1. Technical Field
The present invention relates to a system and method for digital content player with secure processing vault. More particularly, the present invention relates to a system and method for decrypting and decoding encrypted/encoded digital content within a hardware-based secure environment.
2. Description of the Related Art
As high-definition entertainment content becomes widely available, digital content owners are increasingly concerned with piracy. Although the digital content owners wish to expand into new distribution channels, such as the Internet, the digital content owners are understandably concerned with losing distribution control and, as a result, losing revenue.
Many protocol and software-level content protection technologies exist that facilitate seller-to-buyer digital content transfer. A challenge found with these technologies, however, is that they do not take into account platform system security. Even with copy protection technologies in place, digital content may be “stolen” in an unsecured system platform.
System security has traditionally been based upon an operating system correctly granting access. Thus, from a theoretical perspective, the operating system should prevent a malicious client's attempts to access the digital content. In practice, however, malicious clients have found means to circumvent this protection scheme and gain access to digital content. For example, a malicious client may use buffer overflow to gain operating system control and, therefore, access the digital content. As a result of this lack of system security, digital content owners are concerned with a system's ability to control digital content distribution.
Existing art attempts to solve a system's lack of security by using virtualization technology, which places a “digital content player” within a separate partition. A challenge found with this approach, however, is that the digital content player is still vulnerable to software-based attacks because the separate partitioning relies upon the corresponding hypervisor code's integrity.
Typically, digital content is first encoded (or compressed) and then encrypted, which is the primary control point for content protection against piracy. To play back the content, it must be decrypted first and then decoded. One approach to recover the digital content from its encrypted/encoded format is to decrypt the digital content within a secure environment and decode the digital content within a non-secure environment. A challenge with this approach, however, is that the most valuable form of the digital content, which is decrypted but still encoded, resides in a non-secure environment and available to malicious clients.
What is needed, therefore, is a system and method for decrypting and decoding encrypted/encoded digital content within a hardware-based secure environment.