[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

EP1317702A4 - Anbieten und gewähren von rechten - Google Patents

Anbieten und gewähren von rechten

Info

Publication number
EP1317702A4
EP1317702A4 EP02734672A EP02734672A EP1317702A4 EP 1317702 A4 EP1317702 A4 EP 1317702A4 EP 02734672 A EP02734672 A EP 02734672A EP 02734672 A EP02734672 A EP 02734672A EP 1317702 A4 EP1317702 A4 EP 1317702A4
Authority
EP
European Patent Office
Prior art keywords
rights
consumer
offer
license
meta
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP02734672A
Other languages
English (en)
French (fr)
Other versions
EP1317702A2 (de
Inventor
Xin Wang
Bijan Tadayon
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Contentguard Holdings Inc
Original Assignee
Contentguard Holdings Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Contentguard Holdings Inc filed Critical Contentguard Holdings Inc
Publication of EP1317702A2 publication Critical patent/EP1317702A2/de
Publication of EP1317702A4 publication Critical patent/EP1317702A4/de
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Definitions

  • the present invention relates to a method and system for digital rights management and, more particularly, to a method and system for automatically offering and granting rights over a communications network or other channels.
  • IPRM Intelligent Property Rights Management
  • DPRM Digital Property Rights Management
  • IPM Intelligent Property Management
  • RM Remote Lights Management
  • ECM Electronic Copyright Management
  • a "secure container” (or simply an encrypted document) offers a way to keep document contents encrypted until a set of authorization conditions are met and some copyright terms are honored (e.g., payment for use). After the various conditions and terms are verified with the document provider, the document is released to the user in clear form. Commercial products such as CryptolopesTM and DigiboxesTM fall into this category.
  • the secure container approach provides a solution to protecting the document during delivery over insecure channels, but does not provide any mechanism to prevent legitimate users from obtaining the clear document and then using and redistributing it in violation of content owners' intellectual property.
  • trusted system In the "trusted system” approach, the entire system is responsible for preventing unauthorized use and distribution of the document. Building a trusted system usually entails introducing new hardware such as a secure processor, secure storage and secure rendering devices. This also requires that all software applications that run on trusted systems be certified to be trusted. While building tamper-proof trusted systems is a real challenge to existing technologies, current market trends suggest that open and untrusted systems, such as PC's and workstations using browsers to access the Web, will be the dominant systems used to access digital works.
  • Some DRM systems allow content owners to specify usage rights and conditions, and associate them with content. These usage rights control how the recipient thereof can use the content. Usually after a content distributor or consumer has completed selecting and ordering specific content, the content is delivered either electronically from some content repository or via a conventional distribution channel to the recipient, such as tangible media sent via a common carrier. Corresponding DRM systems used by the recipient, for example the distributor or consumer, will then interpret the rights and conditions associated with the content, and use them to control how the content is distributed and/or used. Examples of usage rights include view, print and extract the content, and distribute, repackage and loan content. Associated conditions may include any term upon which the rights may be contingent such as payment, identification, time period, or the like.
  • U.S. patent 5,634,012 discloses a system for controlling the distribution of digital documents. Each rendering device has a repository associated therewith. A predetermined set of usage transaction steps define a protocol used by the repositories for enforcing usage rights associated with a document. Usage rights persist with the document content. The usage rights can permit various manners of use such as, viewing only, use once, distribution, and the like. Usage rights can be contingent on payment or other conditions. [0009] However, there are limitations associated with the above-mentioned paradigms wherein only usage rights and conditions associated with content are specified by content owners or other grantors of rights.
  • a first aspect of the invention is a method for transferring usage rights adapted to be associated with items.
  • the method comprises generating, by a supplier, at least one first offer containing usage rights and meta-rights for the item, said usage rights defining a manner of use for the items, said meta- rights specifying rights to derive usage rights or other meta-rights, presenting said offer to a first consumer, receiving a selection from the first consumer indicating desired usage rights and meta-rights, and generating a first license granting the desired usage rights and meta-rights to the first consumer.
  • a second aspect of the invention is a system for transferring usage rights adapted to be associated with an item to be licensed in multi-tier channels of distribution with downstream rights and conditions assigned at least one level.
  • the system comprises a supplier component, comprising a supplier user interface module, an offer generator module for generating an offer containing at least usage rights and of meta-rights, a rights composer module for composing a draft license, and a repository for supplier's rights, a supplier management database.
  • the system further comprises a consumer component comprising a consumer user interface module, an offer- consideration module configured to analyze the offers generated by the supplier component and select offers based on the analysis, and a repository for consumer's rights, a consumer management database.
  • a third aspect of the invention is a method for generating a license to digital content to be used within a system for at least one of managing use and distribution of the digital content.
  • the method comprises presenting a consumer with an offer including meta-rights, receiving a selection by the consumer of at least one meta-right in the offer, generating a license based on the selection, wherein the license permits the consumer to exercise the at least one meta-right and permits the consumer to offer at least one derived right derived from the at least one meta-right and generate a license including the at least one derived right.
  • Fig. 1 is a schematic diagram of a three-tier model for content distribution
  • FIG. 2 is a schematic diagram illustrating rights offering and granting processes in the model of Fig. 1 ;
  • FIG. 3(a) is a schematic diagram of a simple supplier-consumer push model for rights generating, issuing and exercising;
  • FIG. 3(b) is a schematic diagram of a simple supplier-consumer pull model for rights generating, issuing and exercising;
  • FIG. 4 is a block diagram of a rights offering-granting architecture in accordance with the preferred embodiment
  • Figs. 5a and 5b are workflow diagrams for examples of offering and granting rights between a rights supplier and a rights consumer with a push and pull model respectively;
  • Fig. 6 is a flow chart of a rights offer generation process in accordance with the preferred embodiment
  • Fig. 7 is a flow chart of a rights offer consideration process in accordance with the preferred embodiment
  • Fig. 8 is a flow chart of a rights offer customization process in accordance with the preferred embodiment
  • Fig. 9 is block diagram of a DRM system that may be utilized in connection with the preferred embodiment
  • Fig. 10 is a block diagram of an exemplary structure of a license containing usage rights and meta-rights of the preferred embodiment.
  • FIG. 11 is a schematic illustration of a rights label of the preferred embodiment.
  • Fig. 9 illustrates DRM System 10 that includes a user activation component, in the form of activation server 20, that issues public and private key pairs, or other identification mechanisms, to content users in a protected fashion, as is well known.
  • a user activation component in the form of activation server 20, that issues public and private key pairs, or other identification mechanisms, to content users in a protected fashion, as is well known.
  • the user installs software that works with, or includes, a rendering application for a particular content format.
  • the software is installed in client environment 30, a computer associated with the content recipient, for example.
  • the software is part of DRM 10 system and is used to enforce usage rights for protected content.
  • Client component 60 preferably is tamper resistant and contains the set of public and private keys issued by activation server 20 as well as other components, such as rendering components for example.
  • Rights label 40 is associated with content 42 and specifies usage rights and meta-rights that are available to a recipient, i.e. a consumer of rights, when corresponding conditions are satisfied.
  • License Server 50 manages the encryption keys and issues licenses 52 for protected content 42.
  • Licenses 52 embody the actual granting of rights, including usage rights and meta-rights, to an end user.
  • rights offer 40 may permit a user to view content for a fee of five dollars and print content for a fee of ten dollars, or it may permit a user to offer rights to another user, for example, by utilizing the concept of meta-rights described below. License 52 can be issued for the view right when the five dollar fee has been paid.
  • Client component 60 interprets and enforces the rights, including usage rights and meta-rights, that have been specified in the license. Rights label 40 and license 52 are described in detail below.
  • Fig. 11 illustrates rights label 40 in accordance with the preferred embodiment.
  • Rights label 40 includes plural rights options 44.
  • Each rights option 44 includes usage rights 44a, conditions 44b, and content specification 44c.
  • Content specification 44c can include any mechanism for referencing, calling, locating, or otherwise specifying content 42 associated with rights offer 44.
  • license 52 includes license 52a, grant 52b, and digital signature 52c.
  • Grant 52b includes granted usage rights and/or meta- rights selected from label.
  • the structure of the grant also includes one or more principals, to whom the specified usage rights and/or meta-rights are granted, a list of conditions, and state variables required to enforce the license.
  • Like usage rights, access and exercise of the granted meta-rights are controlled by the condition list and state variables as described below.
  • Clear (unprotected) content can be prepared with document preparation application 72 installed on computer 70 associated with a content publisher, a content distributor, a content service provider, or any other party.
  • Preparation of content consists of specifying the usage rights, meta-rights, and conditions under which content 42 can be used and distributed, associating rights label 40 with content 42 and protecting content 42 with some crypto algorithm.
  • a rights language such as XrMLTM can be used to specify the rights and conditions.
  • the usage rights and meta-rights can be specified in any manner.
  • the rights can be in the form of a predefined specification or template that is merely associated with the content. Accordingly, the process of specifying rights refers to any process for associating rights with content.
  • Rights label 40 associated with content 42 and the encryption key used to encrypt the content can be transmitted to license server 50.
  • Rights can specify transfer rights, such as distribution rights, and can permit granting of rights to others or the derivation of rights. Such rights are referred to as "meta-rights". Meta-rights are the rights that one has to manipulate, modify, or otherwise derive other meta-rights or usage rights. Meta-rights can be thought of as usage rights to usage rights. Meta-rights can include rights to offer, grant, obtain, transfer, delegate, track, surrender, exchange, and revoke usage rights to/from others. Meta-rights can include the rights to modify any of the conditions associated with other rights. For example, a meta-right may be the right to extend or reduce the scope of a particular right. A meta-right may also be the right to extend or reduce the validation period of a right.
  • Conditions must be satisfied in order to exercise the manner of use in a specified right.
  • a condition may be the payment of a fee, submission of personal data, or any other requirement desired before permitting exercise of a manner of use.
  • Conditions can also be "access conditions" for example, access conditions can apply to a particular group of users, say students in a university, or members of a book club. In other words, the condition is that the user is a particular person or member of a particular group. Rights and conditions can exist as separate entities or can be combined.
  • State variables track potentially dynamic states conditions.
  • State variables are variables having values that represent status of an item, usage rights, license or other dynamic conditions. State variables can be tracked, by clearinghouse 90 license or server 30 another device, based on identification mechanisms in license 52. Further, the value of state variables can be used in a condition. For example, a usage right can be the right to print content 42 three times. Each time the usage right is exercised, the value of the state variable "number of prints" is incremented. In this example, when the value of the state variable is three, the condition is not longer satisfied and content 42 cannot be printed. Another example of a state variable is time. A condition of license 52 may require that content 42 is printed within thirty days. A state variable can be used to track the expiration of thirty days. Further, the state of a right can be tracked as a collection of state variables. The collection of the change is the state of a usage right represents the usage history of that right.
  • a typical workflow for DRM system 10 is described below.
  • a recipient such as a user, operating within client environment 30 is activated for receiving content by activation server 20.
  • This activation process can be accomplished at any time prior to the issuing of a license.
  • a user wishes to use protected content 42, the, user makes a request for the content 42.
  • a user might browse a Web site running on Web server 80 associated with a grantor of rights such as a content distributor, using a browser installed in client environment 30, and attempt to download protected content 42.
  • the user may go through a series of steps possibly including a fee transaction (as in the sale of content) or other transactions (such as collection of information).
  • Web server 80 contacts license server 50 through a secure communications channel, such as a channel using a Secure Sockets Layer (SSL).
  • License server 50 then generates license 52 for the content and Web server 80 causes both protected content 42 and license 52 to be downloaded.
  • License 52 can be downloaded from license server 50 or an associated device.
  • Content 42 can be downloaded from computer 70 associated with a publisher, distributor, or other party.
  • Client component 60 in client environment 30 will then proceed to interpret license 52 and allow use of content 42 based on the rights and conditions specified in license 52.
  • the interpretation and enforcement of usage rights are well known generally. The steps above may take place sequentially or approximately simultaneously or in various order.
  • DRM system 10 addresses security aspects of protecting content 42.
  • DRM system 10 may authenticate license 52 that has been issued by license server 50.
  • One way to accomplish such authentication is for application 60 to determine if the licenses can be trusted.
  • application 60 has the capability to verify and validate the cryptographic signature of digital signature 52c, or other identifying characteristic of the license.
  • client environment 30 and license server 50 receive a set of keys in a tamper-resistant software "package" that also includes other components, such as the necessary components for activated client environment 30 to verify signature 52 of license 52 in a known manner.
  • the example above is merely one way to effect a DRM system.
  • the license and content can be distributed from different entities.
  • rights offer 40 can be associated with content by a party other than the party preparing the content.
  • clearinghouse 90 can be used to process payment transactions and verify payment prior to issuing a license.
  • the supplier and consumer For any set of rights, there are two kinds of entities involved, the "supplier” and the “consumer”.
  • the function of the supplier is to offer , and possibly grant, the rights, and the function of the consumer is to select, and possibly exercise the rights.
  • Both the supplier and consumer may actually represent two or more entities. In general, multiple entities may collectively make an offer and grant rights to multiple entities.
  • the supplier and consumer represent any two entities in the content value chain that have a direct relationship with each other regarding the granting of rights. At the beginning of the value chain, the supplier and consumer may be author and publisher.
  • the supplier and consumer may be a publisher and another publisher (for content aggregation), a publisher and distributor (for content distribution), a distributor and another distributor (for multi-tier content distribution), a distributor and a retailer (for content retailing), a retailer and a consumer (for content consumption), and a consumer and another consumer (for content supper-distribution or personal lending).
  • An "offer of rights” or “rights offer” expresses how a consumer (e.g. a content distributor or user) can acquire a particular instance of content together with its associated usage rights and/or meta-rights.
  • An offer may or may not contain financial terms.
  • An offer is an expression of mere willingness to commerce negotiation and also an expression of willingness to grant on terms stated.
  • An offer may be expressed in the form of a rights label.
  • a "consideration of rights” is a process as part of the rights granting in which the rights consumer has examined the rights being offered and possibly bargained them and associated terms and conditions.
  • a "choice of rights” is a selection of rights and their associated terms and conditions from a rights offer. It indicates the intent of the consumer to accept these rights and the corresponding terms and conditions.
  • selection can comprise selecting one option 44 from label 40.
  • Customerization of rights is a process as part of the rights granting in which the rights supplier assembles rights and terms and conditions based on a choice of the rights consumer. The output of this process can be a draft license to be accepted by the rights consumer.
  • a "license of rights” is an expression of rights and possibly conditions accepted and agreed upon by the rights supplier and consumer. It is the output of the rights offering and granting process.
  • a license is a grant to exercise the rights that govern the usage (possibly including further distribution) of content or other items.
  • a rights label such as rights label 40, may contain a number of options 44 allowing the consumer to make a selection and conduct negotiation (if permitted), while license 52 contains rights the consumer has selected and accepted. Note that the accepted rights may include a right to present offers to others or make selections of offers.
  • FIG. 1 An example of a distribution chain model is illustrated in Fig. 1.
  • the distribution chain includes a content provider 100, distributor 110, and end user 120.
  • content may be prepared in the manner described above. It is assumed that the content has already been prepared in the model of Fig. 1.
  • Fig. 1 is directed to the transfer of content and shows that, in this example, provider 100 may publish content to distributor 110 or receive content for reuse from distributor 110.
  • Distributor 110 may in turn distribute content to user 120 or receive returned content form user 120.
  • User 100 can use content.
  • provider 100 can aggregate content from others, distributor 110, can receive content from other distributors for redistribution, and user 120 can share content with the other users. It is clear that there are plural stages in the content life cycle and plural relationships between the various parties. A precise and consistent specification of rights at the different stages of the life cycle and relationships is important and crucial to persistent protection of content in multi-tier distribution and usage.
  • Fig. 2 illustrates the flow of rights in the same model, including rights generating, aggregating, issuing, relinquishing, driving, granting, surrendering, delegating and exercising.
  • the model of Fig. 2 includes the same entities, provider 100, distributor 110, and user 120. It can be seen that, with respect to the flow of rights, each party can grant and accept rights. User 120 can grant and accept rights from other users, a process called "delegation", in this example.
  • the model of Fig. 2 covers many specific content publishing, distribution and use relationships. Other models can be derived from on this model by a different consolidation or segregation of the parties. For example, every provider can be a distributor. This is "direct publishing", which allows individual authors to distribute/sell their content without any intermediate publisher. Further, every consumer can be a potential distributor. This allows consumers to pass content to each other. This includes supper-distribution, gifting, and personal lending. In a "Web community” and everyone is able to publish, distribute and consume content. "Content aggregation” allows publishers to compose content from other publishers into composite works. Site license and enterprise use allows sharing content among consumers.
  • Figs. 3(a) and 3(b) show a "push” model
  • Fig. 3(b) shows a "pull” model.
  • rights supplier 200 initiates the rights offering and granting process by generating an offer and granting the rights to the rights consumer 210.
  • rights consumer 210 initiates the process by requesting an offer and accepting the rights from the rights supplier 200.
  • Architecture 400 can be implemented as a combination of computer hardware and software and includes rights supplier component 402, rights consumer component 438 and communication channel 422 linking these two components.
  • communication channel 42 can be Internet, a direct computer to computer connection, a LAN, a wireless connection or the like.
  • Supplier component 402 is associated with the supplier, i.e. the entity making rights available to a consumer who is the entity going to exercise, i.e., consume the rights.
  • the supplier could be the content owner or provider, or could be a distributor or any "middle-man," such as a retailer or operator of a web site.
  • Consumer component 438 is associated with the consumer who could be the ultimate user (i.e., content consumer) or a "middle-man," such as a retailer, whole-seller, or reseller. Keep in mind that the consumer consumes rights and does not necessarily use (i.e. consume) the content. Both supplier component 402 and consumer component 438 can embody any type of hardware devices, and or software modules, such as a personal computer, a handheld computer, a mobile phone a server, a network, or any combination of the same. Supplier component 402 generates rights label 40 as offers, presents draft licenses and grants license 52 to the consumer. Consumer component 438 issues requests, select choices of options 44 from rights labels 40, generates counter offers, and accepts licenses 52.
  • Supplier component 402 and consumer component 438 can be embodied in the same device(s) and communication channel 422 can be an internal channel.
  • Supplier component 402 contains user interface module 404, communication interface module 420 identity module 406 repository 412 for supplier's rights (e.g., in the form of issued licenses) and database 414 for management related information.
  • User interface 404 accomplishes presentation to the user of the component functions and acceptance of user interactions in a known manner.
  • Communication interface 422 provides the proper formatting and protocols for messages between supplier component 402 and consumer component 438.
  • Identity module 406 ensures that the identity of supplier component 402 can be authenticated by consumer component 438 and may contain authentication information like a password, cryptographic keys or biometric information of the user of supplier component 402.
  • Rights repository 412 stores rights granted to the user of supplier component 402 and may include functions for indexing, searching and updating the rights stored within.
  • Management database 414 is used to archive information generated during the rights offering and granting processes. Such information includes information related to initial offers, consumer choices, possible counter-offers, agreements and final licenses.
  • Consumer component 438 includes user interface module 428, communication interface module 424, identity module 426, repository 434 for consumer's rights (e.g., in the form of issued licenses), and database 436 for management related information.
  • User interface 424 deals handles presentation to the user of the component and acceptance of user interactions.
  • Communication interface 422 provides the proper formatting and protocols for rights offering and granting messages between supplier component 402 and consumer component 438.
  • Identity module 426 ensures that the identity of the consumer component 438 can be authenticated by supplier component 402 and may contain authentication information like a password, cryptographic keys or biometric information of the user.
  • Rights repository 434 stores rights granted to the user of consumer component 438 and may include functions for indexing, searching and updating the rights stored within.
  • Management database 436 is used to archive information generated during the rights offering and granting process.
  • the information includes that related to offers 44, consumer choices, possible counter-offers, agreements and licenses 52.
  • database 436 can store information that is the same as or different from database 414 because the parties may interact with other parties and thus have different archived information.
  • Supplier component 402 also includes offer generator module 408 for generating offers, rights composer module 410 for composing licenses, offer templates module 418 for providing templates for generating offers based on previous transactions and common formality of offers, and consumer profiles module 416 for customizing and granting rights based on past consumer characteristics and relationships.
  • Consumer component 438 also includes offer analyzer module 430 for understanding rights and their terms and conditions presented within offers, a choice maker module 432 for selecting favorable options specified in offers, a supplier preference module 438 for describing any preferred suppliers based on past and existing supplier characteristics and relationships, and choice patterns module 440 for providing patterns and interests in selection options in offers.
  • the choice pattern module 440 may include a list of preferred suppliers or a list of lowest prices for the item of interest to the consumer.
  • Offer analyzer module 430 and choice maker module 432, respectively, may be combined into one module.
  • the process of offering and granting rights within architecture 400 is based on protocols followed by supplier component 402 and consumer component 438.
  • These protocols generally consist of an offer and acceptance of that offer.
  • the protocols include an offering of rights by one party to another and acceptance of that offer by the person to whom it is made.
  • An offer, once made, may be styled so that it may revoked before acceptance or the offeror could styled it so that it cannot be revoked at all or only under certain circumstances definable by the offeror.
  • An offer can also expire in various way, for example if a deadline for acceptance passes. If there is no specified deadline, then the offer could expire in a predetermined reasonable time, depending on the subject matter of the offer.
  • a reasonable time could be accord to the period of the content publication, for example.
  • a reasonable time could be any time before the availability of the content.
  • the rights supplier can dictate other terms of the acceptance, to which the rights consumer is bound. For example, the offer may require acceptance in sending back in a certain form via an email or through a certain web page interface.
  • Fig. 5(a) illustrates the workflow of protocol 500 of a push model for rights granting.
  • Supplier component 402 generates an offer of rights in the form of rights label 40 for example, with possibly many options 44, and sends it to consumer component 438 (510).
  • Consumer component 438 considers the offer and its possible options, and responds to supplier component 402 with a choice of any of the optional rights offer 44 (512).
  • Supplier component 402 customizes rights according to the consumer's response, and issues the rights the user of consumer component 432 (514) in the form of a draft license.
  • Consumer component 438 then accepts the draft license if it corresponds to the choice made and is otherwise acceptable (516). Upon acceptance, supplier component 402 generates license 52 and transmits license 52 to consumer component(518).
  • grant 52b of license 52 can include usage rights and/or meta-rights. Therefore license 52 can permit the user of consumer component 438 to grant rights to others in a similar fashion. However, the derivable rights are controlled by upstream parties through the use of meta-rights.
  • the protocol can include steps where supplier component 402 requests to make payment through a credit card of the user of consumer component 438, and the user component 402 provides the information and authorizes the charge. Both supplier component 402 and consumer component 438 can generate status reports on success or failure of the process. Further, parties can authenticate each other during the process and maintain authentication through the process.
  • Fig. 5(b) shows a protocol of pull model for rights granting.
  • consumer component 438 sends a request to supplier component 402 to indicate an interest in obtaining certain rights in content (520).
  • Supplier component 402 then responds with an offer, in the form of label 40 having plural offer options 44, covering the rights requested by consumer component 438, and sends the offer to consumer component 438 (522).
  • Consumer component 438 then considers the offer and its options, and responds to supplier component 402 with a choice of one of the offer options (524).
  • Supplier component 402 customizes rights according to the response, and grant the rights to the consumer in the form of a draft license (526).
  • Consumer component 438 then accepts the draft license (528) and supplier component 402 issues license 52 granting rights to consumer component 438 (530). Once again the rights can include meta-rights.
  • Fig. 6 illustrates the offer generation process 600 performed by offer generator module 408 in supplier component 402.
  • offer generation process 600 available rights are first collected in block 602. Rights may be available from a previous supplier by being derived from meta-rights granted to the supplier or may be originally created rights.
  • step 604 it is determined whether supplier has a right to make an offer to the consumer. For example, if the consumer is known to be a minor and the content is restricted to an adult consumer or if the consumer is on a list of those prohibited from receiving content, the supplier may not make an offer. In such case, the offer generation process terminates in step 606.
  • step 608 determines all the rights that can be offered to the consumer in step 608 by parsing the rights collected in step 602.
  • step 610 the process determines whether the consumer has requested any specific rights. If a request has been received, the process further filters the determined rights that can be offered, taking the received consumer requested rights into consideration and comparing them to the available rights. Then, the process determines whether an offer template needs to be applied in steps 614.
  • the consumer might be offered standard rights included in the template, such as printing right, archiving right, etc. of the content.
  • the offer template is then applied in steps 616.
  • human intervention may be provided to further make adjustments to the offer template or to any of the rights that are available for offering thus far in the process.
  • restrictions can be applied, through conditions and/or state variables. For example, a time restriction may be place on certain rights in step 620.
  • a digital signature or other authentication is provided with the collection of rights to be offered in step 622 and an authenticated offer, in the form of rights label 40 is made in step 624 and presented to consumer component 438 in step 624.
  • Fig. 8 illustrates rights customization process 800 which is performed by rights composer module 410 in supplier component 402.
  • consumer's choices are received in step 802.
  • Choices are rights and conditions of an option 44 selected label 40 of step 624 (Fig. 6).
  • the process determines if supplier component 402 has the right to grant rights to consumer component 438 in step 804. For example, if the consumer fails to meet a certain requirement, such as minimum age or proof of residence in a locale where content may be licensed, for example, granting a license may not be proper, and the rights customization process 800 terminates in step 806. Otherwise, consumer selected choices are analyzed in step 808 to ascertain if they are an discernible by supplier component 402. For example, the choices can be parsed to see if they are understandable.
  • step 810 determines if consumer information is available in step 810.
  • consumer profiles may be stored in database 414 (Fig. 4). If available, the consumer information is taken into consideration in step 812 for further analysis of consumer choices.
  • dynamic information can also considered as described below.
  • the profile may include a trust rating or address of the consumer that renders it desirable of undesirable to provide certain rights.
  • the process determines if the choices are reasonable in step 814. This determination may be carried out, for example, computationally or with human intervention. If the customer's choices are deemed unreasonable, re-negotiation of the customer's choices is then performed in block 816.
  • the customer is presented with a new proposed offer based on the previously analyzed choices, the customer is given an opportunity to submit new choices offered, and the right customization process 800 begins again in step 802. Otherwise, a license including the selected rights is created in step 818.
  • step 820 After a license is created, if consumer acceptance is necessary (step 820), it is presented to the consumer for review in step 822. If the consumer does not agree with the terms in the license in step 824, renegotiation is then initiated in step 816, which re-starts the rights customization process 800 again in step 802. In step 820, if a review by the consumer is not required, then the license is authenticated in step 826 to create a completed license 52 in step 828 which is to be issued and associated with content 42.
  • Fig. 7 illustrates offer consideration process 700 which is performed by offer analyzer module 430 and choice maker module 432 of consumer component 438.
  • Available offers are first collected in step 702.
  • process 700 determines whether it has a right to accept offers from the supplier. For example, if the consumer certain restrictions on the purchase of content, such as an age restriction or a restriction against accepting content from outside an enterprise, the consumer may not accept an offer. In such a case, the offer consideration process terminates in step 706. If the consumer has the right to accept offers from the supplier, the offers are then analyzed in step 708 to ascertain if they are discernible. If it is determined that supplier preferences are available in step 710, the offers are filtered in step 712 based on the preferences.
  • step 714 determines if consumer preferences are available and, if so, they are applied in step 716 to the offers. Once all the offers are analyzed, by applying the logic of steps 708-714 and any other desired logic, the consumer then selects options in block 718 and specifies contingencies in block 720. The selection of options can be done automatically. If human intervention is desired, the customer can intervene and further specify additional choices or conditions desired. Any preferences, rules, or other logic can be used to analyze offers.
  • the consumer sends a request, and then a license is constructed.
  • the request is a subset of an offer and the offer has one or more options.
  • the supplier makes the offer available to the consumer sending the request (and to other consumers if that is the desire), and the consumer (including other consumers, if applicable) makes choices.
  • the supplier analyzes the choices, and constructs the license (i.e. a grant of rights). Note that the request can also be rejected, or a counter proposal could be made and the same process could then repeat for the counter proposal.
  • the analysis may be done automatically, or with human intervention.
  • the choice or acceptance may be done automatically, or with human intervention.
  • Either the offer or a license, or both, may be generated based on the dynamic information, the consumer's information, and the consumer's request, such as described above.
  • the dynamic information may include many kinds of information including information related to pricing, status of the network, the traffic of a web site at each moment of time, discounts given, coupons given, the habits of the consumer, how many times the content has been used, for how long the content was used, where it was used, or the like.
  • the dynamic information can be tracked as state variables and the values of the state variables can be checked and updated as necessary.
  • Dynamic information is information capable of being (although, it need not actually be) changed or created by or by reference to a non-static element.
  • the dynamic information can be obtained based on a formula, database, curve, predetermined table, percentage of a value, a function, reference to other data, such as the prime rate of interest or the change in a stock market index, and/or by a human intervention of the user or distributor, and/or consumer's input.
  • the consumer's information may include information such as the age of the consumer, the credit history of the consumer, the credit limit of the consumer, income of the consumer, what kind of rights or licenses obtained, the password of the consumer, the key assigned to the consumer, club membership for access or discount, the class of the consumer based on a predetermined criteria, or any other data, identification characteristics and information.
  • the supplier's information may include some or all of the subjects of information as the consumer's information, and may also include, for example, available options or variations, suppliers, shipping information, and other information.
  • the system and processes disclosed in this invention support multi- tier and super distributions of content.
  • the following is a use case that shows how this can be modeled and supported. It illustrates the process of offering and granting rights by showing the process of transforming offered rights to a rights supplier (the content distributor in this case) to granted rights to a rights consumer (the end user in this case). It specifically shows how an offer is generated from an existing license, how this offer is considered with a choice, and how a final license is issued. Meta-rights provide a mechanism for permitting the transfer of rights from one party to the next party in a content distribution chain.
  • a content provider P of some content C wants to specify that a distributor D may sell, to any end user within the region of the United States (US), the "play" right at a flat rate of $1 and the "print” right at a cost of $4 per copy (both are paid by D to P).
  • the provider also allows the content distributor to add its own conditions to the "play” and "print” rights it issues to end users.
  • a license from the content provider to the distributor may resemble the following using the XrMLTM rights language.
  • the distributor may make an offer to the end user based on the rights it has as expressed in the license above. Note that usage rights and conditions of each option are set forth as XMLTM elements between ⁇ grant> tags. In the following offer, note that the distributor adds a fee condition for getting the "play" right, charging the end user $2 ($1 more than it pays to the provider), and another fee condition for the "print” right, charging the end user $6 per print copy ($1 more than it pays to the provider). The distributor also limits the offer to an acceptance time period (up to December 31 , 2002). Meta rights granted to the distributor permit the distributor to modify the grant in the license, as described above, and make the offer.
  • the end user may choose to get only the right to "play" for the flat fee of $2 and responds to the distributor with a choice set forth as an XMLTM element between ⁇ choice> tags as follows.
  • the request can also be rejected.
  • a response can also be constructed as a counter offer for rights not originally offered by the distributor. When the distributor receives the choice from the end user, it then issues a license to the user as shown below.
  • the issuers may choose to digitally sign the documents using some digital signature algorithms.
  • the recipients of these documents have options to verify the validity of these documents by checking the validity of the attached digital signatures.
  • Access to the various documents, and elements thereof, can be controlled using known techniques.
  • offering and granting result in a license with a fresh state for content usage As one starts to exercise the rights, derived rights, obtained as a result of meta-rights, may inherit and/or share the state variable values associated with the rights. For example, when one is granted with the right to print 5 times and make 4 copies of some document, all new copies may have the same set of rights but share the state (or remaining rights) with the original. After the original has been printed 2 times and a new copy was then made, the copy and original can all together print 3 times and make 2 more new copies.
  • the preferred embodiment can utilize various devices, such as a personal computers, servers, workstations, PDA's, thin clients and the like.
  • the client environment can be a handheld device such as a mobile phone or a PDA.
  • Various channels for communication can be used.
  • the various functions can be integrated in one device.
  • the license server function can be accomplished by software within the client environment.
  • the function of the license server or other modules for making offers, selecting rights and granting licenses can be accomplished in the same device.
  • the disclosed functional modules are segregated by function for clarity. However, the various functions can be combined or segregated as hardware and/or software modules in any manner. The various functions can be useful separately or in combination.
  • the various elements and portions thereof can be stored on the same device or on different devices.
  • a license can be stored together with, or separate from, content.
  • the various elements of a license can be stored on separate devices.
  • the values of state variables can be stored in a state variable repository of a system that tracks the current value of state variables.
  • Various links, references, specifications, and the like can be used to associate the elements.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Mathematical Physics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)
EP02734672A 2001-06-07 2002-06-05 Anbieten und gewähren von rechten Ceased EP1317702A4 (de)

Applications Claiming Priority (7)

Application Number Priority Date Filing Date Title
US29611301P 2001-06-07 2001-06-07
US296113P 2001-06-07
US33162401P 2001-11-20 2001-11-20
US33162501P 2001-11-20 2001-11-20
US331625P 2001-11-20
US331624P 2001-11-20
PCT/US2002/017662 WO2002101491A2 (en) 2001-06-07 2002-06-05 Rights offering and granting

Publications (2)

Publication Number Publication Date
EP1317702A2 EP1317702A2 (de) 2003-06-11
EP1317702A4 true EP1317702A4 (de) 2004-06-09

Family

ID=27404401

Family Applications (1)

Application Number Title Priority Date Filing Date
EP02734672A Ceased EP1317702A4 (de) 2001-06-07 2002-06-05 Anbieten und gewähren von rechten

Country Status (7)

Country Link
EP (1) EP1317702A4 (de)
KR (1) KR100626969B1 (de)
CN (1) CN1608264A (de)
CA (1) CA2432314A1 (de)
MX (1) MXPA04000135A (de)
NZ (1) NZ530483A (de)
WO (1) WO2002101491A2 (de)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100493900B1 (ko) 2003-08-21 2005-06-10 삼성전자주식회사 사용자간 콘텐츠에 대한 권한정보의 공유방법
KR101254209B1 (ko) * 2004-03-22 2013-04-23 삼성전자주식회사 디바이스와 휴대용 저장장치간에 권리 객체를 이동,복사하는 방법 및 장치
KR100793022B1 (ko) * 2006-07-28 2008-01-08 엘지전자 주식회사 디지털 컨텐츠 관리방법과 장치
EP2456118A4 (de) * 2009-07-17 2013-05-01 Alcatel Lucent Verfahren und vorrichtung für digitale rechteverwaltung in kleinen und mittleren unternehmen sowie verfahren zur bereitstellung eines drm-dienstes
US10445800B2 (en) 2011-08-01 2019-10-15 Intel Corporation Witnessed ad-hoc uservices
CN111091204B (zh) * 2019-12-14 2023-07-18 树行科技(上海)有限公司 维护行为的智能监控方法、装置及计算机可读存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0715243A1 (de) * 1994-11-23 1996-06-05 Xerox Corporation System zur Steuerung der Verteilung und Benutzung von Digitalwerken mit einer Gebührenmeldvorrichtung
EP0715244A1 (de) * 1994-11-23 1996-06-05 Xerox Corporation System zur Steuerung der Verteilung und Benutzung von Digitalwerken, das eine Nutzungsrechtsgrammatik verwendet
US5917912A (en) * 1995-02-13 1999-06-29 Intertrust Technologies Corporation System and methods for secure transaction management and electronic rights protection
WO2000008909A2 (en) * 1998-08-13 2000-02-24 International Business Machines Corporation System for tracking end-user electronic content usage

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5138712A (en) * 1989-10-02 1992-08-11 Sun Microsystems, Inc. Apparatus and method for licensing software on a network of computers
JPH08263438A (ja) * 1994-11-23 1996-10-11 Xerox Corp ディジタルワークの配給及び使用制御システム並びにディジタルワークへのアクセス制御方法
US5758069A (en) * 1996-03-15 1998-05-26 Novell, Inc. Electronic licensing system
US6169976B1 (en) * 1998-07-02 2001-01-02 Encommerce, Inc. Method and apparatus for regulating the use of licensed products

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0715243A1 (de) * 1994-11-23 1996-06-05 Xerox Corporation System zur Steuerung der Verteilung und Benutzung von Digitalwerken mit einer Gebührenmeldvorrichtung
EP0715244A1 (de) * 1994-11-23 1996-06-05 Xerox Corporation System zur Steuerung der Verteilung und Benutzung von Digitalwerken, das eine Nutzungsrechtsgrammatik verwendet
US5917912A (en) * 1995-02-13 1999-06-29 Intertrust Technologies Corporation System and methods for secure transaction management and electronic rights protection
WO2000008909A2 (en) * 1998-08-13 2000-02-24 International Business Machines Corporation System for tracking end-user electronic content usage

Also Published As

Publication number Publication date
EP1317702A2 (de) 2003-06-11
MXPA04000135A (es) 2004-06-03
WO2002101491A2 (en) 2002-12-19
KR100626969B1 (ko) 2006-09-20
KR20030096255A (ko) 2003-12-24
WO2002101491A3 (en) 2003-04-03
CA2432314A1 (en) 2002-12-19
NZ530483A (en) 2006-12-22
CN1608264A (zh) 2005-04-20

Similar Documents

Publication Publication Date Title
US7774279B2 (en) Rights offering and granting
US8001053B2 (en) System and method for rights offering and granting using shared state variables
US20110247077A1 (en) System and Method for Rights Offering and Granting Using Shared State Variables
US7206765B2 (en) System and method for supplying and managing usage rights based on rules
US8468098B2 (en) Method and system for subscription digital rights management
AU2002305814B2 (en) Cryptographic trust zones in digital rights management
EP1309926B2 (de) Verfahren und system zur verwaltung von digitalen abonnementrechten
US8069116B2 (en) System and method for supplying and managing usage rights associated with an item repository
US20150033359A1 (en) Method and system for subscription digital rights management
US20040039704A1 (en) System and method for supplying and managing usage rights of users and suppliers of items
JP2016129052A (ja) 機能判定装置
KR100626969B1 (ko) 권리 청약 및 허여
WO2006041462A2 (en) System and method for rights offering and granting using shared state variables
AU2002305819A1 (en) Rights offering and granting
TWI232392B (en) Rights offering and granting
JP4932058B2 (ja) コンテンツと関係付けられる権利を移転する方法及び装置
JP4898966B2 (ja) 共有状態変数を用いる権利のオファー及び許諾のための方法
AU2002312352A1 (en) Method and system for subscription digital rights management

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20021105

AK Designated contracting states

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO SI

A4 Supplementary search report drawn up and despatched

Effective date: 20040426

RIN1 Information on inventor provided before grant (corrected)

Inventor name: TADAYON, BIJAN

Inventor name: WANG, XIN

17Q First examination report despatched

Effective date: 20040614

APBN Date of receipt of notice of appeal recorded

Free format text: ORIGINAL CODE: EPIDOSNNOA2E

APBR Date of receipt of statement of grounds of appeal recorded

Free format text: ORIGINAL CODE: EPIDOSNNOA3E

APAF Appeal reference modified

Free format text: ORIGINAL CODE: EPIDOSCREFNE

APBT Appeal procedure closed

Free format text: ORIGINAL CODE: EPIDOSNNOA9E

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20080618

REG Reference to a national code

Ref country code: HK

Ref legal event code: WD

Ref document number: 1056630

Country of ref document: HK