Systems and methods for integrity certification and verification of content consumption environments
First Claim
1. A system for providing integrity certification and verification within content consumption or computing environments, said system comprising:
- an identification and integrity certification and verification device, including;
a component registration database storing authentication information about one or more applications, systems or system components;
an integrity profile database storing at least one integrity profile including verifiable information defining an authentic environment that is used to determine the authenticity of a collection of the one or more applications, systems or system components of a content consumption or computing environment and the authenticity of an interrelationship or dependency among the collection of the one or more applications, systems or system components;
a profile creation device coupled to the integrity profile database and the component registration database and which maintains the integrity profile and creates the integrity profile based on the authentication information about the one or more applications, systems or system components stored in the component registration database;
a profile verification device coupled to the integrity profile database and which verifies authenticity by comparing one or more of application, system or system component identifications, specified in the integrity profile with one or more applications, systems or system components of the content consumption or computing environment;
a component registration device coupled to the component registration database and which obtains the authentication information about the one or more applications, systems or system components from a content consumption or computing application, system or system component provider and provides the authentication information to the component registration database; and
a profile distribution device coupled to the integrity profile database and which receives an identification of the integrity profile and determines if the integrity profile corresponding to the integrity profile identification is available;
wherein the component registration device receives a component identification associated with the one or more applications, systems or system components of the content consumption or computing application, system or system component provider;
the component registration device registers the one or more applications, systems or system components of the content consumption or computing application, system or system component provider; and
the component registration device returns the component identification of the registered applications, systems or system components to the content consumption or computing application, system or system component provider.
1 Assignment
0 Petitions
Accused Products
Abstract
A content provider, such as a document publisher or distributor, provides, for example, protected content to a user, for consumption within a trusted user environment. By providing integrity certification and verification services, the authenticity of the content consumption environments can be verified. The content provider forwards to the user a protected version of the digital content which includes, for example, a license agreement and an integrity profile identification. The profile includes, for example, the applications and system components that are allowed to be used in conjunction with the protected content. Additionally, the content provider initiates a request for an integrity profile. This request for the integrity profile is forwarded to an integrity certification and verification device. The integrity certification and verification device can, for example, if an integrity profile does not already exist for the requested applications and/or systems components, query a content consumption system/application provider, who, for example, has supplied the system components to the user. The content consumption system/application provider returns to the integrity certification and verification device authentication information about the particular applications or system components. The authentication information allows a comparison, or integrity verification, to be made between an application and/or system component on a user'"'"'s system, and the original application or system component as distributed by the content consumption system/application provider.
289 Citations
136 Claims
-
1. A system for providing integrity certification and verification within content consumption or computing environments, said system comprising:
-
an identification and integrity certification and verification device, including; a component registration database storing authentication information about one or more applications, systems or system components; an integrity profile database storing at least one integrity profile including verifiable information defining an authentic environment that is used to determine the authenticity of a collection of the one or more applications, systems or system components of a content consumption or computing environment and the authenticity of an interrelationship or dependency among the collection of the one or more applications, systems or system components; a profile creation device coupled to the integrity profile database and the component registration database and which maintains the integrity profile and creates the integrity profile based on the authentication information about the one or more applications, systems or system components stored in the component registration database; a profile verification device coupled to the integrity profile database and which verifies authenticity by comparing one or more of application, system or system component identifications, specified in the integrity profile with one or more applications, systems or system components of the content consumption or computing environment; a component registration device coupled to the component registration database and which obtains the authentication information about the one or more applications, systems or system components from a content consumption or computing application, system or system component provider and provides the authentication information to the component registration database; and a profile distribution device coupled to the integrity profile database and which receives an identification of the integrity profile and determines if the integrity profile corresponding to the integrity profile identification is available; wherein the component registration device receives a component identification associated with the one or more applications, systems or system components of the content consumption or computing application, system or system component provider; the component registration device registers the one or more applications, systems or system components of the content consumption or computing application, system or system component provider; and the component registration device returns the component identification of the registered applications, systems or system components to the content consumption or computing application, system or system component provider. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
-
-
20. A system for providing integrity certification and verification within content consumption or computing environments, said system comprising:
-
an identification and integrity certification and verification device, including; a component registration database storing authentication information about one or more applications, systems or system components; an integrity profile database storing at least one integrity profile including verifiable information defining an authentic environment that is used to determine the authenticity of a collection of the one or more applications, systems or system components of a content consumption or computing environment and the authenticity of an interrelationship or dependency among the collection of the one or more applications, systems or system components; a profile creation device coupled to the integrity profile database and the component registration database and which maintains the integrity profile and creates the integrity profile based on the authentication information about the one or more applications, systems or system components stored in the component registration database; a profile verification device coupled to the integrity profile database and which verifies authenticity by comparing one or more of application, system or system component identifications, specified in the integrity profile with one or more applications, systems or system components of the content consumption or computing environment; a component registration device coupled to the component registration database and which obtains the authentication information about the one or more applications, systems or system components from a content consumption or computing application, system or system component provider and provides the authentication information to the component registration database; and a profile distribution device coupled to the integrity profile database and which receives an identification of the integrity profile and determines if the integrity profile corresponding to the integrity profile identification is available; wherein the content consumption or computing application, system or system component provider connects to the component registration device to download a software application. - View Dependent Claims (21, 22, 23, 24)
-
-
46. A device for providing identification and integrity certification and verification within content consumption or computing environments, said device comprising:
-
a component registration database storing authentication information about one or more applications, systems or system components; an integrity profile database storing at least one integrity profile including verifiable information defining an authentic environment that is used to determine the authenticity of a collection of the one or more applications, systems or system components of a content consumption or computing environment and the authenticity of an interrelationship or dependency among the collection of the one or more applications, systems or system components; a profile creation device coupled to the integrity profile database and the component registration database and which maintains the integrity profile and creates the integrity profile based on the authentication information about the one or more applications, systems or system components stored in the component registration database; a profile verification device coupled to the integrity profile database and which verifies authenticity by comparing one or more of application, system or system component identifications, specified in the integrity profile with one or more applications, systems or system components of the content consumption or computing environment; a component registration device coupled to the component registration database and which obtains the authentication information about the one or more applications, systems or system components from a content consumption or computing application, system or system component provider and provides the authentication information to the component registration database; and a profile distribution device coupled to the integrity profile database and which receives an identification of the integrity profile and determines if the integrity profile corresponding to the integrity profile identification is available; wherein the component registration device receives a component identification associated with the one or more applications, systems or system components of the content consumption or computing application, system or system component provider; the component registration device registers the one or more applications, systems or system components of the content consumption or computing application, system or system component provider; and the component registration device returns the component identification of the registered applications, systems or system components to the content consumption or computing application, system or system component provider. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90)
-
-
65. A device for providing identification and integrity certification and verification within content consumption or computing environments, said device comprising:
-
a component registration database storing authentication information about one or more applications, systems or system components; an integrity profile database storing at least one integrity profile including verifiable information defining an authentic environment that is used to determine the authenticity of a collection of the one or more applications, systems or system components of a content consumption or computing environment and the authenticity of an interrelationship or dependency among the collection of the one or more applications, systems or system components; a profile creation device coupled to the integrity profile database and the component registration database and which maintains the integrity profile and creates the integrity profile based on the authentication information about the one or more applications, systems or system components stored in the component registration database; a profile verification device coupled to the integrity profile database and which verifies authenticity by comparing one or more of application, system or system component identifications, specified in the integrity profile with one or more applications, systems or system components of the content consumption or computing environment; a component registration device coupled to the component registration database and which obtains the authentication information about the one or more applications, systems or system components from a content consumption or computing application, system or system component provider and provides the authentication information to the component registration database; and a profile distribution device coupled to the integrity profile database and which receives an identification of the integrity profile and determines if the integrity profile corresponding to the integrity profile identification is available; wherein the content consumption or computing application, system or system component provider connects to the component registration device to download a software application. - View Dependent Claims (66, 67, 68, 69)
-
-
91. A method for providing identification and integrity certification and verification within content consumption or computing environments, said method comprising:
-
storing, in a component registration database, authentication information about one or more applications, systems or system components; storing, in an integrity profile database, at least one integrity profile including verifiable information defining an authentic environment that is used to determine the authenticity of a collection of the one or more applications, systems or system components of a content consumption or computing environment and the authenticity of an interrelationship or dependency among the collection of the one or more applications, systems or system components; maintaining the integrity profile and creating the integrity profile based on the authentication information about the one or more applications, systems or system components stored in the component registration database, via a profile creation device coupled to the integrity profile database and the component registration database; verifying authenticity by comparing one or more of application, system or system component identifications, specified in the integrity profile with one or more applications, systems or system components of the content consumption or computing environment, via a profile verification device coupled to the integrity profile database; obtaining the authentication information about the one or more applications, systems or system components from a content consumption or computing application, system or system component provider and providing the authentication information to the component registration database, via a component registration device coupled to the component registration database; receiving an identification of the integrity profile and determining if the integrity profile corresponding to the integrity profile identification is available, via a profile distribution device coupled to the integrity profile database; receiving, via the component registration device, a component identification associated with the one or more applications, systems or system components of the content consumption or computing application, system or system component provider; registering, via the component registration device, the one or more applications, systems or system components of the content consumption or computing application, system or system component provider; and returning, via the component registration device, the component identification of the registered applications, systems or system components to the content consumption or computing application, system or system component provider. - View Dependent Claims (92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136)
-
-
110. A method for providing identification and integrity certification and verification within content consumption or computing environments, said method comprising:
-
storing, in a component registration database, authentication information about one or more applications, systems or system components; storing, in an integrity profile database, at least one integrity profile including verifiable information defining an authentic environment that is used to determine the authenticity of a collection of the one or more applications, systems or system components of a content consumption or computing environment and the authenticity of an interrelationship or dependency among the collection of the one or more applications, systems or system components; maintaining the integrity profile and creating the integrity profile based on the authentication information about the one or more applications, systems or system components stored in the component registration database, via a profile creation device coupled to the integrity profile database and the component registration database; verifying authenticity by comparing one or more of application, system or system component identifications, specified in the integrity profile with one or more applications, systems or system components of the content consumption or computing environment, via a profile verification device coupled to the integrity profile database; obtaining the authentication information about the one or more applications, systems or system components from a content consumption or computing application, system or system component provider and providing the authentication information to the component registration database, via a component registration device coupled to the component registration database; receiving an identification of the integrity profile and determining if the integrity profile corresponding to the integrity profile identification is available, via a profile distribution device coupled to the integrity profile database; wherein the content consumption or computing application, system or system component provider connects to the component registration device to download a software application. - View Dependent Claims (111, 112, 113, 114)
-
Specification