Content providers such as those that provide audio and/or video data in the form of data streams, application vendors that provide applications to render such data, and others often desire to protect such data from being ascertained, used or otherwise rendered by unauthorized entities. Such protection is typically desired from the point where the data resides, in some protected form and on some type of readable medium, along the chain of components that will handle or otherwise process such data, up to and including both the physical output connector that the data to a device such as a display or speakers, as well as these devices themselves.
As an example, consider FIG. 1 which illustrates, at a high level, an exemplary system 10 into which protected content 12, e.g. compressed and encrypted content, can be received and processed. In this example, protected content 12 is provided into a consumer device 14 such as a personal computer. Within the consumer device, an application 16 typically processes the protected content by, for example, using a decryption component 18 to decrypt the content and a decoder component 20 to decode or decompress the content. Once the content is decoded, it can typically undergo some processing, after which time the processed content is provided to a renderer component 22 which then ensures that the data is provided to a device, such as a display 24 (in the case of video data) and/or speakers 26 (in the case of audio data).
In this system, in order for the data to get to the appropriate hardware device such as the display or speaker, the data has to transit some type of bus, such as a PCI/AGP bus, and then has to travel through a physical connector and over a cable, such as an S-Video cable or a DVI cable.
Over time, various different types of content protection schemes and technologies have been developed and employed to protect the content when, for example, the content is decrypted within the consumer device 14 and then provided to an output device such as a display or speakers. These protection schemes and technologies are as varied as the different kinds of audio and video data. In addition, and perhaps what is most important is that today, there is no way for an application to securely control the behavior of collections of these various different types of content protection schemes and technologies.
More specifically, consider the chain of components that process data that is to be ultimately rendered on a hardware device. As will be appreciated by the skilled artisan, there are different layers of components that touch or otherwise have access to this data and associated communications from the application while the data and the communications are in the chain. For example, the application typically does not communicate directly to the hardware that is to render the data. Rather, there is typically a software stack in the user mode with which the application communicates, and then a driver stack in the kernel mode below the user mode software stack that actually communicates with the hardware. Effectively, any one of these components in the chain can actually tamper with the data and/or communications being passed along the chain.
Accordingly, this invention arose out of concerns associated with providing secure channels for both communications and data to flow from the application to downstream components.