Information rights management
First Claim
1. A method of information rights management at an information rights management server comprising the steps of:
- receiving a request from an author for an issue license at the information rights management server for a piece of content, the request comprising information rights policy details selected by the author;
issuing an issue license to the author on the basis of the information rights policy details, the issue license comprising information about one or more policy evaluators, each policy evaluator being independent of the information rights management server, the issue license including;
a content rights information section;
a content reference that identifies the piece of content with respect to an originating application of the piece of content;
a content key that is used to encrypt the piece of content; and
a policy container that includes claim provider information, and endpoint reference, an authorization token type, claim type requirements, and holds information about how to combine results from each of the policy evaluators;
receiving a request for a use license from a recipient of the piece of content;
sending an evaluation request to each of the policy evaluators, the evaluation request including one or more authorization tokens and a list of requested actions selected by the recipient, the authorization tokens being provided by an identity provider and to authenticate the recipient to the information rights management server; and
issuing the use license on the basis of responses received from the policy evaluators.
2 Assignments
0 Petitions
Accused Products
Abstract
Information rights management (IRM) systems enable information to be protected after it has been accessed by or delivered to an authorized individual. For example, this might be to allow an email to be viewed for a limited time by specified individuals but to prevent that email from being forwarded. However, existing IRM systems are limited in the situations in which they may operate. An IRM server is provided which communicates with one or more policy evaluators which are independent of the IRM server. Results from the different policy evaluators may be combined by the IRM server and one or more identity providers may be used in conjunction with each policy evaluator. By enabling the IRM server to act as a broker between authors, recipients and policy evaluators situations in which IRM systems may operate are greatly extended.
-
Citations
20 Claims
-
1. A method of information rights management at an information rights management server comprising the steps of:
-
receiving a request from an author for an issue license at the information rights management server for a piece of content, the request comprising information rights policy details selected by the author; issuing an issue license to the author on the basis of the information rights policy details, the issue license comprising information about one or more policy evaluators, each policy evaluator being independent of the information rights management server, the issue license including; a content rights information section; a content reference that identifies the piece of content with respect to an originating application of the piece of content; a content key that is used to encrypt the piece of content; and a policy container that includes claim provider information, and endpoint reference, an authorization token type, claim type requirements, and holds information about how to combine results from each of the policy evaluators; receiving a request for a use license from a recipient of the piece of content; sending an evaluation request to each of the policy evaluators, the evaluation request including one or more authorization tokens and a list of requested actions selected by the recipient, the authorization tokens being provided by an identity provider and to authenticate the recipient to the information rights management server; and issuing the use license on the basis of responses received from the policy evaluators. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An information rights management server comprising:
-
an input arranged to receive a request for an issue license for a piece of content, the request comprising information rights policy details, the piece of content being associated with an originating application and a target application, the issue license including; a content rights information section; a content reference that identifies the piece of content with respect to an originating application of the piece of content; a content key that is used to encrypt the piece of content; and a policy container that includes claim provider information, an endpoint reference, an authorization token type, claim type requirements, and holds information about how to combine results from each of the policy evaluators; a communications link to a policy evaluator for the originating application and a policy evaluator for the target application with each policy evaluator analyzing different information rights policies, each policy evaluator being independent of the information rights management server; a processor arranged to generate an issue license on the basis of the different information rights policy details and comprising information about the policy evaluators; an input arranged to receive a request for a use license; and an output arranged to issue a use license on the basis of responses received from the policy evaluators. - View Dependent Claims (10, 11, 12, 13)
-
-
14. An information rights management system comprising:
-
an information rights management server; at least one policy evaluator, the policy evaluator being independent of the information rights management server and in communication with the information rights management server; a first information rights management client in communication with the information rights management server and providing an issue license to an author, the issue license including; a content rights information section; a content reference that identifies the piece of content with respect to an originating application of the piece of content; a content key that is used to encrypt the piece of content and a policy container that includes claim provider information, an endpoint reference, an authorization token type, claim type requirements, and holds information about how to combine results from each of the policy evaluators; a second information rights management client in communication with the information rights management server and provided at a recipient. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification