Systems and methods for secure transaction management and electronic rights protection

US 20080148056A1
Filed: 10/30/2007
Published: 06/19/2008
Est. Priority Date: 02/13/1995
Status: Abandoned Application

First Claim

Patent Images

1. A computer-readable medium comprising program code, the program code being operable, when executed by an electronic appliance, to cause the electronic appliance to perform steps comprising:

using a first electronic budget to govern a first type of use of a piece of electronic content; and

using a second electronic budget to govern a second type of use of the piece of electronic content;

wherein the program code is resistant to tampering by a user of the electronic appliance.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.”

Citations

20 Claims

1. A computer-readable medium comprising program code, the program code being operable, when executed by an electronic appliance, to cause the electronic appliance to perform steps comprising:
- using a first electronic budget to govern a first type of use of a piece of electronic content; and
  
  using a second electronic budget to govern a second type of use of the piece of electronic content;
  
  wherein the program code is resistant to tampering by a user of the electronic appliance.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computer-readable medium of claim 1, in which the first type of use comprises viewing the piece of electronic content.
  - 3. The computer-readable medium of claim 2, in which the second type of use comprises printing the piece of electronic content.
  - 4. The computer-readable medium of claim 1, further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the step of:
    - using control information specifying a time-based limitation on access to or other use of the piece of electronic content to govern the first type of use of the piece of electronic content and the second type of use of the piece of electronic content.
  - 5. The computer-readable medium of claim 1, further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the steps of:
    - receiving the piece of electronic content in a secure electronic container; and
      
      receiving, separately from the piece of electronic content, the first electronic budget.

6. A method comprising:
- accessing a first record containing information directly or indirectly identifying components of a first component assembly, at least one of the components comprising a first load module including programming;
  
  checking a digital signature of the first record;
  
  securely assembling the components of the first component assembly to form at least a portion of the first component assembly; and
  
  executing at least some of the programming.
- View Dependent Claims (7, 8, 9, 10, 11, 12)
- - 7. The method of claim 6, further comprising:
    - accessing a second record containing information directly or indirectly identifying components of a second component assembly, at least one of the components comprising the first load module;
      
      checking a digital signature of the second record; and
      
      securely assembling the components of the second component assembly to form at least a portion of the second component assembly.
  - 8. The method of claim 6, in which the first component assembly is configured to perform at least one rights management task selected from the group consisting of:
    - metering use of protected content;
      
      maintaining a budget related to use of protected content;
      
      opening a secure electronic container comprising protected content; and
      
      auditing use of protected content.
  - 9. The method of claim 7, in which the first component assembly is configured to perform a first process and the second component assembly is configured to perform a second process that is different, at least in part, from the first process.
  - 10. The method of claim 6, in which the step of securely assembling the components of the first component assembly includes retrieving an encrypted component from an insecure storage medium, decrypting the component, and storing the component on a secure storage medium.
  - 11. The method of claim 10, in which the secure storage medium comprises random access memory of a secure processing unit.
  - 12. The method of claim 6, in which the first record includes one or more components of the first component assembly.

13. A method comprising:
- receiving a first electronic container, the first electronic container comprising an encrypted first content object, the first electronic container further comprising first control information specifying one or more permissions relating to access to or other use of the first content object, the first control information further comprising an encrypted first key for use in decrypting the first content object;
  
  using tamper-resistant software to decrypt the first key, use the first key to decrypt the first content object, and govern access to or other use of the first content object in accordance with the one or more permissions specified by the first control information;
  
  receiving a second electronic container, the second electronic container comprising an encrypted second content object or a reference thereto;
  
  receiving, separately from the second electronic container, second control information specifying one or more permissions relating to access to or other use of the second content object, the second control information further comprising an encrypted second key for use in decrypting the second content object; and
  
  using the tamper-resistant software to decrypt the second key, use the second key to decrypt the second content object, and govern access to or other use of the second content object in accordance with the one or more permissions specified by the second control information.
- View Dependent Claims (14)
- - 14. The method of claim 13, in which the second electronic container comprises a reference to the second content object, the reference comprising an identifier of a remote location at which the second content object is stored, the method further comprising:
    - obtaining the encrypted second content object from the remote location.

15. A method comprising:
- receiving a request for usage information at a first electronic appliance, the first electronic appliance comprising a protected processing environment for governing access to or other use of electronic content;
  
  validating that the request is from a trusted source;
  
  retrieving usage information related to access to or other use of one or more pieces of electronic content by the electronic appliance; and
  
  sending the usage information to a second electronic appliance, the second electronic appliance being located remotely from the first electronic appliance.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising:
    - receiving an acknowledgement from the second electronic appliance, the acknowledgement indicating receipt of the usage information;
      
      modifying or deleting the usage information on the first electronic appliance at least in part in response to having received the acknowledgement.
  - 17. The method of claim 15, further comprising:
    - encrypting and/or digitally signing the usage information prior to the sending step.
  - 18. The method of claim 16, further comprising:
    - determining that a predefined amount of time has transpired after sending the usage information, but before an acknowledgement has been received; and
      
      resending the usage information to the second electronic appliance.
  - 19. The method of claim 15, further comprising:
    - receiving a secure container comprising electronic content;
      
      receiving control information associated with the electronic content; and
      
      using the protected processing environment to apply the control information to govern access to or other use of the electronic content.
  - 20. The method of claim 19, further comprising:
    - recording, in accordance with the control information, usage information related to access to or other use of the electronic content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
David M. Van Wie, Francis J. Spahn, Karl L. Ginter, Victor H. Shear
Original Assignee
David M. Van Wie, Francis J. Spahn, Karl L. Ginter, Victor H. Shear
Inventors
Ginter, Karl L., Spahn, Francis J., Shear, Victor H., Van Wie, David M.

Application Number

US11/981,465
Publication Number

US 20080148056A1
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/16   Program or content traceabi...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2115   Third party

G06F 2221/2117   User registration

G06F 2221/2135   Metering

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2149   Restricted operating enviro...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 63/20   for managing network securi...

H04L 9/0891   Revocation or update of sec...

H04L 9/3247   involving digital signatures

H04N 21/25816   involving client authentica...

H04N 21/25875   involving end-user authenti...

H04N 21/454   Content or additional data ...

H04N 21/6334   for authorisation, e.g. by ...

Systems and methods for secure transaction management and electronic rights protection

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for secure transaction management and electronic rights protection

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links