Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing, and rights management

US 20050060584A1
Filed: 07/22/2004
Published: 03/17/2005
Est. Priority Date: 02/13/1995
Status: Active Grant

First Claim

Patent Images

1-51. -51. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An integrated, modular array of administrative and support services are provided for electronic commerce and electronic rights and transaction management. These administrative and support services supply a secure foundation for conducting transaction-related capabilities functioning over electronic network-s, and can also be adapted to the specific needs of electronic commerce value chains. In one embodiment, a Distributed Commerce Utility having a secure, programmable, distributed architecture provides administrative and support services. The Distributed Commerce Utility may comprise a number of Commerce Utility Systems. These Commerce Utility Systems provide a web of infrastructure support available to, and reusable by, the entire electronic community and/or many of its participants. Different support functions can be collected together in hierarchical and/or networked relationships to suit various business models or other objectives. Modular support functions can combined in different arrays to form different Commerce Utility Systems for different design implementations and purposes.

Citations

71 Claims

1-51. -51. (canceled)

52. A first digital certificate including:
- information certifying a fact, digital file, or process;
  
  issuer identification information including information relating to the identity of an issuer of the first digital certificate; and
  
  liability protection information including information relating to the amount of liability the issuer is willing to accept in the event the authentication information is inaccurate.
- View Dependent Claims (53, 54, 55, 56)
- - 53. A first digital certificate as in claim 52, further including:
    - authentication information encrypted with the private key of the issuer.
  - 54. A first digital certificate as in claim 53, further including:
    - location information relating to a location from which the public key of the issuer may be obtained.
  - 55. A first digital certificate as in claim 52, further including:
    - information relating to an expiration date for the first digital certificate.
  - 56. A first digital certificate as in claim 52, further including:
    - information at least in part identifying a second digital certificate which certifies information upon which the first digital certificate is based at least in part.

57. A digital certifying authority including the following:
- means for the creation of digital certificates, including;
  
  means for signing the digital certificates;
  
  a secure communications facility;
  
  means for evaluating digital certificates received from third parties through the secure communications facility, including means for checking the validity and authenticity of the digital certificates and means for reporting results;
  
  the means for evaluating digital certificates being capable of operating at least in part under the control of rules received in a secure container, the secure container being received through the secure communications facility;
  
  an encryption/decryption processor;
  
  a billing system, including means for billing third parties for the creation of and evaluation of digital certificates;
  
  a key generator;
  
  an electronic archive storing keys and digital certificates; and
  
  a query mechanism designed to retrieve keys and digital certificates from the electronic archive.
- View Dependent Claims (58, 59, 60, 61)
- - 58. A digital certifying authority as in claim 57, further including a usage clearinghouse designed to at least part clear electronic transactions.
  - 59. A digital certifying authority as in claim 57, in which the electronic archive further stores a list of revoked digital certificates.
  - 60. A digital certifying authority as in claim 57, in which the electronic archive further stores information relating to the amount of liability at least one certificate issuer is willing to accept in the event a digital certificate is determined to be false or to contain erroneous information.
  - 61. A digital certifying authority as in claim 57, further including means for issuing multiple digital certificates for the same individual or entity, the multiple digital certificates each including a common identifier.

62. A virtual distribution environment administration node including:
- means for configuring protected processing environments at user sites;
  
  certification means for issuing digital certificates an aspect of protected processing environments configured at user sites; and
  
  memory means for securely storing issued certificates and keys associated with configured protected processing environments.
- View Dependent Claims (63, 64, 65, 66)
- - 63. A virtual distribution environment administration node as in claim 62, in which:
    - the certification means includes means for issuing digital certificates certifying information relating to individuals, including age.
  - 64. A virtual distribution environment administration node as in claim 62, in which:
    - the certification means includes means for issuing digital certificates certifying information relating to individual membership in a group or class.
  - 65. A virtual distribution environment administration node as in claim 62, in which:
    - the certified aspect of configured protected processing environments includes certification of a level of security present at the certified protected processing environment, where at least two security levels are possible.
  - 66. A virtual distribution environment administration node as in claim 62, in which:
    - the certification means includes means for issuing digital certificates certifying information relating to operation of a clearinghouse.

67. A method including the following steps:
- generating a first virtual entity certificate an identifier related to a first virtual entity, and a digital signature of a first member of the first virtual entity;
  
  embedding the first virtual entity certificate into a secure container having a first associated rule set at least in part governing use of the first virtual entity certificate, the first associated rule set including a rule governing the circumstances under which the first member may perform an action on behalf of the first virtual entity;
  
  the first member extracting the first virtual entity certificate from the secure container, the extraction being governed at least in part by the first associated rule set; and
  
  the first member performing an action on behalf of the first virtual entity, the action being governed at least in part by the first associated rule set, the first member'"'"'s authority to perform the action being certified by the first virtual entity certificate.
- View Dependent Claims (68, 69, 70, 71)
- - 68. A method as in claim 67, further including:
    - generating a second virtual entity certificate including an identifier related to a first virtual entity, and a digital signature of a second member of the first virtual entity; and
      
      embedding the second virtual entity certificate into the secure container, the secure container having a second associated rule set at least in part governing use of the second virtual entity certificate, the second associated rule set including a rule governing the circumstances under which the second member may perform an action on behalf of the first virtual entity.
  - 69. A method as in claim 67, in which:
    - the first member'"'"'s action includes generating or altering a digital certificate, the generation or alteration being accomplished by the first member as a representative of the virtual entity.
  - 70. A method as in claim 68, in which:
    - the step of embedding the first virtual entity certificate into the secure container occurs in a protected processing environment located in a computer associated with the first member.
  - 71. A method as in claim 70, in which:
    - the step of embedding the second virtual entity certificate into the secure container occurs in a protected processing environment located in a computer associated with the second member, and the secure container, or a copy of the secure container, is then directly or indirectly transmitted to the protected processing environment associated with the first member.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Ginter, Karl L., Weber, Robert P., Spahn, Francis J., Shear, Victor H., Van Wie, David M.

Granted Patent

US 7,415,617 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/109   by using specially-adapted ...

G06F 21/16   Program or content traceabi...

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/86   Secure or tamper-resistant ...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2115   Third party

G06F 2221/2135   Metering

G06F 2221/2151   Time stamp

G06Q 20/02   involving a neutral party, ...

G06Q 20/023   the neutral party being a c...

G06Q 20/04   Payment circuits

G06Q 20/12   specially adapted for elect...

G06Q 20/123   Shopping for digital content

G06Q 20/1235   with control of digital rig...

G06Q 20/14   specially adapted for billi...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06T 1/0021   Image watermarking

G07F 9/026 : for alarm, monitoring and a...

H04L 2209/56 : Financial cryptography, e.g...

H04L 2209/60 : Digital content management,...

H04L 2209/84 : Vehicles

H04L 2463/101 : applying security measures ...

H04L 2463/102 : applying security measure f...

H04L 2463/103 : applying security measure f...

H04L 63/20 : for managing network securi...

H04L 9/3263 : involving certificates, e.g...

H04N 21/2347 : involving video stream encr...

H04N 21/23476 : by partially encrypting, e....

H04N 21/235 : Processing of additional da...

H04N 21/2362 : Generation or processing of...

H04N 21/2541 : Rights Management protectin...

H04N 21/2543 : Billing , e.g. for subscrip...

H04N 21/2547 : Third Party Billing, e.g. b...

H04N 21/25875 : involving end-user authenti...

H04N 21/4143 : embedded in a Personal Comp...

H04N 21/4345 : Extraction or processing of...

H04N 21/435 : Processing of additional da...

H04N 21/4405 : involving video stream decr...

H04N 21/44204 : Monitoring of content usage...

H04N 21/443 : OS processes, e.g. booting ...

H04N 21/4627 : Rights management associate...

H04N 21/4753 : for user identification, e....

H04N 21/6581 : Reference data, e.g. a movi...

H04N 21/835 : Generation of protective da...

H04N 21/8355 : involving usage data, e.g. ...

H04N 21/83555 : using a structured language...

H04N 21/8358 : involving watermark protect...

H04N 7/162 : Authorising the user termin...

H04N 7/17309 : Transmission or handling of...

View All

Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing, and rights management

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

71 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing, and rights management

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

71 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links