Abstract: The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a command to create a Module and executes a Module Template to generate the Module in response to the command. The Module is deployed to an Appliance device. A set of instructions of the Module, when executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device. The Appliance device is configured to distribute the data asset to a cryptographic manager (CM) core of the target device.

Abstract: The embodiments described herein describe technologies for ticketing systems used in consumption and provisioning of data assets, such as a pre-computed (PCD) asset. A ticket may be a digital file or data that enables enforcement of usage count limits and uniqueness issuance ore sequential issuance of target device parameters. On implementation includes an Appliance device of a cryptographic manager (CM) system that receives a Module and a ticket over a network from a Service device. The Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device. The ticket is digital data that grants permission to the Appliance device to execute the Module. The Appliance device verifies the ticket to execute the Module. The Module, when executed, results in a secure construction of a sequence of operations to securely provision the data asset to the target device.

Abstract: A request associated with a revocation of a key may be received. A hash value corresponding to the key that is stored in a memory may be identified. Furthermore, the hash value that is stored in the memory may be corrupted in response to the request associated with the revocation of the key.

Abstract: Pairing data associated with a second device may be received at a first device. The pairing data may be received from a server. A first authentication proof may be generated based on the pairing data received from the server. A second authentication proof may be received from the second device. Furthermore, an authentication status of the second device may be updated based on a comparison of the first authentication proof that is based on the pairing data received from the server and the second authentication proof that is received from the second device.

Abstract: Aspects of the present disclosure relate to managing licenses for playback of digital content. A license management device may create licenses that determine the number of playback devices that can be authorized by the license. Each license may be included in a corresponding digital content. In addition, each license may be distributed to a set of playback devices. Thereafter, a playback device may playback digital content that includes a license when the playback device stores a matching license. A single license can be used to provide authorization to play digital content from multiple sources and/or multiple types of content. Playback devices can store multiple licenses, which allows playback devices to belong to multiple sets of playback devices authorized to playback various digital content. In one embodiment digital content files can contain multiple licenses to allow the content files to be shared by multiple sets of playback devices.

Abstract: A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.

Abstract: Aspects of the present disclosure relate to managing licenses for playback of digital content. A license management device may create licenses that determine the number of playback devices that can be authorized by the license. Each license may be included in a corresponding digital content. In addition, each license may be distributed to a set of playback devices. Thereafter, a playback device may playback digital content that includes a license when the playback device stores a matching license. A single license can be used to provide authorization to play digital content from multiple sources and/or multiple types of content. Playback devices can store multiple licenses, which allows playback devices to belong to multiple sets of playback devices authorized to playback various digital content. In one embodiment digital content files can contain multiple licenses to allow the content files to be shared by multiple sets of playback devices.

Abstract: A method and apparatus for digital content license management is disclosed that provides one or more license management devices that manage licenses for playback of digital content. The license management devices create licenses having an associated cardinality that determines the number of playback devices that can be authorized by the license. The license is stored in a set of playback devices, where the number of playback devices in the set corresponds to the cardinality of the license. The license is also included in digital content that the license authorizes for playback. Playback devices that have a license that matches a license included in the digital content are authorized to play the digital content. A single license can be used to provide authorization to play digital content from multiple sources and/or multiple types of content.

Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies.

Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies.

Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies.

Abstract: Aspects of the present disclosure relate to a computer system that can transfer a digital information file to a removable media storage. The digital information file can include targeting information, which may include combined descrambling information and information identifying a mobile playback device. The mobile playback device can render the targeted digital information file if the information identifying the mobile playback device included in the targeting information corresponds to an identifier of the mobile playback device, so as to allow the mobile playback device to descramble the targeted digital information file using the descrambling information.

Abstract: In an exemplary embodiment, digital content is mastered as a combination of encrypted data and data processing operations that enable use in approved playback environments. Player devices having a processing environment compatible with the content's data processing operations are able to decrypt and play the content. Players can also provide content with basic functions, such as loading data from media, performing network communications, determining playback environment configuration, controlling decryption/playback, and/or performing cryptographic operations using the player's keys. These functions allow the content to implement and enforce its own security policies. If pirates compromise individual players or content titles, new content can be mastered with new security features that block the old attacks. A selective decryption capability can also be provided, enabling on-the-fly watermark insertion so that attacks can be traced back to a particular player.

Abstract: A computer network based digital information library system employing authentication and encryption protocols for the secure transfer of digital information library programs to a client computer system and a mobile digital information playback device removably connectable to the client computer system. The present invention is a computer network based library and information delivery system for accessing and obtaining selected digital information files.

Abstract: In an exemplary embodiment, digital content is mastered as a combination of encrypted data and data processing operations that enable use in approved playback environments. Player devices having a processing environment compatible with the content's data processing operations are able to decrypt and play the content. Players can also provide content with basic functions, such as loading data from media, performing network communications, determining playback environment configuration, controlling decryption/playback, and/or performing cryptographic operations using the player's keys. These functions allow the content to implement and enforce its own security policies. If pirates compromise individual players or content titles, new content can be mastered with new security features that block the old attacks. A selective decryption capability can also be provided, enabling on-the-fly watermark insertion so that attacks can be traced back to a particular player.

Abstract: In an exemplary embodiment, digital content is mastered as a combination of encrypted data and data processing operations that enable use in approved playback environments. Player devices having a processing environment compatible with the content's data processing operations are able to decrypt and play the content. Players can also provide content with basic functions, such as loading data from media, performing network communications, determining playback environment configuration, controlling decryption/playback, and/or performing cryptographic operations using the player's keys. These functions allow the content to implement and enforce its own security policies. If pirates compromise individual players or content titles, new content can be mastered with new security features that block the old attacks. A selective decryption capability can also be provided, enabling on-the-fly watermark insertion so that attacks can be traced back to a particular player.

Abstract: A computer network based digital information library system employing authentication and encryption protocols for the secure transfer of digital information library programs to a client computer system and a mobile digital information playback device removably connectable to the client computer system. The present invention is a computer network based library and information delivery system for accessing and obtaining selected digital information files.

Abstract: A computer network based digital information library system employing authentication and encryption protocols for the secure transfer of digital information library programs to a client computer system and a mobile digital information playback device removably connectable to the client computer system. The present invention is a computer network based library and information delivery system for accessing and obtaining selected digital information files.

Abstract: A computer network based digital information library system employing authentication and encryption protocols for the secure transfer of digital information library programs to a client computer system and a mobile digital information playback device removably connectable to the client computer system. The present invention is a computer network based library and information delivery system for accessing and obtaining selected digital information files.

Abstract: A computer network based digital information library system employing authentication and encryption protocols for the secure transfer of digital information library programs to a client computer system and a mobile digital information playback device removably connectable to the client computer system. The present invention is a computer network based library and information delivery system for accessing and obtaining selected digital information files.