Senior Fitness - Exercise and Nutrition for Aging Men and Women
FREE Article Feed for your website.
Home Ownership Magazine
Party Planning Information
Article Marketing Resources
Bio-Medical Research Article Database
Informative Articles on Life, Love and Happiness
Tutorials on Business to Writing
Famous Quotes from Famous People
Song Lyric Information
New US Patent Information
Comprehensive List of Content by Category
Online Auctions and Shopping Related Articles
Article Search
Most Recent Articles
Title: Two-port isolator and communication device
Patent Number: 6,900,704 Issued on 05/31/2005 to Hasegawa

Title: Clock distribution network with process, supply-voltage, and temperature compensation
Patent Number: 6,897,699 Issued on 05/24/2005 to Nguyen,   et al.

Title: Seed drill element having improved topsoiling means
Patent Number: 6,895,876 Issued on 05/24/2005 to Bergere,   et al.

Title: Camera device with selectable image paths
Patent Number: 6,992,699 Issued on 01/31/2006 to Vance,   et al.

Title: Ball screw and wheel steering device having the same
Patent Number: 6,991,062 Issued on 01/31/2006 to Yoshida,   et al.

Title: Cylinder for a folder unit
Patent Number: 6,895,858 Issued on 05/24/2005 to Kostiza,   et al.

Title: Magnetic switch capable of instantaneous switching of an output signal and magnetic sensor
Patent Number: 6,900,713 Issued on 05/31/2005 to Kasashima,   et al.

Title: Device for transferring a substance applied to a support tape in the form of a film to a substrate
Patent Number: 7,044,187 Issued on 05/16/2006 to Bebensee,   et al.

Title: Shield-processing structure of shielded cable
Patent Number: 6,984,787 Issued on 01/10/2006 to Mita,   et al.

Title: Punching device in a sheet finisher for an image forming apparatus
Patent Number: 6,783,124 Issued on 08/31/2004 to Tamura,   et al.

Title: Polynucleotides, pesticidal proteins, and novel methods of using them
Patent Number: 7,129,212 Issued on 10/31/2006 to Narva,   et al.

Title: Fabricating a 2F2 memory device with a horizontal floating gate
Patent Number: 6,998,314 Issued on 02/14/2006 to Prall

Title: Fluid bottle with refill bottle opener
Patent Number: 6,994,129 Issued on 02/07/2006 to Fesko

Title: Arabitol or ribitol as positive selectable markers
Patent Number: 7,005,561 Issued on 02/28/2006 to Parrott,   et al.

Title: Shaft tool with fixedly disposed winglike inserts
Patent Number: 6,984,093 Issued on 01/10/2006 to Hauschild,   et al.

Title: Reduced clad diameter rare earth doped fiber coils and optical amplifiers utilizing such coils
Patent Number: 6,978,078 Issued on 12/20/2005 to Wood

Title: System for efficient coupling to photonic crystal waveguides
Patent Number: 6,782,169 Issued on 08/24/2004 to Shi,   et al.

Title: Augmentor
Patent Number: 6,968,694 Issued on 11/29/2005 to Buey,   et al.

Title: Solar cell structure utilizing an amorphous silicon discrete by-pass diode
Patent Number: 6,784,358 Issued on 08/31/2004 to Kukulka

Title: Thin clad diode laser
Patent Number: 6,993,053 Issued on 01/31/2006 to Buda,   et al.

Title: Broadband network with enterprise wireless communication system for residential and business environment
Patent Number: 7,002,995 Issued on 02/21/2006 to Chow,   et al.

Title: Wireless microphone apparatus and transmitter device for a wireless microphone
Patent Number: 6,778,814 Issued on 08/17/2004 to Koike

Title: 5-(arylsulfonyl)-,5-(arylsulfinyl), and 5-(arylsulfanyl)-thiazolidine-2,4-diones useful for inhibition of farnesyl-protein transferase
Patent Number: 6,784,184 Issued on 08/31/2004 to Epstein,   et al.

Title: Bio-reactor device
Patent Number: 7,129,082 Issued on 10/31/2006 to Van Der Merwe,   et al.

Title: X-ray radiographic apparatus, X-ray restrictor, and X-ray radiographic method
Patent Number: 6,898,271 Issued on 05/24/2005 to Akutsu,   et al.

Title: Quarter-turn valve
Patent Number: 6,783,113 Issued on 08/31/2004 to Schommer

Title: Method and plant for cooling fluids by direct contact with liquefied gases
Patent Number: 6,968,705 Issued on 11/29/2005 to Frati

Title: Apparatus and method for gain-spectrum-tilt compensation in long-wavelength band dispersion-compensating hybrid fiber amplifier
Patent Number: 6,992,816 Issued on 01/31/2006 to Chung,   et al.

Title: Dispensing cartridge and method of dispensing a product from a dispensing cartridge
Patent Number: 6,996,869 Issued on 02/14/2006 to Lancette

Title: Disk array device for idle seek
Patent Number: 6,985,998 Issued on 01/10/2006 to Higashijima,   et al.

Title: Brake system
Patent Number: 6,997,523 Issued on 02/14/2006 to Banoczky,   et al.

Title: Fiber laser pumping device
Patent Number: 6,975,791 Issued on 12/13/2005 to Neuberger

Title: Apparatus and method for movement measurement and position tracking of long, non-textured metal objects at an elevated temperature
Patent Number: 6,992,756 Issued on 01/31/2006 to Chang

Title: Method for driving PDP and display apparatus
Patent Number: 6,900,797 Issued on 05/31/2005 to Hirakawa,   et al.

Title: Refrigeration compressor capacity limiting device
Patent Number: 6,968,710 Issued on 11/29/2005 to Kozinski

Title: Methods of identifying g-couple receptors associated with macrophage-trophic HIV, and diagnostic and therapeutic uses thereof
Patent Number: 7,129,055 Issued on 10/31/2006 to Littman,   et al.

Title: System and method for conditioning of intake air for an internal combustion engine
Patent Number: 6,895,945 Issued on 05/24/2005 to Parsa

Title: Antenna mast and method
Patent Number: 6,781,558 Issued on 08/24/2004 to Steinkamp

Title: Method for estimating telephony system-queue waiting time in an agent level routing environment
Patent Number: 6,898,190 Issued on 05/24/2005 to Shtivelman,   et al.

Title: High continuity electrical fitting
Patent Number: 6,780,029 Issued on 08/24/2004 to Gretz

Title: Flush mount fork tube cap nut for the triple of a motorcycle
Patent Number: 6,994,366 Issued on 02/07/2006 to Rambo

Title: Lateral operation bipolar transistor and a corresponding fabrication process
Patent Number: 6,897,545 Issued on 05/24/2005 to Menut,   et al.

Title: Driving IC of an active matrix electroluminescence device
Patent Number: 6,943,760 Issued on 09/13/2005 to Bae,   et al.

Title: Fold down seat lumbar support apparatus and method
Patent Number: 6,905,170 Issued on 06/14/2005 to McMillen,   et al.

Title: Low power clocking systems and methods
Patent Number: 6,993,669 Issued on 01/31/2006 to Sherburne, Jr.

Title: System and method for constructing and viewing an electronic document
Patent Number: 6,778,989 Issued on 08/17/2004 to Bates,   et al.

Title: Projection exposure apparatus
Patent Number: 6,900,879 Issued on 05/31/2005 to Nishi

Title: Enhanced sensitivity differential refractometer measurement cell
Patent Number: 6,975,392 Issued on 12/13/2005 to Larkin

Title: Vehicle navigation system using live images
Patent Number: 6,775,614 Issued on 08/10/2004 to Kim

Title: Sloped chamber top for substrate processing
Patent Number: 6,778,762 Issued on 08/17/2004 to Shareef,   et al.

Title: Method and apparatus for easy input identification
Patent Number: 6,778,841 Issued on 08/17/2004 to Bories,   et al.

Title: Inhaler for multiple dosed administration of a pharmacological dry powder
Patent Number: 7,131,441 Issued on 11/07/2006 to Keller,   et al.

Title: Inhaler for multiple dosed administration of a pharmacological dry powder
Patent Number: 7,131,441 Issued on 11/07/2006 to Keller,   et al.

Title: Therapeutic peptide-based constructs
Patent Number: 6,906,037 Issued on 06/14/2005 to Little, II,   et al.

Title: Susceptor supporting construction
Patent Number: 6,997,993 Issued on 02/14/2006 to Yamaguchi,   et al.

Title: R.F. output power control
Patent Number: 7,126,420 Issued on 10/24/2006 to Kodim

Title: Fused heterocyclic compounds
Patent Number: 7,125,885 Issued on 10/24/2006 to Chen,   et al.

Title: Dispensing tip positioning and storing apparatus
Patent Number: 6,986,439 Issued on 01/17/2006 to Itoh

Title: Patient positioning device
Patent Number: 6,986,181 Issued on 01/17/2006 to Murphy,   et al.

Title: Preparation of components for transportation fuels
Patent Number: 6,881,325 Issued on 04/19/2005 to Morris,   et al.

Title: Vacuum insulator using glass white wool and its fabrication method
Patent Number: 6,881,467 Issued on 04/19/2005 to Jung,   et al.

Title: Plasma processor apparatus and method, and antenna
Patent Number: 6,876,155 Issued on 04/05/2005 to Howald,   et al.

Title: Sediment control
Patent Number: 7,008,144 Issued on 03/07/2006 to McGinn

Title: Scheme for registration and authentication in wireless communication system using wireless LAN
Patent Number: 6,782,260 Issued on 08/24/2004 to Nakakita,   et al.

Title: Valve repair device
Patent Number: 6,997,950 Issued on 02/14/2006 to Chawla

Title: Electric compressor
Patent Number: 6,997,687 Issued on 02/14/2006 to Iritani

Title: Heat tolerant broccoli
Patent Number: 6,784,345 Issued on 08/31/2004 to Barham,   et al.

Title: Regulation of embryonic transcription in plants
Patent Number: 6,784,342 Issued on 08/31/2004 to Kunst,   et al.

Title: System and method for computer code generation
Patent Number: 6,973,640 Issued on 12/06/2005 to Little,   et al.

Title: Method of marking ophthalmic lens by using laser radiation
Patent Number: 6,997,554 Issued on 02/14/2006 to Nakada,   et al.

Title: Gaming device having a pick reduction game
Patent Number: 6,780,107 Issued on 08/24/2004 to Baerlocher,   et al.

Title: System and method of integrating software components
Patent Number: 6,973,655 Issued on 12/06/2005 to Jacquin,   et al.

Title: System of and method for decoding trellis codes
Patent Number: 6,973,615 Issued on 12/06/2005 to Arad,   et al.

Title: Azabicyclic carbamates and their use as .alpha.-7 nicotinic acetylcholine receptor agonists
Patent Number: 6,780,861 Issued on 08/24/2004 to Nozulak

Title: Cyclosporins for the treatment of respiratory diseases
Patent Number: 6,784,156 Issued on 08/31/2004 to Or,   et al.

Passive and active software objects containing bore resistant watermarking Number:6,801,999 from the United States Patent and Trademark Office (PTO) owispatent

Home    Author Login    Submit Article    Article Search    Add Your Link    Edit Your Link    Contact Us    Advertising    Disclaimer

   

 
Web LinkGrinder.com

Top Breaking News
     US Sprinter Gay Injured, Fails to Qualify for Olympics by VOA Sports
     Obama Denies Changing Position on Iraq War by VOA News
     Turkish Authorities Arrest at Least 7 in Alleged Coup Plot by VOA News

Title: Passive and active software objects containing bore resistant watermarking

Abstract: A technique for imparting substantial break-once-run-everywhere (BORE) resistance to passive and active software objects, and for controlling access and use of resulting protected objects by a client computer (400). Specifically, a relatively large number, n, of identical watermarks (1720) are embedded throughout a software object (1700), through use of n different secret watermark keys to form a protected object, with each key defining a pointer to a location in the protected object at which a corresponding watermark appears. Once a user has downloaded a protected object through a client computer, the user transacts with a publisher's web server (335) to obtain an electronic license, cryptographically signed by the publisher to an enforcer (600, 600') located in that client computer, which specifies rights, which the publisher accords, for accessing and using this object, to this computer and an "expected" value of a parameter contained in the watermarks. The enforcer is equipped with only one of the n watermark keys. Whenever the client computer attempts to access a file containing the protected object, the enforcer examines the object using its secret watermark key. If the object contains a watermark appearing at a location specified by the enforcer's watermark key, a digital rights management system (456) executing in a client operating system (454) accesses a license database (570) to determine whether a signed license made to the enforcer and linked, via the publisher's cryptographic signature, to this protected object resides in that database. If no such license exists, the enforcer inhibits any further access to the object. Otherwise, the enforcer determines whether: the "expected" parameter value matches an actual value for the same parameter detected in a watermark contained in the object, and the license is signed by the vendor whose identification

Patent Number: 6,801,999 Issued on 10/05/2004 to Venkatesan,   et al.

Inventors: Venkatesan; Ramarathnam (Redmond, WA), Yacobi; Yacov (Mercer Island, WA)
Assignee: Microsoft Corporation (Redmond, WA)
Appl. No.: 09/315,733
Filed: May 20, 1999

Current U.S. Class: 713/167 ; 380/28; 380/284; 380/51; 382/100; 705/58; 705/59; 713/176
Field of Search: 713/167,176 380/4,28,51,284 705/58,59 382/100

References Cited [Referenced By]
U.S. Patent Documents
5343527 August 1994 Moore
5613004 March 1997 Cooperman et al.
5638443 June 1997 Stefik et al.
5745569 April 1998 Moskowitz et al.
5822432 October 1998 Moskowitz et al.
5825892 October 1998 Braudaway et al.
5905800 May 1999 Moskowitz et al.
5905819 May 1999 Daly
6141753 October 2000 Zhao et al.
6330672 December 2001 Shur
6411725 June 2002 Rhoads
6522767 February 2003 Moskowitz et al.
2001/0010078 July 2001 Moskowitz
Foreign Patent Documents
WO 99/64973 Dec., 1999 WO
Primary Examiner: Sheikh; Ayaz
Assistant Examiner: Arani; Taghi T.
Attorney, Agent or Firm: Lee & Hayes, PLLC
Claims


We claim:

1. Apparatus for a imparting resistance to a given software object against break-once-run-everywhere (BORE) attacks, the apparatus comprising: a computer having: a processor; and a memory having computer executable instructions stored therein; and wherein the processor, in response to the stored executable instructions: produces, in response to a random seed value and through a pseudo-random number generator, a sequence of n pseudo-random watermark keys, wherein each watermark key defines a pointer to a specific one location in a software object at which a corresponding one of n watermarks is to be embedded into the object so as to define a plurality of specific locations; and embeds each one of the n watermarks into the object, at a corresponding one of the plurality of specific locations in the software object specified by a different corresponding one of the watermark keys so as to yield a watermarked object having resistance to BORE attacks.

2. The apparatus in claim 1 wherein the software object is either a passive or active object, the passive object comprising content and the active object comprising executable code.

3. The apparatus in claim 2 wherein the specific one location is a starting location.

4. The apparatus in claim 2 wherein the pseudo-random number generator is cryptographically secure.

5. The apparatus in claim 2 wherein all of the plurality of said watermarks embedded in the software object contain an identical watermark value.

6. The apparatus in claim 2 wherein the n watermark keys are used in watermarking a plurality of different software objects.

7. The apparatus in claim 2 wherein the processor, in response to the stored instructions: encrypts the watermarked object using a predefined encryption key so as to yield an encrypted watermarked object; and supplies the encrypted watermarked object to a entity for subsequent distribution of the encrypted watermarked object to requesting users.

8. The apparatus in claim 7 wherein the predefined encryption key is a symmetric encryption key.

9. The apparatus in claim 7 wherein the processor, in response to the stored instructions, inserts a unique fingerprint value into the watermarked object before the watermarked object is encrypted.

10. The apparatus in claim 7 wherein all of the plurality of said watermarks embedded in the software object contain an identical watermark value.

11. The apparatus in claim 7 wherein the n watermark keys are used in watermarking a plurality of different software objects.

12. The apparatus in claim 5 wherein a starting location of each one of the watermarks, as defined by the corresponding one of the watermark keys, is relative to either the physical size of the software object or a time period required to fully play the software object, or, in the case of a software object comprising an image frame, a starting frequency value, in a frequency domain of the frame, at which the one watermark is embedded.

13. The apparatus in claim 2 wherein the watermark comprises a predefined number of bits, wherein each bit is embedded, through use of a pseudo-random sequence, to provide predefined variations, as defined by the sequence, in a predefined succession of pixel values occurring in an image frame.

14. The apparatus in claim 13 wherein the specific one location is a starting location.

15. The apparatus in claim 13 wherein all of the plurality of said watermarks embedded in the software object contain an identical watermark value.

16. The apparatus in claim 13 in which the variations, as specified by the marking sequence, correspond to one value of a watermark bit, and opposite variations are used to correspond to an opposite value of the watermark bit.

17. The apparatus in claim 13 wherein the processor, in response to the stored instructions, applies the watermark key as a seed to a pseudo-random number generator so as to yield a pseudo-random physical address of a pixel in an image at which a corresponding watermark is to start.

18. The apparatus in claim 17 wherein the n watermark keys are used in watermarking a plurality of different software objects.

19. The apparatus in claim 2 wherein the n watermark keys are used in watermarking a plurality of different software objects.

20. The apparatus in claim 19 wherein the specific one location is a starting location.

21. The apparatus in claim 19 wherein each one of the n watermarks embedded in the software object is at least 20-bits in length.

22. The apparatus in claim 19 wherein all of the plurality of said watermarks embedded in the software object contain an identical watermark value.

23. The apparatus in claim 19 wherein, for an active software object, the watermark comprises a predefined instance of executable code which, given a watermark key, calculates a value of the corresponding one watermark, wherein the executable code instance, in terms of its execution flow, is inserted into the execution flow of the software object.

24. The apparatus in claim 19 wherein a separate instance of execution code is inserted for each of the n watermark keys.

25. The apparatus in claim 19 wherein the watermark value comprises a concatenation of an identifier associated with a publisher of the software object and an identifier associated with the software object.

26. A method, implemented in a computer system, for a imparting resistance to a given software object against break-once-run-everywhere (BORE) attacks, the system having a processor; and a memory having computer executable instructions stored therein; wherein the method comprises the steps, performed by the processor and in response to the stored executable instructions, of: producing, in response to a random seed value and through a pseudo-random number generator, a sequence of n pseudo-random watermark keys, wherein each watermark key defines a pointer to a specific one location in a software object at which a corresponding one of n watermarks is to be embedded into the object so as to define a plurality of specific locations; and embedding each one of the n watermarks, into the object, at a corresponding one of the plurality of specific locations in the software object specified by a different corresponding one of the watermark keys so as to yield a watermarked object having resistance to BORE attacks.

27. The method in claim 26 wherein the software object is either a passive or active object, the passive object comprising content and the active object comprising executable code.

28. The method in claim 26 wherein the specific one location is a starting location.

29. The method in claim 27 wherein the pseudo-random number generator is cryptographically secure.

30. The method in claim 27 wherein all of the plurality of said watermarks embedded in the software object contain an identical watermark value.

31. The method in claim 27 wherein the n watermark keys are used in watermarking a plurality of different software objects.

32. The method in claim 27 further comprising the steps of: encrypting the watermarked object using a predefined encryption key so as to yield an encrypted watermarked object; and supplying the encrypted watermarked object to a entity for subsequent distribution of the encrypted watermarked object to requesting users.

33. The method in claim 32 wherein the predefined encryption key is a symmetric encryption key.

34. The method in claim 32 further comprising the step of inserting a unique fingerprint value into the watermarked object before the watermarked object is encrypted.

35. The method in claim 32 wherein all of the plurality of said watermarks embedded in the software object contain an identical watermark value.

36. The method in claim 32 wherein the n watermark keys are used in watermarking a plurality of different software objects.

37. The method in claim 30 wherein a starting location of each one of the watermarks, as defined by the corresponding one of the watermark keys, is relative to either the physical size of the software object or a time period required to fully play the software object, or, in the case of a software object comprising an image frame, a starting frequency value, in a frequency domain of the frame, at which the one watermark is embedded.

38. The method in claim 27 wherein the watermark comprises a predefined number of bits, wherein each bit is embedded, through use of a pseudo-random marking sequence, to provide predefined variations, as defined by the sequence, in a predefined succession of pixel values occurring in an image frame.

39. The method in claim 38 wherein the specific one location is a starting location.

40. The method in claim 38 wherein all of the plurality of said watermarks embedded in the software object contain an identical watermark value.

41. The method in claim 38 in which the variations, as specified by the marking sequence, correspond to one value of a watermark bit, and opposite variations are used to correspond to an opposite value of the watermark bit.

42. The method in claim 38 further comprising the step of applying the watermark key as a seed to a pseudo-random number generator so as to yield a pseudo-random physical address of a pixel in an image at which a corresponding watermark is to start.

43. The method in claim 42 wherein the n watermark keys are used in watermarking a plurality of different software objects.

44. The method in claim 27 wherein the n watermark keys are used in watermarking a plurality of different software objects.

45. The method in claim 44 wherein the specific one location is a starting location.

46. The method in claim 44 wherein each one of the n watermarks embedded in the software object is at least 20-bits in length.

47. The method in claim 44 wherein all of the plurality of said watermarks embedded in the software object contain an identical watermark value.

48. The method in claim 44 wherein, for an active software object, the watermark comprises a predefined instance of executable code which, given a watermark key, calculates a value of the corresponding one watermark, wherein the executable code instance, in terms of its execution flow, is inserted into the execution flow of the software object.

49. The method in claim 44 wherein a separate instance of execution code is inserted for each of the n watermark keys.

50. The method in claim 44 wherein the watermark value comprises a concatenation of an identifier associated with a publisher of the software object and an identifier associated with the software object.

51. A computer readable medium having computer executable instructions stored therein for performing the steps of claim 26.

52. A software object having a plurality of embedded watermarks and generated by a computer system, the system having a processor and a memory, the memory having computer executable instructions stored therein, characterized by the code having being produced by the steps, implemented by the processor in response to the executable instructions, recited in claim 26.

53. The object in claim 52 wherein the software object is either a passive or active object, the passive object comprising content and the active object comprising executable code.

54. The object in claim 53 wherein the specific one location is a starting location.

55. The object in claim 53 wherein all of the plurality of said watermarks embedded in the software object contain an identical watermark value.

56. The object in claim 53 wherein the object is encrypted using a predefined encryption key so as to yield an encrypted watermarked object.

57. The object in claim 56 further comprising a unique fingerprint value that has been inserted after the object has been watermarked but before it is encrypted.

58. The object in claim 56 wherein the predefined encryption key is a symmetric encryption key.
Description


BACKGROUND OF THE DISCLOSURE

1. Field of the Invention

The invention relates to cryptography, particularly a technique including both apparatus and an accompanying method, for imparting to passive and active software objects, such as correspondingly content and executable code, a substantial degree of protection against break-once-run-everywhere (BORE) attacks and for restricting access and use of resulting protected objects that have been, e.g., downloaded, via a networked connection, to a client computer. Such a technique is particularly, though not exclusively, suited for use in a digital rights management (DRM) system executing in the client computer.

2. Description of the Prior Art

Content, such as video and audio recordings, and other multi-media presentations, is increasingly being provided to consumers in digital form. Digital recordings provide enhanced clarity, attributable in part to a substantially diminished noise level, over that commonly provided by conventional analog media. Facilitating this trend is an increasing availability, from a wide range of manufacturers, of relatively economical consumer-oriented digital recording and playback equipment, such as, for example, those employing compact disc (CD) and digital audio tape (DAT) formats.

Unfortunately, the very characteristics of digital content that make it quite attractive to consumers also significantly foster its illicit duplication, i.e., piracy. In that regard, by virtue of digitized data which embodies content on a legitimate copy, whether that data constitutes, e.g., a sound recording, a video recording or a photograph, each subsequent copy of that data will, for all practical purposes, exactly match the original content; thus, providing the same fidelity as the legitimate copy. Hence, a pirate, having access to a legitimate copy, could, rather readily, massively produce illicit copies that, at least from a standpoint of its content, might not be distinguishable from its legitimate copy. Obviously, the ease with which such high quality illicit copies could be generated has caused substantial alarm among content providers, particularly given a substantial loss of revenues that could result from lost sales attributable to widespread piracy.

One of the oldest and usually least effective techniques used to deter illicit copying is simply to append a copyright and other legal proprietary rights notices to an object as distributed on mass (magnetic or optical) media. The intention in doing so is to place a third party on notice that a copy of that object, as embodied in the media, is legally protected and that its publisher may take legal action to enforce its rights in the object against that party to prevent illicit copying. While these notices are often necessary in many jurisdictions to secure full legal remedies against illicit copying, in practice, these notices have provided little, if any, real protection against third party copying. In that regard, in those countries with relatively lax enforcement of intellectual property rights, sales lost to illicit copying of an object, such as a popular movie or audio recording, often significantly dwarf legitimate sales of the same object.

As such, these providers, typified by, e.g., movie studios and music publishers, have turned to technical rather than just legal approaches to deter illicit copying.

In that regard, these providers have recently persuaded hardware manufacturers, of consumer electronic audio and video recording devices, to incorporate appropriate copy-protect circuitry into their products, such as DAT recorders, to actively limit an amount through which content stored on digital media, such as a DAT, containing a legitimately purchased copy, can itself be copied further. In that regard, data encoded on the legitimate copy is read by the copy-protect circuitry in a DAT recorder and used to essentially inhibit that recorder from making more than one copy of that content onto another DAT.

Widespread use of the Internet is a rather recent development that is also significantly fueling the expanding use of digital content. Given the availability of relatively inexpensive but rather sophisticated personal computers with attendant web browsers and multi-media players and the widespread global proliferation of inexpensive consumer Internet connections, the Internet is emerging as an excellent vehicle through which content publishers can cost-effectively distribute content to large numbers of customers--regardless of where these customers are located. This content can range from audio or video clips, to recorded songs to entire movies. Software, in the form of application programs, is increasingly being distributed through the Internet to the consuming public. However, the number of consumers that purchase software in this manner is currently rather small, though rapidly growing, compared to those that obtain physically packaged software through a more conventional distribution channel.

PCs, being general purpose in nature, do not contain copy-protect circuitry of the type used with, e.g., DAT recorders. Hence, conventional hardware-centric anti-piracy measures, such as those used with DAT and other consumer recording devices, are simply ineffective to preclude illicit copying of digital content distributed over the Internet. Thus, content providers are once again faced with a possible attendant loss of substantial revenues, though through a different distributional vehicle, due to illicit copying.

Hence, extensive effort is currently underway in the art and aimed at developing a so-called "digital rights management" (DRM) initiative to counter expected piracy of Internet accessible content.

Underlying this initiative is a basic concept, akin to that in copyright, of bifurcating ownership of those bits themselves, that constitute a content object, from rights to use these bits. This use can encompass, e.g., rendering that object, in the case of passive content, or executing that object in the case of an active object containing executable code. As presently envisioned in the art, the DRM initiative would permit any individual to freely and at no cost access and download, through his(her) client PC, a file containing a desired object from a web site associated with a corresponding publisher. Once downloaded, ownership of the content bits themselves would pass to the individual, i.e., an "owner". However, the rights to use the object contained in the file would remain with the publisher of the object and be licensed to the owner of the bits based on a license fee paid to the publisher by that owner. By remitting a certain fee, typically through an Internet transaction, the owner would be provided with a software license which delineates the rights to which that owner can then use these bits. For example, in the case of a downloaded song, for a relatively modest fee, the license may permit the owner to play the object, here content for the song, just once. For a larger fee, the license may permit the owner to play that song a certain number of times or freely play the song during a certain time period, such as a week or month. For an even larger fee, the license may be configured to permit the owner to play the song on an unlimited basis, i.e., as much as (s)he wants and whenever (s)he wants.

In particular, the downloaded file would contain a software "lock" of some sort which inhibits the client PC from suitably handling an object contained in that file, such as, in the case of a video clip, locally rendering the object on a computer display.

Once the owner downloads a desired file, then, through a separate transaction conducted with a publisher of the object contained in that file, such as a music publisher, (s)he would receive and locally store a software certificate from the publisher. The certificate would contain the software implemented license as well as a suitable secret value ("secret"). As noted above, the license would specify, in view of the license fee paid by the owner, a degree of access (license grant) to which that owner is given to the object. When the owner desires to subsequently access and use the content, appropriate software, e.g., a DRM process, executing in the client PC would first obtain the certificate from local storage; ascertain, from conditions of the license grant set forth in the certificate, whether the desired access and use is allowed; and then, if so, use the secret to unlock the object, and finally permit the object to be subsequently handled, such as played in the case of a passive audio clip, as desired by the user and in accordance with the license grant. Any object that did not contain an appropriate software "lock" would be unaffected by a DRM process; that process would essentially ignore that object and hence not restrict its subsequent use.

While widespread adoption of the DRM initiative, as least as broadly envisioned, is expected to appreciably restrain illicit copying of Internet distributed software objects, underlying this initiative is the development and use of a practical and effective locking mechanism, particularly one employing cryptographic encryption, for use with such objects. Thusfar, the art fails to teach such a mechanism.

Traditionally, cryptographic measures have involved encrypting a plaintext object--whether it be a message or a document, in some fashion, into a ciphertext object through a cryptographic algorithm, i.e., a so-called "cipher", that relies on a secret value (henceforth just a "secret"). Depending on the specific cipher used, this secret can be, e.g., a simple key known only to a sender and a recipient, or can be a private key of a public/private key pair. Upon receipt of the ciphertext object, each such individual would then convert the ciphertext object, through a process, inverse to that of the cipher, using his(her) secret, to yield the plaintext object.

While these traditional cryptographic measures, depending on the particular cipher used, can be extremely secure against third-party cipher attacks, they are ill-suited for use for distributing objects, such as content files, to massive numbers of recipients, particularly to individual PCs.

In that regard, sophisticated cryptographic ciphers, such as those using, e.g., so-called RSA (Rivest-Shamir-Adelman) or Diffie-Hellman type ciphers, exist for decrypting ciphertext. Though these ciphers are extremely secure, because of their nature, they are not suited for use in encrypting large objects, i.e., performing bulk encryption. Furthermore and importantly, if an object were to be protected through use of appending a digital signature to that object, even a signature computed using, e.g., RSA, a pirate could easily remove that signature from the file containing the object and thereby gain unfettered access to an underlying unprotected object.

Therefore, faced with these deficiencies, the art, in the context of digital rights management, appears to be considering the use of watermarking. In essence, a watermark is an identifier that, in the context of a software object, would be tightly integrated into that object but would not be discernible to a third party. Furthermore, that party will likely experience considerably more difficulty in removing a correctly implemented watermark from a software object than removing a digital signature.

When the object is accessed, a cryptographic process, using a secret provided in a DRM certificate, would reveal the presence of the watermark embedded in the object and then detect its value. The secret would define an approximate location (e.g. in the time and frequency domain) at which the watermark can be found. If the correct watermark were then detected, i.e., an identical match then existed between the watermark embedded in the object and its expected value provided in the license, the DRM process would then "unlock" that object.

Disadvantageously, this approach relies on embedding a single watermark into an object. If a pirate were to discover the watermark--even in view of its difficulty of detection, thus breaking the "lock", the pirate could then excise the watermark from the object, and illicitly copy the object and massively distribute resulting illicit copies free and clear of any restriction on their use otherwise imposed through digital rights management. Any recipient of such an illicit copy of the object could, in turn, make copies of that object and further distribute those copies free and clear of its prior software "lock", and so forth with subsequent recipients. Thus, the watermarked object could be susceptible to what we refer to as a "break-once-run-everywhere" (BORE) attack. Through such a successful attack, once the pirate uncovers the single cryptographic parameter, in this case a watermark, protecting the object, (s)he then possesses the unprotected object at which point the publisher has effectively ceded significant control over consumer access and use of that object to the pirate. Hence, protection that a content publisher would otherwise gain through use of digital rights management, at least with respect to the illicit copies, would be completely lost.

However, given enough resources, particularly processing capacity, money and time, a pirate could break the watermark, thus nullifying protection afforded by digital rights management. If sufficient demand exists in the marketplace for a given object--which is particularly true for a popular feature length movie, then the pirate may well have adequate economic motivation to incur the investment in time, cost and effort needed to break the watermark. In that regard, the pirate will likely incur the investment if the resulting gains to be had through illicit copying sufficiently outweigh all the associated costs of time, effort and money needed to break the watermark and make and distribute the illicit copies.

BORE attacks, against watermarked objects, are not limited to pirates but can also arise from third-party "hackers", i.e., individuals who are often not motivated by monetary gain but do possess sufficient expertise and computing resources to break cryptographic protection and post, on the Internet, a resulting unprotected object for widespread distribution.

Nevertheless, the DRM initiative holds significant promise as a mechanism that will sufficiently restrict illicit copying of Internet accessible software objects and hopefully, by doing so, assure a sufficient financial return to publishers of those objects for their legitimate consumer access and use. Moreover, DRM, if adopted, should facilitate increased use of the Internet as a cost-effective mechanism for distributing software objects to a large universe of consumers.

However, for DRM to be effective against attempted piracy, a serious need exists in the art for an adequate software "lock" that can be utilized with software objects. The lock must be sufficiently resistant to BORE attacks such that substantial costs would be incurred by any third-party, particularly a pirate, who attempts to break the lock--costs that are sufficiently high as to outweigh any likely financial gain to be had from illicit copying. Moreover, the "lock" should be sufficiently difficult to detect and sufficiently robust to withstand attack from "hackers". Furthermore, the "lock" should be practical, particularly when used with large software objects, and not require a separate secret for each different recipient.

SUMMARY OF THE INVENTION

Our present invention advantageously satisfies this need and overcomes the deficiencies in the art through creation of our inventive "BORE" resistant object and our inventive use of that object as part of a digital rights management system in a client computer, such as a client personal computer (PC).

In essence and in accordance with our inventive teachings, a BORE resistant object is created by embedding a relatively large number, n, of identical watermarks throughout a single software object, through use of n different secret watermark keys. Each of these watermark keys defines a starting location (e.g., in time, space or frequency) in a protected object (or, in a general sense, a pointer to a location in that object) at which a corresponding watermark appears. Once a user has downloaded the protected object through a client computer, the user then transacts with publisher's web server to obtain an electronic license, cryptographically signed by the publisher to an "enforcer" located in that computer, which specifies access rights, which the publisher accords to this client computer, and the watermark value. The client computer contains an enforcer equipped with only one of the n watermark keys. Whenever the client computer attempts to access a file containing a protected object, the enforcer examines the object using its secret watermark key. If the object contains a watermark appearing at a location specified by the enforcer's watermark key, a client operating system accesses a license database to determine whether a signed license made to the enforcer and linked, via the publisher's cryptographic signature, to this protected object resides in that database. A value of a parameter in the license must match a value of the same parameter contained in a watermark detected in the object. In that regard, the license must be signed by the publisher specified in the watermark and made to a product identification (PID) value that appears in the watermark. Thus, the watermark effectively becomes "glue" between the protected object and its license. If no such license exists, the enforcer inhibits any further access to the object. Otherwise, the enforcer determines whether the watermark value contained in the license matches that detected in the object, and, if so, permits access to the object in accordance with the rights specified in the license. The object can be either an active (executable) or a passive (content) software object.

In particular, the publisher of a given object not only sets the value of the watermark itself--typically to a concatenation of a vendor (publisher) identification (VID) value and the PID value--but also provides that value to a third-party watermarking authority (WA), along with an unwatermarked copy of that object (O). The WA then embeds the watermark n times, each beginning in a starting location determined by a corresponding different one of the secret keys, throughout the object in order to yield the watermarked object (O.sup.WM) All n watermark keys are generated by the WA and are identical across all objects that are to be protected, regardless of their corresponding publishers. These keys are generated once and will be universally used for a relatively long, but finite period, for all objects, from whatever publisher or source, that are to be protected.

Once the WA watermarks a particular object (O), it then provides a resulting watermarked version of that object (O.sup.WM) back to its publisher. The publisher, in turn, replicates the watermarked object as often as needed, and, if desired, serializes each resulting copy, by embedding a single so-called "fingerprint" value in each resulting copy. The fingerprint only occurs once in any copy with its value being unique to that copy. Once a copy has been fingerprinted (to yield object O.sub.f.sup.WM), the publisher then encrypts the fingerprinted, watermarked copy typically using a symmetric encryption cryptosystem. The publisher then distributes resulting encrypted, fingerprinted and watermarked copies of the object (O.sub.fe.sup.WM) at no-cost to requesting users, specifically to a client PC operated by each such user.

After a user has downloaded a watermarked object, then, in order to use that object, the user, through his(her) client PC, electronically transacts, through the Internet, with publisher's web server. In return for payment of a specific licensing fee to the publisher, this web server downloads to the client PC an electronic license (L), cryptographically signed by the publisher to the enforcer located in that PC. The license contains a rights vector, which specifies particular access rights which the publisher accords to this client PC, the product identification value (PID) for the licensed object and a symmetric encryption key.

Each such client PC contains an enforcer as part of a DRM system. From a data perspective, the enforcer is sited within a critical processing path, in the client PC, for the object, and specifically in a path that is difficult to bypass. The location of the enforcer, i.e., within a client O/S or a media card, depends on whether the object is passive or active. The enforcer is equipped with only one of the n secret watermark keys. This particular key will have been previously provided to the enforcer by the watermarking authority.

Whenever the client PC attempts to access a file containing a watermarked (protected) object then residing in that PC, the enforcer in that PC examines the object, using its secret watermark key, to determine whether that object is, in fact, watermarked. If the object is not watermarked, then the enforcer permits the client PC to freely access the object, as desired by the user. Alternatively, if the object contains a watermark starting in relative location given by the enforcer's watermark key, then the enforcer so notifies the client O/S executing in the client PC. The client O/S accesses a license database to determine whether a signed license made to the enforcer and linked, via the publisher's cryptographic signature, to this protected object then exists in that database. If no such license is found, the enforcer inhibits any further access to the object, thus precluding any further use of that object by the client O/S or media card, as appropriate. Alternatively, if such a license is found, the enforcer determines whether the VID and PID values supplied in a header associated with the object and contained in the license itself, respectively, match those detected in the watermark contained in the object. If both match, then the enforcer permits access to the object in accordance with the specific usage rights specified in the license.

Advantageously and as a feature of our invention, by watermarking software through our inventive BORE resistant manner, the resulting object becomes substantially more difficult for an adversary to successfully break.

In that regard, by embedding n different watermarks into a single object and not labeling each client PC as to the specific watermark key it contains, the adversary is required to break not just one client PC to obtain its own embedded watermark key but substantially more than n such PCs to obtain all their embedded watermark keys. As such, if an adversary is to obtain a sufficient number of these keys such that it can successfully defeat the BORE resistant protection with a sufficiently high probability of success, i.e., to permit a BORE-resistant object to be used by a sufficiently large number of client PCs regardless of any license restrictions, that adversary will need to break a number of client PCs that exceeds the value of n by at least 1-2 orders of magnitude.

The sheer magnitude of the costs associated with successfully breaking a sufficient number of client PCs to completely frustrate BORE-resistant protection effectively precludes successful broad-based attacks on BORE-resistant DRM systems. Consequently, piratical acts are far more likely to occur on a far more limited basis, such as through gaining unauthorized access to a small number of watermark keys. In that regard, if an adversary were to break the protection afforded by only a single client PC and learn its embedded watermark key, then only 1/n of an installed base of client PCs, that can handle BORE-resistant objects, would be compromised.

Furthermore, as an advantageous feature of our invention, our inventive technique effectively contains these attacks and, over time, through periodic expiration of watermark keys and selective key replacement, significantly diminishes on-going effectiveness of such compromises.

Specifically, should a publisher learn that a particular object was being pirated, then by simply obtaining a copy of the pirated object, the publisher could readily detect the fingerprint in that object. By querying its user database, the publisher could learn the identity of the client PC that the pirate used, in some fashion, to commit piracy. The publisher could then instruct the WA to revoke the watermark (old) key used by the particular client PC. All client PCs sharing that key, with exception of the particular client PC used by the pirate, will get a new watermark key. For a relatively long period of time, old and new watermark keys will co-exist to enable other objects watermarked with the old key to be accessed and used. However, new objects will be watermarked with the new key. In addition, the particular client PC used by the pirate may be "hot-listed" to limit its rights to access and/or use protected objects.

Watermark keys routinely expire after a given interval of time, as determined by, e.g., the WA, elapses. When such a key expires, an internal key manager process executing in the enforcer requires the client PC to contact the WA to obtain a replacement watermark key.

As a feature of our invention, if a watermark key has been compromised by a third party, our invention reduces, if not, over time, halts, a rapidly expanding security breach of protected objects that would otherwise and conventionally occur when knowledge of their compromised key spreads throughout a large user community. Advantageously, our invention also accommodates existing needs of "innocent" users who continue to access and use those protected objects that require this key. Our invention accomplishes this by phasing out, over time, use of the compromised key and limiting its applicability to only those existing objects that have already been protected with this key.

Specifically, in the event that an existing watermark key is compromised, then that key is not immediately revoked and removed from service. To accommodate such innocent users, a watermark key can be associated with issue and expiration times T.sub.i and T.sub.e at which the key has been issued and will expire, respectively. Hence, a watermark key, K, can be issued as a triple (K, T.sub.i, T.sub.e) and, to frustrate its tampering or detection, can be stored within a secure key manager in a client PC. Should existing watermark key K be compromised, then a new watermark key, K' (typically chosen at random from all n existing watermark keys), with its corresponding issue and expiration times, i.e. (K', T.sub.i ', T.sub.e ') will be issued and distributed to all client PCs which have been using the compromised key. As such, each of these client PCs will have two watermark key triples: that for the existing key, K, and that for the new watermark key, K'. As indicated above, all watermarked objects will be watermarked with all n keys (including keys K and K').

A license can also have associated issue and expiration times, t.sub.i and t.sub.e, respectively. For each protected object, the enforcer in the client PC must utilize both watermark keys K and K' (or, in general, all the watermark keys it has) in examining a protected object for a watermark. An object is assumed to be unprotected if the enforcer fails to find any watermarks in the object. Should the enforcer detect a watermark using either key K or K', then a proper license must exist to access this object. In order for a license to be "proper", not only must a license exist for this object but also the watermark key must expire after the license does and the license must have been issued after the watermark key was, i.e., T.sub.e >t.sub.e and t.sub.i >T.sub.i must both be satisfied. Even if a license exists but either relationship fails, then the license is not "proper"; hence, the enforcer denies access to this object. A watermarking authority can preclude client PCs from gaining access to any future protected objects by simply not issuing a new key to that client PC to replace a key that has expired or will expire (the latter being typified by a compromised key).

Through use of this feature, client PCs can continue to utilize their existing watermark keys (e.g. key K) to access previously distributed protected objects. However, over time, these keys will eventually expire and require replacement. We anticipate that although the growth of keys will monotonically increase, the rate of growth will be quite low, with a client PC obtaining a new watermark key triple after the watermark keys on the order of n different client PCs have been compromised.

To properly exploit our present invention, client PCs will be designed such that until any such PC obtains a valid unexpired watermark key--whether as an initial watermark key for that PC or to replace an expired key, that PC will be unable to process any object that has been protected through our inventive technique. Hence, if a publisher suspects that a particular client PC has been used for illicit purposes, then a watermark authority can simply revoke the existing watermark key for that particular client PC, thus precluding that PC from accessing any existing protected object.

BRIEF DESCRIPTION OF THE DRAWINGS

The teachings of the present invention can be readily understood by considering the following detailed description in conjunction with the accompanying drawings, in which:

FIG. 1 depicts conventional environment 5 in which content files are illicitly distributed via the Internet to unauthorized users;

FIG. 2 depicts generalized and conventional watermarking process 200;

FIG. 3 depicts networked environment 300 which is utilized by our present inventive teachings;

FIG. 4 depicts a high-level block diagram of illustrative client personal computer (PC) 400, e.g., PC.sub.j, shown in FIG. 3;

FIG. 5 depicts a high-level overview of our inventive process 500 for handling software objects, protected in accordance with our inventive teachings, as part of a digital rights management system (DRM) and resulting high-level interaction between a publisher and a client PC with respect to those objects;

FIG. 6 depicts a block diagram of enforcer 600, shown in FIG. 4, which utilizes our present inventive teachings;

FIG. 7 depicts a high-level flowchart of process 700 involving publisher 330, watermarking authority 340 and client PC.sub.j (400) and which implements our inventive teachings for collectively creating and downloading protected object files from the publisher to the client PC and for subsequently controlling access and use of those objects at the client PC;

FIG. 8 depicts a flowchart of watermarked object generation operation 800 and watermarked object distribution operation 850, which both occur within process 700 shown in FIG. 7

FIG. 9 depicts a flowchart of operations performed by block 900 that occurs within watermark object generation operation 800 shown in FIG. 8;

FIG. 10 depicts basic constituent fields of license (L) 1000 as employed by our present invention;

FIG. 11 depicts a flowchart of license transaction operation 1100 that occurs within process 700 shown in FIG. 7;

FIG. 12 depicts cryptographic parameters 1200 existing in, e.g., client PC.sub.j (400) after a license transaction has been completed through operation 1100 shown in FIG. 11, and corresponding sources from which these parameters originate;

FIG. 13 depicts the correct alignment of the drawing sheets for FIGS. 13A and 13B;

FIGS. 13A and 13B collectively depict a flowchart of license verification, object decryption and enforcement operations 1300 that occur within process 700 shown in FIG. 7;

FIG. 14 depicts a flowchart of object usage operation 1400 that occurs within process 700 shown in FIG. 7;

FIG. 15 depicts a flowchart of client watermark key assignment process 1500 as used in conjunction with our present invention;

FIG. 16 depicts a flowchart of new watermark key provisioning process 1600 as used in conjunction with our present invention;

FIG. 17 depicts passive software object 1700, such as a movie, that has been watermarked in accordance with our inventive teachings to provide "break once run everywhere" (BORE) resistance;

FIG. 18 depicts amplitude waveforms for an illustrative, though abbreviated, succession of pixels contained within a passive software object, such as object 1700 shown in FIG. 17, that collectively embed a single bit, of, e.g., a watermark, into that object on a "spatially-spread" basis; and

FIG. 19 depicts an active software object, e.g., executable payload code 1910, that is watermarked in accordance with our inventive teachings to provide BORE resistant software object 1900.

To facilitate understanding, identical reference numerals have been used, where possible, to designate identical elements that are common to the figures.

DETAILED DESCRIPTION

After considering the following description, those skilled in the art will clearly realize that the teachings of our present invention can be utilized to protect a wide range of passive and active software objects, such as content (i.e., passive software) and executable code (i.e., active software), regardless of how these objects are actually distributed to their end-users (i.e., consumers). For purposes of this application, we define the term "software", when used herein in the context of software objects, to globally encompass both: (a) any type of digital content provided by a publisher for use by a consumer, regardless of whether that content constitutes passive content as in the case of, e.g., graphical, image, audio or video files to be played at a client PC, and (b) executable code in the case of a program to be installed and executed at that PC. These objects can be stored in a given physical media, e.g., optical or magnetic, and conventionally distributed as, e.g., packaged software to their users; or distributed directly in electronic form by being downloaded, as computer files, through a networked connection to client PCs employed by these users. Illustratively, such a connection can be an Internet or intranet connection. Advantageously, our invention embeds watermark protection within a non-protected software object such that a resulting protected object is highly secure from "break once run everywhere" (BORE) attacks. In that regard, our invention substantially increases the cost of resources (in terms of, e.g., time, effort and money) that a third party would likely incur to successfully break the protection to a level that is likely to be substantially higher than any financial gain expected to flow to that party from doing so; hence, providing a significant economic disincentive to that party to attempt to break the protection. Since our invention is particularly, though not exclusively, suited for use with downloading Internet accessible software objects from an Internet web site maintained by a content provider (e.g., publisher) to a client personal computer (PC) for use by an end-user, we will describe our invention in that context.

To clearly elucidate our invention and facilitate reader understanding, by way of background, we will first very briefly describe two concepts. First, we will succinctly discuss how software objects, which are to be protected through a digital rights management (DRM) scheme as currently contemplated in the art, are susceptible to BORE (break-once-run-everywhere) attacks, through which such objects can, in spite of a DRM system, still be illicitly and readily copied and distributed. Then, also for background, we will very briefly address conventional watermarking. Thereafter, we will generally present our present inventive teachings for forming highly BORE-resistant watermarked software objects followed by describing a networked environment for securely disseminating such objects, and then addressing, in considerable detail, specific hardware and software aspects for an inventive DRM system, executing on a client PC, that utilizes our teachings, for accessing and using these objects. Lastly, we will describe, through separate embodiments, how our teachings could be utilized to render passive and active software objects, e.g., a movie and executable program code, respectively, highly BORE-resistant.

A. Background

1. Illicit Distribution of Internet Distributed Watermarked Content

FIG. 1 illustrates the ease with which digitized objects can be readily and illicitly distributed through the Internet to a large number of unauthorized users.

As shown, networked environment 5 encompasses content publisher 10 which, through its web server 20, is connected to the Internet to facilitate user access and content download of files that have been posted by the publisher to this server. In general, publisher 10 creates, as symbolized by creation process 12, digitized object 25 and then loads that object onto its web server. This object may be, e.g., an audio recording, such as a song, or another passive software object such as a movie or still image. Alternatively, this object may constitute an active software object, such as an executable program. Regardless of the specific form of this object, the object is usually linked through an appropriate HTML (hypertext transport mark-up language) hotlink to a web page. As such, a user seeing this page rendered through his(her) browser can suitably click his(her) mouse on the hotlink to initiate a download, via web server 20, of the file containing this object. To facilitate access, the object file is generally stored within web page files 22. To prevent unauthorized duplication, publisher 10 incorporates a software "lock" of one sort or another into object file 25. One conventional technique in the context of use with a digital rights management (DRM) system and particularly aimed at use with relatively large objects, such as an audio or video recording, is to embed a predefined watermark (or other indicia) into the object file.

A user (not shown) seeking access to that object could establish an Internet connection through his(her) client PC (also not shown) with web server 20 and then download the "locked" object. In the absence of having downloaded a suitable "secret" value appropriate to that object, a DRM system (not shown) residing in a client PC then employed by the user would simply inhibit the user from accessing the object file. To facilitate access, the user, once in receipt of a "locked" file, would then conduct a separate electronic transaction, via the Internet, with web server 20 to obtain a suitable software certificate, specifically a license, that contains the "secret" value (hereinafter just referred to as a "secret"). Once this certificate is downloaded and stored by the DRM system residing in the client PC, the DRM system, whenever the user attempted to subsequently access the object, would access the certificate and compare a value of the watermark in the license with a value of an actual corresponding watermark stored in the object. The secret could specify a location, in the object, at which the watermark resides. If the values of the two watermarks match, the DRM system would permit the object to be accessed, as desired, which in the case of an audio recording, may involve playing the recording to the user stationed at the client PC. Alternatively, if a mis-match occurred, then the DRM system would deny this access to the user.

Digitized content advantageously provides enhanced clarity and diminished noise over conventional analog recordings. Moreover, downloading such content over the Internet is a far more convenient and economical way for consumers to obtain it, both in terms of time and expense, than through traditional retailing or mail-order channels. Hence, Internet-based content distribution is likely to exhibit explosive growth in the coming years.

Unfortunately, the very characteristics of digital content that make it very attractive to consumers also significantly foster its illicit duplication, i.e., piracy. In that regard, by virtue of digitized data which embodies content on a legitimate copy, each subsequent copy of that data will, for all practical purposes, exactly match the original content; thus, providing the same fidelity as the legitimate copy. Hence, a pirate, having access to a legitimate copy, could, rather readily, massively produce illicit copies that, at least from a standpoint of its content, might not be distinguishable from its legitimate copy.

In particular and as shown, a pirate, such as pirate 40, can readily establish, just as any other user can, a connection, through Internet 30, to web server 20. Such a connection can be established through web browser 54 then executing on PC 50 operated by the pirate. Once a pirate accesses web server 20, he can download object file 25, just as any other user can.

Disadvantageously, this conventional watermarking approach relies on embedding a single watermark into object 25. If a pirate were to discover the watermark, thus breaking the "lock", the pirate could then excise the watermark from the object, and illicitly and massively copy, as represented by file replication operation 43, resulting unprotected object 25' to yield copies 25". Thereafter, as represented by operation 47, pirate 40 could then massively distribute resulting illicit copies 25" free and clear of any restriction on their use otherwise imposed through digital rights management. These illicit copies could themselves be distributed, via channel 60, such as an Internet connection with a web server maintained by pirate 40, to client computers operated by unauthorized users 70, illustratively having users 70.sub.1, 70.sub.2, . . . , 70.sub.y. Furthermore, each of users 70, in turn, could further replicate and distribute illicit copies of object 25", which have content essentially, if not completely, identical in quality to that of original object 25, to further unauthorized users, and so forth--all free and clear of the prior software "lock". In addition, other pirates and their channels of distribution, here collectively symbolized by arrows 32 and 34, could well exist to supply illicit copies of object 25 to further groups of unauthorized users, and so forth. Obviously, as the value of object 25 increases, so does the number of pirates which then seek to illicitly copy and distribute it for their own financial gain.

In this scenario, object 25 would be susceptible to what we refer to as a "BORE" (break-once-run-everywhere) attack. Specifically, a pirate merely needs to break one single parameter, i.e., an embedded watermark, that cryptographically protects this object and only do it once. Once the pirate succeeds, (s)he can remove the watermark from the object. The pirate then possesses the complete unprotected object to do with as (s)he pleases. At that point, content publisher 10 has effectively ceded significant control over consumer access and use of that object to the pirate. Hence, protection that a content publisher would otherwise gain through use of digital rights management, at least with respect to the illicit copies, would be completely lost to a successful BORE attack.

Given enough resources, particularly processing capacity, manpower, capital and time, a pirate could break the watermark, thus nullifying protection otherwise afforded by digital rights management. If sufficient demand exists in the marketplace for a given object--which is particularly true for a popular feature length movie, then the pirate may well have adequate economic motivation to incur the investment needed to break the watermark. In that regard, the pirate will likely incur the investment if the resulting gains to be had through illicit copying sufficiently outweigh the associated costs of all resources needed to break the watermark and make and distribute the illicit copies.

2. Conventional Watermarking

FIG. 2 depicts a simplified high-level block diagram of conventional watermarking process 200. In essence, an object, O, to be protected, whether it be a printed image, a document, a piece of paper currency or some other such item, is applied, as symbolized by line 205, to marking process 210 situated at an originating location. This process creates a watermark and embeds it in the object to create a watermarked object, O'. The watermarked object is then eventually transported through insecure channel 215, whether it be, e.g., transit through a public carrier or, as in the case of currency, public distribution, to a destination location. At the destination, the watermarked object is subjected to watermark recovery process 230 which attempts to recover the watermark from the object and, based on a result


Free Web Sudoku Puzzles.
Solve with your browser.
    4 6   5      
8 9   2          
      1     2 6  
7 5     3     4  
  8           5  
  1     9     2 8
  4 5     8      
          7   8 9
      4   6 1    
What is it?



Add Your Site · Terms Of Service · Privacy Policy


DISCLAIMER
Linkgrinder is a free service that searches the Internet and indexes all files found so that you may search quickly and easily for shared files. These files are created and made available individually by users whose identity we are not aware of and who we have no control over. In essence we function like a search engine tool; these files ARE NOT STORED OR SERVED BY OUR NETWORK. We are not responsible for any materials obtained by using our service. We do not monitor any of the contents of these files. These files may contain viruses, illegal materials, materials inappropriate for minors, offensive files and the like. BY USING OUR SERVICE, YOU ASSUME FULL RESPONSIBILITY FOR DOWNLOADING THESE MATERIALS AND WILL INDEMNIFY US FOR ANY DAMAGES THAT MAY BE INCURRED.

For More Specific Information VIEW OUR TERMS OF SERVICE.

Thank you and Enjoy!