Data processing apparatus for digital copyrights management

US 7,549,172 B2
Filed: 09/20/2004
Issued: 06/16/2009
Est. Priority Date: 02/25/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A data processing apparatus for distributing to a user terminal a terminal module that is a program for obtaining license data used for decoding an encrypted digital content, using a public key infrastructure, the data processing apparatus comprising:

a storage device to store an encryption key;

a generation device to encrypt, using the encryption key, a public key certificate for encryption communications based on the public key infrastructure and information about a private key corresponding to the public key of the public key certificate, and to generate encryption information; and

a transmission device to transmit to the user terminal the encryption information and a terminal module which includes a decoding key for decoding the encryption information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Data processing apparatus distributes a public key certificate and information about a private key to a user terminal as activation information separately from a terminal module. In the case where the public key certification is vulnerable, it transmits only the activation information again.

Citations

22 Claims

1. A data processing apparatus for distributing to a user terminal a terminal module that is a program for obtaining license data used for decoding an encrypted digital content, using a public key infrastructure, the data processing apparatus comprising:
- a storage device to store an encryption key;
  
  a generation device to encrypt, using the encryption key, a public key certificate for encryption communications based on the public key infrastructure and information about a private key corresponding to the public key of the public key certificate, and to generate encryption information; and
  
  a transmission device to transmit to the user terminal the encryption information and a terminal module which includes a decoding key for decoding the encryption information.
- View Dependent Claims (2)
- - 2. The data processing apparatus of claim 1, wherein the terminal module decodes the encryption information after being activated on the user terminal and obtains both the public key certificate and the information about the private key.

3. A data processing apparatus for receiving an access request for a digital content from a user terminal and for distributing license data used for accessing the digital content to the user terminal as a response, the data processing apparatus comprising:
- a storage device to store a plurality of access control lists in which a user with access permission, a permitted access pattern and a license condition including a number of operations granted for the digital content are described corresponding to the digital content;
  
  a generation device to obtain an access control list, corresponding to a content identifier included in the access request and also corresponding to a user identifier of an applicant who transmits the access request, from the plurality of access control lists, and if a plurality of access control lists have been obtained, to select one access control list from the plurality of obtained access control lists, thereby generating individual license data based on the selected access control list; and
  
  a transmission device to transmit the individual license data to the user terminal.

4. A data processing apparatus for transmitting an access request for a digital content to a license distribution apparatus and receiving license data for accessing the digital content as a response from the license distribution apparatus, the data processing apparatus comprising:
- a storage device to store the license data received from the license distribution apparatus, the license data including a plurality of access control lists in which both an access pattern permitted for the digital content and a license condition including a number of operations granted for the digital content are described, and information designating selection processing; and
  
  a selection device to implement the selection processing designated by the license data and to select one access control list from the plurality of access control lists.

5. A computer-readable storage medium storing a program for a computer which distributes to a user terminal a terminal module that is a program for obtaining license data for decoding an encrypted digital content, using a public key infrastructure, wherein the program directs the computer to perform the following operations:
- encrypting a public key certificate for encryption communications based on the public key infrastructure and information about a private key corresponding to the public key of the public key certificate, using the encryption key stored in the storage device, and generating encryption information; and
  
  transmitting to the user terminal the encryption information and a terminal module which includes a decoding key for decoding the encryption information.
- View Dependent Claims (6)
- - 6. The medium of claim 5, wherein the terminal module decodes the encryption information after being activated on the user terminal and obtains both the public key certificate and the information about the private key.

7. A computer-readable storage medium storing a program for a computer which obtains license data for decoding an encrypted digital content from a license distribution apparatus, using a public key infrastructure, wherein the program directs the computer to perform the following operations:
- decoding encryption information stored in a storage device using a decoding key included in the program and obtaining both a public key certificate for encryption communications based on the public key infrastructure and information about a private key corresponding to the public key of the public key certificate;
  
  obtaining the license data from the license distribution apparatus by performing encryption communications using the public key certificate and the information about the private key.

8. A computer-readable storage medium storing a program for a computer which receives an access request for a digital content from a user terminal and distributes license data for accessing the digital content to the user terminal as a response, wherein the program directs the computer to perform the following operations:
- obtaining an access control list, corresponding to a content identifier included in the access request and also corresponding to a user identifier of an applicant who transmits the access request from a plurality of access control lists in which a user with access permission, a permitted access pattern and a license conditions including a number of operations granted for the digital content are described corresponding to the digital content;
  
  selecting one access control list from the plurality of obtained access control lists if there are a plurality of obtained access control lists; and
  
  generating individual license data based on the selected access control list.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The medium of claim 8, wherein the program directs the computer to further perform the following operations:
    - comparing a relative distinguished name that represents a part of a distinguished name of a public key certificate and that is described in a license domain subject list of the selected access control list and a distinguished name of a public key certificate possessed by the user terminal; and
      
      distributing the individual license data to the user terminal when at least a part of a distinguished name of a public key certificate possessed by the user terminal matches the relative distinguished name.
  - 10. The medium of claim 8, wherein the program directs the computer to further perform the following operations:
    - describing an identifier of a public key certificate in the individual license data to be distributed to the user terminal; and
      
      when an identifier described in the individual license data and an identifier stored in a portable storage medium correspond to one another, the user terminal stores the individual license data in the portable storage medium.
  - 11. The medium of claim 8, wherein the program directs the computer to further perform the following operations:
    - storing log data showing a content operation classification that is permitted for the user terminal by the individual license data when the individual license data is transmitted to the user terminal.
  - 12. The medium of claim 8, whereinthe individual license data includes a plurality of license conditions and a plurality of decoding keys to access each of a plurality of digital contents.
  - 13. The medium of claim 8, wherein the program directs the computer to further perform the following operations:
    - comparing an authentic method of a user described in the individual license data and an authentic method in which the applicant has been already authenticated, and not-distributing the individual license data to the user terminal in a case where the authentic method described in the individual license data does not match the authenticated authentic method.

14. A computer-readable storage medium storing a program for a computer which transmits an access request for a digital content to a license distribution apparatus and receives an access request for a digital content from a user terminal as a response, wherein the program directs the computer to perform the following operations:
- referring to license data received from the license distribution apparatus and stored in a storage device, the license data including a plurality of access control lists in which both an access pattern permitted for the digital content and a license conditions including a number of operations granted for the digital content are described, and information designating a selection processing; and
  
  implementing the selection processing designated by the license data; and
  
  selecting one access control list from the plurality of access control lists.
- View Dependent Claims (15)
- - 15. The storage medium according to claim 14, wherein the program directs the computer to further perform the following operations:
    - when a user accesses the digital content using the license data, to copy a part of the digital content and to put the copied part on a clipboard, encrypting data of the copied part and putting the encrypted data on the clipboard; and
      
      when a person with permission implements a paste operation, decoding data of the copied part and pasting the decoded data.

16. A data processing method of distributing to a user terminal a terminal module that is a program for obtaining license data used for decoding an encrypted digital content, using a public key infrastructure, said method comprising:
- encrypting both a public key certificate for encryption communications based on the public key infrastructure and information about a private key corresponding to the public key of the public key certificate, using an encryption key stored in a storage device, and generating encryption information; and
  
  transmitting to the user terminal the encryption information and a terminal module which includes a decoding key for decoding the encryption information.
- View Dependent Claims (17)
- - 17. The method of claim 16, wherein the terminal module decodes the encryption information after being activated on the user terminal and obtains both the public key certificate and the information about the private key.

18. A data processing method for receiving an access request for a digital content from a user terminal and distributing license data used for accessing the digital content to the user terminal as a response, the method comprising:
- obtaining an access control list, corresponding to a content identifier included in the access request and also corresponding to a user identifier of an applicant who transmits the access request from a plurality of access control lists stored in a storage device, in which a user with access permission, a permitted access pattern and a license condition including a number of operations granted for the digital content are described corresponding to the digital content;
  
  selecting one access control list from the plurality of obtained access control lists if there are a plurality of obtained access control lists; and
  
  generating individual license data based on the selected access control list.

19. A data processing apparatus for distributing to a user terminal a terminal module that is a program of obtaining license data for decoding an encrypted digital content, using a public key infrastructure, said apparatus comprising:
- storage means for storing an encryption key;
  
  generation means for encrypting, using the encryption key, a public key certificate for encryption communications based on the public key infrastructure and information about a private key corresponding to the public key of the public key certificate and for generating encryption information; and
  
  transmission means for transmitting to the user terminal the encryption information and a terminal module which includes a decoding key for decoding the encryption information.
- View Dependent Claims (20)
- - 20. The apparatus of claim 19, wherein the terminal module decodes the encryption information after being activated on the user terminal and obtains both the public key certificate and the information about the private key.

21. A data processing apparatus for receiving an access request for a digital content from a user terminal and for distributing license data for accessing the digital content to the user terminal as a response, said apparatus comprising:
- storage means for storing a plurality of access control lists in which a user with access permission, a permitted access pattern and a license condition including a number of operations granted for the digital content are described;
  
  generation means for obtaining an access control list, corresponding to a content identifier included in the access request and also corresponding to a user identifier of an applicant who transmits the access request, from the plurality of access control lists, and if a plurality of access control lists have been obtained, selecting one access control list from the plurality of obtained access control lists, thereby generating individual license data based on the selected access control list; and
  
  transmission means for transmitting the individual license data to the user terminal.

22. A data processing apparatus for transmitting an access request for a digital content to a license distribution apparatus and receiving license data used for accessing the digital content as a response from the license distribution apparatus, said apparatus comprising:
- storage means for storing the license data received from the license distribution apparatus, the license data including a plurality of access control lists in which both an access pattern permitted for the digital content and a license conditions including a number of operations granted for the digital content are described, and information designating a selection processing; and
  
  selection means for implementing a selection processing designated by the license data and selecting one access control list from the plurality of access control lists.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited
Original Assignee
Fujitsu Limited
Inventors
Nagaoka, Teruyoshi, Yura, Masakazu, Tokutani, Takashi, Hatakeyama, Takahisa, Tanaka, Keishiro
Primary Examiner(s)
CERVETTI, DAVID GARCIA

Application Number

US10/945,225
Publication Number

US 20050185792A1
Time in Patent Office

1,730 Days
Field of Search

380/30, 380/285, 380/277, 380/278, 380/282, 380/258, 705/59, 705/51, 726/28, 726/29, 726/32, 726/26, 726/27, 713/156
US Class Current

726/27
CPC Class Codes

H04L 2463/101   applying security measures ...

H04L 63/0442   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/101   Access control lists [ACL]

Data processing apparatus for digital copyrights management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Data processing apparatus for digital copyrights management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links