Document distribution management method and apparatus using a standard rendering engine and a method and apparatus for controlling a standard rendering engine
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/32
H04L-009/00
G06F-015/16
G06K-009/00
출원번호
US-0649841
(2000-08-28)
발명자
/ 주소
Raley,Michael Charles
출원인 / 주소
Contentguard Holdings, Inc.
대리인 / 주소
Nixon Peabody LLP
인용정보
피인용 횟수 :
42인용 특허 :
139
초록▼
A system and method is disclosed for the secure distribution and consumption of electronic documents using a standard rendering engine. The documents have usage rights associated therewith. A server stores the documents in computer readable form. A user operates a client having a standard applicatio
A system and method is disclosed for the secure distribution and consumption of electronic documents using a standard rendering engine. The documents have usage rights associated therewith. A server stores the documents in computer readable form. A user operates a client having a standard application program including a rendering engine capable of rendering unencrypted documents for viewing. The client and the server are coupled by a communications network. A rights management module receives a request from the client for at least one of the documents on the server and delivers the document and a set of rights associated with the document to the client. A connection module attached to the rendering engine receives the set of rights associated with the document. A user interface module attached to the rendering engine controls the user's access to the document in accordance with the list of rights for the user associated with the document.
대표청구항▼
What is claimed is: 1. A system for distributing and enforcing use of digital documents having usage rights associated therewith, said system comprising: a server having at least one document stored thereon in computer readable form; a client having a standard application program including a render
What is claimed is: 1. A system for distributing and enforcing use of digital documents having usage rights associated therewith, said system comprising: a server having at least one document stored thereon in computer readable form; a client having a standard application program including a rendering engine capable of rendering unencrypted documents for viewing; a communications network coupled to said client and said server; a rights management module included in said server and configured for receiving a request for at least one of the documents from said client and delivering the at least one document and a set of rights associated with and for enforcing use of the at least one document to said client; a connection module which is downloaded and included in said client and is attached to but separate from said rendering engine for receiving the set of rights associated with the at least one document, for verifying the integrity of the client by confirming a user interface module is attached to said rendering engine, and for verifying the integrity of the rendering engine; a user interface module which is downloaded and included in said client and is attached to but separate from said rendering engine for controlling access by the client to the at least one document for enforcing use of the at least one document in accordance with the set of rights associated with said at least one document. 2. A system as recited in claim 1, wherein said connection module is operative to detect whether said user interface module is attached to said rendering engine and for providing the at least one of the documents to said rendering engine if said user interface module is attached to said rendering drive. 3. A system as recited in claim 2, wherein said connection module is operative to unencrypt the at least one of the documents. 4. A system as recited in claim 2, wherein said standard application program is a Web browser and said server includes an HTTP server. 5. A system as recited in claim 4, wherein said connection module and said user interface module attach to the rendering engine of the Web browser using at least one of ActiveX controls and plug-in technology. 6. A system as recited in claim 4, wherein said rights management module comprises means for pointing to a start Web page stored on said server, and means for encrypting said means for pointing and wherein said connection module comprises means for unencrypting said means for pointing and wherein said system further comprises means for generating a secure start Web page which references said connection module and said means for pointing. 7. A system as recited in claim 4, wherein said connection module comprises means for generating a signature and said rights management module comprises means for validating the signature, and wherein a request to said server is honored only if the signature is present and valid. 8. A system as recited in claim 1, wherein the connection module verifies the integrity of the rendering engine by verifying that the rendering engine has not been tampered with or otherwise compromised in a way that allows access to the at least one document in a way that bypasses the user interface module. 9. A system as recited in claim 1, wherein the rendering engine does not have direct access to the at least one document because the rendering engine is wrapped by the user interface module to prevent the rendering engine from performing prohibited functions outside of a scope of the set of rights associated with and for enforcing the use of the at least one document. 10. A method for distributing and enforcing use of digital documents having one or more usage rights associated therewith, said method comprising the steps of: storing at least one document on a server in computer readable form; accessing the server with a client having a standard application program including a rendering engine capable of rendering unencrypted documents; receiving by a rights management module included in said server a request for at least one of the documents from the client; delivering by said rights management module the at least one of the documents and a set of rights associated with and for enforcing use of the at least one of the documents to the client; downloading a connection module and a user interface module to said client; receiving the list of rights associated with the at least one of the documents with said connection module included in said client and attached to but separate from the rendering engine and that verifies the integrity of the client by confirming a user interface module is attached to said rendering engine and verifies the integrity of the rendering engine; controlling access by the client to the at least one of the documents for enforcing use of the at least one document in accordance with the set of rights associated with the at least one of the documents through said user interface module included in said client and attached to but separate from the rendering engine. 11. A method as recited in claim 10, further comprising the step of unencrypting the at least one of the documents. 12. A method as recited in claim 10, further comprising the steps of detecting whether the user interface module is attached to the rendering engine and providing the at least one document to the rendering engine if the user interface module is attached to the rendering drive. 13. A method as recited in claim 12, wherein said step of detecting further comprises determining whether said rendering engine has been compromised. 14. A method as recited in claim 12, wherein said standard application program is a Web browser and said server includes HTTP server software. 15. A method as recited in claim 14, further comprising the steps of providing a pointer on the server to a start Web page stored on the server, encrypting the pointer, generating a secure start Web page on the server which references the pointer, providing access to the secure start Web page through the Web browser, and unencrypting the pointer on the client to provide the Web browser access to the start Web page on the server. 16. A method as recited in claim 14, further comprising the steps of generating a signature with the client, transmitting the signature to the server with a request to the server, validating the signature with the server, and honoring the request only if the signature is present and valid. 17. A method as recited in claim 10, wherein the step of verifying the integrity of the rendering engine includes verifying that the rendering engine has not been tampered with or otherwise compromised in a way that allows access to the at least one document in a way that bypasses the user interface module. 18. A method as recited in claim 10, further comprising wrapping the rendering engine with the user interface module so that the rendering engine does not have direct access to the at least one document to prevent the rendering engine from performing prohibited functions outside of a scope of the set of rights associated with and for enforcing the use of the at least one document. 19. In a computer architecture including a server having documents stored thereon, a start page for accessing the documents, and a client running an application program having a rendering engine, a method of distributing and enforcing use of documents comprising the steps of: installing a rights management module on the server; downloading a connection module and a user interface module to said client; attaching said user interface module and said connection module to the rendering engines, wherein said user interface module and said connection module are separate from said rendering engine; creating a secure start page on the server; placing the documents in directory; programming the rights management module to include a pointer to the directory; encrypting an address to the directory; modifying the secure interface display to reference the user interface module and the start page; verifying the integrity of the client with the connection module by confirming the user interface module is attached to the rendering engine; verifying the integrity of the rendering engine with the connection module; unencrypting the address to the directory with the connection module to permit access to the start page and the documents on the server; and enforcing use of the documents with the user interface module in accordance with a set of rights associated with the documents. 20. A method as recited in claim 19, wherein the server includes HTTP server software, wherein the application program is a Web browser, wherein the secure interface display is a secure start Web page and wherein the address to the directory is in the form of a URL. 21. A method as recited in claim 20, further comprising the steps of: accessing the secure start Web page by issuing a URL to the start page; directing the user interface module to the start page through the reference to the start page in the secure start Web page; creating an instance of the rendering engine; loading the start page in the instance of the rendering engine to display the start page on the client; and directing the instance of the rendering engine, under control of the user interface module, to retrieve one or more of the documents from the server. 22. A method as recited in claim 20, wherein said step of directing the instance comprises the steps of intercepting commands from the Web browser with the user interface module and redirecting the commands through the connection module on the server. 23. A method as recited in claim 20, wherein said step of redirecting comprises the steps of instructing the instance to utilize a secure asynchronous protocol through the connection module. 24. A method as recited in claim 20, further comprising the steps of validating, with the connection module, that the user interface module is attached to the rendering engine and permitting the client to connect to the server only if the validation step is positive. 25. A method as recited in claim 19, wherein the step of verifying the integrity of the rendering engine includes verifying that the rendering engine has not been tampered with or otherwise compromised in a way that allows access to the documents in a way that bypasses the user interface module. 26. A method as recited in claim 19, further comprising wrapping the rendering engine with the user interface module so that the rendering engine does not have direct access to the documents to prevent the rendering engine from performing prohibited functions outside of a scope of the set of rights associated with and for enforcing the documents.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (139)
Wobber Edward (Menlo Park CA) Abadi Martin (Palo Alto CA) Birrell Andrew (Los Altos CA) Lampson Butler (Cambridge MA), Access control subsystem and method for distributed computer system using locally cached authentication credentials.
Davis Derek L. (Phoenix AZ) Smith Lionel (Queen Creek AZ), Apparatus and method for preventing disclosure through user-authentication at a printing node.
Russell Edward A. (Acton MA), Authorization system for obtaining in single step both identification and access rights of client to server directly fro.
Kenneth Louis Milsted ; Craig Kindell ; Qing Gong, Automated method and apparatus to package digital content for electronic distribution using the identity of the source content.
Barnes Vera L. (Wayne PA) Dodds ; Jr. Thomas J. (Drexel Hill PA) Gibson Harold F. (Downington PA) Campbell ; Jr. Carl M. (Newtown Square PA), Communications line authentication device.
Fischer Addison M. (60 14th Ave. South Naples FL 33942), Computer system security method and apparatus for creating and using program authorization information data structures.
Fischer Addison M. (60 14th Ave. South Naples FL 33942), Computer system security method and apparatus having program authorization information data structures.
Narasimhalu Arcot D. (Singapore SGX) Wang Weiguo (Singapore SGX) Kankanhalli Mohan S. (Singapore SGX), Controlled dissemination of digital information.
Downer Robert R. (Medfield MA) Noonan Richard C. (Belmont MA) Dalke David M. (Marlborough MA), Controlling machine operation with respect to consumable accessory units.
Hartrick Thomas V. (Gaithersburg MD) Stevens Jeffrey N. (Gaithersburg MD) Sabia Nicholas J. (Silver Spring MD), Data processing system and method to enforce payment of royalties when copying softcopy books.
Geffrotin Bernard (Meudon FRX), Data processing system comprising authentification means viz a viz a smart card, an electronic circuit for use in such s.
Stefik Mark J. (Woodside CA) Russell Daniel M. (Palo Alto CA) Bobrow Daniel G. (Palo Alto CA) Henderson ; Jr. D. Austin (La Honda CA), Document processing system utilizing document service cards to provide document processing services.
Downs Edgar ; Gruse George Gregory ; Hurtado Marco M. ; Lehman Christopher T. ; Milsted Kenneth Louis ; Lotspiech Jeffrey B., Electronic content delivery system.
Elmer Thomas I. (Sunnyvale CA) Nguyen Tuan T. (Milpitas CA) Lin Rung-Pan (San Jose CA), Encryption of streams of addressed information to be used for program code protection.
Chandra Akhileshwari N. (Mahopac NY) Comerford Liam D. (Carmel NY) White Steve R. (New York NY), Implementing a shared higher level of privilege on personal computers for copy protection of software.
Akiyama Ryota,JPX ; Hasebe Takayuki,JPX ; Yoshioka Makoto,JPX, Information distribution system wherein storage medium storing ciphered information is distributed.
Okano Hirokazu (1-8-6 ; Kurakake Asakita-Ku ; Hiroshima-shi ; Hiroshima JPX), Information processing system using error-correcting codes and cryptography.
Lessin Arlen R. (New York NY) Gruppuso Frank M. (Commack NY) Harrison Shelley A. (Dix Hills NY), Intelligent portable interactive personal data system.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Card Stuart K. (Los Altos CA) Casey Michalene M. (Morgan Hill CA) Goldstein Richard J. (San Francisco CA) Lamming Michael G. (Cambridge CA, Interactive contents revealing storage device.
Hershey Antoinette F. (Acton MA) French Andrew H. (Lexington MA) Boire Christopher P. (Westborough MA), License mangagement system and license storage key.
Johnson Donavon W. (Georgetown TX) Morgan Stephen P. (Mahopac NY) Smith Todd A. (Austin TX), Maintenance of file attributes in a distributed data processing system.
Cooper Thomas Edward ; Pryor Robert Franklin, Method and apparatus for enabling trial period use of software products: method and apparatus for generating a machine-d.
Cooper Thomas E. (Louisville CO) Nagda Jagdish (Boulder CO) Pryor Robert F. (Longmont CO), Method and apparatus for enabling trial period use of software products: method and apparatus for passing encrypted file.
Cooper Thomas Edward ; Phillips Hudson Wayne ; Pryor Robert Franklin, Method and apparatus for enabling trial period use of software products: method and apparatus for utilizing a decryption.
Chou Wayne W. (25 Hauley Pl. Ridgefield CT 06877) Erett Richard E. (78 White Birch La. Stamford CT 06905), Method and apparatus for protecting computer software utilizing coded filter network in conjunction with an active coded.
Jones Gregory A. (Seattle WA) Price Robert M. (Seattle WA) Veghte William L. (Bellevue WA), Method and system for authenticating access to heterogeneous computing services.
Halter Bernard J. (Longmont CO) Bracco Alphonse M. (Reston VA) Johnson Donald B. (Manassas VA) Le An V. (Manassas VA) Matyas Stephen M. (Manassas VA) Prymak ; deceased Rostislaw (late of Dumfries VA , Method and system for multimedia access control enablement.
Janis Frederick L. (Keller TX), Method and system for providing user access control within a distributed data processing system by the exchange of acces.
Janis Frederick L. (Keller TX), Method and system for variable authority level user access control in a distributed data processing system having multip.
Griffeth Nancy D. (Westfield NJ) Velthuijsen Hugo (Den Haag NLX), Method for resolving conflicts among distributed entities through the generation of counter proposals by transversing a.
Chou Wayne W. (Ridgefield CT) Kulinets Joseph M. (Stamford CT) Elteto Laszlo (Stamford CT) Engel Frederik (Wilton CT), Method of software distribution protection.
Elliott John C. (Summit NJ) O\Connell James A. (Short Hills NJ) Ladouceur Lawrence (Scarsdale NY) Altman William (Lower Paxton PA) Jarett Keith (Oakland CA), Multi-issuer transaction device with individual identification verification plug-in application modules for each issuer.
Johnson Herrick J. (Marblehead MA) Olson Margaret (Nashua NH) Jones Stuart (Cambridge MA) Bodoff Stephanie (Somerville MA) Bertrand Stephen C. (Waltham MA) Levine Paul H. (Carlisle MA), Network license server.
Rabne Michael W. ; Barker James A. ; Alrashid Tareq M.T. ; Christian Brian S. ; Cox Steven C. ; Slotta Elizabeth A. ; Upthegrove Luella R., Rights management system for digital media.
Johnson Donald B. (Manassas VA) Le An V. (Manassas VA) Matyas Stephen M. (Manassas VA) Prymak Rostislaw (Dumfries VA) Wilkins John D. (Somerville VA), Secure cryptographic operations using control vectors generated inside a cryptographic facility.
Chandra Ashileshwari N. (Mahopac NY) Comerford Liam D. (Carmel NY) White Steve R. (New York NY), Software protection system using a single-key cryptosystem, a hardware-based authorization system and a secure coprocess.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of composite digital works.
Stefik Mark J. (Woodside CA) Merkle Ralph C. (Sunnyvale CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of digital works having a fee reporting mechanism.
Stefik Mark J. ; Petrie Glen W. ; Okamoto Steve A. ; Briggs Nicholas H., System for controlling the distribution and use of rendered digital works through watermaking.
Volk Larry N. (3320 Royce Ct. Las Vegas NV), System for vending program cartridges which have circuitry for inhibiting program usage after preset time interval expir.
Edwards ; Jr. Gordon L. (Easley SC), System with software usage timer and counter for allowing limited use but preventing continued unauthorized use of prote.
Saigh Michael M. ; Chang Edward H. ; Brockhouse Douglas B. ; Chang Hsiao-Shih, Systems and apparatus for electronic communication and storage of information.
Shear Victor H. ; Van Wie David M. ; Weber Robert P., Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for the secure transaction management and electronic rights protection.
Aldous Stephen C. (Salt Lake City UT) Dake Guy M. (Sandy UT), Systems for connection of physical/electrical media connectors to computer communications cards.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining, using and manipulating rights management data structures.
Abraham Dennis G. (Concord NC) Aden Steven G. (Charlotte NC) Arnold Todd W. (Charlotte NC) Neckyfarow Steven W. (Charlotte NC) Rohland William S. (Charlotte NC), Transaction system security method and apparatus.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M. ; Weber Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
Pavlov Leonidas P. (Colorado Springs CO) Aba-Jbara Nabil M. (Colorado Springs CO), Unitary, self-contained card verification and validation system and method.
Abraham Dennis G. (Concord NC) Henningsmeyer Daniela (Stuttgart VA DEX) Hudson John M. (Manassas VA) Johnson Donald B. (Manassas VA) Le An V. (Manassas VA) Matyas Stephen M. (Manassas VA) Stevens Jam, User defined function facility.
Cohen Jason M. (20 Skookwams Ct. West Islip NY 11795), Video communications system having a remotely controlled central source of video and audio data.
Apsangi, Shrikant; Guduru, Srinivas; Schnitzer, Jason Kazimir; Markley, Jeffrey P.; Carlucci, John B.; Bevilacqua, John G., Apparatus and methods for provisioning in a download-enabled system.
Deaver, John; Johnson, Woodrow W.; Klebe, Skott C., Method and apparatus for secure key delivery for decrypting bulk digital content files at an unsecure site.
Deaver, John; Klebe, Skott C.; Johnson, Woodrow W., Method and apparatus for secure key delivery for decrypting bulk digital content files at an unsecure site.
Deaver,John; Klebe,Skott C.; Johnson,Woodrow W., Method and apparatus for secure key delivery for decrypting bulk digital content files at an unsecure site.
Woo,Je Hak; Lee,Hwan Chul; Cho,Sang Young; Jeong,Seong Ho; Ha,Young Soo; Shin,Seog Kyoon; Kim,Seong Il, Method and system for the information protection of digital content.
Hardison, III, Joseph H., Method of and system for capturing interest earned on the monetary value of transferred monetary rights managed on an internet-based monetary rights transfer (MRT) network supported by a real-time gross settlement (RTGS) system.
Hardison, III, Joseph H., System for implementing a security issuer rights management process over a distributed communications network deployed in a financial marketplace.
Hardison, III, Joseph H., System for implementing a security issuer rights management process over a distributed communications network, deployed in a financial marketplace.
Helms, William; Hayashi, Michael T.; Leddy, Kevin J.; Christman, David A., Technique for securely communicating and storing programming material in a trusted domain.
Helms, William; Hayashi, Michael T.; Leddy, Kevin J.; Christman, David A., Technique for securely communicating and storing programming material in a trusted domain.
Helms, William; Hayashi, Michael T.; Leddy, Kevin J.; Christman, David A., Technique for securely communicating and storing programming material in a trusted domain.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.