A method, apparatus, and manufacture for instantiating a browser plugin is provided. A client web browser of a client is employed to instantiate a browser plugin for the client web browser. Next, the client web browser is employed to obtain a reference to the browser plugin. Then, a command is given to the browser plugin via the reference to the browser plugin. The browser plugin is used by the client web browser rather than the web page.

Apparatus and associated methods that allow a user (e.g., cable or satellite network subscriber) to access content, such as a video program, from a location outside the subscriber's network, with dynamic or adaptive insertion of secondary content (e.g., advertisements or promotions) that are more relevant for that context. In one embodiment, a personal content server streams the content to the subscriber over a network connection from the local e.g., (subscription) network to a remote network upon authorization by a content manager process; secondary content is evaluated and selectively inserted or replaced depending on factors such as the user's remote location, the configuration of their platform, the date and time of their access request, and/or the subject matter of the primary content.

A content access device includes an interface module having a plurality of interfaces that operate in accordance with a corresponding plurality of interface formats. The interface module is programmable to select at least one of the plurality of interfaces to receive a transport stream and output a processed transport stream. The interface formats include a plurality of broadcast video card formats and a plurality of wired computer interface formats. A key storage device stores at least one key. An encryption processing device retrieves the at least one key from the key storage device, and then processes the transport stream based on the at least one key to generate the processed transport stream.

Tools are provided for distributing access-restricted content in an internet protocol television (IPTV) environment based on portable entitlement keys. Such tools can include a decoder, an encoder, and a network entitlement handler. The decoder may be configured to receive a key associated with entitlement information, and transmit the entitlement information over a network. The encoder may be configured to receive content from content providers, and to encode the content to create IP-compatible content, with access restrictions based on entitlement. The network entitlement handler may be configured to receive a request for requested content from the decoder; receive the access-restricted content (including the requested content) from the encoder; and transmit the requested content over the network to the decoder using IP, when the decoder is entitled to receive the requested content.

Techniques and mechanisms described herein facilitate the management of digital rights for media content item presentation. According to various embodiments, a request for a content decryption key may be received at a media application implemented at a computing device. The request may be transmitted by a media content player implemented at the computing device. The request may be transmitted in accordance with a designated key exchange protocol. A license for an encrypted media content item corresponding with the requested content decryption key may be identified at the media application. Based on information included in the license, encrypted key material may be decrypted to create the requested content decryption key via a processor at the computing device. The requested content decryption key may be provided to the media content player.

Techniques and mechanisms described herein facilitate the management of digital rights for media content item presentation. According to various embodiments, a request for a content decryption key may be received at a media application implemented at a computing device. The request may be transmitted by a media content player implemented at the computing device. The request may be transmitted in accordance with a designated key exchange protocol. A license for an encrypted media content item corresponding with the requested content decryption key may be identified at the media application. Based on information included in the license, encrypted key material may be decrypted to create the requested content decryption key via a processor at the computing device. The requested content decryption key may be provided to the media content player.

A system and method for a centralized data asset marketplace including a single network or cloud platform environment for the sharing and distribution of data assets, a user interface layer providing a user access to the environment, data assets, an access control and audit component which stores user's requests and a single sign on component allowing the user to access the user interface layer, wherein the user interface layer includes a meta data management component, a service discovery component, a service request processing component, and a delivery service. The method of managing data assets includes registering of data assets, wherein the registering of the data assets includes registering meta data of the data assets; accessing and execution of data assets; searching for data assets, wherein the searching can be via a pre-configured search or custom created search queues; sharing of data assets, wherein the sharing of the data assets can be done for the corresponding meta data or of actual results of the data asset; checking out data assets, wherein checking out of the data assets includes adding the assets to a shopping cart; and authorization for selective execution of the data assets.

A system is disclosed for securely communicating between a user device and a target device, which includes a user input receiving user inputs and a user device memory for storing at least one fixed dataset having a plurality of data bits and an inherent entropy. At least one predetermined harvest process is stored in ser device memory, which is operable within a main harvest process to distill the dataset to a predetermined bit length to define a private key of the user at a predetermined key length. A processor operates to execute the main harvest process to receive a unique user Personal Information Number (PIN) acquired by the user and having a plurality of digits associated therewith, and wherein the at least one predetermined harvest process is dependent on the user PIN and the value of at least one of the digits therein, such that the at least one predetermined harvest process is parameterized by the value of the at least one of the digits and operates differently for each value of the at least one of the digits. The processor applies the at least one predetermined harvest process to the dataset to distill the dataset down to the predetermined key length to define the private key, and then stores the private key to the user device. A target device memory and an encryption engine on the target device interface with a proximity-based link. The private key is transferred to the target device via the proximity-based link and an interface on the target device stores the transmitted private key in the target device memory.

Systems and methods are described for securely and efficiently processing electronic content. In one embodiment, a first application running on a first computing system establishes a secure channel with a second computing system, the secure channel being secured by one or more cryptographic session keys. The first application obtains a license from the second computing system via the secure channel, the license being encrypted using at least one of the one or more cryptographic session keys, the license comprising a content decryption key, the content decryption key being further encrypted using at least one of the one or more cryptographic session keys or one or more keys derived therefrom. The first application invokes a second application to decrypt the license using at least one of the one or more cryptographic session keys, and further invokes the second application to decrypt the content decryption key using at least one of the one or more cryptographic session keys or one or more keys derived therefrom, and to decrypt a piece of content using the content decryption key. The first application then provides access to the decrypted piece of content in accordance with the license.

A digital content distribution system uses a Digital Rights Management Controller that performs a set of arbitrary tests against the transfer request from one user to another such as user A to user B. Assuming these tests are successful, the DRM sends an encryption key to transferring user A. This encryption key E is taken from a table of encryption key/hash pairs which have been provided to the DRM Controller by an external authority such as the content rights holder. User A encrypts the content using they key provided by the DRM controller and then optionally calculates a hash over the encrypted form of the content E(X) and returns this value to the DRM Controller. On checking the returned hash against the hash from the table the DRM controller knows that user A does indeed have the digital content X in good condition. The DRM Controller then instructs both users A and B that the transfer may proceed. The encrypted form of the content E(X) is transferred from A to B. Once the content transfer has completed B ensures that the received content has been physically written to non-volatile storage (to account for crashes etc. during the next step). B then calculates a hash over the received content and returns this value to the DRM Controller. If this value matches the value previously given then the transfer has been successful and the DRM Controller updates whatever central records are appropriate, while also returning a decrypt key to B to allow it to decrypt the content.