System and method for securing the life-cycle of user domain rights objects

摘要

In a method for enabling support for backwards compatibility in a User Domain, in one of a Rights Issuer (RI) and a Local Rights Manager (LRM), a Rights Object Encryption Key (REK) and encrypted REK are received from an entity that generated a User Domain Authorization for the one of the RI and the LRM and the REK is used to generate a User Domain Rights Object (RO) that includes the User Domain Authorization and the encrypted REK.

主权项

1. A method, comprising:
receiving, in one of a rights issuer (RI) or a local rights manager (LRM), a rights object encryption key (REK) and an encrypted REK from an entity, wherein the entity generates the REK and, to facilitate maintaining security with regard to a user domain key, the one of the RI or the LRM is not permitted access to the user domain key; and based at least in part on the REK, generating a user domain rights object (RO) that includes a user domain authorization and the encrypted REK, wherein the user domain authorization identifies a user domain and the one of the RI or the LRM, the user domain authorization is associated with the user domain and the user domain key, the encrypted REK is derived from the REK by using the user domain key, and the generated user domain rights object is communicated to a device via one of a SCE-conformant DRM Agent, an RO acquisition protocol, and an out-of-band manner.