System, apparatus and method for controlling multiple trusted execution environments in a system
US-2016350534-A1 · Dec 1, 2016 · US
Technologies for secure mediated reality content publishing
US10581815B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10581815-B2 |
| Application number | US-201615143741-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 2, 2016 |
| Priority date | May 2, 2016 |
| Publication date | Mar 3, 2020 |
| Grant date | Mar 3, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Technologies for secure mediated reality content publishing includes one or more mediated reality servers, multiple mediated reality listeners, and multiple mediated reality creators. The mediated reality server performs an attestation procedure with each listener based on a pre-provisioned attestation credential of that listener and provisions a session encryption key to each validated listener. The attestation procedure may validate a trusted execution environment of each listener. The mediated reality server generates aggregated mediated reality content based on protected mediated reality content received from the creators and generates an associated license that defines one or more content usage restrictions of the aggregated mediated reality content. The server sends the aggregated mediated reality content to the listeners, protected by the corresponding session encryption key. The server may provision each of the listeners with a back-channel encryption key to protect feedback data generated by sensors of the listeners. Other embodiments are described and claimed.
First claim
Opening claim text (preview).
The invention claimed is: 1. A computing device for secure mediated reality content publishing, the computing device comprising: an attestation module to perform an attestation procedure with a mediated reality listener based on a pre-provisioned attestation credential of the mediated reality listener; a key management module to securely provision a session encryption key to the mediated reality listener in response to performance of the attestation procedure; a composition module to generate aggregated mediated reality content based on protected mediated reality content received from each of a plurality of mediated reality creators; a license management module to generate, by a trusted execution environment of the computing device, a first license associated with the aggregated mediated reality content based on a plurality of licenses associated with the protected mediated reality content, wherein the first license defines one or more content usage restrictions for the aggregated mediated reality content; and a communication module to securely send the aggregated mediated reality content and the first license to the mediated reality listener, wherein the aggregated mediated reality content is protected by the session encryption key. 2. The computing device of claim 1 , wherein: to perform the attestation procedure comprises to (i) verify authenticity of the mediated reality listener with the attestation credential of the mediated reality listener and (ii) establish a secure communication channel between the computing device and the mediated reality listener in response to verification of the authenticity of the mediated reality listener; and to securely provision the session encryption key comprises to securely provision the session encryption key to the mediated reality listener via the secure communication channel. 3. The computing device of claim 1 , wherein to perform the attestation procedure comprises to perform a secure key exchange between the computing device and the mediated reality listener. 4. The computing device of claim 1 , wherein the pre-provisioned attestation credential of the mediated reality listener comprises an enhanced privacy identifier private key provisioned to the mediated reality listener by a manufacturer of the mediated reality listener. 5. The computing device of claim 1 , wherein: the attestation module is further to perform an attestation procedure with a mediated reality creator based on a pre-provisioned attestation credential of the mediated reality creator; and the key management module is further to securely provision a second session encryption key to the mediated reality creator in response to the performance of the attestation procedure; wherein the protected mediated reality content received from the mediated reality creator is protected by the second session encryption key. 6. The computing device of claim 1 , wherein the key management module is further to derive the session encryption key for the mediated reality listener in response to the performance of the attestation procedure. 7. The computing device of claim 1 , wherein to generate the aggregated mediated reality content comprises to generate, by the trusted execution environment of the computing device, the aggregated mediated reality content based on the protected mediated reality content. 8. The computing device of claim 1 , further comprising a feedback module to: receive feedback data from the mediated reality listener, wherein the feedback data is generated by one or more feedback sensors of the mediated reality listener, and wherein the feedback data is protected by a back-channel encryption key; wherein the key management module is further to securely provision the back-channel encryption key to the mediated reality listener in response to the performance of the attestation procedure. 9. The computing device of claim 8 , wherein the feedback module is further to modify the aggregated mediated reality content based on the feedback data in response to receipt of the feedback data from the mediated reality listener. 10. The computing device of claim 8 , wherein the feedback data is indicative of an emotion of a user of the mediated reality listener. 11. The computing device of claim 8 , wherein the feedback module is further to aggregate the feedback data with feedback data received from one or more other mediated reality listeners to generate aggregated feedback data. 12. The computing device of claim 1 , wherein to securely send the aggregated mediated reality content to the mediated reality listener comprises to: encrypt the aggregated mediated reality content with a mash-up content key to generate encrypted aggregated mediated reality content; encrypt the mash-up content key with the session encryption key to generate an encrypted mash-up content key; and send the encrypted aggregated mediated reality content and the encrypted mash-up content key to the mediated reality listener. 13. The computing device of claim 1 , wherein the communication module is further to receive the protected mediated reality content and the associated plurality of licenses from the plurality of mediated reality creators, wherein the protected mediated reality content is encrypted and wherein each of the plurality of licenses defines one or more content usage restrictions for the associated protected mediated reality content. 14. A method for secure mediated reality content publishing, the method comprising: performing, by a computing device, an attestation procedure with a mediated reality listener based on a pre-provisioned attestation credential of the mediated reality listener; securely provisioning, by the computing device, a session encryption key to the mediated reality listener in response to performing the attestation procedure; generating, by the computing device, aggregated mediated reality content based on protected mediated reality content received from each of a plurality of mediated reality creators; generating, by a trusted execution environment of the computing device, a first license associated with the aggregated mediated reality content based on a plurality of licenses associated with the protected mediated reality content, wherein the first license defines one or more content usage restrictions for the aggregated mediated reality content; and securely sending, by the computing device, the aggregated mediated reality content and the first license to the mediated reality listener, wherein the aggregated mediated reality content is protected by the session encryption key. 15. The method of claim 14 , wherein generating the aggregated mediated reality content comprises generating, by the trusted execution environment of the computing device, the aggregated mediated reality content based on the protected mediated reality content. 16. The method of claim 14 , further comprising: securely provisioning, by the computing device, a back-channel encryption key to the mediated reality listener in response to performing the attestation procedure; and receiving, by the computing device, feedback data from the mediated reality listener, wherein the feedback data is generated by one or more feedback sensors of the mediated reality listener, and wherein the feedback data is protected by the back-channel encryption key. 17. The method of claim 16 , further comprising modifying, by the computing device, the aggregated mediated reality content based on the feedback data in response to receiving the feedback data from the mediated reality listener. 1
Assignees
Inventors
Classifications
Rights Management (protecting software against unauthorised usage in a vending or licensing environment G06F21/10; security in data switching network management H04L41/28; security management or policies for network security H04L63/20; access security in wireless networks H04W12/08) · CPC title
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
applying multi-factor authentication · CPC title
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption (cryptographic mechanisms or cryptographic arrangements using a plurality of keys or algorithms H04L9/14) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10581815B2 cover?
- Technologies for secure mediated reality content publishing includes one or more mediated reality servers, multiple mediated reality listeners, and multiple mediated reality creators. The mediated reality server performs an attestation procedure with each listener based on a pre-provisioned attestation credential of that listener and provisions a session encryption key to each validated listene…
- Who is the assignee on this patent?
- Intel Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L63/061. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 03 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).