Method and system for conducting transactions between repositories

US 9,953,328 B2
Filed: 04/12/2006
Issued: 04/24/2018
Est. Priority Date: 11/23/1994
Status: Expired due to Fees

First Claim

Patent Images

1. A computer system comprising computer readable media for establishing and utilizing a secure communication channel between repositories for conducting a usage transaction of a digital work, said computer readable media having encoded thereon:

an identification certificate of a repository certified by a master repository;

an external interface of said repository programmed to establish the secure communication channel using a session initiation transaction protocol, the session initiation transaction protocol including;

receiving, at another repository, a registration message, the registration message including the identification certificate of said repository and a registration identifier,validating, at the another repository, the authenticity of said repository by verifying the identification certificate,generating a message to test the authenticity of said repository,sending the generated message to said repository, andverifying if said repository correctly processed the generated message, andexchanging messages including at least one session key between said repository and the another repository, wherein the session key is to be used in communications during a session between said repository and the another repository,said external interface also being programmed to conduct a secure transaction with the another repository, including receiving the digital work; and

a processor programmed to conduct the usage transaction, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system and software for establishing a secure communications channel between repositories using a repository transaction protocol, including generating a registration identifier and registration message including an identification certificate, and an identifier of a master repository that encrypted the identification certificate; receiving the registration message and verifying the identity by verifying the identification certificate; validating the authenticity, including, generating a message to test the authenticity, sending the generated message, and verifying if upon receiving the generated message whether the generated message is correctly processed; and exchanging messages including a session key used for communications and transactions including generating a request for a digital work, associating usage rights information with the request for digital work, and determining if the usage rights information associated with the request corresponds to usage rights associated with the digital work. The usage rights define a manner in which the digital work is used or distributed.

Citations

28 Claims

1. A computer system comprising computer readable media for establishing and utilizing a secure communication channel between repositories for conducting a usage transaction of a digital work, said computer readable media having encoded thereon:
- an identification certificate of a repository certified by a master repository;
  
  an external interface of said repository programmed to establish the secure communication channel using a session initiation transaction protocol, the session initiation transaction protocol including;
  
  receiving, at another repository, a registration message, the registration message including the identification certificate of said repository and a registration identifier,validating, at the another repository, the authenticity of said repository by verifying the identification certificate,generating a message to test the authenticity of said repository,sending the generated message to said repository, andverifying if said repository correctly processed the generated message, andexchanging messages including at least one session key between said repository and the another repository, wherein the session key is to be used in communications during a session between said repository and the another repository,said external interface also being programmed to conduct a secure transaction with the another repository, including receiving the digital work; and
  
  a processor programmed to conduct the usage transaction, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the secure transaction further includes verifying at the another repository if said repository is allowed to receive said digital work.
  - 3. The system of claim 2, wherein the secure transaction further includes generating at the another repository usage rights that are associated with the digital work.
  - 4. The system of claim 1, wherein said usage transaction comprises one of play, copy and move transactions.
  - 5. The system of claim 1, wherein the message generated to test authenticity includes a nonce.
  - 6. The system of claim 1 wherein the registration identifier is a random registration identifier.

7. A computer implemented method for establishing and utilizing a secure communication channel between repositories for conducting a usage transaction of a digital work, said method comprising:
- establishing a secure communication channel by an external interface of a repository using a session initiation transaction protocol, the session initiation transaction protocol including;
  
  receiving, by another repository, a registration message, the registration message including an identification certificate of said repository and a registration identifier, said identification certificate being certified by a master repository,validating, by the another repository, the authenticity of said repository by;
  
  verifying the identification certificate,generating a message to test the authenticity of said repository,sending the generated message to said repository, andverifying if said repository correctly processed the generated message, andexchanging messages including at least one session key between said repository and the another repository, wherein the session key is to be used in communications during a session between said repository and the another repository, conducting a secure transaction with the another repository by said external interface of said repository, including receiving the digital work; and
  
  conducting the usage transaction by a processor, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein said step of conducting a secure transaction further includes verifying at the another repository if said repository is allowed to receive said digital work.
  - 9. The method of claim 8, wherein said step of conducting a secure transaction further includes generating at the another repository usage rights that are associated with the digital work.
  - 10. The method of claim 7, wherein said step of conducting a usage transaction comprises conducting one of play, copy and move transactions.
  - 11. The system of claim 7, wherein the message generated to test authenticity includes a nonce.
  - 12. The system of claim 7 wherein the registration identifier is a random registration identifier.

13. A computer implemented method for establishing and utilizing a secure communication channel between a first repository and a second repository for conducting a usage transaction of a digital work, the method comprising:
- establishing a secure communication channel with an external interface of the second repository using a session initiation transaction protocol, the session initiation transaction protocol including;
  
  receiving, by the first repository, a registration message, the registration message including an identification certificate of the second repository and a registration identifier, the identification certificate being certified by a master repository,validating, by the first repository, the authenticity of the second repository by;
  
  verifying the identification certificate,generating a message to test the authenticity of the second repository,sending the generated message to the second repository, andverifying whether the second repository correctly processed the generated message, andsending, to the second repository, and receiving, from the second repository, messages including at least one session key, wherein the session key is to be used in communications during a session between the second repository and the first repository,conducting, by the first repository, a secure transaction with the external interface of the second repository, including transmitting the digital work to the second repository; and
  
  conducting, by a processor of the first repository, the usage transaction, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The method of claim 13, wherein the step of conducting a secure transaction further includes verifying at the first repository whether the second repository is allowed to receive the digital work.
  - 15. The method of claim 14, wherein the step of conducting a secure transaction further includes generating at the first repository usage rights that are associated with the digital work.
  - 16. The method of claim 13, wherein the step of conducting a usage transaction comprises conducting one of play, copy and move transactions.
  - 17. The method of claim 13, wherein the message generated to test authenticity includes a nonce.
  - 18. The method of claim 13, wherein the registration identifier is a random registration identifier.
  - 19. The method of claim 13, wherein the first repository is a source repository and the second repository is a sink repository.
  - 20. The method of claim 13, wherein the step of establishing a secure communication channel with an external interface of the second repository using a session initiation transaction protocol occurs before a request for digital content is received.

21. A computer implemented method for establishing and utilizing a secure communication channel between a first repository and a second repository for conducting a usage transaction of a digital work, the method comprising:
- establishing, by an external interface of a second repository using a session initiation transaction protocol, a secure communication channel, the session initiation transaction protocol including;
  
  sending a registration message to the first repository, the registration message including an identification certificate of the second repository and a registration identifier, the identification certificate being certified by a master repository,proving the authenticity of the second repository to the first repository by;
  
  receiving a message generated by the first repository to test the authenticity of the second repository when the first repository verifies the identification certificate,processing the generated message, andsending the result to the first repository, andsending, to the first repository, and receiving, from the first repository, messages including at least one session key, wherein the session key is to be used in communications during a session between the second repository and the first repository,conducting, by the external interface of the second repository, a secure transaction with the first repository, including receiving the digital work by the second repository; and
  
  participating, by the second repository, in the usage transaction conducted by a processor of the first repository by rendering the digital work and neither retaining it nor transmitting it to another system, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
- - 22. The method of claim 21, wherein the first repository verifies whether the second repository is allowed to receive the digital work during the secure transaction.
  - 23. The method of claim 22, wherein usage rights that are associated with the digital work are generated by the first repository during the secure transaction.
  - 24. The method of claim 21, wherein the step of conducting a usage transaction comprises conducting one of play, copy and move transactions.
  - 25. The method of claim 21, wherein the message generated to test authenticity includes a nonce.
  - 26. The method of claim 21, wherein the registration identifier is a random registration identifier.
  - 27. The method of claim 21, wherein the first repository is a source repository and the second repository is a sink repository.
  - 28. The method of claim 21, wherein the step of establishing, by an external interface of a second repository using a session initiation transaction protocol, a secure communication channel occurs before a request for the digital work is sent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ContentGuard Holdings, Inc. (Pendrell Corporation)
Original Assignee
ContentGuard Holdings, Inc. (Pendrell Corporation)
Inventors
Stefik, Mark J., Pirolli, Peter L.T.
Primary Examiner(s)
KUCAB, JAMIE R

Application Number

US11/401,926
Publication Number

US 20060190404A1
Time in Patent Office

4,395 Days
Field of Search

705 65
US Class Current
CPC Class Codes

A61B 2017/0046   with a releasable handle; w...

A61B 2034/301   for introducing or steering...

A61B 2090/031   torque limiting

A61B 2090/376   using X-rays, e.g. fluoroscopy

A61B 34/30   Surgical robots

A61B 34/37   Master-slave robots A61B34/...

A61M 25/0113   Mechanical advancing means,...

G06F 21/10   Protecting distributed prog...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2115   Third party

G06F 2221/2135   Metering

G06Q 10/101   Collaborative creation, e.g...

G06Q 20/12   specially adapted for elect...

G06Q 20/1235   with control of digital rig...

G06Q 20/3674   involving authentication

G06Q 30/00   Commerce

G06Q 30/0185   Product, service or busines...

G06Q 30/02   Marketing; Price estimation...

G06Q 30/0283   Price estimation or determi...

G06Q 30/04   Billing or invoicing

G06Q 30/06 : Buying, selling or leasing ...

G06Q 30/0601 : Electronic shopping [e-shop...

G06Q 50/184 : Intellectual property manag...

H04L 12/14 : Charging , metering or bill...

H04L 12/1403 : Architecture for metering, ...

H04L 12/146 : using digital cash

H04L 12/1485 : Tariff-related aspects

H04L 12/1496 : involving discounts

H04L 2209/56 : Financial cryptography, e.g...

H04L 2209/603 : Digital right managament [DRM]

H04L 2463/101 : applying security measures ...

H04L 61/00 : Network arrangements, proto...

H04L 61/45 : Network directories; Name-t...

H04L 63/0428 : wherein the data content is...

H04L 63/0442 : wherein the sending and rec...

H04L 63/0464 : using hop-by-hop encryption...

H04L 63/0807 : using tickets, e.g. Kerbero...

H04L 63/0823 : using certificates cryptogr...

H04L 63/10 : for controlling access to d...

H04L 63/102 : Entity profiles

H04L 63/104 : Grouping of entities

H04L 63/105 : Multiple levels of security

H04L 63/123 : received data contents, e.g...

H04L 9/3213 : using tickets or tokens, e....

H04L 9/3297 : involving time stamps, e.g....

H04L 9/40 : Network security protocols

H04N 21/23412 : for generating or manipulat...

H04N 21/2541 : Rights Management protectin...

H04N 21/2543 : Billing , e.g. for subscrip...

H04N 21/26613 : for generating or managing ...

H04N 21/4627 : Rights management associate...

H04N 21/6332 : directed to client

H04N 21/6377 : directed to server one-way ...

H04N 21/835 : Generation of protective da...

H04N 21/8355 : involving usage data, e.g. ...

H04N 21/83555 : using a structured language...

H04N 7/16 : Analogue secrecy systems; A...

Y10S 707/99939 : Privileged access

Y10S 707/99945 : Object-oriented database st...

View All

Method and system for conducting transactions between repositories

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for conducting transactions between repositories

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links