Secure non-invasive method and system for distribution of digital assets

US 8,565,424 B2
Filed: 04/12/2006
Issued: 10/22/2013
Est. Priority Date: 04/12/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

receiving, at a server computer system, a request for a first digital content item of a plurality of digital content items from a client computer;

outputting, from the server computer system, a first downloader component to the client computer, wherein the first downloader component is unable to download files other than files associated with the first digital content item;

after outputting the first downloader component, cooperating with the first downloader component to output a first encrypted file associated with the first digital content item to the client computer, wherein the first downloader component regulates partial encryptions of the first encrypted file so that at least a first portion of the first encrypted file is not encrypted and at least a second portion of the first encrypted file is encrypted, such that the first encrypted file is unusable if copied to another client computer; and

outputting, from the server computer system, a first file manager and an encrypted user profile to the client computer, the first file manager configured to access the encrypted user profile to decrypt the first encrypted file and configured to manage usage of the first encrypted file at the client computer based on one or more terms of usage associated with the first encrypted file, wherein the encrypted user profile includes a first key to decrypt the first encrypted file into the first digital content item and at least one acceptable user input, wherein the first key is made available to the first file manager in response to receiving one or more user inputs at the client computer that match one or more acceptable user inputs of the at least one acceptable user input, and wherein the first file manager is further configured to automatically delete the first encrypted file upon determining that usage of the first encrypted file is disallowed based on a limitation of a number of uses of the first encrypted file,wherein the first downloader component, the first encrypted file, the first file manager, and the encrypted user profile enforce a usage right of the first digital content item without requiring installation to the client computer of proprietary plug-ins associated with the first digital content item.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A server computer system outputs a downloader component to a client computer. The downloader component enables the client computer to download an encrypted file. After outputting the downloader component, the server computer system cooperates with the downloader component to output the encrypted file to the client computer. The server computer system outputs a user profile to the client computer. The user profile contains a key to decrypt the encrypted file into a digital content item. The server computer system outputs a file management component to the client computer. The file management component is to manage usage of the encrypted file at the client computer based on one or more terms of usage associated with the encrypted file.

Citations

22 Claims

1. A method comprising:
- receiving, at a server computer system, a request for a first digital content item of a plurality of digital content items from a client computer;
  
  outputting, from the server computer system, a first downloader component to the client computer, wherein the first downloader component is unable to download files other than files associated with the first digital content item;
  
  after outputting the first downloader component, cooperating with the first downloader component to output a first encrypted file associated with the first digital content item to the client computer, wherein the first downloader component regulates partial encryptions of the first encrypted file so that at least a first portion of the first encrypted file is not encrypted and at least a second portion of the first encrypted file is encrypted, such that the first encrypted file is unusable if copied to another client computer; and
  
  outputting, from the server computer system, a first file manager and an encrypted user profile to the client computer, the first file manager configured to access the encrypted user profile to decrypt the first encrypted file and configured to manage usage of the first encrypted file at the client computer based on one or more terms of usage associated with the first encrypted file, wherein the encrypted user profile includes a first key to decrypt the first encrypted file into the first digital content item and at least one acceptable user input, wherein the first key is made available to the first file manager in response to receiving one or more user inputs at the client computer that match one or more acceptable user inputs of the at least one acceptable user input, and wherein the first file manager is further configured to automatically delete the first encrypted file upon determining that usage of the first encrypted file is disallowed based on a limitation of a number of uses of the first encrypted file,wherein the first downloader component, the first encrypted file, the first file manager, and the encrypted user profile enforce a usage right of the first digital content item without requiring installation to the client computer of proprietary plug-ins associated with the first digital content item.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 21)
- - 2. The method of claim 1, further comprising:
    - receiving, at the server computer system, a request for a second digital content item of the plurality of digital content items from the client computer;
      
      outputting, from the server computer system, a second downloader component to the client computer, wherein the second downloader component is unable to download files other than files associated with the second digital content item;
      
      after outputting the second downloader component, cooperating with the second downloader component to output a second encrypted file to the client computer; and
      
      outputting, from the server computer system, a second user profile to the client computer, the second user profile including a second key to decrypt the second encrypted file into the second digital content item and at least one second acceptable user input.
  - 3. The method of claim 1, wherein the first downloader component is configured to download the first encrypted file and one or more files associated with the first digital content item to the client computer.
  - 4. The method of claim 1, wherein the first file manager is only usable by the client computer to decrypt the first encrypted file and to manage usage of the first encrypted file.
  - 5. The method of claim 1, wherein the usage of the first encrypted file is disallowed when the usage of the first encrypted file has expired based on a time stamp.
  - 6. The method of claim 1, wherein the encrypted user profile is usable by the client computer to decrypt the first encrypted file and at least one component associated with the first encrypted file.
  - 7. The method of claim 1, wherein the first file manager is usable by the client computer to manage usage of the first encrypted file and at least one component associated with the first encrypted file.
  - 8. The method of claim 1, wherein the first file manager comprises computer program code to cause the client computer to determine whether usage of the first encrypted file is allowed based on one or more terms of usage obtained from the first file manager, to direct the first digital content item to an application program when the usage is allowed, and to prohibit usage of the first encrypted file when the usage is not allowed.
  - 9. The method of claim 1, wherein the at least one acceptable user input includes at least one of a user identifier, a passcode, and a biometric feature of the user.
  - 21. The method of claim 2, further comprising outputting from the server computer system a second file manager to the client computer, the second file manager configured to access the second user profile and configured to manage usage of the second encrypted file at the client computer based on one or more terms of usage associated with the second encrypted file.

10. A system comprising:
- a server computer system comprising at least one hardware processor and at least one port;
  
  wherein the at least one hardware processor of the server computer system is operable to receive from a client computer a request for a first digital content item of a plurality of digital content items, wherein each digital content item is associated with an encrypted file;
  
  wherein the at least one port of the server computer system is operable to;
  
  output a first downloader component to the client computer, the first downloader component to enable the client computer to download a first encrypted file, and wherein the first downloader component is unable to download files other than files associated with the first digital content item;
  
  after outputting the first downloader component, cooperate with the first downloader component to output the first encrypted file associated with the first digital content item to the client computer, wherein the first downloader component regulates partial encryptions of the first encrypted file so that at least a first portion of the first encrypted file is not encrypted and at least a second portion of the first encrypted file is encrypted, such that the first encrypted file is unusable if copied to another client computer; and
  
  output a first file manager and an encrypted user profile to the client computer, wherein the first file manager is configured to access the encrypted user profile to decrypt the first encrypted file and is configured to manage usage of the first encrypted file at the client computer based on one or more tennis of usage associated with the first encrypted file, wherein the encrypted user profile includes a first key to decrypt the first encrypted file to access the first digital content item and at least one acceptable user input, wherein the first key is made available to the first file manager in response to receiving one or more user inputs at the client computer that match one or more acceptable user inputs of the at least one acceptable user input, and wherein the first file manager is further configured to automatically delete the first encrypted file upon determining that usage of the first encrypted file is disallowed based on a limitation of a number of uses of the first encrypted file,wherein the first downloader component, the first encrypted file, the first file manager, and the encrypted user profile enforce a usage right of the first digital content item without requiring installation to the client computer of proprietary plug-ins associated with the first digital content item.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 22)
- - 11. The system of claim 10, wherein the server computer system is further programmed to:
    - receive from the client computer a request for a second digital content item of the plurality of digital content items;
      
      output a second encrypted file to the client computer;
      
      output a second user profile to the client computer, the second user profile including a second key to decrypt the second encrypted file into the second digital content item and at least one second acceptable user input; and
      
      output a second file manager that is configured to access the second user profile and to manage usage of the second encrypted file at the client computer based on one or more terms of usage associated with the second encrypted file.
  - 12. The system of claim 10, wherein the first downloader component is usable by the client computer to download only the first encrypted file.
  - 13. The system of claim 10, wherein the usage of the first encrypted file is disallowed when the usage of the first encrypted file has expired based on a time stamp.
  - 14. The system of claim 10, wherein the first downloader component is usable by the client computer to download only the first encrypted file and at least one component associated with the first encrypted file.
  - 15. The system of claim 10, wherein the first downloader component includes scripts and configuration files to regulate partial encryption of the first encrypted file.
  - 16. The system of claim 10, wherein the first key is made usable in response to user input at the client computer of at least one of a user identifier, a passcode, and a biometric feature of the user.
  - 17. The system of claim 10, wherein the first file manager comprises computer program code to cause the client computer to determine whether usage of the first encrypted file is allowed based on one or more terms of usage obtained from the first file manager, to direct the first digital content item to an application program when the usage is allowed, and to prohibit usage of the first encrypted file when the usage is not allowed.
  - 18. The system of claim 10, wherein the client computer does not store the first digital content item decrypted from the first encrypted file as a file in a file system of the client computer.
  - 22. The system of claim 11, wherein the server computer system is further programmed to output a second downloader component to the client computer, wherein the second downloader component is unable to download files other than files associated with the second digital content item, and wherein the second downloader component cooperates to output the second encrypted file to the client computer.

19. A method comprising:
- receiving a first downloader component at a client computer from a server computer system;
  
  using the first downloader component to download a first encrypted file from the server computer system to the client computer, wherein the first downloader component regulates partial encryptions of the first encrypted file so that at least a first portion of the first encrypted file is not encrypted and at least a second portion of the first encrypted file is encrypted, such that the first encrypted file is unusable if copied to another client computer;
  
  accessing an encrypted user profile at the client computer via a smart card coupled to the client computer, the encrypted user profile containing a first key and at least one acceptable user input;
  
  receiving a first file manager at the client computer from the server computer system;
  
  receiving first user input at the client computer;
  
  using the first file manager to decrypt the first encrypted file with the first key to produce a first digital content item at the client computer when the first user input matches one or more of the at least one acceptable user input from the encrypted user profile; and
  
  using the first file manager to manage usage of the first encrypted file at the client computer based on one or more terms of usage associated with the first encrypted file, wherein the first file manager is usable by the client computer to delete the first encrypted file when use of the first encrypted file would exceed a number of allowed uses of the first encrypted file,wherein the first downloader component, the first encrypted file, the first file manager, and the encrypted user profile enforce a usage right of the first digital content item without requiring installation to the client computer of proprietary plug-ins associated with the first digital content item.

20. A non-transitory computer-readable storage medium having computer-readable program code to cause a server computer system to:
- receive a request for a first digital content item of a plurality of digital content items from a client computer;
  
  output a first downloader component to the client computer, wherein the first downloader component is unable to download files other than files associated with the first digital content item;
  
  after outputting the first downloader component, cooperate with the first downloader component to output a first encrypted file associated with the first digital content item to the client computer, wherein the first downloader component regulates partial encryptions of the first encrypted file so that at least a first portion of the first encrypted file is not encrypted and at least a second portion of the first encrypted file is encrypted, such that the first encrypted file is unusable if copied to another client computer; and
  
  output a first file manager and an encrypted user profile to the client computer, the first file manager configured to access the encrypted user profile to decrypt the first encrypted file and to manage usage of the first encrypted file at the client computer based on one or more terms of usage associated with the first encrypted file, wherein the encrypted user profile includes a first key to decrypt the first encrypted file into the first digital content item and at least one acceptable user input, wherein the first key is made available to the first file manager in response to receiving one or more user inputs at the client computer that match one or more acceptable user inputs of the at least one acceptable user input, and wherein the first file manager is further configured to automatically delete the first encrypted file upon determining that usage of the first encrypted file is disallowed based on a limitation of a number of uses of the first encrypted file,wherein the first downloader component, the first encrypted file, the first file manager, and the encrypted user profile enforce a usage right of the first digital content item without requiring installation to the client computer of proprietary plug-ins associated with the first digital content item.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Vishik, Claire Svetlana
Primary Examiner(s)
Rahman, Mohammad L

Application Number

US11/403,078
Publication Number

US 20070242824A1
Time in Patent Office

2,750 Days
Field of Search

380/201
US Class Current

380/201
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/6209   to a single file or object,...

H04L 2463/101   applying security measures ...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04N 21/4532   involving end-user characte...

H04N 21/454   Content or additional data ...

Secure non-invasive method and system for distribution of digital assets

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Secure non-invasive method and system for distribution of digital assets

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links