Rights-based system
First Claim
Patent Images
1. A computer-implemented method for conducting an anonymous transaction, the method comprising:
- receiving a first rights object representing a right to access a first protected resource, the first protected resource corresponding to a first entity;
transmitting a request for a first access token to at least one of a plurality of instances of a first component, the request for the first access token including a copy of the first rights object;
receiving the first access token from the at least one of the instances of the first component in response to validation of the copy of the first rights object, the first access token including a refresh value generated and stored to an instance of a database by the at least one of the instances of the first component;
updating the first rights object with the refresh value, thereby invalidating other existing copies of the first rights object;
storing the first rights object for a second entity;
transmitting a request to access the first protected resource to a second component, the request to access the first protected resource including the first access token; and
accessing the first protected resource in response to validation of the first access token by the second component, thereby effecting transfer of ownership of the first protected resource from the first entity to the second entity without reference to identity information specifically identifying the first entity.
0 Assignments
0 Petitions
Accused Products
Abstract
A rights-based system is described in which vouchers are employed for creating, managing, distributing, and redeeming rights in digital contexts. A voucher is a digital, possession-based rights representation. An authorization component of the system validates the vouchers and issues corresponding tokens. Access to digital resources is provided in response to presentation of the tokens which are validated by matching voucher refresh values to corresponding values maintained by the system. New refresh values are generated and inserted in the vouchers each time they are redeemed.
-
Citations
18 Claims
-
1. A computer-implemented method for conducting an anonymous transaction, the method comprising:
-
receiving a first rights object representing a right to access a first protected resource, the first protected resource corresponding to a first entity; transmitting a request for a first access token to at least one of a plurality of instances of a first component, the request for the first access token including a copy of the first rights object; receiving the first access token from the at least one of the instances of the first component in response to validation of the copy of the first rights object, the first access token including a refresh value generated and stored to an instance of a database by the at least one of the instances of the first component; updating the first rights object with the refresh value, thereby invalidating other existing copies of the first rights object; storing the first rights object for a second entity; transmitting a request to access the first protected resource to a second component, the request to access the first protected resource including the first access token; and accessing the first protected resource in response to validation of the first access token by the second component, thereby effecting transfer of ownership of the first protected resource from the first entity to the second entity without reference to identity information specifically identifying the first entity. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method for conducting an anonymous transaction, the method comprising:
-
transmitting a first rights object from a first wallet component associated with a first entity to a second wallet component associated with a second entity, the first rights object representing a right to access a first protected resource, the right to access the first protected resource being owned by the first entity; transmitting a request for a first access token from the second wallet component to at least one of a plurality of instances of a first component, the request for the first access token including a copy of the first rights object; validating the copy of the first rights object using the at least one instance of the first component; generating and storing a refresh value to an instance of a database using the at least one instance of the first component; transmitting the first access token and the refresh value from the at least one instance of the first component to the second wallet component; updating the first rights object with the refresh value, thereby invalidating other existing copies of the first rights object, and thereby effecting transfer of ownership of the right to access the first protected resource from the first entity to the second entity without reference to identity information specifically identifying the first entity; storing the first rights object using the second wallet component; transmitting a request to access the first protected resource from the second wallet component to a second component, the request to access the first protected resource including the first access token; validating the first access token using the second component; and accessing the first protected resource using the second wallet component. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer-implemented method for conducting an anonymous transaction, the method comprising:
-
receiving, with at least one instance of a first component, a request for a first access token, the request for the first access token including a copy of a first rights object, the first rights object representing a right to access a first protected resource, the right to access the first protected resource being owned by a first entity; validating the copy of the first rights object using the at least one instance of the first component; generating and storing a refresh value in an instance of a database using the at least one instance of the first component; transmitting the first access token and the refresh value from the at least one instance of the first component to a wallet component associated with a second entity, the refresh value being for use by the wallet component associated with the second entity in updating the first rights object, thereby invalidating other existing copies of the first rights object, and thereby effecting transfer of ownership of the right to access the first protected resource from the first entity to the second entity without reference to identity information specifically identifying the first entity; receiving, with a second component, a request from the wallet component associated with the second entity to access the first protected resource, the request to access the first protected resource including the first access token; validating the first access token using the second component; and providing access by the wallet component associated with the second entity to the first protected resource. - View Dependent Claims (15, 16, 17, 18)
-
Specification