Rights maintenance in a rights locker system for digital content access control

US 20040083370A1
Filed: 10/15/2003
Published: 04/29/2004
Est. Priority Date: 09/13/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method for digital content access control, comprising:

determining digital content to be made accessible via a rights locker;

determining enrollment authentication data;

sending a rights locker enrollment request to a rights locker provider, said rights locker enrollment request comprising a digital content request and said enrollment authentication data;

receiving one or more authenticated rights locker access requests in response to said sending, said one or more authenticated rights locker access requests for subsequent use in accessing digital content associated with said rights locker;

receiving an indication of a selection of one of said one or more authenticated rights locker access requests;

sending said authenticated rights locker access request to a rights locker provider; and

receiving a result in response to said sending said authenticated rights locker access request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Access to digital content may be controlled by determining digital content to be made accessible via a rights locker, determining enrollment authentication data, and sending a rights locker enrollment request to a rights locker provider, where the rights locker enrollment request comprises a digital content request and the enrollment authentication data. One or more authenticated rights locker access requests are received in response to the sending, where the one or more authenticated rights locker access requests are for subsequent use in accessing digital content associated with the rights locker. When an indication of a selection of one of the one or more authenticated rights locker access requests is received, the authenticated rights locker access request is sent to a rights locker provider, and a result is received in response to sending the authenticated rights locker access request.

163 Citations

View as Search Results

88 Claims

1. A method for digital content access control, comprising:
- determining digital content to be made accessible via a rights locker;
  
  determining enrollment authentication data;
  
  sending a rights locker enrollment request to a rights locker provider, said rights locker enrollment request comprising a digital content request and said enrollment authentication data;
  
  receiving one or more authenticated rights locker access requests in response to said sending, said one or more authenticated rights locker access requests for subsequent use in accessing digital content associated with said rights locker;
  
  receiving an indication of a selection of one of said one or more authenticated rights locker access requests;
  
  sending said authenticated rights locker access request to a rights locker provider; and
  
  receiving a result in response to said sending said authenticated rights locker access request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content.
  - 3. The method of claim 1 wherein said enrollment authentication data comprises:
    - rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and
      
      rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker.
  - 4. The method of claim 3 wherein said rights locker access authentication data comprises payment for use of a rights locker service.
  - 5. The method of claim 3 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker.
  - 6. The method of claim 1 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request.
  - 7. The method of claim 1, further comprising storing at least part of said one or more authenticated rights locker access requests in a bookmark on a user device.
  - 8. The method of claim 1 wherein said one or more authenticated rights locker access requests are embedded in a Web cookie.
  - 9. The method of claim 1 wherein said one or more authenticated rights locker access requests are encapsulated in an HTTP Response message.

10. A method for digital content access control, comprising:
- receiving a rights locker enrollment request from a user device associated with a user, said rights locker enrollment request comprising a digital content request and enrollment authentication data;
  
  determining whether said user is authorized, said determining comprising determining the rights of said user to access said rights locker and the rights of said user to digital content specified by said digital content request;
  
  if said user is authorized, initializing said rights locker with rights to said digital content;
  
  obtaining one or more tokens that authenticate future access to a rights locker corresponding to said digital content;
  
  creating one or more authenticated rights locker access requests based at least in part on said one or more tokens;
  
  sending said one or more authenticated rights locker access requests;
  
  receiving an indication of a user selection of one of said one or more authenticated rights locker access requests; and
  
  accessing the contents of said rights locker according to a type of said rights token.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 11. The method of claim 10 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content.
  - 12. The method of claim 10 wherein said enrollment authentication data comprises:
    - rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and
      
      rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker.
  - 13. The method of claim 12 wherein said rights locker access authentication data comprises payment for use of a rights locker service.
  - 14. The method of claim 12 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker.
  - 15. The method of claim 10 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request.
  - 16. The method of claim 10 wherein said determining comprises determining whether said user is entitled to become an enrolled user based at least in part on whether payment for use of the rights locker service succeeds.
  - 17. The method of claim 10 wherein said determining comprises determining whether an enrolled user is entitled to populate said rights locker with rights to said digital content based at least in part on whether payment for said rights succeeds.
  - 18. The method of claim 10 wherein at least part of said one or more authenticated rights locker access requests are for storage in a bookmark on a user device.
  - 19. The method of claim 10, further comprising embedding said one or more authenticated rights locker access requests in a Web cookie before said sending.
  - 20. The method of claim 10, further comprising encapsulating said one or more authenticated rights locker access requests in an HTTP Response message before said sending.

21. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method for digital content access control, the method comprising:
- determining digital content to be made accessible via a rights locker;
  
  determining enrollment authentication data;
  
  sending a rights locker enrollment request to a rights locker provider, said rights locker enrollment request comprising a digital content request and said enrollment authentication data;
  
  receiving one or more authenticated rights locker access requests in response to said sending, said one or more authenticated rights locker access requests for subsequent use in accessing digital content associated with said rights locker;
  
  receiving an indication of a selection of one of said one or more authenticated rights locker access requests;
  
  sending said authenticated rights locker access request to a rights locker provider; and
  
  receiving a result in response to said sending said authenticated rights locker access request.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
- - 22. The program storage device of claim 21 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content.
  - 23. The program storage device of claim 21 wherein said enrollment authentication data comprises:
    - rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and
      
      rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker.
  - 24. The program storage device of claim 23 wherein said rights locker access authentication data comprises payment for use of a rights locker service.
  - 25. The program storage device of claim 23 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker.
  - 26. The program storage device of claim 21 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request.
  - 27. The program storage device of claim 21, said method further comprising storing at least part of said one or more authenticated rights locker access requests in a bookmark on a user device.
  - 28. The program storage device of claim 21 wherein said one or more authenticated rights locker access requests are embedded in a Web cookie.
  - 29. The program storage device of claim 21 wherein said one or more authenticated rights locker access requests are encapsulated in an HTTP Response message.

30. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method for digital content access control, the method comprising:
- receiving a rights locker enrollment request from a user device associated with a user, said rights locker enrollment request comprising a digital content request and enrollment authentication data;
  
  determining whether said user is authorized, said determining comprising determining the rights of said user to access said rights locker and the rights of said user to digital content specified by said digital content request;
  
  if said user is authorized, initializing said rights locker with rights to said digital content;
  
  obtaining one or more tokens that authenticate future access to a rights locker corresponding to said digital content;
  
  creating one or more authenticated rights locker access requests based at least in part on said one or more tokens;
  
  sending said one or more authenticated rights locker access requests;
  
  receiving an indication of a user selection of one of said one or more authenticated rights locker access requests; and
  
  accessing the contents of said rights locker according to a type of said rights token.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 31. The program storage device of claim 30 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content.
  - 32. The program storage device of claim 30 wherein said enrollment authentication data comprises:
    - rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and
      
      rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker.
  - 33. The program storage device of claim 32 wherein said rights locker access authentication data comprises payment for use of a rights locker service.
  - 34. The program storage device of claim 32 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker.
  - 35. The program storage device of claim 30 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request.
  - 36. The program storage device of claim 30 wherein said determining comprises determining whether said user is entitled to become an enrolled user based at least in part on whether payment for use of the rights locker service succeeds.
  - 37. The program storage device of claim 30 wherein said determining comprises determining whether an enrolled user is entitled to populate said rights locker with rights to said digital content based at least in part on whether payment for said rights succeeds.
  - 38. The program storage device of claim 30 wherein at least part of said one or more authenticated rights locker access requests are for storage in a bookmark on a user device.
  - 39. The program storage device of claim 30, said method further comprising embedding said one or more authenticated rights locker access requests in a Web cookie before said sending.
  - 40. The program storage device of claim 30, said method further comprising encapsulating said one or more authenticated rights locker access requests in an HTTP Response message before said sending.

41. An apparatus for digital content access control, comprising:
- means for determining digital content to be made accessible via a rights locker;
  
  means for determining enrollment authentication data;
  
  means for sending a rights locker enrollment request to a rights locker provider, said rights locker enrollment request comprising a digital content request and said enrollment authentication data;
  
  means for receiving one or more authenticated rights locker access requests in response to said sending, said one or more authenticated rights locker access requests for subsequent use in accessing digital content associated with said rights locker;
  
  means for receiving an indication of a selection of one of said one or more authenticated rights locker access requests;
  
  means for sending said authenticated rights locker access request to a rights locker provider; and
  
  means for receiving a result in response to said sending said authenticated rights locker access request.
- View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49)
- - 42. The apparatus of claim 41 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content.
  - 43. The apparatus of claim 41 wherein said enrollment authentication data comprises:
    - rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and
      
      rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker.
  - 44. The apparatus of claim 43 wherein said rights locker access authentication data comprises payment for use of a rights locker service.
  - 45. The apparatus of claim 43 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker.
  - 46. The apparatus of claim 41 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request.
  - 47. The apparatus of claim 41, further comprising means for storing at least part of said one or more authenticated rights locker access requests in a bookmark on a user device.
  - 48. The apparatus of claim 41 wherein said one or more authenticated rights locker access requests are embedded in a Web cookie.
  - 49. The apparatus of claim 41 wherein said one or more authenticated rights locker access requests are encapsulated in an HTTP Response message.

50. An apparatus for digital content access control, comprising:
- means for receiving a rights locker enrollment request from a user device associated with a user, said rights locker enrollment request comprising a digital content request and enrollment authentication data;
  
  means for determining whether said user is authorized, said determining comprising determining the rights of said user to access said rights locker and the rights of said user to digital content specified by said digital content request;
  
  means for if said user is authorized, initializing said rights locker with rights to said digital content;
  
  obtaining one or more tokens that authenticate future access to a rights locker corresponding to said digital content;
  
  creating one or more authenticated rights locker access requests based at least in part on said one or more tokens;
  
  sending said one or more authenticated rights locker access requests;
  
  receiving an indication of a user selection of one of said one or more authenticated rights locker access requests; and
  
  accessing the contents of said rights locker according to a type of said rights token.
- View Dependent Claims (51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
- - 51. The apparatus of claim 50 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content.
  - 52. The apparatus of claim 50 wherein said enrollment authentication data comprises:
    - rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and
      
      rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker.
  - 53. The apparatus of claim 52 wherein said rights locker access authentication data comprises payment for use of a rights locker service.
  - 54. The apparatus of claim 52 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker.
  - 55. The apparatus of claim 50 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request.
  - 56. The apparatus of claim 50 wherein said determining comprises determining whether said user is entitled to become an enrolled user based at least in part on whether payment for use of the rights locker service succeeds.
  - 57. The apparatus of claim 50 wherein said determining comprises means for determining whether an enrolled user is entitled to populate said rights locker with rights to said digital content based at least in part on whether payment for said rights succeeds.
  - 58. The apparatus of claim 50 wherein at least part of said one or more authenticated rights locker access requests are for storage in a bookmark on a user device.
  - 59. The apparatus of claim 50, further comprising means for embedding said one or more authenticated rights locker access requests in a Web cookie before said sending.
  - 60. The apparatus of claim 50, further comprising means for encapsulating said one or more authenticated rights locker access requests in an HTTP Response message before said sending.

61. An apparatus for digital content access control, comprising:
- a memory for storing said digital content; and
  
  a processor configured to;
  
  determine digital content to be made accessible via a rights locker;
  
  determine enrollment authentication data;
  
  send a rights locker enrollment request to a rights locker provider, said rights locker enrollment request comprising a digital content request and said enrollment authentication data;
  
  receive one or more authenticated rights locker access requests in response to said sending, said one or more authenticated rights locker access requests for subsequent use in accessing digital content associated with said rights locker;
  
  receive an indication of a selection of one of said one or more authenticated rights locker access requests;
  
  send said authenticated rights locker access request to a rights locker provider; and
  
  receive a result in response to said sending said authenticated rights locker access request.
- View Dependent Claims (62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77)
- - 62. The apparatus of claim 61 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content.
  - 63. The apparatus of claim 61 wherein said enrollment authentication data comprises:
    - rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and
      
      rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker.
  - 64. The apparatus of claim 63 wherein said rights locker access authentication data comprises payment for use of a rights locker service.
  - 65. The apparatus of claim 63 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker.
  - 66. The apparatus of claim 61 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request.
  - 67. The apparatus of claim 61 wherein said apparatus comprises a smart card.
  - 68. The apparatus of claim 67 wherein said smart card comprises a Java Card™
    - technology-enabled smart card.
  - 69. The apparatus of claim 67 wherein said smart card comprises a CDMA (Code Division Multiple Access) technology-enabled smart card.
  - 70. The apparatus of claim 67 wherein said smart card comprises a SIM (Subscriber Identity Module) card.
  - 71. The apparatus of claim 67 wherein said smart card comprises a WIM (Wireless Interface Module).
  - 72. The apparatus of claim 67 wherein said smart card comprises a USIM (Universal Subscriber Identity Module).
  - 73. The apparatus of claim 67 wherein said smart card comprises a UIM (User Identity Module).
  - 74. The apparatus of claim 67 wherein said smart card comprises a R-UIM (Removable User Identity Module).
  - 75. The apparatus of claim 61 wherein said processor is further configured to store at least part of said one or more authenticated rights locker access requests in a bookmark on a user device.
  - 76. The apparatus of claim 61 wherein said one or more authenticated rights locker access requests are embedded in a Web cookie.
  - 77. The apparatus of claim 61 wherein said one or more authenticated rights locker access requests are encapsulated in an HTTP Response message.

78. An apparatus for digital content access control, comprising:
- a memory for storing one or more rights lockers that describe digital content access rights; and
  
  a processor configured to;
  
  receive a rights locker enrollment request from a user device associated with a user, said rights locker enrollment request comprising a digital content request and enrollment authentication data;
  
  determine whether said user is authorized, said determining comprising determining the rights of said user to access said rights locker and the rights of said user to digital content specified by said digital content request;
  
  if said user is authorized, initialize said rights locker with rights to said digital content;
  
  obtain one or more tokens that authenticate future access to a rights locker corresponding to said digital content;
  
  create one or more authenticated rights locker access requests based at least in part on said one or more tokens;
  
  send said one or more authenticated rights locker access requests;
  
  receive an indication of a user selection of one of said one or more authenticated rights locker access requests; and
  
  access the contents of said rights locker according to a type of said rights token.
- View Dependent Claims (79, 80, 81, 82, 83, 84, 85, 86, 87, 88)
- - 79. The apparatus of claim 78 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content.
  - 80. The apparatus of claim 78 wherein said enrollment authentication data comprises:
    - rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and
      
      rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker.
  - 81. The apparatus of claim 80 wherein said rights locker access authentication data comprises payment for use of a rights locker service.
  - 82. The apparatus of claim 80 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker.
  - 83. The apparatus of claim 78 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request.
  - 84. The apparatus of claim 78 wherein said processor is further configured to determine whether said user is entitled to become an enrolled user based at least in part on whether payment for use of the rights locker service succeeds.
  - 85. The apparatus of claim 78 wherein said processor is further configured to determine whether an enrolled user is entitled to populate said rights locker with rights to said digital content based at least in part on whether payment for said rights succeeds.
  - 86. The apparatus of claim 78 wherein at least part of said one or more authenticated rights locker access requests are for storage in a bookmark on a user device.
  - 87. The apparatus of claim 78 wherein said processor is further configured to embed said one or more authenticated rights locker access requests in a Web cookie before said sending.
  - 88. The apparatus of claim 78 wherein said processor is further configured to encapsulate said one or more authenticated rights locker access requests in an HTTP Response message before said sending.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
de Jong, Eduard K.

Application Number

US10/687,488
Publication Number

US 20040083370A1
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/335   for accessing specific reso...

G06F 21/6218   to a system of files or obj...

H04L 2209/603   Digital right managament [DRM]

H04L 2463/101   applying security measures ...

H04L 63/0435   wherein the sending and rec...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/123   received data contents, e.g...

H04L 65/1101   Session protocols

H04L 65/612   for unicast

H04L 65/80   Responding to QoS

H04L 9/3213   using tickets or tokens, e....

H04L 9/3271   using challenge-response

H04L 9/50   using hash chains, e.g. blo...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 12/084   using delegated authorisati...

H04W 12/086 : using security domains

View All

Rights maintenance in a rights locker system for digital content access control

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

163 Citations

88 Claims

Specification

Use Cases

Quick Links

Others

Rights maintenance in a rights locker system for digital content access control

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

163 Citations

88 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others