Data management system
First Claim
1. A system for managing digital data to be transferred from an owner of data to a user of data via broadcast, a communication network or data recording medium , said system comprising:
- storage storing public-keys, private-keys, user labels and edit labels used in the data management system;
a data management center and the owner linked to a public-key the storage, and arranged on said a communication network;
wherein said data management center is configured to certifying public-keys of said owner and said presented by users of said system and storing said is further configured to access a first user label and said a first edit label associated with a first set of digital data;
a first user device configured to obtain ing said first set of digital data from said communication network by presenting said first user label to use said first set of digital data, wherein said first user device is further configured to edit ing the first set of digital data, and obtaining said first edit label from said data management center via said communication network by presenting said first user label and an editing scenario, ;
wherein said first set of digital data is not only temporarily stored in a said first user device of each of said user after using e of said first set of digital data by a first user, and wherein said first user device is configured to transfer said first edit label is transferred to a next user without said digital data for the next user'"'"'s use of the edited said first set of digital data, wherein the first set of digital data is not transferred to the next user.
4 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a system to ensure security of data in a computer network system. A center certifies a public-key of user of the system and distributes a secret-key. A first system comprises the center in a network, an information provider and a plurality of users. The center identifies utilization status by requests of the secret-key. The data is encrypted by the secret-key and is stored and transferred, while the data to be stored and transferred is encrypted by a secret-key different from the secret-key of the transferred data. An original data label is added to the original data, and an edit label is added to the edited data, and the center does not store the data and stores only the original data label and the edit label. A second system comprises a center and an information provider in a network, and a plurality of users utilizing the network. The center stores the original data and editing scenario, and also the original data label, user label and edit label. The data is not transferred between the users, but data label encrypted by the public-key is transferred. In electronic commerce system, every data is distributed through a mediator in the network, data which is transferred from a maker to a user is encrypted by a secret-key for encryption, and data which is transferred from the user to the maker is encrypted by a secret-key for re-encryption.
-
Citations
91 Claims
-
1. A system for managing digital data to be transferred from an owner of data to a user of data via broadcast, a communication network or data recording medium , said system comprising:
-
storage storing public-keys, private-keys, user labels and edit labels used in the data management system;
a data management center and the owner linked to a public-key the storage, and arranged on said a communication network;
wherein said data management center is configured to certifying public-keys of said owner and said presented by users of said system and storing said is further configured to access a first user label and said a first edit label associated with a first set of digital data;
a first user device configured to obtain ing said first set of digital data from said communication network by presenting said first user label to use said first set of digital data, wherein said first user device is further configured to edit ing the first set of digital data, and obtaining said first edit label from said data management center via said communication network by presenting said first user label and an editing scenario, ;
wherein said first set of digital data is not only temporarily stored in a said first user device of each of said user after using e of said first set of digital data by a first user, and wherein said first user device is configured to transfer said first edit label is transferred to a next user without said digital data for the next user'"'"'s use of the edited said first set of digital data, wherein the first set of digital data is not transferred to the next user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A system for electronic commerce between a maker and a user via a mediator, said system comprising:
-
a maker system including at least one computer system;
a user system including at least one computer system; and
a mediator system including at least one computer system;
said mediator system is linked to a first entity to manage public-keys and a second entity to generate secret-keys and is arranged on a communication network;
said user system is configured to requests electronic commerce data from said mediator system;
said mediator system is configured to transfers the request of said electronic commerce data together with a first secret-key of said second entity, which are encrypted by using a public-key of said maker system, to said maker system;
said maker system is configured to decrypts the encrypted first secret-key by using a private-key of said maker and system, encrypts said electronic commerce data using the decrypted first secret-key and transfers encrypted electronic commerce data to said mediator system;
said mediator system is configured to decrypts said encrypted electronic commerce data using said first secret-key, re-encrypts decrypted electronic commerce data using a second secret-key of said second entity, and transfers the re-encrypted electronic commerce data together with the second secret-key, which are encrypted using a public-key of said user system, to said user system;
said user system is configured to decrypts the encrypted second secret-key using a private-key of said user system, decrypts the re-encrypted electronic commerce data using the decrypted second secret-key, makes an order sheet by entering order content into the decrypted electronic commerce data, encrypts said order sheet using the second secret-key, and transfers the encrypted order sheet to said mediator system;
said mediator system is configured to decrypts said encrypted order sheet using said second secret-key, encrypt s the decrypted order sheet using the public-key of said maker system, and transfer s the encrypted order sheet to said maker system; and
said maker system is configured to decrypts the encrypted order sheet using the private-key of said maker , system and makes an order acceptance. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A method, comprising:
-
certifying one or more public-keys of a first user;
said first user obtaining digital data from a communication network by presenting a user label to use said digital data, editing the digital data, and obtaining an edit label from said communication network by presenting said user label and an editing scenario;
not storing said digital data in a device of each of one or more users after using said digital data; and
transferring said edit label to a next user without said digital data for the next user'"'"'s use of said digital data. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
-
-
54. An apparatus, comprising:
-
means for certifying one or more public-keys of a first user;
means for said first user obtaining digital data from a communication network by presenting a user label to use said digital data, editing the digital data, and obtaining an edit label from said communication network by presenting said user label and an editing scenario;
means for not storing said digital data in a device of each user after using said digital data; and
means for transferring said edit label to a next user without said digital data for the next user'"'"'s use of said digital data. - View Dependent Claims (55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
-
-
65. An apparatus, comprising:
-
a computing device, said computing device capable of;
certifying one or more public-keys of a first user;
said first user obtaining digital data from a communication network by presenting a user label to use said digital data, editing the digital data, and obtaining an edit label from said communication network by presenting said user label and an editing scenario;
not storing said digital data in a device of each user after using said digital data; and
transferring said edit label to a next user without said digital data for the next user'"'"'s use of said digital data. - View Dependent Claims (66, 67, 68, 69, 70, 71, 72, 73, 74, 75)
-
-
76. An article of manufacture comprising a non-transitory storage medium having instructions stored thereon that, in response to execution by a device, cause the device to perform operations including:
-
obtaining digital data from a communication network by presenting a user label to use said digital data, editing the digital data, and obtaining an edit label from said communication network by presenting said user label and an editing scenario;
removing said digital data from memory after using said digital data; and
transferring said edit label to a next user without said digital data for the next user'"'"'s use of said digital data. - View Dependent Claims (77, 78, 79, 80, 81, 82, 83, 84, 85, 86)
-
-
87. A system for managing digital data, comprising:
-
a data management center storing digital data, user labels, edit labels, and sets of edits corresponding to said digital data, wherein said stored digital data includes a first set of digital data, and wherein said user labels include a first user label associated with a first user;
a first computing device configured to obtain the first set of digital data from the data management center by presenting the first user label, wherein the first computing device is further configured to perform a first set of edits on the first set of digital data to produce an edited first set of digital data, and wherein the first computing device is further configured to obtain a first edit label for the edited first set of digital data from the data management center by presenting the first user label and the first set of edits; and
wherein said first set of digital data is only temporarily stored in a memory of the first computing device and is removed therefrom after utilization of the first set of digital data by the first computing device, and wherein the first edit label is transferable from the first computing device to a second computing device in order to facilitate a second user receiving the edited first set of digital data from the data management center at the second computing device. - View Dependent Claims (88, 89, 90)
-
-
91. A system for electronic commerce, comprising:
-
a first computing device configured to manage public-keys and to generate secret-keys;
a second computing device configured to request electronic commerce data from said first computing device;
a third computing device configured to receive the request of said electronic commerce data together with a first secret-key from the first computing device, wherein the request and the first secret-key are encrypted by using a public-key of said third computing device;
wherein said third computing device is configured to decrypt the encrypted first secret-key by using a private-key of said third computing device, and to encrypt said requested electronic commerce data using the decrypted first secret-key and to transfer the encrypted electronic commerce data to said first computing device;
wherein said first computing device is configured to decrypt said encrypter electronic commerce data using said first secret-key, to re-encrypt decrypted electronic commerce data usinng a second secret-key, and to transfer the re-encrypted electronic commerce data together with the second secret-key to the second computing device, wherein the transferred electronic commerce data and the second secret-key are encrypted using a public-key of the second computing device;
wherein said second computing device is configured to decrypt the transferred second secret-key using a priviate-key of said second computing device, to decrypt the transferred electronic commerce data using the decrypted second secret-key, to generate a response relating to the decrypted electronic commerce data, to encrypt said response using the second secret-key, and to transfer the encrypted response to the first computing device;
wherein said first computing is configured to decrypt said encrypted response using said second secret-ksy, to re-encrypt the decrypted response using the public-key of said third computing device, and to transfer the re-encrypted response to said third computing device; and
wherein said third computing device is configured to decrypt the transferred response using the private key of said third computing device.
-
Specification