Techniques for defining, using and manipulating rights management data structures
First Claim
1. A method including:
- generating a descriptive data structure in a first data processing device characterized by a first security aspect;
specifying information in the descriptive data structure, including information relating to the first security aspect, a first rule, and a second rule;
associating a third rule with the descriptive data structure, the third rule at least in part controlling use of at least a portion of the descriptive data structure;
transmitting the descriptive data structure to a second data processing device;
at the second environment, retrieving from the descriptive data structurethe information relating to the first security aspect, the retrieval being governed at least in part by the third rule; and
determining whether to use the first rule or the second rule based on the information.
2 Assignments
0 Petitions
Accused Products
Abstract
A descriptive data structure provides an abstract representation of a rights management data structure such as a secure container. The abstract representation may describe, for example, the layout of the rights management data structure. It can also provide metadata describing or defining other characteristics of rights management data structure use and/or processing. For example, the descriptive data structure can provide integrity constraints that provide a way to state rules about associated information. The abstract representation can be used to create rights management data structures that are interoperable and compatible with one another. This arrangement preserves flexibility and ease of use without compromising security.
-
Citations
64 Claims
-
1. A method including:
-
generating a descriptive data structure in a first data processing device characterized by a first security aspect; specifying information in the descriptive data structure, including information relating to the first security aspect, a first rule, and a second rule; associating a third rule with the descriptive data structure, the third rule at least in part controlling use of at least a portion of the descriptive data structure; transmitting the descriptive data structure to a second data processing device; at the second environment, retrieving from the descriptive data structure the information relating to the first security aspect, the retrieval being governed at least in part by the third rule; and determining whether to use the first rule or the second rule based on the information. - View Dependent Claims (2, 3, 4)
-
-
5. A descriptive data structure embodied on a computer-readable medium or other logic device, including the following elements:
-
identification information at least in part identifying a first rights management data structure; organization information at least in part describing the organization of at least some governed information contained within or referenced by the first rights management data structure; rule information relating to a first rule used to at least in part govern use of at least a portion of the governed information contained within the first rights management data structure; and a second rule used to at least in part govern use of at least a portion of the descriptive data structure. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A distributed data processing arrangement including:
-
a first data processing apparatus including; a central processing unit; and a first memory storing (1) a descriptive data structure, the descriptive data structure including information regarding a first organization of elements within a secure container, and (2) a first rule at least in part governing use of at least a portion of the descriptive data structure; and a second data processing apparatus including; a central processing unit; and a second memory storing a first secure container including; data elements organized at least in part in accordance with the information contained in the descriptive data structure; and a rule set made up of at least a second rule, the rule set used to at least in part govern at least one aspect of access to or use of the data elements; the second rule requiring that information regarding at least one use of at least one of the data elements be at least temporarily recorded. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A method of using a descriptive data structure, at a first data processing arrangement located at a first site, including:
-
receiving a first secure container including governed information; receiving a first rule set including at least one rule, the first rule set governing at least one aspect of access to or use of the governed information and containing a first rule at least in part governing at least one aspect of an auditing process involving the governed information; receiving a second secure container including a descriptive data structure, the descriptive data structure including information at least in part describing or representing at least one aspect of the organization of the first secure container governed information; receiving a second rule set including at least one rule, the second rule set governing at least one aspect of access to or use of the descriptive data structure; using the second rule set to gain access to at least a portion of the descriptive data structure; and using the accessed descriptive data structure portion to make a use of the first secure container governed information. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50)
-
-
51. A method of creating a first secure container, including:
-
accessing a first control, which at least in part governs use of a descriptive data structure; in compliance with the first rule, accessing the descriptive data structure, which includes or addresses; organization information at least in part describing a required or desired organization of a content section of the first secure container, and metadata information at least in part specifying at least one step required or desired in creation of the first secure container; organizing information contained in the first secure container using the descriptive data structure; and using the metadata information to at least in part generate or identify a second control designed to govern at least one aspect of access to or use of at least a portion of the information contained in the first secure container. - View Dependent Claims (52, 53, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
-
-
54. The method of claims further including:
associating the third control with the first secure container.
Specification