Issue of licensies for autonomous usage of publication instruments in rights controlling system for drm digital content

FIELD: information technology.

SUBSTANCE: publishing user is provided with the publication certificate from the DRM server, creates the content, ciphers it with the content key (CK), creates a rights mark for this content with open key of the DRM-server (PU-DRM), for generation (PU-DRM(CK)), restores (PU-ENTITY(PR-OLP)) from the publication certificate, applies secret key (PR-ENTITY) of the corresponding (PU-ENTITY) to the (PU-ENTITY(PR-OLP)) for obtaining (PR-OLP), sign the created rights mark using (PR-OLP), connects SRL and the publication certificate with encrypted content for creation a content package distributed to another user, that must connect with the DRM-server for obtaining a license with CK for playback of the content, creates the license data corresponding with the content package, with (CK), encrypted (PU-ENTITY) for generation of (PU-ENTITY(CK)), signs the license data using (PR-OLP) and attaches the publication certificate to the publication license.

EFFECT: possibility of the content publishing without initial receipt of permission from the server and license issuing for playback of the published content without permission from the server.

20 cl, 17 dwg

 

The following applications for U.S. patents disclose the object of the present invention and fully incorporated herein by reference.

Application for U.S. patent number 10/185 .527, registered on June 28, 2002, the register number of the attorney MSFT-1330, and called "Obtaining a Signed Rights Label (SRL) for Digital Content and Obtaining a Digital License Corresponding to the Content Based on the SRL in a Digital Rights Management System".

Application for U.S. patent number 10/185 .278, registered on June 28, 2002, the register number of the attorney MSFT-1333, and called "Using a Rights Template to Obtain a Signed Rights Label (SRL) for Digital Content in a Digital Rights Management System".

Application for U.S. patent number 10/185 .511, registered on June 28, 2002, the register number of the attorney MSFT-1343, and called "Systems And Methods For Issuing Usage Licenses For Digital Content And Services.

Application for U.S. patent, registered under the register number of the attorney MSFT-1498 called "Publishing Digital Content Within an Organization in Accordance with a Digital Rights Management (DRM) System.

Application for U.S. patent, registered under the register number of the attorney MSFT-1569 called "Publishing Digital Content Within an Organization in Accordance with a Digital Rights Management (DRM) System.

Application for U.S. patent, registered simultaneously with the present application, the number of registry attorney MSFT-1536, and called "Enrolling/Sub-Enrolling a Digital Rights Management (DRM) Server Into a DRM Architecture".

The present invention relates to a system digital Rights Management content management (DRM). In private the tee, the invention relates to the use of DRM systems for publishing and promotion network) digital content in an organization, such as an institution or a corporate organization, etc. while the reproduction or use of content within an organization may be limited in accordance with the relevant terms or conditions of the license. More specifically the present invention relates to publish content without communication with the server for permission to grant themselves license to use publishing tools to reproduce the published content without communication with the server for resolution.

Rights management of digital content and enforce requirements are required in relation to digital content such as digital audio data, digital video, digital text, digital data, digital multimedia data, etc. where the specified digital content must be distributed to one or more users. Digital content can be static, for example, a text document, or can be represented in the form of a stream, for example in the form of a stream of audio data/video events. Normal modes of distribution include material devices, such as magnetic (floppy) disk, magnetic tape, optical (to the compact disk (CD), etc., and intangible means, such as electronic Bulletin boards, electronic network, the Internet, etc. When receiving digital content, the user performs reproduction or 'loses' digital content using the appropriate playback device, such as a media player on a personal computer or similar device.

In one case, the content owner or rights holder, such as author, publisher, broadcaster, etc., prefers to distribute such digital content to each of multiple users or recipients in exchange for a fee for a license or some other material compensation. In this case, the content may be a song, album, song, movie, etc. and the task allocation is to generate license fees. The owner of the content, which given the choice, would prefer to limit the possible actions of the user in relation to the distributed digital content. For example, the content owner will prefer to restrict copying and redistribution of the user of such content to the second user, at least, with deprivation of the owner of the content license fees from the second user. Additionally, the content owner may elect to provide user mobility on what I am acquiring different types of licenses for different fees for license, while keeping the user in the license conditions of any kind, actually purchased by the user. For example, the content owner may choose to allow playback of the distributed digital content only a limited number of times only in the continuation of a certain time, to a specific device, only some specific type of player, only certain types of users, etc.

In another case, a developer of content, such as employee or representative of the organization, is required to distribute digital content to one or more other employees or representatives, or other persons outside the organization, but it does not prevent the reproduction of the content by others. Here the distribution of content is more similar to confidential or restricted share content based organization in contrast to the wide distribution in exchange for a fee for a license or some other compensation.

In this case, the content may be a representation of the document, a dynamic spreadsheet, database, email, etc. is something that can be exchanged according to the rules of the institution, and the content developer may be required to ensure that the contents remained within the organization the organization or in conformity with the rules of the institution and to unauthorized persons, for example competitors, did not play. Again, the content developer is required to limit the possible actions of the recipient with distributed digital content. For example, the content owner will prefer to restrict copying and redistribution of the content by the user to the second user, at least with the distribution of content outside entities that are allowed to play the content.

Additionally, the content developer may need to provide various recipients various levels of permissions to reproduce. For example, the content developer may have the same group of persons to provide the opportunity to view the protected digital content, but to prohibit the printing, and the other group of people to provide the opportunity of viewing and printing.

However, under any scenario, once distributed, the owner/developer of the content has very little control over digital content, if it has at all. This is especially problematic given the fact that virtually every personal computer includes software and hardware needed to create an exact digital copies of digital content and to download an exact digital copy is recorded on magnetic or optical di is to either transfer the exact digital copies of any recipient through a network, like the Internet.

Of course, as part of the transaction (group operations), in which the distributed content, the owner/developer of the content may require the user/recipient of the digital content promise not to redistribute digital content unintended way. However, this promise comes easily and easily broken. The owner/developer of the content may be trying to prevent redistribution by any of several well-known protection devices, usually involving encryption and decryption. However, there is very little probability that it will prevent a certain user to decrypt encrypted digital content, save it in plain text and then redistribute.

Therefore, there is a need for rights management of digital content (DRM) and architecture to enforce and to enable controlled playback or playback of arbitrary forms of digital content, where such control is flexible and is determined by the owner/developer of content digital content. In particular, there is a need in the architecture, providing the opportunity and promoting managed to reproduce, especially in the environment of the institution or organization and d, where documents should be used jointly defined by a group of persons or classes of persons more specifically, there is a need in the architecture that provides the ability to publish (promotion network content without first obtaining permission from the server and providing publishes face the possibility of issuing yourself license to reproduce published content without communication with the server for resolution.

At least part of the aforementioned needs, the invention, in which the publishing user publishes digital content and gives himself a corresponding digital license on the publishing tool to provide opportunities reproduction of published digital content. The publishing user is supplied with a certificate of publication from the server rights management of digital content (DRM), where the certificate has a public key (PU-OLP) and the corresponding private key (PR-OLP), encrypted public key corresponding to the publishing user (PU-ENTITY)to form (PU-ENTITY(PR-OLP)).

Content is being developed and is encrypted according to a content key (CK), and the encrypted content is generated label rights (CK)encrypted with the public key of the DRM server (PU-DRM)to form (PU-DRM(CK). Certificate of publication is restored (PU-ENTITY(PR-OLP)), secret key (PR-ENTITY)corresponding to (PU-ENTITY), applied to (PU-ENTITY(PR-OLP)) to obtain (PR-OLP), and created a label rights is signed (PR-OLP) to create a signed label rights (SRL). Then created SRL and publishing certificate connected with the encrypted content to form a content pack that can be distributed to another user, who must contact the DRM server for receiving therein a corresponding license (CK) for playback of encrypted content. It is essential that only such DRM server has a private key (PR-DRM)corresponding to (PU-DRM), and can apply (PR-DRM) to (PU-DRM(CK)) to obtain (CK).

Also created license data corresponding to the content package, which have (CK)encrypted (PU-ENTITY)to form (PU-ENTITY(CK)), created these licenses are signed (PR-OLP) to create a license on the medium of publication, and publishing certificate is attached to the license for publishing tool. Only the publishing user with (PR-ENTITY)corresponding to (PR-ENTITY)may apply such (PR-ENTITY) to (PU-ENTITY(CK)) from the license to the publishing tool to obtain (CK) and decryption by (CK) encrypted content for playback.

In particular, the publishing user checks the certificate publ the requirements on the basis of a certificate chain, obtains (PU-OLP) of the certificate of publication and uses the obtained (PU-OLP) to verify the signature of the license for publishing tool. After that, the publishing user recovers (PU-ENTITY(CK)) from a verified license publishing tool, applies to (PU-ENTITY(CK)) secret key (PR-ENTITY)corresponding to (PU-ENTITY)to obtain (CK) and applying (CK) to CK(content) (CK(content)) to list the contents. Then the content is sent to the playback application for the actual playback.

The above-described invention, as well as the subsequent detailed description of embodiments of the present invention will become better understood when read in conjunction with attached drawings. To illustrate the invention the drawings depict embodiments of which at the moment are preferred. However, as will become clear, the invention is not limited to specific configurations and shows the means.

1 is a structural diagram depicting a possible non-limiting computing environment, which can be implemented in the present invention.

2 is a structural diagram depicting a possible network environment with multiple computing devices, which may be implemented with the present invention.

Figure 3 is a functional CX is my preferred option for implementing the system and method according to the invention for publishing digital content.

Figure 4 is a block diagram of a preferred variant of the method according to the invention for publishing digital content from a rights-managed.

Figa is a structural diagram depicting the structure of the signed label rights created by method 4.

Figure 5 is a structural diagram of the preferred alternative implementation of the system and method according to the invention for licensing digital content from a rights-managed.

Figa and 6B are block diagrams of a preferred variant of the method according to the invention for licensing digital content from a rights-managed.

7 is a structural diagram depicting a certificate issued by the DRM server to the user, for providing him the opportunity to perform an offline publication according to one variant of implementation of the present invention.

Fig is a structural diagram depicting a certificate Fig.7 together with the license for publishing tool, which provides publishing the user to playback the content published offline, according to one variant of implementation of the present invention.

Fig.9 is a flowchart depicting the basic steps performed by the publishing user to obtain a license is and publication pig according to one variant of implementation of the present invention.

Figure 10 is a flowchart depicting the basic steps performed by the publishing user, to use the received license to publish Fig.9 for playback of the corresponding content according to one variant of implementation of the present invention.

11 is a structural diagram depicting the architecture of enforcement in a possible embodiment of a system based on trust.

Fig is a structural diagram depicting multiple DRM servers that may exist in the architecture of the present invention, where each (incoming) DRM server registers or sub-registers in the architecture of the other (recording) DRM server, issuing him a certificate of registration.

Fig is a structural diagram depicting a certificate of registration Fig together with the certificate of guarantee made at least in some cases, incoming DRM registration server DRM server.

Fig and 15 are block diagrams depicting the basic steps performed by registering and entering DRM servers pig and 14 for registration (Fig) or under-registration (Fig) incoming DRM server.

Environment computing device

Figure 1 and the following discussion are intended to brief General description of the corresponding computing the environment, which can be implemented in the present invention. However, it should be borne in mind that in order to use the present invention are suitable portable, portable and other computing devices of all kinds. Although the following describes a universal computer, it is only one possible option, and the present invention requires only a "thin" client (little functional, thin client network terminal)having the ability to interact and communicate with a network server. Therefore, the present invention can be implemented in the environment of network services when interacting with the main computing machine, in which very little or minimal client resources, for example, in a network environment in which a client device is only in the form of a browser (browsing) or interface with the world wide web (WWW collection of hypertext and other documents are available worldwide via the Internet).

Although this is not required, the invention can be implemented via application programming interface (API set of functions provided by some program) for use by the developer and/or included in the software view of the network, which will be described mainly in the context of instructions executable by a computer, such as software m is Dooley, by one or more computers, such as workstations, servers, or other devices. Essentially, the software modules include procedures, programs, objects, components, data structures, etc. that perform particular tasks or implement certain abstract data types. Essentially, the functionality of the program modules may be combined or distributed in accordance with the requirements of the various embodiments. In addition, to know the technique it is obvious that the invention can be practically implemented in computer systems with other system configurations. For use in connection with the present invention are suitable for other known computing systems, environments, and/or configuration, for example, personal computers (PC), ATMs, computers, servers, portable and handheld devices, multiprocessor systems, microprocessor-based, programmable consumer electronics, network PCs, minicomputers, universal computers, etc. the Invention can also be practically implemented in a distributed computing environment where tasks are performed by remote processing devices that are linked through a communications network or other data transmission medium. In a distributed computing environment prog is amnye modules can be placed in storage environments local and remote computers, including a mass storage device.

Figure 1 illustrates a possible variant of the environment 100 of a computer system, which can be implemented in the invention, although, as is clear from the previous description, the environment 100 of a computing system is only one possible variant of the corresponding computing environment and is not intended to impose any restrictions on the scope of use or functionality of the invention. Computing environment 100 should not be considered as dependent on any component or combination of components illustrated possible operating environment 100.

According to figure 1 a possible system for implementing the invention includes a universal computing device in the form of a computer 110. Components of computer 110 may include, in particular, the processor 120, system memory 130, and a system bus 121 that connects various system components including the system memory to the processor 120. The system bus 121 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus and a local bus using any of the many bus architectures. As an example, such architectures include the ISA bus architecture, relevant industry standard (APS), MCA microchannel architecture (MCA), the EISA bus RA is shirenai standard architecture for industrial applications (RAPE), local bus VESA Association standards in the field of video electronics (ASWA), and a 32-bit system bus PCI expandable up to 64 bits, the interaction with which is made without the participation of the Central processor (also known as Mezzanine bus), etc.

The computer 110 typically includes a number of storage media, readable by a computer. A storage medium readable by a computer, may be any available media that can access the computer 110 and includes both volatile and nonvolatile media, removable and non-removable media. As a possible variant, the storage medium readable by a computer, may include a storage medium of the computer, communication, etc. Media computer includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as the instructions read by the computer, data structures, program modules or other data. Media information of the computer includes, in particular, random access memory RAM), permanent memory ROM (ROM), EEPROM (EPROM), flash memory or using a different technology, CD-ROM, CD-ROM, versaline digital DVD (OCD) or other optical storage disks, magnetic cassettes, magnetic tape, magnetic storage disks or other magnetic storage devices, or any other tool that can be used to store relevant information and who can access the computer 110. The means of communication normally embodies instructions that are read by the computer, data structures, program modules or other data in a modulated data signal such as a carrier or other mechanism for transferring information, and includes any means of information delivery. The term "modulated data signal" means a signal that has one or more of the set of its characteristics, or modified in such a manner as to encode information in the signal. As a possible variant, the connection means includes a conductive medium, such as a wired network or direct cable connection, and a wireless means, such as acoustic, radio, infrared and other wireless means, etc. Combinations of any means referred to above should also be included in the context of the media being read by a computer.

The system memory 130 includes a media computer in the form of volatile and/or nonvolatile memory, such as ROM, RAM 131 and 132. Basic system 133 I/o BIOS (BIOS), containing the gas procedure, enabling the transfer of information between elements within computer 110, for example, used to run, basically, is stored in ROM 131. RAM 132, mainly contains data and/or software modules that you can access immediately and/or which currently operates the processor 120. As a possible variant of figure 1 depicts the operating system 134, application programs 135, other program modules 136, and data 137 program.

The computer 110 may also include other removable/non-removable, volatile/non-volatile storage media of the computer. Only as a possible option figure 1 depicts the drive 141 on hard drives, engaged in reading non-removable, nonvolatile magnetic media or written to, the drive 151 on magnetic disks, which shall read with a removable, nonvolatile magnetic disk 152 or write on it, and drive 155 on optical disks, which shall read with a removable, nonvolatile optical disk 156, such as a CD-ROM or other optical media, or write on it. Other removable/non-removable, volatile/non-volatile storage media of the computer, which can be used in a possible operating environment, including the t a cassette tape, card, flash memory, digital versatile disks, digital videomagician tape, solid state RAM, solid state ROM, etc. Drive 141 on hard drives, mainly connected to the system bus 121 via an interface of the non-removable memory, such as interface 140, and the drive 151 on magnetic disks and the drive 155 on optical disks, mainly connected to the system bus 121 via an interface, a removable memory, such as interface 150.

Disk drives and their associated media computer, described above and depicted in figure 1, provide storage of instructions readable by a computer, data structures, program modules and other data for the computer 110. For example, in figure 1 the drive 141 on hard drives is depicted as storing operating system 144, application programs 145, other program modules 146, and data 147 program. It should be noted that these components may be identical to the operating system 134, application programs 135, other program modules 136, and data 137 program or different from them. Here the operating system 144, application programs 145, other program modules 146, and data 147 program are given different reference positions for clarifying that, at least, they are other copies. The user can provide input to the tool is implemented and information into the computer 110 through input devices, such as a keyboard 162 and pointing device 161, commonly defined as the mouse ball pointer or the touch panel. Other input devices (not illustrated) may include a microphone, joystick, game pad, satellite dish, scanner, etc. Often these and other input devices connected to the processor 120 via interface 160 of the user connected to the system bus 121, but they can be connected to the processor through another interface and other bus structures, such as a parallel port, game port or a universal serial bus (upsh).

To the system bus 121 via the interface, a video interface 190 is connected to the monitor 191 or other type of display device. To the system bus 121 may also be connected graphical interface 182, for example Northbridge (North bridge). Northbridge is a chipset associated with the Central processor CPU or processor is the main computing machine 120, and is responsible for communication with the accelerated graphics port AGP (PHA). With a graphical interface 182 may communicate one or more graphics processors 184 GPU (SE). In this sense GPUs GPU 184 mainly contain internal memory, such as register storage class, and associated with the memory 186. However, the graphics% the quarrels 184 GPU are one possible option coprocessor and therefore, the computer 110 may contain different devices joint processing of data. Also to the system bus 121 is connected to the monitor 191 or other type of display device through an interface, a video interface 190, in turn, associated with the memory 186. In addition to the monitor 191 computers may also include other peripheral output devices such as speakers 197 and printer 196, which may be connected through a peripheral interface 195 output.

The computer 110 may operate in an environment with network structure using logical connections to one or more remote computers, such as a remote computer 180. The remote computer 180 may be a personal computer, a server, a router, a network PC, a peer device or other common network node, and typically includes many or all of the elements described above with respect to computer 110, although figure 1 only depicts the memory device 181. The logical connection indicated by figure 1, include LAN connection LAN (LAN) 171 and a global communications network WAN (WAN) 173, but may also include other networks. Such networking environments are often used in offices, corporate computer networks, intranets (corporate local area networks high reliability and with limited access) and the Internet.

When using in a network environment LAN computer 110 connects to the LAN 171 through a network interface or adapter 170. When using in a network environment HS computer 110 typically includes a modem 172 or other means for establishing a connection through HS 173, such as the Internet. The modem 172, which may be internal or external, may be connected to the system bus 121 via an interface 160 user input or other appropriate mechanism. In an environment with a network structure of the software modules listed in the computer 110, or portions thereof, may be stored in a remote storage device. As a possible variant figure 1 depicts a remote application programs 185 as posted on the storage device 181. It is clear that depicts a network connection are possible and may be used other means of establishing lines of communication between computers.

To know the technique it is obvious that the computer 110 or other device client can be used as part of the network. In this sense, the present invention pertains to any computer system having any number of memory or storage devices, and any number of applications and processes occurring across any number of storage devices or volumes. The present invention m is can be applied to the environment with computers-servers-clients, deployed in a network environment, having remote or local storage. The present invention can also be applied to standalone computing device having the functionality of a programming language and the possibilities of interpretation and execution.

Distributed computing contribute to the sharing of computer resources and services by direct exchange between computing devices and systems. These resources and services include the exchange of information, the cache and the storage drives for files. Distributed computing uses the advantage of the connectivity of nodes in the network, providing customers the opportunity to strengthen their joint capabilities for use across the enterprise. In this sense, a number of devices may have applications, objects or resources that may interact to engage authentication methods according to the present invention for the pipeline(s) to perform graphics operations on the basis of the trust.

Figure 2 provides a schematic representation of possible computing environment with a network structure or a distributed computing environment. Distributed computing environment contains computational objects 10a, 10b, etc. and computing objects or devices 110a, 110b, 110c, etc., These objects can containing the program, methods, information storage, programmable logic, etc. Objects can contain parts of the same or other devices as personal digital assistants PDAs, televisions, MP3 players, personal computers, etc. Each object can communicate with another object through a communications network 14. The communication network can itself contain other computational objects and computing devices that provide services for the system of figure 2. According to the aspect of the invention, each object 10 or 110 may contain an application that might require authentication methods of the present invention for the pipeline(s) to perform graphics operations on trust.

It should also be noted that the object, for example 110c, may be assigned to a host on another computing device 10 or 110. Thus, although depicted the physical environment can represent the connected devices as computers, such illustration is merely an option, and the physical environment in another embodiment, may be depicted or described containing different digital devices such as PDAs, televisions, MP3 players and so on, the software objects as interfaces, COM objects, etc.

There are several systems, components, and network configurations that support distributed in the numerals of the environment. For example, the computing systems may be connected together by wired communication or wireless communication, local area networks, or more widely distributed networks. Currently many of the networks connected to the Internet, which provides a framework for a more widely distributed computing and includes many different networks.

In home network environments, there are at least four disparate network communication tools, each of which can support a unique Protocol, such as the power line, means for transmitting radio communication and wire communication), medium voice (e.g., telephone) and the transmission medium of entertainment information. Most home control devices, such as light switches and appliances for connection can use the power line. Data services can come in the house in the form of broadband (e.g. DSL (digital subscriber line) or Cable modem) and is available through the use of radio (e.g., HomeRF and 802.11b) or wired (e.g., Home PNA, Cat5, power line). Voice traffic can enter the house in the form of a wired connection (for example, Cat3) or radio (e.g., cell phones) and can be distributed inside the house using Cat3 wiring. Means preachersville information can enter the house via satellite or cable and are normally distributed around the house using coaxial cable. Also found IEEE 1394 and DVI digital connection for cluster storage devices. All these and other network environments, which can be detected as the standard protocols that can be interconnected to form the intranet, which can be connected with the outside world through the Internet. In short, there are several disparate sources for storage and transmission of data and, therefore, for computing devices require ways of protecting contents in all parts of the pipeline data processing.

'Internet' usually refers to a collection of networks and gateways that use the TCP/IP Protocol, which is known in the technical field relating to the work in the computer network. TCP/IP is an acronym for "Transmission Control Protocol / Interface Program". The Internet can be described as a system of geographically distributed remote computer networks that connect computers running network protocols that allow users to interact and share information through the network. Because of such a wide span of information sharing remote network such as the Internet, until now, mainly been deployed in an open system, for which developers can essentially without limitation in order to develop software applications to perform specialized operations or services.

Therefore, the network infrastructure provides the ability to assign functions host any element of the network topology, such as client/server, peer-to-peer architecture, or hybrid architecture. "Client" is a member of a class or group that uses the services of another class or group to which he does not belong. Therefore, when calculating the client is a process that is tentatively set of instructions or tasks, requesting a service provided by another program. The client process (accepted process) uses the requested service without having to "obtain information" about any details of the operation of other programs or services directly. In the architecture of client/server, in particular, in the system with the network structure, the client is usually a computer with access to shared network resources provided by another computer, such as a server. In a possible variant 2 computers 110a, 110b, etc. can be considered as clients and computers 10a, 10b, etc. can be considered as a server, where the server 10a, 10b, etc. support data, which is then copied to the client computers 110a, 110b, etc.

The server is typically a remote computer system accessible via a remote network, like the Internet. The client process can the t to be active in a first computer system, and the server process (server process may be active in a second computer system, which are connected via communication media for providing distributed functionality and multiple clients on the advantages of storing information on the server.

The client and server communicate with each other using the functionality provided by the Protocol layer. For example, the Transmission Protocol Hypertext (HTTP) is a common Protocol used in conjunction with the world wide Web (WWW). Usually for mutual authentication of client computers and server computers use the address of the computer network of the form of Uniform Resource locator (URL) or address of the Internet Protocol (IP). The network address can be specified as a Uniform Resource locator (URL). For example, communication can be provided through a communication media. In particular, due to the high bandwidth client and server can be connected to each other through TCP/IP connections.

Therefore, figure 2 illustrates a possible environment with a network structure or a distributed environment, which can be used in the present invention, a server associated with computers-clients through the communications network/bus. Bol is e detail according to the present invention multiple servers 10a, 10b, etc. are connected through a network 14 communication/bus, which may be a LAN, WAN, intranet, Internet, etc. with multiple clients or remote computing devices 110a, 110b, 110c, 110d, 110e, etc. such as a portable computer, a portable computer, a thin client, network device, or another device, such as a cassette recorder VCR, TV TV, thermostat, power indicator, heater, etc. Therefore, it is assumed that the present invention can be applied to any computing device for which you want to process, store, or reproduce the protected content from reliable source.

In a network environment in which the network 14 communication/bus is, for example, the Internet, the servers 10 can be a Web server, with associated clients 110a, 110b, 110c, 110d, 110e, etc. by any of several known protocols such as HTTP. The server 10 may also serve as clients 110, which may be characteristic of a distributed computing environment. The connection can be wired or wireless, where appropriate. The client devices 110 may perform or not to perform communication via the network 14 communication/bus and can have to the same corresponding Autonomous communication. For example, in the case of TV or VCR for their management can exist or not exist aspect of network structure the tours. Each client computer 110 and server computer 10 can be equipped with different modules of the application program or the objects 135 and with connections or access to various types of storage elements or information objects that can be stored in files or in which can be loaded or transferred part(s) of files. Therefore, the present invention can be used in a computer network environment having client computers 110a, 110b, etc. that are provided access to and communication with a computer network/bus 14, and computers-servers 10a, 10b, etc. that can communicate with computers-clients 110a, 110b, etc. and other devices 111 and databases 20.

Understanding information Rights Management of Digital content (DRM)

As is known, according to 11, the rights management of digital content (DRM), and ensuring that enforcement is highly desirable in respect of digital content 12, such as digital audio data, digital video, digital text, digital data, digital multimedia data, etc. where the specified digital content 12 is to be distributed to users. After receiving the user of the digital content, the user plays or 'loses' digital content using the appropriate playback device such as a media player on a personal computer 14 or similar device.

Typically the owner or developer of the content (hereinafter 'the owner'), distributing the digital content 12, prefers to limit the possible actions of the user in relation to the distributed digital content 12. For example, the content owner may prefer to restrict copying and redistribution of the user content 12 to the second user, or may prefer to allow playback of the distributed digital content 12 a limited number of times only in the continuation of certain full-time only on a specific device, only some specific type of player, only certain types of users, etc.

However, once distributed, the content owner has very little control over the digital content 12, if it has at all. At the same time, the DRM system 10 provides a managed reproduction or playback of arbitrary forms of digital content 12, and such control is flexible and is determined by the content owner of the digital content. Usually the content 12 is distributed to the user in the form of package 13 through any appropriate channel of distribution. A package of 13 digital content distribution may contain digital content 12, the encrypted symmetric key Shi is the formation/decrypt (KD) (i.e., (KD(CONTENT))), as well as other information that identifies content on how to purchase a licence for the content, etc.

The DRM system 10, based on trust, enables the owner of the digital content 12 to define rules license, which must be satisfied before allowed to play digital content 12 and computing device 14 of the user. Rules license may contain the above-mentioned temporary requirement and may be included in the digital license or document of use (hereinafter 'the license') 16, which should get the user/computing device 14 of the user (hereinafter, these terms are used interchangeably, unless the context requires otherwise) from the content owner or its agent. License 16 also includes a decryption key (KD) for decrypting the digital content, possibly encrypted in accordance with a key that decrypts the computing device of the user.

The content owner of the piece of digital content 12 shall be treated confidentially to the fact that the computing device 14 of the user will abide by the rules and requirements defined by the content owner in the license 16, that is, that there will be no reproduction of the digital content is th 12 if you are not satisfied with the rules and requirements of the license 16. Then, preferably, the computing device 14 of the user is ensured by the competent component or mechanism 18, which will not play digital content 12, except in accordance with the licensing rules, prisoners in the license 16 corresponding to the digital content 12 and received by the user.

Eligible component 18 typically has a block 20 evaluation license, which determines whether the license 16 is valid, looking at the rules and requirements of a valid license 16 and determines on the basis of review rules and requirements in the license, whether the requesting user is authorized to perform playback of the requested digital content 12, etc. Should be understood that the block 20 evaluation license the DRM system 10 intrusted with the requirements of the owner of the digital content 12 in accordance with the rules and requirements in the license 16, and the user should not have space in their objectives simply change the eligible item.

It should be clear that the rules and requirements in the license 16 can determine whether the user has rights to perform playback of digital content 12 based on one of several factors, including information about who the user is, where the user is located, what type of computing device the VA uses the user what playback application calls the DRM system, the date, time, etc. Additionally, the rules and requirements in the license 16 can impose restrictions on the license 16, for example, in the sense of a predetermined number of playbacks or a predetermined playing time.

The rules and requirements can be defined in the license 16 in accordance with any relevant language and syntax. For example, the language may simply define the parameters and values that must be satisfied (for example, date date must be after X), or may require fulfillment of functions in accordance with a specific scenario (for example, If the DATE is Greater than X,...).

After determining unit 20 evaluation license that the license 16 is valid and that the user satisfies the rules and requirements can be carried out playback of the digital content 12. In particular, to play the content 12 from the license 16 is obtained decryption key (KD) and applied to (KD(CONTENT)) from the package 13 content to get to the actual content 12 and then actually playing the actual content 12.

Publishing digital content.

Figure 3 is a functional diagram of a system and method for publishing digital content. The term "public the Oia" is used here to define the process performed by an application or a service to make with the competent set object rights and conditions that the object can be granted for the specified content, and to determine to whom these rights and conditions can be issued. According to the invention the publishing process includes the encrypted digital content and attach list of permanent rights, provide a forced manner that the content author provides for all possible users of the content. This process can be performed in a reliable way to deny access to any law or to the content, if it is not provided by the content author.

In particular, for the publication of the protected digital content, there are three objects: the application 302 training content running on the client 300 and preparing content for publication, software interface 306 APIs (application) rights management of digital content (DRM), also a self-hosted on the client device 300, and the DRM server 320, which is connected via communication with the client 300 via the network 330 communication, such as the Internet, LAN or WAN connection, or a combination of both.

Application 302 training content can be any application that creates digital content. For example, the application 302 may be a word processor and the another Publishing tool, which creates a digital text files, digital music, video, or other similar content. The content may also include content that is presented in the form of a stream, for example, presented in the form of a stream of audio data/video events, or event recorded on film. The application 302 is provided to the encryption key to encrypt the digital content, resulting in the generated file 304 encrypted digital content, and the user provides the data rights must be firmly associated with the encrypted content file 304 digital content. Data rights include the identifier for each object that has rights to digital content, and a set of rights and conditions for each identified object.

This object may be, for example, a person, group of persons or device. Such rights may include the right to read, edit, copy, print, digital content, etc. Conditions may include the minimum system requirements, limitations on the date and time, the number of playbacks, etc.

API client 306 sends an encrypted digital content and data rights to the DRM server 320. Using the process described in detail below, the DRM server 320 determines whether it can enforce these data rights, and if you can, t the signed data rights for the formation of a signed label rights 308 (SRL). However, in General, any eligible entity may sign the data rights, preferably using a key, the trusted DRM server 320. For example, the client can sign the data rights using the key provided to him by DRM server 320.

Label rights 308 may include data representing a description of the rights, the key of the encrypted content and a digital signature, the following for a description of the rights and key encrypted content. If the DRM server 320 signs label rights, it sends a signed tag 308 rights back to the client through the API 306 of the client, which stores the signed label rights 308 on the client device 300. Then, the application 302 training content maps signed label rights 308 file 304 encrypted digital content, for example by connecting, to generate file 310 content managed rights. However, it should be noted that the SRL 308 may be stored in a known location that is separate from the file 304 content with reference to the SRL 308, which is connected with file 304 content to generate file 310 content.

Figure 4 shows one way to publish digital content from a rights-managed. At step 402, the application 302 generates a content key (CK), which is used to encrypt the digital content. The content key (CK) is usually a symmetric key, Ho is I to encrypt the digital content can be used in any key. As you know, the symmetric key used by the algorithm using a symmetric key for encryption and decryption. Accordingly, when shared by the sender and the recipient (CK) should be well hidden. At step 404, the application 302 encrypts the digital content using (CK) to form the encrypted digital content 304 (that is, (CK(CONTENT))). Additionally, the content publishing tool or other object to derive rights corresponding to (CK(CONTENT)). It should be noted that these rights can be created with the data rights or data rights obtained from a predefined template. As described above, these rights may include the list of objects that will be given the right to use the content, certain rights possessed by each object in the content, and any conditions that may be imposed on these rights.

At step 406, the API 306 generates the second encryption key (K2), is used to encrypt the content key (CK). Preferably (K2) is also a symmetric key. At step 408, the API 306 encrypts (CK) using (K2) to obtain the result (K2(CK)). At step 410, the API 306 resets (CK), resulting in (CK) can now only be obtained through decryption (K2(CK)). To ensure that (CK(CONTENT)) protected DRM Central server on the ohms 320 and all of the "license requirements" on centralized content in accordance with these rights, API 306 at step 412 associated with the provided DRM server 320 and restores its public key (PU-DRM). At step 414, the API 306 encrypts (K2) using (PU-DRM) to obtain the result in (PU-DRM(K2)). Therefore, (CK) can be protected (PU-DRM) to ensure the DRM server 320 in the form of a single object, allowing access (CK)required to decrypt (CK(CONTENT)). At step 416, the API 306 encrypts the data rights (i.e., a list of objects that all have rights, and related rights and conditions corresponding to each object in the list, with rights) using (K2) to produce key data rights (K2(rightsdata)).

In another embodiment (CK) can be used to directly encrypt data rights to obtain the result in (CK(rightsdata))and (PU-DRM) can be used to directly encrypt (CK) to obtain the result in (PU-DRM(CK)), as a consequence, using (K2) is completely eliminated. However, the use of (K2) for data encryption and rights (CK) provides coordination (K2) with any particular algorithm that can conform to the DRM server, while (CK) can be defined by the object, independent from the DRM server and he may not obey.

At step 418, the application 302 content protection is (PU-DRM(K2)and (K2(rightsdata)) DRM server 320 in the form of a label, the PRA is for signing. In another embodiment, directly to the customer can sign the data rights by the method described below. If the data rights are submitted for signature to the server, then at step 420 the DRM server 320 performs the data access rights and verifies that it can enforce the rights and conditions of the presented label rights. To test the possibility of providing for the compulsory execution of the specified data rights, the DRM server 320 uses the secret key (PR-DRM)corresponding to (PU-DRM)to (PU-DRM(K2)) to obtain the result (K2) and then applies (K2) (K2(rightsdata)) to obtain as a result of these rights in the source view. Then, the server 320 can review all policies to ensure that users, rights and conditions defined in these rights do not extend beyond any strategy, the enforcement of which is provided by the server 320. The server 320 signs presents original label rights, including (PU-DRM(K2)and (K2(rightsdata)), to obtain the result of the signed label rights 308 (SRL), where the signature based on a secret key of the DRM server 320 (PR-DRM), and returns the SRL 308 back to the API 306, which is then returned to the SRL 308 application 302 of the client.

SRL 308 is a document with a digital signature, which makes it protected from unauthorized interference. Additionally, SRL 308 is n is dependent on a valid key type and algorithm used to encrypt the content, but maintains a strict dependence of the one-to-one (1-1) in respect of content, which it protects. In one embodiment, the present invention according figa, SRL 308 may contain information about the content, which is the basis of the SRL 308, possibly including, among other information, the ID of the content; information about DRM server that signs SRL 308, including (PU-DRM(K2)), and reference information such as a URL to locate the DRM server in the network and information about the neutralization of the malfunction, if the URL is not working; information describing directly SRL 308; (K2(rightsdata)):(K2(CK)); and the digital signature S(PR-DRM)). Making sure that eligible object signs data rights to create a signed tag 308 rights, the DRM server 320 has confirmed that he will issue a license for the content in accordance with conditions established by the publishing tool, as described in the data rights label 308 rights. It should be clear that the user requires a license to play the content, mainly because the license includes a content key (CK). When the user needs to obtain a license for the encrypted content, he may submit a request for a license, including SRL 308 for content, and a certificate confirming the mandate (account settings access the PA user, formed after successful authentication of the user, the DRM server 320 or another object, issuing licenses. Then the object issuing the license, can decrypt (PU-DRM(K2)and (K2(rightsdata)) to obtain these rights, make a list of all of the rights granted by author (if any) to the object that requested the license, and to create a license that includes only those specific rights.

As described above, upon receipt of the application 302 SRL 308, the application 302 connects signed tag 308 with the appropriate rights (CK(CONTENT)) 304 for forming the digital content from a rights-managed. In another embodiment, data rights are stored in a known location with reference to this location, provide the encrypted digital content. Therefore, the playback application that receives permission DRM may find signed label rights 308 through the piece of content, which it is trying to reproduce. Discovery (tag) starts initializing the playback application a request for a license to the server 320 licensing DRM. The application 302 publication, for example, can store the URL of the server 320 licensing DRM, or the server 320 licensing DRM can embed your URL in the form of a fragment of the metadata label rights before signing her digital signature to the API 306 of the client DRM caused by application of the playback IMEI : is doing, could identify the correct server 320 licensing DRM.

Obtaining a license for published content

According to figure 5, the described system and method for licensing digital content from a rights-managed. The term "licensing" is used here in relation to the process that executes the application, or service to request and obtain a license, providing an opportunity for the object named in the license to use the content in accordance with the conditions specified in the license. The input to the licensing process can include a signed tag 308 rights (SRL)corresponding to content for which you are requesting the license, and the certificate(s) of the public key of the object(s)for which you are requesting the license. It should be noted that the object requesting the license, does not necessarily have to be the object for which you are requesting the license. Usually the license includes a description of the rights of the SRL 308, the encrypted key that can decrypt an encrypted content, and a digital signature, after describing the rights and encrypted key to confirm the legality and prevent fraud.

Pre API client 306 sends the signed label rights 308 content 310 a rights-managed by the DRM server 320 via network 330 connection. As described above, the label 308 of rights includes the key with arrimage (CK), encrypted in accordance with the public key of the DRM server 320 (PU-DRM) (i.e., (PU-DRM(CK))). Then in the process of issuing a license to the DRM server 320 applies (PR-DRM) to (PU-DRM(CK)) to obtain (CK). He then uses the public key (PU-ENTITY) in the public key certificate, which is sent in the request for license, to re-encrypt (CK) (i.e., (PU-ENTITY(CK))). Then re-encrypted (PU-ENTITY(CK)) is placed in the license. As a consequence, the license may be returned to the calling program without the risk of disclosure (CK), because only the holder of the private key (PR-ENTITY)corresponding to (PU-ENTITY), can recover (CK) of (PU-ENTITY(CK)). Then the API 306 client uses (CK) to decrypt the encrypted content for the formation of the decrypted digital content 312. The client application 302 may then use the decrypted digital content 312 in accordance with the rights provided by the license.

In another embodiment, as described more fully below, the client, such as the publishing client may, for example, to give itself a use license to use the content.

According Figa and 6B, described by way of licensing digital content from a rights-managed. At step 602, the object issuing the license, for example, the DRM server 320 receives a request for a license with the public key certificate or identifier for each of one or b is lesego number of licensees. Presumably, if it is determined identifier, the DRM server 320 may order the appropriate public key certificate from a directory, database, etc. If the license is requested for only one licensee, there is only one certificate or ID. If the license is requested for multiple licensees, it may be specified certificate or identifier for each potential licensee. At step 604, if required, authenticates the requestor (i.e. the object making the request for the license). At step 606, again, if required, determining whether the object to request the license.

If, at step 608 outstanding object determines that the request is not enabled public key certificate, the issuing object using the specified ID to search for the corresponding public key certificate in the directory service or database. If at step 610 outstanding object indicates that the certificate is in the directory, then step 612 is restored certificate. If this potential licensee certificate is not found either in the query or in the catalog, the license server does not generate the license for this potential licensee and at step 614 requesting object returns information about the error.

Assume that the DRM server 320 has with rtificat public key of at least one potential licensee, then at step 616, the DRM server 320 validates the eligibility of each certificate of the licensee. If the authenticity is not confirmed, the DRM server 320 determines that the Issuer (the object of issuance of the certificate of the licensee is not in the list of eligible issuers, the request for the licensee receives the request, and at step 614 is formed information about the error. Therefore, any potential licensee, a certificate which is not issued by a qualified Issuer is unable to obtain a license.

Additionally, the DRM server 320 preferably checks the validity of the digital signature for all objects in the certificate chain from the certificate eligible issuers to the public key certificates of the individual licensee. The process of validation of digital signatures in the chain is known by the algorithm. If the validity of the public key certificate for this potential licensee is not confirmed, or the validity of the certificate chain is not confirmed, the potential licensee is not authorized and, therefore, such potential licensee, the license is not issued. Otherwise, at step 618 may be issued a license. At step 620, the process is repeated until you have processed all the objects for which it was requested license.

According figv, the DRM server 320 goes to about the Erke authenticity signed label rights 308, received request for a license. In one embodiment, the DRM server 320 is a standard each signed label rights. Then, during the (processing) of the license (step 622), the DRM server 320 can restore the standard label rights. The standard label rights may be newer than the copy label rights transferred in the request for a license and, therefore, will be label rights used to create the requested license. If the standard label rights is not found, the DRM server 320 in step 624 determines in accordance with a predefined strategy, whether to issue a license based label rights in the query. If the strategy does not provide this capability, the request for a license is denied at step 626 and the API 306 at step 628 returns information about the error.

At step 630, the DRM server 320 verifies the authenticity of the SRL 308 and especially its digital signature. If the reliability of the SRL 308 is not confirmed, the request for a license is denied at step 626, and the API 306 at step 628 returns information about the error.

After all checks the validity of the DRM server generates a license for each approved license based on the SRL 308. At step 632, the DRM server 320 generates an appropriate description of the rights for the license that will be issued to each licensee. For each licensee DRM server 320 evaluates the identifier specified in the middle is ificate public key of the licensee as identifiers, specified in the description of rights in the mark rights. At step 636, the DRM server 320 obtains (PU-DRM(K2)and (K2(CK)) of the SRL 308 and applies (PR-DRM) to obtain (CK). Then outstanding object re-encrypts (CK) using (PU-ENTITY) from the public key certificate of the licensee to obtain the result in (PU-ENTITY(CK)). At step 638, the DRM server 320 connects the generated description of the rights to (PU-ENTITY(CK)) and sign a digital signature obtained from the data structure using the (PR-DRM) (i.e., S(PR-DRM)). Therefore, the signed data structure is the license for the specific licensee. At step 640, the DRM server 320 determines that there are no more licenses that you want to create on this particular request. Then at step 642 formed the licenses are returned to the requesting object, together with the relevant certificate chain that binds the license back to a legitimate authoritative source.

Self-publishing has signed label rights 308 SRL

In one embodiment, the present invention SRL 308 may be signed directly requesting/publishing user. Accordingly, such user is not required to contact the DRM server 320 for receiving the SRL 308 for the respective piece of content. By self-publishing can also be determined from the AC is offline publication. In this embodiment, the publishing user must also be granted the opportunity to give yourself license to publish tool, mainly because the self-published content is now DRM-protected, and the license for publishing tool you need permission to publish the user to playback protected content. Also it should be clear that the publishing user may be provided with an opportunity to issue licenses to other users.

In particular, in the embodiment according to Fig.7 offline publishing user, firstly, there is the possibility of offline publications, gaining from the DRM server 320 certificate 810 offline publications (OLP), which includes the public key (PU-OLP) and the corresponding private key (PR-OLP)encrypted according to a public key (PU-ENTITY), directly or indirectly available to eligible component 18 (11) of the user, to obtain the result in (PU-ENTITY(PR-CERT)). It should be noted that (PU-ENTITY), for example, may be the public key is authorized component 18 or the public key of the user, which is available through the public key is authorized component 18. Certificate 810 OLP must be signed by the private key of the DRM server 320 (PR-DRM)to the DRM server 320 can implement p overco certificate OLP, as will be described in detail below.

Additionally, the certificate 810 OLP must include a certificate chain from (PU-DRM) back to a legitimate authoritative source, which is in a trust relationship with the eligible component 18 publishing user or another user to eligible component 18 could verify certificate 810 OLP and any other certificates or licenses associated with the certificate 810 OLP, as will be described below. In short, it should be clear that the certificate chain starts with the root certificate, signed by the private key of the competent authority and have the public key of the next certificate in the chain. Then, each intermediate certificate in the chain is signed by the private key corresponding to the public key of the previous certificate in the chain, and has the public key of the next certificate in the chain. In conclusion, certificate, or license to which is attached a chain, signed by the private key corresponding to the public key of the last certificate in the chain. Therefore, to validate the certificate or license to which is attached a chain, obtained information regarding the public key corresponding to the secret key of the competent authority, and this public key is authorized avtoritetnogo source is used for signature verification of the root certificate in the chain. It is assumed that the signature of the root certificate is verified, then from the root certificate is obtained the public key used to verify the signature of the first intermediate certificate in the chain. The process is repeated sequentially along the chain until it is verified each signature, and then it turns out the public key of the last intermediate certificate in the chain, which is used to verify the signature of the certificate or license that is attached to the chain.

It should be clear that the certificate 810 OLP creates a line of trust relationships in the chain between content 304, which should be published offline, and DRM server 320, which must issue a license for the content 304. Certificate 810 OLP can be created based on the XML language/XrML or any other appropriate language.

Also it should be clear that the certificate 810 OLP and attached the certificate chain authorize the publishing user for self-publishing. Additionally, it should be clear that the key pair (PU-OLP, PR-OLP) is independent from (PU-ENTITY, PR-ENTITY) and is used specifically for self-publishing. It should be noted that the key pair (PU-OLP, PR-OLP) may be distributed, in this case, the certificate 810 DRM only includes the user's public key (PU-ENTITY) and shall be signed by the private key of the DRM-with whom rvera 320 (PR-DRM), to the DRM server 320 could carry out his inspection.

Self-publishing is different from the publication, illustrated in figure 4, so that the user essentially takes the place of the DRM server 320 in relation to the performed steps. It is essential that the user signs presents label rights, including (PU-DRM(K2)and (K2(rightsdata)) or including (PU-DRM(CK)and (CK(rightsdata)) (the latter shown Fig.7 and 8) using (PR-OLP), obtained from the certificate 810 DRM (that is, S(PR-OLP)) to obtain the result of the signed label rights 308 (SRL). Eligible component 18 client using certificate 810 OLP usually checks it on the basis of the attached certificate chain. It should be clear that an eligible component 18 user receives (PR-OLP) from the certificate 810 OLP, receiving from the certificate 810 OLP (PU-ENTITY(PR-OLP)) and applying to it (PR-ENTITY). However, it should be noted that publishing the user can verify that the DRM server 320 may enforce the rights of self-published SRL 308. Accordingly, directly DRM server 320 must perform this check at the time of the request for a license on the basis of self-published SRL 308.

After publishing the user publishes the SRL 308, it attaches independently published SRL 308 and certificate 810 OLP used DSEE create, content 304, and content 304 from the SRL 308 and certificate 810 DRM is allocated to another user in the form of content 310 a rights-managed. Then another user requests and receives a license to the content 304/310 from the DRM server 320, essentially, in a way similar to that figa and 6B. However, here the user requesting the license is DRM server 320 and self-published SRL 308 and certificate 810 OLP attached to the content 304. Then, the DRM server 320 verifies S(PR-DRM) in the certificate 810 OLP based on the (PU-DRM) and obtains (PU-OLP) from the certificate 810 DRM. Then, the DRM server 320 verifies S(PR-OLP) in the SRL 308 on the basis of the obtained (PU-CERT) and continues as described above. However, it should be noted that, since the publishing user has not verified the possibility of providing DRM server 320 to enforce rights in the SRL 308, as described above, the inspection should be performed directly DRM server 320 at this point in time.

It should also be noted that the DRM server 320 need only check S(PR-DRM) in the certificate 810 OLP, because, obviously, he is in a trust relationship with yourself. Accordingly, there is no need to transfer the DRM server 320 together with the certificate 810 OLP corresponding certificate chain certificate 810 OLP, of course, if the chain is not required what about the other reasons, for example, if the chain is not directly at least partially the basis for S(PR-DRM).

Nevertheless, it is essential that the publishing user should be provided with an opportunity to play protected content 304/310 without requiring access to the DRM server 320 for a license. Otherwise, publishes a user who is offline publishes content 304/310, not turning to the DRM server 320, on the basis of the certificate 810 OLP should be provided with an opportunity independently to give itself a license, not referring to the DRM server 320 for playback by the user offline published content 304/310. Accordingly, the publishing user may continue to work with self-published content 310 without any communication with the DRM server 320.

Therefore, in one embodiment, the present invention according pig publishing the user issues a stand-alone license 820 on the publishing tool, signed (PR-OLP) is based on independently published SRL 308 and includes a certificate 810 OLP and its certificate chain. Presumably, license 820 on the publishing tool publishing provides the user full access to the self-published content 310, although it may be given less than full access. License 820 on environments the creation of the publication may be written in XML/XrML or in another language, like other DRM licenses. It should be clear that the license 820 on the publishing tool includes a content key (CK)encrypted according to (PU-ENTITY), which can be obtained by the competent component 18 of the computing device 14 of the user to form (PU-ENTITY(CK)).

Therefore, the chain for the license 820 on the publishing tool comes from license 820 to certificate 810 OLP and then back to the root certificate from the competent authority, perhaps through one or more intermediate certificates. As an eligible component 18 of the user, presumably, can obtain the public key corresponding to the secret key of the competent authority, which was used to sign the root certificate, the competent component 18 can independently verify the license 820 on the publishing tool through its certificate chain and then after checking can get out of it (PU-ENTITY(CK)), apply (PR-ENTITY) to obtain (CK) and applying (CK) to (CK(content)) to obtain the content 304 for his play. In the publishing user may continue to interact with the content 310, published offline, while remaining Autonomous.

Therefore, as described above, oblique user offline publishes content 304/310 and issues a stand-alone license 820 on the publishing tool for content 304/310 in the following way according to Fig.9.

Presumably that should be clear, content 304 is developed in an appropriate way and encrypted according to a content key (CK) (step 901), and publishes the user creates a label rights content 304 with relevant information {e.g., (PU-DRM(CK)and (CK(rightsdata))} (step 903). After that, the publishing user, which, presumably, is already a potential owner of a certificate 810 OLP from the DRM server 320 receives a certificate 810 OLP (step 905) and validates it based on his signature and certificate chain leading back to the root authoritative source (step 907). It should be clear that this test actually is eligible component 18 on the computing device 14 of the publishing user. It is assumed that the test was successful, then the publishing user/eligible component 18 (hereinafter 'publish') restores (PU-ENTITY(PR-OLP)) certificate 810 OLP (step 909), applies (PR-ENTITY) to (PU-ENTITY(PR-OLP)) to obtain (PR-OLP) (step 911), and then signs the created label rights using (PR-OLP) to create the SRL 308 (step 913).

After publishing the user connects the SRL 308 and certificate 810 OLP, used for its creation, content 304 for forming a self-published content 310 (step 915), and, consequently, so is the content 310 managed rights can be allocated to another user. However, to continue the use or reproduction of content 310 publishing user needs to give itself the appropriate offline license 820 on the publishing tool.

Because of this publish, the user creates a license 820 on the publishing tool by identifying the appropriate data rights and is encrypted according to a content key (CK) to obtain the result in (CK(rightsdata)) (step 917). It should be noted that these rights can be derived from the SRL 308 of content 310, some default data set of rights that provides the publishing user partial or full access to self-published content 310, or data rights can be obtained from another source. Additionally, the publishing user encrypts the content key (CK) according to (PU-ENTITY) to form (PU-ENTITY(CK)) (step 919). Then (CK(rightsdata)) and (PU-ENTITY(CK)) formatted license 820 on the publishing tool (step 921), joined by the certificate 810 OLP and its certificate chain (step 923), and the license 820 on the publishing tool is signed based on (PR-OLP), obtained in step 911 (step 925). It should be noted that the content 304 (that is, (CK(CONTENT))), license 820 on the publishing tool, and the OLP certificate in combination form a chain 830 digital elem is now back to a legitimate authoritative source.

According to figure 10, the publishing user to reproduce published content 310 is not required to contact the DRM server 320, in return he receives the public key corresponding to the secret key of the competent authority, which was used to sign the root certificate (step 1001), verifies the root certificate (step 1003) and then checks every intermediate certificate in the chain (step 1005) by obtaining for each intermediate public key certificate of the previous certificate and use it to verify the signature of the interim certificate. Then (PU-DRM) of the last certificate in the chain is used for signature verification certificate 810 OLP (that is, S(PR-DRM)) (step 1007), certificate 810 OLP is obtained (PU-OLP) (step 1009), and (PU-OLP) is used to verify the signature of the license 820 on the medium of publication (that is, S(PR-OLP)) (step 1010).

If the license 820 on the publishing tool validated, it restored (CK(rightsdata)) and (PU-ENTITY(CK)) (step 1011), (PR-ENTITY) is applied to (PU-ENTITY(CK)) to obtain the result in (CK) (step 1013), and (CK) is applied to (CK(rightsdata)) to obtain the result data rights (step 1015). It should be clear that these rights are viewed eligible component 18 of the computing device 14, the publishing user to determine what data rights about who handle the containers possibility of playing the same way (step 1017), therefore, an eligible component 18 is applying (CK) to (CK(content)) from the content 310 to obtain the content (step 1019), and then the content corresponding to the playback application for the actual playback (step 1021). Therefore, stages figure 10 really see the chain 830 digital elements from the competent authority to the content 304.

It should be noted that eligible component 18 can, presumably, apply (CK) to (CK(content)) to obtain the content without first viewing the data rights and regardless of that permit or do not permit data rights, but the content is confidential and is structured for actual content creation only after viewing these rights and their implementation, where these rights allow the reproduction of the content. Again, the license 820 on the publishing tool publishes the user can continue to work with the content 310, published offline, while remaining Autonomous, since it is not necessary in connection with the DRM server 320.

Registration documents and registration documents DRM server

In architecture, illustrated in figure 3, shows only one DRM server 320. However, it should be clear that the architecture may include, ver is pleasant, will contain multiple DRM servers 320. In particular, in one embodiment, the present invention this architecture provides a distributed network of DRM servers 320. Each of the DRM server 320 can have any specific function, and all the DRM server 320 can be arranged in any appropriate manner, without going beyond the scope of this invention.

For example, according pig, within a single organization may have one or more DRM server 320 user level for signature label rights to create labels SRL 308, licences 16, the granting of licences for the publication, issue certificates to users, issuing certificates computing devices 14, etc. Each DRM server 320 user level can be assigned, for example, on the basis of the territorial principle or on the basis of function or load. Similarly, to control for multiple DRM server 320 user-level organization may have one or more administrative DRM servers 320. If necessary, the DRM server 320 based organizations can be placed after your organization's firewall.

In addition to the DRM servers 320 based organizations can also be DRM server 320 TRANS-organization (multiple organizations)contributing to the implementation of DRM functions between organizations. For example DRM servers 320 TRANS-organizations can provide the ability to share a couple of organizations of a specific DRM content 12. There may also be network DRM servers 320 supervisors who give sanctions to all other DRM servers 320. For example, the DRM server 320 supervisors can monitor and maintain all other DRM server 320 and provide appropriate communication to all other DRM servers 320 back to the root or the competent authority, which is the basis of the certificate chain as described above. Such DRM server 320 is not based on the organization's probably not located next to any of your organization's firewall.

It is critical that each DRM server 320 in architecture Fig was able to prove that he is eligible. Therefore, as should be clear from the description of the chain of certificates, each DRM server 320 after the occurrence of the architecture is provided by the certificate 1310 registration, as can be seen from Fig. Is significant, as is the case in one embodiment of the present invention that the certificate 1310 registration is provided to the incoming DRM server 320 (hereinafter referred to as "DRM-E server 320") other 'registering' DRM server 320, the existing architecture (hereinafter referred to as "DRM-R server 320"). Important is also that the certificate 1310 registration, provide the registration DRM-R server 320, attach a certificate chain 1320, including the certificate 1310 registration registration DRM-serv is RA 320, certificate 1310 registration DRM server 320, which has registered registering DRM-R server 320, and so on back up to the root DRM server 320. Root DRM server 320 may be represented by the root or the competent authority, or the certificate chain 1320 can continue to achieve root or competent authority. As should now be clear, the certificate 1310 registration and the certificate chain 1320 in combination form the certificate chain that is attached to the certificate 810 OLP provided by registered or logged-DRM-E server 320 publish the user, for example, as shown Fig.

In one embodiment, the present invention certificate 1310 registration, provide DRM-R server 320 DRM-E server 320 has the form of a certificate based on XrML 1.2. As can be understood, this type of certificate 1310 not be independently any third party, and therefore, this type of certificate 1310 does not represent the views of any independent guarantee by a third person for the holder of such a certificate 1310.

In one embodiment, the present invention is a method of registering a specific DRM-E server 320 in architecture depends on whether the registration of the DRM-R server 320 confidential information or cause against Itsa confidentially to the incoming DRM-E server 320. If not, the DRM-E server 320 is required to confirm the DRM-R server 320 its reliability and the fact that it supports DRM architecture. If so, the DRM-E server 320 does not need to confirm their reliability for the DRM-R server 320 at least not to the same extent. Therefore, the DRM-R server 320, no information/not relevant confidentially, 'registers' DRM-E server 320, while the DRM-R server 320 with information/related confidential 'under-registers' DRM-E server 320.

Usually DRM-R server 320 has information/concerns confidentially in relation to DRM-E server 320, if they are both operated by a single organization or in the interests of a single organization, although the availability of information/trust may also be a result of other situations, not beyond the scope of the present invention. Therefore, a method of registering a specific DRM-E server 320 in architecture usually depends on whether the registration of the DRM-R server 320 server-based organization, or the server is not on the basis of the organization. In the DRM-R server 320 is not based organizations 'registers' DRM-E server 320, while the DRM-R server 320 on the basis of organizations 'sub-registers' DRM-E server 320.

Registration

In one embodiment, the present invention according pig, no information/not relevant confidential DRM-R server is 320 registers the DRM-E server 320 to the following method.

Preliminarily, it should be clear that the DRM-E server 320, which you want to register the DRM-R server 320, no information/not relevant confidentially, probably not known DRM-R server 320. Accordingly, in one embodiment, the present invention DRM-E server 320 must order the certificate 1330 guarantee of a third party, according to vouch for the DRM-E server 320 (step 1401). Usually for performance guarantee by a third party is an independent agent, issuing certificates in a trust relationship with the DRM-R server 320, such as VERISIGN Corporation of Montain view, CA. Certificate 1330 surety may have, for example, the certificates, such as X.509. It should be noted that the DRM-R server 320, based on the surety authorized third party for the DRM-E server 320, the responsibility of the DRM-R server 320 for any wrong actions DRM-E server 320 relaxed.

It should be clear, and this is normal, according Fig certificate 1330 guarantee includes the public key (PU-V) and the corresponding private key (PR-V), signed by a competent third party, and for validation may be accompanied by a certificate chain leading to the famous root. It is also conventional that (PR-V) within the certificate 1330 guarantee a secure way available for the sponsoring for the DRM-E server 320, what is the basis of the certificate 1330 guarantee. For example, as can be seen from Fig, (PR-V) can be sirawan in accordance with the corresponding public key.

Inside architecture DRM incoming DRM-E server 320 should have a unique ID. Here it should be clear that DRM ID probably different from (PU-V, PR (V), although DRM identifier also may coincide with (PU-V, PR (V)that does not go beyond the scope of this invention. Accordingly, for the installation of this identifier, the DRM-E server 320 generates or receives a new pair of public key/secret key (PU-E, PR-E) (step 1403). Also, within the architecture DRM DRM-E server 320 registration must decide which objects may cancel the participation of its authoritative source. Accordingly, the DRM-E server 320 identifies cancelling each object in the list, possibly through its public key (step 1405).

DRM-E server 320 must be able to prove registering DRM-R server 320 that he really has a certificate 1330 guarantee that you obtained in step 1401. Accordingly, the DRM-E server 320 uses (PR-V) from the certificate 1330 guarantee for encryption (PU-E) to obtain the result (PR-V(PU-E)) in the form of a sign or signs (PU-E) with (PR-V) to obtain the result in (PU-E)S(PR-V) characteristic set (step 140). In any case, the use of (PU-V) to decrypt (PU-E) or the signature proves the possession (PR-V) and, therefore, the certificate 1330 guarantee. Currently, the DRM-E server 320 has a certificate 1330 guarantee (PU-E) and (PR-E), the revocation list authoritative source and (PR-V(PU-E)) or (PU-E)S(PR-V) as a sign of membership. Then the DRM-E server 320 to request the registration of transfers certificate 1330 guarantee (PU-E), the revocation list authoritative source and (PR-V (PU-E)) or (PU-E)S(PR-V) as belonging to the DRM-R server 320 (step 1409), and the DRM-R server 320 continues to register the requesting DRM-E server 320. It should be noted that the query or part of it can be in the form of a certificate, signed (PR-E).

In particular, the DRM-R server 320 checks the validity of the certificate 1330 guarantee on the basis of his signature authorized third party, and a certificate chain leading to the famous root (step 1411). Therefore, the DRM-R server 320 determines that for the DRM-E server 320 was surety. Also, the DRM-R server 320 checks the sign of belonging, applying (PU-V) from the request to decrypt (PU-E), or to verify the signature and consequently establishes possession (PR-V) and, therefore, the certificate 1330 guarantee for the query (step 1410). Additionally, it is essential that the DRM-R server 320 performs any custom log the ical schemes, necessary for deciding whether to satisfy the request (step 1413). Custom logic can be any appropriate logic circuits that are not beyond the scope of the present invention, and may, for example, contain a background check DRM-E server 320 and/or the operator, the determination of whether the DRM-E server 320 valid eligible component 18 and/or the operating system etc., determining whether the DRM-E server 320 in the revocation list or the other list, monitored, etc.

It is assumed that the custom logic allow to satisfy the request, then in one embodiment of the present invention, the DRM-R server 320 generates a certificate 1310 registration for the DRM-E server 320 (step 1415). In particular, as can be seen from Fig, the DRM-R server 320 includes a certificate 1310 registration:

the ID of the DRM-R server 320, such as its public key (PU-R)

the ID of the DRM-E server 320, for example (PU-E),

the identifying characteristic of the certificate 1330 warranties, including information about authorized third party that issued it, the serial number of the certificate 1330 guarantee, and the number defined within the certificate 1330 guarantee

any information field validation, defining the area within which the certificate 1310 registration of the promotion is valid for example, the time interval

the revocation list authoritative source,

the signature based on the secret key of the DRM-R server 320 (PR-R)corresponding to (PU-R)

and any other relevant information.

Other relevant information may include, for example, the date of issuance of the certificate; an indication of the functions of DRM, which is permitted to execute the registered server, for example, all the functions, only the activation of the account, only the signature label rights, only the issuance of licenses to the content, and combinations thereof; and the allowable time interval to perform the functions of DRM. It should be noted that the allowable time interval is different from the field of validation of the fact that the time steps must lie within the field verification for compliance with any certificate, including the certificate 1310 registration in the certificate chain. On the contrary, issued by the time the child certificates must get inside the allowed time interval of the parent certificate to perform the functions of DRM.

It should be clear that the formation of the certificate 1310 registration, the DRM-R server 320 may initially provide the information in the certificate and then allow custom logic circuits to generate additional information or modify existing information. Custom logically the scheme can for example, to ensure that the DRM-R server 320 relevant information or to request a predefined strategy DRM architecture. Of course, the signature certificate 1310 registration is created after you run any custom logic circuits. Also it should be clear that the DRM-R server 320 attaches the certificate chain 1320, which leads back to the root eligible authoritative source for the generated certificate 1310 registration in order to confirm the generated certificate 1310 registration on the basis of a certificate chain 1320. In particular, it should be noted that the identifying characteristic of the certificate 1330 guarantee placed within certificate 1310 registration, will always move with the certificate 1310 registration and act as bridge to the certificate 1330 guarantee. Therefore, again identifying sign everywhere is proof that DRM-R server 320, giving bail for the DRM-E server 320, based on the Issuer of the certificate 1330 surety authorized third party and liability DRM-R server 320 for any wrong actions DRM-E server 320 relaxed.

Then after the successful formation of the DRM-R server 320 certificate 1310 registration with attached certificate chain 1320, the DRM-R server 320 returns it to the requesting DRM-E is the server 320 (step 1417), and the newly enrolled DRM-E server 320 stores it in the appropriate location for further use (step 1419). As described above, (PU-E) certificate 1310 registration and the corresponding (PR-E) are a pair of public key/secret key that the DRM-E server 320 will be used as a (PU-DRM) and (PR-DRM) when signing a label rights to create the SRL 308, issuance of certificate 810 OLP and other participation within the DRM architecture. Accordingly, the certificate 1310 registration and the certificate chain 1320 in combination form the certificate chain that attached to the certificate 810 OLP etc.

Under-registration

In one embodiment of the present invention, according Fig DRM-R server 320 with information/related confidentially to the DRM-E server 320, the sub-registers it in the following way.

It should be clear that for pre-DRM-E server 320, which is required to be under-registered DRM-R server 320 with information/related confidentially, is the requirement to identify themselves for the DRM-R server 320, since the knowledge or trust may not be complete. However, it does not require identification of the level of performance authorized by a third party, because the DRM-R server 320 has some information/some trust with the DRM-E server 320. Accordingly,in one embodiment, the present invention DRM-E server 320 receives or provided some sort mandates 1340 (Fig), which are identifiable and are expected to be satisfactory for the DRM-R server 320 and sufficiently identifying the DRM-E server 320 for DRM-R server 320 (step 1501).

If the DRM-R server 320 and the DRM-E server 320 are located within a single organization, such mandates 1340 can be mandates based organizations, such as network ID, if both servers 320 are in a common network, domain ID, if both server 320 share a common domain, etc. If the DRM-R server 320 and the DRM-E server 320 are not within a single organization, mandates 1340 may be a network ID, if both servers 320 are in a common network, domain ID, if both server 320 share a common domain or so, or there may be other mandates, such as the mandates issued by a third party and recognized the DRM-R server 320.

It should be noted that in the existing situation, the DRM-R server 320 does not rely on the guarantee of a competent third party for the DRM-E server 320, and therefore the responsibility of the DRM-R server 320 for any wrong actions DRM-E server 320 is not softened to such an extent. However, the DRM-R server 320 prefer to take this risk on the basis of information on the DRM-E server 320 or trust relationship with him.

As before, inside architecture DRM incoming DRM-E server 320 should have a unique ID. Here podrazumevao the Xia, what DRM ID probably different from mandates 1340, although DRM identifier may also be the same mandates 1340 that is not beyond the scope of the present invention. Accordingly, to determine the ID of the DRM-E server 320 generates or receives a new pair of public key/secret key (PU-E, PR-E) (step 1503). Just as before, inside architecture DRM DRM-E server 320 under-registration must decide which objects may cancel the participation of its authoritative source. Accordingly, the DRM-E server 320 identifies cancelling each object in the list, possibly through its public key (step 1505).

To this point, the DRM-E server 320 has mandates 1340, (PU-E) and (PR-E) and the revocation list authoritative source. Then for a query under-registration DRM-E server 320 transmits the mandates 1340, (PU-E) and the revocation list authoritative source on the DRM-R server 320 (step 1507), and the DRM-R server 320 continues to under-registration of the requesting DRM-E server 320. It should be noted that as before, the query or part of it can be in the form of a certificate, signed (PR-E).

In particular, the DRM-R server 320 verifies the validity of mandates 1340 based on any logic or resources that are available and required for verification (step 1509). Therefore, the DRM-R server 320 sets based on a proven mandates 1340 that the DRM-E server 320 which is competent and complies with the terms of the DRM architecture. Additionally, and as before, the DRM-R server 320 performs any custom logic required for a decision regarding the request (step 1511).

It is assumed that the custom logic allow to satisfy the request, then in one embodiment of the present invention, the DRM-R server 320 generates a certificate 1310 under-registration for the DRM-E server 320 (step 1513). In particular, as can be seen from Fig, the DRM-R server 320 includes a certificate 1310 under-registration:

the ID of the DRM-R server 320, such as its public key (PU-R)

the ID of the DRM-E server 320, for example (PU-E),

mandates 1340 or a link to them,

any information field validation, defining the area within which the certificate 1310 under-registration is valid, for example the time interval

the revocation list authoritative source,

the signature based on the secret key of the DRM-R server 320 (PR-R)corresponding to (PU-R)

and any other relevant information.

As before, the formation of the certificate 1310 under-registration DRM-R server 320 may initially provide the information in the certificate and then allow custom logic circuits to generate additional information or modify existing information. Newly signed certificate 1310 under-registration is created after you made the I custom logic circuits. As before, the DRM-R server 320 attaches to the generated certificate 1310 under-registration certificate chain 1320, leading back to the root eligible authoritative source, to confirm the generated certificate 1310 under-registration on the basis of the certificate chain 1320.

Here it should be noted that the mandates 1340 or links to them are not particularly necessary, however, for completeness, can be included. It should also be noted that the certificate 1310 under-registration does not contain any identifying characteristic of the certificate 1330 guarantee, because in this scenario, under-registration certificate of sponsorship is not required.

Then after the successful formation of the DRM-R server 320 certificate 1310 under-Desk with attached certificate chain 1320, the DRM-R server 320 returns it to the requesting DRM-E server 320 (step 1515), and now under-registered DRM-E server 320 stores it in the appropriate location for later use (step 1517). As before, (PU-E) certificate 1310 under-registration and the corresponding (PR-E) are a pair of public key/secret key that the DRM-E server 320 should be used as a (PU-DRM) and (PR-DRM) when signing a label rights to create the SRL 308, issuance of certificate 810 OLP and other participation within the DRM architecture. Accordingly, such a certificate 1310 the od-registration and the certificate chain 1320 in combination form the certificate chain, which is attached to the certificate 810 OLP etc.

Conclusion

The programming necessary to implement the processes performed in connection with the present invention is relatively simple and should be understandable to know programming. Accordingly, programming is not applied. Also, do not depart from the scope and context of the present invention and can be implemented in any specific programming.

In the present invention rights management of digital content (DRM) and architecture and the way of enforcement provide the opportunity for controlled playback or playback of arbitrary forms of digital content, and such control is flexible and definable by the owner/developer of content digital content. The architecture enables and supports the managed reproduction, especially in the environment of the institution or organization, etc. where the documents should be shared by a certain group of persons or classes of persons This architecture provides the ability to publish content without first obtaining permission from the server and provides the ability to publish to a person to give themselves license to use for playback of published content without the connection to the server for resolution.

It should be clear that not away from the concepts of the invention may be made in the above-described variants of its implementation. For example, if the license or label rights signed on the basis of these rights, which they are, then there is no need to encrypt such data rights. Similarly, when the query and the creation of a certificate of registration or certificate of under-registration 1310 no need to use a revocation list with a reputable source, and other such information. Therefore, it should be clear that this invention is not limited to the specific disclosed variants, but is intended to cover modifications within the boundaries of the context and scope of the present invention, certain of the corresponding attached claims.

1. The way to publish digital content publishing user and grant yourself the corresponding digital license on the publishing tool to provide opportunities reproduction of published digital content, which publishes the user is supplied with a certificate in publishing from server rights management of digital content (DRM), the certificate has a public key (PU-OLP) and the corresponding private key (PR-OLP), encrypted public key corresponding to obliquum user (PU-ENTITY), to form (PU-ENTITY(PR-OLP)), the method includes:

content authoring and encryption developed content according to a content key (CK),

creating a label rights for the encrypted content (CK), encrypted public key of the DRM server (PU-DRM)to form (PU-DRM(CK)),

recovery (PU-ENTITY(PR-OLP)) certificate of publication,

applying a private key (PR-ENTITY)corresponding to (PU-ENTITY)to (PU-ENTITY(PR-OLP)) to obtain (PR-OLP),

the signing of the created label rights through (PR-OLP) to create a signed label rights (SRL),

the connection is designed SRL and certificate of publication with the encrypted content to form a content pack, distributed to another user, who must contact the DRM server for receiving therein a corresponding license (CK) for playback of encrypted content, and only such DRM server has a private key (PR-DRM)corresponding to (PU-DRM), and can apply (PR-DRM) to (PU-DRM(CK)) to obtain (CK),

creating the license data corresponding to the content package, with (CK)encrypted (PU-ENTITY) to form (PU-ENTITY(CK)),

the signing of the generated data licenses through (PR-OLP) to create licenses for publishing tool and

attach certificate of publication to the license for publishing tool, the consequence of which only publishes the user, with (PR-ENTITY)corresponding to (PR-ENTITY)may apply such (PR-ENTITY) to (PU-ENTITY(CK)) from the license to the publishing tool to obtain (CK) and therefore decrypt the encrypted content to implement playback.

2. The method according to claim 1, in which the certificate of publication also has a digital signature DRM server and accompanied by a chain of certificates leading back to a root authoritative source, the method includes:

validation of the certificate of publication on the basis of his signature and certificate chain leading back to the root authoritative source, and recovery (PU-ENTITY(PR-OLP)) from a trusted certificate publishing,

the connection is designed SRL, certificate of the publication and accompanying certificate chain with the encrypted content to form a content pack, distributed to another user, and attach the certificate of publication and accompanying certificate chain to the license for publishing tool, so that the package content, the license for the publishing tool and publishing certificate in combination form a chain of digital items back to the root authoritative source.

3. The method according to claim 1, which includes creating a label rights for the encrypted content (PU-DRM(CK)) and data rights, defining the rights and conditions, the cat is who must be satisfied to enable playback of the content.

4. The method according to claim 3, which includes the creation of a label rights for the encrypted content (PU-DRM(CK)) and data rights in an encrypted form.

5. The method according to claim 1, which includes the creation of the license data corresponding to the content package with (PU-ENTITY(CK)) and data rights, defining the rights and conditions that must be satisfied to enable playback of the content.

6. The method according to claim 5, which includes the creation of the license data corresponding to the content package with (PU-ENTITY(CK)) and data rights in encrypted form.

7. How to play the publishing user published digital content based on the self-issued the corresponding digital license on the medium of publication, the content encrypted by the content key (CK) to form (CK(content)), and the license for publishing tool includes (CK)encrypted with a public key (PU-ENTITY)corresponding to the publishing user to form (PU-ENTITY(CK)), and has attached to it a certificate of publication from the server rights management of digital content (DRM), the certificate has a public key (PU-OLP) and the corresponding secret key (PR-OLP), encrypted (PU-ENTITY) to form (PU-ENTITY(PR-OLP)), the license for the publishing tool is signed (PR-OLP), and the method includes:

certificate validation of publications is based on a chain of certificates

obtaining (PU-OLP) of the certificate of publication,

the use of the obtained (PU-OLP) to verify the signature of the license for publishing tool,

recovery (PU-ENTITY(CK)) from a verified license publishing tool,

application to (PU-ENTITY(CK)) of the secret key (PR-ENTITY)corresponding to (PU-ENTITY)to obtain (CK),

applying (CK) to (CK(content)) to obtain the content, and

the direction of the content playback application for the actual playback.

8. The method according to claim 7, in which the certificate document is digitally signed and accompanied by a chain of certificates leading back to a root authoritative source, the method also includes verifying the certificate of publication on the basis of his signature and certificate chain leading back to the root authoritative source.

9. The method according to claim 7, in which the license for publishing tool includes (PU-ENTITY(CK)) and data rights, defining the rights and conditions that must be satisfied to enable playback of content, the method also includes checking that certain rights and conditions of these rights provide the ability to playback.

10. The method according to claim 9, which includes the creation of the license data corresponding to the content package, with (PU-ETITY(CK)) and data rights in encrypted form, the method also includes decrypting the rights data.

11. A storage medium readable by a computer containing instructions executable by the computer to perform a method of publishing digital content publishing user and grant yourself the corresponding digital license on the publishing tool to provide opportunities reproduction of published digital content, publishing the user is supplied with a certificate of publication from the server rights management of digital content (DRM), the certificate has a public key (PU-OLP) and the corresponding private key (PR-OLP), encrypted public key corresponding to the publishing user (PU-ENTITY)to form (PU-ENTITY(PR-OLP)), the method includes:

content authoring and encryption developed content according to a content key (CK),

creating a label rights for the encrypted content (CK), encrypted public key of the DRM server (PU-DRM)to form (PU-DRM(CK)),

recovery (PU-ENTITY(PR-OLP)) certificate of publication,

applying a private key (PR-ENTITY)corresponding to (PU-ENTITY)to (PU-ENTITY(PR-OLP)) to obtain (PR-OLP),

the signing of the created label rights through (PR-OLP) to create a signed label rights (SRL),

the connection is designed SRL and public certificate the paths with the encrypted content to form a content pack, allocated to another user, who must contact the DRM server for receiving therein a corresponding license (IC) for playback of encrypted content, and only such DRM server has a private key (PR-DRM)corresponding to (PU-DRM), and can apply (PR-DRM) to (PU-DRM(CK)) to obtain (CK),

creating the license data corresponding to the content package, with (CK)encrypted (PU-ENTITY) to form (PU-ENTITY(CK)),

the signing of the generated data licenses through (PR-OLP) to create licenses for publishing tool and

attach certificate of publication to the license for publishing tool, resulting in only publishing user with (PR-ENTITY)corresponding to (PR-ENTITY)may apply such (PR-ENTITY) to (PU-ENTITY(CK)) from the license to the publishing tool to obtain (CK) and therefore decrypt the encrypted content to implement playback.

12. The storage medium according to claim 11, in which the certificate of publication also has a digital signature from the DRM server and accompanied by a chain of certificates leading back to a root authoritative source, with exercise

validation of the certificate of publication on the basis of his signature and certificate chain leading back to the root authoritative source, and recovery (PU-ENTITY(PR-OLP)) of PR is unverified certificate of publication,

the connection is designed SRL, certificate of the publication and accompanying certificate chain with the encrypted content to form a content pack, distributed to another user, and

attach certificate of publication and accompanying certificate chain to the license for publishing tool, so that the package content, the license for the publishing tool and publishing certificate in combination form a chain of digital items back to the root authoritative source.

13. The media according to claim 11, in which the method includes creating a label rights for the encrypted content (PU-DRM(CK)) and data rights, defining the rights and conditions that must be satisfied to enable playback of the content.

14. Media in item 13, in which the method includes creating a label rights for the encrypted content (PU-DRM(CK)) and data rights in an encrypted form.

15. The media according to claim 11, in which the method includes creating the license data corresponding to the content package, with (PU-ENTITY(CK)) and data rights, defining the rights and conditions that must be satisfied to enable playback of the content.

16. The media indicated in paragraph 15, in which the method includes creating the license data corresponding to the content package, with (PU-ENTITY(CK)) and data rights is an encrypted form.

17. A storage medium readable by a computer containing instructions executable by the computer to perform a method of playing a publishing user-published digital content based on the self-issued the corresponding digital license on the medium of publication, the content encrypted by the content key (CK) to form (CK(content)), and the license for publishing tool includes (CK)encrypted with a public key (PU-ENTITY)corresponding to the publishing user to form (PU-ENTITY(CK)), and has attached to it a certificate of publication from the server rights management of digital content (DRM), the certificate has a public key (PU-OLP) and the corresponding private key (PR-OLP), encrypted (PU-ENTITY) to form (PU-ENTITY (PR-OLP)), the license for the publishing tool is signed (PR-OLP), and the method includes:

validation of the certificate of publication on the basis of a certificate chain,

obtaining (PU-OLP) of the certificate of publication,

the use of the obtained (PU-OLP) to verify the signature of the license for publishing tool,

recovery (PU-ENTITY(CK)) from a verified license publishing tool, application to (PU-ENTITY(CK)) of the secret key (PR-ENTITY)corresponding to (PU-ENTITY)to obtain (CK),

applying (CK) to (CK(content)) to obtain the result with animago, and

the direction of the content playback application for the actual playback.

18. Media information 17 in which the certificate document is digitally signed and accompanied by a chain of certificates leading back to a root authoritative source, and the method also includes verifying the certificate of publication on the basis of his signature and certificate chain leading back to the root authoritative source.

19. Media information 17 in which the license for publishing tool includes (PU-ENTITY(CK)) and data rights, defining the rights and conditions that must be satisfied to enable playback of the content, and the method also includes checking that certain rights and conditions of these rights provide the ability to playback.

20. The storage medium according to claim 19, in which the method includes creating the license data corresponding to the content package, with (PU-ENTITY(CK)) and data rights in encrypted form, and also includes the decryption rights data.



 

Same patents:

FIELD: technological processes.

SUBSTANCE: invention is related to the sphere of cryptographic devices and methods of checking electronic digital signature (EDS). In the method the secret key (SK) is formed, which includes three prime many-digit binary numbers ρ, q and γ. The open key (OK) is formed, which contains three many-digit binary numbers n, α and β, where n=Eρq+l, E - even number, α - number, which is related to index q by module n, and β - number, which is related to index γ by module q. Electronic document (ED) is accepted in the form of many-digit binary number H, electronic digital signature (EDS) Q is formed depending on values of SK, OK and many-digit binary number H, the first checking many-digit binary number A is formed depending on Q, intermediate many-digit binary number W is formed depending on OK and many-digit binary number H, the second checking many-digit binary number B is formed depending on W, and numbers A and B are compared. In case parameters of numbers A and B match, conclusion is drawn about authenticity of electronic digital signature.

EFFECT: reduces size of electronic digital signature without reduction of its resistance level.

8 cl

FIELD: technological processes.

SUBSTANCE: invention is related to the sphere of electrical communication, namely to the sphere of cryptographic devices and methods of electronic digital signature (EDS) check. In the method the secret key (SK) is formed, which includes three many-digit binary numbers (MDN) p, q and γ, where p, q are prime numbers and γ is composite number. The open key (OK) is formed in the form of two many-digit binary numbers n and α, where n = pq and α - number, which is related to index q by module n. Electronic document (ED) is accepted in the form of many-digit binary number H. Electronic digital signature (EDS) Q is formed depending on values of SK, OK and many-digit binary number H. The first checking many-digit binary number A is formed depending on Q. The intermediate many-digit binary number W is generated depending on OK and many-digit binary number H. The second checking many-digit binary number B is formed depending on W, and numbers A and B are compares. In case parameters of A and B numbers match, conclusion is drawn about authenticity of electronic digital signature.

EFFECT: reduces size of electronic digital signature without reduction of its resistance level.

10 cl, 6 ex

FIELD: digital rights control system.

SUBSTANCE: system contains first user device designed for query message setup and transfer, indicating transaction to be run in relation to digital content of at least one object of digital rights (OR), rights issuer aimed to receive query message from first user device, to identify transaction and to process this transaction and to provide access rights to digital content conjointly with server for second user device designed to receive information on stated access right concession. Receive of mentioned information by second user device on digital content access right concession is confirmation of execution of this right to second user device. Method describes operation of mentioned system.

EFFECT: ability of authorized user to transfer partially used or unused object of right to another user and return of OR.

49 cl, 15 dwg, 2 tbl

FIELD: portable electronic devices.

SUBSTANCE: portable electronic device includes memory to store a secret code in the form of pre-defined character sequence; rotating device with touch surface providing for user tactile impact and installed in such a manner as to provide for rotation around its axis; feedback tools separated from the rotating device to provide for feedback to user when turning the rotating device; conversion tool to convert each turn in sequence of turns of the rotating device to a character of corresponding ordered test character sequence, and verification tool to verify the test character sequence by comparing it with pre-defined character sequence.

EFFECT: user convenience during input of test character sequence along with provision of security and restriction of access to the device or to its individual functions.

33 cl, 7 dwg

FIELD: cryptography.

SUBSTANCE: in accordance to the method, cryptographic module is provided with two types of data, which may be received even from a communication partner who is not cryptographically reliable, and which either remain in cryptographic module, or are connected to the document. The information, which remains in cryptographic module, is used to protect the information in the document by generation of a check value, and information which is transferred to document, is used to confirm the fact that the document is protected by a cryptographic module, during the check of document authenticity in a control device.

EFFECT: the contact between cryptographically reliable contact device and document creator is realized directly.

2 cl, 3 dwg

FIELD: infrastructure of public keys (PKI), namely, registration and activation of PKI functions in infrastructures of public keys in SIM-cards.

SUBSTANCE: in accordance to the method, reference code and corresponding activation code are recorded in a table at protection server integrated in PKI or connected to PKI. The user inputs reference code or number in record form together with his personal data, after that the form is sent to PKI and to protection server. After registration is confirmed from the side of PKI, the confirmation information is transmitted to user and supplemented with a request to input activation code at user terminal. Simultaneously, the activation code associated with reference code in the table and identification data of smart-card of user are transmitted to activation module in PKI, then activation code together with identification data of smart-card is transmitted from terminal to activation module and on receipt thereof the activation module determines whether the data coincides with activation code and identification data, provided in advance by protection server, and in case they do, the module performs command of activation of PKI-component of smart-card.

EFFECT: reduced processing time.

13 cl

FIELD: methods and system for processing visualized digital information.

SUBSTANCE: the system for protecting visualized digital data contains a set of computing devices, where at least one of them is the main device, and at least another one is a remote computing device, where each one of aforementioned devices contains one or more processing components, configured for usage in data processing chain, consisting of components for processing protected information, subject to visualization for user, individual processing components which support one or more of such interfaces, such as authentication interface and intermediary authentication interface, where the intermediary authentication interface ensures reading of authentication identifiers and recording of authentication identifiers, and authentication identifier uses for each one of one or more lists for checking each component in each one of aforementioned one or more lists, to determine authorized components, where an authorized component may receive non-encrypted data. Methods describe operation of the system.

EFFECT: protection from unsanctioned access or duplication of unprotected information immediately after that information reaches visualization device, such as a user computer.

20 cl, 8 dwg

FIELD: online transactions.

SUBSTANCE: method for conducting an online transaction includes providing a transaction manager. Single use transaction request identification is generated, transaction manager compares transaction request identification to banking information of registered user. Registered user is provided with transaction request identification, registered user requests purchase of product or service from a merchant, where purchase requests includes providing transaction request identification to the merchant. The merchant dispatches a request to transaction manager for payment by money transfer from user to merchant, where payment request includes identification of transaction request and cost; check by transaction manager of trustworthiness of transaction request identification; and, if transaction request information is trustworthy, request for electronic transfer of money is dispatched to financial institution to transfer a sum of money from user account to another account; it is checked, whether sufficient sum of money is available on banking account of user, and, if sufficient amount is available, the financial institution conducts the transfer according to banking information; and transaction manager receives confirmation about transaction from financial institution and dispatches a confirmation to the merchant.

EFFECT: increased efficiency.

5 cl, 16 dwg

FIELD: protocols for interaction of peer entities of network structure and, in particular, concerns protective infrastructures for protocols of interaction of peer entities.

SUBSTANCE: methods are provided, which suppress capability of malicious node to disrupt normal operation of peer-to-peer network. Claimed methods allow nodes to use both protected and unprotected data about identity, ensuring self-check thereof. Then necessary or comfortable, association of ID is checked by "enclosing" a trustworthiness checking procedure into appropriate messages. Probability of connection to malicious node is initially reduced due to random selection of node with which connection is established. Also, information from malicious nodes is identified and may be discarded by recording information about previous connections, which will require a response in the future.

EFFECT: creation of protection infrastructure for a system with peer-to-peer network structure.

4 cl, 6 dwg

FIELD: communications engineering, possible use for checking protection of message (Msg), which is transmitted and received in electronic form.

SUBSTANCE: in accordance to the invention method contains stages at transmitting side, at which unambiguous message identifier is associated with message (IDMsg) and control identifier (IDCONTR) of identification code of message owner, which is received by applying encoding (12), connected to owner of transmitted message, to unambiguous message identifier (IDMsg). At receiving side method contains stages, at which fact of presence or absence of already received message with the same associated unambiguous message identifier (IDMsg) is checked and transmitted by means of signal, and match is determined between unambiguous message identifier (IDMsg), associated with received message, and result (IDDCONTR) of decoding of user name of control (IDCONTR).

EFFECT: ensured control of protection of message which is transmitted and received in electronic form.

3 cl, 3 dwg

FIELD: physics.

SUBSTANCE: invention pertains to automated methods of making documents with protected information when transferring them on communication lines. The method involves formation and storage of a document with a unique form, classification of the content of the document, storage of the constant information in data bases, incorporation of the constant information into the form of the document and introduction of alternating information, separation of the alternating information into unified information, linked to the stable formulation of the alternating input information. The alternating unified information is separated and stored in form of a data base with redundancy relative a separated copy of the document. A lexicological tree is formed. An information control loop of the document is formed. An information package is formed, the content of which is an index series, defining the number of forms of the document and arbitrary number of reference words, chosen from the lexicological tree of the formed document with extra input of non-unified information. On the address side, the formed document is restored based on the obtained index series.

EFFECT: lower probability of unauthorised access to the text of the document during transfer on communication lines.

8 dwg

FIELD: physics; measurements.

SUBSTANCE: invention pertains to computer technology. The technical outcome is the provision for failure-proof operation of software with protection from accidental and intentional interference. The method involves starting-up the controlled software when the computer is started. A symmetric encryption key is generated for interaction with the control module and the controlled software in response to the initialisation signal, obtained at the initial stat-up of the software. The control module is linked to the identifier of the controlled software. The set of controlled sub-systems and the expected intensity (dynamic) of obtaining warning signals from the controlled sub-systems, during operation of the software, the intensity (dynamic) of obtaining warning signals from the controlled sub-systems on a cryptographic channel is monitored through the control module. In case of inconsistency of the real intensity (dynamic) with the expected, the computer is restarted.

EFFECT: provision for failure-proof operation of software with protection from accidental and intentional interference.

FIELD: technological processes.

SUBSTANCE: invention is related to the system of copyright control, which is intended for control of copyright in relation to data of content between multiple devices of content processing. In the system of data transmission, when ID of content processing device terminal is already registered in control server, and device of content reproduction should be registered in control server via content processing device, unit of request information transmission for registration sends only information of request for registration, which includes ID of terminal and ID of device, for identification of content reproduction device. Registration unit defines registration record on the basis of terminal ID, which is included in information of request for registration, registers device ID in registration record and transmits information on completion of registration in device of content processing. Unit of list control adds, when information on completion of registration is accepted from control server, ID of group of the content processing device itself to the second list of ID of content reproduction device source.

EFFECT: provision of efficient registration of multiple devices that belong to single user.

8 cl, 63 dwg

FIELD: physics.

SUBSTANCE: invention pertains to the methods and systems for data processing using a video card. The technical outcome is achieved due to use of memory which is on the video card and has protected and unprotected regions. The video data subject to protection is contained in the protected regions of the basic surface of the memory on the video card.

EFFECT: provides for protection from unauthorised copying of video data.

58 cl, 13 dwg

FIELD: physics.

SUBSTANCE: invention pertains to the field of increasing information security in computer networks, in particular to the system of preventing intrusion into network servers. The filter (302) for analysing incoming commands processes commands directed to the web-server, through comparison with a previously entered set of commands for the web-server, which are stored in comparison tables. Intercepted commands for which no correspondence is found during comparison with the previously entered commands are deleted. In that case the intercepted commands are not transmitted to the web-server. The system can contain extra algorithms for recursive checking of files in catalogues, located lower than the root directory of the web-server, as well as means of monitoring web-server resources and lowering of the level of use of the web-server resources when the last threshold value is exceeded.

EFFECT: protection of data of the web-server.

32 cl, 7 dwg

FIELD: physics.

SUBSTANCE: invention pertains to access to extra information content for users, who own licensed information carrying medium. The first remote module (12) sends extra data to the reading/recording device. The recording and/or player device (11) is made with provision for detecting presence of an information carrying medium in the recording and/or player device and authentication of the information carrying medium.

EFFECT: method of information exchange improves the functioning of the recording and player device.

6 cl, 4 dwg

FIELD: technological processes.

SUBSTANCE: invention may be used both at software and hardware implementation levels in computing and information systems for cryptographic protection of information in digital form. As keys, sequence of prime numbers (PN) in a row are used, order numbers (indices) of which are vectors of users initialization. For identification individual number of users is used. User with one personal number may enter different systems, where there is a current PN value corresponding to them from prime numbers range, which is licensed for this system. Size of stated sequence forms circle, that is after the last PN goes the first PN. Change of keys is done by shifting the register by correct time signals.

EFFECT: improves reliability of information protection.

2 cl, 1 dwg

FIELD: technological processes.

SUBSTANCE: invention is related to the sphere of computer network protection, in particular, to the method of providing safety of distributed computing network. Method consists in performance of the following actions: initial data is preset, sender forms initial data burst, and in case the sender does not have data for formation of valid initial data burst, a false initial data burst is formed, the received data burst is coded and transformed in format TCP/IP, sender and recipient addresses are included into it, and formed data burst is sent to the recipient. Sender's address is changed. Addresses of sender and recipient are extracted from the recipient and compared with preset addresses. In case of mismatch received data bursts are not analyzed, and in case of match coded data is extracted from the received data burst and is decoded. Recipient's address is changed. Then repeatedly initial data burst is formed at the sender. Stated variants differ in sequences of actions, which realize changes of addresses of corresponding subjects of distributed computing network and actions by masking intensity of data traffic between them.

EFFECT: increases safety of computing networks.

22 cl, 24 dwg

FIELD: technological processes.

SUBSTANCE: invention is related to devices of users authentication. Inviter, who already belongs to the group, together with invitee use a secret password. Inviter uses the password to create the invitation, afterwards the invitation is presented to invitee and authenticator. Authenticator creates request key and value, and sends the request value to the invitee. Using password and information from the invitation, the invitee recreates request key, uses request key for derivation of response value from request value, and sends response value to authenticator. Authenticator compares response value with expected value and in case of their coincidence, is convinced that the invitee certainly has the possibility to recreate request key. Authenticator is convinced that the invitee is exactly the one who received the invitation of inviter, and admits the invitee in the group.

EFFECT: provides development of trust relationship for authentication with the purpose of joining the group.

43 cl, 9 dwg

FIELD: technological processes.

SUBSTANCE: invention is related to devices of users authentication. Inviter, who already belongs to the group, together with invitee use a secret password. Inviter uses the password to create the invitation, afterwards the invitation is presented to invitee and authenticator. Authenticator creates request key and value, and sends the request value to the invitee. Using password and information from the invitation, the invitee recreates request key, uses request key for derivation of response value from request value, and sends response value to authenticator. Authenticator compares response value with expected value and in case of their coincidence, is convinced that the invitee certainly has the possibility to recreate request key. Authenticator is convinced that the invitee is exactly the one who received the invitation of inviter, and admits the invitee in the group.

EFFECT: provides development of trust relationship for authentication with the purpose of joining the group.

43 cl, 9 dwg

FIELD: physics.

SUBSTANCE: invention pertains to computer technology, in particular to the system of isolated access to documents in a distributed network for electronic document management. The system consists of a unit for selection of sections of documents, unit for identification of the sections of documents, unit for determining the identification time intervals, unit for selecting the addresses of the sections of documents, a unit for generating the signals for reading and recording data, a memory unit, a unit for commutation of input data and a unit for commutation of output data.

EFFECT: increased reliability for isolating user access to sections of documents through putting user identifier for the documents.

8 dwg

Up!