1. Field of the Invention
The present invention relates generally to controlling access to digital content and, more particularly, to ticket-based systems and methods for limiting access to streaming media, wherein the ticket is based, in part, on a time component.
2. Description of Related Art
With the advent of the Internet and the World Wide Web, an industry has developed around the delivery of digital content, such as streaming media content. By way of example, streaming media may be used for any of a number of purposes, including entertainment, distance learning and corporate purposes. Entertainment companies stream movies and sporting events, distance learning companies stream educational content, and corporations stream training materials.
With many such uses of streaming media, controlling access to the content is imperative. For example, entertainment companies may charge end users for each viewing of an item of streaming media, referred to in the entertainment vernacular as “pay-per-view.” Similarly, distance learning companies charge students for access to on-line educational courses, and thus for access to streaming media. Corporate content is often confidential, and thus also requires controlled access.
Accordingly, systems have been developed to limit access to streaming media. The current industry standard for limiting access to streaming content involves the streaming media server authenticating end users before providing the streaming media content. More specifically, the streaming media server typically includes a software plug-in of compiled code that contains the logic for determining whether or not to grant access to the streaming media. Such an authentication plug-in, however, is often complicated and difficult to develop and maintain. For example, if the need arises to change to logic for granting access to the streaming media content, altering the compiled plug-in on the streaming media server is difficult. Furthermore, with all of the logic residing at the streaming media server, the streaming media server must have direct access to a database or distributed message passing service. Moreover, even in instances where validates a particular end user as being authorized to access the streaming media content, such end user is often able to circumvent the authorization process by sharing its access with unauthorized end users. Such sharing of access may take many forms, including the sharing of usernames and passwords of links to the content. Similar problems exist with systems used for controlling access to other forms of digital content. Accordingly, a need exists for an improved system and method for controlling access to digital content, particularly streaming media content, and authorizing end users.
3. Summary of the Invention
The present inventions solves this and other needs by providing a system and method for controlling access to digital content, such as audio, visual, video, textual and streaming media. One system and method according to the present invention controls access to streaming media and includes a web server, media server and end user processor, such as a personal computer, coupled to a network.
In operation, the web server cryptographically generates a ticket in response to an end user's request for access to a file. The ticket is based, at least in part, on a time at or near when the ticket is generated. In certain embodiments, the ticket is based on additional information, including, for example, a security time interval, or an identifier of the end user.
Prior to a media server providing access to the requested file, the media server generates an authorization ticket, preferably using the same cryptographic algorithm as the web server. The media server authorization ticket is based, at least in part, on a time at or near when the media server receives the request for access to the file. The media server determines whether to grant access to the file by comparing the ticket, as generated by the web server, to the ticket, as generated by the media server.
In one embodiment, if the tickets do not match, then the time at which the web server generated the ticket differs from the time at which the media server generated the ticket by more than a predetermined amount, and the ticket can be logically thought to have “expired.” Accordingly, the media server does not grant access to the media content. If the tickets match, then the tickets were generated within an authorized time interval, and the media server grants the end user access to the requested media content.