Systems and methods for secure transaction management and electronic rights protection

US 20070277031A1
Filed: 07/12/2007
Published: 11/29/2007
Est. Priority Date: 02/13/1995
Status: Active Grant

First Claim

Patent Images

1. A method performed by an electronic appliance, the electronic comprising a protected processing environment and rights management programming stored on a computer readable medium, the rights management programming being operable, when executed by the electronic appliance, to govern use of electronic content by a user of the electronic appliance, the method comprising:

enabling a user of the electronic appliance to use a piece of electronic content, the piece of electronic content having control information securely associated therewith, the control information specifying one or more consequences of use of the piece of electronic content;

monitoring usage of the piece of electronic content for occurrence of one or more predefined events; and

taking one or more actions upon detection of the one or more predefined events;

wherein the one or more predefined events and the one or more actions are specified, at least in part, in the control information, and wherein the rights management programming is operable, when executed by the electronic appliance, to cause the electronic appliance to perform said monitoring and taking steps, using, at least in part, the protected processing environment.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.”

99 Citations

View as Search Results

67 Claims

1. A method performed by an electronic appliance, the electronic comprising a protected processing environment and rights management programming stored on a computer readable medium, the rights management programming being operable, when executed by the electronic appliance, to govern use of electronic content by a user of the electronic appliance, the method comprising:
- enabling a user of the electronic appliance to use a piece of electronic content, the piece of electronic content having control information securely associated therewith, the control information specifying one or more consequences of use of the piece of electronic content;
  
  monitoring usage of the piece of electronic content for occurrence of one or more predefined events; and
  
  taking one or more actions upon detection of the one or more predefined events;
  
  wherein the one or more predefined events and the one or more actions are specified, at least in part, in the control information, and wherein the rights management programming is operable, when executed by the electronic appliance, to cause the electronic appliance to perform said monitoring and taking steps, using, at least in part, the protected processing environment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 2. The method of claim 1, in which the piece of electronic content comprises a textual publication, and in which at least one of the one or more predefined events comprises a request to display at least a predefined number of units of at least a predefined portion of the textual publication.
  - 3. The method of claim 1, in which the piece of electronic content comprises a textual publication, and in which at least one of the one or more predefined events comprises a request to display at least a predefined number of units of the textual publication.
  - 4. The method of claim 3, in which the units are selected from the group consisting of:
    - bytes, words, chapters, paragraphs, and pages.
  - 5. The method of claim 1, in which at least one of the one or more actions includes storing audit information for transmission to a remote electronic appliance.
  - 6. The method of claim 1, in which at least one of the one or more actions includes incrementing or decrementing a meter.
  - 7. The method of claim 1, in which at least one of the one or more actions includes performing a fraud detection process.
  - 8. The method of claim 1, in which at least one of the one or more actions includes billing an advertiser.
  - 9. The method of claim 1, in which at least one of the one or more actions includes billing the user.
  - 10. The method of claim 1, in which at least one of the one or more actions includes storing usage information.
  - 11. The method of claim 10, further comprising:
    - analyzing the usage information for usage patterns.
  - 12. The method of claim 11, further comprising:
    - using results of the analyzing step to apply quantity discounts.
  - 13. The method of claim 10, in which the usage information is stored in a multi-dimensional array data structure.
  - 14. The method of claim 10, in which the piece of electronic content comprises one of one or more audio recordings, and in which the usage information comprises information regarding usage of at least some of the audio recordings in one or more predefined time periods.
  - 15. The method of claim 10, in which the usage information comprises information regarding usage of at least some of the electronic content in one or more predefined time periods.
  - 16. The method of claim 10, further comprising:
    - encrypting the usage information for storage in memory of the electronic appliance.
  - 17. The method of claim 16, in which the encrypting is performed using a key specific to the electronic appliance.
  - 18. The method of claim 17, further comprising:
    - storing an encrypted transaction tag, the transaction tag being associated with the usage information and configured for use in preventing undetected tampering with the usage information.
  - 19. The method of claim 1, in which the control information includes at least one of:
    - a budget and/or a meter.
  - 20. The method of claim 1, in which the control information includes at least one of:
    - a specification of a date of last use, a specification of a date of first allowable use, and/or a specification of an expiration date.
  - 21. The method of claim 1, in which the control information includes at least one of:
    - a specification of a date of last audit, a specification of a date of a next required audit, and/or an identification of an authorized auditor.
  - 22. The method of claim 1, further comprising:
    - recording, in a usage map, information regarding usage of the piece of electronic content.
  - 23. The method of claim 22, in which the usage map is configured to store information regarding whether a particular portion of the piece of electronic content has been accessed by the user.
  - 24. The method of claim 22, in which the usage map is configured to store information regarding a number of times that a particular portion of the piece of electronic content has been accessed by the user.
  - 25. The method of claim 22, in which the usage map is configured to store information regarding a number of times that a particular portion of the piece of electronic content has been accessed by the user in a particular period of time
  - 26. The method of claim 22, further comprising:
    - analyzing the usage map to detect an unauthorized usage pattern; and
      
      halting further use of the piece of electronic content if an unauthorized usage pattern is detected.
  - 27. The method of claim 1, in which at least one of the one or more actions includes sending audit information to a remote site.
  - 28. The method of claim 27, in which the audit information comprises information regarding usage of the piece of electronic content and at least one of:
    - an identification of the electronic appliance, an identification of the user, personal information of the user, and/or an identification of a type of usage.

29. A method for reporting information regarding usage of electronic content, the method comprising:
- receiving a piece of electronic content at an electronic appliance, the piece of electronic content having control information associated therewith, the control information including one or more requirements for reporting usage information;
  
  using tamper-resistant hardware and/or software running on the electronic appliance to securely enable a user of the electronic appliance to use the piece of electronic content in accordance with the control information;
  
  securely storing usage information related to the use of the piece of electronic content in memory of the electronic appliance; and
  
  sending the usage information to a remote site.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
- - 30. The method of claim 29, in which the control information specifies, at least in part, what usage information must be sent to the remote site.
  - 31. The method of claim 29, in which the control information identifies the remote site.
  - 32. The method of claim 29, in which the control information specifies, at least in part, when the usage information must be sent to the remote site.
  - 33. The method of claim 30, in which the control information specifies, at least in part, when the usage information must be sent to the remote site.
  - 34. The method of claim 29, further comprising:
    - authenticating the remote site and/or an entity associated therewith prior to sending the usage information.
  - 35. The method of claim 34, further comprising:
    - sending authentication information to the remote site, the authentication information authenticating the electronic appliance, the tamper-resistant hardware and/or software, and/or the user.
  - 36. The method of claim 29, in which the usage information is generated, at least in part, by a metering process that keeps track of usage events, and, for qualifying events, causes usage information to be generated.
  - 37. The method of claim 36, in which the usage events are defined in terms of one or more atomic elements of the piece of electronic content.
  - 38. The method of claim 37, in which the one or more atomic elements are selected from the group consisting of:
    - bytes, chapters, paragraphs, pages, database records, files, and sectors.
  - 39. The method of claim 29, further comprising:
    - analyzing the usage information for usage patterns.
  - 40. The method of claim 39, further comprising:
    - using results of the analyzing step to apply quantity discounts.
  - 41. The method of claim 29, in which the usage information is stored in a multi-dimensional array data structure.
  - 42. The method of claim 29, in which the usage information comprises information regarding usage of at least some of the piece of electronic content in one or more predefined time periods.
  - 43. The method of claim 29, further comprising:
    - encrypting the usage information for storage in memory of the electronic appliance.
  - 44. The method of claim 43, in which the encrypting is performed using a key specific to the electronic appliance.
  - 45. The method of claim 44, further comprising:
    - storing an encrypted transaction tag, the transaction tag being associated with the usage information and configured for use in preventing undetected tampering with the usage information.
  - 46. The method of claim 29, in which the control information includes at least one of:
    - a specification of a date of last use of the piece of electronic content, a specification of a date of first allowable use of the piece of electronic content, and/or a specification of an expiration date of use of the piece of electronic content.
  - 47. The method of claim 29, in which the control information includes at least one of:
    - a specification of a date of last audit, a specification of a date of a next required audit, and/or an identification of an authorized auditor.
  - 48. The method of claim 29, in which the usage information is stored in a usage map.
  - 49. The method of claim 48, in which the usage map is configured to store information regarding whether a particular portion of the piece of electronic content has been accessed by the user.
  - 50. The method of claim 48, in which the usage map is configured to store information regarding a number of times that a particular portion of the piece of electronic content has been accessed by the user.
  - 51. The method of claim 48, in which the usage map is configured to store information regarding a number of times that a particular portion of the piece of electronic content has been accessed by the user in a particular period of time
  - 52. The method of claim 48, further comprising:
    - analyzing the usage map to detect an unauthorized usage pattern; and
      
      halting further use of the piece of electronic content if an unauthorized usage pattern is detected.
  - 53. The method of claim 29, further comprising sending information to the remote site from the group consisting of:
    - an identification of the electronic appliance, an identification of the user, personal information of the user, and/or an identification of a type of usage.

54. A method performed by an electronic appliance, the method comprising:
- enabling a user of the electronic appliance to use an electronic object;
  
  metering usage of the electronic object in terms of one or more atomic elements; and
  
  securely storing, in memory of the electronic appliance, usage information derived from the metering step.
- View Dependent Claims (55, 56, 57, 58)
- - 55. The method of claim 54, in which some of the atomic elements overlap, at least in part.
  - 56. The method of claim 55, in which at least some of the atomic elements are selected from the group consisting of:
    - bytes, chapters, paragraphs, pages, database records, files, and sectors.
  - 57. The method of claim 54, in which some portions of the electronic object are not mapped to any atomic elements.
  - 58. The method of claim 56, in which the electronic object has control information securely associated therewith, the control information specifying one or more consequences of usage of the electronic object, wherein the metering step is performed in accordance with the control information.

59. A method comprising:
- determining whether one or more events associated with a user'"'"'s use of electronic content at a first device meets a predefined condition, wherein the predefined condition is based at least in part on a unit of usage of the electronic content that has been defined to be significant by a creator and/or other provider of the electronic content;
  
  performing additional processing if a determination is made that the one or more events meet the predefined condition, the additional processing relating to at least one of;
  
  auditing, reporting, billing, end user usage analysis, and/or fraud detection.
- View Dependent Claims (60, 61, 62, 63, 64, 65, 66, 67)
- - 60. The method of claim 59, in which the determining step is performed by hardware and/or software running on the first device.
  - 61. The method of claim 59, in which at least part of the determining step is performed by hardware and/or software running on a server remote from the first device.
  - 62. The method of claim 59, in which the unit of usage of the electronic content is defined in terms of one or more atomic elements of the electronic content.
  - 63. The method of claim 62, in which the one or more atomic elements are selected from the group consisting of:
    - bytes, chapters, paragraphs, pages, database records, files, and sectors.
  - 64. The method of claim 62, in which the predefined condition is identified in control information securely associated with the electronic content.
  - 65. The method of claim 64, in which the electronic content and/or the control information is encrypted at least in part.
  - 66. The method of claim 64, in which tamper-resistant hardware and/or software running on the first device is operable to perform at least part of the determining and performing steps, the tamper-resistant hardware and/or software being resistant to tampering by a user of the first device.
  - 67. The method of claim 66, in which the tamper-resistant hardware and/or software comprises at least one secure processing unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Van Wie, David, Ginter, Karl, Spahn, Francis, Shear, Victor

Granted Patent

US 7,831,823 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/10   Protecting distributed prog...

G06F 21/16   Program or content traceabi...

G06F 21/86   Secure or tamper-resistant ...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2115   Third party

G06F 2221/2135   Metering

G06F 2221/2151   Time stamp

G06Q 20/02   involving a neutral party, ...

G06Q 20/023   the neutral party being a c...

G06Q 20/04   Payment circuits

G06Q 20/12   specially adapted for elect...

G06Q 20/123   Shopping for digital content

G06Q 20/1235   with control of digital rig...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 20/389   Keeping log of transactions...

G06T 1/0021   Image watermarking

G07F 9/026   for alarm, monitoring and a...

H04L 12/14   Charging , metering or bill...

H04L 2463/101 : applying security measures ...

H04L 2463/102 : applying security measure f...

H04L 2463/103 : applying security measure f...

H04L 63/20 : for managing network securi...

H04N 21/2347 : involving video stream encr...

H04N 21/235 : Processing of additional da...

H04N 21/2362 : Generation or processing of...

H04N 21/2541 : Rights Management protectin...

H04N 21/2543 : Billing , e.g. for subscrip...

H04N 21/2547 : Third Party Billing, e.g. b...

H04N 21/25875 : involving end-user authenti...

H04N 21/4143 : embedded in a Personal Comp...

H04N 21/4345 : Extraction or processing of...

H04N 21/435 : Processing of additional da...

H04N 21/4405 : involving video stream decr...

H04N 21/44204 : Monitoring of content usage...

H04N 21/443 : OS processes, e.g. booting ...

H04N 21/4627 : Rights management associate...

H04N 21/4753 : for user identification, e....

H04N 21/6581 : Reference data, e.g. a movi...

H04N 21/8166 : involving executable data, ...

H04N 21/835 : Generation of protective da...

H04N 21/83555 : using a structured language...

H04N 21/8358 : involving watermark protect...

H04N 7/162 : Authorising the user termin...

H04N 7/17309 : Transmission or handling of...

View All

Systems and methods for secure transaction management and electronic rights protection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

99 Citations

67 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for secure transaction management and electronic rights protection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

99 Citations

67 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links