Method and system for conducting transactions between repositories
First Claim
1. A computer system comprising computer readable media for establishing and utilizing a secure communication channel between repositories for conducting a usage transaction of a digital work, said computer readable media having encoded thereon:
- an identification certificate of a repository certified by a master repository;
an external interface of said repository programmed to establish the secure communication channel using a session initiation transaction protocol, the session initiation transaction protocol including;
receiving, at another repository, a registration message, the registration message including the identification certificate of said repository and a registration identifier,validating, at the another repository, the authenticity of said repository by verifying the identification certificate,generating a message to test the authenticity of said repository,sending the generated message to said repository, andverifying if said repository correctly processed the generated message, andexchanging messages including at least one session key between said repository and the another repository, wherein the session key is to be used in communications during a session between said repository and the another repository,said external interface also being programmed to conduct a secure transaction with the another repository, including receiving the digital work; and
a processor programmed to conduct the usage transaction, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, system and software for establishing a secure communications channel between repositories using a repository transaction protocol, including generating a registration identifier and registration message including an identification certificate, and an identifier of a master repository that encrypted the identification certificate; receiving the registration message and verifying the identity by verifying the identification certificate; validating the authenticity, including, generating a message to test the authenticity, sending the generated message, and verifying if upon receiving the generated message whether the generated message is correctly processed; and exchanging messages including a session key used for communications and transactions including generating a request for a digital work, associating usage rights information with the request for digital work, and determining if the usage rights information associated with the request corresponds to usage rights associated with the digital work. The usage rights define a manner in which the digital work is used or distributed.
-
Citations
28 Claims
-
1. A computer system comprising computer readable media for establishing and utilizing a secure communication channel between repositories for conducting a usage transaction of a digital work, said computer readable media having encoded thereon:
-
an identification certificate of a repository certified by a master repository; an external interface of said repository programmed to establish the secure communication channel using a session initiation transaction protocol, the session initiation transaction protocol including; receiving, at another repository, a registration message, the registration message including the identification certificate of said repository and a registration identifier, validating, at the another repository, the authenticity of said repository by verifying the identification certificate, generating a message to test the authenticity of said repository, sending the generated message to said repository, and verifying if said repository correctly processed the generated message, and exchanging messages including at least one session key between said repository and the another repository, wherein the session key is to be used in communications during a session between said repository and the another repository, said external interface also being programmed to conduct a secure transaction with the another repository, including receiving the digital work; and a processor programmed to conduct the usage transaction, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer implemented method for establishing and utilizing a secure communication channel between repositories for conducting a usage transaction of a digital work, said method comprising:
-
establishing a secure communication channel by an external interface of a repository using a session initiation transaction protocol, the session initiation transaction protocol including; receiving, by another repository, a registration message, the registration message including an identification certificate of said repository and a registration identifier, said identification certificate being certified by a master repository, validating, by the another repository, the authenticity of said repository by; verifying the identification certificate, generating a message to test the authenticity of said repository, sending the generated message to said repository, and verifying if said repository correctly processed the generated message, and exchanging messages including at least one session key between said repository and the another repository, wherein the session key is to be used in communications during a session between said repository and the another repository, conducting a secure transaction with the another repository by said external interface of said repository, including receiving the digital work; and conducting the usage transaction by a processor, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer implemented method for establishing and utilizing a secure communication channel between a first repository and a second repository for conducting a usage transaction of a digital work, the method comprising:
-
establishing a secure communication channel with an external interface of the second repository using a session initiation transaction protocol, the session initiation transaction protocol including; receiving, by the first repository, a registration message, the registration message including an identification certificate of the second repository and a registration identifier, the identification certificate being certified by a master repository, validating, by the first repository, the authenticity of the second repository by; verifying the identification certificate, generating a message to test the authenticity of the second repository, sending the generated message to the second repository, and verifying whether the second repository correctly processed the generated message, and sending, to the second repository, and receiving, from the second repository, messages including at least one session key, wherein the session key is to be used in communications during a session between the second repository and the first repository, conducting, by the first repository, a secure transaction with the external interface of the second repository, including transmitting the digital work to the second repository; and conducting, by a processor of the first repository, the usage transaction, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer implemented method for establishing and utilizing a secure communication channel between a first repository and a second repository for conducting a usage transaction of a digital work, the method comprising:
-
establishing, by an external interface of a second repository using a session initiation transaction protocol, a secure communication channel, the session initiation transaction protocol including; sending a registration message to the first repository, the registration message including an identification certificate of the second repository and a registration identifier, the identification certificate being certified by a master repository, proving the authenticity of the second repository to the first repository by; receiving a message generated by the first repository to test the authenticity of the second repository when the first repository verifies the identification certificate, processing the generated message, and sending the result to the first repository, and sending, to the first repository, and receiving, from the first repository, messages including at least one session key, wherein the session key is to be used in communications during a session between the second repository and the first repository, conducting, by the external interface of the second repository, a secure transaction with the first repository, including receiving the digital work by the second repository; and participating, by the second repository, in the usage transaction conducted by a processor of the first repository by rendering the digital work and neither retaining it nor transmitting it to another system, wherein the usage transaction comprises controlling use of the digital work in accordance with usage rights associated with the digital work. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
-
Specification