Disclosed herein are a method and device for transmitting digital content. A selection of at least one device authorized to receive digital content is detected. It is identified whether each selected device contains a session key that corresponds to a local session key. Digital content is transmitted to each device whose session key corresponds to the local key. Digital content is prevented from transmission to unselected devices not having a corresponding session key.

An apparatus, e.g. a wireless media access point, includes a transceiver, a non-transitory storage medium, and a processor operably coupled to the transceiver and the storage medium. The processor is configured by instructions stored on the storage medium to transmit a first multicast channel associated with a first group temporal key (GTK), and to simultaneously transmit a second multicast channel associated with a second GTK.

A method is provided for delivering a streaming media asset to a client device. For the method, a request is received over a communication network from a client device for playing a media asset in accordance with a streaming media technique. Prior to fully authorizing the client device to play the media asset, the client device is provided with access to a first cryptographic key that decrypts a subset of the media asset so that the client device is able to render the subset of the media asset before completion of the authorization. The subset of the media asset is less than all of the media asset. Subsequent to successfully fully authorizing the client device to play the media asset, the client is provided with access to at least one additional cryptographic key that decrypts a remainder of the media asset.

Methods, devices, systems and computer program products enable generation, distribution and management of live broadcast content in such a way so as to allow identification of a pirate device or subscriber quickly and efficiently. Content is divided into content blocks, where each content block is divided into content units. Each of the content units is selectable from n variations of the content unit and a majority of ail possible combinations of content unit variations are permissible to be selected for production of the uniquely identifiable content. The content blocks, including the n variations of the content units, a media block key, and at least one device key is delivered to an authorized device. A particular pattern of content units is generated that identifies which of the n content unit variations must be used by the authorized device for constructing each content block.

Method for distributing multimedia licenses by a server to a plurality of user devices in a distribution system of a multimedia service, the access of which is protected by a first protection. This method comprising verifying that computing resources used by the server do not exceed a maximal threshold, if so, generating and then transmitting regular licenses including said first protection in response to user device requests, otherwise switching the server to a singular mode of distribution aiming to protect the access to the multimedia service using a second protection, independent of the first protection; to generate and to transmit to the devices one singular license comprising the second protection; to verify that the computing resources do not exceed the maximal threshold, if so, to switch from the singular mode to a regular mode so as to protect the access to the multimedia content using only said first protection.

Techniques for a smartphone-based conditional access (CA) system are described. In some embodiments, a headend in the CA system obtains a security profile associated with a pair of receiving devices used by a user, e.g., a first device (e.g., a smartphone) and a second device (e.g., a set-top-box or a TV). The headend dynamically regulates user access to requested media content during each entitlement period by assigning and distributing separate keys to the first and second device based on the security profile. The headend also uses the distributed keys to protect the media content before broadcasting. On the receiving end, one receiving device receives the media content and determines whether it is decryptable by the device. If decryptable, the receiving device (e.g., the set-top-box/TV) decrypts the media content using the keys assigned by the headend. Otherwise, the receiving device forwards the media content to the pairing device for decryption.

A method of session-based DASH operations can include receiving a media presentation description (MPD) referencing a session-based description (SBD) and indicating a key name during a media access session. The SBD includes a first repeating pattern element that includes a first sequence of timed key values of the key name. The first repeating pattern element indicates that the first sequence of the timed key values of the key name is relocated along a timeline or an orderline. A first key value of the key name corresponding to a timing or a segment number of a current segment of a sequence of segments can be determined based on the first repeating pattern element in the SBD. A request for the current segment can be transmitted to a media content server. The request includes a pair of the key name and the first key value.

Apparatus, method, and media for permitting use of content. An exemplary method comprises associating a transfer right with content, the transfer right specifying that the content is permitted to be transferred from a first computing device to a second computing device, transferring the content from the first computing device to the second computing device in accordance with the transfer right, updating information associated with the transfer right based on the transfer of the content from the first computing device to the second computing device, and associating a usage right with the content, the usage right corresponding to a utilization of the content, wherein the first computing device includes at least a server mode of operation, and wherein the second computing device includes both a requester mode of operation and a server mode of operation.

A system includes a session and resource manager and a video pump. The session and resource manager negotiates encryption keys from a headend controller and provides the encryption keys to a video pump. The video pump uses the encryption keys from the session and resource manager to encrypt content. Thus, the video pump uses encryption keys to encrypt the content so that it is encrypted right from the video pump prior to transmission over the entire transport system. A generic modulation device may thus be used to modulate the encrypted content over the delivery network.

A video capturing device configured to capture video data, the image capturing device comprising: an image processing pipeline configured to generate a video stream from the captured video data; an encryption key activating module configured to, upon request, activate an encryption key and deactivate any previously activated encryption key used for encrypting the video stream, such that only one encryption key is activated to be used for encryption of the video stream at each instance in time; an encryption scheduler module configured to, at a predetermined time interval, instruct the encryption key activating module to activate an encryption key; an event handling module configured to, as a response to receiving indications of a detected event, instruct the encryption key activating module to activate an encryption key; an encryption module configured to encrypt the video stream using the one activated encryption key.