System and method for access control for portable data storage media
First Claim
1. A system for accessing data by a user, comprising:
- processing means for processing said data;
a plurality of portable data storage means each of which includes data stored on certain ones of said plurality of portable data storage means includes portions selected by said user, said portable data storage means for storing said data in a manner requiring different access codes for accessing different data stored on said portable storage means by the user, wherein one of said access codes is a transmitted code, such transmitted to said user to provide access to said selected portions of said data stored on certain ones of said plurality of portable data storage means;
controller means in communication with said processor means for receiving a signal representative of one of said different access codes from a remote location and for sending a signal which enables access by said processor means to a selected portion of said data on said portable storage means using one of said access codes;
remote authorization means located at a location remote from said processor means and said controller means and in communication with the aforesaid means, said remote authorization means for transmitting said one access code signal to said controller means from said remote location in response to an authorization request signal sent by the user to said remote authorization means; and
wherein said plurality of data storage means includes update means cooperative with said transmitted access code for automatically generating updated access codes for access to previously unaccessible parts of said selected portions of said data on certain ones of said plurality of portable data storage means when electronic update counter conditions are met.
3 Assignments
0 Petitions
Accused Products
Abstract
The system and method of the present invention provides the support of high density removable media, such as CD-ROM or MO, to be used as a distributed media for storing data where access thereto is securely restricted. Through this system and method, the secure periodic distribution of several different sets of data information to the end user is achieved with access control selectively performed by at the user'"'"'s site through communication with the billing/access center. User billing is based on the purchase of the decryption access codes as indicated by the access code attributes encoded on the media. Access code availability is further controlled by selectively providing for updates of decryption access codes.
-
Citations
46 Claims
-
1. A system for accessing data by a user, comprising:
-
processing means for processing said data; a plurality of portable data storage means each of which includes data stored on certain ones of said plurality of portable data storage means includes portions selected by said user, said portable data storage means for storing said data in a manner requiring different access codes for accessing different data stored on said portable storage means by the user, wherein one of said access codes is a transmitted code, such transmitted to said user to provide access to said selected portions of said data stored on certain ones of said plurality of portable data storage means; controller means in communication with said processor means for receiving a signal representative of one of said different access codes from a remote location and for sending a signal which enables access by said processor means to a selected portion of said data on said portable storage means using one of said access codes; remote authorization means located at a location remote from said processor means and said controller means and in communication with the aforesaid means, said remote authorization means for transmitting said one access code signal to said controller means from said remote location in response to an authorization request signal sent by the user to said remote authorization means; and wherein said plurality of data storage means includes update means cooperative with said transmitted access code for automatically generating updated access codes for access to previously unaccessible parts of said selected portions of said data on certain ones of said plurality of portable data storage means when electronic update counter conditions are met. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 46)
-
-
11. A method for distributing data to a user comprising the steps of:
-
on a portable data storage unit, providing encrypted data, such requiring an access code to decrypt said data to provide access thereto wherein at least a portion of said encrypted data is correlated with a corresponding access code identifier for identifying access codes; delivering said portable data storage unit to said user; at a remote location, storing a plurality of access codes together with corresponding access code identifiers; at said remote location generating an authorization signal when particular access conditions are met, wherein said authorization signal causes one of said access codes to be transmitted to said user to enable said user to access a portion of said encrypted data by decrypting a portion of said encrypted data and wherein said access conditions include the receipt of one of said access code identifiers from said user; applying said access code to said encrypted data to decrypt a portion of said encrypted data; and processing said decrypted portion of said encrypted data. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method for distributing information in the form of data sets and providing access thereto, comprising the steps of:
-
encrypting said data sets so that different access codes are required to decrypt different portions of said data sets; correlating said data sets with access codes identifiers which identify particular access codes which will decrypt said data sets; writing said data sets onto a data storage means; remotely providing a data access controller with one of said different access codes to decrypt a selected one of said encrypted data sets in response to the receipt of one of said access code identifiers; transferring said data storage means from a first location to a second location wherein at said second location a data storage controller which is capable of applying said access codes to said data storage means is provided; said data access controller accessing said data sets written onto said data storage means; and wherein said access codes are further associated and stored with attributes defined in a manner which corresponds to particular to particular to particular properties of said data sets, both of which are transmitted to said data access controller in response to the receipt of one of said access code identifiers. - View Dependent Claims (24, 25, 26, 27)
-
-
28. A system for encrypting data, comprising:
-
receiving means for receiving said data; segmenting means in communication with said receiving means for segmenting said data into individual data sets; a memory medium in a first location in communication with said segmenting means, said memory medium including programming means stored thereon for encrypting said individual data sets and for assigning access code identifiers to said individual data sets, each of said access code identifiers associated with and used in identifying a particular access code for decrypting one of said individual data sets, said access code identifier for identifying said particular access code; processor means in communication with said memory medium for writing said encrypted individual data sets to a portable data storage means so that at least some of said individual data sets are stored in conjunction with access code identifiers on said portable storage means; and a remote access code distribution controller in communication with said memory medium for transferring a particular one of said access codes for use with a particular one of said portable data storage means upon receipt of one of said access code identifiers sent from a second location. - View Dependent Claims (29, 30, 31, 32, 33, 34)
-
-
35. A method for encrypting data sets to control access thereto, comprising the steps of:
-
defining attributes in a manner which corresponds to particular properties of said data sets; binding said attributes to access codes and storing them in a first location; encoding said data sets so they may be decrypted by said access codes when said access codes signals are applied to said data sets by a processor; storing said encoded data sets on portable data storage means; transferring said portable data storage means to a second location; and transmitting to said second location from said first location one of said access codes bound to one of said attributes. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43)
-
-
44. A data retrieval system for use by a user comprising a plurality of portable data storage means each of which includes data stored on certain ones of said plurality of portable data storage means including portions selected by said user, said selected portions on said certain portable storage means being accessible by a set of access codes, wherein one of said set of access codes is transmitted by a remote central processing unit to a user at a second location, such transmitted to said user to provide access to said selected portions of said data stored on certain ones of said plurality of portable data storage means;
- and
wherein said plurality of data storage means includes update means cooperative with said transmitted access code for automatically generating updated access codes for access to previously unaccessible parts of said selected portions of said data on certain ones of said plurality of portable data storage means when electronic update counter conditions are met. - View Dependent Claims (45)
- and
Specification