Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management

US 6,658,568 B1
Filed: 10/26/1999
Issued: 12/02/2003
Est. Priority Date: 02/13/1995
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A system for secure, automated transaction processing including:

a user site including a first secure environment including a processor and a secure memory, the secure memory storing a first secure container including first governed content and having associated a first rule set, a second secure container including second governed content and having associated a second rule set, and a third rule set;

the first rule set including;

a first rule specifying a first secure, interoperable transaction processing system including a first plurality of interoperable clearinghouses, and a second rule allowing the user to select one or more clearinghouses from the first plurality, the chosen clearinghouses to be used to at least in part process a transaction involving at least a portion of the first governed content; and

the second rule set including;

a third rule specifying a second secure interoperable transaction processing system including a second plurality of interoperable clearinghouses, and a fourth rule allowing the user to select one or more clearinghouses from the second plurality, the chosen clearinghouses to be used to at least in part process a transaction involving at least a portion of the second governed content;

the third rule set including;

one or more rules specifying one or more clearinghouses acceptable to the user, and a fifth rule specifying a user requirement restricting use of identification information supplied by the user; and

the user site including a processor capable of comparing a clearinghouse specified by the third rule set with a clearinghouse specified by the first rule set or the second rule set and indicating whether a match exists.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

The present invention provides methods and systems for secure, automated transaction processing for use in electronic commerce and electronic rights and transaction management over an electronic network such as the Internet and/or over organization internal Intranets. One exemplary system involves rule-based specification and selection of clearinghouses, and rule-based specification of user restrictions on the use of identification information.

Citations

21 Claims

1. A system for secure, automated transaction processing including:
- a user site including a first secure environment including a processor and a secure memory, the secure memory storing a first secure container including first governed content and having associated a first rule set, a second secure container including second governed content and having associated a second rule set, and a third rule set;
  
  the first rule set including;
  
  a first rule specifying a first secure, interoperable transaction processing system including a first plurality of interoperable clearinghouses, and a second rule allowing the user to select one or more clearinghouses from the first plurality, the chosen clearinghouses to be used to at least in part process a transaction involving at least a portion of the first governed content; and
  
  the second rule set including;
  
  a third rule specifying a second secure interoperable transaction processing system including a second plurality of interoperable clearinghouses, and a fourth rule allowing the user to select one or more clearinghouses from the second plurality, the chosen clearinghouses to be used to at least in part process a transaction involving at least a portion of the second governed content;
  
  the third rule set including;
  
  one or more rules specifying one or more clearinghouses acceptable to the user, and a fifth rule specifying a user requirement restricting use of identification information supplied by the user; and
  
  the user site including a processor capable of comparing a clearinghouse specified by the third rule set with a clearinghouse specified by the first rule set or the second rule set and indicating whether a match exists.
- View Dependent Claims (2)
- - 2. A system as in claim 1, in which:

3. A method of processing digital transactions including:
- delivering a node to a user site;
  
  initializing the node, the initialization including;
  
  specifying at least one processing center to be used for processing of at least some digital transactions involving the node, and specifying at least one privacy-related option relating to permissible uses of identification information relating to the user;
  
  delivering a secure container containing governed content to the user site, the secure container having associated a rule set at least in part governing access or other use of the governed content;
  
  the user indicating an intent to access at least a portion of the governed content;
  
  in accordance with the rule set, displaying a message to the user, the message including information relating to a condition required before access to the governed content will be allowed;
  
  the user indicating assent to the condition;
  
  access to at least a portion of the governed content being allowed to the user, the access governed at least in part by the rule set; and
  
  in accordance with the rule set, a communication being securely transmitted from the user site to the processing center, the communication including information relating to the transaction.
- View Dependent Claims (4, 5, 6, 7, 8)
- - 4. A method as in claim 3, in which:
5. A method as in claim 3, in which:
- the node is delivered and installed in a manner which is at least in part secure.
6. A method as in claim 3, in which:
- the step of initializing the node includes specifying a payment method; and
  
  the communication information includes information relating to a payment made using the specified payment method.
7. A method as in claim 3, in which:
- the communication information includes usage information, which usage information is securely transmitted from the processing center to a third party site.
8. A method as in claim 3, in which:
- the step of the user assenting agreeing to a condition includes the user agreeing to a specified price.

9. A method of processing a digital transaction including:
- delivering an electronic apparatus to a user, the electronic apparatus including software from a first entity;
  
  at the user site, initializing the electronic apparatus, the initialization including registering the software with the first entity and selecting a payment option, wherein the registration includes specifying a privacy option relating to permissible use of identification information, and transmitting registration information from the user to the first entity;
  
  delivering a first secure container to the user, the first secure container including first governed content and having associated a first rule set at least in part governing access to or other use of at least a portion of the first governed content;
  
  under at least partial control of the first rule set, the user using the electronic apparatus to gain access to at least a portion of the first governed content;
  
  under at least partial control of the first rule set, creating a second secure container including information relating to the user'"'"'s access to the first governed content, the second secure container having associated a second rule set at least in part governing access to or other use of the second secure container governed content and containing information relating to a payment made by the user in return for access to the first governed content, the payment being specified at least in part by the payment option selected in the initializing step;
  
  transmitting the second secure container to a second entity specified at least in part by the second rule set;
  
  at the second entity, extracting information from the second secure container and performing an operation on at least a portion of the extracted information; and
  
  directly or indirectly transmitting information relating to the user'"'"'s use of the first governed content from the second entity to the first entity.

10. A method of processing digital transactions including:
- a first rightsholder transmitting first content to an administrator;
  
  the administrator storing the first content in a first secure container and associating a first rule set with the first secure container, the first rule set at least in Part governing access to or other use of the first content;
  
  the administrator communicating the first secure container to a user;
  
  at the user'"'"'s site, the user indicating a desire to access at least a portion of the first content;
  
  in accordance with the first rule set, the user choosing a first clearinghouse;
  
  the user obtaining access to at least a portion of the first content, the access being at least in part governed by the first rule set;
  
  in accordance with the first rule set, payment information and usage information relating to the user'"'"'s access being stored in a second secure container having associated a second rule set at least in Dart governing access to or other use of at least certain contents of the second secure container, wherein the second rule set includes a rule generated by the user, at least in part specifying a privacy policy regarding use of identification information relating to the user;
  
  the second secure container being communicated to the administrator;
  
  the administrator accessing the contents of the second secure container, the access being governed, at least in part, by the second rule set;
  
  the administrator communicating at least some of the second secure container payment information to the first clearinghouse, wherein the communication of information from the administrator to the first clearinghouse is governed, at least in part, by the requirements of the user rule;
  
  the administrator communicating at least some of the second secure container usage information to the first clearinghouse; and
  
  the first clearinghouse communicating Payment information and usage information relating to the user'"'"'s first content access to the rightsholder.

11. A method of processing digital transactions including:
- a first rightsholder transmitting first content to an administrator;
  
  the administrator storing the first content in a first secure container and associating a first rule set with the first secure container, the first rule set at least in part governing access to or other use of the first content;
  
  the administrator communicating the first secure container to a user;
  
  at the user'"'"'s site, the user indicating a desire to access at least a portion of the first content;
  
  in accordance with the first rule set, the user choosing a first clearinghouse;
  
  the user obtaining access to at least a portion of the first content, the access being at least in part governed by the first rule set;
  
  in accordance with the first rule set, payment information and usage information relating to the user'"'"'s access being stored in a second secure container having associated a second rule set at least in part governing access to or other use of at least certain contents of the second secure container;
  
  the second secure container being communicated to the administrator;
  
  the administrator accessing the contents of the second secure container, the access being governed, at least in part, by the second rule set;
  
  the administrator communicating at least some of the second secure container payment information to the first clearinghouse;
  
  the administrator communicating at least some of the second secure container usage information to the first clearinghouse;
  
  the first clearinghouse communicating payment information and usage information relating to the user'"'"'s first content access to the rightsholder;
  
  a second rightsholder transmitting second content to the administrator;
  
  the administrator storing the content in a third secure container and associating a third rule set with the third secure container, the third rule set at least in part governing access to or other use of the second content;
  
  the administrator communicating the third secure container to a user;
  
  at the user'"'"'s site, the user indicating a desire to access at least a portion of the second content;
  
  in accordance with the third rule set, the user choosing a second clearinghouse;
  
  the user obtaining access to at least a portion of the second content, the access being at least in part governed by the third rule set;
  
  in accordance with the third rule set, payment information and usage information relating to the user'"'"'s access being stored in a fourth secure container having associated a fourth rule set, the fourth rule set at least in part governing access to or other use of at least certain contents of the fourth secure container;
  
  the fourth secure container being communicated to the administrator;
  
  the administrator accessing the contents of the fourth secure container, the access being governed, at least in part, by the fourth rule set;
  
  the administrator communicating at least some of the fourth secure container payment information to the second clearinghouse;
  
  the administrator communicating at least some of the fourth secure container usage information to the second clearinghouse;
  
  the second clearinghouse communicating payment information relating to the user'"'"'s second content access to the rightsholder; and
  
  the second clearinghouse communicating usage information relating to the user'"'"'s second content access to the rightsholder.

12. A method of processing digital transactions including:
- a first rightsholder transmitting first content to an administrator;
  
  the administrator storing the first content in a first secure container and associating a first rule set with the first secure container, the first rule set at least in part governing access to or other use of the first content;
  
  a second rightsholder transmitting second content to the administrator;
  
  prior to communication of the first secure container to a user, the administrator storing the second content in the first secure container, the first rule set at least in part governing access to or other use of the second content;
  
  the administrator communicating the first secure container to the user;
  
  at the user'"'"'s site, the user indicating a desire to access at least a portion of the first content;
  
  in accordance with the first rule set, the user choosing a first clearinghouse;
  
  the user obtaining access to at least a portion of the first content, the access being at least in part governed by the first rule set;
  
  in accordance with the first rule set, payment information and usage information relating to the user'"'"'s access being stored in a second secure container having associated a second rule set at least in part governing access to or other use of at least certain contents of the second secure container;
  
  the second secure container being communicated to the administrator;
  
  the administrator accessing the contents of the second secure container, the access being governed, at least in part, by the second rule set;
  
  the administrator communicating at least some of the second secure container payment information to the first clearinghouse;
  
  the administrator communicating at least some of the second secure container usage information to the first clearinghouse; and
  
  the first clearinghouse communicating payment information and usage information relating to the user'"'"'s first content access to the rightsholder.
- View Dependent Claims (13)
- - 13. A method as in claim 12, further including:

14. A digital transaction method including the following steps:
- a first rightsholder packaging first content in a first secure container having associated a first rule set, the first rule set at least in part governing access to or other use of at least a portion of the first secure container contents;
  
  the first rightsholder communicating the first secure container to a user;
  
  the user obtaining access to at least a portion of the first content, the access being at least in part governed by the first rule set;
  
  the user choosing a first financial clearinghouse from a plurality of financial clearinghouse choices, the choice being governed at least in part by the first rule set;
  
  the user choosing a privacy option relating to use of identifying information;
  
  the user communicating payment information to the first financial clearinghouse, the communication being governed at least in Part by the first rule set;
  
  the first financial clearinghouse communicating payment information to the first rightsholder, the first financial clearinghouse'"'"'s communication of payment information to the first rightsholder being governed at least in part by the user'"'"'s privacy choice; and
  
  the first rightsholder receiving usage information relating to the user'"'"'s access to the first content.

15. A digital transaction method including the following steps:
- a first rightsholder packaging first content in a first secure container having associated a first rule set, the first rule set at least in part governing access to or other use of at least a portion of the first secure container contents;
  
  the first rightsholder communicating the first secure container to a user;
  
  the user obtaining access to at least a portion of the first content, the access being at least in part governed by the first rule set;
  
  the user choosing a first financial clearinghouse from a plurality of financial clearinghouse choices, the choice being governed at least in Part by the first rule set;
  
  the user communicating payment information to the first financial clearinghouse, the communication being governed at least in part by the first rule set;
  
  the first financial clearinghouse communicating payment information to the first rightsholder;
  
  the first rightsholder receiving usage information relating to the user'"'"'s access to the first content;
  
  a second rightsholder packaging second content in a second secure container having associated a second rule set, the second rule set at least in part governing access to or other use of at least a portion of the second secure container contents;
  
  the second rightsholder communicating the second secure container to a user;
  
  the user obtaining access to at least a portion of the second content, the access being at least in part governed by the second rule set;
  
  the user choosing a second financial clearinghouse from a plurality of financial clearinghouse choices, the choice being governed at least in part by the second rule set;
  
  the user communicating payment information to the second financial clearinghouse, the communication being governed at least in part by the second rule set;
  
  the second financial clearinghouse communicating payment information to the first rightsholder; and
  
  the first rightsholder receiving usage information relating to the user'"'"'s access to the second content.

16. A digital transaction method including:
- communicating a first rule set to a user site, the first rule set being associated with a first entity;
  
  communicating a second rule set to the user site, the second rule set being associated with a second entity;
  
  communicating a first secure container to the user site, the first secure container including first content;
  
  at the user site, accessing at least a portion of the first content;
  
  creating a second secure container at the user site, the creation of the second secure container being governed at least in part by the first rule set, the second secure container having associated a third rule set at least in part governing access to or other use of the contents of the second secure container, and the third rule set including a rule generated by or on behalf of the user;
  
  incorporating the payment-related information into the second secure container;
  
  in accordance with the first rule set, communicating payment-related information from the user site to the first entity, the step of communicating the payment-related information to the first entity at least in part consisting of communicating the second secure container to the first entity;
  
  in accordance with the second rule set, communicating usage-related information from the user site to the second entity; and
  
  at the first entity, using at least a portion of the payment-related information, the use being at least in part governed by the user rule from the third rule set.
- View Dependent Claims (17)
- - 17. A method as in claim 16, in which:

18. A digital transaction method including:
- communicating a first rule set to a user site, the first rule set being associated with a first entity;
  
  communicating a second rule set to the user site, the second rule set being associated with a second entity;
  
  communicating a first secure container to the user site, the first secure container including first content;
  
  at the user site, accessing at least a portion of the first content;
  
  in accordance with the first rule set, communicating payment-related information from the user site to the first entity;
  
  in accordance with the second rule set, communicating usage-related information from the user site to the second entity;
  
  communicating a third rule set to the user site, the third rule set being associated with a third entity;
  
  communicating a second secure container to the user site, the second secure container including second content;
  
  at the user site, accessing at least a portion of the second content;
  
  in accordance with the third rule set, communicating payment-related information form the user site to the third entity;
  
  in accordance with the second rule set, communicating usage-related information form the user site to the second entity; and
  
  communicating usage-related information from the second entity to a fourth entity, the fourth entity owning at least some rights in the first content.

19. A digital transaction method including:
- communicating a first secure container from a first party to a second party, the first secure container including first content and having associated a first rule set, the first rule set at least in part governing access to or use of at least a portion of the first secure container contents;
  
  comparing requirements specified by the first rule set to requirements specified by a second rule set present at the second party site, the compared requirements including requirements relating to a clearinghouse, the comparison process including;
  
  comparing a first clearinghouse candidate specified by the first rule set to acceptable clearinghouses specified by the second rule set, determining that the first clearinghouse candidate is not acceptable to the second rule set, comparing a second clearinghouse candidate specified by the first rule set to acceptable clearinghouses specified by the second rule set, and determining that the second clearinghouse candidate is acceptable to the second rule set;
  
  specifying use of the second clearinghouse candidate;
  
  comparing a privacy-related requirement contained in the second rule set to an information-usage requirement of the first rule set, and if a match exists, the second party gaining access to at least a portion of the first content;
  
  payment information being communicated from the second party to the second clearinghouse candidate; and
  
  the second clearinghouse candidate using the payment information to at least in part clear a payment by the second party for the access to the first content.

20. A digital transaction administration system including:
- means for creation of secure digital containers, including means for packaging content in secure digital containers and means for associating rule sets with secure digital containers, the rule sets at least in part governing access to or other use of the contents of the secure digital containers;
  
  means for communicating secure containers from a rightsholder to an administrator;
  
  at the administrator'"'"'s site, means for undertaking an automated negotiation between a rule set specified by the rightsholder and a rule set specified by the administrator, the negotiation involving at least the specification of one or more financial clearinghouses for clearing of payment-related information and one or more usage clearinghouses for clearing of usage-related information;
  
  means for communicating secure digital containers to potential users of content packaged within the containers;
  
  means for communicating payment information and usage information from users of content, including means for rules associated with the content to at least in part control the communication;
  
  means for a financial clearinghouse specified in an automated negotiation between the administrator and the rightsholder to receive payment-related information from users and to communicate payment-related information to the rightsholder; and
  
  means for a usage clearinghouse specified in an automated negotiation between the administrator and the rightsholder to receive usage-related information from users and to communicate usage-related information to the rightsholder.
- View Dependent Claims (21)
- - 21. A system as in claim 20, further including:

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Van Wie, David M., Ginter, Karl L., Weber, Robert P., Spahn, Francis J., Shear, Victor H.
Primary Examiner(s)
Darrow, Justin T.

Application Number

US09/426,764
Time in Patent Office

1,498 Days
Field of Search

713/153, 713/154, 713/155, 713/160, 713/162, 713/163, 713/165, 713/189, 713/190, 713/193, 713/194, 713/200, 713/201, 380/230, 380/231, 380/233, 705/39, 705/51, 705/52, 705/53, 705/59, 707/9, 707/10, 709/225, 709/226, 711/163, 711/164
US Class Current

713/193
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 12/1483   using an access-table, e.g....

G06F 21/109   by using specially-adapted ...

G06F 21/16   Program or content traceabi...

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/606   by securing the transmissio...

G06F 21/86   Secure or tamper-resistant ...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2135   Metering

G06F 2221/2151   Time stamp

G06Q 20/02   involving a neutral party, ...

G06Q 20/023   the neutral party being a c...

G06Q 20/04   Payment circuits

G06Q 20/12   specially adapted for elect...

G06Q 20/123   Shopping for digital content

G06Q 20/1235   with control of digital rig...

G06Q 20/14   specially adapted for billi...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 30/06 : Buying, selling or leasing ...

G06Q 30/0601 : Electronic shopping [e-shop...

G06T 1/0021 : Image watermarking

G07F 9/026 : for alarm, monitoring and a...

G11B 20/00086 : Circuits for prevention of ...

G11B 20/00159 : Parental control systems

G11B 20/00188 : involving measures which re...

G11B 20/00557 : wherein further management ...

G11B 20/0071 : involving a purchase action

G11B 20/00768 : wherein copy control inform...

G11B 2220/216 : Rewritable discs

G11B 2220/218 : Write-once discs

G11B 2220/2562 : DVDs [digital versatile dis...

G11B 2220/2575 : DVD-RAMs

G11B 27/031 : Electronic editing of digit...

G11B 27/329 : on a disc [VTOC]

H04L 12/40104 : Security; Encryption; Conte...

H04L 12/40117 : Interconnection of audio or...

H04L 2209/56 : Financial cryptography, e.g...

H04L 2209/603 : Digital right managament [DRM]

H04L 2463/101 : applying security measures ...

H04L 2463/102 : applying security measure f...

H04L 2463/103 : applying security measure f...

H04L 63/04 : for providing a confidentia...

H04L 63/068 : using time-dependent keys, ...

H04L 63/0823 : using certificates cryptogr...

H04L 63/10 : for controlling access to d...

H04L 63/20 : for managing network securi...

H04L 9/321 : involving a third party or ...

H04N 21/2347 : involving video stream encr...

H04N 21/23476 : by partially encrypting, e....

H04N 21/235 : Processing of additional da...

H04N 21/2362 : Generation or processing of...

H04N 21/2541 : Rights Management protectin...

H04N 21/2543 : Billing , e.g. for subscrip...

H04N 21/2547 : Third Party Billing, e.g. b...

H04N 21/25875 : involving end-user authenti...

H04N 21/4143 : embedded in a Personal Comp...

H04N 21/4345 : Extraction or processing of...

H04N 21/435 : Processing of additional da...

H04N 21/4405 : involving video stream decr...

H04N 21/44204 : Monitoring of content usage...

H04N 21/443 : OS processes, e.g. booting ...

H04N 21/4627 : Rights management associate...

H04N 21/4753 : for user identification, e....

H04N 21/6581 : Reference data, e.g. a movi...

H04N 21/8166 : involving executable data, ...

H04N 21/835 : Generation of protective da...

H04N 21/8355 : involving usage data, e.g. ...

H04N 21/83555 : using a structured language...

H04N 21/8358 : involving watermark protect...

H04N 7/162 : Authorising the user termin...

H04N 7/17309 : Transmission or handling of...

Y10S 707/99939 : Privileged access

View All

Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management

First Claim

2 Assignments

Litigations

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links