Controlling access to data in a data processing system

US 20080066191A1
Filed: 10/31/2007
Published: 03/13/2008
Est. Priority Date: 04/11/1995
Status: Active Grant

First Claim

Patent Images

1. A method, in a system which includes a network of computers, the method comprising:

(a) obtaining a name for a data item, the name being included in a request for the data item, and the name being based at least in part on the data which comprise the contents of the data item; and

(b) determining, based at least in part on said name, whether or not access to the data item is authorized.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Access to and delivery of licensed content is controlled using content names that were determined based on the content. A name for a data item is obtained, the name having been determined based at least in part on the data which comprise the contents of the data item. Access to the data item is authorized based at least in part on the name. Once authorized, access may be granted from more than one computer. The name may have been determined using a hash or message digest function such as MD4, MD5 or SHA. The data item may comprise a file, a portion of a file, a page in memory, a digital message, a digital image, a video signal or an audio signal.

126 Citations

View as Search Results

25 Claims

1. A method, in a system which includes a network of computers, the method comprising:
- (a) obtaining a name for a data item, the name being included in a request for the data item, and the name being based at least in part on the data which comprise the contents of the data item; and
  
  (b) determining, based at least in part on said name, whether or not access to the data item is authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. A method as recited in claim 1 further comprising:
    - (c) based at least in part on said determining, denying access to the data item when it is determined that access to the data item is not authorized.
  - 3. A method as recited in claim 1 wherein the request is received from a particular requestor, and wherein said step (b) of determining comprises:
    - determining whether or not the particular requestor is authorized.
  - 4. A method as recited in claim 3 further comprising:
    - if it is determined that the particular requestor is not authorized, denying the particular requestor'"'"'s request for the data item.
  - 5. A method as recited in claim 1 wherein said step (b) of determining whether or not the data item is authorized comprises determining whether or not the name is contained in a database comprising a plurality of identifiers.
  - 6. A method as recited in claim 19 wherein the name for the data item is based on a function of the data which comprise the contents of the data file, and wherein the plurality of identifiers in the database are identifiers of licensed content items, and wherein the identifier of each licensed content item is based at least in part on the function of the data comprising the licensed content item.
  - 7. A method as recited in claim 1 further comprising:
    - (d) collecting information regarding the data item.
  - 8. A method as recited in claim 7, wherein the information collected includes at least one of:
    - (a) information about which data items have been stored on a computer;
      
      (b) information about the content of the data item, (c) information about the owner of the data item, (d) information about the type of data item, (e) information about the contextual name of the data item, (f) information about whether the data item was copied;
      
      (g) the name of the data item;
      
      (h) information about an identity of the requestor;
      
      (i) a timestamp;
      
      (j) information about whether the data item was created; and
      
      (k) information about whether the data item was read.
  - 9. A method as recited in claim 8 wherein at least some of the information collected is maintained for accounting or billing purposes.
  - 10. A method as recited in claim 1 further comprising:
    - (d) tracking identities of data items requested.
  - 11. A method as recited in claim 1 wherein the name is based, at least in part, on a function of the data which comprise the contents of the data item, and wherein the function is a message digest function or a hash function.
  - 12. A method as recited in claim 1 wherein the name is based, at least in part, on a function of the data which comprise the contents of the data item, and wherein the function is selected from the functions:
    - MD4, MD5, and SHA.
  - 13. A method as recited in claim 1 wherein the name is a True Name.
  - 14. A method as recited in claim 1 wherein a data item may comprise a file, a portion of a file, a page in memory, a digital message, a digital image, a video signal or an audio signal.
  - 15. A method as recited in claim 1 wherein at least some computers make up part of a peer-to-peer network of computers.
  - 16. A method as recited in claim 1 further comprising:
    - (c) authorizing access to the data item when it is determined that the data item is authorized.
  - 17. A method as recited in claim 16 wherein the authorized access permits copying of the data item from at least one of the plurality of computers.
  - 18. A method as recited in claim 16 wherein the name is received at a first computer and wherein, if it is determined that said data item is authorized, access to the data item is authorized from at least one of said plurality of computers distinct from the first computer.
  - 19. A method as recited in claim 16 wherein, if it is determined that said data item is authorized, access to the data item is authorized from more than one of the plurality of computers.

20. A method comprising:
- controlling distribution of licensed content from a first computer to a requesting computer, by in response to a request for the content from said requesting computer, the request including at least a name of the data file, the name having been determined using at least a function of the data comprising the data item, permitting the content to be provided to the requesting computer if the content is authorized or licensed.

21. A method comprising:
- (a) obtaining a list of names, one for each of a plurality of data items, wherein, for each of the data items, the corresponding name for that data item was determined as a function of the contents of the data item;
  
  (b) receiving, from a requestor, an identifier for a requested data item, said identifier having been determined based at least in part on the contents of the requested data item;
  
  (c) determining, based at least in part on said identifier for said requested data item, and using said list of names, whether the requestor may access the requested data item; and
  
  (d) based on said determining, if it is determined that requestor may not access the requested data item, denying access to the requested data item.
- View Dependent Claims (22, 23)
- - 22. A method as recited in claim 21 wherein the list of names comprises a list of True Names of authorized data items and wherein the identifier of the requested data item is a True Name of the requested data item.
  - 23. A method as recited in claim 21 wherein at least some of said computers make up part of a peer-to-peer network of computers.

24. A method comprising:
- (a) receiving at a first computer, from a requesting computer, a request for a data file, said request including a name for the data file, the name having been determined using at least a function of the data in the data file, wherein the data used by the function to determine the name comprises the contents of the data file; and
  
  (b) in response to said request;
  
  (i) causing the name of the data file to be compared to a plurality of values;
  
  (ii) determining if access to the data file is authorized or unauthorized based on whether the name matches at least one of said plurality of values, and (iii) based on said determining in step (i), not allowing the data file to be delivered to the requesting computer if it is determined that access to the data file is not authorized.
- View Dependent Claims (25)
- - 25. A method as recited in claim 24 further comprising:
    - in response to said request;
      
      (iv) allowing the data file to be delivered to the requesting computer if the data file is authorized.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PersonalWeb Technologies, L.L.C.
Original Assignee
Kinetech, Inc. (Brilliant Digital Entertainment Incorporated), Level 3 Communications LLC (Lumen Technologies, Inc.)
Inventors
Farber, David, Lachman, Ronald

Granted Patent

US 7,802,310 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/28
CPC Class Codes

G06F 16/13   File access structures, e.g...

G06F 16/164   File meta data generation

G06F 16/174   Redundancy elimination perf...

Y10S 707/914   Video

Y10S 707/915   Image

Y10S 707/916   Audio

Y10S 707/922   Communications

Y10S 707/959   Network

Y10S 707/961   Associative

Y10S 707/966   Distributed

Y10S 707/99931   Database or file accessing

Y10S 707/99932   Access augmentation or opti...

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99942   Manipulating data structure...

Controlling access to data in a data processing system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

126 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Controlling access to data in a data processing system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

126 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links