Data management system

US 5,974,141 A
Filed: 10/18/1996
Issued: 10/26/1999
Est. Priority Date: 03/31/1995
Status: Expired due to Term

First Claim

Patent Images

1. A system for managing digital data to be transferred from an owner of data to a user of data via a communication network, whereby:

secret-key, public-key, private-key, owner label, user label and data label are used in the data management system;

a data management center is linked to a public-key storage and a secret-key generator and is arranged on said communication network;

said data management center certifies public-keys of said owner and said user, and stores said owner label, said user label and said data label;

said owner presents said owner label and data label, and requests a secret-key for data encryption to said data management center;

said data management center prepares a data label fingerprint from said data label, and distributes secret-key for encryption which is encrypted by using said public-key of owner together with said data label fingerprint, to said owner;

said owner encrypts the data using said secret-key which is decrypted by using private-key of said owner, and transfers said encrypted data, said data label and said data label fingerprint to a first user;

said first user presents user label of said first user, said data label and said data label fingerprint, and requests a secret-key for decrypting said encrypted data and a secret-key for re-encrypting said data which is decrypted, to said data management center;

said data management center confirms validity of said data label by said data label fingerprint, registers said user label of first user, and distributes said secret-key for decrypting encrypted data and said secret-key for re-encrypting decrypted data, both of which are encrypted by using the public-key of said first user to said first user; and

said first user decrypts said secret-key for decryption and said secret-key for re-encryption by using the private-key of said first user, decrypts and uses the encrypted data using said secret-key for decryption, encrypts the decrypted data using said secret-key for re-encryption to be stored and copied, and transfers the encrypted data together with said data label, data label fingerprint and said user label of first user to the next user.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a system to ensure security of data in a computer network system. A center certifies a public-key of user of the system and distributes a secret-key. A first system comprises the center in a network, an information provider and a plurality of users. The center identifies utilization status by requests of the secret-key. The data is encrypted by the secret-key and is stored and transferred, while the data to be stored and transferred is encrypted by a secret-key different from the secret-key of the transferred data. An original data label is added to the original data, and an edit label is added to the edited data, and the center does not store the data and stores only the original data label and the edit label. A second system comprises a center and an information provider in a network, and a plurality of users utilizing the network. The center stores the original data and editing scenario, and also the original data label, user label and edit label. The data is not transferred between the users, but data label encrypted by the public-key is transferred. In electronic commerce system, every data is distributed through a mediator in the network, data which is transferred from a maker to a user is encrypted by a secret-key for encryption, and data which is transferred from the user to the maker is encrypted by a secret-key for re-encryption.

Citations

26 Claims

1. A system for managing digital data to be transferred from an owner of data to a user of data via a communication network, whereby:
- secret-key, public-key, private-key, owner label, user label and data label are used in the data management system;
  
  a data management center is linked to a public-key storage and a secret-key generator and is arranged on said communication network;
  
  said data management center certifies public-keys of said owner and said user, and stores said owner label, said user label and said data label;
  
  said owner presents said owner label and data label, and requests a secret-key for data encryption to said data management center;
  
  said data management center prepares a data label fingerprint from said data label, and distributes secret-key for encryption which is encrypted by using said public-key of owner together with said data label fingerprint, to said owner;
  
  said owner encrypts the data using said secret-key which is decrypted by using private-key of said owner, and transfers said encrypted data, said data label and said data label fingerprint to a first user;
  
  said first user presents user label of said first user, said data label and said data label fingerprint, and requests a secret-key for decrypting said encrypted data and a secret-key for re-encrypting said data which is decrypted, to said data management center;
  
  said data management center confirms validity of said data label by said data label fingerprint, registers said user label of first user, and distributes said secret-key for decrypting encrypted data and said secret-key for re-encrypting decrypted data, both of which are encrypted by using the public-key of said first user to said first user; and
  
  said first user decrypts said secret-key for decryption and said secret-key for re-encryption by using the private-key of said first user, decrypts and uses the encrypted data using said secret-key for decryption, encrypts the decrypted data using said secret-key for re-encryption to be stored and copied, and transfers the encrypted data together with said data label, data label fingerprint and said user label of first user to the next user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 2. A data management system according to claim 1, wherein a copyright is registered by presenting said owner label and said data label to said data management center by said owner of data.
  - 3. A data management system according to claim 1, wherein said digital data is edited by the user, and the editing scenario of said digital data is added to said data label.
  - 4. A data management system according to claim 3, wherein a copyright is registered by presenting the user label of said user and data label having said editing content of said digital data to said data management center by said user.
  - 5. A data management system according to claim 1, wherein there are a plurality of said digital data.
  - 6. A data management system according to claim 1 wherein digital signature is performed on said data label.
  - 7. A data management system according to claim 1 wherein charging a fee is performed by presenting the user label of said user and said data label to said data management center by said user.
  - 8. A data management system according to claim 7, wherein the charging a fee is performed by metering post-payment method based on use results.
  - 9. A data management system according to claim 8, wherein the metering data based on use results is stored in said data management center.
  - 10. A data management system according to claim 8, wherein the metering data based on use results is stored in a device of said user.
  - 11. A data management system according to claim 7, wherein the charging a fee is performed by prepayment method.
  - 12. A data management system according to claim 11, wherein the prepayment data is stored in said data management center.
  - 13. A data management system according to claim 11, wherein the prepayment data is stored in a device of said user.
  - 14. A data management system according to claim 1 wherein said digital data has general file structure and data body thereof only is encrypted.
  - 15. A data management system according to claim 14, wherein a part of said data body is encrypted.
  - 16. A data management system according to claim 15, wherein the part of said data body with encrypted is repeatedly arranged in said data body.
  - 17. A data management system according to claim 15, wherein a plurality of parts of said data body with encrypted is intermittently arranged in said data body.
  - 18. A data management system according to claim 1 wherein said digital data has general file structure, and data header and data body thereof are encrypted.
  - 19. A data management system according to claim 18, wherein a part of said data header and entire part of said data body are encrypted.
  - 20. A data management system according to claim 18, wherein a part of said data header and a part of said data body are encrypted respectively.
  - 21. A data management system according to claim 1 wherein said digital data has general file structure and data header thereof only is encrypted.
  - 22. A data management system according to claim 21, wherein entire part of said data header is encrypted.
  - 23. A data management system according to claim 21, wherein a part of said data header only is encrypted.
  - 24. A data management system according to claim 1 wherein said digital data has general file structure, and only label is encrypted.
  - 25. A data management system according to claim 24, wherein a part of said label only is encrypted.
  - 26. A data management system according to claim 1 wherein said digital data has object-formed file structure, and only method is encrypted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Piracy Protection LLC (LF Capital Partners, LLC)
Original Assignee
Mitsubishi Corporation
Inventors
Saito, Makoto
Primary Examiner(s)
Gregory, Bernarr E.
Assistant Examiner(s)
SAYADIAN, HRAYR

Application Number

US08/733,504
Time in Patent Office

1,103 Days
Field of Search

380/4, 380/2, 380/23, 380/25, 380/49
US Class Current

705/52
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 2211/008   Public Key, Asymmetric Key,...

G06F 2221/2107   File encryption

G06Q 20/02   involving a neutral party, ...

G06Q 20/1235   with control of digital rig...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3829   involving key management

H04L 2463/101   applying security measures ...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/0464   using hop-by-hop encryption...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/12   Applying verification of th...

H04L 63/126   the source of the received ...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/083   involving central third par...

H04L 9/3247   involving digital signatures

H04N 2005/91364   the video signal being scra...

H04N 5/913   for scrambling ; for copy p...

H04N 7/162 : Authorising the user termin...

View All

Data management system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Data management system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links