System for controlling access and distribution of digital property
First Claim
1. A method of controlling access to data comprising the steps of:
- protecting portions of the data;
determining rules concerning access rights to the data;
preventing unauthorized access to the protected portions of the data other than in a non-useable form; and
limiting each and every access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection.
20 Assignments
0 Petitions
Accused Products
Abstract
A method and device are provided for controlling access to data. Portions of the data are protected and rules concerning access rights to the data are determined. Access to the protected portions of the data is prevented, other than in a non-useable form; and users are provided access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. A method is also provided for distributing data for subsequent controlled use of those data. The method includes protecting portions of the data; preventing access to the protected portions of the data other than in a non-useable form; determining rules concerning access rights to the data; protecting the rules; and providing a package including: the protected portions of the data and the protected rules. A user is provided controlled access to the distributed data only in accordance with the rules as enforced by a mechanism protected by tamper protection. A device is provided for controlling access to data having protected data portions and rules concerning access rights to the data. The device includes means for storing the rules; and means for accessing the protected data portions only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data.
137 Citations
80 Claims
-
1. A method of controlling access to data comprising the steps of:
-
protecting portions of the data;
determining rules concerning access rights to the data;
preventing unauthorized access to the protected portions of the data other than in a non-useable form; and
limiting each and every access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. - View Dependent Claims (7, 8, 9, 14, 15, 16, 17, 18, 19, 21, 22, 28)
-
-
2. A method of distributing data for subsequent controlled use of the data by a user, the method comprising the steps of:
-
protecting portions of the data;
preventing access to the protected portions of the data other than in a non-useable form;
determining rules concerning access rights to the data;
protecting the rules; and
providing the protected portions of the data and the protected rules;
whereby the user is provided controlled access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. - View Dependent Claims (10, 11, 12, 13, 24, 25, 26, 27)
-
-
3. A method of distributing data for subsequent controlled use of the data by a user, some of said data having access rules already associated therewith, the method comprising the steps of:
-
protecting portions of the data;
preventing access to the protected portions of the data other than in a non-useable form;
determining rules concerning access rights to the data;
combining determined rules any rules previously associated ;
protecting the combined rules; and
providing the protected portions of the data and the protected combined rules;
whereby the user is provided controlled access to the data only in accordance with the combined rules as enforced by an access mechanism protected by tamper detection.
-
-
4. A method of controlling secondary distribution of data, the method comprising the steps of:
-
protecting portions of the data;
preventing access to the protected portions of the data other than in a non-useable form;
determining rules concerning access rights to the data;
protecting the rules;
providing the protected portions of the data and the protected rules to a device having an access mechanism protected by tamper detection; and
limiting transmission of the protected portions of the data from the device only as protected data or in accordance with the rules as enforced by the access mechanism.
-
-
5. A method of controlling access to data with a computer system having an input/output (i/o) system for transferring data to and from all i/o devices, said i/o system being specific to said computer system, the method comprising the steps of:
-
protecting portions of the data;
determining rules concerning access rights to the data;
preventing access to the protected portions of the data other than in a non-useable form; and
limiting each and every access to the data only in accordance with the rules as enforced by said i/o system. - View Dependent Claims (23)
-
-
6. A method of accessing data having protected data portions and rules concerning access rights to the protected portions, the method comprising the steps of:
-
preventing access to the protected portions other than in a non-useable form; and
limiting each and every access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. - View Dependent Claims (29)
-
-
20. 19, wherein the access control quantities include at least one of:
-
a number of allowed read-accesses to the data;
an allowable size of a read-access to the data;
an expiration date of the data;
an intensity of accesses to the data;
an allowed level of accuracy and fidelity; and
an allowed resolution of access to the data.
-
-
30. A storage device, readable by a machine, tangibly embodying a package of data comprising:
-
protected portions of data; and
rules concerning access rights to the data, whereby a user is provided controlled access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. - View Dependent Claims (57, 58, 59, 60, 61, 62)
-
-
31. A device for controlling access to data, the data comprising protected data portions and rules concerning access rights to the data, the device comprising:
-
storage means for storing the rules; and
means for accessing the protected data portions only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data. - View Dependent Claims (32, 38, 40, 41, 42)
-
-
33. A device for displaying images represented by data comprising protected data portions and rules concerning access rights to the data, the device comprising:
-
a tamper detecting mechanism;
means for storing the rules;
means for accessing the data only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data, said access being enforced by said tamper detecting mechanism; and
means for displaying the images represented by the accessed data. - View Dependent Claims (39, 43)
-
-
34. A device for outputting images represented by data comprising protected data portions and rules concerning access rights to the data, the device comprising:
-
a tamper detecting mechanism;
means for storing the rules;
means for accessing the data only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data, said access being enforced by said tamper detecting mechanism; and
means for outputting the images represented by the accessed data.
-
-
35. A device for outputting an audio signal represented by data comprising protected data portions and rules concerning access rights to the data, the device comprising:
-
a tamper detecting mechanism;
means for storing the rules;
means for accessing the data only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data, said access being enforced by said tamper detecting mechanism; and
means for outputting the audio signal represented by the accessed data.
-
-
36. A device for outputting an output signal based on data comprising protected data portions and rules concerning access rights to the data, the device comprising:
-
a tamper detecting mechanism;
means for storing the rules;
means for accessing the data only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data, said access being enforced by said tamper detecting mechanism; and
means for outputting the output signal represented by the accessed data. - View Dependent Claims (44)
-
-
37. A device for generating an output signal corresponding to data comprising protected data portions and rules concerning access rights to the digital data, the device comprising:
-
a tamper detecting mechanism;
means for storing the rules;
means for accessing the digital data only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data, said access being enforced by said tamper detecting mechanism; and
means for generating the output signal from the accessed data.
-
-
45. A device for distributing data for subsequent controlled use of the data by a user, the device comprising:
-
means for protecting portions of the data;
means for preventing access to the protected portions of the data other than in a non-useable form;
means for determining rules concerning access rights to the data;
means for protecting the rules; and
means providing the protected portions of the data and the protected rules;
whereby a user is provided controlled access to the data only in accordance with the rules as enforced by an access mechanism protected by tamper protection. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
-
-
46. A device for distributing data for subsequent controlled use of the data by a user, some of said data having access rules already associated therewith, the device comprising:
-
means for protecting portions of the data;
means for preventing access to the protected portions of the data other than in a non-useable form;
means for determining rules concerning access rights to the data;
means for combining with said determined rules any rules previously associated with the data;
means for protecting the combined rules; and
means for providing the protected portions of the data and the protected combined rules;
whereby the user is provided controlled access to the data only in accordance with the combined rules as enforced by an access mechanism protected by tamper detection.
-
-
63. A process control system comprising a device for controlling access to data, the data comprising protected data portions and rules concerning access rights to the data, the device comprising:
-
a tamper detecting mechanism;
means for storing the rules; and
means for accessing the protected data portions only in accordance with the rules, whereby output of protected data portions is permitted only in such manner as is permitted by the rules, said accessing being enforced by said tamper detecting mechanism. - View Dependent Claims (80)
-
-
64. A general purpose computer system comprising a device for controlling access to data, the data comprising protected data portions and rules concerning access rights to the data, the device comprising:
-
a tamper detecting mechanism;
storage means for storing the rules; and
means for accessing the protected data portions only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data, said access being enforced by said tamper detecting mechanism. - View Dependent Claims (65, 66, 69)
-
-
67. A computer system comprising:
-
an input/output (i/o) system for transferring data to and from all i/o devices, said i/o system being specific to said computer system;
means for protecting portions of the data;
means for determining rules concerning access rights to the data;
means for preventing access to the protected portions of the data other than in a non-useable form; and
means for limiting each and every access to the data only in accordance with the rules as enforced by said i/o system. - View Dependent Claims (68, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79)
-
Specification