Systems and methods for secure transaction management and electronic rights protection
DC CAFCFirst Claim
1. A method for monitoring use of a resource at a computing system, the method comprising:
- receiving a first entity'"'"'s control information;
receiving a second entity'"'"'s control information;
selecting between the first entity'"'"'s control information and the second entity'"'"'s control information;
using the selected control information to govern, at least in part, a use of the resource; and
reporting information relating to the use of the resource to the entity whose control information was selected;
wherein at least one aspect of the computing system is designed to impede the ability of a user of the computing system to tamper with the computing system'"'"'s performance of one or more of said selecting, using, and reporting steps.
2 Assignments
Litigations
1 Petition
Accused Products
Abstract
The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.”
511 Citations
31 Claims
-
1. A method for monitoring use of a resource at a computing system, the method comprising:
-
receiving a first entity'"'"'s control information;
receiving a second entity'"'"'s control information;
selecting between the first entity'"'"'s control information and the second entity'"'"'s control information;
using the selected control information to govern, at least in part, a use of the resource; and
reporting information relating to the use of the resource to the entity whose control information was selected;
wherein at least one aspect of the computing system is designed to impede the ability of a user of the computing system to tamper with the computing system'"'"'s performance of one or more of said selecting, using, and reporting steps. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
receiving the resource at the computing system, the resource comprising a digital file.
-
-
3. A method as in claim 2, in which the digital file includes digital content.
-
4. A method as in claim 3, in which the digital file includes the first entity'"'"'s control information or a reference thereto.
-
5. A method as in claim 4, in which the digital file includes means for verifying the authenticity of at least part of the digital file.
-
6. A method as in claim 5, in which said means for verifying the authenticity of at least part of the digital file comprises a digital signature or a digital certificate.
-
7. A method as in claim 5, in which at least part of the digital file is encrypted.
-
8. A method as in claim 7, in which the computing system includes a key for decrypting the digital file, the key being protected, at least in part, from at least one of discovery, modification, or replacement by a user of the computing system.
-
9. A method as in claim 4, which the digital file includes the second entity'"'"'s control information or a reference thereto.
-
10. A method as in claim 1, in which the first entity'"'"'s control information is received from a third entity, the third entity being different from the first entity, the third entity specializing, at least in part, in providing control information to computing systems.
-
11. A method as in claim 1, in which the computing system comprises a television set-top box.
-
12. A method as in claim 1, in which the computing system comprises a telephone.
-
13. A method as in claim 1, in which the information relating to the use of the resource is sent to a third entity, the third entity being different from the entity whose control information was selected, the third entity being operable to send the information relating to the use of the resource to the entity whose control information was selected.
-
14. A method as in claim 13, in which the third entity aggregates the information relating to the use of the resource with other information relating to the use of the resource or other resources before sending the aggregated information to the entity whose control information was selected.
-
15. A method as in claim 1, in which the information relating to the use of the resource includes payment-related information.
-
16. A method as in claim 1, in which the information relating to the use of the resource includes information regarding a number of uses of the resource.
-
17. A method as in claim 1, in which the information relating to the use of the resource includes information regarding a duration of use of the resource.
-
18. A method as in claim 1, in which the information relating to the use of the resource includes information relating to the identity of the computing system.
-
19. A method as in claim 2, in which receiving the digital file at the computing system includes reading the digital file from a portable memory device.
-
20. A method as in claim 19, in which the portable memory device comprises an optical disk.
-
21. A method as in claim 1, in which the first entity'"'"'s control information and the second entity'"'"'s control information are received via a network interface.
-
22. A computer program package including programming instructions for performing a method for monitoring use of a resource at a computing system, the method comprising:
-
receiving a first entity'"'"'s control information;
receiving a second entity'"'"'s control information;
selecting between the first entity'"'"'s control information and the second entity'"'"'s control information;
using the selected control information to govern, at least in part, a use of the resource; and
reporting information relating to the use of the resource to the entity whose control information was selected;
wherein at least one aspect of the computing system is designed to impede the ability of a user of the computing system to tamper with the computing system'"'"'s performance of one or more of said selecting, using, and reporting steps. - View Dependent Claims (23)
-
-
24. A method for monitoring use of a digital file at a computing system, the method comprising:
-
receiving the digital file;
receiving a first entity'"'"'s control information separately from the digital file;
using the first entity'"'"'s control information to govern, at least in part, a use of the digital file at the computing system; and
reporting information relating to the use of the digital file to the first entity;
wherein at least one aspect of the computing system is designed to impede the ability of a user of the computing system to tamper with at least one aspect of the computing system'"'"'s performance of one or more of said using and reporting steps. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
receiving a second entity'"'"'s control information;
selecting the first entity'"'"'s control information to govern, at least in part, a use of the digital file at the computing system.
-
-
26. A method as in claim 24, in which the first entity'"'"'s control information is received from a second entity and in which the digital file is received from a third entity that is different from the second entity.
-
27. A method as in claim 24, in which the first entity'"'"'s control information and the digital file are separately received from a second entity.
-
28. A method as in claim 24, in which the digital file includes digital content and a reference to the first entity'"'"'s control information.
-
29. A method as in claim 28, in which the digital file includes a digital signature or a digital certificate for verifying the authenticity of at least part of the digital file.
-
30. A method as in claim 29, in which at least part of the digital file is encrypted.
-
31. A method as in claim 30, in which a key for decrypting the digital file is stored on the computing system, and is protected, at least in part, from at least one of discovery, modification, or replacement by a user of the computing system.
Specification