Method and apparatus for secure distribution of information recorded on fixed media
First Claim
1. A method of distributing information comprising the steps of:
- encrypting the information using a key encryption system;
recording the encrypted information onto media;
recording disc identification information onto the media;
storing the disc identification information in a database within a central access control system;
distributing the media to at least one site having an information access system;
reading the disc identification information from the media into the information access system;
sending the disc identification information and an information access system identification number to the central access control system as a decryption key request from the information access system; and
granting the decryption key request if the requesting information access system is authorized to access the media based upon an access rights list stored in the database within the central access system.
1 Assignment
0 Petitions
Accused Products
Abstract
A central access control system creates distribution CDs using an embedded data encryption process. A disc ID is also encrypted and recorded on each disc of each set of distribution CDs. The central access control system records the disc IDs and a remote location access rights list (ARL). A list of unique remote location IDs are also stored. The distribution CDs are delivered to one or more remote locations equipped with an information access system that includes its unique remote location ID a CD reader with an embedded decryption system, and a communication link to the central access control system. The information access system can send the disc ID and its unique remote location ID as an access request to the central access control system. If the access control system is able to verify and grant the request, a unique decryption key will be sent to access the particular distribution CD currently contained in the information access system. The unique remote location ID of each information access system is a public encryption key and the central access control system encrypts the distribution CD'"'"'s decryption key using the requesting information access system'"'"'s public key. If the central access control system is unable to verify or grant the request, an attempted security breach alert is triggered.
67 Citations
27 Claims
-
1. A method of distributing information comprising the steps of:
-
encrypting the information using a key encryption system;
recording the encrypted information onto media;
recording disc identification information onto the media;
storing the disc identification information in a database within a central access control system;
distributing the media to at least one site having an information access system;
reading the disc identification information from the media into the information access system;
sending the disc identification information and an information access system identification number to the central access control system as a decryption key request from the information access system; and
granting the decryption key request if the requesting information access system is authorized to access the media based upon an access rights list stored in the database within the central access system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
checking the secure database for the decryption key; and
granting the decryption key request if the decryption key is present and valid instead of sending the decryption key request to the central access control system.
-
-
13. The method of claim 12 wherein a message is sent to the central access control system to allow the central access control system to log at least one of the request of the decryption key and the grant of the decryption key.
-
14. A method of distributing information comprising the steps of:
-
encrypting the information using a key encryption system;
recording the encrypted information onto media;
recording disc identification information onto the media along with the encrypted information;
storing the disc identification information in a database within a central access control system;
distributing the media to at least one site having an information access system;
reading the disc identification information from the media into the information access system;
requesting a decryption key by requiring a user of the information access system to log into the information access system;
granting the decryption key if there is a valid key stored within a secure database within the information access system for the logged-in user;
sending the disc identification information and an information access system identification number to the central access control system as a decryption key request from the information access system if the decryption key is not already stored within the secure database within the information access system for the logged-in user; and
granting the decryption key request if the requesting information access system is authorized to access the media based upon an access rights list stored in the database within the central access system.
-
-
15. An apparatus for distributing information comprising:
-
a central access control system including;
an encryption circuit for encrypting the information using a key encryption system;
a recorder for recording the encrypted information and disc identification information onto media;
a database for storing the disc identification information; and
program code executable on the central access control system for granting a decryption key request if a requesting information access system is authorized to access the media based upon an access rights list stored in the database within the central access system; and
an information access system for receiving the media, the information access system including;
a media reading device for reading the disc identification information from the media into the information access system; and
a transmitter for sending the disc identification information and an information access system identification number to the central access control system as a decryption key request from the information access system. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
Specification