U.S. Pat. No. 9,853,957

DETAILED DESCRIPTION

As noted above, various DRM technologies have been developed to prevent unauthorized copying and distribution of certain multimedia content. DRM is a broad term encompassing a variety of different technologies and enforcement policies, often established by individual content providers or content owners. Although some standards have been proposed, DRM technologies are continuously evolving and, to date, none of the proposed standards have been universally adopted. As such, and as will be appreciated in light of this disclosure, it is non-trivial to enable secure video streaming on certain game consoles, such as the Xbox 360® game console sold by Microsoft Corporation of Redmond, Wash., due to the fact that such game consoles employ different hardware and different media framework (e.g., Microsoft MMFPP/Silverlight), streaming mechanism (e.g., Microsoft Smooth Streaming), and DRM security models (e.g., Microsoft PlayReady and Xbox Live® single sign on model), compared to other existing consoles that support DRM technologies. For example, some third-party multimedia players utilize private cryptographic keys for accessing encrypted content. These so-called secret keys may be embedded either in the multimedia player or in a certificate accessible by the player. However, some game consoles have proprietary security models and media frameworks that do not permit applications to access secret keys and, as such, are incompatible with non-native DRM technologies. In particular, certain game consoles (e.g., Xbox 360®) require applications to be integrated with a single sign on (SSO) model that utilizes an external security service (e.g., Xbox Live® services) for security token exchange and verification. Furthermore, on certain game console applications (e.g., Xbox 360®), non-native DRM content decryption is conducted at the software level, which can expose the secret keys to malicious attacks on the multimedia player. Also, on certain game consoles (e.g., Xbox 360®), an attacker can access operating system-level debuggers at runtime to extract any secret keys stored in a client application.

To this end, and in accordance with an embodiment of the present invention, techniques are disclosed for secure playback of protected multimedia content on a game console using a secret-less application. A secret-less application is one in which there is no secret or cryptographic key unique to the application that is embedded in the application or in a certificate associated with the application. The game console may, for example, be an Xbox 360® or other game console configured to stream protected multimedia content. An SSO model (e.g., Xbox Live®) can be used for client authentication at a key server, which eliminates the need of storing or using any secret information in the client application. Further, an encrypted content key can be generated by a content packager using a public cryptographic key. The encrypted content key can be deployed in the key server uniform resource identifier (URI) of a playlist file and sent to the key server during the client's key request. The key server can be configured to decrypt the content key using a corresponding private key upon completing a successful authentication of a SSO token. Further, the content key and unencrypted content are protected in the game console client application from debugging and replay attacks by using additional security checks at both the client and key server. By storing secret information (e.g., the private key) remotely from the game console and using the SSO model, DRM policies can be enforced on a secret-less game console client application. Numerous configurations and variations will be apparent in light of this disclosure.

As used herein, the terms “content” and “multimedia content,” in addition to their plain and ordinary meanings, include audio, video, data, graphics, or any other information that can be identified, addressed, referenced or handled in any networked information system, such as the World Wide Web, or any information that can be delivered from a publisher to an end-user via physical media, such as a portable USB drive, CD, DVD or Blu-ray disc. In general, content includes any form of information in digital form; however, content may be embodied in non-digital forms (e.g., analog) or a combination of digital and non-digital forms.

As used herein, the term “protected content,” in addition to its plain and ordinary meaning, includes content that is controlled within a secure environment and to which access is restricted to entities (e.g., clients, servers, applications, scripts, components, etc.) authorized by the owner or publisher of the content. Some specific examples of protected content include data, electronic documents, files, web pages, images, objects, services, and collections of resources and/or generally anything that has an identity and can be referenced in some manner. Protected content that is secured under an OAuth framework, for example, may be accessed by the third party application using Hypertext Transfer Protocol (HTTP) messages, specifically including the HTTP/1.1 standard protocol (currently defined by the Internet Engineering Task Force (IETF) Request for Comments (RFC) 2616), although it will be apparent in light of this disclosure that other application and authentication protocols can be used to access protected resources using the techniques disclosed herein. An access control mechanism may be used to control access to the content. The access control mechanism may, for example, include any DRM technology that limits use of the content to devices and applications possessing an appropriate security credential. One form of protected content is content that is encrypted using a suitable encryption algorithm. Encrypted content is generally unusable until decrypted using a suitable decryption algorithm, which may depend on a secret cryptographic key.

As used herein, the term “security token,” in addition to its plain and ordinary meaning, includes data used to authorize use of a service. For example, a security token may include data representing a digital credential or other authority that is recognized by a third party.

In an example embodiment of the present invention, a methodology is provided for secure playback of protected multimedia content on a game console using a secret-less application in which no secret information (e.g., cryptographic keys, tokens and the like) is stored, embedded or visible. The methodology includes a secure content key delivery protocol, which leverages the SSO model to prevent security attacks in an untrusted client environment. A content packager can create and encrypt protected content. The content packager can also create and sign a security token. For delivering the content key to the client, the signed security token can be embedded in the key URI of a protected content playlist, which can be used by a game console client application for requesting a content key through a remote service.

In some embodiments, a client-side (e.g., game console) security scheme can be used to protect both the content decryption key and the decrypted content on the client. In an example embodiment, the security scheme includes obfuscation of the client application execution code to prevent reverse engineering and static code analysis. Code obfuscation may include, for example, renaming, metadata removal, flow control obfuscation, string encryption, or any combination thereof. In another example embodiment, the security scheme includes anti-debugging features encoded in the client application to prevent possible debugging attacks at the managed code level. In such cases, an Application Programming Interface (API) that is native to the game console operating system may be invoked by the client application to check for any debugger code and, if so, force the debugger code to fail before security-sensitive portions of the client application are executed. In another example embodiment, the security scheme includes anti-debugging code at the kernel level to prevent lower level debugging attempts (e.g., by using a kernel debugger). This may be accomplished using (i) error-detecting code to detect changes to security sensitive code blocks, which ensures that there is no breakpoint inserted in the code block, and (ii) ensuring that the game console does not have certain security privileges (e.g., developer privilege) by leveraging the separation of game console developer network and production network. One or more of the above security schemes may be used in any combination.

In some embodiments, a server-side (e.g., key server) authentication scheme can be implemented to prevent SSO token replay attacks. A replay attack is one in which valid data is transmitted or intercepted for malicious or fraudulent purposes, such as for use by an unauthorized party. In an example embodiment, a key server conducts a security check on an

SSO token received from a game console client application to ensure that the received token corresponds to the same game console that the token was originally issued to. In particular, the key server can check whether the IP address of the sender matches with that claimed in the token. The key server may, in some cases, examine the time expiry information in the SSO token to determine whether the token has expired. In some such cases, the expiration time of a token may be customized via the SSO services to manage the trade-off between security (e.g., the difficulty level for a reply attack) and performance (e.g., the frequency at which the game console client application requests new tokens).

Example System for DRM Protected Video Streaming

FIG. 1illustrates an example client-server system100for secure playback of protected multimedia content on a game console using a secret-less application, in accordance with an embodiment. The system100includes a game console110, a content server120, a key server130, and a security token service140, each electronically interconnected via a network150. Generally, the game console110can be any type of device, such as an Xbox 360® game console, configured to access and use protected content122. The protected content122may, for example, be distributed by the content server120in an encrypted form or in conjunction with other suitable security measures so as to prevent its use by unauthorized recipients. The game console110includes a client application112configured to play back the protected content122. One or more storage devices for storing the protected content122may be operatively connected to the content server120. The security token service140can issue security credentials (e.g., an SSO token) to the client application112for use in accessing the protected content122.

In use, the system100provides a client-server environment for playing the protected content122on the game console110without storing any secret information in the client application112. Generally, access to the protected content122can be granted to the client application112if the game console110holds valid security credentials for the protected content. However, in some cases the client application112cannot hold certain security credentials due to constraints imposed by the game console hardware, media framework, streaming mechanism, DRM security model, or any combination of these, such as discussed above. Thus, the key server130, which is trusted by the security token service140, can authorize the game console110to access the protected content122by providing a content decryption key or other digital authority to the game console110. The content key may then be used by the client application112to access the protected content122.

FIG. 2illustrates the client-server system100ofFIG. 1in further detail, in accordance with an embodiment. In addition to the client application112, the game console110includes a library module114and an Application Development Kit (ADK) module116. The client application112may, for example, include an HTTP Live Streaming (HLS) player application for processing (e.g., playing) multimedia content. The library module114may, for example, provide functionality for accessing a specific type of multimedia content, such as multimedia content provided by a subscription service. The ADK module116may, for example, provide additional functionality for accessing protected content, such as authentication, decryption, or other security-related functions. The content server120includes a content packager module124. The key server130may include a token validation module132and a key service module134. The security token service140may include, for example, the Xbox Live® service provided by Microsoft Corp. Xbox Live® includes online (e.g., Internet accessible) game and media delivery services for the Xbox® game console. As noted above, the game console110can be in communication with the media server120, the key server130, the security token service140, or any combination thereof, via one or more communication networks150, such as the Internet, a wide area network or a local area network. The various components of the system100may be provided by one or more entities. For example, the game console110may be an end-user device, while the media server120, the key server130and security token service140may be provided by one or more third-parties.

In use, a game console user can register the game console110with the security token service140so that the user can access certain multimedia content provided by the content server120. The system100can be configured to perform any of the functions described in the following example. As indicated at reference number1, the security token service140can establish a trusted relationship with the key server130. This process may be performed once or as often as needed to maintain the trusted relationship. By establishing this trusted relationship, the key server130may authenticate an access token210issued by the security token service140when such tokens are received from the game console110. The game console110can utilize the security token service140to obtain the access token210(e.g., an SSO token) for accessing the protected content122. In particular, as indicated at reference number2, the ADK116can request the access token210from the security token service140using, for example, a username/password combination or other suitable user-specific credentials. If the security token service140validates the credentials supplied in the request, the security token service can return the access token210to the ADK116, as indicated at reference number3. It will be noted that the ADK116, rather than the client application112, can store and use the access token210. In this manner, it is not necessary for the client application112to store secret information associated with accessing the protected content122, including the access token210.

The content server120is configured to send a playlist214to the game console110, as indicated at reference number4. The playlist214is a file that stores a multimedia playlist. For example, the playlist214may be an M3U or M3U8 format file that specifies the location of the protected content122(e.g., a universal resource locator (URL)). The content server120is further configured to send the protected content122to the game console110as encrypted content212. In particular, the content packager124is configured to encrypt the protected content122using a content key126. The content packager124can encrypt the protected content122at any time (e.g., in advance of sending the playlist to the game console110or “just in time” as the playlist is being sent to the game console). The protected content122may be sent, for example, as streaming video or audio, in which the content is delivered to the game console110in several segments rather than in a single large data file. The content packager124is further configured to generate a signed security token, which includes, but is not limited to: (1) the content key encrypted by the content packager using the content key126, and (2) relevant policy information, such as expiry and output control information. The security token may, in some cases, include additional information. The playlist214may include a key URI that specifies the location of the key server130. For example, the key URI may have the following format: “https://remote-keyserver/key?token=Xbox SecurityToken”, where “remote-keyserver” is the URL of the key server130, and “XboxSecurityToken” is the signed security token. Note that inherently Hypertext Transfer Protocol Secure (HTTPS) is a secure protocol that prevents network traffic attacks, although it will be understood that secure communications protocols other than HTTPS can be used.

As indicated at reference number5, after obtaining the playlist214, the game console110is configured to send a content key request to the key server, which includes the signed security token216(for the content key and policy) and the access token210(for client authentication). As mentioned above, an SSO model can be used to authenticate the game console110for playing back the protected content122. In general, SSO includes utilizing an authentication server that has a trusted relationship with the content owner. In this case, the key server130may act as the authentication server since the key server and security token service140can have a trusted relationship, such as discussed above. Upon receiving the content key request, the key server130first authenticates the game console110by validating the access token210following the SSO model. If the authentication succeeds, the key server130then decrypts the encrypted content key encoded in the security token216using a private cryptographic key136held by the key server, and returns the decrypted content key218to the game console110, as indicated at reference number6. The decrypted content key218can be used by the game console110to decrypt and play the encrypted content212. In this manner, no secret information, such as a private key or certificate, is stored by the game console client application112, and the client authentication is achieved using a SSO model.

In some cases, before sending the decrypted content key218to the game console110, the key server130can extract the policy from the security token216to examine the expiry information (e.g., a DRM technology that prevents access to content after a specified date or time) and obtain any output control information (e.g., a DRM technology that can be used to disable output of clear content). If the security token216is not expired, the key server130can send the decrypted content key218and output control information, if any, to the game console110as an HTTPS response (or a response via another secure protocol), as indicated at reference number6. Otherwise, the content key218is not sent to the game console110.

Example Methodologies

FIG. 3shows an example server-side methodology300for protected video streaming in accordance with an embodiment. The method300may be implemented, for example, on the key server130ofFIGS. 1 and 2. The method300begins by receiving (310) an access control credential and an encrypted content key, such as encoded in the access token210and the signed security token216described with respect toFIG. 2, from a client computing device, such as the game console110ofFIGS. 1 and 2. The access control credential and the encrypted content key can be received via a communication network using a secure communications protocol, such as HTTPS. The method300continues by determining (312) that the client is authenticated based on the access control credential. Authentication may be via the SSO model, such as described above. In some embodiments the method continues by receiving (314) policy information from the client. The policy information may include expiry information and other output control information associated with the protected content. The method continues by obtaining (316) the output control information from the policy if, for example, the expiration date or time has not elapsed (e.g., if the policy is valid). If the client is authenticated, the method continues by decrypting (318) the encrypted content key using, for example, a private cryptographic key that is associated with a public cryptographic key that was used to encrypt the content key (e.g., by the content server120). As noted above, the encrypted content key may be encoded in the security token216. The method continues by sending (320) the decrypted content key to the client using a secure communication protocol, such as HTTPS. The decrypted content key is configured for use by the client computing device for accessing encrypted content from a content server, such as the protected content122distributed by the content server120ofFIGS. 1 and 2. In some cases, some or all of the functions variously described in this paragraph can be performed in any order and at any time by one or more different processors.

FIG. 4shows an example client-side methodology400for protected video streaming in accordance with an embodiment. The method400may be implemented, for example, on the game console110ofFIGS. 1 and 2, (e.g., Xbox 360®). The method400begins by receiving (410) an access control credential from a security token service via a communications network. The access control credential may include a single sign on token. The method400continues by receiving (412), from a multimedia content server via the communications network, a playlist file having encoded therein a uniform resource identifier (URI) associated with a key server and a security token signed by the multimedia content server. In some cases, the URI is encoded in a format comprising “https://remote-keyserver/key?token=XboxSecurityToken”, where “remote-keyserver” represents a URL of the key server, and “XboxSecurityToken” represents the security token. An encrypted content key associated with protected multimedia content can be encoded in the security token. The method400continues by sending (414) the access control credential and the encrypted content key to the key server via the communications network using a secure communications protocol. In some cases, the secure communications protocol includes Hypertext Transfer Protocol Secure (HTTPS). The method400continues by receiving (418) a decrypted content key from the key server via the communications network using the secure communications protocol. The decrypted content key is configured for accessing the protected multimedia content. In some embodiments, the method400continues by receiving (418) the protected content from the multimedia content server via the communications network, decrypting (420) the protected content using the decrypted content key, and playing (422) the decrypted content. In some cases, the protected content can be played back using a HTTP Live Streaming (HLS) player. In some cases, some or all of the functions variously described in this paragraph can be performed in any order and at any time by one or more different processors.

FIG. 5shows an example server-side methodology500for protected video streaming in accordance with an embodiment. The method500may be implemented, for example, on the content server120ofFIGS. 1 and 2. The method500begins generating (510) a playlist file associated with protected multimedia content. The playlist file has encoded therein a uniform resource identifier (URI) associated with a key server and a security token signed by the content server. In some embodiments, the method500includes encoding the URI in a format comprising “https://remote-keyserver/key?token=Xbox SecurityToken”, where “remote-keyserver” represents a URL of the key server, and “XboxSecurityToken” represents the security token. An encrypted content key associated with the protected multimedia content can be encoded in the security token. The method500continues by encrypting (512) the protected multimedia content using a content key. The method500continues by sending (514) the playlist file and the protected multimedia content to a client computing system via a communication network using a secure communications protocol. In some cases, the secure communications protocol includes Hypertext Transfer Protocol Secure (HTTPS). In some embodiments, the method500includes encoding policy information associated with the protected multimedia content in the playlist file. In some cases, some or all of the functions variously described in this paragraph can be performed in any order and at any time by one or more different processors.

Example Computing Device

FIG. 6is a block diagram representing an example computing device1000that may be used to perform any of the techniques as variously described herein. For example, the game console110, the content server120, the key server130, the security token server140, or any combination of these (such as described with respect toFIGS. 1 and 2) may be implemented in the computing device1000. The computing device may be any computer system, such as a workstation, desktop computer, server, laptop, handheld computer, tablet computer (e.g., the iPad™ tablet computer), mobile computing or communication device (e.g., the iPhone™ mobile communication device, the Android™ mobile communication device, and the like), or other form of computing or telecommunications device that is capable of communication and that has sufficient processor power and memory capacity to perform the operations described herein. A distributed computational system may be provided comprising a plurality of such computing devices.

The computing device1000includes one or more storage devices1010and/or non-transitory computer-readable media1020having encoded thereon one or more computer-executable instructions or software for implementing techniques as variously described herein. The storage devices1010may include a computer system memory or random access memory, such as a durable disk storage (which may include any suitable optical or magnetic durable storage device, e.g., RAM, ROM, Flash, USB drive, or other semiconductor-based storage medium), a hard-drive, CD-ROM, or other computer readable media, for storing data and computer-readable instructions and/or software that implement various embodiments as taught herein. The storage device1010may include other types of memory as well, or combinations thereof. The storage device1010may be provided on the computing device or provided separately or remotely from the computing device. The non-transitory computer-readable media1012may include, but are not limited to, one or more types of hardware memory, non-transitory tangible media (for example, one or more magnetic storage disks, one or more optical disks, one or more USB flash drives), and the like. The non-transitory computer-readable media1012included in the computing device1000may store computer-readable and computer-executable instructions or software for implementing various embodiments. The computer-readable media1012may be provided on the computing device1000or provided separately or remotely from the computing device.

The computing device1000also includes at least one processor1020for executing computer-readable and computer-executable instructions or software stored in the storage device and/or non-transitory computer-readable media and other programs for controlling system hardware. Virtualization may be employed in the computing device1000so that infrastructure and resources in the computing device may be shared dynamically. For example, a virtual machine may be provided to handle a process running on multiple processors so that the process appears to be using only one computing resource rather than multiple computing resources. Multiple virtual machines may also be used with one processor.

A user may interact with the computing device1000through an output device1030, such as a screen or monitor, which may display one or more user interfaces provided in accordance with some embodiments. The output device1030may also display other aspects, elements and/or information or data associated with some embodiments. The computing device1000may include other I/O devices1040for receiving input from a user, for example, a keyboard, a joystick, a game controller, a pointing device (e.g., a mouse, a user's finger interfacing directly with a display device, etc.), or any suitable user interface. The computing device1000may include other suitable conventional I/O peripherals. The computing device1000can include and/or be operatively coupled to various suitable devices for performing one or more of the functions as variously described herein. The computing device1000may include a network interface1014for communicating with other devices via a network, such as the Internet.

The computing device1000may run any operating system, such as any of the versions of the Xbox 360® operating system, Microsoft® Windows® operating systems, the different releases of the Unix and Linux operating systems, any version of the MacOS® for Macintosh computers, any embedded operating system, any real-time operating system, any open source operating system, any proprietary operating system, any operating systems for mobile computing devices, or any other operating system capable of running on the computing device and performing the operations described herein. In an embodiment, the operating system may be run on one or more cloud machine instances.

In other embodiments, the functional components/modules may be implemented with hardware, such as gate level logic (e.g., FPGA) or a purpose-built semiconductor (e.g., ASIC). Still other embodiments may be implemented with a microcontroller having a number of input/output ports for receiving and outputting data, and a number of embedded routines for carrying out the functionality described herein. In a more general sense, any suitable combination of hardware, software, and firmware can be used, as will be apparent.

As will be appreciated in light of this disclosure, the various modules and components of the system shown inFIGS. 1 and 2, such as the client application112, the library114, the ADK116, the content packager124, the token verification module132, and the key service134, can be implemented in software, such as a set of instructions (e.g., C, C++, object-oriented C, JavaScript, Java, BASIC, etc.) encoded on any computer readable medium or computer program product (e.g., hard drive, server, disc, or other suitable non-transient memory or set of memories), that when executed by one or more processors, cause the various methodologies provided herein to be carried out. It will be appreciated that, in some embodiments, various functions performed by the user computing system, as described herein, can be performed by similar processors and/or databases in different configurations and arrangements, and that the depicted embodiments are not intended to be limiting. Various components of this example embodiment, including the user computing system, can be integrated into, for example, one or more desktop or laptop computers, workstations, tablets, smartphones, game consoles, set-top boxes, or other such computing devices. Other componentry and modules typical of a computing system, such as processors (e.g., central processing unit and co-processor, graphics processor, etc.), input devices (e.g., keyboard, mouse, touch pad, touch screen, etc.), and operating system, are not shown but will be readily apparent.

Further Examples

Numerous embodiments will be apparent in light of the present disclosure, and features described herein can be combined in any number of configurations. One example embodiment provides a system including a storage having at least one memory, and one or more processors each operatively coupled to the storage. The one or more processors are configured to carry out a process including receiving, from a client computing device via a communications network using a secure communications protocol, an access control credential and an encrypted content key associated with protected multimedia content; determining that the client computing device is authenticated based on the access control credential; in response to the determination, decrypting the encrypted content key using a private cryptographic key; and sending the decrypted content key to the client computing device via the communications network using the secure communications protocol, the decrypted content key being configured for use by the client computing device for accessing the protected multimedia content. In another example embodiment, the one or more processors are configured to carry out a process including receiving an access control credential from a security token service via a communications network; receiving, from a multimedia content server via the communications network, a playlist file having encoded therein a uniform resource identifier (URI) associated with a key server and a security token signed by the multimedia content server, the security token having encoded therein an encrypted content key associated with protected multimedia content; sending the access control credential and the encrypted content key to the key server via the communications network using a secure communications protocol; receiving a decrypted content key from the key server via the communications network using the secure communications protocol, the decrypted content key being configured for accessing the protected multimedia content; and playing back the protected multimedia content using the decrypted content key. In yet another example embodiment, the one or more processors are configured to carry out a process including generating a playlist file associated with protected multimedia content, the playlist file having encoded therein a uniform resource identifier (URI) associated with a key server and a signed security token having encoded therein an encrypted content key associated with the protected multimedia content; encrypting the protected multimedia content using a public cryptographic the content key; and sending the playlist file and the protected multimedia content to a client computing system via a communication network using a secure communications protocol. Another embodiment provides a non-transient computer-readable medium or computer program product having instructions encoded thereon that when executed by one or more processors cause the processor to perform one or more of the functions defined in the present disclosure, such as the methodologies variously described in this paragraph. As previously discussed, in some cases, some or all of the functions variously described in this paragraph can be performed in any order and at any time by one or more different processors.

The foregoing description and drawings of various embodiments are presented by way of example only. These examples are not intended to be exhaustive or to limit the invention to the precise forms disclosed. Alterations, modifications, and variations will be apparent in light of this disclosure and are intended to be within the scope of the invention as set forth in the claims.