Information rights management

US 7,913,309 B2
Filed: 06/13/2007
Issued: 03/22/2011
Est. Priority Date: 06/13/2007
Status: Active Grant

First Claim

Patent Images

1. A method of information rights management at an information rights management server comprising the steps of:

receiving a request from an author for an issue license at the information rights management server for a piece of content, the request comprising information rights policy details selected by the author;

issuing an issue license to the author on the basis of the information rights policy details, the issue license comprising information about one or more policy evaluators, each policy evaluator being independent of the information rights management server, the issue license including;

a content rights information section;

a content reference that identifies the piece of content with respect to an originating application of the piece of content;

a content key that is used to encrypt the piece of content; and

a policy container that includes claim provider information, and endpoint reference, an authorization token type, claim type requirements, and holds information about how to combine results from each of the policy evaluators;

receiving a request for a use license from a recipient of the piece of content;

sending an evaluation request to each of the policy evaluators, the evaluation request including one or more authorization tokens and a list of requested actions selected by the recipient, the authorization tokens being provided by an identity provider and to authenticate the recipient to the information rights management server; and

issuing the use license on the basis of responses received from the policy evaluators.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Information rights management (IRM) systems enable information to be protected after it has been accessed by or delivered to an authorized individual. For example, this might be to allow an email to be viewed for a limited time by specified individuals but to prevent that email from being forwarded. However, existing IRM systems are limited in the situations in which they may operate. An IRM server is provided which communicates with one or more policy evaluators which are independent of the IRM server. Results from the different policy evaluators may be combined by the IRM server and one or more identity providers may be used in conjunction with each policy evaluator. By enabling the IRM server to act as a broker between authors, recipients and policy evaluators situations in which IRM systems may operate are greatly extended.

34 Citations

View as Search Results

20 Claims

1. A method of information rights management at an information rights management server comprising the steps of:
- receiving a request from an author for an issue license at the information rights management server for a piece of content, the request comprising information rights policy details selected by the author;
  
  issuing an issue license to the author on the basis of the information rights policy details, the issue license comprising information about one or more policy evaluators, each policy evaluator being independent of the information rights management server, the issue license including;
  
  a content rights information section;
  
  a content reference that identifies the piece of content with respect to an originating application of the piece of content;
  
  a content key that is used to encrypt the piece of content; and
  
  a policy container that includes claim provider information, and endpoint reference, an authorization token type, claim type requirements, and holds information about how to combine results from each of the policy evaluators;
  
  receiving a request for a use license from a recipient of the piece of content;
  
  sending an evaluation request to each of the policy evaluators, the evaluation request including one or more authorization tokens and a list of requested actions selected by the recipient, the authorization tokens being provided by an identity provider and to authenticate the recipient to the information rights management server; and
  
  issuing the use license on the basis of responses received from the policy evaluators.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method as claimed in claim 1 wherein issuing the issue license comprises generating the issue license such that it comprises a policy container.
  - 3. The method as claimed in claim 1 wherein issuing the issue license comprises generating the issue license such that it comprises:
    - a policy container arranged to hold at least a reference to information about the information rights policy detail, andat least a reference to information about how to combine results from each of the policy evaluators.
  - 4. The method as claimed in claim 1 wherein issuing the issue license comprises generating the issue license such that it comprises a policy container holding information rights policy details.
  - 5. The method as claimed in claim 1 wherein issuing the issue license comprises generating the issue license such that it comprises:
    - a policy container holding information rights policy details.
  - 6. The method as claimed in claim 1 wherein the issue license comprises, for each policy evaluator, information about one or more associated claim providers.
  - 7. The method as claimed in claim 1 wherein the issue license comprises, for each policy evaluator, an information rights policy field arranged to store information to be sent to the respective policy evaluator.
  - 8. The method as claimed in claim 1 which further comprises receiving the request for the use license from the recipient, that request comprising claim information associated with the recipient.

9. An information rights management server comprising:
- an input arranged to receive a request for an issue license for a piece of content, the request comprising information rights policy details, the piece of content being associated with an originating application and a target application, the issue license including;
  
  a content rights information section;
  
  a content reference that identifies the piece of content with respect to an originating application of the piece of content;
  
  a content key that is used to encrypt the piece of content; and
  
  a policy container that includes claim provider information, an endpoint reference, an authorization token type, claim type requirements, and holds information about how to combine results from each of the policy evaluators;
  
  a communications link to a policy evaluator for the originating application and a policy evaluator for the target application with each policy evaluator analyzing different information rights policies, each policy evaluator being independent of the information rights management server;
  
  a processor arranged to generate an issue license on the basis of the different information rights policy details and comprising information about the policy evaluators;
  
  an input arranged to receive a request for a use license; and
  
  an output arranged to issue a use license on the basis of responses received from the policy evaluators.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The information rights management server as claimed in claim 9 wherein the processor is arranged to generate the issue license such that it comprises a policy container.
  - 11. The information rights management server as claimed in claim 10 wherein the processor is arranged to generate the issue license such that it comprises a policy container arranged to hold at least a reference to information about the information rights policy details and at least a reference to information about how to combine results from each of the policy evaluators.
  - 12. The information rights management server as claimed in claim 10 wherein the processor is arranged to generate the issue license such that it comprises a policy container holding information rights policy details and information about how to combine results from each of the policy evaluators.
  - 13. The information rights management server as claimed in claim 9 wherein the processor is arranged to generate the issue license such that it comprises, for each policy evaluator, information about one or more associated claim providers.

14. An information rights management system comprising:
- an information rights management server;
  
  at least one policy evaluator, the policy evaluator being independent of the information rights management server and in communication with the information rights management server;
  
  a first information rights management client in communication with the information rights management server and providing an issue license to an author, the issue license including;
  
  a content rights information section;
  
  a content reference that identifies the piece of content with respect to an originating application of the piece of content;
  
  a content key that is used to encrypt the piece of content anda policy container that includes claim provider information, an endpoint reference, an authorization token type, claim type requirements, and holds information about how to combine results from each of the policy evaluators;
  
  a second information rights management client in communication with the information rights management server and provided at a recipient.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The information rights management system as claimed in claim 14 which further comprises at least one claim provider accessible by the second information rights management client at the recipient domain.
  - 16. The information rights management system as claimed in claim 14 which further comprises a first and a second claim provider accessible by the second information rights management client at the recipient domain, the first and second claim providers each being in communication with one or more of the policy evaluators.
  - 17. The information rights management system as claimed in claim 14 which further comprises a second information rights management server in communication with the first information rights management server and wherein the first and second information rights management servers are arranged to accept and interpret communications from one another.
  - 18. The information rights management system as claimed in claim 14 which comprises a plurality of information rights management servers.
  - 19. The information rights management system as claimed in claim 14 which further comprises a second information rights management server and a first and a second claim provider accessible by the second information rights management client at the recipient domain, the first and second claim providers each being in communication with one or more of the policy evaluators.
  - 20. The information rights management system as claimed in claim 14 which further comprises a second information rights management server and wherein the client at the author is registered with the first server and the client at the recipient is registered with the second server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Starostin, Dmitry V, Claessens, Joris, Orlov, Alexey
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Louie; Oscar A

Application Number

US11/762,619
Publication Number

US 20080313699A1
Time in Patent Office

1,378 Days
Field of Search

726/26
US Class Current

726/26
CPC Class Codes

H04L 63/10 for controlling access to d...

Information rights management

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

34 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Information rights management

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links