Digital rights management
First Claim
1. A data entity comprising first encrypted data decodable only by a first local application located at a first client machine, second encrypted data usable, in decrypted form, by the first application or a second local application, that is one of a specified list of trusted applications, that can be decrypted using authorisation data received from a remote licensing server, located at the first client machine only after the first encrypted data has been decoded, the second encrypted data representing encrypted digital content.
8 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to digital rights management and more particularly to a system and method for securely publishing and controlling the usage of digital content. Advantageously a publisher or owner of digital content or of a copyright work can distribute securely that work in a secure digital form.
-
Citations
64 Claims
- 1. A data entity comprising first encrypted data decodable only by a first local application located at a first client machine, second encrypted data usable, in decrypted form, by the first application or a second local application, that is one of a specified list of trusted applications, that can be decrypted using authorisation data received from a remote licensing server, located at the first client machine only after the first encrypted data has been decoded, the second encrypted data representing encrypted digital content.
-
19. A data processing method comprising:
-
receiving a data entity, processing the data entity using a first local application, decrypting first encrypted data, accessing a remote licensing server and receiving authorisation data from the remote licensing server to allow the first application or a second local application to decrypt second encrypted data responsive to the decryption of the first encrypted data; decrypting the second encrypted data in response to receiving the authorisation data; and utilising the decrypted second data using the second local application. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A data processing system comprising:
- means for receiving a data entity;
means for processing the data entity using a first local application;
means for decrypting first encrypted data;
means for accessing a remote licensing server; and
means for receiving authorisation data from the remote licensing server to allow the first application or a second local application to decrypt second encrypted data responsive to the decryption of the first encrypted data;means for decrypting the second encrypted data in response to receiving the authorisation data; and means for utilising and/or outputting the decrypted second data. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37)
- means for receiving a data entity;
-
38. A publishing method for producing a data entity, comprising:
-
receiving second data to be encrypted together with an encryption key, encrypting the second data to produce second encrypted data; creating first data comprising at least a list of trusted applications that are authorised to process the data entity and/or the second data and means for accessing a remote licensing server, encrypting the first data to produce first encrypted data; and creating the data entity comprising the first encrypted data and the second encrypted data. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45)
-
-
46. A publishing system for producing a data entity, comprising:
-
means for receiving second data to be encrypted together with an encryption key, encrypting the second data to produce second encrypted data; means for creating first data comprising at least a list of trusted applications that are authorised to process the data entity and/or the second data and means for accessing a remote licensing server, encrypting the first data to produce first encrypted data; and means for creating the data entity comprising at least the first encrypted data and the second encrypted data entity. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53)
-
-
54. A licensing method for granting authority to access data contained within an encrypted portion of a data entity, the method comprising:
-
receiving a request from a client machine upon which an attempt has been made to access second encrypted data of the data entity; transmitting data to the client machine relating to a licensing process in which conditions applicable to manipulation of at least one of the data entity, first encrypted data and the second encrypted data are established; and sending to the client the authorisation data via which controlled access can be gained to the data entity. - View Dependent Claims (55)
-
-
56. A licensing server for granting authority to access data contained within an encrypted portion of a data entity comprising:
-
means for receiving a request from a client machine upon which an attempt has been made to access second encrypted data of the data entity; means for transmitting data to the client machine relating to a licensing process in which conditions applicable to manipulation of at least one of the data entity, first encrypted data and second encrypted data are established; and means for sending to the client authorisation data via which controlled access can be gained to the data entity. - View Dependent Claims (57)
-
-
58. A licensing method for granting authority to access data contained within an encrypted portion of a data entity containing a reference to a licensing server, comprising:
-
receiving, at the licensing server, a request from a client machine upon which an attempt has been made to access second encrypted data of the data entity; transmitting data to the client machine relating to a licensing process in which conditions applicable to manipulation of at least one of the data entity, first encrypted data and the second encrypted data are established; and sending to the client authorisation data via which controlled access can be gained to the data entity. - View Dependent Claims (59)
-
-
60. A licensing server for granting authority to access data contained within an encrypted portion of a data entity comprising a reference to the licensing server, comprising:
-
means for receiving a request from a client machine upon which an attempt has been made to access second encrypted data of the data entity; means for transmitting data to the client machine relating to a licensing process in which conditions applicable to manipulation of at least one of the data entity, first encrypted data and second encrypted data are established; and means for sending to the client authorisation data via which controlled access can be gained to the data entity. - View Dependent Claims (61)
-
-
62. A computer program product comprising:
- a data entity comprising first encrypted data decodable by a first local application located at a first client machine, second encrypted data usable by a second local application, located at the first client machine, only after the first encrypted data has been decoded;
the second encrypted data representing an encrypted version of digital content comprising instructions;
the digital content being capable of being rendered by an associated application which comprises means for giving effect to the instructions.
- a data entity comprising first encrypted data decodable by a first local application located at a first client machine, second encrypted data usable by a second local application, located at the first client machine, only after the first encrypted data has been decoded;
-
63. A computer program product comprising:
- first encrypted data decodable by a first local application located at a first client machine, second encrypted data usable by a second local application, located at the first client machine, only after the first encrypted data has been decoded;
the second encrypted data representing an encrypted version of digital content comprising instructions;
the digital content being capable of being rendered by an associated application which comprises means for giving effect to the instructions for rendering said instructions ineffective.
- first encrypted data decodable by a first local application located at a first client machine, second encrypted data usable by a second local application, located at the first client machine, only after the first encrypted data has been decoded;
-
64. A data processing system comprising:
- digital content comprising instructions that are capable of being rendered by an associated application which comprises means for giving effect to the instructions;
means for receiving a data entity comprising first encrypted data decodable only by a first local application located at a first client machine;
second encrypted data usable by a second local application, located at the first client machine, only after the first encrypted data has been decoded;
the second encrypted data representing an encrypted version of the digital content;
the second application being capable of rendering the digital content and lacking the means for giving effect to the instructions.
- digital content comprising instructions that are capable of being rendered by an associated application which comprises means for giving effect to the instructions;
Specification