * 2000-06-29 2002-01-14 Cachestream Corporation Digital rights management
CN1386226A (zh) * 2000-07-11 2002-12-18 松下电器产业株式会社 内容流通系统的控制方法及其系统
EP1189432A3 (fr) * 2000-08-14 2004-10-20 Matsushita Electric Industrial Co., Ltd. Un schéma hiérarchique d'encryption pour la distribution sûre de contenu prédéterminé
GB2366162A (en) * 2000-08-15 2002-02-27 Chargenet Ltd Controlling access to a telecommunicated data file
EP1184771B1 (fr) * 2000-08-24 2004-08-04 Wibu-Systems AG Méthode et dispositif de protection de logiciels d'ordinateur et/ou données lisibles par un ordinateur
AU2001286992A1 (en) * 2000-08-30 2002-03-13 Hrl Laboratories, Llc Method and apparatus for facilitating data subscription services
AU2001285265A1 (en) * 2000-09-12 2002-03-26 Aladdin Knowledge Systems, Ltd. System for managing rights and permitting on-line playback of digital content
KR20080106594A (ko) 2000-09-12 2008-12-08 소니 가부시끼 가이샤 정보 처리 장치, 전자 기기, 정보 처리 방법 및 기록 매체
GB2366969A (en) 2000-09-14 2002-03-20 Phocis Ltd Copyright protection for digital content distributed over a network
US7039615B1 (en) 2000-09-28 2006-05-02 Microsoft Corporation Retail transactions involving digital content in a digital rights management (DRM) system
GB2368245A (en) * 2000-10-17 2002-04-24 Mode Internat Ltd Distribution system for digital works with associated metadata
US7373391B2 (en) 2000-10-24 2008-05-13 Seiko Epson Corporation System and method for digital content distribution
US6889209B1 (en) * 2000-11-03 2005-05-03 Shieldip, Inc. Method and apparatus for protecting information and privacy
US6898286B2 (en) * 2000-12-19 2005-05-24 International Business Machines Corporation Method and system verifying product licenses using hardware and product identifications
JP3970040B2 (ja) 2001-01-31 2007-09-05 株式会社ソニー・コンピュータエンタテインメント コンピュータシステム及びその使用方法
GB0103119D0 (en) * 2001-02-08 2001-03-28 Comodo Technology Dev Ltd Improvements in and relating to software modification
AU1547402A (en) * 2001-02-09 2002-08-15 Sony Corporation Information processing method/apparatus and program
JP2002244927A (ja) * 2001-02-16 2002-08-30 Matsushita Electric Ind Co Ltd データ配布システム
EP1440438A1 (fr) * 2001-05-18 2004-07-28 Valentin Alexandrovich Michtchenko Procede d'enregistrement, de distribution et de reproduction des informations enregistrees sur un support d'enregistrement de donnees
US8275716B2 (en) 2001-05-31 2012-09-25 Contentguard Holdings, Inc. Method and system for subscription digital rights management
US6876984B2 (en) 2001-05-31 2005-04-05 Contentguard Holdings, Inc. Method and apparatus for establishing usage rights for digital content to be created in the future
US6895503B2 (en) 2001-05-31 2005-05-17 Contentguard Holdings, Inc. Method and apparatus for hierarchical assignment of rights to documents and documents having such rights
WO2002101494A2 (fr) * 2001-06-07 2002-12-19 Contentguard Holdings, Inc. Systeme de distribution de contenu protege
GB2379295A (en) 2001-08-31 2003-03-05 Sony Uk Ltd A system for distributing audio/video material to a potential buyer
GB2379299B (en) * 2001-09-04 2006-02-08 Imagination Tech Ltd A texturing system
ES2309194T3 (es) * 2001-10-12 2008-12-16 Koninklijke Philips Electronics N.V. Metodo y sistema para la distribucion segura de contenidos.
US20030084332A1 (en) * 2001-10-26 2003-05-01 Koninklijke Philips Electronics N.V. Method for binding a software data domain to specific hardware
US20040255134A1 (en) * 2002-02-27 2004-12-16 Harutoshi Miyamoto Host device
GB0205047D0 (en) * 2002-03-05 2002-04-17 Bitarts Ltd Protecting computer software
AU2003243187A1 (en) 2002-05-02 2003-11-17 Shieldip, Inc. Method and apparatus for protecting information and privacy
US7065787B2 (en) 2002-06-12 2006-06-20 Microsoft Corporation Publishing content in connection with digital rights management (DRM) architecture
US7152243B2 (en) * 2002-06-27 2006-12-19 Microsoft Corporation Providing a secure hardware identifier (HWID) for use in connection with digital rights management (DRM) system
NO20023860D0 (no) * 2002-08-14 2002-08-14 Sospita As Fremgangsmåte for å generere og prosessere dataströmmer som inneholder krypterte og dekrypterte data
US7979700B2 (en) 2002-08-23 2011-07-12 Sandisk Corporation Apparatus, system and method for securing digital documents in a digital appliance
US20040039932A1 (en) * 2002-08-23 2004-02-26 Gidon Elazar Apparatus, system and method for securing digital documents in a digital appliance
US9038096B2 (en) 2002-10-03 2015-05-19 Nagra France Sas System and method of adaptive and progressive descrambling of digital image content
US8695029B2 (en) * 2002-10-03 2014-04-08 Nagra France System and method of adaptive and progressive descrambling of streaming video
US7370017B1 (en) 2002-12-20 2008-05-06 Microsoft Corporation Redistribution of rights-managed content and technique for encouraging same
FR2850515B1 (fr) 2003-01-23 2005-07-01 Medialive Procede et systeme adaptatif et progressif de distribution securisee d'images fixes codees en ondelettes
EP1609048A4 (fr) 2003-03-27 2009-01-14 Milsys Ltd Dispositif de stockage de donnees presentant un acces complet pour tous les utilisateurs
FR2854019B1 (fr) 2003-04-16 2005-09-16 Medialive Embrouillage, desembrouillage et distribution securisee de sequences audiovisuelles issues de codeurs videos bases sur un traitement par ondelettes
EP1471406A1 (fr) * 2003-04-25 2004-10-27 Culture.com Technology (Macau) Ltd Procédé de vérification d'autorisation d'utilisation d'un livre électronique sur une plateforme d'information
FR2854531B1 (fr) 2003-05-02 2007-01-05 Medialive Procede et systeme pour securiser l'embrouillage, le desembrouillage et la distribution de sequences visuelles vectorielles
US20040267645A1 (en) * 2003-06-24 2004-12-30 Pekka Pollari Method and corresponding equipment enabling billing for use of applications hosted by a wireless terminal
US7761921B2 (en) * 2003-10-31 2010-07-20 Caterpillar Inc Method and system of enabling a software option on a remote machine
JP4731111B2 (ja) 2003-11-19 2011-07-20 パナソニック株式会社 マルチメディア型コンテンツの再生装置および再生方法、ならびにそれに用いられるデータが格納された記録媒体
ATE368883T1 (de) * 2003-12-15 2007-08-15 Mobile Integrated Solutions Lt Verfahren zum beschränken der wiederverteilung von lizensierten dateien in einem digitalen mobilfunksystem
KR20070006691A (ko) * 2004-01-20 2007-01-11 코닌클리케 필립스 일렉트로닉스 엔.브이. 생체측정 워터마크를 이용한 컨텐트 보호 방법 및 장치
JP4740157B2 (ja) 2004-02-03 2011-08-03 サンディスク セキュア コンテンツ ソリューションズ インコーポレイテッド デジタルデータコンテンツの保護
US7676846B2 (en) * 2004-02-13 2010-03-09 Microsoft Corporation Binding content to an entity
BRPI0400265A (pt) 2004-03-10 2006-02-07 Legitimi Ltd Sistema de controle de acesso a serviços de informação baseado em assinatura de hardware e software do dispositivo solicitante
FR2868654B1 (fr) * 2004-04-06 2007-06-22 Medialive Procede et systeme de diffusion securisee de flux audiovisuels proteges a un groupe dynamique de recepteurs
US20060080702A1 (en) * 2004-05-20 2006-04-13 Turner Broadcasting System, Inc. Systems and methods for delivering content over a network
KR100601706B1 (ko) * 2004-10-15 2006-07-18 삼성전자주식회사 Drm 시스템에 있어서 시스템 키를 공유하고 생성하는방법 및 장치
US8347078B2 (en) 2004-10-18 2013-01-01 Microsoft Corporation Device certificate individualization
US8336085B2 (en) 2004-11-15 2012-12-18 Microsoft Corporation Tuning product policy using observed evidence of customer behavior
ES2638553T3 (es) 2004-12-01 2017-10-23 Amadeus S.A.S. Método para validar un sistema informático de confianza
WO2006077546A2 (fr) * 2005-01-24 2006-07-27 Koninklijke Philips Electronics N.V. Phase d'enregistrement
EP1844418B1 (fr) 2005-01-24 2013-03-13 Koninklijke Philips Electronics N.V. Partage de propriete privee et commandee
US7840564B2 (en) 2005-02-16 2010-11-23 Ebrary System and method for automatic anthology creation using document aspects
US9436804B2 (en) 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan
US9363481B2 (en) 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
FR2887097A1 (fr) * 2005-06-14 2006-12-15 France Telecom Procede de protection d'un code-source en langage semi-interprete
US7433869B2 (en) 2005-07-01 2008-10-07 Ebrary, Inc. Method and apparatus for document clustering and document sketching
DE102005039207A1 (de) * 2005-08-18 2007-03-15 Siemens Ag Verfahren zum Nutzen eines Programms und zugehörige Einheiten
US8087092B2 (en) 2005-09-02 2011-12-27 Uniloc Usa, Inc. Method and apparatus for detection of tampering attacks
US7987362B2 (en) 2005-09-12 2011-07-26 Uniloc Usa, Inc. Method and apparatus for using imperfections in computing devices for device authentication
EP1783635A1 (fr) * 2005-11-07 2007-05-09 Thomson Licensing S.A. Procédé et système pour la distribution de contenus multimédias
US8078788B2 (en) 2005-12-08 2011-12-13 Sandisk Technologies Inc. Media card command pass through methods
EP1857951A1 (fr) * 2006-05-18 2007-11-21 Vodafone Holding GmbH Procédé de gestion du contenu numérique, unité de gestion et dispositif d'interprétation
US8839005B2 (en) 2006-09-13 2014-09-16 Sandisk Technologies Inc. Apparatus for transferring licensed digital content between users
FR2912529A1 (fr) * 2007-02-13 2008-08-15 France Telecom Couplage d'un programme informatique ou de donnees a un systeme de reference et verification associee.
CN101681408B (zh) 2007-05-22 2013-09-18 爱迪德有限责任公司 数据安全性
GB0717587D0 (en) * 2007-09-10 2007-10-17 Mediares Ltd Systems and methods relating to encryption and decryption
US8160962B2 (en) 2007-09-20 2012-04-17 Uniloc Luxembourg S.A. Installing protected software product using unprotected installation image
US9032154B2 (en) 2007-12-13 2015-05-12 Sandisk Technologies Inc. Integration of secure data transfer applications for generic IO devices
TWI461954B (zh) * 2008-01-18 2014-11-21 Hon Hai Prec Ind Co Ltd 電子文檔保護系統及方法
JP5121542B2 (ja) * 2008-04-09 2013-01-16 キヤノン株式会社 アプリケーションパッケジング装置、その制御方法、プログラム
EP2184695A1 (fr) * 2008-11-10 2010-05-12 Siemens Aktiengesellschaft Procédé destiné à combiner des données à l'aide d'un dispositif destiné au traitement des données, fonctionnalité correspondante destinée à l'exécution des différentes étapes du procédé et programme informatique destiné à intégrer le procédé
JP4692652B2 (ja) 2009-02-18 2011-06-01 コニカミノルタビジネステクノロジーズ株式会社 ライセンス管理システム、ライセンス管理コンピュータ、ライセンス管理方法およびライセンス管理プログラム
US8959653B2 (en) * 2009-03-31 2015-02-17 Blackberry Limited Automatic license key injection
US9633183B2 (en) 2009-06-19 2017-04-25 Uniloc Luxembourg S.A. Modular software protection
EP2309407B1 (fr) * 2009-09-22 2020-02-26 Amadeus S.A.S. Procédé de sécurisation de la communication d'un fichier numérique via un réseau de communication
US20110093503A1 (en) * 2009-10-19 2011-04-21 Etchegoyen Craig S Computer Hardware Identity Tracking Using Characteristic Parameter-Derived Data
US8316421B2 (en) * 2009-10-19 2012-11-20 Uniloc Luxembourg S.A. System and method for device authentication with built-in tolerance
GB2484268A (en) 2010-09-16 2012-04-11 Uniloc Usa Inc Psychographic profiling of users of computing devices
US20120095877A1 (en) 2010-10-19 2012-04-19 Apple, Inc. Application usage policy enforcement
US9449324B2 (en) * 2010-11-11 2016-09-20 Sony Corporation Reducing TV licensing costs
US9811827B2 (en) 2012-02-28 2017-11-07 Google Inc. System and method for providing transaction verification
ES2462398B1 (es) * 2012-10-18 2015-04-13 Navista S.A.R.L. Método para limitar y asegurar la operatividad y funcionamiento de un programa de ordenador única y exclusivamente con el equipo informático donde se instala
ITUB20155127A1 (it) * 2015-10-16 2017-04-16 Morphcybersystems S R L S Un metodo per identificare univocamente un dispositivo e per gestire aggiornamenti del firmware e dell'hardware attraverso un codice criptato
DE102016009439A1 (de) * 2016-08-03 2018-02-08 Giesecke+Devrient Mobile Security Gmbh Individuelles Verschlüsseln von Steuerbefehlen

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5530757A (en) * 1994-06-28 1996-06-25 International Business Machines Corporation Distributed fingerprints for information integrity verification
US5613004A (en) * 1995-06-07 1997-03-18 The Dice Company Steganographic method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO9842098A1 *

Also Published As

Publication number Publication date
IL131876A0 (en) 2001-03-19
AU6759198A (en) 1998-10-12
WO1998042098A1 (fr) 1998-09-24

Similar Documents

Publication Publication Date Title
WO1998042098A1 (fr) Technique de gestion des droits sur des produits numeriques
US11366878B2 (en) Method and apparatus for delivering encoded content
KR100798199B1 (ko) 데이터 처리 장치, 데이터 처리 시스템, 및 데이터 처리방법
US7270193B2 (en) Method and system for distributing programs using tamper resistant processor
KR100467929B1 (ko) 디지털 컨텐츠의 보호 및 관리를 위한 시스템
US7480802B2 (en) License-based cryptographic technique, particularly suited for use in a digital rights management system, for controlling access and use of bore resistant software objects in a client computer
KR100611740B1 (ko) 핑거프린트 기반 불법복제 콘텐츠 추적 시스템 및 그 방법
US6801999B1 (en) Passive and active software objects containing bore resistant watermarking
US20060149683A1 (en) User terminal for receiving license
US6684198B1 (en) Program data distribution via open network
US20120072731A1 (en) Secure and efficient content screening in a networked environment
JP2004520755A (ja) デジタルコンテンツの保護及び管理のための方法並びにこれを利用したシステム
CA2426425A1 (fr) Procede et appareil destines a proteger les informations et les renseignements personnels
JP2004193843A (ja) コンテンツ配信装置、コンテンツ配信方法、コンテンツ配信プログラムおよびコンテンツ再生装置、コンテンツ再生方法、コンテンツ再生プログラム
JPH07131452A (ja) ディジタル情報保護方法及びその処理装置
US20070239617A1 (en) Method and apparatus for temporarily accessing content using temporary license
JPH1131130A (ja) サービス提供装置
JPH09282155A (ja) 暗号認証機能の装備方法
EP1471405A1 (fr) Procede et systeme de protection des informations contre l'utilisation non autorisee
KR100773963B1 (ko) 핑거프린팅 관리 시스템 및 핑거프린트 코드 전달 방법
JP2004318448A (ja) コンテンツ保護機能付き端末装置
JP2004303107A (ja) コンテンツ保護システム及びコンテンツ再生端末
JP2000324329A (ja) コンテンツid付与システム
JP2004110277A (ja) コンテンツ配信管理方法、装置、およびプログラム
JP2004153476A (ja) コンテンツ配信装置、コンンテンツ配信方法およびコンテンツ配信プログラム

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 19991007

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LI NL SE

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20031001