Rights locker for digital content access control
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/32
H04L-009/00
H04K-001/00
H04N-007/16
출원번호
US-0687415
(2003-10-15)
등록번호
US-7380280
(2008-05-27)
발명자
/ 주소
de Jong,Eduard K.
출원인 / 주소
Sun Microsystems, Inc.
대리인 / 주소
Gunnison, McKay & Hodgson, L.L.P.
인용정보
피인용 횟수 :
19인용 특허 :
62
초록▼
Access to digital content may be controlled by receiving a rights locker enrollment request from a user device associated with a user, where the rights locker enrollment request comprises a digital content request and enrollment authentication data. A determination of whether the user is authorized
Access to digital content may be controlled by receiving a rights locker enrollment request from a user device associated with a user, where the rights locker enrollment request comprises a digital content request and enrollment authentication data. A determination of whether the user is authorized comprises determining the rights of the user to access the rights locker and the rights of the user to digital content specified by the digital content request. If the user is authorized, the rights locker is initialized with rights to the digital content. If a first token used to create the authenticated rights locker access request has been fully redeemed, a new token that authenticates future access to a rights locker corresponding to the digital content is obtained. An authenticated rights locker access request that is based at least in part on the new token is created and then sent.
대표청구항▼
What is claimed is: 1. A method for digital content access control, comprising: receiving, by a rights locker provider, a rights locker enrollment request from a user device associated with a user, said rights locker enrollment request comprising a digital content request and enrollment authenticat
What is claimed is: 1. A method for digital content access control, comprising: receiving, by a rights locker provider, a rights locker enrollment request from a user device associated with a user, said rights locker enrollment request comprising a digital content request and enrollment authentication data; determining, by said rights locker provider, whether said user is authorized using said enrollment authentication data, said determining comprising determining rights of said user to access said rights locker and rights of said user to digital content specified by said digital content request wherein said rights locker provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; and if said user is authorized, initializing, by said rights locker provider, said rights locker with rights to said digital content; obtaining, by said rights locker provider, a new token that authenticates future access to said rights locker corresponding to said digital content; creating, by said rights locker provider, an authenticated rights locker access request based at least in part on said new token; and sending, by said rights locker provider, said authenticated rights locker access request over a network to said user device. 2. The method of claim 1 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content. 3. The method of claim 1 wherein said enrollment authentication data comprises: rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker. 4. The method of claim 3 wherein said rights locker access authentication data comprises payment for use of a rights locker service. 5. The method of claim 3 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker. 6. The method of claim 1 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request. 7. The method of claim 1 wherein said determining comprises determining whether said user is entitled to become an enrolled user based at least in part on whether payment for use of the rights locker service succeeds. 8. The method of claim 1 wherein said determining comprises determining whether an enrolled user is entitled to populate said rights locker with rights to said digital content based at least in part on whether payment for said rights succeeds. 9. The method of claim 1 wherein said new token is for storage in a bookmark on said user device. 10. The method of claim 1 wherein said sending further comprises embedding said authenticated rights locker access request in a Web cookie before said sending. 11. The method of claim 1 wherein said sending further comprises encapsulating said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 12. A method for digital content access control, comprising: receiving, by a rights locker provider, a first authenticated rights locker access request and a digital content specification from a user device associated with a user wherein said rights locker provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; validating, by said rights locker provider, said first authenticated rights locker access request; if said validating indicates said first authenticated rights locker access request is valid, creating, by said rights locker provider, an authenticated digital content request for use in accessing digital content stored by a digital content repository; if a first token used to create said authenticated rights locker access request has been fully redeemed, obtaining, by said rights locker provider, a new token that authenticates future access to a rights locker corresponding to said digital content; creating, by said rights locker provider, a new authenticated rights locker access request based at least in part on said new token; and sending, by said rights locker provider, said authenticated digital content request and said new authenticated rights locker access request over a network to said user device. 13. The method of claim 12 wherein said receiving further comprises receiving one or more delivery parameters, said one or more delivery parameters indicating where said digital content should be sent, a delivery mechanism, or both. 14. The method of claim 12 wherein said new token is for storage in a bookmark on a user device. 15. The method of claim 12, further comprising embedding said authenticated rights locker access request in a Web cookie before said sending. 16. The method of claim 12, further comprising encapsulating said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 17. A method for digital content access control, comprising: receiving, by a rights locker provider, a first authenticated rights locker access request and a digital content specification from a user device associated with a user wherein said rights locker provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; validating, by said rights locker provider, said first authenticated rights locker access request; if said validating indicates said first authenticated rights locker access request is valid, creating, by said rights locker provider, an authenticated digital content request for use in accessing digital content stored by a digital content repository; sending, by said rights locker provider, said authenticated digital content request to said digital content repository; if a first token used to create said authenticated rights locker access request has been fully redeemed, obtaining, by said rights locker provider, a new token that authenticates future access to a rights locker corresponding to said digital content; creating, by said rights locker provider, a new authenticated rights locker access request based at least in part on said new token; and sending, by said rights locker provider, said new authenticated rights locker access request to said user device over a network. 18. The method of claim 17 wherein said receiving further comprises receiving one or more delivery parameters, said one or more delivery parameters indicating where said digital content should be sent, a delivery mechanism, or both. 19. The method of claim 17 wherein said new token is for storage in a bookmark on a user device. 20. The method of claim 17, further comprising embedding said authenticated rights locker access request in a Web cookie before said sending. 21. The method of claim 17, further comprising encapsulating said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 22. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method for digital content access control, the method comprising: receiving, by a rights locker provider, a rights locker enrollment request from a user device associated with a user, said rights locker enrollment request comprising a digital content request and enrollment authentication data; determining, by said rights locker provider, whether said user is authorized using said enrollment authentication data, said determining comprising determining rights of said user to access said rights locker and rights of said user to digital content specified by said digital content request wherein said rights locker provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; and if said user is authorized, initializing, by said rights locker provider, said rights locker with rights to said digital content; obtaining, by said rights locker provider, a new token that authenticates future access to said rights locker corresponding to said digital content; creating, by said rights locker provider, an authenticated rights locker access request based at least in part on said new token; and sending, by said rights locker provider, said authenticated rights locker access request over a network to said user device. 23. The program storage device of claim 22 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content. 24. The program storage device of claim 22 wherein said enrollment authentication data comprises: rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker. 25. The program storage device of claim 24 wherein said rights locker access authentication data comprises payment for use of a rights locker service. 26. The program storage device of claim 24 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker. 27. The program storage device of claim 22 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request. 28. The program storage device of claim 22 wherein said determining comprises determining whether said user is entitled to become an enrolled user based at least in part on whether payment for use of the rights locker service succeeds. 29. The program storage device of claim 22 wherein said determining comprises determining whether an enrolled user is entitled to populate said rights locker with rights to said digital content based at least in part on whether payment for said rights succeeds. 30. The program storage device of claim 22 wherein said new token is for storage in a bookmark on said user device. 31. The program storage device of claim 22, said method further comprising embedding said authenticated rights locker access request in a Web cookie before said sending. 32. The program storage device of claim 22, said method further comprising encapsulating said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 33. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method for digital content access control, the method comprising: receiving, by a rights locker provider, a first authenticated rights locker access request and a digital content specification from a user device associated with a user wherein said rights locker provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; validating, by said rights locker provider, said first authenticated rights locker access request; if said validating indicates said first authenticated rights locker access request is valid, creating, by said rights locker provider, an authenticated digital content request for use in accessing digital content stored by a digital content repository; if a first token used to create said authenticated rights locker access request has been fully redeemed, obtaining, by said rights locker provider, a new token that authenticates future access to a rights locker corresponding to said digital content; creating, by said rights locker provider, a new authenticated rights locker access request based at least in part on said new token; and sending, by said rights locker provider, said authenticated digital content request and said new authenticated rights locker access request over a network to said user device. 34. The program storage device of claim 33 wherein said receiving further comprises receiving one or more delivery parameters, said one or more delivery parameters indicating where said digital content should be sent, a delivery mechanism, or both. 35. The program storage device of claim 33 wherein said new token is for storage in a bookmark on a user device. 36. The program storage device of claim 33, said method further comprising embedding said authenticated rights locker access request in a Web cookie before said sending. 37. The program storage device of claim 33, said method further comprising encapsulating said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 38. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method for digital content access control, the method comprising: receiving, by a rights locker provider, a first authenticated rights locker access request and a digital content specification from a user device associated with a user wherein said rights locker provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; validating, by said rights locker provider, said first authenticated rights locker access request; if said validating indicates said first authenticated rights locker access request is valid, creating, by said rights locker provider, an authenticated digital content request for use in accessing digital content stored by a digital content repository; sending, by said rights locker provider, said authenticated digital content request to said digital content repository; if a first token used to create said authenticated rights locker access request has been fully redeemed, obtaining, by said rights locker provider, a new token that authenticates future access to a rights locker corresponding to said digital content; creating, by said rights locker provider, a new authenticated rights locker access request based at least in part on said new token; and sending, by said rights locker provider, said new authenticated rights locker access request to said user device over a network. 39. The program storage device of claim 38 wherein said receiving further comprises receiving one or more delivery parameters, said one or more delivery parameters indicating where said digital content should be sent, a delivery mechanism, or both. 40. The program storage device of claim 38 wherein said new token is for storage in a bookmark on a user device. 41. The program storage device of claim 38, said method further comprising embedding said authenticated rights locker access request in a Web cookie before said sending. 42. The program storage device of claim 38, said method further comprising encapsulating said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 43. An apparatus for digital content access control, comprising: means for receiving, by a rights locker provider, a rights locker enrollment request from a user device associated with a user, said rights locker enrollment request comprising a digital content request and enrollment authentication data; means for determining, by said rights locker provider, whether said user is authorized using said enrollment authentication data, said determining comprising determining rights of said user to access said rights locker and rights of said user to digital content specified by said digital content request wherein said rights locker provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; and means for if said user is authorized, initializing, by said rights locker provider, said rights locker with rights to said digital content; obtaining, by said rights locker provider, a new token that authenticates future access to said rights locker corresponding to said digital content; creating, by said rights locker provider, an authenticated rights locker access request based at least in part on said new token; and sending, by said rights locker provider, said authenticated rights locker access request over a network to said user device. 44. The apparatus of claim 43 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content. 45. The apparatus of claim 43 wherein said enrollment authentication data comprises: rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker. 46. The apparatus of claim 45 wherein said rights locker access authentication data comprises payment for use of a rights locker service. 47. The apparatus of claim 45 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker. 48. The apparatus of claim 43 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request. 49. The apparatus of claim 43 wherein said means for determining comprises means for determining whether said user is entitled to become an enrolled user based at least in part on whether payment for use of the rights locker service succeeds. 50. The apparatus of claim 43 wherein said means for determining comprises means for determining whether an enrolled user is entitled to populate said rights locker with rights to said digital content based at least in part on whether payment for said rights succeeds. 51. The apparatus of claim 43 wherein said new token is for storage in a bookmark on said user device. 52. The apparatus of claim 43, further comprising means for embedding said authenticated rights locker access request in a Web cookie before said sending. 53. The apparatus of claim 43, further comprising mans for encapsulating said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 54. An apparatus for digital content access control, comprising: means for receiving, by a rights locker provider, a first authenticated rights locker access request and a digital content specification from a user device associated with a user wherein said rights locker provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; means for validating, by said rights locker provider, said first authenticated rights locker access request; means for if said validating indicates said first authenticated rights locker access request is valid, creating, by said rights locker provider, an authenticated digital content request for use in accessing digital content stored by a digital content repository; if a first token used to create said authenticated rights locker access request has been fully redeemed, obtaining, by said rights locker provider, a new token that authenticates future access to a rights locker corresponding to said digital content; creating, by said rights locker provider, a new authenticated rights locker access request based at least in part on said new token; and sending, by said rights locker provider, said authenticated digital content request and said new authenticated rights locker access request over a network to said user device. 55. The apparatus of claim 54 wherein said means for receiving further comprises means for receiving one or more delivery parameters, said one or more delivery parameters indicating where said digital content should be sent, a delivery mechanism, or both. 56. The apparatus of claim 54 wherein said new token is for storage in a bookmark on a user device. 57. The apparatus of claim 54, further comprising means for embedding said authenticated rights locker access request in a Web cookie before said sending. 58. The apparatus of claim 54, further comprising means for encapsulating said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 59. An apparatus for digital content access control, comprising: means for receiving, by a rights locker provider, a first authenticated rights locker access request and a digital content specification from a user device associated with a user wherein said rights locker provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; means for validating, by said rights locker provider, said first authenticated rights locker access request; means for if said validating indicates said first authenticated rights locker access request is valid, creating, by said rights locker provider, an authenticated digital content request for use in accessing digital content stored by a digital content repository; sending, by said rights locker provider, said authenticated digital content request to said digital content repository; if a first token used to create said authenticated rights locker access request has been fully redeemed, obtaining, by said rights locker provider, a new token that authenticates future access to a rights locker corresponding to said digital content; creating, by said rights locker provider, a new authenticated rights locker access request based at least in part on said new token; and sending, by said rights locker provider, said new authenticated rights locker access request to said user device over a network. 60. The apparatus of claim 59 wherein said means for receiving further comprises means for receiving one or more delivery parameters, said one or more delivery parameters indicating where said digital content should be sent, a delivery mechanism, or both. 61. The apparatus of claim 59 wherein said new token is for storage in a bookmark on a user device. 62. The apparatus of claim 59, further comprising means for embedding said authenticated rights locker access request in a Web cookie before said sending. 63. The apparatus of claim 59, further comprising means for encapsulating said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 64. A rights locker provider apparatus for digital content access control, comprising: a memory for storing one or more rights lockers wherein each of said one or more rights lockers provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; and a processor configured to: receive a rights locker enrollment request from a user device associated with a user, said rights locker enrollment request comprising a digital content request and enrollment authentication data; determine whether said user is authorized using said enrollment authentication data, said determining comprising determining rights of said user to access said rights locker and rights of said user to digital content specified by said digital content request; and if said user is authorized, initialize said rights locker with rights to said digital content; obtain a new token that authenticates future access to said rights locker corresponding to said digital content; create an authenticated rights locker access request based at least in part on said new token; and send said authenticated rights locker access request over a network to said user device. 65. The apparatus of claim 64 wherein said digital content request comprises a request for initializing said rights locker with rights to specified digital content. 66. The apparatus of claim 64 wherein said enrollment authentication data comprises: rights locker access authentication data for determining what rights, if any, said user has to access said rights locker; and rights content access authentication data for determining what rights, if any, said user has to digital content associated with said rights locker. 67. The apparatus of claim 66 wherein said rights locker access authentication data comprises payment for use of a rights locker service. 68. The apparatus of claim 66 wherein said rights content access authentication data comprises payment for rights deposited in said rights locker. 69. The apparatus of claim 66 wherein said enrollment authentication data comprises a reenrollment key determined in a previous enrollment request for said rights locker, said reenrollment key for supplementing or replacing enrollment authentication data of said previous enrollment request. 70. The apparatus of claim 64 wherein said determining comprises determining whether said user is entitled to become an enrolled user based at least in part on whether payment for use of the rights locker service succeeds. 71. The apparatus of claim 64 wherein said determining comprises determining whether an enrolled user is entitled to populate said rights locker with rights to said digital content based at least in part on whether payment for said rights succeeds. 72. The apparatus of claim 64 wherein said new token is for storage in a bookmark on said user device. 73. The apparatus of claim 64 wherein said processor is further configured to embed said authenticated rights locker access request in a Web cookie before said sending. 74. The apparatus of claim 64 wherein said processor is further configured to encapsulate said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 75. A rights locker provider apparatus for digital content access control, comprising: a memory for storing one or more rights lockers wherein each of said one or more rights lockers provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; and a processor configured to: receive a first authenticated rights locker access request and a digital content specification from a user device associated with a user; validate said first authenticated rights locker access request; if said validation indicates said first authenticated rights locker access request is valid, create an authenticated digital content request for use in accessing digital content stored by a digital content repository; if a first token used to create said authenticated rights locker access request has been fully redeemed, obtain a new token that authenticates future access to a rights locker corresponding to said digital content; create a new authenticated rights locker access request based at least in part on said new token; and send said authenticated digital content request and said new authenticated rights locker access request over a network to said user device. 76. The apparatus of claim 75 wherein said apparatus is further configured to receive one or more delivery parameters, said one or more delivery parameters indicating where said digital content should be sent, a delivery mechanism, or both. 77. The apparatus of claim 75 wherein said new token is for storage in a bookmark on a user device. 78. The apparatus of claim 75 wherein said processor is further configured to embed said authenticated rights locker access request in a Web cookie before said sending. 79. The apparatus of claim 75 wherein said processor is further configured to encapsulate said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending. 80. An apparatus for digital content access control, comprising: a memory for storing one or more rights lockers wherein each of said one or more rights lockers provides (1) a description of a user's access rights for digital content; and (2) controlled access to said description; and a processor configured to: receive a first authenticated rights locker access request and a digital content specification from a user device associated with a user; validate said first authenticated rights locker access request; if said validation indicates said first authenticated rights locker access request is valid, create an authenticated digital content request for use in accessing digital content stored by a digital content repository; send said authenticated digital content request to a digital content repository; if a first token used to create said authenticated rights locker access request has been fully redeemed, obtain a new token that authenticates future access to a rights locker corresponding to said digital content; create a new authenticated rights locker access request based at least in part on said new token; and send said new authenticated rights locker access request to said user device over a network. 81. The apparatus of claim 80 wherein said apparatus is further configured to receive one or more delivery parameters, said one or more delivery parameters indicating where said digital content should be sent, a delivery mechanism, or both. 82. The apparatus of claim 80 wherein said new token is for storage in a bookmark on a user device. 83. The apparatus of claim 80 wherein said processor is further configured to embed said authenticated rights locker access request in a Web cookie before said sending. 84. The apparatus of claim 80 wherein said processor is further configured to encapsulate said authenticated rights locker access request in an HyperText Transfer Protocol Response message before said sending.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (62)
Rosenow Peter D. (Edmonds WA) Trafton Roger M. (Kirkland WA), Apparatus and method for controlling access to and interconnection of computer system resources.
Reed Drummond Shattuck ; Heymann Peter Earnshaw ; Mushero Steven Mark ; Jones Kevin Benard ; Oberlander Jeffrey Todd ; Banay Dan, Computer-based communication system and method using metadata defining a control structure.
Jones, Thomas C.; Brackenridge, Billy, Digital content distribution, transmission and protection system and method, and portable device for use therewith.
Karaev Isaak ; Baird George ; Blazek Pavel ; Kitain Eduard ; Prohorov Dmitry ; Leisy Jacques ; Urazov Yuri ; Zucknovich Stephen, Information delivery system and method.
Fucarile, Lori J.; Hoover, Susan B.; Mazer, Murray S.; Murphy, Mary C.; Ward, Stephen A.; Lopresti, Patrick J., Licensing system and method for freely distributed information.
Ronald Patrick Doyle ; John Raithel Hind ; Julie Hayes King, Method and apparatus for client authentication and application configuration via smart cards.
Finnell James S. (4920 Englewood Dr. San Jose CA 95129) Mulla Dean A. (985 Hibiscus La. San Jose CA 95117), Method for decreasing penalty resulting from a cache miss in multi-level cache system.
Bruwer Frederick Johannes,ZAX ; Pretorius Pieter Jacobus,ZAX ; Dippenaar Theodor Johannes,ZAX, Secure token integrated circuit and method of performing a secure authentication function or transaction.
Gregory D. Linden ; Michael D. McDaniel ; Ryan J. Snodgrass ; Joel R. Spiegel, System and method for providing secure URL-based access to private resources.
Lavey ; Jr. Anthony M. ; Loftin Rex Lavon ; Murray Sean T. ; Pisello John M., System and method for transparently registering and updating information over the internet.
Berger David A. ; Weber Jay C. ; Kramer Glenn A., System, method and article of manufacture for processing a plurality of transactions from a single initiation point on a.
Iyengar Sridhar Srinivasa ; Fontana James Albert ; Smith Norman Roy ; Pattinson Brian Edward ; Pitchford Anthony Reginald ; Staub Mireille Mathilde, Tool-independent system for application building in an object oriented development environment with data stored in repository in OMG compliant UML representation.
Lee, Byung-rae; Kim, Tae-sung; Jung, Kyung-im; Oh, Yun-sang, Method and apparatus for playing back content based on digital rights management between portable storage and device, and portable storage for the same.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.