Rights management inter-entity message policies and enforcement
First Claim
1. In a rights management system for protecting messages from unauthorized access, a method of providing an entity the ability to enforce conditions under which the entity'"'"'s message server will accept messages by providing the message server with a message server use license to access the protected messages, while still controlling unauthorized access to the protected messages by also providing a publishing license, the method comprising acts of:
- receiving data including a message with a protected portion, the publishing license and the message server use license that is separate from the publishing license, the protected portion of the message controlled by a rights management server, the publishing license defining one or more principals'"'"' rights to the protected portion of the message, and the separate message server use license including an encrypted key that corresponds to an entity'"'"'s message server;
accessing the protected portion of the message at the entity'"'"'s message server using the message server use license for performing operations on the protected portion in accordance with message policies defined by the entity; and
making the message and the publishing license available to the one or more principals when the protected portion of the message conforms to the message policies defined by the entity.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides the ability to compare and enforce policies between trusted entities within a rights management system. For example, policies between the two entities may be received by either entity. They may then be compared to determine the compatibility of the two policies. If compatible, or maybe even without the comparison, other embodiments provide for message server use license, which allows access to the protected portion of a message, thereby permitting an entity to enforce its message policies.
94 Citations
23 Claims
-
1. In a rights management system for protecting messages from unauthorized access, a method of providing an entity the ability to enforce conditions under which the entity'"'"'s message server will accept messages by providing the message server with a message server use license to access the protected messages, while still controlling unauthorized access to the protected messages by also providing a publishing license, the method comprising acts of:
-
receiving data including a message with a protected portion, the publishing license and the message server use license that is separate from the publishing license, the protected portion of the message controlled by a rights management server, the publishing license defining one or more principals'"'"' rights to the protected portion of the message, and the separate message server use license including an encrypted key that corresponds to an entity'"'"'s message server; accessing the protected portion of the message at the entity'"'"'s message server using the message server use license for performing operations on the protected portion in accordance with message policies defined by the entity; and making the message and the publishing license available to the one or more principals when the protected portion of the message conforms to the message policies defined by the entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. At a sending entity'"'"'s message server within a rights management system for protecting messages from unauthorized access, a computer program product comprising one or more computer readable media carrying computer executable instructions that implement a method of providing an entity the ability to enforce conditions under which the entity'"'"'s message server will accept messages by providing the message server with a message server use license to access the protected messages, while still controlling unauthorized access to the protected messages by also providing a publishing license, the method comprising acts of
receiving a message with a protected portion being controlled by a rights management server; -
receiving the publishing license that includes rights available to one or more intended principals, the rights controlling the type of operations that can be performed on the protected portion of the message; receiving message policies defined by an entity, which specify operations that are to be performed on the message; requesting the message server use license that is separate from the publishing license to allow the entity'"'"'s message server access to the protected portion of the message; receiving the requested message server use license, the requested message server use license including an encrypted key that corresponds to the entity'"'"'s message server; and making the message, publishing license, and message server use license available to the entity'"'"'s message server such that the entity'"'"'s message server can enforce the message policies defined by the entity. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification