`Case 6:20'CV'00397'ADA D"c“ml‘lllllllllfllllflllll11111111111111Ifllfillflllllllfllfilll||||||||
`
`US010095848B2
`
`(12) United States Patent
`US 10,095,848 B2
`Phadke et al.
`(45) Date of Patent:
`*Oct. 9, 2018
`
`(10) Patent No.:
`
`(54)
`
`SYSTEM, METHOD AND APPARATUS FOR
`SECURELY DISTRIBUTING CONTENT
`
`(71)
`
`(72)
`
`Applicant: paSafeShare LLC, Colts Neck, NJ
`(US)
`
`Inventors: Madhav S Phadke, Colts Neck, NJ
`(US); Kedar M Phadke, Colts Neck,
`NJ (US)
`
`(73)
`
`Assignee: PASAFESHARE LLC, Colts Neck, NJ
`(US)
`
`(*)
`
`Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 106 days.
`
`This patent is subject to a terminal dis-
`claimer.
`
`(21)
`
`Appl. No.: 15/276,265
`
`(22)
`
`Filed:
`
`Sep. 26, 2016
`
`(65)
`
`(63)
`
`(60)
`
`(51)
`
`Prior Publication Data
`
`US 2017/0024551 A1
`
`Jan. 26, 2017
`
`Related US. Application Data
`
`Continuation-in-part of application No. 14/029,021,
`filed on Sep. 17, 2013, now Pat. No. 9,455,961, which
`is
`a
`continuation-in-part
`of
`application No.
`13/162,209, filed on Jun. 16, 2011, now Pat. No.
`9,615,116.
`
`Provisional application No. 61/702,292, filed on Sep.
`18, 2012.
`
`Int. Cl.
`
`G06F 21/16
`H04L 29/06
`H04N 21/254
`H04N 21/4627
`
`(2013.01)
`(2006.01)
`(2011.01)
`(2011.01)
`
`10,0.
`
`(52) us. Cl.
`CPC .......... G06F 21/16 (2013.01); H04L 63/0428
`(2013.01); H04N 21/2541 (2013.01); H04N
`21/4627 (2013.01); H04L 2463/04] (2013.01)
`(58) Field of Classification Search
`CPC ....................................................... G06F 21/ 16
`
`See application file for complete search history.
`
`(56)
`
`References Cited
`U. S. PATENT DOCUMENTS
`
`6,185,684 B1
`6,389,538 B1
`7,016,498 B2 *
`
`7,174,373 B1
`7,203,966 B2
`7,272,723 B1
`
`2/2001 Pravetz et a1.
`5/2002 Gruse et a1.
`3/2006 Peinado .................... H04L 9/00
`380/277
`
`2/2007 Lausier
`4/2007 Abburi et a1.
`9/2007 Abbott et a1.
`(Continued)
`
`OTHER PUBLICATIONS
`
`DCI, “DCI Specification Errata Listing”, 2006.
`(Continued)
`
`Primary Examiner 7 Kambiz Zand
`Assistant Examiner 7 Thanh H Le
`
`(74) Attorney, Agent, or Firm 7 Meagner Emanuel Laks
`Goldberg & Liao, LLP
`
`(57)
`
`ABSTRACT
`
`System, method and apparatus for securely distributing
`content Via an encrypted file wherein a Publisher Key (PK)
`associated with an authorized publisher enables presentation
`of the content by the authorized user Via a Limited Capa-
`bility Viewer (LCV),
`the LCV lacking the capability to
`forward, print, copy or otherwise disseminate the content to
`be presented unless available advanced permissions are
`granted to the authorized user.
`
`19 Claims, 11 Drawing Sheets
`
`Server 191
`.41--..” ;
`A
`g
`
`i4
`
`6.
`
`
`
`
`
`7")
`..__._,_______ :96
`
`Presenm‘o"
`Pmczsgmfi
`:1
`
`lrr1rr
`1nput I Output
`|nlertace(s)
`J,
`interfacesm
`Devicemfl
`‘
`.149
`“"
`lnput
`Memory m
`Dcviwm 1;)
`
`Programs 1_2_1
`Come
`Wye!
`I
`
`
`- Publication Engine 5g
`
`- Licensing Engme 1;
`r_.______._w
`g
`Content Consumer
`
`
`
`— Presentation Moduie m
`— License Requesl Module LRM
`
`
`Data Storage 12;
`
`Cumum Owng!
`- Conienl Control Data CC
`
` » Publisher Kay; m
`. Authorization Data 5Q
`
`Come!“ Consumer
`
` - Camel“ Consumer Lioensfls) 99L
`
`eunxenr Slorage m
`
`D
`
`g
`
`“WWW
`
`
`
`
`
`
`
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 2 of 25
`Case 6:20-cv-00397-ADA Document 1—3 Filed 05/14/20 Page 2 of 25
`
`US 10,095,848 B2
`
`Page 2
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`7,296,296 B2
`7,383,205 B1
`7,571,467 B1
`7,660,902 132
`8,495,751 B2
`8,627,485 B1
`2001/0051996 A1
`2002/0048369 A1
`2002/0059144 A1
`2002/0101998 A1
`2002/0184517 A1
`2002/0198846 A1
`2003/0009423 A1
`2003/0023564 A1
`2003/0079030 A1
`2003/0135466 A1
`2003/0200177 A1
`2003/0202679 A1
`2004/0193546 A1
`2005/0086501 A1
`2005/0097359 A1*
`2005/0134894 A1
`zoos/0177742 A1
`2005/0198165 A1
`zoos/0204405 A1
`2006/0048224 A1*
`
`11/2007 Dunbar et al.
`6/2008 Peinado et al.
`8/2009 Priestley et 31.
`2/2010 Graham et 31.
`7/2013 Joyce et al.
`1/2014 Phelan
`12/2001 Cooper et a1.
`4/2002 Ginter et a1.
`5/2002 Meffefi et 31,
`8/2002 Wong et a1.
`12/2002 Tadayon et al.
`12/2002 Lao
`1/2003 Wang et al.
`1/2003 Padhye eta1~
`4/2003 Cocotis etal.
`7/2003 Wang et al.
`10/2003 Kugai
`10/2003 Rodriguez
`9/2004 Tokutani et al.
`4/2005 W00 et a1.
`5/2005 Speare et 3L
`6/2005 Littman .................... G06F 3/12
`8/2005 Benson et al.
`358/1“
`9/2005 Reddel et a1.
`9/2005 Wormington et a1.
`3/2006 Duncan ................... G06F 12/14
`726/22
`
`2006/0080259 A1
`2006/0259949 A1
`2007/0240203 A1
`2008/0092181 A1
`
`4/2006 Wajs
`11/2006 Schaefer et al.
`10/2007 Beck
`4/2008 Britt
`
`2008/0240447 A1* 10/2008 Zhu ........................... H04L 9/32
`380/279
`
`10/2008 Ross et a1.
`2008/0256368 A1
`2008/0294899 A1* 11/2008 Gazzetta ................... H04L 9/14
`713/170
`
`2009/0124375 A1
`2009/0196426 A1
`2010/0008500 A1
`2010/0017599 A1
`2010/0161997 A1
`2012/0102317 A1
`2012/0102329 A1
`2012/0121236 A1
`2012/0317239 A1
`2012/0321083 A1
`
`5/2009 Patel
`8/2009 Walker et a1.
`1/2010 Lisanke et a1.
`1/2010 Sellars et a1.
`6/2010 Lee et a1.
`4/2012 Mathur et al.
`4/2012 Mittal et al.
`5/2012 Jeong et a1.
`12/2012 Mulder et a1.
`12/2012 Phadke et a1.
`
`OTHER PUBLICATIONS
`
`DCI, “Digital Cinema System Specification” “Version 1.2”, 2012.
`Wang et a1., “A Digital Cinema Playback System Compliant with
`the DCI Specification”, 2009.
`.Netlx’off semces for Ultra High
`Simewidou .ei 31" “Qpficffl
`Definition Digital Media Distribution , 2008.
`Merriam—Webster, “processor”, 2014
`
`* cited by examiner
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 3 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 3 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 1 0f 11
`
`US 10,095,848 B2
`
`WWW“WWW”
`Presen‘aiim i
`‘
`i
`Sewage.) .912 i“
`WMWW..W.M§
`kw...
`‘nput
`Devir;e{s)L:
`
`,
`
`1
`3
`I
`‘WW‘M :
`
`f Use; Device {UD} 1‘ R1
`
`: “MMWWWW“
`;
`Procesearfel
`
`g
`Communications
`:
`m .ac «13;»
`
`
`E
`i 3”
`3
`.8112. 90 ”1-155
`E
`5
`;
`«TA-w ; f 1 waWW-m‘
`N-‘D‘WOngQ
`;
`
`: Progfams 302”},
` Qaniegsgymez
`- Pubfécaiion Engine EE
`
`.
`- Licensing Engérae LE
`
`
`Comem Censumef
`
`
`-- Presentation Moduie PM
`y;
`
`0;:
`
`‘
`
`2'
`Vi
`
`«WWW mm”?
`E Sewer 19.3 i
`WWW“:
`
`
`
`
`
`I_._._.._____,_..,,., e13/
`
`
`
`
`
`
`
`-- Puhiisher Keys ____1_\_
`~ Aufihcfizafion Data AD
`
`
`
`CmtemCmn mer
`
`
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 4 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 4 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 2 0f 11
`
`US 10,095,848 B2
`
`Egg
`F K; . 2
`
`
`"3.15
`m...
`210
` . Receive 1" Seieet Cement or
`
`~ Dara Fiie
`'
`»- Streaming Media Link r” URL
`
`— Other
`
`..
`
`E 225
`
`
`.
`Cement Link for Pubiiceiaon
`
`‘E
`
`; C(Jnieni Owner information
`i
`— Unique iD
`— Website
`-- Acé-flrese
`— Emaii
`
`"E
`E
`
`m.m.......__._.mw1
`
`!
`
`— One or more flies er Rinks
`
`- Specified Publisher Hey
`- Speerfied Siafirifixpiry
`~ Tiered keys 1 types
`~- Other (rimstrairiie
`
`
`i213“
`~ Emaii
`
`
`
`— FTP
`
`-- Streaming media
`
`- Combination
`-- Other
`
`L...
`
`my
`
`
`
`Send Pretecied Documeni
`
`-.. Package reward authorized
`cement cans-amen; !
`
`presenters
`
`j 2
`
`38
`
`— Auiher informatierr
`~ CopyrighifDaia rights- info
`
`»- Other
`WW Expire Dates; I Times:
`
`
`1iNJ5(.77
`
`Determine License Start and
`5
`
`
`-~ Password Layer
`- Encryption Type
`
`
`Determine any oiher iicense
`correiraireie
`_ Pressenietism Program ’iype
`
`— iP Address Range
`
`-- Aiipwed iiieiriains;
`— Other(PERMISSIONS LIMITAT NS)
`
`\
`
`255
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 5 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 5 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 3 of 11
`
`US 10,095,848 B2
`
`33$}
`HG 3
`
`
`317$?”wwwwwwww
`
`~ Pubéésher Key!
`Tiered PubEésher Key
`- License start and
`
`expiry dates
`_ License terms and
`types
`, Other
`iamememmm
`
`2
`3
`i
`
`Mummy................u
`
`3‘ 34K}
`§ Store dam fiie or
`E streaming media
`E within encrygzted
`g temp gackage on
`E Eocza! machirae
`
`2
`‘33"
`
`
`5213
`
`
`v Receive and execute PD?
`data structure er PUP fink
`
`32:C .4
`
`
`
`
`CQR1PE{8 existing iicenses {CCL{$))
`m PEP Eisense requirements
`
`
`
` i fifiQ
`
`
`3.53%
`Pmseat daia fife 05‘
`
`Retrieve Eimifiefi
`media in pretested
`
`mccfie of erégénai
`capahiiity viewer
`
`pregmm Of viewer
`pregram if
`
`
`
`needed
`progsam
`'
`
`
`
`...........................................3
`ii:
`i3
`
`- Specified Pubiisher :
`Key
`,
`» Content Consume;
`
`g
`
`‘ Datails
`~ igawnem Uecus
`— Beaver}: dezaiis
`("y
`~ “{E‘ :5
`(3 her
`P RMISSIONS
`mw
`
`i
`
`Generate
`
`
`Contem
`
`
`Cmsumer
`License Request
`CCLR fer
`
`
`Send. CCLR to
`cement owner
`
`
`
`
`Waifi for 8-2:.
`{mm content
`
`
`owner
`
`
`$9.0. C0,
`
`
`Received ?
`
`
`
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 6 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 6 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 4 0f 11
`
`US 10,095,848 B2
`
`5311!
`
`HS 4
`
`
`~ Specified Pubic’sha Key
`— Content Consume:
`
`g Deiaééa
`« Payment Deteéis
`
`~ Deiivesry details
`
`
`“Tiers
`
`.. Othe:
`
`
`— PERMISSIONS
`
`
`, Receive CCLR from
`“My Garment cmwumer
`
`.
`-in‘te1acthth
`content censume! if
`needed
`-- Defauit éiméiaiione
`and ceneiraints
`~ Other
`
`,
`
`”WWW
`W
`
`3“
`5
`
`a
`
`‘
`
`420
`
`_
`..
`.
`Deiermme vaéadity Of
`request and whether in
`Edam 0r canstz'am
`“353195?
`
`S
`
`
`:3
`E
`
`‘
`
`04$
`
`, Send erroHdeniai
`i measage
`
`
`
`
`
`
`
`«£55
`
`- Interaciwim
`
`cameras: owner if
`needed
`.
`,
`J,
`,
`-- Fananual term:
`~- Other
`«wm:-
`
`‘
`
`~w--«-}y
`
`3
`g $59;
`:
`,
`., i A
`C r
`«were 8 yentem i
`Censumemacense
`A,
`Lia/“L
`W
`
`458
`
`mwards requester
`
`Wanamifi CCL
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 7 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 7 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 5 0f 11
`
`US 10,095,848 B2
`
`
`
`
`7' 510
`
`
`: Create Pubfiéshe;
`
`Key Request {PKR}
`
`
`
`
` 520
`
`
`
`
`Send PKR an Pubiisher Key
`
`
`. Vendor {PKV}
`
`
`Content Owner information
`~ Edemificafian
`-- Webséie
`~ Addreas
`— Autherized 5301111 01‘ Contest
`~- Emaii
`
`-- Author mfegmaiiosw
`~
`ilcsgayréghtffiata rights info
`~ Number (3f Pubiésfiier Keys
`requested and key type
`- Other
`
`
`
`
`
`-- interact with wntent (awner if
`”83,5361 _
`_
`‘
`~Deiaui1 Eamztataons and
`conetramts
`~ Oiner
`
`"“'
`
`
`
`i i1
`
`
`
`~ interact with 130219.135}?
`ewner i? needed
`~Financ§a§ Terms
`-- Oéhm
`
`
`
`
`_
`»»»»»»
`
`
`
`#43, Pm“ determines if request is
`vaiéti and asap: 1 (1011503111 3::
`,
`needed
`
`.
`..
`WWW"?
`
`550
`E
`
`; Send erforfdenia!
`E
`
`
`
`
` {Senerate encrypted fiubiisher
`
`
`Kefls} PK 23f zeppmpriate
`'
`quantéfiy and type; and Pubtisher
`
`Unique identificatioa
`
`E
`
`
`~ Cméieague
`_ Custemerfpadmf
`v~ Authorized Pubfisher
`
`.mw
`
`
`
`
`
`E
`
`Transsmii: F‘K{S} to
`
`
`{he z'equesator
`
`
`
`
`
`
`~ Member of authorizefl gmup
`, {Either
`
`
`
`
`\ """"
`1 Requester demrminea PKis}
`diats‘ébution fists; 351d
`
`Gistributes PKafis} as
`appraprfiaie
`
`
`
`m
`Recipients i Distribuiian 2331
`
`
`members regisfier PK{s) in
`
`
`their Eespmfive PM{S)
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 8 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 8 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 6 of 11
`
`US 10,095,848 B2
`
`i9.
`
`FIG. 6
`
`3
`
`8-07
`63‘
`fszfiuwmmmwg MW
`§
`.- Cmiteai
`‘ n
`,
`.
`g
`§ Daia aadfar
`T3389?“
`i Media
`FjjflIiShEi' Key 2
`,
`E
`E
`
`{Coniem
`Ownei}
`
`
`
`
`
`Co mam Owner
`uses Publication
`Engine BE to
`create Prciected
`Decumem
`Package PDP
`
`{>ai;aiMeeciia flies .
`
`
`
`
`Sécurifiy tier for
`
`
`Stari Date and Exam:
`Date in: PEI-P
`
`
`
`
`
`6%
`40 Bi: Enm‘ymeii
`
`
`
`Fife
`128 Bit Encrypted
`
`package EPDPB I
`VIEW ONLY OR USE
`
`IN ACCORDANCE
`-
`-
`
`WITH PERMISSIONS
`Specified Pubisshei'Key
`
`
`
`PK
`
`One: gr Mme Data!
`
`Mefiia'Féies ggggyefi:
`QQL permits Cement
`
`Cansumer can View aiE
`daia and media files in
`EDP with the specific-r3
`pubiisher key 313
`subjeci i0 Iicense and
`
`P3P GIBRSIHE.
`.
`. Each
`requesiefi data or
`media fife is exira :er}
`than: PD? in encwpied
`ffii'fitfii f ." EEEZCIHEP
`viewing.
`
`E
`3
`I
`‘
`
`6343
`
`
`
`Tiansmitied
`ma email,
`,
`\
`r
`web, (13, o. 4
`otnermthcu
`64G
`“‘“f‘”
`L‘W‘M
`Request Moduie
`LRM (Cc-mien?
`(m
`.Jcngumer)
`
`é‘
`
`um .
`if}: 3
`3270'
`"f
`
`.
`
`,
`
`F-EES 2 ; 260
`“'-q 'i‘),
`{i
`
`mmmmmmmm-«Wmmm
`i
`_...«wm,...,w§,I€-‘L:§y;fiéiumchiw
`a
`
`*
`550
`I
`”M...“
`“WM":
`:
`128 as: Encryptecfi
`package {Content
`,
`Censumer License
`Request Fiie cam}
`,
`..
`_
`.
`
`_ EspeczhedPuhhwer
`K93! E5
`Ceniiani Consumer
`
`A
`:omem -
`Consume:
`creates
`request {:3
`View PEEP
`
`idemifyéng Detaiis:
`Name, Emaii,
`Compute! Hardware
`Signeaiure, User
`scecific signature.
`etc
`
`.
`2
`
`_.
`.
`.,
`{rammified
`ma‘emaii,
`wen, (SE), er
`other meshed
`
`
`
`
`
`.,
`
`:
`5n} ....
`mm”
`5
`i
`123 Bit Eficrypted
`‘
`package {sztent
`-
`.
`Cansumer License
`.
`.y we”,
`
`
`g
`fiie m;
`, Pereseniatm , meazi
`9::
`
`
`Moduie Egg:
`*3:
`I
`Specified Pubiisher
`
`,
`..
`
`(Conieni
`Key .85
`
`
`
` rmwmmu
`Conwmes’}
`
`
`Cement Censumer
`
`FIG 517'
`SSpecé
`License
`4530
`
`
`Star? and Expiry
`Gate
`
` License Type: User
`
`
`
`Specific. Compuier
`
`
`
`Specific, Both, er
`
`
`
`
`
`‘- Licensing
`. 450
`Engine LE:
`
`Canaan: Gwner Grant;
`{Cmient
`
`permission i0 canism
`Swear}
`
`consumer. Fem? 13021 can
`
`be pt: specifii user specific.
`bath, {1! neiihel. Other
`consirai’ntg such as tier and
`vziiéd data; can aissw be
`specified.
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 9 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 9 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 7 0f 11
`
`US 10,095,848 B2
`
`Fig. 3"
`
`
`“a! €25 C3
`
`Content sometimer
`
`
`
`seiecis Specific
`
`
`came-m fiie 101'
`
`
`access {mm 933?
`
` 72E}
`’“MMMW
`
`
`_' Seéeciecf content is
`: decyypied 10 a
`
`'
`temporary fiie 00 1539
`system, RAM, or
`
`other,
`
`
`F'resenied using
`é methods for
`’.
`’
`'
`1-
`3:“ c2
`5 “my my GEM,
`between appucatione
`such as OLE, 83E,
`or other
`
` $e£ecied content is simed in a fiemp
`fiie {enmypted er unencrymeci, stand
`“Wm
`—
`,
`~
`9“ atone me crdaiabaee €1Ee}and
`
`
`
`Reiréeve Limited
`Capabiiity Viewer
`program if needed
`
`
`
`
`
`
`
`
` : presented in protecfited made
`
`
`740
`
`
` Temp We is defeated.
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 10 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 10 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 8 0f 11
`
`US 10,095,848 B2
`
`Fig. 8
`
`8'39
`
`
` ‘ Cement magnifier
`
`
`
`seiec’gs specific;
`contemfiéemr
`
`
`access fmm PD?
`
`
`
`
`80
`
`$e£ecied cement
`
`m
`
`'
`g
`
`a”
`
`(‘1
`
`3.5(2,0
`
`E Presei‘zted using
`f SEE, BDE, or officer
`
`82?
`
` Reirieveifimited
`
`
`
`
`‘- presented in
`protecied made
`
`
`éw eapabiiity viewer
`pregram if needed
`
`
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 11 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 11 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 9 0f 11
`
`US 10,095,848 B2
`
`m\\\\m\\\\m\\\\m\\\\m\\\\m\\\\m\\\\m\\\\m\\\\m\\\\m\\\\m\\\\
`
`3__1O
`
`- Receive and execute PDP
`data structure or PDP link
`
`III/MlllI/MWIIIIMIIIIIIIWIII
`
`
`Emmwemwmewwmwemwmemmww
`
`Ill/11
`
`EMia
`
`E E
`
`325
`"'5'
`
`EEmPublisherKey/
`ETiered Publisher Key
`License start and
`expiry dates
`License terms and
`types
`-
`EmOther
`
`E E
`
`Emmmmwmwm“tmewmm““\“mmm‘EmmmmmM
`E
`E
`E
`E“
`EmExxECompare existing licenses (CCL(s)) E‘E
`E
`\A»;
`to PDP license requirements
`E
`E
`EEWWWWNW‘W“W\W\W\m\\w\wwE
`“V”
`E
`E
`E
`
`
`3203
`
`Yes
`
`
`
`E
`E
`E
`E
`E
`E
`E
`E
`E
`
`mm
`
`9-0—0-
`
`E315
`.
`, 340 WWWWE
`
`‘ Specified Publisher
`E
`ES—BQ
`ME
`E 9—10
`E — '
`E
`EKey
`E
`E Generate
`E
`E
`- Enhanced User
`EStore data file or
`E
`Content Consumer
`1
`E Content
`E
`E Authorization and
`Estreaming media
`\
`E\\\“‘“‘““EDetails
`EWithin encrypted
`k Authentication EUAA ENE Consumer
`E
`E Payment Details
`Etemp package on
`E
`E -Biometric
`E
`E License Request
`
`E
`E- Delivery details
`Elocal machine
`E
`E -Smartcard/pSB
`E CCLR for
`E
`E -Tiers
`EWEWWWEE E
`:GtES coordmates
`E
`E content owner
`
`mmwwfimwm . “““WWWM‘E
`- Other
`
`E ___
`E m, WEWEWW,
`Present data file
`E
`E 3i
`E E—
`E
`or media in
`E
`E Retrieve limited
`E
`E Send CCLR to
`E
`protected mode
`E\\\\E
`capability viewer
`E
`E
`content owner
`E
`of original
`E
`E program if
`E
`E
`E
`
`program or
`E
`E needed
`E
`3mm“ \E
`“”3
`viewer program
`E
`E W“m“mmwmmmm;
`S~x:ww~\w“\»-www~wwE
`E Waitfor CCL
`E
`E
`from content
`E
`
`E owner
`E
`REM
`\n‘w
`§
`gmmmmmm‘m
`\Ee‘
`gmtmm m
`3—‘C1—4‘”“E390 cct
`\§\\\\Y\\\e\\§m§
`Store CCL
`Received ?
`\mmm\m~m\§
`mm
`
`f.“ _
`,
`11%
`A Exxmwwmsmm
`/,m“
`
`FIG 9
`'
`
`EmmmxwwE
`No E-3-95 E
`\\\\\\\\\m:\\\
`E Exit
`E
`EWe
`E
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 12 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 12 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 10 of 11
`
`US 10,095,848 B2
`
`
`
`
`Specified Publisher Key
`
`
`- Content Consumer
`Details
`
`
`
`
`M ~
`
`- Payment Details
`- Delivery details
`- Tiers
`- Other
`
`m
`\‘ Receive CCLR from
`m/mvmwmwmyt
`mem§s content consumer
`
`\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\W
`
`
`
`'Wummm/mnnummnymmm
`
`Ill/ll/II/llll/ll/llll
`x1
`
`//
`smsmA,smammmmm,
`
`
`
`mi
`4 5
`1010
`
`£22
`§ — .
`E
`- Enhanced User
`f
`l'd't
`,
`D t
`.
`§
`- Interact WIth
`g Authentication and
`g
`
`§ content consumer if WW
`e ermine V31 ‘3’ 0
`Rees Authorization EUAA
`
`.
`.
`§
`.
`'
`,
`request and whether to
`§
`§ needed
`§ Databases
`
`
`adapt or constrain
`§ - Default limitations
`§ Biometric data
`
`and constraints
`request
`:
`-GPS coordinates
`_ §
`- Other
`...........
`—Other
`
`\‘Q‘
`
`
`<9.". 5. u
`u
`.
`,
`$9
`W
`3’
`\
`§
`Yesx
`\
`\
`\e
`s
`§\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\A\\\
`fl
`
`a I
`
`WMMIaMIW/ammmg
`
`www\\
`
`............................
`
`..
`=
`.
`. 4
`55
`=
`= ._
`E
`— Interact with
`
`i content owner if
`i needed
`‘
`- Financial terms
`
`
`
`
`
`\S
`
`\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\~<\&\&\\\\\\\\\\\\\\\\\\\\:
`\\
`x\\\
`§
`\
`S
`\t
`\
`
`440
`.—
`Send error / denial
`message
`k\\\\\\\\\\\\\\\\\\\\\\\\\m
`
`[III/IIII/VIIIWIWW
`
`gs
`
`\M
`
`xxx/xxx)
`A ....“me‘wsimwm\W\\\\\\m\\\\\\§
`: 460
`
`Transmit CCL
`
`towards requestor
`
`__1000
`
`FIG _ 1 0
`
`
`\\ Generate Content
`s Consumer License
`§§
`§ CCL
`mmmmmtm\\\\m\\\\\m\\\\\\\\\\\\\“\
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 13 of 25
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 13 of 25
`
`U.S. Patent
`
`Oct. 9, 2018
`
`Sheet 11 0f 11
`
`US 10,095,848 B2
`
`Content (Data,
`documents, etc)
`
`§ Eg
`
`g
`3
`
`E 112
`E Content Transfer (Email,
`E device interface , USB, CD,
`E Web Transfer, FileTransfer,
`E Messaging, data download
`E from VPN' other)
`E
`
`g
`g
`
`§WWWW
`E m
`g
`3 Publisher Keys PKs
`E
`3mm,,,,,mm,,
`
`y“
`EMData or file
`“I“? 30 allowed for
`y,
`unprotectEd
`wmfer? we»
`
`M“M\\\W,W\mm,,m,m,,
`
`g
`g 1140
`\\ No ‘3 Create PDP with the E
`“ WE
`Content
`g
`3
`
`
`\\\\s m» .xxw me m \\\\\‘ a“ m» M» m
`ems
`
`»\\\\~ N a» \\\\\
`
`11 O
`——
`
`'"530‘9 Network,
`Domain, “Trusted
`area , other
`
`“Trusted Area” Boundary
`m .m mm \W \\\\\ W s\\\\
`s\\\\
`\\\\\ m a“ smv m w m» m. M» m \\\\\
`
`5
`“\w .\\\\§
`
`Yes
`.\\\\\
`s\\\\
`
`Outside Network,
`OutSide Domain,
`“Non Trusted area”,
`other
`
`e
`m\\\\mm\m\\\\mm\§an
`§ 1 50
`§
`g
`
`Content consumer \\,,,\
`
`
`
`LWWWWWWE
`
`FIG. 11
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 14 of 25
`Case 6:20-cv-00397-ADA Document 1—3 Filed 05/14/20 Page 14 of 25
`
`US 10,095,848 B2
`
`1
`SYSTEM, METHOD AND APPARATUS FOR
`SECURELY DISTRIBUTING CONTENT
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application is a continuation-in-part of pending US.
`patent application Ser. No. 14/029,021, filed on Sep. 17,
`2013, and Ser. No. 13/162,209, filed on Jun. 16, 2011, both
`of which are entitled SYSTEM, METHOD AND APPARA-
`TUS FOR SECURELY DISTRIBUTING CONTENT, and
`claims the benefit of Provisional Patent Application Ser. No.
`61/702,292,
`filed on Sep. 18, 2012, entitled SYSTEM,
`METHOD AND APPARATUS FOR SECURELY DIS-
`
`TRIBUTING CONTENT; all of these applications being
`incorporated herein by reference in their entireties.
`
`FIELD OF THE INVENTION
`
`The invention relates generally to the distribution of
`content and, more specifically but not exclusively, protecting
`such content from redistribution or re-presentation.
`
`BACKGROUND
`
`The various techniques exist for secure content distribu-
`tion. Such techniques include password protection of con-
`tent (e.g., password protection of a document or media file),
`access restrictions associated with content (e.g., usemame
`and password requirements associated with a web portal)
`and so on. Some of the techniques require proprietary
`software or middleware executed at a client device. Other
`
`2
`
`FIG. 1 depicts a high-level block diagram of a system
`according to one embodiment;
`FIG. 2 depicts a flow diagram of a secure content publi-
`cation method according to one embodiment;
`FIG. 3 depicts a flow diagram of a secure content pre-
`sentation method according to one embodiment;
`FIG. 4 depicts a flow diagram of a method for processing
`a content consumer license request suitable for use in
`various embodiments;
`FIG. 5 depicts a flow diagram of a method for processing
`a publisher key request suitable for use in various embodi-
`ments;
`FIG. 6 graphically depicts an embodiment of the inven-
`tion;
`FIG. 7 depicts a flow diagram of a method for opening a
`Protected Document Package (PDP) and presenting content
`via a temporary file;
`FIG. 8 depicts a flow diagram of a method for opening a
`Protected Document Package PDP and presenting content
`directly;
`FIG. 9 depicts a flow diagram of a secure content pre-
`sentation method according to one embodiment;
`FIG. 10 depicts a flow diagram of a method for processing
`a content consumer license request suitable for use in
`various embodiments; and
`FIG. 11 graphically depicts an embodiment of the inven-
`tion.
`
`To facilitate understanding, identical reference numerals
`have been used, where possible,
`to designate identical
`elements that are common to the figures.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`techniques require real-time user authentication via an
`authentication server or other device connected to a client
`via a network such as the Internet.
`
`35
`
`SUMMARY
`
`Various deficiencies in the prior art are addressed by
`systems, methods and apparatus providing secure content
`publication and presentation capabilities. One embodiment
`of a method for securely distributing content, comprises
`generating an encrypted file including content or a link
`thereto, and a Publisher Key (PK) associated with presen-
`tation of said content by an authorized user via a Limited
`Capability Viewer (LCV); and propagating the generated
`encrypted file towards a user. The LCV may comprise 1) a
`program specifically designated to consume content while
`restrict editing, printing, copying, etc. of content; or 2) a
`native program for consuming content which is used in a
`restrictive mode to restrict editing, printing, copying, etc. of
`content. Only users who have a Content Consumer License
`(CCL) compatible with the encrypted PK may access and
`consume the content. The CCL may be distributed via
`hardware or
`software. Various embodiments provided
`enhanced user authentication or authorization, VPN func-
`tions, collaboration techniques, automatic distribution of
`licenses, watermarking of documents, rules pertaining to
`content transfer between secure and insecure domains and
`combinations thereof.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The teachings herein can be readily understood by con-
`sidering the following detailed description in conjunction
`with the accompanying drawings, in which:
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`DETAILED DESCRIPTION OF THE
`INVENTION
`
`A secure content distribution capability is depicted and
`described herein. The secure content distribution capability
`enables efficient and secure distribution of content to spe-
`cific users for a limited purpose, such as presentation of a
`securely distributed document upon a presentation device.
`The securely distributed documents may not be printed by
`specific users or forwarded to other users for presentation,
`printing or other purposes.
`Although the secure content distribution capability is
`primarily depicted and described herein within the context
`of a specific document format, it will be appreciated that the
`secure content distribution capability may be used for dis-
`tributing documents according to various other formats.
`Broadly speaking, the secure content distribution capability
`may be used to securely distribute any type of content
`including documents or files according to various formats,
`as well as streaming media such as audio and/or video and
`other active content.
`
`The various embodiments include methodologies imple-
`mented in software and/or hardware for securely distributing
`content such as documents between content owners or other
`content source entities and content consumers. These secu-
`
`rity methodologies provide user specific authentication,
`machine specific authentication and the like to ensure that
`only a specific user, or a specific user machine, or a specific
`user on a specific user machine is authenticated to access the
`secure content. Moreover, the security methodologies pre-
`vent users from printing, copying, modifying or saving the
`protected documents, and are capable of providing security
`within and across corporate networks and other domains.
`For example, where protected documents or files are sent to
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 15 of 25
`Case 6:20-cv-00397-ADA Document 1—3 Filed 05/14/20 Page 15 of 25
`
`US 10,095,848 B2
`
`3
`other users Via email or other transfer means, the documents
`or files are unreadable by recipient without permission of
`content owner.
`
`The various embodiments contemplate that securely dis-
`tributed content, documents or other files is presented using
`Limited Capability Viewer LCV for viewing in a native
`content, document or other file format. For example, a
`Microsoft PowerPoint file protected according to various
`embodiments may be viewed using the end user’s Microsoft
`PowerPoint or Microsoft PowerPoint Viewer program.
`Thus, all animations, multimedia, and other dynamic content
`are preserved and the end user will get a true presentation
`experience. However, all content
`is fully encrypted and
`protected while opened by the user and also during trans-
`mission from the content owner to the user. Similarly,
`Microsoft Word, Excel, Visio, and other files which are
`protected by the software will be viewed using correspond-
`ing native programs while protected.
`A protected document package can have one or multiple
`files. These files can be grouped into tiers of security level
`so that end users can access only the files they are specifi-
`cally authorized to access. A protected document package
`may comprise a database including varying one or more
`content files, wherein the one or more content files are
`extracted from the database prior to secure presentation via
`the Limited Capability Viewer LCV program.
`It is noted that the content owner does not need to know
`
`all the end users before creating the protected document
`packages. In this manner, the various embodiments elimi-
`nate a need for a common, central user management service
`while allowing for easy within domain, cross-domain, and
`cross-company sharing of protected documents.
`It is noted that there is no requirement for online verifi-
`cation of a user prior to secure presentation of a protected
`document package. Keys and other data structures adapted
`for enabling secure presentation of the protected document
`package may be distributed prior to secure content presen-
`tation or after an attempt to securely present the content.
`Moreover, multiple keys of different types are employed
`within the context of the various embodiments to enable a
`
`flexible mechanism for securely presenting content.
`FIG. 1 depicts a high-level block diagram of a system
`according to one embodiment. Specifically, the system 100
`of FIG. 1 contemplates a plurality of user devices 105
`communicating with each other via the network 106. In
`various embodiments, the user devices 105 optionally com-
`municate with a server 107 via the network 106.
`
`The plurality of user devices 105 are denoted as user
`devices 105-1, 105-2, 105-3 and so on up to 105-N. In the
`embodiments discussed herein, each of the user devices 105
`is configured in substantially the same manner in terms of
`hardware, software, resources and the like. However, it will
`be appreciated by those skilled in the art that the various user
`devices 105 may comprise different classes of user devices
`such as computers, mobile devices, smart phones, set-top
`terminals, heavy clients, light clients and so on. Generally
`speaking, a user device 105 is simply a device capable of
`operating in accordance with one or more aspects of the
`present invention, and many different user device configu-
`rations may be used at the same time.
`As depicted in FIG. 1, each user device 105 includes a
`processor 110, a memory 120, communications interfaces
`130 and an input-output (I/O) interface 140. The processor
`110 is coupled to each of memory 120, communication
`interfaces 130, and I/O interface 140.
`The processor 110 is configured for controlling the opera-
`tion of user device 105, including operations supporting the
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`
`secure content publication and presentation capabilities
`described herein with respect to the various embodiments.
`The memory 120 is configured for storing information
`suitable for use in providing the advertising presentation and
`transaction capability. Memory 120 may store programs
`121, data 122, content 123 and the like. Within the context
`of the various embodiments, the programs 121 and data 122
`may vary depending upon whether the user device 105 is
`operating as a content owner, or a content consumer or both.
`When a user device 105 operates in a content owner or
`content source mode of operation, the programs 121 may
`comprise a publication engine PE, a licensing engine LE
`and/or other programs adapted for implementing the secure
`content
`sourcing/publication methodologies
`described
`herein. Similarly, in the content owner or content source
`mode of operation,
`the data storage 122 may comprise
`content control data CCD, publisher keys PK, authorization
`data AD and/or other data adapted for implementing the
`secure
`content
`sourcing/publication methodologies
`described herein. The content storage 123 may include
`content, uniform resource locators (URLs) or other data
`structures pointing to content, to be securely published and
`transmitted toward one or more user devices 105 operating
`in a content consumer mode.
`
`When a user device 105 operates in a content consumer or
`content destination mode of operation, the programs 121
`may comprise a presentation module PM, a license request
`module LRM and/or other programs adapted for implement-
`ing the secure content consumption/presentation methodolo-
`gies described herein. Similarly, in a content consumer mode
`of operation, the data storage 122 may comprise one or more
`Content Consumer Licenses CCL and/or other data adapted
`for implementing the secure content consumption/presenta-
`tion methodologies described herein.
`Generally speaking,
`the memory 120 may store any
`information suitable for use by the user device 105 in
`implementing one or more of the secure content sourcing/
`publication methodologies described herein, the secure con-
`tent consumption/presentation methodologies described
`herein or other functions.
`
`The communications interfaces 130 may include a loca-
`tion signaling interface such as a global positioning GPS and
`or cellular telephone tower triangulation system to deter-
`mine the location of the user device 105.
`The communications interfaces 130 include one or more
`
`services signaling interface such as a Wi-Fi or WiMAX
`interface, a 3G wireless interface, a 4G wireless interface, an
`Ethernet interface and the like for supporting data/services
`signaling between user device 105 and the network 106. It
`will be appreciated that fewer or more, as well as different,
`communications interfaces may be supported. The various
`communications interfaces 130 are adapted to facilitate the
`transfer of files, data structures, messages, request and the
`like between various entities in accordance with the embodi-
`ments discussed herein.
`
`It will be appreciated that the various embodiments do not
`require a continual online presence. Once content consumer
`has received CCL from content owner (whether via hard-
`ware or software), the content consumer can be completely
`disconnected from all networks and communication inter-
`
`faces depending on the embodiment and configuration of
`user device 105. For example, a recipient presenting content
`in a protected manner does not need to be communicating
`with another entity at the time such content is processed
`and/or presented by a user device. The I/O interface 140 may
`be coupled to presentation devices PD interface(s) such as
`associated with display devices for presenting information to
`
`
`
`Case 6:20-cv-00397-ADA Document 1-3 Filed 05/14/20 Page 16 of 25
`Case 6:20-cv-00397-ADA Document 1—3 Filed 05/14/20 Page 16 of 25
`
`US 10,095,848 B2
`
`5
`a user, input devices ID such as touch screen or keypad input
`devices for enabling user input, and/or interfaces enabling
`communication between the user device 105 and other
`
`computing or input/output devices (not shown).
`Presentation devices PD may include a displ