A function management system, an information processing apparatus, and a machine-readable, non-transitory recording medium storing instructions which, when executed by at least one processor, cause the processor to perform an information processing method. The function management system determines whether a server in which a function is introduced is a predetermined server based on settings information set for a redundant configuration including at least two servers, acquires identification information for identifying the server in which the function is introduced when the server is the predetermined server, and determines whether the function can be used based on the identification information acquired by the processor.

A technique for content management involves storing runtime state of content externally. A system created according to the technique may include a state server that receives runtime state of content from a playback device, and provides the runtime state to that or another playback device upon request. A playback device constructed according to the technique may include a content state recovery engine for recovering runtime state that was previously stored externally to the playback device. A method according to the technique may include generating the runtime state locally, storing the runtime state externally, and re-acquiring the runtime state.

A streamlined workflow for digital rights management (DRM) licensing for content such as media assets is achieved via an authentication server establishing an authenticated session that is referenced by other processes, whereby a content grant may include a key to desired encrypted content with a portion of the content or content meta-data. The authentication server verifies the user's identity and provides a session grant including a session security mechanism, such as a token, session key, or negotiated secret. The session grant may be used to obtain a content authorization from a content router. The content authorization includes an address at which the content may be found and may be decorated with security mechanisms. The session grant and/or content authorization may include an entitlement record reflecting the user's entitlements to access content. The session grant and/or content authorization may be used to obtain a content grant from a content server.

A user terminal generates a first key pair and a second key pair, transmits a permission request including a public encryption key of the second key pair after electronically signing the permission request with a secret encryption key, and acquires, from permission information transmitted from a right-holder terminal, a content decryption key by using a secret decryption key of the second key pair and uses the content. The right-holder terminal stores a third key pair and the content decryption key, verifies the permission request received, and encrypts the content decryption key by using the public encryption key of the second key pair included in the permission request and transmits the permission information including the encrypted content decryption key after electronically signing the permission information with a secret encryption key of the third key pair. The permission request and the permission information are transmitted and received via a blockchain.

Systems and methods for detecting and interfering with compromised devices and unauthorized device relocation in a communication network are disclosed. The described embodiments may be deployed in a content delivery network where receivers have been compromised in a manner that renders the conditional access system (CAS) inoperative at controlling the receivers' ability to receive content. In some embodiments, alternate commands not protected by the CAS system may be used to detect hacked devices and interdict same. In some embodiments, service devices in the content delivery network may allow for detection of unauthorized device relocation.

Systems and methods for detecting and interfering with compromised devices and unauthorized device relocation in a communication network are disclosed. The described embodiments may be deployed in a content delivery network where receivers have been compromised in a manner that renders the conditional access system (CAS) inoperative at controlling the receivers' ability to receive content. In some embodiments, alternate commands not protected by the CAS system may be used to detect hacked devices and interdict same. In some embodiments, service devices in the content delivery network may allow for detection of unauthorized device relocation.

A digital content distribution system uses a Digital Rights Management Controller that performs a set of arbitrary tests against the transfer request from one user to another such as user A to user B. Assuming these tests are successful, the DRM sends an encryption key to transferring user A. This encryption key E is taken from a table of encryption key/hash pairs which have been provided to the DRM Controller by an external authority such as the content rights holder. User A encrypts the content using they key provided by the DRM controller and then optionally calculates a hash over the encrypted form of the content E(X) and returns this value to the DRM Controller. On checking the returned hash against the hash from the table the DRM controller knows that user A does indeed have the digital content X in good condition. The DRM Controller then instructs both users A and B that the transfer may proceed. The encrypted form of the content E(X) is transferred from A to B. Once the content transfer has completed B ensures that the received content has been physically written to non-volatile storage (to account for crashes etc. during the next step). B then calculates a hash over the received content and returns this value to the DRM Controller. If this value matches the value previously given then the transfer has been successful and the DRM Controller updates whatever central records are appropriate, while also returning a decrypt key to B to allow it to decrypt the content.

A system that provides for the accessing and playing of media files having differing associated rights such as non-DRM media files, purchased and downloaded media files, subscription download files such as tethered downloads, and subscription streamed DRM files. The system also provides a method and user interface for sharing a media collection among computing devices in communication via a network. The system allows access and playback, from each computing device on a network, of all media files in a media collection, regardless of their associated rights.

There is provided a method and system for allocating access to digital media content. In one embodiment, the system may comprise a media server accessible over a communications network, a processor of the media server being configured to encrypt the digital media content to produce a secondary license for the digital media content, and to provide a temporary license key allowing a user to access at least a first portion of the digital media content during an activation usage interval of the secondary license for that portion of the digital media content assigned to the user. The media server further comprises an assignment database configured to store an assignment status of the license. Such a system is configured to permit the user to access the assigned portion of the digital media content during the usage interval.

Techniques are described for reducing time to decrypt a next encrypted frame in a content stream by optimizing a license/key acquisition process. When requesting content, a key identifier and/or license identifier may be included within a webpage using a link, script, or similar access point. When a client device sends a request for content, the loading of the webpage within the client device includes the embedded key identifier. Access to the key/license identifier at the client device then may initiate a key/license acquisition process by the client device. The key/license may be obtained from a key management device in parallel with, or prior to, downloading of at least a portion of the content stream.