Method for certifying and verifying digital web content using public cryptography

US 20030158823A1
Filed: 04/24/2003
Published: 08/21/2003
Est. Priority Date: 02/14/2000
Status: Active Grant

First Claim

Patent Images

1. A method of verifying an item of digital content (412, 416), the method comprising the steps of:

providing, at a first time, an item of digital content (412, 416) to a verifying program (420);

the verifying program (420) performing verification of the item of digital content (412, 416); and

the verifying program (420) presenting a message (712, 724) to a user indicating whether the item of digital content (412, 416) is verified or not;

characterised in that;

the user provides, at a second time earlier than the first time, a data item (502) to the verifying program (420), the verifying program (420) stores the data item (502), and the data item (502), or data derived from the data item (502), is included in the message (712, 724) to indicate to the user that the item of digital content (412, 416) was verified by the verifying program (420).

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is provided a method of, computer programs for and apparatus for providing and accessing digital content such as a news item. A news provider generates a news item, creates a digitally signed version of the news item and packages them together with a digital certificate issued by a certificate authority containing the public key required to decrypt the digitally signed version. The package is posted to a server and is transmitted, or made available or transmission, over a public data network together with a computer program for verifying the news item. A receiving party receives, over the public data network, the package at a client device and is provided with means for launching, and if necessary first downloading, the verifying program. The verifying program uses the public key contained in the certificate to verify the digitally signed news item. Before being first used to verify a news item, the verifying program receives a shared secret from the receiving party which is stored locally to the client device and is used by the verifying program to confirm that it performed the verification process.

67 Citations

View as Search Results

48 Claims

1. A method of verifying an item of digital content (412, 416), the method comprising the steps of:
- providing, at a first time, an item of digital content (412, 416) to a verifying program (420);
  
  the verifying program (420) performing verification of the item of digital content (412, 416); and
  
  the verifying program (420) presenting a message (712, 724) to a user indicating whether the item of digital content (412, 416) is verified or not;
  
  characterised in that;
  
  the user provides, at a second time earlier than the first time, a data item (502) to the verifying program (420), the verifying program (420) stores the data item (502), and the data item (502), or data derived from the data item (502), is included in the message (712, 724) to indicate to the user that the item of digital content (412, 416) was verified by the verifying program (420).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method according to claim 1, wherein the verifying program (420) is received over a public data network by a client device and is executed on the client device.
  - 3. A method according to claim 2, wherein the item of digital content (412, 416) is received over a public data network by the client device together with user interface component (704) for commencing execution of the verifying program (420).
  - 4. A method according to any of claims 2 to 3, wherein the item of digital content (412, 416) is displayed by the client device using a browser, and the verifying program (420) is a plug-in for said browser.
  - 5. A method according to any of claims 2 to 4, wherein the data item (502) provided by the user is stored locally to the client device.
  - 6. A method according to any of claims 1 to 5, wherein the data item (502) is stored in an encrypted format.
  - 7. A method according to any of claims 1 to 6, wherein the item of digital content (412, 416) comprises a news item.
  - 8. A method according to any of claims 1 to 7, wherein the verifying program (420) is provided with an encrypted version of the item of digital content (412, 416) and, to verify the item of digital content (412, 416), the verifying program (420) decrypts the encrypted version and compares the result to the item of digital content (412, 416).
  - 9. A method according to any of claims 1 to 7, wherein the verifying program (420) is provided with a digital signature of the item of digital content (412, 416) and, to verify the item of digital content (412, 416), the verifying program (420) decrypts the digital signature and compares the result to the item of digital content (412, 416).
  - 10. A method according to any of claims 1 to 7, wherein the item of digital content (412, 416) is provided in encrypted form only and, to verify the item of digital content (412, 416), the verifying program (420) decrypts the item of digital content (412, 416).

11. A computer program (420) for verifying an item of digital content (412, 416), the computer program (420) being arranged to:
- receive, at a first time, an item of digital content (412, 416);
  
  verify the item of digital content (412, 416); and
  
  present a message (712, 724) to the user indicating whether the item of digital content (412, 416) is verified or not;
  
  characterised in that;
  
  the computer program (420) is arranged to query, at a second time earlier than the first time, a user for a data item (502), and to store the data item (502), and in that the data item (502), or data derived from the data item (502), is included in the message (712, 724) to indicate to the user that the item of digital content (412, 416) was verified by the computer program (420).
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 12. A computer program (420) according to claim 11, adapted to be receivable over a public data network by a client device and executable on the client device.
  - 13. A computer program (420) according to claim 12, wherein the item of digital content (412, 416) is received over a public data network by the client device together with user interface component (704) for commencing execution of the computer program (420).
  - 14. A computer program (420) according to any of claims 12 to 13, being a plug-in for a browser.
  - 15. A computer program (420) according to any of claims 12 to 14, wherein the data item (502) obtained from the user is stored locally to the client device.
  - 16. A computer program (420) according to any of claims 11 to 15, wherein the data item (502) is stored in an encrypted format.
  - 17. A computer program (420) according to any of claims 11 to 16, wherein the item of digital content (412, 416) comprises a news item.
  - 18. A computer program (420) according to any of claims 11 to 17, arranged to receive an encrypted version of the item of digital content (412, 416) and to verify the item of digital content (412, 416) by decrypting the encrypted version and comparing the result with the item of content.
  - 19. A computer program (420) according to any of claims 11 to 17, arranged to receive a digital signature of the item of digital content (412, 416) and to verify the item of digital content (412, 416) by decrypting the digital signature and comparing the result with the item of digital content (412, 416).
  - 20. A computer program (420) according to any of claims 11 to 17, arranged to receive the item of digital content (412, 416) in encrypted form only and to verify the item of digital content (412, 416) by decrypting the item of digital content (412, 416).
  - 21. A method of providing a user with a verifiable item of digital content (412, 416), the method comprising the following step:
    - transmitting, over a data network, an item of digital content (412, 416) and a computer program (420) for verifying the item of digital content (412, 416) as defined in any of claims 11 to 20.
  - 22. A method according to any of claims 21, wherein the item of digital content (412, 416) and the computer program (420) are transmitted independently over the data network.

23. A method of providing a user with a verifiable item of digital content (412, 416), the method comprising the following steps:
- displaying, on a display of a client device, an item of digital content (412, 416);
  
  characterised by;
  
  displaying, on the display of the client device, a user interface, operable by a user of the client device to commence execution, at the client device, of a computer program (420) for verifying the item of digital content (412, 416).
- View Dependent Claims (24, 25, 29)
- - 24. A method according to claim 23, wherein upon operation of the user interface for commencing execution of the verifying program (420) by a user, a computer program associated with the user interface determines whether the verifying program (420) is stored locally to the client device and, if not, arranges for the retrieval, over a data network, of the verifying program (420) to the client device.
  - 25. A method according to claim 23 or 24, wherein the verifying program (420) is arranged to:
    - receive, at a first time, the item of digital content (412, 416);
      
      verify the item of digital content (412, 416);
      
      present a message (712, 724) to the user indicating whether the item of digital content (412, 416) is verified or not;
      
      query, at a second time earlier than the first time, a user for a data item (502);
      
      store the data item (502), and include the data item (502), or data derived from the data item (502), in the message (712, 724) to indicate to the user that the item of digital content (412, 416) was verified by the verifying program (420).
  - 29. A method according to any of claims 25 to 28, wherein the means for execution comprises an element of a display screen including, or associated with, said content.

26. One or more data packages comprising:
- data representing an item of digital content (412, 416), capable of being displayed on the display of a client device;
  
  characterised in that;
  
  the one or more data packages comprise data representing a user interface, displayable on the display of the client device, and operable by a user of the client device to commence execution, at the client device, of a computer program (420) for verifying the item of digital content (412, 416).
- View Dependent Claims (27, 28)
- - 27. One or more data packages according to claim 26, comprising a computer program associated with the user interface and arranged to determine, upon operation of the user interface, whether the verifying program (420) is stored locally to the client device, and, if not, to arrange for the retrieval, over a data network, of the verifying program (420) to the client device.
  - 28. One or more data packages according to claim 26 or 27, wherein the verifying program (420) is arranged to:
    - receive, at a first time, the item of digital content (412, 416);
      
      verify the item of digital content (412, 416);
      
      present a message (712, 724) to the user indicating whether the item of digital content (412, 416) is verified or not;
      
      query, at a second time earlier than the first time, a user for a data item (502);
      
      store the data item (502), and include the data item (502), or data derived from the data item (502), in the message (712, 724) to indicate to the user that the item of digital content (412, 416) was verified by the verifying program (420).

30. A data package comprising content and means for commencing execution of a computer program for verifying the content, said means being operable by a user of a client device receiving the data package.
- View Dependent Claims (31, 32, 33)
- - 31. A data package according to claim 30, wherein the means for commencing execution of the verifying program comprises means for first checking whether the verifying program is already stored locally to the client device and, if not, means for receiving, over a public data network, the verifying program at the client device.
  - 32. A data package according to claim 30 or 31, wherein said verifying program receives data from a user of the client device and said data is used by the verifying program to indicate to the user that the content was verified by the verifying program.
  - 33. A data package according to any of claims 30 to 32, wherein the content comprises a news item.

34. A method of providing a news item over a public data network comprising the following steps:
- a) producing a news item;
  
  b) digitally signing the news item;
  
  c) transmitting the signed news item over the public data network, or making the signed news item available for transmission over the public data network.
- View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42)
- - 35. A method according to claim 34, comprising the further step:
    - d) transmitting the over the public data network, or making available for transmission over the public data network, a computer program for verifying the news item.
  - 36. A method according to claim 35 wherein said verifying program receives data from a user and said data is used by the verifying program to indicate to the user that the news item was verified by the verifying program.
  - 37. A method according to claim 36, wherein the news item and verifying program are transmitted independently, or made available for transmission independently, over the public data network.
  - 38. A method according to claims 36 or 37, wherein the verifying program is received over the public data network by a client device and said verifying program is executed on said client device.
  - 39. A method according to claim 40, wherein the news item is received over the public data network by the client device together with means for commencing execution of the verifying program.
  - 40. A method according to claim 38 or 39, wherein the news item is displayed by the client device using a browser, and the verifying program is a plug-in for said browser.
  - 41. A method according to any of claims 38 to 40, wherein the data is stored locally to the client device.
  - 42. A method according to any of claims 36 to 41, wherein the data is stored in an encrypted format.

43. A method of accessing a news item over a public data network comprising the following steps:
- a) receiving a digitally signed news item at a client device;
  
  b) verifying the news item using a computer program.
- View Dependent Claims (44, 45, 46, 47)
- - 44. A method according to claim 43 wherein the verifying program is received at said client device prior to performing step b), and said verifying program is executed on said client device.
  - 45. A method according to claim 44, wherein said verifying program receives data from a user and said data is used by the verifying program to indicate to the user that the content was verified by the verifying program.
  - 46. A method according to any of claims 43 to 45, wherein the content is received by the client device together with means for commencing execution of the verifying program.
  - 47. A method according to any of claims 43 to 46, wherein the content is displayed by the client device using a browser, and the verifying program is a plug-in for said browser.

48. A method of providing content over a public data network comprising the following steps:
- a) producing the content;
  
  b) digitally signing the content;
  
  c) transmitting the signed content over the public data network, or making the signed content available for transmission over the public data network;
  
  d) transmitting a computer program for verifying the content over the public data network, or making the verifying program available for transmission over the public data network, said verifying program being separate from and transmissible independently of the signed content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Refinitiv US Organization, LLC (Refinitiv US Holdings, Inc.)
Original Assignee
Reuters Limited (The Woodbridge Co. Ltd.)
Inventors
Wu, Hui, Butler, James Matthew, parrott, David, Curtis, Mark Anthony, Fulton, Nicholas, Whitehead, Miles Jonathan

Granted Patent

US 8,352,379 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/75
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 2211/008   Public Key, Asymmetric Key,...

G06F 2221/2115   Third party

H04L 9/3247   involving digital signatures

Method for certifying and verifying digital web content using public cryptography

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

67 Citations

48 Claims

Specification

Solutions

Use Cases

Quick Links

Method for certifying and verifying digital web content using public cryptography

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

48 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links