|
|
|
| United States Patent | 5010571 |
| Link to this page | http://www.wikipatents.com/5010571.html |
| Inventor(s) | Katznelson; Ron D. (San Diego, CA) |
| Abstract | A system for controlling and accounting for retrieval of data from a CD-ROM
memory containing encrypted data files from which retrieval must be
authorized. The system includes an authorization and key distribution
terminal and a plurality of customer data retrieval terminals having such
memories loaded therein. The authorization terminal authorizes retrieval
of data by authorized customer terminals by providing to the authorized
customer terminals an encryption key for enabling retrieval of the data
and a authenticated credit signal for use in limiting the amount of data
to be retrieved from the files. The encryption key is encrypted for
communication to the customer terminals in unique unit keys that are
stored in the respective customer terminals. The customer terminal limits
the amount of data retrieved from the files in accordance with the credit
signal; records the amount of data retrieved from the files; and provides
to the authorization termimal an authenticated report of the recorded
amount of data retrieved from said files. The memory includes data files
of different data vendors; and the customer terminal separately records
the retrieval of data from the files of the different vendors. |
|
|
 |
Title Information  |
|
|
|
|
|
Drawing from US Patent 5010571 |
|
|
Metering retrieval of encrypted data stored in customer data retrieval
terminal |
|
|
|
|
|
| Publication Date |
April 23, 1991 |
|
|
|
|
|
| Filing Date |
September 10, 1986 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 |
|
 |
Title Information |
|
|
|
References |
|
|
| *references marked with an asterisk below are user-added references |
 |
U.S. References |
|
|
| Add a new US reference: |
| | Reference | Relevancy | Comments | Reference | Relevancy | Comments | 4827508
Shear
705/53
May,1989 |  Your vote accepted
[0 after 0 votes] | | 4712238
Gilhousen
380/232
Dec,1987 | Your vote accepted
[0 after 0 votes] | | 4677434
Fascenda
705/50
Jun,1987 | Your vote accepted
[0 after 0 votes] | | 4484217
Block
725/1
Nov,1984 | Your vote accepted
[0 after 0 votes] | | 4433207
Best
713/190
Feb,1984 | Your vote accepted
[0 after 0 votes] | | 4337483
Guillou
380/228
Jun,1982 | Your vote accepted
[0 after 0 votes] | | 4323921
Guillou
705/53
Apr,1982 | Your vote accepted
[0 after 0 votes] | | 4262329
Bright
713/164
Apr,1981 | Your vote accepted
[0 after 0 votes] | | 4196310
Forman
380/46
Apr,1980 | Your vote accepted
[0 after 0 votes] | | 4048619
Forman, Jr.
370/485
Sep,1977 | Your vote accepted
[0 after 0 votes] | | 3956615
Anderson
705/72
May,1976 | Your vote accepted
[0 after 0 votes] | | 3573747
Adams
359/715
Apr,1971 | Your vote accepted
[0 after 0 votes] | | |
|
 |
|
|
|
U.S. References |
|
|
|
Foreign References |
|
|
|
|
|
|
|
|
Foreign References |
|
|
|
Other References |
|
|
|
|
|
|
|
|
Other References |
|
|
|
|
|
|
|
References |
|
|
|
|
|
|
| Market Size |
|
Estimate the gross annual revenues of the relevant market
sector:
|
| | |
| |
|
|
| Market Share |
|
Estimate the percentage of the relevant market sector this invention will capture:
|
| | |
| |
|
|
| Reasonable Royalty |
|
What percentage of gross sales should the inventor or assignee be paid?
|
| | |
| |
|
|
|
Public's "Guesstimation" of Royalty Value
|
| Market Size | N/A | [No votes] | | x | Market Share | N/A | [No votes] | | x | Reasonable Royalty | N/A | [No votes] |
| | N/A | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Market Review |
|
|
|
Technical Review |
|
|
|
Claims |
|
|
I claim:
1. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing a memory containing an encrypted data file from which
retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling
retrieval of said data and a credit signal for use in limiting the amount
of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with
said credit signal;
(d) recording the amount of data retrieved from said file;
(e) reporting the recorded amount of data retrieved from said file; and
(f) authenticating said report.
2. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing a memory containing an encrypted data file from which
retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling
retrieval of said data and a credit signal for use in limiting the amount
of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with
said credit signal; and
(d) recording the amount of data retrieved from said file;
wherein step (b) comprises the step of
(e) authenticating said credit signal.
3. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing a memory containing an encrypted data file from which
retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling
retrieval of said data and a credit signal for use in limiting the amount
of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with
said credit signal;
(d) recording the amount of data retrieved from said file; and
(e) determining whether credit should be extended in response to a
retrieval request prior to providing said encryption key, and, if so, the
amount of said credit to be indicated by said credit signal.
4. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing a memory containing an encrypted data file from which
retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling
retrieval of said data and a credit signal for use in limiting the amount
of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with
said credit signal; and
(d) recording the amount of data retrieved from said file;
wherein
step (a) comprises providing a memory containing encrypted data files for
each of a plurality of different data vendors, with a different said
encryption key and credit signal being required to retrieve the data file
and/or files associated with each of said vendors;
step (b) comprises providing a separate set of encryption key and credit
signal for each vendor associated with a said file retrieval
authorization;
step (c) comprises limiting retrieval of files associated with different
vendors separately in accordance with the encryption key and credit signal
provided for said vendor; and
step (d) comprises separately recording the amount of retrieved data with
respect to each vendor.
5. A method according to claim 4, wherein
step (a) comprises providing a memory containing a plurality of encrypted
data files for a given data vendor; and
step (d) comprises separately recording the amount of retrieved data with
respect to each data file of said given vendor.
6. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing a memory containing an encrypted data file from which
retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling
retrieval of said data and a credit signal for use in limiting the amount
of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with
said credit signal; and
(d) recording the amount of data retrieved from said file; wherein
step (a) comprises providing a said memory that further contains
unencrypted initialization vector data uniquely associated with different
blocks of data within the encrypted data file; and
the method further comprises the steps of
(e) using said initialization vector data in combination with said
encryption key to retrieve data from said file; and
(f) using said unique initialization vector data upon said retrieval to
record the identity of the block of data retrieved from said file.
7. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing a memory containing an encrypted data file from which
retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling
retrieval of said data and a credit signal for use in limiting the amount
of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with
said credit signal; and
(d) recording the amount of data retrieved from said file; wherein
step (a) comprises providing a said memory that further contains cost data
associated with different blocks of data that can be retrieved from said
memory; and
the method further comprises the steps of
(e) processing the cost data with said credit signal in response to a
request to retrieve a given block of data to determine whether retrieval
of said requested block of data is authorized; and
(f) authenticating said cost data prior to said processing of same.
8. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing a memory containing an encrypted data file from which
retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling
retrieval of said data and a credit signal for use in limiting the amount
of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with
said credit signal; and
(d) recording the amount of data retrieved from said file; wherein
step (a) comprises providing said memory in a customer data retrieval
terminal; and
step (b) comprises determining in an authorization center located remotely
from said customer terminal whether the status of an account associated
with said customer terminal warrants authorizing said retrieval, and, if
so, providing said encryption key and said credit signal in the customer
data retrieval terminal.
9. A method according to claim 8, wherein
step (a) comprises providing a said memory that further contains cost data
associated with different blocks of data that can be retrieved from said
memory; and
the method further comprises the steps of
(e) recording in said customer terminal, the cost data for the blocks of
data retrieved in relation to said credit signal provided therein; and
(f) reporting to the authorization center the record of said cost data in
relation to said credit signal.
10. A method according to claim 9, further comprising the step of
(g) authenticating said report of the record of said cost data in relation
to said credit signal.
11. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing in the customer data retrieval terminal a memory containing
an encrypted data file from which retrieval must be authorized;
(b) authorizing said retrieval in response to a request to retrieve data
from said file in said customer data retrieval terminal by determining in
an authorization center located remotely from the customer terminal
whether the status of an account associated with said customer terminal
warrants authorizing said retrieval, and, if so, providing to the customer
terminal an encryption key for enabling retrieval of data from said file
in the customer data retrieval terminal; and
(c) recording the retrieval of data from said file by said customer
retrieval terminal and debiting said account for said retrieval.
12. A method according to claim 11 wherein step (b) comprises the step of
(d) encrypting said encryption key.
13. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing in the customer data retrieval terminal a memory containing
an encrypted data file from which retrieval must be authorized;
(b) authorizing said retrieval in response to a request to retrieve data
from said file in said customer data retrieval terminal by determining in
an authorization center located remotely from the customer terminal
whether the status of an account associated with said customer terminal
warrants authorizing said retrieval, and, if so, providing to the customer
terminal an encryption key for enabling retrieval of data from said file;
(c) recording the retrieval of data from said file by said customer
retrieval terminal and debiting said account for said retrieval; and
(d) verifying decryption of data from said requested file pursuant to use
of said encryption key prior to debiting said account.
14. A system for controlling and accounting for retrieval of data from a
memory containing an encrypted data file from which retrieval must be
authorized, comprising
means for authorizing said retrieval by providing an encryption key for
enabling retrieval of said data and a credit signal for use in limiting
the amount of data to be retrieved from said file;
means for limiting the amount of data retrieved from said file in
accordance with said credit signal;
means for recording the amount of data retrieved from said file;
means for reporting the recorded amount of data retrieved from said file;
and
means for authenticating said report.
15. A system for controlling and accounting for retrieval of data from a
memory containing an encrypted data file from which retrieval must be
authorized, comrpising
means for authorizing said retrieval by providing an encryption key for
enabling retrieval of said data and a credit signal for use in limiting
the amount of data to be retrieved from said file;
means for limiting the amount of data retrieved from said file in
accordance with said credit signal; and
means for recording the amount of data retrieved from said file;
wherein the authorization means comprises
means for authenticating said credit signal.
16. A system for controlling and accounting for retrieval of data from a
memory containing an encrypted data file from which retrieval must be
authorized, comprising
means for authorizing said retrieval by providing an encryption key for
enabling retrieval of said data and a credit signal for use in limiting
the amount of data to be retrieved from said file;
means for limiting the amount of data retrieved from said file in
accordance with said credit signal;
means for recording the amount of data retrieved from said file; and
means for determining whether credit should be extended in response to a
retrieval request prior to providing said encryption key, and, if so, the
amount of said credit to be indicated by said credit signal.
17. A system for controlling and accounting for retrieval of data from a
memory containing an encrypted data file from which retrieval must be
authorized, comprising
means for authorizing said retrieval by providing an encryption key for
enabling retrieval of said data and a credit signal for use in limiting
the amount of data to be retrieved from said file;
means for limiting the amount of data retrieved from said file in
accordance with said credit signal; and
means for recording the amount of data retrieved from said file; wherein
said memory contains encrypted data files for each of a plurality of
different data vendors, with a different said encryption key and credit
signal being required to retrieve the data file and/or files associated
with each of said vendors;
the authorization means comprises means for providing a separate set of
encryption key and credit signal for each vendor associated with a said
file retrieval authorization;
the limiting means comprises means for limiting retrieval of files
associated with different vendors separately in accordance with the
encryption key and credit signal provided for said vendor; and
the recording means comprises means for separately recording the amount of
retrieved data with respect to each vendor.
18. A system according to claim 17 wherein
the memory contains a plurality of encrypted data files for a given data
vendor; and
the recording means comprises means for separately recording the amount of
retrieved data with respect to each data file of said given vendor.
19. A system for controlling and accounting for retrieval of data from a
memory containing an encrypted data file from which retrieval must be
authorized, comprising
means for authorizing said retrieval by providing an encryption key for
enabling retrieval of said data and a credit signal for use in limiting
the amount of data to be retrieved from said file;
means for limiting the amount of data retrieved from said file in
accordance with said credit signal; and
means for recording the amount of data retrieved from said file;
wherein
the memory further contains unencrypted initialization vector data uniquely
associated with different blocks of data within the encrypted data file;
and
the system further comprises
means for using said initialization vector data in combination with said
encryption key to retrieve data from said file; and
means for using said unique initialization vector data upon said retrieval
to record the identity of the block of data retrieved from said file.
20. A system for controlling and accounting for retrieval of data from a
memory containing an encrypted data file from which retrieval must be
authorized, comprising
means for authorizing said retrieval by providing an encryption key for
enabling retrieval of said data and a credit signal for use in limiting
the amount of data to be retrieved from said file;
means for limiting the amount of data retrieved from said file in
accordance with said credit signal; and
means for recording the amount of data retrieved from said file;
wherein
the memory further contains cost data associated with different blocks of
data that can be retrieved from said memory; and
the system further comprises
means for processing the cost data with said credit signal in response to a
request to retrieve a given block of data to determine whether retrieval
of said requested block of data is authorized; and
means for authenticating said cost data prior to said processing of same.
21. A system for controlling and accounting for retrieval of data from a
memory containing an encrypted data file from which retrieval must be
authorized, comprising
means for authorizing said retrieval by providing an encryption key for
enabling retrieval of said data and a credit signal for use in limiting
the amount of data to be retrieved from said file;
means for limiting the amount of data retrieved from said file in
accordance with said credit signal; and
means for recording the amount of data retrieved from said file;
wherein
the memory is in a customer data retrieval terminal; and
the authorization means comprises means for determining in an authorization
center located remotely from said customer terminal whether the status of
an account associated with said customer terminal warrants authorizing
said retrieval, and, if so, providing said encryption key and said credit
signal in the customer data retrieval terminal.
22. A system according to claim 21, wherein
the memory further contains cost data associated with different blocks of
data that can be retrieved from said memory; and
the system further comprises
means for recording in said customer terminal, the cost data for the blocks
of data retrieved in relation to said credit signal provided therein; and
means for reporting to the authorization center the record of said cost
data in relation to said credit signal.
23. A system according to claim 22, further comprising
means for authenticating said report of the record of said cost data in
relation to said credit signal.
24. A system for controlling and accounting for retrieval of data from a
memory in the customer data retrieval terminal, wherein the memory
contains an encrypted data file from which retrieval must be authorized,
the system comprising
means for authorizing said retrieval in response to a request to retrieve
data from said file in said customer data retrieval terminal by
determining in an authorization center located remotely from the customer
terminal whether the status of an account associated with said customer
terminal warrants authorizing said retrieval, and, if so, providing to the
customer terminal an encryption key for enabling retrieval of data from
said file in the customer data retrieval terminal; and
means for recording the retrieval of data from said file by said customer
retrieval terminal and debiting said account for said retrieval.
25. A system according to claim 24, wherein
the authorizing means comprise means for encrypting said encryption key.
26. A system according to claim 24, wherein the memory is a compact disc
ROM.
27. A system for controlling and accounting for retrieval of data from a
memory in the customer data retrieval terminal, wherein the memory
contains an encrypted data file from which retrieval must be authorized,
the system comprising
means for authorizing said retrieval in response to a request to retrieve
data from said file in said customer data retrieval terminal by
determining in an authorization center located remotely from the customer
terminal whether the status of an account associated with said customer
terminal warrants authorizing said retrieval, and, if so, providing to the
customer terminal an encryption key for enabling retrieval of data from
said file;
means for recording the retrieval of data from said file by said customer
retrieval terminal and debiting said account for said retrieval; and
means for verifying decryption of data from said requested file pursuant to
use of said encryption key prior to debiting said account.
28. A method of controlling and accounting for retrieval of data from a
memory, comprising the steps of
(a) providing a memory containing an encrypted data file from which
retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling
retrieval of said data and a credit signal for use in limiting the amount
of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with
said credit signal; and
(d) recording the amount of data retrieved from said file.
29. A method according to claim 28, wherein step (b) comprises the step of
(e) encrypting said encryption key.
30. A method according to claim 28, wherein
step (a) comprises providing a memory containing a plurality of encrypted
data files for a given data vendor; and
step (d) comprises separately recording the amount of retrieved data with
respect to each data file of said given vendor.
31. A method according to claim 28, wherein
step (a) comprises providing a said memory that further contains
unencrypted initialization vector data associated with the encrypted data
file; and
the method further comprises the step of
(e) using said initialization vector data in combination with said
encryption key to retrieve data from said file.
32. A method according to claim 28, wherein
step (a) comprises providing a said memory that further contains
unencrypted identification data uniquely associated with different blocks
of data within the encrypted data file; and
the method further comprises the step of
(e) using said unique identification data upon said retrieval to record the
identity of the block of data retrieved from said file.
33. A method according to claim 28, wherein
step (a) comprises providing a said memory that further contains cost data
associated with different blocks of data that can be retrieved from said
memory; and
the method further comprises the steps of
(e) processing the cost data with said credit signal in response to a
request to retrieve a given said block of data to determine whether
retrieval of said requested block of data is authorized.
34. A method of controlling and accounting for retrieval of data from a
plurality of identical memories by a corresponding plurality of different
data retrieval terminals, comprising the steps of
(a) providing a memory containing an encrypted data file from which
retrieval must be authorized;
(b) providing a different unit key in each of the retrieval terminals;
(c) authorizing said retrieval by providing an encryption key encrypted in
the unit key of the given retrieval terminal for enabling retrieval of
said data in the given retrieval terminal and by providing a credit signal
addressed to the given retrieval terminal for use in limiting the amount
of data to be retrieved from said file by the given retrieval terminal;
(d) limiting the amount of data retrieved from said file in the given
retrieval terminal in accordance with said credit signal; and
(e) recording the amount of data retrieved from said file in said retrieval
terminal.
35. A system for controlling and accounting for retrieval of data from a
memory containing an encrypted data file from which retrieval must be
authorized, comprising
means for authorizing said retrieval by providing an encryption key for
enabling retrieval of said data and a credit signal for use in limiting
the amount of data to be retrieved from said file;
means for limiting the amount of data retrieved from said file in
accordance with said credit signal; and
means for recording the amount of data retrieved from said file.
36. A system according to claim 35, wherein the authorization means
comprises
means for encrypting said encryption key.
37. A system according to claim 35, wherein
the memory contains a plurality of encrypted data files for a given data
vendor; and
the recording means comprises means for separately recording the amount of
retrieved data with respect to each data file of said given vendor.
38. A system according to claim 35, wherein
the memory further contains unencrypted initialization vector data
associated with the encrypted data file; and
the system further comprises
means for using said initialization vector data in combination with said
encryption key to retrieve data from said file.
39. A system according to claim 35, wherein
the memory further contains unencrypted identification data uniquely
associated with different blocks of data within the encrypted data file;
and
the system further comprises
means for using said unique identification data upon said retrieval to
record the identity of the block of data retrieved from said file.
40. A system according to claim 35, wherein
the memory further contains cost data associated with different blocks of
data that can be retrieved from said memory; and
the system further comprises
means for processing the cost data with said credit signal in response to a
request to retrieve a given said block of data to determine whether
retrieval of said requested block of data is authorized.
41. A system according to claim 35, wherein the memory is a compact disc
ROM.
42. A system for controlling and accounting for retrieval of data from a
plurality of identical memories by a corresponding plurality of different
data retrieval terminals, wherein each memory contains an encrypted data
file from which retrieval must be authorized, the system comprising
means providing a different unit key in key in each of the retrieval
terminals;
means for authorizing said retrieval by providing an encryption key
encryption in the unit key of the given retrieval terminal for enabling
retrieval of said data in the given retrieval terminal and by providing a
credit signal addressed to the given retrieval terminal for use in
limiting the amount of data to be retrieved from said file by the given
retrieval terminal;
means for limiting the amount of data retrieved from said file in the given
retrieval terminal in accordance with said credit signal; and
means for recording the amount of data retrieved from said file in said
retrieval terminal.
43. A system according to claim 42, wherein the memory is a compact disc
ROM. |
|
|
|
|
|
|
Claims |
|
|
|
Description |
|
|
BACKGROUND OF THE INVENTION
The present invention generally pertains to data retrieval and is
particularly directed to limiting and accounting for the retrieval of data
from encrypted data files.
SUMMARY OF THE INVENTION
The present invention is a method and system for controlling and accounting
for retrieval of data from a memory containing an encrypted data file from
which retrieval must be authorized. The system includes means for
authorizing such retrieval by providing an encryption key for enabling
retrieval of the data and a credit signal for use in limiting the amount
of data to be retrieved from the file; means for limiting the amount of
data retrieved from the file in accordance with the credit signal; and
means for recording the amount of data retrieved from the file. The sytem
may further include means for reporting the recorded amount of data
retrieved from the file; and means for authenticating such report.
The present invention is particularly suited for retrieving data files
stored in a compact disc read-only-memory (CD-ROM).
Additional features of the invention are discussed in relation to the
description of the preferred embodiment.
BRIEF DESCRIPTION OF THE DRAWING
FIG. 1 is a block diagram illustrating the signals communicated between an
authorization and key distribution terminal and a customer data retrieval
terminal in a preferred embodiment of the present invention.
FIG. 2 is a functional block diagram of the customer data retrieval
terminal in the embodiment of FIG. 1.
FIG. 3 is a flow diagram showing operational routines in an alternative
preferred embodiment of the present invention.
FIG. 4 is a flow diagram showing operational routines in another
alternative preferred embodiment of the present invention.
FIG. 5 is a flow diagram showing certain aspects of the operational
routines in still another alternative preferred embodiment of the present
invention.
FIG. 6 is a block diagram illustrating the use of a customer data retrieval
terminal in a personal computer for retrieving data from a CD-ROM.
FIG. 7 illustrates an exemplary scheme of tiering the retrieval of
different types of data fields from a memory in accordance with a
preferred embodiment of the present invention.
DESCRIPTION OF THE PREFERRED EMBODIMENTS
The use of a preferred embodiment of the system of the present invention is
generally described with reference to FIG. 1. The system essentially
includes an authorization and key distribution terminal 10 and a customer
data retrieval terminal 11; it being understood that in practice there are
a plurality of customer data retrieval terminals 11 that communicate with
a single authorization and key distribution terminal 10. A memory
containing an encrypted data file from which retrieval must be authorized
is loaded in the customer data retrieval terminal 11. Different data files
in the memory may be associated with different data vendors. Typically,
communications between the authorization and key distribution terminal 10
and the customer data retrieval terminal 11 are transmitted over telephone
lines.
In order to gain authorization to retrieve encrypted data from a given file
stored in the memory loaded in the customer data retrieval terminal 11,
the customer causes a file use request signal 12 to be communicated to the
authorization and key distribution terminal 10. The file use request
signal identifies the file for which retrieval authorization is requested
and also contains an ID number identifying the customer terminal 11 from
which the request signal 12 is sent.
The authorization and key distribution terminal 10 processes the request
signal to determine whether the customer terminal 11 identified by the ID
number contained in the file use request signal 12 is authorized to
retrieve data from the file identified in the file use request signal 12.
Such determination includes checking on the status of a customer account
associated with the customer terminal 11 from which the request signal 12
is received; and may further include determining the eligibility of the
customer to retrieve data from such file notwithstanding the outcome of
the credit check.
Upon determining that the status of the customer account associated with
the customer terminal 11 warrants authorizing retrieval of data from the
file identified in the file use request signal 12, the authorization
terminal 10 authorizes the customer terminal 11 to retrieve data from said
file by providing to the customer terminal 11 both and encrypted file key
13 and an authenticated credit data signal 14. The credit data signal 14
indicates an amount of credit to be extended to the customer terminal 11
for retrieval of data from the file identified in the file use request
signal 12.
The file key 13 is encrypted in a unit key that is unique to the customer
terminal 11 to which the encrypted file key 13 and the authenticated
credit signal 14 are being communicated. Unit keys for each of the
customer terminals 11 associated with a given authorization and key
distribution terminal 10 are stored in the authorization and key
distribution terminal 10 and are individually retrieved in accordance with
the customer terminal ID number that is included in the file use request
signal 12. Each customer data retrieval terminal also permanently stores
it own unique unit key. The authenticated credit data signal 14 is
generated by including both unencrypted credit data and encrypted credit
data that is formed by encrypting the unencrypted credit data with the
unit key of the customer terminal that is being authorized.
The operation of the customer data retrieval terminal 11 in retrieving the
encrypted data from the memory loaded therein is described with reference
to FIG. 2. Certain functional units of the customer data retrieval
terminal 11 are implemented in a microcomputer. These functional units
include a data decryption unit 16, a file key decryption unit 17, a cost
data authentication unit 18, a credit data authentication unit 19, an
authenticated credit and debit status report generation unit 20, an
authenticated usage report generation unit 21, a retrieval control unit 22
associated with each data vendor, a use history storage unit 23 associated
with each data vendor, a unit key memory 24 and a random access memory
(RAM) 25. The retrieval control unit 22 includes a credit register 27, a
debit register 28, an accumulator 29, a comparator 30 and a logic unit 31.
The customer data retrieval terminal 11 further includes a keyboard 33 for
generating a file use request 34 and a file access command 35.
A read only memory (ROM) 37 containing the encrypted data files is loaded
in the customer data retrieval terminal 11. The ROM 37 includes a
plurality of encrypted data files, File A, File B. Each data file includes
encryted data blocks, Block 1, Block 2, . . . Block 5. Each data file
includes blocks of data of a given type of association. The different data
files may be associated with different data vendors and there may be a
plurality of data files associated with each of the different vendors.
Each block of data includes encrypted data, a block ID (identification)
signal, and authenticated cost data. The authenticated cost data indicates
the cost associated with retrieving the given encrypted block of data.
To enable the customer data retrieval terminal 11 to retrieve data from any
given file in the ROM 37, the file use request 34 identifying a given file
is generated by use of the keyboard 33 and combined with the unit ID
number 39 for the customer terminal 11 to provide the file use request
signal 12 that is communicated to the authorization and key distribution
terminal 10. As discussed above, the authorization and key distribution
terminal 10 responds to the file use request signal 12 by providing the
encrypted file key 13 and the authenticated credit data signal 14 to the
customer terminal 11 when the authorization and key distribution terminal
determines that the customer terminal 11 is authorized to retrieve the
data identified in the file use request signal 12.
The encrypted file key 13 is stored in the RAM 25.
The received credit data signal 14 containing the credit data in both
encrypted and unencrypted form is authenticated by the credit data
authentication unit 19, which is keyed by the unit key 42 stored in the
unit key memory 24 to decrypt the encrypted credit data and thereby
provide a decrypted credit data signal, which is compared with the
unencrypted credit data signal in the authenticated credit data signal 14
to authenticate the received credit data signal 14. An authenticated
credit data signal 41 is stored in the credit register 27 of the retrieval
control unit 22 associated with the same vendor as the file from which
data retrieval is being authorized. If the credit register 27 already has
a credit balance, such balance is incremented by the amount indicated by
the authenticated credit signal 41.
A message (not shown) indicating that authorization has been granted for
the customer terminal 11 to retrieve data from the requested file is also
communicated by the authorization and key distribution center 10 to the
customer terminal 11 and displayed on a monitor (not shown) at the
customer terminal 11.
To retrieve a given block of data from an authorized data file in the ROM
37, the keyboard 33 is operated to provide a file access command 35 which
includes an address signal 44 directed to the ROM 37 for accessing the
given block of data. In the example shown in FIG. 1, the accessed block of
data is block 5 of file B. | | |
