Systems and methods for secure transaction management and electronic rights protection

US 8,141,165 B2
Filed: 07/13/2007
Issued: 03/20/2012
Est. Priority Date: 02/13/1995
Status: Expired due to Fees

First Claim

Patent Images

1. A method performed by an electronic appliance comprising a processor and a memory encoded with program instructions that, when executed by the processor, cause the electronic appliance to perform the method, the method comprising:

receiving, by the electronic appliance, a first electronic object, the first electronic object specifying one or more permitted uses of a group of electronic content objects, the first electronic object further comprising one or more decryption keys for decrypting one or more content items contained in said group of electronic content objects;

receiving, by the electronic appliance, via separate delivery from the first electronic object, a first electronic content object, the first electronic content object being protected separately from the first electronic object and comprising an identifier and an encrypted first piece of electronic content, wherein the first electronic content object is a member of said group of electronic content objects; and

using tamper resistant software to govern use of the first piece of electronic content in accordance with the one or more permitted uses specified by the first electronic object, including using at least one of the one or more decryption keys to decrypt the first piece of electronic content.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.”

Citations

20 Claims

1. A method performed by an electronic appliance comprising a processor and a memory encoded with program instructions that, when executed by the processor, cause the electronic appliance to perform the method, the method comprising:
- receiving, by the electronic appliance, a first electronic object, the first electronic object specifying one or more permitted uses of a group of electronic content objects, the first electronic object further comprising one or more decryption keys for decrypting one or more content items contained in said group of electronic content objects;
  
  receiving, by the electronic appliance, via separate delivery from the first electronic object, a first electronic content object, the first electronic content object being protected separately from the first electronic object and comprising an identifier and an encrypted first piece of electronic content, wherein the first electronic content object is a member of said group of electronic content objects; and
  
  using tamper resistant software to govern use of the first piece of electronic content in accordance with the one or more permitted uses specified by the first electronic object, including using at least one of the one or more decryption keys to decrypt the first piece of electronic content.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - using the tamper resistant software to govern the use of a second piece of electronic content in accordance with the one or more permitted uses specified by the first electronic object, wherein the second piece of electronic content is contained in a second electronic content object, the second electronic content object being different from the first electronic content object.
  - 3. The method of claim 1, wherein the first electronic object and the first electronic content object are received at the electronic appliance over different communications paths.
  - 4. The method of claim 1, wherein the first electronic object and the first electronic content object are received at the electronic appliance at different times.
  - 5. The method of claim 1, in which the electronic compliance is selected from the group consisting of:
    - computer, television set-top box, pager, telephone, sound system, video reproduction system, video game system, and smart card.
  - 6. The method claim 1, in which the first electronic object comprises an administrative object.
  - 7. The method claim 1, in which the first electronic object comprises a permissions record.

8. A method performed by a first electronic appliance comprising a processor and a memory encoded with program instructions that, when executed by the processor, cause the first electronic appliance to perform the method, the method comprising:
- sending, by the first electronic appliance, a first electronic object to a second electronic appliance, the first electronic object specifying one or more permitted uses of a group of electronic content objects, the first electronic object further comprising one or more decryption keys for decrypting one or more content items contained in said group of electronic content objects;
  
  sending, by the first electronic appliance, a first electronic content object to the second electronic appliance, the first electronic content object being protected separately from the first electronic object and comprising an identifier and an encrypted first piece of electronic content, wherein the first electronic content object is a member of said group of electronic content objects;
  
  wherein the first electronic object is sent to the second electronic appliance via separate delivery from the first electronic content object, and wherein the second electronic appliance comprises tamper-resistant software operable to govern use of the first piece of electronic content in accordance with the one or more permitted uses specified by the first electronic object.
- View Dependent Claims (9)
- - 9. The method of claim 8, further comprising:
    - sending a second electronic content object to the second electronic appliance, the second electronic content object comprising a second piece of electronic content, wherein the second electronic content object is a member of said group of electronic content objects.

10. A method of distributing rights-protected electronic content, the method performed by an electronic appliance comprising a processor and a memory encoded with program instructions that, when executed by the processor, cause the electronic appliance to perform the method, the method comprising:
- distributing, by the electronic appliance, a first computer-readable object to a first computer system, the first computer-readable object comprising;
  
  a public header comprising information that, at least in part, identifies the computer-readable object,a private header comprising information for use in validating at least part of the computer-readable object,an encrypted piece of electronic content, andfirst cryptographic key information for use in decrypting the encrypted piece of electronic content; and
  
  distributing, by the electronic appliance, via separate delivery from the first computer-readable object, a second computer-readable object to the first computer system, the second computer-readable object being protected separately from the first computer-readable object and comprising;
  
  permission information specifying one or more permitted and/or prohibited uses of the electronic content;
  
  wherein the first computer system comprises tamper-resistant hardware and/or software capable of governing use of the piece of electronic content in accordance with the permission information, the tamper-resistant hardware and/or software being resistant to tampering by users of the first computer system.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 11. The method of claim 10, wherein the first computer system further comprises second cryptographic key information for use in decrypting the first cryptographic key information.
  - 12. The method of claim 10, wherein the first computer system further comprises second cryptographic key information for use, in combination with the first cryptographic key information, in decrypting the encrypted piece of electronic content.
  - 13. The method of claim 11, wherein the second cryptographic key information is protected, at least in part, by the tamper-resistant hardware and/or software.
  - 14. The method of claim 10, wherein the tamper-resistant hardware and/or software is operable to automatically and transparently decrypt the encrypted piece of electronic content in accordance with the permission information.
  - 15. The method of claim 10, in which the second computer-readable object further comprises code for controlling usage of the piece of electronic content in accordance with the permission information.
  - 16. The method of claim 10, in which the permission information further comprises one or more conditions associated with one or more of said one or more permitted and/or prohibited uses.
  - 17. The method of claim 16, in which at least one of the one or more permitted and/or prohibited uses is selected from the group consisting of:
    - displaying, encrypting, decrypting, printing, copying, saving, extracting, embedding, auditing usage of, and distributing the piece of electronic content.
  - 18. The method of claim 17, in which at least one of the one or more conditions comprises an expiration date after which at least one of the one or more permissions is no longer allowed to be exercised.
  - 19. The method of claim 17, in which at least one of the one or more conditions is selected from the group consisting of:
    - a condition relating to availability of credit from an authorized source;
      
      a condition relating to execution of one or more load modules within a predefined time period; and
      
      a condition relating to metering usage of the piece of electronic content.
  - 20. The method of claim 10, in which at least one of the one or more permitted and/or prohibited uses is selected from the group consisting of:
    - displaying, encrypting, decrypting, printing, copying, saving, extracting, embedding, auditing usage of, and distributing the piece of electronic content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Ginter, Karl L., Shear, Victor H., Spahn, Francis J., Van Wie, David M.
Primary Examiner(s)
Chai, Longbit

Application Number

US11/827,983
Publication Number

US 20080022137A1
Time in Patent Office

1,712 Days
Field of Search

726/27
US Class Current

726/27
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/109   by using specially-adapted ...

G06F 21/16   Program or content traceabi...

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/86   Secure or tamper-resistant ...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2115   Third party

G06F 2221/2135   Metering

G06F 2221/2151   Time stamp

G06Q 20/02   involving a neutral party, ...

G06Q 20/023   the neutral party being a c...

G06Q 20/04   Payment circuits

G06Q 20/12   specially adapted for elect...

G06Q 20/1235   with control of digital rig...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06T 1/0021   Image watermarking

G07F 9/026   for alarm, monitoring and a...

H04L 2463/101   applying security measures ...

H04L 2463/102 : applying security measure f...

H04L 2463/103 : applying security measure f...

H04L 63/20 : for managing network securi...

H04N 21/2347 : involving video stream encr...

H04N 21/23476 : by partially encrypting, e....

H04N 21/235 : Processing of additional da...

H04N 21/2362 : Generation or processing of...

H04N 21/2541 : Rights Management protectin...

H04N 21/2543 : Billing , e.g. for subscrip...

H04N 21/2547 : Third Party Billing, e.g. b...

H04N 21/25875 : involving end-user authenti...

H04N 21/4143 : embedded in a Personal Comp...

H04N 21/4345 : Extraction or processing of...

H04N 21/435 : Processing of additional da...

H04N 21/4405 : involving video stream decr...

H04N 21/44204 : Monitoring of content usage...

H04N 21/443 : OS processes, e.g. booting ...

H04N 21/4627 : Rights management associate...

H04N 21/4753 : for user identification, e....

H04N 21/6581 : Reference data, e.g. a movi...

H04N 21/8166 : involving executable data, ...

H04N 21/835 : Generation of protective da...

H04N 21/8355 : involving usage data, e.g. ...

H04N 21/83555 : using a structured language...

H04N 21/8358 : involving watermark protect...

H04N 7/162 : Authorising the user termin...

H04N 7/17309 : Transmission or handling of...

View All

Systems and methods for secure transaction management and electronic rights protection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for secure transaction management and electronic rights protection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links