Home
Patent Search
IMT Blog
REGISTER
|
SIGN IN
United States Patent
6253193
Ginter , ; et al.
June 26, 2001
Title
Systems and methods for the secure transaction management and electronic rights protection
Abstract
The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the "electronic highway."
Inventors:
Ginter; Karl L.
(Beltsville,
MD
)
, Shear; Victor H.
(Bethesda,
MD
)
, Spahn; Francis J.
(El Cerrito,
CA
)
, Van Wie; David M.
(Sunnyvale,
CA
)
Assignee:
InterTrust Technologies Corporation
(Santa Clara,
CA
)
Appl. No.:
208017
Filed:
December 9, 1998
Current U.S. Class:
705/57
705/52
Field of Search:
705/51,52,56,57 380/201-203 386/94,124
U.S. Patent Documents
3573747
April 1971
Adams et al.
3609697
September 1971
Blevins
3796830
March 1974
Smith
3798359
March 1974
Feistel
3798360
March 1974
Feistel
3798605
March 1974
Feistel
3806882
April 1974
Clarke
3829833
August 1974
Freeny
3906448
September 1975
Henriques
3911397
October 1975
Freeny
3924065
December 1975
Freeny
3931504
January 1976
Jacoby
3946220
March 1976
Brobeck et al.
3956615
May 1976
Anderson et al.
3958081
May 1976
Ehrsam et al.
3970992
July 1976
Boothroyd et al.
4048619
September 1977
Forman, Jr. et al.
4071911
January 1978
Mazur
4112421
September 1978
Freeny
4120030
October 1978
Johnstone
4163280
July 1979
Mori et al.
4168396
September 1979
Best
4196310
April 1980
Forman et al.
4200913
April 1980
Kuhar et al.
4209787
June 1980
Freeny
4217588
August 1980
Freeny
4220991
September 1980
Hamano et al.
4232193
November 1980
Gerard
4232317
November 1980
Freeny
4236217
November 1980
Kennedy
4253157
February 1981
Kirschner et al.
4262329
April 1981
Bright et al.
4265371
May 1981
Desai et al.
4270182
May 1981
Asija
4278837
July 1981
Best
4305131
December 1981
Best
4306289
December 1981
Lumley
4309569
January 1982
Merkle
4319079
March 1982
Best
4323921
April 1982
Guillou
4328544
May 1982
Baldwin et al.
4337483
June 1982
Guillou
4361877
November 1982
Dyer et al.
4375579
March 1983
Davida et al.
4433207
February 1984
Best
4434464
February 1984
Suzuki et al.
4442486
April 1984
Mayer
4446519
May 1984
Thomas
4454594
June 1984
Heffron et al.
4458315
July 1984
Uchenick
4462076
July 1984
Smith
4462078
July 1984
Ross
4465901
August 1984
Best
4471163
September 1984
Donald et al.
4484217
November 1984
Block et al.
4494156
January 1985
Kadison et al.
4513174
April 1985
Herman
4528588
July 1985
Lofberg
4528643
July 1985
Freeny
4553252
November 1985
Egendorf
4558176
December 1985
Arnold et al.
4558413
December 1985
Schmidt et al.
4562306
December 1985
Chou et al.
4562495
December 1985
Bond et al.
4577289
March 1986
Comerford et al.
4584641
April 1986
Guglielmino
4588991
May 1986
Atalla
4589064
May 1986
Chiba et al.
4593353
June 1986
Pickholtz
4593376
June 1986
Volk
4595950
June 1986
Lofberg
4597058
June 1986
Izumi et al.
4634807
January 1987
Chorley et al.
4644493
February 1987
Chandra et al.
4646234
February 1987
Tolman et al.
4652990
March 1987
Pailen et al.
4658093
April 1987
Hellman
4670857
June 1987
Rackman
4672572
June 1987
Alsberg
4677434
June 1987
Fascenda
4680731
July 1987
Izumi et al.
4683553
July 1987
Mollier
4685056
August 1987
Barnsdale et al.
4688169
August 1987
Joshi
4691350
September 1987
Kleijne et al.
4696034
September 1987
Wiedemer
4700296
October 1987
Palmer, Jr. et al.
4701846
October 1987
Ikeda et al.
4712238
December 1987
Gilhousen et al.
4713753
December 1987
Boebert et al.
4740890
April 1988
William
4747139
May 1988
Taaffe
4757533
July 1988
Allen et al.
4757534
July 1988
Matyas et al.
4768087
August 1988
Taub et al.
4791565
December 1988
Dunham et al.
4796181
January 1989
Wiedemer
4799156
January 1989
Shavit
4807288
February 1989
Ugon et al.
4817140
March 1989
Chandra et al.
4823264
April 1989
Deming
4827508
May 1989
Shear
4858121
August 1989
Barber et al.
4864494
September 1989
Kobus
4866769
September 1989
Karp
4868877
September 1989
Fischer
4903296
February 1990
Chandra et al.
4924378
May 1990
Hershey et al.
4930073
May 1990
Cina
4949187
August 1990
Cohen
4975647
December 1990
Downer et al.
4977594
December 1990
Shear
4999806
March 1991
Chernow et al.
5001752
March 1991
Fischer
5005122
April 1991
Griffin et al.
5005200
April 1991
Fischer
5010571
April 1991
Katznelson
5023907
June 1991
Johnson et al.
5047928
September 1991
Wiedemer
5048085
September 1991
Abraham et al.
5050213
September 1991
Shear
5091966
February 1992
Bloomberg et al.
5103392
April 1992
Mori et al.
5103476
April 1992
Waite et al.
5111390
May 1992
Ketcham
5119493
June 1992
Janis et al.
5128525
July 1992
Stearns et al.
5136643
August 1992
Fischer
5136646
August 1992
Haber
5136647
August 1992
Haber
5136716
August 1992
Harvey et al.
5146575
September 1992
Nolan
5148481
September 1992
Abraham et al.
5155680
October 1992
Wiedemer
5163091
November 1992
Graziano et al.
5168147
December 1992
Bloomberg
5185717
February 1993
Mori
5201046
April 1993
Goldberg et al.
5201047
April 1993
Maki et al.
5208748
May 1993
Flores et al.
5214702
May 1993
Fischer
5216603
June 1993
Flores et al.
5221833
June 1993
Hecht
5222134
June 1993
Waite et al.
5224160
June 1993
Paulini et al.
5224163
June 1993
Gasser et al.
5235642
August 1993
Wobber et al.
5245165
September 1993
Zhang
5247575
September 1993
Sprague et al.
5260999
November 1993
Wyman
5263158
November 1993
Janis
5265164
November 1993
Matyas et al.
5276735
January 1994
Boebert et al.
5280479
January 1994
Mary
5285494
February 1994
Sprecher et al.
5301231
April 1994
Abraham et al.
5311591
May 1994
Fischer
5319705
June 1994
Halter et al.
5319785
June 1994
Halter et al.
5337360
August 1994
Fischer
5341429
August 1994
Stringer et al.
5343527
August 1994
Moore et al.
5347579
September 1994
Blandford
5351293
September 1994
Michener
5355474
October 1994
Thuraisngham et al.
5373561
December 1994
Haber et al.
5390247
February 1995
Fischer
5390330
February 1995
Talati
5392220
February 1995
van der Hamer et al.
5392390
February 1995
Crozier
5394469
February 1995
Nagel et al.
5410598
April 1995
Shear
5412717
May 1995
Fischer
5421006
May 1995
Jablon
5422953
June 1995
Fischer
5428606
June 1995
Moskowitz
5438508
August 1995
Wyman
5442645
August 1995
Ugon
5444779
August 1995
Daniele
5449895
September 1995
Hecht et al.
5449896
September 1995
Hecht et al.
5450493
September 1995
Maher
5453601
September 1995
Rosen
5453605
September 1995
Hecht et al.
5455407
October 1995
Rosen
5455861
October 1995
Faucher et al.
5455953
October 1995
Russell
5457746
October 1995
Dolphin
5463565
October 1995
Cookson et al.
5473687
December 1995
Lipscomb et al.
5473692
December 1995
Davis
5479509
December 1995
Ugon
5485622
January 1996
Yamaki
5491800
February 1996
Goldsmith et al.
5497479
March 1996
Hornbuckle
5497491
March 1996
Mitchell et al.
5499298
March 1996
Narasimhalu et al.
5504757
April 1996
Cook et al.
5504818
April 1996
Okano
5504837
April 1996
Griffeth et al.
5508913
April 1996
Yamamoto et al.
5509070
April 1996
Schull
5513261
April 1996
Maher
5517518
May 1996
Rosen
5530235
June 1996
Stefik et al.
5530752
June 1996
Rubin
5533123
July 1996
Force et al.
5534975
July 1996
Stefik et al.
5537526
July 1996
Anderson et al.
5539735
July 1996
Moskowitz
5539828
July 1996
Davis
5550971
August 1996
Brunner et al.
5553282
September 1996
Parrish et al.
5557518
September 1996
Rosen
5563946
October 1996
Cooper et al.
5568552
October 1996
Davis
5572673
November 1996
Shurts
5592549
January 1997
Nagel et al.
5606609
February 1997
Houser et al.
5613004
March 1997
Cooperman et al.
5621797
April 1997
Rosen
5629980
May 1997
Stefik et al.
5633932
May 1997
Davis
5634012
May 1997
Stefik et al.
5636292
June 1997
Rhoads
5638443
June 1997
Stefik
5638504
June 1997
Scott et al.
5640546
June 1997
Gopinath
5655077
August 1997
Jones et al.
5687236
November 1997
Moskowitz et al.
5689587
November 1997
Bender
5692180
November 1997
Lee
5710834
January 1998
Rhoads
5740549
April 1998
Reilly et al.
5745604
April 1998
Rhoads
5748763
May 1998
Rhoads
5748783
May 1998
Rhoads
5754849
May 1998
Dyer et al.
5758152
May 1998
LeTourneau
5765152
June 1998
Erickson
5768426
June 1998
Rhoads
Foreign Patent Documents
0 084 441 A1
Jul., 1983
EP
0 128 672 A1
Dec., 1984
EP
0 135 422 A1
Mar., 1985
EP
0 180 460 A1
May., 1986
EP
0 370 146 A1
May., 1990
EP
0 399 822 A2
Nov., 1990
EP
0 421 409 A2
Apr., 1991
EP
0 456 386 A2
Nov., 1991
EP
0 469 864 A2
Feb., 1992
EP
0 469 864 A3
Feb., 1992
EP
0 565 314 A2
Oct., 1993
EP
0 593 305 A2
Apr., 1994
EP
0 651 554 A1
May., 1995
EP
0 668 695 A2
Aug., 1995
EP
0 668 695 A3
Aug., 1995
EP
0 695 985 A1
Feb., 1996
EP
0 696 798 A1
Feb., 1996
EP
0 715 243 A1
Jun., 1996
EP
0 715 244 A1
Jun., 1996
EP
0 715 245 A1
Jun., 1996
EP
0 715 246 A1
Jun., 1996
EP
0 725 376 A2
Jan., 1996
EP
1-068835
Mar., 1989
JP
2-242352
Sep., 1990
JP
2-247763
Oct., 1990
JP
2-294855
Dec., 1990
JP
2136175
Sep., 1984
GB
2264796A
Sep., 1993
GB
2294348
Apr., 1996
GB
2295947
Jun., 1996
GB
3803982A1
Jan., 1990
DE
4-369068
Dec., 1992
JP
5-181734
Jul., 1993
JP
5-257783
Oct., 1993
JP
5-268415
Oct., 1993
JP
57-726
May., 1982
JP
6-175794
Jun., 1994
JP
6-215010
Aug., 1994
JP
62-225059
Aug., 1987
JP
62-241061
Dec., 1984
BE
62-241061
Oct., 1987
JP
64-68835
Mar., 1989
JP
7-056794
Mar., 1995
JP
7-084852
Mar., 1995
JP
7-141138
Jun., 1995
JP
7-200317
Aug., 1995
JP
7-200492
Aug., 1995
JP
7-244639
Sep., 1995
JP
8-105298
Jul., 1996
JP
8-137795
May., 1996
JP
8-152990
Jun., 1996
JP
8-185292
Jul., 1996
JP
9 004 79
Dec., 1984
BE
WO 85/02310
May., 1985
WO
WO 85/03584
Aug., 1985
WO
WO 90/02382
Mar., 1990
WO
WO 92/06438
Apr., 1992
WO
WO 92/22870
Dec., 1992
WO
WO 93/01550
Jan., 1993
WO
WO 94/01821
Jan., 1994
WO
WO 94/03859
Feb., 1994
WO
WO 94/06103
Mar., 1994
WO
WO 94/16395
Jul., 1994
WO
WO 94/18620
Aug., 1994
WO
WO 94/22266
Sep., 1994
WO
WO 94/27406
Nov., 1994
WO
WO 95/14289
May., 1995
WO
WO 96/00963
Jan., 1996
WO
WO 96/03835
Feb., 1996
WO
WO 96/05698
Feb., 1996
WO
WO 96/06503
Feb., 1996
WO
WO 96/13013
May., 1996
WO
WO 96/21192
Jul., 1996
WO
WO 96/24092
Aug., 1996
WO
WO 97/03423
Jan., 1997
WO
WO 97/07656
Mar., 1997
WO
WO 97/32251
Sep., 1997
WO
WO 97/48203
Dec., 1997
WO
Other References
David Arneke and Donna Cunningham, Document from the Internet: AT&T encryption system protects information services, (News Release), Jan. 9, 1995, 1 page. .
Claude Baggett, Cable's Emerging Role in the Information Superhighway, Cable Labs, (undated) 13 slides. .
Theodore Sedgwick Barassi, Document from Internet: The Cybernotary: Public Key Registration and Certification and Authentication of International Legal Transactions, (undated), 4 pages. .
Hugh Barnes, e-mail to Henry LaMuth, subject: George Gilder articles, May 31, 1994, 2 pages. .
Comments in the Matter of Public Hearing and Request for Comments on the International Aspects of the National Information Infrastructure, Before the Department of Commerce, Aug. 12, 1994, pp. 1-15 (comments of Dan Bart). .
Michael Baum, "Worldwide Electronic Commerce: Law, Policy and Controls Conference," program details, Nov. 11, 1993, 18 pages. .
Robert M. Best, Preventing Software Piracy With Crypto-Microprocessors, Digest of Papers, VLSI: New Architectural Horizons, Feb. 1980, pp. 466-469. .
Richard L. Bisbey, II and Gerald J Popek, Encapsulation: An Approach to Operating System Security, (USC/Information Science Institute, Marina Del Rey, CA) Oct. 1973, pp. 666-675. .
Rolf Blom, Robert Forchheimer, et al. Encryption Methods in Data Networks, Ericsson Technics, No. 2, Stockholm, Sweden, 1978. .
Rick E. Bruner, Document from the Internet: PowerAgent, NetBot help advertisers reach Internet shoppers, Aug. 1997, 3 pages. .
Denise Caruso, Technology, Digital Commerce: 2 plans for watermarks, which can bind proof of authorship to electronic works., N.Y. Times, Aug. 7, 1995, p. D5. .
A.K. Choudhury, N. F. Maxemchuck, et al., Copyright Protection for Electronic Publishing Over Computer Networks, (AT&T Bell Laboratories, Murray Hill N. J.) Jun. 1994, 17 pages. .
Tim Clark, Ad service gives cash back, <www.news.com,/News/Item/0,4,13050,00.html> (visited Aug. 4, 1997) 2 pages. .
Donna Cunningham, David Arneke, et al., Document from the Internet: AT&T, VLSI Technology join to improve info highway security, (News Release) Jan., 31, 1995, 3 pages. .
Lorcan Dempsey and Stuart Weibel, The Warwick Metadata Workshop: A Framework for the Deployment of Resource Description, D-Lib Magazine, Jul., 15, 1996. .
Dorothy E. Denning and Peter J Denning, Data Security, 11 Computing Surveys No. 3, Sep. 1979, pp. 227-249. .
Whitfield Diffie and Martin E. Hellman, New Directions in Cryptography, IEEE Transactions on Information Theory, vol. 22, No. 6, Nov. 1976, pp. 644-651. .
Whitfield Diffie and Martin E. Hellman, Privacy and Authentication: An Introduction to Cryptography, Proceedings of the IEEE, vol. 67, No. 3, Mar. 1979 pp. 397-427. .
Stephen R. Dusse and Burton S. Kaliski, A Cryptographic Library for the Motorola 56000,, Advances in Cryptology-Proceedings Eurocrypt 90, (I.M. Damgard, ed., Springer-Verlag) 1991, pp. 230-244. .
Esther Dyson, Intellectual Value, Wired Magazine, Jul. 1995, pp. 136-141 and 182-183 (This article is not prior art.). .
Science, space and technology, Hearing before Subcomm. on Technology, Environment, ad Aviation, May 26, 1994 (testimony of D. Linda Garcia). .
James Gleick, Dead as a Dollar, The New York Times Magazine, Jun. 16, 1996, Sect. 6, pp. 26-30, 35, 42, 50, 54. .
Fred Greguras, Document from Internet: Softic Symposium '95, Copyright Clearances and Moral Rights, Dec. 11, 1995, 3 pages. .
Louis C. Guillou, Smart Cards and Conditional Access, Advances in Cryptography--Proceedings of EuroCrypt 84 (T. Beth et al, Ed., Springer-Verlag) 1985, pp. 480-490. .
Harry H. Harman, Modern Factor Analysis, Third Edition Revised, University of Chicago Press, Chicago and London, 1976. .
Amir Herzberg and Shlomit S. Pinter, Public Protection of Software, ACM Transactions on Computer Systems, vol. 5, No. 4, Nov. 1987, pp. 371-393. .
Jud Hofmann, Interfacing the NII to User Homes, (Consumer Electronic Bus Committee) NIST, Jul. 1994, 12 slides. .
Jud Hofmann, Interfacing the NII to User Homes, Electronic Industries Association, (Consumer Electronic Bus Committee) (undated), 14 slides. .
Stannie Holt, Document from the Internet: Start-up promises user confidentiality in Web marketing service, InfoWorld Electric News (updated Aug. 13, 1997). .
Jay J. Jiang and David W. Conrath, A concept-based Approach to Retrieval from an Electronic Industrial Directory, International Journal of Electronic Commerce, vol. 1, No. 1 (fall 1966) pp. 51-72. .
Debra Jones, Document from the Internet: Top Tech Stories, PowerAgent Introduces First Internet `Informediary` to Empower and Protect Consumers, (updated Aug. 13, 1997) 3 pages. .
kevin Kelly, E-Money, Whole Earth Review, Summer 1993,, pp. 40-59. .
Stephen Thomas Kent, Protecting Externally Supplied Software in Small Computers, (MIT/LCS/TR-255) Sep. 1980 254 pages. .
David M. Kristol, Steven H. Low and Nicholas F. Maxemchuk, Anonymous Internet Mercantile Protocol, (AT&T Bell Laboratories, Murray Hill, NJ) Draft: Mar. 17, 1994. .
Carl Lagoze, The Warwick Framework, A Container Architecture for Diverse Sets of Metadata, D-Lib Magazine, Jul./Aug. 1996. .
Mike Lanza, e-mail, George Gilder's Fifth Article--Digital Darkhorse--Newspapers, Feb. 21, 1994. .
Steven Levy, E-Money, That's What I want, Wired, Dec. 1994, 10 pages. .
Steven H. Low and Nicholas F. Maxemchuk, Anonymous Credit Cards, AT&T Bell Laboratories, Proceedings of the 2.sup.nd ACM Conference on Computer and Communication Security, Fairfax, Virginia, Nov. 2-4, 1994, 10 pages. .
Steven H. Low, Nicholas F. Maxemchuk, and Sanjoy Paul, Anonymous Credit Cards and its Collusion Analysis (AT&T Bell Laboratories, Murray Hill, N.J.) Oct. 10, 1994, 18 pages. .
S. H. Low, N.F. Maxemchuk, et al., Document Marking and Identification using both Line and word Shifting (AT&T Bell Laboratories, Murray Hill, N.J.) Jul. 29, 1994, 22 pages. .
Malcolm Maclachlan, Document from the Internet: PowerAgent Debuts Spam-Free Marketing, TechWire, Aug. 13 1997, 3 pages. .
N. F. Maxemchuk, Electronic Document Distribution, (AT&T Bell Laboratories, Murray Hill, N.J.) (undated). .
Eric Milbrandt, Document from the Internet: Steganography Info and Archive, 1996, 2 pages. .
Ryoichi Mori and Masaji Kawahara, Superdistribution: The concept and the Architecture, The Transactions of The EIEICE, V, E73 No. 7, Tokyo, Japan, Jul. 1990. .
Walter S. Mossberg, Personal Technology, Threats to Privacy On-Line Become More Worrisome, The Wall Street Journal, Oct. 24, 1996. .
Nicholas Negroponte, Some Thoughts on Likely and expected Communications scenarios: A Rebuttal, Telecommunications, Jan. 1993, pp. 41-42. .
Nicholas Negroponte, Electronic Word of Mouth, Wired, Oct. 1996, p. 218. .
Peter G. Neumann, Robert S. Boyer, et al., A Provably Secure Operating System: The System, Its Applications, and Proofs, Computer Science Laboratory Report CSL-116, Second Edition, SRI International, Jun. 1980. .
Joseph N Pelton (Dr.), Why Nicholas Negroponte is Wrong About the Future of Telecommunication, Telecommunications, Jan. 1993, pp. 35-40. .
Gordon Rankine (Dr.), Thomas--A Complete Single-Chip RSA Device, Advances in Cryptography, Proceedings of CRYPTO 86, (A.M. Odiyzko Ed., Springer-Verlag) 1987, pp. 480-487. .
Arthur K. Reilly, Input to the `International Telecommunications Hearings,` Panel 1: Component Technologies of the NII/GII, Standards committee T1-Telecommunications (undated). .
Paul Resnick and Hal R. Varion, Recommender Systems, Communications of the ACM, vol. 40, No. 3, Mar. 1997 pp. 56-89. .
Lance Rose, Cyberspace and the Legal Matrix: Laws or Confusion?, 1991. .
Steve Rosenthal, Interactive Network: Viewers Get Involved, New Media, Dec. 1992, pp. 30-31. .
Steve Rosenthal, Interactive TV: The Gold Rush is on, New Media, Dec. 1992, pp. 27-29. .
Steve Rosenthal, Mega Channels, New Media, Sep. 1993, pp. 36-46. .
Edward Rothstein, Technology, Connections, Making the Internet come to you through `push` technology, N. Y. Times, Jan. 20, 1997, p. D5. .
Ken Rutkowski, Document from Internet: PowerAgent Introduces First Internet `Informediary` to Empower and Protect Consumers, Tech Talk News Story, Aug. 4, 1997, 1 page. .
Ira Sager (Edited by), Bits & Bytes, Business Week, Sep. 23, 1996, p. 142E. .
Schlossstein, Steven, America: The G7's Comeback Kid, International Economy , Jun./Jul. 1993, 5 pages. .
Ingrid Schnaumueller-Bichl and Ernst Piller, A Method of Software Protection Based on the Use of Smart Cards and Cryptographic Techniques, (no date), 9 pages. .
Jurgen Schurmann, Pattern Classification, A Unified View of Statistical and Neural Approaches, John Wiley & Sons, Inc., 1996. .
Victor Shear, Solutions for CD-ROM Pricing and Data Security Problems, CD ROM Yearbook 1988-1989 (Microsoft Press 1988 or 1989) pp. 530-533. .
Karl Siuda, Security Services in Telecommunications Networks, Seminar: Mapping New Applications Onto New Technologies, edited by B. Plattner and P Gunzburger; Zurich, Mar. 8-10, 1988, pp. 45-52, XPOOO215989. .
Sean Smith and J.D. Tygar, Signed Vector Timestamps: A Secure Protocol for Partial Order Time, CMU-93-116, School of Computer Science Carnegie Mellon University, Pittsburgh, Pennsylvania, Oct. 1991; version of Feb. 1993, 15 pages. .
Mark Stefik, Letting Loose the Light: Igniting Commerce in Electronic Publication, (Xerox PARC, Palo Alto, CA) 1994-1995, 35 pages. .
Mark Stefik, Letting Loose the Light: Igniting Commerce In Electronic Publication, Internet Dreams: Archetypes, Myths, and Metaphors. Massachusetts Institute of Technology, 1996, pp. 219-253. .
Mark Stefik, Chapter 7, Classification Introduction to Knowledge Systmes. Morgan Kaufmann Publshiers, Inc. 1995, pp. 543-607. .
Tom Stephenson, The Info Infrastructure Initiative: Data Super Highways and You, Advanced Imaging. May 1993, pp. 73-74. .
Bruce Sterling, Literary freeware: Not for Commercial Use, remarks at Computers, Freedom and Private Conference IV, Chicago, IL Mar. 26, 1994. .
Bruno Struif, The Use of Chipcards for Electronic Signatures and encryption, Proceedings for the 1989 Conference on VSLI and Computer Peripherals, Computer Society Press, 1989, pp. (4)155-(4)158. .
J.D. Tygar and Bennet Yee, Cryptography: It's Not Just For Electronic Mail Anymore, CMU-CS-93-107, School of Computer Science Carnegie Mellon University, Pittsburgh, PA, Mar. 1, 1993, 21 pages. .
J.D. Tygar and Bennet Yee, Dyad: A System for Using Physically Secure Coprocessors, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA (undated), 41 pages. .
J.D. Tygar and Bennet Yee, Dyad: A System for Using Physically Secure Coprocessors, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA, May 1991, 36 pages. .
T. Valovic, The Role of Computer Networking in the Emerging Virtual Marketplace, Telecommunications, (undated), pp. 40-44. .
Joan Voight, Beyond the Banner, Wired, Dec. 1996, pp. 196, 200, 204. .
Steven Vonder Haar, Document from the Internet: PowerAgent Launches Commercial Service, Interactive Week, Aug. 4, 1997, 1 page. .
Robert Weber, Metering Technologies for Digital Intellectual Property, A Report to the International Federation of Reproduction Rights Organisations (Boston, MA), Oct. 1994, pp. 1-29. .
Robert Weber, Document from the Internet: Digital Rights Management Technologies, Oct. 1995, 21 pages. .
Robert Weber, Digital Rights Management Technologies, A Report to the International Federation of Reproduction Rights Organisations, Northeast Consulting Resources, Inc., Oct. 1995, 49 pages. .
Adele Weder, Life on the Infohighway, INSITE, (no date), pp. 23-25. .
Steve H. Weingart, Physical Security for the Abyss System, (IBM Thomas J. Watson Research Center, Yorktown Heights, NY), 1987, pp. 52-58. .
Daniel J Weitzner, A Statement of EFF's Open Platform Campaign as of Nov., 1993, 3 pages. .
Steve R. White, Abyss: A Trusted Architecture for Software Protection, (IBM Thomas J. Watson Research Center, Yorktown Heights, NY), 1987, pp. 38-50. .
Bennet Yee, Using Secure Coprocessors, CMU-CS-94-149, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA, 1994, 94 pages. .
Frank Yellin, Document from the Internet: Low Level Security in Java, Sun Microsystems, 1996, 8 pages. .
Symposium: Applications Requirements for Innovative video Programming; How to Foster (or Cripple) Program Development Opportunities for Interactive Video Programs Delivered on Optical Media: A Challenge for the Introduction of DVD (Digital Video Disc) (Oct 19-20, 1995, Sheraton Universal Hotel, Universal City CA). .
Argent Information, Q&A Sheet <http://www.digital-watermark.com/> Copyright 1995, The Dice Company, (last modified Jun. 16, 1996), 7 pages. .
New Products, Systems and Services, AT&T Technology, vol. 9, No. 4, (undated), pp. 16-19. .
Cable Television and America'Telecommunications Infrastructure, (National Cable Television Association, Washington, D.C.), Apr. 1993, 19 pages. .
CD ROM: Introducing . . . The Workflow CD-ROM Sampler (Creative Networks, MCIMail: Creative Networks, Inc.), (no date). .
Codercard, Basic Coder Subsystem (Interstate Electronics Corp., Anaheim. C.A.), (no date) 4 pages. .
Collection of documents including: Protecting Electronically Published Properties, Increasing Publishing Profits, (Electronic Publishing Resources Inc., ) Jan. 1993, 25 pages. .
Communications of the ACM, vol. 39, No. 6, Jun. 1996, 130 pages. .
Communications of the ACM, "Intelligent Agents," vol. 37, No. 7 Jul. 1994, 170 pages. .
Computer Systems Policy Project (CSSP), Perspectives on the National Information Infrastructure: Ensuring Interoperability, Feb. 1994, 5 slides. .
DiscStore (Electronic Publishing Resources, Chevy Chase, M.D.), 1991. .
DSP56000/DSP56001 Digital Signal Processors User's Manual, (Motorola), 1990, pp. 2-2. .
A Supplement to Midrange Systems, Premenos Corp. White Paper: The Future of Electronics Commerce, Document from Internet, (Premenos) Aug. 1995, 4 pages. .
CGI Common Gateway Interface Document from the Internet, <cgi@ncsa.uiuc.edu>, 1996, 1 page. .
HotJava.TM.: The Security Story Document from the Internet, (no date) 4 pages. .
About the Digital Notary Service Document from Internet, <info@surety.com,> (Surety Technologies), 1994-5, 6 pages. .
Templar Software and Services, Secure, Reliable, Standards-Based EDI Over the Internet, Document from Internet, <info@templar.net,> (Premenos) (no date), 1 page. .
Javasoft, Frequently Asked Questions--Applet Security, Document from Internet, <java@java.sun.com.>Jun. 7, 1996, 8 pages. .
News from The Document Company Xerox, Xerox Announces Software Kit for Creating `Working Documents` with Dataglyphs Document from Internet, Nov. 6, 1995, 13 pages. .
Premenos Announces Templar 2.0--Next Generation Software for Secure Internet EDI, Document from Internet, Jan. 17, 1996, 1 page. .
WEPIN Store, Stenography (Hidden Writing), Document from Internet, (Common Law), 1995, 1 page. .
Sag's durch die Blume, Document from Internet, <marit@schulung.netuse.de,> (German), (no date), 5 pages. .
A Publication of the Electronic Frontier Foundation, EFFector Online vol. 6 No. 6., Dec. 6, 1993, 8 pages. .
EIA and TIA White Paper on National Information Infrastructure, The Electronic Industries Association and the Telecommunications Industry Association, Washington, D.C., (no date). .
Electronic Currency Requirements, XIWT (Cross Industry Working Group), (no date). .
Electronic Publishing Resources Inc. Protecting Electronically Published Properties Increasing Publishing Profits (Electronic Publishing Resources, Chevy Chase, MD) 1991, 19 pages. .
What is Firefly?, www.ffly.com, (Firefly Network, Inc.) Firefly revision: 41.4, (Copyright 1995), 1996, 1 page. .
First CII Honeywell Bull International Symposium on Computer Security and Confidentiality, conference Text Jan. 26-28, 1981, pp. 1-21. .
Framework for National Information Infrastructure Services, Draft, U.S. Department of Commerce, Jul. 1994. .
Framework for National Information Infrastructure Services, Jul. 1994, 12 Slides. .
Intellectual Property and the National Information Infrastructure, a Preliminary Draft of the Report of the Working Group on Intellectual Property Rights, Green paper, Jul. 1994, 141 pages. .
Multimedia Mixed Objects Envelopes Supporting a Graduated Fee Scheme Via Encryption, IBM Technical Disclosure Bulletin, vol. 37, No. 3, Mar. 1, 1994, pp. 413-417, XP000441522. .
Transformer Rules Strategy for Software Distribution Mechanism-Support Products, IBM Technical Disclosure Bulletin, vol. 37, No. 48, Apr. 1994, pp. 523-525, XP000451335. .
IISP Break Out Session Report for Group Number 3, Standards Development and Tracking System, (no date). .
Information Infrastructure Standards Panel: NII "The Information Superhighway", NationsBank--HGDeal--ASC X9, (no date), 15 pages. .
Invoice? What's an Invoice?, Business Week, Jun. 10, 1996, pp. 110-112. .
Micro Card (Micro Card Technologies, Inc., Dallas, TX), (no date), 4 pages. .
Background on the Administration's Telecommunications Policy Reform Initiative, News Release, The White House, Office of the President, Jan. 11, 1994, 7 pages. .
NII, Architecture Requirements, XIWT, (no date). .
Symposium: Open System Environment Architectural Framework for National Information Infrastructure Services and Standards, in Support of National Class Distributed Systems, Distributed System Engineering Program Sponsor Group, Draft 1.0, Aug. 5, 1994, 34 pages. .
Proper Use of Consumer Information on the Internet, Document from the Internet, White Paper, (PowerAgent Inc., Melo Park, CA) Jun 1997, 9 pages. .
What the Experts are Reporting on Power Agent, Document from the Internet, PowerAgent Press Releases, Aug. 13, 1997, 6 pages. .
What the Experts are Reporting on PowerAgent, Document from the Internet, PowerAgent Press Releases, Aug. 4, 1997, 5 pages. .
What the Experts are Reporting on PowerAgent, Document from the Internet, PowerAgent Press Releases, Aug. 13, 1997, 3 pages..~
Primary Examiner:
Barron, Jr.; Gilberto
Attorney, Agent or Firm:
Finnegan, Henderson, Farabow, Garrett & Dunner L.L.P.
Parent Case Text
This is a continuation of application Ser. No. 08/964,333, filed Nov. 4, 1997 now U.S. Pat. No. 5,982,891, which is a continuation of application Ser. No. 08/388,107, filed Feb. 13, 1995, now abandoned--all of which are incorporated herein by reference.
Claims
We claim:
1. A method comprising:
receiving a digital file including music;
storing said digital file in a first secure memory of a first device;
storing information associated with said digital file in a secure database stored on said first device, said information including at least one budget control and at least one copy control, said at least one budget control including a budget specifying the number of copies which can be made of said digital file; and said at least one copy control controlling the copies made of said digital file;
determining whether said digital file may be copied and stored on a second device based on at least said copy control;
if said copy control allows at least a portion of said digital file to be copied and stored on a second device,
copying at least a portion of said digital file;
transferring at least a portion of said digital file to a second device including a memory and an audio and/or video output;
storing said digital file in said memory of said second device; and
including playing said music through said audio output.
2. A method as in claim 1, further comprising:
at a time substantially contemporaneous with said transferring step, recording in said first device information indicating that said transfer has occurred.
3. A method as in claim 2, in which:
said information indicating that said transfer has occurred includes an encumbrance on said budget.
4. A method as in claim 3, in which:
said encumbrance operates to reduce the number of copies of said digital file authorized by said budget.
5. A method as in claim 4, further comprising:
at some point after said transferring step, taking at least one action to render said copy of said digital file unuseable at said second device; and
at said first digital device, removing said encumbrance on said budget,
said removal including increasing the number of copies of said digital file authorized by said budget.
6. A method as in claim 5, in which:
said budget authorizes one copy prior to said encumbrance;
said budget authorizes zero copies during said encumbrance; and
said budget authorizes one copy following removal of said encumbrance.
7. A method comprising:
receiving a digital file stored on a video disk;
storing said digital file in a first secure memory of a first device;
storing budget information associated with said digital file in a secure database stored on said first device, said budget information relating to permitted uses of said digital file and including at least one control, said budget information having been received on a video disk;
determining whether said digital file may be copied and stored on a second device based on said at least one control;
if said at least one control allows at least a portion of said digital file to be copied and stored on a second device,
copying at least a portion of said digital file;
transferring at least a portion of said digital file to a second device, after checking said budget to determine if said transferring step is authorized;
including a memory and an audio and/or video output;
storing said digital file in said memory of said second device; and
rendering said digital file through said output.
8. A method as in claim 7, in which:
said video disk includes identification information identifying said video disk;
said first device includes identification information identifying said first device; and
said second device includes identification information identifying said second device.
9. A method as in claim 8, in which:
said digital file is stored in an encrypted form on said video disk.
10. A method as in claim 9, in which:
said digital file is transferred to said second device in an encrypted form;
and further comprising:
prior to said rendering step, decrypting said digital file at said second device;
said decryption based, at least in part, on use of said second device identification information as a key.
11. A method comprising:
receiving a digital file;
storing said digital file in a first secure memory of a first device;
storing information associated with said digital file in a secure database stored on said first device, said information including a first control;
determining whether said digital file may be copied and stored on a second device based on said first control, said determining step including identifying said second device and determining whether said first control allows transfer of said copied file to said second device, said determination based at least in part on the features present at the device to which said copied file is to be transferred;
if said first control allows at least a portion of said digital file to be copied and stored on a second device,
copying at least a portion of said digital file;
transferring at least a portion of said digital file to a second device including a memory and an audio and/or video output;
storing said digital file in said memory of said second device; and
rendering said digital file through said output.
12. A method comprising:
receiving a digital file;
storing said digital file in a first secure memory of a first device;
storing information associated with said digital file in a secure database stored on said first device, said information including at least one control, said step of storing information being performed during a process of registering said digital file at said first device, said registering process further comprising storing information identifying at least one authorized user of said digital file;
determining whether said digital file may be copied and stored on a second device based on said at least one control;
if said at least one control allows at least a portion of said digital file to be copied and stored on a second device,
copying at least a portion of said digital file;
transferring at least a portion of said digital file to a second device including a memory and an audio and/or video output;
storing said digital file in said memory of said second device; and
rendering said digital file through said output.
13. A method as in claim 12, in which:
said transferring step includes copying said information identifying said at least one authorized user and transferring said copied information to said second device.
14. A method as in claim 13, further comprising:
prior to said rendering step, using said transferred information identifying said at least one authorized user to determine whether the user of said second device is an authorized user.
15. A method comprising:
receiving a digital file;
an authentication step comprising:
accessing at least one identifier associated with a first device or with a user of said first device; and
determining whether said identifier is associated with a device and/or user authorized to store said digital file;
storing said digital file in a first secure memory of said first device, but only if said device and/or user is so authorized, but not proceeding with said storing if said device and/or user is not authorized;
storing information associated with said digital file in a secure database stored on said first device, said information including at least one control;
determining whether said digital file may be copied and stored on a second device based on said at least one control;
if said at least one control allows at least a portion of said digital file to be copied and stored on a second device,
copying at least a portion of said digital file;
transferring at least a portion of said digital file to a second device including a memory and an audio and/or video output;
storing said digital file in said memory of said second device; and
rendering said digital file through said output.
16. A method as in claim 15, in which:
said digital file is received in an encrypted form;
and further comprising:
decrypting said digital file after said authentication step and before said step of storing said digital file in said memory of said first device.
17. A method as in claim 16, in which:
said identifier is used as a key in said decrypting step.
18. A method comprising:
receiving a digital file;
storing said digital file in a first secure memory of a first device;
storing information associated with said digital file in a secure database stored on said first device, said information including at least one control;
determining whether said digital file may be copied and stored on a second device based on said at least one control;
if said at least one control allows at least a portion of said digital file to be copied and stored on a second device,
copying at least a portion of said digital file;
transferring at least a portion of said digital file to a second device including a memory and an audio and/or video output, the portion of said digital file transferred to said second device representing a version of said digital file which, when rendered at said second device, provides a level of quality lower than the level of quality provided when said digital file is rendered at said first device;
storing said digital file in said memory of said second device; and
rendering said digital file through said output.
19. A method comprising:
receiving a digital file at a first device;
establishing communication between said first device and a clearinghouse located at a location remote from said first device;
said first device obtaining authorization information including a key from said clearinghouse;
said first device using said authorization information to gain access to or make at least one use of said first digital file, including using said key to decrypt at least a portion of said first digital file; and
receiving a first control from said clearinghouse at said first device;
storing said first digital file in a memory of said first device;
using said first control to determine whether said first digital file may be copied and stored on a second device;
if said first control allows at least a portion of said first digital file to be copied and stored on a second device,
copying at least a portion of said first digital file;
transferring at least a portion of said first digital file to a second device including a memory and an audio and/or video output;
storing said first digital file portion in said memory of said second device; and
rendering said first digital file portion through said output.
20. A method as in claim 19, further comprising:
prior to said step of receiving said first digital file at said first device, storing said first digital file on a portable memory,
said step of storing said first digital file in a memory of said first device further comprising copying said first digital file from said portable memory to said memory of said first device.
21. A method as in claim 20, in which:
said portable memory constitutes a disk.
22. A method as in claim 21, in which:
said disk constitutes an optical disk.
23. A method as in claim 22, in which:
said step of storing said first digital file on a portable memory further comprises storing at least one identifier on said portable memory.
24. A method as in claim 23, in which:
said identifier constitutes an identification of a user authorized to use said first digital file.
25. A method as in claim 23, in which:
said identifier constitutes an identification of said first device.
26. A method as in claim 23, in which:
said identifier is used as a key in said decryption step.
27. A method as in claim 22, in which,
said first digital file includes music; and
said rendering step includes playing said music through said audio output.
28. A method as in claim 27 in which:
said transferring step includes transferring at least a second control to said memory of said second device.
29. A method as in claim 28 in which:
said second control restricts at least one use which may be made of said first digital file at said second device.
30. A method as in claim 29, in which:
said second control operates to prohibit copying of said first digital file at said second device.
31. A method as in claim 30, in which:
at least one budget is stored at said first device.
32. A method as in claim 31, in which:
said budget specifies the number of copies which may be made of said first digital file.
33. A method as in claim 32, further comprising:
at a time prior to said transferring step, checking said budget to determine whether said budget is sufficient for said transfer; and
proceeding with said transfer if said budget is sufficient for said transfer.
34. A method as in claim 33, further comprising:
at a time substantially contemporaneous with said transferring step, recording in said first device information indicating that said transfer has occurred.
35. A method as in claim 34, in which:
said information indicating that said transfer has occurred includes an encumbrance on said budget.
36. A method as in claim 35, in which:
said encumbrance operates to reduce the number of copies of said first digital file authorized by said budget.
37. A method as in claim 36, further comprising:
at some point after said transferring step, taking at least one action to render said copy of said first digital file unuseable at said second device; and
at said first digital device, removing said encumbrance on said budget,
said removal including increasing the number of copies of said first digital file authorized by said budget.
38. A method as in claim 37, in which:
said budget authorizes one copy prior to said encumbrance;
said budget authorizes zero copies during said encumbrance; and
said budget authorizes one copy following removal of said encumbrance.
39. A method as in claim 33, in which:
said step of establishing communication further comprises said first device receiving said budget from said clearinghouse.
40. A method as in claim 33, further comprising:
prior to said step of receiving said first digital file at said first device, storing said budget on said portable memory, and
copying said budget from said portable memory to a memory of said first device.
41. A method as in claim 37, in which:
said second device is a portable device.
42. A method as in claim 40, in which,
said second device includes identification information identifying said second device; and
at least one of said controls transferred to said second device operates to restrict use of said transferred first digital file so that it can only be used on said second device.
43. A method as in claim 42, in which:
said first digital file is transferred to said second device in an encrypted form;
and further comprising:
prior to said rendering step, decrypting said first digital file at said second device;
said decryption based, at least in part, on use of said second device identification information as a key.
44. A method as in claim 37, in which:
said at least one action comprises deleting said first digital file from said memory of said second device.
45. A method as in claim 37, in which:
said at least one action comprises setting an indication, following which said second device will not render said first digital file until said indication is reset.
46. A method as in claim 42, further comprising:
prior to said step of receiving said first digital file at said first device,
placing said first digital file into a first secure container; and
sending said first secure container to said first device.
47. A method as in claim 46, in which:
said step of storing said first digital file in a memory of said first device further comprises removing said first digital file from said first secure container.
48. A method as in claim 46, in which:
said step of storing said first digital file in a memory of said first device further comprises storing said first secure container in said memory of said first device.
49. A method as in claim 48, in which:
said step of transferring at least a portion of said first digital file to a second device further comprises:
removing said portion of said first digital file from said first secure container;
inserting said portion of said first digital file into a second secure container; and
transferring said second secure container to said second device.
50. A method as in claim 49, in which:
said first secure container further comprises at least one control used for governing access to or use of said first digital file while said first digital file is contained in said first secure container; and
said second secure container further comprises at least one control used for governing access to or use of said first digital file portion while said first digital file portion is contained in said second secure container.
51. A method comprising:
receiving a digital file at a first device;
establishing communication between said first device and a clearinghouse located at a location remote from said first device;
said first device obtaining authorization information from said clearinghouse; and
said first device using said authorization information to gain access to or make at least one use of said first digital file;
storing said first digital file in a memory of said first device;
using at least a first control to determine whether said first digital file may be copied and stored on a second device, said determination based at least in part on (1) identification information regarding said second device, and (2) the functional attributes of said second device;
if, based at least in part on said identification information, said first control allows at least a portion of said first digital file to be copied and stored on a second device,
copying at least a portion of said first digital file;
transferring at least a portion of said first digital file to a second device including a memory and an audio and/or video output;
storing said first digital file portion in said memory of said second device; and
rendering said first digital file portion through said output.
52. A method comprising:
receiving a first digital file at a first device;
registering said first digital file at said first device;
said registering process further comprising storing information identifying. at least one authorized user of said first digital file;
establishing communication between said first device and a clearinghouse located at a location remote from said first device;
said first device obtaining authorization information from said clearinghouse; and
said first device using said authorization information to gain access to or make at least one use of said first digital file;
storing said first digital file in a memory of said first device;
using at least a first control to determine whether said first digital file may be copied and stored on a second device;
if said first control allows at least a portion of said first digital file to be copied and stored on a second device,
copying at least a portion of said first digital file;
transferring at least a portion of said first digital file to a second device including a memory and an audio and/or video output;
storing said first digital file portion in said memory of said second device; and
rendering said first digital file portion through said output.
53. A method as in claim 52, in which:
said step of transferring said first digital file portion to said second device further comprises storing information identifying at least one authorized user of said first digital file portion at said second device.
54. A method as in claim 53, further comprising:
prior to said rendering step, using said information identifying said at least one authorized user to determine whether the user of said second device is an authorized user.
55. A method comprising:
receiving a digital file at a first device;
establishing communication between said first device and a clearinghouse located at a location remote from said first device;
said first device obtaining authorization information from said clearinghouse; and
said first device using said authorization information to gain access to or make at least one use of said first digital file;
an authentication step comprising:
accessing at least one identifier associated with said first device or with a user of said first device;
determining whether said identifier is associated with a device and/or user authorized to store said first digital file;
storing said first digital file in a memory of said first device if said device and/or user is so authorized, but not proceeding with said storing if said device and/or user is not authorized;
using at least a first control to determine whether said first digital file may be copied and stored on a second device;
if said first control allows at least a portion of said first digital file to be copied and stored on a second device,
copying at least a portion of said first digital file;
transferring at least a portion of said first digital file to a second device including a nonvolatile random access memory, a tamper-resistant housing, a battery and an audio and/or video output;
storing said first digital file portion in said nonvolatile random access memory of said second device; and
rendering said first digital file portion through said output.
56. A method as in claim 55, in which:
said authentication step occurs at least in part under the control of at least one control received from said clearinghouse.
57. A method as in claim 56, in which:
said identifier is used as a key in said decrypting step.
58. A method comprising:
receiving a digital file at a first device;
establishing communication between said first device and a clearinghouse located at a location remote from said first device;
said first device obtaining authorization information from said clearinghouse; and
said first device using said authorization information to gain access to or make at least one use of said first digital file;
storing said first digital file in a memory of said first device;
using at least a first control to determine whether said first digital file may be copied and stored on a second device;
if said first control allows at least a portion of said first digital file to be copied and stored on a second device,
copying at least a portion of said first dig file;
transferring at least a portion of said first digital file to a second device including a memory and an audio and/or video output, said transferred portion representing a version of said first digital file which, when rendered at said second device, provides a level of quality lower than the level of quality provided when said first digital file is rendered at said first device;
storing said first digital file portion in said memory of said second device; and
rendering said first digital file portion through said output.
59. A method comprising:
storing a first digital file and a first control in a first secure container, said first secure container being stored on a first portable memory disk, said first control constituting a first budget which allows a single copy to be made of said first digital file or a portion thereof;
receiving said first portable memory disk including said first secure container at a first device;
establishing communication between said first device and a first clearinghouse located at a location remote from said first device;
obtaining information from said first clearinghouse;
said first device using said information to gain access to or make at least one use of said first digital file;
removing said first digital file from said first secure container;
storing said first digital file in a memory of said first device;
storing a second digital file and a second control in a second secure container,
said second secure container being stored on a second portable memory disk different from said first portable memory disk, said second control constituting a second budget which allows a single copy to be made of said second digital file or a portion thereof;
receiving said second portable memory disk including said second secure container at said first device;
establishing communication between said first device and a second clearinghouse located at a location remote from said first device, said first device obtaining information from said second clearinghouse and said first device using said information to gain access to or make at least one use of said second digital file;
removing said second digital file from said second secure container;
storing said second digital file in a memory of said first device;
using at least a third control to determine whether some or all of said first digital file may be copied and stored on a second device;
if said third control allows at least a portion of said first digital file to be copied and stored on a second device,
copying at least a portion of said first digital file;
storing said first digital file portion in a third secure container, said third secure container including said first digital file portion and at least one control governing at least one aspect of use or access to any file contained within said third secure container
using at least a fourth control to determine whether some or all of said second digital file may be copied and stored on said second device;
if said fourth control allows at least a portion of said second digital file to be copied and stored on said second device,
copying at least a portion of said second digital file;
storing said second digital file portion in said third secure container;
transferring said third secure container including said first digital file portion and said second digital file portion to said second device including a memory and an audio and/or video output, at least one of said third secure container controls prohibits a user of said second device from making copies of said first digital file portion and said second digital file portion while said first digital file portion and said second digital file portion are stored in said memory of said second device;
storing said first digital file portion and said second digital file portion in said memory of said second device while said first digital file portion is also stored in said memory; and
rendering said first or said second digital file portion through said output.
60. A method comprising: storing a first digital file and a first control in a first secure container, said first control constituting a first budget which governs the number of copies which may be made of said first digital file or a portion of said first digital file while said first digital file is contained in said first secure container, said first secure container being stored on a first portable memory disk;
receiving said first portable memory disk including said first secure container at a first device;
establishing communication between said first device and a first clearinghouse located at a location remote from said first device;
obtaining information from said first clearinghouse;
said first device using said information to gain access to or make at least one use of said first digital file;
removing said first digital file from said first secure container;
storing said first digital file in a memory of said first device;
storing a second digital file and a second control in a second secure container, said second control constituting a second budget which controls the number of copies which may be made of said second digital file or a portion of said second digital file while said second digital file is contained in said second secure container, said second secure container being stored on a second portable memory disk different from said first portable memory disk;
receiving said second portable memory disk including said second secure container at said first device;
establishing communication between said first device and a second clearinghouse located at a location remote from said first device, said first device obtaining information from said second clearinghouse and said first device using said information to gain access to or make at least one use of said second digital file;
removing said second digital file from said second secure container;
storing said second digital file in a memory of said first device;
using at least a third control to determine whether some or all of said first digital file may be copied and stored on a second device;
if said third control allows at least a portion of said first digital file to be copied and stored on a second device,
copying at least a portion of said first digital file;
storing said first digital file portion in a third secure container, said third secure container including said first digital file portion and at least one control governing at least one aspect of use or access to any file contained within said third secure container;
using at least a fourth control to determine whether some or all of said second digital file may be copied and stored on a second device including a memory and an audio and/or video output;
if said fourth control allows at least a portion of said second digital file to be copied and stored on said second device, copying at least a portion of said second digital file;
storing said second digital file portion in said third secure container;
transferring said third secure container including said first digital file portion and said second digital file portion to said second device, at least one of said third secure container controls prohibits a user of said second device from making copies of said first digital file portion and said second digital file portion while said first digital file portion and said second digital file portion are stored in said memory of said second device;
substantially contemporaneously with said step of transferring said first digital file portion to said second device, placing a first encumbrance on said first budget,
said first encumbrance reducing the number of copies which may be made of said first digital file portion;
substantially contemporaneously with said step of transferring said second digital file portion to said second device, placing a second encumbrance on said second budget,
said second encumbrance reducing the number of copies which may be made of said second digital file portion;
storing said first digital file portion in said memory of said second device;
storing said second digital file portion in said memory of said second device while said first digital file portion is also stored in said memory; and
rendering said first or said second digital file portion through said output.
61. A method as in claim 60, in which
said first encumbrance and said second encumbrance each reduce said number of copies to zero.
62. A method as in claim 60, further comprising:
at some point following said transfer of said first digital file portion to said second device, taking at least one action so that said first digital file portion may no longer be used at said second device, and
following said action, removing said first encumbrance on said first budget.
63. A method as in claim 62, further comprising:
at some point following said transfer of said second digital file portion to said second device, taking at least one action so that said second digital file portion may no longer be used at said second device, and
following said action, removing said second encumbrance on said second budget.
64. A method of operating a portable rights management system, including the steps of:
providing a protected processing environment in a tamper-resistant, portable, hardware housing arrangement;
operatively coupling said housing arrangement to an electronic appliance arrangement including a speaker;
ensuring secure communications between said housing arrangement and said appliance arrangement, including confirming the identity of both arrangements and/or users of such arrangements;
communicating from said housing arrangement information for use, at least in part, in controlling at least one process operating, at least in part, on said electronic appliance arrangement;
securely recording, in said housing arrangement, information derived from, at least in part, secure communications between said housing arrangement and said appliance arrangement and/or said at least one operating process;
storing a first digital file in said protected processing environment;
storing a first control in said protected processing environment, said first control governing at least one aspect of access to or use of at least a portion of said first digital file;
storing a first budget in said protected processing environment, said first budget specifying a number of copies which may be made of said first digital file or a portion thereof;
communicating a copy of at least a portion of said first digital file from said hardware housing arrangement to said electronic appliance arrangement; and
outputting said first digital file at least in part through said speaker.
65. A method as in claim 64, in which:
said number of copies is one.
66. A method as in claim 64, in which:
said communicating step further comprises communicating at least a second control to said electronic appliance arrangement; and
using said second control to govern at least one aspect of access or use of said first digital file portion while said first digital file portion is stored at said electronic appliance arrangement.
67. A method as in claim 66, in which:
said second control prohibits further copying of said first digital file portion while said first digital file portion is stored at said electronic appliance arrangement.
68. A method as in claim 67, further comprising:
at a point substantially contemporaneous with said communication of said first digital file portion to said electronic appliance arrangement, placing an encumbrance on said first budget.
69. A method as in claim 68, in which:
said encumbrance reduces the number of copies allowed by said first budget.
70. A method as in claim 69, in which:
said encumbrance reduces the number of copies allowed by said first budget to zero.
71. A method as in claim 69, further comprising;
following said communication of said first digital file portion to said electronic appliance arrangement, taking at least one action to render said first digital file portion unuseable at said electronic appliance arrangement.
72. A method as in claim 71, further comprising:
following or substantially contemporaneous with said action, removing said encumbrance from said first budget.
Description
FIELD OF THE INVENTION
This invention generally relates to computer and/or electronic security.
More particularly, this invention relates to systems and techniques for secure transaction management. This invention also relates to computer-based and other electronic appliance-based technologies that help to ensure that information is accessed and/or otherwise used only in authorized ways, and maintains the integrity, availability, and/or confidentiality of such information and processes related to such use.
The invention also relates to systems and methods for protecting rights of various participants in electronic commerce and other electronic or electronically-facilitated transactions.
The invention also relates to secure chains of handling and control for both information content and information employed to regulate the use of such content and consequences of such use. It also relates to systems and techniques that manage, including meter and/or limit and/or otherwise monitor use of electronically stored and/or disseminated information. The invention particularly relates to transactions, conduct and arrangements that make use of, including consequences of use of, such systems and/or techniques.
The invention also relates to distributed and other operating systems, environments and architectures. It also generally relates to secure architectures, including, for example, tamper-resistant hardware-based processors, that can be used to establish security at each node of a distributed system.
BACKGROUND AND SUMMARY OF THE INVENTION
Telecommunications, financial transactions, government processes, business operations, entertainment, and personal business productivity all now depend on electronic appliances. Millions of these electronic appliances have been electronically connected together. These interconnected electronic appliances comprise what is increasingly called the "information highway." Many businesses, academicians, and government leaders are concerned about how to protect the rights of citizens and organizations who use this information (also "electronic" or "digital") highway.
Electronic Content
Today, virtually anything that can be represented by words, numbers, graphics, or system of commands and instructions can be formatted into electronic digital information. Television, cable, satellite transmissions, and on-line services transmitted over telephone lines, compete to distribute digital information and entertainment to homes and businesses. The owners and marketers of this content include software developers, motion picture and recording companies, publishers of books, magazines, and newspapers, and information database providers. The popularization of on-line services has also enabled the individual personal computer user to participate as a content provider. It is estimated that the worldwide market for electronic information in 1992 was approximately $40 billion and is expected to grow to $200 billion by 1997, according to Microsoft Corporation. The present invention can materially enhance the revenue of content providers, lower the distribution costs and the costs for content, better support advertising and usage information gathering, and better satisfy the needs of electronic information users. These improvements can lead to a significant increase in the amount and variety of electronic information and the methods by which such information is distributed.
The inability of conventional products to be shaped to the needs of electronic information providers and users is sharply in contrast to the present invention. Despite the attention devoted by a cross-section of America's largest telecommunications, computer, entertainment and information provider companies to some of the problems addressed by the present invention, only the present invention provides commercially secure, effective solutions for configurable, general purpose electronic commerce transaction/distribution control systems.
Controlling Electronic Content
The present invention provides a new kind of "virtual distribution environment" (called "VDE" in this document) that secures, administers, and audits electronic information use. VDE also features fundamentally important capabilities for managing content that travels "across" the "information highway." These capabilities comprise a rights protection solution that serves all electronic community members. These members include content creators and distributors, financial service providers, end-users, and others. VDE is the first general purpose, configurable, transaction control/rights protection solution for users of computers, other electronic appliances, networks, and the information highway.
A fundamental problem for electronic content providers is extending their ability to control the use of proprietary information. Content providers often need to limit use to authorized activities and amounts. Participants in a business model involving, for example, provision of movies and advertising on optical discs may include actors, directors, script and other writers, musicians, studios, publishers, distributors, retailers, advertisers, credit card services, and content end-users. These participants need the ability to embody their range of agreements and requirements, including use limitations, into an "extended" agreement comprising an overall electronic business model. This extended agreement is represented by electronic content control information that can automatically enforce agreed upon rights and obligations. Under VDE, such an extended agreement may comprise an electronic contract involving all business model participants. Such an agreement may alternatively, or in addition, be made up of electronic agreements between subsets of the business model participants. Through the use of VDE, electronic commerce can function in the same way as traditional commerce--that is commercial relationships regarding products and services can be shaped through the negotiation of one or more agreements between a variety of parties.
Commercial content providers are concerned with ensuring proper compensation for the use of their electronic information. Electronic digital information, for example a CD recording, can today be copied relatively easily and inexpensively. Similarly, unauthorized copying and use of software programs deprives rightful owners of billions of dollars in annual revenue according to the International Intellectual Property Alliance. Content providers and distributors have devised a number of limited function rights protection mechanisms to protect their rights. Authorization passwords and protocols, license servers, "lock/unlock" distribution methods, and non-electronic contractual limitations imposed on users of shrink-wrapped software are a few of the more prevalent content protection schemes. In a commercial context, these efforts are inefficient and limited solutions.
Providers of "electronic currency" have also created protections for their type of content. These systems are not sufficiently adaptable, efficient, nor flexible enough to support the generalized use of electronic currency. Furthermore, they do not provide sophisticated auditing and control configuration capabilities. This means that current electronic currency tools lack the sophistication needed for many real-world financial business models. VDE provides means for anonymous currency and for "conditionally" anonymous currency, wherein currency related activities remain anonymous except under special circumstances.
VDE Control Capabilities
VDE allows the owners and distributors of electronic digital information to reliably bill for, and securely control, audit, and budget the use of, electronic information. It can reliably detect and monitor the use of commercial information products. VDE uses a wide variety of different electronic information delivery means: including, for example, digital networks, digital broadcast, and physical storage media such as optical and magnetic disks. VDE can be used by major network providers, hardware manufacturers, owners of electronic information, providers of such information, and clearinghouses that gather usage information regarding, and bill for the use of, electronic information.
VDE provides comprehensive and configurable transaction management, metering and monitoring technology. It can change how electronic information products are protected, marketed, packaged, and distributed. When used, VDE should result in higher revenues for information providers and greater user satisfaction and value. Use of VDE will normally result in lower usage costs, decreased transaction costs, more efficient access to electronic information, reusability of rights protection and other transaction management implementations, greatly improved flexibility in the use of secured information, and greater standardization of tools and processes for electronic transaction management. VDE can be used to create an adaptable environment that fulfills the needs of electronic information owners, distributors, and users; financial clearinghouses; and usage information analyzers and resellers.
Rights and Control Information
In general, the present invention can be used to protect the rights of parties who have:
(a) proprietary or confidentiality interests in electronic information. It can, for example, help ensure that information is used only in authorized ways;
(b) financial interests resulting from the use of electronically distributed information. It can help ensure that content providers will be paid for use of distributed information; and
(c) interests in electronic credit and electronic currency storage, communication, and/or use including electronic cash, banking, and purchasing.
Protecting the rights of electronic community members involves a broad range of technologies. VDE combines these technologies in a way that creates a "distributed" electronic rights protection "environment." This environment secures and protects transactions and other processes important for rights protection. VDE, for example, provides the ability to prevent, or impede, interference with and/or observation of, important rights related transactions and processes. VDE, in its preferred embodiment, uses special purpose tamper resistant Secure Processing Units (SPUs) to help provide a high level of security for VDE processes and information storage and communication.
The rights protection problems solved by the present invention are electronic versions of basic societal issues. These issues include protecting property rights, protecting privacy rights, properly compensating people and organizations for their work and risk, protecting money and credit, and generally protecting the security of information. VDE employs a system that uses a common set of processes to manage rights issues in an efficient, trusted, and cost-effective way.
VDE can be used to protect the rights of parties who create electronic content such as, for example: records, games, movies, newspapers, electronic books and reference materials, personal electronic mail, and confidential records and communications. The invention can also be used to protect the rights of parties who provide electronic products, such as publishers and distributors; the rights of parties who provide electronic credit and currency to pay for use of products, for example, credit clearinghouses and banks; the rights to privacy of parties who use electronic content (such as consumers, business people, governments); and the privacy rights of parties described by electronic information, such as privacy rights related to information contained in a medical record, tax record, or personnel record.
In general, the present invention can protect the rights of parties who have:
(a) commercial interests in electronically distributed information--the present invention can help ensure, for example, that parties, will be paid for use of distributed information in a manner consistent with their agreement;
(b) proprietary and/or confidentiality interests in electronic information--the present invention can, for example, help ensure that data is used only in authorized ways;
(c) interests in electronic credit and electronic currency storage, communication, and/or use--this can include electronic cash, banking, and purchasing; and
(d) interests in electronic information derived, at least in part, from use of other electronic information.
VDE Functional Properties
VDE is a cost-effective and efficient rights protection solution that provides a unified, consistent system for securing and managing transaction processing. VDE can:
(a) audit and analyze the use of content,
(b) ensure that content is used only in authorized ways, and
(c) allow information regarding content usage to be used only in ways approved by content users.
In addition, VDE:
(a) is very configurable, modifiable, and re-usable;
(b) supports a wide range of useful capabilities that may be combined in different ways to accommodate most potential applications;
(c) operates on a wide variety of electronic appliances ranging from hand-held inexpensive devices to large mainframe computers;
(d) is able to ensure the various rights of a number of different parties, and a number of different rights protection schemes, simultaneously;
(e) is able to preserve the rights of parties through a series of transactions that may occur at different times and different locations;
(f) is able to flexibly accommodate different ways of securely delivering information and reporting usage; and
(g) provides for electronic analogues to "real" money and credit, including anonymous electronic cash, to pay for products and services and to support personal (including home) banking and other financial activities.
VDE economically and efficiently fulfills the rights protection needs of electronic community members. Users of VDE will not require additional rights protection systems for different information highway products and rights problems--nor will they be required to install and learn a new system for each new information highway application.
VDE provides a unified solution that allows all content creators, providers, and users to employ the same electronic rights protection solution. Under authorized circumstances, the participants can freely exchange content and associated content control sets. This means that a user of VDE may, if allowed, use the same electronic system to work with different kinds of content having different sets of content control information. The content and control information supplied by one group can be used by people who normally use content and control information supplied by a different group. VDE can allow content to be exchanged "universally" and users of an implementation of the present invention can interact electronically without fear of incompatibilities in content control, violation of rights, or the need to get, install, or learn a new content control system.
The VDE securely administers transactions that specify protection of rights. It can protect electronic rights including, for example:
(a) the property rights of authors of electronic content,
(b) the commercial rights of distributors of content,
(c) the rights of any parties who facilitated the distribution of content,
(d) the privacy rights of users of content,
(e) the privacy