Provisions for validating content using a content registration authority

US 8,112,444 B2
Filed: 05/07/2010
Issued: 02/07/2012
Est. Priority Date: 02/25/2005
Status: Active Grant

First Claim

Patent Images

1. A method that implements a registration-based validation of content using a content registration authority, the method comprising:

purchasing content from a content publisher using a client interaction functionality;

receiving a package at a client device that contains the content and a stamp for the content, the stamp including a content identifier and a certificate that leads to a chain of certificates for validating the content; and

validating the content by determining that the content is trustworthy at least when a final certificate in the chain of certificates points to a content registration authority that is trusted by the client device and that the final certificate is a certificate that the client device is encoded to accept as a trusted root, wherein the content registration authority is different than the content publisher.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Strategies are described for validating content transferred over a communication channel using a more effective approach than heretofore provided in the art. A content registration authority is provided which registers the content disseminated by one or more content providers to one or more client devices. A client device which receives content that has been registered can securely consume the content, based on an assumption that a content provider which furnishes the content is entrusted by the content registration authority to provide the content, and without prompting a user of the client device to expressly approve the content provider. In a first solution, the content registration authority registers the content by issuing a certification stamp; in a second solution, the content registration authority registers the content by storing registration information in a central repository. The content may contain instructions which perform operations in the context of an instant messenger application.

Citations

20 Claims

1. A method that implements a registration-based validation of content using a content registration authority, the method comprising:
- purchasing content from a content publisher using a client interaction functionality;
  
  receiving a package at a client device that contains the content and a stamp for the content, the stamp including a content identifier and a certificate that leads to a chain of certificates for validating the content; and
  
  validating the content by determining that the content is trustworthy at least when a final certificate in the chain of certificates points to a content registration authority that is trusted by the client device and that the final certificate is a certificate that the client device is encoded to accept as a trusted root, wherein the content registration authority is different than the content publisher.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method as recited in claim 1, wherein the stamp further includes a signature that is generated by encrypting the content identifier and a timestamp that indicates a creation time of the stamp using a private key associated with a content provider certificate.
  - 3. The method as recited in claim 1, wherein the validating further comprises receiving an indication of a determination, by a second party, whether the received stamp is active.
  - 4. The method as recited in claim 1, wherein the validating further comprises determining whether the stamp is active.
  - 5. The method as recited in claim 1, further comprising using the content while communicating with another client device.
  - 6. The method as recited in claim 1, further comprising sending the package containing the content and the stamp to another client device.
  - 7. The method as recited in claim 1, further comprising responding to a request for communication with another client device with, at least in part, the content.
  - 8. The method as recited in claim 1, further comprising using the content while instant messaging with another client device.
  - 9. The method as recited in claim 1, further comprising invoking the content while instant messaging with another client device.
  - 10. The method as recited in claim 1, wherein the purchasing includes purchasing the content using a user interface of an instant messaging application.

11. One or more computer-readable storage media having computer-readable instructions thereon which, when executed by a client device, directs the client device to perform operations comprising:
- implementing an instant message communication session;
  
  receiving a package at the client device containing an instant messaging feature and a stamp for the instant messaging feature from another client device during the instant message communication session, the stamp including certificate information for validating the instant messaging feature; and
  
  validating the instant messaging feature by determining that the instant message feature is trustworthy at least when a final certificate in a chain of certificates included in the certification information points to a content registration authority that is trusted by the client device and that the final certificate is a certificate that the client device is encoded to accept as a trusted root, wherein the content registration authority is different than a content publisher of the instant messaging feature.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The one or more computer-readable storage media as recited in claim 11, wherein the validating further comprises determining whether the stamp identifies the content registration authority as an entity that has vouched for integrity of the instant messaging feature.
  - 13. The one or more computer-readable storage media as recited in claim 11, wherein the validating further comprises receiving an indication of a determination, by a second party, whether the stamp identifies the content registration authority as an entity that has vouched for integrity of the instant messaging feature.
  - 14. The one or more computer-readable storage media as recited in claim 11, wherein the validating further comprises receiving an indication of a determination, by a second party, whether the stamp is active.
  - 15. The one or more computer-readable storage media as recited in claim 11, further comprising using the instant messaging feature while communicating with the additional client device in the instant messaging communication session.

16. A method, comprising:
- registering content as trustworthy at a content registration authority that is trusted by a client device by storing a content identifier of the content in a registration data store of the content registration authority;
  
  receiving a request from the client device that stores the content to validate the content as trustworthy; and
  
  confirming that the content is trustworthy at least when a final certificate in a chain of certificates included in certification information of the content points to the content registration authority that is trusted by the client device, the final certificate is a certificate that the client device is encoded to accept as a trusted root, and the registration data store includes a stored content identifier corresponding to the content identifier of the content, wherein the content registration authority is different than the content publisher of the content.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, wherein the content includes instructions that prompt a processor device to perform at least one operation.
  - 18. The method of claim 16, further comprising an operation of transferring a host program associated with the content registration authority to the client device, wherein the content comprises information that is used in conjunction with the host program.
  - 19. The method of claim 18, wherein the host program comprises at least one of:
    - an application for conducting instant message communication;
      
      an application for creating, manipulating, and/or rendering a document;
      
      an application for creating, manipulating, or rendering script-based content.
  - 20. The method of claim 16, wherein the registering occurs before the content publisher transfers the content to the client device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Schwartz, Eyal, Fortini, Christian, Czeisler, Adam C., Saretto, Cesare J., Badh, Ranjib S., Hurst, Ryan, Von Koch, Walter
Primary Examiner(s)
Pardo, Thuy

Application Number

US12/776,312
Publication Number

US 20100218260A1
Time in Patent Office

641 Days
Field of Search

707/999.102, 707/694, 707/783, 707/784, 705/51, 705/59, 713/153, 713/155, 713/193, 709/225, 726/5
US Class Current

707/783
CPC Class Codes

G06F 21/645   using a third party

G06Q 10/107   Computer-aided management o...

G06Q 40/04   Trading; Exchange, e.g. sto...

Provisions for validating content using a content registration authority

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Provisions for validating content using a content registration authority

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links