Systems and methods for secure transaction management and electronic rights protection

DC CAFC

US 6,640,304 B2
Filed: 03/25/2002
Issued: 10/28/2003
Est. Priority Date: 02/13/1995
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method for monitoring use of a resource at a computing system, the method comprising:

receiving a first entity'"'"'s control information;

receiving a second entity'"'"'s control information;

selecting between the first entity'"'"'s control information and the second entity'"'"'s control information;

using the selected control information to govern, at least in part, a use of the resource; and

reporting information relating to the use of the resource to the entity whose control information was selected;

wherein at least one aspect of the computing system is designed to impede the ability of a user of the computing system to tamper with the computing system'"'"'s performance of one or more of said selecting, using, and reporting steps.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.”

511 Citations

31 Claims

1. A method for monitoring use of a resource at a computing system, the method comprising:
- receiving a first entity'"'"'s control information;
  
  receiving a second entity'"'"'s control information;
  
  selecting between the first entity'"'"'s control information and the second entity'"'"'s control information;
  
  using the selected control information to govern, at least in part, a use of the resource; and
  
  reporting information relating to the use of the resource to the entity whose control information was selected;
  
  wherein at least one aspect of the computing system is designed to impede the ability of a user of the computing system to tamper with the computing system'"'"'s performance of one or more of said selecting, using, and reporting steps.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. A method as in claim 1, further comprising:
3. A method as in claim 2, in which the digital file includes digital content.
4. A method as in claim 3, in which the digital file includes the first entity'"'"'s control information or a reference thereto.
5. A method as in claim 4, in which the digital file includes means for verifying the authenticity of at least part of the digital file.
6. A method as in claim 5, in which said means for verifying the authenticity of at least part of the digital file comprises a digital signature or a digital certificate.
7. A method as in claim 5, in which at least part of the digital file is encrypted.
8. A method as in claim 7, in which the computing system includes a key for decrypting the digital file, the key being protected, at least in part, from at least one of discovery, modification, or replacement by a user of the computing system.
9. A method as in claim 4, which the digital file includes the second entity'"'"'s control information or a reference thereto.
10. A method as in claim 1, in which the first entity'"'"'s control information is received from a third entity, the third entity being different from the first entity, the third entity specializing, at least in part, in providing control information to computing systems.
11. A method as in claim 1, in which the computing system comprises a television set-top box.
12. A method as in claim 1, in which the computing system comprises a telephone.
13. A method as in claim 1, in which the information relating to the use of the resource is sent to a third entity, the third entity being different from the entity whose control information was selected, the third entity being operable to send the information relating to the use of the resource to the entity whose control information was selected.
14. A method as in claim 13, in which the third entity aggregates the information relating to the use of the resource with other information relating to the use of the resource or other resources before sending the aggregated information to the entity whose control information was selected.
15. A method as in claim 1, in which the information relating to the use of the resource includes payment-related information.
16. A method as in claim 1, in which the information relating to the use of the resource includes information regarding a number of uses of the resource.
17. A method as in claim 1, in which the information relating to the use of the resource includes information regarding a duration of use of the resource.
18. A method as in claim 1, in which the information relating to the use of the resource includes information relating to the identity of the computing system.
19. A method as in claim 2, in which receiving the digital file at the computing system includes reading the digital file from a portable memory device.
20. A method as in claim 19, in which the portable memory device comprises an optical disk.
21. A method as in claim 1, in which the first entity'"'"'s control information and the second entity'"'"'s control information are received via a network interface.

22. A computer program package including programming instructions for performing a method for monitoring use of a resource at a computing system, the method comprising:
- receiving a first entity'"'"'s control information;
  
  receiving a second entity'"'"'s control information;
  
  selecting between the first entity'"'"'s control information and the second entity'"'"'s control information;
  
  using the selected control information to govern, at least in part, a use of the resource; and
  
  reporting information relating to the use of the resource to the entity whose control information was selected;
  
  wherein at least one aspect of the computing system is designed to impede the ability of a user of the computing system to tamper with the computing system'"'"'s performance of one or more of said selecting, using, and reporting steps.
- View Dependent Claims (23)
- - 23. A computer program package as in claim 22, further including programming instructions for receiving the resource at the computing system, the resource comprising a digital file.

24. A method for monitoring use of a digital file at a computing system, the method comprising:
- receiving the digital file;
  
  receiving a first entity'"'"'s control information separately from the digital file;
  
  using the first entity'"'"'s control information to govern, at least in part, a use of the digital file at the computing system; and
  
  reporting information relating to the use of the digital file to the first entity;
  
  wherein at least one aspect of the computing system is designed to impede the ability of a user of the computing system to tamper with at least one aspect of the computing system'"'"'s performance of one or more of said using and reporting steps.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
- - 25. A method as in claim 24, further comprising:
26. A method as in claim 24, in which the first entity'"'"'s control information is received from a second entity and in which the digital file is received from a third entity that is different from the second entity.
27. A method as in claim 24, in which the first entity'"'"'s control information and the digital file are separately received from a second entity.
28. A method as in claim 24, in which the digital file includes digital content and a reference to the first entity'"'"'s control information.
29. A method as in claim 28, in which the digital file includes a digital signature or a digital certificate for verifying the authenticity of at least part of the digital file.
30. A method as in claim 29, in which at least part of the digital file is encrypted.
31. A method as in claim 30, in which a key for decrypting the digital file is stored on the computing system, and is protected, at least in part, from at least one of discovery, modification, or replacement by a user of the computing system.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Ginter, Karl L., Spahn, Francis J., Shear, Victor H., Van Wie, David M.
Primary Examiner(s)
Darrow, Justin T.

Application Number

US10/106,742
Publication Number

US 20030088784A1
Time in Patent Office

582 Days
Field of Search

713/161, 713/165, 713/167, 713/193, 713/200, 713/201, 705/51, 705/52, 709/224, 709/229
US Class Current

713/193
CPC Class Codes

G06F 21/109   by using specially-adapted ...

G06F 21/16   Program or content traceabi...

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/6209   to a single file or object,...

G06F 21/71   to assure secure computing ...

G06F 21/86   Secure or tamper-resistant ...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2135   Metering

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2151   Time stamp

G06Q 10/087   Inventory or stock manageme...

G06Q 20/02   involving a neutral party, ...

G06Q 20/023   the neutral party being a c...

G06Q 20/04   Payment circuits

G06Q 20/085   involving remote charge det...

G06Q 20/10   specially adapted for elect...

G06Q 20/102   Bill distribution or payments

G06Q 20/12   specially adapted for elect...

G06Q 20/123 : Shopping for digital content

G06Q 20/1235 : with control of digital rig...

G06Q 20/14 : specially adapted for billi...

G06Q 20/24 : Credit schemes, i.e. "pay a...

G06Q 20/306 : using TV related infrastruc...

G06Q 20/308 : using the Internet of Things

G06Q 2220/16 : Copy protection or prevention

G06Q 30/0273 : Determination of fees for a...

G06Q 30/0283 : Price estimation or determi...

G06Q 30/06 : Buying, selling or leasing ...

G06Q 30/0601 : Electronic shopping [e-shop...

G06Q 30/0609 : Buyer or seller confidence ...

G06Q 40/02 : Banking, e.g. interest calc...

G06Q 40/04 : Trading; Exchange, e.g. sto...

G06Q 40/12 : Accounting

G06Q 50/184 : Intellectual property manag...

G06Q 50/188 : Electronic negotiation

G06T 1/0021 : Image watermarking

G07F 9/026 : for alarm, monitoring and a...

H04L 2209/56 : Financial cryptography, e.g...

H04L 2209/60 : Digital content management,...

H04L 2463/101 : applying security measures ...

H04L 2463/102 : applying security measure f...

H04L 2463/103 : applying security measure f...

H04L 63/02 : for separating internal fro...

H04L 63/04 : for providing a confidentia...

H04L 63/0428 : wherein the data content is...

H04L 63/0435 : wherein the sending and rec...

H04L 63/0442 : wherein the sending and rec...

H04L 63/08 : for authentication of entit...

H04L 63/0823 : using certificates cryptogr...

H04L 63/083 : using passwords cryptograph...

H04L 63/10 : for controlling access to d...

H04L 63/12 : Applying verification of th...

H04L 63/123 : received data contents, e.g...

H04L 63/16 : Implementing security featu...

H04L 63/168 : above the transport layer

H04L 63/20 : for managing network securi...

H04L 9/006 : involving public key infras...

H04L 9/0819 : Key transport or distributi...

H04L 9/0838 : Key agreement, i.e. key est...

H04L 9/0861 : Generation of secret inform...

H04L 9/3218 : using proof of knowledge, e...

H04L 9/3247 : involving digital signatures

H04L 9/3263 : involving certificates, e.g...

H04N 2005/91364 : the video signal being scra...

H04N 21/2347 : involving video stream encr...

H04N 21/23476 : by partially encrypting, e....

H04N 21/235 : Processing of additional da...

H04N 21/2362 : Generation or processing of...

H04N 21/2541 : Rights Management protectin...

H04N 21/2543 : Billing , e.g. for subscrip...

H04N 21/2547 : Third Party Billing, e.g. b...

H04N 21/25875 : involving end-user authenti...

H04N 21/4143 : embedded in a Personal Comp...

H04N 21/42646 : for reading from or writing...

H04N 21/4325 : by playing back content fro...

H04N 21/4345 : Extraction or processing of...

H04N 21/435 : Processing of additional da...

H04N 21/4405 : involving video stream decr...

H04N 21/44204 : Monitoring of content usage...

H04N 21/443 : OS processes, e.g. booting ...

H04N 21/4627 : Rights management associate...

H04N 21/4753 : for user identification, e....

H04N 21/6581 : Reference data, e.g. a movi...

H04N 21/8166 : involving executable data, ...

H04N 21/835 : Generation of protective da...

H04N 21/8355 : involving usage data, e.g. ...

H04N 21/83555 : using a structured language...

H04N 21/8358 : involving watermark protect...

H04N 5/913 : for scrambling ; for copy p...

H04N 7/162 : Authorising the user termin...

H04N 7/163 : by receiver means only

H04N 7/17309 : Transmission or handling of...

View All

Systems and methods for secure transaction management and electronic rights protection

First Claim

2 Assignments

Litigations

1 Petition

Accused Products

Abstract

511 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for secure transaction management and electronic rights protection

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

511 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links