Home
Patent Search
IMT Blog
REGISTER
|
SIGN IN
United States Patent
5943422
Van Wie , ; et al.
August 24, 1999
Title
Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels
Abstract
Electronic steganographic techniques can be used to encode a rights management control signal onto an information signal carried over an insecure communications channel. Steganographic techniques ensure that the digital control information is substantially invisibly and substantially indelibly carried by the information signal. These techniques can provide end-to-end rights management protection of an information signal irrespective of transformations between analog and digital. An electronic appliance can recover the control information and use it for electronic rights management to provide compatibility with a Virtual Distribution Environment. In one example, the system encodes low data rate pointers within high bandwidth time periods of the content signal to improve overall control information read/seek times.
Inventors:
Van Wie; David M.
(Sunnyvale,
CA
)
, Weber; Robert P.
(Menlo Park,
CA
)
Assignee:
InterTrust Technologies Corp.
(Sunnyvale,
CA
)
Appl. No.:
689606
Filed:
August 12, 1996
Current U.S. Class:
705/54
705/58
705/76
713/176
Field of Search:
380/9,20,4,5,28 382/232
U.S. Patent Documents
3573747
April 1971
Adams et al.
3609697
September 1971
Blevins
3796830
March 1974
Smith
3798359
March 1974
Feistel
3798360
March 1974
Feistel
3798605
March 1974
Feistel
3806882
April 1974
Clarke
3829833
August 1974
Freeny, Jr.
3906448
September 1975
Henriques
3911397
October 1975
Freeny, Jr.
3924065
December 1975
Freeny, Jr.
3931504
January 1976
Jacoby
3946220
March 1976
Brobeck et al.
3956615
May 1976
Anderson et al.
3958081
May 1976
Ehrsam et al.
3970992
July 1976
Boothroyd et al.
4048619
September 1977
Forman, Jr. et al.
4071911
January 1978
Mazur
4112421
September 1978
Freeny, Jr.
4120030
October 1978
Johnstone
4163280
July 1979
Mori et al.
4168396
September 1979
Best
4196310
April 1980
Forman et al.
4200913
April 1980
Kuhar et al.
4209787
June 1980
Freeny, Jr.
4217588
August 1980
Freeny, Jr.
4220991
September 1980
Hamano et al.
4232193
November 1980
Gerard
4232317
November 1980
Freeny, Jr.
4236217
November 1980
Kennedy
4253157
February 1981
Kirschner et al.
4262329
April 1981
Bright et al.
4265371
May 1981
Desai et al.
4270182
May 1981
Asija
4278837
July 1981
Best
4305131
December 1981
Best
4306289
December 1981
Lumley
4309569
January 1982
Merkle
4319079
March 1982
Best
4323921
April 1982
Guillou
4328544
May 1982
Baldwin et al.
4337483
June 1982
Guillou
4361877
November 1982
Dyer et al.
4375579
March 1983
Davida et al.
4433207
February 1984
Best
4434464
February 1984
Suzuki et al.
4442486
April 1984
Mayer
4446519
May 1984
Thomas
4454594
June 1984
Heffron et al.
4458315
July 1984
Uchenick
4462076
July 1984
Smith, III
4462078
July 1984
Ross
4465901
August 1984
Best
4471163
September 1984
Donald et al.
4484217
November 1984
Block et al.
4494156
January 1985
Kadison et al.
4513174
April 1985
Herman
4528588
July 1985
Lofberg
4528643
July 1985
Freeny, Jr.
4553252
November 1985
Egendorf
4558176
December 1985
Arnold et al.
4558413
December 1985
Schmidt et al.
4562306
December 1985
Chou et al.
4562495
December 1985
Bond et al.
4577289
March 1986
Comerford et al.
4584641
April 1986
Guglielmino
4588991
May 1986
Atalla
4589064
May 1986
Chiba et al.
4593353
June 1986
Pickholtz
4593376
June 1986
Volk
4595950
June 1986
Lofberg
4597058
June 1986
Izumi et al.
4634807
January 1987
Chorley et al.
4644493
February 1987
Chandra et al.
4646234
February 1987
Tolman et al.
4652990
March 1987
Pailen et al.
4658093
April 1987
Hellman
4670857
June 1987
Rackman
4677434
June 1987
Fascenda
4680731
July 1987
Izumi et al.
4683553
July 1987
Mollier
4685056
August 1987
Barnsdale et al.
4688169
August 1987
Joshi
4691350
September 1987
Kleijne et al.
4696034
September 1987
Wiedemer
4701846
October 1987
Ikeda et al.
4712238
December 1987
Gilhousen et al.
4713753
December 1987
Boebert et al.
4740890
April 1988
William
4747139
May 1988
Taaffe
4757533
July 1988
Allen et al.
4757534
July 1988
Matyas et al.
4768087
August 1988
Taub et al.
4791565
December 1988
Dunham et al.
4796181
January 1989
Wiedemer
4807288
February 1989
Ugon et al.
4817140
March 1989
Chandra et al.
4827508
May 1989
Shear
4858121
August 1989
Barber et al.
4864494
September 1989
Kobus
4868877
September 1989
Fischer
4903296
February 1990
Chandra et al.
4924378
May 1990
Hershey et al.
4930073
May 1990
Cina, Jr.
4949187
August 1990
Cohen
4977594
December 1990
Shear
4999806
March 1991
Chernow et al.
5001752
March 1991
Fischer
5005122
April 1991
Griffin et al.
5005200
April 1991
Fischer
5010571
April 1991
Katznelson
5023907
June 1991
Johnson et al.
5047928
September 1991
Wiedemer
5048085
September 1991
Abraham et al.
5050213
September 1991
Shear
5091966
February 1992
Bloomberg et al.
5103392
April 1992
Mori
5119493
June 1992
Janis et al.
5128525
July 1992
Stearns et al.
5136643
August 1992
Fischer
5136646
August 1992
Haber et al.
5136647
August 1992
Haber et al.
5136716
August 1992
Harvey et al.
5146575
September 1992
Nolan, Jr.
5148481
September 1992
Abraham et al.
5155680
October 1992
Wiedemer
5168147
December 1992
Bloomberg
5185717
February 1993
Mori
5201046
April 1993
Goldberg et al.
5201047
April 1993
Maki et al.
5208748
May 1993
Flores et al.
5214702
May 1993
Fischer
5216603
June 1993
Flores et al.
5221833
June 1993
Hecht
5222134
June 1993
Waite et al.
5224160
June 1993
Paulini et al.
5235642
August 1993
Wobber et al.
5245165
September 1993
Zhang
5247575
September 1993
Sprague et al.
5260999
November 1993
Wyman
5263158
November 1993
Janis
5265164
November 1993
Matyas et al.
5276735
January 1994
Boebert et al.
5280479
January 1994
Mary
5285494
February 1994
Sprecher et al.
5301231
April 1994
Abraham et al.
5311591
May 1994
Fischer
5337360
August 1994
Fischer
5341429
August 1994
Stringer et al.
5347579
September 1994
Blandford
5351293
September 1994
Michener et al.
5355474
October 1994
Thuraisngham et al.
5373561
December 1994
Haber et al.
5390247
February 1995
Fischer
5390330
February 1995
Talati
5392220
February 1995
van den Hamer et al.
5392390
February 1995
Crozier
5394469
February 1995
Nagel et al.
5410598
April 1995
Shear
5412717
May 1995
Fischer
5421006
May 1995
Jablon
5422953
June 1995
Fischer
5428606
June 1995
Moskowitz
5438508
August 1995
Wyman
5442645
August 1995
Ugon
5444779
August 1995
Daniele
5449895
September 1995
Hecht et al.
5449896
September 1995
Hecht et al.
5450493
September 1995
Maher
5453601
September 1995
Rosen
5453605
September 1995
Hecht et al.
5455407
October 1995
Rosen
5455861
October 1995
Faucher et al.
5455953
October 1995
Russell
5457746
October 1995
Dolphin
5463565
October 1995
Cookson et al.
5473687
December 1995
Lipscomb et al.
5473692
December 1995
Davis
5479509
December 1995
Ugon
5485622
January 1996
Yamaki
5491800
February 1996
Goldsmith et al.
5497479
March 1996
Hornbuckle
5497491
March 1996
Mitchell et al.
5499298
March 1996
Narasimhalu et al.
5504757
April 1996
Cook et al.
5504818
April 1996
Okano
5504837
April 1996
Griffeth et al.
5508913
April 1996
Yamamoto et al.
5509070
April 1996
Schull
5513261
April 1996
Maher
5530235
June 1996
Stefik et al.
5530752
June 1996
Rubin
5533123
July 1996
Force et al.
5534975
July 1996
Stefik et al.
5537526
July 1996
Anderson et al.
5539735
July 1996
Moskowitz
5539828
July 1996
Davis
5550971
August 1996
Brunner et al.
5553282
September 1996
Parrish et al.
5557518
September 1996
Rosen
5563946
October 1996
Cooper et al.
5568552
October 1996
Davis
5572673
November 1996
Shurts
5592549
January 1997
Nagel et al.
5606609
February 1997
Houser et al.
5613004
March 1997
Cooperman et al.
5621797
April 1997
Rosen
5629980
May 1997
Stefik et al.
5633932
May 1997
Davis et al.
5634012
May 1997
Stefik et al.
5636292
June 1997
Rhoads
5638443
June 1997
Stefik
5638504
June 1997
Scott et al.
5640546
June 1997
Gopinath et al.
5655077
August 1997
Jones et al.
5687236
November 1997
Moskowitz et al.
5689587
November 1997
Bender et al.
5692180
November 1997
Lee
5710834
January 1998
Rhoads
5740549
April 1998
Reilly et al.
5745604
April 1998
Rhoads
5748763
May 1998
Rhoads
5748783
May 1998
Rhoads
5748960
May 1998
Fischer
5754849
May 1998
Dyer et al.
5757914
May 1998
McManis
5758152
May 1998
LeTourneau
5765152
January 1998
Erickson
5768426
June 1998
Rhoads
Foreign Patent Documents
0 370 146
Nov., 1988
EP
0 456 386 A2
Nov., 1991
EP
0 469 864 A2
Nov., 1991
EP
0 469 864 A3
Feb., 1992
EP
0 593 305 A2
Apr., 1994
EP
0 651 554 A1
May., 1995
EP
0 668 695 A2
Aug., 1995
EP
0 695 985 A1
Feb., 1996
EP
0 696 798 A1
Feb., 1996
EP
0 725 376
Sep., 1996
EP
0 778 513 A2
Jun., 1997
EP
0 795 873 A2
Sep., 1997
EP
0 84 441
Jul., 1983
EP
0180460
May., 1986
EP
0715243A1
Jun., 1996
EP
0715244A1
Jun., 1996
EP
0715245A1
Jun., 1996
EP
0715246A1
Jun., 1996
EP
0715247A1
Jun., 1996
EP
0749081A1
Dec., 1996
EP
1-068835
Mar., 1989
JP
2-242352
Sep., 1990
JP
2-247763
Oct., 1990
JP
2-294855
Dec., 1990
JP
2294348
Apr., 1996
GB
2295947
Jun., 1996
GB
3803982A1
Jan., 1990
DE
4-369068
Dec., 1992
JP
5-181734
Jul., 1993
JP
5-257783
Oct., 1993
JP
5-268415
Oct., 1993
JP
57-726
May., 1982
JP
6-175794
Jun., 1994
JP
6-215010
Aug., 1994
JP
62-241061
Oct., 1987
JP
6225059
Aug., 1994
JP
64-68835
Mar., 1989
JP
7-056794
Mar., 1995
JP
7-084852
Mar., 1995
JP
7-141138
Jun., 1995
JP
7-200317
Aug., 1995
JP
7-200492
Aug., 1995
JP
7-244639
Sep., 1995
JP
8-137795
May., 1996
JP
8-152990
Jun., 1996
JP
8-185298
Jul., 1996
JP
9 004 79
Dec., 1984
BE
A0135422
Mar., 1985
EP
A2136175
Sep., 1984
GB
WO 85/03584
Aug., 1985
WO
WO 92/06438
Apr., 1992
WO
WO 93/01550
Jan., 1993
WO
WO 94/01821
Jan., 1994
WO
WO 94/16395
Jul., 1994
WO
WO 94/18620
Aug., 1994
WO
WO 94/22266
Sep., 1994
WO
WO 94/27406
Nov., 1994
WO
WO 96/00963
Jan., 1996
WO
WO 96/03835
Feb., 1996
WO
WO 96/05698
Feb., 1996
WO
WO 96/06503
Feb., 1996
WO
WO 96/13013
May., 1996
WO
WO 96/21192
Jul., 1996
WO
WO 97/03423
Jan., 1997
WO
WO A8502310
May., 1985
WO
WO97/07656
Mar., 1997
WO
WO97/32251
Sep., 1997
WO
WO97/48203
Dec., 1997
WO
Other References
Baum, Michael, Worldwide Electronic Commerce: Law, Policy and Controls Conference, program details, Nov. 11, 1993. .
Bisbey, II et al., Encapsulation: An Approach to Operating System Security, Oct. 1973, pp. 666-675. .
Blom et al., Encryption Methods in Data Networks, Ericsson Technics, No. 2, 1978, Stockholm, Sweden. .
Bruner, Rick, E., PowerAgent, NetBot help advertisers reach Internet shoppers, Aug. 1997 (Document from Internet). .
Cable Television and America's Telecommunications Infrastructure, National Cable Television Association, Apr. 1993. .
Caruso, Technology, Digital Commerce 2 plans for watermarks, which can bind proof of authorship to electronic works, New York Times (Aug. 1995). .
CD ROM, Introducing . . . The Workflow CD-ROM Sampler, Creative Networks, MCIMail: Creative Networks, Inc., Palo Alto, California. .
Choudhury, et al., Copyright Protection for Electronic Publishing over Computer Networks, AT&T Bell Laboratores, Murray Hill, New Jersey 07974 (Jun. 1994). .
Clark, Tim, Ad service gives cash back, www.news.com, Aug. 4, 1997, 2 pages (Document from Internet). .
Codercard, Spec Sheet--Basic Coder Subsystem, No date given. .
Communications of the ACM, Intelligent Agents, Jul. 1994, vol. 37, No. 7. .
Communications of the ACM, Jun. 1996, vol. 39, No. 6. .
Computer Systems Policy Project (CSSP), Perspectives on the National Information Infrastructure: Ensuring Interoperability (Feb. 1994), Feb. 1994. .
Cunningham, Donna, et al., News Release, AT&T, Jan. 31, 1995, AT&T, VLSI Technology join to improve info highway security, 3 pages. .
Data Sheet, About the Digital Notary Service, Surety Technologies, Inc., 1994-95, 6 pages. .
Dempsey, et al., D-Lib Magazine, Jul./Aug. 1996 The Warwick Metadata Workshop: A Framework for the Deployent of Resource Description, Jul. 15, 1966. .
Denning et al., Data Security, 11 Computing Surveys No. 3, Sep. 1979. .
Diffie, Whitfield and Martin E. Hellman, IEEE Transactions on Information Theory, vol. 22, No. 6, Nov. 1976, New Directions in Cryptography, pp. 644-651. .
Diffie, Whitfield and Martin E. Hellman, Proceedings of the IEEE, vol. 67, No. 3, Mar. 1979, Privacy and Authentication: An Introduction to Cryptography, pp. 397-427. .
Digest of Papers, VLSI: New Architectural Horizons, Feb. 1980, Preventing Software Piracy With Crypto-Microprocessors, Robert M. Best, pp. 466-469. .
DiscStore (Electronic Publishing Resources 1991). .
Document from Internet, cgi@ncsa.uiuc.edu, CGI Common Gateway Interface, 1 page, 1996. .
DSP56000/DSP56001 Digital Signal Processor User's Manual, Motorola, 1990, p. 2--2. .
Dusse, Stephen R. and Burton S. Kaliski A Cryptographic Library for the Motorola 56000 in Damgard, I.M., Advances in Cryptology-Proceedings EUROCRYPT 90, Springer-Verlag, 1991, pp. 230-244. .
Dyson, Esther, Intellectual Value, Wired Magazine, Jul. 1995, pp. 136-141 and 182-184. .
Effector Online vol. 6 No. 6, A Publication of the Electronic Frontier Foundation, 8 pages, Dec. 6, 1993. .
EIA and TIA White Paper on National Information Infrastructure,published by the Electronic Industries Association and the Telecommunications Industry Association, Washington, D.C., no date. .
Electronic Currency Requirements, XIWT (Cross Industry Working Group), no date. .
Electronic Publishing Resources Inc. Protecting Electronically Published Properties Increasing Publishing Profits (Electronic Publishing Resources 1991). .
Firefly Network Inc., www.ffly.com, What is Firefly? Firefly revision: 41.4 Copyright 1995, 1996. .
First CII Honeywell Bull International Symposium on Computer Security and Confidentiality, Jan. 26-28, 1981, Conference Text, pp. 1-21. .
Framework for National Information Infrastructure Services, Draft, U.S. Department of Commerce, Jul. 1994. .
Framework for National Information Infrastructure Services, NIST, Jul. 1994, 12 slides. .
Garcia, D. Linda, testimony before a hearing on science, space and technology, May 26, 1994. .
Gleick, James, "Dead as a Dollar" The New York Times Magazine, Jun. 16, 1996, Section 6, pp. 26-30, 35, 42, 50, 54. .
Green paper, Intellectual Property and the National Information Infrastructure, a Preliminary Draft of the Report of the Working Group on Intellectual Property Rights, Jul. 1994. .
Greguras, Fred, Softic Symposium '95, Copyright Clearances and Moral Rights, Nov. 30, 1995 (as updated Dec. 11, 1995), 3 pages. .
Guillou, L.: Smart Cards and Conditional Access, pp. 480-490 Advances in Cryptography, Proceedings of EuroCrypt 84 (Beth et al, Ed., Springer-Verlag 1985). .
Harman, Harry H. Modern Factor Analysis, Third Edition Revised, University of Chicago Press Chicago and London, Third revised published 1976. .
Herzberg, Amir et al., Public Protection of Software, ACM Transactions on Computer Systems, vol. 5, No. 4, Nov. 1987, pp. 371-393. .
Hofmann, Jud, Interfacing the NII to User Homes, Electronic Industries Association, Consumer Electronic Bus Committee, 14 slides, no date. .
Holt, Stannie, Start-up promises user confidentiality in Web marketing service, Info World Electric, Aug. 13, 1997 (Document from Internet). .
HOTJAVA.TM.: The Security Story, 4 pages. .
IISP Break Out Session Report for Group No. 3, Standards Development and Tracking System, no date. .
Information Infrastructure Standards Panel: NII `The Information Superhighway`, Nations Bank -HGDeal -ASC X9, 15 pages. .
Invoice? What is an Invoice? Business Week, Jun. 10, 1996. .
JAVASOFT, Frequently Asked Questions--Applet Security, What's Java.TM.? Products and Services, Java/Soft News, Developer's Cornier,Jun. 7, 1996, 8 pages. .
Jiang, et al, A concept-Based Approach to Retrieval from an Electronic Industrialn Directory, International Journal of Electronic Commerce, vol. 1, No. 1, Fall 1996, pp. 51-72. .
Jones, Debra, Top Tech Stories, PowerAgent Introducts First Internet `Infomediary` to Empower and Protect Consumers, Aug. 13, 1997 3 pages (Document from Internet). .
Kelly, Kevin, Whole Earth Review, E-Money,pp. 40-59, Summer 1993. .
Kent, Protecting Externally Supplied Software in Small Computers (MIT/LCS/TR-255 Sep. 1980). .
Kristol et al., Anonymous Internet Mercantile Protocol, AT&T Bell Laboratories, Murray Hill, New Jersey, Draft: Mar. 17, 1994. .
Lagoze, Carl, D-Lib Magazine, Jul./Aug. 1996, The Warwick Framework, A Container Architecture for Diverse Sets of Metadata. .
Lanza, Mike, electronic mail, George Gilder's Fifth Article -Digital Darkhorse -Newspapers, Feb. 21, 1994. .
Levy, Steven, Wired, E-Money, That's What I Want, 10 pages, Dec. 1994. .
Low et al., Anonymous Credit Cards and its Collusion Analysis, AT&T Bell Laboratories, Murray Hill, New Jersey, Oct. 10, 1994. .
Low et al., Anonymous Credit Cards, AT&T Bell Laboratories, Proceedings of the 2nd ACM Conference on Computer and Communications Security, Fairfax, Virginia, Nov. 2-4, 1994. .
Low et al., Document Marking and Identification using both Line and Word Shifting, AT&T Bell Laboratories, Murray Hill, New Jersey, Jul. 29, 1994. Maclachlan, Malcolm, PowerAgent Debuts Spam-Free Marketing, TechWire, Aug. 13, 1997, 3 pages (Document from Internet). .
Maxemchuk, Electronic Document Distribution, AT&T Bell Laboratories, Murray Hill, New Jersey 07974. .
Micro Card--Micro Card Technologies, Inc., Dallas, Texas, No date given. .
Mossberg, Walter S., Personal Technology, Threats to Privacy On-Line Become More Worrisome, Wall Street Journal, Oct. 24, 1996. .
Negroponte, Electronic Word of Mouth, Wired Oct. 1996, p. 218. .
Negroponte, Nicholas, Telecommunications, Some Thoughts on Likely and expected Communications scenarios: A Rebuttal, pp. 41-42, Jan. 1993. .
Neumann, et al., A Provably Secure Operating System: The System, Its Applications, and Proofs, Computer Science Laboratory Report CSL-116, Second Edition, SRI International (05/80). .
News Release, Premenos Announces Templar 2.0--Next Generation Software for Secure Internet EDI, webmaster@templar.net, 1 page, Jan. 17, 1996. .
News Release, The Document Company Xerox, Xerox Announces Software Kit for Creating Working Documents With Dataglyphs, Nov. 6, 1995, Minneapolis, MN, 13 pages. .
News Release, The White House, Office of the President, Background on the Administration's Telecommunications Policy Reform Initiative, Jan. 11, 1994. .
NII, Architecture Requirements, XIWT, no date. .
Open System Environment Architectural Framework for National Information Infrastructure Services and Standards, in Support of National Class Distributed Systems, Distributed System Engineering Program Sponsor Group, Draft 1.0, Aug. 5, 1994. .
Pelton, Dr. Joseph N., Telecommunications, Why Nicholas Negroponte is Wrong About the Future of Telecommunication, pp. 35-40, Jan. 1993. .
Portland Software's ZipLock, Internet Information, Copyright Portland Software 1996-1997, 12 pages. .
PowerAgent Inc., Proper Use of Consumer Information on the Internet White Paper, Jun. 1997, Document from Internet, 9 pages (Document from Internet). .
PowerAgent Press Release, What the Experts are Reporting on PowerAgent, Aug. 13, 1997, 6 pages (Document from Internet). .
PowerAgent Press Release, What the Experts are Reporting on PowerAgent, Aug. 4, 1997, 5 pages (Document from Internet). .
PowerAgent Press Release, What the Experts are Reporting on PowerAgent, Aug. 13, 1997, 3 pages (Document from Internet). .
Premenos Corp. White Paper: The Future of Electronic Commerce, A Supplement to Midrange Systems, Interent webmaster@premenos.com, 4 pages. .
Press Release, National Semiconductor and EPR Partner For Information Metering/Data Security Cards (Mar. 4, 1994). .
Rankine, G., Thomas--A Complete Single-Chip RSA Device, Advances in Cryptography, Proceedings of CRYPTO 86, pp. 480-487 (A.M. Odlyzko Ed., Springer-Verlag 1987). .
Reilly, Arthur K., Standards committee T1-Telecommunications, Input to the `International Telecommunications Hearings,` Panel 1: Component Technologies of the NII/GII, no date. .
Resnick, et al., Recommender Systems, Communications of the ACM, vol. 40, No. 3, Mar. 1997, pp. 56-89. .
ROI (Personal Library Software, 1987 or 1988). .
ROI-Solving Critical Electronic Publishing Problems (Personal Library Software, 1987 or 1988). .
Rose, Lance, Cyberspace and the Legal Matrix: Laws or Confusion?, 1991. .
Rosenthal, Steve, New Media, Interactive Network: Viewers Get Involved, pp. 30-31, Dec. 1992. .
Rosenthal, Steve, New Media, Interactive TV: The Gold Rush Is On, pp. 27-29, Dec. 1992. .
Rosenthal, Steve, New Media, Mega Channels, pp. 36-46, Sep. 1993. .
Rothstein, Edward, The New York Times, Technology, Connections, Making th eInternet come to you, through `push` technology.. p. D5, Jan. 20, 1997. .
Rutkowski, Ken, PowerAgent Introduces First Internet `Infomediary` to Empower and Protect Consumers, Tech Talk New Story, Aug. 4, 1997 (Document from Internet). .
Sager, Ira (Edited by), Bits & Bytes, Business Week, Sep. 23, 1996, p. 142E. .
Schlossstein, Steven, International Economy, America: The G7's Comeback Kid, Jun./Jul. 1993. .
Schurmann, Jurgen, Pattern Classification, A Unified View of Statistical and Neural Approaches, John Wiley & Sons, Inc., 1996. .
Scnaumueller-Bichl et al., A Method of Software Protection Based on the Use of Smart Cards and Cryptographic Techniques, No date given. .
Serving the Community: A Public-Interest Vision of the National Information Infrastructure, Computer Professionals for Social Responsibility, Executive Summary, no date. .
Shear, Solutions for CD-Rom Pricing and Data Security Problems, pages 530-533, CD Rom Yearbook 1988-1989 (Microsoft Press 1988 or 1989). .
Smith et al., Signed Vector Timestamps: A Secure Protocol for Parital Order Time, CMU-93-116, School of Computer Science Carnegie Mellon University, Pittsburgh, Pennsylvania, Oct. 1991; version of Feb. 1993. .
Special Report, The Internet:Fulfilling the Promise The Internet: Bring Order From Chaos; Lynch, Clifford, Search the Internet; Resnick, Paul, Filtering Information on the Internet; Hearst, Marti A., Interfaces for Searching the Web; Stefik, Mark, Trusted Systems; Scientific American, Mar. 1997, pp. 49-56, 62-64, 68-72, 78-81. .
Stefik, Internet Dreams: Archetypes, Myths, and Metaphors, Letting Loose the Light: Igniting Commerce in Electronic Publication, pp. 219-253, (1996) Massachusetts Institute of Technology. .
Stefik, Mark, Introduction to Knowledge Systems, Chapter 7, Classification, pp. 543-607, 1995 by Morgan Kaufmann Publisher, Inc. .
Stefik, Mark, Letting Loose the Light, Igniting Commerce in Electronic Publication (1994, 1995) Palo Alto, California. .
Stephenson, Tom, Advanced Imaging, The Info Infrastructure Initiative: Data SuperHighways and You, pp. 73-74, May 1993. .
Sterling, Bruce, Literary freeware: Not for Commercial Use, remarks at Computers, Freedom and Privacy Conference IV, Chicago, Mar. 26, 1994. .
Struif, Bruno The Use of Chipcards for Electronic Signatures and Encryption in: Proceedings for the 1989 Conference on VSLI and Computer Peripherals, IEEE Computer Society Press, 1989, pp. 4/155-4/158. .
Templar Overview,: Prementos, Internet info@templar.net, 4 pages. .
Templar Software and Services: Secure, Reliable, Standards-Based EDI Over the Internet, Prementos, Internet info@templar.net, 1 page. .
The 1:1 Future of the Electronic Marketplace: Return to a Hunting and Gathering Society, 2 pages, no date. .
The Benefits of ROI For Database Protection and Usage Based Billing (Personal Library Software, 1987 or 1988). .
The New Alexandria No. 1, Alexandria Institute, pp. 1-12, Jul./Aug. 1986. .
Tygar et al., Cryptography: It's Not Just For Electronic Mail Anymore, CMU-CS-93-107, School of Computer Science Carnegie Mellon University, Pittsburgh, Pennsylvania, Mar. 1, 1993. .
Tygar et al., Dyad: A System for Using Physically Secure Coprocessors, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA 15213 (May 1991). .
Valovi, T., Telecommunications, The Role of Computer Networking in the Emerging Virtual Marketplace, pp. 40-44. .
Voight, Joan, Beyond the Banner, Wired, Dec. 1996, pp. 196, 200, 204. .
Vonder Haar, Steven, PowerAgent Launches Commercial Service, Inter@ctive Week, Aug. 4, 1997 (Document from Internet). .
Weber, Dr. Robert, Digital Rights Management Technologies, Oct. 1995, 21 pages. .
Weber, Metering Technologies for Digital Intellectual Property, A Report to the International Federation of Reproduction Rights Organisations, pp. 1-29, Oct. 1994, Boston, MA, USA. .
Weder, Adele, Life on the Infohighway, 4 pages, no date. .
Weingart, Physical Security for the :ABYSS System, IBM Thomas J. Watson Research Center, Yorktown Heights, New York 10598 (1987). .
Weitzner, Daniel J., A Statement on EFF's Open Platform Campaign as of Nov., 1993, 3 pages. .
WEPIN Store, Stenography (Hidden Writing) (Common Law 1995). .
White, ABYSS: A Trusted Architecture for Software Protection, IBM Thomas J. Watson Research Center, Yorktown Heights, New York 10598 (1987). .
Wired 1.02, Is Advertising Really dead?, Part 2, 1994. .
World Wide Web FAQ, How can I put an access counter on my home page?, 1 page, 1996. .
XIWT Cross Industry Working Team, 5 pages, Jul. 1994. .
Yee, Using Secure Coprocessors, CMU-CS-94-149, School of Computer Science, Carnegie Mellon University Pittsburgh, PA15213. .
Yellin, F. Low Level Security in Java, 8 pages. .
E. Milbrandt, "Stenography Info and Archive", 1996. .
M. Kohntopp, "Sag's durch die Blume", Apr. 1996, marit@schulung.netuse.de..~
Primary Examiner:
Cain; David
Attorney, Agent or Firm:
Nixon & Vanderhye P.C.
Parent Case Text
CROSS REFERENCE TO RELATED APPLICATION
This application is related to commonly assigned application Ser. No. 08/388,107 of Ginter et al., filed Feb. 13, 1995, entitled "SYSTEMS AND METHODS FOR SECURE TRANSACTION MANAGEMENT AND ELECTRONIC RIGHTS PROTECTION" (attorney reference number 895-13) now abandoned. We incorporate by reference, into this application, the entire disclosure of this prior-filed Ginter et al. patent application just as if its entire written specification and drawings were expressly set forth in this application.
Claims
What is claimed is:
1. A rights management method comprising:
(a) receiving an information signal;
(b) steganographically decoding the received information signal to recover digital rights management control information packaged within at least one secure digital container; and
(c) performing at least one rights management operation based at least in part on the recovered digital rights management control information.
2. A method as in claim 1 wherein the decoding step (b) includes the step of steganographically decoding information representing at least one permissions record.
3. A method as in claim 1 further including the step of decrypting contents of the digital container for use in performing step (c).
4. A method as in claim 1 wherein the information signal carries further information in addition to the steganographically encoded information, and the performing step (b) comprises the step of managing at least one right in respect of the further information.
5. A method as in claim 1 wherein the decoding step (b) includes the step of analyzing the information signal using a spectral transform.
6. A method as in claim 1 wherein the decoding step (b) includes the step of analyzing the information signal using a key-based steganographic decoder.
7. A method as in claim 1 wherein the decoding step (b) includes the step of steganographically decoding a pointer that points to another portion of the information signal.
8. A method as in claim 1 wherein the steganographically encoded container includes at least one organization structure, and the decoding step (b) comprises steganographically decoding the organizational structure.
9. An electronic appliance comprising:
decoding means for steganographically decoding a signal to provide control information packaged within at least one secure digital container; and
rights management means coupled to the decoding means for performing at least one rights management operation based at least in part on the control information.
10. An appliance as in claim 9 wherein the rights management means includes means for means for selectively blocking the signal.
11. An appliance as in claim 9 wherein the rights management means includes means for selectively descrambling the signal.
12. An appliance as in claim 9 wherein the rights management means includes means for authenticating a further appliance before delivering the signal to said further appliance.
13. An appliance as in claim 9 wherein the rights management means includes means for requiring that a further appliance present an appropriate digital certificate before delivering the signal to said further appliance.
14. An appliance as in claim 9 wherein the right management means includes means for fingerprinting the signal based at least in part on the control information.
15. An appliance as in claim 9 wherein the right management means includes means for further steganographically encoding the signal based at least in part on the control information.
16. An electronic appliance comprising:
a steganographic decoder that steganographically decode a signal to provide control information packaged within at least one secure digital container; and
rights management component coupled to the decoder, the rights management component performing at least one rights management operation based at least in part on the control information.
17. An appliance as in claim 16 wherein the rights management component includes or controls a signal blocking circuit that selectively blocks the signal.
18. An appliance as in claim 16 wherein the rights management component includes or controls a signal descrambler.
19. An appliance as in claim 16 wherein the rights management component includes an authenticating circuit for authenticating a further appliance before delivering the signal to said further appliance.
20. An appliance as in claim 16 wherein the rights management component includes a circuit for requiring that a further appliance present an appropriate digital certificate before delivering the signal to said further appliance.
21. An appliance as in claim 16 wherein the rights management component includes a circuit for fingerprinting the signal based at least in part on the control information.
22. An appliance as in claim 16 wherein the rights management component includes a circuit for further steganographically encoding the signal based at least in part on the control information.
23. A rights management method comprising:
(a) receiving a signal comprising
governed information and
a first rule steganographically incorporated into said signal;
(b) steganographically decoding said signal to recover said first rule; and
(c) at a first apparatus, performing at least one operation on said governed information, said operation governed, at least in part, by said first rule,
said at least one operation comprising at least:
identifying at least one attribute of a user or viewer of said governed information, and
allowing said user or viewer to gain access to said information based on said identification.
24. A method as in claim 23, in which:
said at least one attribute comprises the identity of said user or viewer.
25. A method as in claim 23, in which:
said at least one attribute comprises the age of said user or viewer.
26. A method as in claim 23, in which:
said first rule is received in an encrypted form; and
said decoding step (b) further comprises decrypting said rule.
27. A method as in claim 23, further comprising:
(d) applying a watermark or fingerprint to at least a portion of said governed information, said application occurring at least in part under the control of at least one rule; and
(e) releasing said watermarked or fingerprinted governed information to a second apparatus.
28. A method as in claim 27, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
29. A method as in claim 27, further comprising:
prior to said releasing step (e), said first apparatus receiving a certificate from said second apparatus.
30. A method as in claim 29, in which:
said certificate specifies at least one attribute of said second apparatus.
31. A method as in claim 30, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said second apparatus.
32. A method as in claim 31, in which:
said determination is based on whether said digital certificate indicates that said second apparatus includes specified rights management functionality.
33. A method as in claim 23, in which:
said governed information is received in an encrypted or scrambled form; and
said gaining access at least in part comprises decrypting or unscrambling said information.
34. A method as in claim 23, in which:
said steps (b) and (c) are securely performed, said secure performance occurring at least in part on a secure processing unit.
35. A method as in claim 23, further comprising:
following said step (b), creating a signal comprising at least a portion of said governed information and a steganographically encoded second rule, said second rule differing in at least one aspect from said first rule.
36. A method as in claim 23, further comprising:
(d) under control of said first rule, making a copy of at least a portion of said governed information; and
(e) transferring said copy to a second apparatus, said transferred copy not including said first rule.
37. A method as in claim 23, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
at said first apparatus, generating a signal comprising at least a portion of said governed information and said corrected first rule, said signal not including said erroneous version of said first rule.
38. A method as in claim 37, further comprising:
transmitting said generated signal from said first apparatus to a second apparatus.
39. A rights management method comprising:
(a) at a first apparatus, receiving a signal comprising
governed information and
at first rule steganographically incorporated into said signal;
(b) at said first apparatus, steganographically decoding said signal to recover said first rule; and
(c) at said first apparatus, performing at least one operation on at least a portion of said governed information, said operation governed, at least in part, by said first rule,
said at least one operation comprising at least:
determining whether said governed information has been accessed or used more than a specified number of times, and
allowing access or use of said governed information if said number of accesses or uses is less than or equal to said specified number, or
blocking access or use if said number of accesses or uses is greater than said specified number.
40. A method as in claim 39, in which:
said first rule is received in an encrypted form; and
said decoding step (b) further comprises decrypting said first rule.
41. A method as in claim 39, further comprising:
(d) applying a watermark or fingerprint to at least a portion of said governed information, said application occurring at least in part under the control of at least one rule; and
(e) releasing said watermarked or fingerprinted governed information to a second apparatus.
42. A method as in claim 41, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
43. A method as in claim 39, further comprising:
(d) at said first apparatus, receiving a certificate from said second apparatus; and
(e) releasing at least a portion of said governed information to a second apparatus.
44. A method as in claim 43, in which:
said certificate specifies at least one attribute of said second apparatus.
45. A method as in claim 44, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said second apparatus.
46. A method as in claim 45, in which:
said determination is based on whether said digital certificate indicates that said second apparatus includes specified rights management functionality.
47. A method as in claim 39, further comprising:
following said step (b), at said first apparatus, creating a signal comprising at least a portion of said governed information and a steganographically encoded second rule, said second rule differing in at least one aspect from said first rule.
48. A method as in claim 39, further comprising:
(d) under control of said first rule, making a copy of at least a portion of said governed information; and
(e) transferring said copy to a second apparatus, said transferred copy not including said first rule.
49. A method as in claim 39, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
at said first apparatus, generating a signal comprising at least a portion of said governed information and said corrected first rule, said signal not including said erroneous version of said first rule.
50. A method as in claim 49, further comprising:
transmitting said generated signal from said first apparatus to a second apparatus.
51. A rights management method, comprising:
(a) at a first apparatus, receiving a signal comprising
governed information and
a first rule steganographically incorporated into said signal,
said first rule specifying a time;
(b) at said first apparatus, steganographically decoding said signal to recover said first rule;
(c) at said first apparatus, attempting to access said governed information;
(d) at said first apparatus, checking to determine if said time has been reached or exceeded; and
(e) at said first apparatus, allowing said access to complete if said time has not been reached or exceeded, but blocking said access if said time has not been reached.
52. A method as in claim 51, in which:
said first rule is received in an encrypted form; and
said decoding step (b) further comprises decrypting said first rule.
53. A method as in claim 51, further comprising:
(f) at said first apparatus, applying a watermark or fingerprint to at least a portion of said governed information, said application occurring at least in part under the control of at least one rule; and
(g) releasing said watermarked or fingerprinted governed information to a second apparatus.
54. A method as in claim 53, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
55. A method as in claim 53, further comprising:
prior to said releasing step (g), said first apparatus receiving a certificate from said second apparatus.
56. A method as in claim 55, in which:
said certificate specifies at least one attribute of said second apparatus.
57. A method as in claim 56, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said second apparatus.
58. A method as in claim 57, in which:
said determination is based on whether said digital certificate indicates that said second apparatus includes specified rights management functionality.
59. A method as in claim 51, in which:
said governed information is received in an encrypted or scrambled form; and
said completion of said access at least in part comprises decrypting or unscrambling said governed information.
60. A method as in claim 51, in which:
said steps (b)-(e) are securely performed, said secure performance occurring at least in part on a secure processing unit.
61. A method as in claim 51, further comprising:
following said step (b), at said first apparatus, creating a signal comprising at least a portion of said governed information and a steganographically encoded second rule, said second rule differing in at least one aspect from said first rule.
62. A method as in claim 51, further comprising:
(f) under control of said first rule, making a copy of at least a portion of said governed information; and
(g) transferring said copy to a second apparatus, said transferred copy not including said first rule.
63. A method as in claim 51, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
at said first apparatus, generating a signal comprising said first governed information and said corrected first rule, said signal not including said erroneous version of said first rule.
64. A method as in claim 63, further comprising:
transmitting said generated signal from said first apparatus to a second apparatus.
65. A rights management method operating at least in part on a first apparatus, said first apparatus including a communications port and means for accessing information on a removable memory device, said method comprising:
(a) at said first apparatus, receiving a removable memory device containing a signal, said signal comprising
governed information and
a first rule steganographically incorporated into said signal,
(b) at said first apparatus, steganographically decoding said signal to recover said first rule;
(c) at said first apparatus, using said communications port to initiate communication with a second apparatus remote from said first apparatus;
(d) at said first apparatus, receiving at least a second rule from said second apparatus;
(e) at said first apparatus, using said first rule or said second rule to govern at least one aspect of access to or use of said governed information.
66. A method as in claim 65, in which:
said first rule is received in an encrypted form; and
said decoding step (b) further comprises decrypting said first rule.
67. A method as in claim 66, in which:
said second rule is received in an encrypted form, and
said method further comprises:
decrypting said second rule prior to using said second rule.
68. A method as in claim 65, further comprising:
(f) applying a watermark or fingerprint to at least a portion of said governed information, said application occurring at least in part under the control of at least one rule; and
(g) releasing said watermarked or fingerprinted governed information to a second apparatus.
69. A method as in claim 68, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
70. A method as in claim 65, further comprising:
(f) at said first apparatus, receiving a certificate from said third apparatus; and
(g) releasing at least a portion of said governed information to said third apparatus.
71. A method as in claim 70, in which:
said certificate specifies at least one attribute of said third apparatus.
72. A method as in claim 71, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said third apparatus.
73. A method as in claim 72, in which:
said determination is based on whether said digital certificate indicates that said third apparatus includes specified rights management functionality.
74. A method as in claim 65, in which:
said governed information is received in an encrypted or scrambled form; and
said at least one aspect of access to or use of said governed information at least in part comprises decrypting or unscrambling said governed information.
75. A method as in claim 65, in which:
said steps (b) through (e) are securely performed, said secure performance occurring at least in part on a secure processing unit.
76. A method as in claim 65, further comprising:
following said step (b), creating a signal comprising at least a portion of said governed information and
said second rule, steganographically encoded.
77. A method as in claim 65, further comprising:
(f) under control of said first rule or said second rule, making a copy of at least a portion of said governed information; and
(g) transferring said copy to a remote apparatus, said transferred copy not including said first rule or said second rule.
78. A method as in claim 65, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
at said first apparatus, generating a signal comprising at least a portion of said governed information and said corrected first rule, said signal not including said erroneous version of said first rule.
79. A method as in claim 78, further comprising:
transmitting said generated signal from said first apparatus to said second apparatus.
80. A rights management method operating at least in part on a first apparatus, said first apparatus including a communications port and means for accessing information on a removable memory device, said method comprising:
(a) at said first apparatus, receiving a removable memory device containing a signal, said signal comprising
governed information and
a first rule steganographically incorporated into said signal, said first rule requiring that payment be made at a remote site in return for use of or access to at least a portion of said governed information;
(b) at said first apparatus, steganographically decoding said signal to recover said first rule;
(c) at said first apparatus, initiating at least one access to or use of at least a portion of said governed information;
(d) at said first apparatus, initiating communication, through said communications port, with a second apparatus remote from said first apparatus;
(e) providing information from said first apparatus to said second apparatus, said information comprising or enabling payment for said at least one access or use.
81. A method as in claim 80, in which:
said first rule is received in an encrypted form; and
said decoding step (b) further comprises decrypting said rule.
82. A method as in claim 80, further comprising:
(f) applying a watermark or fingerprint to at least a portion of said governed information, said application occurring at least in part under the control of at least one rule; and
(g) releasing said watermarked or fingerprinted governed information to a second apparatus.
83. A method as in claim 82, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
84. A method as in claim 80, further comprising:
(f) at said first apparatus, receiving a certificate from said second apparatus; and
(g) releasing at least a portion of said governed information to a second apparatus.
85. A method as in claim 84, in which:
said certificate specifies at least one attribute of said second apparatus.
86. A method as in claim 85, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said second apparatus.
87. A method as in claim 86, in which:
said determination is based on whether said digital certificate indicates that said second apparatus includes specified rights management functionality.
88. A method as in claim 80, in which:
said governed information is received in an encrypted or scrambled form; said method further comprising:
following said providing step (e), decrypting or unscrambling at least a portion of said governed information.
89. A method as in claim 80, in which:
said steps (b) through (e) are securely performed, said secure performance occurring at least in part on a secure processing unit.
90. A method as in claim 80, further comprising:
following said step (e), at said first apparatus, creating a signal comprising at least a portion of said governed information and a steganographically encoded second rule, said second rule differing in at least one aspect from said first rule.
91. A method as in claim 80, further comprising:
(f) at said first apparatus, under control of said first rule, making a copy of at least a portion of said governed information; and
(g) transferring said copy to a third apparatus, said transferred copy not including said first rule.
92. A method as in claim 80, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
at said first apparatus, generating a signal comprising at least a portion of said governed information and said corrected first rule, said signal not including said erroneous version of said first rule.
93. A method as in claim 92, further comprising:
transmitting said generated signal from said first apparatus to a third apparatus.
94. A rights management method comprising:
(a) at a first apparatus, receiving a signal comprising
governed information and
a first rule steganographically incorporated into said signal;
(b) at said first apparatus, steganographically decoding said signal to recover said first rule; and
(c) at said first apparatus, performing at least one operation on said governed information, said operation governed, at least in part, by said first rule,
said at least one operation comprising at least:
requiring a payment prior to releasing said information for access by a user or viewer;
(d) applying a watermark or fingerprint to at least a portion of said governed information, said application occurring at least in part under the control of at least one rule; and
(e) releasing said watermarked or fingerprinted governed information to a second apparatus.
95. A method as in claim 94, in which:
said rule is received in an encrypted form; and
said decoding step (b) further comprises decrypting said rule.
96. A method as in claim 94, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
97. A method as in claim 94, further comprising:
prior to said releasing step (e):
at said first apparatus, receiving a certificate from said second apparatus; and
releasing at least a portion of said governed information to a second apparatus.
98. A method as in claim 97, in which:
said certificate specifies at least one attribute of said second apparatus.
99. A method as in claim 98, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said second apparatus.
100. A method as in claim 99, in which:
said determination is based on whether said digital certificate indicates that said second apparatus includes specified rights management functionality.
101. A method as in claim 94, in which:
said governed information is received in an encrypted or scrambled form; and
said releasing said governed information at least in part comprises decrypting or unscrambling said governed information.
102. A method as in claim 94, in which:
said steps (b) and (c) are securely performed, said secure performance occurring at least in part on a secure processing unit.
103. A method as in claim 94, further comprising:
said step (d) further comprising steganographically encoding a second rule into said governed information, said second rule differing in at least one aspect from said first rule.
104. A method as in claim 94, in which:
said watermarked or fingerprinted governed information released in said step (e) does not include said first rule steganographically encoded in said information.
105. A method as in claim 94, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
at said first apparatus, generating a corrected signal comprising at least a portion of said governed information and said corrected first rule, said signal not including said erroneous version of said first rule.
106. A method as in claim 105, in which:
said applying step (d) further comprises applying said watermark or fingerprint to said corrected signal; and
said information released in said releasing step (e) said corrected signal.
107. A rights management method comprising:
(a) at a first apparatus, receiving a signal comprising
governed information and
an organizational structure incorporated into said signal,
said organizational structure including a first rule governing at least one aspect of access to or use of said governed information;
said organizational structure comprising a secure container containing said first rule;
(b) at said first apparatus, steganographically decoding said signal to recover said organizational structure;
(c) at said first apparatus, accessing said first rule; and
(d) at said first apparatus, using said first rule to govern at least one aspect of access to or use of said governed information.
108. A method as in claim 107, in which:
said secure container further contains identification information identifying said governed information.
109. A method as in claim 107, in which:
said receiving step (a) further comprises receiving said secure container in an encrypted form; and
said method further comprises decrypting said secure container.
110. A method as in claim 109, in which:
said secure container further contains a permissions record.
111. A method as in claim 110, in which:
said permissions record contains or references said first rule.
112. A method as in claim 109, in which:
said first rule controls, at least in part, use of an analog file on a device designed to render, display or play said analog file.
113. A method as in claim 108, in which:
said governed information is contained within said secure container.
114. A method as in claim 107, in which:
said organizational structure is received in an encrypted form,
said decoding step (b) further comprising decrypting said organizational structure.
115. A method as in claim 107, further comprising:
(e) applying a watermark or fingerprint to at least a portion of said governed information, said application occurring at least in part under the control of at least one rule; and
(f) releasing said watermarked or fingerprinted governed information to a second apparatus.
116. A method as in claim 115, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
117. A method as in claim 107, further comprising:
(e) at said first apparatus, receiving a certificate from a second apparatus,
(f) releasing said governed information to a second apparatus, said releasing step being based, at least in part, on information contained in said certificate.
118. A method as in claim 117, in which:
said certificate specifies at least one attribute of said second apparatus.
119. A method as in claim 118, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said second apparatus.
120. A method as in claim 119, in which:
said determination is based on whether said digital certificate indicates that said second apparatus includes specified rights management functionality.
121. A method as in claim 107, in which:
said governed information is received in an encrypted or scrambled form; and
said at least one aspect of access to or use of said governed information at least in part comprises decrypting or unscrambling said governed information.
122. A method as in claim 107, in which:
said steps (b) through (d) are securely performed, said secure performance occurring at least in part on a secure processing unit.
123. A method as in claim 107, further comprising:
following said step (b), at said first apparatus, creating a signal comprising at least a portion of said governed information and a steganographically encoded second rule, said second rule differing in at least one aspect from said first rule.
124. A method as in claim 107, further comprising:
(e) under control of said first rule, making a copy of at least a portion of said governed information; and
(f) transferring said copy to a second apparatus, said transferred copy not including said first rule.
125. A method as in claim 107, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
at said first apparatus, generating a corrected signal comprising at least a portion of said governed information and said corrected first rule, said signal not including said erroneous version of said first rule.
126. A method as in claim 125, further comprising:
transmitting said corrected signal from said first apparatus to a second apparatus.
127. A rights management method, comprising:
(a) at a first apparatus, receiving a signal comprising
governed information and
at least a first and a second rule steganographically incorporated into said signal,
(b) at said first apparatus, determining whether to use said first rule or said second rule to govern at least one operation on said governed information;
said determination based, at least in part, on information regarding the nature or identification of said first apparatus; and
(c) at said first apparatus, using said first rule or said second rule to govern said at least one operation.
128. A method as in claim 127, in which:
said first and second rules are received in an encrypted form; and
said decoding step (b) further comprises decrypting said rules.
129. A method as in claim 127, further comprising:
(d) applying a watermark or fingerprint to at least a portion of said governed information, said application occurring at least in part under the control of at least one rule; and
(e) releasing said watermarked or fingerprinted governed information to a second apparatus.
130. A method as in claim 129, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
131. A method as in claim 127, further comprising:
(d) at said first apparatus, receiving a certificate from said second apparatus; and
(e) releasing at least a portion of said governed information to a second apparatus.
132. A method as in claim 131, in which:
said certificate specifies at least one attribute of said second apparatus.
133. A method as in claim 132, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said second apparatus.
134. A method as in claim 133, in which:
said determination is based on whether said digital certificate indicates that said second apparatus includes specified rights management functionality.
135. A method as in claim 127, in which:
said governed information is received in an encrypted or scrambled form; and
said at least one operation at least in part comprises decrypting or unscrambling said governed information.
136. A method as in claim 127, in which:
said steps (b) and (c) are securely performed, said secure performance occurring at least in part on a secure processing unit.
137. A method as in claim 127, further comprising:
following said step (c), at said first apparatus, creating a signal comprising at least a portion of said governed information and a steganographically encoded third rule, said second rule differing in at least one aspect from said first rule and from said second rule.
138. A method as in claim 127, further comprising:
(d) under control of said first rule, making a copy of at least a portion of said governed information; and
(e) transferring said copy to a second apparatus, said transferred copy not including said first rule or said second rule.
139. A method as in claim 127, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule and said second rule contain errors;
at said first apparatus, using said error correction information to correct errors in said first rule and/or said second rule; and
at said first apparatus, generating a corrected signal comprising at least a portion of said governed information and said corrected first rule and/or said corrected second rule, said signal not including said erroneous version of said first and/or second rule.
140. A method as in claim 139, further comprising:
transmitting said corrected signal from said first apparatus to a second apparatus.
141. A rights management method operating at least in part on a first apparatus, said first apparatus including a communications port, means for accessing information on a removable memory device, and steganographic encoding circuitry said method comprising:
(a) at said first apparatus, receiving a removable memory device containing a signal, said signal comprising
governed information and
a first rule steganographically incorporated into said signal, said first rule requiring that payment be made at a remote site in return for use of or access to at least a portion of said governed information;
(b) at said first apparatus, steganographically decoding said signal to recover said first rule;
(c) at said first apparatus, initiating at least one access to or use of at least a portion of said governed information;
(d) at said first apparatus, making an analog copy of at least a portion of said governed information; and
(e) at said first apparatus, steganographically incorporating at least one rule into said analog copy, said rule governing at least one aspect of access to or use of said analog copy.
142. A method as in claim 141, in which:
said rule is received in an encrypted form; and
said decoding step (b) further comprises decrypting said rule.
143. A method as in claim 141, further comprising:
(f) applying a watermark or fingerprint to at least a portion of said analog copy, said application occurring at least in part under the control of at least one rule; and
(g) releasing said watermarked or fingerprinted governed information to a second apparatus.
144. A method as in claim 143, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
145. A method as in claim 141, further comprising:
(f) at said first apparatus, receiving a certificate from said second apparatus; and
(g) releasing at least a portion of said governed information to a second apparatus.
146. A method as in claim 145, in which:
said certificate specifies at least one attribute of said second apparatus.
147. A method as in claim 146, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said second apparatus.
148. A method as in claim 147, in which:
said determination is based on whether said digital certificate indicates that said second apparatus includes specified rights management functionality.
149. A method as in claim 141, in which:
said governed information is received in an encrypted or scrambled form; and
said at access to or use of said governed information specified in said step (c) at least in part comprises decrypting or unscrambling said governed information.
150. A method as in claim 141, in which:
said steps (b) through (e) are securely performed, said secure performance occurring at least in part on a secure processing unit.
151. A method as in claim 141, in which:
said rule steganographically incorporated in said step (e) comprises a second rule, said second rule differing in at least one aspect from said first rule.
152. A method as in claim 141, further comprising:
(f) transferring said analog copy to a second apparatus, said transferred copy not including said first rule.
153. A method as in claim 141, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
said rule steganographically incorporated in said step (e) comprising said corrected first rule.
154. A method as in claim 153, further comprising:
(f) transmitting said analog copy from said first apparatus to a second apparatus.
155. A steganographic encoding method comprising:
(a) receiving information;
(b) transforming said information into a signal;
(c) selecting a first and a second location in said signal for the incorporation of steganographically encoded information, said selection being governed at least in part by an analysis of the bandwidth available at such location for such encoding;
(d) steganographically encoding a first rule in said first location, said first rule at least in part governing at least one aspect of use of at least a portion of said information;
(e) steganographically encoding a second rule in said second location, said second rule at least in part governing at least one aspect of use of at least a portion of said information.
156. A method as in claim 155, further comprising:
prior to said steganographically encoding step (d), encrypting said first rule; and
prior to said steganographically encoding step (e), encrypting said second rule.
157. A method as in claim 155, further comprising:
prior to said steganographically encoding step (d), incorporating said first rule into a secure container.
158. A method as in claim 155, in which:
said first rule at least in part governs at least one aspect of use of a first portion of said information; and
said second rule at least in part governs at least one aspect of use of a second portion of said information, said second portion being different from said first portion.
159. A method as in claim 155, in which:
said transforming step (b) further comprises encrypting or scrambling said information; and
said at least one aspect of access to or use of said information governed by said first rule at least in part comprises decrypting or unscrambling said governed information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
at said first apparatus, generating a signal comprising at least a portion of said governed information and said corrected first rule, said signal not including said erroneous version of said first rule.
160. A rights management method operating at least in part on a first apparatus, said method comprising:
(a) receiving a signal comprising
governed information and
an organizational structure incorporated into said signal,
said organizational structure including a pointer to a first rule governing at least one aspect of access to or use of said governed information;
(b) steganographically decoding said signal to recover said organizational structure;
(c) accessing said pointer;
(d) using said pointer to locate said first rule; and
(e) using said first rule to govern at least one aspect of access to or use of said governed information.
161. A method as in claim 160, in which:
said organizational structure comprises a secure container containing said pointer.
162. A method as in claim 161, in which:
said secure container further contains identification information identifying said governed information.
163. A method as in claim 161, in which:
said first apparatus includes a communications port; and
said locating step (d) further comprises
using said communications port to initiate communication with a second apparatus remote from said first apparatus; and
locating said first rule at said second apparatus.
164. A method as in claim 163, in which:
said receiving step (a) further comprises receiving said signal from said second apparatus, through said communications port.
165. A method as in claim 163, in which:
said receiving step (a) further comprises receiving said signal from a source other than said second apparatus.
166. A method as in claim 162, in which:
said receiving step (a) further comprises receiving said secure container in an encrypted form; and
said method further comprises decrypting said secure container.
167. A method as in claim 162, in which:
said secure container further contains a permissions record.
168. A method as in claim 167, in which:
said permissions record contains or references said pointer.
169. A method as in claim 162, in which:
said first rule controls, at least in part, use of an analog file on a device designed to render, display or play said analog file.
170. A method as in claim 160, in which:
said pointer constitutes a URL.
171. A method as in claim 161, in which:
said secure container contains said governed information.
172. A method as in claim 160, in which:
said organizational structure is received in an encrypted form,
said decoding step (b) further comprising decrypting said organizational structure.
173. A method as in claim 160, further comprising:
(f) applying a watermark or fingerprint to at least a portion of said governed information, said application occurring at least in part under the control of at least one rule; and
(g) releasing said watermarked or fingerprinted governed information to a second apparatus.
174. A method as in claim 173, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
175. A method as in claim 160, further comprising:
(f) at said first apparatus, receiving a certificate from said second apparatus; and
(g) releasing at least a portion of said governed information to a second apparatus.
176. A method as in claim 175, in which:
said certificate specifies at least one attribute of said second apparatus.
177. A method as in claim 176, further comprising:
said first apparatus checking said digital certificate to determine whether said information should be released to said second apparatus.
178. A method as in claim 177, in which:
said determination is based on whether said digital certificate indicates that said second apparatus includes specified rights management functionality.
179. A method as in claim 160, in which:
said governed information is received in an encrypted or scrambled form; and
said at least one aspect of access to or use of said governed information specified in said step (e) at least in part comprises decrypting or unscrambling said governed information.
180. A method as in claim 160, in which:
said steps (b) through (e) are securely performed, said secure performance occurring at least in part on a secure processing unit.
181. A method as in claim 160, further comprising:
following said step (e), at said first apparatus, creating a signal comprising at least a portion of said governed information and a steganographically encoded pointer to a second rule, said second rule differing in at least one aspect from said first rule.
182. A method as in claim 160, further comprising:
(f) under control of said first rule, making a copy of at least a portion of said governed information; and
(g) transferring said copy to a second apparatus, said transferred copy not including said pointer.
183. A method as in claim 160, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said pointer contains errors;
at said first apparatus, using said error correction information to correct errors in said pointer; and
at said first apparatus, generating a corrected signal comprising at least a portion of said governed information and said corrected pointer, said signal not including said erroneous version of said pointer.
184. A method as in claim 183, further comprising:
transmitting said corrected signal from said first apparatus to a second apparatus.
185. A rights management method operating at least in part on a first apparatus, said first apparatus including a communications port, said method comprising:
(a) at said first apparatus, receiving a signal, said signal comprising
governed information and
a first rule steganographically incorporated into said signal, said first rule controlling whether said governed information may be transmitted through said communications port;
(b) at said first apparatus, steganographically decoding said signal to recover said at least one rule;
(c) at said first apparatus attempting to initiate a transfer of said governed information through said communications port;
(d) at said first apparatus, invoking said first rule,
(e) at said first apparatus determining, based on said first rule, whether said transfer is authorized; and
(f) completing said transfer if said transfer is authorized, otherwise aborting said transfer.
186. A method as in claim 185, in which:
said first apparatus includes a removable memory device connected to said communications port; and
said transfer comprises a transfer through said communications port to said removable memory device.
187. A method as in claim 185, in which:
said transfer comprises a transfer through said communications port to a second apparatus.
188. A method as in claim 185, in which:
said first rule is received in an encrypted form; and
said decoding step (b) further comprises decrypting said first rule.
189. A method as in claim 185, further comprising:
(g) applying a watermark or fingerprint to at least a portion of said governed information prior to said transfer, application occurring at least in part under the control of at least one rule.
190. A method as in claim 189, in which:
said watermark or fingerprint includes information at least in part identifying said first apparatus or a user of said first apparatus.
191. A method as in claim 187, in which:
said determining step (e) is based, at least in part, on whether said second apparatus includes functionality designated by said first rule.
192. A method as in claim 191, in which:
said designated functionality includes at least the ability of said second apparatus to protect said governed information in at least one respect.
193. A method as in claim 192, in which:
said designated functionality further includes the ability of said second apparatus to use said rule to govern at least one operation occurring on said second apparatus, and
said method further comprises transferring a copy of said rule from said first apparatus to said second apparatus.
194. A method as in claim 193, in which:
said rule requires that said second apparatus transfer a certificate to said first apparatus.
195. A method as in claim 194, in which:
said rule further requires that said certificate identify said designated functionality.
196. A method as in claim 185, in which:
said governed information is received in an encrypted or scrambled form.
197. A method as in claim 185, in which:
said transfer transfers a copy of said governed information.
198. A method as in claim 185, in which:
said steps (b) through (e) are securely performed, said secure performance occurring at least in part on a secure processing unit.
199. A method as in claim 185, further comprising:
prior to said step (c),
at said first apparatus, creating a signal comprising at least a portion of said governed information and a steganographically encoded second rule, said second rule differing in at least one aspect from said first rule;
said governed information referred to in said step (c) constituting said created signal.
200. A method as in claim 185, further comprising:
said governed information transferred in said step (f) does not contain said first rule.
201. A method as in claim 185, in which:
said received signal further includes steganographically encoded error correction information;
said method further comprising:
at said first apparatus, steganographically decoding said signal to retrieve said error correction information;
at said first apparatus, using said error correction information to determine whether the received version of said first rule contains errors;
at said first apparatus, using said error correction information to correct errors in said first rule; and
at said first apparatus, generating a corrected signal comprising at least a portion of said governed information and said corrected first rule, said signal not including said erroneous version of said first rule, said corrected signal constituting said governed information referred to in said step (c).
202. A rights management method operating at least in part on a first apparatus, said first apparatus including a communications port and means for accessing information on a removable memory device, said method comprising:
(a) at said first apparatus, receiving a removable memory device containing a signal, said signal comprising
governed information and
a first rule steganographically incorporated into said signal, said first rule requiring that payment be made at a remote site in return for use of or access to at least a portion of said governed information;
(b) at said first apparatus, steganographically decoding said signal to recover said first rule;
(c) at said first apparatus, initiating at least one access to or use of at least a portion of said governed information;
(d) at said first apparatus, initiating communication, through said communications port, with a second apparatus remote from said first apparatus;
(e) providing payment from said first apparatus to said second apparatus;
(f) checking to determine whether said payment has been provided; and
(g) allowing said at least one access to or use of at least a portion of said governed information to complete if said check reveals that said payment has been provided.
203. A method as in claim 202, in which:
said governed information comprises video information and audio information; and
said portion of said governed information comprises said audio information, said step (g) further comprising:
allowing access at said first apparatus to said video and audio information if said payment is made and is sufficient for said access, and
allowing access to said video information but denying access to said audio information if said payment is eithe