Method and apparatus for secure distribution of information recorded on fixed media

US 6,832,318 B1
Filed: 01/15/1999
Issued: 12/14/2004
Est. Priority Date: 01/15/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method of distributing information comprising the steps of:

encrypting the information using a key encryption system;

recording the encrypted information onto media;

recording disc identification information onto the media;

storing the disc identification information in a database within a central access control system;

distributing the media to at least one site having an information access system;

reading the disc identification information from the media into the information access system;

sending the disc identification information and an information access system identification number to the central access control system as a decryption key request from the information access system; and

granting the decryption key request if the requesting information access system is authorized to access the media based upon an access rights list stored in the database within the central access system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A central access control system creates distribution CDs using an embedded data encryption process. A disc ID is also encrypted and recorded on each disc of each set of distribution CDs. The central access control system records the disc IDs and a remote location access rights list (ARL). A list of unique remote location IDs are also stored. The distribution CDs are delivered to one or more remote locations equipped with an information access system that includes its unique remote location ID a CD reader with an embedded decryption system, and a communication link to the central access control system. The information access system can send the disc ID and its unique remote location ID as an access request to the central access control system. If the access control system is able to verify and grant the request, a unique decryption key will be sent to access the particular distribution CD currently contained in the information access system. The unique remote location ID of each information access system is a public encryption key and the central access control system encrypts the distribution CD'"'"'s decryption key using the requesting information access system'"'"'s public key. If the central access control system is unable to verify or grant the request, an attempted security breach alert is triggered.

67 Citations

View as Search Results

27 Claims

1. A method of distributing information comprising the steps of:
- encrypting the information using a key encryption system;
  
  recording the encrypted information onto media;
  
  recording disc identification information onto the media;
  
  storing the disc identification information in a database within a central access control system;
  
  distributing the media to at least one site having an information access system;
  
  reading the disc identification information from the media into the information access system;
  
  sending the disc identification information and an information access system identification number to the central access control system as a decryption key request from the information access system; and
  
  granting the decryption key request if the requesting information access system is authorized to access the media based upon an access rights list stored in the database within the central access system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1 further including the step of denying the decryption key request if the requesting information access system is not authorized to access the media based upon an access rights list stored in the database within the central access system.
  - 3. The method of claim 2 wherein the step of denying the decryption key request includes the step of triggering a security alert.
  - 4. The method of claim 1 wherein the step of granting the decryption key request includes verifying the disc identification information and the information access system identification number.
  - 5. The method of claim 1 wherein the step of granting the decryption key request includes logging the request and grant of the decryption key request.
  - 6. The method of claim 1 wherein the step of granting the decryption key request includes looking up whether the requesting information access system is listed as an authorized information access system on the access rights list within the central access control system.
  - 7. The method of claim 1 further including the step of encrypting the decryption key using the requesting information access system'"'"'s identification number as an encryption key.
  - 8. The method of claim 7 further including the step of transmitting the encrypted decryption key to the requesting information access system.
  - 9. The method of claim 8 further including the step of decrypting the encrypted decryption key on the requesting information access system.
  - 10. The method of claim 9 further including the step of decrypting the encrypted information on the media using the decrypted decryption key on the requesting information access system.
  - 11. The method of claim 1 further including the step of storing the decryption key received from the central access control system in a secure database within the information access system.
  - 12. The method of claim 11 wherein the step of sending a decryption key request includes the steps of:
13. The method of claim 12 wherein a message is sent to the central access control system to allow the central access control system to log at least one of the request of the decryption key and the grant of the decryption key.

14. A method of distributing information comprising the steps of:
- encrypting the information using a key encryption system;
  
  recording the encrypted information onto media;
  
  recording disc identification information onto the media along with the encrypted information;
  
  storing the disc identification information in a database within a central access control system;
  
  distributing the media to at least one site having an information access system;
  
  reading the disc identification information from the media into the information access system;
  
  requesting a decryption key by requiring a user of the information access system to log into the information access system;
  
  granting the decryption key if there is a valid key stored within a secure database within the information access system for the logged-in user;
  
  sending the disc identification information and an information access system identification number to the central access control system as a decryption key request from the information access system if the decryption key is not already stored within the secure database within the information access system for the logged-in user; and
  
  granting the decryption key request if the requesting information access system is authorized to access the media based upon an access rights list stored in the database within the central access system.

15. An apparatus for distributing information comprising:
- a central access control system including;
  
  an encryption circuit for encrypting the information using a key encryption system;
  
  a recorder for recording the encrypted information and disc identification information onto media;
  
  a database for storing the disc identification information; and
  
  program code executable on the central access control system for granting a decryption key request if a requesting information access system is authorized to access the media based upon an access rights list stored in the database within the central access system; and
  
  an information access system for receiving the media, the information access system including;
  
  a media reading device for reading the disc identification information from the media into the information access system; and
  
  a transmitter for sending the disc identification information and an information access system identification number to the central access control system as a decryption key request from the information access system.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 16. The apparatus of claim 15 wherein the program code includes a first software module for denying the decryption key request if the requesting information access system is not authorized to access the media based upon an access rights list stored in the database within the central access system.
  - 17. The apparatus of claim 16 wherein the first software module includes a second software module for triggering a security alert.
  - 18. The apparatus of claim 15 wherein the program code includes a third software module for verifying the disc identification information and the information access system identification number.
  - 19. The apparatus of claim 15 wherein the program code includes a fourth software module for logging the request and grant of the decryption key request.
  - 20. The apparatus of claim 15 wherein the program code includes a fifth software module for looking up whether the requesting information access system is listed as an authorized information access system on the access rights list within the central access control system.
  - 21. The apparatus of claim 15 wherein the program code includes a sixth software module for encrypting the decryption key using the requesting information access system'"'"'s identification number as an encryption key.
  - 22. The apparatus of claim 21 wherein the central access control system further includes a transmitter and wherein the program code includes a seventh software module for transmitting the encrypted decryption key to the requesting information access system.
  - 23. The apparatus of claim 22 wherein the information access system includes program code for decrypting the encrypted decryption key.
  - 24. The apparatus of claim 23 wherein the information access system further includes program code for decrypting the encrypted information on the media using the decrypted decryption key on the requesting information access system.
  - 25. The apparatus of claim 15 wherein the program code includes an eighth software module for storing the decryption key received from the central access control system in a secure database within the information access system.
  - 26. The apparatus of claim 25 wherein the information access system includes program code for checking the secure database for the decryption key, granting the decryption key request if the decryption key is present and valid, and instructing the transmitter not to send the decryption key request to the central access control system.
  - 27. The apparatus of claim 26 wherein the information access system includes program code to transmit a message to the central access control system to allow the central access control system to log at least one of the request of the decryption key and the grant of the decryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.), Sony Electronics Inc. (Sony Group Corp.)
Original Assignee
Sony Corporation (Sony Group Corp.), Sony Electronics Inc. (Sony Group Corp.)
Inventors
Yaegashi, Akira, Guico, Henry Theo F.
Primary Examiner(s)
Elisca, Pierre E.

Application Number

US09/245,107
Time in Patent Office

2,160 Days
Field of Search

380/201, 380/202, 380/203, 380/205, 380/228, 380/229, 380/230, 380/231, 380/232, 380/233, 705/52, 705/277, 705/278, 705/57, 705/58, 705/51, 717/1, 717/11, 711/100, 713/193, 713/168, 713/200-201
US Class Current

713/193
CPC Class Codes

G06F 21/10 Protecting distributed prog...

Method and apparatus for secure distribution of information recorded on fixed media

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

67 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for secure distribution of information recorded on fixed media

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others