Method for automatically distributing, as needed, a user's digital-works and usage-rights to one or more user-devices. A definition of the usage-rights for a digital-work may be stored at one or more locations on a network. A version of said digital-work suitable for a user-device may be provided by one or more locations on said network. When a user who is authorized to utilize said digital-work is active at a user-device, a version of said digital-work and authorization to utilize is automatically transferred when needed to a user-device. The digital-work and authorization may be automatically transferred as needed to any user-device where an authorized user is active. The usage-rights may only be valid for one or more specific users. The usage authorization at each user-device may be less than defined in the full usage-rights maintained on the network. Authorization to utilize said digital-work at a user-device may be extended from time to time by exchanging user-device status across the network. Digital-works are automatically provided as needed to any user-device that an authorized user is using.

A system and method for providing load balanced secure media content and data delivery in a distributed computing environment is disclosed. Media content is segmented and encrypted into a set of individual encrypted segments on a centralized control center. Each individual encrypted segment has the same fixed size. The complete set of individual encrypted segments is staged to a plurality of intermediate control nodes. Individual encrypted segments are mirrored from the staged complete set to a plurality of intermediate servers. Requests are received from clients for the media content at the centralized control center. Each individual encrypted segment in the set is received from one of an intermediate control node and an intermediate server optimally sited from the requesting client. The individual encrypted segments are reassembled into the media content for media playback.

Systems and methods related to DRM content usage mechanisms for both online and offline usage of content are disclosed, including systems providing secure access to data regardless of network state or connectivity state to the networked access control mechanism. An access control mechanism having a secondary offline access control mechanism is presented, further including multiple implementations for data encapsulation, as well as providing a method for writes to files and to the filesystem itself by externally created applications with no API or modification to their operation.

An interactive streaming media and application service provider system can securely stream high resolution, multiple formats of video and data. Different data sets can be included in a single stream. A rights management system controls matrix manipulation and other aspects of user control of the data, including one or more of rendering in various different 2D, 3D, or other media formats, reconstruction and modeling, zooming, frame grab, print frame, parental controls, picture in picture, preventing unauthorized copying, adapting to different data transmission formats, adapting to different resolutions and screen sizes, and actively control functionality contained in embedded data, encryption/decryption. Control can be exerted by an external entity through a user-side virtual machine. Control codes can optionally be embedded in the media, embedded in the user's device, and/or sent separately to the device.

The invention discloses a system for enhancing trust in transactions, most particularly in remote transactions between a plurality of transactional parties, for instance a seller and buyer(s) of goods and/or services over a public computer network such as the internet. Trust is disclosed to be a multivalent commodity, in that the trust that is to be enhanced relates to information about the subject matter of the transactions (e.g., the suitability of the goods and services sold), the bona fides of the supplier of the goods and services, the appropriateness of a pricing structure for a particular transaction or series of transactions, a quantum of additional transactional value that may be imparted to the transactional relationship, security of information exchange, etc.

A gateway interconnecting a high speed Wide Area Network (WAN) and a lower speed Wireless Local Area Network (WLAN) is provided. The high speed WAN is preferably connected to the gateway via a Fiber-to-the Home (FTTH) connection and associated FTTH modem. In general, the gateway includes an adaptable cross-layer offload engine operating to manage bandwidth between the high speed WAN and the lower speed WLAN. As data enters the gateway from the WAN at the high speed data rate of the WAN, the offload engine stores the data in a non-secure data cache. A rule check engine performs a stateless or stateful inspection of the data in the non-secure data cache. Thereafter, the data is moved from the non-secure data cache to a secure data cache and thereafter transmitted to an appropriate user device in the WLAN at the lower data rate of the WLAN.

A first network device may measure one or more values of one or more parameters corresponding to a plurality of links and/or devices of the network. The first network device may compare the measured one or more values of the one or more parameters to an expected one or more values of the one or more parameters. The first network device may determine whether to transmit data onto a network path between the first device and one of the plurality of devices based on a result of the comparison, wherein at least one of the plurality of links and/or devices are not part of the network path. The first network device may be operable to utilize the discovered parameter values to generate a security key which may be utilized to encrypt and/or scramble content prior to transmitting the content onto the network.

In a digital rights management system, a rights management server sends event notifications to certain users when other users perform certain actions (read, print, copy, etc.) on documents managed by the system. For each document, a notification rule defines which users will receive what event notifications for that document. The notification rule is determined based on document access permissions possessed by the users, so that only users who have permission to perform an action on the document will receive notifications when other users perform that action on the document, while users with no permission to perform an action will not receive notifications when other users perform that action. The server also allows the users who have permission to perform an action to opt out of the notifications. The server monitors events that occur on the documents, and sends event notifications to appropriate users according to the notification rules.

The invention enables digital music content to be downloaded to and used on a portable wireless computing device. An application running on the wireless device has been automatically adapted to parameters associated with the wireless device without end-user input (e.g. the application has been configured in dependence on the device OS and firmware, related bugs, screen size, pixel number, security models, connection handling, memory etc. This application enables an end-user to browse and search music content on a remote server using a wireless network; to download music content from that remote server using the wireless network and to playback and manage that downloaded music content. The application also includes a digital rights management system that enables unlimited legal downloads of different music tracks to the device and also enables any of those tracks stored on the device to be played so long as a subscription service has not terminated.

A system is provided for downloading, for distribution and for acoustic reproduction of a music album, which includes at least one or several digital music files and/or multimedia content in the form of one or several multimedia files assignable to the music file, wherein the music file and/or multimedia file are provideable as data sets for downloading, wherein the music file and/or multimedia file are as data sets pre-holdable grouped after downloading as a music album in a data memory of an end-user-device, wherein the music file and/or multimedia file is treatable by a treatment means, particularly in dependency to an authorization, and wherein the treated music file and/or multimedia file is transferable to an output device of the end-user-device, especially a speaker device with or without a display device, in such a way, that the music file and/or multimedia file is at least acoustically emittable to one user.