Method and apparatus for secure delivery and rights management of digital content
First Claim
1. Apparatus for secure distribution of digital content from a content server over a network to a user running a browser program in a workstation connected to the network, the apparatus comprising:
- means for downloading a secure viewer program into the browser;
means in the viewer program for requesting a document containing content from the content server;
means in the content server for downloading an encrypted version of the requested document;
means in the viewer for performing a numerical calculation, using as one input encrypted document content in the encrypted version of the requested document and as another input information that is downloaded with the viewer program, to compute as a result a document identifier that cannot be derived solely from the encrypted version of the requested document and sending the document identifier to the content server;
means in the content server and responsive to the document identifier for downloading a decryption key to the viewer program; and
means in the viewer program for decrypting the encrypted version of the document and presenting the document content to the user.
3 Assignments
0 Petitions
Accused Products
Abstract
A secure distribution system utilizes a content viewer that consists of an applet that is downloaded to a user'"'"'s conventional browser when the user logs into a publisher'"'"'s server. The content viewer requests a selected document from the server by referring to the document name or URL. The server retrieves the document and forwards it to the viewer in encrypted form. The viewer then computes a document identifier from the encrypted document and uses the identifier to request a key in order to decrypt the document. The key is forwarded from the server to the viewer that then decrypts the document and displays it in the viewer. Since the document is processed by the viewer and displayed only in a window associated with the viewer, none of the conventional browser functions has to be disabled. Further, since the document is downloaded in encrypted form, it cannot be stored or forwarded using the conventional browser.
72 Citations
37 Claims
-
1. Apparatus for secure distribution of digital content from a content server over a network to a user running a browser program in a workstation connected to the network, the apparatus comprising:
-
means for downloading a secure viewer program into the browser; means in the viewer program for requesting a document containing content from the content server; means in the content server for downloading an encrypted version of the requested document; means in the viewer for performing a numerical calculation, using as one input encrypted document content in the encrypted version of the requested document and as another input information that is downloaded with the viewer program, to compute as a result a document identifier that cannot be derived solely from the encrypted version of the requested document and sending the document identifier to the content server; means in the content server and responsive to the document identifier for downloading a decryption key to the viewer program; and means in the viewer program for decrypting the encrypted version of the document and presenting the document content to the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for secure distribution of digital content from a content server over a network to a user running a browser program in a workstation connected to the network, the method comprising:
-
(a) downloading a secure viewer program into the browser; (b) sending a request for a document containing content from the viewer program to the content server; (c) downloading an encrypted version of the requested document from the content server to the viewer; (d) computing a document identifier in the viewer as a result of a numerical calculation using as one input encrypted content in the encrypted version of the requested document and as another input information that is downloaded with the viewer program, which document identifier cannot be derived solely from the encrypted version of the requested document, and sending the document identifier to the content server; (e) downloading a decryption key to the viewer program from the content server in response to the document identifier; and (f) decrypting the encrypted version of the document in the viewer program and presenting the document content to the user. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A viewer for a secure digital content distribution system that distributes digital content from a content server over a network to a browser program in a workstation connected to the network, the viewer running in the browser program and comprising:
-
means for generating in the browser a user interface that does not utilize the functions of the browser user interface, including a display area that is controlled exclusively by the viewer; means for requesting a document containing content from the content server; means for receiving an encrypted version of the requested document from the content server; means for calculating a document identifier as a result of a numerical computation using as one input encrypted content in the encrypted version of the requested document and as another input information that is downloaded with the viewer program, which document identifier cannot be derived solely from the encrypted version of the requested document and sending the document identifier to the content server; means for receiving a decryption key from the content server and decrypting the encrypted version of the document; and means for presenting the document content to the user in the viewer display area. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
-
-
31. A content server for use in a secure distribution system that distributes digital content over a network to a user running a browser program in a workstation connected to the network, the content server comprising:
-
a publishing tool that accepts plaintext documents, encrypts the plaintext documents and generates document identifiers for each encrypted document wherein each document identifier is calculated for each encrypted document as a result of a numerical computation using as one input the encrypted document content and as another input information that is not part of the encrypted document content, so that the document identifier cannot be derived solely from the encrypted document content; means for downloading a secure viewer program and the information that is not part of the encrypted document content into the browser; means responsive to a document request from the viewer program for downloading an encrypted version of the requested document containing encrypted content; means for receiving a document identifier that is computed in the viewer program as a result of a numerical computation using as one input the encrypted content and as another input the information that was downloaded with the viewer program, but which cannot be derived solely from the encrypted version of the requested document from the viewer program; and means responsive to the document identifier for downloading a decryption key to the viewer program. - View Dependent Claims (32, 33, 34, 35, 36, 37)
-
Specification