System and methods for secure transaction management and electronics rights protection

US 20060224903A1
Filed: 05/23/2006
Published: 10/05/2006
Est. Priority Date: 02/13/1995
Status: Active Grant

First Claim

Patent Images

1-90. -90. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.”

Citations

176 Claims

1-90. -90. (canceled)

91. A method comprising:
- creating an electronic document at a first user'"'"'s electronic appliance;
  
  at the first user'"'"'s electronic appliance, securely associating control information with the electronic document, the control information indicating that the electronic document may be used only by one or more designated users and only in one or more authorized ways, the control information being configured to be enforced by tamper-resistant software and/or hardware to govern use of the electronic document;
  
  distributing the electronic document and the control information to a second user'"'"'s electronic appliance;
  
  determining that the second user is one of said one or more designated users; and
  
  at the second user'"'"'s electronic appliance, securely enabling the second user to make at least one use of the electronic document in accordance with the control information, in which software and/or hardware at the second user'"'"'s electronic appliance is operable to perform, at least in part, said securely enabling step, said software and/or hardware at the second user'"'"'s electronic appliance being resistant to tampering by the second user with the performance of said securely enabling step.
- View Dependent Claims (92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107)
- - 92. The method of claim 91, further comprising:
    - sending a request from the second user, the request seeking a modification to the control information;
      
      receiving a modified set of control information in response to the request.
  - 93. The method of claim 92, in which the modified set of control information indicates that the electronic document may be used by a set of designated users that differs at least in part from the one or more designated users.
  - 94. The method of claim 92, in which the modified set of control information indicates that the document may be used only in a modified set of authorized ways that differs at least in part from the one or more authorized ways.
  - 95. The method of claim 92, in which the request is sent to the first user'"'"'s electronic appliance.
  - 96. The method of claim 91, in which the one or more designated users comprise a group of users, and in which the control information identifies the group of users.
  - 97. The method of claim 91, in which the control information includes a requirement that a return receipt be sent to the first user from a recipient of the electronic document, the method further comprising:
    - sending a return receipt from the second user'"'"'s electronic appliance to the first user'"'"'s electronic appliance in accordance with the control information.
  - 98. The method of claim 91, in which the control information specifies one or more auditing requirements, the method further comprising:
    - at the second user'"'"'s electronic appliance, complying with the one or more auditing requirements.
  - 99. The method of claim 98, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication of how the electronic document has been used.
  - 100. The method of claim 98, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been printed by the recipient.
  - 101. The method of claim 98, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been viewed by the recipient.
  - 102. The method of claim 98, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has edited by the recipient.
  - 103. The method of claim 91, in which the control information specifies that certain or all information in the electronic document may be extracted by an authorized recipient.
  - 104. The method of claim 91, in which the control information specifies that the electronic document may be redistributed by an authorized recipient.
  - 105. The method of claim 91, in which the at least one use comprises viewing the electronic document.
  - 106. The method of claim 91, in which the at least one use comprises printing, copying, extracting text from, or embedding text within the electronic document.
  - 107. The method of claim 91, in which the control information is configured to govern at least two of the following uses of the electronic document:
    - viewing the electronic document, printing the electronic document, copying the electronic document, or modifying the electronic document.

108. A method comprising:
- receiving an electronic document at a first user'"'"'s electronic appliance, the electronic document having been sent from a second user'"'"'s electronic appliance;
  
  receiving, at the first user'"'"'s electronic appliance, control information associated with the electronic document, the control information indicating that the electronic document may be used only in one or more authorized ways; and
  
  using a software application running on the first user'"'"'s electronic appliance to enable the first user to make at least one use of the electronic document in accordance with the control information, wherein the software application is configured to be resistant to attempts by users of the first electronic appliance to use the electronic document in unauthorized ways.
- View Dependent Claims (109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135)
- - 109. The method of claim 108, in which control information is received separately from the electronic document.
  - 110. The method of claim 108, in which the control information is received at the first user'"'"'s electronic appliance from the second user'"'"'s electronic appliance together with the electronic document.
  - 111. The method of claim 110, in which control information is received together with the electronic document in a secure electronic container.
  - 112. The method of claim 111, in which the electronic document is encrypted within the secure electronic container, and in which the secure electronic container includes an unencrypted header.
  - 113. The method of claim 108, in which the control information further indicates that the electronic document may be used only by one or more designated users, the method further comprising:
    - using the software application on the first user'"'"'s electronic appliance to determine that the first user is one of said one or more designated users.
  - 114. The method of claim 108, in which the first user'"'"'s electronic appliance comprises a secure processing unit, and in which the software application is operable to communicate with the secure processing unit to obtain information necessary to decrypt the electronic document.
  - 115. The method of claim 114, in which the secure processing unit comprises a processor, memory storing one or more cryptographic keys, and memory interface logic that is operable to prevent unauthorized access to the memory from outside the secure processing unit.
  - 116. The method of claim 108, in which the software application comprises a word processor.
  - 117. The method of claim 108, in which the software application comprises an electronic mail program.
  - 118. The method of claim 117, in which the electronic document comprises an electronic mail message.
  - 119. The method of claim 108, in which the electronic document comprises an electronic memorandum, an electronic mail message, a text file, and/or a multimedia file.
  - 120. The method of claim 108, in which the control information includes a requirement that a recipient of the electronic document contact the second user before using the electronic document, the method further comprising:
    - sending a request from the first user to the second user for permission to use the electronic document; and
      
      receiving permission from the second user.
  - 121. The method of claim 108, further comprising:
    - sending a request from the first user'"'"'s electronic appliance to the second user'"'"'s electronic appliance, the request seeking a modification to the control information;
      
      receiving at the first user'"'"'s electronic appliance from the second user'"'"'s electronic appliance a modified set of control information in response to the request.
  - 122. The method of claim 108, in which the control information specifies one or more auditing requirements, the method further comprising:
    - sending auditing information to the second user'"'"'s electronic appliance in compliance with the auditing requirements.
  - 123. The method of claim 122, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication of how the electronic document has been used.
  - 124. The method of claim 122, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been printed by the recipient.
  - 125. The method of claim 122, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been viewed by the recipient.
  - 126. The method of claim 122, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been stored by the recipient.
  - 127. The method of claim 122, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been edited by the recipient.
  - 128. The method of claim 108, in which the control information specifies that certain or all information in the electronic document may be extracted by an authorized recipient.
  - 129. The method of claim 108, in which the control information specifies that the electronic document may be redistributed by an authorized recipient.
  - 130. The method of claim 108, in which the one or more authorized ways include viewing the electronic document.
  - 131. The method of claim 108, in which the one or more authorized ways include printing the electronic document.
  - 132. The method of claim 108, in which the one or more authorized ways include copying the electronic document.
  - 133. The method of claim 108, in which the one or more authorized ways include extracting text from, and/or embedding text within, the electronic document.
  - 134. The method of claim 108, in which the one or more authorized ways include redistributing the electronic document.
  - 135. The method of claim 108, in which the control information is configured to govern at least two of the following uses of the electronic document:
    - viewing the electronic document, printing the electronic document, copying the electronic document, or modifying the electronic document.

136. A method performed at a first user'"'"'s electronic appliance, the method comprising:
- creating an electronic document;
  
  associating first control information with the electronic document, the first control information indicating that the electronic document may be used only in one or more authorized ways, the first control information being configured to be enforced by tamper-resistant software and/or hardware to govern use of the electronic document, and the electronic document being configured to be resistant to attempts to access or otherwise use its contents unless permitted by said tamper-resistant software and/or hardware; and
  
  distributing the electronic document and the first control information to a second user'"'"'s electronic appliance.
- View Dependent Claims (137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152)
- - 137. The method of claim 136, in which the first control information further indicates that the electronic document may be used only by one or more designated users, the method further comprising:
    - determining that the second user is one of said one or more designated users prior to performing said distributing step.
  - 138. The method of claim 136, further comprising:
    - receiving a request from the second user'"'"'s electronic appliance for additional control information;
      
      sending additional control information to the second user'"'"'s electronic appliance, the additional control information being configured to authorize at least one additional use of the electronic document not authorized by the first control information.
  - 139. The method of claim 136, in which the first control information includes a requirement that a return receipt be sent to the first user from a recipient of the electronic document, the method further comprising:
    - receiving a return receipt from the second user'"'"'s electronic appliance in accordance with the first control information.
  - 140. The method of claim 136, in which the first control information specifies one or more auditing requirements, the method further comprising:
    - receiving auditing information generated at the second user'"'"'s electronic appliance in compliance with the auditing requirements.
  - 141. The method of claim 140, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication of how the electronic document has been used.
  - 142. The method of claim 140, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been printed by the recipient.
  - 143. The method of claim 140, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been viewed by the recipient.
  - 144. The method of claim 140, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been edited by the recipient.
  - 145. The method of claim 136, in which the first control information specifies that certain or all information in the electronic document may be extracted by an authorized recipient.
  - 146. The method of claim 136, in which the first control information specifies that the electronic document may be redistributed by an authorized recipient.
  - 147. The method of claim 136, in which the one or more authorized ways include viewing the electronic document.
  - 148. The method of claim 136, in which the one or more authorized ways include printing the electronic document.
  - 149. The method of claim 136, in which the one or more authorized ways include copying the electronic document.
  - 150. The method of claim 136, in which the one or more authorized ways include extracting text from, and/or embedding text within, the electronic document.
  - 151. The method of claim 136, in which the one or more authorized ways include redistributing the electronic document.
  - 152. The method of claim 136, in which the first control information is configured to govern at least two of the following uses of the electronic document:
    - viewing the electronic document, printing the electronic document, copying the electronic document, and modifying the electronic document. CPP (recipient)

153. A computer-readable medium containing a software application comprising executable program instructions, the executable program instructions including instructions for:
- receiving an electronic document and first control information associated with the electronic document, the first control information indicating that the electronic document may be used only in one or more authorized ways;
  
  separately receiving second control information associated with the electronic document; and
  
  applying the first control information and the second control information to enable at least one use of the electronic document in accordance with the first control information and the second control information;
  
  wherein the software application is configured to be resistant to attempts to use the electronic document in unauthorized ways.
- View Dependent Claims (154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172)
- - 154. The computer-readable medium of claim 153, in which the first control information further indicates that the electronic document may be used by one or more designated users, and in which the second control information indicates that the electronic document may be used by one or more additional users.
  - 155. The computer-readable medium of claim 153, in which the second control information indicates that the electronic document may be used in one or more additional authorized ways.
  - 156. The computer-readable medium of claim 153, in which the first control information includes a first expiration date, and in which the second control information includes a second expiration date after the first expiration date.
  - 157. The computer-readable medium of claim 153, in which the executable program instructions further include instructions for decrypting the electronic document using at least one cryptographic key retrieved from a secure processing unit.
  - 158. The computer-readable medium of claim 153, in which the first control information includes a requirement that a return receipt be sent to a remote electronic appliance, and in which the executable program instructions further include instructions for sending a return receipt to a remote electronic appliance from which the electronic document was received.
  - 159. The computer-readable medium of claim 153, in which the first control information includes one or more auditing requirement, and in which the executable program instructions further include instructions for complying with the auditing requirements.
  - 160. The computer-readable medium of claim 159, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication of how the electronic document has been used.
  - 161. The computer-readable medium of claim 159, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been printed by the recipient.
  - 162. The computer-readable medium of claim 159, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been viewed by the recipient.
  - 163. The computer-readable medium of claim 159, in which the one or more auditing requirements include a requirement that a recipient of the electronic document send an indication if the electronic document has been edited by the recipient.
  - 164. The computer-readable medium of claim 153, in which the first control information specifies that certain or all information in the electronic document may be extracted by an authorized recipient.
  - 165. The computer-readable medium of claim 153, in which the first control information specifies that the electronic document may be redistributed by an authorized recipient.
  - 166. The computer-readable medium of claim 153, in which the one or more authorized ways include viewing the electronic document.
  - 167. The computer-readable medium of claim 153, in which the one or more authorized ways include printing the electronic document.
  - 168. The computer-readable medium of claim 153, in which the one or more authorized ways include copying the electronic document.
  - 169. The computer-readable medium of claim 153, in which the one or more authorized ways include extracting text from, or embedding text within, the electronic document.
  - 170. The computer-readable medium of claim 153, in which the one or more authorized ways include redistributing the electronic document.
  - 171. The computer-readable medium of claim 153, in which the first control information is configured to govern at least two of the following uses of the electronic document:
    - viewing the electronic document, printing the electronic document, copying the electronic document, or modifying the electronic document.
  - 172. The computer-readable medium of claim 153, in which the software application comprises a word processor or an electronic mail program.

173. A method comprising:
- creating an electronic document at a first user'"'"'s electronic appliance;
  
  at the first user'"'"'s electronic appliance, securely associating control information with the electronic document, the control information indicating that the electronic document may be used only in one or more authorized ways, the control information being configured to be enforced by tamper-resistant software and/or hardware to govern use of the electronic document;
  
  distributing the electronic document and the control information to a second user'"'"'s electronic appliance; and
  
  at the second user'"'"'s electronic appliance, securely enabling the second user to make at least one use of the electronic document in accordance with the control information, in which software and/or hardware at the second user'"'"'s electronic appliance is operable to perform, at least in part, said securely enabling step, said software and/or hardware at the second user'"'"'s electronic appliance being resistant to tampering by the second user with the performance of said securely enabling step.
- View Dependent Claims (174, 175, 176)
- - 174. The method of claim 173, further comprising:
    - sending a request from the second user, the request seeking a modification to the control information; and
      
      receiving a modified set of control information in response to the request.
  - 175. The method of claim 173, in which the one or more authorized ways include at least two of the following:
    - viewing the electronic document, printing the electronic document, copying the electronic document, or modifying the electronic document.
  - 176. The method of claim 173, in which the control information specifies that the electronic document may be redistributed by an authorized recipient.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
David M. Van Wie, Francis J. Spahn, Karl L. Ginter, Victor M. Shear
Original Assignee
David M. Van Wie, Francis J. Spahn, Karl L. Ginter, Victor M. Shear
Inventors
Shear, Victor M., Ginter, Karl L., Spahn, Francis J., Van Wie, David M.

Granted Patent

US 8,543,842 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/109   by using specially-adapted ...

G06F 21/16   Program or content traceabi...

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/6209   to a single file or object,...

G06F 21/71   to assure secure computing ...

G06F 21/86   Secure or tamper-resistant ...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2135   Metering

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2151   Time stamp

G06Q 10/087   Inventory or stock manageme...

G06Q 20/02   involving a neutral party, ...

G06Q 20/023   the neutral party being a c...

G06Q 20/04   Payment circuits

G06Q 20/085   involving remote charge det...

G06Q 20/10   specially adapted for elect...

G06Q 20/102   Bill distribution or payments

G06Q 20/12   specially adapted for elect...

G06Q 20/123 : Shopping for digital content

G06Q 20/1235 : with control of digital rig...

G06Q 20/14 : specially adapted for billi...

G06Q 20/24 : Credit schemes, i.e. "pay a...

G06Q 20/306 : using TV related infrastruc...

G06Q 20/308 : using the Internet of Things

G06Q 2220/16 : Copy protection or prevention

G06Q 30/0273 : Determination of fees for a...

G06Q 30/0283 : Price estimation or determi...

G06Q 30/06 : Buying, selling or leasing ...

G06Q 30/0601 : Electronic shopping [e-shop...

G06Q 30/0609 : Buyer or seller confidence ...

G06Q 40/02 : Banking, e.g. interest calc...

G06Q 40/04 : Trading; Exchange, e.g. sto...

G06Q 40/12 : Accounting

G06Q 50/184 : Intellectual property manag...

G06Q 50/188 : Electronic negotiation

G06T 1/0021 : Image watermarking

G07F 9/026 : for alarm, monitoring and a...

H04L 2209/56 : Financial cryptography, e.g...

H04L 2209/60 : Digital content management,...

H04L 2463/101 : applying security measures ...

H04L 2463/102 : applying security measure f...

H04L 2463/103 : applying security measure f...

H04L 63/02 : for separating internal fro...

H04L 63/04 : for providing a confidentia...

H04L 63/0428 : wherein the data content is...

H04L 63/0435 : wherein the sending and rec...

H04L 63/0442 : wherein the sending and rec...

H04L 63/08 : for authentication of entit...

H04L 63/0823 : using certificates cryptogr...

H04L 63/083 : using passwords cryptograph...

H04L 63/10 : for controlling access to d...

H04L 63/12 : Applying verification of th...

H04L 63/123 : received data contents, e.g...

H04L 63/16 : Implementing security featu...

H04L 63/168 : above the transport layer

H04L 63/20 : for managing network securi...

H04L 9/006 : involving public key infras...

H04L 9/0819 : Key transport or distributi...

H04L 9/0838 : Key agreement, i.e. key est...

H04L 9/0861 : Generation of secret inform...

H04L 9/3218 : using proof of knowledge, e...

H04L 9/3247 : involving digital signatures

H04L 9/3263 : involving certificates, e.g...

H04N 2005/91364 : the video signal being scra...

H04N 21/2347 : involving video stream encr...

H04N 21/23476 : by partially encrypting, e....

H04N 21/235 : Processing of additional da...

H04N 21/2362 : Generation or processing of...

H04N 21/2541 : Rights Management protectin...

H04N 21/2543 : Billing , e.g. for subscrip...

H04N 21/2547 : Third Party Billing, e.g. b...

H04N 21/25875 : involving end-user authenti...

H04N 21/4143 : embedded in a Personal Comp...

H04N 21/42646 : for reading from or writing...

H04N 21/4325 : by playing back content fro...

H04N 21/4345 : Extraction or processing of...

H04N 21/435 : Processing of additional da...

H04N 21/4405 : involving video stream decr...

H04N 21/44204 : Monitoring of content usage...

H04N 21/443 : OS processes, e.g. booting ...

H04N 21/4627 : Rights management associate...

H04N 21/4753 : for user identification, e....

H04N 21/6581 : Reference data, e.g. a movi...

H04N 21/8166 : involving executable data, ...

H04N 21/835 : Generation of protective da...

H04N 21/8355 : involving usage data, e.g. ...

H04N 21/83555 : using a structured language...

H04N 21/8358 : involving watermark protect...

H04N 5/913 : for scrambling ; for copy p...

H04N 7/162 : Authorising the user termin...

H04N 7/163 : by receiver means only

H04N 7/17309 : Transmission or handling of...

View All

System and methods for secure transaction management and electronics rights protection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

176 Claims

Specification

Solutions

Use Cases

Quick Links

System and methods for secure transaction management and electronics rights protection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

176 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links