U.S. patent application number 13/436917 was filed with the patent office on 2013-07-11 for systems and methods for granting access to digital content using electronic tickets and ticket tokens.
This patent application is currently assigned to Rovi Corp.. The applicant listed for this patent is Ramon Davila, David L. Smith, Ben Ziskind. Invention is credited to Ramon Davila, David L. Smith, Ben Ziskind.
Application Number | 20130179199 13/436917 |
Document ID | / |
Family ID | 48744543 |
Filed Date | 2013-07-11 |
United States Patent
Application |
20130179199 |
Kind Code |
A1 |
Ziskind; Ben ; et
al. |
July 11, 2013 |
SYSTEMS AND METHODS FOR GRANTING ACCESS TO DIGITAL CONTENT USING
ELECTRONIC TICKETS AND TICKET TOKENS
Abstract
Systems and methods for granting access to digital content using
electronic tickets and ticket tokens in accordance with embodiments
of the invention are disclosed. One embodiment includes a
processor, and memory configured to store an electronic ticket, and
a ticket token. In addition, the processor is configured to
authenticate a merchant server, receive a request for a ticket
token for a specific piece of content from the merchant server,
generate a ticket token that expires after a predetermined time
period, associate the ticket token with an electronic ticket, send
the ticket token to the merchant server for delivery to a user
device, receive a request to access the identified piece of digital
content from the user device, where the request includes the ticket
token, send the electronic ticket and access information to the
user device, and expire the ticket token.
Inventors: |
Ziskind; Ben; (San Marcos,
CA) ; Smith; David L.; (San Diego, CA) ;
Davila; Ramon; (San Diego, CA) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
Ziskind; Ben
Smith; David L.
Davila; Ramon |
San Marcos
San Diego
San Diego |
CA
CA
CA |
US
US
US |
|
|
Assignee: |
Rovi Corp.
Santa Clara
CA
|
Family ID: |
48744543 |
Appl. No.: |
13/436917 |
Filed: |
March 31, 2012 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
61583807 |
Jan 6, 2012 |
|
|
|
Current U.S.
Class: |
705/5 ;
726/3 |
Current CPC
Class: |
G06F 2221/0746 20130101;
G06F 21/10 20130101; H04N 21/2387 20130101 |
Class at
Publication: |
705/5 ;
726/3 |
International
Class: |
G06F 21/00 20060101
G06F021/00; G06Q 10/00 20120101 G06Q010/00 |
Claims
1. A digital rights management server, comprising: a processor; and
memory configured to store: an electronic ticket, a ticket token;
wherein the processor is configured to: authenticate a merchant
server; receive a request for a ticket token from the merchant
server where the request identifies a piece of digital content;
generate a ticket token that expires after a predetermined time
period; associate the ticket token with an electronic ticket; send
the ticket token to the merchant server for delivery to a user
device, receive a request to access the identified piece of digital
content from the user device, where the request includes the ticket
token; send the electronic ticket and access information for the
identified piece of digital content associated with the electronic
ticket to the user device; and expire the ticket token.
2. The digital rights management server of claim 1, wherein the
processor is further configured to authenticate a user device
registered to a user account and associate an electronic ticket
with the user account based upon the ticket token received from the
user device.
3. The digital rights management server of claim 1, wherein the
request for a ticket token contains at least one field selected
from the group consisting of: a customer identifier, a content
identifier, a merchant identifier, an account link identifier, a
license identifier, a stream identifier, a transaction identifier,
and a price.
4. The digital rights management server of claim 1, wherein the
processor is further configured to generate a new electronic ticket
to represent a new purchase.
5. The digital rights management server of claim 1, wherein the
processor is further configured to send the electronic ticket to
the merchant server.
6. The digital rights management server of claim 1, wherein the
request to access the identified piece of digital content further
includes identification of a user account to which the user device
is registered.
7. The digital rights management server of claim 6, wherein the
processor is further configured to associate the electronic ticket
with the user account.
8. The digital rights management server of claim 6, wherein the
processor is further configured to associate the user device with
the user account.
9. The digital rights management server of claim 1, wherein the
request to access the identified piece of digital content further
includes information that identifies the characteristics or
capabilities of the user device.
10. The digital rights management server of claim 1, wherein the
processor is further configured to validate the ticket token.
11. The digital rights management server of claim 1, wherein the
processor is further configured to enforce rules on the playback of
content based upon the ticket token.
12. The digital rights management server of claim 1, wherein the
processor is further configured to enforce rules on the playback of
content based upon device characteristics.
13. The digital rights management server of claim 1, wherein the
access information includes at least one piece of information
selected from the group consisting of: a top level index of the
digital content, an identifier for the digital content, and
cryptographic data that can be used to access the digital
content.
14. A method for enabling playback of digital content on a user
device using an electronic ticket and an ticket token, the method
comprising: authenticating a merchant server using a DRM server;
receiving a request for a ticket token from the merchant server at
the DRM server, where the request identifies a piece of digital
content; generating a ticket token that expires after a
predetermined time period using the DRM server; associating the
ticket token with an electronic ticket using the DRM server;
sending the ticket token to the merchant server for delivery to a
user device using the DRM server; authenticating a user device
registered to a user account using the DRM server; receiving a
request to access the identified piece of digital content from the
user device using the DRM server, where the request includes the
ticket token; associating an electronic ticket with the user
account based upon the ticket token received from the user device
using the DRM server; sending the electronic ticket and access
information for the identified piece of digital content associated
with the electronic ticket to the user device using the DRM server;
and expiring the ticket token using the DRM server.
15. The method of claim 14, further comprising authenticating a
user device registered to a user account and associating an
electronic ticket with the user account based upon the ticket token
received from the user device.
16. The method of claim 14, wherein the request for a ticket token
contains at least one field selected from the group consisting of:
a customer identifier, a content identifier, a merchant identifier,
an account link identifier, a license identifier, a stream
identifier, a transaction identifier, and a price.
17. The method of claim 14, further comprising generating a new
electronic ticket to represent a new purchase.
18. The method of claim 14, further comprising sending the
electronic ticket to the merchant server.
19. The method of claim 14, wherein the request to access the
identified piece of digital content further includes identification
of a user account to which the user device is registered.
20. The method of claim 19, further comprising associating the
electronic ticket with the user account.
21. The method of claim 19, further comprising associating the user
device with the user account.
22. The method of claim 14, wherein the request to access the
identified piece of digital content further includes information
that identifies the characteristics or capabilities of the user
device.
23. The method of claim 14, further comprising validating the
ticket token.
24. The method of claim 14, further comprising enforcing rules on
the playback of content based upon the ticket token.
25. The method of claim 14, further comprising enforcing rules on
the playback of content based upon device characteristics.
26. The method of claim 14, wherein the access information includes
at least one piece of information selected from the group
consisting of: a top level index of the digital content, an
identifier for the digital content, and cryptographic data that can
be used to access the digital content.
27. A system comprising: a merchant server; a DRM server; a content
server; and a user device; wherein the merchant server, DRM server,
content server, and user device are configured to communicate via a
network; wherein the merchant server is configured to authenticate
a user account maintained by the merchant server; wherein the user
device is configured to request a piece of digital content from the
merchant server; wherein the DRM server is configured to
authenticate the merchant server; wherein the merchant server is
configured to request a ticket token associated with the requested
piece of content from the DRM; wherein the merchant server is
configured to provide the ticket token to the user device; wherein
the DRM server is configured to authenticate the user device as
being registered to a user account maintained by the DRM server;
wherein the user device is configured to provide the ticket token
to the DRM server; wherein the DRM server is configured to
associate an electronic ticket with the user account to which the
user device is registered; and wherein the DRM server is configured
to provide the user device with access information for the
requested digital content and the electronic ticket.
28. A method for enabling playback of digital content on a user
device using an electronic ticket and an ticket token, the method
comprising: authenticating a user account maintained by a merchant
server using the merchant server; requesting a piece of digital
content from the merchant server using a user device;
authenticating the merchant server using a DRM server; requesting a
ticket token associated with the requested piece of content from
the DRM server using the merchant server; providing the ticket
token to the user device using the merchant server; authenticating
the user device as being registered to a user account maintained by
the DRM server using the DRM server; providing the ticket token to
the DRM server using the user device; associating an electronic
ticket with the user account to which the user device is registered
using the DRM server; and providing the user device with the
electronic ticket and access information for the requested digital
content using the DRM server.
29. A machine readable medium containing processor instructions,
where execution of the instructions by a processor causes the
processor to perform a process comprising: authenticating a
merchant server; receiving a request for a ticket token from the
merchant server where the request identifies a piece of digital
content; generating a ticket token that expires after a
predetermined time period; associating the ticket token with an
electronic ticket; sending the ticket token to the merchant server
for delivery to a user device; authenticating a user device
registered to a user account; receiving a request to access the
identified piece of digital content from the user device, where the
request includes the ticket token; associating an electronic ticket
with the user account based upon the ticket token received from the
user device; sending the electronic ticket and access information
for the identified piece of digital content associated with the
electronic ticket to the user device; and expiring the ticket
token.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] The current application claims priority to U.S. Provisional
Application No. 61/583,807, filed Jan. 6, 2012, the disclosure of
which is incorporated herein by reference.
FIELD OF THE INVENTION
[0002] The present invention relates generally to digital rights
management (DRM) systems and more specifically to authentication of
user devices when purchasing and requesting access to DRM protected
multimedia content.
BACKGROUND OF THE INVENTION
[0003] When a customer visits a movie theater, the process
typically involves purchasing a "ticket" at the ticket booth and
having the ticket "torn" when the customer enters the theater. A
ticket serves as a physical proof of purchase for the right to view
a particular movie. A ticket can change possession from the
purchaser to another customer and can be used by either person.
When a ticket is claimed by entering the theater and being torn,
the ticket is thought to be redeemed by the customer presenting the
ticket and henceforth the viewing rights granted by the ticket are
owned by that customer.
[0004] In a digital multimedia playback system, viewing rights are
generally governed by possession of physical media that contains
digital content. When the content is not tied to physical media,
such as when digital content is streamed over a network, a digital
rights management (DRM) system is often used to restrict access to
the content. Such systems typically involve user accounts and
associating purchased content with a user account. A user device
may be registered to a user account and then have access to the
content purchased under that user account.
SUMMARY OF THE INVENTION
[0005] Systems and methods for granting access to digital content
using electronic tickets and ticket tokens in accordance with
embodiments of the invention are disclosed. One embodiment of the
invention includes a processor, and memory configured to store an
electronic ticket, and a ticket token. In addition, the processor
is configured to authenticate a merchant server, receive a request
for a ticket token from the merchant server where the request
identifies a piece of digital content, generate a ticket token that
expires after a predetermined time period, associate the ticket
token with an electronic ticket, send the ticket token to the
merchant server for delivery to a user device, receive a request to
access the identified piece of digital content from the user
device, where the request includes the ticket token, send the
electronic ticket and access information for the identified piece
of digital content associated with the electronic ticket to the
user device, and expire the ticket token.
[0006] In a further embodiment, the processor is further configured
to authenticate a user device registered to a user account and
associate an electronic ticket with the user account based upon the
ticket token received from the user device.
[0007] In another embodiment, the request for a ticket token
contains at least one field selected from the group of: a customer
identifier, a content identifier, a merchant identifier, an account
link identifier, a license identifier, a stream identifier, a
transaction identifier, and a price.
[0008] In a still further embodiment, the processor is further
configured to generate a new electronic ticket to represent a new
purchase.
[0009] In still another embodiment, the processor is further
configured to send the electronic ticket to the merchant
server.
[0010] In a yet further embodiment, the request to access the
identified piece of digital content further includes identification
of a user account to which the user device is registered.
[0011] In yet another embodiment, the processor is further
configured to associate the electronic ticket with the user
account.
[0012] In a further embodiment again, the processor is further
configured to associate the user device with the user account.
[0013] In another embodiment again, the request to access the
identified piece of digital content further includes information
that identifies the characteristics or capabilities of the user
device.
[0014] In a further additional embodiment, the processor is further
configured to validate the ticket token.
[0015] In another additional embodiment, the processor is further
configured to enforce rules on the playback of content based upon
the ticket token.
[0016] In a still yet further embodiment, the processor is further
configured to enforce rules on the playback of content based upon
device characteristics.
[0017] In still yet another embodiment, the access information
includes at least one piece of information selected from the group
of: a top level index of the digital content, an identifier for the
digital content, and cryptographic data that can be used to access
the digital content.
[0018] An embodiment of the method of the invention includes
authenticating a merchant server using a DRM server, receiving a
request for a ticket token from the merchant server at the DRM
server, where the request identifies a piece of digital content,
generating a ticket token that expires after a predetermined time
period using the DRM server, associating the ticket token with an
electronic ticket using the DRM server, sending the ticket token to
the merchant server for delivery to a user device using the DRM
server, authenticating a user device registered to a user account
using the DRM server, receiving a request to access the identified
piece of digital content from the user device using the DRM server,
where the request includes the ticket token, associating an
electronic ticket with the user account based upon the ticket token
received from the user device using the DRM server, sending the
electronic ticket and access information for the identified piece
of digital content associated with the electronic ticket to the
user device using the DRM server, and expiring the ticket token
using the DRM server.
[0019] A further embodiment of the method of the invention also
includes authenticating a user device registered to a user account
and associating an electronic ticket with the user account based
upon the ticket token received from the user device.
[0020] In another embodiment of the method of the invention, the
request for a ticket token contains at least one field selected
from the group of: a customer identifier, a content identifier, a
merchant identifier, an account link identifier, a license
identifier, a stream identifier, a transaction identifier, and a
price.
[0021] A still further embodiment of the method of the invention
also includes generating a new electronic ticket to represent a new
purchase.
[0022] Still another embodiment of the method of the invention also
includes sending the electronic ticket to the merchant server.
[0023] In a yet further embodiment of the method of the invention,
the request to access the identified piece of digital content
further includes identification of a user account to which the user
device is registered.
[0024] Yet another embodiment of the method of the invention also
includes associating the electronic ticket with the user
account.
[0025] A further embodiment again of the method of the invention
also includes associating the user device with the user
account.
[0026] In another embodiment again of the method of the invention,
the request to access the identified piece of digital content
further includes information that identifies the characteristics or
capabilities of the user device.
[0027] A further additional embodiment of the method of the
invention also includes validating the ticket token.
[0028] Another additional embodiment of the method of the invention
also includes enforcing rules on the playback of content based upon
the ticket token.
[0029] A still yet further embodiment of the method of the
invention also includes enforcing rules on the playback of content
based upon device characteristics.
[0030] In still yet another embodiment of the method of the
invention, the access information includes at least one piece of
information selected from the group consisting of: a top level
index of the digital content, an identifier for the digital
content, and cryptographic data that can be used to access the
digital content.
[0031] Another further embodiment comprises a merchant server, a
DRM server, a content server, and a user device. In addition, the
merchant server, DRM server, content server, and user device are
configured to communicate via a network, the merchant server is
configured to authenticate a user account maintained by the
merchant server, the user device is configured to request a piece
of digital content from the merchant server, the DRM server is
configured to authenticate the merchant server, the merchant server
is configured to request a ticket token associated with the
requested piece of content from the DRM, the merchant server is
configured to provide the ticket token to the user device, the DRM
server is configured to authenticate the user device as being
registered to a user account maintained by the DRM server, the user
device is configured to provide the ticket token to the DRM server,
the DRM server is configured to associate an electronic ticket with
the user account to which the user device is registered, and the
DRM server is configured to provide the user device with access
information for the requested digital content and the electronic
ticket.
[0032] Another further embodiment of the method of the invention
includes authenticating a user account maintained by a merchant
server using the merchant server, requesting a piece of digital
content from the merchant server using a user device,
authenticating the merchant server using a DRM server, requesting a
ticket token associated with the requested piece of content from
the DRM server using the merchant server, providing the ticket
token to the user device using the merchant server, authenticating
the user device as being registered to a user account maintained by
the DRM server using the DRM server, providing the ticket token to
the DRM server using the user device, associating an electronic
ticket with the user account to which the user device is registered
using the DRM server, and providing the user device with the
electronic ticket and access information for the requested digital
content using the DRM server.
BRIEF DESCRIPTION OF THE DRAWINGS
[0033] FIG. 1 is a system-level overview illustrating a DRM and
content distribution system in accordance with an embodiment of the
invention.
[0034] FIG. 2 is a flow chart illustrating a process for providing
a user device with access to digital content using an electronic
ticket and ticket token, in accordance with an embodiment of the
invention.
[0035] FIG. 2A is a flow chart illustrating a process for providing
a user device with access to digital content using an electronic
ticket and ticket token on a user device, in accordance with an
embodiment of the invention.
[0036] FIG. 2B is a flow chart illustrating a process for providing
a user device with access to digital content using an electronic
ticket and ticket token on a DRM server, in accordance with an
embodiment of the invention.
[0037] FIG. 3 conceptually illustrates a user device, which stores
an electronic ticket and ticket token in memory, in accordance with
an embodiment of the invention.
[0038] FIG. 4 conceptually illustrates a DRM server, which stores
electronic tickets and ticket tokens in memory, in accordance with
an embodiment of the invention.
DETAILED DISCLOSURE OF THE INVENTION
[0039] Turning now to the drawings, systems and methods for
granting access to digital content using electronic tickets and
ticket tokens are illustrated. In many embodiments, a user device
can communicate with merchant servers, digital rights management
(DRM) servers, and content servers to request access to and play
back digital content. A user device may be configured with a web
browser, web application, or other application that provides a user
interface to a customer. The interface typically displays the
digital content available from a merchant and is populated with
data from the merchant server.
[0040] In many embodiments, a user device can purchase the right to
access digital content from a merchant server. However, the user
device obtains the cryptographic information used to access the
purchased content directly from a DRM server. In several
embodiments, a merchant server requests that the DRM server issue
the right to access a piece of digital content to one of its
customers. In response to the request, the DRM server generates an
electronic ticket. The DRM server can also generate a ticket token
associated with the electronic ticket at that time and/or when a
user device requests playback of the content via the merchant
website. The electronic ticket is evidence of the right of a user
device registered with the DRM server to playback DRM protected
content. The ticket token is a temporary credential that can be
used to obtain the electronic ticket from the DRM server by a
playback device that is registered with the DRM server and/or to
obtain cryptographic information enabling playback of the content
from the DRM server. In many instances the DRM server cannot
authenticate the user device that is purchasing the content from
the merchant server. The DRM server can provide the ticket token to
the merchant server, which passes the ticket token to the user
device used to purchase the content. Provided the user device or
another user device onto which the token is loaded is registered
with the DRM server, the user device can provide the ticket token
to the DRM server and obtain the electronic ticket and any
cryptographic information needed to access the purchased content.
At which point, the user device can request the DRM protected
content from the content server and commence playback using the
cryptographic information. The use of electronic tickets, and
ticket tokens to authenticate the right of a user device to
playback digital content in accordance with embodiments of the
invention is discussed further below.
System Architecture
[0041] A system including user devices that can communicate with
merchant servers, DRM servers and content servers to access digital
content in accordance with an embodiment of the invention is
illustrated in FIG. 1. The system 10 includes a number of different
types of user device 12 that each has the capability to request
digital content over a network. The user devices 12 communicate
with a merchant server 14, digital rights management (DRM) server
16 and content server 18 over a network such as the Internet 20. In
a number of embodiments, merchant server 14 provides a "store
front" like interface accessible to customers via a web browser or
other application on their user device 12. The DRM server 16 can be
used to authenticate user devices 12 and provide cryptographic
information used to access digital content. In several embodiments,
the content server 18 is a server that can deliver digital content
to the user devices 12. The content can be downloaded and/or
streamed by the user devices 12.
[0042] An electronic ticket issued by the DRM server in response to
the purchase of content that serves as a representation of the
purchase can be used to facilitate access of the purchased content
in a coordinated fashion among the user device 12, merchant server
14, DRM server 16, and content server 18. In many embodiments,
however, the merchant server 14 is unable to authenticate the user
device 12 that purchased the content to the DRM server 16.
Accordingly, the DRM server 16 issues a ticket token to the
merchant server 14 that acts as a temporary credential. In several
embodiments, the ticket token is a single use credential that can
be utilized by a user device that authenticates itself to the DRM
server to obtain the electronic ticket and/or cryptographic
information enabling playback of the content. In a number of
embodiments, the ticket token is generated when the user device
requests playback of the content and expires within a predetermined
period of time. In other embodiments, the ticket token, is
generated when the user device purchases the content.
[0043] The merchant server 14 can provide the ticket token to the
user device 12 that purchased the content. Provided the user device
12 is registered with the DRM server 16, the user device 12 can
authenticate itself to the DRM server and exchange the ticket token
for the electronic ticket that evidences the user device's right to
access the purchased content. Where the user device 12 that
purchased the content is not authorized to participate within the
DRM system administered by the DRM server 16, the ticket token can
be transferred to a device that is capable of participating within
the DRM system. In embodiments where the DRM server registers user
devices with user accounts, DRM system can provide an electronic
ticket to a registered user device and can associate the electronic
ticket with the user account to which the device is registered. In
this way, other user devices registered to the user account can
request access to the purchased content following the initial
exchange of the ticket token for the electronic ticket. In
instances where the user device has previously requested playback
of the content, the user device can be in possession of the
electronic ticket. When the user device again requests playback of
the content via the merchant website (for example by streaming),
the merchant can provide the electronic ticket to the DRM server to
obtain a ticket token. The user device can then use the ticket
token to access the content in the manner outlined above and the
DRM server can authenticate that the electronic ticket provided by
the merchant server is associated with the user device attempting
to play back the content prior to providing cryptographic
information enabling play back of the content to the user
device.
[0044] Although a specific architecture is shown in FIG. 1 any of a
variety of architectures can be utilized that enable user devices
to securely access digital content using electronic tickets and
ticket tokens in accordance with embodiments of the invention. For
example, each of the servers illustrated in FIG. 1 can be a server
system comprising multiple load balanced servers and/or servers
that perform different functions. In addition, the functions of the
servers illustrated in FIG. 1 can be combined and/or divided
amongst different servers and server systems in accordance with
embodiments of the invention. Electronic tickets, ticket tokens,
and the use of tickets to access digital content in accordance with
embodiments of the invention are discussed further below.
Electronic Tickets
[0045] An electronic ticket represents the purchased right to
access a piece of digital content. Electronic tickets can also be
used to represent the right to playback any DRM protected content
including free content that is not capable of being freely
distributed and content played back under a subscription agreement.
Accordingly, references to purchased content can be considered to
encompass more than just requests to access DRM protected content
that involve a direct payment and can extend to any request for
access to content. An electronic ticket can be a string, binary
data, or other electronic representation of information that
includes at least a unique identifier for the content with which
the electronic ticket is associated.
[0046] Electronic tickets typically remain valid for the life of
the purchase. When the purchase is a rental of the content, the
ticket may be expired after the rental period. A ticket can
initially be in a conceptually "untorn" state before it is used to
access content. It is not yet associated with any particular user
account and/or user device, and can be transferred from the
purchaser to any other user, for instance as a gift. The electronic
ticket may be "torn" and associated with a user account and/or user
device that then holds the exclusive rights granted by that ticket.
Whether a DRM system associates an electronic ticket with a user
account or a user device can depend on whether the DRM system
grants access rights on a device or user basis. Thereafter, that
user account and/or user device is considered the owner or holder
of the ticket. An electronic ticket may be torn, for example, when
it is used for the first time to access content or in response to a
user device exchanging a ticket token for an electronic ticket (see
discussion below). An electronic ticket's torn or untorn status can
be indicated by a variety of methods including (but not limited to)
a field within the ticket or an associated field in a database
where the ticket is stored.
[0047] An electronic ticket may be expressed in a variety of
formats that can store the associated information. One suitable
format is Extensible Markup Language (XML) defined in the XML 1.0
Specification by the World Wide Web Consortium (W3C) of Cambridge,
Mass. and related specifications. XML specifies a textual data
format for documents to be both human-readable and
machine-readable.
[0048] In many embodiments of the invention, an electronic ticket
may contain, reference, or be associated with some characteristics
of the purchase it represents. Characteristics can include (but are
limited to) the content that was purchased, the license describing
how the content can be played (high definition or standard
definition, rental or purchase, download or streaming, etc.), the
purchase price, the merchant transaction identifier (ID), the
customer who purchased the ticket, the customer owning the ticket
if the ticket is torn. Cryptographic information that can be used
to decode or decrypt the digital content may also be associated
with a ticket. The characteristics or cryptographic information may
be stored as part of the electronic ticket or the ticket may have a
pointer or identifier to where the information may be found.
Ticket Token
[0049] A ticket token can be generated and associated with an
electronic ticket as a temporary credential, which can be exchanged
for an electronic ticket by a user device that is registered with a
DRM system. In many embodiments, a merchant server requests a
ticket token from a DRM server when a user request playback of
content. In several embodiments, the merchant server requests a
ticket token from the server when the user purchases content. The
request may contain information such as (but not limited to) a
content identifier, a merchant identifier, an account link
identifier, a license identifier, a stream identifier, a
transaction identifier, currency, and/or price. The ticket token
that is returned may reference the electronic ticket, customer, and
current content request. The first time the user device requests
playback, the user device can exchange the ticket token for an
electronic ticket. After the user device has obtained the
electronic ticket, a further playback request can identify the
electronic ticket and a DRM server can issue a ticket token that is
used to authenticate that the user device attempting to playback
the content is registered to the user account with which the
electronic tickets is associated.
[0050] In several embodiments, the merchant server provides the
ticket token to a user device only after the user device or a user
account enabled on the user device is authenticated by the merchant
server. The DRM server can issue the ticket token without
authenticating the user device. The authentication occurs when the
ticket token is used to request playback of the content and/or
exchanged for the electronic ticket by a user device. In many
embodiments, the DRM server may determine when a session is
complete and expire the token, or expire the token after a certain
amount of time has passed. Moreover, a token can typically only be
used once. Methods for granting access to DRM protected content
using electronic tickets and associated ticket tokens in accordance
with embodiments of the invention are discussed further below.
Obtaining a Ticket and Ticket Token to Facilitate Playback
[0051] Typically a customer will buy or otherwise request access to
digital content on a merchant's web site or through some other type
of interface that shows the merchant's digital content offerings.
The customer may use a personal computer with a web browser
application, a user device with an on-screen interface, or other
interactive user device to view the merchant's offerings. The
customer typically has an account with the merchant and logs in
using the account, or first creates a new account if there is no
existing account. The purchased content can be viewed in the future
(i.e., the associated electronic ticket is untorn) or immediately
played back. In several embodiments, the content is streamed and/or
viewed while it is being downloaded.
[0052] In many embodiments, the process of purchasing and playing
back content involves a merchant obtaining a ticket token from a
DRM server. A user device that obtains the ticket token can
exchange it with the DRM server for an electronic ticket evidencing
the user device's right to play back the purchased content and
cryptographic information necessary to play back the purchased
content. A process 100 for granting user devices with access to
digital content purchased via a merchant using an electronic ticket
and an associated electronic token in accordance with an embodiment
of the invention is shown in FIG. 2.
[0053] A DRM server authenticates (102) a merchant server.
Authentication may involve establishing a certain level of
identification and trust between the merchant server and the DRM
server and/or the DRM system to which the DRM server belongs.
[0054] A user device sends (104) a request for digital content to a
merchant server.
[0055] The merchant server sends (106) a request for a ticket token
to a DRM server. If it is a new purchase, an electronic ticket may
not yet exist and the merchant server may also request that a new
electronic ticket be created to represent the purchase. In several
embodiments of the invention, the request may also include
information to be associated with the purchase. The information may
include (but is not limited to) a content identifier, merchant link
identifier, account link identifier, license identifier, stream
identifier, transaction identifier, currency, and/or price.
[0056] The DRM server generates (108) a ticket token and associates
the token with the electronic ticket that represents the purchase.
If it is a new purchase, the DRM server creates a new electronic
ticket. If playback is requested of content that was previously
purchased and played back by a user device registered to a user's
account with the DRM server, the ticket token is associated with
the existing electronic ticket. In various embodiments of the
invention, the digital content may be transferring via a streaming
protocol for immediate viewing or downloaded at a later time to be
viewed in a disconnected playback mode (i.e., not in immediate
communication with a server). If streamed immediately, the
electronic ticket may be "torn" immediately. If the content is to
be downloaded at a later time, the electronic ticket may be
"untorn" and retain the ability to be transferred to another
customer before being "torn" and associated with that customer's
account. The electronic ticket may be stored on a user device,
deleted from the device when playback is requested, and embedded in
a container file with the content for disconnected playback as will
be discussed further below.
[0057] The DRM server sends (110) the ticket token to the merchant
server. If the merchant server does not yet have the electronic
ticket (e.g., for a new purchase), the DRM server can also send the
electronic ticket. In many embodiments, the merchant server stores
the electronic ticket for future reference.
[0058] The merchant server sends (112) the ticket token to the user
device.
[0059] The user device sends (114) the ticket token to the DRM
server. In the communication with the DRM server, the user device
may also send information about the customer and/or the device that
identifies or describes the customer and/or device. For example,
the user device may be authenticated with the DRM server.
Authentication may include the device identifying itself as
registered to a specific user account. The user account may be the
same the account the consumer or user device holds with the
merchant server, or (more typically) a separate account that the
consumer or user device holds with the DRM system to which the DRM
server belongs.
[0060] In many embodiments of the invention, the device may send
information that identifies the brand and model of the device, or
the graphics and audio capabilities of the device (e.g., high
definition, multi-channel audio, MPEG4 decoding). The information
can be used to help authenticate the device to the DRM system and
determine the appropriate format of the content to provide to the
device. Systems and processes for collecting information about a
user device and representing the information using a device match
data token include those disclosed in U.S. patent application Ser.
No. 13/339,315 entitled "Binding of Cryptographic Content Using
Unique Device Characteristics with Server Heuristics," the
disclosure of which is hereby incorporated by reference in its
entirety.
[0061] The DRM server validates (116) the ticket token, e.g., by
checking that the token has not yet been used and is not expired.
The DRM server uses the ticket token to determine the electronic
ticket to which it refers and customer information for the customer
who sent the request.
[0062] The DRM server may associate (118) the electronic ticket
with the customer's user account and register the user device to
the user account if they are not already so registered, using the
customer information associated with the ticket token and device
match data it may have received from the user device.
[0063] In many embodiments of the invention, the DRM server may
also verify the play request according to certain rules using the
ticket token and/or a device match data token. For example, the DRM
server may enforce concurrency and device rules on the playback of
content. A concurrency rule may stipulate that only one device on
the user account can play back any content at a time, or that a
specific piece of content may only be played on one device at a
time. Device rules may include limiting high definition content to
user devices such as set-top boxes connected to television
displays. A device match data token identifies the type of device
so the DRM server can look up the device type to determine the
appropriate format of content.
[0064] In many embodiments of the invention, the electronic ticket
and/or the ticket token contain information to identify the license
under which the content can be played. The DRM server can use the
ticket information to retrieve the license information and generate
or retrieve access information that the user device can use to
access or decrypt the requested content. Access information can
include (but is not limited to) a top level index file of the
digital content, an identifier or location pointer for the digital
content, and/or cryptographic data that can be used to access
and/or decrypt the content. In several embodiments of the
invention, a top level index file describes the location and
content of container files containing streams of media that can be
utilized by the playback device to stream and playback content. In
adaptive bitrate streaming systems, the top level index file
typically references the alternative streams that the playback
device can switch between. Systems and methods for automatically
generating top level index files for use in adaptive bitrate stream
include those disclosed in U.S. patent application Ser. No.
13/341,789 entitled "Systems and Methods for Automatically
Generating Top Level Index Files," filed on Dec. 30, 2011, the
disclosure of which is hereby incorporated by reference in its
entirety.
[0065] The DRM server sends (120) the electronic ticket to the user
device. In several embodiments, the electronic ticket embedded in
another file. The ticket may be embedded in a file that also
contains the content that was requested, e.g., in the header of a
multimedia container file. In many embodiments, the DRM server also
sends the access information that is used to access or play back
the content that was requested. The DRM server invalidates the
token by expiring (122) it.
[0066] Using the received electronic ticket and access information,
the user device can play back the requested content via download or
streaming. In many embodiments of the invention, the content is
hosted on a content server that is accessible to the user device
over a network. The user device may request the content from the
content server. The content may be downloaded and played (124)
during download or after downloading is complete, or streamed and
played while being transferred to the user device. The user device
may send a signal such as a "heartbeat" to the DRM server to let
the server know that it is currently playing back content and/or
the position in the file that is being played back. The DRM server
can use this information for functions such as providing a resume
feature so that the customer can stop playback and restart at the
same position on the same or a different user device.
[0067] Although a specific process is illustrated in FIG. 2, any of
a variety of processes for utilizing an electronic ticket and a
ticket token that references the electronic ticket for providing a
user device with access to purchased digital content can be
utilized in accordance with embodiments of the invention.
[0068] Processes similar to the process illustrated in FIG. 2 may
be implemented by configuring user devices and servers to exchange
electronic tickets and ticket tokens. A generalized process 130 for
using a user device to obtain access to digital content purchased
via a merchant using an electronic ticket and an associated
electronic token in accordance with an embodiment of the invention
is shown in FIG. 2A. A customer uses a user device to purchase
(132) content or request the playback of purchased content. The
user device receives (134) a ticket token from a merchant server.
The user device sends (136) the ticket token to a DRM server in a
request for access to digital content. The user device receives
(138) an electronic ticket that is referenced by or otherwise
associated with the ticket token and access information for the
digital content from the DRM server. Using the electronic ticket
and access information, the user device receives and plays back
(140) the requested content. In many embodiments of the invention,
the content is hosted on a content server that is accessible to the
user device over a network. Although a specific process is
illustrated in FIG. 2A, any of a variety of processes for utilizing
an electronic ticket and a ticket token that references the
electronic ticket for providing a user device with access to
purchased digital content can be utilized in accordance with
embodiments of the invention.
[0069] A generalized process 150 for using a DRM server to provide
a user device with access to digital content purchased via a
merchant using an electronic ticket and an associated electronic
token in accordance with an embodiment of the invention is shown in
FIG. 2B. The DRM server authenticates (152) a merchant server. The
DRM server receives (154) a request for a ticket token from a
merchant server. The DRM server generates (156) a ticket token and
associates the token with an electronic ticket. If there is no
preexisting ticket (e.g., for a new purchase), the DRM server also
creates the electronic ticket. The DRM server sends (158) the
ticket token to the merchant server for delivery to a user device.
The DRM server authenticates (160) a user device. The DRM server
receives (162) the ticket token in a request for access to digital
content from the user device and validates (164) the token. If user
account information is provided, the DRM server associates (166)
the electronic ticket with the user account. The DRM server sends
(168) the electronic ticket referenced by or otherwise associated
with the ticket token to the user device with access information
for the digital content that was requested. The DRM server expires
(170) the ticket token. Although a specific process is illustrated
in FIG. 2B, any of a variety of processes for utilizing an
electronic ticket and a ticket token that references the electronic
ticket for providing a user device with access to purchased digital
content can be utilized in accordance with embodiments of the
invention. User devices and DRM servers that can utilize electronic
tickets and ticket tokens in accordance with embodiments of the
invention are discussed further below.
User Devices
[0070] In many embodiments of the invention, an electronic ticket
is stored on a playback device to enable the user device to access
content through a DRM system using the electronic ticket. A user
device configured to access purchased content using electronic
tickets in accordance with an embodiment of the invention is shown
in FIG. 3. The playback device 30 includes a processor 32, memory
34, and a network interface 35. In the illustrated embodiment, the
electronic tickets 36 and ticket tokens 38 can be stored in memory.
Typically, the memory is non-volatile memory to provide persistent
storage of the electronic tickets 36 and the ticket tokens 38. In a
number of embodiments, the electronic ticket 38 may be contained
inside a container file together with the content to which it
refers. In several embodiments, a ticket may be stored on a
purchaser's user device after purchase, may be transferred to
another device if given as a gift, and may be deleted in its
isolated form (i.e., outside a container file) from the device when
it is torn. Tickets are typically treated this way in a
disconnected playback mode. In several embodiments, a client
application 39 configures the user device to communicate with the
merchant server to purchase content and obtain ticket tokens. The
client application 39 also configures the user device to authentic
itself with a DRM server and to request cryptographic information
to play back content using a ticket token and/or exchange the
ticket token for an electronic ticket. Although a specific user
device architecture is illustrated in FIG. 3, any of a variety of
architectures that are capable of managing interactions with
servers and playback of digital content in the manner outlined
above can be utilized in accordance with embodiments of the
invention can
DRM Servers
[0071] In many embodiments of the invention, electronic tickets and
ticket tokens may be stored on a merchant server or a DRM server
(e.g., in a database) for reference, to track purchases, and to
provide user devices with access to content. A merchant or DRM
server may look up an electronic ticket using fields such as (but
not limited to) a customer email address, merchant identifier,
content identifier, or merchant transaction identifier. A DRM
server configured to issue electronic tickets and ticket tokens and
to provide cryptographic information enabling playback of DRM
protected content in accordance with an embodiment of the invention
is shown in FIG. 4. The DRM server includes a processor 52 and
memory 54. In the illustrated embodiment, the memory 54 includes
multiple electronic tickets 56 and ticket tokens 58. As is
discussed above, the DRM server can be configured by DRM server
application software 59 to manage the generation of electronic
tickets, the issuance of ticket tokens associated with the
electronic tickets, and the association of electronic tickets with
users and/or user devices. In addition, the DRM server application
software 59 can manage the issuance of cryptographic information
(not shown) to playback devices that are authorized to playback
content, the authorization of which is evidenced by an electronic
ticket.
[0072] Although the description above contains many specificities,
these should not be construed as limiting the scope of the
invention but as merely providing illustrations of some of the
presently preferred embodiments of the invention. Various other
embodiments are possible within its scope. Accordingly, the scope
of the invention should be determined not by the embodiments
illustrated, but by the appended claims and their equivalents.
* * * * *