Method and system for verifying entitlement to access content by URL validation
First Claim
1. A method comprising:
- performing a transaction between a client device and a transaction system for purchase of user-specific rights to digital content delivered electronically;
providing, to the client device, a resource address for accessing the digital content based on an authorization to exercise the user-specific rights, wherein the resource address comprises an encrypted string that represents, upon decryption, rights information associated with the user-specific rights, wherein the rights information specifies a maximum number of authorized downloads available to the user; and
providing, to the client device, access to the digital content identified by the resource address, based on the rights information in response to a successful validation of a user request to exercise the user-specific rights.
0 Assignments
0 Petitions
Accused Products
Abstract
Aspects include a mechanism of entitling users to transacted-for digital content access, indicating download authorization with discrete authentication URLs, and validating download attempts using each such URL. The authentication mechanism comprises producing an encrypted string included in a URL provided to a user. The encrypted string comprises transaction identifier information, and information about the transacted-for entitlement. When a user wishes to exercise the transacted-for entitlement, the user activates the URL, which is resolved to a location that has/can obtain access to the key(s) used in producing the encrypted string, decrypt the string, and use the information in it to validate the URL and the entitlement. The validation can use data retrieved from a database, using the transaction identifier as a key. The entitlement information included in the now-decrypted string can be compared with the prior download information.
48 Citations
20 Claims
-
1. A method comprising:
-
performing a transaction between a client device and a transaction system for purchase of user-specific rights to digital content delivered electronically; providing, to the client device, a resource address for accessing the digital content based on an authorization to exercise the user-specific rights, wherein the resource address comprises an encrypted string that represents, upon decryption, rights information associated with the user-specific rights, wherein the rights information specifies a maximum number of authorized downloads available to the user; and providing, to the client device, access to the digital content identified by the resource address, based on the rights information in response to a successful validation of a user request to exercise the user-specific rights. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium storing instructions which, when executed by a computing device, cause the computing device to perform steps comprising:
-
providing, to a client device, a resource address for accessing the digital content based on an authorization to exercise user-specific rights, wherein the resource address comprises an encrypted string that represents, upon decryption, rights information associated with the user-specific rights, wherein the rights information specifies a maximum number of authorized downloads available to the user; and providing, to the client device, access to the digital content identified by the resource address, based on the rights information in response to a successful validation of a user request to exercise the user-specific rights. - View Dependent Claims (14, 15, 16)
-
-
17. A system comprising:
-
a processor; a memory coupled to the processor; a first module configured to provide, to a client device, a resource address for accessing the digital content based on an authorization to exercise user-specific rights, wherein the resource address comprises an encrypted string that represents, upon decryption, rights information associated with the user-specific rights, wherein the rights information specifies a maximum number of authorized downloads available to the user; and a second module configured to provide, to the client device, access to the digital content identified by the resource address, based on the rights information in response to a successful validation of a user request to exercise the user-specific rights. - View Dependent Claims (18, 19, 20)
-
Specification