Encrypted data package record for use in remote transaction metered data system
First Claim
1. In a remote transaction metered data system including first and second terminals, for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, said database encrypted by dividing said data into a plurality of data packages, individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages, encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively, and having a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively, said first and second terminals being connected via a telecommunications link, a method at said first terminal comprising:
- selecting one of said plurality of encrypted data packages to form a selected data package and an associated encrypted data package header containing said data package cryptographic key encrypted under said database cryptographic key;
establishing a communication session between said first and second terminals over said telecommunications link;
transmitting a remote transaction request from said first terminal to said second terminal;
receiving a remote transaction approval from said second terminal at said first terminal; and
decrypting said selected data package.
0 Assignments
0 Petitions
Accused Products
Abstract
The disclosed system relates to metered use cryptographic systems, and particularly to a data package and system operation for effecting metered purchases of encrypted data from a local encrypted database. A local CD ROM encrypted database includes one or more data package records containing one or more message keys encrypted under a database key, and one or more data packages encrypted under said message keys. The user decrypts portions of the database, and the data used is metered locally and recorded as a stored data usage record. The local stored data usage record is reported by telephone modem or other telecommunications link from a remote user terminal, such as a host personal computer containing a remote cryptographic control unit, to a cryptographic operations center. A second embodiment of an encrypted database for use in accordance with the present invention includes a header containing a message key encrypted under said database key, one or more subunit message keys encrypted under said message key, and a subunit data package encrypted under each said subunit message key. The subunit message key is selected to save storage space. The present system further permits a remote transaction mode in which an on line purchase of data from the encrypted database is affected in real time. Flexible system mechanisms include controls over purchase price, start times and expiration times, permission to purchase data on line and off line, and a time window within which purchased data may be decrypted.
167 Citations
40 Claims
-
1. In a remote transaction metered data system including first and second terminals, for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, said database encrypted by dividing said data into a plurality of data packages, individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages, encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively, and having a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively, said first and second terminals being connected via a telecommunications link, a method at said first terminal comprising:
-
selecting one of said plurality of encrypted data packages to form a selected data package and an associated encrypted data package header containing said data package cryptographic key encrypted under said database cryptographic key; establishing a communication session between said first and second terminals over said telecommunications link; transmitting a remote transaction request from said first terminal to said second terminal; receiving a remote transaction approval from said second terminal at said first terminal; and decrypting said selected data package. - View Dependent Claims (2, 3, 4, 6, 7, 8, 9, 10, 11, 13, 14, 15)
-
-
5. A method in accordance with 1, wherein said step of establishing a communication session between said first and second terminals over said telecommunications link is performed responsive to a stored requirement of the vendor of said selected data package stored at said first terminal.
-
12. An apparatus in accordance with 1, wherein said means for establishing a communication session between said first and second terminals over said telecommunications link is responsive to a stored requirement of the vendor of said selected data package stored at said first terminal.
-
16. In a remote transaction metered data system including first and second terminals, for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, said database encrypted by dividing said data into a plurality of data packages, individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages, encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively, and having a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively, said first and second terminals being connected via a telecommunications link, a method at said second terminal comprising:
-
establishing a communication session between said first and second terminals over said telecommunications link; receiving a remote transaction request from said first terminal at said second terminal, said remote transaction request relating to a selected one of said plurality of encrypted data packages to form a selected data package and an associated encrypted data package header containing said data package cryptographic key encrypted under said database cryptographic key; and transmitting a remote transaction approval from said second terminal to said first terminal, to permit said first terminal to decrypt said selected data package. - View Dependent Claims (17, 18, 19)
-
-
20. In a remote transaction metered data system including first and second terminals, for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, said database encrypted by dividing said data into a plurality of data packages, individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages, encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively, and having a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively, said first and second terminals being connected via a telecommunications link, a system method comprising:
-
selecting one of said plurality of encrypted data packages to form a selected data package and an associated encrypted data package header containing said data package cryptographic key encrypted under said database cryptographic key; establishing a communication session between said first and second terminals over said telecommunications link; transmitting a remote transaction request from said first terminal to said second terminal; receiving said remote transaction request from said first terminal at said second terminal, said remote transaction request relating to said selected data package; transmitting a remote transaction approval from said second terminal to said first terminal, to permit said first terminal to decrypt said selected data package; receiving said remote transaction approval from said second terminal at said first terminal; and decrypting said selected data package. - View Dependent Claims (21, 22, 23, 25, 26, 27)
-
-
24. A method in accordance with 20, wherein said step of establishing a communication session between said first find second terminals over said telecommunications link is performed responsive to a stored requirement of the vendor of said selected data package stored at said first terminal.
-
28. In a remote transaction metered data system including first and second terminals, for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, said database encrypted by dividing said data into a plurality of data packages, individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages, encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively, and having a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively, said first and second terminals being connected via a telecommunications link, an apparatus at said first terminal comprising:
-
means for selecting one of said plurality of encrypted data packages to form a selected data package and an associated encrypted data package header containing said data package cryptographic key encrypted under said database cryptographic key; means for establishing a communication session between said first and second terminals over said telecommunications link; means for transmitting a remote transaction request from said first terminal to said second terminal; means for receiving a remote transaction approval from said second terminal at said first terminal; and means for decrypting said selected data package.
-
-
29. In a remote transaction metered data system including first and second terminals, for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, said database encrypted by dividing said data into a plurality of data packages, individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages, encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively, and having a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively, said first and second terminals being connected via a telecommunications link, an apparatus at said second terminal comprising:
-
means for establishing a communication session between said first and second terminals over said telecommunications link; means for receiving a remote transaction request from said first terminal at said second terminal, said remote transaction request relating to a selected one of said plurality of encrypted data packages to form a selected data package and an associated encrypted data package header containing said data package cryptographic key encrypted under said database cryptographic key; and means for transmitting a remote transaction approval from said second terminal to said first terminal, to permit said first terminal to decrypt said selected data package. - View Dependent Claims (30, 31, 32)
-
-
33. In a remote transaction metered data system including first and second terminals, for metered use of data from an encrypted database, said encrypted database having a database cryptographic key associated therewith for enabling said metered use of said encrypted database, said encrypted database being divided into separate encrypted portions individually available for separate purchase, said database encrypted by dividing said data into a plurality of data packages, individually encrypting each of said plurality of data packages under a respective plurality of data package cryptographic keys to form a plurality of encrypted data packages, encrypting each of said plurality of data package cryptographic keys under said database cryptographic key to form a plurality of encrypted data package cryptographic keys, each of said plurality of encrypted data package cryptographic keys associated with each said plurality of data packages respectively, and having a plurality of encrypted data package headers containing said data package cryptographic key encrypted under said database cryptographic key, each of said plurality of encrypted data package headers associated with each of said plurality of data packages respectively, said first and second terminals being connected via a telecommunications link, a system apparatus comprising:
-
means for selecting one of said plurality of encrypted data packages to form a selected data package and an associated encrypted data package header containing said data package cryptographic key encrypted under said database cryptographic key; means for establishing a communication session between said first and second terminals over said telecommunications link; means for transmitting a remote transaction request from said first terminal to said second terminal; means for receiving said remote transaction request from said first terminal at said second terminal, said remote transaction request relating to said selected data package; means for transmitting a remote transaction approval from said second terminal to said first terminal, to permit said first terminal to decrypt said selected data package; means for receiving said remote transaction approval from said second terminal at said first terminal; and means for decrypting said selected data package. - View Dependent Claims (34, 35, 36, 38, 39, 40)
-
-
37. An apparatus in accordance with 33, wherein said means for establishing a communication session between said first and second terminals over said telecommunications link is responsive to a stored requirement of the vendor of said selected data package stored at said first terminal.
Specification