Methods and apparatus to distribute media content are disclosed. An example apparatus includes a client interface to receive a request from a wireless communication device for authorization to present media, the media received at the wireless communication device in an encrypted format. A database is to store an association of the wireless communication device and a wired network termination unit. A record interface is to, in response to the request for authorization, query the database based on an identifier of the wireless network communication device to determine whether the wired network termination unit is authorized to receive the media via a wired communication path, and in response to determining that the wired network termination unit is authorized to receive the media via the wired communication path authorize the wireless communication device to decrypt and present the transmitted media.

The present invention relates to data rights management and more particularly to a secured system and methodology and production system and methodology related thereto and to apparatus and methodology for production side systems and are consumer side systems for securely utilizing protected electronic data files of content (protected content), and further relates to controlled distribution, and regulating usage of the respective content on a recipient device (computing system) to be limited strictly to defined permitted uses, in accordance with usage rights (associated with the respective content to control usage of that respective content), on specifically restricted to a specific one particular recipient device (for a plurality of specific particular recipient devices), or usage on some or any authorized recipient device without restriction to any one in specific, to control use of the respective content as an application software program, exporting, modifying, executing as an application program, viewing, and/or printing of electronic data files.

A method for enforcing entitlements includes configuring a wide variety of entitlements at a server; determining applicable combination of entitlements for a given client request; sending entitlements to the requesting client securely; handling entitlement information securely on a plurality of client devices at run time; storing entitlement information securely on a plurality of client devices for offline use; and enforcing entitlements on a plurality of client devices. The method employs manipulation of manifest files by a proxy that may be included in the client device or located in the network.

Systems and methods for secure content delivery are described, whereby a software application is provided to a plurality of client devices, the software application configured to implement an application code library. A respective application code library is provided to each one of the plurality of client devices, wherein each application code library implements a respective cryptography key. A CDN cryptographically verifies that a received request was generated using the respective application code library of the requesting client device, before delivering content to the software application on the requesting client device. Other embodiments are also described and claimed.

A system is disclosed for securely communicating between a user device and a target device, which includes a user input receiving user inputs and a user device memory for storing at least one fixed dataset having a plurality of data bits and an inherent entropy. At least one predetermined harvest process is stored in ser device memory, which is operable within a main harvest process to distill the dataset to a predetermined bit length to define a private key of the user at a predetermined key length. A processor operates to execute the main harvest process to receive a unique user Personal Information Number (PIN) acquired by the user and having a plurality of digits associated therewith, and wherein the at least one predetermined harvest process is dependent on the user PIN and the value of at least one of the digits therein, such that the at least one predetermined harvest process is parameterized by the value of the at least one of the digits and operates differently for each value of the at least one of the digits. The processor applies the at least one predetermined harvest process to the dataset to distill the dataset down to the predetermined key length to define the private key, and then stores the private key to the user device. A target device memory and an encryption engine on the target device interface with a proximity-based link. The private key is transferred to the target device via the proximity-based link and an interface on the target device stores the transmitted private key in the target device memory.

Embodiments of the invention include a server system with a processor, and a non-transitory computer-readable storage medium in data communication with the processor that can store and exchange content data including or representing content derived or received from a server of a social network and/or a user. An application programming interface includes steps executable by the processor to upload, download, or enable access of the content data. A content rights synchronization process is configured to enable the user to assign and/or control a rights access to any of the content data associated with the user. Further, a content engine can monitor for and save the content data as received content when identified, accessed, and/or received by the network. The content metadata and/or the content data is stored for recall in a centralized library database, where rights access is assigned by the at least one user.

One embodiment of the invention includes a system comprising: a personal digital key and a computer readable medium that is accessible when authenticated by the personal digital key.

There is provided a method and system for allocating access to digital media content. In one embodiment, the system may comprise a media server accessible over a communications network, a processor of the media server being configured to encrypt the digital media content to produce a secondary license for the digital media content, and to provide a temporary license key allowing a user to access at least a first portion of the digital media content during an activation usage interval of the secondary license for that portion of the digital media content assigned to the user. The media server further comprises an assignment database configured to store an assignment status of the license. Such a system is configured to permit the user to access the assigned portion of the digital media content during the usage interval.

Methods and apparatus for control of data and content protection mechanisms across a network using a download delivery paradigm. In one embodiment, conditional access (CA), digital rights management (DRM), and trusted domain (TD) security policies are delivered, configured and enforced with respect to consumer premises equipment (CPE) within a cable television network. A trusted domain is established within the user's premises within which content access, distribution, and reproduction can be controlled remotely by the network operator. The content may be distributed to secure or non-secure “output” domains consistent with the security policies enforced by secure CA, DRM, and TD clients running within the trusted domain. Legacy and retail CPE models are also supported. A network security architecture comprising an authentication proxy (AP), provisioning system (MPS), and conditional access system (CAS) is also disclosed, which can interface with a trusted authority (TA) for cryptographic element management and CPE/user device authentication.

Methods and systems for selecting and delivering content are provided. More particularly, content can be delivered to an output device from a user device through a device adaptor, such as an over-the-top (OTT) device. The OTT device or devices available to the user device are determined by a communication server. In particular, the OTT device or devices available to the user device are limited to those OTT devices associated with an output device in the user's room, or that the user is otherwise authorized to access.