Digital rights management engine systems and methods
First Claim
Patent Images
1. A method of managing enterprise documents, the method comprising:
- authoring, by a first software application executing on a first computing device, an electronic document;
encrypting, by a digital rights management plug-in executing on the first computing device, the electronic document;
associating, by the digital rights management plug-in executing on the first computing device, a license with the encrypted electronic document, the license comprising an encrypted first key configured to decrypt the encrypted electronic document and a control program, the control program comprising instructions for determining;
a logical connection between a node associated with a first group of users and a second node based on possession of one or more link objects, anda callback;
sending, by the first computing device, the encrypted electronic document and the license to a second computing device;
receiving the encrypted electronic document and the license by the second computing device from the first computing device;
determining authorization to access the encrypted electronic document, comprising;
determining the logical connection between the node associated with the first group of users and the second node based on possession of the one or more link objects by executing the control program using a virtual machine of the second computing device, the second computing device comprising the second node, wherein at least one of the one or more link objects comprises an encrypted second key, the second key configured to decrypt the encrypted first key;
determining the callback by executing the control program using the virtual machine;
determining a host application of the second computing device supports the callback using the host application;
calling a control routine according to the callback using the host application;
recording access to the encrypted electronic document in a database by executing the control routine using the virtual machine;
providing an authorization indication to the host application based on execution of the control routine using the virtual machine; and
accessing the encrypted electronic document based on the authorization comprising;
decrypting, by the second computing device, the encrypted second key using a key associated with the second computing device,decrypting, by the second computing device, the encrypted first key using the decrypted second key,decrypting, by the second computing device, the electronic document using the decrypted first key, andaccessing the decrypted electronic document.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are described for performing digital rights management. In one embodiment, a digital rights management engine is provided that evaluates license associated with protected content to determine if a requested access or other use of the content is authorized. In some embodiments, the licenses contain control programs that are executable by the digital rights management engine.
268 Citations
7 Claims
-
1. A method of managing enterprise documents, the method comprising:
-
authoring, by a first software application executing on a first computing device, an electronic document; encrypting, by a digital rights management plug-in executing on the first computing device, the electronic document; associating, by the digital rights management plug-in executing on the first computing device, a license with the encrypted electronic document, the license comprising an encrypted first key configured to decrypt the encrypted electronic document and a control program, the control program comprising instructions for determining; a logical connection between a node associated with a first group of users and a second node based on possession of one or more link objects, and a callback; sending, by the first computing device, the encrypted electronic document and the license to a second computing device; receiving the encrypted electronic document and the license by the second computing device from the first computing device; determining authorization to access the encrypted electronic document, comprising; determining the logical connection between the node associated with the first group of users and the second node based on possession of the one or more link objects by executing the control program using a virtual machine of the second computing device, the second computing device comprising the second node, wherein at least one of the one or more link objects comprises an encrypted second key, the second key configured to decrypt the encrypted first key; determining the callback by executing the control program using the virtual machine; determining a host application of the second computing device supports the callback using the host application; calling a control routine according to the callback using the host application; recording access to the encrypted electronic document in a database by executing the control routine using the virtual machine; providing an authorization indication to the host application based on execution of the control routine using the virtual machine; and accessing the encrypted electronic document based on the authorization comprising; decrypting, by the second computing device, the encrypted second key using a key associated with the second computing device, decrypting, by the second computing device, the encrypted first key using the decrypted second key, decrypting, by the second computing device, the electronic document using the decrypted first key, and accessing the decrypted electronic document. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeIntertrust Technologies Corporation (Fidelio Acquisition Co LLC)
-
Original AssigneeIntertrust Technologies Corporation (Fidelio Acquisition Co LLC)
-
InventorsBoccon-Gibod, Gilles, Boeuf, Julien G., Manente, Michael G., Bradley, William B.
-
Primary Examiner(s)KIM, STEVEN S
-
Application NumberUS11/583,527Publication NumberTime in Patent Office3,835 DaysField of Search705 51, 705 59, 380278, 380279, 380281-283, 380285, 726 2US Class CurrentCPC Class CodesG06F 21/1013 to locationsG06F 2221/2111 Location-sensitive, e.g. ge...G06Q 20/123 Shopping for digital contentG06Q 20/1235 with control of digital rig...G06Q 20/202 Interconnection or interact...G06Q 2220/18 LicensingH04L 2209/603 Digital right managament [DRM]H04L 2463/101 applying security measures ...H04L 63/0428 wherein the data content is...H04L 63/0492 by using a location-limited...H04L 63/08 for authentication of entit...H04L 63/10 for controlling access to d...H04L 63/123 received data contents, e.g...H04L 9/0825 using asymmetric-key encryp...H04L 9/302 involving the integer facto...H04L 9/3242 involving keyed hash functi...H04L 9/3247 involving digital signaturesH04L 9/3271 using challenge-response
