Tuesdays the USPTO issues new patents. Both of today's Spotlight Patents address aspects of digital rights management. Assigned to Microsoft, the first of today's patents concerns a digital rights management scheme for an on-demand distributed streaming system. Assigned to Apple, the second patent concerns the use of run-time code injection to perform checks.
8,375,456, "Digital rights management scheme for an on-demand distributed streaming system," assigned to Microsoft.
A DRM scheme that may be optionally invoked by the owner. With the DRM protection turned on, the media is encrypted before it is distributed in a P2P network, and is decrypted prior to its use (play back). The peers may still efficiently distribute and serve without authorization from the owner. Nevertheless, when the media is used (played back), the client node must seek proper authorization from the owner. The invention further provides a hierarchical DRM scheme wherein each packet of the media is associated with a different protection level. In the hierarchical DRM scheme of the invention there is usually an order of the protection level. As a result, in one embodiment of the invention, the decryption key of a lower protection layer is the hash of the decryption key at the higher protection level. That way, a user granted access to the high protection layer may simply hold a single license of that layer, and obtain decryption keys of that layer and below. The invention further provides for a process for managing digital rights to a scalable media file wherein a different encryption/decryption key is used to encrypt each truncatable media packet with a base layer without requiring additional storage space to store the key.
8,375,369, "Run-time code injection to perform checks," assigned to Apple.
A digital rights management system permits an application owner to cause code to be injected into the application's run-time instruction stream so as to restrict execution of that application to specific hardware platforms. In a first phase, an authorizing entity (e.g., an application owner or platform manufacturer) authorizes one or more applications to execute on a given hardware platform. Later, during application run-time, code is injected that performs periodic checks to determine if the application continues to run on the previously authorized hardware platform. If a periodic check fails, at least part of the application's execution string is terminated--effectively rendering the application non-usable. The periodic check is transparent to the user and difficult to circumvent.