Authorized document usage including rendering a protected document

US 7,412,519 B2
Filed: 12/08/2000
Issued: 08/12/2008
Est. Priority Date: 12/08/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method for using a partially encrypted document, comprising:

issuing a document usage request for using the partially encrypted document in a session;

authenticating the partially encrypted document;

receiving authorization to use the partially encrypted document;

receiving a session key for the session;

receiving a proxy key that delegates decryption to the session;

rendering a non-encrypted portion of the partially encrypted document;

performing a proxy transformation on the partially rendered, partially encrypted document using the proxy key,wherein rendering a portion of the partially encrypted document and performing proxy transformation on the rendered portion of the partially encrypted document comprises a combination of performing partial rendering transformations and performing partial decryption transformations; and

decrypting the proxy transformed, partially rendered, partially encrypted document using the session key,wherein the proxy key and the session key are used to decrypt the partially encrypted document as part of the session rendering process only, thereby assuring that only rendered images of the decrypted document are available to an end user.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Access to protected documents is controlled by delegating the decryption from a document source to a document processing device. Interactions between an input device and the document source are provided to generate public and non-commutative proxy keys. The document processing device can use the proxy keys to convert the documents originally encrypted for the owner/publisher/distributor to ones encrypted for the end user. Authorization and usage are combined by invoking a method of trusted rendering of documents. Thus, the proxy conversion and decryption are delayed to a late stage within the document rendering application.

Citations

11 Claims

1. A method for using a partially encrypted document, comprising:
- issuing a document usage request for using the partially encrypted document in a session;
  
  authenticating the partially encrypted document;
  
  receiving authorization to use the partially encrypted document;
  
  receiving a session key for the session;
  
  receiving a proxy key that delegates decryption to the session;
  
  rendering a non-encrypted portion of the partially encrypted document;
  
  performing a proxy transformation on the partially rendered, partially encrypted document using the proxy key,wherein rendering a portion of the partially encrypted document and performing proxy transformation on the rendered portion of the partially encrypted document comprises a combination of performing partial rendering transformations and performing partial decryption transformations; and
  
  decrypting the proxy transformed, partially rendered, partially encrypted document using the session key,wherein the proxy key and the session key are used to decrypt the partially encrypted document as part of the session rendering process only, thereby assuring that only rendered images of the decrypted document are available to an end user.
- View Dependent Claims (2, 3, 4, 5, 10)
- - 2. The method for using a partially encrypted document claim 1, further comprising:
    - retrieving terms and conditions of the session;
      
      retrieving usage parameters and system resource information for the session; and
      
      comparing the retrieved usage parameters and system resources and the retrieved terms and conditions, wherein the authorized usage is based on comparison results of the retrieved usage parameters and system resources and the retrieved terms and conditions.
  - 3. The method for using a partially encrypted document of claim 2, wherein the retrieved terms and conditions are associated with at least one of identification of the partially encrypted document and usage type.
  - 4. The method for using a partially encrypted document of claim 1, wherein the document usage request contains at least one of document identification, usage type, and user identification.
  - 5. The method for using a partially encryted document of claim 1, wherein authenticating the partially encryted document comprises at least one of:
    - checking a digital signature associated with the Previously Amended document; and
      
      verifying integrity of each component of the Previously Amended document.
  - 10. The method for using a partially encrypted document of claim 1, wherein the session and proxy keys are not usable for directly decrypting the partially encrypted document without rendering the portion of the partially encrypted document and performing proxy transformation on the rendered portion of the document.

6. A usage authorization system for using a partially encrypted document, comprising:
- a request receiving device that receives a document usage request for using the partially encrypted document in a session;
  
  a document processing device that authenticates the partially encrypted document,wherein the document processing device authenticates the partially encrypted document by at least one of checking a digital signature associated with the partially encrypted document, and verifying integrity of each component of the partially encrypted document;
  
  a document source that authorizes usage of the partially encrypted document, and issues a proxy key that delegates decryption to the session;
  
  an access device that, along with the document device, creates a session key for the session,wherein the document processing device renders the partially encrypted document, performs proxy transformation on the rendered, partially encrypted document using the proxy keys, and decrypts the proxy transformed rendered partially encrypted document using the session key,wherein the proxy key and the session key are used to decrypt the partially encrypted document as part of the session rendering process only, thereby assuring that only rendered images of the decrypted document are available to an end user.
- View Dependent Claims (7, 8, 9)
- - 7. The usage authorization system for using a partially encrypted document of claim 6, wherein the document source retrieves terms and conditions of the session, retrieves usage parameters and system resource information for the session, and compares the retrieved usage parameters and system resources and the retrieved terms and conditions, the authorized usage being based on comparison results of the retrieved usage parameters and system resources and the retrieved terms and conditions.
  - 8. The usage authorization system for using a partially encrypted document of claim 7, wherein the retrieved terms and conditions are associated with at least one of identification of the partially encrypted document and usage type.
  - 9. The usage authorization system for using a partially encrypted document of claim 6, wherein the document usage request contains at least one of document identification, usage type, and user identification.

11. A method for using a partially encrypted document, comprising:
- receiving a document usage request for using the partially encrypted document in a session;
  
  authorizing use the partially encrypted document;
  
  creating a session key for the session; and
  
  issuing a proxy key that delegates decryption to the session, wherein the proxy key and the session key enable;
  
  rendering a non-encrypted portion of the partially encrypted document;
  
  performing a proxy transformation on the partially rendered, partially encrypted document using the proxy key,wherein rendering a portion of the partially encrypted document and performing proxy transformation on the rendered portion of the partially encrypted document comprises a combination of performing partial rendering transformations and performing partial decryption transformations; and
  
  decrypting the proxy transformed, partially rendered, partially encrypted document using the session key,wherein the proxy key and the session key are used to decrypt the partially encrypted document as part of the session rendering process only, thereby assuring that only rendered images of the decrypted document are available to an end user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xerox Corporation (Xerox Holdings Corp.)
Original Assignee
Xerox Corporation (Xerox Holdings Corp.)
Inventors
Wang, Xin
Primary Examiner(s)
Vaughn, Jr., William C.
Assistant Examiner(s)
NGUYEN, THANH T

Application Number

US09/731,917
Publication Number

US 20020073202A1
Time in Patent Office

2,804 Days
Field of Search

709/207, 709/225, 709/226, 709/204, 709/224, 709/227, 713/168, 713/171, 713/186, 713/193, 713/165, 713/189, 713/156, 705/40, 705/51
US Class Current

709/227
CPC Class Codes

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 2463/101   applying security measures ...

H04L 63/0428   wherein the data content is...

H04L 63/067   using one-time keys cryptog...

H04L 63/0823   using certificates cryptogr...

H04L 9/3247   involving digital signatures

Authorized document usage including rendering a protected document

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Authorized document usage including rendering a protected document

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links