RIGHTS-BASED SYSTEM
0 Assignments
0 Petitions
Accused Products
Abstract
A rights-based system is described in which vouchers are employed for creating, managing, distributing, and redeeming rights in digital contexts. A voucher is a digital, possession-based rights representation. An authorization component of the system validates the vouchers and issues corresponding tokens. Access to digital resources is provided in response to presentation of the tokens which are validated by matching voucher refresh values to corresponding values maintained by the system. New refresh values are generated and inserted in the vouchers each time they are redeemed.
-
Citations
19 Claims
-
1. (canceled)
-
2. A computer-implemented method for conducting an anonymous transaction in a distributed rights-based system operating in a network, the distributed rights-based system including a plurality of instances of a first component configured to validate rights objects and issue corresponding tokens, and a second component configured to validate the tokens and provide access to protected resources, the method comprising:
-
receiving a first rights object representing a right to access a first protected resource, the first protected resource corresponding to a first entity; transmitting a request for a first access token to at least one of the instances of the first component, the request for the first access token including a copy of the first rights object; receiving the first access token from the at least one of the instances of the first component in response to validation of the copy of the first rights object, the first access token including a refresh value generated and stored to an instance of a database by the at least one of the instances of the first component; updating the first rights object with the refresh value, thereby invalidating other existing copies of the first rights object; storing the first rights object for a second entity; transmitting a request to access the first protected resource to the second component, the request to access the first protected resource including the first access token; and accessing the first protected resource in response to validation of the first access token by the second component, thereby effecting transfer of ownership of the first protected resource from the first entity to the second entity without reference to identity information specifically identifying the first entity. - View Dependent Claims (3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented method for conducting an anonymous transaction in a distributed rights-based system operating in a network, the distributed rights-based system including a plurality of instances of a first component configured to validate rights objects and issue corresponding tokens, a second component configured to validate the tokens and provide access to protected resources, and a plurality of wallet components configured to enable corresponding entities to manage corresponding sets of the rights objects, the method comprising:
-
transmitting a first rights object from a first wallet component associated with a first entity to a second wallet component associated with a second entity, the first rights object representing a right to access a first protected resource, the right to access the first protected resource being owned by the first entity; transmitting a request for a first access token from the second wallet component to at least one of the instances of the first component, the request for the first access token including a copy of the first rights object; validating the copy of the first rights object using the at least one instance of the first component; generating and storing a refresh value to an instance of a database using the at least one instance of the first component; transmitting the first access token and the refresh value from the at least one instance of the first component to the second wallet component; updating the first rights object with the refresh value, thereby invalidating other existing copies of the first rights object, and thereby effecting transfer of ownership of the right to access the first protected resource from the first entity to the second entity without reference to identity information specifically identifying the first entity; storing the first rights object using the second wallet component; transmitting a request to access the first protected resource from the second wallet component to the second component, the request to access the first protected resource including the first access token; validating the first access token using the second component; and accessing the first protected resource using the second wallet component. - View Dependent Claims (12, 13, 14)
-
- 10. The method of claim 10, wherein the first rights object is transmitted from the first wallet component to the second wallet component via an escrow component of the rights-based system, the escrow component being configured to coordinate trades of the rights objects.
-
15. A computer-implemented method for conducting an anonymous transaction in a distributed rights-based system operating in a network, the distributed rights-based system including at least one instance of a first component configured to validate rights objects and issue corresponding tokens, a second component configured to validate the tokens and provide access to protected resources, a first wallet component configured to enable a first entity to manage a corresponding sets of the rights objects, and a second wallet component configured to enable a second entity to manage a corresponding set of the rights objects, the method comprising:
-
receiving, with the at least one instance of the first component, a request from the second wallet component for a first access token, the request for the first access token including a copy of a first rights object, the first rights object representing a right to access a first protected resource, the right to access the first protected resource being owned by the first entity; validating the copy of the first rights object using the at least one instance of the first component; generating and storing a refresh value in an instance of a database using the at least one instance of the first component; transmitting the first access token and the refresh value from e at least one instance of the first component to the second wallet component, the refresh value being for use by the second wallet component in updating the first rights object, thereby invalidating other existing copies of the first rights object, and thereby effecting transfer of ownership of the right to access the first protected resource from the first entity to the second entity without reference to identity information specifically identifying the first entity; receiving, with the second component, a request from the second wallet component to access the first protected resource, the request to access the first protected resource including the first access token; validating the first access token using the second component; and providing access by the second wallet component to the first protected resource. - View Dependent Claims (16, 17, 18, 19)
-
Specification