Security threshold enforcement in anchor point-based digital rights management

摘要

Digital rights management (DRM) can be effectively implemented through use of an anchor point and binding records within a user's anchor point domain. Assigning security levels to various components within an anchor point based DRM system and evaluating them against a security criterion provides additional protection against authorized access of the digital content. The content provider may specify the security criterion (e.g., a security level threshold), and the ability to use the digital content is denied or granted based on the ability of components to satisfy this criterion. For example, the ability to use a digital property instance is granted to a content handler that satisfies the security criterion and denied to a content handle that does not satisfy the security criterion.

主权项

1. A method comprising:
learning a security level of a content handler coupled to an anchor point, the anchor point comprising a secure unique hard-to-falsify physical circuit that can store data, the security level including a value stored to a digital certificate of the content handler; receiving at the anchor point a title pre-key; decrypting the title pre-key with a binding key stored within the anchor point to yield a title key, the title key being configured to decrypt an encrypted digital property instance; establishing a security level in the anchor point, wherein the security level in the anchor point quantifies effort and resources needed to compromise security of the anchor point and is judged by a certification authority trusted by a content provider from which the encrypted digital property instance was received; determining a security level of a transaction based on the lowest of the security level in the anchor point and the security level of the content handler, including comparing the value of the security level of the content handler to a value of a security criterion associated with the digital property instance; and issuing the title key to the content handler when the value of the security level of the transaction satisfies the security criterion associated with the encrypted digital property instance.