Devices, servers, systems and methods for content protection are provided. Disclosed embodiments improve temporal granularity of controlling access to the protected content and increase resilience against attacks attempting to prevent re-evaluation of conditions of access. Enforcement of re-evaluation may be based on the receipt and/or verification of tokens. In some embodiments, re-evaluation is enforced by periodically rendering content keys required for content decryption unuseable and/or clearing content keys already in use.

Techniques for a smartphone-based conditional access (CA) system are described. In some embodiments, a headend in the CA system obtains a security profile associated with a pair of receiving devices used by a user, e.g., a first device (e.g., a smartphone) and a second device (e.g., a set-top-box or a TV). The headend dynamically regulates user access to requested media content during each entitlement period by assigning and distributing separate keys to the first and second device based on the security profile. The headend also uses the distributed keys to protect the media content before broadcasting. On the receiving end, one receiving device receives the media content and determines whether it is decryptable by the device. If decryptable, the receiving device (e.g., the set-top-box/TV) decrypts the media content using the keys assigned by the headend. Otherwise, the receiving device forwards the media content to the pairing device for decryption.

[Object] To improve convenience for providing a coupon with the use of a spatial or temporal modulation component added to light that can be captured while a service is being used.

[Solution] Provided is a method for providing a coupon by using a terminal device and at least one server configured to provide a service to the terminal device, the method including: capturing light while the service is being used, transmitting key information based on a spatial or temporal modulation component of the light to the server, and receiving coupon information related to the service transmitted from the server by using the terminal device; and receiving the key information from the terminal device and issuing the coupon information in accordance with the key information by using the server.

Technologies for secure mediated reality content publishing includes one or more mediated reality servers, multiple mediated reality listeners, and multiple mediated reality creators. The mediated reality server performs an attestation procedure with each listener based on a pre-provisioned attestation credential of that listener and provisions a session encryption key to each validated listener. The attestation procedure may validate a trusted execution environment of each listener. The mediated reality server generates aggregated mediated reality content based on protected mediated reality content received from the creators and generates an associated license that defines one or more content usage restrictions of the aggregated mediated reality content. The server sends the aggregated mediated reality content to the listeners, protected by the corresponding session encryption key. The server may provision each of the listeners with a back-channel encryption key to protect feedback data generated by sensors of the listeners. Other embodiments are described and claimed.

Systems, devices, and process described facilitate use of a first user device communicatively coupled to a local area network (LAN) The first user device may include a first hardware processor configured to execute first, non-transient, computer instructions for facilitating a first seamless DVR engine configured to identify a first content. A second user device is also coupled to the LAN. The second user device may include a second hardware processor configured to execute second, non-transient, computer instructions for facilitating a second seamless DVR configured to identify a second content. Each of the seamless DVR engines may be configured to generate a common universal directory identifying the first content and the second content as being available for use by each of the first user device and the second user device. User devices may independently populate the common universal directory. The universal directory may identify a distinct status for the content.

Federated systems for issuing playback certifications granting access to technically protected content are described. One embodiment of the system includes a registration server connected to a network, a content server connected to the network and to a trusted system, a first device including a non-volatile memory that is connected to the network and a second device including a non-volatile memory that is connected to the network. In addition, the registration server is configured to provide the first device with a first set of activation information in a first format, the first device is configured to store the first set of activation information in non-volatile memory, the registration server is configured to provide the second device with a second set of activation information in a second format, and the second device is configured to store the second set of activation information in non-volatile memory.

A method, apparatus, article of manufacture, and a memory structure for securely providing data for use by a hardware device of a receiver. The method utilizes a product provisioning key (PPV) held secure from other entities that can be unlocked and used with a secret value securely and unchangeably stored in the hardware device.

Systems and methods for securing communications in a playback device using a key base and at least one key contribution in accordance with embodiments of the invention are disclosed. In one embodiment, a process includes generating a key base using a decryption key and at least one key contribution, where the decryption key can be recovered using the key base and the at least one key contribution, receiving the key base, receiving the at least one key contribution, sending the key base to a decryption module, sending the key contribution to a control module, performing a control feature on the piece of content using the control module, providing the key contribution to the decryption module when the control feature is performed, generating the decryption key using the key base and the at least one key contribution, and accessing at least a portion of the piece of content.

A method of providing robust and secure fingerprints including, at an enrollment stage, the steps of providing a content x for which a fingerprint is to be provided, assigning an ID number to the content x, providing a secret key k, generating a fingerprint b.sub.x based on content x and secret key k, storing the generated fingerprint b.sub.x together with the assigned ID in a database, as well as, at an identification stage, the steps of extracting, for a given query content y which might result either from the enrolled content x or an unrelated content x′, an estimate fingerprint b.sub.y based on content y, and secret key k, producing an estimated I{hacek over (D)} number based on the estimate fingerprint b.sub.y for identifying the content x using said ID number stored in the database, or else rejecting the query.

A system for securely providing streaming media content on-demand may include a plurality of receiving devices in which each receiving device may request the same or different streaming media content (e.g., stored at a content storage system of a content delivery network) on-demand using VOD or other available on-demand services and/or applications associated with, in communication with or running on the respective receiving devices. In response, the content storage system of the content delivery network will encrypt the requested content uniquely for each received request (e.g., according to an encryption key that is unique for each or virtually each request) and deliver the encrypted requested content to the appropriate respective receiving device of the receiving devices. The respective receiving devices will then each decrypt the streaming content as it is being received according to the corresponding decryption key communicated from a respective individual secure remote to the respective receiving device.