Abstract: A storage unit for use within a dispersed storage network comprises an interface and a processing module operable to receive encoded data slices from a dispersed storage network client. The encoded data slices are associated with DSN logical addresses and the storage unit is allocated a range of DSN logical addresses in which the DSN logical addresses are found. The storage unit determines whether to store the encoded data slices in local memory of the storage unit or store them in remote memory. When the storage unit determines to store the encoded data slice to the remote memory it converts the DSN logical address into a local storage unit logical address and outputs the encoded data slices to the remote memory.

Abstract: A method includes receiving, by a computing device of a dispersed storage network (DSN), a non-standard data access request regarding a set of encoded data slices, where the non-standard data access request includes a set of network identifiers of a set of storage units, a data identifier corresponding to data, and a data access function. The method further includes the computing device converting the non-standard data access request into one or more DSN slice names. The method further includes the computing device determining that the one or more DSN slice names are within a slice name range allocated to the computing device. When the one or more DSN slice names are within the slice name range, the method further includes the computing device executing the data access function regarding one or more encoded data slices corresponding to the one or more DSN slice names.

Abstract: A method includes receiving, by a computing device of a dispersed storage network (DSN), a non-standard data access request regarding a set of encoded data slices, where the non-standard data access request includes a set of network identifiers of a set of storage units, a data identifier corresponding to data, and a data access function. The method further includes the computing device converting the non-standard data access request into one or more DSN slice names. The method further includes the computing device determining that the one or more DSN slice names are within a slice name range allocated to the computing device. When the one or more DSN slice names are within the slice name range, the method further includes the computing device executing the data access function regarding one or more encoded data slices corresponding to the one or more DSN slice names.

Abstract: A method includes determining, by a computing device of a dispersed storage network (DSN), whether to utilize a non-standard DSN data accessing protocol or a standard DSN data accessing protocol to access data from the DSN. When the computing device determines to use the non-standard DSN data accessing protocol, the method further includes generating a set of non-standard data access requests. The method further includes sending the set of non-standard data access requests to storage units. The method further includes converting, by a storage unit, the non-standard data access request into one or more DSN slice names. The method further includes determining, by the storage unit, that the one or more DSN slice names are within a slice name range. When the one or more DSN slice names are within the slice name range, the method further includes executing, by the storage unit, the data access function.

Abstract: A method for execution by a computing device of a dispersed storage network (DSN), the method beings by obtaining a plurality of sets of encoded data slices for storage in the DSN. The method continues by determining whether to store two or more encoded data slices of the plurality of sets of encoded data slices in alternative memory. When determined to store the two or more encoded data slices in the alternative memory, the method continues by determining a combining protocol regarding the two or more encoded data slices. The method continues by combining, in accordance with the combining protocol, the two or more encoded data slices into at least one combined slice object (CSO) and sending the at least one CSO to the alternative memory and sending remaining encoded data slices of the plurality of sets of encoded data slices to a set of storage units of the DSN.

Abstract: Various embodiments of a system and method for parts-based digital rights management are described. Various embodiments may include a digital rights management component configured to receive content comprising a plurality of portions of content. The digital rights management component may also receive a license for the encrypted content; the license may include a plurality of permissions each specific to a respective portion of the content. Additionally, each permission may specify one or more access privileges for the respective portion of the content. The digital rights management component may receive a digital signature for the entire license. The digital rights management component may validate the digital signature to determine that the permissions have not been modified. The digital rights management component may also be configured to, in response to determining that said permissions have not been modified, provide access to content in accordance with said license including said permissions.

Abstract: A method for execution by a computing device of a dispersed storage network (DSN), the method beings by obtaining a plurality of sets of encoded data slices for storage in the DSN. The method continues by determining whether to store two or more encoded data slices of the plurality of sets of encoded data slices in alternative memory. When determined to store the two or more encoded data slices in the alternative memory, the method continues by determining a combining protocol regarding the two or more encoded data slices. The method continues by combining, in accordance with the combining protocol, the two or more encoded data slices into at least one combined slice object (CSO) and sending the at least one CSO to the alternative memory and sending remaining encoded data slices of the plurality of sets of encoded data slices to a set of storage units of the DSN.

Abstract: A method includes determining, by a computing device of a dispersed storage network (DSN), whether to utilize a non-standard DSN data accessing protocol or a standard DSN data accessing protocol to access data from the DSN. When the computing device determines to use the non-standard DSN data accessing protocol, the method further includes generating a set of non-standard data access requests. The method further includes sending the set of non-standard data access requests to storage units. The method further includes converting, by a storage unit, the non-standard data access request into one or more DSN slice names. The method further includes determining, by the storage unit, that the one or more DSN slice names are within a slice name range. When the one or more DSN slice names are within the slice name range, the method further includes executing, by the storage unit, the data access function.

Abstract: A storage unit for use within a dispersed storage network comprises an interface and a processing module operable to receive encoded data slices from a dispersed storage network client. The encoded data slices are associated with DSN logical addresses and the storage unit is allocated a range of DSN logical addresses in which the DSN logical addresses are found. The storage unit determines whether to store the encoded data slices in local memory of the storage unit or store them in remote memory. When the storage unit determines to store the encoded data slice to the remote memory it converts the DSN logical address into a local storage unit logical address and outputs the encoded data slices to the remote memory.

Abstract: A document rights management system (DRM) defines an unrenderable origin designator in a media item that does not display or alter the physically rendered version of an instantiation of the media item. The unrenderable designator does not appear as an obscured or occluded feature in a printed or displayed versions. The rendered version is unaffected by the unrenderable designator because it does not result in any displayable features. The unrenderable designator is stored in a display list of the media item and appears as an attribute of objects such that the function to cause the display object to be undisplayable, or unrenderable, are not immediately apparent. The DRM system encodes a designator in an attribute of a display object for rendering according to a media rendering format such as PDF, such that the designator causes the display object to be unrenderable and indicates the origin of the media item.

Abstract: Various embodiments of a system and method for parts-based digital rights management are described. Various embodiments may include a digital rights management component configured to receive content comprising a plurality of portions of content. The digital rights management component may also receive a license for the encrypted content; the license may include a plurality of permissions each specific to a respective portion of the content. Additionally, each permission may specify one or more access privileges for the respective portion of the content. The digital rights management component may receive a digital signature for the entire license. The digital rights management component may validate the digital signature to determine that the permissions have not been modified. The digital rights management component may also be configured to, in response to determining that said permissions have not been modified, provide access to content in accordance with said license including said permissions.

Abstract: Various embodiments of a system and method for parts-based digital rights management are described. Various embodiments may include a digital rights management component configured to receive content comprising a plurality of portions of content. The digital rights management component may also receive a license for the encrypted content; the license may include a plurality of permissions each specific to a respective portion of the content. Additionally, each permission may specify one or more access privileges for the respective portion of the content. The digital rights management component may receive a digital signature for the entire license. The digital rights management component may validate the digital signature to determine that the permissions have not been modified. The digital rights management component may also be configured to, in response to determining that said permissions have not been modified, provide access to content in accordance with said license including said permissions.

Abstract: Various embodiments of a system and method for transparently authenticating a user to a digital rights management entity are described. In various embodiments, a digital rights management server may be configured to receive an authentication token from a first remote computer system. Such authentication token may indicate that a particular user of the first remote computer system was authenticated by a first content provider of one or more content providers. In various embodiments, the digital rights management server may also be configured to verify the authentication token by determining that one or more portions of the authentication token were generated based on respective authentication information issued to the first content provider. In various embodiments, the digital rights management server may also be configured to, in response to verification of the authentication token, issue to the first remote computer system one or more credentials.

Abstract: A document rights management system (DRM) defines an unrenderable origin designator in a media item that does not display or alter the physically rendered version of an instantiation of the media item. The unrenderable designator does not appear as an obscured or occluded feature in a printed or displayed versions. The rendered version is unaffected by the unrenderable designator because it does not result in any displayable features. The unrenderable designator is stored in a display list of the media item and appears as an attribute of objects such that the function to cause the display object to be undisplayable, or unrenderable, are not immediately apparent. The DRM system encodes a designator in an attribute of a display object for rendering according to a media rendering format such as PDF, such that the designator causes the display object to be unrenderable and indicates the origin of the media item.

Abstract: A document rights management system (DRM) defines an unrenderable origin designator in a media item that does not display or alter the physically rendered version of an instantiation of the media item. The unrenderable designator does not appear as an obscured or occluded feature in a printed or displayed versions. The rendered version is unaffected by the unrenderable designator because it does not result in any displayable features. The unrenderable designator is stored in a display list of the media item and appears as an attribute of objects such that the function to cause the display object to be undisplayable, or unrenderable, are not immediately apparent. The DRM system encodes a designator in an attribute of a display object for rendering according to a media rendering format such as PDF, such that the designator causes the display object to be unrenderable and indicates the origin of the media item.

Abstract: Various embodiments of a system and method for parts-based digital rights management are described. Various embodiments may include a digital rights management component configured to receive content comprising a plurality of portions of content. The digital rights management component may also receive a license for the encrypted content; the license may include a plurality of permissions each specific to a respective portion of the content. Additionally, each permission may specify one or more access privileges for the respective portion of the content. The digital rights management component may receive a digital signature for the entire license. The digital rights management component may validate the digital signature to determine that the permissions have not been modified. The digital rights management component may also be configured to, in response to determining that said permissions have not been modified, provide access to content in accordance with said license including said permissions.

Abstract: Various embodiments of a system and method for transparently authenticating a user to a digital rights management entity are described. In various embodiments, a digital rights management server may be configured to receive an authentication token from a first remote computer system. Such authentication token may indicate that a particular user of the first remote computer system was authenticated by a first content provider of one or more content providers. In various embodiments, the digital rights management server may also be configured to verify the authentication token by determining that one or more portions of the authentication token were generated based on respective authentication information issued to the first content provider. In various embodiments, the digital rights management server may also be configured to, in response to verification of the authentication token, issue to the first remote computer system one or more credentials.

Abstract: Protected content that has been encrypted according to an encryption algorithm is individualized for a consumer according to pseudorandomly-generated individualization data values and individualization indexes. When different instances of individualized protected content are generated from the same protected content for different consumers, the different instances differ in content. To generate the individualized protected content, a packaging component is configured to identify pseudorandom intervals within the protected content using the individualization indexes, and for each given one of the intervals, to combine the protected content included within the given interval with a respective one of the individualization values according to a reversible data transform operation. The data transform operation is less computationally expensive than the given encryption algorithm.

Abstract: Various embodiments of a system and method for digital rights management using digital signatures are described. Various embodiments may include a digital rights management component configured to receive license data including user information and an encrypted decryption key. The digital rights management component may also receive a digital signature and encrypted content data. The digital rights management component may, in response to determining that the digital signature is a valid digital signature of the license data, generate on a device, a message including the user information. The digital rights management component may also perform a key derivation function on the user information to generate a result, generate a decryption key by decrypting the encrypted decryption key with the result of the key derivation function, and decrypt the encrypted content data with the generated decryption key to generate unencrypted content data.