The present invention provides a method for securing a client's access to a DRM agent's services. The method comprising, by the DRM agent, the steps of: receiving a get-token request, applying a function to generate a decryption request identifier Request ID and a token value Token, returning Request ID and Token to the client, inserting, into a hash table of token values with get-token requests identifiers as keys, a record comprising the token value Token associated to the key Request ID, receiving a decryption request comprising Request ID, a multimedia content encrypted chunk and a digest of the encrypted chunk, retrieve Token from hash table based on Request ID, processing digest using a public key and Token, checking match between the processed digest and the at least part of the encrypted chunk and, only in case of match: decrypting the encrypted chunk and returning the decrypted chunk to the client.

A game identifier of an encrypted streaming electronic game to be streamed to a playback device may be received. The game identifier may comprise a title of the encrypted streaming electronic game. An electronic ticket for access by the playback device to a secured portion of the encrypted streaming electronic game may be gathered. The electronic ticket may specify a first gameplay state. The electronic ticket may be used to access the secured portion of the encrypted streaming electronic game at the first gameplay state. One or more gameplay actions to transform the encrypted streaming electronic game to a second gameplay state may be received. The second gameplay state may be provided to a state server, where the state server configured to instruct a license server to modify the electronic ticket to specify the second gameplay state for the encrypted streaming electronic game.

A method and system for identifying a user terminal, implemented within a system for provisioning multimedia content that includes a license server and a content server, the user terminal receiving multimedia content, by a digital rights management (DRM) system, that is streamed in encrypted form via an open communication network, and the user terminal retrieving, by a browser implementing a multimedia content reader and a content decryption module suitable for decrypting multimedia content that is encrypted according to the DRM system, the method including obtaining, by the license server modified to incorporate an authentication server, an identifier of the content decryption module, and generating a terminal identifier as a function of the identifier of the content decryption module.

A method for enforcing entitlements includes configuring a wide variety of entitlements at a server; determining applicable combination of entitlements for a given client request; sending entitlements to the requesting client securely; handling entitlement information securely on a plurality of client devices at run time; storing entitlement information securely on a plurality of client devices for offline use; and enforcing entitlements on a plurality of client devices. The method employs manipulation of manifest files by a proxy that may be included in the client device or located in the network.

A method to provide negotiation control to data such that a person or entity can negotiate the use of data gathered beyond what is needed for a particular use by a third party transaction. The method also provides negotiation for the control and operation of autonomous vehicles such as drones operating in non-public space.

A system, a computer readable storage medium, and methods for delivering content from a zero-knowledge edge server node in a content delivery network to an end user device, ensuring content control by a content provider (i.e. reduce piracy) while ensuring privacy of an end user device. One method includes publicizing that a particular content is available for download from the server node; initiating with the server node a communication session using a zero-knowledge protocol between the end user device and the server node operating in zero knowledge; downloading, while in the communication session, the particular content from the server node to the end user device; and receiving a response message from the end user device, including an indication of a content media player application, using the particular content, successfully executed at the end user device. The indication can be accompanied by a cryptographically verifiable proof of integrity.

A method and system is provided that simplifies the key management by allowing personalization data protected for one chip model to be used to provision device with another chip model with different global hardware root keys. The solution minimizes the changes needed to be performed on the device during provisioning and remains secure.

A system and method for providing load balanced secure media content and data delivery in a distributed computing environment is disclosed. Media content is segmented and encrypted into a set of individual encrypted segments on a centralized control center. Each individual encrypted segment has the same fixed size. The complete set of individual encrypted segments is staged to a plurality of intermediate control nodes. Individual encrypted segments are mirrored from the staged complete set to a plurality of intermediate servers. Requests are received from clients for the media content at the centralized control center. Each individual encrypted segment in the set is received from one of an intermediate control node and an intermediate server optimally sited from the requesting client. The individual encrypted segments are reassembled into the media content for media playback.

Personal Digital Server (PDS) is a unique computer application for the storage, updating, management and sharing of all types of digital media files, including audio, video, images and documents, irrespective of their format. PDS provides users with a single location to store and access, both locally and remotely, all of their digital media. It also provides the user total control of the overall management of these assets.

A system is disclosed for securely communicating between a user device and a target device, which includes a user input receiving user inputs and a user device memory for storing at least one fixed dataset having a plurality of data bits and an inherent entropy. At least one predetermined harvest process is stored in ser device memory, which is operable within a main harvest process to distill the dataset to a predetermined bit length to define a private key of the user at a predetermined key length. A processor operates to execute the main harvest process to receive a unique user Personal Information Number (PIN) acquired by the user and having a plurality of digits associated therewith, and wherein the at least one predetermined harvest process is dependent on the user PIN and the value of at least one of the digits therein, such that the at least one predetermined harvest process is parameterized by the value of the at least one of the digits and operates differently for each value of the at least one of the digits. The processor applies the at least one predetermined harvest process to the dataset to distill the dataset down to the predetermined key length to define the private key, and then stores the private key to the user device. A target device memory and an encryption engine on the target device interface with a proximity-based link. The private key is transferred to the target device via the proximity-based link and an interface on the target device stores the transmitted private key in the target device memory.