Patents Assigned to Widevine Technologies, Inc.
-
Publication number: 20110032981Abstract: An apparatus, system, and method is directed to transcoding broadcast content, such as in a DVB, ATSC, and MPEG based network, to secure content suitable for an Internet Protocol (IP) based network. In one embodiment, a single multifunctional convergence appliance is employed to enable such transcoding actions as encryption, encoding, and/or encapsulation. For example, in one embodiment, an MPEG transport stream associated with the broadcast content may be transcoded to an IP-based transport stream. In addition, the transport stream may be decrypted, transrated to another rate, and re-encrypted using a different control word for re-encrypting, but a same service key to encrypt the different control word. The system is also enabled to transcode content formatted for the IP-based network to a content format suitable for the broadcast network.Type: ApplicationFiled: October 18, 2010Publication date: February 10, 2011Applicant: Widevine Technologies, Inc.Inventors: Reza P. Rassool, Glenn A. Morten, Brian A. Baker
-
Patent number: 7817608Abstract: An apparatus, system, and method is directed to transcoding broadcast content, such as in a DVB, ATSC, and MPEG based network, to secure content suitable for an Internet Protocol (IP) based network. In one embodiment, a single multifunctional convergence appliance is employed to enable such transcoding actions as encryption, encoding, and/or encapsulation. For example, in one embodiment, an MPEG transport stream associated with the broadcast content may be transcoded to an IP-based transport stream. In addition, the transport stream may be decrypted, transrated to another rate, and re-encrypted using a different control word for re-encrypting, but a same service key to encrypt the different control word. The system is also enabled to transcode content formatted for the IP-based network to a content format suitable for the broadcast network.Type: GrantFiled: September 6, 2006Date of Patent: October 19, 2010Assignee: Widevine Technologies, Inc.Inventors: Reza P. Rassool, Glenn A. Morten, Brian A. Baker
-
Publication number: 20090327698Abstract: There is disclosed a process for encrypting a data stream to secure the data stream for single viewing and to protect copyrights of the data stream. Specifically, there is disclosed a process for protecting streaming multimedia, entertainment and communications in an Internet-type transmission. There is further disclosed a streaming server component operably connected with a streaming server that interacts with a client system to affect the inventive process.Type: ApplicationFiled: April 30, 2008Publication date: December 31, 2009Applicant: WIDEVINE TECHNOLOGIES, INC.Inventors: Brian A. Baker, Glenn A. Morten, Charles Duncan MacLean, Jeffrey Lee Tinker
-
Patent number: 7640435Abstract: A system, apparatus, and method are directed to providing and securely viewing secure content. In one embodiment, a secure player provides secure screening/previewing of secure content, such as a motion picture, by a member of an awards organization. A content key is employed to selectively encrypt at least a portion of a content stream. The content key is encrypted with a screener key. The encrypted content key is embedded into the secure content. The screener key is encrypted using public/private key pair that is bound to the secure player. The secure content may be distributed on a medium, such as a DVD, high definition DVD, and the like. The secure player is configured to receive the medium, screener key, and a screener identity. The screener identity and screener key are employed by the secure player to decrypt and enable secure viewing of the content.Type: GrantFiled: December 27, 2005Date of Patent: December 29, 2009Assignee: Widevine Technologies, Inc.Inventor: Glenn A. Morten
-
Patent number: 7594271Abstract: A method and system are directed to differentiating between normal characteristics and abnormal characteristics within a software process, such that tampering of the software process may be identified programmatically. The identification of behavior that may be defined as normal may vary. Such behavior may include a sequence of selected system level calls that may access resources considered relevant, and the like. Data on the selected behavior is gathered, and when a sufficient amount of abnormal behavior has been detected, a signal may be provided such that an action may be performed. Samples of the gathered data are assigned a unique value. Statistical information is determined from the collected behavior, including trend data. Such trend data is compared to trends identified as normal for the software process, and a determination is made whether the sampled behavior is non-normal.Type: GrantFiled: September 22, 2003Date of Patent: September 22, 2009Assignee: Widevine Technologies, Inc.Inventors: Oscar V. Zhuk, Vince M. Rohr
-
Publication number: 20090204541Abstract: A method, apparatus, and system are directed towards employing a chain of permission keys obtained during playing of advertisements within content to enable continued playing of the content. A sequence of encoded permission keys are generated with each encoded permission key, except a last permission key, incorporating a scrambling key useable to decode a next encoded permission key within the sequence of encoded permission keys that enables playing of a next portion of the content. If playing of any advertisement within the content is avoided, then access to an associated scrambling key useable to decode a next permission key is prevented, which in turn inhibits playing of a next portion of the content. In another embodiment, a heartbeat analysis may also be performed to monitor if skipping of an advertisement is being attempted, and if so, playing of the content is prevented.Type: ApplicationFiled: February 7, 2008Publication date: August 13, 2009Applicant: Widevine Technologies, Inc.Inventors: Oscar V. Zhuk, Glenn A. Morten, Edward Charles Hiar
-
Publication number: 20090003600Abstract: Various embodiments are directed towards employing a container and communication protocol proxy component within a client device to receive securely real-time streamed, progressively downloaded, or adaptively streamed container over a network using one container and communication protocol, and to securely decrypt the container and provide it to a media player using a different container and communications protocol. In one embodiment, the container is in Flash Video (FLV) file format. A browser or the media player on the client device may be used to request the container. The requested container is sent over one communication protocol and intercepted by the container and communication protocol proxy component. The container may be received as selectively encrypted container. The container and communication protocol proxy component then may enable decryption of the container and providing of it to the media player using another container and communication protocol combination.Type: ApplicationFiled: June 11, 2008Publication date: January 1, 2009Applicant: Widevine Technologies, Inc.Inventors: Hao-Nong Chen, Michael Rutman, Charles Duncan MacLean, Edward Charles Hiar, Glenn A. Morten
-
Publication number: 20080294786Abstract: A system, apparatus, and method are directed towards managing entitlement/right revocation and delivery to be performed within a non-addressable media network. Such networks may include for example a client device behind a network address translation (NAT) device, employs non-addressable satellite components, or so forth. A server notifies clients that entitlements, revocations, or the like are available by sending a request for communications with the client. The client initiates a connection to receive the entitlements, or the like, and then disconnects from the server. If the client fails to initiate a connection, the server may continue to send a request for a connection, or even change encryption keys to the content to prevent access by the client. In one embodiment, failure to receive an acknowledgement response from the server of a connection with the client, or from the client, may result in invocation of a revocation failure action.Type: ApplicationFiled: May 21, 2008Publication date: November 27, 2008Applicant: Widevine Technologies, Inc.Inventors: Jeffrey Lee Tinker, Charles Duncan MacLean, Hamid Shaheed Ali, Edward Charles Hiar, Michael Rutman, Glenn A. Morten
-
Publication number: 20080279369Abstract: A system and method is directed to providing an n-dimensional entity for encoding and storing data securely. A user provides a cursor position within the n-dimensional entity, and a user seed to a pseudo-random number generator. The user seed may be combined with a fingerprint of a computing system in which the invention operates. The n-dimensional entity is populated with bits from the pseudo-random number generator. Bits within the n-dimensional entity are associated with actions to be performed at each cursor position. Subsequent cursor directions within the n-dimensional entity are determined using a random number generator. Plaintext is bitwise translated to a direction and an offset from the cursor position to a bit matching the plaintext bit within the n-dimensional entity. The offset is employed to modify a row of truly random bits in an encoded array.Type: ApplicationFiled: July 23, 2008Publication date: November 13, 2008Applicant: Widevine Technologies, Inc.Inventor: Tomas Earl Palmer
-
Publication number: 20080255943Abstract: A method, apparatus, and system are directed towards providing advertisement insertions at a point of consumption into digital content, such as broadcast television content. A content provider may initially mark the content for advertisement insertion, and create a metadata file indicating constraints, targets, expirations, or the like. A downstream user employs a plug-in component and provides an initial user profile, in part, to access the content with advertisements. As the content is played, and an advertising marker is encountered, fast forwarding or other skipping features are disabled, and an advertisement stream is spliced into the content stream. The advertisement stream is determined based on the user profile and/or other metadata. Moreover, the advertisement stream may be obtained over a network such that advertisements may be refreshed even years after the content has been acquired by the user. In one embodiment, the advertisement consumption may be tracked and reported.Type: ApplicationFiled: February 25, 2008Publication date: October 16, 2008Applicant: Widevine Technologies, Inc.Inventors: Glenn A. Morten, Brian A. Baker
-
Patent number: 7406174Abstract: A system and method is directed to providing an n-dimensional entity for encoding and storing data securely. A user provides a cursor position within the n-dimensional entity, and a user seed to a pseudo-random number generator. The user seed may be combined with a fingerprint of a computing system in which the invention operates. The n-dimensional entity is populated with bits from the pseudo-random number generator. Bits within the n-dimensional entity are associated with actions to be performed at each cursor position. Subsequent cursor directions within the n-dimensional entity are determined using a random number generator. Plaintext is bitwise translated to a direction and an offset from the cursor position to a bit matching the plaintext bit within the n-dimensional entity. The offset is employed to modify a row of truly random bits in an encoded array.Type: GrantFiled: October 21, 2003Date of Patent: July 29, 2008Assignee: Widevine Technologies, Inc.Inventor: Tomás Earl Palmer
-
Publication number: 20080126806Abstract: A method, apparatus, and system are directed towards generating a public/private key pair prior to registration. The generation of the public/private key pair is performed by the entity to which the key pair is to be associated. The entity may then complete n application. The entity may then employ the generated public/private key pair to digitally sign the application. In one embodiment, the public key is provided with the application to a registration authority. Upon request, the public key and at least some of the application information may be provided to requester for use in identification, authentication, integrity, and/or non-repudiation of the registered entity. In another embodiment, the registration authority or other entity may verify the identity of the registering entity using the application. In one embodiment, the registration authority may select to digitally sign the application to indicate that the information has been verified.Type: ApplicationFiled: September 21, 2006Publication date: May 29, 2008Applicant: Widevine Technologies, Inc.Inventor: Glenn A. Morten
-
Patent number: 7380117Abstract: There is disclosed a process for encrypting a data stream to secure the data stream for single viewing and to protect copyrights of the data stream. Specifically, there is disclosed a process for protecting streaming multimedia, entertainment and communications in an Internet-type transmission. There is further disclosed a streaming server component operably connected with a streaming server that interacts with a client system to affect the inventive process.Type: GrantFiled: June 30, 2005Date of Patent: May 27, 2008Assignee: Widevine Technologies, Inc.Inventor: Brian Baker
-
Patent number: 7376831Abstract: An apparatus, system, and method are directed towards parsing and selectively encrypting different portions of data in real-time, decrypting the encrypted data in real-time, and passing the data to a media player on a client computer or other network capable device. Data in a network packet may be parsed into payload and non-payload portions. The payload portion of the packet data may then be examined to determine whether a predefined type of the data is recognized. For example, in one embodiment, the predefined data type may be media content. If the payload portion is recognized as a predefined data type, then it may be selectively encrypted. The selectively encrypted payload portion and non-payload portion of the packet may then be combined, such that the non-payload portion may be employed by firewalls, proxies, and/or NATs to route the packet towards the client computer or other network capable device.Type: GrantFiled: August 25, 2006Date of Patent: May 20, 2008Assignee: Widevine Technologies, Inc.Inventors: Brad Kollmyer, Brian A. Baker, Eric Bradley Shapiro, Aric Kollmyer, Mike Rutman, Charles Duncan MacLean, Dan Robertson, Neal Taylor, Dick Hunsche, Amanda Walker
-
Patent number: 7356143Abstract: A system, apparatus, and method are directed to providing and securely viewing secure content. In one embodiment, a secure player provides secure screening/previewing of secure content, such as a motion picture, by a member of an awards organization. A content key is employed to selectively encrypt at least a portion of a content stream. The content key is encrypted with a screener key. The encrypted content key is embedded into the secure content. The screener key is encrypted using public/private key pair that is bound to the secure player. The secure content may be distributed on a medium, such as a DVD, high definition DVD, or over a network, or the like. The secure player is configured to receive the medium, screener key, and a screener identity. The screener identity and screener key are employed by the secure player to decrypt and enable secure viewing of the content.Type: GrantFiled: February 24, 2006Date of Patent: April 8, 2008Assignee: Widevine Technologies, IncInventor: Glenn A. Morten
-
Patent number: 7349886Abstract: A system, apparatus, and method are directed towards generating chains of encrypted decryption keys for content in a highly distributed environment. In one embodiment, the key chain may be provided within an Entitlement Control Message (ECM). An access key that enables decryption of a current link within the chain of decryption keys may be provided to a downstream recipient using an out-of-band mechanism. Alternatively, the access key may be provided through an in-band mechanism, such as through the use of Entitlement Management Message (EMM), or the like. In one embodiment, the access key within the EMM may be further encrypted by another encryption key that may be unique to the downstream recipient.Type: GrantFiled: March 23, 2006Date of Patent: March 25, 2008Assignee: Widevine Technologies, Inc.Inventors: Glenn A. Morten, Reza P. Rassool
-
Publication number: 20080037782Abstract: A method, apparatus, and system are directed towards reducing a channel change time contribution related to security for digital media devices by using key management and a virtual smart card. In one embodiment, Entitlement Control Messages (ECMs) used to provide access to content keys for decrypting of content are provided over the network to the digital media device at an increased frequency over traditional systems. In another embodiment, use of the virtual smart card is directed towards removing physical limitations that may arise due to the use of a physical smart card, separate secure microprocessor, or the like, and associated physical interface, thereby further reducing channel change times contributed to content protection components of the digital media device.Type: ApplicationFiled: July 19, 2007Publication date: February 14, 2008Applicant: Widevine Technologies, Inc.Inventor: Glenn A. Morten
-
Patent number: 7328345Abstract: A system and method for providing end-to-end security of content over a heterogeneous distribution chain is provided. A content owner provides content to an aggregator that receives the content and processes the content. The processing may involve decrypting the content and associating at least one of a unique fingerprint and a watermark to the decrypted content. The unique fingerprint and a watermark to the decrypted content provide identifying characteristics to the content. Additional content-based fingerprints may be used to monitor quality of consumer experience for Video and Audio. The content may be sent in a decrypted state to a client or in an encrypted state. When the content is encrypted the aggregator wraps and encrypts the content with a signature such that an end-to-end flow of the content may be determined. Application Level encryption is used to provide network/distribution medium transparency as well as persistent encryption.Type: GrantFiled: January 29, 2003Date of Patent: February 5, 2008Assignee: Widevine Technologies, Inc.Inventors: Glenn A. Morten, Reza P. Rassool, Tom E. Claeys, Brian Andrew Baker
-
Publication number: 20080015999Abstract: A system and method are directed towards including buffer packets into an unencrypted content stream at a same location as encryption related information such as an ECM, an EMM message, or the like, would be in a corresponding encrypted content stream. The buffer packets may comprise virtually any information, including a null packet, an ECM message. By inserting buffer packets in the same location, an overall file size, and frame locationing may be made to match the file size, and frame locationing of the encrypted content stream. The modified unencrypted content stream may be employed to generate trick play files, such as a fast forward file, fast reverse file, and so forth, as well as a corresponding index file that indicates locations of relevant content frames in the unencrypted content stream and the trick play files.Type: ApplicationFiled: January 19, 2006Publication date: January 17, 2008Applicant: Widevine Technologies, Inc.Inventors: Hamid Ali, Andre Jacobs, Glenn Morten
-
Publication number: 20070286420Abstract: A network device and method are directed towards providing one time content encryption for Video on Demand (VOD) broadcast services and Networked Personal Video Recorders (NPVRs) using unique encryption keys. As content is received by the network device, it is determined whether the content is for broadcast distribution to a consumer and to be ingested into an NPVR/VOD server for possible unicast distribution. If the content is for both distributions, it is encrypted using at least one control word (CW) key. The encrypted content is then copied into at least two streams, with the CW being encrypted with at least two different keys, one for broadcast distribution, and one for NPVR Programs. One stream may then be ingested by the NPVR/VOD server, while the other stream may be broadcast to a consumer. The encryption keys may be provided through EMMs to a consumer based on a purchase.Type: ApplicationFiled: May 14, 2007Publication date: December 13, 2007Applicant: Widevine Technologies, Inc.Inventors: Charles Duncan MacLean, Edward Charles Hiar, Hamid Shaheed Ali, Sergio Jose Goncalves da Silva, Andre Jacobs, Edward H. Schacker