Systems and methods for secure transaction management and electronic rights protection
First Claim
1. A method comprising:
- receiving electronic content at a first user'"'"'s electronic appliance, the appliance comprising a secure processing unit, the electronic content having been sent from a second user'"'"'s electronic appliance,wherein the secure processing unit prevents unauthorized access to its components by selectively allowing data originating outside of the secure processing unit to cross a tamper-resistant security barrier and enter the secure processing unit, and by processing the allowed data within a compartmentalized secure execution space that prevents less trusted data from modifying more trusted data;
receiving, at the first user'"'"'s electronic appliance, control information associated with the electronic content, the control information indicating that the electronic content may be used only in one or more authorized ways; and
using a software application running on the first user'"'"'s electronic appliance to enable the first user to make at least one use of the electronic content in accordance with the control information, wherein the software application is configured to be resistant to attempts by users of the first electronic appliance to use the electronic content in unauthorized ways, and wherein the software application is operable to communicate with the secure processing unit to obtain information necessary to decrypt the electronic content.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.”
-
Citations
50 Claims
-
1. A method comprising:
-
receiving electronic content at a first user'"'"'s electronic appliance, the appliance comprising a secure processing unit, the electronic content having been sent from a second user'"'"'s electronic appliance, wherein the secure processing unit prevents unauthorized access to its components by selectively allowing data originating outside of the secure processing unit to cross a tamper-resistant security barrier and enter the secure processing unit, and by processing the allowed data within a compartmentalized secure execution space that prevents less trusted data from modifying more trusted data; receiving, at the first user'"'"'s electronic appliance, control information associated with the electronic content, the control information indicating that the electronic content may be used only in one or more authorized ways; and using a software application running on the first user'"'"'s electronic appliance to enable the first user to make at least one use of the electronic content in accordance with the control information, wherein the software application is configured to be resistant to attempts by users of the first electronic appliance to use the electronic content in unauthorized ways, and wherein the software application is operable to communicate with the secure processing unit to obtain information necessary to decrypt the electronic content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A computer-readable medium containing a software application comprising executable program instructions, the executable program instructions including instructions for:
-
receiving electronic content and first control information associated with the electronic content, the first control information indicating that the electronic content may be used only in one or more authorized ways; separately receiving second control information associated with the electronic content; and applying the first control information and the second control information to enable at least one use of the electronic content in accordance with the first control information and the second control information; wherein the software application is configured to be resistant to attempts to use the electronic content in unauthorized ways, and wherein the executable program instructions further include instructions for decrypting the electronic content using at least one cryptographic key retrieved from a secure processing unit; wherein the secure processing unit prevents unauthorized access to its components by selectively allowing data originating outside the secure processing unit to cross a tamper-resistant security barrier and enter the secure processing unit, and by processing the allowed data within a compartmentalized secure execution space that prevents less trusted data from modifying more trusted data. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
-
47. A method comprising:
-
creating electronic content at a first user'"'"'s electronic appliance; at the first user'"'"'s electronic appliance, securely associating control information with the electronic content, the control information indicating that the electronic content may be used only in one or more authorized ways, the control information being configured to be enforced by tamper-resistant software and/or hardware to govern use of the electronic content; distributing the electronic content and the control information to a second user'"'"'s electronic appliance that comprises a secure processing unit, wherein the secure processing unit prevents unauthorized access to its components by selectively allowing data originating outside of the secure processing unit to cross a tamper-resistant security barrier and enter the secure processing unit, and by processing the allowed data within a compartmentalized secure execution space that prevents less trusted data from modifying more trusted data; and at the second user'"'"'s electronic appliance, securely enabling the second user to make at least one use of the electronic content in accordance with the control information, in which software and/or hardware at the second user'"'"'s electronic appliance is operable to perform, at least in part, said securely enabling step, said software and/or hardware at the second user'"'"'s electronic appliance being resistant to tampering by the second user with the performance of said securely enabling step, and said software and/or hardware being operable to communicate with the secure processing unit to obtain information necessary to decrypt the electronic content. - View Dependent Claims (48, 49, 50)
-
Specification