METHOD AND SYSTEM FOR VERIFYING ENTITLEMENT TO ACCESS CONTENT BY URL VALIDATION

US 20100192210A1
Filed: 01/26/2009
Published: 07/29/2010
Est. Priority Date: 01/26/2009
Status: Active Grant

First Claim

Patent Images

1. A method for controlling access to unsecured digital content available made available over electronic networks comprising the steps of:

transacting with a user in a transaction system for purchase of rights to digital content to be delivered over an electronic network;

entitling the user to exercise the purchased rights to the digital content by storing a record of the transaction in a computer readable medium in operative communication with the transaction system;

authorizing the user to exercise the rights by creating a URL to be used by the user for accessing the digital content, the URL comprising an encrypted string, the encrypted string representing, upon decryption, unique transaction identifier information and rights information representative of the rights to which the user is entitled;

providing access to the URL at a user device;

receiving a request to exercise the purchased rights, indicated by access to the URL from the user device;

parsing the URL to obtain the encrypted string;

decrypting the encrypted string;

validating the requested exercise of rights using the rights information from the encrypted string; and

responsive to successful validation, providing access to the digital content identified by the URL.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Aspects include a mechanism of entitling users to transacted-for digital content access, indicating download authorization with discrete authentication URLs, and validating download attempts using each such URL. The authentication mechanism comprises producing an encrypted string included in a URL provided to a user. The encrypted string comprises transaction identifier information, and information about the transacted-for entitlement. When a user wishes to exercise the transacted-for entitlement, the user activates the URL, which is resolved to a location that has/can obtain access to the key(s) used in producing the encrypted string, decrypt the string, and use the information in it to validate the URL and the entitlement. The validation can use data retrieved from a database, using the transaction identifier as a key. The entitlement information included in the now-decrypted string can be compared with the prior download information. A byte range of requested by a browser using the URL can be used in validation, as well as how a particular authorization/validation should count for entitlement fulfillment.

57 Citations

View as Search Results

20 Claims

1. A method for controlling access to unsecured digital content available made available over electronic networks comprising the steps of:
- transacting with a user in a transaction system for purchase of rights to digital content to be delivered over an electronic network;
  
  entitling the user to exercise the purchased rights to the digital content by storing a record of the transaction in a computer readable medium in operative communication with the transaction system;
  
  authorizing the user to exercise the rights by creating a URL to be used by the user for accessing the digital content, the URL comprising an encrypted string, the encrypted string representing, upon decryption, unique transaction identifier information and rights information representative of the rights to which the user is entitled;
  
  providing access to the URL at a user device;
  
  receiving a request to exercise the purchased rights, indicated by access to the URL from the user device;
  
  parsing the URL to obtain the encrypted string;
  
  decrypting the encrypted string;
  
  validating the requested exercise of rights using the rights information from the encrypted string; and
  
  responsive to successful validation, providing access to the digital content identified by the URL.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, further comprising accessing the record using the transaction identifier information from the encrypted string to obtain information indicative of prior consumption of the rights entitlement, and comparing the rights information with the prior usage information in validating the requested exercise of rights.
  - 3. The method of claim 1, wherein the encrypted string comprises a unique identifier for an item of content to which the rights entitlement applies, the item of content being stored in a Content Delivery Network (CDN) independent from the transaction system, the request is accepted from the user at the CDN, the encrypted string is forwarded for validation to a system controlled by an operator of the transaction system, which performs the decrypting and validating, and the step of providing access includes providing a private URL from which the item of content can be obtained for provision to the user device.
  - 4. The method of claim 1, wherein the URL is made accessible to the user by provision in an electronic message.
  - 5. The method of claim 1, wherein the URL is made accessible to the user by provision in a web page returned to the user, over the electronic network, responsive to completion of the purchase transaction.
  - 6. The method of claim 1, wherein the transaction identifier information comprises a time stamp indicative of when the purchase transaction completed, and the validating comprises determining that the time stamp indicates that the purchase occurred within a time limit.
  - 7. The method of claim 1, wherein the encrypted portion further comprises a time stamp indicative of when the URL was generated, and the validating comprises determining whether the requested exercise was made within a maximum timeframe from when the URL was generated.
  - 8. The method of claim 1, wherein the transaction identifier information comprises a maximum number of authorized downloads, and further comprising accessing the record to obtain information indicative of a number of prior downloads initiated using the URL, and the validating includes determining that the maximum number of authorized downloads has not been reached.
  - 9. The method of claim 1, wherein the encrypted string is formed using at least one bit of random data in addition to the unique transaction identifier information and rights information.
  - 10. The method of claim 1, wherein the encrypted string contains time limit information, and the validating comprises using the time limit information to determine whether the request was made within a maximum time allocation for exercise of the entitlement.
  - 11. The method of claim 10, wherein the time limit information comprises a time stamp identifying a transaction time.
  - 12. The method of claim 10, wherein the time limit information comprises a time stamp identifying an expiration time.
  - 13. The method of claim 10, wherein the time limit information comprises a time amount that can be added to a separately indicated transaction time during validating.
  - 14. The method of claim 1, wherein the digital content comprises one or more of text, image, audio and video.

15. An article of manufacture comprising a computer readable medium storing data structures representative of computer executable instructions that when executed on a processor cause the processor to perform a method comprising the steps of:
- transacting with a user for purchase of rights to digital content to be delivered over an electronic network;
  
  entitling the user to exercise the purchased rights to the digital content by storing a record of the transaction in a computer readable medium in operative communication with the transaction system;
  
  creating a URL to be used by the user for accessing the digital content, the URL comprising an encrypted bitstring, decryptable using a predetermined key into data representative of a unique transaction identifier and rights information representative of the rights to which the user is entitled;
  
  providing access to the URL at a user device;
  
  accepting a request to exercise the purchased rights, indicated by access to the URL from the user device;
  
  parsing the URL to obtain the encrypted string;
  
  decrypting the encrypted string with the predetermined key;
  
  validating the requested exercise of rights using the rights information from the decrypted bitstring; and
  
  responsive to successful validation, providing access to the digital content identified by the URL, and updating the prior usage information in the record.
- View Dependent Claims (16, 17)
- - 16. The article of claim 15, wherein the purchased rights comprise entitlement to download an identified item of content, and data structures are further representative of instructions to cause the processor to perform the steps for a plurality of users transacting for the same entitlement, each user provided access to a respective URL having a different and unique encrypted bitstring.
  - 17. The article of claim 15, wherein the purchased rights comprise entitlement to download an identified item of content, and data structures are further representative of instructions to cause the processor to perform the steps for a user transacting for the same entitlement for a number of different content items, the user provided access to a respective URL having a different and unique encrypted bitstring for each of the content items.

18. A system for controlling access to digital content made available over an electronic network comprising:
- one or more processing resources configured to execute elements of functional modules described by computer readable instructions obtained from data structures on a computer readable medium, the modules comprisinga rights entitlement module configured for completing a transaction with a user for entitlement to access an item of content and for recording an indication of such entitlement on a computer readable medium;
  
  an authorization module responsive to a request to exercise the entitlement by generating a URL comprising an encrypted portion, the encrypted portion encoding an identifier for the transaction; and
  
  a validation module configured for receiving the URL, parsing the URL to obtain the encrypted portion, decrypted the encrypted portion and using at least the identifier for the transaction to determine whether access to the item of content is to be provided to the user.
- View Dependent Claims (19, 20)
- - 19. The system of claim 18, wherein the user may make multiple requests for exercise of the entitlement, the authorization module is responsive to generate a unique URL for each request, the validation module is configured for receiving each URL upon activation thereof, and the determination of whether access is to be provided includes validating a respective time limit associated with each URL, and validating whether rights under the original entitlement remain.
  - 20. The system of claim 18, wherein the validation module further comprises a URL parser component configured for parsing the received URL to identify a received encrypted string;

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
PURDY, Gregor N. SR., Kinnis, Tony F.

Granted Patent

US 8,464,325 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2151   Time stamp

G06Q 20/1235   with control of digital rig...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/603   Digital right managament [DRM]

H04L 9/3297   involving time stamps, e.g....

METHOD AND SYSTEM FOR VERIFYING ENTITLEMENT TO ACCESS CONTENT BY URL VALIDATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

57 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR VERIFYING ENTITLEMENT TO ACCESS CONTENT BY URL VALIDATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links