Systems and methods for authoring and protecting digital property

US 20060178997A1
Filed: 03/13/2006
Published: 08/10/2006
Est. Priority Date: 01/11/1996
Status: Abandoned Application

First Claim

Patent Images

1. A method for authoring data for electronic distribution comprising:

protecting data portions by encrypting the data portions with a data key;

encrypting a data decrypting key with an encrypting key;

storing rules in a storage device, the rules defining constraints associated with access rights to the data portions; and

distributing the data portions such that the protected data portions may be accessed via an access control mechanism and redistribution of the protected data portions is governed by the access control mechanism.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and device are provided for controlling access to data. Portions of the data are protected and rules concerning access rights to the data are determined. Access to the protected portions of the data is prevented, other than in a non-useable form; and users are provided access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. A method is also provided for distributing data for subsequent controlled use of those data. The method includes protecting portions of the data; preventing access to the protected portions of the data other than in a non-useable form; determining rules concerning access rights to the data; protecting the rules; and providing a package including: the protected portions of the data and the protected rules. A user is provided controlled access to the distributed data only in accordance with the rules as enforced by a mechanism protected by tamper protection. A device is provided for controlling access to data having protected data portions and rules concerning access rights to the data. The device includes means for storing the rules; and means for accessing the protected data portions only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data.

65 Citations

View as Search Results

38 Claims

1. A method for authoring data for electronic distribution comprising:
- protecting data portions by encrypting the data portions with a data key;
  
  encrypting a data decrypting key with an encrypting key;
  
  storing rules in a storage device, the rules defining constraints associated with access rights to the data portions; and
  
  distributing the data portions such that the protected data portions may be accessed via an access control mechanism and redistribution of the protected data portions is governed by the access control mechanism.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - selecting data portions from a plurality of data portions to be encrypted based on criteria determined by the owner of the data.
  - 3. The method of claim 1, further comprising:
    - selecting data portions from a plurality of data portions to be encrypted based on criteria determined by the owner of the data and distribution policies as implemented in the rules.
  - 4. The method of claim 1 wherein the step of protecting data portions is performed using an asymmetric encryption algorithm.
  - 5. The method of claim 1 wherein the protected data portions are associated with a document and the rules are associated with a requirement that printing requires a watermark be placed on a document.
  - 6. The method of claim 5 wherein the printing of any derivative work based on the protected data portions also requires a watermark.
  - 7. The method of claim 1 wherein the creation of any derivative work based on the protected data portions requires monotonicity of restrictions as enforced by the rules associated with the protected data portions.
  - 8. The method of claim 1 wherein the creation of any derivative work based on the protected data portions is governed by the owner of the protected data portions.
  - 9. The method of claim 1, the rules being a first set of rules, the method further comprising:
    - modifying original data portions to include additional data portions;
      
      encrypting at least the original data portions and at least some of the additional data portions;
      
      providing a second set of rules associated with the additional data portions, whereby access to the original data portions are governed by the first set of rules and access to the additional data portions are governed by the second set of rules.

10. A method for authoring data for electronic distribution comprising:
- protected data portions by encrypting the data portions with a data key;
  
  for each of a plurality of key encrypting keys, encrypting a data decrypting key with the respective key encrypting key (K_R) to produce a plurality of encrypted data decryption keys;
  
  protecting rules defining constraints associated with access rights to the data, the rules being configured such that the rules enforce monotonicity of restrictions on protected data portions when the protected data is redistributed; and
  
  distributing the protected data portions, the protected rules, and at least one of the encrypted data decryption keys.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 11. The method of claim 10, further comprising:
    - selecting data portions from a plurality of data portions to be encrypted based on criteria determined by the owner of the data.
  - 12. The method of claim 11, further comprising:
    - selecting data portions from a plurality of data portions to be encrypted based on criteria determined by the owner of the data and distribution policies as implemented in the rules.
  - 13. The method of claim 10 wherein the step of protecting data portions is performed using an asymmetric encryption algorithm.
  - 14. The method of claim 10 wherein the protected data portions are associated with a document and the rules are associated with a requirement that printing requires a watermark be placed on a document.
  - 15. The method of claim 14 wherein the printing of any derivative work based on the protected data portions also requires a watermark.
  - 16. The method of claim 10 wherein the protected data portions are associated with one or more images.
  - 17. The method of claim 16 wherein the one or more images is a movie.
  - 18. The method of claim 10 wherein the creation of any derivative work based on the protected data portions requires monotonicity of restrictions as enforced by the rules associated with the protected data portions.
  - 19. The method of claim 10 wherein the creation of any derivative work based on the protected data portions is governed by the owner of the protected data portions.
  - 20. The method of claim 10, the rules being a first set of rules, the method further comprising:
    - modifying original data portions to include additional data portions;
      
      encrypting at least the original data portions and at least some of the additional data portions;
      
      providing a second set of rules associated with the additional data portions, whereby access to the original data portions are governed by the first set of rules and access to the additional data portions are governed by the second set of rules.

21. A method of producing a movie comprising:
- encrypting at least some of the data portions representing the movie using a data key (K_D) to create protected data portions;
  
  storing the protected data portions;
  
  encrypting a data decrypting key (K_D′
  
  ) with a key-encrypting key (K_R);
  
  providing rules associated with the movie, the rules defining constraints including an inheritance rule defining rights to create a derivative work including at least one of the data portions associated with the movie and defining a set of rules to be associated with the derivative work, the set of rules associated with the derivative work being associated only with those data portions associated with the movie.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
- - 22. The method of claim 21, further comprising:
    - selecting data portions from a plurality of data portions to be encrypted based on criteria determined by the owner of the data.
  - 23. The method of claim 21, wherein the step of selecting includes:
    - examining each data portion at a predetermined level of granularity to determine if the data portion being processed is in a body portion of the data;
      
      determining that the data portion being processed is in a body portion of the data; and
      
      determining whether the data portion being processed is to be protected based on the criteria determined by the owner of the data.
  - 24. The method of claim 21, further comprising:
    - selecting data portions from a plurality of data portions to be encrypted based on criteria determined by the owner of the data and distribution policies as implemented in the rules.
  - 25. The method of claim 21 wherein the step of protecting data portions is performed using an asymmetric encryption algorithm.
  - 26. The method of claim 21 wherein the creation of any derivative work based on the protected data portions requires monotonicity of restrictions as enforced by the rules associated with the protected data portions.
  - 27. The method of claim 21 wherein the creation of any derivative work based on the protected data portions is governed by the owner of the protected data portions.
  - 28. The method of claim 21, the rules being a first set of rules, the method further comprising:
    - modifying original data portions to include additional data portions;
      
      encrypting at least the original data portions and at least some of the additional data portions;
      
      providing a second set of rules associated with the additional data portions, whereby access to the original data portions are governed by the first set of rules and access to the additional data portions are governed by the second set of rules.

29. A method of producing a movie comprising:
- protecting data portions associated with the movie using a data key (K_D);
  
  storing the protected data portions;
  
  for each of a plurality of key encrypting keys (K_R) encrypting the data decrypting key (K_D′
  
  ) with a respective key encrypting key (K_R) after obtaining the data key (K_D) using a respective data decrypting key (K_D′
  
  ) to provide a plurality of users with access to the encrypted data portions;
  
  storing at least some of the encrypted data keys;
  
  providing rules associated with the movie, the rules defining constraints including an inheritance rule defining rights to create a derivative work including at least one of the data portions associated with the movie and defining a set of rules to be associated with the derivative work, the set of rules associated with the derivative work being associated only with those data portions associated with the movie;
  
  storing the rules associated with the movie; and
  
  transmitting the protected data portions, at least some of the encrypted data keys, and the rules associated with a movie to an output device.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 30. The method of claim 29, further comprising:
    - selecting data portions from a plurality of data portions to be encrypted based on criteria determined by the owner of the data.
  - 31. The method of claim 30, wherein the step of selecting includes:
    - examining each data portion at a predetermined level of granularity to determine if the data portion being processed is in a body portion of the data;
      
      determining that the data portion being processed is in a body portion of the data; and
      
      determining whether the data portion being processed is to be protected based on the criteria determined by the owner of the data.
  - 32. The method of claim 31, wherein the step of selecting includes:
    - examining each data portion at a predetermined level of granularity to determine if the data portion being processed is in a body portion of the data;
      
      determining that the data portion being processed are rules associated with the movie; and
      
      protecting the rules by encrypting them using one of the plurality of rule-encrypting keys (K_R).
  - 33. The method of claim 32, wherein the step of selecting includes:
    - examining each data portion at a predetermined level of granularity to determine if the data portion being processed is in a body portion of the data;
      
      determining that the data portion being processed is ancillary information; and
      
      protecting the ancillary information by encrypting it with the data-encrypting key (K_D).
  - 34. The method of claim 29, further comprising:
    - selecting data portions from a plurality of data portions to be encrypted based on criteria determined by the owner of the data and distribution policies as implemented in the rules.
  - 35. The method of claim 29 wherein the step of protecting data portions is performed using an asymmetric encryption algorithm.
  - 36. The method of claim 29 wherein the creation of any derivative work based on the protected data portions requires monotonicity of restrictions as enforced by the rules associated with the protected data portions.
  - 37. The method of claim 29 wherein the creation of any derivative work based on the protected data portions is governed by the owner of the protected data portions.
  - 38. The method of claim 29, the rules being a first set of rules, the method further comprising:
    - modifying original data portions to include additional data portions;
      
      encrypting at least the original data portions and at least some of the additional data portions;
      
      providing a second set of rules associated with the additional data portions, whereby access to the original data portions are governed by the first set of rules and access to the additional data portions are governed by the second set of rules.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hanger Solutions, LLC (IP Investments Group LLC)
Original Assignee
General Dynamics Advanced Information Systems Incorporated (General Dynamics Corporation)
Inventors
Abrams, Marshall D., Schneck, Paul B.

Application Number

US11/373,156
Publication Number

US 20060178997A1
Time in Patent Office

Days
Field of Search
US Class Current

705/50
CPC Class Codes

G06F 21/1011   to devices

G06F 21/1062   Editing

G06F 21/1063   Personalisation

G06F 21/109   by using specially-adapted ...

G06F 21/16   Program or content traceabi...

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/6209   to a single file or object,...

G06F 21/6245   Protecting personal data, e...

G06F 21/71   to assure secure computing ...

G06F 21/72   in cryptographic circuits

G06F 21/86   Secure or tamper-resistant ...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 2221/2143   Clearing memory, e.g. to pr...

G06F 2221/2145   Inheriting rights or proper...

G06F 2221/2149   Restricted operating enviro...

G06Q 99/00   Subject matter not provided...

G11B 20/00673 : wherein the erased or nulli...

H04L 2209/56 : Financial cryptography, e.g...

H04L 2209/60 : Digital content management,...

H04L 2463/101 : applying security measures ...

H04L 63/0428 : wherein the data content is...

H04L 9/0822 : using key encryption key

View All

Systems and methods for authoring and protecting digital property

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

65 Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for authoring and protecting digital property

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links