Data management system
First Claim
1. A data management method comprising:
- entering first user data as a first electronic watermark to first data content by a data management center;
encrypting the first data content by the data management center using a first secret key;
distributing the encrypted first data content from the data management center to a first user;
distributing the first secret key and a second secret key from the data management center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
entering second user data as a second electronic watermark to the first data content by the first user before transferring the first data content from the first user to a second user; and
re-encrypting the first data content by the first user using the second secret key before storing, copying, or transferring the first data content by the first user.
5 Assignments
0 Petitions
Accused Products
Abstract
To prevent piracy or leakage of data content, a cryptography technique and electronic watermark technique are combined together and used. In a data content supplied to a user, a user data is entered as electronic watermark by a data management center, and the data content with an electronic watermark entered in it is encrypted using a crypt key and is supplied. The encrypted data content is decrypted using a crypt key distributed from the data management center and is used. In case it is to be stored, it is encrypted using another crypt key. In case the data content is copied and transferred to other user, a user data of the other user is entered as electronic watermark, and a scenario to enter the user data of the other user as electronic watermark is registered at the data management center, and the data content with electronic watermark entered in it is encrypted using another crypt key and is supplied. When the validity of the other user is confirmed by the scenario, another crypt key is distributed to the other user. The encrypted data content is decrypted using another crypt key and is used. When it is to be stored, it is encrypted using still another key. In case the data content has been copied and transferred illegitimately, it is possible by verifying the electronic watermark to identify the user who has copied and transferred the data content illegitimately.
-
Citations
94 Claims
-
1. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data management center;
encrypting the first data content by the data management center using a first secret key;
distributing the encrypted first data content from the data management center to a first user;
distributing the first secret key and a second secret key from the data management center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
entering second user data as a second electronic watermark to the first data content by the first user before transferring the first data content from the first user to a second user; and
re-encrypting the first data content by the first user using the second secret key before storing, copying, or transferring the first data content by the first user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
encrypting the first and second secret keys by the data management center using a public key of the first user before distributing the first and second secret keys to the first user; and
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key.
-
-
3. A data management method according to claim 1, wherein the secret keys are generated by the data management center.
-
4. A data management method according to claim 1, wherein the first and second secret keys are generated by the data management center based on the first user data.
-
5. A data management method according to claim 1, wherein the secret keys are selected by the data management center from a key library at the data management center.
-
6. A data management method according to claim 1,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
7. A data management method according to claim 1,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key. -
8. A data management method according to claim 1, wherein the secret keys are stored at the data management center to provide a key escrow system by the data management center.
-
9. A data management method according to claim 1, wherein the secret keys are stored at the data management center to provide a key recovery system by the data management center.
-
10. A data management method according to claim 1, further comprising:
-
editing the first data content by the first user to produce edited data content represented by the first data content and a scenario, the scenario being an editing process on the first data content;
registering the scenario with the data management center;
distributing a third secret key from the data management center to the first user upon registration of the scenario, the third secret key being different from the first and second secret keys; and
encrypting the edited data content by the first user using the third secret key before storing, copying, or transferring the edited data content by the first user.
-
-
11. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data management center;
encrypting the first data content by the data management center using a first secret key;
distributing the encrypted first data content from the data management center to a first user;
distributing the first secret key and a second secret key from the data management center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
entering second user data as a second electronic watermark to the first data content by the first user before transferring the first data content from the first user to a second user;
re-encrypting the first data content by the first user using the second secret key before storing, copying, or transferring the first data content by the first user;
requesting the data management center for access to the re-encrypted first data content by the second user;
distributing the second secret key and a third secret key to the second user, the second and third secret keys being different from each other;
decrypting the re-encrypted first data content by the second user using the second secret key; and
re-encrypting the decrypted first data content by the second user using the third secret key before storing, copying, or transferring the first data content by the second user. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
encrypting the first and second secret keys by the data management center using a public key of the first user before distributing the first and second secret keys to the first user;
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key;
encrypting the second and third secret keys by the data management center using a public key of the second user before distributing the second and third secret keys to the second user; and
decrypting the second and third secret keys by the second user using a private key of the second user before decrypting the re-encrypted first data content using the second secret key.
-
-
13. A data management method according to claim 11, wherein the secret keys are generated by the data management center.
-
14. A data management method according to claim 11, wherein the first and second secret keys are generated by the data management center based on the first user data, and the third secret key is generated by the data management center based on the second user data.
-
15. A data management method according to claim 11, wherein the secret keys are selected by the data management center from a key library at the data management center.
-
16. A data management method according to claim 11,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
17. A data management method according to claim 11,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key, and wherein after said decrypting by the second user using the second secret key, the second secret key is abandoned by the second user by overwriting the second secret key with the third secret key. -
18. A data management method according to claim 11, wherein the secret keys are stored at the data management center to provide a key escrow system by the data management center.
-
19. A data management method according to claim 11, wherein the secret keys are stored at the data management center to provide a key recovery system by the data management center.
-
20. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data management center;
encrypting the first data content by the data management center using a first secret key;
distributing the encrypted first data content from the data management center to a first user;
distributing the first secret key and a second secret key from the data management center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
editing the first data content by the first user to produce edited data content;
entering second user data as a second electronic watermark to the edited data content by the first user before transferring the edited data content from the first user to a second user; and
re-encrypting the first data content by the first user using the second secret key before storing, copying, or transferring the first data content by the first user. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
encrypting the first and second secret keys by the data management center using a public key of the first user before distributing the first and second secret keys to the first user; and
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key.
-
-
22. A data management method according to claim 20, wherein the secret keys are generated by the data management center.
-
23. A data management method according to claim 20, wherein the first and second secret keys are generated by the data management center based on the first user data.
-
24. A data management method according to claim 20, wherein the secret keys are selected by the data management center from a key library at the data management center.
-
25. A data management method according to claim 20,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
26. A data management method according to claim 20,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key. -
27. A data management method according to claim 20, wherein the secret keys are stored at the data management center to provide a key escrow system by the data management center.
-
28. A data management method according to claim 20, wherein the secret keys are stored at the data management center to provide a key recovery system by the data management center.
-
29. A data management method according to claim 20, further comprising:
-
registering a scenario with the data management center, the scenario being an editing process on the first data content generated by said editing of the first data content;
distributing a third secret key from the data management center to the first user upon registration of the scenario, the third secret key being different from the first and second secret keys; and
encrypting the edited data content by the first user using the third secret key before storing, copying, or transferring the edited data content by the first user.
-
-
30. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data management center;
encrypting the first data content by the data management center using a first secret key;
distributing the encrypted first data content from the data management center to a first user;
distributing the first secret key and a second secret key from the data management center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
editing the first data content by the first user to produce edited data content;
entering second user data as a second electronic watermark to the edited data content by the first user before transferring the edited data content from the first user to a second user encrypting the edited data content by the first user using the second secret key before storing, copying, or transferring the edited data content by the first user;
requesting the data management center for access to the encrypted edited data content by the second user;
distributing the second secret key and a third secret key from the data management center to the second user, the second and third secret keys being different from each other;
decrypting the encrypted edited data content by the second user using the second secret key; and
re-encrypting the edited data content by the second user using the third secret key before storing, copying, or transferring the edited data content by the second user. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38)
encrypting the first and second secret keys by the data management center using a public key of the first user before distributing the first and second secret keys to the first user;
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key;
encrypting the second and third secret keys by the data management center using a public key of the second user before distributing the second and third secret keys to the second user; and
decrypting the second and third secret keys by the second user using a private key of the second user before decrypting the encrypted edited data content using the second secret key.
-
-
32. A data management method according to claim 30, wherein the secret keys are generated by the data management center.
-
33. A data management method according to claim 30, wherein the first and second secret keys are generated by the data management center based on the first user data, and the third secret key is generated by the data management center based on the second user data.
-
34. A data management method according to claim 30, wherein the secret keys are selected by the data management center from a key library at the data management center.
-
35. A data management method according to claim 30,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
36. A data management method according to claim 30,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key, and wherein after said decrypting by the second user using the second secret key, the second secret key is abandoned by the second user by overwriting the second secret key with the third secret key. -
37. A data management method according to claim 30, wherein the secret keys are stored at the data management center to provide a key escrow system by the data management center.
-
38. A data management method according to claim 30, wherein the secret keys are stored at the data management center to provide a key recovery system by the data management center.
-
39. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data management center;
encrypting the first data content by the data management center using a first secret key;
distributing the encrypted first data content from the data management center to a first user;
distributing the first secret key and a second secret key from the data management center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
editing the first data content by the first user to produce edited data content;
registering a scenario with the data management center, the scenario being an editing process on the first data content generated by said editing of the first data content;
entering second user data as a second electronic watermark to the edited data content by the first user before transferring the edited data content from the first user to a second user;
distributing a third secret key from the data management center to the first user upon registration of the scenario, the third secret key being different from the first and second secret keys;
encrypting the edited data content by the first user using the third secret key before storing, copying, or transferring the edited data content by the first user;
re-encrypting the first data content by the first user using the second secret key before storing, copying, or transferring the first data content by the first user;
requesting the data management center for access to the encrypted edited data content by the second user;
distributing the third secret key and a fourth secret key to the second user, the third and fourth secret keys being different from each other;
decrypting the encrypted edited data content by the second user using the third secret key; and
re-encrypting the edited data content by the second user using the fourth secret key before storing, copying, or transferring the edited data content by the second user. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47)
encrypting the first and second secret keys by the data management center using a public key of the first user before distributing the first and second secret keys to the first user;
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key;
encrypting the third secret key by the data management center using the public key of the first user before distributing the third secret key to the first user;
decrypting the third secret key by the first user using the private key of the first user before encrypting edited data content using the third secret key;
encrypting the third and fourth secret keys by the data management center using a public key of the second user before distributing the third and fourth secret keys to the second user; and
decrypting the third and fourth secret keys by the second user using a private key of the second user before decrypting the encrypted edited data content using the third secret key.
-
-
41. A data management method according to claim 39, wherein the secret keys are generated by the data management center.
-
42. A data management method according to claim 39, wherein the first, second, and third secret keys are generated by the key center based on the first user data, and the fourth secret key is generated by the key center based on the second user data.
-
43. A data management method according to claim 39, wherein the secret keys are selected by the data management center from a key library at the data management center.
-
44. A data management method according to claim 39,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
45. A data management method according to claim 39,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key, and wherein after said decrypting by the second user using the third secret key, the third secret key is abandoned by the second user by overwriting the third secret key with the fourth secret key. -
46. A data management method according to claim 39, wherein the secret keys are stored at the data management center to provide a key escrow system by the data management center.
-
47. A data management method according to claim 39, wherein the secret keys are stored at the data management center to provide a key recovery system by the data management center.
-
48. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data center;
encrypting the first data content by the data center using a first secret key provided by a key center;
distributing the encrypted first data content from the data center to a first user;
distributing the first secret key and a second secret key from the key center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
entering second user data as a second electronic watermark to the first data content by the first user before transferring the first data content from the first user to a second user; and
re-encrypting the first data content by the first user using the second secret key before storing, copying, or transferring the first data content by the first user. - View Dependent Claims (49, 50, 51, 52, 53, 54, 55, 56, 57)
encrypting the first and second secret keys by the key center using a public key of the first user before distributing the first and second secret keys to the first user; and
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key.
-
-
50. A data management method according to claim 48, wherein the secret keys are generated by the key center.
-
51. A data management method according to claim 48, wherein the first and second secret keys are generated by the key center based on the first user data.
-
52. A data management method according to claim 48, wherein the secret keys are selected by the key center from a key library at the key center.
-
53. A data management method according to claim 48,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
54. A data management method according to claim 48,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key. -
55. A data management method according to claim 48, wherein the secret keys are stored at the key center to provide a key escrow system by the key center.
-
56. A data management method according to claim 48, wherein the secret keys are stored at the key center to provide a key recovery system by the key center.
-
57. A data management method according to claim 48, further comprising:
-
editing the first data content by the first user to produce edited data content represented by the first data content and a scenario, the scenario being an editing process on the first data content;
registering the scenario with the key center;
distributing a third secret key from the key center to the first user upon registration of the scenario, the third secret key being different from the first and second secret keys; and
encrypting the edited data content by the first user using the third secret key before storing, copying, or transferring the edited data content by the first user.
-
-
58. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data center;
encrypting the first data content by the data center using a first secret key provided by a key center;
distributing the encrypted first data content from the data center to a first user;
distributing the first secret key and a second secret key from the key center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
entering second user data as a second electronic watermark to the first data content by the first user before transferring the first data content from the first user to a second user;
re-encrypting the first data content by the first user using the second secret key before storing, copying, or transferring the first data content by the first user;
requesting the key center for access to the re-encrypted first data content by the second user;
distributing the second secret key and a third secret key from the key center to the second user, the second and third secret keys being different from each other;
decrypting the re-encrypted first data content by the second user using the second secret key; and
re-encrypting the decrypted first data content by the second user using the third secret key before storing, copying, or transferring the first data content by the second user. - View Dependent Claims (59, 60, 61, 62, 63, 64, 65, 66)
encrypting the first and second secret keys by the key center using a public key of the first user before distributing the first and second secret keys to the first user;
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key;
encrypting the second and third secret keys by the key center using a public key of the second user before distributing the second and third secret keys to the second user; and
decrypting the second and third secret keys by the second user using a private key of the second user before decrypting the re-encrypted first data content using the second secret key.
-
-
60. A data management method according to claim 58, wherein the secret keys are generated by the key center.
-
61. A data management method according to claim 58, wherein the first and second secret keys are generated by the key center based on the first user data, and the third secret key is generated by the key center based on the second user data.
-
62. A data management method according to claim 58, wherein the secret keys are selected by the key center from a key library at the key center.
-
63. A data management method according to claim 58,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
64. A data management method according to claim 58,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key, and wherein after said decrypting by the second user using the second secret key, the second secret key is abandoned by the second user by overwriting the second secret key with the third secret key. -
65. A data management method according to claim 58, wherein the secret keys are stored at the key center to provide a key escrow system by the key center.
-
66. A data management method according to claim 58, wherein the secret keys are stored at the key center to provide a key recovery system by the key center.
-
67. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data center;
encrypting the first data content by the data center using a first secret key provided by a key center;
distributing the encrypted first data content from the data center to a first user;
distributing the first secret key and a second secret key from the key center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
editing the first data content by the first user to produce edited data content;
entering second user data as a second electronic watermark to the edited data content by the first user before transferring the edited data content from the first user to a second user; and
re-encrypting the first data content by the first user using the second secret key before storing, copying, or transferring the first data content by the first user. - View Dependent Claims (68, 69, 70, 71, 72, 73, 74, 75, 76)
encrypting the first and second secret keys by the key center using a public key of the first user before distributing the first and second secret keys to the first user; and
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key.
-
-
69. A data management method according to claim 67, wherein the secret keys are generated by the key center.
-
70. A data management method according to claim 67, wherein the first and second secret keys are generated by the key center based on the first user data.
-
71. A data management method according to claim 67, wherein the secret keys are selected by the key center from a key library at the key center.
-
72. A data management method according to claim 67,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
73. A data management method according to claim 67,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key. -
74. A data management method according to claim 67, wherein the secret keys are stored at the key center to provide a key escrow system by the key center.
-
75. A data management method according to claim 67, wherein the secret keys are stored at the key center to provide a key recovery system by the key center.
-
76. A data management method according to claim 67, further comprising:
-
registering a scenario with the key center, the scenario being an editing process on the first data content generated by said editing of the first data content;
distributing a third secret key from the key center to the first user upon registration of the scenario, the third secret key being different from the first and second secret keys; and
encrypting the edited data content by the first user using the third secret key before storing, copying, or transferring the edited data content by the first user.
-
-
77. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data center;
encrypting the first data content by the data center using a first secret key provided by a key center;
distributing the first data content from the data center to a first user;
distributing the first secret key and a second secret key from the key center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
editing the first data content by the first user to produce edited data content;
entering second user data as a second electronic watermark to the edited data content by the first user before transferring the edited data content from the first user to a second user;
encrypting the edited data content by the first user using the second secret key before storing, copying, or transferring the edited data content by the first user;
requesting the key center for access to the encrypted edited data content by the second user;
distributing the second secret key and a third secret key from the key center to the second user, the second and third secret keys being different from each other;
decrypting the encrypted edited data content by the second user using the second secret key; and
re-encrypting the edited data content by the second user using the third secret key before storing, copying, or transferring the edited data content by the second user. - View Dependent Claims (78, 79, 80, 81, 82, 83, 84, 85)
encrypting the first and second secret keys by the key center using a public key of the first user before distributing the first and second secret keys to the first user;
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key;
encrypting the second and third secret keys by the key center using a public key of the second user before distributing the second and third secret keys to the second user; and
decrypting the second and third secret keys by the second user using a private key of the second user before decrypting the encrypted edited data content using the second secret key.
-
-
79. A data management method according to claim 77, wherein the secret keys are generated by the key center.
-
80. A data management method according to claim 77, wherein the first and second secret keys are generated by the key center based on the first user data, and the third secret key is generated by the key center based on the second user data.
-
81. A data management method according to claim 77, wherein the secret keys are selected by the key center from a key library at the key center.
-
82. A data management method according to claim 77,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
83. A data management method according to claim 77,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key, and wherein after said decrypting by the second user using the second secret key, the second secret key is abandoned by the second user by overwriting the second secret key with the third secret key. -
84. A data management method according to claim 77, wherein the secret keys are stored at the key center to provide a key escrow system by the key center.
-
85. A data management method according to claim 77, wherein the secret keys are stored at the key center to provide a key recovery system by the key center.
-
86. A data management method comprising:
-
entering first user data as a first electronic watermark to first data content by a data center;
encrypting the first data content by the data center using a first secret key provided by a key center;
distributing the encrypted first data content from the data center to a first user;
distributing the first secret key and a second secret key from the key center to the first user, the first and second secret keys being different from each other;
decrypting the encrypted first data content by the first user using the first secret key;
editing the first data content by the first user to produce edited data content;
registering a scenario with the key center, the scenario being an editing process on the first data content generated by said editing of the first data content;
entering second user data as a second electronic watermark to the edited data content by the first user before transferring the edited data content from the first user to a second user;
distributing a third secret key from the key center to the first user upon registration of the scenario, the third secret key being different from the first and second secret keys;
encrypting the edited data content by the first user using the third secret key before storing, copying, or transferring the edited data content by the first user;
re-encrypting the first data content by the first user using the second secret key before storing, copying, or transferring the first data content by the first user;
requesting the key center for access to the encrypted edited data content by the second user;
distributing the third secret key and a fourth secret key from the key center to the second user, the third and fourth secret keys being different from each other;
decrypting the encrypted edited data content by the second user using the third secret key; and
re-encrypting the edited data content by the second user using the fourth secret key before storing, copying, or transferring the edited data content by the second user. - View Dependent Claims (87, 88, 89, 90, 91, 92, 93, 94)
encrypting the first and second secret keys by the key center using a public key of the first user before distributing the first and second secret keys to the first user;
decrypting the first and second secret keys by the first user using a private key of the first user before decrypting the encrypted first data content using the first secret key;
encrypting the third secret key by the key center using the public key of the first user before distributing the third secret key to the first user;
decrypting the third secret key by the first user using the private key of the first user before encrypting edited data content using the third secret key;
encrypting the third and fourth secret keys by the key center using a public key of the second user before distributing the third and fourth secret keys to the second user; and
decrypting the third and fourth secret keys by the second user using a private key of the second user before decrypting the encrypted edited data content using the third secret key.
-
-
88. A data management method according to claim 86, wherein the secret keys are generated by the key center.
-
89. A data management method according to claim 86, wherein the first, second, and third secret keys are generated by the key center based on the first user data, and the fourth secret key is generated by the key center based on the second user data.
-
90. A data management method according to claim 86, wherein the secret keys are selected by the key center from a key library at the key center.
-
91. A data management method according to claim 86,
wherein each of the secret keys is divided into corresponding partial secret keys, wherein one of the partial secret keys corresponding to the first secret key and one of the partial secret keys corresponding to the second secret key are distributed to the first user, wherein another one of the partial secret keys corresponding to the first secret key and another one of the partial secret keys corresponding to the second secret key are attached to the first data content. -
92. A data management method according to claim 86,
wherein after said decrypting by the first user using the first secret key, the first secret key is abandoned by the first user by overwriting the first secret key with the second secret key, and wherein after said decrypting by the second user using the third secret key, the third secret key is abandoned by the second user by overwriting the third secret key with the fourth secret key. -
93. A data management method according to claim 86, wherein the secret keys are stored at the key center to provide a key escrow system by the key center.
-
94. A data management method according to claim 86, wherein the secret keys are stored at the key center to provide a key recovery system by the key center.
Specification