TWI268080B - Method and system for session based watermarking of encrypted content - Google Patents

Abstract

A method and apparatus applies a variety of session based watermarks in real-time to content that is streamed from a server towards a client. The invention employs content where differing targeted portions are selectively encrypted, such that other portions remain in the clear (unencrypted). Session information, such as an intended client, end-user, operator of a content server, content owner, and the like, may be used to generate the various watermarks. The watermarks may also be digitally signed and/or encrypted. The watermarks may be applied to the portions of the clear content as the content is streamed towards the client. In one embodiment, a bridge server is configured to modify packets of streaming media data files with the variety of watermarks. In another embodiment, the content server for the streaming media data includes a plug-in component that dynamically modifies the packets of streaming media data files with the variety of watermarks.

Description

1268080 IX. Description of the invention: C rhyme ^ Minghu genus control: Na ^ Beiqi ^ 2 Deng Ming's antagonistic scorpion Μ This invention is generally related to the prevention of digital piracy, and more specifically, the invention is Techniques for dynamically utilizing watermark markers to modify serially targeted selective encrypted content. ί: Prior Art 3 The technical background of the Internet The development of the Internet has created a great opportunity for the sharing of digital information. In recent years, audio and video digital information in the form of streaming media has been widely available on the Internet, thereby increasing the popularity of the Internet.

Streaming media is an Internet data transfer technology that allows end-users to view and listen to audio and video information without the need for lengthy downloads for 15 days. The host or source will stream the small information packets on the Internet to end users who can access the content as soon as they receive the content. Typically, 20 in the case of large streaming media data files, temporary files cannot be generated on the end user device. Conversely, small stream media information packets are typically cached in the buffer of the end user device and are quickly discarded after the information has been viewed or heard. Many businesses, #人, and individuals post copyrighted material on the Internet daily in streaming media. In essence, anyone who can use a personal computer can read, copy, edit, and even repost the streaming media files they have obtained from the Internet. Unfortunately, every 5 1268080 5 10 authorizes a large number of copies of copyright-protected string-poor files. This digital media piracy problem is growing. This, in turn, leads to the disclosure of the present invention because it is possible to unauthorize streaming media material __:users, which are often quite difficult to determine the digital media problem. The application of the present invention is based on the fact that on January 9, 2004, the application of the case 535, 357 claims priority, and the law is 35U.SC §li9(e), the US case is based on the prescription Explain. The method is incorporated into the present invention.

20 containing .ttr dew - a system for propagating content on a network, its package, ... and configured to perform the following actions - a client device. And providing a dialog associated with the request 'X today, the following actions - a computer computing device: receiving and synthesizing the message; the pair of parts associated with the scorpion 6 is maintained as at least a portion of the content, wherein at least a portion of the content is - water: (four); at least partially According to = and when the unencrypted portion is streamed to the client device, (4) is applied to at least the portion of the secret content. ‘(四)海不加

6 1268080 The following is a non-limiting and not exhaustive embodiment of the invention. In the drawings, the same element numbers indicate the same elements unless otherwise specified. In order to more clearly understand the present invention, the following description of the present invention will be described with reference to the drawings, in which: FIG. 1 is a functional block diagram showing a An embodiment of the environment; Figure 2 illustrates an embodiment of a server device that can be used in a system embodying the present invention; 10 Figure 3 illustrates content functional components in various stages of the progress of the present invention. An embodiment; and FIG. 4 is a logic flow diagram that generally illustrates an embodiment of a program for selectively pre-encrypting a conversational watermark on a content for a government object in accordance with the present invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT OF THE INVENTION The present invention will be described more fully hereinafter with reference to the accompanying drawings. However, the present invention may be embodied in many different forms, and should not be construed as being limited to the embodiments disclosed herein. Instead, the present invention is provided to provide a more complete and more complete description of the present invention. The embodiments, and the examples, will convey the subject matter of the present invention to those skilled in the art. Furthermore, the invention can be embodied as a method or apparatus. Thus, the invention can be in the form of a complete hardware embodiment, or can be a complete software embodiment 7 1268080. The following detailed description may be a detailed description of the implementation of the combined software and hardware, and thus is not limiting. The present invention is generally related to a method for instantly applying a conversational style to a content streamed from a server to a client. The invention applies to the fact that different target parts have been selectively encrypted, and the other parts of the content can be maintained as "pure (in the C (ie unencrypted). Included with the intended content server, terminal

10 Let =, the content server operator, the content owner, etc. associate information: 3 = to generate at least one unique watermark. When the client stream is in phase, the watermark can be applied to a portion of the pure content. The far watermark can then be used to track the source of the content, ownership of the content, unsuitable access to the content, uncomfortable modification of the content, and the like. In one embodiment, a watermark marker bridge can be configured to modify the packets of the streaming content for different types of live watermarks. In another 15

In one embodiment, the content server of the streaming content includes a watermarking tagging component that dynamically utilizes at least one conversational watermark to modify the in-stream valley packet. Additionally, at least a portion of the watermark may be encrypted and/or a digital signature has been obtained. The verification and/or non-repudiation of the watermark can be further enabled during the debate analysis process. Moreover, by applying a watermark to the content at a feeding end, rather than a client, the present invention can actually reduce the need for a trusted watermarking client. CREATIVE CIRCUIT DIAGRAMS Figure 1 is a functional block diagram showing an embodiment of an operating environment 100 for implementing the present invention. The operating environment 100 is only an example of a suitable environment for the environment, and is not intended to imply any limitation as to the scope of the invention and its merits. Accordingly, other known environments and configurations may be utilized without departing from the spirit or scope of the invention. As shown in the figure, the work environment 100 includes a content server 102, a watermarked bridge 104, a network 105, and clients 106-108. The network 105 communicates with the watermark marker bridge 104 and the clients 1〇6 to 1〇8. Watermark tag bridge 104 is in turn in communication with content server 102.

The inner valley servo 102 essentially includes any computer computing device that is configured for use by the manufacturer, developer, and/or owner of the content of the client device 106 to 108. Such content includes but is not limited to dynamic movies, %~, video, music, paid programs (pay pe "V|ew, ppv", video on demand (voD), interactive media, audio, static Images, text, graphics, and other forms of digital content that may be distributed to users of client devices (e.g., 15 client devices 106-108). For example, one of a plurality of different streaming mechanisms may be utilized to authenticate a requesting client. The device device streams the content. The content server 102 can also be configured for use by a company, system, etc. that obtains rights from the content owner to copy and distribute the content. The content server 1G2 can be obtained from - Or the right of the owner to copy and distribute. The content feeder 102 can repackage, store, and schedule the content to post-sell, distribute, and provide other content providers or the like to the client device gamma (10). Authorization. Therefore, although the heart is not 20 9 ^68080, the content server 1〇2 can receive content from one "upstream.” 5 10 15 20 The content servo 11 1G2 can be configured as Can receive From the client device (10) to 1G8), the request for the content is requested, and the requesting client device streams the content. In an embodiment, the content = the decrementable target She pre-encrypts the 'step as described.' In another embodiment, the content server 102 can selectively encrypt at least some of the content, such as a client, before the broadcaster occupies the client device stream (4). The device ι 〇 6 * * * * 例 例 例 例 例 例 例 例 例 当 当 当 当 当 当 当 当 当 当 当 当 当 当 当 当 当 当 当 当 当 内容 内容... devices that operate like a content server (10) include personal computers, desktop computers, multi-processor systems, microprocessor-based or programmable consumer electronics, network PCs, servers, and the like. The set of 104 packets can receive the stream content, for example, the server 102 receives the stream content, and dynamically corrects the stream content by causing at least the watermark stream content to be partially modified. The watermark marker bridge 104 is applied to receive the watermark to selectively encrypt the content. The watermark marker bridge 104 can then request the client to perform a watermark to mark the streamed content of the stream. The households 106 to 108. The watermark marker bridge 104 can additionally cry 102 women... a user, content owner , content server: $ - person and other information ' and apply at least some of the received information to produce X printing ^ 6 own. The watermarking bridge 1G4 can be further configured to apply a plurality of different watermarking mechanisms to enable the at least one watermark to be included in the streaming content. The device functions as a watermark marker bridge 1 () 4, including a wafer type production system, a personal computer 4, a desktop computer, a multi-processor system, a micro-location, or a programmable electronic device. Network %, applications in the health device, and more. Thus, in an embodiment, the watermark marker bridge 1 〇 4 pack 1 memory, storage device, transceiver component, and group constitute a processor that can execute the application. Furthermore, although the watermark mark bridge 1〇4 is shown as being separate from the content server 102 in Fig. 1, the present invention is not limited thereto. For example, the watermarked bridge 1G4 can be included in the content server 1() 2 as an external plug. |^牛, application, chip, board, etc. Therefore, a more detailed description of the watermarking component in the Langer device will be described in more detail below. Furthermore, the watermarking bridge, 1〇4 (and/or watermarking) can be configured to reside in a checkable and trusted environment. The network 1G5 can be configured to enable the -f brain computing device to be combined with another metering device to enable them to communicate. The network W5 will be enabled to apply any form of computer readable media for transferring information from the electronic device to another shelf. Similarly, the network 1〇5 includes a wireless interface and/or a 20 wired interface, such as an Internet other than a local area network (LAN) and a wide area network (WAN), such as through a universal serial bus (us) B) Direct link to the communication port, other forms of computer readable media, or any combination of these. On a set of interconnected LANs, including UN according to different architectures and protocols, a route 1 § will act as a link between the LANs, thereby enabling messages to be sent from one pass 11 1268080 5 10 15 20 to another LAN. . Similarly, communication links in a LAN typically include twisted pair or coaxial cable, and communication links between the networks can utilize analog telephone lines, complete or partial dedicated digital lines including ΤΙ, T2, T3, and T4, Integrated Services Digital Network (ISDN), Digital Subscriber Line (DSL), wireless links including satellite links, links to a variety of different standards, including IEEE 8〇2.1ia, 802.11g, Ub, or well-known artisans Any other wanted links known. Furthermore, the remote computer and other related electronic devices can be connected to the _ or coffee via the data machine and the temporary secret. Essentially, network 105 includes any communication mechanism for communicating information between client devices 106-108 and content server 102. As mentioned above, the heart-in-the-scale scale towel ride _ (four) system shows ί second-line reading media 'that is communication media. In general, a computer can include any medium that can be accessed by a computer computing device. Computer-renewable media, including computer storage media, communication media, etc., typically embody computer readable instructions, data structures, 4 or other information that modulates data signals, such as carrier, secondary == transmission mechanisms, and includes Any information delivery; ...... 唬 唬 includes γ γ changes with - or several feature groups to compile the information, instructions, data = Γ in #, communication media including wired media, such as twisted pair, H domain, Materials, as well as its wealth, such as infrared, and other non-linear / line media, network 1 () 8 # f includes (four) on the network (such as road drop another - she receives (four) any computer computing 12 1268080 Devices, such as from content server 102, watermark flag bridge 104, etc. Client devices to port 8 also include any computer computing device capable of receiving content for other mechanisms of application, including but not limited to CD, DVD, tape Electronic memory devices, etc. These devices include devices that are typically connected by a wired communication medium, such as a personal computer, a multi-processor system, a microprocessor or a programmable device, or a network. PCs, etc. Such devices also include devices that are typically connected using wireless communication media, such as cellular and personal, telepresence phones, call states, portable wireless transmitters, radio frequency (RP:) devices, and infrared (IR) devices. , CB, integrated device 10 incorporating one or more of the aforementioned devices, etc. Client devices 106-108 are also any devices that can be connected using wired or wireless communication media, such as PDAs, palmtop computers, wearable air brains, and Any other device that is equipped to receive and play content on wired and/or wireless communication media. 15

20, 衣一——二丄...-吼傅μ enables the end user to request content, a client that can receive the content, and can play the content. The client also provides other actions, including but not limited to: enabling other components of the client to perform, enabling the interface with another user. *Setting, terminal, therefore, 'client devices 106 to 108 can apply a variety of different devices: any kind of enjoy the content' including but not limited to: computer display system, : communication system, jukebox, set-top box (STB) , TV, video display device:. The 'client devices 106-108 may include a voD media player that is configured to receive the in-line nurturing packets. The client device homing to 1 〇 8 can apply the VoD media player (and/or another slap) to process the 13 1268080 hex packet in the stream to convert them into sound and/or images. Clients ι devices 106 through 108 can also be configured to treat streaming content as a fixed stream = supply a program (not shown) for the end user to convert the content into a sound or picture. 5* household equipment 1% to 1 (38 may additionally receive the content as a target selective addition content, and thus the content must be decoded first to enjoy the content. Therefore, in an embodiment, the client device 1〇6 to 1 〇8 includes an application that constitutes a selectively encrypted content for the target. (1)

Mil Compound Brain Computing Device 10 FIG. 2 shows an embodiment of a computer computing device in accordance with an embodiment of the present invention. In addition to the components shown, computer computing device 2A can include more components. However, the components that have been shown are sufficient to disclose illustrative embodiments for implementing the invention. For example, computer computing device 2 can represent another 15 embodiment of a content server having one of the watermark tag plug-in components. The computer-counting device 200 includes a processing unit 212, a video display adapter 214, and a large memory that are all in communication with each other through the bus bar 222. The large memory generally includes a RAM 216, a ROM 232, and one or more permanent large storage devices such as a hard disk drive 228, a tape drive, a compact disc drive, and a floppy disk drive. The large memory stores an operating system 220 for controlling the operation of the computer computing device 2 . Any general purpose operating system can be applied. A basic input/output system ('Bi〇s〃) 218 is also provided to control the low-level operation of the computer computing device 200. As shown in Fig. 2, the computer computing device 2Q0 is also configured through the network interface unit 21 (which is constructed in conjunction with the 14 1268080 alpha different combinations including the Tcp/Ip protocol) and the Internet or a certain Some other communication networks (such as the network 105 shown in FIG. 1) are used to communicate: the face unit 210 is sometimes referred to as a transceiver, transceiver, or network interface card 5 as described above. Another type of computer readable medium, namely a computer storage medium. Computer-based media includes power-dependent, non-electrical, removable/, and non-removable media that can be stored by any method or technology, such as computer readable instructions, data structures, and program modules. Or other information. Examples of computer storage media include _, coffee, 10 EEPR0M, flash memory or other memory technology, cd_r〇m, digital versatile disc (DVD) or other optical storage, magnetic card maker, tape, magnetic disc storage Body or other magnetic storage device, or any other medium that can be used to store the desired information and can be accessed by a computer computing device. The computer computing device 2GG also includes a 15 SMTP processing routine application for transmitting and receiving emails, a processing routine application for receiving and processing Ηπρ requests, and a processing routine application for processing secure links. The HTTPS processing routine application can initiate communication with external applications in a secure manner. The computer-counting device 200 also includes a 2-inch input/output interface 224 for communicating with external devices, such as a mouse, keyboard, scanner, or other input device not shown in FIG. Similarly, computer computing device 2 includes additional large storage devices such as CD-ROM/DVD-ROM drive 226 and hard drive 228. The hard disk drive 228 can be used to store applications, databases, client device configuration information, policy guidelines, and the like. 15 1268080 This large memory also contains code and data. The - or several applications 250 will be loaded into the large memory and bound in the operating system 22A. Examples of applications include, but are not limited to, transcoding programs, scheduling programs, calendar programs, database programs, word processing programs, Ηπρ程5, audio players, video players, V〇D players, decoding Device, decryptor, PPV player, interface program connected to STB, interface program connected to TV, video camera, etc. The large storage also includes applications such as a dialog manager (SM) 252, a content store 254, and a watermark tag plugin 256. 1 The SM 252 group can be configured to manage a request for content from a client device. Accordingly, the SM 252 can receive the request, find the content, and provide the content to a watermarking component, such as a watermarking tag 256, a watermarking bridge, and the like. The SM 252 may additionally receive dialog information such as an expected client device, an end user, an identifier of the 15 content server operator, a content identifier of the content owner, and the like. The SM 252 can then provide the dialog information to the watermarking component for generating a watermark. The SM 252 also receives content from an upstream provider. In an embodiment, the received content is selectively pre-encrypted. The SM 252 can then store the target selective pre-encrypted content in the content store 254. In another embodiment, the SM 252 group can be configured to receive unencrypted content and perform targeted selective encryption of the content. For example, S (Vj 252 can view, parse, and selectively encrypt different target portions of the content. In an embodiment, when the content is received and/or when the content is provided for the watermarked component 16 1268080 The SM 252 can instantly selectively encrypt the scheme of the content σ of the content. However, the heart 52 is not limited to the target selection of the ten-plus, and substantially, without substantially departing from the spirit or scope of the present invention, The application applies any other mechanism that can encrypt portions of the content. A content store 254 essentially includes any group of components that can store and retrieve content (including files, databases, applications, data, etc.). Record 10 15 20 The 256 sets of watermark mark plug-in programs can be formed before the transfer to the household machine (4) string (9) money for watermark mark. Water special record... operation is substantially similar = 1〇4 operation. For example, the watermark has been bridged to the external plug-in 256 When the application dialog information is used to stream the content to the request client, the dialog watermark includes the instant The watermark is marked with the watermark. The one-foot print plug-in 256 can select and apply various watermark marks to the purely clean portion of the content. As will be described below with reference to FIG. 3, the watermark mark plug-in 256 can utilize different Encrypting and/or digitally signing a watermark in a secret key used to encrypt/undo the key of the content. The watermarking cryptographic keys are typically unknown and unavailable to the requesting client, Therefore, the watermark mark can be protected from tampering or swearing attack, and the verification and/or non-repudiation of the watermark mark can be enabled when the content is debated and analyzed. Therefore, the client device cannot solve the problem. Watermark mark. In an embodiment, the cryptographic key is a symmetric key; under the condition of 12 1268080, it can also be used without symmetrical key without departing from the spirit or scope of the present invention. The watermark mark plug-in program is displayed as a computer-isolator 200-', plug-in program" application program, the invention is not limited, the system is not limited to the plug-in program 256 can be resident in the computer A separate card, wafer, etc. of the computing device 200. Further, although the SM 252, the content storage (5), and the watermarking external program 256 are shown as non-components, the present invention is not limited thereto. For example, The SM 252 and the content storage (5) are implemented as a single integration 2. Furthermore, the 'watermark tag plug-in 256 can be resident in another computer-counting device (for example, the watermark marker bridge (10) of Figure 1), and is not computer Computing device 200. Main reverse tag stream body In a nutshell, a dialog watermark includes a position image, a sound 15 and/or a video data file, or a digital signal or pattern in a stream. The inserted digital signal or pattern does not appear in the unaltered copy of the original material broadcast, and the digital watermark can be used as a digital signature for the copied data file. For example, a watermark can be used to embed a copyright notice into the data archive. For each copy of the data slot case, a predetermined watermark 20 tag can be unique to identify the intended recipient, or the predetermined watermark can be common to multiple copies of the data file so that the file can be identified source. Furthermore, for the average viewer, the watermark is visible, thereby promoting the claim of ownership, the receipt of copyright proceeds, or the successful prosecution of unauthorized use of the data file. 18 1268080 In the streaming media data file, you need to know the media slot format. The traditional method of a ^ p mark Yin, must shrink - streaming media data file (or _, = watermark mark method needs to be decompressed and then repressed 'shrink the groove case (or part added. Hai watermark mark 'interflow media data file The format still maintains the knife: and 'because many of the current strings are distinguished, the traditional watermark is: and can't easily provide the conversational water of the invention: the standard two = to the limit, 'the general knowledge of the _ heart is continued It is not necessary to broaden the invention to allow pre-encryption of the stream including - before the watermark is marked, 10 15 the security level of the content. 纟 to > '- part, thereby increasing the material / filial HttTT for several uses In order to generate a method for marking a watermark for a streaming media asset case, the present invention provides a plurality of methods for recording watermarks because the single-process is gradually limited by the unsuitable component. Furthermore, in operation, this is The sun and the moon can use two or several _ saki - the method of using the mark of the money to print the mark r A_ to generate a substitute message, this method is used to store the selected Μ _ potential replacement frame for subsequent replacement. Scan for watermarking The media 2 is in a lean file and the selected frame is extracted. In the embodiment of the present invention, each of the extracted frames of the predetermined streaming media data file is provided with a - serial number portion such as a single The serial number represents the unique identifier of the intended recipient of the file. The serial number portion can be located in the frame to reduce the loss in the process of transmitting the frame to the client device 1〇6 i 1〇8 19 1268080 Trouble. The number of the serial number can also be attached to the different frames. When a client requests a specific streaming media data file, the selected watermarking frame can be used to replace the original streaming media. 5 unmarked frames in the data file. For example, this method can be used in a watermark tag plugin resident in the content server system. Using this method can include parsing the stream media data file to find out the request. Unique information of the client, and use this unique information to generate a frame with watermark mark on the move. 10 2. Dynamic media data correction: This method will decompress, correct, And recompressing the streaming media data archive data packet, the corrected data packet will be transmitted to the requesting client instead of being transmitted to the original streaming media data archive data packet. 3. Dark frame replacement: In this method, In essence, all of the long stream media 15 video data files include a black frame. In one embodiment, the black frame will be stored using a watermark that identifies the source of the streaming media video file. Another implementation of the present invention In an example, when a client requests streaming media, it is convenient to use a unique request client identifier to mark a black frame with a watermark. When the streaming media is delivered to the requesting client, a watermark of 20 will be used. Mark the black frame and replace the selected black frame while traveling. 4. Common Gateway Interface Application: This method allows the watermark tag used for the web server to modify the downloadable media data file format or static. Imagery, etc. 20 1268080 This financial system reads the watermark and inserts it into the static image data format and audio format. ' 5 10 15 20 The price of the money is positive. For example, the definition information includes the frame rate (four) of the streaming media data file. In this financial law-implementation, the unused data will be inserted into the definition of _H (4) in order to provide the streaming media _

Unique watermark mark. In another embodiment of A ☆ of this method, the definition data will be recorded using an effective but unnatural sequence of coded watermarks. 3_ mad seam This method deliberately discards the string (four) volume data π box in the kind of Wei in the statistical method. In the real-world aspect of this method, the intermediate frame can be discarded under the condition that the dragon-stream product has the least negative influence (referred to as the frame frame). In this embodiment, Can not see or hear but there is a watermark; ^ data frame inserted into the streaming media data in the Tan case. Expected to cover the land: the additional useless information tuple Lishankou into the end of the data packet to indicate - Watermark mark. The watermark will be entered into the number of foreign bytes added. ^ Physical to packet t: This embodiment will attach useful data with watermark to the selected streaming media data. In the packet, the embodiment for embedding the watermark mark provides a selected number of the unique identifier of the bit, or a source identifier of the body data frame of the different serial media 21 1268080. In order to have the watermark 襟t combination can include the entire unique identifier. Under the watermarking technique, however, the invention is not limited to the above-described digital dialogue. For example, without departing from the spirit or scope of the present invention 5 using Fourier transform technology, Discrete Cosine Transform Technique, etc. General Operation The operation of certain aspects of the present invention will be described below with reference to Figures 3 and 4. Figure 3 illustrates an embodiment of the content functional portion of the various stages of the present invention. Figure 3 can be used as an example of converting content when the content undergoes a conversational watermarking mechanism. For example, as shown in Figure 4, as shown in Figure 3, the content conversion 3〇〇 includes pure content 3〇2. The target and selective encryption token 304, the conversational watermarking content 3〇6, and the = watermarking marker content 308. In one embodiment, the pure content 3〇2 and 15 target and selectively encrypted content 3〇4 may Residing in a two-computer computing device managed by the content owner. The clean content 302 includes the clean portions 320 to 323. The clean portions 32A to 323 represent any portion of a plurality of different portions of the content 3〇2. Further, the content 3G2 represents A variety of different content formats. For example, you can use the Image Expert Group (MPEG) format to format pure content 3〇2. Pure content is not limited to the MPEG content format, and without departing from the spirit of the present invention Other content formats 'including JPEG, 3 44 can be used under dry conditions. However, the MPEG format used in the present invention is only one example and is used for display aspects. 22 !?68080 In contrast, MPEG is a coding and compression standard that is finer than digitally transmitted content. MPEG provides compression support for TV-quality transmission of video-borne content. Furthermore, MPEG provides compressed audio, control, and even user-spread content. The MPE (packetization base) (PES) typically includes an integer number of base-stream (ES) access unit solid or variable size blocks or frames. The ES is typically MPEG content. The basic components of the flow, and the package • her bit controls lean, digital audio, digital video and other digital content (synchronous or asynchronous). - The compacted pES packet (which is essentially referred to as the same time base) contains the MPEG program stream (PS). Each PES packet may also be formed into a fixed size transport packet, referred to as an MPEG Transport Stream (TS), which forms a general purpose method of combining one or more content streams, optionally including an independent time base. Furthermore, the mpeg frame includes an intermediate frame (丨_frame), a forward prediction frame (p_frame), and a bidirectional prediction frame (B_frame). Thus, the clean portions 320 through 323 each include a portion of the pure content 302 that can be subdivided into a plurality of data units according to different criteria. For example, the clean portions 320 to 323 include portions of data extracted from any of the components of the video base stream (ES), the audio ES, the digital data, and the video, audio, and lean stream of the valley. For example, the clean portions 320 to 323 may be composed of a second portion of ten 20 video ESs. Furthermore, the clean portions 320 through 323 may not need to include the same length, density, etc. as the clean content 302. Target and selective encryption can be applied to any component of the video base stream (ES), audio ES, digital data ES, and any part of the video, audio, and data stream (which contains pure content 302) to convert it. Selectively encrypt content 304 with a target of 23!268〇8〇. The target and selective encryption further includes selectively encrypting the I-frame, the P-frame, at least a portion of the B-frame, and any combination of the p_frame, the 1-frame and the l-frame to generate a target and The content 304 is selectively encrypted. However, in some cases, it is desirable that portions of the pure content 3〇2 5 remain pure so that the requesting client device can perform trick play of the content, such as swivel, replay, wisdom. Pause and so on. As shown in Figure 3, the target and selective encrypted content 304 exhibits two portions as encrypted portions (330 and 332). When the target and selective encrypted content 304 are streamed to the watermark 10 bridge 1 〇 4 of FIG. 1 , the watermark marker plug-in component 256 of FIG. 2 , etc., at least one dialog watermark is applied as described above. To at least a portion (331 and/or 323) of the pure content. The target and selectively encrypted content 304 can be converted to conversational watermarked content 3〇6 by including a J/one conversational watermark as described below. 5 In one embodiment, the target and selective encryption can also be applied to a watermark. For example, the watermark can be decompressed into at least two parts. I: The points may include the most significant bits of the client device address. This section can be a target for selective addition. Other parts may include the less important 4 yuan in the information, such as the name of each household. For example, this portion of the watermark can be kept pure. Thus, the watermark marks the clean portion and the sub-portions that are otherwise included, pre-held as pure or further encrypted. However, this encryption method can & use a cryptographic key different from the cryptographic key used to additionally encrypt the encrypted portions 33A and 332. 24 1268080 When the conversational watermark is received by the requesting client device, the encrypted portions 330 and 332 will be decrypted to produce the decrypted watermark content 308. If the decrypted watermarked content 3〇8 includes an encrypted=mark, the watermark is maintained as encrypted.

5 However, it should be noted that the present invention is not thus limited by the target selective encryption technique. For example, selective encryption techniques can also be used, sometimes referred to as ", "partial encryption", or "fragment encryption". This type of selective encryption typically seeks to identify the smallest subset of compressed bitstreams that may degrade the content on the decoder (e.g., on a client device). However, the action of = 10 out of this bit, the smallest subset of streams, may reduce the level of security. Therefore, this method has a - item exchange condition. Thus, the selective encryption action can receive the compressed content and use a cryptographic algorithm to encrypt the predetermined minimum number of bitstreams, which is a relationship that balances the degradation problem for the desired level of security. In either case, the present invention may encrypt the content and/or at least a portion of the watermark using any of a number of different encryption mechanisms, including asymmetric gifting mechanisms (eg, Diffie-Hellman, RSA, Merkle-Hellman, POP), as well as symmetric encryption mechanisms (such as Advanced Encryption Standard (AES), RC6, IDEA, DES, RC2, RC5, Skipjack). 20 The requesting client device can then be provided with a corresponding content decryption record using any of a number of different mechanisms, including an out-of-band method, a trusted third party, and the like. Figure 4 is a logic flow diagram which generally demonstrates an implementation of a program for managing conversational watermarking on a target selectively pre-encrypted content 25 1268080. The computer computing device 2 of Fig. 2 executes the program 4〇0 of Fig. 4, and the program 4QQ of Fig. 4 can be carried out in the content server 1G2 and the watermark flag bridge 104 of Fig. 1 . As shown in FIG. 4, the routine 400 will begin after the content 5 is received in block 402. This content can be received from a variety of different sources. For example, the content can be received from an upstream content owner, provider, or the like. In block 402, the content is reviewed to determine if it has been compressed. If not, the content is compressed in block 402. The compressed content action can use any of a variety of compression/decompression mechanisms suitable for a given content type. For example, block 4〇2 may use Dynamic Picture Experts Group (MPEG), Joint Graphics Experts Group (JPEG), wavelets, and other mechanisms to compress received content. Processing action will proceed to block 404 where a determination will be made that the target has been selectively encrypted for the compressed inner valley. If not then any of the methods described above with reference to Figure 3 can be used to examine, profile, and selectively encrypt different target portions of the content. In one embodiment, block 4〇4 will operate to perform an encryption action on the fly. In another example, the encryption action will be performed in an 'offline' manner and the target selectively encrypted content will be stored for subsequent access. In another embodiment, a selective encryption method will be used instead of using target selective encryption. The program 40 will then proceed to decision block 406 where a determination will be made as to whether a request for the content has been received. If a request for the content is not received, the processing action will repeat the decision block 406 until a request is received. If a request for the content has been received, then processing proceeds to block 408, 26 1268080 where the dialog information has been received. The session information can be received from the requesting client. For example, the dialog information includes a client unique identifier, a terminal user identifier, a digital right associated with the content and the end user, and the like. In one embodiment, the client unique identifier includes a name, a -5 password, a hash, a credit card number, an Internet Protocol (IP) address associated with the client device, and the like. You can also receive conversations from content owners, content providers, and more. For example, the information includes an identifier of the content owner, the content encrypter, the content provider, and the like. The processing action will proceed to block 410 where the conversation information will be used to cause at least one conversational watermark to be included in the selective portion of the content when the content is streamed to the requesting client. As described above, a variety of different mechanisms can be used to generate multiple watermarks for the streamed content. Furthermore, the watermark can be signed and/or encrypted digitally. The processing action will continue before proceeding to block 412 where the content of the tag will be continuously streamed to the requesting client, and wherein the requesting client will decrypt the content. Upon completion of block 412, routine 400 will return to the calling program for other actions. . It will be appreciated that the blocks shown above in the flowchart and the combinations of blocks shown above in the flowchart can be implemented by computer program instructions. The program instructions can be provided to a processor to produce a machine that, when executed on the processor, generates means for performing the operations in the flowchart block. The computer program instructions can be executed by the processor to enable the processor to perform a series of operational steps to generate a computer-implemented light sequence, and to provide execution of the instructions on the processor for execution in the flowchart block The steps of the action. 27!268〇8〇 Therefore, the block of the flowchart can support the program command means for performing the combination of the steps for indicating the action and the component for the (10). It can also be understood that the dynamic system can be used to implement the process of reducing the action. The hardware of the π soil is combined with the square of the block diagram, or the special purpose hardware and computer instructions.

The above description, examples and materials provide a complete description of the constructional use of the invention. Many embodiments of the invention can be made without departing from the spirit and scope of the invention, and the invention is defined by the following claims. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a functional block diagram showing an embodiment for implementing the environment of the present invention; FIG. 2 is a diagram showing an embodiment of a server device which can be used to implement 15 books. In a system of the invention; FIG. 3 shows an embodiment of the content functional component in various stages of the progress of the invention; and FIG. 4 is a logic flow diagram which is generally shown in accordance with the present invention. An embodiment of the 20 program for pre-encrypting the conversational watermark on content with a management target. [Main component symbol description] 100 Operating environment 105 WAN/LAN network 102 Content server 106 Client device 104 Watermark marker bridge 107 Client device 28 1268080

108 Client Device 200 Computer Computing Device 210 Network Interface Unit 212 Central Processing Unit 214 Video Display Adapter

216 RAM 218 Basic Input/Output System CBIOSO 220 Operating System 222 Bus 224 Input/Output Interface 226 CD_ROM/DVD-ROM CD Player

228 Hard Disk Drive 232 ROM 250 Application 252 Session Manager (SM) 254 Content Store 256 Watermark Marker Plugin 300 Content Conversion 302 Pure Content 304 Target and Selective Encrypted Content 306 Conversational Watermark Content 308 Decoded Watermark Content 320 Pure part 321 Pure part 322 Pure part 323 Pure part 330 Encrypted part 331 Pure part 332 Encrypted part 341 Watermark mark Pure part 343 Watermark mark Pure part 400 Procedure 400~412 Step block 29

Claims (1)

1268080 kr ^ r: Ί 卜 ^ ^ Gan Xiu (more) is replacing page I X. Patent application No. 94100475 Application for patent scope revision 95 〇 1. A system for disseminating content on the Internet a client device that is configured to perform the following actions: requesting the content; and providing dialog information associated with the request; and a computer computing device that is configured to: Receiving the dialog information associated with the request; encrypting at least a portion of the content, wherein at least another portion of the content is maintained unencrypted, at least in part based on the dialog information, determining a watermark; and when When the client is unable to stream the encrypted and unencrypted portions of the content, the watermark is immediately applied to at least a portion of the unencrypted content. The system of claim 1, wherein the act of encrypting at least a portion of the content further comprises selectively picking at least the portion of the tool for encryption. Applying for the pure item i of the Wei Wei, the application of the watermark mark is additionally applied - different watermarks are marked into a different part of the unencrypted content. The system of claim 1 of the scope of the patent application, wherein the action of applying the watermark mark further comprises applying a different watermark to the same part of the unencrypted content. 30 1268080 D. = System of the i-th patent of the patent range wherein the watermark marked with the watermark contains at least a portion of the watermark mark and at least another portion of the digital watermark mark. 10 6· If the application is specific to the secret of item 1, the computer computing device uses a watermark mark plugin and a watermark mark bridge to apply the watermark mark. 7. For example, please refer to the system of the third patent, in which the watermark is encrypted by a password record different from the password used to add the portion of the content. The system of claim 1, wherein the client device is an action device. 15 The system of claim 1 of the patent, wherein the dialog information further comprises at least one of the following items: a client device identifier, a terminal user identifier, a digital right opposite the terminal user, End User Name, 1 Code, - Hash, - Credit Card Number and an Internet Protocol (IP) address. 20 10_ As claimed in the first paragraph of the patent scope, the action of quietly determining the watermark mark further comprises determining the watermark mark according to the additional 2 pieces of information including at least _ of the following items: - the content owner's - The identifier of the payment, the content encryptor, the identifier of the content provider, and an identifier of the content are identified. u· A purely content for disseminating content on the network, comprising: a content server configured to perform the following actions: 31 1268080 receiving a request for the content from a computer computing device; receiving and receiving Requesting the associated conversation information; encrypting at least a portion of the content, wherein at least another portion of the content remains unencrypted; and 5 streaming the encrypted and unencrypted portions of the content to the computer computing device; a watermarking component configured to intercept the streamed content and to: receive the dialog information; 10 determine a watermark based at least in part on the dialog information; and when the computing device is further streamed to the computer When the encrypted and unencrypted portions of the content are immediately applied, the watermark is applied to at least a portion of the unencrypted content. The system of claim 11, wherein the watermarking component is at least one of a watermarking bridge and a watermarking plugin component. 13. The system of claim 11, wherein the computer computing device associated with the request further comprises a 20 wireless communication for receiving the streaming content. 14. An apparatus for transmitting content over a network, comprising: a processor in communication with the transceiver; 32 1268080 communicating with the processing and storing the ribs and the memory of the machine instructions. The instructions will cause the processing to perform the following plurality of operations: a receive-content stream where at least a portion of the content stream is encrypted, and at least another portion of the content stream is unencrypted; receiving is associated with the content stream The associated dialogue information; at least in part based on the dialog information, the watermark is determined; and, 10, the data is streamed on the road, ie, the watermark is applied to at least a portion of the unencrypted content stream. 15. ^ The cleavage of claim 14 of the patent scope, wherein the placement is operated as at least one of a watermark marker bridge and a watermark marker component within the computer computing device. 15 • As for the application of the 14th item of the patent scope, the Gansu 遴 遴 以 以 以 以 以 以 以 , , , , , , , , , , , , , , , , , , , , , , 。 。 。 。 。 。 。 For example, in the case of Shenyi, the 14th patent of the patent scope, the mobile bamboo η is applied with the watermark mark __ i, and the different watermarks are marked into different parts of the unencrypted content. 20 The fourth aspect of the patent application scope of claim 4, wherein the watermark mark is used to include at least one of the four points of the watermark mark and one of the at least one action port F of the watermark mark. The apparatus of claim 14, wherein the watermark is encrypted with a cryptographic gold input different from the cryptographic key used to encrypt the portion of the content. 20 - a method for propagating content over a network, comprising the steps of: receiving dialog information associated with a request for one of the content; encrypting at least a portion of the content, wherein at least another portion of the content Maintaining an unsuccessful, determining, based at least in part on the dialog information, a watermark; and 10, when the encrypted and unencrypted content is streamed to a computer computing device associated with the request, applying the The watermark is tagged into at least a portion of the unencrypted content. 21. The method of claim 20, wherein the dialog information further comprises at least one of the following: a client device identifier, a final 15-terminal user identifier, and a digit associated with a terminal user. Entitlement, ^ an end user name, a password, a hash, a credit card number, an internet protocol (IP) address, an identifier of a content owner, an identifier of a content encrypter, a content An identifier of the provider, and an identifier of the content. 20 22. A storage medium storing a modulated data signal for disseminating content over a network, the modulated data signal comprising instructions for causing a computer computing device to: transmit from the client device for the content a request from the client device to transfer the conversation information associated with the request; 34; 1268080 to the material component has received the streamed content, wherein the content is not added to the heart (four), Run less, part of the dialogue, so that the watermarking component can determine a watermark; and although the client device is used in the money, the water is The imprinting component can instantly apply the watermark to at least a portion of the unencrypted (four). 3. The storage medium of claim 22, wherein the watermark 4 further comprises at least one of a watermark marker bridge and a watermark marker add-on component. 24. An apparatus for propagating content over a network, comprising: means for receiving a request for one of the content; 15 means for receiving dialog information associated with the request for the content; a means for receiving the content, wherein at least a portion of the content is encrypted, and at least another portion of the content is unencrypted; to determine, at least in part, based on the dialog information - a printed mark And means for immediately applying the at least one watermark to at least a portion of the unencrypted content when the content is streamed over the network. 35