US2014172728A1PendingUtilityA1

Trusted Information Exchange Based On Trust Agreements

61
Assignee: ORACLE INT CORPPriority: Sep 16, 2005Filed: Feb 19, 2014Published: Jun 19, 2014
Est. expirySep 16, 2025(expired)· nominal 20-yr term from priority
G06Q 50/184H04L 63/0428G06F 21/10G06F 21/57H04L 63/10G06Q 10/00H04L 63/08
61
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Techniques are provided for allowing organizations to preserve the trust and allow this trust to be propagated across multiple agencies and/or enterprises. A technology is provided that allows (mutually) trusted entities to share content (information, digital assets) over any protocol-based network such as the Internet based on granted rights and agreed conditions. In one embodiment, Trusted Information Exchange (TIE) systems have a Service Oriented Architecture (SOA) and use content (information, asset) repositories to store and forward content to trusted entities on the Internet. Techniques are provided to permit source TIE systems to manage the specific disposition and management of their assets to receiving TIE systems through directions conveyed in licenses that reflect a priori agreements.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A machine-executed method of exchanging digital information, comprising:
 sending over a network system, from a first system controlled by a first party, to a second system controlled by a second party, an agreement that is digitally signed by the first party and includes the digital identity of the second party;   wherein the agreement provides rights to the second party to perform operations relating to at least one digital asset, wherein the operations include at least one of:
 (a) using the at least one digital asset under terms specified in the agreement; and 
 (b) distributing the at least one digital asset to third-parties under terms specified in the agreement; 
 (c) distributing the rights to use or distribute the asset to third-parties under terms specified in the agreement; 
   wherein the agreement includes translation/mapping rules between a first vocabulary used by the first party and a second vocabulary used by the second party;   wherein sending the agreement to the second party enables the second party to validate the agreement, at the second system, prior to the second party digitally signing the agreement, using said translation/mapping rules, to ensure the rights provided to the second party meet the second party's criteria for such rights;   receiving at the first system, from the second system, an agreement confirmation that is digitally signed by the second party; and   after receiving the agreement confirmation, providing the at least one at least one digital asset to the second party.   
     
     
         2 . The method of  claim 1  wherein:
 before the second system sends the agreement confirmation to the first system, the second system invokes an approval workflow to obtain approval confirmation from a user; and 
 the second system sends the agreement confirmation to the first system only after the approval workflow obtains approval confirmation from the user. 
 
     
     
         3 . The method of  claim 1  further comprising:
 generating audit information at the second system, wherein the audit information reflects events that occurred at the second system during mediation of the agreement or asset distribution to third parties; and 
 sending the audit information to the first system. 
 
     
     
         4 . The method of  claim 3  wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the agreement. 
     
     
         5 . The method of  claim 1  further comprising:
 generating audit information at the second system, wherein the audit information reflects events that occurred at the second system during mediation of the agreement between the first party and the second party; 
 sending the audit information to the first system. 
 
     
     
         6 . The method of  claim 1  further comprising:
 generating audit information at the second system; 
 wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the agreement. 
 
     
     
         7 . The method of  claim 1  wherein the agreement allows the second party to distribute the asset to third parties under terms specified in the agreement, and the method further includes:
 sending over a network system, from the second system to a third system controlled by a third party, a second agreement that is digitally signed by the second party including the digital identity of the third party; 
 wherein the second agreement provides rights to the third party to perform operations relating to at least one at least one digital asset, wherein the operations include at least one of
 (a) using the at least one at least one digital asset under terms specified in the second agreement; and 
 (b) distributing the at least one at least one digital asset to other third-parties under terms specified in the second agreement; 
 
 wherein the second agreement includes translation/mapping rules between the second vocabulary used by the second party and a third vocabulary used by the third party; 
 wherein sending the second agreement to the third party enables the third party to validate the second agreement, at the third system, prior to the third party digitally signing the agreement, using said translation/mapping rules, to ensure the rights provided to the third party meet the third party's criteria for such rights; 
 receiving at the second system, from the third system, a second agreement confirmation that is digitally signed by the third party; and 
 after receiving the second agreement confirmation, the second system providing the at least one digital asset to the third party. 
 
     
     
         8 . The method of  claim 7  wherein
 the second agreement is nested in the agreement; and 
 the agreement allows the second party to distribute the at least one digital asset to third parties only if the second party first binds the third parties to the terms of the second agreement. 
 
     
     
         9 . The method of  claim 7  wherein:
 the second agreement includes one or more restrictions on third party usage of the at least one digital asset; 
 at least one of the one or more restrictions is a restriction that cannot be monitored by the second party; and 
 the agreement allows the second party to distribute the at least one digital asset to third parties only if the second party first binds the third parties to the terms of the second agreement. 
 
     
     
         10 . The method of  claim 7  further comprising:
 generating audit information at the third system, wherein the audit information reflects events that occurred at the third system during mediation of the second agreement between the second party and the third party; 
 sending the audit information to the second system. 
 
     
     
         11 . The method of  claim 7  further comprising:
 generating audit information at the third system; 
 wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the second agreement. 
 
     
     
         12 . The method of  claim 1  wherein the agreement allows the second party to distribute the asset to third parties under terms specified in the agreement without allowing the second party to internally consume the asset. 
     
     
         13 . The method of  claim 1  wherein said agreement is a Rights Expression Language (REL) document. 
     
     
         14 . The method of  claim 1  wherein the agreement includes a definition of the at least one digital asset. 
     
     
         15 . The method of  claim 1  wherein providing the at least one digital asset to the second party includes:
 the first system receiving a query from the second system; and 
 the first system providing said at least one digital asset in response to said query. 
 
     
     
         16 . The method of  claim 15  further comprising:
 the first system receiving a second query from the second system; 
 the first system determining that the second query asks for information that includes assets not covered by said agreement; and 
 the first system responding to said second query with an error message or instructions, services, etc. to acquire requested asset agreement. 
 
     
     
         17 . The method of  claim 15  further comprising:
 the first system receiving a second query from the second system; 
 the first system determining that the second query asks for information that includes assets not covered by said agreement; and 
 the first system responding to said second query with information that does not include said assets that are not covered by said agreement. 
 
     
     
         18 . A machine-executed method of exchanging digital information, comprising:
 sending over a network system, from a first system controlled by a first party, to a second system controlled by a second party, a first agreement that is digitally signed by the first party and includes the digital identity of the second party;   wherein the first agreement provides rights to the second party to distribute rights relating to at least one digital asset to third-parties under terms specified in the agreement;   receiving at the first system, from the second system, a first agreement confirmation that is digitally signed by the second party;   after the first agreement confirmation is received by the first system, sending over a network system, from the second system to a third system controlled by a third party, a second agreement that is digitally signed by the second party and includes the digital identity of the third party;   wherein the second agreement provides rights to the third party to use the at least one digital asset under terms specified in the second agreement;   receiving at the first system, from the third system, a second agreement confirmation that indicates that the third system validated and accepted the second agreement, wherein the second agreement confirmation is digitally signed by the third party; and   after receiving the second agreement confirmation at the first system, the first system providing the at least one digital asset to the third system.   
     
     
         19 . The method of  claim 18  further comprising:
 generating audit information at the second system, wherein the audit information reflects events that occurred at the second system during mediation of the first agreement between the first party and the second party; 
 sending the audit information to the first system. 
 
     
     
         20 . The method of  claim 18  further comprising:
 generating audit information at the second system; 
 wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the first agreement. 
 
     
     
         21 . The method of  claim 18  further comprising:
 generating audit information at the third system, wherein the audit information reflects events that occurred at the third system during mediation of the second agreement between the second party and the third party; 
 sending the audit information to the second system. 
 
     
     
         22 . The method of  claim 18  further comprising:
 generating audit information at the third system; 
 wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the second agreement. 
 
     
     
         23 . The method of  claim 18  wherein the third system sends the second agreement confirmation to the first system without sending any confirmation to the second system that the third system validated and accepted the second agreement. 
     
     
         24 . The method of  claim 18  wherein the first system provides the at least one digital asset to the third system without providing the at least one digital asset to the second system. 
     
     
         25 . The method of  claim 18  wherein the first agreement includes translation/mapping rules between a first vocabulary used by the first party and a second vocabulary used by the second party; and
 wherein sending the first agreement to the second party enables the second party to validate the first agreement, at the second system, prior to the second party digitally signing the first agreement, using said translation/mapping rules, to ensure the rights provided to the second party meet the second party's criteria for such rights. 
 
     
     
         26 . The method of  claim 18  wherein the second agreement includes translation/mapping rules between the second vocabulary used by the second party and a third vocabulary used by the third party; and
 wherein sending the second agreement to the third party enables the third party to validate the second agreement, at the third system, prior to the third party digitally signing the second agreement, using said translation/mapping rules, to ensure the rights provided to the third party meet the third party's criteria for such rights. 
 
     
     
         27 . A non-transitory computer-readable storage medium storing one or more sequences of instructions which, when executed by one or more processors, causes:
 sending over a network system, from a first system controlled by a first party, to a second system controlled by a second party, an agreement that is digitally signed by the first party and includes the digital identity of the second party;   wherein the agreement provides rights to the second party to perform operations relating to at least one digital asset, wherein the operations include at least one of:
 (a) using the at least one digital asset under terms specified in the agreement; and 
 (b) distributing the at least one digital asset to third-parties under terms specified in the agreement; 
 (c) distributing the rights to use or distribute the asset to third-parties under terms specified in the agreement; 
   wherein the agreement includes translation/mapping rules between a first vocabulary used by the first party and a second vocabulary used by the second party;   wherein sending the agreement to the second party enables the second party to validate the agreement, at the second system, prior to the second party digitally signing the agreement, using said translation/mapping rules, to ensure the rights provided to the second party meet the second party's criteria for such rights;   receiving at the first system, from the second system, an agreement confirmation that is digitally signed by the second party; and   after receiving the agreement confirmation, providing the at least one digital asset to the second party.   
     
     
         28 . The non-transitory computer-readable storage medium as recited in  claim 27 , wherein:
 before the second system sends the agreement confirmation to the first system, the second system invokes an approval workflow to obtain approval confirmation from a user; and   the second system sends the agreement confirmation to the first system only after the approval workflow obtains approval confirmation from the user.   
     
     
         29 . The non-transitory computer-readable storage medium as recited in  claim 27 , wherein the instructions which, when executed by one or more processors, further cause:
 generating audit information at the second system, wherein the audit information reflects events that occurred at the second system during mediation of the agreement or asset distribution to third parties; and   sending the audit information to the first system.   
     
     
         30 . The non-transitory computer-readable storage medium as recited in  claim 29 , wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the agreement. 
     
     
         31 . The non-transitory computer-readable storage medium as recited in  claim 27 , wherein the instructions which, when executed by one or more processors, further cause:
 generating audit information at the second system, wherein the audit information reflects events that occurred at the second system during mediation of the agreement between the first party and the second party;   sending the audit information to the first system.   
     
     
         32 . The non-transitory computer-readable storage medium as recited in  claim 27 , wherein the instructions which, when executed by one or more processors, further cause:
 generating audit information at the second system;   wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the agreement.   
     
     
         33 . The non-transitory computer-readable storage medium as recited in  claim 27 , wherein the agreement allows the second party to distribute the asset to third parties under terms specified in the agreement, wherein the instructions which, when executed by one or more processors, further cause:
 sending over a network system, from the second system to a third system controlled by a third party, a second agreement that is digitally signed by the second party including the digital identity of the third party;   wherein the second agreement provides rights to the third party to perform operations relating to at least one digital asset, wherein the operations include at least one of
 (a) using the at least one digital asset under terms specified in the second agreement; and 
 (b) distributing the at least one digital asset to other third-parties under terms specified in the second agreement; 
   wherein the second agreement includes translation/mapping rules between the second vocabulary used by the second party and a third vocabulary used by the third party;   wherein sending the second agreement to the third party enables the third party to validate the second agreement, at the third system, prior to the third party digitally signing the second agreement, using said translation/mapping rules, to ensure the rights provided to the third party meet the third party's criteria for such rights;   receiving at the second system, from the third system, a second agreement confirmation that is digitally signed by the third party; and   after receiving the second agreement confirmation, the second system providing the at least one digital asset to the third party.   
     
     
         34 . The non-transitory computer-readable storage medium as recited in  claim 33 , wherein:
 the second agreement is nested in the agreement; and   the agreement allows the second party to distribute the at least one digital asset to third parties only if the second party first binds the third parties to the terms of the second agreement.   
     
     
         35 . The non-transitory computer-readable storage medium as recited in  claim 33 , wherein:
 the second agreement includes one or more restrictions on third party usage of the at least one digital asset;   at least one of the one or more restrictions is a restriction that cannot be monitored by the second party; and   the agreement allows the second party to distribute the at least one digital asset to third parties only if the second party first binds the third parties to the terms of the second agreement.   
     
     
         36 . The non-transitory computer-readable storage medium as recited in  claim 33 , wherein the instructions which, when executed by one or more processors, further cause:
 generating audit information at the third system, wherein the audit information reflects events that occurred at the third system during mediation of the second agreement between the second party and the third party;   sending the audit information to the second system.   
     
     
         37 . The non-transitory computer-readable storage medium as recited in  claim 33 , wherein the instructions which, when executed by one or more processors, further cause:
 generating audit information at the third system;   wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the second agreement.   
     
     
         38 . The non-transitory computer-readable storage medium as recited in  claim 27 , wherein the agreement allows the second party to distribute the asset to third parties under terms specified in the agreement without allowing the second party to internally consume the asset. 
     
     
         39 . The non-transitory computer-readable storage medium as recited in  claim 27 , wherein said agreement is a Rights Expression Language (REL) document. 
     
     
         40 . The non-transitory computer-readable storage medium as recited in  claim 27 , wherein the agreement includes a definition of the at least one digital asset. 
     
     
         41 . The non-transitory computer-readable storage medium as recited in  claim 27 , wherein providing the at least one digital asset to the second party includes:
 the first system receiving a query from the second system; and   the first system providing said at least one digital asset in response to said query.   
     
     
         42 . The non-transitory computer-readable storage medium as recited in  claim 41 , the instructions which, when executed by one or more processors, further cause:
 the first system receiving a second query from the second system;   the first system determining that the second query asks for information that includes assets not covered by said agreement; and   the first system responding to said second query with an error message or instructions, services, etc. to acquire requested asset agreement.   
     
     
         43 . The non-transitory computer-readable storage medium as recited in  claim 41 , the instructions which, when executed by one or more processors, further cause:
 the first system receiving a second query from the second system;   the first system determining that the second query asks for information that includes assets not covered by said agreement; and   the first system responding to said second query with information that does not include said assets that are not covered by said agreement.   
     
     
         44 . A non-transitory computer-readable storage medium storing one or more sequences of instructions which, when executed by one or more processors, causes:
 sending over a network system, from a first system controlled by a first party, to a second system controlled by a second party, a first agreement that is digitally signed by the first party and includes the digital identity of the second party;   wherein the first agreement provides rights to the second party to distribute rights relating to the at least one digital asset to third-parties under terms specified in the agreement;   receiving at the first system, from the second system, a first agreement confirmation that is digitally signed by the second party;   after the first agreement confirmation is received by the first system, sending over a network system, from the second system to a third system controlled by a third party, a second agreement that is digitally signed by the second party and includes the digital identity of the third party;   wherein the second agreement provides rights to the third party to use the at least one digital asset under terms specified in the second agreement;   receiving at the first system, from the third system, a second agreement confirmation that indicates that the third system validated and accepted the second agreement, wherein the second agreement confirmation is digitally signed by the third party; and   after receiving the second agreement confirmation at the first system, the first system providing the at least one digital asset to the third system.   
     
     
         45 . The non-transitory computer-readable storage medium as recited in  claim 44 , wherein the instructions which, when executed by one or more processors, further cause:
 generating audit information at the second system, wherein the audit information reflects events that occurred at the second system during mediation of the first agreement between the first party and the second party;   sending the audit information to the first system.   
     
     
         46 . The non-transitory computer-readable storage medium as recited in  claim 44 , wherein the instructions which, when executed by one or more processors, further cause:
 generating audit information at the second system;   wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the first agreement.   
     
     
         47 . The non-transitory computer-readable storage medium as recited in  claim 44 , wherein the instructions which, when executed by one or more processors, further cause:
 generating audit information at the third system, wherein the audit information reflects events that occurred at the third system during mediation of the second agreement between the second party and the third party;   sending the audit information to the second system.   
     
     
         48 . The non-transitory computer-readable storage medium as recited in  claim 44 , wherein the instructions which, when executed by one or more processors, further cause:
 generating audit information at the third system;   wherein the step of generating audit information includes invoking an audit manager for auditable events, wherein said auditable events include repository transactions and send/receive message completions that occurred during mediation of the second agreement.   
     
     
         49 . The non-transitory computer-readable storage medium as recited in  claim 44 , wherein the third system sends the second agreement confirmation to the first system without sending any confirmation to the second system that the third system validated and accepted the second agreement. 
     
     
         50 . The non-transitory computer-readable storage medium as recited in  claim 44 , wherein the first system provides the at least one digital asset to the third system without providing the at least one digital asset to the second system. 
     
     
         51 . The non-transitory computer-readable storage medium as recited in  claim 44 , wherein the first agreement includes translation/mapping rules between a first vocabulary used by the first party and a second vocabulary used by the second party; and
 wherein sending the first agreement to the second party enables the second party to validate the agreement, at the second system, prior to the second party digitally signing the agreement, using said translation/mapping rules, to ensure the rights provided to the second party meet the second party's criteria for such rights.   
     
     
         52 . The non-transitory computer-readable storage medium as recited in  claim 44 , wherein the second agreement includes translation/mapping rules between the second vocabulary used by the second party and a third vocabulary used by the third party; and
 wherein sending the second agreement to the third party enables the third party to validate the second agreement, at the third system, prior to the third party digitally signing the agreement, using said translation/mapping rules, to ensure the rights provided to the third party meet the third party's criteria for such rights.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.