Network content access control

US 20030233554A1
Filed: 09/30/2002
Published: 12/18/2003
Est. Priority Date: 04/09/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method for preventing unauthorized access by a requester to data sent via computer networks, comprising:

a) requesting, from a requesting computer, access to data from a first server;

at said first server;

b) determining if said request is a valid request;

c) receiving a ticket from a ticket server;

if said request is a valid request;

d) providing said ticket identifying said requestor to a second server wherein said data is stored;

e) directing said requesting computer to request access to said data from said second server;

at said second server;

f) receiving said request from said requesting computer;

g) verifying said ticket as identifying said requester; and

h) sending said data to said requesting computer in response to said request.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for preventing unauthorized access by a requester to data sent via computer networks, including a) requesting, from a requesting computer, access to data from a first server, at the first server b) determining if the request is a valid request, c) receiving a ticket from a ticket server, if the request is a valid request d) providing the ticket identifying the requestor to a second server the data is stored, e) directing the requesting computer to request access to the data from the second server, at the second server f) receiving the request from the requesting computer, g) verifying the ticket as identifying the requester, and h) sending the data to the requesting computer in response to the request.

Citations

40 Claims

1. A method for preventing unauthorized access by a requester to data sent via computer networks, comprising:
- a) requesting, from a requesting computer, access to data from a first server;
  
  at said first server;
  
  b) determining if said request is a valid request;
  
  c) receiving a ticket from a ticket server;
  
  if said request is a valid request;
  
  d) providing said ticket identifying said requestor to a second server wherein said data is stored;
  
  e) directing said requesting computer to request access to said data from said second server;
  
  at said second server;
  
  f) receiving said request from said requesting computer;
  
  g) verifying said ticket as identifying said requester; and
  
  h) sending said data to said requesting computer in response to said request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A method according to claim 1 wherein said requesting computer is a client computer.
  - 3. A method according to claim 1 wherein said second server is either of a proxy server and a cache server.
  - 4. A method according to claim 1 wherein said data is encrypted and wherein said providing step d) further comprises said first server providing a decryption key to said second server for decrypting said data.
  - 5. A method according to claim 1 wherein said-data is encrypted and wherein providing step d) further comprises said ticket server providing a decryption key to said second server for decrypting said data.
  - 6. A method according to claim 1 wherein said providing step d) further comprises providing said ticket to said second server by way of said client computer.
  - 7. A method according to claim 6 and further comprising said client computer locating said second server using a search engine.
  - 8. A method according to claim 1 wherein said verifying step g) further comprises:
    - i) sending said ticket to said ticket server for validation; and
      
      j) receiving a communication from said ticket server validating said ticket.
  - 9. A method according to claim 1 wherein said sending step h) further comprises embedding a marking into said data prior to sending said data to said client computer.
  - 10. A method according to claim 9 wherein said marking is a digital watermark.
  - 11. A method according to claim 9 wherein said marking is a personalized marking for said requestor.

12. A method for preventing unauthorized transfer of data sent via computer networks, the method comprising the steps of:
- instructing a first server to send content to a second server;
  
  notifying a ticket server of said instructions;
  
  validating said instructions at said ticket server;
  
  if said instructions are valid;
  
  notifying either of said servers that said instructions are valid;
  
  sending said content from said first server to said second server;
  
  if said instructions are invalid;
  
  notifying either of said servers that said instructions are invalid;
  
  performing any of;
  
  ignoring said instructions;
  
  corrupting said content; and
  
  discarding said content.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 13. A method according to claim 12 and further comprising the steps of:
    - embedding a marking into said data;
      
      checking the validity of said marking at either of said servers; and
      
      if said marking is invalid, performing any of;
      
      ignoring said instructions;
      
      corrupting said content; and
      
      discarding said content.
  - 14. A method according to claim 12 wherein said validating step comprises validating said instructions in accordance with a policy.
  - 15. A method according to claim 14, wherein said policy is comprised in a distribution policy table.
  - 16. A method according to claim 15, said distribution policy table comprising predetermined distribution parameters.
  - 17. A method according to claim 16, table said validating step comprises validating said instructions by comparing parameters of said instructions with said distribution parameters of said distribution policy table.
  - 18. A method according, to claim 16, wherein said predetermined distribution parameters comprise approved times for providing content.
  - 19. A method according to claim 16, wherein said predetermined distribution parameters comprise approved regions for providing content.
  - 20. A method according to claim 16, wherein said predetermined distribution parameters comprise approved distribution portals.
  - 21. A method according to claim 16, wherein said predetermined distribution parameters comprise approved users.
  - 22. A method according to claim 16, wherein said predetermined distribution parameters comprise non-approved distribution portals.
  - 23. A method according to claim 16, wherein said predetermined distribution parameters comprise non-approved users.
  - 24. A method according to claim 16, wherein said predetermined distribution parameters comprise different parameters for content items from different content sources.
  - 25. A method according to claim 16, wherein said predetermined distribution parameters comprise different parameters for different content items.
  - 26. A method according to claim 16, wherein said predetermined distribution parameters comprise a requirement for an endpoint rights protection scheme.
  - 27. A method according to claim 13 wherein said embedding step comprises embedding any of an identification unique to said first server, an identification unique to said second server, routing information, and rule-based information.
  - 28. A method according to claim 12 and further comprising:
    - said first server receiving an encryption key from said ticket server; and
      
      encrypting said content using said encryption key.
  - 29. A method according to claim 28 and further comprising:
    - said second server receiving a decryption key from either of said first server and said ticket server; and
      
      decrypting said content using said decryption key.

30. A data transfer validation server for validating a request for data transfer, the server comprising:
- a request input for receiving a request from a distribution server to distribute data from said distribution server to a requesting client, a distribution parameter table comprising predetermined distribution parameters, a comparator for comparing said request against said predetermined distribution parameters, a verifier connected to said comparator for verifying said request, at least partly in accordance with an output of said comparator, and a ticket issuer for issuing ticket data indicating acceptance of said request.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 31. A data transfer validation server according to claim 30, wherein said predetermined distribution parameters comprise approved times for providing content.
  - 32. A data transfer validation server according to claim 30, wherein said predetermined distribution parameters comprise approved regions for providing content.
  - 33. A data transfer validation server according to claim 30, wherein said predetermined distribution parameters comprise approved distribution portals.
  - 34. A data transfer validation server according to claim 30, wherein said predetermined distribution parameters comprise approved users.
  - 35. A data transfer validation server according to claim 30, wherein said predetermined distribution parameters comprise non-approved distribution portals.
  - 36. A data transfer validation server according to claim 30, wherein said predetermined distribution parameters comprise non-approved users.
  - 37. A data transfer validation server according to claim 30, wherein said predetermined distribution parameters comprise different parameters for content items from different content sources.
  - 38. A data transfer validation server according to claim 30, wherein said predetermined distribution parameters comprise different parameters for different content items.
  - 39. A data transfer validation server according to claim 30, wherein said predetermined distribution parameters comprise a requirement for an endpoint rights protection scheme.
  - 40. A data transfer validation server according to claim 30, said predetermined distribution parameters being user specifiable.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vidius, Inc. (Francisco Partners Management LLC)
Original Assignee
Vidius, Inc. (Francisco Partners Management LLC)
Inventors
Litai, Assaf, Peled, Ariel

Application Number

US10/240,151
Publication Number

US 20030233554A1
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

G06F 21/6209   to a single file or object,...

G06F 2221/2115   Third party

H04L 63/0807   using tickets, e.g. Kerbero...

Network content access control

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Network content access control

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links