WO2003065630A2 - Apparatus and method for preventing digital media piracy - Google Patents

Apparatus and method for preventing digital media piracy Download PDF

Info

Publication number
WO2003065630A2
WO2003065630A2 PCT/SG2002/000234 SG0200234W WO03065630A2 WO 2003065630 A2 WO2003065630 A2 WO 2003065630A2 SG 0200234 W SG0200234 W SG 0200234W WO 03065630 A2 WO03065630 A2 WO 03065630A2
Authority
WO
WIPO (PCT)
Prior art keywords
client device
digital media
media content
configuration data
playback
Prior art date
Application number
PCT/SG2002/000234
Other languages
French (fr)
Other versions
WO2003065630A3 (en
Inventor
Andrej Simec
Kristie Jones
Stephen Hogben
Derek Miller
Original Assignee
Anytime Pte. Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anytime Pte. Ltd. filed Critical Anytime Pte. Ltd.
Priority to KR10-2004-7011716A priority Critical patent/KR20040077905A/en
Publication of WO2003065630A2 publication Critical patent/WO2003065630A2/en
Publication of WO2003065630A3 publication Critical patent/WO2003065630A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/16Fillings or auxiliary members in containers or encapsulations, e.g. centering rings
    • H01L23/18Fillings characterised by the material, its physical or chemical properties, or its arrangement within the complete device
    • H01L23/24Fillings characterised by the material, its physical or chemical properties, or its arrangement within the complete device solid or gel at the normal operating temperature of the device
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/28Encapsulations, e.g. encapsulating layers, coatings, e.g. for protection
    • H01L23/31Encapsulations, e.g. encapsulating layers, coatings, e.g. for protection characterised by the arrangement or shape
    • H01L23/3107Encapsulations, e.g. encapsulating layers, coatings, e.g. for protection characterised by the arrangement or shape the device being completely enclosed
    • H01L23/3114Encapsulations, e.g. encapsulating layers, coatings, e.g. for protection characterised by the arrangement or shape the device being completely enclosed the device being a chip scale package, e.g. CSP
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/34Arrangements for cooling, heating, ventilating or temperature compensation ; Temperature sensing arrangements
    • H01L23/36Selection of materials, or shaping, to facilitate cooling or heating, e.g. heatsinks
    • H01L23/367Cooling facilitated by shape of device
    • H01L23/3675Cooling facilitated by shape of device characterised by the shape of the housing
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/34Arrangements for cooling, heating, ventilating or temperature compensation ; Temperature sensing arrangements
    • H01L23/42Fillings or auxiliary members in containers or encapsulations selected or arranged to facilitate heating or cooling
    • H01L23/433Auxiliary members in containers characterised by their shape, e.g. pistons
    • H01L23/4334Auxiliary members in encapsulations
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/552Protection against radiation, e.g. light or electromagnetic waves
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/58Structural electrical arrangements for semiconductor devices not otherwise provided for, e.g. in combination with batteries
    • H01L23/64Impedance arrangements
    • H01L23/645Inductive arrangements
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L24/00Arrangements for connecting or disconnecting semiconductor or solid-state bodies; Methods or apparatus related thereto
    • H01L24/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L24/50Tape automated bonding [TAB] connectors, i.e. film carriers; Manufacturing methods related thereto
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L24/00Arrangements for connecting or disconnecting semiconductor or solid-state bodies; Methods or apparatus related thereto
    • H01L24/80Methods for connecting semiconductor or other solid state bodies using means for bonding being attached to, or being formed on, the surface to be connected
    • H01L24/86Methods for connecting semiconductor or other solid state bodies using means for bonding being attached to, or being formed on, the surface to be connected using tape automated bonding [TAB]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L25/00Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof
    • H01L25/03Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes
    • H01L25/04Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes the devices not having separate containers
    • H01L25/065Assemblies consisting of a plurality of individual semiconductor or other solid state devices ; Multistep manufacturing processes thereof all the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/00, or in a single subclass of H10K, H10N, e.g. assemblies of rectifier diodes the devices not having separate containers the devices being of a type provided for in group H01L27/00
    • H01L25/0657Stacked arrangements of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2223/00Details relating to semiconductor or other solid state devices covered by the group H01L23/00
    • H01L2223/58Structural electrical arrangements for semiconductor devices not otherwise provided for
    • H01L2223/64Impedance arrangements
    • H01L2223/66High-frequency adaptations
    • H01L2223/6605High-frequency electrical connections
    • H01L2223/6611Wire connections
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2224/00Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
    • H01L2224/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L2224/10Bump connectors; Manufacturing methods related thereto
    • H01L2224/15Structure, shape, material or disposition of the bump connectors after the connecting process
    • H01L2224/16Structure, shape, material or disposition of the bump connectors after the connecting process of an individual bump connector
    • H01L2224/161Disposition
    • H01L2224/16135Disposition the bump connector connecting between different semiconductor or solid-state bodies, i.e. chip-to-chip
    • H01L2224/16145Disposition the bump connector connecting between different semiconductor or solid-state bodies, i.e. chip-to-chip the bodies being stacked
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2224/00Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
    • H01L2224/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L2224/42Wire connectors; Manufacturing methods related thereto
    • H01L2224/47Structure, shape, material or disposition of the wire connectors after the connecting process
    • H01L2224/48Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
    • H01L2224/4805Shape
    • H01L2224/4809Loop shape
    • H01L2224/48091Arched
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2225/00Details relating to assemblies covered by the group H01L25/00 but not provided for in its subgroups
    • H01L2225/03All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00
    • H01L2225/04All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers
    • H01L2225/065All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers the devices being of a type provided for in group H01L27/00
    • H01L2225/06503Stacked arrangements of devices
    • H01L2225/0651Wire or wire-like electrical connections from device to substrate
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2225/00Details relating to assemblies covered by the group H01L25/00 but not provided for in its subgroups
    • H01L2225/03All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00
    • H01L2225/04All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers
    • H01L2225/065All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers the devices being of a type provided for in group H01L27/00
    • H01L2225/06503Stacked arrangements of devices
    • H01L2225/06513Bump or bump-like direct electrical connections between devices, e.g. flip-chip connection, solder bumps
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2225/00Details relating to assemblies covered by the group H01L25/00 but not provided for in its subgroups
    • H01L2225/03All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00
    • H01L2225/04All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers
    • H01L2225/065All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers the devices being of a type provided for in group H01L27/00
    • H01L2225/06503Stacked arrangements of devices
    • H01L2225/06527Special adaptation of electrical connections, e.g. rewiring, engineering changes, pressure contacts, layout
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2225/00Details relating to assemblies covered by the group H01L25/00 but not provided for in its subgroups
    • H01L2225/03All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00
    • H01L2225/04All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers
    • H01L2225/065All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers the devices being of a type provided for in group H01L27/00
    • H01L2225/06503Stacked arrangements of devices
    • H01L2225/06579TAB carriers; beam leads
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2225/00Details relating to assemblies covered by the group H01L25/00 but not provided for in its subgroups
    • H01L2225/03All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00
    • H01L2225/04All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers
    • H01L2225/065All the devices being of a type provided for in the same subgroup of groups H01L27/00 - H01L33/648 and H10K99/00 the devices not having separate containers the devices being of a type provided for in group H01L27/00
    • H01L2225/06503Stacked arrangements of devices
    • H01L2225/06582Housing for the assembly, e.g. chip scale package [CSP]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L24/00Arrangements for connecting or disconnecting semiconductor or solid-state bodies; Methods or apparatus related thereto
    • H01L24/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L24/42Wire connectors; Manufacturing methods related thereto
    • H01L24/47Structure, shape, material or disposition of the wire connectors after the connecting process
    • H01L24/48Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01005Boron [B]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01006Carbon [C]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01013Aluminum [Al]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01023Vanadium [V]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01027Cobalt [Co]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01029Copper [Cu]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01033Arsenic [As]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01047Silver [Ag]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01075Rhenium [Re]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01078Platinum [Pt]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01082Lead [Pb]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/013Alloys
    • H01L2924/0132Binary Alloys
    • H01L2924/01322Eutectic Alloys, i.e. obtained by a liquid transforming into two solid phases
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/013Alloys
    • H01L2924/014Solder alloys
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/10Details of semiconductor or other solid state devices to be connected
    • H01L2924/102Material of the semiconductor or solid state bodies
    • H01L2924/1025Semiconducting materials
    • H01L2924/10251Elemental semiconductors, i.e. Group IV
    • H01L2924/10253Silicon [Si]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/10Details of semiconductor or other solid state devices to be connected
    • H01L2924/11Device type
    • H01L2924/12Passive devices, e.g. 2 terminal devices
    • H01L2924/1204Optical Diode
    • H01L2924/12042LASER
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/15Details of package parts other than the semiconductor or other solid state devices to be connected
    • H01L2924/161Cap
    • H01L2924/1615Shape
    • H01L2924/16152Cap comprising a cavity for hosting the device, e.g. U-shaped cap
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/19Details of hybrid assemblies other than the semiconductor or other solid state devices to be connected
    • H01L2924/1901Structure
    • H01L2924/1904Component type
    • H01L2924/19041Component type being a capacitor
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/19Details of hybrid assemblies other than the semiconductor or other solid state devices to be connected
    • H01L2924/1901Structure
    • H01L2924/1904Component type
    • H01L2924/19042Component type being an inductor
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/19Details of hybrid assemblies other than the semiconductor or other solid state devices to be connected
    • H01L2924/1901Structure
    • H01L2924/1904Component type
    • H01L2924/19043Component type being a resistor
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/30105Capacitance
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/30107Inductance
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/3011Impedance
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/3025Electromagnetic shielding

Definitions

  • Embodiments of the present invention claim priority from U.S. provisional patent application Serial No. 60/353,076 filed January 29, 2002.
  • the present invention is directed to a digital media piracy threat response system that protects digital media from unauthorized reproduction.
  • This present invention is directed to preventing illegal or unauthorized copying of information and other media content or services provided over a network (either public network, such as the Internet, or privately owned, such as a LAN).
  • a network either public network, such as the Internet, or privately owned, such as a LAN.
  • the digital media are stored on a server and a client-resident media viewer is used to receive and display audio/video frames as they are "streamed" across a network from the server, without storing the media on the client.
  • the digital media are stored on a server and copied across a network to a storage device on the client for subsequent playback via a client-resident media viewer.
  • DRM Digital Rights Management
  • digital media files are encrypted using a private key known only to the rights-holder or its authorized distributor.
  • the digital media are delivered to the client and decrypted using a public key exchanged between the server and the client upon successful user authentication and authorization.
  • Authentication/authorization is usually accompanied via some form of payment to the rights holder or distributor. This is usually sufficient to protect against unauthorized viewing of digital media files.
  • DRM-only or similar type encryption/watermark
  • the client-side viewer In displaying the media, the client-side viewer first decrypts and then decodes the media (converts the media from digital to analog format) for presentation on analog devices. The result is a series of video frames presented to the user. DRM does not protect against copying the decoded video frames. In essence, once the content is decrypted and decoded, it is unprotected and available to be copied in digital or analog form.
  • FIG. 1 is a graphical illustration of a hypothetical digital path from the streaming computer to the final product of encoded Video-CD (VCD). As Figure 1 shows, digital 3/065630
  • VCD 14 VCD 14
  • the uncompressed frame is presented to the viewer via a PC 20.
  • a PC 20 This is in most cases via a 15 pin D-Shell cable plugged into the back of a computer and that cable connects to the computer monitor.
  • a common scan converter 21 is all that is required to take the signal bound for the monitor and turn it into a signal capable of being displayed on a television screen 23, projector 22, or a recording device such as a camcorder 24 or a video recorder 25.
  • the output from the scan converter 21 can vary depending on the quality (usually directly related to price). Most offer S-Video output or even a component output, an excellent reproduction quality for analog recording. While most high-end PCs have a graphic card that is capable of presenting a TV-compatible signal, the quality is presently inferior to that achieved through a scan converter.
  • VCD videotape. From there it is a small step to re-encode the movie via a computer 26 to be used as a master for a VCD 27, and then a CD-ROM burner for the small-scale pirate - or a CD Stamper for larger scale operations.
  • the VCD has enjoyed wide popularity and is a widely accepted format within the Asian market, so much so that most DVD players now on the market play back VCD movies.
  • the present invention is directed to a digital verification and protection (“DVP") system that intelligently prevents digital media piracy through methods of threat response, and mitigates the need for the post-breach forensic diagnostic process common in many traditional digital media protection systems.
  • DVP digital verification and protection
  • the preferred embodiments of the present invention aids in protection against the unauthorized copying of digital media that are delivered to personal computers (PC) or to television sets via set-top boxes (STB).
  • PC personal computers
  • STB set-top boxes
  • the invention protects against piracy in both streaming and downloaded digital media.
  • the preferred embodiments of the present invention among other features,: a) Positively identifies a known piece of equipment, device, or software, and searches for digital or analog outputs or its equivalents; b) Permits digital media playback only to viewing or downloading equipment of devices of known and approved configurations; and c) Identifies equipment configuration changes in real-time and determine if such changes constitute a breach of security.
  • a consumer who wishes to view or use digital content must gain permission before it may access or display digital media (notwithstanding the fact that the digital media may or may not be additionally protected with conventional anti-piracy measures such as DRM).
  • a consumer may gain permission 03/065630
  • the consumer's hardware and software configuration or setup do not pose as threats (i.e., cannot be used to reproduce the digital content without authorization).
  • the delivery of digital content is automatically stopped and must regain permission to the digital media.
  • the database is used to determine if a particular device configuration poses a threat to the digital media that have been requested. For example, if a digital recording device is attached to the user's PC, then the present invention may be programmed to determine that a threat exists, and the request for digital media is denied. In the case an unknown configuration is detected, the database is updated, and a threat examination process is preferably carried out that result in an expansion of the system's ability to accurately detect and respond to potential threats.
  • One advantage of the present invention is security of protected information, copyright information, and media services. Specifically, the present invention ensures that information is only sent to and can be accessed only by parties whose configuration and setup are approved by the owner of the digital content to be delivered. Furthermore, this system ensures that media may only be presented on devices approved by the asset owner. This system prevents the unauthorized copying or reproduction of information displayed on an individual's PC or media display devices such as a television.
  • the present invention is widely applicable to any other system in which digital media content is delivered from one party to another.
  • the invention may be employed in any application in which digital media are delivered to personal computers ("PC"), set top boxes ("STB"), or similar devices, in which there is an interest on the part of the rights-holder or owner to protect the digital media from unauthorized reproduction or usage.
  • PC personal computers
  • STB set top boxes
  • a system in accordance with the present invention may be employed regardless of the means by which the digital media are delivered to the client device, and can be employed as .an additional layer of digital media protection scheme beyond conventional protection systems against piracy.
  • Figure 1 is an illustration of a possible path for digital content from a computer to encoded VCD
  • Figure 2 is an illustration of a possible recording or reproduction scheme using digital-to-analog converting devices
  • FIG. 3 is an illustration of the architecture of a digital verification and protection (“DVP”) system in accordance with the preferred embodiment of the present invention
  • FIG. 4 is an illustration of the operating characteristics of a DVP system in accordance with the preferred embodiment of the present invention.
  • FIG. 5 is another illustration of the operating characteristics of a DVP system in accordance with the preferred embodiment of the present invention.
  • Figure 6 is yet another illustration of the operating characteristics of a DVP system in accordance with the preferred embodiment of the present invention
  • Figure 7 is an illustration of the architecture of the DVP system in accordance with an alternative embodiment of the present invention
  • FIG. 8 is an illustration of the architecture of the DVP system in accordance with another alternative embodiment of the present invention.
  • FIG. 9 is an illustration of a specific implementation of the DVP system in accordance with the preferred embodiment of the present invention.
  • FIG. 10 is an illustration of another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention. 3/065630
  • FIG. 11 is an illustration of another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention.
  • Figure 12 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention
  • Figure 13 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention.
  • FIG. 14 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention.
  • FIG. 15 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention.
  • FIG. 16 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention.
  • FIG 17 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention
  • Figure 18 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention.
  • Figure 19 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention. 03/065630
  • the present invention is directed to an apparatus and method for protecting digital content from being pirated or otherwise reproduced without authorization.
  • a DVP system in accordance with the preferred embodiments of the present invention make a risk decision based on the examination of a user's viewing equipment configuration at the beginning of streaming each digital content, such as a movie. Specifically, if the DVP system detects that the user's download or viewing equipment configuration includes a recording device, such as an active plug-in recording device on a computer or a VCR connected to a set top box, then the DVP may be directed to deny delivery of the digital content to the user. Additionally, the DVP system can be used to monitor the users equipment configuration during the entire download or viewing session, and can interrupt or stop the delivery of digital content if there is any change to the users equipment such as an addition of a recording device to the equipment configuration or setup.
  • a recording device such as an active plug-in recording device on a computer or a VCR connected to a set top box
  • the DVP system uses heuristic algorithms to recognize a potential threat. The process begins when a client device first attempts to access digital media. At that time, DVP registers the client device's relevant hardware and software profile. In constructing this profile, the system searches for certain device and software "fingerprints" that are known to provide information necessary to make a threat determination. Having captured and registered a client device profile when the device is first encountered, the DVP system improves threat determination performance by comparing that client device's profile with the registered profile on subsequent occasions. The system then only goes through a full threat determination process when the current and registered profiles are different in some way. This provides an optimal user experience, without sacrificing security in a significant manner.
  • FIG. 3 illustrates a DVP system architecture in accordance with the preferred embodiment of the present invention.
  • the DVP system in accordance with the preferred embodiment includes a media server 35, which stores digital media content (either in encrypted or unencrypted form).
  • the DVP system in accordance with the preferred embodiment also includes a client device 30, which includes either a personal computer ("PC"), a set top box (“STB”), and any other device used to display digital media.
  • a typical client device may include a television and a set top box.
  • Another typical client device may include a personal computer and a display monitor.
  • the DVP system in accordance with the preferred embodiment also includes: a media viewer 32, which may be any device for causing the display of digital content (such as a set top box), including any device that converts digital signals into analog signals for presentation; an application server 33, which coordinates download or viewing requests from the client to the server/distributor, a stream release criteria server (“SRC”) 37, which stores device configurations or setups that are determined to be acceptable configurations or setups for receiving the digital content to be delivered; a threat repository server (“TRS”) 38, which stores questionable or unknown device configurations, and preferably logs the usage of such configurations; a configuration verification server (“CVS”) 34, which mediates requests for media viewing; a configuration verification client (“CVC”) 31, which determines the device configuration or setup of an user, and provides the information to the CVS; and a digital rights management server (“DRM”) 36, which authorizes requests for encrypted media and provides a decryption key.
  • a media viewer 32 which may be any device for causing the display of digital content
  • FIG. 4 illustrates a typical operation schematic of a DVP system in accordance with the preferred embodiment of the present invention.
  • a consumer using the client device 30, first requests permission from the content provider to access digital media, the request being routed through the CVC 31 that preferably resides within the client device or otherwise has access to the client device 30.
  • the CVC 31 obtains configuration or setup information from the client device 30, and forwards or causes the information to be forwarded to CVS 34 for examination and approval.
  • the CVS 34 retrieves or looks up from the SRC 37 a list of acceptable and unacceptable configuration(s) or setup(s) that have been pre-approved with a predetermined approval criteria.
  • the CVS 34 Upon receiving the list of acceptable/unacceptable configuration or setups, the CVS 34 compares the client device 30 configuration or setup against the retrieved or looked-up list of acceptable configuration(s) or setup(s). In the case that the CVS 34 determines the client device 30 configuration or setup is acceptable, then the CVS 34 notifies the CVC 31 that the request for digital content has been approved. Once the CVC 31 receives a notice from the CVS 34 that the user is authorized to view the requested digital content, then the CVC 31 notifies the client device 30 that the request has been approved. Thereafter, the media viewer 32 requests the digital content from the media server 35, which then delivers the digital content to the media viewer 32. It should be noted that, in detecting the client device 30 configuration, the CVC
  • the DVP system in accordance with the preferred embodiment preferably can detect Trojan software and rogue software processes through checking the "DLL Signature" of each process that is running. This is a bit like DNA testing. For example a piece of ripping software is characterized by the way it uses DLLs and other processes. Just renaming it as something else (like Word or Outlook) doesn't deceive DVP because it recognizes that the DLL signature of this process that claims to be Outlook or Word resembles apiece of ripping software, not Outlook or Word.
  • the digital content can be delivered to the media viewer 32 in encrypted form, after which the media viewer 32 must request a license or authorization from the DRM 36, which may determine at that time whether to grant authorization and deliver to the client device 30 the appropriate decryption key or other similar access means to view the delivered digital content.
  • the CVS 34 determines that the client device configuration or setup is not acceptable, then the CVS 34 notifies the CVC 31 that the request for digital content is denied.
  • the CVC 31 in turn notifies the user, preferably via the media viewer 32, that the request for digital content is denied.
  • the DVP system can also display messages to the user explaining the reasons why the request for digital content was denied, such as pointing out a particular device or software connected to the client device that may pose as a threat to digital piracy.
  • Figure 6 illustrates the operation of the DVP system of the present invention in the event that the CVS 34 encounters an unknown client device configuration or setup.
  • the CVS 34 sends the detected questionable client device configuration to the TRS 38 for update of database on unknown client device configurations, the data being able to be later (or concurrently) used by content providers to analyze for its threat to digital piracy.
  • the CVS 34 retrieves from the SRC 37 a list of potential threat responses that may be taken in response to the unknown client device configuration detected, such response options being preferably based upon the digital content requested and the geographical location of the requesting client device.
  • the potential threat response to an unknown user client device configuration can be simply a denial of digital 03/065630
  • the CVS 34 preferably notifies the TRS 38 of such result, and the CVC 31 and media viewer 32 are preferably notified of the request being granted.
  • the CVS 34 preferably notifies the TRS 38 of such result, and the CVC 31 and media viewer 32 are preferably notified of the request being denied.
  • the CVS 34 preferably logs such result with the TRS 38, and requests the TRS to check the expiration condition, or continuation condition, of the digital content delivery.
  • the condition for continuing digital content delivery is preferably related to the user via the client device 30, and the CVS 34 then preferably checks the status of the temporary condition from time to time to determine whether the conditions for continuing the digital content delivery is being met. If the required conditions are not met, then the digital content delivery is ceased, with the user being notified of the same.
  • the form of temporary permission may vary. For example, one possible client device configuration or user profile may dictate that the temporary permission be extended for 30 days, while another may allow 10 approved separate access to the requested digital content.
  • Non-threatening Configuration is known to the SRC 37 and no threat is detected
  • Threatening Configuration is known to the SRC 37 as a threat
  • threat determination is variable based on a number of factors, including media owner, geographic region, and so on.
  • the system takes into account all threat determination factors before determining if the condition is non-threatening, threatening, or unknown.
  • Figure 5 illustrates the operations of the DVP system in accordance with the present invention in the event that new hardware or software are introduced to the client device 30 during the download or delivery of digital content to the user.
  • the CVC 31 detects a configuration change in the client device 30, when the CVC 31 preferably directs the media viewer 32 to halt the delivery of digital content. Additionally, the CVC 31 forwards the updated client device configuration to the CVS 34, which then compares the updated client device 30 configuration to that of the retrieved list of acceptable/unacceptable configuration or setup from the SRC 37.
  • the CVC 31 is directed to cause the digital content delivery to terminate, and to cause the client device to notify the user of such action by the DVP system. If the CVS 34 determines the updated client device 30 configuration is acceptable, then the CVC 31 is directed to cause the digital content delivery to resume. If the CVS 34 determines that the updated client device 30 configuration is unknown, then the process described in Figure 6 will take place.
  • the DVP system in accordance with the present invention evolves and becomes more intelligent in its threat determination.
  • the DVP system may learns of additional threats in a variety of ways. In particular, when the system reports an unknown configuration to the TRS 38, a human expert in threat determination may analyze the configuration and informs the system of the results through an administrative interface. Once this determination has been made, the DVP system "understands" the configuration and is able to make an automatic threat determination in the case that a similar configuration is identified again.
  • the system is able to automatically perform threat determination on such configurations.
  • different content owners may have varying opinions regarding acceptable client device configurations. For example, one content provider may require that their content be played only on devices that do not have video adapters with S-Video connectors, while another may have no such restriction. Further, it may be that the same media owner has different concerns regarding specific types of media (e.g., first-run movies), or may have different concerns based on geographic area. In anticipation of such circumstances, the system allows for varying threat profiles per media owner, per media item, and per geographic area.
  • the DVP system of the present invention can be configured to adapt as new threat profiles are introduced. For example, in the future a content provider may perceive that a certain networking protocol poses a threat. In this circumstance, the DVP system is adapted to detect such network protocol and further protect that media owner's content according to the updated threat profile.
  • the CVC 31 be it either hardware or software, is somehow tampered, disabled, or malfunctioning, either due to actions by the user or otherwise, then all digital content delivery request is preferably denied until the CVC operates correctly again.
  • FIG. 7 illustrates a DVP system in accordance with an alternative embodiment of the present invention. As shown, the CVS 34, SRC 37, and TRS 38 are all contained within the DVP server 70. Figure 8 illustrates another alternative embodiment of the present invention whereby the media server 35 and DRM 36 are contained within the application server 33.
  • the present invention may also be used to specify minimum client device requirements for receiving certain digital content. For instance, some media owners may require that a client device must meet certain minimum specifications in terms of hardware, operating system, software, and so on. Often, such requirements stem from a concern over media playback quality. For instance, a media owner may believe that devices will present their media with insufficient quality unless the devices have a CPU above some certain performance specification or have a particular graphics processing capability. In another example, the digital content provider may require that the client device be equipped with certain parental control measures before delivering digital content of adult nature.
  • the core of present invention the ability to determine a client device configuration and compare that configuration to acceptable configurations, is ideally suited to ensure that a device meets minimum specifications. In essence, some may view devices not meeting such minimum specifications as a threat to quality rather than security.
  • the present invention is applicable not only to streaming and downloaded digital video, but also to digital audio.
  • the invention is easily implemented to protect against digital music piracy.
  • FIG 9 shows a specific implementation of a DVP system in accordance with the preferred embodiment of the present invention.
  • the client device is a PC or set-top box 90 running Microsoft Windows operating system, and the consumer uses the Internet Explorer web browser to access a host web site that lists available digital content.
  • the CVC is an ActiveX control embedded in a web page, interacting with the client device through the Microsoft WMI (Windows Management Instrumentation) interface.
  • the media viewer is Windows Media Player
  • the DRM server is Microsoft Media Rights Manager.
  • the Application Server is a Microsoft IIS Web Server, and the CVS runs under IIS as a web service.
  • the CVC and CVS communicate securely via SOAP (Simple Object Access Protocol).
  • SOAP Simple Object Access Protocol
  • TRS and SRC are a Microsoft SQL Server 2000 database, under control of the CVS.
  • the equivalent of a CVC 31 is the CV Control.dll 109
  • the equivalent application server 33 is the DVP web server 108
  • the CVS 34 equivalent is the CVServices 106
  • the TRS 38 and SRC 37 equivalent is the ThreatDB 104.
  • Figure 10 is another illustration of a specific implementation of certain aspects of the preferred embodiment of the present invention. Specifically, Figure 10 illustrates a sequence diagram depicting the sequence of events that occur upon downloading the CVC as software to a user's computer.
  • Figure 11 is yet another illustration of a specific implementation of certain aspects of the preferred embodiment of the present invention. Specifically, Figure 11 illustrates a sequence diagram depicting the sequence of events that occur when a host web site visitor elects to request and view the digital content.
  • Figure 12 is yet another illustration of a specific implementation of certain aspects of the preferred embodiment of the present invention. Specifically, Figure 12 illustrates a sequence diagram depicting the sequence of events that occur when a user starts a new process or connects a new device to the client device while viewing or using the digital content being delivered.
  • Figure 13 illustrates a sequence diagram illustrating the basic web service security protocol.
  • a client requests some random data from the server, encrypts this data, and sends this data back to the server as a parameter with the business call.
  • the server encrypts the data that it gave the client, compares the encrypted data returned by the client, and if the data matches, the server performs the actual business call.
  • the password used to encrypt the data on both sides is exchanged out-of-band.
  • the encrypted data is returned to the server in a base-64 encoded form so that it can be transported using a SOAP (Simple Object Access Protocol) string.
  • SOAP Simple Object Access Protocol
  • Figure 14 is an entity-relationship diagram depicting a specific implementation of the data scheme of the CVS 34 in accordance with the preferred embodiment of the present invention. It is important to note that Figure 14 is merely illustrative and that many alternative database scheme may be implemented in accordance with the preferred embodiment of the present invention.
  • Figure 15 illustrates a packaging diagram depicting the typical system entities that may be used directly or indirectly by the CVC 31 in accordance with the preferred embodiment of the present invention .
  • Figure 16 illustrates what can be publicly visible properties and methods of the
  • FIG. 17 illustrates a class diagram showing the methods used by CVS 34 to carry out its functions in accordance with the preferred embodiment of the present invention.
  • Figure 18 shows an integration class diagram whereby a Java Script framework method that may be created by a web site host to integrate with the CVC 31 in accordance with the preferred embodiment of the present invention.
  • FIG 19 illustrates an encryption diagram depicting the functionality exposed by the SNEncrypt.dll, which provides the SOAP challenge-Response security mechanism that may be used between the CVC 31 and the CVS 34 in accordance with the preferred embodiment of the present invention.

Abstract

The present invention is directed to a digital verification and protection ('DVP') system that can be implemented to protect against piracy or unauthorized reproduction of digital content that is delivered from a content provider (35) to an end user of the content (30). Specifically, the preferred embodiments of the present invention detects the configuration or setup (41) of the viewing or downloading equipment of the end user to determine whether the detected configuration or setup, including hardware and/or software setup, may be used by the end user to copy or pirate the digital content to be delivered to the end user. Additionally, the present invention may be used by the content provider to require a specific minimum viewing or downloading equipment setup, such as a minimum processor speed, as precondition to accessing or viewing the digital content being requested by the end user.

Description

APPARATUS AND METHOD FOR PREVENTING DIGITAL MEDIA PIRACY
Cross-Reference to Related Applications
Embodiments of the present invention claim priority from U.S. provisional patent application Serial No. 60/353,076 filed January 29, 2002.
BACKGROUND 1. Field of Invention
The present invention is directed to a digital media piracy threat response system that protects digital media from unauthorized reproduction. 2. Description of Related Art
This present invention is directed to preventing illegal or unauthorized copying of information and other media content or services provided over a network (either public network, such as the Internet, or privately owned, such as a LAN).
Internet-based entertainment services rely heavily on the use of streaming and downloading to deliver video and audio content to consumers. In a streaming scenario, the digital media are stored on a server and a client-resident media viewer is used to receive and display audio/video frames as they are "streamed" across a network from the server, without storing the media on the client. In a download scenario, the digital media are stored on a server and copied across a network to a storage device on the client for subsequent playback via a client-resident media viewer. One of the key problems with both of these approaches is the risk of the digital media asset being captured by the end user and then re-distributed against the asset owner's wishes. 03/065630
In many cases, such media delivery systems rely upon an encryption scheme to protect against piracy, commonly referred to as Digital Rights Management (DRM). Under this scheme, digital media files are encrypted using a private key known only to the rights-holder or its authorized distributor. The digital media are delivered to the client and decrypted using a public key exchanged between the server and the client upon successful user authentication and authorization. Authentication/authorization is usually accompanied via some form of payment to the rights holder or distributor. This is usually sufficient to protect against unauthorized viewing of digital media files.
There are a variety of mechanisms available to the would-be digital media pirate when faced with a DRM-only (or similar type encryption/watermark) protection scheme. In displaying the media, the client-side viewer first decrypts and then decodes the media (converts the media from digital to analog format) for presentation on analog devices. The result is a series of video frames presented to the user. DRM does not protect against copying the decoded video frames. In essence, once the content is decrypted and decoded, it is unprotected and available to be copied in digital or analog form.
By the time the digital media is presented to the viewer, it has been fully uncompressed and displayed on the computer screen. This image is a bitmap in memory, and all timing and signals are available on the video card bus. It is possible to capture and record these signals off the feature connector on a video card. Once captured, a simple set of algorithms may be used to regenerate the original uncompressed movie, as presented by the media player. All that remains is to make a master for duplication. Figure 1 is a graphical illustration of a hypothetical digital path from the streaming computer to the final product of encoded Video-CD (VCD). As Figure 1 shows, digital 3/065630
data is captured from the video card 11 by the digital recording device 12, which can then deliver the recorded digital data with a PC 13 that may use a CD-RW to encode a VCD 14.
Even though it is generally possible to get a digital recording from the streaming computer, suitable hardware is required, and the process is beyond the casual pirate. A much easier and quicker way is to use the analog output. More specifically, analog recording from a computer is possible via a scan converter. Coupled with a quality analog to digital scan converter, the results will be as good as the streaming or downloaded digital media. With further equipment it is possible to take a digital copy with which to create re-encoded output, suitable for the creation of a Video-CD (VCD).
Specifically, as Figure 2 shows, the uncompressed frame is presented to the viewer via a PC 20. This is in most cases via a 15 pin D-Shell cable plugged into the back of a computer and that cable connects to the computer monitor. A common scan converter 21 is all that is required to take the signal bound for the monitor and turn it into a signal capable of being displayed on a television screen 23, projector 22, or a recording device such as a camcorder 24 or a video recorder 25. The output from the scan converter 21 can vary depending on the quality (usually directly related to price). Most offer S-Video output or even a component output, an excellent reproduction quality for analog recording. While most high-end PCs have a graphic card that is capable of presenting a TV-compatible signal, the quality is presently inferior to that achieved through a scan converter.
There are consumer products available that allow the capture and conversion of analog signals into a format suitable for archiving to a digital medium such as digital 3/065630
videotape. From there it is a small step to re-encode the movie via a computer 26 to be used as a master for a VCD 27, and then a CD-ROM burner for the small-scale pirate - or a CD Stamper for larger scale operations. The VCD has enjoyed wide popularity and is a widely accepted format within the Asian market, so much so that most DVD players now on the market play back VCD movies.
The analog piracy problem has been faced by the video community before. With the introduction of DVD's it would have been possible to record good quality copies straight off the DVD using the analog output. This is defeated using digital watermarks or steganographically embedded data, which were initially introduced by companies such as Macrovision to inhibit piracy of VHS recordings. A similar system could be implemented on scan converters to stop an analog recording such as the scenario of Figure 2, but this solution is impractical and may lead to more problems with normal uses of projection units and televisions.
SUMMARY OF THE INVENTION
The present invention is directed to a digital verification and protection ("DVP") system that intelligently prevents digital media piracy through methods of threat response, and mitigates the need for the post-breach forensic diagnostic process common in many traditional digital media protection systems. The preferred embodiments of the present invention aids in protection against the unauthorized copying of digital media that are delivered to personal computers (PC) or to television sets via set-top boxes (STB). The invention protects against piracy in both streaming and downloaded digital media. In high-level terms, the preferred embodiments of the present invention, among other features,: a) Positively identifies a known piece of equipment, device, or software, and searches for digital or analog outputs or its equivalents; b) Permits digital media playback only to viewing or downloading equipment of devices of known and approved configurations; and c) Identifies equipment configuration changes in real-time and determine if such changes constitute a breach of security.
It is an object of the present invention to provide protection against piracy of digital content by disallowing playback on devices that provide a mechanism by which the decrypted and decoded media may be copied. In a DVP system in accordance with the preferred embodiments of the present invention, a consumer who wishes to view or use digital content must gain permission before it may access or display digital media (notwithstanding the fact that the digital media may or may not be additionally protected with conventional anti-piracy measures such as DRM). A consumer may gain permission 03/065630
to gain access to the digital content if, in accordance with the present invention, the consumer's hardware and software configuration or setup do not pose as threats (i.e., cannot be used to reproduce the digital content without authorization). Further, in accordance with the preferred embodiments of the present invention, upon detecting a change in configuration of the consumer's viewing or downloading setup, the delivery of digital content is automatically stopped and must regain permission to the digital media.
It is another object of the present invention to maintain a database of device or software configuration information, such as peripherals and applications, that may be classified as either acceptable or unacceptable configurations of setups for a consumer to have prior to gaining permission to access digital content. Specifically, in accordance with a DVP system of the present invention, the database is used to determine if a particular device configuration poses a threat to the digital media that have been requested. For example, if a digital recording device is attached to the user's PC, then the present invention may be programmed to determine that a threat exists, and the request for digital media is denied. In the case an unknown configuration is detected, the database is updated, and a threat examination process is preferably carried out that result in an expansion of the system's ability to accurately detect and respond to potential threats.
One advantage of the present invention is security of protected information, copyright information, and media services. Specifically, the present invention ensures that information is only sent to and can be accessed only by parties whose configuration and setup are approved by the owner of the digital content to be delivered. Furthermore, this system ensures that media may only be presented on devices approved by the asset owner. This system prevents the unauthorized copying or reproduction of information displayed on an individual's PC or media display devices such as a television.
It is another object of the present invention to notify digital content owners when an unapproved user, device, or activity is taking place, and allows the digital content owner to respond as required, with an appropriate security policy or measure.
While the embodiments of the present invention are preferably used in conjunction with Video On Demand (VOD) systems, the present invention is widely applicable to any other system in which digital media content is delivered from one party to another. In particular, the invention may be employed in any application in which digital media are delivered to personal computers ("PC"), set top boxes ("STB"), or similar devices, in which there is an interest on the part of the rights-holder or owner to protect the digital media from unauthorized reproduction or usage. A system in accordance with the present invention may be employed regardless of the means by which the digital media are delivered to the client device, and can be employed as .an additional layer of digital media protection scheme beyond conventional protection systems against piracy.
03/065630
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 is an illustration of a possible path for digital content from a computer to encoded VCD;
Figure 2 is an illustration of a possible recording or reproduction scheme using digital-to-analog converting devices;
Figure 3 is an illustration of the architecture of a digital verification and protection ("DVP") system in accordance with the preferred embodiment of the present invention;
Figure 4 is an illustration of the operating characteristics of a DVP system in accordance with the preferred embodiment of the present invention;
Figure 5 is another illustration of the operating characteristics of a DVP system in accordance with the preferred embodiment of the present invention;
Figure 6 is yet another illustration of the operating characteristics of a DVP system in accordance with the preferred embodiment of the present invention; Figure 7 is an illustration of the architecture of the DVP system in accordance with an alternative embodiment of the present invention;
Figure 8 is an illustration of the architecture of the DVP system in accordance with another alternative embodiment of the present invention;
Figure 9 is an illustration of a specific implementation of the DVP system in accordance with the preferred embodiment of the present invention;
Figure 10 is an illustration of another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention; 3/065630
Figure 11 is an illustration of another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention;
Figure 12 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention; Figure 13 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention;
Figure 14 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention;
Figure 15 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention;
Figure 16 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention;
Figure 17 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention; Figure 18 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention; and
Figure 19 is an illustration of yet another specific implementation of the DVP system in accordance with the preferred embodiment of the present invention. 03/065630
10
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention is directed to an apparatus and method for protecting digital content from being pirated or otherwise reproduced without authorization. A DVP system in accordance with the preferred embodiments of the present invention make a risk decision based on the examination of a user's viewing equipment configuration at the beginning of streaming each digital content, such as a movie. Specifically, if the DVP system detects that the user's download or viewing equipment configuration includes a recording device, such as an active plug-in recording device on a computer or a VCR connected to a set top box, then the DVP may be directed to deny delivery of the digital content to the user. Additionally, the DVP system can be used to monitor the users equipment configuration during the entire download or viewing session, and can interrupt or stop the delivery of digital content if there is any change to the users equipment such as an addition of a recording device to the equipment configuration or setup.
In accordance with the preferred embodiments, the DVP system uses heuristic algorithms to recognize a potential threat. The process begins when a client device first attempts to access digital media. At that time, DVP registers the client device's relevant hardware and software profile. In constructing this profile, the system searches for certain device and software "fingerprints" that are known to provide information necessary to make a threat determination. Having captured and registered a client device profile when the device is first encountered, the DVP system improves threat determination performance by comparing that client device's profile with the registered profile on subsequent occasions. The system then only goes through a full threat determination process when the current and registered profiles are different in some way. This provides an optimal user experience, without sacrificing security in a significant manner.
The preferred embodiments of the present invention will now be described with references to Figures 3-19. Figure 3 illustrates a DVP system architecture in accordance with the preferred embodiment of the present invention. Specifically, the DVP system in accordance with the preferred embodiment includes a media server 35, which stores digital media content (either in encrypted or unencrypted form). The DVP system in accordance with the preferred embodiment also includes a client device 30, which includes either a personal computer ("PC"), a set top box ("STB"), and any other device used to display digital media. For instance, a typical client device may include a television and a set top box. Another typical client device may include a personal computer and a display monitor.
The DVP system in accordance with the preferred embodiment also includes: a media viewer 32, which may be any device for causing the display of digital content (such as a set top box), including any device that converts digital signals into analog signals for presentation; an application server 33, which coordinates download or viewing requests from the client to the server/distributor, a stream release criteria server ("SRC") 37, which stores device configurations or setups that are determined to be acceptable configurations or setups for receiving the digital content to be delivered; a threat repository server ("TRS") 38, which stores questionable or unknown device configurations, and preferably logs the usage of such configurations; a configuration verification server ("CVS") 34, which mediates requests for media viewing; a configuration verification client ("CVC") 31, which determines the device configuration or setup of an user, and provides the information to the CVS; and a digital rights management server ("DRM") 36, which authorizes requests for encrypted media and provides a decryption key.
It should be noted that, while the various components described above are illustrated in Figure 3 as separate hardware devices, it is within the scope of the present invention to implement the above-described functions via various software implementation methods while sharing the same hardware resources.
Figure 4 illustrates a typical operation schematic of a DVP system in accordance with the preferred embodiment of the present invention. Specifically, a consumer, using the client device 30, first requests permission from the content provider to access digital media, the request being routed through the CVC 31 that preferably resides within the client device or otherwise has access to the client device 30. Upon receiving the request, the CVC 31 obtains configuration or setup information from the client device 30, and forwards or causes the information to be forwarded to CVS 34 for examination and approval. Upon receiving the approval request from the CVC 31 or the client device 30, the CVS 34 retrieves or looks up from the SRC 37 a list of acceptable and unacceptable configuration(s) or setup(s) that have been pre-approved with a predetermined approval criteria.
Upon receiving the list of acceptable/unacceptable configuration or setups, the CVS 34 compares the client device 30 configuration or setup against the retrieved or looked-up list of acceptable configuration(s) or setup(s). In the case that the CVS 34 determines the client device 30 configuration or setup is acceptable, then the CVS 34 notifies the CVC 31 that the request for digital content has been approved. Once the CVC 31 receives a notice from the CVS 34 that the user is authorized to view the requested digital content, then the CVC 31 notifies the client device 30 that the request has been approved. Thereafter, the media viewer 32 requests the digital content from the media server 35, which then delivers the digital content to the media viewer 32. It should be noted that, in detecting the client device 30 configuration, the CVC
31 preferably can also detect, in addition to hardware, residence of unauthorized software, overriding of Macrovision measures, ripping software, hacked or "fake" DRM or encryption software, users running illegal configurations through what are called "Trojan software" (which could be something that looks like an authorized software but us really a piece of ripping software). The DVP system in accordance with the preferred embodiment preferably can detect Trojan software and rogue software processes through checking the "DLL Signature" of each process that is running. This is a bit like DNA testing. For example a piece of ripping software is characterized by the way it uses DLLs and other processes. Just renaming it as something else (like Word or Outlook) doesn't deceive DVP because it recognizes that the DLL signature of this process that claims to be Outlook or Word resembles apiece of ripping software, not Outlook or Word.
In accordance with another embodiment of the present invention, if the DVP system is used in conjunction with a conventional encryption or watermark security system, then additional security measures can be taken. For instance, in Figure 4, the digital content can be delivered to the media viewer 32 in encrypted form, after which the media viewer 32 must request a license or authorization from the DRM 36, which may determine at that time whether to grant authorization and deliver to the client device 30 the appropriate decryption key or other similar access means to view the delivered digital content.
In Figure 4, if the CVS 34 determines that the client device configuration or setup is not acceptable, then the CVS 34 notifies the CVC 31 that the request for digital content is denied. The CVC 31 in turn notifies the user, preferably via the media viewer 32, that the request for digital content is denied. In accordance with the preferred embodiment of the present invention, the DVP system can also display messages to the user explaining the reasons why the request for digital content was denied, such as pointing out a particular device or software connected to the client device that may pose as a threat to digital piracy.
Finally, if the CVS 34 in Figure 4 determines that the client configuration or setup is not contained within the retrieved list of configuration and/or is otherwise unknown, then the CVS 34 proceeds to take the steps illustrated in Figure 6. Figure 6 illustrates the operation of the DVP system of the present invention in the event that the CVS 34 encounters an unknown client device configuration or setup. In particular, the CVS 34 sends the detected questionable client device configuration to the TRS 38 for update of database on unknown client device configurations, the data being able to be later (or concurrently) used by content providers to analyze for its threat to digital piracy.
Meanwhile, the CVS 34 retrieves from the SRC 37 a list of potential threat responses that may be taken in response to the unknown client device configuration detected, such response options being preferably based upon the digital content requested and the geographical location of the requesting client device. The potential threat response to an unknown user client device configuration can be simply a denial of digital 03/065630
15
convent delivery, granting permission for digital content delivery, or granting temporary digital content delivery pending subsequent conditions being satisfied (such as the user changing his or her client device configuration within a specified time period).
If the event that the potential threat response dictates granting of request for digital content delivery, then the CVS 34 preferably notifies the TRS 38 of such result, and the CVC 31 and media viewer 32 are preferably notified of the request being granted. In the event that the potential threat response dictates denial of request for digital content delivery, then the CVS 34 preferably notifies the TRS 38 of such result, and the CVC 31 and media viewer 32 are preferably notified of the request being denied. In the event that the potential threat response dictates temporary delivery of digital content, the CVS 34 preferably logs such result with the TRS 38, and requests the TRS to check the expiration condition, or continuation condition, of the digital content delivery. The condition for continuing digital content delivery is preferably related to the user via the client device 30, and the CVS 34 then preferably checks the status of the temporary condition from time to time to determine whether the conditions for continuing the digital content delivery is being met. If the required conditions are not met, then the digital content delivery is ceased, with the user being notified of the same. The form of temporary permission may vary. For example, one possible client device configuration or user profile may dictate that the temporary permission be extended for 30 days, while another may allow 10 approved separate access to the requested digital content.
In summary, there are at least three possible conditions encountered by the DVP system when a client device configuration is examined against configurations known to the SRC: Non-threatening Configuration is known to the SRC 37 and no threat is detected
Threatening Configuration is known to the SRC 37 as a threat
Unknown Configuration is unknown to the SRC 37
As discussed previously, threat determination is variable based on a number of factors, including media owner, geographic region, and so on. In determining the response, the system takes into account all threat determination factors before determining if the condition is non-threatening, threatening, or unknown. As also previously addressed, it is important to note that while the devices and their functions are described as separate hardware modules for purposes of explaining the present invention is a clear manner, it is contemplated within the scope of the present invention that many of these functions can be embodied in different hardware or software implementations or schematics to provide the same functions and results. Figure 5 illustrates the operations of the DVP system in accordance with the present invention in the event that new hardware or software are introduced to the client device 30 during the download or delivery of digital content to the user. Specifically, if, while the media viewer 32 is displaying or otherwise delivering digital content to the client device, the CVC 31 detects a configuration change in the client device 30, when the CVC 31 preferably directs the media viewer 32 to halt the delivery of digital content. Additionally, the CVC 31 forwards the updated client device configuration to the CVS 34, which then compares the updated client device 30 configuration to that of the retrieved list of acceptable/unacceptable configuration or setup from the SRC 37.
If, upon examination of the CVS 34, the DVP system determines that updated client device 30 configuration is unacceptable, then the CVC 31 is directed to cause the digital content delivery to terminate, and to cause the client device to notify the user of such action by the DVP system. If the CVS 34 determines the updated client device 30 configuration is acceptable, then the CVC 31 is directed to cause the digital content delivery to resume. If the CVS 34 determines that the updated client device 30 configuration is unknown, then the process described in Figure 6 will take place.
Over time, the complexity of the client device configuration may increase while the DVP system becomes more aware of potential threats and the techniques necessary to identify threatening devices and software. In effect, the DVP system in accordance with the present invention evolves and becomes more intelligent in its threat determination. The DVP system may learns of additional threats in a variety of ways. In particular, when the system reports an unknown configuration to the TRS 38, a human expert in threat determination may analyze the configuration and informs the system of the results through an administrative interface. Once this determination has been made, the DVP system "understands" the configuration and is able to make an automatic threat determination in the case that a similar configuration is identified again.
As new devices and software become available to consumers, those devices are examined by human experts or artificially intelligent programs to determine threat to digital piracy and described to the system through an administrative interface. Afterward, the system is able to automatically perform threat determination on such configurations. Additionally, different content owners may have varying opinions regarding acceptable client device configurations. For example, one content provider may require that their content be played only on devices that do not have video adapters with S-Video connectors, while another may have no such restriction. Further, it may be that the same media owner has different concerns regarding specific types of media (e.g., first-run movies), or may have different concerns based on geographic area. In anticipation of such circumstances, the system allows for varying threat profiles per media owner, per media item, and per geographic area. The DVP system of the present invention can be configured to adapt as new threat profiles are introduced. For example, in the future a content provider may perceive that a certain networking protocol poses a threat. In this circumstance, the DVP system is adapted to detect such network protocol and further protect that media owner's content according to the updated threat profile.
In a DVP system in accordance with the preferred embodiment of the present invention, if the CVC 31, be it either hardware or software, is somehow tampered, disabled, or malfunctioning, either due to actions by the user or otherwise, then all digital content delivery request is preferably denied until the CVC operates correctly again.
Again, the present invention has thus far been described in certain terms regarding server and network architecture. It should be noted however that the architectural specifics thus far described are merely illustrative, and should not be considered the sole instance of the invention. Rather, the DVP implementation may vary in many instances, especially relating to network and server architecture. Specifically, while the preferred embodiment of Figures 3-6 describe the various servers as being connected by a network, a specific instance of the DVP system may have two or more servers contained within the same physical computing device and communicating within that device rather than across a network. Figure 7 illustrates a DVP system in accordance with an alternative embodiment of the present invention. As shown, the CVS 34, SRC 37, and TRS 38 are all contained within the DVP server 70. Figure 8 illustrates another alternative embodiment of the present invention whereby the media server 35 and DRM 36 are contained within the application server 33.
It should also be noted that, while the primary purpose of the present invention is directed to protection against piracy or unauthorized reproduction of digital content, the present invention may also be used to specify minimum client device requirements for receiving certain digital content. For instance, some media owners may require that a client device must meet certain minimum specifications in terms of hardware, operating system, software, and so on. Often, such requirements stem from a concern over media playback quality. For instance, a media owner may believe that devices will present their media with insufficient quality unless the devices have a CPU above some certain performance specification or have a particular graphics processing capability. In another example, the digital content provider may require that the client device be equipped with certain parental control measures before delivering digital content of adult nature. The core of present invention, the ability to determine a client device configuration and compare that configuration to acceptable configurations, is ideally suited to ensure that a device meets minimum specifications. In essence, some may view devices not meeting such minimum specifications as a threat to quality rather than security.
Finally, the present invention is applicable not only to streaming and downloaded digital video, but also to digital audio. The invention is easily implemented to protect against digital music piracy.
Figure 9 shows a specific implementation of a DVP system in accordance with the preferred embodiment of the present invention. Specifically, in this specific implementation, the client device is a PC or set-top box 90 running Microsoft Windows operating system, and the consumer uses the Internet Explorer web browser to access a host web site that lists available digital content. The CVC is an ActiveX control embedded in a web page, interacting with the client device through the Microsoft WMI (Windows Management Instrumentation) interface. The media viewer is Windows Media Player, and the DRM server is Microsoft Media Rights Manager. The Application Server is a Microsoft IIS Web Server, and the CVS runs under IIS as a web service. The CVC and CVS communicate securely via SOAP (Simple Object Access Protocol). TRS and SRC are a Microsoft SQL Server 2000 database, under control of the CVS. In Figure 9, the equivalent of a CVC 31 is the CV Control.dll 109, the equivalent application server 33 is the DVP web server 108, the CVS 34 equivalent is the CVServices 106, and the TRS 38 and SRC 37 equivalent is the ThreatDB 104.
Figure 10 is another illustration of a specific implementation of certain aspects of the preferred embodiment of the present invention. Specifically, Figure 10 illustrates a sequence diagram depicting the sequence of events that occur upon downloading the CVC as software to a user's computer.
Figure 11 is yet another illustration of a specific implementation of certain aspects of the preferred embodiment of the present invention. Specifically, Figure 11 illustrates a sequence diagram depicting the sequence of events that occur when a host web site visitor elects to request and view the digital content. Figure 12 is yet another illustration of a specific implementation of certain aspects of the preferred embodiment of the present invention. Specifically, Figure 12 illustrates a sequence diagram depicting the sequence of events that occur when a user starts a new process or connects a new device to the client device while viewing or using the digital content being delivered.
Figure 13 illustrates a sequence diagram illustrating the basic web service security protocol. Specifically, a client requests some random data from the server, encrypts this data, and sends this data back to the server as a parameter with the business call. The server encrypts the data that it gave the client, compares the encrypted data returned by the client, and if the data matches, the server performs the actual business call. The password used to encrypt the data on both sides is exchanged out-of-band. The encrypted data is returned to the server in a base-64 encoded form so that it can be transported using a SOAP (Simple Object Access Protocol) string. The return value for the business function indicates if authentication fails.
Figure 14 is an entity-relationship diagram depicting a specific implementation of the data scheme of the CVS 34 in accordance with the preferred embodiment of the present invention. It is important to note that Figure 14 is merely illustrative and that many alternative database scheme may be implemented in accordance with the preferred embodiment of the present invention.
Figure 15 illustrates a packaging diagram depicting the typical system entities that may be used directly or indirectly by the CVC 31 in accordance with the preferred embodiment of the present invention . Figure 16 illustrates what can be publicly visible properties and methods of the
CVC 31 in accordance with the preferred embodiment of the present invention. Figure 17 illustrates a class diagram showing the methods used by CVS 34 to carry out its functions in accordance with the preferred embodiment of the present invention.
Figure 18 shows an integration class diagram whereby a Java Script framework method that may be created by a web site host to integrate with the CVC 31 in accordance with the preferred embodiment of the present invention.
Figure 19 illustrates an encryption diagram depicting the functionality exposed by the SNEncrypt.dll, which provides the SOAP challenge-Response security mechanism that may be used between the CVC 31 and the CVS 34 in accordance with the preferred embodiment of the present invention.
It should be noted that the present invention might be embodied in forms other than the preferred embodiments described above without departing from the spirit or essential characteristics thereof. The preferred embodiments are therefore to be considered in all aspects as illustrative and not restrictive, and all changes or alternatives that fall within the meaning and range or equivalency of the claims are intended to be embraced within them.

Claims

WHAT WE CLAIM:
1. A system for preventing unauthorized duplication of digital media content distributed over a communication network to a client device capable of performing playback of the digital media content, said system comprising; a media server for storing digital media content; and a configuration verification server for receiving from the client device the configuration data of said client device, said configuration data including system configuration information of said client device, wherein said configuration verification server uses the received configuration data of said client device to determine whether said client device is authorized to receive the stored digital media content for playback, and wherein if said configuration verification server determines that the client device is authorized to receive the stored digital media content, said configuration verification server causes the stored digital media content to be delivered from the media server to the client device for playback.
2. The system of claim 1, further comprising a criteria server for storing sets of pre-approved configuration data, wherein said configuration verification server compares the received configuration data against said sets of pre-approved configuration data in order to determine whether the client device is authorized to playback the stored digital media content.
3. The system of claim 1, further comprising a threat repository server for storing sets of unauthorized configuration data, wherein said configuration verification server compares the received configuration data against said sets of unauthorized configuration data in order to determine whether the client device is authorized to playback the stored digital media content.
4. The system of claim 1, further comprising an application server that is operatively coupled to the client device and the media server for coordinating delivery of the stored digital media content from the media server to the client device.
5. The system of claim 1, wherein said client device includes means for detecting the configuration data of said client device and sending the detected configuration data to said configuration verification server.
6. The system of claim 1, wherein the stored digital media content includes video files, and wherein said client device includes a media viewer for viewing said video files.
7. The system of claim 1, wherein, during the delivery of the stored digital media content to the client device, the configuration verification server periodically receives from the client device updated configuration data, wherein the configuration verification server uses the received updated configuration data to determine whether the client device is still authorized to playback the stored digital media content, and wherein if the configuration verification server determines that the client device is no longer authorized to playback the stored digital media content, the configuration verification server causes the delivery of the stored digital media content to stop.
8. The system of claim 1, wherein the stored digital media content is delivered to the client device in encrypted format.
9. The system of claim 8, further comprising means for providing to the client device a decryption key to be used to decrypt the digital media content that is delivered to the client device in encrypted format.
3/065630
26
10. A method for preventing unauthorized duplication of digital media content distributed over a communication network to a client device capable of performing playback of the digital media content, said method comprising the steps of: storing digital media content; receiving from the client device the configuration data of said client device, said configuration data including system configuration information of said client device; using the received configuration data of said client device, determining whether said client device is authorized to playback the stored digital media content; and causing the stored digital media content to be delivered to the client device for playback.
11. The method of claim 10, further comprising the steps of: storing sets of pre-approved configuration data; and comparing the received configuration data against said sets of pre-approved configuration data.
12. The method of claim 10, further comprising the steps of: storing sets of unauthorized configuration data; and comparing the received configuration data against said sets of unauthorized configuration data.
13. The method of claim 10, wherein the stored digital media content is delivered in encrypted format. 3/065630
27
14. The method of claim 13, further comprising the step of providing a decryption key to the client device for decrypting the stored digital media content delivered in encrypted format.
15. The method of claim 10, further comprising the steps of: during the delivery of the stored digital media content to the client device, receiving from the client device updated configuration data; using the received updated configuration data, assessing whether the client device is still authorized to playback the stored digital media content; and if the client device is assessed as no longer authorized to playback the stored digital media content, causing the delivery of the stored digital media content to stop.
16. A machine-readable medium containing a set of executable instructions for causing a computer to perform a method for preventing unauthorized duplication of digital media content distributed over a communication network to a client device capable of performing playback of the digital media content, said method comprising the steps of: storing digital media content; receiving from the client device the configuration data of said client device, said configuration data including system configuration information of said client device; using the received configuration data of said client device, determining whether said client device is authorized to playback the stored digital media content; and causing the stored digital media content to be delivered to the client device for playback.
17. The machine-readable medium of claim 16, wherein said method further comprises the steps of: storing sets of pre-approved configuration data; and comparing the received configuration data against said sets of pre-approved configuration data.
18. The machine-readable medium of claim 16, wherein said method further comprises the steps of: storing sets of unauthorized configuration data; and comparing the received configuration data against said sets of unauthorized configuration data.
19. The machine-readable medium of claim 16, wherein the method further comprises of steps of: encrypting the stored digital media content to be delivered to the client device; and providing to the client device a decryption for decrypting the encrypted stored digital media content.
20. The machine-readable medium of claim 16, wherein the method further comprises the steps of: during the delivery of the stored digital media content to the client device, receiving from the client device updated configuration data; using the received updated configuration data, assessing whether the client device is still authorized to playback the stored digital media content; and if the client device is assessed as no longer authorized to playback the stored digital media content, causing the delivery of the stored digital media content to stop.
21. A system for preventing unauthorized duplication of digital media content distributed over a communication network to a client device capable of performing playback of the digital media content, said system comprising; storing means for storing digital media content; verification means for receiving from the client device the configuration data of said client device, said configuration data including system configuration information of said client device, wherein said verification means uses the received configuration data of said client device to determine whether said client device is authorized to receive the stored digital media content and wherein if said verification means determines that the client device is authorized to receive the stored digital media content, said verification means causes the stored digital media content to be delivered from the means to the client device for playback.
22. The system of claim 21, further comprising means for storing sets of pre- approved configuration data, wherein said verification means compares the received configuration data against said sets of pre-approved configuration data in order to determine whether the client device is authorized to playback the stored digital media content.
23. The system of claim 21, further comprising means for storing sets of unauthorized configuration data, wherein said verification means compares the received configuration data against said sets of unauthorized configuration data in order to determine whether the client device is authorized to playback the stored digital media content.
24. The system of claim 21, further comprising means for delivering the stored digital media content from the storing means to the client device.
25. The system of claim 21, wherein said client device includes means for detecting the configuration data of said client device and sending the detected configuration data to said configuration verification server.
26. The system of claim 21, wherein the stored digital media content includes video files, and wherein said client device includes means for viewing said video files.
27. The system of claim 21, wherein said communication network is the Internet.
28. The system of claim 21, wherein the stored digital media content is delivered to the client device in encrypted format.
29. The system of claim 28, further comprising means for providing to the client device a decryption key to be used to decrypt the digital media content that is delivered to the client device in encrypted format.
30. The system of claim 21, wherein, during the delivery of the stored digital media content to the client device, the verification means periodically receives from the client device updated configuration data, wherein the verification means uses the received updated configuration data to determine whether the client device is still authorized to playback the stored digital media content, and wherein if the verification means determines that the client device is no longer authorized to playback the stored digital media content, the verification means causes the delivery of the stored digital media content to stop.
31. A machine-readable medium containing a set of executable instructions for causing a microprocessor of a client device to perform a method of digital media content playback, said digital media content being distributed from a content provider over a communication network, said method comprising the steps of: requesting from the content provider digital media content for playback; detecting the system configuration information of the client device; sending to the content provider the detected system configuration information; receiving from the content provider authorization to receive the requested digital media content for playback.
32. The machine-readable medium of claim 31, wherein the method further comprises the steps of: while receiving the requested digital media content for playback, periodically detecting updated system configuration information of the client device; and sending to the content provider the updated system configuration information of the client device.
33. The machine-readable medium of claim 31, wherein the method further comprises the step of notifying the user of the client device of the status of the request for digital media content.
34. The machine-readable medium of claim 31, wherein the method further comprises the step of halting the step of receiving the requested digital media content for playback.
35. A system for distributing digital media content over a communication network to a client device capable of performing playback of the digital media content, said system comprising: distribution means for distributing digital media content over the communication network in encrypted format; verification means for receiving from the client device the configuration data of said client device, said configuration data including system configuration information of said client device, wherein said verification means uses the received configuration data of said client device to determine whether said client device is authorized to receive the distributed digital media content for playback, and wherein if said verification means determines that the client device is authorized to receive the distributed digital media content, said verification means provides to the client device a decryption key for decrypting the distributed digital media content for playback.
36. The system of claim 35, further comprising means for storing sets of pre- approved configuration data, wherein said verification means compares the received configuration data against said sets of pre-approved configuration data in order to determine whether the client device is authorized to receive the distributed digital media content.
37. The system of claim 35, further comprising means for storing sets of unauthorized configuration data, wherein said verification server compares the received configuration data against said sets of unauthorized configuration data in order to determine whether the client device is authorized to receive the distributed digital media content.
38. The system of claim 35, wherein said client device includes means for detecting the configuration data of said client device and sending the detected configuration data to said verification means.
39. The system of claim 35, wherein, after a decryption is provided to the client device, the verification means periodically receives from the client device updated configuration data, wherein the verification means uses the received updated configuration data to determine whether the client device is still authorized to receive the distributed digital media content, and wherein if the verification means determines that the client device is no longer authorized to receive digital media content being distributed, the verification means causes the client device to halt its reception of the digital media content.
40. The system of claim 35, wherein said communications network is the
Internet.
41. A method for distributing digital media content over a communication network to a client device capable of performing playback of the digital media content, said method comprising the steps of: distributing digital media content over the communication network in encrypted format; receiving from the client device the configuration data of said client device, said configuration data including system configuration information of said client device; using the received configuration data of said client device, determining whether said client device is authorized to receive the distributed digital media content for playback; and providing to the client device a decryption key for decrypting the distributed digital media content if the client device is determined to be authorized to receive the distributed digital media content.
42. The method of claim 41 , further comprising the steps of: storing sets of pre-approved configuration data; and comparing the received configuration data against said sets of pre-approved configuration data.
43. The method of claim 41 , further comprising the steps of: storing sets of unauthorized configuration data; and comparing the received configuration data against said sets of unauthorized configuration data.
44. The method of claim 41 , further comprising the steps of: receiving from the client device updated configuration data; using the received updated configuration data, assessing whether the client device is still authorized to receive the distributed digital media content; and if the client device is assessed as no longer authorized to receive digital media content being disfributed, stopping the distribution of the digital media content to the client device
45. The method of claim 41, wherein said communication network is the
Internet.
PCT/SG2002/000234 2002-01-29 2002-10-09 Apparatus and method for preventing digital media piracy WO2003065630A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR10-2004-7011716A KR20040077905A (en) 2002-01-29 2002-10-09 Apparatus and method for preventing digital media piracy

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US35307602P 2002-01-29 2002-01-29
US60/353,076 2002-01-29
US10/210,610 2002-07-31
US10/210,610 US20040010717A1 (en) 2002-01-29 2002-07-31 Apparatus and method for preventing digital media piracy

Publications (2)

Publication Number Publication Date
WO2003065630A2 true WO2003065630A2 (en) 2003-08-07
WO2003065630A3 WO2003065630A3 (en) 2005-09-01

Family

ID=27668324

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SG2002/000234 WO2003065630A2 (en) 2002-01-29 2002-10-09 Apparatus and method for preventing digital media piracy

Country Status (3)

Country Link
US (1) US20040010717A1 (en)
KR (1) KR20040077905A (en)
WO (1) WO2003065630A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1531377A2 (en) 2003-10-23 2005-05-18 Microsoft Corporation Secure authentication of an executable by an authentication entity
KR101456489B1 (en) * 2007-07-23 2014-10-31 삼성전자주식회사 Method and apparatus for managing access privileges in a CLDC OSGi environment

Families Citing this family (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7124303B2 (en) * 2001-06-06 2006-10-17 Sony Corporation Elementary stream partial encryption
US7350082B2 (en) * 2001-06-06 2008-03-25 Sony Corporation Upgrading of encryption
US7895616B2 (en) * 2001-06-06 2011-02-22 Sony Corporation Reconstitution of program streams split across multiple packet identifiers
US7823174B2 (en) * 2002-01-02 2010-10-26 Sony Corporation Macro-block based content replacement by PID mapping
US7292691B2 (en) * 2002-01-02 2007-11-06 Sony Corporation Progressive video refresh slice detection
US7292690B2 (en) * 2002-01-02 2007-11-06 Sony Corporation Video scene change detection
US7765567B2 (en) * 2002-01-02 2010-07-27 Sony Corporation Content replacement by PID mapping
US7242773B2 (en) * 2002-09-09 2007-07-10 Sony Corporation Multiple partial encryption using retuning
US7233669B2 (en) * 2002-01-02 2007-06-19 Sony Corporation Selective encryption to enable multiple decryption keys
US7376233B2 (en) * 2002-01-02 2008-05-20 Sony Corporation Video slice and active region based multiple partial encryption
US7215770B2 (en) * 2002-01-02 2007-05-08 Sony Corporation System and method for partially encrypted multimedia stream
US7155012B2 (en) * 2002-01-02 2006-12-26 Sony Corporation Slice mask and moat pattern partial encryption
US7302059B2 (en) * 2002-01-02 2007-11-27 Sony Corporation Star pattern partial encryption
US7530084B2 (en) * 2002-05-28 2009-05-05 Sony Corporation Method and apparatus for synchronizing dynamic graphics
US20090180025A1 (en) * 2002-05-28 2009-07-16 Sony Corporation Method and apparatus for overlaying graphics on video
RS113904A (en) * 2002-06-28 2007-02-05 Idenix (Cayman) Limited 2'-c-methyl-3'-o-l-valine ester ribofuranosyl cytidine for treatment of flaviviridae infections
US8818896B2 (en) * 2002-09-09 2014-08-26 Sony Corporation Selective encryption with coverage encryption
US7409702B2 (en) * 2003-03-20 2008-08-05 Sony Corporation Auxiliary program association table
US7292692B2 (en) * 2003-03-25 2007-11-06 Sony Corporation Content scrambling with minimal impact on legacy devices
US20040267880A1 (en) * 2003-06-30 2004-12-30 Kestutis Patiejunas System and method for delivery of media content
US20050036067A1 (en) * 2003-08-05 2005-02-17 Ryal Kim Annon Variable perspective view of video images
US20050066357A1 (en) * 2003-09-22 2005-03-24 Ryal Kim Annon Modifying content rating
US20050097597A1 (en) * 2003-10-31 2005-05-05 Pedlow Leo M.Jr. Hybrid storage of video on demand content
US7343013B2 (en) * 2003-12-16 2008-03-11 Sony Corporation Composite session-based encryption of video on demand content
US20050097596A1 (en) * 2003-10-31 2005-05-05 Pedlow Leo M.Jr. Re-encrypted delivery of video-on-demand content
US7346163B2 (en) * 2003-10-31 2008-03-18 Sony Corporation Dynamic composition of pre-encrypted video on demand content
US7853980B2 (en) 2003-10-31 2010-12-14 Sony Corporation Bi-directional indices for trick mode video-on-demand
US7263187B2 (en) * 2003-10-31 2007-08-28 Sony Corporation Batch mode session-based encryption of video on demand content
US20050102702A1 (en) * 2003-11-12 2005-05-12 Candelore Brant L. Cablecard with content manipulation
US20050169473A1 (en) * 2004-02-03 2005-08-04 Candelore Brant L. Multiple selective encryption with DRM
US20050235357A1 (en) * 2004-04-19 2005-10-20 Securemedia International Preventing cloning of high value software using embedded hardware and software functionality
US20060242406A1 (en) * 2005-04-22 2006-10-26 Microsoft Corporation Protected computing environment
US7584502B2 (en) * 2004-05-03 2009-09-01 Microsoft Corporation Policy engine and methods and systems for protecting data
EP1774424B1 (en) * 2004-07-14 2011-11-02 Qualcomm Incorporated A method and apparatus for delivering keys
US20060041510A1 (en) * 2004-08-19 2006-02-23 Securemedia International Method for a secure system of content distribution for DVD applications
US20060051061A1 (en) * 2004-09-09 2006-03-09 Anandpura Atul M System and method for securely transmitting data to a multimedia device
US10477151B2 (en) 2004-10-18 2019-11-12 Inside Secure Method and apparatus for supporting multiple broadcasters independently using a single conditional access system
EP1813107B1 (en) 2004-10-18 2015-03-18 Syphermedia International, Inc. Method and apparatus for supporting multiple broadcasters independently using a single conditional access system
US8156049B2 (en) * 2004-11-04 2012-04-10 International Business Machines Corporation Universal DRM support for devices
US7895617B2 (en) * 2004-12-15 2011-02-22 Sony Corporation Content substitution editor
US8041190B2 (en) 2004-12-15 2011-10-18 Sony Corporation System and method for the creation, synchronization and delivery of alternate content
US7716243B2 (en) 2005-02-25 2010-05-11 Microsoft Corporation Provisions for validating content using a content registration authority
US9363481B2 (en) * 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
US9436804B2 (en) * 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan
US7770229B2 (en) * 2005-05-11 2010-08-03 Yahoo! Inc. System and method for the propagation of DRM protected content
WO2007000772A1 (en) * 2005-06-28 2007-01-04 Hewlett - Packard Development Company L.P. Access control method and apparatus
US8185921B2 (en) 2006-02-28 2012-05-22 Sony Corporation Parental control of displayed content using closed captioning
US7555464B2 (en) * 2006-03-01 2009-06-30 Sony Corporation Multiple DRM management
US7970138B2 (en) 2006-05-26 2011-06-28 Syphermedia International Method and apparatus for supporting broadcast efficiency and security enhancements
US20080008321A1 (en) * 2006-07-10 2008-01-10 Syphermedia International, Inc. Conditional access enhancements using an always-on satellite backchannel link
US20080080711A1 (en) * 2006-09-28 2008-04-03 Syphermedia International, Inc. Dual conditional access module architecture and method and apparatus for controlling same
US9277259B2 (en) 2006-10-13 2016-03-01 Syphermedia International, Inc. Method and apparatus for providing secure internet protocol media services
US8761393B2 (en) * 2006-10-13 2014-06-24 Syphermedia International, Inc. Method and apparatus for providing secure internet protocol media services
US8204979B2 (en) * 2007-01-31 2012-06-19 Hewlett-Packard Development Company, L.P. Adaptive client/server control protocol
US8300818B2 (en) * 2007-02-27 2012-10-30 Sony Corporation System and method for effectively protecting electronic content information
US20080320596A1 (en) * 2007-06-22 2008-12-25 Feng Chi Wang Distributed digital rights management system and methods for use therewith
US8515123B2 (en) * 2008-07-03 2013-08-20 Verimatrix, Inc. Efficient watermarking approaches of compressed media
KR101041279B1 (en) * 2008-11-10 2011-06-14 에스케이 텔레콤주식회사 System and Method for preventing illegal download of contents
US9275203B1 (en) 2014-02-03 2016-03-01 Purdue Research Foundation Methods, systems, and computer readable media for preventing software piracy and protecting digital documents using same
WO2018208997A1 (en) 2017-05-09 2018-11-15 Verimatrix, Inc. Systems and methods of preparing multiple video streams for assembly with digital watermarking

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6064739A (en) * 1996-09-30 2000-05-16 Intel Corporation System and method for copy-protecting distributed video content
US6202153B1 (en) * 1996-11-22 2001-03-13 Voltaire Advanced Data Security Ltd. Security switching device
US20010052077A1 (en) * 1999-01-26 2001-12-13 Infolio, Inc. Universal mobile ID system and method for digital rights management

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5930473A (en) * 1993-06-24 1999-07-27 Teng; Peter Video application server for mediating live video services
US6202253B1 (en) * 1998-10-29 2001-03-20 Universal Friendly Technologies Llc Storm door cylinder lock
US7150045B2 (en) * 2000-12-14 2006-12-12 Widevine Technologies, Inc. Method and apparatus for protection of electronic media
US6865555B2 (en) * 2001-11-21 2005-03-08 Digeo, Inc. System and method for providing conditional access to digital content

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6064739A (en) * 1996-09-30 2000-05-16 Intel Corporation System and method for copy-protecting distributed video content
US6202153B1 (en) * 1996-11-22 2001-03-13 Voltaire Advanced Data Security Ltd. Security switching device
US20010052077A1 (en) * 1999-01-26 2001-12-13 Infolio, Inc. Universal mobile ID system and method for digital rights management

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1531377A2 (en) 2003-10-23 2005-05-18 Microsoft Corporation Secure authentication of an executable by an authentication entity
JP2005129045A (en) * 2003-10-23 2005-05-19 Microsoft Corp Secure identification of executable file for reliability determination entity
EP1531377A3 (en) * 2003-10-23 2006-09-20 Microsoft Corporation Secure authentication of an executable by an authentication entity
US7418512B2 (en) 2003-10-23 2008-08-26 Microsoft Corporation Securely identifying an executable to a trust-determining entity
KR100949024B1 (en) * 2003-10-23 2010-03-23 마이크로소프트 코포레이션 Securely identifying an executable to a trust-determining entity
KR101456489B1 (en) * 2007-07-23 2014-10-31 삼성전자주식회사 Method and apparatus for managing access privileges in a CLDC OSGi environment

Also Published As

Publication number Publication date
KR20040077905A (en) 2004-09-07
US20040010717A1 (en) 2004-01-15
WO2003065630A3 (en) 2005-09-01

Similar Documents

Publication Publication Date Title
US20040010717A1 (en) Apparatus and method for preventing digital media piracy
US9342662B2 (en) Method and system for controlling video media
US8572761B2 (en) Method and system for preventing unauthorized reproduction of electronic media
US8234217B2 (en) Method and system for selectively providing access to content
US7570761B2 (en) Method and system for preventing unauthorized recording of media content in the iTunes™ environment
US7400729B2 (en) Secure delivery of encrypted digital content
US9275235B2 (en) Method and system for preventing unauthorized recording of media content on an apple operating system
US8112810B2 (en) Preventing unauthorized distribution of media content within a global network
US8555395B2 (en) Method and system for providing a media change notification on a computing system
US20080250238A1 (en) Method and system for controlled media sharing in a network
US20060242083A1 (en) Method and apparatus for license distribution
US20120042391A1 (en) Method and system for protecting children from accessing inappropriate media available to a computer-based media access system
US20120042309A1 (en) Method and system for automatically executing an operation after a media event
US20120042134A1 (en) Method and system for circumventing usage protection applicable to electronic media
TWI225352B (en) Apparatus and method for preventing digital media piracy
AU2002367530A1 (en) Apparatus and method for preventing digital media piracy
US8826445B2 (en) Method and system of deterring unauthorized use of media content by degrading the contents waveform
US20120039467A1 (en) Method and system for automatically detecting media and implementing interaction control thereon

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2002367530

Country of ref document: AU

WWE Wipo information: entry into national phase

Ref document number: 1020047011716

Country of ref document: KR

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Ref document number: JP