Method and system for conducting transactions between repositories using a repository transaction protocol
First Claim
1. A method for establishing a secure communications channel between a first repository and a second repository using a repository transaction protocol for use in a system for conducting transactions, said method comprising:
- generating from the first repository a registration identifier and registration message including an identification certificate, and an identifier of a master repository that encrypted the identification certificate;
receiving the registration message at a second repository and verifying the identity of the first repository by verifying the identification certificate;
validating the authenticity of the first repository, including,generating at the second repository a message to test the authenticity of the first repository,sending the generated message to the first repository, andverifying at the second repository if the first repository upon receiving the generated message to test the authenticity correctly process the generated message;
exchanging messages including at least one session key between the first and second repositories, said session key to be used in communications during a session between the first and second repository; and
conducting a transaction between the first repository and the second repository using the session, keys,wherein said step of conducting usage transactions comprises generating a request for a digital work specifying usage rights information and determining if the specified usage rights correspond to usage rights associated with the digital work,said step of conducting usage rights transactions further comprises granting access to the digital work in accordance with the usage rights associated with the digital work if the specified usage rights corresponds to usage rights associated with the digital work, andsaid step of conducting usage transactions further comprises determining if conditions in the usage rights associated with the digital work are satisfied.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for establishing a secure communications channel between a first repository and a second repository using a repository transaction protocol. A registration identifier and registration message including an identification certificate, and an identifier of a master repository that encrypted the identification certificate are generated by the first repository. The registration identifier and message are sent to the second repository and the identity of the first repository by is verified by verifying the identification certificate. Messages containing at least one session key are exchanged between the first and second repositories and a usage transactions related to a digital work are conducted between the first repository and the second repository using the session keys.
-
Citations
81 Claims
-
1. A method for establishing a secure communications channel between a first repository and a second repository using a repository transaction protocol for use in a system for conducting transactions, said method comprising:
-
generating from the first repository a registration identifier and registration message including an identification certificate, and an identifier of a master repository that encrypted the identification certificate; receiving the registration message at a second repository and verifying the identity of the first repository by verifying the identification certificate; validating the authenticity of the first repository, including, generating at the second repository a message to test the authenticity of the first repository, sending the generated message to the first repository, and verifying at the second repository if the first repository upon receiving the generated message to test the authenticity correctly process the generated message; exchanging messages including at least one session key between the first and second repositories, said session key to be used in communications during a session between the first and second repository; and conducting a transaction between the first repository and the second repository using the session, keys, wherein said step of conducting usage transactions comprises generating a request for a digital work specifying usage rights information and determining if the specified usage rights correspond to usage rights associated with the digital work, said step of conducting usage rights transactions further comprises granting access to the digital work in accordance with the usage rights associated with the digital work if the specified usage rights corresponds to usage rights associated with the digital work, and said step of conducting usage transactions further comprises determining if conditions in the usage rights associated with the digital work are satisfied. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 59, 61, 63, 65, 67, 69, 71, 73, 75, 76, 80, 81)
-
-
30. An apparatus for establishing a secure communications channel between a first repository and a second repository using a repository transaction protocol for use in a system for conducting transactions, said apparatus comprising:
-
means for generating from the first repository a registration identifier and registration message including an identification certificate, and an identifier of a master repository that encrypted the identification certificate; means for receiving the registration message at a second repository and verifying the identity of the first repository by verifying the identification certificate; means for validating the authenticity of the first repository, including, means for generating at the second repository a message to test the authenticity of the first repository, means for sending the generated message to the first repository, and means for verifying at the second repository if the first repository upon receiving the generated message to test the authenticity correctly process the generated message; means for exchanging messages including at least one session key between the first and second repositories, said session key to be used in communications during a session between the first and second repository; and means for conducting a transaction between the first repository and the second repository using the session keys, wherein said means for conducting usage transactions comprise means for generating a request for a digital work specifying usage rights information and means for determining if the specified usage rights correspond to usage rights associated with the digital work, said means for conducting usage rights transactions further comprises means for granting access to the digital work in accordance with the usage rights associated with the digital work if the specified usage rights corresponds to usage rights associated with the digital work, and said means for conducting usage transactions further comprises means for determining if conditions in the usage rights associated with the digital work are satisfied. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 60, 62, 64, 66, 68, 70, 72, 74, 77, 78, 79)
-
Specification