scispace - formally typeset
Search or ask a question
Patent

System for controlling the distribution and use of digital works having attached usage rights where the usage rights are defined by a usage rights grammar

Mark J. Stefik1
23 Nov 1994-
TL;DR: In this article, a system for controlling use and distribution of digital works is presented, which allows the owner of a digital work to attach usage rights to their work, which define how the individual digital work may be used and distributed.
Abstract: A system for controlling use and distribution of digital works. The present invention allows the owner of a digital work to attach usage rights to their work. The usage rights define how the individual digital work may be used and distributed. Instances of usage rights are defined using a flexible and extensible usage rights grammar. Conceptually, a right in the usage rights grammar is a label associated with a predetermined behavior and conditions to exercising the right. The behavior of a usage right is embodied in a predetermined set of usage transactions steps. The usage transaction steps further check all conditions which must be satisfied before the right may be exercised. These usage transaction steps define a protocol for requesting the exercise of a right and the carrying out of a right.
Citations
More filters
Patent
30 Sep 2010
TL;DR: In this article, the authors proposed a secure content distribution method for a configurable general-purpose electronic commercial transaction/distribution control system, which includes a process for encapsulating digital information in one or more digital containers, a process of encrypting at least a portion of digital information, a protocol for associating at least partially secure control information for managing interactions with encrypted digital information and/or digital container, and a process that delivering one or multiple digital containers to a digital information user.
Abstract: PROBLEM TO BE SOLVED: To solve the problem, wherein it is impossible for an electronic content information provider to provide commercially secure and effective method, for a configurable general-purpose electronic commercial transaction/distribution control system. SOLUTION: In this system, having at least one protected processing environment for safely controlling at least one portion of decoding of digital information, a secure content distribution method comprises a process for encapsulating digital information in one or more digital containers; a process for encrypting at least a portion of digital information; a process for associating at least partially secure control information for managing interactions with encrypted digital information and/or digital container; a process for delivering one or more digital containers to a digital information user; and a process for using a protected processing environment, for safely controlling at least a portion of the decoding of the digital information. COPYRIGHT: (C)2006,JPO&NCIPI

7,643 citations

Patent
09 Jan 1997
TL;DR: In this article, a method and device are provided for controlling access to data, where portions of the data are protected and rules concerning access rights to data are determined, and a method is also provided for distributing data for subsequent controlled use of those data.
Abstract: A method and device are provided for controlling access to data. Portions of the data are protected and rules concerning access rights to the data are determined. Access to the protected portions of the data is prevented, other than in a non-useable form; and users are provided access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. A method is also provided for distributing data for subsequent controlled use of those data. The method includes protecting portions of the data; preventing access to the protected portions of the data other than in a non-useable form; determining rules concerning access rights to the data; protecting the rules; and providing a package including: the protected portions of the data and the protected rules. A user is provided controlled access to the distributed data only in accordance with the rules as enforced by a mechanism protected by tamper protection. A device is provided for controlling access to data having protected data portions and rules concerning access rights to the data. The device includes means for storing the rules; and means for accessing the protected data portions only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data.

1,471 citations

Patent
05 Jul 2001
TL;DR: In this paper, a business model for the creation, maintenance, transmission, and use of digital medical records is presented, which allows financial burdens to be reallocated optimally and equitably, resulting in decreased overall societal cost.
Abstract: A method of maintaining digital medical records, comprising a step of receiving a medical transaction record (102), encrypted with a key in accordance with a patient-file association. Also comprising a step of accessing the encrypted medical transaction record according to a patient association with the record (111). And further comprising a step of re-encryption of the encrypted accessed medical transaction record with a key associated with an intended recipient of the medical record. The system and method according to the present invention presents a new business model for creation, maintenance, transmission, and use of medical records. The invention also allows financial burdens to be reallocated optimally and equitably, resulting in decreased overall societal cost and providing a successful business model for a database proprietor. Secure entrusted medical records are held in trust by an independent third party on behalf of the patient (113), and serve the medical community at large. Separately encrypted record elements may be aggregated as an information polymer.

1,457 citations

Patent
23 Nov 1995
TL;DR: In this article, a system for controlling use and distribution of digital works, in which the owner of a digital work attaches usage rights to that work, is presented, where each right has associated with it certain optional specifications which outline the conditions and fees upon which the right may be exercised.
Abstract: A system for controlling use and distribution of digital works, in which the owner of a digital work (101) attaches usage rights (102) to that work. Usage rights are granted by the "owner" of a digital work to "buyers" of the digital work. The usage rights define how a digital work may be used and further distributed by the buyer. Each right has associated with it certain optional specifications which outline the conditions and fees upon which the right may be exercised. Digital works are stored in a repository. A repository will process each request (103,104) to access a digital work by examining the corresponding usage rights (105). Digital work playback devices, coupled to the repository containing the work, are used to play, display or print the work. Access to digital works for the purposes of transporting between repositories (e.g. copying, borrowing or transfer) is carried out using a digital work transport protocol. Access to digital works for the purposes of replay by a digital work playback device(e.g. printing, displaying or executing) is carried out using a digital work playback protocol. Access is denied (106) or granted (107) depending whether the requesting repository has the required usage rights.

1,279 citations

Patent
25 Mar 2002
TL;DR: In this paper, the authors propose a system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first parties and the second parties.
Abstract: A system and method for communicating information between a first party and a second party, comprising the steps of receiving, by an intermediary, an identifier of desired information and accounting information for a transaction involving the information from the first party, transmitting an identifier of the first party to the second party, and negotiating, by the intermediary, a comprehension function for obscuring at least a portion of the information communicated between the first party and the second party. The data transmission may be made secure with respect to the intermediary by providing an asymmetric key or direct key exchange for encryption of the communication between the first and second party. The data transmission may be made secure with respect to the second party by maintaining the information in encrypted format at the second party, with the decryption key held only by the intermediary, and transmitting a secure composite of the decryption key and a new encryption key to the second party for transcoding of the data record, and providing the new decryption key to the first party, so that the information transmitted to the first party can be comprehended by it.

1,193 citations

References
More filters
Patent
08 Oct 1987
TL;DR: In this article, a "return on investment" digital database usage metering, billing, and security system includes a hardware device which is plugged into a computer system bus (or into a serial or other functionally adequate connector) and a software program resident in the hardware device.
Abstract: A "return on investment" digital database usage metering, billing, and security system includes a hardware device which is plugged into a computer system bus (or into a serial or other functionally adequate connector) and a software program system resident in the hardware device. One or more databases are encrypted and stored on a non-volatile mass storage device (e.g., an optical disk). A tamper-proof decrypting device and associated controller decrypts selected portions of the stored database and measures the quantity of information which is decrypted. This measured quantity information is communicated to a remote centralized billing facility and used to charge the user a fee based on database usage. A system may include a "self-destruct" feature which .disables system operation upon occurrence of a predetermined event unless the user implements an "antidote"--instructions for implementing the antidote being given to him by the database owner only if the user pays his bill. Absolute database security and billing based on database usage are thus provided in a system environment wherein all database access tasks are performed at the user's site. Moreover, a free market competitive environment is supported because literary property royalties can be calculated based on actual data use.

1,132 citations

Patent
14 Aug 1989
TL;DR: In this paper, an information distribution system provides information to a user, when the information corresponds to criteria individually selected by the user, and then charges the user only for the selected information thus provided.
Abstract: An information distribution system provides information to a user, when the information corresponds to criteria individually selected by the user, and then charges the user only for the selected information thus provided. Encrypted information packages (IP's) are provided at the user site, via high and/or low density storage media and/or by broadcast transmission. The IP's selected by the user are decrypted and then printed or displayed for viewing by the user. The charges for the IP's thus displayed are accumulated within the user apparatus and periodically reported by telephone to the system's central accounting facility which issues encryption keys. The encryption keys, used to decrypt the IP's, are changed periodically. If the central accounting facility has not issued a new encryption key for a particular user station, the station is unable to retrieve information from the system when the key is changed.

659 citations

Patent
11 Jul 1983
TL;DR: In this paper, the authors propose a software authorization system where a software can be authorized for use a given number of times by a base unit after which the base unit (computer, videogame base unit, record player, videorecorder or videodisk player) cannot use that software until the manufacturer sends an authorization for additional uses to the user's base unit.
Abstract: Software (programs, videogames, music, movies, etc.) can be authorized for use a given number of times by a base unit after which the base unit (computer, videogame base unit, record player, videorecorder or videodisk player) cannot use that software until the manufacturer sends an authorization for additional uses to the user's base unit. Authorizations may be sent via telephone line, mail, or whatever form of communication is most suited to the application. Authorizations cannot be reused, for example by recording the telephone authorization signal and replaying it to the base unit. Similarly, authorizations can be made base unit specific, so that an authorization for one base unit cannot be transferred to another base unit. This invention also solves the "software piracy problem" and allows telephone sales of software as additional benefits.

615 citations

Patent
14 Jul 1992
TL;DR: In this article, a distributed computer system employs a license management system to account for software product usage, where a management policy having a variety of alternative styles and contexts is provided, and a feature of the database management is the use of a filter function.
Abstract: A distributed computer system employs a license management system to account for software product usage. A management policy having a variety of alternative styles and contexts is provided. Each licensed product upon start-up makes a call to a license server to check on whether usage is permitted, and the license server checks a database of the licenses, called product use authorizations, that it administers. If the particular use requested is permitted, a grant is returned to the requesting user node. The product use authorization is structured to define a license management policy allowing a variety of license alternatives by values called "style", "context", "duration" and "usage requirements determination method". The license administration may be delegated by the license server to a subsection of the organization, by creating another license management facility duplicating the main facility. The license server must receive a license document (a product use authorization) from an issuer of licenses, where a license document generator is provided. A mechanism is provided for one user node to make a call to use a software product located on another user node; this is referred to as a "calling card", by which a user node obtains permission to make a procedure call to use a program on another node. A management interface allows a license manager at a server to modify the license documents in the database maintained by the server, within the restraints imposed by the license, to make delegations, assignments, etc. The license documents are maintained in a standard format referred to as a license document interchange format so the management system is portable and can be used by all adhering software vendors. A feature of the database management is the use of a filter function.

607 citations

Patent
06 Nov 1991
TL;DR: In this paper, a process and system for activating various programs are provided in a personal computer, and a data link is established between the personal computer and a registration computer by providing the registration computer with various information, a potential licensee can register to utilize the program.
Abstract: A process and system for activating various programs are provided in a personal computer. The computer is initially provided with a registration shell. A data link is established between the personal computer and a registration computer. By providing the registration computer with various information, a potential licensee can register to utilize the program. Once the registration process is complete, a tamperproof overlay program is constructed at the registration computer and transferred to the personal computer. The tamperproof overlay includes critical portions of the main program, without which the main program would not operate and also contains licensee identification and license control data.

581 citations