Systems and methods for secure transaction management and electronic rights protection
DCFirst Claim
1. A method for using at least one resource processed in a secure operating environment at a first appliance, said method comprising:
- securely receiving a first entity'"'"'s control at said first appliance, said first entity being located remotely from said operating environment and said first appliance;
securely receiving a second entity'"'"'s control at said first appliance, said second entity being located remotely from said operating environment and said first appliance, said second entity being different from said first entity; and
securely processing a data item at said first appliance, using at least one resource, including securely applying, at said first appliance through use of said at least one resource said first entity'"'"'s control and said second entity'"'"'s control to govern use of said data item.
3 Assignments
Litigations
0 Petitions
Accused Products
Abstract
The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the "electronic highway."
1937 Citations
102 Claims
-
1. A method for using at least one resource processed in a secure operating environment at a first appliance, said method comprising:
-
securely receiving a first entity'"'"'s control at said first appliance, said first entity being located remotely from said operating environment and said first appliance; securely receiving a second entity'"'"'s control at said first appliance, said second entity being located remotely from said operating environment and said first appliance, said second entity being different from said first entity; and securely processing a data item at said first appliance, using at least one resource, including securely applying, at said first appliance through use of said at least one resource said first entity'"'"'s control and said second entity'"'"'s control to govern use of said data item. - View Dependent Claims (37, 44, 51, 58, 65, 71, 76, 84, 89, 96)
-
-
2. A method for securely managing at least one operation on a data item performed at least in part by an electronic arrangement disposed at a first site, said method comprising:
-
(a) securely delivering a first procedure to said electronic arrangement at said first site from a second site different from said first site; (b) securely delivering, to said electronic arrangement at said first site from a third site different from said first and second sites, a second procedure separable or separate from said first procedure; and (c) performing, at least in part with said electronic arrangement at said first site, at least one operation on said data item, including using said first and second procedures in combination to at least in part securely manage said operation. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 38, 52, 59, 66, 72, 77, 83, 90, 97)
-
-
22. A method of securely controlling use by a third party of at least one protected operation with respect to a data item comprising:
-
(a) supplying at least a first control from a first party to said third party; (b) supplying, to said third party, at least a second control from a second party different from said first party; (c) securely combining. at said third party'"'"'s location, said first and second controls to form a control arrangement; (d) securely requiring use of said control arrangement in order to perform at least one protected operation using said data item; and (e) securely performing said at least one protected operation on behalf of said third party with respect to said data item by at least in part employing said control arrangement. - View Dependent Claims (23, 24, 25, 39, 45, 46, 53, 60, 67, 78, 85, 91, 98)
-
-
26. A secure method for combining data items into a composite data item comprising:
-
(a) securely providing, from a first location to a second location, a first data item having at least a first control associated therewith; (b) securely providing, from a third location to said second location, a second data item having at least a second control associated therewith; (c) forming, at said second location, a composite of said first and second data items; (d) securely combining. at said second location, said first and second controls to form a control arrangement; and (e) performing at least one operation on said composite of said first and second data items based at least in part on said control arrangement. - View Dependent Claims (27, 28, 29, 30, 31, 40, 47, 54, 61, 68, 79, 86, 92, 99)
-
-
32. A secure method for controlling a protected operation comprising:
-
(a) securely delivering at least a first control and a second control representing rights of first and second entities, respectively, to an electronic appliance used by a third entity; and (b) controlling at least one protected operation at least in part in response to a request by said third entity based at least in part on a combination of said first and second controls, including at least one of the following steps; resolving at least one conflict between said first and second controls based on a predefined order; providing an interaction with said third entity to form said combination; and dynamically negotiating between said first and second controls. - View Dependent Claims (33, 34, 41, 48, 55, 62, 69, 73, 80, 87, 93, 100)
-
-
35. A method for using at least one resource processed by a secure operating environment, said method comprising:
-
securely receiving a first load module provided by a first entity external to said operating environment; securely receiving a second load module provided by a second entity external to said operating environment, said second entity being different from said first entity; and securely processing, using at least one resource, a data item associated with said first and second load modules, including securely applying said first and second load modules to manage use of said data item. - View Dependent Claims (42, 49, 56, 63, 70, 74, 81, 94, 101)
-
-
36. A secure operating environment system for managing at least one resource comprising:
-
a communications arrangement that securely receives a first control of a first entity external to said operating environment, and securely receives a second control of a second entity external to said operating environment, said second entity being different from said first entity; and a protected processing environment, operatively connected to said communications arrangement, that; (a) securely processes, using at least one resource, a data item logically associated with said first and second controls, and (b) securely applies said first and second controls to manage said resource for controlling use of said data item. - View Dependent Claims (43, 50, 57, 64, 75, 82, 88, 95, 102)
-
Specification