WO2001031923A1 - Method and apparatus for ensuring secure distribution and receipt, and secure authorized exhibition of digital audiovisual data - Google Patents

Method and apparatus for ensuring secure distribution and receipt, and secure authorized exhibition of digital audiovisual data Download PDF

Info

Publication number
WO2001031923A1
WO2001031923A1 PCT/US2000/041520 US0041520W WO0131923A1 WO 2001031923 A1 WO2001031923 A1 WO 2001031923A1 US 0041520 W US0041520 W US 0041520W WO 0131923 A1 WO0131923 A1 WO 0131923A1
Authority
WO
WIPO (PCT)
Prior art keywords
exhibitor
data
audiovisual data
digital audiovisual
authorization
Prior art date
Application number
PCT/US2000/041520
Other languages
French (fr)
Inventor
Michael A. Karagosian
Clyde R. Mckinney
Original Assignee
Mkpe Consulting
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mkpe Consulting filed Critical Mkpe Consulting
Priority to AU24705/01A priority Critical patent/AU2470501A/en
Publication of WO2001031923A1 publication Critical patent/WO2001031923A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • H04N21/8358Generation of protective data, e.g. certificates involving watermark
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/414Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
    • H04N21/41415Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance involving a public display, viewable by several users in a public space outside their home, e.g. movie theatre, information kiosk
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/414Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
    • H04N21/4143Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance embedded in a Personal Computer [PC]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/4508Management of client data or end-user data
    • H04N21/4524Management of client data or end-user data involving the geographical location of the client
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • H04N21/8355Generation of protective data, e.g. certificates involving usage data, e.g. number of copies or viewings allowed
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence

Definitions

  • the present invention relates generally to secure data communication, and more specifically to secure distribution, receipt, and exhibition of digital audiovisual data.
  • One way to secure digital data is encryption.
  • Many encryption techniques and algorithms are known, and can be used to encrypt digital movie data before it is distributed. Distribution of encrypted movie data requires that a key to decrypt the data be obtained by a theater operator who wishes to exhibit the movie. To maintain a single inventory of movie data by the distribution company, it is desirable to encrypt all copies of a given movie title utilizing a single key. However, it is also desirable to ensure that only an individual, authorized exhibitor be able to decrypt and exhibit an individual distributed copy of a motion picture intended for that exhibitor.
  • Existing encryption technology does not provide a way to encrypt multiple copies of data with a single key, and at the same time to ensure that each individual copy can be decrypted by only an individual intended recipient.
  • encryption can protect electronic data from theft during distribution, it cannot prevent all forms of piracy.
  • the encrypted movie data In order to exhibit a movie, the encrypted movie data must first be decrypted.
  • encrypted data is decrypted on a secure computer system which enacts a decryption algorithm, and which stores a decryption key in memory.
  • the security of such computer systems and decryption keys is at risk. If theft of the digital data is possible, then it is equally likely that the computers and memory devices that are required to enact the security process are vulnerable to theft as well.
  • Such a security system is thus vulnerable to theft because it can be stolen and used to exhibit the motion picture at another location and in circumvention of restrictions and constraints normally imposed upon the distribution and exhibition of the motion picture.
  • Another problem with contemporary digital cinema is ensuring that a motion picture can only be exhibited during an authorized range of dates.
  • traditional film the film print is returned to the distribution company after the movie exhibition dates have expired. In this manner, the distribution company maintains control over the whereabouts of the movie, preventing unauthorized exhibition and other forms of theft.
  • digital, electronic motion picture distribution the data comprising the movie is normally not returned to the distributor. Thus, techniques are required for ensuring that the movie data can only be played during a fixed, authorized range of dates.
  • Encrypted digital movie data is provided by a movie distributor to at least one exhibitor. Because the data is encrypted, the distribution is secure.
  • All distributed copies of a given movie title can be encrypted with the same key, thereby allowing single inventory of movie data by a distributor.
  • a movie decryption key and exhibitor authorization data are distributed to each exhibitor.
  • the key and authorization data are distributed separately from the movie data, and are preferably encrypted with a key that is unique to the intended exhibitor recipient. Unlike the movie data itself, the key and authorization data need not be singly inventoried by the distributor and thus do not require that all copies be encrypted with the same key.
  • the exhibitor authorization data contains information uniquely identifying the exhibitor, as well as valid authorized dates for exhibition of the movie.
  • each exhibitor receives unique authorization data for each received digital movie.
  • the exhibitor identification information in the authorization data includes a unique exhibitor identification code, and a location of the exhibitor generated by a global positioning system.
  • other data such as a projector serial number can be used as all or part of the identification information as desired.
  • the authorization data is compared with local data provided by an exhibitor.
  • local data comprises date, time, and location information provided by a global positioning system receiver. Only upon match up of the local data with the authorization data can the decryption and subsequent exhibition of the movie data occur.
  • the authorization data contains the range of authorized dates during which the movie may be exhibited, and the local data to be compared with the authorization data includes the date. Thus, the movie cannot be decrypted or exhibited outside of the range of authorized dates.
  • signature data is presented to a device analogous to a watermarking device which encodes a unique signature into the visual image and audio signals.
  • This signature is based upon information which uniquely identifies the exhibitor.
  • the signature data is similar to the authorization data, and can include an exhibitor identification number, date, time, and location.
  • the signature data can be recovered from illicitly copied material. Known methods can be used to create such a so-called watermark that can then be recovered from analog copies of data.
  • the watermark provides a scheme for identifying the exhibition source of a pirated copy of a movie, even where the theft involves analog copying.
  • FIG. 1 is a flowchart illustrating the process of distributing digital audiovisual data to at least one exhibitor in accordance with one preferred embodiment of the present invention.
  • FIG. 2 is a flowchart illustrating the process of receiving and exhibiting digital audiovisual data by an exhibitor in accordance with one preferred embodiment of the present invention.
  • FIG. 3 is a block diagram illustrating a system utilized to ensure that an exhibitor is authorized to exhibit the digital audiovisual data in accordance with an embodiment of the present invention.
  • FIG. 4 is a block diagram illustrating exhibitor identification data in accordance with one embodiment of the present invention.
  • the present invention enables secure distribution, receipt, and exhibition of digital audiovisual data.
  • audiovisual is used herein to mean "audio” or "visual.”
  • the digital audiovisual data is distributed by a distributor to at least one exhibitor.
  • the digital audiovisual data is encrypted.
  • Each exhibitor securely receives the encrypted digital audiovisual data.
  • the authorization of the exhibitor is verified, and only upon verification is an exhibitor allowed to decrypt and exhibit the digital audiovisual data.
  • the audiovisual data Prior to exhibition, the audiovisual data is encoded with unique data identifying the exhibitor. Unauthorized analog copies made from the exhibition of audiovisual data can be traced through the identifying data.
  • the flowchart of FIG. 1 illustrates the process of distributing digital audiovisual data according to an embodiment of the present invention.
  • a distributor encrypts 101 digital audiovisual data.
  • the digital audiovisual data comprises a motion picture, but the digital audiovisual data may also comprise television programs, visual image communication data, and the like, as desired.
  • a known encryption method such as RSA, Skipjack, DES, Blowfish, or the like is utilized to encrypt 101 the digital audiovisual data.
  • every copy of a motion picture (or other audiovisual data in alternative embodiments) is encrypted 101 using a single key, to facilitate single inventory of the data by the distributor.
  • each copy of a motion picture may be encrypted with a separate, unique key.
  • the digital audiovisual data is encrypted in a conventional manner by computer software residing in memory of a computer system including a central processing unit.
  • the digital audiovisual data may be encrypted by hardware, firmware, or any combination of software, hardware and firmware, as desired.
  • the distributor assembles 103 exhibitor authorization data for each exhibitor who is to receive the digital audiovisual data.
  • Exhibitor authorization data is used to verify that an exhibitor is authorized to receive and exhibit the digital audiovisual data, and is thus unique for each exhibitor.
  • FIG. 4 illustrates exhibitor identification data 401 in one embodiment of the present invention.
  • Exhibitor authorization data 401 for each exhibitor comprises exhibitor identification information 403, audiovisual data identification information 405, and valid dates of exhibition 407 of the audiovisual data.
  • the exhibitor authorization data 401 may also contain additional information, for example including distributor identification information.
  • the exhibitor authorization data 401 may contain less information, for example, with valid dates of exhibition 407 omitted because the exhibitor purchased a license to exhibit the audiovisual data without date restrictions.
  • the exhibitor identification information 403 contained in the exhibitor authorization data 401 comprises location information of the exhibitor such as is generated by a global positioning system, and constitutes an authorized location for the exhibition of the digital audiovisual data.
  • exhibitor identification information 403 may comprise other data such as a serial number of an exhibitor's digital movie projector or an assigned exhibitor identification code, as desired.
  • the exhibitor authorization data 401 may also be encrypted 105, or may be present in clear digitized text.
  • the exhibitor authorization data 401 for each exhibitor is encrypted 105 utilizing a key unique to that exhibitor.
  • exhibitor authorization data 401 is distributed to a given exhibitor in encrypted form utilizing that exhibitor's public key of an encryption method such as RSA that requires a public key and a private key.
  • a public and a private key for each exhibitor are preferably generated by the distributor.
  • the public key is used to encrypt 105 exhibitor authorization data 401, and the private key is used, by the exhibitor, to decrypt the exhibitor authorization data 401.
  • Various secure channels may be utilized to distribute the private key to the exhibitor. Distribution of the private key is discussed in detail later in this specification.
  • the above-described encryption of the exhibitor authorization data 401 may be modified in alternative embodiments to include public and private keys generated by each exhibitor rather than by the distributor, may be modified to include a single key to encrypt and decrypt the data, and may be modified to include a key that is not unique to the exhibitor.
  • the exhibitor authorization data 401 is not encrypted at all, but instead may appear in clear digitized text, as desired.
  • the key to decrypt the encrypted audiovisual data for each exhibitor is encrypted 107 utilizing a key unique to that exhibitor. Preferably, this is the same key used to encrypt 105 the exhibitor authorization data 401, as described above.
  • the alternative embodiments described above for the encryption of the exhibitor authorization data 401 also apply to the encryption of the key to decrypt the audiovisual data.
  • the digital audiovisual data, the key to decrypt the encrypted audiovisual data, and the exhibitor authorization data 401 are distributed to at least one exhibitor.
  • the digital audiovisual data is distributed 109 separately from the key to decrypt the digital audiovisual data, and from the exhibitor authorization data 401, over a secure communication channel, such as telephone, Internet, leased communication line, and the like.
  • the distribution of the digital audiovisual data can be by transmission over such public channels as the Internet, telephone lines, fiber optic cable, satellite, or the like, as desired.
  • the digital audiovisual data may be distributed on magnetic or optical media.
  • the exhibitor authorization data 401 and the key to decrypt the encrypted audiovisual data are embedded 111 in a computer program to be distributed to an exhibitor.
  • the computer program also contains program code to verify that an exhibitor is authorized to exhibit the audiovisual data, and program code to process the results of the verification.
  • program code to verify that an exhibitor is authorized to exhibit the audiovisual data
  • program code to process the results of the verification. The operation of such computer program is described in detail later in this specification.
  • For each exhibitor to receive the digital audiovisual data a copy of the computer program is created containing the exhibitor authorization data 401 for that exhibitor, as well as the key to decrypt the digital audiovisual data.
  • the appropriate copy of the computer program is distributed 113 by conventional schemes to each exhibitor that receives the digital audiovisual data.
  • the computer program is preferably distributed over a secure public channel such as the Internet, but can also be distributed on magnetic or optical media, as desired.
  • assembling the exhibitor authorization data 401, encrypting the exhibitor authorization data 401, encrypting the key to decrypt the digital audiovisual data, and embedding the exhibitor authorization data 401 and the key to decrypt the encrypted audiovisual data in a copy of the computer program are performed by computer software residing in computer memory of a computer system with a central processing unit.
  • FIG. 2 is a flowchart illustrating the steps involved in receiving and exhibiting digital audiovisual data by an exhibitor in accordance with one embodiment of the present invention.
  • an exhibitor receives 201 encrypted digital audiovisual data.
  • the digital audiovisual data comprises a motion picture, but may also be other forms of digitized data as previously explained.
  • the exhibitor receives 203 exhibitor authorization data 401 and a key to decrypt the encrypted audiovisual data.
  • the receipt of the digital audiovisual data is separate from the receipt of the exhibitor authorization data 401 and from the key to decrypt the encrypted audiovisual data.
  • the exhibitor authorization data 401 and key to decrypt the encrypted audiovisual data are embedded in a computer program which is received 203 from the distributor.
  • FIG. 3 illustrates one system utilized for verification of this authorization and subsequent exhibition of digital audiovisual data in accordance with one embodiment of the present invention.
  • a computer system 301 contains a central processing unit 303, computer memory 305, and storage device 307 such as at least one magnetic disk or at least one writeable optical disk. Data is received via at least one input mechanism 309 such as modem, cable, network card, satellite receiver, floppy disk drive, and the like, and is transmitted to audiovisual data exhibition hardware via an output mechanism 311.
  • the audiovisual data exhibition hardware comprises a digital projector 313 and an audio playback system 315.
  • the computer system 301, digital projector 313 and audio playback system 315 can all be components of a single physical device, or can be separate, physically discrete devices as desired. Separate hardware components of these types are required to be physically or logically connected, for example by a local area computer network, by telephone lines, or by a wireless, electromagnetic radiation-based communication system.
  • the computer system 301 is a component of the digital projector 313.
  • the computer program 317 is loaded into the computer memory 305 of the computer system 301 via an input mechanism 309.
  • the computer program 317 is then executed 205 by the central processing unit 303 of the computer system 301 to retrieve 207 exhibitor identification data 319 that uniquely identifies the exhibitor.
  • the exhibitor identification data 319 comprises a location of the exhibitor and a current date. This information is preferably provided by a global positioning system (GPS) receiver 321 coupled to the computer system 301.
  • GPS global positioning system
  • the exhibitor identification data 319 comprises other information such as a digital projector serial number or an assigned exhibitor identification code, as desired.
  • the computer program 317 verifies that the exhibitor is authorized to exhibit the digital audiovisual data 327 at a current date within a range of dates. Where the exhibitor authorization data 401 is encrypted, as in one preferred embodiment, the computer program 317 must decrypt 209 it in order to proceed. To do so, the computer program 317 preferably accesses the private key 325 of the exhibitor. As explained above, the private key 325 is preferably unique to the exhibitor, and is supplied by the distributor. In a preferred embodiment of the present invention, the private key 325 is distributed to the exhibitor on physical media, such a floppy disk or CD-ROM. Alternatively, the private key 325 can be distributed over a secure transmission channel such as the Internet, or the like, as desired.
  • the private key 325 is stored by the distributor, and accessed by the exhibitor as needed. In such an embodiment, the identification of the exhibitor is verified prior to allowing access of the private key 325. In every embodiment that includes a private key 325, a new private key 325 is generated from time to time and made available to the exhibitor. In an alternative embodiment, the public and private key combination is generated by the exhibitor instead of by the distributor. In that embodiment, the public key is made available to the distributor and used for the encryption. The private key 325, held by the exhibitor, is then used for the decryption. Once the exhibitor authorization data 401 has been decrypted 209, the computer program 317 proceeds to verify that the exhibitor is authorized to exhibit the digital audiovisual data 327.
  • the computer program 317 first compares 211 the exhibitor authorization data 401 to the exhibitor identification data 319.
  • an authorized location for the exhibition of the digital audiovisual data 327 in the exhibitor authorization data 401 provided by the distributor is compared 211 with the location of the exhibitor contained in the exhibitor identification data 319.
  • the location of the exhibitor contained in the exhibitor identification data 319 is preferably provided by a GPS receiver 321. Because the location of the authorized exhibitor is known to the distributor and is included in the exhibitor authorization data 323, the location of the exhibitor provided by the GPS receiver 321 can be used to verify the authorization of the exhibitor.
  • the digital audiovisual data 327, projection equipment 313, and GPS receiver 321 are stolen, the digital audiovisual data 327 will still be secure.
  • the authorization check performed prior to exhibition will fail at least because the stolen and relocated GPS receiver 321 will report a different location from that provided by the distributor.
  • the comparison of GPS location data is performed with moderate precision and not finite precision, so that movement of the GPS receiver 321 or antenna within an exhibitor's site does not result in a verification failure.
  • data other than location is used to verify the identity of the exhibitor such as a serial number of the projection equipment 313, or a password, or the like.
  • the current date is verified 213 against the range of dates during which the exhibitor is authorized to exhibit the digital audiovisual data 327.
  • this range of dates is preferably included in the exhibitor authorization data 323.
  • the current date is preferably provided by the GPS receiver 321.
  • the current date is provided by the operating system of the computer system 301. Either way, the computer program 307 verifies 213 that the c rent date is within the authorized range.
  • the computer program 317 If the identity of the exhibitor and the date are successfully verified, the exhibition of the digital audiovisual data 327 is allowed to proceed. However, if either the identity of the exhibitor, or the authorization to exhibit on the current date is not confirmed, the computer program 317 does not decrypt the digital audiovisual data 327, which therefore cannot be exhibited 215. Preferably, the computer program 317 erases the digital audiovisual data 327 and decryption key. Preferably the computer program 317 transmits a control signal to the distributor indicating that an attempt is occurring to execute an unauthorized exhibition of the digital audiovisual data 327 at a given location. Then, the computer program 317 terminates.
  • the computer program 317 proceeds to decrypt 217 the key 325 needed to decrypt the digital audiovisual data 327.
  • This key 325 is preferably encrypted with the same key as the exhibitor authorization data, and is decrypted in the same manner, as described above.
  • the digital audiovisual data 327 is then decrypted 219 by the computer program 317. At this point, the audiovisual data is ready to be watermarked prior to exhibition.
  • the use of the computer program 317 as described above represents one mode of practicing the present invention, in alternative embodiments of the present invention, there is no computer program 317, and the exhibitor authorization data 401 and key 325 to decrypt the digital audiovisual data 327 are received by themselves.
  • the exhibitor authorization data 401 and key 325 to decrypt the digital audiovisual data 327 are loaded into the computer memory 305 of the computer system 301 at the exhibitor site.
  • all of the steps that are performed by the computer program 317 in the embodiment described above are instead performed by software (or, in other embodiments by hardware, firmware, or any combination of software, hardware, and firmware as desired) which comprises a component of the exhibitor's computer system 301.
  • the audiovisual data is watermarked 221 with unique identifying data prior to exhibition.
  • the identifying data can be provided by a date and time clock, or a memory device containing unique data stored by the projector manufacturer, or a memory device containing unique data stored by the exhibitor, or unique signature data provided through a local-area network (LAN), or the GPS receiver 321.
  • LAN local-area network
  • the identifying data comprises the location and date information provided by the GPS receiver 321.
  • the present invention is not dependent upon the choice of watermarking technology used to encode the identifying information in the visual image and audio signal.
  • Various known watermarking technologies that are currently commercially available can be utilized as desired to watermark 221 both visual image and audio signals, or alternatively to watermark 221 only the audio signal or only the visual image signal.
  • Watermarking technology by its nature, imprints the data with the watermarking information which can facilitate the recovery of the encoded identifying data, and thus aid in the identification of an analog theft. Once the data is watermarked 221, it can be exhibited 223.

Abstract

An exhibitor receives encrypted digital audiovisual data (103) and exhibitor authorization data from a distributor. Authorization of the exhibitor to exhibit the digital audiovisual data is ensured by comparing the exhibitor authorization data to exhibitor provided identification data. The audiovisual data is decrypted (107) and exhibited only upon verification of the exhibitor's authorization. The audiovisual data is watermarked with identifying information (111) so that pirated analog copies made from the exhibition can be traced to the source.

Description

Method and Apparatus for Ensuring Secure Distribution and
Receipt, and Secure Authorized Exhibition of Digital Audiovisual
Data
Inventors: Michael Karagosian, Clyde McKinney
Field of the Invention
The present invention relates generally to secure data communication, and more specifically to secure distribution, receipt, and exhibition of digital audiovisual data.
Background of the Invention Today, commercial exhibition of digital motion pictures is becoming increasingly widespread. A method for distributing digital motion picture data is described in United States Patent number 5,924,013 titled "Method and apparatus for transmitting motion picture cinematic information for viewing in movie theaters and ordering method therefor," issued to Guido, et al ("Cinematic Information Patent"). Prevention of theft of cinematic intellectual property is an important issue in the commercialization and distribution of electronic, digital cinema. As described in the cinematic information patent cited above, digital cinema requires distribution of movies in the form of digital data. Digital data is vulnerable to quick, inexpensive, and accurate duplication. However, the cinematic information patent cited above, and other prior art in the field of electronic, digital cinema does not provide a mechanism to prevent or hamper the theft of the digital movie data.
One way to secure digital data is encryption. Many encryption techniques and algorithms are known, and can be used to encrypt digital movie data before it is distributed. Distribution of encrypted movie data requires that a key to decrypt the data be obtained by a theater operator who wishes to exhibit the movie. To maintain a single inventory of movie data by the distribution company, it is desirable to encrypt all copies of a given movie title utilizing a single key. However, it is also desirable to ensure that only an individual, authorized exhibitor be able to decrypt and exhibit an individual distributed copy of a motion picture intended for that exhibitor. Existing encryption technology does not provide a way to encrypt multiple copies of data with a single key, and at the same time to ensure that each individual copy can be decrypted by only an individual intended recipient. Additionally, while encryption can protect electronic data from theft during distribution, it cannot prevent all forms of piracy. In order to exhibit a movie, the encrypted movie data must first be decrypted. Generally, encrypted data is decrypted on a secure computer system which enacts a decryption algorithm, and which stores a decryption key in memory. In the cinematic projection environment, the security of such computer systems and decryption keys is at risk. If theft of the digital data is possible, then it is equally likely that the computers and memory devices that are required to enact the security process are vulnerable to theft as well. Such a security system is thus vulnerable to theft because it can be stolen and used to exhibit the motion picture at another location and in circumvention of restrictions and constraints normally imposed upon the distribution and exhibition of the motion picture. Another problem with contemporary digital cinema is ensuring that a motion picture can only be exhibited during an authorized range of dates. With traditional film, the film print is returned to the distribution company after the movie exhibition dates have expired. In this manner, the distribution company maintains control over the whereabouts of the movie, preventing unauthorized exhibition and other forms of theft. With digital, electronic motion picture distribution, the data comprising the movie is normally not returned to the distributor. Thus, techniques are required for ensuring that the movie data can only be played during a fixed, authorized range of dates.
Even where a legitimate, authorized exhibition of the motion picture occurs, the data still remains vulnerable to theft. Currently movie piracy is commonly accomplished through such analog schemes as direct visual image and audio recording of the movie from within the cinema auditorium itself, and contemporary security mechanisms are incapable of tracing the origin of such theft.
Thus improved techniques for safeguarding electronically distributed digital motion picture data are required to obviate movie piracy and the associated issues described above.
Summary of the Invention
In accordance with the present invention, efficient techniques are provided for ensuring secure distribution, receipt, and exhibition of digital audiovisual data. Encrypted digital movie data is provided by a movie distributor to at least one exhibitor. Because the data is encrypted, the distribution is secure.
All distributed copies of a given movie title can be encrypted with the same key, thereby allowing single inventory of movie data by a distributor. In addition to digital movie data, a movie decryption key and exhibitor authorization data are distributed to each exhibitor. The key and authorization data are distributed separately from the movie data, and are preferably encrypted with a key that is unique to the intended exhibitor recipient. Unlike the movie data itself, the key and authorization data need not be singly inventoried by the distributor and thus do not require that all copies be encrypted with the same key.
The exhibitor authorization data contains information uniquely identifying the exhibitor, as well as valid authorized dates for exhibition of the movie. Thus, each exhibitor receives unique authorization data for each received digital movie. In a preferred embodiment, the exhibitor identification information in the authorization data includes a unique exhibitor identification code, and a location of the exhibitor generated by a global positioning system. Alternatively, other data such as a projector serial number can be used as all or part of the identification information as desired. The authorization data is compared with local data provided by an exhibitor. In a preferred embodiment, local data comprises date, time, and location information provided by a global positioning system receiver. Only upon match up of the local data with the authorization data can the decryption and subsequent exhibition of the movie data occur. Thus, theft of the movie data, the decryption key, and the authorization data is not sufficient to decrypt and exhibit the movie, since local data must match the authorization data in order to decrypt and exhibit the movie. Although theft of an exhibitor's computer system and projector remains possible, an attempt to exhibit the movie at another location will fail due to the mismatch between the authorization data and local data that includes global positioning data. Therefore, if a thief attempts an unauthorized exhibition of stolen movie data at another location, the local data will be absent or will not match the authorization data. Even if the thief is in possession of the exhibitor's projection equipment and global positioning system receiver, the location data generated by the global positioning system receiver will not match the location data of the authorized exhibitor. Additionally, the authorization data contains the range of authorized dates during which the movie may be exhibited, and the local data to be compared with the authorization data includes the date. Thus, the movie cannot be decrypted or exhibited outside of the range of authorized dates.
Before the digital movie data is sent to the projection mechanism and the audio playback system, signature data is presented to a device analogous to a watermarking device which encodes a unique signature into the visual image and audio signals. This signature is based upon information which uniquely identifies the exhibitor. In a preferred embodiment, the signature data is similar to the authorization data, and can include an exhibitor identification number, date, time, and location. The signature data can be recovered from illicitly copied material. Known methods can be used to create such a so-called watermark that can then be recovered from analog copies of data. Thus, the watermark provides a scheme for identifying the exhibition source of a pirated copy of a movie, even where the theft involves analog copying.
Brief Description of the Drawings
FIG. 1 is a flowchart illustrating the process of distributing digital audiovisual data to at least one exhibitor in accordance with one preferred embodiment of the present invention.
FIG. 2 is a flowchart illustrating the process of receiving and exhibiting digital audiovisual data by an exhibitor in accordance with one preferred embodiment of the present invention.
FIG. 3 is a block diagram illustrating a system utilized to ensure that an exhibitor is authorized to exhibit the digital audiovisual data in accordance with an embodiment of the present invention. FIG. 4 is a block diagram illustrating exhibitor identification data in accordance with one embodiment of the present invention.
Detailed Description of the Invention The present invention enables secure distribution, receipt, and exhibition of digital audiovisual data. The term " audiovisual" is used herein to mean "audio" or "visual." The digital audiovisual data is distributed by a distributor to at least one exhibitor. For security of distribution, the digital audiovisual data is encrypted. Each exhibitor securely receives the encrypted digital audiovisual data. The authorization of the exhibitor is verified, and only upon verification is an exhibitor allowed to decrypt and exhibit the digital audiovisual data. Prior to exhibition, the audiovisual data is encoded with unique data identifying the exhibitor. Unauthorized analog copies made from the exhibition of audiovisual data can be traced through the identifying data. The flowchart of FIG. 1 illustrates the process of distributing digital audiovisual data according to an embodiment of the present invention. A distributor encrypts 101 digital audiovisual data. Preferably, the digital audiovisual data comprises a motion picture, but the digital audiovisual data may also comprise television programs, visual image communication data, and the like, as desired. A known encryption method such as RSA, Skipjack, DES, Blowfish, or the like is utilized to encrypt 101 the digital audiovisual data. Preferably, every copy of a motion picture (or other audiovisual data in alternative embodiments) is encrypted 101 using a single key, to facilitate single inventory of the data by the distributor. In alternative embodiments, each copy of a motion picture may be encrypted with a separate, unique key. In a preferred embodiment of the present invention, the digital audiovisual data is encrypted in a conventional manner by computer software residing in memory of a computer system including a central processing unit. In alternative embodiments, the digital audiovisual data may be encrypted by hardware, firmware, or any combination of software, hardware and firmware, as desired. Once the digital audiovisual data is encrypted, the distributor assembles 103 exhibitor authorization data for each exhibitor who is to receive the digital audiovisual data. Exhibitor authorization data is used to verify that an exhibitor is authorized to receive and exhibit the digital audiovisual data, and is thus unique for each exhibitor. FIG. 4 illustrates exhibitor identification data 401 in one embodiment of the present invention. Exhibitor authorization data 401 for each exhibitor comprises exhibitor identification information 403, audiovisual data identification information 405, and valid dates of exhibition 407 of the audiovisual data. In alternative embodiments, the exhibitor authorization data 401 may also contain additional information, for example including distributor identification information. In other alternative embodiments, the exhibitor authorization data 401 may contain less information, for example, with valid dates of exhibition 407 omitted because the exhibitor purchased a license to exhibit the audiovisual data without date restrictions.
Preferably, the exhibitor identification information 403 contained in the exhibitor authorization data 401 comprises location information of the exhibitor such as is generated by a global positioning system, and constitutes an authorized location for the exhibition of the digital audiovisual data. Alternatively, exhibitor identification information 403 may comprise other data such as a serial number of an exhibitor's digital movie projector or an assigned exhibitor identification code, as desired.
Preferably, the exhibitor authorization data 401 may also be encrypted 105, or may be present in clear digitized text. In a preferred embodiment, the exhibitor authorization data 401 for each exhibitor is encrypted 105 utilizing a key unique to that exhibitor. Preferably, exhibitor authorization data 401 is distributed to a given exhibitor in encrypted form utilizing that exhibitor's public key of an encryption method such as RSA that requires a public key and a private key. A public and a private key for each exhibitor are preferably generated by the distributor. The public key is used to encrypt 105 exhibitor authorization data 401, and the private key is used, by the exhibitor, to decrypt the exhibitor authorization data 401. Various secure channels may be utilized to distribute the private key to the exhibitor. Distribution of the private key is discussed in detail later in this specification.
It should be noted that the above-described encryption of the exhibitor authorization data 401 may be modified in alternative embodiments to include public and private keys generated by each exhibitor rather than by the distributor, may be modified to include a single key to encrypt and decrypt the data, and may be modified to include a key that is not unique to the exhibitor. Alternatively, the exhibitor authorization data 401 is not encrypted at all, but instead may appear in clear digitized text, as desired. In a preferred embodiment, the key to decrypt the encrypted audiovisual data for each exhibitor is encrypted 107 utilizing a key unique to that exhibitor. Preferably, this is the same key used to encrypt 105 the exhibitor authorization data 401, as described above. The alternative embodiments described above for the encryption of the exhibitor authorization data 401 also apply to the encryption of the key to decrypt the audiovisual data.
Next, the digital audiovisual data, the key to decrypt the encrypted audiovisual data, and the exhibitor authorization data 401 are distributed to at least one exhibitor. Preferably, the digital audiovisual data is distributed 109 separately from the key to decrypt the digital audiovisual data, and from the exhibitor authorization data 401, over a secure communication channel, such as telephone, Internet, leased communication line, and the like. The distribution of the digital audiovisual data can be by transmission over such public channels as the Internet, telephone lines, fiber optic cable, satellite, or the like, as desired. Alternatively, the digital audiovisual data may be distributed on magnetic or optical media. In one preferred embodiment of the present invention, the exhibitor authorization data 401 and the key to decrypt the encrypted audiovisual data are embedded 111 in a computer program to be distributed to an exhibitor. The computer program also contains program code to verify that an exhibitor is authorized to exhibit the audiovisual data, and program code to process the results of the verification. The operation of such computer program is described in detail later in this specification. For each exhibitor to receive the digital audiovisual data, a copy of the computer program is created containing the exhibitor authorization data 401 for that exhibitor, as well as the key to decrypt the digital audiovisual data. Next, the appropriate copy of the computer program is distributed 113 by conventional schemes to each exhibitor that receives the digital audiovisual data. As with the digital audiovisual data, the computer program is preferably distributed over a secure public channel such as the Internet, but can also be distributed on magnetic or optical media, as desired. In a prefeπed embodiment of the present invention, assembling the exhibitor authorization data 401, encrypting the exhibitor authorization data 401, encrypting the key to decrypt the digital audiovisual data, and embedding the exhibitor authorization data 401 and the key to decrypt the encrypted audiovisual data in a copy of the computer program are performed by computer software residing in computer memory of a computer system with a central processing unit. In alternative embodiments, assembling the exhibitor authorization data 401, encrypting the exhibitor authorization data 401, encrypting the key to decrypt the digital audiovisual data, and embedding the exhibitor authorization data 401 and the key to decrypt the encrypted audiovisual data in a copy of the computer program are performed by hardware, firmware, or any combination of software, hardware, and firmware as desired. FIG. 2 is a flowchart illustrating the steps involved in receiving and exhibiting digital audiovisual data by an exhibitor in accordance with one embodiment of the present invention. In FIG. 2, an exhibitor receives 201 encrypted digital audiovisual data. Typically, the digital audiovisual data comprises a motion picture, but may also be other forms of digitized data as previously explained. Next, the exhibitor receives 203 exhibitor authorization data 401 and a key to decrypt the encrypted audiovisual data. In one preferred embodiment, the receipt of the digital audiovisual data is separate from the receipt of the exhibitor authorization data 401 and from the key to decrypt the encrypted audiovisual data. Preferably, the exhibitor authorization data 401 and key to decrypt the encrypted audiovisual data are embedded in a computer program which is received 203 from the distributor.
Prior to decrypting the digital audiovisual data and allowing exhibition thereof, the exhibitor must be verified to have present authorization to exhibit the digital audiovisual data. FIG. 3 illustrates one system utilized for verification of this authorization and subsequent exhibition of digital audiovisual data in accordance with one embodiment of the present invention. A computer system 301 contains a central processing unit 303, computer memory 305, and storage device 307 such as at least one magnetic disk or at least one writeable optical disk. Data is received via at least one input mechanism 309 such as modem, cable, network card, satellite receiver, floppy disk drive, and the like, and is transmitted to audiovisual data exhibition hardware via an output mechanism 311. In one preferred embodiment, the audiovisual data exhibition hardware comprises a digital projector 313 and an audio playback system 315. The computer system 301, digital projector 313 and audio playback system 315 can all be components of a single physical device, or can be separate, physically discrete devices as desired. Separate hardware components of these types are required to be physically or logically connected, for example by a local area computer network, by telephone lines, or by a wireless, electromagnetic radiation-based communication system. In one embodiment, the computer system 301 is a component of the digital projector 313.
Referring again to FIG. 2 and FIG. 3, the computer program 317 is loaded into the computer memory 305 of the computer system 301 via an input mechanism 309. The computer program 317 is then executed 205 by the central processing unit 303 of the computer system 301 to retrieve 207 exhibitor identification data 319 that uniquely identifies the exhibitor. Preferably, the exhibitor identification data 319 comprises a location of the exhibitor and a current date. This information is preferably provided by a global positioning system (GPS) receiver 321 coupled to the computer system 301.
Alternatively, the exhibitor identification data 319 comprises other information such as a digital projector serial number or an assigned exhibitor identification code, as desired.
Next, the computer program 317 verifies that the exhibitor is authorized to exhibit the digital audiovisual data 327 at a current date within a range of dates. Where the exhibitor authorization data 401 is encrypted, as in one preferred embodiment, the computer program 317 must decrypt 209 it in order to proceed. To do so, the computer program 317 preferably accesses the private key 325 of the exhibitor. As explained above, the private key 325 is preferably unique to the exhibitor, and is supplied by the distributor. In a preferred embodiment of the present invention, the private key 325 is distributed to the exhibitor on physical media, such a floppy disk or CD-ROM. Alternatively, the private key 325 can be distributed over a secure transmission channel such as the Internet, or the like, as desired. In one embodiment, the private key 325 is stored by the distributor, and accessed by the exhibitor as needed. In such an embodiment, the identification of the exhibitor is verified prior to allowing access of the private key 325. In every embodiment that includes a private key 325, a new private key 325 is generated from time to time and made available to the exhibitor. In an alternative embodiment, the public and private key combination is generated by the exhibitor instead of by the distributor. In that embodiment, the public key is made available to the distributor and used for the encryption. The private key 325, held by the exhibitor, is then used for the decryption. Once the exhibitor authorization data 401 has been decrypted 209, the computer program 317 proceeds to verify that the exhibitor is authorized to exhibit the digital audiovisual data 327. To do so the computer program 317 first compares 211 the exhibitor authorization data 401 to the exhibitor identification data 319. Preferably an authorized location for the exhibition of the digital audiovisual data 327 in the exhibitor authorization data 401 provided by the distributor is compared 211 with the location of the exhibitor contained in the exhibitor identification data 319. As explained above, the location of the exhibitor contained in the exhibitor identification data 319 is preferably provided by a GPS receiver 321. Because the location of the authorized exhibitor is known to the distributor and is included in the exhibitor authorization data 323, the location of the exhibitor provided by the GPS receiver 321 can be used to verify the authorization of the exhibitor. Even if the digital audiovisual data 327, projection equipment 313, and GPS receiver 321 are stolen, the digital audiovisual data 327 will still be secure. The authorization check performed prior to exhibition will fail at least because the stolen and relocated GPS receiver 321 will report a different location from that provided by the distributor. The comparison of GPS location data is performed with moderate precision and not finite precision, so that movement of the GPS receiver 321 or antenna within an exhibitor's site does not result in a verification failure. In alternative embodiments, data other than location is used to verify the identity of the exhibitor such as a serial number of the projection equipment 313, or a password, or the like. Once the identity of the exhibitor has been confirmed, the current date is verified 213 against the range of dates during which the exhibitor is authorized to exhibit the digital audiovisual data 327. As explained above, this range of dates is preferably included in the exhibitor authorization data 323. The current date is preferably provided by the GPS receiver 321. Alternatively, the current date is provided by the operating system of the computer system 301. Either way, the computer program 307 verifies 213 that the c rent date is within the authorized range.
If the identity of the exhibitor and the date are successfully verified, the exhibition of the digital audiovisual data 327 is allowed to proceed. However, if either the identity of the exhibitor, or the authorization to exhibit on the current date is not confirmed, the computer program 317 does not decrypt the digital audiovisual data 327, which therefore cannot be exhibited 215. Preferably, the computer program 317 erases the digital audiovisual data 327 and decryption key. Preferably the computer program 317 transmits a control signal to the distributor indicating that an attempt is occurring to execute an unauthorized exhibition of the digital audiovisual data 327 at a given location. Then, the computer program 317 terminates.
If the identity of the exhibitor and the date are successfully verified, the computer program 317 proceeds to decrypt 217 the key 325 needed to decrypt the digital audiovisual data 327. This key 325 is preferably encrypted with the same key as the exhibitor authorization data, and is decrypted in the same manner, as described above. Once the key 325 to decrypt the digital audiovisual has been decrypted, the digital audiovisual data 327 is then decrypted 219 by the computer program 317. At this point, the audiovisual data is ready to be watermarked prior to exhibition.
The use of the computer program 317 as described above represents one mode of practicing the present invention, in alternative embodiments of the present invention, there is no computer program 317, and the exhibitor authorization data 401 and key 325 to decrypt the digital audiovisual data 327 are received by themselves. In such embodiments, the exhibitor authorization data 401 and key 325 to decrypt the digital audiovisual data 327 are loaded into the computer memory 305 of the computer system 301 at the exhibitor site. Then, all of the steps that are performed by the computer program 317 in the embodiment described above are instead performed by software (or, in other embodiments by hardware, firmware, or any combination of software, hardware, and firmware as desired) which comprises a component of the exhibitor's computer system 301.
To enable tracking of theft in the form of analog copying of the exhibition of the audiovisual data, the audiovisual data is watermarked 221 with unique identifying data prior to exhibition. The identifying data can be provided by a date and time clock, or a memory device containing unique data stored by the projector manufacturer, or a memory device containing unique data stored by the exhibitor, or unique signature data provided through a local-area network (LAN), or the GPS receiver 321. Preferably the identifying data comprises the location and date information provided by the GPS receiver 321.
The present invention is not dependent upon the choice of watermarking technology used to encode the identifying information in the visual image and audio signal. Various known watermarking technologies that are currently commercially available can be utilized as desired to watermark 221 both visual image and audio signals, or alternatively to watermark 221 only the audio signal or only the visual image signal. Watermarking technology, by its nature, imprints the data with the watermarking information which can facilitate the recovery of the encoded identifying data, and thus aid in the identification of an analog theft. Once the data is watermarked 221, it can be exhibited 223.

Claims

What is claimed is:
1. A method for ensuring secure receipt and secure, authorized exhibition of digital audiovisual data by an exhibitor, the method comprising: receiving encrypted digital audiovisual data; receiving exhibitor authorization data that uniquely identifies the exhibitor; receiving a key to decrypt encrypted digital audiovisual data; retrieving exhibitor identification data that uniquely identifies the exhibitor; verifying that the exhibitor is authorized to exhibit the digital audiovisual data by comparing the received exhibitor authorization data to the retrieved exhibitor identification data; only in response to verification of the exhibitor's authorization to exhibit the digital audiovisual data, decrypting the encrypted digital audiovisual data; and only in response to verification of the exhibitor's authorization to exhibit the digital audiovisual data, allowing exhibition of the audiovisual data by the exhibitor.
2. The method of claim 1 wherein the received key to decrypt the digital audiovisual data is itself encrypted and the method further comprises: decrypting the received key to decrypt the digital audiovisual data.
3. The method of claim 2 further comprising: decrypting the received key to decrypt the digital audiovisual data with a key unique to the exhibitor.
4. The method of claim 1 wherein the received exhibitor authorization data is encrypted and the method further comprises: decrypting the received exhibitor authorization data.
5. The method of claim 4 further comprising: decrypting the received exhibitor authorization data with a key unique to the exhibitor.
6. The method of claim 1 wherein the received exhibitor authorization data includes a range of dates during which the exhibitor is authorized to exhibit the digital audiovisual data, and the method further comprises: comparing a current date to the range of authorized exhibition dates in the received exhibitor authorization data; only in response to the current date being within the range of authorized exhibition dates, decrypting the digital audiovisual data; and only in response to the cuπent date being within the range of authorized exhibition dates, allowing exhibition of the audiovisual data by the exhibitor.
7. The method of claim 1 wherein the received exhibitor authorization data includes a location at which the exhibitor is authorized to exhibit the digital audiovisual data, and the method further comprises: comparing a current location to the location for authorized exhibition in the received exhibitor authorization data; only in response to the current location being the authorized exhibition location, decrypting the digital audiovisual data; and only in response to the current location being the authorized exhibition location, allowing exhibition of the digital audiovisual data by the exhibitor.
8. The method of claim 7 wherein the current location is provided by a global positioning system receiver.
9. The method of claim 1 wherein the exhibitor authorization data and the key to decrypt the digital audiovisual data are embedded in a computer program, and the method further comprises: receiving the computer program in which the exhibitor authorization data and the key to decrypt the digital audiovisual data are embedded; executing the computer program; and verifying, by the computer program, that the exhibitor is authorized to exhibit the digital audiovisual data by comparing the received exhibitor authorization data to the retrieved exhibitor identification data.
10. The method of claim 9 further comprising: in response to verification of the exhibitor's authorization to exhibit the digital audiovisual data, decrypting, by the computer program, the encrypted digital audiovisual data.
11. The method of claim 9 further comprising: in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, prohibiting decryption of the encrypted digital audiovisual data by the computer program.
12. The method of claim 9 further comprising: in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, prohibiting exhibition of audiovisual data by the computer program.
13. The method of claim 12 further comprising: in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, deleting the digital audiovisual data by the computer program.
14. The method of claim 9 further comprising: in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, transmitting to the distributor, by the computer program, a control signal indicating that an unauthorized exhibition is being attempted.
15. The method of claim 1 further comprising: prior to exhibiting the digital audiovisual data, including identifying data within the audiovisual data, the identifying data uniquely identifying the exhibitor.
16. The method of claim 15 wherein the identifying data is included only within the visual image portion of the data.
17. The method of claim 15 wherein the identifying data is included only within the audio portion of the data.
18. The method of claim 1 wherein the receipt of the encrypted digital audiovisual data is separate from the receipt of the exhibitor authorization data and from the key to decrypt the encrypted digital audiovisual data.
19. The method of claim 1 further comprising: in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, prohibiting exhibition of audiovisual data.
20. The method of claim 19 further comprising: in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, deleting the digital audiovisual data.
21. A method for securely distributing digital audiovisual data to at least one exhibitor, ensuring only authorized exhibition of the digital audiovisual data, the method comprising: encrypting digital audiovisual data; distributing the encrypted digital audiovisual data to at least one exhibitor; distributing a key to decrypt the encrypted digital audiovisual data to at least one exhibitor; for each exhibitor to receive the audiovisual data, assembling exhibitor authorization data unique to that exhibitor; and distributing exhibitor authorization data to at least one exhibitor.
22. The method of claim 21 further comprising: embedding the decryption key and the exhibitor authorization data in a computer program; including in the computer program code for verifying that an exhibitor is authorized to exhibit the digital audiovisual data; and distributing the computer program to at least one exhibitor.
23. The method of claim of 21 wherein the exhibitor authorization data includes an authorized location for the exhibition of the digital audiovisual data.
24. The method of claim of 21 wherein the digital audiovisual data is encrypted using a single key and distributed to at least two exhibitors.
25. The method of claim of 21 further comprising: prior to distributing the key to decrypt the encrypted digital audiovisual data, for each exhibitor to receive the audiovisual data, encrypting the key to decrypt the encrypted digital audiovisual data with a key unique to that exhibitor.
26. The method of claim of 21 further comprising: prior to distributing exhibitor authorization data, for each exhibitor to receive the audiovisual data, encrypting the exhibitor authorization data with a key unique to that exhibitor.
27. The method of claim of 21 wherein the distribution of the encrypted digital audiovisual data is separate from the distribution of the key to decrypt the encrypted digital audiovisual data and from the exhibitor authorization data.
28. A computer program product on a computer readable medium for ensuring secure receipt and secure, authorized exhibition of digital audiovisual data by an exhibitor, the computer program product comprising: program code for receiving encrypted digital audiovisual data; program code for receiving exhibitor authorization data that uniquely identifies the exhibitor; program code for receiving a key to decrypt encrypted digital audiovisual data; program code for retrieving exhibitor identification data that uniquely identifies the exhibitor; program code for verifying that the exhibitor is authorized to exhibit the digital audiovisual data by comparing the received exhibitor authorization data to the retrieved exhibitor identification data; program code for, only in response to verification of the exhibitor's authorization to exhibit the digital audiovisual data, decrypting the encrypted digital audiovisual data; and program code for, only in response to verification of the exhibitor's authorization to exhibit the digital audiovisual data, allowing exhibition of the audiovisual data by the exhibitor.
29. The computer program product of claim 28 wherein the received exhibitor authorization data includes a range of dates during which the exhibitor is authorized to exhibit the digital audiovisual data, and the computer program product further comprises: program code for comparing a current date to the range of authorized exhibition dates in the received exhibitor authorization data; program code for, only in response to the current date being within the range of authorized exhibition dates, decrypting the digital audiovisual data; and program code for, only in response to the current date being within the range of authorized exhibition dates, allowing exhibition of the audiovisual data by the exhibitor.
30. The computer program product of claim 28 wherein the received exhibitor authorization data includes a location at which the exhibitor is authorized to exhibit the digital audiovisual data, and the computer program product further comprises: program code for comparing a current location to the location for authorized exhibition in the received exhibitor authorization data; program code for, only in response to the current location being the authorized exhibition location, decrypting the digital audiovisual data; and program code for, only in response to the current location being the authorized exhibition location, allowing exhibition of the digital audiovisual data by the exhibitor.
31. The computer program product of claim 28 further comprising: program code for, prior to exhibiting the digital audiovisual data, including identifying data within the audiovisual data, the identifying data uniquely identifying the exhibitor.
32. The computer program product of claim 31 further comprising program code for including identifying data only within the visual image portion of the data.
33. The computer program product of claim 31 further comprising program code for including identifying data only within the audio portion of the data.
34. The computer program product of claim 28 further comprising: program code for, in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, prohibiting exhibition of audiovisual data.
35. The computer program product of claim 34 further comprising: program code for, in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, deleting the digital audiovisual data.
36. The computer program product of claim 28 further comprising: program code for, in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, prohibiting decryption of the encrypted digital audiovisual data by the computer program.
37. The computer program product of claim 28 further comprising: program code for, in response to failure of verification of the exhibitor's authorization to exhibit the digital audiovisual data, transmitting to the distributor, by the computer program, a control signal indicating that an unauthorized exhibition is being attempted.
38. A computer program product on a computer readable medium for securely distributing digital audiovisual data to at least one exhibitor, ensuring only authorized exhibition of the digital audiovisual data, the computer program product comprising: program code for encrypting digital audiovisual data; program code for distributing the encrypted digital audiovisual data to at least one exhibitor; program code for distributing a key to decrypt the encrypted digital audiovisual data to at least one exhibitor; program code for assembling, for each exhibitor to receive the audiovisual data, exhibitor authorization data unique to that exhibitor; and program code for distributing exhibitor authorization data to at least one exhibitor.
39. A method for securely distributing and receiving digital audiovisual data, ensuring only authorized exhibition of the digital audiovisual data, the method comprising: encrypting digital audiovisual data; distributing the encrypted digital audiovisual data to at least one exhibitor; distributing a key to decrypt the encrypted digital audiovisual data to at least one exhibitor; for each exhibitor to receive the audiovisual data, assembling exhibitor authorization data unique to that exhibitor; distributing exhibitor authorization data to at least one exhibitor; receiving encrypted digital audiovisual data by at least one exhibitor; receiving unique exhibitor authorization data by at least one exhibitor; receiving a key to decrypt encrypted digital audiovisual data by at least one exhibitor; retrieving unique exhibitor identification data; verifying that the exhibitor is authorized to exhibit the digital audiovisual data by comparing the received exhibitor authorization data to the retrieved exhibitor identification data; only in response to verification of the exhibitor's authorization to exhibit the digital audiovisual data, decrypting the encrypted digital audiovisual data; and only in response to verification of the exhibitor's authorization to exhibit the digital audiovisual data, allowing exhibition of the audiovisual data by the exhibitor.
40. An apparatus for ensuring secure receipt and secure, authorized exhibition of digital audiovisual data by an exhibitor, the apparatus comprising: a computer system having a central processing unit, memory, at least one input, at least one output, and storage, for processing input and output, and for ensuring secure receipt and exhibition of digital audiovisual data; in the memory of the computer system, a reception module, for receiving encrypted digital audiovisual data, for receiving unique exhibitor authorization data, and for receiving a key to decrypt the encrypted digital audiovisual data; in the memory of the computer system, a retrieval module, for retrieving unique exhibitor identification data; in the memory of the computer system and coupled to the reception module and to the retrieval module, a verification and comparison module, for verifying that the exhibitor is authorized to exhibit the digital audiovisual data by comparing the received exhibitor authorization data to the retrieved exhibitor identification data; in the memory of the computer system and coupled to the verification and comparison module, a decryption module for, only in response to verification of the exhibitor's authorization to exhibit the digital audiovisual data, decrypting the encrypted digital audiovisual data; and coupled to the computer system, a visual image exhibition module, for exhibiting an visual image portion of audiovisual data; coupled to the computer system, an audio playback module, for playing back an audio portion of audiovisual data; and in the memory of the computer system and coupled to the verification and comparison module, an output module for, only in response to verification of the exhibitor's authorization to exhibit the digital audiovisual data, outputting the audiovisual data to the visual image exhibition module and to the audio playback module.
41. The apparatus of claim 40 further comprising: a global positioning system receiver, coupled to the retrieval module, for providing current location data as exhibitor identification information.
42. The apparatus of claim 40 further comprising: a watermarking module, coupled to the computer system, for embedding data uniquely identifying the exhibitor within the audiovisual data.
43. A memory for storing data for access by an application program being executed on a computer system, the memory containing: exhibitor identification information uniquely identifying an individual exhibitor; digital audiovisual data identification information uniquely identifying specific digital audiovisual data; and a range of dates during which the individual exhibitor is authorized to exhibit the audiovisual data.
44. The memory of claim 43 wherein the exhibitor identification information comprises location information of the individual exhibitor.
PCT/US2000/041520 1999-10-26 2000-10-24 Method and apparatus for ensuring secure distribution and receipt, and secure authorized exhibition of digital audiovisual data WO2001031923A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU24705/01A AU2470501A (en) 1999-10-26 2000-10-24 Method and apparatus for ensuring secure distribution and receipt, and secure authorized exhibition of digital audiovisual data

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US42777699A 1999-10-26 1999-10-26
US09/427,776 1999-10-26

Publications (1)

Publication Number Publication Date
WO2001031923A1 true WO2001031923A1 (en) 2001-05-03

Family

ID=23696234

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/041520 WO2001031923A1 (en) 1999-10-26 2000-10-24 Method and apparatus for ensuring secure distribution and receipt, and secure authorized exhibition of digital audiovisual data

Country Status (2)

Country Link
AU (1) AU2470501A (en)
WO (1) WO2001031923A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003034733A1 (en) * 2001-10-18 2003-04-24 Macrovision Corporation Apparatus and method for accessing material using an entity locked secure registry
WO2006088596A2 (en) * 2005-02-15 2006-08-24 Thomson Licensing Key management system for digital cinema
US20100321493A1 (en) * 2008-03-07 2010-12-23 Thomson Licensing Apparatus and method for remote monitoring

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4739510A (en) * 1985-05-01 1988-04-19 General Instrument Corp. Direct broadcast satellite signal transmission system
US4751732A (en) * 1984-07-06 1988-06-14 Kabushiki Kaisha Toshiba Broadcasting system
US5142576A (en) * 1989-02-07 1992-08-25 Market Data Corporation System for securely providing restricted video information

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4751732A (en) * 1984-07-06 1988-06-14 Kabushiki Kaisha Toshiba Broadcasting system
US4739510A (en) * 1985-05-01 1988-04-19 General Instrument Corp. Direct broadcast satellite signal transmission system
US5142576A (en) * 1989-02-07 1992-08-25 Market Data Corporation System for securely providing restricted video information

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003034733A1 (en) * 2001-10-18 2003-04-24 Macrovision Corporation Apparatus and method for accessing material using an entity locked secure registry
WO2006088596A2 (en) * 2005-02-15 2006-08-24 Thomson Licensing Key management system for digital cinema
WO2006088596A3 (en) * 2005-02-15 2007-06-07 Thomson Licensing Key management system for digital cinema
JP2008530902A (en) * 2005-02-15 2008-08-07 トムソン ライセンシング Key management system for digital movies
CN101124822B (en) * 2005-02-15 2010-08-25 汤姆逊许可公司 Key management method and system
JP2013066187A (en) * 2005-02-15 2013-04-11 Thomson Licensing Key management system for digital cinema
US8483393B2 (en) 2005-02-15 2013-07-09 Thomson Licensing Key management system for digital cinema
US20100321493A1 (en) * 2008-03-07 2010-12-23 Thomson Licensing Apparatus and method for remote monitoring

Also Published As

Publication number Publication date
AU2470501A (en) 2001-05-08

Similar Documents

Publication Publication Date Title
CN102118655B (en) System and method for controlled copying and moving of contents
US7549063B2 (en) Methods and systems of protecting digital content
US7065216B1 (en) Methods and systems of protecting digital content
CN100489986C (en) Method and apparatus for content protection across an interface
US7356143B2 (en) System, method, and apparatus for securely providing content viewable on a secure device
US6691229B1 (en) Method and apparatus for rendering unauthorized copies of digital content traceable to authorized copies
US6978370B1 (en) Method and system for copy-prevention of digital copyright works
US5651064A (en) System for preventing piracy of recorded media
KR100891222B1 (en) Secure video system for display adaptor
US7260557B2 (en) Method and apparatus for license distribution
KR100467929B1 (en) System for protecting and managing digital contents
US6832318B1 (en) Method and apparatus for secure distribution of information recorded on fixed media
EP1122671A2 (en) System for secure distribution and playback of digital data
US6499106B1 (en) Method and apparatus for secure distribution of information recorded of fixed media
US8694799B2 (en) System and method for protection of content stored in a storage device
US20130272568A1 (en) Security system and method of in-flight entertainment device rentals having self-contained, audiovisual presentations
CN1305310C (en) Device and method for selectively supplying access to a service encrypted using a control word and smart card
JP2002521885A (en) Use of watermark for copy protection
KR20010024179A (en) Method and system for preventing unauthorized playback of broadcasted digital data streams
JP2000347946A (en) Method and device for preventing illegal use of multimedia contents
US7725945B2 (en) Discouraging unauthorized redistribution of protected content by cryptographically binding the content to individual authorized recipients
US20080134345A1 (en) Access Authorization Across Processing Devices
KR100748867B1 (en) Recovery of a master key from recorded published material
US7603720B2 (en) Non-repudiation watermarking protection based on public and private keys
JP3846230B2 (en) Content information authentication playback device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP