Systems and methods for secure transaction management and electronic rights protection
Abstract
The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.”
Claims
exact text as granted — not AI-modified1 . A computer-readable medium comprising program code, the program code being operable, when executed by an electronic appliance, to cause the electronic appliance to perform steps comprising:
using a first electronic budget to govern a first type of use of a piece of electronic content; and using a second electronic budget to govern a second type of use of the piece of electronic content; wherein the program code is resistant to tampering by a user of the electronic appliance.
2 . The computer-readable medium of claim 1 , in which the first type of use comprises viewing the piece of electronic content.
3 . The computer-readable medium of claim 2 , in which the second type of use comprises printing the piece of electronic content.
4 . The computer-readable medium of claim 1 , further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the step of:
using control information specifying a time-based limitation on access to or other use of the piece of electronic content to govern the first type of use of the piece of electronic content and the second type of use of the piece of electronic content.
5 . The computer-readable medium of claim 1 , further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the steps of:
receiving the piece of electronic content in a secure electronic container; and receiving, separately from the piece of electronic content, the first electronic budget.
6 . A method comprising:
accessing a first record containing information directly or indirectly identifying components of a first component assembly, at least one of the components comprising a first load module including programming; checking a digital signature of the first record; securely assembling the components of the first component assembly to form at least a portion of the first component assembly; and executing at least some of the programming.
7 . The method of claim 6 , further comprising:
accessing a second record containing information directly or indirectly identifying components of a second component assembly, at least one of the components comprising the first load module; checking a digital signature of the second record; and securely assembling the components of the second component assembly to form at least a portion of the second component assembly.
8 . The method of claim 6 , in which the first component assembly is configured to perform at least one rights management task selected from the group consisting of: metering use of protected content; maintaining a budget related to use of protected content; opening a secure electronic container comprising protected content; and auditing use of protected content.
9 . The method of claim 7 , in which the first component assembly is configured to perform a first process and the second component assembly is configured to perform a second process that is different, at least in part, from the first process.
10 . The method of claim 6 , in which the step of securely assembling the components of the first component assembly includes retrieving an encrypted component from an insecure storage medium, decrypting the component, and storing the component on a secure storage medium.
11 . The method of claim 10 , in which the secure storage medium comprises random access memory of a secure processing unit.
12 . The method of claim 6 , in which the first record includes one or more components of the first component assembly.
13 . A method comprising:
receiving a first electronic container, the first electronic container comprising an encrypted first content object, the first electronic container further comprising first control information specifying one or more permissions relating to access to or other use of the first content object, the first control information further comprising an encrypted first key for use in decrypting the first content object; using tamper-resistant software to decrypt the first key, use the first key to decrypt the first content object, and govern access to or other use of the first content object in accordance with the one or more permissions specified by the first control information; receiving a second electronic container, the second electronic container comprising an encrypted second content object or a reference thereto; receiving, separately from the second electronic container, second control information specifying one or more permissions relating to access to or other use of the second content object, the second control information further comprising an encrypted second key for use in decrypting the second content object; and using the tamper-resistant software to decrypt the second key, use the second key to decrypt the second content object, and govern access to or other use of the second content object in accordance with the one or more permissions specified by the second control information.
14 . The method of claim 13 , in which the second electronic container comprises a reference to the second content object, the reference comprising an identifier of a remote location at which the second content object is stored, the method further comprising:
obtaining the encrypted second content object from the remote location.
15 . A method comprising:
receiving a request for usage information at a first electronic appliance, the first electronic appliance comprising a protected processing environment for governing access to or other use of electronic content; validating that the request is from a trusted source; retrieving usage information related to access to or other use of one or more pieces of electronic content by the electronic appliance; and sending the usage information to a second electronic appliance, the second electronic appliance being located remotely from the first electronic appliance.
16 . The method of claim 15 , further comprising:
receiving an acknowledgement from the second electronic appliance, the acknowledgement indicating receipt of the usage information; modifying or deleting the usage information on the first electronic appliance at least in part in response to having received the acknowledgement.
17 . The method of claim 15 , further comprising:
encrypting and/or digitally signing the usage information prior to the sending step.
18 . The method of claim 16 , further comprising:
determining that a predefined amount of time has transpired after sending the usage information, but before an acknowledgement has been received; and resending the usage information to the second electronic appliance.
19 . The method of claim 15 , further comprising:
receiving a secure container comprising electronic content; receiving control information associated with the electronic content; and using the protected processing environment to apply the control information to govern access to or other use of the electronic content.
20 . The method of claim 19 , further comprising:
recording, in accordance with the control information, usage information related to access to or other use of the electronic content.Join the waitlist — get patent alerts
Track US2008148056A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.