(19)
`
`(12)
`
`Europäisches Patentamt
`
`European Patent Office
`
`Office européen des brevets
`
`*EP001558032A2*
`EP 1 558 032 A2
`
`(11)
`
`EUROPEAN PATENT APPLICATION
`
`(43) Date of publication:
`27.07.2005 Bulletin 2005/30
`
`(21) Application number: 05250326.5
`
`(22) Date of filing: 24.01.2005
`
`(84) Designated Contracting States:
`AT BE BG CH CY CZ DE DK EE ES FI FR GB GR
`HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR
`Designated Extension States:
`AL BA HR LV MK YU
`
`(30) Priority: 22.01.2004 US 538602 P
`
`(71) Applicant: Widevine Technologies, Inc.
`Seattle, WA 98164 (US)
`
`(54)
`
`Piracy prevention system
`
`(57)
`System, apparatus, and methods are directed
`to preventing a media player from playing a pirated me-
`dia file, such as a pre-release motion picture. The inven-
`tion treats the pirated media file as an infection and de-
`velops an immune system for the media player. The in-
`vention may be taught how to recognize an infection by
`using an immunization record for each media file that is
`to be treated as an infection. As the media file is played
`in real-time, a fingerprint is determined (408). A compar-
`
`(51) Int Cl.7: H04N 5/913
`
`(72) Inventor: The designation of the inventor has not
`yet been filed
`
`(74) Representative: Williams, David John et al
`Page White & Farrer,
`54 Doughty Street
`London WC1N 2LS (GB)
`
`ison is performed between the immunization records
`and the determined fingerprint (410). If a match is de-
`termined (412), then an alert may be provided (414).
`The alert may be employed to perform any of a variety
`of actions, including disabling the media player, sending
`a message to an owner of a digital right for the media
`file, and the like.
`
`Printed by Jouve, 75001 PARIS (FR)
`
`EP1 558 032A2
`
`EX1037
`Roku V. Media Chain
`U.S. Patent No. 9,715,581
`
`

`

`1
`
`EP 1 558 032 A2
`
`2
`
`Description
`
`CROSS-REFERENCE TO RELATED APPLICATIONS
`
`[0001] This application claims the benefit of U.S. Pro-
`visional Application Serial No. 60/538,602 filed on Jan-
`uary 22, 2004, the benefit of the earlier filing date of
`which is hereby claimed under 35 U.S.C. § 119(e) and
`further incorporated by reference.
`
`FIELD OF THE INVENTION
`
`[0002] The present invention relates to digital piracy
`prevention, and more particularly, but not exclusively, to
`a system and method for detecting pirated motion pic-
`tures prior to a home entertainment release date.
`
`BACKGROUND OF THE INVENTION
`
`[0003] Motion picture piracy is a significant problem.
`Pirates are known to produce and sell Video Compact
`Discs (VCDs) and Digital Versatile Discs (DVDs) of mo-
`tion pictures prior to the official home entertainment re-
`lease. Recently, VCD and DVD piracy has become a
`multi-billion dollar business. Digital copies of motion pic-
`tures are also often freely distributed on the Internet, fur-
`ther reducing the value of the motion picture release. As
`a result, motion picture studios have lost revenue due
`to this piracy.
`[0004] Motion pictures are typically released and dis-
`tributed in phases and/or into different geographic mar-
`kets. Motion picture prints, however, may be expensive
`to produce - typically, around $3,000 to around $5,000
`per print. Therefore, often a set of prints might be pro-
`duced for a U.S. release and then the same set of prints
`might be sent to a foreign market. After the earning from
`the theatrical release may be achieved, the picture may
`be released to a home entertainment market on video
`tape, DVD, and so forth. Currently, the motion picture
`industry business relies upon this phased distribution
`model. However, the 35 mm film format is inherently un-
`securable. Film prints of motion pictures are often re-
`leased to theaters around the world where some prints
`are freely copied in any one of several ways. For exam-
`ple, some prints are copied via camming (using a hand
`held camcorder that is smuggled into the theater), tele-
`syncing (camming from a tripod in the centre of the
`theater and synced to an audio track recorded from the
`projection room), or telecine (the print is transferred to
`video). Pirated copies of the motion picture may then be
`transferred to computing device and sent virtually
`around the world in minutes using the Internet. At the
`'other end,' the pirated motion pictures may be trans-
`ferred to another medium, such as a DVD and VCD. The
`pirated motion pictures may also be played directly by
`an end media player. Such actions have made it difficult
`to reduce the amount of piracy.
`[0005] Moreover, there are several types of media
`
`players available to play back pirated motion pictures.
`For example, VCDs can be played in many DVD play-
`ers. Also, some of the more sophisticated pirates are
`now producing pirated movies onto DVD. Therefore, it
`is with respect to these considerations and others that
`the present invention has been made.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0006] Non-limiting and non-exhaustive embodi-
`ments of the present invention are described with refer-
`ence to the following drawings. In the drawings, like ref-
`erence numerals refer to like parts throughout the vari-
`ous figures unless otherwise specified.
`[0007] For a better understanding of the present in-
`vention, reference will be made to the following Detailed
`Description of the Invention, which is to be read in as-
`sociation with the accompanying drawings, wherein:
`
`FIGURE 1 shows a functional block diagram illus-
`trating one embodiment of an environment for prac-
`ticing the invention;
`FIGURE 2 shows one embodiment of a media play-
`er that may be included in a system implementing
`the invention;
`FIGURE 3 shows a logical block diagram illustrating
`one embodiment of components of a Piracy Immu-
`nity Manager (PIM) for use in the media player of
`FIGURE 2; and
`FIGURE 4 illustrates a logical flow diagram gener-
`ally showing one embodiment of a process for man-
`aging access to a media file, in accordance with the
`present invention.
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`DETAILED DESCRIPTION OF THE INVENTION
`
`[0008] The present invention now will be described
`more fully hereinafter with reference to the accompany-
`ing drawings, which form a part hereof, and which show,
`by way of illustration, specific exemplary embodiments
`by which the invention may be practiced. This invention
`may, however, be embodied in many different forms and
`should not be construed as limited to the embodiments
`set forth herein; rather, these embodiments are provided
`so that this disclosure will be thorough and complete,
`and will fully convey the scope of the invention to those
`skilled in the art. Among other things, the present inven-
`tion may be embodied as methods or devices. Accord-
`ingly, the present invention may take the form of an en-
`tirely hardware embodiment, an entirely software em-
`bodiment or an embodiment combining software and
`hardware aspects. The following detailed description is,
`therefore, not to be taken in a limiting sense.
`[0009] Briefly stated, the present invention is directed
`to preventing a media player from playing a pirated me-
`dia file, such as a pre-release motion picture, audio file,
`graphics file, and the like. That is, an intent of the inven-
`tion includes enabling a media player to recognize a
`
`40
`
`45
`
`50
`
`55
`
`2
`
`

`

`3
`
`EP 1 558 032 A2
`
`4
`
`piece of content (e.g., some or all of the media file) and
`to prevent its playback until its home entertainment re-
`lease date. The invention treats the pirated media file
`as an infection and develops an immune system for the
`media player. A process of immunization is established
`where the immune system is taught how to recognize
`an infection. In one embodiment, the immune system is
`taught by loading it with an immunization record for each
`media file that is to be treated as an infection. As the
`media file is played by the media player, a fingerprint is
`determined. A comparison is performed between the im-
`munization records and the determined fingerprint. In
`one embodiment, the comparison is based, at least in
`part, on a weighted comparison of digital components
`of the fingerprint, with a match being based, in part, on
`satisfying a pre-determined confidence level. If a match
`is determined, then an alert is provided. The alert may
`be employed to perform any of a variety of actions, in-
`cluding disabling the media player, sending a message
`to an owner of a digital right associated with the media
`file, and the like. In addition, updates to the immuniza-
`tion records may be performed over a network, a DVD,
`a VCD, and the like. In one embodiment, an immuniza-
`tion record store is periodically scanned; expunging any
`identified expired immunization records, and requesting
`an update of the immunization record store to be per-
`formed. In another embodiment, the media player is
`configured to be unable to access a media file, until an
`update is performed.
`
`Illustrative Operating Environment
`
`[0010] FIGURE 1 illustrates one embodiment of an
`environment in which the present invention may oper-
`ate. However, not all of these components may be re-
`quired to practice the invention, and variations in the ar-
`rangement and type of the components may be made
`without departing from the spirit or scope of the inven-
`tion.
`[0011] As shown in the figure, environment 100 in-
`cludes Immunization Record Server (IRS) 102, pirated
`source 104, network 105, legitimate media file/Immuni-
`zation Record (LM/IR) 106, pirated media file 108, and
`media player 110.
`[0012] Network 105 is in communication with IRS 102,
`pirated source 104, and media player 110. LM/IR 106 is
`in communication with IRS 102 and media player 110,
`while pirated media file 108 is in communication with pi-
`rated source 104 and media player 110.
`[0013] Media player 110 is described in more detail
`below in conjunction with FIGURES 2-3. Briefly, howev-
`er, media player 110 includes virtually any device that is
`configured to enable receive and play a media file, in-
`cluding, but not limited to television appliances, digital
`recorders, set-top boxes, cellular phones, mobile devic-
`es, personal digital assistants (PDAs), personal com-
`puters, jukeboxes, hybrid Internet-music-player/home-
`stereo-component-system, and the like. Media player
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`3
`
`110 may further be configured to receive an immuniza-
`tion record and employ the immunization record to de-
`termine whether a media file is to be treated as an in-
`fection.
`[0014]
`In one embodiment, a media file may represent
`a pre-release, geographic release, and the like, of a mo-
`tion picture. Pre-releases may include a release of a mo-
`tion picture that is configured to be viewed by a pre-de-
`termined number of viewers, such as designated
`screeners, movie critics, test audiences, and the like.
`After a period of time, pre-releases are typically re-
`placed by formal releases, such as home entertainment
`releases, and the like. Geographic releases may include
`a motion picture release that is configured to be re-
`leased to a pre-defined geographic location of the world,
`such as the west coast of the United States, the United
`States, Europe, Southeast Asia, and the like. Such ge-
`ographic releases are typically not intended for audi-
`ence viewing outside of the pre-defined geographic lo-
`cation. Media files are not restricted to these descrip-
`tions, however, and may include virtually any digital con-
`tent that is configured to have a restriction placed upon
`it, such as time, location, and the like. Unfortunately,
`such pre-releases, geographic releases, and the like,
`may be pirated using a variety of mechanisms, and sent
`to audiences other than those that were originally in-
`tended to view the media file. Thus, as shown in FIG-
`URE 1, pirated source 104 represents virtually any
`source of a media file that is considered to be improperly
`obtained.
`[0015] Media files include data files that may be for-
`matted using any of a variety of digital formats that in-
`clude audio and/or image information. Audio files may
`be, for example, computer files that include computer
`code, which encodes audio information such as music,
`speech, sound effects, and the like. Audio file formats
`currently popular and frequently encountered include
`'wave' files (*.wav), MP3 files (*.mp3), liquid audio files
`(*.lqt), Real AudioTM (*.rm, *.ram), and the like. Image
`files may include still images and 'moving' images (here-
`after referred to generally as 'video'). Still images may
`include, for example, textual files, photographs, draw-
`ings, paintings,
`trademarks,
`logos, designs, and so
`forth. Video files may include, for example, computer
`files, which include computer code encodings of a series
`of images that may be viewed in rapid succession to cre-
`ate an illusion of motion. Video files formats may include
`MPEG (*.mpg) files, QuickTime (*.qt) files, Vivo (*.viv)
`files, Real VideoTM (*.rm), and so forth. Some of these
`file formats (Real AudioTM and Real VideoTM, for ex-
`ample) can be downloaded as streaming audio and/or
`video that is played in real-time. Other file formats may
`be downloaded in their entirety and stored locally for
`playing and/or for further redistribution at a future time
`after downloading. Similarly, such media files may be
`configured and stored on a variety of mediums, DVD,
`VCD, high definition DVD, Super Video CD (SVCD), Su-
`per Audio CD (SACD), and the like.
`
`

`

`5
`
`EP 1 558 032 A2
`
`6
`
`[0016] As shown in FIGURE 1, pirated media file 108
`represents one embodiment of an improperly obtained
`media file stored on a tangible medium such as de-
`scribed above. Pirated media files may also be provided
`by pirated source 104 using virtually any other mecha-
`nisms, including transporting the pirated media file over
`a network, such as network 105.
`[0017] Network 105 is enabled to employ any form of
`computer readable media for communicating informa-
`tion from one electronic device to another. Also, network
`105 can include the Internet in addition to local area net-
`works (LANs), wide area networks (WANs), direct con-
`nections, such as through a universal serial bus (USB)
`port, other forms of computer-readable media, or any
`combination thereof. On an interconnected set of LANs,
`including those based on differing architectures and pro-
`tocols, a router acts as a link between LANs, enabling
`messages to be sent from one to another. Also, com-
`munication links within LANs typically include twisted
`wire pair or coaxial cable, while communication links be-
`tween networks may utilize analog telephone lines, full
`or fractional dedicated digital lines including T1, T2, T3,
`and T4, Integrated Services Digital Networks (ISDNs),
`Digital Subscriber Lines (DSLs), wireless links including
`satellite links, or other communications links known to
`those skilled in the art. Furthermore, remote computers
`and other related electronic devices could be remotely
`connected to either LANs or WANs via a modem and
`temporary telephone link. In essence, network 105 in-
`cludes any communication method by which information
`may travel between IRS 102, pirated source 104, media
`player 110, and another computing device. Further-
`more, the number of WANs, and LANs in FIGURE 1 may
`be increased or decreased arbitrarily.
`[0018] The media used to transmit information in com-
`munication links as described above illustrates one type
`of computer-readable media, namely communication
`media. Generally, computer-readable media includes
`any media that can be accessed by a computing device.
`Computer-readable media may include computer stor-
`age media, communication media, or any combination
`thereof.
`[0019] Additionally, communication media typically
`embodies computer-readable instructions, data struc-
`tures, program modules, or other data in a modulated
`data signal such as a carrier wave or other transport
`mechanism and includes any information delivery me-
`dia. The terms "modulated data signal," and "carrier-
`wave signal" includes a signal that has one or more of
`its characteristics set or changed in such a manner as
`to encode information, instructions, data, and the like,
`in the signal. By way of example, communication media
`includes wired media such as twisted pair, coaxial cable,
`fiber optics, wave guides, and other wired media and
`wireless media such as acoustic, RF, infrared, and other
`wireless media.
`[0020]
`IRS 102 may include virtually any device that
`is configured to provide an immunization record associ-
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`4
`
`ated with a media file. Devices that may operate as IRS
`102 include personal computers desktop computers,
`multiprocessor systems, microprocessor-based or pro-
`grammable consumer electronics, network PCs, serv-
`ers, and the like.
`[0021]
`IRS 102 may provide the immunization record
`to media player 110 using any of a variety of mecha-
`nisms. For example, IRS 102 may insert the immuniza-
`tion record onto a DVD, high definition DVD, Super Vid-
`eo CD (SVCD), VCD, Super Audio CD (SACD), and the
`like, represented by LM/IR 106. Such medium may fur-
`ther include an unrelated media file. For example, a
`DVD may include an immunization associated with one
`media file, such as movie "A," and also include a differ-
`ent unrelated media file, such as a promotion for movie
`"B." IRS 102 may also provide the immunization to me-
`dia player 110 over a network, such as network 105.
`[0022]
`In the present invention, an improperly ob-
`tained media file, such as a pre-release, geographic re-
`lease motion picture, and the like, may be viewed as an
`infection by media player 110. Thus, for example, a mo-
`tion picture media file that has not yet had its home en-
`tertainment release is generally considered to be an in-
`fection. Typically, there are a relatively small number of
`infections that the present invention may need to guard
`against. For example, the seven most prominent Holly-
`wood studios typically make approximately 20 motion
`pictures each year. In most cases, the home entertain-
`ment releases for each motion picture is between about
`six to twelve months after the theatrical release. As a
`result, enabling the present invention to guard against
`approximately 200 infections may be sufficient. Howev-
`er, the invention is not constrained to these numbers,
`and may be configured to manage virtually any number
`of infections.
`[0023] To manage a response to an infection, IRS 102
`may be configured to determine an immunization record
`from a legitimate (e.g., authorized) media file. A typical
`immunization record may include, for example, a com-
`pact fingerprint of a motion picture, or other media file,
`in pre-release, geographic release, and the like, and a
`home entertainment release date, or similar appropriate
`release date upon which the media file may no longer
`be considered as an infection by media player 110. The
`immunization record may expire once the media file's
`determined to no longer be considered an infection.
`That is, for example, where the media file is a motion
`picture, the immunization may expire once the motion
`picture is in home entertainment release.
`[0024] A typical immunization record may include a
`variety of fields, each of which may be of various sizes.
`For example, where the media file represents pre-re-
`lease content, a home entertainment release date might
`be included that is about four bytes, a media file title
`Identifier might be also included that is about 32 bytes,
`and so forth. Also, a typical fingerprint might also be in-
`cluded that is between about 8 and about 800 kilobytes
`depending on a resolution, level of confidence desired
`
`

`

`7
`
`EP 1 558 032 A2
`
`8
`
`for determining a match, a type of mechanism employed
`to determine the fingerprint, and the like.
`[0025] The fingerprint within the immunization record
`represents a unique signature of the media file that is
`generally invariant to a variety of distorting transforma-
`tions that may arise due to pirating, including, zooming,
`panning, cropping, trapezoidal distortions, frame rate
`variations, color gamut changes, compression, trans-
`coding, and the like.
`[0026] The fingerprint may be derived from using any
`of a variety of mechanisms that may sample and ana-
`lyze a media file. Such mechanisms may include, for ex-
`ample, those that are described in co-pending U.S. Pat-
`ent Application, Serial Number 09/988,824, entitled
`"Media Tracking System and Method," filed November
`20, 2001, which is incorporated herein by reference.
`Such mechanisms may include, for example, deriving
`the fingerprint based on a word count calculated for
`each of selected image or group of images, within the
`media file. The fingerprint may also be generated using
`a word count per groups of pictures (also referred to as
`"GOPs") that may be plotted over a pre-determined
`length of the media file. In one embodiment, a waveform
`may be derived from this data that may be used to gen-
`erate a unique media file identifier for use as a finger-
`print. For instance, an energy level over time may be
`determined for the waveform, and employed to generate
`a fingerprint. Fingerprints may also include identifiers
`generated by a data set called an 'image vector,' for
`each image or selected images of the media file. How-
`ever, the invention is not limited to these examples, and
`virtually any mechanism may be employed that is invar-
`iant to at least the above mentioned concerns.
`
`Illustrative Media Player
`
`[0027] FIGURE 2 shows one embodiment of a media
`player employing an immune system, according to one
`embodiment of the invention. Media player 200 may in-
`clude many more or less components than those shown.
`The components shown, however, are sufficient to dis-
`close an illustrative embodiment for practicing the inven-
`tion.
`[0028] Media player 200 includes processing unit
`212, and mass memory, each of which is in communi-
`cation with each other via bus 222. The mass memory
`generally includes RAM 216, ROM 232, and one or
`more permanent mass storage devices, such as media
`drive 228. The mass memory stores may store operat-
`ing system 220 for controlling the operation of media
`player 200. Any general-purpose operating system may
`be employed. Media player 200 may also employ a spe-
`cial-purpose operating system. RAM 216 may also in-
`clude one or more applications 250 that may enable me-
`dia player 200 to perform a variety of actions, including
`recording of a media file, rewinding a media file, fast for-
`warding the media file, enabling a streaming media file
`to be received, and the like. Applications 250 may also
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`5
`
`enable virtually any other actions including enabling
`email, and other communications with another comput-
`ing device, and the like.
`[0029] Basic input/output system ("BIOS") 218 may
`also be provided for controlling the low-level operation
`of media player 200. As illustrated in FIGURE 2, media
`player 200 also can communicate with the Internet, or
`some other communications network, such as network
`105 in FIGURE 1, via network interface unit 210, which
`is constructed for use with various communication pro-
`tocols including the UDP/IP, TCP/IP protocols. Howev-
`er, the invention is not limited to these protocols, and
`virtually any network protocol may be employed. Net-
`work interface unit 210 is sometimes known as a trans-
`ceiver,
`transceiving device, network interface card
`(NIC), and the like.
`[0030] Media player 200 also includes input/output in-
`terface 224 for communicating with external devices,
`such as a mouse, keyboard, television, display device,
`or other input/output devices not shown in FIGURE 2.
`[0031] Media drive 228 includes virtually any device
`and related software that is configured to receive a me-
`dia file on a pre-determined content medium. Such de-
`vices include, but are not limited to, a DVD drive, high
`definition DVD drive, Super Video CD (SVCD) drive,
`VCD drive, Super Audio CD (SACD) drive, and other
`content media devices. For example, media drive 228
`may also be Dynamic Digital Sound (DDS) drive. More-
`over, media drive 228 may also support write capabili-
`ties, such as through a DVD/RW drive, and the like. Me-
`dia drive 228, however, is not limited to DVD, and CD
`technologies and virtually any other digital media tech-
`nology may be employed without departing from the
`scope of spirit of the present invention.
`[0032] Media drive 228 may also include capabilities
`to enable a media file to be erased, destroyed, written
`over, and the like. Media drive 228 may receive an in-
`struction, event, and the like, from PIM 252 that directs
`it to disable itself from further reads of the media file,
`destroy the media file, and the like.
`[0033] PIM 252 is described in more detail below in
`conjunction with FIGURE 3. Briefly, however, PIM 252
`is configured to treat pirated media files as an infection.
`PIM 252 may be taught about possible infections, by
`loading it with an immunization record for each infection.
`PIM 252 may update a store of the immunization records
`over a network, such as illustrated in FIGURE 1, a DVD,
`and the like, such as LM/IR 106 of FIGURE 1, and the
`like. PIM 252 may then employ the immunization record
`to monitor media files to determine if the media file is an
`infection. If it is determined to be an infection, PIM 252
`may then provide a pre-determined alert, message, ac-
`tion, a true/false indication of a pirated media file, and
`the like. In one embodiment, the alert is provided in em-
`ploying any of a variety of secure communication mech-
`anisms. For example, at power up of PIM 300, or upon
`a similar event, PIM 300 may establish a secure com-
`munication channel to a component of media player 200
`
`

`

`9
`
`EP 1 558 032 A2
`
`10
`
`for the receipt of immunization records and for issuing
`of the alerts.
`[0034] PIM 252 may be implemented as part of an ap-
`plication that provides client side monitoring of media
`files. PIM 252 can also be implemented in an integrated
`circuit, part of a silicon core, and the like, within media
`player 200. In one embodiment, PIM 252 could be li-
`censed to a manufacturer of media player 200. In an-
`other embodiment, PIM 252 may be downloaded as an
`application into PIM 252, from another medium, such as
`a DVD, over a network, and the like.
`[0035] FIGURE 3 shows a logical block diagram illus-
`trating one embodiment of components of the Piracy Im-
`munity Manager (PIM) of FIGURE 2. PIM 300 of FIG-
`URE 3 may include many more or less components than
`those shown. The components shown, however, are
`sufficient to disclose an illustrative embodiment for prac-
`ticing the invention. Moreover, PIM 300 may employ a
`process such as described below in conjunction with
`FIGURE 4 to perform actions.
`[0036] As shown, PIM 300 includes immunity system
`controller 302, fingerprinter 304, secure immunization
`record store 306, fingerprinter comparator 308, and se-
`cure real-time clock 310. Immunity system controller
`302 is in communication with fingerprinter 304, secure
`immunization record store 306, fingerprinter comparator
`308, and secure real-time clock 310. Fingerprinter 304
`and secure immunization record store 306 are each in
`further communication with fingerprinter comparator
`308. Secure real-time clock 310 is also in communica-
`tion with fingerprinter comparator 308.
`[0037]
`Immunity system controller 302 is configured
`to manage actions of other components within PIM 300,
`including providing timing signals, event instructions,
`and the like. In one embodiment, immunity system con-
`troller 302 may include an operating system, applica-
`tion, and the like, for managing actions of the other com-
`ponents.
`[0038] Secure immunization record store 306 in-
`cludes virtually mechanism configured to receive and
`securely store immunization records, including a data-
`base, a file, a flash memory device, and the like. In one
`embodiment, secure immunization record store 306 is
`configured as a flash memory that may store at least
`about 200 immunization records. However, the inven-
`tion is not limited to this storage capacity, and another
`may be selected without departing from the scope or
`spirit of the invention.
`[0039] Secure immunization record store 306 may al-
`so be configured to provide an alert to immunity system
`controller 302 if tampering is detected. In another em-
`bodiment, secure immunization record store 306 may
`be configured to employ security certificates and the
`like, to ensure that an immunization record is proper, in-
`structions and the like are from immunity system con-
`troller 302, and the like.
`[0040] Secure immunization record store 306 may be
`updated with new immunization records using a variety
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`6
`
`of mechanisms including over a network, a DVD device,
`and the like. For example, a movie studio could include
`private data in a DVD of a home entertainment release
`of a particular motion picture the immunization records
`for other current theatrical releases. In this way, a media
`player could be updated without ever having to be con-
`nected to the Internet.
`[0041]
`In one embodiment of the invention, secure im-
`munization record store 306 and/or immunity system
`controller 302 may be configured to restrict the media
`player for playing if secure immunization record store
`306 has not received an update to the stored immuni-
`zation records within a pre-defined period of time.
`[0042] Secure immunization record store 306 may be
`periodically scanned for expired immunization records
`by reference to a real-time clock source. Also, an older
`immunization record can be removed when a more cur-
`rent immunization record is received. That is, secure im-
`munization record store 306 may expire those immuni-
`zation records where the associated media file, has
`reached its home entertainment release date, or other
`date where a media file is to no longer to be considered
`as an infection.
`[0043] Secure real-time clock 310 may provide real-
`time clock information in a manner that minimizes tam-
`pering or otherwise modifying its output information.
`Moreover, secure real-time clock 310 may also be con-
`figured to be securely set using any of a variety of secure
`mechanisms, including receiving timing information se-
`curely of a network, and the like.
`[0044] Fingerprinter 304 is configured to receive a
`media file, as it is played and to determine from the me-
`dia file, a fingerprint. Fingerprinter 304 may employ vir-
`tually any mechanism to determine a fingerprint, includ-
`ing those described above. Fingerprinter 304 is ar-
`ranged to provide the fingerprint to fingerprinter compa-
`rator 308. Fingerprinter comparator 308 is configured to
`compare immunization records from secure immuniza-
`tion record store 306 to determine whether there is a
`match. In one embodiment, fingerprinter comparator
`308 may employ a pre-determined confidence level to
`determine if there is a match. Such confidence level
`may, for example, be selected to determine a match, or
`one that is sufficiently close to be considered to have
`arisen from a same media file. Thus, in one embodi-
`ment, the match may be determined from a comparison
`to a specified maximum allowable threshold, given the
`pre-determined confidence level. If a match is deter-
`mined, fingerprinter comparator 308 in conjunction with
`immunity system controller 302 may be further config-
`ured to provide a predefined action, including an alert,
`such as a true/false detection of a pirated media file, and
`the like. In one embodiment, PIM 300 may be configured
`to provide an instruction that a media player is to be dis-
`abled from future reads of the media file, a message
`may also be sent over a network, and the like.
`[0045] FIGURE 4 illustrates a logical flow diagram
`generally showing one embodiment of a process for
`
`

`

`11
`
`EP 1 558 032 A2
`
`12
`
`managing access to a media file, such as a pirated mo-
`tion picture and the like, in accordance with the present
`invention. Process 400 of FIGURE 4 may, for example,
`be implemented within PIM 300 of FIGURE 3.
`[0046] Process 300 begins, after a start block, at block
`402, where an immunization record is received. Such
`immunization record is employed to determine how and
`when a media file is to be identified as an infection. In
`one embodiment, a plurality of immunization records
`may be received. Out of date immunization records may
`also, at block 402, be expunged, such that a valid media
`file is not inadvertently determined to be an infection.
`[0047] Processing flows next to decision block 404,
`where a determination is made whether there are more
`portions of the media file to be read. At this first pass
`through process 400, it is assumed that the media file
`is being read in real-time (e.g., streamed). If it is deter-
`mined that more streaming media files are to be read,
`processing flows to block 406; otherwise, processing re-
`turns to a calling process.
`[0048] At block 406, at least a portion of the streaming
`media file is received. If th