Secure multimedia channel and unit for providing response to failure

FIELD: physics; computer engineering.

SUBSTANCE: present invention pertains to the architecture and method of establishing a secure multimedia channel for content delivery. The computer device has a secure multimedia channel for delivering content from a source to a receiver. In the secure channel, the multimedia base provides a secure environment in the computer device and comprises a common infrastructure of key components, processing content from any specified source and delivering the processed content to any specified receiver, and also comprises a policy implementation unit, providing for compliance with policy on behalf of the source. The policy corresponds to the content from the source and comprises rules and requirements for accessing the content and its playback. The multimedia base provides for secure transmission of content through the computer device and allows for arbitrary processing of protected content in the computer device.

EFFECT: increased security of content from unauthorised use.

23 cl, 6 dwg

 

This application claims the priority application for U.S. patent, having a sequence number 10/820673 and filed April 8, 2004, which claims the priority application for U.S. patent, having a sequence number 60/513831 and filed October 23, 2003, the contents of which in its entirety is included in this application by reference.

The technical field to which the invention relates

The present invention relates to an architecture and method for establishing a secure channel of multimedia content delivery trustworthy way from a variety of content sources (the sources) to any of a variety of receivers of the content (hereinafter referred to as receivers) through a common database. More specifically, the present invention relates to such an architecture and method by which the content delivery is only after this tract will be installed in the form of credible and complies with the policy corresponding to the content.

Prior art

Refer now to Fig. 1 and note that, as is well known, in connection with digital content (12), such as digital audio, digital video, digital text information, digital data, digital multimedia, and so on, in the case where such digital content (12) subject to RA is to spread among users, highly desirable system rights management (PM, RM) and their enforcement. Upon receipt of the content by the user so the user plays or "loses" digital content using the corresponding playback device, such as a media player on a personal computer (14), a portable playback device, or similar device.

Usually the content owner, distributor of such digital content (12), seeks to impose restrictions on what the user can do with such a common content (12). For example, the content owner may want to prevent the user to copy and re-distribute such content (12) the second user, or may want to allow to play common content only a limited number of times, only for a certain total time, only on the device of a certain type, only on the media player of a certain type, only users of a certain type, and so on.

However, after the distribution took place, the content owner is able to exercise control over digital content (12) only in a very small degree, if at all able. In this case, to carry out controlled reproduction or playback of p is osolnik forms of digital content (12) the system (10) RMS, where such control is flexible and is determined by the content owner, which owns such digital content. Usually the content of (12) is distributed to the user in the form of a package (13) through an appropriate channel of distribution. The package (13) digital content distribution may include digital content (12), encrypted with the symmetric key encryption/decryption (KD), ((KD(CONTENT))), as well as other information identifying the content, and how to purchase a license for such content, etc.

Based on the trust system (10) rights management allows the owner of digital content (12) to establish rules that must be met before you will be allowed playback of digital content (12). Such rules may include the above requirements and/or other requirements and can be included in the digital license (16)that the user/computing device (14) of the user (hereinafter, these terms are used interchangeably, unless otherwise required by the circumstances) should/must obtain from the content owner or his agent, or such rules can be pre-attached to the content 12. This licence (16) may, for example, to include the decryption key (KD) for decrypting digital content (12), in Sogno encrypted in accordance with another key decryptable computing device of the user or other playback device.

The content owner, who owns a certain piece of digital content (12), would have preferred not to distribute content (12) to the user, if such owner cannot be sure that this user will follow the regulations established by this content owner in the license (16) or in any other place. In this case, preferably, the computing device (14) of the user or other playback device was supplied by a trusted component or mechanism (19), which will not play digital content (12) except in accordance with such rules.

A trusted component (18) usually has the block (20) assessment, which analyzes rules and determines on the basis of the analyzed rules, whether the requesting user, among other things, the right to reproduce the requested digital content (12) in the way that he wants. As should be clear, the block (20) assessment entrusted in the system (10) rights management the implementation of the wishes of the owner of the digital content (12) in accordance with these rules, and the user should not be able to easily change such trusted component (18) and/or the block (20) evaluation with whatever purpose, dishonest or otherwise.

<> As should be clear rules for playing digital content (12) can determine whether the user has rights to this play, based on any factors from among several factors, including who the user is, where the user is located, what type of computing device (14) or other playback device uses the user, reproducing what the application accesses the system (10) RMS, date, time, etc. in Addition, rules can restrict playback of, for example, a preset number of times or a predetermined playback time.

Rules can be defined in accordance with any appropriate language or syntax. For example, the language may simply define the attributes and values that must be met (for example, the DATE must be later than X), or may require fulfillment of functions in accordance with a specified script (for example, IF the DATE is more than X, THEN DO ...).

After the block (20) the evaluation determines that the user satisfies the rules conditions digital content (12) can be reproduced. In particular, for content playback (12) from a given source to receive the decryption key (KD) and apply it to the content (KD(CONTENT)) from the package (13) of the content that has the training equipment from the real content (12), and then the real content (12) actually played.

The system (10) rights management content (12) packaged for use by the user by means of encryption such content (12) and associating with content (12) rule set, so the content (12) may be reproduced only in accordance with these rules. Because the content (12) may be reproduced only in accordance with these rules, the content of (12) may be freely distributed. However, it should be borne in mind that different pieces of content (12) can be protected in accordance with a variety of systems (10) RMS, each of which is not necessarily compatible with each other system (10) rights management.

Accordingly, there is a need in the architecture and method that determine the protected tract multimedia content delivery (12) from any of a variety of systems (10) management rights to any of a variety of destinations. In particular, there is a need in the way associated with such an architecture, which defines how the path is set as credible and complies with the policy corresponding to the content (12).

Disclosure of invention

The aforementioned needs are satisfied at least in part, by the present invention, which will calculate what inoe device is created on it are protected tract multimedia content delivery from, at least one content source (the source) to at least one content receiver (the receiver). In the protected tract multimedia database multimedia provides a secure environment in the computing device, and includes common infrastructure key components engaged in the processing of content from any particular source and delivering the processed content to any particular receiver, and also includes block the implementation of policies on behalf of each source's compliance policy. Policy corresponds to the content of the source and includes the rules and requirements to access the content and play it back, the media Foundation provides secure for content via the computing device, and allows you to perform arbitrary processing protected content at the computing device.

Block "Trusted authority source" (Deis, SOTA)associated with each content source and the corresponding acts as a secure container, connecting the source to the media Foundation, represents the source of the protected tract multimedia, decrypts the content from the source if necessary, and converts the policy associated with the content from a native format to a format readable by the block re the implementation of the policy, if it is necessary. Block "Trusted authority of the receiver" (DIPR, SITA)associated with each receiver content and the corresponding acts as a secure container, connecting the receiver with the base media is the receiver in the protected tract multimedia, encrypts the content to be delivered to the receiver, if necessary, and converts the policy associated with the content, format block the implementation of the policy in a format readable by the receiver, if necessary. Thus, the receiver receives the content and the appropriate policy, decrypts the received content if necessary, and reproduces the content based on the adopted policy.

The application on the computing device is accessing the media on a computing device, identifying a content source and receiver, and media Foundation establishes a secure path media, based on these specific content, the source and the receiver, for the implementation of such delivery. The unit dies on behalf of the source sets the trust in respect of the protected tract multimedia and then distributes the policy corresponding to the content, or for non-delivery, protected tract multimedia. The unit dies defines a specific type of action that must be done is ad content when it is delivered via a secure path media decides whether a specific type of action to be performed on the content when it is delivered via a secure path media, and informs the base media about it. Media Foundation informs the application about whether it might be done this particular type of action, and if it can, then the application proceeds to him, giving the basis of the multimedia team to perform this type of action.

List of figures

The above description of the entity, as well as the following detailed description of embodiments of the present invention will be better understood when read in connection with the accompanying drawings. In order to illustrate the invention the drawings shown embodiments of the invention, which at the moment are preferred. However, as should be clear that the invention is not limited to exactly those options implementation and tools that are shown. In the drawings:

Fig. 1 is a block diagram showing the architecture ensuring that the rights of and related to the example system based on trust;

Fig. 2 is a block diagram representing a computer system for General purpose, which can be embodied aspects of the present invention and/or its parts;

Fig. 3 is a block diagram showing the protected tract multimedia set the config base media when referring to her application for delivery of content from a source to a receiver in accordance with one embodiment of the present invention;

Fig. 4 is a block diagram of the operational sequence of the method, showing key steps performed by the secure channel media shown in Fig. 3, when deciding whether to allow the delivery of content from a source to a receiver, in accordance with one embodiment of the present invention;

Fig. 5 is a block diagram showing part of the protected tract multimedia, shown in Fig. 3, which includes the block "Trusted authority source unit providing a response to the refusal and the application interface response to failure to receive and run this block provide, in accordance with one embodiment of the present invention; and

Fig. 6 is a block diagram of the operational sequence of the method, showing key steps performed by the elements shown in Fig. 5, in response to failure to take action, in accordance with one embodiment of the present invention.

The implementation of the invention

COMPUTER ENVIRONMENT

Fig. 1 and the following explanation is intended to provide a brief General description of a suitable computing environment in which can be implemented in the present invention and/or its parts. The invention, though it is not a requirement, are described in the General context mashinostryenia teams such as PR the software modules, executable by a computer such as a workstation, which is the client or the server. Typically software modules include procedures, programs, objects, components, data structures and similar modules that perform particular tasks or implement particular abstract data types. In addition, it should be borne in mind that the invention and/or its parts can be practically implemented with other configurations of computer systems, including hand-held devices, multiprocessor systems, microprocessor-based or programmable consumer electronics, network personal computers (PC), minicomputer, universal computers, and the like. The invention can also be practically implemented in distributed computing environments where tasks are performed by remote processing unit connected through a communication network. In a distributed computing environment, program modules may be located in both the local and remote storage devices.

As shown in Fig. 2, an illustrative computer system General purpose includes a conventional personal computer (120) or the like, comprising a processor (121), system memory (122) and system bus (123), which connects various system components is, including the system memory to the processor (121). System bus (123) can refer to any of several types of bus structures including a memory bus or memory controller, a peripheral bus and a local bus using any of a variety of bus architectures. The system memory includes a persistent storage device (RAM, ROM) (124) and random access memory (RAM, RAM) (125). Basic system (126) input/output (BIOS), containing basic procedures that facilitate the transfer of information between elements within the personal computer (120), for example, during startup, is stored in ROM (124).

Personal computer (120) may also include memory (127) hard disk drives for reading from the hard magnetic disk (not shown) and write on it, drive (128) for the magnetic disk to read from a removable magnetic disk 129) or write to it, and drive (130) for the optical disk to read from a removable optical disk (131), such as a ROM on the CD-ROM (CD-ROM) or other optical storage media, or write on it. Drive (127) hard disk drive (128) for a magnetic disk and disk drive (130) optical drive connected to the system bus (123) through an interface (132) drive hard disk drive is x, interface (133) drive for a magnetic disk and interface (134) of the optical disk, respectively. The drives and their corresponding machine-readable media provide nonvolatile storage of computer-readable commands, data structures, program modules and other data for the personal computer (20).

Although illustrative environment described herein employs a hard magnetic disk, a removable magnetic disk 129 and a removable optical disk (131), it should be borne in mind that in the illustrative operating environment may also be used and other types of computer-readable media that can store data, access to which can realize the computer. Such other types of storage media include magnetic tape, flash memory card, digital videodisc cartridge Bernoulli, random access memory (RAM), a persistent storage device (ROM) and the like.

On a hard magnetic disk, magnetic disk 129, optical disk 131, ROM (124) or RAM (125) can store a number of software modules, including the operating system (135), one or more application programs 136, other program modules (137) and (138) programs. The user can enter commands and information into the personal computer (120) through the device is Istv input such as a keyboard (140) and pointing device (142). Other input devices (not shown in the drawing) may include a microphone, joystick, game pad, parabolic satellite dish, scanner, or similar device. Often these and other input devices connected to the processor (121) through an interface (146) serial port, connected to the system bus, but may be connected through other interfaces such as a parallel port, game port or a universal serial bus (USB). Monitor (147) or another type of display device is also connected to the system bus (123) via an interface such as a video adapter (148). In addition to the monitor (147) personal computer typically includes other peripheral output devices (not shown in the drawing), such as speakers and printers. The illustrative system shown in Fig. 2, also includes a host adapter (155), bus (156) small computer system interface (SCSI) and the external storage device (162)connected to the SCSI bus (156).

Personal computer (120) may operate in a networked environment using logical connections to one or more remote computers, such as remote computer (149). The remote computer (149) may be another personal computer, a server, a March is atization, network personal computer (PC, PC), a peer device or other common network node, and typically includes many or all of the elements described above in relation to the personal computer (120), while in Fig. 2 illustrates only memory (150). The logical connections depicted in Fig. 2, include a local area network (LAN) (151) and wide area network (WAN) (152). Such networking environments are often used in offices, networks scale enterprises, intranets and the Internet.

When using in a network environment LAN personal computer (120) connected to the LAN (151) through a network interface or adapter 153). When used in a WAN network environment personal computer (120) typically includes a modem 154 or other means for establishing communications over the WAN (152), such as the Internet. Modem (154), which may be internal or external, is connected to the system bus (123) through the interface (146) of the serial port. In a networked environment, program modules depicted in relation to a personal computer (120), or parts thereof, may be stored in a remote storage device. It should be borne in mind that the illustrated network connections are illustrative, and may be used and other means of establishing lines of communication between computers.

PROTECTED TRACT MULTIMEDIA

The term "protection is ontent" denotes a range of methods and technologies, intended for such digital content protection (12)in which such content (12) cannot be used in a manner contrary to the wishes of the content owner and/or its supplier. The methods include, among others, the copy protection (SC, SR), protection of lines of communication (SLC, LP), conditional access (UD, CD), rights management (PM, RM) and digital rights management (DRM DRM). The base of any system content protection is that only the trusted application to ensure proper adherence to the implicit and/or explicit rules for the use of protected content (12), can access this content in its unprotected form. Usually the content of (12) is secured to the fact that encrypted in some way, despite the fact that to decrypt the content may only trusted parties.

Copy protection is, in the strictest sense of the term specifically applies to content (12)located in the storage device, while protecting the communication line is applied to the content (12)flowing between applications/devices on the transmission environment. Conditional access can be considered as a more perfect form of protection of lines of communication, in which demand programs, channels and/or movies are encrypted when they are transmitted. Only those subscribers who have paid for access to such Conte is the (12), feature keys needed to decrypt it.

Digital rights management is an extensible architecture in which the rules relating to the authorized use of a specific piece of content (12), clearly expressed and bound to the content (12) or associated with him. Mechanisms of digital rights management can support richer in content and more expressive than other methods, while providing a higher degree of control and flexibility at the level of individual pieces of content or even sub-components of this content. An example of a system digital rights management is provided in the application for U.S. patent, with the number 09/290363 and submitted April 12, 1999, and provisional application for U.S. patent, with the number 60/126614 and filed on March 27, 1999, each of which in its entirety is included in this application by reference.

Rights management is a form of digital rights management, organizational based on the fact that the content of (12) can be protected in such a way as to be accessible only within the organization or its subsidiaries. An example of the RMS system is described in the patent applications U.S. with non 10/185527 and 10/185278, each of which filed June 28, 2002 and in its entirety is included in this for the internals by reference.

In the present invention, the architecture of the protected tract multimedia determined on a computing device (14) thus, to ensure the processing and delivery of content from any of multiple content management systems, including systems described above. In particular, this architecture provides a mechanism for the delivery of protected content (12) from its source (30) to the destination or receiver (32), while providing the necessary processing protected content (12). Note that the source (30) is a system of supplying or "outstanding" content (12), and may be any suitable system, and it is not beyond the nature and scope of the present invention, including, of course, provided that the source (30) can interact with the architecture. For example, the source (30) may be any of several highly functional or minimally functional rights management systems, such as digital rights management system or RMS, or may be any of several sources (30) with limited content protection, such as system copy protection, protection of communication lines or conditional access, or can even be any of several sources (30), have weak, if any, of its own content protection, such as the underlying systems is or storage server, the file storage system or server or similar device. Note that the source (30) can get real content (12) from anywhere. For example, content (12) in the case of content-protected rights may be located on a remote file server, but access may be provided by a source (30), such as the RMS system on a computing device (14).

Usually in this case, the source (30) is capable of producing multimedia data generic in the usual way through the specified interface. Options for implementation of source (30) correspond to the different means of access to the content and may include a content source with digital rights management, is able to read files that are protected through a system of digital rights management, from storage on hard drives or from another file system, the source of the DVD content that can read multimedia DVD-data DVD (digital Versatile disk), etc. Note that the source (30) is not necessarily content protection for content (12). So for some sources (30) content protection in a given case, may or may not be present.

Similarly, each of the one or more receivers (32) is a system that accepts or cluck the "flows" content (12), and can be any suitable system, and it is not beyond the nature and scope of the present invention, but again, of course, provided that the receiver (32) can interact with the architecture. For example, the receiver (32) can be a sound system for the reception of the audio data to be delivered to the loudspeaker, video system for receiving video data to be delivered to the display device, the system controlling light emission for receiving control signals by light radiation to be delivered to the system controller light emission, the control system of the motor for receiving control signals the motor to be delivered to the system controller of the electric motor and the like. In addition, the receiver (32) may be a simple interface that connects with a conduit, such as a network or a data cable. Note that as in the case of source (30), the receiver (32) can deliver real content (12) anywhere. For example, the content in the case of audio data can be delivered to the remote loudspeaker through such a receiver (32), as a sound card on a computing device (14). Note that this receiver (32) is associated with the resource output, and not with the content protection system. In any example, the receiver (32) may have or may lack the SQL associated content protection system.

It is important to note that in this architecture (as we see now Fig. 3) each source (30) and the receiver (32) can be integrated with the block (34) of the policy implementation from the base media (36) on a computing device (14) through the provision of appropriate block "Trusted authority source" (Deis, SOTA) (38) or block the Trusted authority of the receiver" (DIPR, SITA) (40) respectively, or provide access to these blocks. Thus, each source (30) and each receiver (32) can be local or remote to the computing device (14), but each corresponding block of dies (38) or block DIP (40) local to a computing device (14), which is why it works in at least some aspects, as an agent or representative of the corresponding source (30) and the receiver (32). It is important to note and keep in mind that almost any source (30) or the receiver (32) may be part of the base architecture multimedia and protected tract multimedia, with the corresponding block of dies (38) or block DIP (40), respectively.

Each unit dies (38) is in the protected tract (39) media, this particular architecture, the corresponding source (30) and operates in such a way that provides the functionality of decoding for Dechy the work content (12) from a source (30) in the case if necessary, and converts the policy associated with the content (12), from the native format to a format readable by the block policy implementation (34). As you can see, the policy, in essence, represents the rules and requirements for access and playback content (12), such as those that can be stated in the license (16), shown in Fig. 1. Note that the unit dies (38) may also act on behalf of the source (30), especially in respect of issues relating to trust, policy and rights.

Similarly, each block DIP (40) is in the protected tract (39) media, this particular architecture, the corresponding receiver (32) and operates in such a way that provides the functionality to encrypt to encrypt the content (12), subject to the delivery to the receiver (32), if necessary, and converts the policy associated with the content (12), block format (34) the implementation of the policy in a format understood by the receiver (32). Thus, the receiver (32) takes the content (12) and the corresponding policy, decrypts the received content (12) if necessary, and plays it, based on the adopted policy. Note that the unit dies (38) can similarly act on behalf of the receiver (32), particularly in relation to matters concerning which Overy, policies and rights.

Note also that the policy corresponding to any particular piece of content (12), can be any suitable policy, and it is not beyond the nature and scope of the present invention. This policy is usually given in the above-mentioned native format, which is specific for a particular source and may be of arbitrary complexity. For example, a policy can be expressed as a sequence of bits that are installed or not installed 1 can include subject to the execution of the algorithm described in a predetermined language, and/or may even include or refer to executable machine code. Usually, the policy can Express information such as information about the action that can be made in respect of the relevant content (12), about the condition prior to the action that should exist about the event, following the action that should be performed on elements that should be present or not be present in the content (12), on the conditions imposed on such elements on the policy, subject to further transfer together with the delivered content (12), and the like.

Block (34) the implementation of the policy, included in the database (36) the media is a Central part of the architecture is protected tract media and is responsible for ensuring compliance with the policy on behalf of each unit dies (38). Thus, and in accordance with what is set out below, the block (34) the implementation of the policy provides coordination of policy between each applicable source (30) and each applicable receiver (32), including the required protection system content at the receiver, directed outside the policy on the content protection systems at the receiver and the inclusion and exclusion of components tract multimedia. Block (34) the implementation of the policy also provides a secure environment within which the received content (12) can be treated with some level of confidence that the content of (12) is protected from theft by dishonest entity.

Base (36) media with block (34) the implementation of the policy, in essence, is a General set of functions needed to provide a common infrastructure for the implementation of the content processing (12) from a particular source (30) and to deliver the processed content (12) in any particular receiver (32). It is important to note that although the format of the content (12) and related policies can vary from source (30) to the source (30), the base (36) media can handle such content (12) and an associated policy for the reason that each source (30) has a corresponding unit dies (38), which decrypts the content (12) if necessary, and converts the associated policy of seumanutafa native format in the above format, perceived by the block policy implementation (34). Similarly, although the format of the content (12) and related policies can vary from receiver (32) to the receiver (32), media Foundation can handle such content (12) and an associated policy for the reason that each receiver (32) has a corresponding block DIP (40), which encrypts the content (12) if necessary, and converts the associated policies of the above-perceivable form block (34) the implementation of the policy, in the above format understood by the receiver (32).

More specifically, the base (36) media provides a common infrastructure that provides the course content (12) in a secure environment and providing a secure environment in the operating system of the computing device (14), a common mechanism for the transformation and reconciliation of rights, rules and policies at the intersection of the boundaries of the protected environment and a common mechanism to encrypt/decrypt the multimedia data transmitted with a high bit rate, when the safe transfer of these data between a protected environment on a computing device (14) and other protected environments. Thus, the base (36) media allows for protected content (12) in protected mode in the direction of the computing device (14), in him and through him and redustrial the exercise of arbitrary processing protected content (12). As a result, any interested party can add to the operating system on the computing device (14) means of ensuring protection of arbitrary content, distributing the appropriate blocks of dies (38) and/or blocks DIP (40), depending on what the circumstances require.

Typically, and as shown in Fig. 3, the base (36) media includes a number of key components (42), which provide the above-mentioned General infrastructure such base (36) media. As you can see, each component (42) may be any suitable component, and it is not beyond the nature and scope of the present invention. The use of such key components (42) is widely known or should be obvious to a person skilled in the art, and therefore need not here in any kind of details.

In addition to the functionality provided by key components (42) of the base (36) media, and if necessary, any interested party may add to the operating system on the computing device (14) means of providing for additional protected arbitrary functionality, extending the appropriate additional components or plug-ins (44), which are designed to work in the SOP is agenie with a base (36) media with the to provide such additional functionality. As you can see, each plug-in (44) can be any suitable plugin, and it is not beyond the nature and scope of the present invention. The use of such plugins (44) is widely known or should be obvious to a person skilled in the art, and therefore need not here in any kind of details.

In one embodiment of the present invention, the base (36) media is activated to create a secure path (39) media between each of the one or more selected sources (30) and each of the one or more selected receivers (32), and the selected multimedia application (46) on a computing device (14). It is assumed that a multimedia application (46) is controlled by a user or another application on the computing device (14) or somewhere in other place. So, a multimedia application (46) selects the content (12) to play and, in doing so, selects one or more selected sources (30) and, if necessary, selects one or more receivers (32). After that, a multimedia application (46) is not involved in the playback of protected content (12) through the established secure channel (39) media, except, perhaps, the case is, when it gives commands to control playback, such as start, stop, repeat, fast backward, fast forward and similar commands.

In one embodiment of the present invention, the base (36) media and created by a secure path (39) media alone are responsible for content management (12) within this created a protected route (39) media and, accordingly, the application (46) has no control over the content (12) within this created a protected route (39) media. Thus, the application (46). controls the content playback (12) through the base (36) media and it has created a protected route (39) media, but have no real access to such content (12) or control him, especially in any kind of unprotected form. In particular, the database (36) multimedia and secure path (39) media may not be given by the application (46) or any other element to produce an action in respect of content (12), contrary to the policy corresponding to the content (12). As a result, it is important to note that the application (46) do not need any specially to establish the fact that it is trustworthy in connection with the protected tract (39) media shown in Fig. 3, and in fact the application (46) is not entrusted with the handling content (12) any require trust way. Of course, this lack of confidence in the application (46) has no harmful effects, taking into account the fact that the application (46) is actually processing the content (12) otherwise, as giving commands to control playback, such as those listed above, during the operation performed by the base (36) media and created by a secure channel (39) media.

If to summarize the aforesaid, the base (36) media, functioning on the order of application (46), creates a secure path (39) media through which the content (12) from one or more sources (30), it must be sent to one or more receivers (32). Assume that the base (36) media produces some content operations (12) passing through the established secure channel (39) media despite the fact that such operations over such content (12), produced by a base (36) media can be as minimal or as a maximum, to the extent necessary. It is important to note that before each source (30) will allow your content (12) complete created on the protected tract (39) media and according to one of embodiments of the present invention, the source (30) is satisfied that the base (36) media, its block (34) of the policy implementation, each component (42), each used the plug (44), each host receiver (32) and any other item that relates to or affects the content of (12) is (a) credible and (b) has the right to affect the content (12), based on the policy associated with the content (12).

According to the present invention, the element may be recognized as credible on the basis of presentation marker that confirms this element. This supporting token can be any suitable confirming the marker, and it is not beyond the nature and scope of the present invention. For example, and especially in the digital area, this supporting token may contain a digital certificate from the supporting point may include a test certificate chain extending in the opposite direction to well-known and clothed with trusted root authority. Such a certificate could include a hash function and put the item to be scanned on the basis of the key in the certificate, making the change of item produced for any purpose, including breach rendered this element of trust, would have led to the fact that the hash function does not pass inspection, and in this case, the item should not be given credence.

Also according to the present invention, as long as the item is recognized as a credible, item entrusted himself resh is th whether it can affect the content (12), on the basis of whether it is to respect the rights contained in the policy associated with the content (12). Alternatively, confidently assumed that the item truthfully respond to rights-based request from another element. For example, if the policy specifies that the element must have at least a certain version number, and the element has an earlier version, it is confidently believed that the item will refuse to touch the content (12), and in this particular case from element one would expect the explanation to the requester of the reason for such denial. Similarly, if, for example, the policy specifies that the element must not store content (12) in unsecured form and the item actually does this, that, similarly confidently assumed that the item will refuse to touch the content (12), and again in this particular case from element one would expect the explanation to the requester of the reason for such denial.

In one embodiment of the invention, and we consider now Fig. 4, the architecture of the protected tract multimedia, shown in Fig. 3, is used to deliver content (12) from one or more sources (30) to one or more receivers (32), carried out as follows. Pre-application (46) on asparaginases or other item is willing to transfer the content (12) from one or more sources (30) to one or more receivers (32) and therefore, accesses the database (36) multimedia definition content (12) each such source (30), from which the content of (12) must be received, and each such receiver (32), in which the content of (12) must be delivered (step 401).

In response, the base (36) media, based on these specific content (12), the source (30) and the receiver (32), establishes a secure path (39) multimedia for the implementation of such delivery (step 403). Note that by doing this, the base (36) media may choose one or more of its components (42), which should handle the content (12) and to operate it when it is delivered via a secure path (39) media, and may choose one or more of their plugins (44), which must also handle the content (12) and to operate it when it is delivered via a secure path (39) media. Base (36) media can be used to establish a secure path (39) multimedia and feature selection (42) and plugins (44) any appropriate methodology, and it is not beyond the nature and scope of the present invention. This establishment of the protected tract (39) multimedia and feature selection (42) and plugins (44) base (36) media known or should be obvious to a person skilled in the art, and therefore need not here in any kind of details. For example, there is imposed produced by the base (36) media and in connection with it in accordance with the present invention, may include those actions described in the Application.

It is important to note that after the base (36) media will establish a secure path (39) media created unit dies (38)corresponding to each source (30) of this particular tract (39), and it is created as a secure container, connecting a source (30) with a base (36) media, as seen in Fig. 3, (step 405 in Fig. 4). This creation can be produced by the source (30), a base (36) media or by them jointly, and it is not beyond the nature and scope of the present invention. As mentioned above, each block of dies (38) is a trusted authority and is the appropriate source (30) in the protected tract (39) multimedia and functions in such a way that provides the functionality to decrypt the content (12) from a source (30) if necessary, and converts the policy associated with the content (12), from the native format to a format readable by a unit (34) the implementation of the policy included in the database (36) media. Note also that the unit dies (38) may also act on behalf of the source (30), especially in respect of issues relating to trust, policy and rights.

It is also important to note that once the base (36) media will establish a secure path (39) media creates a block DIP (40)corresponding to each receiver (32) this particular tract (39), and it is created as a secure container, connecting the receiver (32) with a base (36) media, as seen in Fig. 3 (step 407 in Fig. 4). This creation can also be produced by the receiver (32), a base (36) media or by them jointly, and it is not beyond the nature and scope of the present invention. As also mentioned above, each block DIP (40) is a trusted authority and is appropriate receiver (32) in the protected tract (39) multimedia and functions in such a way that provides the functionality to encrypt content (12), subject to the delivery to the receiver (32), if necessary, and converts the policy associated with the content (12), block format (34) the implementation of the policy in a format understood by the receiver (32). Also note that the unit DIP (40) may also act on behalf of the receiver, especially in respect of issues relating to trust, policy and rights.

In one embodiment of the present invention, the unit dies (38), acting on behalf of the source (30), establishes trust in respect of the protected tract (39) media. After that, and once the trust is established, the unit dies (38) extends the policy corresponding to the content (12), liable the mu playback, which was defined by the application (46) in step 401. In particular, the unit dies (38) establishes trust, first establishing the trust in respect of the block (34) the implementation of the policy included in the database (36) multimedia (step 409). After that the trusted block (34) the implementation of the policy sets out the trust in respect of other components of the protected tract (39) media, including each component (42), each plugin (44) and each receiver (32), represented by a block DIP (40) (step 411).

When establishing a trust, according to the above, the element can be considered credible on the basis of the presentation of a token, such as a digital certificate from a certifying authorities, which confirms this element. This token/certificate could include a hash function and put the confidence of the item to be scanned on the basis of the key in the certificate, so the trust element may include verification of the hash function. Note that if at any stage the credibility of the element is not established, this element being denied access to contnetw (12). Consequently, the element must be removed from the protected tract (39) media, if possible. If this is not possible, the unit dies (38) does not produce content (12) in the protected tract (39) media.

Assume that the trusted block (34) implement the promotion policy will really establish trust with each item of the protected tract (39) media including each component (42), each plugin (44) and each receiver (32), represented by a block DIP (40), then the unit dies (38) distributes policy corresponding to the content (12)subject to reproduction. In particular, the unit dies (38) provides the distribution of such policy unit (34) the implementation of the policy (step 413). By doing this, the unit dies (38) uses the optionally available functionality for policy conversion from native format to a format readable by a unit (34) the implementation of the policy included in the database (36) media, and then transmits the converted policy unit (34) of the policy implementation.

After this block (34) the implementation of the policy with the converted policy, establishes the fact that each component (42) and each plugin (44) of the base (36) media have the right to affect the content (12) or make it available in accordance with the converted policy. In particular, on the basis of the converted policy unit (34) the implementation of the policy, if necessary, specifies that each such component (42) and each plugin (44) of the base (36) multimedia satisfies the conditions of the converted policy (step 415). Note that the element that have the trust may, however, on the basis of policy, still not being able to affect the content (12) or osushestvljali access it. For example, according to what was said above, if the policy specifies that the element must have at least a certain version number, and the element has an earlier version number, the item, though, and have the trust still has no right to affect the content (12) or to make access to it. Note that if at any stage a trusted element has no right to access contnetw (12) or to touch him, according to what is determined by the block (34) of the policy implementation, such element being denied access to the content (12). Consequently, the element must be removed from the protected tract (39) media, if possible. If this is not possible, the unit dies (38) does not produce content (12) in the protected tract (39) media.

In addition, the block (34) the implementation of the policy with the converted policy, establishes the fact that each receiver (32) in the protected tract (39) the media has the right to affect the content (12) or make it available in accordance with the converted policy. In particular, the block (34) the implementation of the policy provides the distribution of such converted policy unit DIP (40) of the receiver (32). When this block DIP (40) similarly uses the optionally available functionality for re-converted the th policy in the format perceived by the receiver (32), and then re-transmits the converted policy unit DIP (40). After that confidentially is assumed that the receiver (32) and its block DIP (40) as clothed with confidence items protected tract (39) media follow this retransformed policy.

In one embodiment of the present invention the block (34) the implementation of the policy, as a Supplement or alternative to the above, requests the receiver (32) through its block DIP (40) about the action that the receiver (32) intends to produce in relation to content (12), the corresponding policy (step 419). Such action may, for example, contain the content playback (12), copying content (12), exporting content (12) in an unprotected format, and the like. Note that, since the protected tract (39) media, which includes block DIP (40) and the associated receiver (32), was established by order of the application (46), this unit DIP (40)/receiver (32) must be explicitly or implicitly expressed knowledge of what action is expected to produce content (12). Note also that although the block (34) the implementation of the policy could about such action is to ask the application (46), application (46) do not trust that it meets truthfully, while the receiver (32)/unit DIP (40) in fact, so until eriam uses.

In any case, the trusted receiver (32)/unit DIP (40) gives the answer with respect to such actions, and the block (34) the implementation of the policy passes the response on to the unit dies (38) (step 421). After that, the unit dies (38) decides whether the block DIP (40)/receiver (32) to produce this effect, presumably with reference to the policy corresponding to the content (12), and informs the block (34) the implementation of the policy (step 423). As should be clear, if the action cannot be completed, then the unit dies (38) will not allow to produce content (12) in the protected tract (39) media.

Suppose that the action can be performed, then the block (34) the implementation of the policy informs the app (46) (step 425), and application (46) can then start it by giving commands to the database (36) media to perform such actions and related actions (step 427). For example, the application can issue commands to the database (36) multimedia playback content (12) and can also later be given the command database (36) media to stop, rewind, fast forward, skip forward, skip backward, and the like.

Note that in the implementation of the action content (12) passes through a protected path (39) media created by the base (36) media. In particular, the base (36) media gets the content of (12) from a source (30), sportsuit functionality unit dies (38) for decryption to decrypt the content (12) in the case if necessary, and then sends the content (12) next. Thus, the base (36) multimedia and its components (42) and the plug (44) is performed on the content (12) any necessary processes, and then the base (36) media uses the functionality of the unit DIP (40) encryption to encrypt the content (12) if necessary, and delivers the content (12) in the receiver (32). Of course, the receiver (32) then sends the content (12) at the place of its final destination.

The action made in respect of content (12) unit (34) the implementation of the policy should be reported to the unit dies (38)so that the unit dies (38) can update any status information related to the policy corresponding to such content (12). For example, if a policy requires that conducted the play counts, the unit dies (38) should after some time to make a record that the play counts have been adjusted. Alternatively, the unit dies (38) as a content provider (12) can detect that produced by the action, and then to update any information on the status if necessary.

As should now be clear, the application (46) may, at any later point in time to make a decision to reconfigure the protected tract (39) media. For example, an application (46) which may change the receiver (32) radio and receiver (32) of the light system. In this case, as should be clear, the process shown in Fig. 4 must be repeated in order to establish trust reconfigured protected tract (39) media and disseminate information on the rights.

Also, it should be clear that according to the present invention, the base (36) media can be instructed to establish a secure path (39) media based on some arbitrary or almost any combination of sources (30) and receivers (32). It is important to note that whichever path (39) nor was installed, the architecture described in this invention allows such tract (39) to be certified as trustworthy and as satisfactory from the point of view of the policy or rights corresponding to content (12), which must be transmitted by this route. In addition, even though the tract (39) is established by order of the application (46), the application (46) itself should not be credible, because the application (46) itself never touches or does not access the content (12) in such a way that the application (46) could be intentionally or unintentionally used to steal such content (12).

The UNIT ENSURE RESPONSE TO FAILURE AND the INTERFACE FOR IT

As mentioned above in connection with the method shown in Fig. 4, the trusted receiver (32)/unit the Ypres at step 421 in response to the request block (34) of the policy implementation report on the action which intend to produce and the power dies (38) in step 423 decides whether the receiver (32)/unit DIP (40) to produce this effect, and informs him of the block (34) of the policy implementation. If the unit dies (38) refuses to allow this action, the unit dies (38) does not allow to produce content (12) in the protected tract (39) media.

Such a refusal under normal circumstances would have caused the end of the process, shown in Fig. 4, without further explanation, that perhaps would have on the application user (46) less than satisfactory experience. However, it should be borne in mind that the grounds for at least some types of failures can be anticipated that at least some such grounds can be treated relatively simply, and that the unit dies (38) can therefore be designed to include or have access to functionality that allows you to access the grounds, at least some of the failures. Such failures are many and varied and may include: the lack of a proper license (16) (see Fig. 1), the absence of a current version of the item, the inclusion of the receiver path (32)configured to perform improper function, and the like. In one embodiment of the present invention to this case and the architecture of the protected tract (39) media provided functionality in response to failure, designed to respond to at least some of the failures.

Note that such functionality in response to failure could be included in the database (36) media, and it is not beyond the nature and scope of the present invention. However, since such functionality in response to failure, probably closely associated with a particular source (30), it is more convenient that such functionality was included in the unit dies (38), corresponding to such source (30), or were available to them.

Note that issuing a response to failure may in some cases require data entry by the user through the application, (46), and in some cases, on the contrary, without such user input when the unit dies (38) provides a response without the help of the user. However, according to the requirement of good practice, the application user should always participate in the response to failure, especially when the response requires that some element or information received from a remote source, such as a network. In one embodiment of the present invention in this case, and we consider now Fig. 5, each block of dies (38) provides one or more blocks (48) ensure that the Respondent's refusal, each to fulfill specific about what KAZ, and application (46) includes an interface (50) of the Respondent, which can interface with each block (48) of support provided through the base (36) of the media.

Thus, as should be clear, given the block (48) software and interface (50) provides an abstract layer for the implementation details of the response to failure of the unit dies (38) through the application (46). In particular, given the block (48) the provision of unit dies (38) leads to the procedures of response to specific his refusal, including one or more addresses for information, input data required from the user, and the like, and an interface (50) defines a sequential procedure of interaction between the application (46) and block (48) provided through the base (36) media. It is important to note that although the provided blocks (48) ensure changed from failure to failure from source (30) to the source (30), interface (50) always uses the same interface procedures regardless of what source (30)/unit dies (38) is connected block (48) software. Thus, the application (46) to perform a response to failure uses any functions that are available from the given block (48) ensure that there is no need to distinguish between a specific source (30), provided such unit (48) software. Note that although the application (46) is not clothed with the trust, any information or data obtained through the block (48) ensure that, come the database (36) media and/or protected path (39) media and can be forced to prove that they deserve the trust in the context of this framework (36) media and/or protected tract (39) media. This means that in the event that the application (46) holds when the interface (50) performs block (48) ensure that the trust resulting from their origin, do not possess.

Refer now to Fig. 6, which shows that in connection with the protected tract (39) multimedia trusted block DIP (40) in step 421 reports the action that you intend to produce, in response to the block (34) the implementation of the policy, as it was at step 421, and the unit dies (38) this time refused to allow the unit DIP (40) to produce this effect because some of the detected fault, as at step 423 (step 601). However, the unit dies (38) also recognized that the reason for rejection may be communicated through the use of concrete block (48) updates are available for unit dies (38) or is included (step 603), and the unit dies (38), thus providing a specific unit (48) for the application (46) through the base (36) multimedia (step 605). Note that the base (36) media can have a pointer or other reference to an interface (50) and may, therefore, is ravity block to the software interface (50) application (46) using this pointer or other reference.

As should be clear, given the block (48) the provision includes all the information and techniques needed to get the application (46) through its interface (50) any information or data necessary to respond to the failure that caused the need for that given unit (48) software. Thus, provided the block (48) the provision is taken from block dies (38) interface (50) application (46) through the base (36) multimedia (step 607), and interface (50) applies the above sequential procedure of interaction to actually execute the given block (48) providing (step 609). Thus, having provided the unit (48) and ensure data is entered, the receipt of which the user is necessary and/or appropriate application (46) and its interface (50) is actually trying to get any data or information which demand resulting from failure, from any source, whether it is local or remote (step 611). Of course, the level of user interaction will inevitably change depending on circumstances. For example, in some circumstances, it is sufficient to obtain the approval of the user before loading the data or information, especially if the download is free. However, if the card is installed, then, of course, you need to get authorised is the user to pay a fee, not to mention specific guidelines about how this cost to make.

Accordingly, if the refusal is based on the lack of a proper license (16), then get a license (16). If it is based on the absence of a current version of an item, you get the current version of the item, and if it is based on the inclusion in the composition channel receiver (32)configured to perform improper function, the user and/or application, among other things, set up the receiver (32) properly. Note that, of course, not all failures can eliminate the cause. For example, the user may not wish to obtain the required license (16), the current version of the item may not be available, or the receiver (32)may not be configured in a manner consistent with the unit dies (38). Of course, in this situation, the response is inconclusive, and the unit dies (38) refuses to allow the unit DIP (40) to perform the action that is requested.

However, suppose that the reason is actually disposable by obtaining the necessary data and information, then the application (46) sends such data or information base (36) multimedia (step 613), and base (36) media appropriately uses such data as necessary (step 615), for example, saving the license in the license store, installing the current version of the components of the enta, adjusting settings of the receiver (32) or in kind.

At the end of this interface (50) notifies the unit dies (38), (46) and/or user application (46) that the response caused the provided block (48) ensure completed, and, perhaps, that the response was successful or was unsuccessful (step 617). In addition, the possible case where a sequential procedure of interaction of the interface (50) includes a function of a periodic notification about the situation, and this feature provides periodic notification unit dies (38), applications (46) and/or user application (46) on the progress of the response, it is possible, so that none of the above did not suspend response and did not interrupt him. In this case, the interface (50) actually produces a periodic notification unit dies (38), applications (46) and/or user application (46) on the progress of the response in the process of its implementation (step 612).

Anyway, after the notification unit dies (38) that the response is completed, at step 617, the unit dies (38) again decides whether the block DIP (40)/receiver (32) to perform the action in which they were originally denied (step 619). If the unit dies (38) again refuses to allow to produce this effect, the unit dies (38) again allows you to produce content (12) in saxeseni the tract (39) media but instead, again, as in step 603, it may recognize that the grounds for refusal can be answered through specific block (48) used this unit dies (38) or included, and the unit dies (38), thus again provides specific unit (48) for the application (46) through the base (36) media, as in step 605.

However, assume that the power dies (38) actually now allows the unit DIP (40) to perform the requested action, then the unit dies (38) in this case can produce content (12) in the protected tract (39) media, and the block (34) the implementation of the policy informs the app (46), as in step 425, shown in Fig. 4. As should now be clear, the application (46) can in this case take action, giving the team the database (36) media to perform this action and the related actions as it was at step 427, shown in Fig. 4.

As should now be clear, the unit dies (38) uses the block (48) software, which is executed by the interface (50) application (46), and allows the unit dies (38) to get the user and/or application (46) to carry out the response for unit dies (38) when the unit dies (38) denies the action requested by the unit DIP (40). Although the unit dies (38), perhaps he could make the response itself, but according to the requirement of dobrosovestnoj practice, the user application should always participate in the response to failure, especially when the response requires that data or information have been received from a remote source, such as a network. In addition, in any case, there are situations when this part of the application user (46) is required.

CONCLUSION

The present invention can be implemented in any suitable source (30) and the receiver (32), provided that such source (30) and the receiver (32) have the appropriate block dies (38) and block DIP (40), respectively, through which can be achieved by communication with the base (36) media. Accordingly, the protected tract (39) media according to the present invention should be construed as covering any unit dies (38), a base (36) multimedia and block DIP (40), which can establish a secure path (39) media in an arbitrary manner in order to deliver content from a source (30) to the receiver (32).

Note that although the present invention is described mainly for the case of the receiver (32), which performs reproduction or playback, the receiver (32) may perform other actions, and it is not beyond the nature and scope of the present invention. Such other activities include, but not as a limitation, the content (12) separately is at a computing device (14), such as a personal computer, portable device, or similar means; a content transmission (12) in the portable storage device, a magnetic or optical disk, or similar means, the content transmission (12) in other protection schemes; export content (12) without any protection schemes, transfer or export the content (12) in another format, etc.

Generally, in this case, the protected tract (39) media created by the base (36) media can be used for playback or playback of the content (12), and to perform tasks such as creating, editing and distributing content (12). For example, the content of (12) could have a policy that allows or denies edit content (12) in certain ways. Thus, the protected tract (39) media could be used to decrypt the content (12), edit it and then re-encrypt, and all this in a way that pursues a policy corresponding to the content (12).

The programs necessary to implement the processes performed in connection with the present invention, a relatively simple and should be obvious to experts in the field of programming. Accordingly, such programs to this description are not included. In this case, for the implementation of the present invention can be COI is used any specific program, and it's not beyond the nature and scope of this invention.

From the above description it can be understood that the present invention provides a new and useful architecture and method that determine the protected tract (39) multimedia content (12) of any of a variety of sources (30), to be delivered in any of a number of receivers (32). Way in connection with this architecture defines the way in which this tract is established as credible and complies with the policy corresponding to the content (12).

It should be borne in mind that in the above described embodiments of the invention may be amended, and it is not beyond the scope of the invention in its concepts. It should be understood that this invention is not limited to the specific options described implementation, but it is understood that it covers modifications within the essence and scope of the present invention defined in the attached claims.

1. Computing device, having created it protected tract media for delivering content from at least one source to at least one receiver, and the protected tract multimedia, contains:

media Foundation, providing a secure environment in the computing device and includes General is nfrastructure key components engaged in the processing of content from any particular source and delivering the processed content in any particular receiver, but also includes block the implementation of policies on behalf of each source's compliance with the policy, the policy corresponds to the content of the source and includes the rules and requirements to access the content and play it back, the media Foundation provides secure passage of content via the computing device, and allows you to perform arbitrary processing protected content at the computing device;

block "Trusted authority source" (Deis, SOTA)associated with each content source and corresponding with each unit dies acts as a secure container, connecting the source with the media Foundation, and represents the source of the protected tract multimedia, decrypts the content from the source if necessary, and converts the policy associated with the content from a native format to a format readable block the implementation of policies, if necessary; and

block "Trusted authority of the receiver" (DIPR, SITA)associated with each receiver content and corresponding with each unit DIP acts as a secure container, connecting the receiver with the base is ultimedia, is the receiver in the protected tract multimedia, encrypts the content to be delivered to the receiver, if necessary, and converts the policy associated with the content, format block the implementation of the policy in a format readable by the receiver, if necessary, when the receiver receives the content and the appropriate policy, decrypts the received content if necessary, and reproduces the content based on the adopted policy.

2. Computing device according to claim 1, in which the media Foundation created the protected tract multimedia additionally includes at least one additional component that provides a computing device more secure functionality.

3. Computing device according to claim 1, additionally having installed therein a multimedia application, selects the content to be delivered, selecting each source to provide content via a secure path media choosing, if necessary, each receiver to receive content provided via a secure path media, activating media Foundation for the creation of a protected route media in accordance with each selected source and each of the selected receiver.

4. The computing device is about according to claim 3, in which a multimedia application gives the basis of the media team on the delivery to control the delivery of content from each selected source in each of the selected receiver.

5. Computing device according to claim 3, in which the media Foundation does not allow the multimedia application has access to the content delivered within the protected tract multimedia.

6. Computing device according to claim 3, in which the media Foundation does not allow a multimedia application made in respect of the content in any action contrary to the policy corresponding to this content.

7. Computing device according to claim 1, in which each unit dies created a protected route enables media to deliver their content via a secure path media only if the unit dies satisfied that media Foundation, it block the implementation of the policy used by each component and each receiver of the protected tract media is trustworthy and has a right to be in contact with the content, based on the policy corresponding to this content.

8. Computing device according to claim 7, in which any element can be considered credible based on the submission of an acceptable token to prove this element.

9. Computational us the device of claim 8, in which any element can be considered credible on the basis of the presentation of verifiable digital certificate from the appropriate certifying authority.

10. Computing device of claim 8, in which a credible element entrusted to decide whether he is to be in contact with the content, based on the policy corresponding to this content, and on the basis of whether this element is to comply with the policy corresponding to this content.

11. Computing device of claim 8, in which confidence is assumed that a credible element truthfully respond to rights-based requests from other elements.

12. The method of delivery of content from a source to a receiver via the computing device, and the method comprises the steps are:

the application on the computing device is accessing the media on a computing device, identifying a content source and the receiver.

media Foundation establishes a secure path media, based on these specific content, the source and the receiver, for the implementation of such delivery, the protected tract multimedia includes:

base media;

block "Trusted authority source" (Deis, SOTA)associated with the content source and the corresponding p is item unit dies acts as a secure container, connecting the source with the media Foundation, and represents the source of the protected tract multimedia, decrypts the content from the source if necessary, and converts the policy associated with the content from a native format to a format readable block the implementation of policies, if necessary; and

block "Trusted authority of the receiver" (DIPR, SITA)associated with the content receiver and the corresponding, and block DIPRacts as a secure container, connecting the receiver with the base media is the receiver in the protected tract multimedia, encrypts the content to be delivered to the receiver, if necessary, and converts the policy associated with the content, format block the implementation of the policy in a format readable by the receiver, if necessary, when the receiver receives the content and the appropriate policy, decrypts the received content if necessary, and reproduces the content based on the adopted policy;

the unit dies on behalf of the source sets the trust in respect of the protected tract multimedia;

the unit dies after the trust in respect of the protected tract multimedia installed, disseminates policy corresponding to the content, or for non-delivery, protected tract multimedia;

the unit dies defines a specific type of action that should be performed on the content when it is delivered via a secure path media;

the unit dies decides whether a specific type of action to be performed on the content when it is delivered via a secure path media, and informs the base media about this;

media Foundation informs the application about whether it might be done this particular type of action, and if it can, then the application proceeds to him, giving the basis of the media team on the implementation of this type of action.

13. The method according to item 12, in which the phase in which the media Foundation establishes a secure path media includes a step in which the media Foundation selects its key components, which are designed to handle the content and conduct of operations during its delivery via a secure path media, and key components provide the basis of the media key functionality.

14. The method according to item 13, in which the phase in which the media Foundation establishes a secure path media further comprises a stage on which media Foundation selects its additional components, which are designed to handle the content and conduct of transactions during egodolac secure path media moreover, additional components provide the basis multimedia additional functionality.

15. The method according to item 12, in which the phase in which the unit dies establishes trust in respect of the protected tract multimedia contains the stages on which:

the unit dies establishes trust in relation to block the implementation of the policy base media;

trusted block the implementation of the policy sets out the trust in relation to each other element of the protected tract of media, including block DEPR.

16. The method according to item 15, in which the stage at which establish the trust in respect of any element contains the stage at which accept submission of an acceptable token to prove this element.

17. The method according to clause 16, in which the stage at which establish the trust in respect of any element contains the stage at which accept the presentation of verifiable digital certificate from the appropriate certifying authority.

18. The method according to item 12, in which the phase in which the unit dies distributes policy corresponding to the content, or for non-delivery, protected tract multimedia, includes the steps are:

the unit dies distributes the policy to block the implementation of policies, included in base media;

block the implementation of the policy, if necessary, determines that the each element of the protected tract multimedia, including block DIPR meet the policy.

19. The method according to p, in which case the block the implementation of the policy determines that a particular item is protected tract media does not meet the policy unit policy implementation performs an action selected from the group consisting of a denial of such element in the access to content and prevent the delivery of content on the secure path of the media.

20. The method according to item 12, in which the phase in which the unit dies distributes policy corresponding to the content, or for non-delivery, protected tract multimedia, includes the steps are:

the unit dies distributes policies to block the implementation of policies, included in base media;

block the implementation of the policy provides policy propagation in block DIP in the protected tract multimedia; and block DIP as a trusted element of the protected tract multimedia, comply with such policy.

21. The method according to item 12, which contains the phase in which the unit dies determines at block DIPR specific type of action that should be performed on content delivered via a secure path media.

22. The method according to item 12, which contains the phase in which the unit dies decides whether this particular type of action to be performed on the Kona is entom on the basis of the respective policy.

23. The method according to item 12, optionally containing a stage, on which:

the unit dies obtains the content from the source encrypted, decrypts the encrypted content and delivers decrypted content based multimedia;

media Foundation processes the decrypted content as necessary, and delivers the processed content in block DIP; and block DIPR encrypts the processed content, and delivers the encrypted processed content to the receiver.



 

Same patents:

FIELD: information technologies.

SUBSTANCE: invention can be used in system of the forced performance of requirements which provides access possibility to the enciphered digital content on a computing mechanism only according to parametres the certain rights of the license got by the user of digital contents. The first confidential builder on the first computing mechanism carries out cryptographic, an estimate and the forced performance of requirements and forcedly contacts it, the first certificate of the user device corresponding to the first computing mechanism, forcedly contacts the user. Accordingly, the second confidential builder on the second computing mechanism carries out cryptographic processing, an estimate and the forced performance of requirements and forcedly contacts it, the second certificate of the user device corresponding to the second computing mechanism, also forcefully contacts the user. The first competent builder gains contents for reproduction on the first computing mechanism by means of the first certificate of the user device and the license, and the second confidential builder gains contents for reproduction on the second computing mechanism by means of the second certificate of the user device and the same license.

EFFECT: prevention of non-authorised duplication of digital content by the user related to the digital license and having of some computing mechanisms.

16 cl, 6 dwg

FIELD: physics, computer technology.

SUBSTANCE: invention concerns digital rights management system. (DRM) features multiple DRM servers with DRM functionality, and incoming server DRM-I is registered in the system by registration server DRM-R, so that incoming server DRM-I should be a trust server in this system. DRM-I server sends registration request to DRM-R server including representative identification data and public key (PU-E). DRM-R server checks validity of representative identification data, and if the request can be met, DRM-R server generates digital registration certificate by (PU-E) for DRM-I server for registration of DRM-I server in DRM system. Just registered DRM-I server with generated registration certificate can use it for delivery of documents with DRM in DRM system.

EFFECT: possible controlled reproduction or replay of arbitrary digital content forms in medium where documents are shared by a definite group of users.

74 cl, 17 dwg

FIELD: physics, computer technology.

SUBSTANCE: invention deals with data protection systems. Certificate-based encryptation mechanism failing to envisage the client source computer access to the whole of the certificate corresponding to the client target computer during encryptation of the e-message to be transferred to the client target computer. Instead the client source computer addresses the certificate server a request for but part of the certificate. The certificate part referred to contains encryptation information but may fail to include (completely or partly) the certificate self-checking information. The certificate server preferably carries out any check of the certificate authenticity before transfer of encryptation information to the client source computer which enables obviation of the need to specifically perform certificate authenticity check with the client source computer especially if the certificate server has been checked for trustworthiness with the client source computer.

EFFECT: reduction of amount of memory and processor resources used for certificate-based encryptation as well as minimisation of requirements to the width of band between certificate server and client source device.

36 cl, 8 dwg

FIELD: physics.

SUBSTANCE: invention is related to methods of usage data collection for television broadcast receivers. Method of usage data collection from broadcast receiver is suggested, whereat receiver is arranged to detect and save such usage data. Method involves representation (16, 18) of confidentiality policy to receiver that identifies not only the usage data subjected to collection, but also preset usage of such data. On receiver interactive or automatic determination (22) whether received policy of confidentiality is acceptable is carried out. If yes, receiver picks up (30) usage data identified in confidentiality policy from storage, and sends them (28) to sender of confidentiality policy.

EFFECT: increased confidentiality of usage of information about habits of users viewing.

15 cl, 3 dwg

FIELD: physics.

SUBSTANCE: invention is related to method for data recording for memory of portable terminal and to memory carrier. Method for recording data for memory of portable terminal contains a stage of reading, at which data is read that is saved on memory carrier of portable terminal; stage of data comparison, at which identifying data are compared, which are individual for user of portable terminal and read from memory carrier, with user registration data registered earlier, and a record command is brought to device of data reading/recording, only when data is approved; recording stage involving recording applied data required for portable terminal to memory carrier under the condition that at the stage of data comparison a record command is sent; stage of activation involving activation of portable terminal, to which memory carrier is connected. Memory carrier contains program, by means of which actions of the said method are enabled.

EFFECT: safety of saving data required for activation of portable telephone.

2 cl, 44 dwg

FIELD: information technology.

SUBSTANCE: registration page with the interface for user mandate input is available on the client system and the entered mandate is sent to the server. As a response to receipt of the user mandate, the server generates a unique session identifier for the client system. The server also receives a digital signature for the user mandate based on the current key in the memory of cyclically changed keys and unique session identifier. Then the server encrypts the digital signature and the user mandate based on the encryption key obtained from the current key and unique session identifier. The encrypted mandate being received with the client system, the keys from the memory of cyclically changed keys are used for checking validity of the mandate. With the user mandate not approved, the user is again transferred to the registration page.

EFFECT: provision of encrypted user mandate processing.

12 cl, 7 dwg

FIELD: information technology.

SUBSTANCE: publishing user is provided with the publication certificate from the DRM server, creates the content, ciphers it with the content key (CK), creates a rights mark for this content with open key of the DRM-server (PU-DRM), for generation (PU-DRM(CK)), restores (PU-ENTITY(PR-OLP)) from the publication certificate, applies secret key (PR-ENTITY) of the corresponding (PU-ENTITY) to the (PU-ENTITY(PR-OLP)) for obtaining (PR-OLP), sign the created rights mark using (PR-OLP), connects SRL and the publication certificate with encrypted content for creation a content package distributed to another user, that must connect with the DRM-server for obtaining a license with CK for playback of the content, creates the license data corresponding with the content package, with (CK), encrypted (PU-ENTITY) for generation of (PU-ENTITY(CK)), signs the license data using (PR-OLP) and attaches the publication certificate to the publication license.

EFFECT: possibility of the content publishing without initial receipt of permission from the server and license issuing for playback of the published content without permission from the server.

20 cl, 17 dwg

FIELD: technological processes.

SUBSTANCE: invention is related to the sphere of cryptographic devices and methods of checking electronic digital signature (EDS). In the method the secret key (SK) is formed, which includes three prime many-digit binary numbers ρ, q and γ. The open key (OK) is formed, which contains three many-digit binary numbers n, α and β, where n=Eρq+l, E - even number, α - number, which is related to index q by module n, and β - number, which is related to index γ by module q. Electronic document (ED) is accepted in the form of many-digit binary number H, electronic digital signature (EDS) Q is formed depending on values of SK, OK and many-digit binary number H, the first checking many-digit binary number A is formed depending on Q, intermediate many-digit binary number W is formed depending on OK and many-digit binary number H, the second checking many-digit binary number B is formed depending on W, and numbers A and B are compared. In case parameters of numbers A and B match, conclusion is drawn about authenticity of electronic digital signature.

EFFECT: reduces size of electronic digital signature without reduction of its resistance level.

8 cl

FIELD: technological processes.

SUBSTANCE: invention is related to the sphere of electrical communication, namely to the sphere of cryptographic devices and methods of electronic digital signature (EDS) check. In the method the secret key (SK) is formed, which includes three many-digit binary numbers (MDN) p, q and γ, where p, q are prime numbers and γ is composite number. The open key (OK) is formed in the form of two many-digit binary numbers n and α, where n = pq and α - number, which is related to index q by module n. Electronic document (ED) is accepted in the form of many-digit binary number H. Electronic digital signature (EDS) Q is formed depending on values of SK, OK and many-digit binary number H. The first checking many-digit binary number A is formed depending on Q. The intermediate many-digit binary number W is generated depending on OK and many-digit binary number H. The second checking many-digit binary number B is formed depending on W, and numbers A and B are compares. In case parameters of A and B numbers match, conclusion is drawn about authenticity of electronic digital signature.

EFFECT: reduces size of electronic digital signature without reduction of its resistance level.

10 cl, 6 ex

FIELD: digital rights control system.

SUBSTANCE: system contains first user device designed for query message setup and transfer, indicating transaction to be run in relation to digital content of at least one object of digital rights (OR), rights issuer aimed to receive query message from first user device, to identify transaction and to process this transaction and to provide access rights to digital content conjointly with server for second user device designed to receive information on stated access right concession. Receive of mentioned information by second user device on digital content access right concession is confirmation of execution of this right to second user device. Method describes operation of mentioned system.

EFFECT: ability of authorized user to transfer partially used or unused object of right to another user and return of OR.

49 cl, 15 dwg, 2 tbl

FIELD: physics, computer equipment.

SUBSTANCE: invention is related to the field of control of access to Internet sites. System and method are realised in personal computer, in which local buffer of scores, buffer updater, local interpreter of scores and list of blocking-permission are installed. Whenever user tries to obtain access to Internet site addressed with the help of determined unified resource locator ("URL"), system defines whether this URL refers to list of blocking-permission, and if so, accordingly permits or blocks access to site, to which URL refers. If no reference is available for this URL in list of blocking-permission, then invention receives category of content either form local buffer of scores or, if it is not available there, from service of scores. If content category may be viewed by person from this age group of user, as it is determined with the help of age group chart that presents cross references of age groups with categories permitted for viewing for every age group, local interpreter of scores permits access to Internet site, to which certain URL refers, otherwise access is not permitted.

EFFECT: improvement of protection against unauthorised access.

47 cl, 4 dwg

FIELD: physics.

SUBSTANCE: said utility invention relates to systems and a method of partial scrambling of a data flow. A method of partial scrambling of data flow (6) including packets (7) of a transport stream having an overhead (8) and payload (9) is proposed; payloads carrying coded data elements being mapped to sections of network adaptation layer (NAL) (15). The method involves: selection of transport stream packets (7) forming a subpattern of the said pattern, and scrambling of at least part of payloads (9) of each transport stream packet (7) in the subpattern, monitoring of payloads (9) of some of transport stream packets (7) in the pattern, for the presence of data (22) showing the boundary between two subsequent NAL sections (15), and, for selected NAL sections (15), inclusion in the subpattern of at least one of transport stream packets (7) carrying data forming part of selected NAL section (15); while the subpattern is included up to some maximum number of the transport stream packets following the first transport stream packet that carries data forming part of selected NAL section (15).

EFFECT: provision of scrambling of payloads of several transport stream packets selected and maintaining efficient content protection.

10 cl, 5 dwg

FIELD: method for protecting isolation of Ethernet network services, in particular, method for realization of virtual private network (VPN) on Layer 2 Ethernet, which is used by providers of telecommunication services for providing services of Ethernet network.

SUBSTANCE: method for protective isolation of service in Ethernet network is claimed for fulfilling the need of providers of telecommunication services in creation of second virtual private network of Ethernet services, where firstly client identifier is distributed for physical port, used for connecting client service; a service received in physical port is marked by client identifier; after procedure of commutation and routing of service it is determined whether the client identifier in the service coincides with identifier of client in the port, if loading of service from specific physical port is concerned, and only after that appropriate service may be loaded.

EFFECT: solution of problem of limited usage of virtual local network (VLAN) for Ethernet network within limits of one enterprise, solution of problem of protective isolation when providing services of Ethernet/VLAN network to large number of enterprises, and provision of method for realization of VPN technology on Layer 2 Ethernet, and also provision of full virtual bridge for providing transparent data transmission.

13 cl, 2 dwg

FIELD: computer networks.

SUBSTANCE: invention claims access point device, engineered with possible receipt of data packets from one or more client devices and transmission thereof through network of arbitrary degree of localization, where access point device is made with possible response from the name of network device.

EFFECT: improved control and monitoring of access and network usage.

6 cl, 2 dwg

FIELD: device and method for data retranslation.

SUBSTANCE: data retranslation device for encoding input data and transferring encoded data to a predetermined device includes an input data processing block for receiving input data, encoding input data in a format fitting for predetermined device, and encoding input data with usage of common key, used in combination with predetermined device, and also data transfer protection block, which receives encoded data from input data processing block via a predetermined bus and retranslates received data to predetermined device. Also, a common key is generated in data transfer protection block and is transferred to input data processing block via a predetermined bus.

EFFECT: possible realization of simultaneous protection of data transfer line and internal protection without increase in complexity and costs of development.

4 cl, 5 dwg

FIELD: electric communications engineering.

SUBSTANCE: result is achieved due to increased trustworthiness of detection of computer attacks by expanding sign space of protection system, which is performed by finding fragmented packets, incoming into computer network from communication channel and analysis of their parameters.

EFFECT: increased resistance of functioning of computer networks under conditions of unauthorized actions.

7 dwg, 1 app

FIELD: computer networks engineering.

SUBSTANCE: access point device is made with possible receipt of data packets from one or more client devices and possible transmission of these along network of undefined localization level. Access point device contains a protection device, made with possible configuration of client data packets, to direct them only to one or several allowed devices of network of undefined localization level regardless of original destination of data packets.

EFFECT: improved control and monitoring of access to and usage of network.

8 cl, 2 dwg

FIELD: technology for distributing copyright-protected content via networks.

SUBSTANCE: in method, signs, determining level of copyright control, are packed together with content, to which these are related, in form of datagram for transfer via network. Dependently on copyright control level, determined by appropriate signs, terminal, receiving content, is limited in operations possible to perform over content, including saving, reading and transferring of content.

EFFECT: protection of content from unauthorized copying and distribution via network.

6 cl, 7 dwg

The invention relates to a device for providing services, such as telephony, data transmission containing terminal block and block access when this terminal block includes means (PINt) identification of the terminal block, which is stored in the terminal block, and the block access contains means (MMIA) identification access code form or its equivalent, with terminal block and block access blocked

FIELD: information technologies.

SUBSTANCE: in the method, the index file includes the sequence of access points in the form of the information blocks allocated from the file, and designates structures of layers of the file and the folder according to the layer, specifying in other access points, the access point in a folder designates the files belonging to the folder, according to the registration specifying in other points of an input, and designates, whether is the corresponding folder a virtual folder. Thus carry out search of the access points in an index file according to the search condition, the established user for choice of the file registered in the index file, and define, whether this condition is identical to result of the search executed in the past, and whether, this result is accessible to transition to a stage of record finding in the access point for results of search.

EFFECT: simplification of processing of search thanks to the written down results of search at searching of the necessary information.

4 cl, 8 dwg

FIELD: information technologies.

SUBSTANCE: device contains group of input registers, group of output registers, the block of allocation of the maximum number, two groups of delay devices, group of subtract units, group of adders, group squaring devices, the block of taking the square root, group of switchboards, group of indication blocks, generator of clock impulses, distributor of impulses, group of elements OR, S groups of registers.

EFFECT: increase of accuracy of estimation and comparing of functioning efficiency of the same organisations.

3 dwg

Up!