A streamlined workflow for digital rights management (DRM) licensing for content such as media assets is achieved via an authentication server establishing an authenticated session that is referenced by other processes, whereby a content grant may include a key to desired encrypted content with a portion of the content or content meta-data. The authentication server verifies the user's identity and provides a session grant including a session security mechanism, such as a token, session key, or negotiated secret. The session grant may be used to obtain a content authorization from a content router. The content authorization includes an address at which the content may be found and may be decorated with security mechanisms. The session grant and/or content authorization may include an entitlement record reflecting the user's entitlements to access content. The session grant and/or content authorization may be used to obtain a content grant from a content server.

Media content items is provided to content consumers for playback by the disclosed system that includes plurality of nodes interacting with each other based on a defined protocol in communication network. A first node associated with a first participant receives a request for playback of a media content from a content consumer. A second node associated with a second participant provides media content rights to the first participant and/or the content consumer. The first node further provides media content metadata to the consumer device for consumption. A plurality of instances of a distributed media rights transaction ledger, associated with respective node, includes a plurality of media content rights transactions which corresponds to an acquisition of the media content rights by the first participant and/or content consumer prior to the consumption of the media content, and are managed by the plurality of nodes in accordance with the defined protocol.

The invention relates to a system and method providing access of one or more heterogeneous digital contents to at least one offline Digital Rights Management (DRM) user by a DRM server. This invention involves establishing the trust relationship among the DRM server, DRM client, user's machine and the end user by means of digital certificate. The server generates protected digital content by means of using a standard encryption algorithm. The invention further involves determining whether a license for accessing the protected file is requested by the legitimate user, and if so, generating a license consisting the user rights and the protected decryption key to be downloaded by legitimate user. The DRM client decrypts the protected file using a decryption key of the license, and renders the content to the end user by calling the appropriate and customized viewer during consumption.

Various embodiments of a system and method for multipronged authentication are described. Embodiments may include a client system that implements a runtime component configured to consume content. The client system may be configured to implement a digital rights management component configured to perform one or more cryptographic operations and also authenticate the runtime component. The client system may receive encrypted content from a remote computer system and receive a given authentication component from a remote computer system; that authentication component may be configured to authenticate the runtime component. The client system may, based on authentication of the runtime component by both the digital rights management component and the given authentication component, decrypt at least a portion of the encrypted content. In this way, the client system may ensure that decryption of the encrypted content may occur only if multiple components authenticate the runtime component, according to some embodiments.

A method comprising performing following acts on a network server: receiving a communication from a client terminal operated by a client; performing a first authentication of the client terminal or client; in response to the first authentication, delivering a first service to the client; after delivering the first service, sending an offer for a second service to the client terminal; receiving an acceptance message for the second service from the client terminal; performing a second authentication of the client terminal and/or the client; in response to receiving the acceptance message for the second service from the client terminal and to the second authentication being successful, delivering a second service to the client; wherein the first authentication and the second authentication use different authentication techniques. Other aspects include a programmed data processing apparatus for carrying out the method and a tangible program carrier instructing the apparatus to perform the acts.

A method of providing access to content within a user device is disclosed and may include determining a location of the content, determining whether the content is within an allowed region, and selectively prompting a user to purchase a license to access the content. In a particular aspect, the user may be prompted to purchase the license to the access the content when the content is not within an allowed region. If the license is purchased, the user may be allowed to access the content. The license may be an unlimited license, a limited license, or a transfer license.

Some embodiments are directed to a method and to a device allowing an access control system to be applied to the protection of streamed video. The inventive system and associated method allow an existing access control system of Marlin type to be used innovatively based on the execution of two successive operation phases allowing DRM rights to be acquired followed by the delivery of content and the decryption thereof.

When, for example, an information processing apparatus additionally assigns a license in an information processing system in which plural information processing apparatuses perform a license check, the information processing apparatus adds an additional license count to an assigned license count stored in an internal memory thereof, and transmits the additional license count to an information processing apparatus started first and an information processing apparatus started immediately after the information processing apparatus to which the license is additionally assigned. In the first started information processing apparatus, the additional license count is added to an assigned license count stored in an internal memory thereof. Likewise, in each of the information processing apparatuses that were started after the information processing apparatus to which the license is additionally assigned, the additional license count is added to an assigned license count stored in an internal memory thereof, in a startup order.

One embodiment of the invention includes a system comprising: a personal digital key and a computer readable medium that is accessible when authenticated by the personal digital key.

An approach is provided for providing digital rights management within a connected service and content ecosystem. The approach involves receiving a request for content for use at at least one device, wherein the request originates from at least one companion device. The approach also involves causing at least in part, a packaging of the content according to at least one digital rights management format based, at least in part, on identification information associated with at least one of: the at least one device; the at least one companion device; at least one user associated with the at least one device, the at least one companion device, or a combination thereof; and the content. The approach further involves causing, at least in part, a transmission of the packaged content, at least one link to the packaged content, or a combination thereof to the at least one device, the at least one companion device, or a combination thereof. The approach also involves causing, at least in part, an activation of the packaged content for use at the at least one device.