Systems and methods for secure transaction management and electronic rights protection
First Claim
1. A method performed at a first site, comprising one or more electronic appliances and a first secure container, the first secure container containing first protected information and having associated a first control set, the method comprising:
- using a control from the first control set to govern an aspect of use of the first protected information;
creating a second secure container having associated a second control set for governing an aspect of use of protected information contained within the second secure container;
incorporating a first portion of the first protected information into the second secure container, the first portion made up of some or all of the first protected information;
transmitting identification information to a second site, the identification information at least in part identifying the first portion, the transmission being governed at least in part by a control from the first control set;
transmitting the second secure container to a third site; and
separately transmitting the second control set to the third site.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.”
696 Citations
40 Claims
-
1. A method performed at a first site, comprising one or more electronic appliances and a first secure container, the first secure container containing first protected information and having associated a first control set, the method comprising:
-
using a control from the first control set to govern an aspect of use of the first protected information; creating a second secure container having associated a second control set for governing an aspect of use of protected information contained within the second secure container; incorporating a first portion of the first protected information into the second secure container, the first portion made up of some or all of the first protected information; transmitting identification information to a second site, the identification information at least in part identifying the first portion, the transmission being governed at least in part by a control from the first control set; transmitting the second secure container to a third site; and separately transmitting the second control set to the third site. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. An electronic appliance located at a first site comprising:
-
a memory storing a first secure container having associated a first rule set and containing first protected information; and a secure processing unit comprising means for creating a second secure container having associated a second rule set, the means further comprising means for copying or removing a first rule from the first rule set, and means for incorporating the first rule in the second rule set; means by which a rule from the first rule set governs, at least in part, the means for creating a second secure container; means for copying or removing at least a first portion of the first protected information from the first secure container; means for copying or transferring the first portion of the first protected information from the first secure container to the second secure container, the means for copying or transferring operating at least in part under the control of the first rule set; memory means for storing identification information at least in part identifying the first portion of the first protected information, the memory means operating at least in part under the control of the first rule set; and telecommunications means for (a) communicating the identification information to a second site located remotely from the first site;
(b) communicating the second secure container to a third site located remotely from the first and second sites; and
(c) separately communicating the second rule set to the third site.- View Dependent Claims (29)
-
-
30. A method comprising the steps of
creating a first secure container having associated a first rule set and containing first protected information; -
storing the first secure container in a first memory; creating a second secure container having an associated second rule set; storing the second secure container in a second memory; copying or transferring at least a first portion of the first protected information to the second secure container, the copying or transferring step being at least in part governed by a first rule from the first rule set; in compliance with the first rule, storing information at least in part identifying the first portion; in compliance with the first rule, communicating at least a portion of the identification information to a remote site; copying or transferring the second secure container to a second remote site; and separately copying or transferring the second control set to the second remote site. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification