Cloud-based movable-component binding

摘要

This document describes tools capable of enabling cloud-based movable-component binding. The tools, in some embodiments, bind protected media content to a movable component in a mobile computing device in a cryptographically secure manner without requiring the movable component to perform a complex cryptographic function. By so doing the mobile computing device may request access to content and receive permission to use the content quickly and in a cryptographically robust way.

主权项

1. One or more computer-readable storage devices having computer-executable instructions that, when executed by one or more processors on a mobile computing device, perform acts comprising:
requesting, from a movable component physically connected to the mobile computing device but removable from the mobile computing device, a cryptographically secure identifier bound to the movable component, identifying the movable component, and not decryptable by the mobile computing device but decryptable by a remote computing device capable of communication with the mobile computing device using a mobile-device communication network, the movable component comprising a token associated with a DRM license, the DRM license permitting the mobile computing device to perform actions on protected media content that is stored on a removable memory physically connected to the mobile computing device but removable from the mobile computing device; receiving the cryptographically secure identifier from the movable component; transmitting the cryptographically secure identifier to the remote computing device over the mobile-device communication network to request permission to use the protected media content, the cryptographically secure identifier usable by the remote computing device to determine that the movable component is authentic and an entity associated with the movable component has a right to the requested use of the protected media content; transmitting a device identifier identifying the mobile computing device effective to enable the remote computing device to determine whether or not the mobile computing device is trusted; transmitting a non-encrypted identifier for the movable component effective to enable the remote computing device to authenticate the movable component using at least the non-encrypted identifier and the cryptographically secure identifier; and receiving, from the remote computing device over the mobile-device communication network, permission to use the protected media content based at least in part on an indication from the remote computing device that the mobile computing device is trusted, the permission received responsive to the remote computing device authenticating the movable component using the non-encrypted identifier and the cryptographically secure identifier.