Rights management inter-entity message policies and enforcement

US 7,181,761 B2
Filed: 03/26/2004
Issued: 02/20/2007
Est. Priority Date: 03/26/2004
Status: Expired due to Fees

First Claim

Patent Images

1. In a rights management system for protecting messages from unauthorized access, a method of providing an entity the ability to enforce conditions under which the entity'"'"'s message server will accept messages by providing the message server with a message server use license to access the protected messages, while still controlling unauthorized access to the protected messages by also providing a publishing license, the method comprising acts of:

receiving data including a message with a protected portion, the publishing license and the message server use license that is separate from the publishing license, the protected portion of the message controlled by a rights management server, the publishing license defining one or more principals'"'"' rights to the protected portion of the message, and the separate message server use license including an encrypted key that corresponds to an entity'"'"'s message server;

accessing the protected portion of the message at the entity'"'"'s message server using the message server use license for performing operations on the protected portion in accordance with message policies defined by the entity; and

making the message and the publishing license available to the one or more principals when the protected portion of the message conforms to the message policies defined by the entity.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides the ability to compare and enforce policies between trusted entities within a rights management system. For example, policies between the two entities may be received by either entity. They may then be compared to determine the compatibility of the two policies. If compatible, or maybe even without the comparison, other embodiments provide for message server use license, which allows access to the protected portion of a message, thereby permitting an entity to enforce its message policies.

94 Citations

View as Search Results

23 Claims

1. In a rights management system for protecting messages from unauthorized access, a method of providing an entity the ability to enforce conditions under which the entity'"'"'s message server will accept messages by providing the message server with a message server use license to access the protected messages, while still controlling unauthorized access to the protected messages by also providing a publishing license, the method comprising acts of:
- receiving data including a message with a protected portion, the publishing license and the message server use license that is separate from the publishing license, the protected portion of the message controlled by a rights management server, the publishing license defining one or more principals'"'"' rights to the protected portion of the message, and the separate message server use license including an encrypted key that corresponds to an entity'"'"'s message server;
  
  accessing the protected portion of the message at the entity'"'"'s message server using the message server use license for performing operations on the protected portion in accordance with message policies defined by the entity; and
  
  making the message and the publishing license available to the one or more principals when the protected portion of the message conforms to the message policies defined by the entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the message policies are chosen from one or more of an anti-virus scanning, an anti-spam scanning and search term indexing.
  - 3. The method of claim 2, wherein the protected portion of the message is at least one of a protected contact, protected document, protected attachment, protected calendar item or protected meeting request.
  - 4. The method of claim 2, wherein the operations are performed by a sending entity'"'"'s server before sending the message and the publishing license to a partner entity.
  - 5. The method of claim 2, wherein the operations are performed by a partner entity'"'"'s server when receiving the message from a sending entity.
  - 6. The method of claim 5, wherein the message server use license includes the rights available to the partner entity'"'"'s server.
  - 7. The method of claim 5, further comprising the acts ofreceiving the sending entity'"'"'s message policy, which defines the type of operations that the partner entity can perform on the protected portion of the message;
    - receiving the partner entity'"'"'s message policy, which defines the type of operations that are to be performed on the message before the partner entity'"'"'s message server can accept the message;
      
      comparing the sending entity'"'"'s message policy with the partner entity'"'"'s message policy; and
      
      based on the comparison, determining if the policies are compatible before accepting the message and the publishing license from the sending entity.
  - 8. The method of claim 7, wherein the partner entity receives the sending entity'"'"'s message policies from a directory service.
  - 9. The method of claim 8, wherein the format of the received sending entity'"'"'s message policies is XrML.
  - 10. The method of claim 8, wherein the directory services is one of a DNS, Active Directory, LDAP, XKMS, or UDDI.
  - 11. The method of claim 7, wherein the sending entity receives the partner entity'"'"'s message policies from the partner entity over a SMTP connection.
  - 12. The method of claim 1, wherein the one or more principals are a process, user, machine, server or client.

13. At a sending entity'"'"'s message server within a rights management system for protecting messages from unauthorized access, a computer program product comprising one or more computer readable media carrying computer executable instructions that implement a method of providing an entity the ability to enforce conditions under which the entity'"'"'s message server will accept messages by providing the message server with a message server use license to access the protected messages, while still controlling unauthorized access to the protected messages by also providing a publishing license, the method comprising acts ofreceiving a message with a protected portion being controlled by a rights management server;
- receiving the publishing license that includes rights available to one or more intended principals, the rights controlling the type of operations that can be performed on the protected portion of the message;
  
  receiving message policies defined by an entity, which specify operations that are to be performed on the message;
  
  requesting the message server use license that is separate from the publishing license to allow the entity'"'"'s message server access to the protected portion of the message;
  
  receiving the requested message server use license, the requested message server use license including an encrypted key that corresponds to the entity'"'"'s message server; and
  
  making the message, publishing license, and message server use license available to the entity'"'"'s message server such that the entity'"'"'s message server can enforce the message policies defined by the entity.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 14. The computer program product of claim 13, wherein the message policies are chosen from one or more of an anti-virus scanning, an anti-spam scanning and search term indexing.
  - 15. The computer program product of claim 14, wherein the protected portion of the message is at least one of a protected contact, protected document, protected attachment, protected calendar item or protected meeting request.
  - 16. The computer program product of claim 15, wherein the operations are performed by a partner entity'"'"'s server when receiving the message from the sending entity.
  - 17. The computer program product of claim 14, wherein the operations are performed by the sending entity'"'"'s server before sending the message and the publishing license to a partner entity.
  - 18. The computer program product of claim 17, further comprising the acts of:
    - receiving the sending entity'"'"'s message policy, which defines the type of operations that the partner entity is allowed to performed on the protected portion of the message;
      
      receiving the partner entity'"'"'s message policy, which defines the type of operations that are to be performed on the message before the partner entity'"'"'s message server can accept the message;
      
      comparing the sending entity'"'"'s message policy with the partner entity'"'"'s message policy; and
      
      based on the comparison, determining if the policies are compatible before sending the message and the publishing license to the partner entity.
  - 19. The computer program product of claim 18, wherein the sending entity receives the partner entity'"'"'s message policies from a directory service.
  - 20. The computer program product of claim 19, wherein the format of the received partner entity'"'"'s message policies is XrML.
  - 21. The computer program product of claim 19, wherein the directory services is one of a DNS, Active Directory, LDAP, XKMS, or UDDI.
  - 22. The computer program product of claim 18, wherein the sending entity receives the partner entity'"'"'s message policies from the partner entity over a SMTP connection.
  - 23. The computer program product of claim 17, wherein the one or more intended principals are a process, user, machine, server or client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Williams, Roy, Davis, Malcolm H., Speare, John Gerard, Waxman, Peter D.
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
Simitoski; Michael J.

Application Number

US10/810,068
Publication Number

US 20050216418A1
Time in Patent Office

1,061 Days
Field of Search

726/29, 726/1, 726/24, 705/59, 705/51, 713/153, 709/206
US Class Current

726/1
CPC Class Codes

H04L 2209/603   Digital right managament [DRM]

H04L 2463/101   applying security measures ...

H04L 63/0428   wherein the data content is...

H04L 63/102   Entity profiles

H04L 63/145   the attack involving the pr...

H04L 9/083   involving central third par...

Rights management inter-entity message policies and enforcement

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

94 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Rights management inter-entity message policies and enforcement

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

94 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links