An apparatus and method for protecting content in a graphics processor. For example, one embodiment of an apparatus comprises: encode/decode circuitry to decode protected audio and/or video content to generate decoded audio and/or video content; a graphics cache of a graphics processing unit (GPU) to store the decoded audio and/or video content; first protection circuitry to set a protection attribute for each cache line containing the decoded audio and/or video data in the graphics cache; a cache coherency controller to generate a coherent read request to the graphics cache; second protection circuitry to read the protection attribute to determine whether the cache line identified in the read request is protected, wherein if it is protected, the second protection circuitry to refrain from including at least some of the data from the cache line in a response.

The present invention concerns an electronic system and a method for managing digital content relating to works of art adapted for preventing the uncontrolled diffusion thereof. The electronic system (10) for managing digital content relating to works of art is characterised in that it comprises at least one importing unit (11) of files comprising digital content relating to works of art associated with at least one display unit (12) of digital content relating to works of art, wherein the importing unit (11) comprises encrypting/decrypting means (11a) of the files comprising digital content relating to works of art, the encrypting/decrypting means comprising means for generating a unique encryption key based on at least one identification code associated in a unique manner with the display unit (12,12) and/or with at least one electronic part (12a,14a;12a,14a) comprised in the same (12,12). The method (100) for managing digital content relating to works of art is characterised in that it comprises the steps consisting of importing (110) at least one file comprising digital content relating to works of art; acquiring (150) at least one identification code associated in a unique manner with a display unit (12,12) and/or with at least one electronic part (12a,14a;12a,14a) comprised in the same (12,12); generating (160) a unique encryption key based on the at least one identification code acquired; encrypting (170) the at least one imported file with the unique key generated; and storing (180) the encrypted file.

Methods and apparatus for control of data and content protection mechanisms across a network using a download delivery paradigm. In one embodiment, conditional access (CA), digital rights management (DRM), and trusted domain (TD) security policies are delivered, configured and enforced with respect to consumer premises equipment (CPE) within a cable television network. A trusted domain is established within the user's premises within which content access, distribution, and reproduction can be controlled remotely by the network operator. The content may be distributed to secure or non-secure output domains consistent with the security policies enforced by secure CA, DRM, and TD clients running within the trusted domain. Legacy and retail CPE models are also supported. A network security architecture comprising an authentication proxy (AP), provisioning system (MPS), and conditional access system (CAS) is also disclosed, which can interface with a trusted authority (TA) for cryptographic element management and CPE/user device authentication.

Preference data is received. The received preference data is compared to stored preference data associated with a user with which the received preference data is associated. A determination is made whether to authorize an action based at least on the comparison. The preference data is received as a selection.

Methods and apparatus for control of data and content protection mechanisms across a network using a download delivery paradigm. In one embodiment, conditional access (CA), digital rights management (DRM), and trusted domain (TD) security policies are delivered, configured and enforced with respect to consumer premises equipment (CPE) within a cable television network. A trusted domain is established within the user's premises within which content access, distribution, and reproduction can be controlled remotely by the network operator. The content may be distributed to secure or non-secure output domains consistent with the security policies enforced by secure CA, DRM, and TD clients running within the trusted domain. Legacy and retail CPE models are also supported. A network security architecture comprising an authentication proxy (AP), provisioning system (MPS), and conditional access system (CAS) is also disclosed, which can interface with a trusted authority (TA) for cryptographic element management and CPE/user device authentication.

A firmware image is received at an information handling system. A symmetric key is generated and stored at a trusted platform module (TPM). The firmware image is encrypted using the symmetric key. The encrypted firmware image is stored in a non-volatile memory.

A method and system for generating and processing an authenticity certificate. A request for a step certificate is received from a requester entity. The step certificate authenticates an involvement of the requester entity about an object. The request includes an object identifier, a requester entity type of the requester entity, and a requester identity certificate of the requester entity. The object identifier is hashed. A signature is created and includes the hashed object identifier, the requester entity type, a certifier identity certificate, and the requester identity certificate. A hashing result is generated by hashing a concatenation of the object identifier, the requester entity type, the certifier entity certificate, the requester identity certificate, and the signature. The step certificate is generated and includes the hashing result. The step certificate is encrypted. The encrypted step certificate is sent to the requester entity for subsequently storing the step certificate on a media.

A system and method is arranged to provide compression and decompression of digital content in a secure manner. The system is configured to authenticate a source of the digital content, and to further determine a consumer's entitlements and rights for access to the digital content. Based upon the determined entitlements and rights for access, the system is directed to decrypt, and decompress the digital content. In one embodiment, a component of the system is enabled to establish a trust relationship with at least one other component of the system, to minimize an opportunity for piracy of the digital content. In another embodiment, a secure clock is directed to provide protection against hackers that may employ an in-circuit emulator, or the like.

A novel method and apparatus for protection of streamed media content is disclosed. In one aspect, the apparatus includes control means for governance of content streams or content objects, decryption means for decrypting content streams or content objects under control of the control means, and feedback means for tracking actual use of content streams or content objects. The control means may operate in accordance with rules received as part of the streamed content, or through a side-band channel. The rules may specify allowed uses of the content, including whether or not the content can be copied or transferred, and whether and under what circumstances received content may be checked out of one device and used in a second device. The rules may also include or specify budgets, and a requirement that audit information be collected and/or transmitted to an external server. In a different aspect, the apparatus may include a media player designed to call plugins to assist in rendering content. A trust plugin is disclosed, along with a method of using the trust plugin so that a media player designed for use with unprotected content may render protected content without the necessity of requiring any changes to the media player. In one aspect, the streamed content may be in a number of different formats, including MPEG-4, MP3, and the RMFF format.

A firmware image is received at an information handling system. A symmetric key is generated and stored at a trusted platform module (TPM). The firmware image is encrypted using the symmetric key. The encrypted firmware image is stored in a non-volatile memory.