Thursdays the Patent Office publishes new pending patent applications. Both of today's Spotlight Applications concern aspects of digital rights management. Assigned to Apple, the first application discloses a client-server system with security for untrusted server. Apparently assigned to Adobe, the second application discloses techniques for transparently authenticating a user to a digital rights management entity.
20130124866, "Client-server system with security for untrusted server," assigned to Apple, Inc.
In the context of a computer client-server architecture, typically used in the Internet for communicating between a server and applications running on user computers (clients), a method is provided for enhancing security in the context of digital rights management (DRM) where the server is an untrusted server that may not be secure, but the client is secure. This method operates to authenticate the server to the client and vice versa to defeat hacking attacks intended to obtain confidential information. Values passed between the server and the client include encrypted random numbers, authentication values and other verification data generated using cryptographic techniques including double encryption.
20130125223, "System And Method For Transparently Authenticating A User To A Digital Rights Management Entity," apparently assigned to Adobe.
Various embodiments of a system and method for transparently authenticating a user to a digital rights management entity are described. In various embodiments, a digital rights management server may be configured to receive an authentication token from a first remote computer system. Such authentication token may indicate that a particular user of the first remote computer system was authenticated by a first content provider of one or more content providers. In various embodiments, the digital rights management server may also be configured to verify the authentication token by determining that one or more portions of the authentication token were generated based on respective authentication information issued to the first content provider. In various embodiments, the digital rights management server may also be configured to, in response to verification of the authentication token, issue to the first remote computer system one or more credentials.