Digital rights management (drm) server registration/subregistration in drm architecture

FIELD: physics, computer technology.

SUBSTANCE: invention concerns digital rights management system. (DRM) features multiple DRM servers with DRM functionality, and incoming server DRM-I is registered in the system by registration server DRM-R, so that incoming server DRM-I should be a trust server in this system. DRM-I server sends registration request to DRM-R server including representative identification data and public key (PU-E). DRM-R server checks validity of representative identification data, and if the request can be met, DRM-R server generates digital registration certificate by (PU-E) for DRM-I server for registration of DRM-I server in DRM system. Just registered DRM-I server with generated registration certificate can use it for delivery of documents with DRM in DRM system.

EFFECT: possible controlled reproduction or replay of arbitrary digital content forms in medium where documents are shared by a definite group of users.

74 cl, 17 dwg

 

Cross-reference to related applications

The following applications for U.S. patent describes an invention that relates to the invention of this application, and they are, therefore, incorporated by reference in its entirety:

application for U.S. patent No. 10/185 527, filed on June 28, 2002 code patent attorney MSFT-1330 and entitled "Obtaining a Signed Rights Label (SRL) for Digital Content and Obtaining a Digital License Corresponding to the Content Based on the SRL in a Digital Rights Management System" (Getting signed by a label rights (RAP) for digital content and obtaining a digital license corresponding to the content, PPM-based system digital rights management);

application for U.S. patent No. 10/185 278, filed on June 28, 2002 code patent attorney MSFT-1333 and entitled "Using a Rights Template to Obtain a Signed Rights Label (SRL) for Digital Content in a Digital Rights Management System" (the Use of a rights template to obtain a signed label rights (RAP) for digital content in a system digital rights management);

application for U.S. patent No. 10/185 511, filed on June 28, 2002 code patent attorney MSFT-1343 and entitled "Systems And Methods For Issuing Usage Licenses For Digital Content And Services (Systems and methods for issuing licenses for digital content and services);

application for U.S. patent filed with the patent attorney code MSFT-1498 and entitled "Publishing Digital Content Within an Organization in Accordance wth a Digital Rights Management (DRM) System" (Publishing digital content within an organization in accordance with the system of digital rights management (DRM));

application for U.S. patent filed with the patent attorney code MSFT-1569 and entitled "Publishing Digital Content Within an Organization in Accordance with a Digital Rights Management (DRM) System" (Publishing digital content within an organization in accordance with the system of digital rights management (DRM)); and

application for U.S. patent filed simultaneously with the present application code patent attorney MSFT-1537 and entitled "Issuing a Publisher Use License Off-Line in a Digital Rights Management (DRM) System" (license to use publisher Autonomous system digital rights management (DRM)).

The technical field relates to inventions

The present invention relates to a system digital rights management (DRM DRM). More specifically, the invention relates to the use of the DRM system for publishing digital content (information meaningful content in an organization, such as the office or the Corporation, etc. so that the reproduction or use of content within an organization may be limited in accordance with the relevant usage rules or conditions of the license. More specifically, the present invention relates to network servers DRM, which perform a similar DRM system, and method of registering or subregistration DRM server in this network.

Prior art

Management and enforcement of digital the Rav is highly desirable in connection with digital content, such as digital audio, digital video, digital text, digital data, digital multimedia data, etc. where such digital content must be distributed to one or more users. Digital content can be static, such as, for example, a text document, or it can be streamed, such as streaming audio/video of the actual event. Typical methods of distribution include material devices, such as magnetic floppy disk, magnetic tape, optical (CD-ROM) disk (CD), etc. and intangible media, such as electronic Bulletin boards, electronic network, the Internet, etc. When receiving the user plays or "loses" digital content using the appropriate playback device, such as a media player on a personal computer or the like

In one scenario, the content owner or rights holder, such as author, publisher, broadcaster, etc. wishes to distribute such digital content to each of many users or recipients in exchange for a license fee or some other payment. In such a scenario, the content may be a song, album, song, movie, etc. and the purpose of distribution is the collection of license fees. So the owner of the content, given the choice, will probably want to limit what isolately can do with such a distributed digital content. For example, the content owner may wish to restrict the copying of the user and redistribution of such content to the second user, at least in a way that deprives the owner of the content the ability to charge a license fee for such second user.

In addition, the content owner may wish to provide the user with flexibility in purchasing licenses for the use of different types of license plates, at the same time requiring the user to comply with the license terms any type, which, in fact, purchased. For example, the content owner may wish to allow playback of the distributed digital content only a limited number of times, only for a certain total time, only on a machine of a certain type, only on the media player of a certain type, only users of a certain type, etc.

In another scenario, a developer of content, such as an employee or member wishes to distribute such digital content to one or more other employees or members of the organization or other persons outside the organization, but would like to keep others from playing content. In this case, the distribution of the content can be based on the joint use of their content is confidential or restricted way, in contrast to the free dissemination in exchange for a license fee or some other payment.

In such a scenario, the content may be the presentation of the document, spreadsheet, database, email and the like, for example, the exchange of which can be executed within a office environment, and the content developer may wish to ensure that the content remained within the organization or office environment and not reproduced by unauthorized persons, such as, for example, competitors, or opponents. Also, the content developer wants to limit what the recipient can do with such a distributed digital content. For example, the content owner may wish to restrict the copying of the user and redistribution of such content to the second user, at least in a way that provides content outside the range of users who are allowed to reproduce the content.

In addition, the content developer may wish to provide various recipients various levels of the reproduction rights. For example, the content developer may wish to protected digital content can be viewed and cannot be printed for a class of persons and can be viewed and printed for another class of persons.

However, if any with whom anarie, after such distribution, the owner/developer of the content has very little, if any, has control over digital content. This is particularly problematic in view of the fact that virtually every personal computer includes hardware and software necessary to perform an exact digital copies of digital content and download this exact digital copies recorded on magnetic or optical drive or transfer to any recipient of such an exact digital copy over a network such as the Internet.

Of course, as part of the transaction, which is subject to the content owner/developer of the content may require the user/recipient of the digital content made a promise not to re-distribution of such digital content an undesirable way. However, this promise comes easily and easily broken. The owner/developer of the content may try to prevent such a re-distribution via any of several well-known protection devices, usually incorporating encryption and decryption. However, it is likely that too little prevents moderately strong the user to decrypt the encrypted digital content to keep such digital content in the clear and then re-distributed the thread.

In this case, there is a need to create architecture and method of enforcement, and digital rights management (DRM), which allow for controlled reproduction or playback of arbitrary forms of digital content, and such control is flexible and definable by the owner/developer of such digital content. More specifically, there is a need for an architecture that allows and encourages such controlled reproduction, especially in the office environment or organization, etc. where the documents should be shared by a certain group of persons or classes of persons more specifically, there is a need for a method of registering provides sanctions servers in the architecture.

Summary of the invention

The aforementioned needs are fulfilled, at least partially, by the present invention in which the system of digital rights management (DRM) has a lot of DRM servers that perform the functionality of DRM, and the incoming server DRM (DRM-E) is registered in the system by registering server DRM-R (DRM-R), so that the incoming server DRM-must be trusted in the system. In the invention, the DRM server-provides a pair of public/private key (PU-E, PR-E) to identify the server In The P-In in the DRM system, ensures representing its identity and sends a registration request to the server DRM-R, which includes representing the identification data and (PU-E).

Server DRM-R authenticates representing identification data and, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system. The generated enrollment certificate based at least in part, on (PU-E). Server DRM-R returns the generated enrollment certificate to the requesting DRM server and the newly registered server DRM-saves the returned enrollment certificate in the appropriate place for future use. The DRM server To the certificate of registration may be used to issue documents with DRM in DRM system.

List of drawings

The above summary and the following detailed description of embodiments of the present invention, it is easier to understand when read in conjunction with the attached drawings. To illustrate the invention the drawings shown embodiments of the who at present are preferred. It should be understood, however, that the invention is not limited to the specific devices shown and tools. In the drawings:

p> figure 1 - block diagram representing an illustrative non-limiting computing environment, which can be implemented in the present invention;

figure 2 - block diagram representing an illustrative network environment having a variety of computing devices, which may be implemented in the present invention;

figure 3 - functional block diagram of the preferred options for performing system and method in accordance with the invention for publishing digital content;

4 is a diagram of a sequence of operations a preferred variant of the process according to the invention for publishing digital content managed rights;

figa is a block diagram depicting the structure of the signed label rights obtained by the method according to figure 4;

5 is a block diagram of the preferred options for performing system and method in accordance with the invention for licensing digital content managed rights;Piga and 6V - flow diagrams of a preferred variant of the process according to the invention for licensing digital content managed rights;

7 is a block diagram depicting a certificate issued by a DRM server to the user, allowing the user to perform an offline publication in accordance with one variant, issue the log of the present invention;

Fig is a block diagram depicting certificate in Fig.7 together with the license of the publisher, which allows publishing the user to play the content, Autonomous published, in accordance with one implementation of the present invention;

Fig.9 - precedence diagram depicting the key steps performed by the publishing user to obtain a license to publish on Fig, in accordance with one implementation of the present invention;

figure 10 - diagram of the sequence of operations, showing key steps performed by the publishing user to use the received license to publish in figure 9 for playback of the corresponding content in accordance with one implementation of the present invention;

11 is a block diagram depicting the architecture enforce example is based on a trust system;

Fig is a block diagram depicting multiple servers DRM that may exist in the architecture of the present invention, where each (incoming) server DRM is registered or subregistries in the architecture of the other (recording) the DRM server, issuing him a certificate of registration;

Fig is a block diagram depicting a certificate of registration on Fig together with the certificate of guarantee, represent, m is Nisha least in some cases, incoming server DRM registration server DRM; and

Fig and 15 - flow diagrams depicting the key steps performed by the recording and incoming servers DRM on Fig and 14, to register (Fig) or subregistrar (Fig) incoming server DRM.

Detailed description of the invention

Computing environment

Figure 1 and the following discussion are intended to provide a brief General description of a suitable computing environment that can be implemented invention. You must understand, however, that handheld, portable and other computing devices of all types are being considered for use in connection with the present invention. Although the following describes a General-purpose computer, this is only one example, and the present invention requires only a thin client with interoperability and interaction with the network server. Thus, the present invention can be implemented in any environment of networked services that perform the role of the major sites in which the resources of the client is included in a very small or minimal, for example network environment in which the client device serves merely as a browser or interface to the world wide web (WWW).

Although not required, the invention can be implemented through an interface with the fine programming interfaces (APIs) for use by the developer and/or included in the software view of network resources, which will be described in the General context mashinostryenia instructions, such as program modules, executed by one or more computers, such as client workstations, servers, or other devices. In short, the software modules include procedures, programs, objects, components, data structures, etc. that perform certain tasks or implement certain abstract data types. Typically the functionality of the program modules may be combined or distributed as desired in various embodiments of execution. In addition, the specialist in this field of technology it is clear that the invention can be implemented with other configurations of computer systems. Other well known computing systems, environments, and/or configurations that may be suitable for use with the invention include, but are not in a restrictive sense, personal computers (PCs), automated vending machines, server computers, handheld or laptop devices, multiprocessor systems, microprocessor-based systems, programmable consumer electronics, network PCs, minicomputers, universal computers (mainframes), etc. of the Invention may also be implemented in distributed computing environments where tasks are performed by remote the mouth is the main processing, which are connected through a communications network or other data transfer medium. In a distributed computing environment, program modules may be located on both local and remote data storage devices of computers, including a mass storage device.

Figure 1 thus shows an example of a suitable environment 100 of a computer system, which may be implemented in the invention, although, as explained above, the environment of the computing system 100 is only one example of a corresponding computing environment and is not intended to impose any limitation to the scope of use or functionality of the invention. Computing environment 100 should not be interpreted as having any dependency or a necessary condition related to any single component or combination of components illustrated in the illustrative operating environment 100.

As shown in figure 1, an illustrative system for implementing the invention includes a computing device for General purposes in the form of a computer 110. Components of computer 110 may include, but not restrictively, the processor 120, system memory 130, and a system bus 121 that couples various system components including the system memory to the processor 120. Systems the I bus 121 may be any of several types of bus structures, including a memory bus or memory controller, a peripheral bus and a local bus using any of the many bus architectures. As an example, and not limitation, such architectures include the bus industry standard architecture (ISA)bus, a microchannel architecture (MCA), enhanced ISA (EISA), local bus Association standards in the field of video electronics (VESA) and bus peripheral component interconnect (PSI) (also known as the expansion bus).

The computer 110 typically includes a variety of machine-readable media. Machine-readable media can be any available media that the computer 110 can access, and include both volatile and nonvolatile media, both removable and non-removable media. As an example, and not limitation, computer-readable media may include storage media of the computer and the data transfer medium. Media computer data include both volatile and nonvolatile, both removable and non-removable media implemented in any method or technology for storage of information such as machine-readable commands, data structures, program modules or other data. Media computer data include, but are not in a restrictive sense, the op is operational memory (RAM), permanent memory (ROM), electrically erasable programmable ROM (EEPROM), flash memory or made by another technology, CD-ROM, digital versatile disk (DVD) or other storage on optical disk, magnetic cassettes, magnetic tape, hard drive, magnetic disk or other magnetic storage devices, or any other medium that can be used to store the desired information and which the computer 110 can access. The communication media typically embodies computer-readable commands, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any medium of information delivery. The term "modulated data signal" means a signal, one or more characteristics which are established or changed so that they encode information in the signal. As an example, and not limitation, communication media includes wired environment, such as a wired network or direct-wired connection, and wireless environment, such as acoustic, RF, infrared and other wireless media. A combination of any of the above media should also be included in the scope of the study the program of machine-readable media.

The system memory 130 includes a media computer data in the form of volatile and/or nonvolatile memory, such as persistent storage device (ROM) 131 and random access memory (RAM) 132. Basic system 133 input/output (BIOS), containing basic routines that help transfer information between elements within computer 110, for example, during start-up, is typically stored in ROM 131. RAM 132 typically contains data and/or software modules to which the processor 120 has immediate access and/or secure the processor 120 operates at the moment. As an example, and not limitation, figure 1 shows the operating system 134, application programs 135, other program modules 136, and data 137 programs.

The computer 110 may also include other removable/non-removable, volatile/non-volatile storage media of the computer. Just as an example, figure 1 shows the drive 141 on hard magnetic disks, which reads or writes to non-removable, nonvolatile magnetic media, the actuator 151 a magnetic disk drive that reads from or writes to a removable nonvolatile magnetic disk 152, and an actuator 155 of the optical disk drive that reads from or writes to a removable nonvolatile optical disk 156 such as a CD-ROM or other optical the media. Other removable/non-removable, volatile/non-volatile storage media of the computer, which can be used in the illustrative operating environment include, but are not in a restrictive sense, cassettes, magnetic tape, flash memory cards, digital versatile disks, digital video tape, solid state RAM, solid state ROM, etc. Drive 141 hard disk drives are typically connected to the system bus 121 via an interface of the non-removable memory, such as interface 140, and the actuator 151 a magnetic disk and an actuator 155 of the optical disk drive is typically connected to the system bus 121 via an interface, a removable memory, such as the interface 150.

The drives and their associated media computer data, described above and depicted in figure 1, provide storage of computer-readable commands, data structures, program modules and other data for the computer 110. In figure 1, for example, the drive 141 on hard magnetic disks is depicted as storing operating system 144, application programs 145, other program modules 146, and data 147 programs. It should be noted that these components can either be the same or different from operating system 134, application programs 135, other program modules 136, and data 137 programs. Operating system 144, application programs 145, other program modules 146, and d is authorized 147 programs here are other numbers to show that, at least, they are other copies. The user can enter commands and information into the computer 110 through input devices such as a keyboard 162 and pointing device 161, commonly referred to as a mouse, trackball or touch pad. Other input devices (not shown) may include a microphone, joystick, game pad, a satellite communications antenna, scanner, or the like, These and other input devices are often connected to the processor 120 via the interface 160 user input, which is connected to the system bus 121, but may be connected by other interface and bus structures, such as a parallel port, game port or a universal serial bus (USB).

A monitor 191 or the display device of another type is also connected to the system bus 121 via an interface, such as a video interface 190. Graphical user interface 182, such as a North bridge, can also be connected to the system bus 121. North bridge is a chipset, which organizes the communication with the Central or main processor (CPU) 120 and is responsible for communicating with the accelerated graphics port (AGP). One or more graphics processing units (GPUs) 184 can communicate with a graphical user interface 182. In this regard, the processor of the GPU 184 primarily include the in memory on-chip, such as registered memory, and processors of the GPU 184 communicate with video memory 186. Processors GPU 184, however, represent only one example of a coprocessor and, thus, numerous coprocessor devices can be included in the computer 110. A monitor 191 or the display device of another type is also connected to the system bus 121 via an interface, such as a video interface 190, which, in turn, may communicate with video memory 186. In addition to the monitor 191 computers may also include other peripheral output devices such as speakers 197 and printer 196, which may be connected through a peripheral interface 195 output.

The computer 110 may operate in a networked environment using logical connections to one or more remote computers, such as a remote computer 180. The remote computer 180 may be a personal computer, a server, a router, a network PC, a peer device or other common network node, and typically includes many or all of the elements described above in relation to the computer 110, although figure 1 shows only the memory device 181. The logical connections depicted in figure 1 include a local area network (LAN) 171 and a wide area network (WAN) 173, but may also include other networks. Still the network environment are common in offices, computer networks scale enterprises, intranets and the Internet.

When using in a network environment LAN computer 110 is connected to the LAN 171 through a network interface or adapter 170. When using in a network environment HS computer 110 typically includes a modem 172 or other means for establishing a connection through HS 173, such as the Internet. The modem 172, which may be internal or external, may be connected to the system bus 121 via the interface 160 user input, or other suitable mechanism. In a networked environment, program modules described in relation to the computer 110, or portions thereof, may be stored on a remote storage device. As an example, and not limitation, figure 1 shows a remote application programs 185 residing on the storage device 181. It is clear that the illustrated network connections are exemplary, and may be used other means of establishing lines of communication between computers.

The specialist in this field of technology it is clear that the computer 110 or other client devices can be used as part of a computer network. In this respect, the present invention pertains to any computer system having any number of memory blocks or memory devices, and any number of applications and processes, the origin is adamich in any number of storage devices or volumes. The present invention can be applied to an environment with server computers and client computers that are used in a network environment, having remote or local storage device. The present invention can also be applied to standalone computing device having associated with programming languages functional possibilities of interpretation and execution.

Distributed computing promotes the sharing of computer resources and services by direct exchange between computing devices and systems. These resources and services include the exchange of information, the cache memory and a disk storage device for files. Distributed computing takes advantage of the connectivity of nodes in the network, allowing consumers to use their combined performance, bringing benefits to the entire enterprise. In this regard, multiple devices may have applications, objects or resources that may interact to encompass methods of authentication (authentication) of the present invention to trust graphics pipeline(s).

Figure 2 presents a block diagram illustrative of a network or distributed computing environment. Distributed computing environment contains calc is that objects 10A, 10b, etc. and computing objects or devices 110A, 110b, 110S, etc., These objects can contain programs, methods, data stores, programmable logic, etc. Objects can contain any part thereof, or other devices such as personal digital devices (PDAs), televisions, MP3 players, personal computers, etc. Each object can communicate with another object through a communications network 14. This network can itself contain other computational objects and computing devices that provide services for the system of figure 2. In accordance with an aspect of the invention, each object 10 or 110 may contain an application that can query the authentication methods of the present invention to trust graphics pipeline(s).

It is also clear that the object, such as 110S, may reside on another computing device 10 or 110. Thus, although the described physical environment can represent the connected devices as computers, such illustration is merely exemplary and the physical environment, alternatively, it may be described or illustrated as comprising various digital devices such as PDAs, televisions, MP3 players, etc., software objects such as interfaces, objects are component object model (COM), etc.

There are m ogochocinco system, components, and network configurations that support distributed computing environment. For example, the computing systems may be connected together through a wired or wireless systems, local area networks or distributed networks of large scale. Currently, many networks are connected to the Internet, which provides the infrastructure for global distributed computing and encompasses many different networks.

In home network environments, there are at least four separate network transport environment, each of which can support a unique Protocol, such as the power supply line, the data transfer medium (both wireless and wired), medium voice (e.g., telephone line) and the media entertainment and information. Most home control devices such as light switches and appliances can use a power supply line for establishing a connection. Data services can be brought to the house through broadband lines (for example, either through a digital subscriber line (DSL), or cable-modem) and can be accessed at home using either wireless (e.g., HomeRF and 802.11b)or wired (e.g., network applications on the home phone line (Home PNA), cat. 5, even line is electroputere) compounds. Voice traffic may enter the house or wired (e.g., cat. 3)or wireless (e.g. cellular phones) by and can be distributed around the house, using the wiring cat. 3. The media entertainment and information can be brought to the house either via satellite or cable, and is usually distributed around the house, using coaxial cable. The new IEEE 1394 interface and digital visual interface (DVI) also represent a digital interconnect for clusters of media devices. All these network environment and other environments that may appear as Protocol standards, can be interconnected, forming the intranet, which can be connected with the outside world through the Internet. In short, there are numerous sources for data storage and transmission, and consequently, moving forward, computing devices will require content protection on all parts of the pipeline data processing.

"Internet"generally refers to a collection of networks and gateways that use the TCP/IP Protocol, which is well known in the technical field related to computer networks. TCP/IP is an acronym for "transmission control Protocol/Internet Protocol". The Internet can be described as a system of geographically distributed remote computer networks, with the United interconnected computers, perform network protocols that allow users to interact and share information in networks. Thus, as a result of such global information sharing remote network such as the Internet, largely evolved in an open system, for which developers can design applications software to perform specific operations or services, essentially without restriction.

Thus, the network infrastructure is capable of receiving multiple network topologies such as client/server, peer-to-peer architecture, or hybrid architecture. "Client" is a member of a class or group that uses the services provided by another class or group with which it is associated. Thus, when calculating the client is a process, i.e. roughly speaking, a set of commands or tasks that requests a service provided by another program. The client process uses the requested service without having knowledge of any working details of the other program or the service. In the architecture of client/server, especially in a networked system, a client is usually a computer that accesses shared network resources offered by another computer, such as ser the leader. In the example of figure 2 computers 110A, 110b, etc. can be thought of as clients and computers 10A, 10b, etc. can be considered as a server, where the server 10A, 10b, etc. stores data, which is then duplicated on the client computers 110A, 110b, etc.

The server is typically a remote computer system accessible by a remote network such as the Internet. The client process may be active in a first computer system and the server process may be active in a second computer system, communicating with each other on the medium, thus providing distributed functionality and allowing multiple clients to take advantage of the information collection server.

The client and server communicate among themselves, using the functionality provided by the Protocol layer. For example, the hypertext transfer Protocol (http) is a common Protocol that is used together with the world wide web (WWW). Typically, the network address of the computer, such as a uniform resource locator (URL), or address the Internet Protocol (IP) is used for mutual authentication of the server or client computer. The network address can be referenced as address the uniform resource locator. For example, communication can be the t provided by the communication environment. In particular, the client and server can be connected to each other via TCP/IP to exchange data with high throughput.

Thus, figure 2 shows an illustrative networked or distributed environment, with a server that communicate with client computers via a network/bus, in which can be accomplished the present invention. In more detail, the number of servers 10A, 10b, etc. are connected to the network/bus 14 communication, which can be LS, GS, intranet, Internet, etc, with a number of client or remote computing devices 110A, 110b, 110S, 110d, e etc. such as a portable computer, handheld computer, thin client, network device, or another device, such as a cassette recorder, TV, oven, light, heater, etc. in accordance with the present invention. Thus, it is believed that the present invention can be applied to any computing device in respect of which it is desirable to process, store, or reproduce the protected content from a trusted source.

In a network environment in which the network/bus 14 is the Internet, for example, the servers 10 can be web servers with which the clients 110A, 110b, 110S, 110d, e, etc. communicate via any of a number of known protocols such as http. The server 10 can also serve as a Kli is now 110, that may be characteristic of a distributed computing environment. The data exchange may be wired or wirelessly as needed. Client device 110 can communicate or not to communicate over a network/bus 14 communication, and may have independent exchange of data associated with them. For example, in the case of TV or VCR, you may or may not be present aspect of network management. Each client computer 110 and server computer 10 may be equipped with various application program modules or objects 135 and with connections or access to storage elements or objects of different types, which can be stored or files which can be loaded or moved part(s) of files. Thus, the present invention can be used in a computer network environment having client computers 110A, 110b, etc. that can access a computer network/bus 14 and to interact with her, and server computers 10A, 10b, etc. that may interact with client computers 110A, 110b, etc. and other devices 111 and the base 20 data.

An overview of digital rights management (DRM)

As you know, and referring now to figure 11, enforcement and digital rights management (DRM) in much the extent desirable in connection with digital content 12, such as digital audio, digital video, digital text, digital data, digital data media, etc. where such digital content 12 is to be distributed to users. When receiving the user plays or "loses" digital content using the appropriate playback device, such as a media player on a personal computer 14 or the like

Typically the owner or developer (hereinafter the "owner") content distributing such digital content 12, wants to restrict what the user can do with such a distributed digital content 12. For example, the content owner may wish to restrict the copying of the user and redistribution of such content 12 to the second user, or may wish to distribute digital content 12 could be played only a limited number of times, only for a certain total time, only on a machine of a certain type, only on the media player of a certain type, only user-defined types, etc.

However, once there is a distribution, a content owner very little control, if any, controls, digital content 12. The DRM system 10, in this case, allows for controlled reproduction or playback of the digital content 12 in arbitrary the x forms where such control is flexible and definable by the content owner of such digital content. Typically, the content 12 is delivered to the user in the form of a set of 13 by any suitable distribution channel. The redistributable package of 13 digital content may include digital content 12 encrypted symmetric key encryption/decryption (KD) (i.e., (KD(CONTENT))), as well as other information identifying the content, how to obtain a license to such content, etc.

Based on the trust system 10 DRM allows the owner of the digital content 12 to define the rules of the licenses that must be met before will be allowed to play such digital content 12 and computing device 14 of the user. Such rules license may include the above-mentioned temporary requirement and can be implemented in digital license or document 16 to use (below the "license")that the user/computing device 14 of the user (below, these terms are used interchangeably, unless circumstances require the opposite) must obtain from the content owner or its broker. Such license 16 also includes a decryption key (KD) for decrypting the digital content is encrypted, it is possible, according to the key decryptable calc is positive the user's device.

The content owner for a portion of the digital content 12 must trust that the computing device 14 of the user will adhere to the rules and requirements identified in such content owner in the license 16, i.e. that the digital content 12 will not be played, if not met the rules and requirements in the license 16. In this case, the computing device 14 of the user, preferably provided by a trusted component or tool 18, which is not to reproduce the digital content 12, but according to the rules of licenses contained in the license 16 that is associated with the digital content 12 and received by the user.

The trusted component 18 is typically analyzer 20 licenses, which determines whether the license 16 genuine, analyzes the rules and requirements of the license in such a genuine license 16 and, in addition, determines, based on the analyzed rules and licensing requirements, whether the requesting user is authorized to playback the requested digital content 12 in the desired way. It should be understood that the analyzer 20 license is trusted by the DRM system 10 to perform the wishes of the owner of the digital content 12 according to the rules and requirements in the license 16, and the user should not be able to easily change this trusted elementals any purpose, dishonest or otherwise.

It should be understood that the rules and requirements in the license 16 can determine whether the user has rights to play digital content 12 based on any of several factors, including: who is the user, where the user is located, what type of computing device uses the user what the playback application calls the DRM system, the date, time, etc. in Addition, the rules and requirements of the license 16 may limit the license 16, for example, a predefined number of playbacks or pre-defined playing time.

The rules and requirements can be defined in the license 16 in accordance with any appropriate language and syntax. For example, the language may simply define the attributes and values that must be met (date), for example, must be greater than X) or may require the performance of functions under a certain scenario (IF DATE (if the date), for example, more than X, THEN DO (then run) ...).

After determining the analyzer 20 licenses that the license 16 is genuine and that the user satisfies rules and requirements in the it, digital content 12 can be reproduced. In particular, the content 12, the decryption key (KD) is obtained from the license 12 and applies the Ute to (KD(CONTENT)) from the set of 13 content in the result, get the actual content 12, and the actual content 12 then reproduce.

Publication of digital content

Figure 3 shows the functional block diagram of a system and method for digital publishing. The term "publication" in the form in which it is used here, refers to the process to which the application or service in order to install a trusted object a set of rights and conditions that this object can give for this content, and also to whom these rights and conditions can be issued. In accordance with the invention, the publishing process includes encryption of digital content and associating a list of permanent enforced rights that the author of the content was assumed for all possible users of the content. This process can be performed in a secure manner to prevent access to any of the rights or content, if it is not intended by the content author.

In particular, there are three object to publish secure digital content application 302 content preparation that runs on the client 300 and preparing content for publication, the interface 306 application programming interfaces (APIs) digital rights management (DRM), which also resides on the client device 300, and the server 320 DRM, which is connected with the possibility of exchange rate is for data from the client 300 via the network 330 communication such as the Internet, LAN or WAN, or combination thereof. Application 302 training content can be any application that creates digital content. For example, the application 302 may be a word processor or other publishing tool that creates a digital text files, digital music, video or similar content. The content may include streaming content, such as streaming audio/video, for example, actual events or events that are recorded on film. The application 302 is provided cryptographic key for encrypting digital content, thus forming a file 304 encrypted digital content, and the user provides information about the rights that should be directly associated with the encrypted content file 304 digital content. Data rights include identification data for each object that has rights in digital content, and a set of rights and conditions for each identified object.

This object may be, for example, a user, class of user or device. Such rights may include the right to read, edit, copy, print, etc. of digital content. Conditions may include the minimum system requirements, restrictions on date and time, the number of playbacks is so

Client API 306 transmits the encrypted digital content and data rights to the server 320 DRM. Using a process that is described in detail below, the server 320 DRM determines whether it is to enforce data rights, and, if so, the server 320 DRM signs and information about rights, creating a signed tag 308 rights (PPM SRL). Generally speaking, any trusted entity may sign and information about rights, preferably using a key that is trusted by the server 320 DRM. For example, the client may sign and information about rights, using the key provided by the server 320 DRM.

Label rights 308 may include data representing a description of the rights, encrypted key content and a digital signature for a description of the rights and encrypted key content. If the server 320 DRM signs label rights, it sends a signed tag 308 rights back to the client via the client API 306, which stores the signed label rights 308 on the client device 300. The application 302 training content then binds signed label rights 308 file 304 encrypted digital content, for example by bonding, forming the file 310 content managed rights. It should be noted, however, that RAP 308 may be stored in a known location separate from the file 304 content with reference to RAP 308, coupled with file 304 content, forming the file 310 con is enta.

Figure 4 shows one way to publish digital content from a rights-managed. At step 402, the application 302 generates the key content (IC), which is used to encrypt the digital content. Key content (IC) is usually a symmetric key, although any key can be used to encrypt the digital content. As is known, symmetric key algorithm symmetric key for both encryption and decryption. Therefore, (IC) must be well hidden when sharing the sender and poluchalasy step 404, the application 302 encrypts the digital content using (SK), forming an encrypted digital content 304 (i.e. (ck(content))). In addition, data generated on the rights corresponding to (ck(content)), or a content publisher or another object. It should be noted that such data rights can be information about the rights that are set on an individual basis, or data rights, obtained from a predefined template. As described above, these rights may include the list of objects that will be given the right to consume the content, the specific rights which are owned by each of the objects in relation to the content, and any conditions that may be imposed on these rights.

At step 406, the API 306 generates the second key (K2) encryption, kotorayaraspolagaetsya encryption key (ck) content. Preferably, (K2) is also a symmetric key. At step 408, the API 306 encrypts (IC) using (K2), deliver (K2(SK)). At step 410, the API 306 resets (SA), resulting in (IC) can only be obtained through decryption (K2(SK)). To ensure that (ck(content)) protected Central server 320 DRM and that all requests for licenses for content are performed in a centralized manner in accordance with these rights, the API 306 at step 412 accesses a secured server 320 DRM and extracts the public key (PU-DRM). At step 414, the API 306 encrypts (K2) with (PU-DRM), deliver (PU-DRM(K2)). Thus, (IC) can be protected (PU-DRM)to ensure that the server 320 DRM is the only object that can access (SC)that is required to decrypt (ck(content)). At step 416, the API 306 encrypts the data of rights (i.e. the list of authorized objects and the respective rights and conditions associated with each authorized by the object in the list) using (K2), deliver (K2(rightsdata)).

In an alternative embodiment, the (SC) can be used to directly encrypt data rights, receiving the result (SK(rightsdata))and (PU-DRM) can be used to directly encrypt (SK), deliver (PU-DRM(CK)), thus completely abandoning the use of (K2). Od the a & d use (K2) for data encryption on the rights and (IC) allow, so (K2) corresponds to any particular algorithm, which may be subject to DRM server, whereas (IC) can be specified object, independent from the DRM server, and may not be subordinate to him.

At step 418, the application 302 content protection is (PU-DRM(K2)and (K2(rightsdata)) to the server 320 DRM as a label rights for signature. Alternatively, the client can sign the data about the rights as set forth below. If the data on the rights shall be submitted to the server for signature, then at step 420, the server 320 DRM provides access to information about rights and verifies that it is able to enforce rights and conditions in the presented label rights. To ensure that it can enforce data rights, the server 320 DRM uses the secret key (PR-DRM)corresponding to (PU-DRM)to (PU-DRM(K2)), deliver (K2), and then applies (K2) (K2(rightsdata)), receiving the information about the rights in the clear. The server 320 may then perform any validation policies to verify that users, rights and conditions defined in the data about the rights that are within any policy that is enforced by the server 320. The server 320 signs initially presents label rights, including (PU-DRM(K2)and (K2(rightsdata)), receiving the signed label rights 308 (PPMS), where the signature based on the secret CL is che server 320 DRM (PR-DRM), and returns PPM 308 back API 306, which then is returned to the PEP 308 to the client application 302.

RAP 308 is a document with a digital signature, making it tamper-proof. In addition, PEP 308 does not depend on the actual type of the key and algorithm used to encrypt the content, but maintains a strong one correspondence with the content, which it protects. Referring now to figa, in one embodiment, the present invention RAP 308 may include information about the content, which is the basic component of the RAP 308, including, perhaps, the identifier of the content; information about the DRM server that signs PEP 308, including (PU-DRM(K2)), and reference information such as a URL, to determine the location of the DRM server in the network, and return to its original state if the URL leads to failure; information describing itself PPM 308; (K2(rightsdata)):(K2(CK)); and, among other things, the digital signature S(PR-DRM)).

By ensuring that a trusted entity signs and information about rights to create a signed tag 308 rights, the server 320 DRM assumes that he will issue a license for the content in accordance with conditions set forth by the publisher, as described in the data on the rights label 308 rights. It should be understood that the user neobhodimosti a licence to reproduce content, especially due to the fact that the license contains the key (SK) content. When the user wants to obtain a license for the encrypted content, the user may submit a request for a license, which includes RAP 308 for content and a certificate attesting the mandate (the account settings of the user generated after successful authentication of the user, the server 320 DRM or other licensing entity. Issuing a license object can then decrypt (PU-DRM(K2)and (K2(rightsdata)) to obtain information about the rights, list of all the rights granted by the author (if they are) requesting the license object, and draw a license only with these specific rights.

As described above, after receiving the application 302 PPM 308 the application 302 concatenates signed tag 308 with the appropriate rights (CK(content)) 304, forming a digital content from a rights-managed. Alternatively, data rights are stored in a known location with reference to this place provided together with the encrypted digital content. Thus, the playback application that supports DRM, you may find signed tag 308 rights through portions of the content, which reproduces the application attempts to play. This discovery starts reproducing the application to initiate the license request the server 320 licensing DRM. The application 302 publication, for example, can store the URL on the server 320 licensing DRM, or the server 320 licensing DRM can implement your own URL in the form of portions of metadata label rights before it is signed digitally, so the client API 306 DRM caused reproducing application can identify the correct server 320 licensing DRM.

The license for published content

Figure 5 shows a system and method for licensing digital content from a rights-managed. The term "licensing" in the form in which it is used here, refers to the process in which the application or service to request and receive a license that allows the object specified in the license to consume the content in accordance with the conditions specified in the license. The input to the licensing process may include signed label rights 308 (PPM)associated with the content for which you are requesting the license, and the certificate(s) public key object (s)for which the requested license. It should be noted that the object requesting the license, does not necessarily have to be the object for which you are requesting the license. Usually, the license includes a description of the rights of RAP 308, the encrypted key that can decrypt the encrypted content, and a digital signature is a description of the rights and encrypted key to establish the legal and prevent tampering of documents.

Pre-client API 306 sends the signed label rights 308 content 310 a rights-managed server 320 DRM for network 330 connection. As described above, the label 308 of rights contains the key content (SK)encrypted according to a public key server 320 DRM (PU-DRM) (i.e., (PU-DRM(CK))). Then in the process of issuing the license server 320 DRM applies (PR-DRM) to (PU-DRM(CK)) to obtain (ck). He then uses the public key (PU-ENTITY) in the public key certificate that is passed to the request for a license, to re-encrypt (SK) (i.e., (PU-ENTITY(CK))). Again encrypted (PU-ENTITY(CK)) is then placed in the license. Thus, the license may be returned to the caller without risking disclosure (SK), because only the holder of the private key (PR-ENTITY)corresponding to (PU-ENTITY), can recover (SC) from (PU-ENTITY(CK)). Client API 306 then uses (SC) to decrypt the encrypted content for the formation of the decrypted digital content 312. The client application 302 can then use the decrypted digital content 312 according to the rights stipulated in the license.

Alternatively, and as described in detail below, the client, such as the publishing client may, for example, to issue a license for the use of himself to consume the content.

Let us now turn to figa and 6B, there is shown a method of licensing digital is on content managed rights. At step 602 the licensing entity, such as a server 320 DRM, accepts the request for a license that includes either a public key certificate, or identification data for each of one or more requesting licensees. Presumably, if the identification data, the server 320 DRM can provide the appropriate public key certificate from a directory, database, etc. If the license is requested for only one licensee, there shall be only one certificate or ID. If the license is requested for many owners licensees, certificate or ID can be assigned for each potential licensee. At step 604 executes authentication of the requesting object (i.e. the object that the request for a license), if required. At step 606 determines whether the object to obtain a license again, if this is required.

If at step 608 outstanding object determines that the public key certificate is not included in the request for a license, an outstanding object uses the specified credentials to search for the corresponding public key certificate in the directory service or database. If at step 610 outstanding object indicates that the certificate is in the directory, then at step 612 the certificate izvlekaete is. If the certificate cannot be found for a given potential licensee either in the query or in the catalog, the license server does not generate the license for this potential licensee, and at step 614 requesting object error code is returned.

Assuming that the server 320 DRM has a public key certificate for at least one potential licensee, at step 616 the server 320 DRM makes sure that the certificate each licensee is trustworthy. If the server 320 DRM certified in reverse, the server 320 DRM determines that the object that issued the certificate to the licensee, is not in the list of trusted entities issuing certificates, then the query fails for this licensee, and at step 614 is generated under errors. Thus, any potential licensee, a certificate which is not issued by a trusted vydavatel (issuing entity)will not receive the license.

In addition, the server 320 DRM preferably authenticates the digital signature by all elements in the chain of certificates leading from the certificate of a trusted vydavatel to the public key certificates of the individual licensees. The process of authentication of digital signatures in the chain is a well-known algorithm. If the public key certificate for the given potential of the aqueous licensee is not verified for authenticity, or does not pass the verification of the authenticity of the certificate in the chain, the potential licensee is not trusted, and the license is, therefore, not given this potential licensee. Otherwise, at step 618 may be issued a license. The process repeats at step 620 until then, until you have processed all the objects for which it was requested license.

As shown in figv, the server 320 DRM then verifies the authenticity of the signed label 308 of rights, which was adopted in the request for a license. In one embodiment, the server 320 DRM has the original of each label rights, signed by him. Then during the term of the license (step 622), the server 320 can remove DRM copy of the original label rights. The original label rights may be newer than the copy label rights, sent in the request for a license, and, therefore, it is the mark of rights used to retrieve the requested license. If you cannot find the original label rights, the server 320 DRM at step 624 determines according to a predefined policy, whether to issue a license based on the label of the rights in the query. If the policy does not allow this, then the request for a license fails at step 626, and the API 306 at step 628 error code is returned.

At step 630, the server 320 DRM authenticates RAP 308 and, in particular, its digital signature. If authentication RAP 308 for ersetze fails, the request for a license fails at step 626, and the API 306 at step 628 error code is returned.

After all the authentication server DRM is a license for each validated license on the basis of PPMS 308. At step 632, the server 320 DRM generates a description of the relevant rights to the license, subject to the issuance of each licensee. For each licensee, the server 320 DRM evaluates the credentials specified in the public key certificate of the licensee, among the identification data specified in the description of rights in the mark rights. At step 636, the server 320 DRM obtains (PU-DRM(K2)and (K2(CK)) from the RAP 308 and applies (PR-DRM) to obtain (ck). Outstanding object then re-encrypts (IC), using (PU-ENTITY) from the public key certificate of the licensee receiving the result (PU-ENTITY(CK)). At step 638, the server 320 DRM concatenates the generated description of the rights to (PU-ENTITY(CK)) and digitally signs the resulting data structure, using (PR-DRM) (i.e. S(PR-DRM)). Signed data structure, therefore, is the license for this particular licensee.

At step 640, the server 320 DRM determines that there are no more licenses to generate for a particular query. The generated license then returned to the requestor at step 642, together with the relevant certificate chain, which suasive the license from a trusted authority.

Samoubiyce signed label rights 308

In one embodiment, the present invention RAP 308 may be signed by the requesting/publishing user. Therefore, such a user does not need to access the server 320 DRM to obtain RAP 308 to associate with it portions of the content. The result samoubiyce can also be referred to as a stand-alone publication. In this embodiment, the publishing user should also be able to give yourself license publisher, especially because samomuvelichenie content now protected by DRM, and such license publisher is required in order to enable the publishing user to play protected content. You should also understand that the publishing user may be permitted to issue licenses to other users.

In particular, and referring now to Fig.7, in the embodiment, the Autonomous publishing the first user is provided the capability of Autonomous publishing by receiving from the server 320 DRM certificate 810 offline publications (AP, OLP), which includes the public key (PU-OLP) and the corresponding private key (PR-OLP)encrypted according to a public key, directly or indirectly accessible to the trusted component 18 (11) user (PU-ENTITY), receiving financial p is Tata (PU-ENTITY(PR-CERT)). It should be noted that (PU-ENTITY) can be, for example, the public key of the trusted component 18 or may be a public key of the user that is accessible by the public key of the trusted component 18. Certificate 810 AP must be signed by the private key of the server 320 DRM (PR-DRM), so this server 320 DRM can verify the certificate of the AP, which is described in detail below.

In addition, the certificate 810 AP must include the certificate chain from (PU-DRM), leading in the opposite direction to the trusted authority that is trusted by the trusted component 18 publishing user or another user, so that such trusted component 18 may verify this certificate 810 AP and any other certificate or license that is associated with this certificate 810 AP, as described below. Briefly, and as should be understood, the certificate chain starts with the root certificate, signed by the private key of the trusted authority and having the public key of the next certificate in the chain. Every intermediate certificate in the chain is then signed by a secret key corresponding to the public key of the previous certificate in the chain, and has the public key of the next certificate in the chain. Finally, a certificate or license that is attached to the chain, signed a secret CL is the Chom, corresponding to the public key of the last certificate in the chain.

Thus, in order to verify the certificate or license that is attached to the chain, get information about the public key corresponding to the secret key of the trusted entity and the public key of the trusted authority is used for signature verification of the root certificate in the chain. Assuming that the signature verification of the root certificate is successful, the public key of the root certificate is received and used to verify the signature of the first intermediate certificate in the chain. The process is sequentially repeated along the chain until, until you checked each of her signature, and then the public key from the last intermediate certificate in the chain is received and used to verify the signature of the certificate or license that is attached to the chain.

It should be understood that the certificate 810 AP creates a link in the chain of trust between the content 304, which should be published offline and the server 320 DRM, which will issue a license for the content 304. Certificate 810 AP can be created based on the extensible markup language (XML)/extensible markup language rights (XrML) or any other suitable language.

You should also understand that the certificate 810 AP and the associated certificate chain authorised the t publishing user to perform camupublication. You should appreciate the fact that key pair (PU-OLP, PR-OLP) separate from (PU-ENTITY, PR-ENTITY) and is used specifically for self-publishing. It should be noted that it is possible to do without a key pair (PU-OLP, PR-OLP), in this case, the certificate 810 DRM includes only the user's public key (PU-ENTITY) and shall be signed by the secret key of the server 320 DRM (PR-DRM), so this server 320 DRM can be checked.

Samoubiyce differs from publishing, shown in figure 4, so that the user, in essence, replaces the server 320 DRM in relation to the steps that are performed to them. It is essential that the user signs presents label rights, including (PU-DRM(K2)and (K2(rightsdata)) or includes (PU-DRM(CK)and (CK(rightsdata)) (the latter shown in Fig.7 and 8), using (PR-OLP), obtained from the certificate 810 DRM (i.e. S(PR-OLP)), receiving the signed label rights 308 (PPMS). The client trusted component 18 when using certificate 810 AP usually checks it, based on the attached chain of certificates. It should be understood that the trusted component 18 user receives (PR-OLP) from the certificate 810 AP by obtaining (PU-ENTITY(PR-OLP)) of such certificate 810 AP and applying (PR-ENTITY). However, it should be noted that publishing the user cannot check whether the server 320 DRM to enforce rights in semipubliques the MP 308. Therefore, the server 320 DRM itself must validate at the moment when prompted for the license based on semipubliques RAP 308.

If the publishing user performs camupublication RAP 308, the user concatenates such semipubliques RAP 308 and certificate 810 AP used to obtain it, with content 304, and such content 304 with RAP 308 and certificate 810 DRM applies to both the content 310 managed rights to another user. Then another user requests and receives a content license 304/310 from the server 320 DRM essentially the same way on figa and 6B. In this case, however, the requesting user license is server 320 DRM as semipubliques RAP 308, and a certificate 810 AP concatenated with the content 304. Then, the server 320 DRM checks S(PR-DRM) in the certificate 810 AP, based on the corresponding (PU-DRM), and obtains (PU-OLP) from the certificate 810 DRM. Then, the server 320 DRM checks S(PR-OLP) in PPM 308 on the basis of the obtained (PU-CERT) and continues to function as before. It should however be noted that since publishing the user did not check whether the server 320 DRM to enforce the rights of the RAP 308, and, as stated above, the server 320 DRM itself must at this time to validate.

It should also be noted that the server 320 DRM, you need only check the S(PR-DRM) in the certificate 810 AP, because, presumably, he trusts himself. Therefore, the associated certificate chain from the certificate 810 AP does not need to be sent to the server 320 DRM together with such certificate 810 AP, of course, if the chain is not required in any other way, such as, for example, if the chain is, at least partially, the basic component for S(PR-DRM).

It is important, however, that the publishing user can play back the protected content 304/310 without requiring access to the server 320 DRM license. In other words, publishing a user who is offline publishes content 304/310 without recourse to the server 320 DRM, based on the certificate 810 AP can also give yourself license Autonomous way without recourse to the server 320 DRM, so you can play offline publish content 304/310. Therefore, publishing the user can continue working with cavopulmonary content 310 without any necessary connection to the server 320 DRM.

Then, in one embodiment of the present invention and referring now to Fig publishing the user gives himself license 820 offline publisher, signed by (PR-OLP) on the basis of Autonomous published RAP 308 and includes a certificate 810 AP and its certificate chain. The respect is positive, license 820 publisher publishing provides the user full access to the offline published content 310, but may also be granted access to a lesser extent. License 820 publisher can be written in the XML language/XrML or in another language, as is the case with other DRM licenses. It should be understood that the license 820 publisher includes key content (SK)encrypted according to (PU-ENTITY), which can be obtained by the trusted component 18 of the computing device 14 of the user to form (PU-ENTITY(CK)).

Chain license 820 publisher, therefore, comes from such license 820 to the certificate of the AP 810, and then back to a root certificate from a trusted authority, perhaps through one or more intermediate certificates. As a trusted component 18 of the user, presumably, can obtain the public key corresponding to the secret key of the trusted authority that was used to sign the root certificate, the trusted component 18 itself can check the license 820 publisher through its certificate chain and after checking can then be obtained from (PU-ENTITY(CK)), apply (PR-ENTITY) to it to obtain (SK) and applying (ck) to (CK(content)), to deliver content 304 for playback. As a result, the publishing user can continue working with it what nanton 310, Autonomous published them at the same time remaining independent.

Then, in accordance with the above, and referring now to figure 9, the publishing user offline publishes content 304/310 and gives himself license 820 offline publisher for such content 304/310 the following method.

Pre-and how it should be understand the content 304 is developed appropriately and encrypted according to the key (SK) content (step 901), and publishes the user creates a label rights content 304 with relevant information {((PU-DRM)CK) and (CK(rightsdata)), for example} (step 903). After that, the publishing user, which, presumably, already in possession of a certificate 810 AP from the server 320 DRM receives such certificate 810 AP (step 905) and validates it based on his signature, and the certificate chain that leads in the opposite direction to the root authority (step 907). It should be understood that such verification is actually performed by the trusted component 18 on the computing device 14 of the publishing user. Suppose that the verification is successful, then the publishing user/trusted component 18 (below the "publish user") remove (PU-ENTITY(PR-OLP)) certificate 810 AP (step 909), applies (PR-ENTITY) to (PU-ENTITY(PR-OLP)) to obtain (PR-OLP) (step 911), and then signs created a label with such rights (PR-OLP) to create a PM is 308 (step 913).

After publishing the user concatenates this RAP 308 and certificate 810 AP used to obtain it, with content 304 and generates samomuvelichenie content 310 (step 915), and, therefore, such content 310 managed rights can be transferred to another user. However, in order to publish the user continued to use or reproduce the content 310, such that publishes the user must give yourself the appropriate license 820 offline publisher.

Thus, publishing the user creates for itself a license 820 publisher by identifying relevant data about the rights and encrypted according to the key (SK) content, receiving the result (CK(rightsdata)) (step 917). It should be noted that such data rights can be obtained on the basis of PPMS 308 of content 310 may be some set of default rights, providing the publishing user partial or full access to semipubliques content 310, or can be obtained from another source. In addition, publishing the user encrypts the key (SK) content according to (PU-ENTITY) to form (PU-ENTITY(CK)) (step 919). This (CK(rightsdata)) and (PU-ENTITY(CK)) then formatted license 820 publisher (step 921), joins the certificate 810 AP and its certificate chain (step 923), and such license 820 and the Chairman signed based on (PR-OLP), which was obtained in step 911 (step 925). It should be noted here that the content 304 (i.e. (ck(content))), license 820 for publication and certificate of AP in combination form a chain 830 digital elements, leading in the opposite direction to the trusted authority.

Further, in order to publish, the user has reproduced the published content 310, and referring now to figure 10, such that publishes the user does not need to access the server 320 DRM, but instead he receives the public key corresponding to the secret key of the trusted authority that was used to sign the root certificate (step 1001), verifies the root certificate (step 1003) and then checks every intermediate certificate in the chain (step 1005) by obtaining, for each such intermediate certificate, the public key of the previous certificate and use it to verify the signature of such a certificate. Then (PU-DRM) of the last certificate in the chain is used for signature verification certificate 810 AP (i.e. S(PR-DRM)) (step 1007), (PU-OLP) is obtained from the certificate 810 AP (step 1009), and such (PU-OLP) is used to check the license 820 publisher (i.e. S(PR-OLP)) (step 1010).

If checked, the license 820 of the publisher, from it take (CK(rightsdata)) and (PU-ENTITY(CK)) (step 1011), (PR-ENTITY) applied to (PU-ENTITY(CK)), deliver (SC) (step 1013), and (IC) are used to (CK(rghtsdata)), receiving the information about rights (step 1015). Next, you should understand that these rights are analyzed by the trusted component 18 of the computing device 14 publishing user to determine that the data on the rights permit the reproduction of the desired image (step 1017), the trusted component 18, thereby applying (ck) to (CK(content)) from the content 310, receiving the content (step 1019), and this content is then forwarded to the appropriate playback application for the actual playback (step 1021). Thus, the steps in figure 10, in fact, pass the chain 830 digital items from a trusted authority to the content 304.

It should be noted that the trusted component 18 can, presumably, apply (ck) to (CK(content)), to deliver content without the initial analysis of the data on the rights and regardless of what data rights can allow or deny, but he is trusted and configured to actually generate the content only after analyzing data on the rights and meet their own demand that these rights permit the reproduction of such content. Again, by acquiring a license 820 publisher publishes the user can continue to work with the content 310, Autonomous, he published, at the same time left the camping Autonomous in terms there is no need to access the server 320 DRM.

Registration and subregistry servers DRM

In the architecture shown in figure 3, shows only one server 320 DRM. However, it should be understood that this architecture can and most likely actually includes many servers 320 DRM. In particular, in one embodiment of the present invention, this architecture includes a distributed network of servers 320 DRM. Each of these servers 320 DRM can have any specific function, and all servers 320 DRM can be arranged in any suitable manner within the essence and scope of the present invention.

For example, and referring now to Fig, a particular organization may have one or more servers 320 DRM user level for the purposes of the signature label rights with the aim of obtaining PEP 308, licences 16, licensing 320 publication, issue certificates to users, issuing certificates computing devices 14, etc. Each server 320 DRM user level, for example, can be assigned on a geographical basis or may be assigned based on the function or downloading. Similarly, to oversee multiple servers 320 DRM user level, an organization can have one or more control servers 320 At The P. These are based on the organization's server 320 DRM can be located behind the vehicle network security organization, if required.

In addition to based on the organization's servers 320 DRM can also be inter-servers 320 DRM, which provide the functionality of a DRM merging organizations. Such inter-servers 320 DRM can allow the two organizations to share some content 12 DRM. Also, there may be network servers, controllers 320 DRM, which can activate all other servers 320 DRM. For example, such servers controllers 320 DRM can supervise and maintain all other servers 320 DRM and to provide appropriate binding for all other servers 320 DRM with the root or the trusted authority, which is the base component for a chain of certificates, as described earlier. Such is not based on the organization's servers 320 DRM probably are not for any means of network protection organization.

It is essential that each server 320 DRM architecture for pig must be able to prove that he should be trusted. Thus, as follows from the above description of the chain of certificates, each server 320 DRM at the entrance to this architecture is provided by the certificate 1310 registration, as shown in Fig. Significantly, and is one embodiment of the present invention, the certificate 1310 registration is the incoming mail server 320 DRM (below "server 320 DRM-In") by another "recording" server 320 DRM, which is already in architecture (below "server 320 DRM-R). It is also significant that to the supplied certificate 1310 registration from the registration server 320 DRM-R attached certificate chain 1320, which includes the certificate 1310 registration registration server 320 DRM, certificate 1310 registration server 320 DRM, which has registered the registration server 320 DRM-R, etc. all the way in the opposite direction to the root server 320 DRM. Such a root server 320 DRM can represent the root or the trusted authority, or the certificate chain 1320 can go on and reach the root or the trusted authority. Now it is necessary to take into account that such certificate 1310 registration and the certificate chain 1320 in combination form a certificate chain that is attached to the certificate of the AP 810 provided by registered or logged by the server 320 DRM-In the publishing user, such as user Fig.

In one embodiment, the present invention certificate 1310 registration provided by the server 320 DRM-through server 320 DRM-R, made in the form, similar to the certificate, based on XrML 1.2. Ledue is to understand this type of certificate 1310 does not appear independently with a third party, and thus, this type of certificate 1310 does not represent any kind of independent guarantee of a third party in respect of the holder of such certificate 1310.

In one embodiment, the present invention method by which a particular server 320 DRM-In registers in the architecture depends, does the registration server 320 DRM-R or has reason to trust the incoming mail server 320 DRM-Century If not, the server 320 DRM-In will need to prove to the server 320 DRM-R that he is trustworthy and will enforce the DRM architecture. If so, the server 320 DRM-'t need to prove to the server 320 DRM-R that he is trustworthy, at least not to the same extent. Thus, offended/ignorant server 320 DRM "registers" server 320 DRM-In, while knowing/trusting the server 320 DRM-R subregistries server 320 DRM-Century

Typically, the server 320 DRM-R knows/trusts the server 320 DRM-if both are operated in the same organization or for her, although knowledge/trust may also occur in other situations within the essence and scope of the present invention. Thus, the method by which a particular server 320 DRM-In registers in the architecture, usually the head of the Sith, based or not based on the organization's registration server 320 DRM-R. as a result, not based on the organization's server 320 DRM-R "registers" server 320 DRM-In, while based on the organization's server 320 DRM-R subregistries server 320 DRM-Century

Registration

In one embodiment of the present invention, and referring now to Fig, ignorant/offended server 320 DRM-R registers the server 320 DRM In the following way.

Preliminarily, it should be understood that the server 320 DRM-who wants to register with the ignorant/offended server 320 DRM-R, most likely unknown to this server 320 DRM-R. Therefore, in one embodiment of the present invention, the server 320 DRM-In must provide a certificate 1330 guarantee from a third party willing to vouch for this server 320 DRM-In (step 1401). Normally, such a third party is an independent issuing agent, trusted by the server 320 DRM-R to perform this guarantee, such as, for example, from VERISIGN, mountain view, PCs California. Such certificate 1330 surety may be, for example, in the form similar to the certificate X.509 standard. It should be noted that for the server 320 DRM-R, relying on a trusted third party in respect of guarantees for the server 320 DRM-In, reduced liability tacos what about the server 320 DRM-R for any wrong actions server 320 DRM-Century

As should be understood, and that is typical, and that is also shown on Fig, certificate 1330 guarantee includes the public key (PU-V) and the corresponding private key (PR-V), is signed by a trusted third party and may be accompanied by a certificate chain leading to the well-known root with the purpose of authentication. What is also typical, (PR-V) in the certificate 1330 guarantee is protected in such a way that is accessible to server 320 DRM-In in respect of which presents a guarantee that is the basis for a certificate 1330 guarantee. For example, and as shown in Fig, (PR-V) may be encrypted under the corresponding public key.

In the architecture of DRM incoming server 320 DRM-In must have a unique identity. It should be understood that the identity of DRM will likely differ from (PU-V, PR (V), although the identity of DRM can also be matched with such (PU-V, PR (V) within the essence and scope of the present invention. Therefore, for tasks such identification data, the server 320 DRM-generates or receives a new pair of public/private key (PU-E, PR-E) (step 1403). Also, in the architecture of the DRM registration server 320 DRM-must make a decision regarding which objects may cancel his powers to teaching the enterprise. Therefore, the server 320 DRM-identifies each object authority revocation list, possibly through its public key (step 1405). The server 320 DRM-must be able to prove to the registering server 320 DRM-R that the DRM server-really holds a certificate 1330 guarantee, which was obtained in step 1401. Therefore, the server 320 DRM-In or uses (PR-V) from the certificate 1330 guarantee for encryption (PU-E), deliver (PR-V(PU-E)) as signs of possession or signs (PU-E) with (PR-V), resulting in the (PU-E)S(PR-V) as signs of possession (step 1407). In any case, applying (PU-V) to decrypt (PU-E) or signature verification establishes the fact of possession (PR-V) and, therefore, the certificate 1330 guarantee.

The server 320 DRM-has a certificate 1330 guarantee (PU-E) and (PR-E), a list of objects with powers of revocation and (PR-V(PU-E)) or (PU-E)S(PR-V) as signs of possession. In order to request and then check the server 320 DRM-In sends to the server 320 DRM-R certificate 1330 guarantee (PU-E), a list of objects with powers of revocation and (PR-V(PU-E)) or (PU-E)S(PR-V) as signs of possession (step 1409), and the server 320 DRM-R moves to the requesting server 320 DRM-Century, it Should be noted that the query or part of it may be the form of the certificate signed by (PR-E).

In particular, the server 320 DRM-R verifies the authenticity of the certificate 1330 guarantee based on its signature by a trusted third party and a certificate chain leading to the well-known root (step 1411). Thus, the server 320 DRM-R makes sure, that the server 320 DRM-presents bail. Also, the server 320 DRM-R checks the signs of possession by applying (PU-V) from the request or to decrypt (PU-E), signature authentication, and thus establishes the fact of possession (PR-V) and, therefore, the certificate 1330 surety in the request (step 1410). In addition, it is essential that the server 320 DRM-R performs any special logical operations necessary for making decisions about whether to satisfy the request (step 1413). These logical operations can be any appropriate logical operations within the essence and scope of the present invention, and may, for example, to include a background scan server 320 DRM-In and/or operator, the determination of whether the server 320 DRM-current trusted component 18 and/or the operating system or the like, determining whether the server 320 DRM is In the revocation list, or other list, monitored, etc.

Assuming that the special is global Boolean operations allow you to satisfy the request, then, according to one variant of implementation of the present invention, the server 320 DRM-R generates a certificate 1310 registration server 320 DRM-In (step 1415). In particular, and as shown in Fig, the server 320 DRM-R includes in the certificate 1310 registration:

- the ID of the server 320 DRM-R, such as its public key (PU-R);

- the ID of the server 320 DRM-like (PU-E);

- identifying the signs of certificate 1330 guarantee, which includes a trusted third party that issued it, the serial number of the certificate 1330 guarantee and vydavatel identified in the certificate 1330 guarantee;

- any information about the interval authentication, specifies the interval during which the certificate 1310 registration is genuine, such as, for example, the date range;

- a list of objects with powers of revocation;

the signature based on a secret key server 320 DRM-R (PR-R)corresponding to (PU-R);

- and any other relevant information.

Such other relevant information may include, but is not in a restrictive sense: the time when the certificate was issued; indication of what kind of activities related to DRM, register the server is allowed to perform, such as, for example, all activities, only the activation of the account, only the signature label rights, only revealing the cha licenses for content, and a combination thereof; and the valid time interval for performing activities related to DRM. It should be noted that the valid time interval different from the interval of authenticity that the current time must lie in the interval authentication to accept for processing any certificate that includes a certificate 1310 registration in the certificate chain. In contrast, the time of issue of child certificates must fall within the valid time interval of the parent certificate to perform activities related to DRM. It should be understood that when generating certificate 1310 registration server 320 DRM-R may initially generate information about certificates, and then allow the dedicated logical operations to generate additional information or modify existing information. These logical operations can, for example, to ensure that the server 320 DRM-R includes the relevant information, or may enforce a predefined policy architecture DRM. Of course, the signature certificate 1310 registration is created after the execution of any such special logical operations. You should also understand that the server 320 DRM-R attaches the certificate chain 1320, which leads in the opposite direction to a trusted Cornejo is the body to the generated certificate 1310 registration so the generated certificate 1310 registration can be checked for authenticity on the basis of such certificate chain 1320.

It should be noted, in particular, that the means of identification of the certificate 1330 guarantee in the certificate 1310 registration, will always move with the same certificate 1310 registration and to serve as a bridge to the certificate 1330 guarantee. Thus, such identifying characteristics show the outside world that the server 320 DRM-R relies on vydavatel certificate 1330 guarantee, represent trusted third party to guarantee the server 320 DRM, and decreases the responsibility of the server 320 DRM-R for any wrong actions server 320 DRM-Century If the server 320 DRM-R successfully generated the certificate 1310 registration with attached certificate chain 1320, the server 320 DRM-R then returns it to the requesting server 320 DRM-In (step 1417), and the newly registered server 320 DRM-In stores it in the appropriate place for future use (step 1419). As mentioned above, (PU-E) certificate 1310 registration and the corresponding (PR-E) are a pair of public/secret keys that the server 320 DRM-In will be used as a (PU-DRM) and (PR-DRM) when signing a label rights to receive PEP 308, when issuing the certificate 810 AP is when you participate otherwise in the architecture of DRM. Therefore, such a certificate 1310 registration and the certificate chain 1320 in combination form a certificate chain, which is attached to this certificate 810 AP and the like.

Subregistry

In one embodiment of the present invention, and referring now to Fig, knowing/trusting the server 320 DRM-R subregistries server 320 DRM In the following way.

Preliminarily, it is necessary to take into account that the server 320 DRM-intending to perform subregistration by knowing/trusting server 320 DRM-R, you need to identify yourself to this server 320 DRM-R because such knowledge or trust may not be complete. However, this requirement identification should not rise to the level of representation of a trusted third party due to the fact that the server 320 DRM-R lacks only a small part of the knowledge/confidence to the server DRM-Century Hence, and in one embodiment of the present invention, the server 320 DRM-In receives or provides some sort of mandate 1340 (Fig), which can be recognized by the server 320 DRM-R and the authenticity of which is expected to be confirmed by them, and that identifies the server 320 DRM-to meet the requirements of the server 320 DRM-R (phase 1501).

If both server 320 DRM-R and DRM-are one and the same organization that such a mandate 1340 may be based on the organization's mandate, such as, for example, the network identifier, if both servers 320 are in the network domain identifier, if both server 320 share a common domain, etc. If both server 320 DRM-R and DRM-In are not in the same organization, then such a mandate 1340 may be a network identifier, if both servers 320 are in the network domain identifier, if both server 320 share a common domain, and the like, or may be a different mandate, such as, for example, the mandate of the third party and identifiable by the server 320 DRM-R.

It should be noted that in this situation, the server 320 DRM-R does not rely on the fact that a trusted third party to vouch for the server 320 DRM, and therefore does not decrease the responsibility of the server 320 DRM-R for any wrong actions server 320 DRM-Century, However, the server 320 DRM-R is going to take such a risk, based on knowledge or trust in relation to that server 320 DRM, in fact, does not comply with such improper actions. As before, the architecture of DRM incoming server 320 DRM-In must have a unique identification data. In this case, it should be understood that the identity of DRM, most likely located separately from the mandate 1340, although the identity of DRM can also coincide with the mandate 1340 within the essence and scope of the crust is asego invention. Therefore, in order to establish such identification data, the server 320 DRM-generates or receives a new pair of public/private key (PU-E, PR-E) (step 1503). As before, the architecture of DRM subregistries server 320 DRM-must make a decision regarding which objects may cancel his powers to participate. Therefore, the server 320 DRM-identifies the object with the authority revocation list, possibly through its public key (step 1505).

The server 320 DRM-has a mandate 1340, (PU-E) and (PR-E), and a list of objects with powers of revocation. In order then to request subregistration, the server 320 DRM-In sends the mandate 1340, (PU-E), and a list of objects with powers of revocation to the server 320 DRM-R (step 1507), and the server 320 DRM-R goes to subregistration such requesting server 320 DRM-Century, it Should be noted that, as before, the query or part of it may be in the form of a certificate signed by (PR-E).

In particular, the server 320 DRM-R authenticates mandate 1340, based on what logical operations or resources are needed and available, so as to authenticate (step 1509). Thus, the server 320 DRM-R) sets, based on the proven mandate 1340 that the server 320 DRM-should be trusted with respect to its readiness respect of the and obey DRM architecture. In addition, and in accordance with the foregoing, the server 320 DRM-R performs any special logical operations necessary for making decisions about whether to satisfy the request (step 1511).

Assuming that the special Boolean operations allow you to satisfy the request, then, according to one variant of implementation of the present invention, the server 320 DRM-R generates a certificate 1310 of subregistration server 320 DRM-In (step 1513). In particular, and as shown in Fig, the server 320 DRM-R includes in the certificate 1310 of subregistration:

- the ID of the server 320 DRM-R, such as its public key (PU-R);

- the ID of the server 320 DRM-like (PU-E);

the mandate 1340 or a link to it;

- any information about the interval authentication, specifies the interval during which the certificate 1310 of subregistration is genuine, such as, for example, the date range;

- a list of objects with powers of revocation;

the signature based on a secret key server 320 DRM-R (PR-R)corresponding to (PU-R);

- and any other relevant information.

As before, when generating the certificate 1310 of subregistration server 320 DRM-R may initially generate information about the certificate, and then allows logical operations to generate additional information or to modify existing the th information. Also, the signature of the certificate 1310 of subregistration is created after the execution of any such special logical operations. As before, the server 320 DRM-R attaches the certificate chain 1320, which leads in the opposite direction to a trusted root authority to the generated certificate 1310 of subregistration, so that the authenticity of the generated certificate 1310 of subregistration can be verified on the basis of such certificate chain 1320.

It should be noted here that the mandate 1340 or link to it, as is, is not particularly necessary, but may, nevertheless, be included for completeness. It should also be noted that the certificate 1310 of subregistration not contains the identifying signs of the certificate 1330 guarantee due to the fact that the certificate of sponsorship was not required in the present scenario, subregistration.

If the server 320 DRM-R successfully generated the certificate 1310 of subregistration with attached certificate chain 1320, the server 320 DRM-R then returns it to the requesting server 320 DRM-In (step 1515), and passed subregistration server 320 DRM-In stores it in the appropriate place for future use (step 1517). As before, (PU-E) certificate 1310 of subregistration and the corresponding (PR-E) are a pair of open/secret keys that the server 320 DRM-In will use is to use as a (PU-DRM) and (PR-DRM) when signing a label rights to receive PEP 308, when issuing the certificate 810 up and participating in other ways in the architecture of the DRM. Therefore, such a certificate 1310 of subregistration and the certificate chain 1320 in combination form a certificate chain, which is attached to this certificate 810 AP and the like.

Conclusion

The programming necessary to implement the processes performed in connection with the present invention is relatively simple and should be obvious to a person skilled in the relevant field of programming. Therefore, the description of such programming is not attached to this document. Further, any specific programming can be used to perform the present invention within its nature and scope.

In the present invention, the architecture and method of enforcement, and digital rights management (DRM) allow for controlled reproduction or playback of the digital content can be of any form, where such control is flexible and definable by the owner/developer of such digital content. The architecture allows and encourages such controlled reproduction, especially in the office environment or organization, etc. where the documents should be shared among a certain group of persons or classes of persons Such architecture assortment of the company includes a mechanism for registration/subregistration providing sanctions servers 320 DRM architecture.

It should be understood that changes may be made in embodiments, execution, described above, within the corresponding concepts of the invention. For example, if the license or label rights is signed based on the rights in it, these rights do not have to be encrypted. Similarly, when the request and prepare a certificate 1310 registration or subregistration does not have to be used a list of objects with powers of revocation and other similar information. It should be understood, therefore, that this invention is not limited to the described specific variants of execution, but it is understood that it covers modifications within the essence and scope of the present invention defined in the attached claims.

1. The method of registering the incoming server digital rights management (DRM) system of digital rights management (DRM), which has a lot of DRM servers that perform the functionality of DRM by recording server digital rights management (DRM-R), so that the incoming server DRM-must be trusted in the system containing phases in which the DRM server-provides a pair of public/private key (PU-E, PR-E) to identify the server DRM-DRM system;

the DRM server In PR is representing its identity;

the DRM server-sends a registration request to the server DRM-R, and the request includes representing identification data and (PU-E);

server DRM-R authenticates representing identification data;

server DRM-R, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and the generated enrollment certificate based at least in part, on (PU-E); the server DRM-R returns the generated enrollment certificate to the requesting DRM server-In; and the newly registered server DRM-saves the returned enrollment certificate in the appropriate place for future use, and the DRM server-certificate of registration may be used to issue documents with DRM in the DRM system.

2. The method according to claim 1, in which the server DRM-R does not have a valid reason to trust the DRM server, the method contains the steps where the DRM server-provides In presenting his credentials containing the certificate of sponsorship from parties willing to vouch for such a DRM server, and the certificate of sponsorship includes the public key (PU-V) and the corresponding private key (PR-V); the DRM server-uses (PU-E) and (PR-V) for f is melirovanie signs of possession, to show that the DRM server-holds a certificate of guarantee; the DRM server-sends a registration request to the server DRM-R, and the request includes a certificate of sponsorship, (PU-E) and the signs of possession; server DRM-R verifies the authenticity of the certificate of guarantee; the DRM server-P checks the signs of possession; and the DRM server-R, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and the generated enrollment certificate based on least in part, on the certificate of guarantee and (PU-E).

3. The method according to claim 2, containing the stage at which the DRM server-provides a certificate of sponsorship from an independent issuing agent certificate that is trusted by the server DRM-R and which relies on the server DRM-R in relation to the execution of this guaranty.

4. The method according to claim 2, containing the stage at which the DRM server In the certificate provides guarantees on the X.509 standard.

5. The method according to claim 2, containing the steps where the DRM server-provides the certificate of guarantee, signed poruchayutsya party and accompanied by a certificate chain leading to the well-known root, for authentication purposes; and the DRM server-P checks the authenticity of the certificate of parochiality the basis of his signature poruchayutsya party and certificate chain, to make sure that the server DRM-made bail.

6. The method according to claim 2, containing the steps where the DRM server-performs one of the following operations: use (PR-V) for encryption (PU-E), deliver (PR-V(PU-E)) as signs of possession, or signing (PU-E) with (PR-V), resulting in the (PU-E)S(PR-V) as signs of possession; and

the DRM server-P checks the signs of possession by applying (PU-V) from the request to decrypt (PU-E) or signature verification, to make sure that the server DRM-owns (PR-V) and, therefore, the certificate of guarantee.

7. The method according to claim 2, comprising stages on which the server DRM-R generates a certificate of registration, which includes (PU-E) as the identifier of the DRM server, the identifying characteristics for identification certificate of sponsorship, and a signature based on a secret key of the DRM server-R, and identifying characteristics for a certificate of sponsorship in the certificate of registration serves as a bridge to the certificate of guarantee and show that the server DRM-R trusts and relies on Paracelsus side in relation to guarantees for the server DRM-Century

8. The method according to claim 7, containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes an open CL is h server DRM-R as its ID.

9. The method according to claim 7. contains the stage at which the server DRM-R generates a certificate of registration so that it additionally includes information about the interval authentication, specifies the interval during which the registration certificate is genuine.

10. The method according to claim 1, in which the server DRM-R has a valid reason to trust the DRM server, the method contains the steps where the DRM server-provides In presenting his credentials containing the mandate, which can be recognized by the server DRM-R and the authenticity of which is expected to be confirmed by the server, the DRM-R server DRM-In sends a registration request to the server DRM-R, and the request includes the mandate and (PU-E); the server DRM-R verifies the authenticity of the mandate; and the server DRM-R, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and the generated enrollment certificate based at least in part, on the mandate and (PU-E).

11. The method according to claim 10, containing the stage at which the DRM server-provides the mandate selected from the group consisting of a network identifier or ID domain and the mandate given to a third party.

12. The method according to claim 10, containing the stage at which the server DRM-R generates a certificate R the registration of the case, to include (PU-E) as the identifier of the DRM server In identifying signs for identification of the mandate and the signature based on a secret key of the DRM server-R.

13. The method according to item 12, containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes the server's public key DRM-R as its ID.

14. The method according to item 12, containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes information about the interval authentication, specifies the interval during which the registration certificate is genuine.

15. The method according to claim 1, additionally containing a phase in which the server DRM-R makes a decision about whether to grant the request.

16. The method according to clause 15, which contains the phase in which the server DRM-R performs the operations selected from the group consisting of performing background checks server DRM and/or its operator, determine whether the current server DRM-b and/or part, determine whether the DRM server is In the revocation list or in the list, monitored, and combinations of the above.

17. The method according to claim 1, containing a stage on which the server DRM-R generates a certificate of registration so that it includes (PU-E) as identificato is and the DRM server In the signature, based on a secret key of the DRM server-R.

18. The method according to 17, containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes the server's public key DRM-R as its ID.

19. The method according to 17, containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes information about the interval authentication, specifies the interval during which the registration certificate is genuine.

20. The method according to 17, containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes identifying tags for the identification of representing identity.

21. The method according to claim 1, containing a stage on which the server DRM-R generates a certificate of registration through the use of operations to generate at least part of the information in the certificate of registration.

22. The method according to claim 1, additionally containing a phase in which the server DRM-R attaches to the generated enrollment certificate, certificate chain, which leads in the opposite direction to a trusted root authority, so that the authenticity of the generated enrollment certificate can be verified on the basis of such certificate chain.

23. The method according to claim 1, before omnitele containing phase, where the DRM server-identifies the list of objects with powers of cancellation at least one object with the authority to annul the registration of such server DRM-DRM system that contains the stage at which the DRM server-sends the registration request to the server DRM-R, and the request includes identification data representing, (PU-E) and a list of objects with powers of revocation and contains a stage on which the server DRM-R, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In for registration of such server DRM-DRM system, and the generated enrollment certificate based at least in part, on (PU-E) and the list of objects with powers of revocation.

24. The method according to item 23, containing the stage at which the DRM server-identifies each object in the object list with the powers of revocation by his public key.

25. The method according to item 23, containing the stage at which the server DRM-R generates a certificate of registration so that it includes (PU-E) as the identifier of the DRM server, the list of objects with powers cancellation of the request and the signature based on a secret key of the DRM server-R.

26. The method according to claim 1, containing a stage on which the server DRM-R generates a certificate of registration in accordance with XrML.

<> 27. The method of registering the incoming server digital rights management (DRM) system of digital rights management (DRM), which has a lot of DRM servers that perform the functionality of DRM by recording server digital rights management (DRM-R), so that the incoming server DRM-must be trusted in the system containing phases in which the DRM server-provides a pair of public/private key (PU-E, PR-E) to identify the server DRM-system DRM; DRM server-provides In representing his identity data; the DRM server-sends a registration request to the server DRM-R, and the request includes representing identification data and (PU-E), the server DRM-R authenticates representing identification data and, if the request should be accepted for processing, generating a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and the generated enrollment certificate based at least in part, on (PU-E), and returns the generated enrollment certificate to the requesting server DRM-; and the newly registered server DRM-saves the returned enrollment certificate in the appropriate place for future use, and the DRM server In the certificate of registration can is t be used to issue documents with DRM in DRM system.

28. The method according to item 27, in which the server DRM-R does not have a valid reason to trust the DRM server, the method contains the steps where the DRM server-provides In presenting his credentials containing the certificate of sponsorship from parties willing to vouch for such a DRM server, and the certificate of sponsorship includes the public key (PU-V) and the corresponding private key (PR-V); the DRM server-uses (PU-E) and (PR-V) to formulate the signs of possession, to show that the server DRM-holds a certificate of guarantee;

the DRM server-sends a registration request to the server DRM-R, and the request includes a certificate of sponsorship, (PU-E) and the signs of possession, the DRM server-P checks the authenticity of the certificate of guarantee, checks for signs of possession, and if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and the generated enrollment certificate based at least in part, on the certificate of guarantee and (PU-E).

29. The method according to p containing the stage at which the DRM server-provides a certificate of sponsorship from an independent issuing agent certificate that is trusted by the server DRM-R and which relies serv the R DRM-R in relation to the execution of this guaranty.

30. The method according to p containing the stage at which the DRM server In the certificate provides guarantees on the X.509 standard.

31. The method according to p containing phases in which the DRM server-provides the certificate of guarantee, signed poruchayutsya party and accompanied by a certificate chain leading to the well-known root, for the purposes of authentication, the server DRM-R authenticates the certificate of sponsorship on the basis of his signature poruchayutsya party and a certificate chain to verify that the server DRM-made bail.

32. The method according to p containing phases in which the DRM server-performs one of the following operations: use (PR-V) for encryption (PU-E), deliver (PR-V(PU-E)) as signs of possession, or signing (PU-E) with (PR-V), resulting in the (PU-E)S(PR-V) as signs of possession, the DRM server-P checks the signs of possession by applying (PU-V) request to decrypt (PU-E) or signature verification, to make sure that the server DRM-has (PR-V) and, therefore, the certificate of guarantee.

33. The method according to p containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, including (PU-E) as the identifier of the DRM server In identifying signs for the ID manually is their certificate of sponsorship and signature, based on a secret key of the DRM server-R, and identifying characteristics for a certificate of sponsorship in the certificate of registration serves as a bridge to the certificate of guarantee and show that the server DRM-R trusts and relies on Paracelsus side in relation to guarantees for the server DRM-Century

34. The method according to p containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, additionally comprising the public key of the DRM server-R as its ID.

35. The method according to p containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, additionally including the information about the interval authentication, specifies the interval during which the registration certificate is genuine.

36. The method according to item 27, in which the server DRM-R has a valid reason to trust the DRM server, the method contains the steps that

the DRM server-provides In presenting his credentials containing the mandate, which can be recognized by the server DRM-R, decides, and the authenticity of which is expected to be confirmed by the server, the DRM-R;

the DRM server-sends a registration request to the server DRM-R, and the request includes mA the dates and (PU-E), server DRM-R verifies the authenticity of the mandate and, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and the generated enrollment certificate based at least in part, on the mandate and (PU-E).

37. The method according to p containing the stage at which the DRM server-provides the mandate selected from the group consisting of a network identifier or ID domain and the mandate given to a third party.

38. The method according to p containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, including (PU-E) as the identifier of the DRM server In identifying signs for identification of the mandate and the signature based on a secret key of the DRM server-R.

39. The method according to 38, containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, additionally comprising the public key of the DRM server-R as its ID.

40. The method according to 38, containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, additionally including the information about the interval authentication, specifies the interval during which the registration certificate is the tsya genuine.

41. The method according to item 27, containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, including (PU-E) as the identifier of the DRM server and a signature based on a secret key of the DRM server-R.

42. The method according to paragraph 41, containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, additionally comprising the public key of the DRM server-R as its ID.

43. The method according to paragraph 41, containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, additionally including the information about the interval authentication, specifies the interval during which the registration certificate is genuine.

44. The method according to paragraph 41, containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, additionally comprising identifying characteristics for the identification of representing identity.

45. The method according to item 27, containing the stage at which the newly registered server DRM-saves the returned enrollment certificate that includes a certificate chain that leads in the opposite direction to a trusted root authority, so that the authenticity of the generated series is ificate registration can be checked on the basis of such certificate chain.

46. The method according to item 27, further comprising stages on which the DRM server-identifies the list of objects with powers of cancellation at least one object with the authority to annul the registration of such server DRM-DRM system that contains the stage at which the DRM server-sends a registration request to the server DRM-R, and the request includes identification data representing, (PU-E) and a list of objects with powers of revocation, the server DRM-R, if the request should be satisfied that generates a digital enrollment certificate for the DRM server- the purpose of registration of such DRM server In the DRM system, and the generated enrollment certificate based at least in part, on (PU-E) and the list of objects with powers of revocation.

47. The method according to item 46, containing the stage at which the DRM server-identifies each object in the object list with the powers of revocation by his public key.

48. The method according to item 46, containing the stage at which the newly registered server DRM-saves the returned enrollment certificate, including (PU-E) as the identifier of the DRM server, the list of objects with powers cancellation of the request and the signature based on a secret key of the DRM server-R.

49. The method according to item 27, containing a stage, on which again toregister the integration of the DRM server-stores the returned enrollment certificate, holds a certificate of registration, the corresponding XrML.

50. The method of registering the incoming server digital rights management (DRM) system of digital rights management (DRM), which has a lot of DRM servers that perform the functionality of DRM by recording server digital rights management (DRM-R), so that the incoming server DRM-must be trusted in the system and contains the time that the server DRM-R receives a registration request from the DRM server, which includes representing the identity and public key of the DRM server (PU-E) to identify the server DRM- in the DRM system;

server DRM-R authenticates representing identification data;

server DRM-R, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and the generated enrollment certificate based at least in part, on (PU-E); and

server DRM-R returns the generated enrollment certificate to the requesting DRM server, the newly registered server DRM-saves the returned enrollment certificate in the appropriate place for future use, and the DRM server-certificate of registration may use it for is idaci documents with DRM in DRM system.

51. The method according to item 50, in which the server DRM-R does not have a valid reason to trust the DRM server, the method contains the steps where the server DRM-R receives a registration request from the DRM server, including (PU-E) and represents the identity that contains the certificate of sponsorship from parties willing to vouch for such a DRM server, and the certificate of sponsorship includes the public key (PU-V) and the corresponding private key (PR-V), and the DRM server-uses (PU-E) and (PR-V) to formulate the signs of possession, to show that the DRM server-holds a certificate of sponsorship, and registration request additionally includes signs of possession; server DRM-R verifies the authenticity of the certificate of guarantee; the DRM server-P checks the signs of possession; and

server DRM-R, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and the generated enrollment certificate based at least in part, on the certificate of guarantee and (PU-E).

52. The method according to 51, containing the stage at which the server DRM-R receives a registration request from the DRM server, which includes the certificate of sponsorship from an independent issuing agent, to the which is trusted by the server DRM-R and which relies on the server DRM-R in relation to the execution of this guaranty.

53. The method according to 51, containing the stage at which the server DRM-R receives a registration request from the DRM server, which includes the certificate of guarantee on the X.509 standard.

54. The method according to 51, containing the time that the server DRM-R receives a registration request from the DRM server, which includes the certificate of guarantee, signed poruchayutsya party and accompanied by a certificate chain leading to the well-known root, for authentication purposes; and

server DRM-R authenticates the certificate of sponsorship on the basis of his signature poruchayutsya party and a certificate chain to verify that the server DRM-made bail.

55. The method according to 51, in which the DRM server-performs one of the following operations: use (PR-V) for encryption (PU-E), deliver (PR-V(PU-E)) as signs of possession, or signing (PU-E) with (PR-V), resulting in the (PU-E)S(PR-V) as signs of possession, the method includes a step in which the server DRM-R checks the signs of possession by applying (PU-V) from the request to decrypt (PU-E) or signature verification, to make sure that the server DRM-has (PR-V) and, therefore, the certificate of guarantee.

56. The method according to 51, containing the stage at which the server DRM-R generates a certificate of registration which includes (PU-E) as the identifier of the DRM server, identifying characteristics for the identification of the certificate of guarantee and a signature based on a secret key of the DRM server-R, while identifying characteristics for a certificate of sponsorship in the certificate of registration serves as a bridge to the certificate of guarantee and show that the server DRM-R trusts and relies on Paracelsus side in relation to guarantees for the server DRM-Century

57. The method according to p containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes the server's public key DRM-R as its ID.

58. The method according to p containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes information about the interval authentication, specifies the interval during which the registration certificate is genuine.

59. The method according to item 50, in which the server DRM-R has a valid reason to trust the DRM server, the method contains the steps where the server DRM-R receives a registration request from the DRM server, including (PU-E) and representing identification data containing the mandate, which can be recognized by the server DRM-R and the authenticity of which is expected to be confirmed by the server, the DRM-R server DRM-R verifies the authenticity of the mandate; and behold the ver DRM-R, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and the generated enrollment certificate based at least in part, on the mandate and (PU-E).

60. The method according to p containing the stage at which the server DRM-R receives a registration request from the DRM server, which includes the mandate selected from the group consisting of a network identifier or ID domain and the mandate given to a third party.

61. The method according to p containing the stage at which the server DRM-R generates a certificate of registration so that it includes (PU-E) as the identifier of the DRM server In identifying signs for identification of the mandate and the signature based on a secret key of the DRM server-R.

62. The method according to p containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes the server's public key DRM-R as its ID.

63. The method according to p containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes information about the interval authentication, specifies the interval during which the registration certificate is genuine.

64. The method according to item 50, optionally containing phase in which CE is ver DRM-R decides whether whether to grant the request.

65. The method according to p containing the stage at which the server DRM-R performs the operations selected from the group consisting of performing background checks server DRM and/or its operator, determine whether the current server DRM-b and/or part, determine whether the DRM server is In the revocation list or in the list, monitored, and combinations of the above.

66. The method according to item 50, containing the stage at which the server DRM-R generates a certificate of registration so that it includes (PU-E) as the identifier of the DRM server and a signature based on a secret key of the DRM server-R.

67. The method according to p containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes the server's public key DRM-R as its ID.

68. The method according to p containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes information about the interval authentication, specifies the interval during which the registration certificate is genuine.

69. The method according to p containing the stage at which the server DRM-R generates a certificate of registration so that it additionally includes identifying characteristics for identification representing the ID is s data.

70. The method according to item 50, containing the stage at which the server DRM-R generates a certificate of registration through the use of operations to generate at least part of the information in the certificate of registration.

71. The method according to item 50, optionally containing phase in which the server DRM-R attaches to the generated enrollment certificate, certificate chain, which leads in the opposite direction to a trusted root authority, so that the authenticity of the generated enrollment certificate can be verified on the basis of such certificate chain.

72. The method according to item 50, additionally comprising stages on which the server DRM-R receives a registration request from the DRM server, additionally comprising a list of objects with powers of revocation, identifying at least one object with the authority to annul the registration of such server DRM-DRM system, and contains the stage at which the server DRM-R, if the request should be satisfied that generates a digital enrollment certificate for the DRM server-In to register the server DRM-DRM system, and generated a certificate of registration is based, at least in part, on the list of objects with powers of revocation.

73. The method according to item 72, containing the stage at which the server DRM-R generates a certificate Regis is the radio so to include (PU-E) as the identifier of the DRM server, the list of organs of interest with the authority of the cancellation of the request and the signature based on a secret key of the DRM server-R.

74. The method according to item 50, containing the stage at which the server DRM-R generates a certificate of registration in accordance with XrML.



 

Same patents:

FIELD: physics, computer technology.

SUBSTANCE: invention deals with data protection systems. Certificate-based encryptation mechanism failing to envisage the client source computer access to the whole of the certificate corresponding to the client target computer during encryptation of the e-message to be transferred to the client target computer. Instead the client source computer addresses the certificate server a request for but part of the certificate. The certificate part referred to contains encryptation information but may fail to include (completely or partly) the certificate self-checking information. The certificate server preferably carries out any check of the certificate authenticity before transfer of encryptation information to the client source computer which enables obviation of the need to specifically perform certificate authenticity check with the client source computer especially if the certificate server has been checked for trustworthiness with the client source computer.

EFFECT: reduction of amount of memory and processor resources used for certificate-based encryptation as well as minimisation of requirements to the width of band between certificate server and client source device.

36 cl, 8 dwg

FIELD: physics.

SUBSTANCE: invention is related to methods of usage data collection for television broadcast receivers. Method of usage data collection from broadcast receiver is suggested, whereat receiver is arranged to detect and save such usage data. Method involves representation (16, 18) of confidentiality policy to receiver that identifies not only the usage data subjected to collection, but also preset usage of such data. On receiver interactive or automatic determination (22) whether received policy of confidentiality is acceptable is carried out. If yes, receiver picks up (30) usage data identified in confidentiality policy from storage, and sends them (28) to sender of confidentiality policy.

EFFECT: increased confidentiality of usage of information about habits of users viewing.

15 cl, 3 dwg

FIELD: physics.

SUBSTANCE: invention is related to method for data recording for memory of portable terminal and to memory carrier. Method for recording data for memory of portable terminal contains a stage of reading, at which data is read that is saved on memory carrier of portable terminal; stage of data comparison, at which identifying data are compared, which are individual for user of portable terminal and read from memory carrier, with user registration data registered earlier, and a record command is brought to device of data reading/recording, only when data is approved; recording stage involving recording applied data required for portable terminal to memory carrier under the condition that at the stage of data comparison a record command is sent; stage of activation involving activation of portable terminal, to which memory carrier is connected. Memory carrier contains program, by means of which actions of the said method are enabled.

EFFECT: safety of saving data required for activation of portable telephone.

2 cl, 44 dwg

FIELD: information technology.

SUBSTANCE: registration page with the interface for user mandate input is available on the client system and the entered mandate is sent to the server. As a response to receipt of the user mandate, the server generates a unique session identifier for the client system. The server also receives a digital signature for the user mandate based on the current key in the memory of cyclically changed keys and unique session identifier. Then the server encrypts the digital signature and the user mandate based on the encryption key obtained from the current key and unique session identifier. The encrypted mandate being received with the client system, the keys from the memory of cyclically changed keys are used for checking validity of the mandate. With the user mandate not approved, the user is again transferred to the registration page.

EFFECT: provision of encrypted user mandate processing.

12 cl, 7 dwg

FIELD: information technology.

SUBSTANCE: publishing user is provided with the publication certificate from the DRM server, creates the content, ciphers it with the content key (CK), creates a rights mark for this content with open key of the DRM-server (PU-DRM), for generation (PU-DRM(CK)), restores (PU-ENTITY(PR-OLP)) from the publication certificate, applies secret key (PR-ENTITY) of the corresponding (PU-ENTITY) to the (PU-ENTITY(PR-OLP)) for obtaining (PR-OLP), sign the created rights mark using (PR-OLP), connects SRL and the publication certificate with encrypted content for creation a content package distributed to another user, that must connect with the DRM-server for obtaining a license with CK for playback of the content, creates the license data corresponding with the content package, with (CK), encrypted (PU-ENTITY) for generation of (PU-ENTITY(CK)), signs the license data using (PR-OLP) and attaches the publication certificate to the publication license.

EFFECT: possibility of the content publishing without initial receipt of permission from the server and license issuing for playback of the published content without permission from the server.

20 cl, 17 dwg

FIELD: technological processes.

SUBSTANCE: invention is related to the sphere of cryptographic devices and methods of checking electronic digital signature (EDS). In the method the secret key (SK) is formed, which includes three prime many-digit binary numbers ρ, q and γ. The open key (OK) is formed, which contains three many-digit binary numbers n, α and β, where n=Eρq+l, E - even number, α - number, which is related to index q by module n, and β - number, which is related to index γ by module q. Electronic document (ED) is accepted in the form of many-digit binary number H, electronic digital signature (EDS) Q is formed depending on values of SK, OK and many-digit binary number H, the first checking many-digit binary number A is formed depending on Q, intermediate many-digit binary number W is formed depending on OK and many-digit binary number H, the second checking many-digit binary number B is formed depending on W, and numbers A and B are compared. In case parameters of numbers A and B match, conclusion is drawn about authenticity of electronic digital signature.

EFFECT: reduces size of electronic digital signature without reduction of its resistance level.

8 cl

FIELD: technological processes.

SUBSTANCE: invention is related to the sphere of electrical communication, namely to the sphere of cryptographic devices and methods of electronic digital signature (EDS) check. In the method the secret key (SK) is formed, which includes three many-digit binary numbers (MDN) p, q and γ, where p, q are prime numbers and γ is composite number. The open key (OK) is formed in the form of two many-digit binary numbers n and α, where n = pq and α - number, which is related to index q by module n. Electronic document (ED) is accepted in the form of many-digit binary number H. Electronic digital signature (EDS) Q is formed depending on values of SK, OK and many-digit binary number H. The first checking many-digit binary number A is formed depending on Q. The intermediate many-digit binary number W is generated depending on OK and many-digit binary number H. The second checking many-digit binary number B is formed depending on W, and numbers A and B are compares. In case parameters of A and B numbers match, conclusion is drawn about authenticity of electronic digital signature.

EFFECT: reduces size of electronic digital signature without reduction of its resistance level.

10 cl, 6 ex

FIELD: digital rights control system.

SUBSTANCE: system contains first user device designed for query message setup and transfer, indicating transaction to be run in relation to digital content of at least one object of digital rights (OR), rights issuer aimed to receive query message from first user device, to identify transaction and to process this transaction and to provide access rights to digital content conjointly with server for second user device designed to receive information on stated access right concession. Receive of mentioned information by second user device on digital content access right concession is confirmation of execution of this right to second user device. Method describes operation of mentioned system.

EFFECT: ability of authorized user to transfer partially used or unused object of right to another user and return of OR.

49 cl, 15 dwg, 2 tbl

FIELD: portable electronic devices.

SUBSTANCE: portable electronic device includes memory to store a secret code in the form of pre-defined character sequence; rotating device with touch surface providing for user tactile impact and installed in such a manner as to provide for rotation around its axis; feedback tools separated from the rotating device to provide for feedback to user when turning the rotating device; conversion tool to convert each turn in sequence of turns of the rotating device to a character of corresponding ordered test character sequence, and verification tool to verify the test character sequence by comparing it with pre-defined character sequence.

EFFECT: user convenience during input of test character sequence along with provision of security and restriction of access to the device or to its individual functions.

33 cl, 7 dwg

FIELD: cryptography.

SUBSTANCE: in accordance to the method, cryptographic module is provided with two types of data, which may be received even from a communication partner who is not cryptographically reliable, and which either remain in cryptographic module, or are connected to the document. The information, which remains in cryptographic module, is used to protect the information in the document by generation of a check value, and information which is transferred to document, is used to confirm the fact that the document is protected by a cryptographic module, during the check of document authenticity in a control device.

EFFECT: the contact between cryptographically reliable contact device and document creator is realized directly.

2 cl, 3 dwg

FIELD: physics, computer facilities.

SUBSTANCE: invention concerns methods of guidance of document circulation in safety system. Develop inquiry about change of access rights of the subordinated employee by higher means of input by the higher employee of data about change of access rights in the IT system, thus a system web portal carries out activities over inquiry during inquiry life cycle. Then handle inquiry about change of access rights of the subordinated employee, for the purpose of definition of the information necessary for performance of the further procedure of processing of inquiry and development of instructions. After process of decision-making concerning granting of access rights to resources of the IT-system to the employee who is in submission authorise inquiry. The method also includes inquiry about realisation by means of appointment of the executor for all instructions of inquiry and modification of text instructions and performance of instructions by means of change of a state of IT system by the appointed executor. The expedient can include the control over performance of instructions by means of monitoring of a correctness of changes of access rights and acknowledgement of conformity of these changes to blanket instructions.

EFFECT: integrating and the self-acting coordination of procedures of guidance of identification of users and access rights.

9 cl, 17 dwg

FIELD: information technologies.

SUBSTANCE: software packer comprises packer interface that provides controlled access to file of applied program. Applied program file is encapsulated with the help of software code of security provision for its protection against its unauthorized access. Software packer comprises license key for application of program package, which identifies license policy that determines limitations for application within the bounds of geographical border. Software packer comprises mechanism of license certification, which periodically determines compliance to license policy. Mechanism of license certification allows access to the other process, which operates in local computer via packer interface, in response to signal of license validity confirmation received from license server.

EFFECT: protection of software suppliers rights by software distribution by supplier, limitations on their application and support of safety on end user platform.

13 cl, 18 dwg

FIELD: information technologies.

SUBSTANCE: when user specifies (explicitly or implicitly) that he or she tries or intends to open file, this file may further be locked for edit. Therefore, default action executed, when user requests file opening, results in the fact that access of other users to this file is not prohibited. Then, when user specifies that editing should take place, file is locked.

EFFECT: provision of possibility of file opening modified action.

4 dwg

FIELD: physics; computer technology.

SUBSTANCE: present invention pertains to computer technology. The computer makes an authentication attempt at the server for automatic access to the first network. The server determines that the computer system is not authorised to access the first network. The computer system is authorised to access the second network with the objective of loading files, required for gaining access to the first network. A user interface is automatically provided in the computer system, for receiving the user-supplied signup information. The first document, based on a given layout which contains the user-supplied information, is sent to the server. If the server determines that, the user-supplied information is acceptable then a second document is received, which contains of an instruction for authorising access to the first network. The computer system provides a third document for compatible configuration of the computer system to gain access to the first network.

EFFECT: higher level of automation during initialisation and configuration of a computer system for accessing a network.

32 cl, 4 dwg

FIELD: information technologies.

SUBSTANCE: invention version implies application of broadcasting mechanism for hardware detection, whereas Application Programming Interfaces enables provide internetwork security software detection. Another invention version includes survey procedure providing that configuration of linking device is not changed otherwise endangering protected network.

EFFECT: provided dynamic decisions relying on internetwork security software or hardware (firewall), and automatic transparent configuration of any decision.

17 cl, 4 dwg

FIELD: information technology.

SUBSTANCE: system of digital media in a computer network consists of massive servers for the adaptation of streams of content of the provider (computer-aided manufacturing system), appropriating IP addresses of a computer network, access to which is possible through many network terminals (STB or personal computers), containing a player of content, the module of demand of the content is connected with the servers of administration of access of the subscriber in the local computer network and the server giving session keys for the protection of the operating words of the provider. By means of the SK on the CAM system controlled by the computer network, encoding CW by means of which the content of the provider is protected, placed further in rights usage management a stream of the content, further the control of access over network terminals (CT) is organised for the subscribers to the IP addresses appointed for adapted streams of content of the provider, by control facilities and configuration. In this case to realise the flexibility according to the tariff plans not achievable with the use of the chip of cards of conditional access of extended CAS.

EFFECT: possibility of relaying of the protected content by the provider in a computer network with the retention of control over subscribers from the side of the provider of the content.

60 cl, 3 dwg

FIELD: computer engineering.

SUBSTANCE: data introduction is performed by substitution of text line characters with identical in style characters from other character set; unique identifier is assigned to each user which identifier is transmitted to marking unit when request is sent to database control system. Value of signature bit for answer text line is calculated using one-bit hash function against key sequence corresponding to user identifier. To check the selected line, original line is taken and marked, the result is compared with checked line; to check the entire watermark it will be enough to check several arbitrarily selected lines which accelerates check procedure and do not impose limitations on line order. Using of one-bit hash function and key sequence allows to raise protection level.

EFFECT: enhancement of efficiency of surveillance system for processing, transmitting and distributing confidential information which is stored in text form in multiuser database.

2 cl, 4 dwg

FIELD: physics, computation equipment.

SUBSTANCE: method involves unique ID conversion into security ID (SID) suitable for application in access control unit and protecting computation resource, without necessity of additional standard user facilities for access control of given resources.

EFFECT: obtaining controlled access levels to selected objects without necessity of additional user account.

57 cl, 7 dwg

FIELD: physics, video technics.

SUBSTANCE: invention concerns additional or interactive television content security, particularly subscribing to additional or interactive TV content. Method of signing additional TV content application in the form of a file set with program code and associated objects involves the following stages: identification of at least the first part (2201-220M, 2201-220V) of files in at least one file cluster (2141-214N); cluster signature (2111, 211N) calculation for each cluster; creation of security data resource file (100), which includes signature location description (120, 120A).

EFFECT: increased TV content security.

51 cl, 16 dwg, 1 tbl

FIELD: information technologies.

SUBSTANCE: device contains the block of processors (1), external medium in the form of non-volatile memory (2), RAM unit (3), formatting unit (4), external medium data reading unit (5), interface unit (6), local bus (7), blocking unit (8), external bus (11), read only memory (9), power supply unit (10).

EFFECT: increase of protection efficiency against unauthorized access and violation of confidentiality of the information.

1 dwg

FIELD: measuring equipment.

SUBSTANCE: method consists, that beep signal radiotelemetering signal is received, transformed, recorded and analysed. Transformation stage implies formation of instantaneous quadrature components of telemetering signal at intermediate frequency. Obtained data is digitised. Analysis stage includes restoration of temporal pattern of group telemetering signal. Thus within each interval corresponding to a priori known telemetering signal cycle duration, for resulted quadrature components and resulted clock signal, cross-correlation function is calculated. Then cross-correlation function is calculated. Specified range is used to form arrays corresponding to separate cycles of telemetering signal. Within V cycles duration interval arrays are summed. Maximal total function indicates cycle phase. Based on cycle phase and a priori known telemetering signal pattern, arrays corresponding to resultant separate discrete messages of group telemetering signal are formed.

EFFECT: reduced telemetry losses associated with real-time synchronisation system response time.

2 dwg

Up!