EWS-001602
`
`Early Warning Services 1002
`IPR of U.S. Pat. No. 8,887,308
`
`

`

`Co-pending U.S. Appl. No. 13/397,517 documentreference: Nov. 26,
`2012.
`Co-pending U.S. Appl. No. 13/397,517, document reference: Nov.
`26, 2012.
`Liu et al. 2004 NPL—ALicense-sharing scheme in Digital Rights
`Management.
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Nov. 26,
`2012 Index of Claims.
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Nov. 26,
`2012 Examiner’s search strategy and results.
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Nov. 26,
`2012 Non Patent Literature—Baiyaet al. U.S. Appl. No. 61/307,196.
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Nov. 26,
`2012 Search information including classification, databases and
`other search related notes.
`Co-pending U.S. Appl. No. 13/397,517 documentreference: May 31,
`2012 Non-Final Rejection.
`Co-pending U.S. Appl. No. 13/397,517 documentreference: May 31,
`2012.
`Co-pending U.S. Appl. No. 13/397,517 documentreference: May 31,
`2012 Index of Claims.
`Co-pending U.S. Appl. No. 13/397,517 documentreference: May 31,
`2012 Examiner’s search strategy and results.
`
`
`
`
`
`
`
`Co-pending U.S. Appl. No. 13/397,517 documentreference: May 31,
`2012 Bibliographic Data Sheet.
`Co-pending U.S. Appl. No. 13/397,517 document reference May 31,
`2012 Search information including classification, databases and.
`other search related notes.
`
`Co-pending U.S. Appl. No. 13/397,517 documentreference Feb. 4,
`2013 Notice of Allowanc and Fees Due (PTOL-85).
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Feb.4,
`2013 Examinerinitiated interview summary (PTOL-413B).
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Feb.4,
`2013 Examiner’s Amendment and Detailed Action.
`
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Feb.4,
`2013 Issue Information including classification, examiner, name,
`claim, renumbering,etc.
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Feb.4,
`2013.
`
`
`
`US 8,533,860 B1
`Page 2
`
`(56)
`
`References Cited
`
`OTHER PUBLICATIONS
`
`
`
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Feb.4,
`2013 Index of Claims.
`
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Feb.4,
`2013 Search information including classification, databases and.
`other search related notes.
`
`Co-pending U.S. Appl. No. 13/397,517 documentreference: Feb.4,
`2013 Examiner’s search strategy and results.
`
`* cited by examiner
`
`EWS-001603
`
`EWS-001603
`
`

`

`U.S. Patent
`
`Sep. 10, 2013
`
`Sheet 1 of 7
`
`US 8,533,860 B1
`
`}S4I5
`
`UONoe@UUOD
`
`ginpow
`
`uoneonueyiny
`
`ainpoy|
`
`\d19994
`
`a]npow
`
`
`
`a|npowjsenbay
`
`
`
`3d1I9991puod8S
`
`ajnpow
`
`
`
`ainpoy\Bulpuesg
`
`LbOld
`
`EWS-001604
`
`EWS-001604
`
`

`

`U.S. Patent
`
`Sep. 10, 2013
`
`Sheet 2 of 7
`
`US 8,533,860 B1
`
`uondAsoug
`
`ainpow
`
`uoHoa}eS
`
`¢OlA
`
`EWS-001605
`
`eseqeleq
`uoNeZIWO\sND
`pJOMSsed
`
`ainpow
`
`ainpow
`
`ainpow
`
`ainpow
`
`EWS-001605
`
`

`

`U.S. Patent
`
`Sep. 10, 2013
`
`Sheet 3 of 7
`
`US 8,533,860 B1
`
`j
`{
`
`i
`
`i
`
`KODEKEY GUI
`PLEASE ENTER YOUR CODE |
`AND PRESS THE REDEEM |
`BUTTON.
` PWERISRIT2S
`:
`
`L.-T m
`
`i
`
`|"
`i[
`|
`
`306
`
`|
`APIWEBSITE .COM GUI
`LOG IN TO CONTINUE.
`|
`|
`|
`|
`| LOGIN 1:
`|
`(USEREMALGMEMBER.COM]
`{
`.
`! PASSWORD «
` X¥Z987654921
`|
`
`Le aes eo ees ee wee eeee
`
`|
`|
`|
`!
`|
`I
`|
`
`
`
`DATABASE
`
`DATABASE
`
`
`
`FIG. 3
`
`EWS-001606
`
`EWS-001606
`
`

`

`U.S. Patent
`
`Sep. 10, 2013
`
`Sheet 4 of 7
`
`US 8,533,860 B1
`
`407weCo
`|
`APIWEBSITE COMGUI
`|
`
`| LOGINTO CONTINUE.—|
`408
`|
`|
`| LOGIN 1D:
`|
`ENABLERACCESSREQUEST. f | USEREMAIL@MEMBER.COM|
`|
`i
`i
`| PASSWORD:
`
`
`401
`
`ACTION;
`
`
`“SIGNIN
`
`
`LowLe a
`
`= “ y
`
`
`oo
`
`eo 408
`
`409
`
`DATABASE
`
`
`DATABASE {-405||PRODUCT METADATA
`
`
`
`
`[--402
`
`FIG. 4
`
`EWS-001607
`
`EWS-001607
`
`

`

`U.S. Patent
`
`Sep. 10, 2013
`
`Sheet 5 of 7
`
`US 8,533,860 B1
`
`}
`
`=}
`
`Loo
`
`DATABASE DATABASE
`
`|
`APIWEBSITE.COMGUI
`i
` STR3EMMACHINE
`|
`LOGINTOCONTINUE.
`|
`GUI
`508
`[PLEASE CONNECT OR LOADA |
`!
`! nen iD:
`+5
`TKEY FILE19AUTHORIZE THIS |
`|
`|
`[USEREMAIL@MEMBERCOM]
`I
`| PASSWORD ;
`|
`|
`(XYZ987654321
`COMNCT Tbe
`
`(OADKeyFILE}+503 ! AUTHORIZE ) |
`
`
`
`
`LoweT d
`
`507
`
`EWS-001608
`
`EWS-001608
`
`

`

`U.S. Patent
`
`Sep. 10, 2013
`
`Sheet 6 of 7
`
`US 8,533,860 B1
`
`Receive a branding requestfrom at least
`one communications console of the
`
`plurality of data processing devices
`
`Authenticate the membership verification
`token
`
`Establish connection with the at least
`one communications console
`
`
`
`Requestat least one electronic
`identification reference from the at least
`one communications console
`
`Receive the at least one electronic
`identification reference from the at least
`one communications console
`
`Brand metadata of the encrypted digital
`
`media
`
`End
`
`FIG.6
`
`602
`
`604
`
`606
`
`608
`
`610
`
`612
`
`EWS-001609
`
`EWS-001609
`
`

`

`U.S. Patent
`
`Sep. 10, 2013
`
`Sheet 7 of 7
`
`US 8,533,860 B1
`
`
`
`Select one or media items to form the
`encrypted digital media
`
`Enter a master password which provides
`accessto the encrypted digital media for
`editing
`
`
`
`Customize user access panel of the
`encrypted digital media
`
`—
`Connect the encrypted digital media to a
`database of membership verification
`tokens
`
`Encrypt the one or more media items to
`
`create the encrypted digital media
`
`End
`
`FIG.7
`
`702
`
`704
`
`706
`
`708
`
`710
`
`EWS-001610
`
`EWS-001610
`
`

`

`US 8,533,860 B1
`
`1
`PERSONALIZED DIGITAL MEDIA ACCESS
`SYSTEM—PDMASPARTIT
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This applicationis a continuation of and claimsthe priority
`benefit of U.S. patent application Ser. No. 13/397,517 filed
`Feb. 15, 2012, now pending, which is a continuation of Ser.
`No. 12/985,351 filed Jan. 6, 2011, now abandoned, whichis a
`continuation of Ser. No. 12/728,218 filed Mar. 21, 2010, now
`abandoned. Each patent application identified above is incor-
`porated here by reference in its entirety to provide continuity
`of disclosure.
`
`BACKGROUND OF THE INVENTION
`
`1. Field of the Invention
`The present invention relates to the field of digital rights
`management schemesusedbycreatorsof electronic products
`to protect commercial intellectual property copyrights privy
`to illegal copying using computerized devices. More specifi-
`cally, the present invention teaches a more personal system of
`digital rights management which employselectronic ID, as
`part of a web service membership, to manage access rights
`across a plurality of devices.
`2. Description of the Prior Art
`Digital rights management (DRM)is a generic term for
`access control technologies used by hardware manufacturers,
`publishers, copyright holders and individuals to impose limi-
`tations on the usage of digital content across devices. DRM
`refers to any technology that inhibits undesirable or illegal
`uses ofthe digital content. The term generally doesn’t refer to
`forms of copy protection that can be circumvented without
`modifying the file or device, such as serial numbers or key
`files. It can also refer to restrictions associated with specific
`instances of digital works or devices.
`Traditional DRM schemes are defined as authentication
`
`components added to digital files that have been encrypted
`from public access. Encryption schemes are not DRM meth-
`ods but DRM systems are implemented to use an additional
`layer of authentication in which permission is granted for
`accessto the cipher key required to decryptfiles for access. A
`computerserver is established to host decryption keys and to
`accept authentication keys from Internet connected client
`computers running client software in which handles the
`encrypted files. The server can administer different authori-
`zation keys backto the client computer that can grant different
`sets of rules and a time frame granted before the client is
`required to connect with the server to reauthorize access
`permissions. In some cases content can terminate access after
`a set amountof time, or the process can break if the provider
`of the DRMserverever ceases to offer services.
`In the present scenario, consumerentertainmentindustries
`are in the transition of delivering products on physical media
`such as CD and DVDto Internet delivered systems. The
`Compact Disc, introducedto the public in 1982, wasinitially
`designed as a proprietary system offering strict media to
`player compatibility. As the popularity of home computers
`and CD-ROMdrives rose, so did the availability of CD rip-
`ping applications to makelocal copies ofmusic to be enjoyed
`withoutthe useofthe disc. After a while, users found ways to
`share digital versions of music in the form of MP3files that
`could be easily shared with family and friends over the Inter-
`net. The DVD format introduced in 1997 included a new
`apparatus for optical discs technology with embedded copy
`protection schemesalso recognized as an early form of DRM.
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`With internet delivered music and video files, DRM schemes
`has been developed to lock acquired media to specific
`machines and mosttimes limiting playback rights to a single
`machine or among a limited number of multiple machines
`regardless ofthe model number. This was achieved by writing
`the machine device ID to the metadata of the mediafile, then
`cross referencing with a trusted clearinghouse according to
`pre-set rules. DRM systems employed by DVD and CDtech-
`nologies consisted of scrambling (also known as encryption)
`disc sectors in a pattern to which hardware developed to
`unscramble (also known as decryption) the disc sectors are
`required for playback. DRM systems built into operating
`systems such as Microsoft WindowsVista block viewing of
`media when an unsigned software application is running to
`prevent unauthorized copying of a media asset during play-
`back. DRM used in computer games such as SecuROM and
`Steam are used to limit the amountoftimesa usercaninstall
`
`a game on a machine. DRM schemes for e-books include
`embedding credit card information and other personal infor-
`mation inside the metadata area of a delivered file format and
`restricting the compatibility of the file with a limited number
`of reader devices and computer applications.
`In a typical DRM system, a product is encrypted using
`Symmetric block ciphers such as DES and AESto provide
`high levels of security. Ciphers known as asymmetric or pub-
`lic key/private key systems are used to manage access to
`encrypted products. In asymmetric systems the key used to
`encrypt a productis not the sameas that used to decryptit. If
`a producthas been encrypted using one key of a pair it cannot
`be decrypted even by someoneelse whohasthat key. Only the
`matching key of the pair can be used for decryption. After
`receiving an authorization token from a first-use action are
`usually triggers to decrypt block ciphers in most DRM sys-
`tems. Userrights andrestrictions are established during this
`first-use action with the corresponding hosting device of a
`DRMprotected product.
`Examples of such prior DRM art include Hurtado (U.S.
`Pat. No. 6,611,812) who described a digital rights manage-
`ment system, where upon request to access digital content,
`encryption and decryption keys are exchanged and managed
`via an authenticity clearing house. Other examples include
`Alve (U.S. Pat. No. 7,568,111) who teaches a DRM and
`Tuoriniemi (U.S. Pat. No. 20090164776) who described a
`management schemeto control access to electronic content
`by recording use across a plurality oftrustworthy devices that
`has been granted permission to work within the scheme.
`Recently, DRM schemes have proven unpopular with con-
`sumers and rights organizations that oppose the complica-
`tions with compatibility across machines manufactured by
`different companies. Reasons given to DRM opposition
`range from limited device playbackrestrictions to the loss of
`fair-use which defines the freedom to share media products
`will family members.
`Prior art DRM methodsrely on content providers to main-
`tain computer servers to receive and send session authoriza-
`tion keys to client computers with an Internet connection.
`Usually rights are given from the server for an amountoftime
`or amountofaccess actions before a requirement to reconnect
`with the serveris required for reauthorization. At times, con-
`tent providers will discontinue servers or even go out of
`business someyears after DRM encrypted content was sold to
`consumers causing the ability to access files to terminate.
`In the light ofthe foregoing discussion, the current states of
`DRM measures are not satisfactory because unavoidable
`issues can arise such as hardwarefailure or property theft that
`could lead to a paying customerloosing the right to recover
`purchased products. The current metadata writable DRM
`
`EWS-001611
`
`EWS-001611
`
`

`

`US 8,533,860 B1
`
`3
`measures do not offer a way to provide unlimited interoper-
`ability between different machines. Therefore, a solution is
`needed to give consumers the unlimited interoperability
`between devices and“fair use”sharing partners for an infinite
`time frame while protecting commercial digital media from
`unlicensed distribution to sustain long-term return of invest-
`ments.
`
`SUMMARYOF THE INVENTION
`
`An object of the present invention is to provide unlimited
`interoperability of digital media between unlimited machines
`with managementof end-user accessto the digital media.
`In accordance with an embodimentof the present inven-
`tion, the invention is a process of an apparatus which in
`accordance with an embodiment, another apparatus, tangible
`computer medium,or associated methods (herein referred to
`as The App) is used to: handle at least one branding action
`which could include post read and write requests of at least
`one writable metadata as part of at least one digital media
`asset to identify and manage requests from at least one excel-
`sior enabler, and can further identify and manage requests
`from a plurality of connected second enablers; with at least
`one token andat least one electronic identification reference
`
`received from the at least one excelsior enabler utilizing at
`least one membership. Here, controlled by the at least one
`excelsior enabler, The App will proceedto receive the at least
`one tokento verify the authenticity ofthe branding action and
`further requests; then establish at least one connection with at
`least one programmable communications console of the at
`least one membership to request and receive the at least one
`electronic identification reference; and could request and
`receive other data information from the at least one member-
`
`ship. The method then involves sending and receiving vari-
`able data information from The Appto the at least one mem-
`bership to verify a preexisting the at least one branding action
`of the at least one writable metadata aspart of the at least one
`digital media asset; or to establish permission or denial to
`execute the at least one branding action or the post read and
`write requests ofthe at least one writable metadata. To dothis,
`controlled by the at least one excelsior enabler. The App may
`establish at least one connection, whichis usually through the
`Internet, with a programmable communications console,
`which is usually a combination of an API protocol and
`graphic user interface (GUI) as part of a web service. In
`addition, the at least one excelsior enabler provides reestab-
`lished credentials to the programmable communications con-
`sole as part of the at least one membership, in which The App
`is facilitating and monitoring, to authenticate the data com-
`munications session used to send and receive data requests
`between the at least one membership and The App.
`In accordance with another embodimentof the present
`invention, the present invention teaches a method for moni-
`toring access to an encrypted digital media and facilitating
`unlimited interoperability between a plurality of data pro-
`cessing devices. The method comprises receiving a branding
`request from at least one communications console of the
`plurality of data processing devices, the branding request
`being a read and write request of metadata of the encrypted
`digital media, the request comprising a membership verifica-
`tion token corresponding to the encrypted digital media. Sub-
`sequently, the membership verification token is authenti-
`cated, the authentication being performed in connection with
`a token database. Thereafter, connection with the at least one
`communications console is established. Afterwards, at least
`oneelectronic identification reference is requested from the at
`least one communications console. Further, the at least one
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`electronic identification reference is received from theatleast
`
`one communications console. Finally, branding metadata of
`the encrypted digital media is performed by writing the mem-
`bership verification token and the electronic identification
`reference into the metadata.
`
`The presentinvention is particularly usefulfor giving users
`the freedom to use products outside ofthe device in which the
`product was acquired and extend unlimited interoperability
`with other compatible devices.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`For a more complete understanding of the present inven-
`tion, the needssatisfied thereby, and the objects, features, and
`advantages thereof, reference now is madeto the following
`description taken in connection with the accompanying draw-
`ings.
`FIG. 1 shows a system for monitoring access to an
`encrypted digital media according to an embodimentof the
`present invention.
`FIG. 2 shows a system for authoring an encrypted digital
`media according to an embodimentofthe present invention.
`FIG. 3 showsa flow chart giving an overview ofthe process
`of digital media personalization according to an embodiment
`of the present invention.
`FIG.4 showsa flow chart giving an overview ofthe process
`of an access request made by an enabler according to an
`embodimentof the present invention.
`FIG.5 showspersonalized digital rights management com-
`ponent as part of a compatible machine with writable static
`memory.
`FIG. 6 shows a flowchart for monitoring access to an
`encrypted digital media according to an embodimentof the
`present invention
`FIG. 7 showsa flowchart showing authoring an encrypted
`digital media according to an embodiment of the present
`invention.
`Skilled artisans will appreciate that elementsin the figures
`are illustrated for simplicity and clarity and have not neces-
`sarily been drawn to scale. For example, the dimensions of
`someof the elements in the figures may be exaggerated rela-
`tive to other elements to help to improve understanding of
`embodiments of the present invention
`
`DETAILED DESCRIPTION OF THE DRAWINGS
`
`the particular system and
`Before describing in detail
`methodfor personalised digital media access system in accor-
`dance with an embodiment ofthe present invention,it should
`be observed that the present invention resides primarily in
`combinations of system componentsrelated to the device of
`the present invention.
`Accordingly, the system components have been repre-
`sented where appropriate by conventional symbols in the
`drawings, showing only those specific details that are perti-
`nent to understanding the present invention so as not to
`obscure the disclosure with details that will be readily appar-
`ent to those of ordinary skill in the art having the benefit ofthe
`description herein.
`In this document, relational terms such as‘first’ and ‘sec-
`ond’, andthe like may be usedsolely to distinguish one entity
`or action from another entity or action without necessarily
`requiring or implying any actual such relationship or order
`between such entities or actions. The terms ‘comprises’,
`‘comprising’, or any other variation thereof, are intended to
`cover a non-exclusive inclusion, such that a process, method,
`article, or apparatus that comprisesa list of elements does not
`
`EWS-001612
`
`EWS-001612
`
`

`

`US 8,533,860 B1
`
`5
`include only those elements but may include other elements
`not
`expressly
`listed or
`inherent
`to
`such process,
`method,article, or apparatus. An element proceeded by ‘com-
`prises . ..a’ does not, without more constraints, preclude the
`existence of additional identical elements in the process,
`method,article, or apparatus that comprises the element.
`The present invention is directed at providing infinite
`accessrights of legally acquiredat least one encrypted digital
`media asset to the content acquirer, explained in this docu-
`mentas the excelsior enabler, and optionally to their recog-
`nized friends and family, explained in this document as a
`plurality of secondary enablers. To explain further, the excel-
`sior enabler and secondary enablers defined comprises
`human beings or computerized mechanisms programmedto
`process steps of the invention as would normally be done
`manually by a human being. Additionally, an apparatus used
`alone or in accordance with an embodiment, another appara-
`tus, tangible computer medium,or associated methods with a
`connection are needed (herein referred to as The App). To
`deliver the requirements ofthe invention, communicative and
`connected elements comprise: verification, authentication,
`electronic ID metadata branding, additional technical brand-
`ing, and cross-referencing. The connection handling the com-
`municative actions of the invention will usually be the Inter-
`net and can also be an internal apparatus cooperative. The
`App can further be defined as a Windows OS, Apple OS,
`Linux OS, and other operating systems hosting software run-
`ning on a machine or device with a capable CPU, memory,
`and data storage. The App can be even further defined as a
`system on a chip (SOC), embeddedsilicon, flash memory,
`programmable circuits, cloud computing and runtimes, and
`other systems of automated processes.
`The digital media assets used in this system are encrypted
`usually with an AES cipher and decryption keys are usually
`stored encoded, no encoded, encrypted, or no encrypted as
`part of the apparatus or as part of a connection usually an
`Internet server. As explainedearlier, the system we will dis-
`cuss will work as a front-end to encryptedfiles as an autho-
`rization agent for decrypted access.
`FIG. 1 shows a system 100 for monitoring access to an
`encrypted digital media according to an embodimentof the
`present invention. The system 100 includesa first recipient
`module 102, an authentication module 104, a connection
`module 106, a request module 108, a second receipt module
`110 and a branding module 112. Thefirst receipt module 102
`receives a branding request from at least one communications
`console ofthe plurality of data processing devices. The brand-
`ing request is a read and write request of metadata of the
`encrypted digital media and includes a membership verifica-
`tion token corresponding to the encrypted digital media.
`Examples ofthe encrypted digital media includes, and are not
`limited to, one or moreof a video file, audio file, container
`format, document, metadata as part of video game software
`and other computer based apparatus in which processed data
`is facilitated.
`Subsequently, the authentication module 104 authenticates
`the membership verification token. The authentication is per-
`formed in connection with a token database. Further, the
`connection module 106 establishes communication with the
`at least one communication console.
`According to an embodimentof the present invention, the
`connection is established through one of internet, intranet,
`Bluetooth, VPN, Infrared and LAN.
`According to another embodimentofthe present invention,
`the communication console is a combination of an Applica-
`tion Programmable interface (API) protocol and graphic user
`interface (GUI) as a part of web service. The APIis a set of
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`6
`routines, data structures, object classes, and/or protocols pro-
`vided by libraries and/or operating system services. The API
`is either one of language dependentor language independent.
`The request module 108 requests at least one electronic
`identification reference from the at least one communication
`
`console. The second receipt module 110 receives theat least
`one electronic identification reference from the least one
`
`communication console. The branding module 112 brands
`metadata of the encrypted digital media by writing the mem-
`bership verification token and the electronic identification
`into the metadata.
`FIG. 2 shows a system 200 for authoring an encrypted
`digital media according to an embodiment of the present
`invention. Thefigure includes a selection module 202, a pass-
`word module 204, a customization module 206, a database
`module 208 and an encryption module 210. The selection
`module 202facilitates selection ofone or more media itemsto
`
`form the encrypted digital media. Examples of the one or
`media itemsinclude, and are not limited to, one or more of a
`video, an audio and a game.
`According to an embodimentof the present invention, the
`one or more media itemsare one or more ofremote URLlinks
`and local mediafiles.
`
`The password module 204 prompts the user to enter a
`master password which provides access to the encrypted digi-
`tal media. Subsequently,
`the customization module 206
`allows the user to customize the user access panel of the
`encrypted digital media.
`According to an embodimentof the present invention, the
`customization module 206 facilitates adding one or more of a
`banner, a logo, an image, an advertisement, a tag line, a header
`message andtextual information to the user access panel of
`the encrypted digital media.
`Further, the database module 208 connects the encrypted
`digital media to a database of membership verification token
`required for decrypting the encrypted digital media.
`According to an embodimentof the present invention, the
`membership verification token 1s a kodekey. The kodekeyis a
`unique serial numberassignedto the encrypted digital media.
`The encryption module 210 encrypts the one or more
`media items to create the encrypted digital media.
`According to an embodimentof the present invention, the
`system 200 further includes a watermark module. The water-
`mark module watermarks information on the encrypted digi-
`tal media, wherein the watermark is displayed during play-
`back of the encrypted digital media.
`According to another embodimentofthe present invention,
`the system 200 further includes an access module. The access
`module allows the user to define access rights. Examples of
`the access rights include, but are not limited to, purchasing
`rights, rental rights and membership access rights.
`According to yet another embodimentofthe present inven-
`tion, the system 200 further includes a name module. The
`name module allows the user to name the encrypted digital
`media.
`FIG. 3 showsa flow chart giving an overview ofthe process
`of digital media personalization according to an embodiment
`ofthe present invention. The process 1s achieved by way of an
`enabler using an apparatus or otherwise known as an appli-
`cation in which facilitates digital media files. The apparatus
`interacts with all communicative parts required to fulfill the
`actionsofthe invention. The figure shows a Kodekey Graphi-
`cal User Interface (GUI) 301, a product metadata 302, a
`networking card 303, internet 304, 306 and 308, database 305
`and 309 and an APIwebsite.com GUI 307. A user posts a
`branding request via the Kodekey GUI interface 301. The
`Kodekey GUI interface 301 is the GUIfor entering token. The
`
`EWS-001613
`
`EWS-001613
`
`

`

`US 8,533,860 B1
`
`7
`Kodekey GUI interface 301 prompts the user to enter the
`token and press the redeem button present on the Kodekey
`GUlinterface 301. The product metadata 302 is read/writable
`metadata associated with the digital media to be acquired.
`The networking card 303 facilitates querying of optional
`metadata branding process and referenced. The Kodekey GUI
`interface is connectedto the database 305via the internet 304
`
`through the networking card 303. The database 305 is the
`database used to read/write and store the tokens, also referred
`to as token database. The user is redirected to the APIweb-
`
`site.com GUI 307 throughthe internet 306. The APIwebsite-
`.com is the GUI to the membership API in which the elec-
`tronic ID is collected and sent back to the Kodekey GUI
`interface 301. The APIwebsite.com GUI307 prompts the user
`to enter a login id and a passwordto access the digital media
`whichis acquired from the database 309 through the internet
`308. The database 309 is the database connected to the web
`
`service membership in which the user’s electronic ID is que-
`ried from.
`
`Examples ofthe encrypted digital files include, and are not
`limitedto, a videofile, an audiofile, container formats, docu-
`ments, metadata as part of video game software and other
`computer based apparatus in which processed data is facili-
`tated.
`
`FIG. 4 showsa flow chart giving an overview ofthe process
`of an access request made by an enabler according to an
`embodimentofthe present invention. Subsequently, the com-
`municative parts to cross-reference information stored in the
`metadata of the digital media asset are checked which has
`been previously handled by the process of FIG. 1. The figure
`showsan enabler access request 401, a product metadata 402,
`a networking card 403, an internet 404, 406 and 408, a data-
`base 405 and 409 and an APlwebsite.com GUI 407, The
`enabler access request 401 facilitates the user to make a
`request for the digital media. The product metadata 402 is
`read/writable metadata associated with the digital media to be
`acquired. The networking card 403 facilitates querying of
`optional metadata branding process and referenced. The data-
`base 405 is the database used to read/write and store the
`tokens. The APIwebsite.com GU]407 is the GU]in which the
`
`electronic ID is collected and sent back to the Kodekey GUI
`interface 301. The APIwebsite.com GUI 407 prompts the user
`to enter a login id and a passwordto access the digital media
`from the database 409 throughthe internet 408. The database
`409is the database connectedto the web service membership
`in which the user’s electronic ID is queried from.
`FIG.5 showspersonalizeddigital rights management com-
`ponentas part of a compatible machine with writable static
`memory. The figure represents an authorization sequence
`action in which a machine is authorized to accept a person-
`alized digital media file. The figure includes STR3EM
`Machine GUI 501 including the connect icon 502, a load key
`file icon 503, a networking card 504, an internet 505, 508 and
`510, a database 506 and 511, a machine memory 507 and a
`APIwebsite.com GUI 509. The STR3EM Machine GUI 501
`prompts the user to connector load a keyfile to authorize the
`device through the connect icon 502 andthe load keyfile icon
`503. The STR3EM Machine GUI 501 is connected to the
`networking card 504. The networking card 504 facilitates
`querying of optional metadata branding process andrefer-
`enced. Further, the STR3EM machine GUI 501 is connected
`to the database 506 via the internet 505. The database 506 is
`the database used to read/write and store the tokens. More-
`over, STR3EM Machine GUI 501 is connected to the
`machine memory 507. The machine memory 507 represents
`the internal memory of the machine or device so authoriza-
`tions can be saved for access of the digital media. The API-
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`8
`website.com GU] 509 is connected to the STR3EM machine
`GUIthroughthe internet 508. Further, APIwebsite.com GUI
`509 is connected to the database 511 throughthe internet 510.
`The APIwebsite.com GUI 509 prompts the user to enter the
`login id and a password to authorize the access to digital
`media. The database 511 is the database connected to the web
`service membership in which the user’s electronic ID is que-
`ried from.
`FIG. 6 shows a flowchart for monitoring access to an
`encrypted digital media according to an embodimentof the
`present invention. At step 602, a branding request is made by
`auser from at least at least one communications console ofthe
`
`plurality of data processing devices. The branding requestis
`a read and write request of metadata of the encrypted digital
`media.
`According to an embodimentof the present invention, the
`request
`includes a membership verification token corre-
`sponding to the encrypted digital media.
`Subsequently,
`the membership verification token is
`authenticated at step 604. The authentication is performedin
`connection with a token database. Further, connection with
`the at least communication console is established at step 606.
`Afterwards, at least one electronic identification reference is
`requested from the at least one communications console at the
`step 608. At step 610, at least one electronic identification
`reference in received from the at least one communication
`
`console. Finally, metadata of the encrypted digital media is
`branded by writing the membership verification token and the
`electronic identification reference into the metadata at the
`
`step 612.
`FIG. 7 showsa flowchart showing authoring an encrypted
`digital media according to an embodiment of the present
`invention. At step 702, o