Systems and methods for secure transaction management and electronic rights protection

US 5,949,876 A
Filed: 01/08/1997
Issued: 09/07/1999
Est. Priority Date: 02/13/1995
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method for negotiating electronic contracts, comprising:

receiving a first control set from a remote site;

providing a second control set;

performing, within a protected processing environment, an electronic negotiation between said first control set and said second control set, including providing interaction between said first and second control sets; and

producing a negotiated control set resulting from said interaction between said first and second control sets.

View all claims

3 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the "electronic highway."

1142 Citations

375 Claims

1. A method for negotiating electronic contracts, comprising:
- receiving a first control set from a remote site;
  
  providing a second control set;
  
  performing, within a protected processing environment, an electronic negotiation between said first control set and said second control set, including providing interaction between said first and second control sets; and
  
  producing a negotiated control set resulting from said interaction between said first and second control sets.
- View Dependent Claims (10, 15, 17, 22, 23, 25, 26, 27, 52, 53, 54, 55, 83, 84, 85, 86, 87, 88, 113, 114, 115, 121, 128, 129, 142, 143, 144, 145, 146, 147, 148, 149, 159, 160, 169, 178, 179, 180, 191, 192, 193, 194, 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, 252, 253, 254, 255, 256, 257, 258, 259, 260, 261, 262, 263, 264, 265, 266, 327, 328, 341, 342, 343, 344)
- - 10. A method as in claim 1 in which said steps of receiving, providing, performing and producing occur within a Virtual Distribution Environment.
  - 15. A method as in claim 1 in which said first control set is received from a first remote site;
    - said second control set is received from a second remote site; and
      
      said performing step is produced at a third site which is different from the first remote site and the second remote site.
  - 17. A method as in claim 1 in which:
    - said first control set is generated by or for a first party distributor of protected information content;
      
      said second control set is generated by or for a second party which desires to use said protected information content;
      
      said electronic negotiation concerns the terms under which said second party will obtain the right to use said protected information content; and
      
      said negotiated control set includes terms under which said second party receives the right to use said protected information content.
  - 22. A method as in claim 1 in which said first control set includes terms which are desired but not required.
  - 23. A method as in claim 1 in which said first control set includes required terms.
  - 25. A method as in claim 1 in which said second control set includes required terms.
  - 26. A method as in claim 1 in which said second control set includes terms which are desired but not required.
  - 27. A method as in claim 26 in which said second control set includes required terms.
  - 52. A method as in claim 1 in which said first control set is contained in a first PERC.
  - 53. A method as in claim 52 in which said second control set is contained in a second PERC.
  - 54. A method as in claim 1 in which said negotiated control set is contained in a PERC.
  - 55. A method as in claim 1 in which said electronic negotiation is undertaken pursuant to rules contained in a third control set.
  - 83. A method as in claim 1 in which said first control set is made up of controls from at least a first and a second alternate groups of controls.
  - 84. A method as in claim 83 in which said first alternate group of controls includes controls which are shared with said second alternate group of controls and controls which are not shared with said second alternate group of controls.
  - 85. A method as in claim 84 in which said second control set is made up of controls from at least a third and a fourth alternate group of controls.
  - 86. A method as in claim 85 in which said third alternate group of controls includes controls which are shared with said fourth alternate group of controls and controls which are not shared with said fourth alternate group of controls.
  - 87. A method as in claim 83 in which said interaction between said first and second control sets includes a step wherein at least one of the alternate groups of controls from said first control set is selected.
  - 88. A method as in claim 85 in which said interaction between said first and second control sets includes a step wherein at least one of the alternate groups of controls from said second control set is selected.
  - 113. A method as in claim 1 in which said first control set, said second control set or said negotiated control set includes a REGISTER control.
  - 114. A method as in claim 1 in which said first control set, said second control set or said negotiated control set includes a WANT control.
  - 115. A method as in claim 1 in which said first control set, said second control set or said negotiated control set includes a REQUIRE control.
  - 121. A system as in claim 1 in which said first secure control set, said second secure control set or said electronic contract includes an AGREEMENT control.
  - 128. A method as in claim 1 further including the step of executing said negotiated control set within said protected processing environment.
  - 129. A method as in claim 128 further including the step of executing said negotiated control set within a second protected processing environment which is different from the protected processing environment within which said performing step occurs.
  - 142. A method as in claim 1 in which said negotiated control set is digitally signed.
  - 143. A method as in claim 1 in which said negotiated control set is digitally signed by said first control set.
  - 144. A method as in claim 143 in which said negotiated control set is digitally signed by said second control set.
  - 145. A method as in claim 1 in which said negotiated control set is digitally signed by a control set which carries out said electronic negotiation.
  - 146. A method as in claim 142 in which said digital signing is done through public key encryption.
  - 147. A system as in claim 142 further including means for digitally signing said third control set.
  - 148. A system as in claim 147 in which said means for digitally signing said third control set includes means for allowing said first secure control set to carry out said digital signing.
  - 149. A system as in claim 147 in which said means for digitally signing said third control set includes means for allowing said second secure control set to carry out said digital signing.
  - 159. A method as in claim 1 in which said negotiated control set includes controls containing human-language terms corresponding to at least certain of the machine-executable controls contained in said negotiated control set.
  - 160. A method as in claim 159 in which said human-language terms are contained in one or more data descriptor data structures.
  - 169. A method as in claim 1 in which said remote site contains a second protected processing environment.
  - 178. A method as in claim 1 in which said first protected processing environment contains a first secure processing unit.
  - 179. A method as in claim 178 in which said steps of performing and producing are carried out, at least in part, by said first secure processing unit.
  - 180. A method as in claim 178 in which said second protected processing environment contains a second secure processing unit.
  - 191. A method as in claim 1 in which said protected processing environment contains a software based tamper resistant barrier.
  - 192. A method as in claim 191 in which said steps of performing and producing are carried out, at least in part, within said software based tamper resistant barrier.
  - 193. A method as in claim 169 in which said first protected processing environment contains a first software based tamper resistant barrier.
  - 194. A method as in claim 193 in which said second protected processing environment contains a second software based tamper resistant barrier.
  - 202. A method as in claim 1 in which said first control set represents a negotiating position of a first party.
  - 203. A method as in claim 202 in which said first party is a clearinghouse.
  - 204. A method as in claim 202 in which said first party is a content provider.
  - 205. A method as in claim 202 in which said first party is a content distributor.
  - 206. A method as in claim 202 in which said first party is a content user.
  - 207. A method as in claim 202 in which said second control set represents a negotiating position of a second party.
  - 208. A method as in claim 207 in which said second party is a clearinghouse.
  - 209. A method as in claim 207 in which said second party is a content provider.
  - 210. A method as in claim 207 in which said second party is a content distributor.
  - 211. A method as in claim 207 in which said second party is a content user.
  - 252. A method as in claim 1 in which said first control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 253. A method as in claim 1 in which said first control set contains controls governing the price to be used for a transaction.
  - 254. A method as in claim 1 in which said first control set contains controls governing the auditing method to be used for a transaction.
  - 255. A method as in claim 1 in which said first control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 256. A method as in claim 1 in which said first control set contains controls governing the information to be disclosed in a transaction.
  - 257. A method as in claim 1 in which said second control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 258. A method as in claim 1 in which said second control set contains controls governing the price to be used for a transaction.
  - 259. A method as in claim 1 in which said second control set contains controls governing the auditing method to be used for a transaction.
  - 260. A method as in claim 1 in which said second control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 261. A method as in claim 1 in which said second control set contains controls governing the information to be disclosed in a transaction.
  - 262. A method as in claim 1 in which said negotiated control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 263. A method as in claim 1 in which said negotiated control set contains controls governing the price to be used for a transaction.
  - 264. A method as in claim 1 in which said negotiated control set contains controls governing the auditing method to be used for a transaction.
  - 265. A method as in claim 1 in which said negotiated control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 266. A method as in claim 1 in which said negotiated control set contains controls governing the information to be disclosed in a transaction.
  - 327. A method as in claim 1 in which said protected processing environment is located at a first site, and said first site includes an operating system based on or compatible with Microsoft Windows.
  - 328. A method as in claim 327 in which said step of performing and producing are carried out, at least in part, by software contained within said operating system.
  - 341. A method as in claim 1 further comprising said negotiated control set governing the use of digital information.
  - 342. A method as in claim 1 further comprising said negotiated control set governing the execution of at least one load module.
  - 343. A method as in claim 1 further comprising said negotiated control set governing the execution of at least one method.
  - 344. A method as in claim 1 further comprising said negotiated control set governing the execution of at least one other control set different from said first control set, said second control set and said negotiated control set.

2. A system for supporting electronic commerce including:
- means for creating a first secure control set at a first location;
  
  means for creating a second secure control set at a second location;
  
  means for securely communicating said first secure control set from said first location to said second location; and
  
  means at said second location for securely integrating said first and second control sets to produce at least a third control set comprising plural elements together comprising an electronic value chain extended agreement.
- View Dependent Claims (11, 18, 24, 28, 29, 30, 31, 32, 33, 56, 57, 58, 59, 60, 61, 62, 89, 90, 91, 92, 93, 94, 116, 117, 118, 130, 131, 132, 161, 162, 170, 171, 172, 181, 182, 183, 195, 196, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 267, 268, 269, 270, 271, 272, 273, 274, 275, 276, 277, 278, 279, 280, 281, 288, 289, 290, 291, 292, 293, 294, 329, 330, 331, 345, 346, 347, 348, 349, 350)
- - 11. A system as in claim 2 in which said first location and said second location are contained within a Virtual Distribution Environment.
  - 18. A system as in claim 2 in which:
    - said first secure control set includes controls generated at least in part by or for a first party distributor of protected information content;
      
      said second secure control set includes controls generated at least in part by or for a second party which desires to use said protected information content; and
      
      said third control set includes controls which govern terms under which said second party receives the right to use said protected information content.
  - 24. A method as in claim 2 in which said first control set includes required terms.
  - 28. A system as in claim 2 in which said first secure control set includes terms which are desired but not required.
  - 29. A system as in claim 2 in which said first secure control set includes required terms.
  - 30. A system as in claim 28 in which said first secure control set includes required terms.
  - 31. A system as in claim 2 in which said second secure control set includes terms which are desired but not required.
  - 32. A system as in claim 2 in which said second secure control set includes required terms.
  - 33. A system as in claim 31 in which said second secure control set includes required terms.
  - 56. A method as in claim 2 in which said third control set is contained in a PERC.
  - 57. A system as in claim 2 in which said first secure control set is contained in a first PERC.
  - 58. A system as in claim 57 in which said second secure control set is contained in a second PERC.
  - 59. A system as in claim 58 in which said third control set is contained in a third PERC.
  - 60. A system as in claim 2 in which said means for securely integrating said first and second control sets includes a fourth control set.
  - 61. A system as in claim 60 in which said fourth control set includes controls which govern said secure integration.
  - 62. A system as in claim 60 in which said fourth control set is contained in a PERC.
  - 89. A system as in claim 2 in which said first secure control set is made up of controls from at least two alternate groups of controls.
  - 90. A system as in claim 89 in which said at least two alternate groups of controls include controls which are uniquely in one of said groups, and shared controls which are present in more than one of said groups.
  - 91. A system as in claim 2 in which said second secure control set is made up of controls from at least two alternate groups of controls.
  - 92. A system as in claim 91 in which said at least two alternate groups of controls making up said second control set include controls which are uniquely in one of said groups, and shared controls which are present in more than one of said groups.
  - 93. A system as in claim 89 in which said means at said second location for securely integrating said first and second control sets includes means for selecting at least one of the alternate groups of controls from said first secure control set.
  - 94. A system as in claim 91 in which said means at said second location for securely integrating said first and second control sets includes means for selecting at least one of the alternate groups of controls from said second secure control set.
  - 116. A system as in claim 2 in which said first secure control set, said second secure control set or said third control set includes an ACCEPT control.
  - 117. A system as in claim 2 in which said first secure control set, said second secure control set or said third control set includes a REJECT control.
  - 118. A system as in claim 2 in which said first secure control set, said second secure control set or said third control set includes an OFFER control.
  - 130. A system as in claim 2 further including means for executing said third control set within a protected processing environment.
  - 131. A system as in claim 130 in which said protected processing environment is located at said second location.
  - 132. A system as in claim 130 in which said protected processing environment is located at a location other than said second location.
  - 161. A system as in claim 2 in which said third control set includes controls containing human-language terms corresponding to at least certain of the machine-executable controls contained in said third control set.
  - 162. A method as in claim 161 in which said human-language terms are contained in one or more data descriptor data structures.
  - 170. A system as in claim 2 in which said means for creating a first secure control set includes a protected processing environment.
  - 171. A system as in claim 2 in which said means for creating a second secure control set includes a protected processing environment.
  - 172. A system as in claim 2 in which said means at said second location for securely integrating includes a protected processing environment.
  - 181. A system as in claim 2 in which said means for creating a first secure control set includes a first secure processing unit.
  - 182. A system as in claim 181 in which said means for creating a second secure control set includes a second secure processing unit.
  - 183. A system as in claim 182 in which said means at said second location for securely integrating includes said second secure processing unit.
  - 195. A system as in claim 2 in which said first location contains a first software based tamper resistant barrier.
  - 196. A system as in claim 195 in which said second location contains a second software based tamper resistant barrier.
  - 212. A system as in claim 2 in which said first secure control set represents a negotiating position of a first party.
  - 213. A system as in claim 212 in which said first party is a clearinghouse.
  - 214. A system as in claim 212 in which said first party is a content provider.
  - 215. A system as in claim 212 in which said first party is a content distributor.
  - 216. A system as in claim 212 in which said first party is a content user.
  - 217. A system as in claim 212 in which said second control set represents a negotiating position of a second party.
  - 218. A method as in claim 217 in which said second party is a clearinghouse.
  - 219. A method as in claim 217 in which said second party is a content provider.
  - 220. A method as in claim 217 in which said second party is a content distributor.
  - 221. A method as in claim 217 in which said second party is a content user.
  - 267. A system as in claim 2 in which said first secure control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 268. A system as in claim 2 in which said first secure control set contains controls governing the price to be used for a transaction.
  - 269. A system as in claim 2 in which said first secure control set contains controls governing the auditing method to be used for a transaction.
  - 270. A system as in claim 2 in which said first secure control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 271. A system as in claim 2 in which said first secure control set contains controls governing the information to be disclosed in a transaction.
  - 272. A system as in claim 2 in which said second secure control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 273. A system as in claim 2 in which said second secure control set contains controls governing the price to be used for a transaction.
  - 274. A system as in claim 2 in which said second secure control set contains controls governing the auditing method to be used for a transaction.
  - 275. A system as in claim 2 in which said second secure control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 276. A system as in claim 2 in which said second secure control set contains controls governing the information to be disclosed in a transaction.
  - 277. A system as in claim 2 in which said third control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 278. A system as in claim 2 in which said third control set contains controls governing the price to be used for a transaction.
  - 279. A system as in claim 2 in which said third control set contains controls governing the auditing method to be used for a transaction.
  - 280. A system as in claim 2 in which said third control set contains governing the identity of the clearinghouse to be used for a transaction.
  - 281. A system as in claim 2 in which said third control set contains controls governing the information to be disclosed in a transaction.
  - 288. A system as in claim 2 in which said second secure control set contains controls governing the price to be used for a transaction.
  - 289. A system as in claim 2 in which said second secure control set contains controls governing the auditing method to be used for a transaction.
  - 290. A system as in claim 2 in which said second secure control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 291. A system as in claim 2 in which said second secure control set contains controls governing the information to be disclosed in a transaction.
  - 292. A system as in claim 2 in which said electronic contract contains controls governing the type of payment mechanism to be used for a transaction.
  - 293. A system as in claim 2 in which said electronic contract contains controls governing the price to be used for a transaction.
  - 294. A system as in claim 2 in which said electronic contract contains controls governing the auditing method to be used for a transaction.
  - 329. A system as in claim 2 in which said means for creating a first secure control set includes an operating system based on or compatible with Microsoft Windows.
  - 330. A system as in claim 2 in which said means for creating a second secure control set includes an operating system based on or compatible with Microsoft Windows.
  - 331. A system as in claim 2 in which said means at said second location for securely integrating said first and second control sets includes an operating system based on or compatible with Microsoft Windows.
  - 345. A system as in claim 2 further comprising means by which said third control set governs the use of digital information.
  - 346. A system as in claim 2 further comprising means by which said third control set governs the execution of at least one load module.
  - 347. A system as in claim 2 farther comprising means by which said third control set governs the execution of at least one method.
  - 348. A system as in claim 2 further comprising means by which said third control set governs the execution of at least one transaction.
  - 349. A system as in claim 2 further comprising means by which said third control set governs the execution of at least one procedure.
  - 350. A system as in claim 2 further comprising means by which said third control set governs the execution of at least one other control set different from said first control set, said second control set and said third control set.

3. A system for supporting electronic commerce including:
- means for creating a first secure control set at a first location;
  
  means for creating a second secure control set at a second location;
  
  means for securely communicating said first secure control set from said first location to said second location; and
  
  negotiation means at said second location for negotiating an electronic contract through secure execution of at least a portion of said first and second secure control sets.
- View Dependent Claims (4, 5, 12, 19, 34, 35, 36, 37, 38, 39, 63, 64, 65, 66, 67, 68, 69, 95, 96, 97, 98, 99, 100, 119, 120, 133, 134, 135, 150, 151, 152, 163, 164, 173, 174, 175, 184, 185, 186, 197, 198, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 282, 283, 284, 285, 286, 287, 295, 296, 332, 333, 334, 351, 352, 353, 354, 355, 356, 374)
- - 4. A system as in claim 3 further including means for controlling use by a user of protected information content based on at least a portion of said first and/or second control sets.
  - 5. A system as in claim 3 further including means for charging for at least a part of said content use.
  - 12. A system as in claim 3 in which said first location and said second location are contained within a Virtual Distribution Environment.
  - 19. A system as in claim 3 in which:
    - said first secure control set includes controls generated at least in part by or for a first party distributor of protected information content;
      
      said second secure control set includes controls generated at least in part by or for a second party which desires to use said protected information content; and
      
      said electronic contract includes controls which govern terms under which said second party receives the right to use said protected information content.
  - 34. A system as in claim 3 in which said first secure control set includes terms which are desired but not required.
  - 35. A system as in claim 3 in which said first secure control set includes required terms.
  - 36. A system as in claim 34 in which said first secure control set includes required terms.
  - 37. A system as in claim 3 in which said second secure control set includes terms which are desired but not required.
  - 38. A system as in claim 3 in which said second secure control set includes required terms.
  - 39. A system as in claim 38 in which said second secure control set includes required terms.
  - 63. A system as in claim 3 in which said first secure control set is contained in a PERC.
  - 64. A system as in claim 3 in which said second secure control set is contained in a PERC.
  - 65. A system as in claim 64 in which said negotiation means includes a third secure control set.
  - 66. A system as in claim 65 in which said third secure control set is contained in a PERC.
  - 67. A system as in claim 66 in which said third secure control set includes controls which govern said negotiating of said electronic contract.
  - 68. A system as in claim 66 in which said electronic contract consists of a fourth secure control set.
  - 69. A system as in claim 68 in which said fourth secure control set is contained in a PERC.
  - 95. A system as in claim 3 in which said first secure control set is made up of controls from at least two alternate groups of controls.
  - 96. A system as in claim 95 in which said at least two alternate groups of controls include controls which are uniquely in one of said groups, and shared controls which are present in more than one of said groups.
  - 97. A system as in claim 3 in which said second secure control set is made up of controls from at least two alternate groups of controls.
  - 98. A system as in claim 97 in which said at least two alternate groups of controls making up said second secure control set include controls which are uniquely in one of said groups, and shared controls which are present in more than one of said groups.
  - 99. A system as in claim 95 in which said negotiation means includes means for selecting at least one of the alternate groups of controls from said first secure control set.
  - 100. A system as in claim 97 in which said negotiation means includes means for selecting at least one of the alternate groups of controls from said second secure control set.
  - 119. A system as in claim 3 in which said first secure control set, said second secure control set, or said electronic contract includes a HAVE control.
  - 120. A system as in claim 3 in which said first secure control set, said second secure control set, or said electronic contract includes a QUIT control.
  - 133. A system as in claim 3 further including means for executing said electronic contract within a protected processing environment.
  - 134. A system as in claim 133 in which said protected processing environment is located at said second location.
  - 135. A system as in claim 133 in which said protected processing environment is located at a location other than said second location.
  - 150. A system as in claim 3 further including means for digitally signing said electronic contract.
  - 151. A system as in claim 150 in which said means for digitally signing said electronic contract includes means for allowing said first secure control set to carry out said digitally signing.
  - 152. A system as in claim 150 in which said means for digitally signing said electronic contract includes means for allowing said second secure control set to carry out said digitally signing.
  - 163. A system as in claim 3 in which said electronic contract includes controls containing human-language terms corresponding to at least certain of the machine-executable controls contained in said electronic contract.
  - 164. A method as in claim 163 in which said human-language terms are contained in one or more data descriptor data structures.
  - 173. A system as in claim 3 in which said means for creating a first secure control set includes a protected processing environment.
  - 174. A system as in claim 3 in which said means for creating a second secure control set includes a protected processing environment.
  - 175. A system as in claim 3 in which said negotiation means includes a protected processing environment.
  - 184. A system as in claim 3 in which said means for creating a first secure control set includes a secure processing unit.
  - 185. A system as in claim 3 in which said means for creating a second secure control set includes a secure processing unit.
  - 186. A system as in claim 3 in which said negotiating means includes a secure processing unit.
  - 197. A system as in claim 3 in which said first location contains a first software based tamper resistant barrier.
  - 198. A system as in claim 3 in which said second location contains a second software based tamper resistant barrier.
  - 222. A system as in claim 3 in which said first secure control set represents a negotiating position of a first party.
  - 223. A system as in claim 222 in which said first party is a clearinghouse.
  - 224. A system as in claim 222 in which said first party is a content provider.
  - 225. A system as in claim 222 in which said first party is a content distributor.
  - 226. A system as in claim 222 in which said first party is a content user.
  - 227. A system as in claim 222 in which said second control set represents a negotiating position of a second party.
  - 228. A method as in claim 227 in which said second party is a clearinghouse.
  - 229. A method as in claim 227 in which said second party is a content provider.
  - 230. A method as in claim 227 in which said second party is a content distributor.
  - 231. A method as in claim 227 in which said second party is a content user.
  - 282. A system as in claim 3 in which said first secure control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 283. A system as in claim 3 in which said first secure control set contains controls governing the price to be used for a transaction.
  - 284. A system as in claim 3 in which said first secure control set contains controls governing the auditing method to be used for a transaction.
  - 285. A system as in claim 3 in which said first secure control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 286. A system as in claim 3 in which said first secure control set contains controls governing the information to be disclosed in a transaction.
  - 287. A system as in claim 3 in which said second secure control set contains controls the type of payment mechanism to be used for a transaction.
  - 295. A system as in claim 3 in which said electronic contract contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 296. A system as in claim 3 in which said electronic contract contains controls governing the information to be disclosed in a transaction.
  - 332. A system as in claim 3 in which said means for creating a first secure control set includes an operating system based on or compatible with Microsoft Windows.
  - 333. A system as in claim 3 in which said means for creating a second secure control set includes an operating system based on or compatible with Microsoft Windows.
  - 334. A system as in claim 3 in which said negotiation means includes an operating system based on or compatible with Microsoft Windows.
  - 351. A system as in claim 3 further comprising means by which said electronic contract governs the use of digital information.
  - 352. A system as in claim 3 further comprising means by which said electronic contract governs the execution of at least one load module.
  - 353. A system as in claim 3 further comprising means by which said electronic contract governs the execution of at least one method.
  - 354. A system as in claim 3 further comprising means by which said electronic contract governs the execution of at least one transaction.
  - 355. A system as in claim 3 further comprising means by which said electronic contract governs the execution of at least one procedure.
  - 356. A system as in claim 3 further comprising means by which said electronic contract governs the execution of a third control set different from said first control set and said second control set.
  - 374. A system as in claim 3 in which said electronic contract is contained, at least in part, in a User Rights Table.

6. A system for negotiating electronic contracts, comprising:
- a storage arrangement that stores a first control set received from a remote site, and stores a second control set;
  
  a protected processing environment, coupled to said storage arrangement, that;
  
  (a) performs an electronic negotiation between said first control set and said second control set,(b) provides interaction between said first and second control sets, and(c) produces a negotiated control set resulting from said interaction between said first and second control sets.
- View Dependent Claims (7, 8, 13, 16, 20, 40, 41, 42, 43, 44, 45, 70, 71, 72, 73, 74, 75, 101, 102, 103, 104, 105, 106, 122, 123, 124, 136, 137, 153, 154, 155, 165, 166, 187, 199, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 297, 298, 299, 300, 301, 302, 303, 304, 305, 306, 307, 308, 309, 310, 311, 335, 357, 358, 359, 360, 361, 362)
- - 7. A system as in claim 6 further including means for electronically enforcing said negotiated control set.
  - 8. A system as in claim 6 further including means for generating an electronic contract based on said negotiated control set.
  - 13. A system as in claim 6 in which said protected processing environment is contained within a Virtual Distribution Environment.
  - 16. A system as in claim 6 in which said second control set is received from a second remote site;
    - andsaid protected processing environment is located at a third site which is different from said remote site and said second remote site.
  - 20. A system as in claim 6 in which:
    - said first control set includes controls generated at least in part by or for a first party distributor of protected information content;
      
      said second control set includes controls generated at least in part by or for a second party which desires to use said protected information content; and
      
      said negotiated control set includes controls which govern terms under which said second party receives the right to use said protected information content.
  - 40. A system as in claim 6 in which said first control set includes terms which are desired but not required.
  - 41. A system as in claim 6 in which said first control set includes required terms.
  - 42. A system as in claim 40 in which said first control set includes required terms.
  - 43. A system as in claim 6 in which said second control set includes terms which are desired but not required.
  - 44. A system as in claim 6 in which said second control set includes required terms.
  - 45. A system as in claim 43 in which said second control set includes required terms.
  - 70. A system as in claim 6 in which said first control set is contained in a PERC.
  - 71. A system as in claim 70 in which said second control set is contained in a PERC.
  - 72. A system as in claim 71 in which said protected processing environment contains a third control set.
  - 73. A system as in claim 72 in which said third control set is contained in a PERC.
  - 74. A system as in claim 72 in which said third control set includes controls which govern said electronic negotiation.
  - 75. A system as in claim 70 in which said negotiated control set is contained in a PERC.
  - 101. A system as in claim 6 in which said first control set is made up of controls from at least two alternate groups of controls.
  - 102. A system as in claim 101 in which said at least two alternate groups of controls include controls which are uniquely in one of said groups, and shared controls which are present in more than one of said groups.
  - 103. A system as in claim 6 in which said second control set is made up of controls from at least two alternate groups of controls.
  - 104. A system as in claim 103 in which said at least two alternate groups of controls making up said second control set include controls which are uniquely in one of said groups, and shared controls which are present in more than one of said groups.
  - 105. A system as in claim 6 in which said protected processing environment selects at least one of the alternate groups of controls from said first control set.
  - 106. A system as in claim 8 in which said protected processing environment selects at least one of the alternate groups of controls from said second control set.
  - 122. A system as in claim 6 in which said first control set or said second set includes a WANT control and a REQUIRE control.
  - 123. A system as in claim 6 in which said first control set or said second set includes a REGISTER control and a WANT control.
  - 124. A system as in claim 6 in which said negotiated control set includes an AGREEMENT control.
  - 136. A system as in claim 6 in which said negotiated control set is executed in said protected processing environment.
  - 137. A system as in claim 6 in which said negotiated control set is executed in a second protected processing environment.
  - 153. A system as in claim 6 in which said protected processing environment digitally signs said negotiated control set.
  - 154. A system as in claim 153 in which said protected processing environment digitally signs said negotiated control set using a digital signature created or supplied by said first control set.
  - 155. A system as in claim 153 in which said protected processing environment digitally signs said negotiated control set using a digital signature created or supplied by said second control set.
  - 165. A system as in claim 6 in which said negotiated control set includes controls containing human-language terms corresponding to at least certain of the machine-executable controls contained in said negotiated control set.
  - 166. A method as in claim 165 in which said human-language terms are contained in one or more data descriptor data structures.
  - 187. A system as in claim 6 in which said protected processing environment includes a secure processing unit.
  - 199. A system as in claim 6 in which said protected processing environment includes a software based tamper resistant barrier.
  - 232. A system as in claim 6 in which said first control set represents a negotiating position of a first party.
  - 233. A system as in claim 232 in which said first party is a clearinghouse.
  - 234. A system as in claim 232 in which said first party is a content provider.
  - 235. A system as in claim 232 in which said first party is a content distributor.
  - 236. A system as in claim 232 in which said first party is a content user.
  - 237. A system as in claim 232 in which said second control set represents a negotiating position of a second party.
  - 238. A method as in claim 237 in which said second party is a clearinghouse.
  - 239. A method as in claim 237 in which said second party is a content provider.
  - 240. A method as in claim 237 in which said second party is a content distributor.
  - 241. A method as in claim 237 in which said second party is a content user.
  - 297. A system as in claim 6 in which said first control set contains controls the type of payment mechanism to be used for a transaction.
  - 298. A system as in claim 6 in which said first control set contains controls governing the price to be used for a transaction.
  - 299. A system as in claim 6 in which said first control set contains controls governing the auditing method to be used for a transaction.
  - 300. A system as in claim 6 in which said first control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 301. A system as in claim 6 in which said first control set contains controls governing the information to be disclosed in a transaction.
  - 302. A system as in claim 6 in which said second control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 303. A system as in claim 6 in which said second control set contains controls governing the price to be used for a transaction.
  - 304. A system as in claim 6 in which said second control set contains controls governing the auditing method to be used for a transaction.
  - 305. A system as in claim 6 in which said second control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 306. A system as in claim 6 in which said second control set contains controls governing the information to be disclosed in a transaction.
  - 307. A system as in claim 6 in which said negotiated control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 308. A system as in claim 6 in which said negotiated control set contains controls governing the price to be used for a transaction.
  - 309. A system as in claim 6 in which said negotiated control set contains controls governing the auditing method to be used for a transaction.
  - 310. A system as in claim 6 in which said negotiated control set contains controls governing the identity of the clearinghouse to be used for a transaction.
  - 311. A system as in claim 6 in which said negotiated control set contains controls governing the information to be disclosed in a transaction.
  - 335. A system as in claim 6 in which said protected processing environment includes an operating system based on or compatible with Microsoft Windows.
  - 357. A system as in claim 6 further comprising means by which said negotiated control set governs the use of digital information.
  - 358. A system as in claim 6 further comprising means by which said negotiated control set governs the execution of at least one load module.
  - 359. A system as in claim 6 further comprising means by which said negotiated control set governs the execution of at least one method.
  - 360. A system as in claim 6 further comprising means by which said negotiated control set governs the execution of at least one transaction.
  - 361. A system as in claim 6 further comprising means by which said negotiated control set governs the execution of at least one procedure.
  - 362. A system as in claim 6 further comprising means by which said negotiated control set governs the execution of a third control set different from said first control set and said second control set.

9. A method for supporting electronic commerce including:
- creating a first secure control set at a first location;
  
  creating a second secure control set at a second location;
  
  securely communicating said first secure control set from said first location to said second location; and
  
  electronically negotiating, at said second location, an electronic contract, including the step of securely executing at least a portion of said first and second secure control sets.
- View Dependent Claims (14, 21, 46, 47, 50, 76, 77, 78, 79, 80, 81, 82, 107, 108, 109, 110, 111, 112, 125, 126, 127, 138, 139, 140, 141, 156, 157, 158, 167, 168, 176, 177, 188, 189, 190, 200, 201, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 312, 313, 314, 315, 316, 317, 318, 319, 320, 321, 322, 323, 324, 325, 326, 336, 337, 338, 339, 340, 363, 364, 365, 366, 367, 368, 375)
- - 14. A method as in claim 9 in which said first location and said second location are contained within a Virtual Distribution Environment.
  - 21. A method as in claim 9 in whichsaid first secure control set includes controls generated at least in part by or for a first party distributor of protected information content;
    - said second secure control set includes controls generated at least in part by or for a second party which desires to use said protected information content; and
      
      said electronic contract includes controls which govern terms under which said second party receives the right to use said protected information content.
  - 46. A method as in claim 9 in which said first secure control set includes terms which are desired but not required.
  - 47. A method as in claim 9 in which said first secure control set includes required terms.
  - 50. A method as in claim 9 in which said second secure control set includes required terms.
  - 76. A method as in claim 9 in which said first secure control set is contained in a PERC.
  - 77. A method as in claim 9 in which said second secure control set is contained in a PERC.
  - 78. A method as in claim 9 in which said second location contains a third secure control set.
  - 79. A method as in claim 78 in which said third secure control set is contained in a PERC.
  - 80. A method as in claim 78 in which said third secure control set contains controls which govern, at least in part, said step of electronically negotiating an electronic contract.
  - 81. A method as in claim 78 in which said electronic contract consists of a fourth secure control set.
  - 82. A method as in claim 81 in which said fourth secure control set is contained in a PERC.
  - 107. A method as in claim 9 in which said first secure control set is made up of controls from at least two alternate groups of controls.
  - 108. A method as in claim 107 in which said at least two alternate groups of controls include controls which are uniquely in one of said groups, and shared controls which are present in more than one of said groups.
  - 109. A method as in claim 9 in which said second secure control set is made up of controls from at least two alternate groups of controls.
  - 110. A method as in claim 109 in which said at least two alternate groups of controls making up said second secure control set include controls which are uniquely in one of said groups, and shared controls which are present in more than one of said groups.
  - 111. A method as in claim 107 in which said step of electronically negotiating includes a step of selecting at least one of the alternate groups of controls from said first secure control set.
  - 112. A method as in claim 109 in which said step of electronically negotiating includes a step of selecting at least one of the alternate groups of controls from said second secure control set.
  - 125. A method as in claim 9 in which said first secure control set includes a REGISTER control and an OFFER control.
  - 126. A method as in claim 9 in which said second secure control set includes an OFFER control and a HAVE control.
  - 127. A method as in claim 9 in which said electronic contract includes a REGISTER control and an AGREEMENT control.
  - 138. A method as in claim 9 further including the step of executing said electronic contract.
  - 139. A method as in claim 138 in which said step of executing said electronic contract occurs in a protected processing environment.
  - 140. A method as in claim 139 in which said protected processing environment is located at said second location.
  - 141. A method as in claim 138 in which said protected processing environment is located at a location other than said second location.
  - 156. A method as in claim 9 further including digitally signing said electronic contract.
  - 157. A method as in claim 156 in which said step of digitally signing said electronic contract is carried out using a digital signature created or supplied at least in part by said first secure control set.
  - 158. A method as in claim 156 in which said step of digitally signing said electronic contract is carried out using a digital signature created or supplied at least in part by said second secure control set.
  - 167. A method as in claim 9 in which said electronic contract includes controls containing human-language terms corresponding to at least certain of the machine-executable controls contained in said electronic contract.
  - 168. A method as in claim 167 in which said human-language terms are contained in one or more data descriptor data structures.
  - 176. A method as in claim 9 in which said first location includes a protected processing environment.
  - 177. A method as in claim 9 in which said second location includes a protected processing environment.
  - 188. A method as in claim 9 in which said first location contains a secure processing unit.
  - 189. A method as in claim 188 in which said second location contains a second secure processing unit.
  - 190. A method as in claim 189 in which said step of securely executing at least a portion of said first and second secure control sets is performed at least in part using said second secure processing unit.
  - 200. A method as in claim 9 in which said first location contains a first software based tamper resistant barrier.
  - 201. A method as in claim 200 in which said second location contains a second software based tamper resistant barrier.
  - 242. A method as in claim 9 in which said first secure control set represents a negotiating position of a first party.
  - 243. A method as in claim 242 in which said first party is a clearinghouse.
  - 244. A method as in claim 242 in which said first party is a content provider.
  - 245. A method as in claim 242 in which said first party is a content distributor.
  - 246. A method as in claim 242 in which said first party is a content user.
  - 247. A method as in claim 242 in which said second control set represents a negotiating position of a second party.
  - 248. A method as in claim 247 in which said second party is a clearinghouse.
  - 249. A method as in claim 247 in which said second party is a content provider.
  - 250. A method as in claim 247 in which said second party is a content distributor.
  - 251. A method as in claim 247 in which said second party is a content user.
  - 312. A method as in claim 9 in which said first secure control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 313. A method as in claim 9 in which said first secure control set contains controls governing the price to be used for a transaction.
  - 314. A method as in claim 9 in which said first secure control set contains controls governing the auditing method to be used for a transaction.
  - 315. A method as in claim 9 in which said first secure control set governing the identity of the clearinghouse to be used for a transaction.
  - 316. A method as in claim 9 in which said first secure control set contains controls governing the information to be disclosed in a transaction.
  - 317. A method as in claim 9 in which said second secure control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 318. A method as in claim 9 in which said second secure control set contains controls governing the price to be used for a transaction.
  - 319. A method as in claim 9 in which said second secure control set contains controls governing the auditing method to be used for a transaction.
  - 320. A method as in claim 9 in which said second secure control set governing the identity of the clearinghouse to be used for a transaction.
  - 321. A method as in claim 9 in which said second secure control set contains controls governing the information to be disclosed in a transaction.
  - 322. A method as in claim 9 in which said negotiated control set contains controls governing the type of payment mechanism to be used for a transaction.
  - 323. A method as in claim 9 in which said negotiated control set contains controls governing the price to be used for a transaction.
  - 324. A method as in claim 9 in which said negotiated control set contains controls governing the auditing method to be used for a transaction.
  - 325. A method as in claim 9 in which said negotiated control set governing the identity of the clearinghouse to be used for a transaction.
  - 326. A method as in claim 9 in which said negotiated control set contains controls governing the information to be disclosed in a transaction.
  - 336. A method as in claim 9 in which said first location includes a first operating system based on or compatible with Microsoft Windows.
  - 337. A method as in claim 336 in which said second location includes a second operating system based on or compatible with Microsoft Windows.
  - 338. A method as in claim 336 in which said step of creating a first secure control is carried out at least in part by software incorporated in said first operating system.
  - 339. A method as in claim 337 in which said step of creating a second secure control is carried out at least in part by software incorporated in said second operating system.
  - 340. A method as in claim 337 in which said step of electronically negotiating is carried out at least in part by software incorporated in said second operating system.
  - 363. A method as in claim 9 further comprising said electronic contract governing the use of digital information.
  - 364. A method as in claim 9 further comprising said electronic contract governing the execution of at least one load module.
  - 365. A method as in claim 9 further comprising said electronic contract governing the execution of at least one method.
  - 366. A method as in claim 9 further comprising said electronic contract governing the execution of at least one transaction.
  - 367. A method as in claim 9 further comprising said electronic contract governing the execution of at least one procedure.
  - 368. A method as in claim 9 further comprising said electronic contract governing the execution of at least one other control set different from said first control set, said second control set and said negotiated control set.
  - 375. A method as in claim 9 in which said electronic contract is contained, at least in part, in a User Rights Table.

48. A method as in 46 in which said first secure control set includes required terms.

49. A method as in 9 in which said second secure control set includes terms which are desired but not required.
- View Dependent Claims (51)
- - 51. A method as in claim 49 in which said second secure control set includes required terms.

369. A method for securely managing electronic negotiations related to electronic commerce value chain activities including:
- employing a first protected processing environment to securely specify rules and/or controls for managing an electronic commerce process;
  
  securely making said specified rules and/or controls available to a second protected processing environment, located remotely from said first protected processing environment;
  
  employing said second protected processing environment to further securely specify rules and/or controls for managing at least one commerce process related to the common commercial interests of at least two parties;
  
  employing said second protected processing environment to securely electronically negotiate at least one aggregate rules and/or controls set representing the electronic interests of said at least two parties; and
  
  employing a protected processing environment to manage said electronic commerce process consistent with at least a portion of said aggregate rules and/or controls set.

370. A system for securely managing electronic negotiations related to electronic commerce value chain activities including:
- a first protected processing environment associated with a first party, for securely specifying rules and/or controls for managing an electronic commerce process, and for securely making said specified rules and/or controls available to a second party;
  
  a second protected processing environment associated with a second party different from said first party, forfurther securely specifying rules and/or controls, including means for managing at least one commerce process related to the common commercial interests of said first party and said second party;
  
  securely electronically negotiating at least one aggregate rules and/or controls set representing the electronic interests of both said first party and said second party; and
  
  managing said electronic commerce process consistent with said at least a portion of said aggregate rules and/or controls set.

371. A system for negotiating electronic contracts, comprising:
- a storage arrangement that stores a first control set received from a remote site, and stores a second control set;
  
  a protected processing environment, coupled to said storage arrangement, that;
  
  performs an electronic negotiation between said first control set and said second control set,provides interaction between said first and second control sets, andproduces negotiated control information resulting from said interaction between said first and second control sets.
- View Dependent Claims (372, 373)
- - 372. A system as in claim 371 further including means for electronically enforcing said negotiated control set.
  - 373. A system as in claim 371 further including means for generating an electronic contract based on said negotiated control set.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Ginter, Karl L., Spahn, Francis J., Shear, Victor H., Van Wie, David M.
Primary Examiner(s)
Barron, Jr., Gilberto

Application Number

US08/778,256
Time in Patent Office

972 Days
Field of Search

395/237, 395/241, 380/4, 380/16, 380/49, 380/24, 705/39
US Class Current

705/80
CPC Class Codes

G06F 21/109   by using specially-adapted ...

G06F 21/16   Program or content traceabi...

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/6209   to a single file or object,...

G06F 21/71   to assure secure computing ...

G06F 21/86   Secure or tamper-resistant ...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2135   Metering

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2151   Time stamp

G06Q 10/087   Inventory or stock manageme...

G06Q 20/02   involving a neutral party, ...

G06Q 20/023   the neutral party being a c...

G06Q 20/04   Payment circuits

G06Q 20/085   involving remote charge det...

G06Q 20/10   specially adapted for elect...

G06Q 20/102   Bill distribution or payments

G06Q 20/12   specially adapted for elect...

G06Q 20/123 : Shopping for digital content

G06Q 20/1235 : with control of digital rig...

G06Q 20/14 : specially adapted for billi...

G06Q 20/24 : Credit schemes, i.e. "pay a...

G06Q 20/306 : using TV related infrastruc...

G06Q 20/308 : using the Internet of Things

G06Q 2220/16 : Copy protection or prevention

G06Q 30/0273 : Determination of fees for a...

G06Q 30/0283 : Price estimation or determi...

G06Q 30/06 : Buying, selling or leasing ...

G06Q 30/0601 : Electronic shopping [e-shop...

G06Q 30/0609 : Buyer or seller confidence ...

G06Q 40/02 : Banking, e.g. interest calc...

G06Q 40/04 : Trading; Exchange, e.g. sto...

G06Q 40/12 : Accounting

G06Q 50/184 : Intellectual property manag...

G06Q 50/188 : Electronic negotiation

G06T 1/0021 : Image watermarking

G07F 9/026 : for alarm, monitoring and a...

H04L 2209/56 : Financial cryptography, e.g...

H04L 2209/60 : Digital content management,...

H04L 2463/101 : applying security measures ...

H04L 2463/102 : applying security measure f...

H04L 2463/103 : applying security measure f...

H04L 63/02 : for separating internal fro...

H04L 63/04 : for providing a confidentia...

H04L 63/0428 : wherein the data content is...

H04L 63/0435 : wherein the sending and rec...

H04L 63/0442 : wherein the sending and rec...

H04L 63/08 : for authentication of entit...

H04L 63/0823 : using certificates cryptogr...

H04L 63/083 : using passwords cryptograph...

H04L 63/10 : for controlling access to d...

H04L 63/12 : Applying verification of th...

H04L 63/123 : received data contents, e.g...

H04L 63/16 : Implementing security featu...

H04L 63/168 : above the transport layer

H04L 63/20 : for managing network securi...

H04L 9/006 : involving public key infras...

H04L 9/0819 : Key transport or distributi...

H04L 9/0838 : Key agreement, i.e. key est...

H04L 9/0861 : Generation of secret inform...

H04L 9/3218 : using proof of knowledge, e...

H04L 9/3247 : involving digital signatures

H04L 9/3263 : involving certificates, e.g...

H04N 2005/91364 : the video signal being scra...

H04N 21/2347 : involving video stream encr...

H04N 21/23476 : by partially encrypting, e....

H04N 21/235 : Processing of additional da...

H04N 21/2362 : Generation or processing of...

H04N 21/2541 : Rights Management protectin...

H04N 21/2543 : Billing , e.g. for subscrip...

H04N 21/2547 : Third Party Billing, e.g. b...

H04N 21/25875 : involving end-user authenti...

H04N 21/4143 : embedded in a Personal Comp...

H04N 21/42646 : for reading from or writing...

H04N 21/4325 : by playing back content fro...

H04N 21/4345 : Extraction or processing of...

H04N 21/435 : Processing of additional da...

H04N 21/4405 : involving video stream decr...

H04N 21/44204 : Monitoring of content usage...

H04N 21/443 : OS processes, e.g. booting ...

H04N 21/4627 : Rights management associate...

H04N 21/4753 : for user identification, e....

H04N 21/6581 : Reference data, e.g. a movi...

H04N 21/8166 : involving executable data, ...

H04N 21/835 : Generation of protective da...

H04N 21/8355 : involving usage data, e.g. ...

H04N 21/83555 : using a structured language...

H04N 21/8358 : involving watermark protect...

H04N 5/913 : for scrambling ; for copy p...

H04N 7/162 : Authorising the user termin...

H04N 7/163 : by receiver means only

H04N 7/17309 : Transmission or handling of...

View All

Systems and methods for secure transaction management and electronic rights protection

First Claim

3 Assignments

Litigations

0 Petitions

Accused Products

Abstract

1142 Citations

375 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for secure transaction management and electronic rights protection

First Claim

3 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

1142 Citations

375 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links