Encrypted data package record for use in remote transaction metered data system

US 5,615,264 A
Filed: 06/08/1995
Issued: 03/25/1997
Est. Priority Date: 06/08/1995
Status: Expired due to Term

First Claim

Patent Images

1. In a cryptographic system for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, a method for encrypting said database comprising:

dividing said data into a plurality of data packages;

individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages;

encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively;

forming a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively;

storing said plurality of encrypted data packages in said encrypted database; and

storing each of said plurality encrypted data package headers containing said respective plurality of data package cryptographic keys in said database and associated with each of said respective plurality of data packages.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosed system relates to metered use cryptographic systems, and particularly to a data package and system operation for effecting metered purchases of encrypted data from a local encrypted database. A local CD ROM encrypted database includes one or more data package records containing one or more message keys encrypted under a database key, and one or more data packages encrypted under said message keys. The user decrypts portions of the database, and the data used is metered locally and recorded as a stored data usage record. The local stored data usage record is reported by telephone modem or other telecommunications link from a remote user terminal, such as a host personal computer containing a remote cryptographic control unit, to a cryptographic operations center. A second embodiment of an encrypted database for use in accordance with the present invention includes a header containing a message key encrypted under said database key, one or more subunit message keys encrypted under said message key, and a subunit data package encrypted under each said subunit message key. The subunit message key is selected to save storage space. The present system further permits a remote transaction mode in which an on line purchase of data from the encrypted database is affected in real time. Flexible system mechanisms include controls over purchase price, start times and expiration times, permission to purchase data on line and off line, and a time window within which purchased data may be decrypted.

317 Citations

8 Claims

1. In a cryptographic system for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, a method for encrypting said database comprising:
- dividing said data into a plurality of data packages;
  
  individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages;
  
  encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively;
  
  forming a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively;
  
  storing said plurality of encrypted data packages in said encrypted database; and
  
  storing each of said plurality encrypted data package headers containing said respective plurality of data package cryptographic keys in said database and associated with each of said respective plurality of data packages.
- View Dependent Claims (2, 3, 4)
- - 2. A method in accordance with claim 1, further comprising:
    - dividing at least one of said plurality of data packages into a plurality of subunit data packages, said one data package having one data package cryptographic key associated therewith;
      
      individually encrypting each of said plurality of subunit data packages under a respective plurality of subunit data package cryptographic keys to form a plurality of encrypted subunit data packages;
      
      encrypting each of said plurality of subunit data package cryptographic keys under said one data package cryptographic key to form a plurality of encrypted subunit data package cryptographic keys, each of said plurality of encrypted subunit data package cryptographic keys associated with each said plurality of subunit data packages respectively;
      
      forming a plurality of encrypted subunit data package headers containing a definition of said subunit data package cryptographic key encrypted under said one data package cryptographic key, each of said plurality of encrypted subunit data package headers associated with each of said plurality of subunit data packages respectively;
      
      storing said plurality of encrypted subunit data packages in said encrypted database; and
      
      storing each of said plurality encrypted subunit data package headers containing said respective plurality of subunit data package cryptographic keys in said database and associated with each of said respective plurality of data packages.
  - 3. A method in accordance with claim 2, wherein each subunit data package cryptographic key encrypted under said one data package cryptographic key is stored in said subunit header.
  - 4. A method in accordance with claim 2, wherein said subunit data package cryptographic key encrypted under said one data package cryptographic key is substantially equal to the respective address of said subunit data package in said encrypted database.

5. In a cryptographic system for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, an apparatus for encrypting said database comprising:
- means for dividing said data into a plurality of data packages;
  
  means for individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages;
  
  means for encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively;
  
  means for forming a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively;
  
  means for storing said plurality of encrypted data packages in said encrypted database; and
  
  means for storing each of said plurality encrypted data package headers containing said respective plurality of data package cryptographic keys in said database and associated with each of said respective plurality of data packages.
- View Dependent Claims (6, 7, 8)
- - 6. An apparatus in accordance with claim 5, further comprising:
    - means for dividing at least one of said plurality of data packages into a plurality of subunit data packages, said one data package having one data package cryptographic key associated therewith;
      
      means for individually encrypting each of said plurality of subunit data packages under a respective plurality of subunit data package cryptographic keys to form a plurality of encrypted subunit data packages;
      
      means for encrypting each of said plurality of subunit data package cryptographic keys under said one data package cryptographic key to form a plurality of encrypted subunit data package cryptographic keys, each of said plurality of encrypted subunit data package cryptographic keys associated with each said plurality of subunit data packages respectively;
      
      means for forming a plurality of encrypted subunit data package headers containing a definition of said subunit data package cryptographic key encrypted under said one data package cryptographic key, each of said plurality of encrypted subunit data package headers associated with each of said plurality of subunit data packages respectively;
      
      means for storing said plurality of encrypted subunit data packages in said encrypted database; and
      
      means for storing each of said plurality encrypted subunit data package headers containing said respective plurality of subunit data package cryptographic keys in said database and associated with each of said respective plurality of data packages.
  - 7. An apparatus in accordance with claim 6, wherein each subunit data package cryptographic key encrypted under said one data package cryptographic key is stored in said subunit header.
  - 8. An apparatus in accordance with claim 6, wherein said subunit data package cryptographic key encrypted under said one data package cryptographic key is substantially equal to the respective address of said subunit data package in said encrypted database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wave Systems Corporation
Original Assignee
Wave Systems Corporation
Inventors
Michener, John R., Kazmierczak, Gregory J., Smith, Kathryn M.
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/488,494
Time in Patent Office

656 Days
Field of Search

380/4, 380/9, 380/21, 380/23, 380/25, 380/43, 380/49, 380/50, 380/28, 380/29, 380/24, 380/54
US Class Current

705/52
CPC Class Codes

G06F 21/1078   Logging; Metering

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2107   File encryption

G06F 2221/2135   Metering

G06Q 20/085   involving remote charge det...

G06Q 20/401   Transaction verification

Encrypted data package record for use in remote transaction metered data system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

317 Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Encrypted data package record for use in remote transaction metered data system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

317 Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links