Patents by Inventor Florian Pestoni

Florian Pestoni has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9300465
    Abstract: A method and system for attaching a title key to encrypted content for synchronized transmission to, or storage by, a recipient is provided. Specifically, under the present invention, an elementary media stream is parceled into content units that each include a content packet and a header. The content packets are encrypted with one or more title keys. Once the content packets have been encrypted, the title keys are themselves encrypted with a key encrypting key. The encrypted title keys are then attached to the corresponding encrypted content packets for synchronized transmission to a recipient.
    Type: Grant
    Filed: February 20, 2008
    Date of Patent: March 29, 2016
    Assignee: International Business Machines Corporation
    Inventors: Eric M. Foster, Jeffrey B. Lotspiech, Florian Pestoni, Wilfred E. Plouffe, Jr., Frank A. Schaffa
  • Patent number: 9124422
    Abstract: Various embodiments of a system and method for digital rights management with secure application-content binding are described. Various embodiments may include a system configured to decrypt an encrypted application key with a private key. The system may also be configured to decrypt an encrypted application including a binding key with the decrypted application key. The system may also be configured to decrypt an encrypted content key with the binding key from the decrypted application. The system may be further configured to decrypt encrypted content with the decrypted content key. In various embodiments, the system may also be configured to consume the decrypted content with the decrypted application.
    Type: Grant
    Filed: May 29, 2009
    Date of Patent: September 1, 2015
    Assignee: Adobe Systems Incorporated
    Inventors: Florian Pestoni, Sunil C. Agrawal, Pritham Shetty
  • Patent number: 8789196
    Abstract: Embodiments may include a content provider system configured to provide electronic content that includes multiple encrypted content items to a playback device. A playback device may be configured to acquire root licenses and/or content licenses from a license server; such licenses may cryptographically protect the content items that a playback device receives from a content provider system. In various embodiments, the electronic content may be content that is to be linearly consumed, such as a channel within a broadcast environment. In various embodiments, the playback device may explicitly request a license for one or more of the content items that it receives; such request may be issued to a license server. The license server may evaluate the request and respond to the playback device with the license for a content item. In various embodiments, the playback device may utilize the received license to decrypt and consume the respective content item.
    Type: Grant
    Filed: May 28, 2010
    Date of Patent: July 22, 2014
    Assignee: Adobe Systems Incorporated
    Inventors: Florian Pestoni, Sunil C. Agrawal, Viswanathan Swaminathan
  • Patent number: 8656178
    Abstract: The present invention provides a method, system and program product for modifying content usage conditions during broadcast content distribution. Specifically, the present invention allows protected (e.g., encrypted, secured, etc.) content to be received along with content usage conditions, an encrypted combination of the content usage conditions and a title key (e.g., a MAC), and a key management block. Using the key management block, a key encrypting key can be determined for decrypting the combination. Once the combination is decrypted, the content usage conditions can be modified (e.g., edited, added to, etc.).
    Type: Grant
    Filed: April 18, 2002
    Date of Patent: February 18, 2014
    Assignee: International Business Machines Corporation
    Inventors: Eric M. Foster, Jeffrey B. Lotspiech, Dalit Naor, Sigfredo I. Nin, Florian Pestoni, Wilfred E. Plouffe, Jr., Frank A. Schaffa
  • Patent number: 8578157
    Abstract: Various embodiments of a system and method of digital rights management with authorized device groups are described. Various embodiments may include a system including a digital rights management (DRM) component configured to receive a private key of an authorized device group. In various embodiments, the receipt of the private key of the authorized device group may indicate the system is an authorized member of a group of devices permitted to access content items protected by a common public key associated with the authorized device group. In various embodiments the DRM component may be configured to, for each given content item of multiple content items that are encrypted with different content keys, decrypt an encrypted content key from the given content item with the private key of the authorized device group and decrypt content from the given content item with the decrypted content key.
    Type: Grant
    Filed: May 29, 2009
    Date of Patent: November 5, 2013
    Assignee: Adobe Systems Incorporated
    Inventors: Florian Pestoni, Sunil C. Agrawal, Pritham Shetty
  • Publication number: 20130132232
    Abstract: Various embodiments of a system and method for digital rights management with delegated authorization for content access are described. Such embodiments may include a runtime component configured to receive protected content. The runtime component may be configured to submit a request for a delegation token to a first entity, such as a content merchant or some other entity. The runtime component may be configured to receive the delegation token from the first entity. The runtime component may also be configured to submit a request for a content license for the protected content to a second entity, such as an access coordinator or some other entity. The submitted request may include the received delegation token. The runtime component may be configured to receive the content license from the second entity. The runtime component may also be configured to provide access to the protected content in accordance with the received content license.
    Type: Application
    Filed: August 21, 2009
    Publication date: May 23, 2013
    Inventors: Florian Pestoni, Pritham Shetty, Sunil C. Agrawal, Katherine K. Nadell
  • Publication number: 20130124862
    Abstract: Various embodiments of a system and method for digital rights management with secure application-content binding are described. Various embodiments may include a system configured to decrypt an encrypted application key with a private key. The system may also be configured to decrypt an encrypted application including a binding key with the decrypted application key. The system may also be configured to decrypt an encrypted content key with the binding key from the decrypted application. The system may be further configured to decrypt encrypted content with the decrypted content key. In various embodiments, the system may also be configured to consume the decrypted content with the decrypted application.
    Type: Application
    Filed: May 29, 2009
    Publication date: May 16, 2013
    Inventors: Florian Pestoni, Sunil C. Agrawal, Pritham Shetty
  • Publication number: 20130121489
    Abstract: Embodiments may include a content provider system configured to provide electronic content that includes multiple encrypted content items to a playback device. A playback device may be configured to acquire root licenses and/or content licenses from a license server; such licenses may cryptographically protect the content items that a playback device receives from a content provider system. In various embodiments, the electronic content may be content that is to be linearly consumed, such as a channel within a broadcast environment. In various embodiments, the playback device may explicitly request a license for one or more of the content items that it receives; such request may be issued to a license server. The license server may evaluate the request and respond to the playback device with the license for a content item. In various embodiments, the playback device may utilize the received license to decrypt and consume the respective content item.
    Type: Application
    Filed: May 28, 2010
    Publication date: May 16, 2013
    Inventors: Florian Pestoni, Sunil C. Agrawal, Viswanathan Swaminathan
  • Publication number: 20130124859
    Abstract: Various embodiments of a system and method of digital rights management with authorized device groups are described. Various embodiments may include a system including a digital rights management (DRM) component configured to receive a private key of an authorized device group. In various embodiments, the receipt of the private key of the authorized device group may indicate the system is an authorized member of a group of devices permitted to access content items protected by a common public key associated with the authorized device group. In various embodiments the DRM component may be configured to, for each given content item of multiple content items that are encrypted with different content keys, decrypt an encrypted content key from the given content item with the private key of the authorized device group and decrypt content from the given content item with the decrypted content key.
    Type: Application
    Filed: May 29, 2009
    Publication date: May 16, 2013
    Inventors: Florian Pestoni, Sunil C. Agrawal, Pritham Shetty
  • Patent number: 8387154
    Abstract: In accordance with the domain management for digital media, a device obtains multiple pieces of protected content from multiple content providers, where two or more of the content providers employ different digital rights management systems. The device also accesses a license server to obtain, for each piece of protected content, a content license that is bound to a domain. The content license permits the device to play back a piece of protected content.
    Type: Grant
    Filed: May 12, 2011
    Date of Patent: February 26, 2013
    Assignee: Microsoft Corporation
    Inventor: Florian Pestoni
  • Patent number: 8296569
    Abstract: Interoperability of protected content items between computing devices is facilitated by providing content items having a standard representation, and media players having support for the content item representations. The representation of the content item may be limited by a profile as to the elements it contains. The elements allowed in the content item may also be limited.
    Type: Grant
    Filed: October 9, 2006
    Date of Patent: October 23, 2012
    Assignee: Microsoft Corporation
    Inventor: Florian Pestoni
  • Patent number: 8121952
    Abstract: Enhanced multimedia content on physical media interacts with the user through a media player and the Internet. Enhanced multimedia utilizes IDs for pieces of content on the media and a media key block. On the enhanced media is a file with a list of URLs. As the enhanced media plays a title requiring an external permission for decryption, the media player accesses the URL for that title and obtains the permission. The permission may be purchased or provided for free. Secure encryption and transmission of permission is accomplished by broadcast encryption using a media key block. Each media has a unique set of keys that allow the media player to process the media key block; however, each media follows a unique path through the media key block. All legitimate media players obtain the media key; circumvention devices cannot decipher the media key block.
    Type: Grant
    Filed: December 10, 2004
    Date of Patent: February 21, 2012
    Assignee: International Business Machines Corporation
    Inventors: Bradley Collar, Jeffrey Bruce Lotspiech, Florian Pestoni, Michael Ripley, Spencer Stephens
  • Publication number: 20110238983
    Abstract: A device removal system securely removes an item of content or a device from a content-protected home network. An authorization table maintains a list of devices in the content-protected home network in addition to removed devices. The authorization table also maintains a list of deleted content. Through management of various cryptographic keys and techniques, devices and content will not play on a content-protected home network after they have been removed. A secret network ID reduces the possibility of unauthorized playing of content on the content-protected home network. A web server may join the content-protected home network as a device, providing backup for the secret network ID. Otherwise, the device manufacturer will provide the secret network ID in case of a device failure. Storing a verification value in each device ensures integrity of critical cryptographic values. This verification value is compared to network values to ensure network values have not been corrupted.
    Type: Application
    Filed: June 6, 2011
    Publication date: September 29, 2011
    Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jeffrey Bruce Lotspiech, Kevin Snow McCurley, Florian Pestoni
  • Publication number: 20110213962
    Abstract: In accordance with the domain management for digital media, a device obtains multiple pieces of protected content from multiple content providers, where two or more of the content providers employ different digital rights management systems. The device also accesses a license server to obtain, for each piece of protected content, a content license that is bound to a domain. The content license permits the device to play back a piece of protected content.
    Type: Application
    Filed: May 12, 2011
    Publication date: September 1, 2011
    Applicant: Microsoft Corporation
    Inventor: Florian Pestoni
  • Patent number: 7971261
    Abstract: In accordance with the domain management for digital media, a device accesses a domain administrator in order to obtain a domain membership license. The domain membership license indicates that the device is part of a domain that includes multiple devices associated with a user of the device. The device also obtains multiple pieces of protected content from multiple content providers, with two or more of the multiple content providers employing different digital rights management systems. The device also accesses a license server to obtain, for each piece of protected content, a content license that is bound to the domain. The content license permits the device to play back the piece of content to the user.
    Type: Grant
    Filed: June 12, 2007
    Date of Patent: June 28, 2011
    Assignee: Microsoft Corporation
    Inventor: Florian Pestoni
  • Patent number: 7539307
    Abstract: Enhanced multimedia content on physical media interacts with the user through a media player and the Internet. Enhanced multimedia utilizes IDs for pieces of content on the media and a media key block. On the enhanced media is a file with a list of URLs. As the enhanced media plays a section requiring a set of keys for decryption, the media player accesses the URL for that section and obtains the decryption key. The decryption key may be purchased or provided for free. Secure encryption and transmission of these keys is accomplished by broadcast encryption using a media key block. Each media has a unique set of keys that allow the media player to process the media key block; however, each media follows a unique path through the media key block. All legitimate media players obtain the media key; circumvention devices cannot decipher the media key block.
    Type: Grant
    Filed: November 26, 2003
    Date of Patent: May 26, 2009
    Assignee: International Business Machines Corporation
    Inventors: Jeffrey B. Lotspiech, Florian Pestoni
  • Patent number: 7523307
    Abstract: A method for enforcing compliance in both the copy protect domain and service subscription domain for streamed multicast data. Each content is encrypted with a title key that itself is encrypted with a channel unique key which is a hash of a session key and a channel key. A compliant player is given the channel key upon registration for a subscription service (representing subscription protection) and is also given device keys upon activation (representing copy protection) for decrypting the session key. Consequently, the channel unique key can be obtained (and, hence, the content decrypted) only by a player that is compliant with both copy protection rules and subscription rules. The channel key can be refreshed periodically as subscriptions change or expire.
    Type: Grant
    Filed: January 8, 2002
    Date of Patent: April 21, 2009
    Assignee: International Business Machines Corporation
    Inventors: Jeffrey Bruce Lotspiech, Dalit Naor, Sigfredo Ismael Nin, Florian Pestoni
  • Patent number: 7499550
    Abstract: A title key protection system includes a title key with recordable media content; storage in a repository is not required. The title key is decrypted when needed by a clearinghouse, and then re-encrypted. The title key confers rights from the content owners to the user to play and copy the content for personal use. A user downloads encrypted content from a content repository. The user's media recording device extracts an encrypted title key from the content and obtains a media key block and media ID from the physical media on which the content will be recorded. The encrypted title key, media key block, and media ID are transmitted to a clearinghouse. The clearinghouse decrypts the title key and derives a media unique key from the media key block and media ID. The clearinghouse re-encrypts the title key with the media unique key and returns this re-encrypted title key to the media recording device for recording with the content on the physical media.
    Type: Grant
    Filed: February 9, 2004
    Date of Patent: March 3, 2009
    Assignee: International Business Machines Corporation
    Inventors: Deirdre Michelle Joy Athaide, Kevin Thomas Driver, Lara M. Lewis, Jeffrey Bruce Lotspiech, Florian Pestoni, Savitha Srinivasan, Vladimir Zbarsky
  • Publication number: 20080313264
    Abstract: In accordance with the domain management for digital media, a device accesses a domain administrator in order to obtain a domain membership license. The domain membership license indicates that the device is part of a domain that includes multiple devices associated with a user of the device. The device also obtains multiple pieces of protected content from multiple content providers, with two or more of the multiple content providers employing different digital rights management systems. The device also accesses a license server to obtain, for each piece of protected content, a content license that is bound to the domain. The content license permits the device to play back the piece of content to the user.
    Type: Application
    Filed: June 12, 2007
    Publication date: December 18, 2008
    Applicant: Microsoft Corporation
    Inventor: Florian Pestoni
  • Publication number: 20080273702
    Abstract: A method and system for attaching a title key to encrypted content for synchronized transmission to, or storage by, a recipient is provided. Specifically, under the present invention, an elementary media stream is parceled into content units that each include a content packet and a header. The content packets are encrypted with one or more title keys. Once the content packets have been encrypted, the title keys are themselves encrypted with a key encrypting key. The encrypted title keys are then attached to the corresponding encrypted content packets for synchronized transmission to a recipient.
    Type: Application
    Filed: February 20, 2008
    Publication date: November 6, 2008
    Inventors: Eric M. Foster, Jeffrey B. Lotspiech, Florian Pestoni, Wilfred E. Plouffe, Frank A. Schaffa