WikiPatents - Community Patent Review
Create Free Account  |  License or Sell Your Patent  |  WikiPatents Marketplace  |  WikiPatents Blog
Username:  Password:  
    
Advanced Search
System and method for access control for portable data storage media    
United States Patent5457746   
Link to this pagehttp://www.wikipatents.com/5457746.html
Inventor(s)Dolphin; Janet L. (Milpitas, CA)
AbstractThe system and method of the present invention provides the support of high density removable media, such as CD-ROM or MO, to be used as a distributed media for storing data where access thereto is securely restricted. Through this system and method, the secure periodic distribution of several different sets of data information to the end user is achieved with access control selectively performed by at the user's site through communication with the billing/access center. User billing is based on the purchase of the decryption access codes as indicated by the access code attributes encoded on the media. Access code availability is further controlled by selectively providing for updates of decryption access codes.
   














 Title Information Submit all comments and votes
 
Patent Text Patent PDF Print Page Summary File History
Plain text PDF images Print Summary File History
Drawing from US Patent 5457746
System and method for access control for portable data storage media - US Patent 5457746 Drawing
System and method for access control for portable data storage media
Inventor     Dolphin; Janet L. (Milpitas, CA)
Owner/Assignee     Spyrus, Inc. (San Jose, CA)
Patent assignment
All assignments
Publication Date     October 10, 1995
Application Number     08/359,347
PAIR File History     Application Data   Transaction History
Image File Wrapper   Patent Term   Fees
Litigation
Filing Date     December 19, 1994
US Classification    
Int'l Classification    
Examiner     Swann; Tod R.
Assistant Examiner    
Attorney/Law Firm     Medlen & Carroll
Address
Parent Case     This is a File Wrapper continuation of application Ser. No. 08/122,005 filed Sep. 14, 1993, now abandoned.
Priority Data    
USPTO Field of Search    
Patent Tags     access control portable data storage media
   
Enter a comma (,) or semicolon (;) between multiple tag words/phrases.
Describe this patent:
 Amusing   
 Clever   
 Complex   
 Efficient   
 Historic   
 Important   
 Innovative   
 Interesting   
 Practical   
 Simple   
[no votes]
Patent WIKI

Share information and news about this patent, including information and news about the technology, inventors, company, ligation and licensing.
 References Submit all comments and votes
 
*references marked with an asterisk below are user-added references
 U.S. References
 
Add a new US reference:  
ReferenceRelevancyCommentsReferenceRelevancyComments
5260999
Wyman
705/59
Nov,1993
[0 after 0 votes]		5247577
Bailey
713/191
Sep,1993
[0 after 0 votes]
5199066
Logan
726/29
Mar,1993
[0 after 0 votes]		5142578
Matyas
380/280
Aug,1992
[0 after 0 votes]
5138712
Corbin
726/30
Aug,1992
[0 after 0 votes]		5136647
Haber
713/178
Aug,1992
[0 after 0 votes]
5073935
Pastor

Dec,1991
[0 after 0 votes]		5073934
Matyas

Dec,1991
[0 after 0 votes]
5058162
Santon
705/51
Oct,1991
[0 after 0 votes]		5010571
Katznelson
705/53
Apr,1991
[0 after 0 votes]
5007082
Cummins

Apr,1991
[0 after 0 votes]		4953209
Ryder, Sr.
705/59
Aug,1990
[0 after 0 votes]
4924515
Matyas
380/280
May,1990
[0 after 0 votes]		4888798
Earnest
705/54
Dec,1989
[0 after 0 votes]
4827508
Shear
705/53
May,1989
[0 after 0 votes]		4791565
Dunham
726/31
Dec,1988
[0 after 0 votes]
4658093
Hellman
705/52
Apr,1987
[0 after 0 votes]		5050213
Shear
705/53
Dec,1969
[0 after 0 votes]
4977594
Shear
705/53
Dec,1969
[0 after 0 votes]
 Foreign References
 Other References
 Market Review Submit all comments and votes
   
Market Size
Estimate the gross annual revenues of the relevant market sector:
> $10B
$5B - $10B
$2B - $5B
$500M - $2B
$100M - $500M
$10M - $100M
$1M - $10M
$500K - $1M
$100K - $500K
< $100K
[No votes]
$0
 
$0   $2.5B   $5B   $7.5B   $10B
Market Share
Estimate the percentage of the relevant market sector this invention will capture:
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Reasonable Royalty
What percentage of gross sales should the inventor or assignee be paid?
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Public's "Guesstimation" of Royalty Value
Market SizeN/A[No votes]
xMarket ShareN/A[No votes]
xReasonable RoyaltyN/A[No votes]
N/A
License Availablity
If you are NOT the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
License Availablity
If you ARE the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
Competitive Advantage
Does this invention have a significant competitive advantage over similar technologies?
Yes

No



 [No votes]
Most helpful competitive advantage comment
[No comments]
Commercial Alternatives
Are there viable commercial alternatives for this invention?
Yes

No



 [No votes]
Most helpful commercial alternative comment
[No comments]
 Technical Review Submit all comments and votes
 Claims Submit all comments and votes
 


I claim:

1. A system for accessing data by a user, comprising:

processing means for processing said data;

a plurality of portable data storage means each of which includes data stored on certain ones of said plurality of portable data storage means includes portions selected by said user, said portable data storage means for storing said data in a manner requiring different access codes for accessing different data stored on said portable storage means by the user, wherein one of said access codes is a transmitted code, such transmitted to said user to provide access to said selected portions of said data stored on certain ones of said plurality of portable data storage means;

controller means in communication with said processor means for receiving a signal representative of one of said different access codes from a remote location and for sending a signal which enables access by said processor means to a selected portion of said data on said portable storage means using one of said access codes;

remote authorization means located at a location remote from said processor means and said controller means and in communication with the aforesaid means, said remote authorization means for transmitting said one access code signal to said controller means from said remote location in response to an authorization request signal sent by the user to said remote authorization means; and

wherein said plurality of data storage means includes update means cooperative with said transmitted access code for automatically generating updated access codes for access to previously unaccessible parts of said selected portions of said data on certain ones of said plurality of portable data storage means when electronic update counter conditions are met.

2. A system as recited in claim 1 wherein said selected portions of said data stored on certain ones of said plurality of portable data storage means are provided to said user sequentially and said transmitted access code provides said user with access to said data stored on the first portable data storage means of said sequence of portable data storage means.

3. A system as recited in claim 1 wherein each of said access codes is correlated with an identifying code and wherein said authorization request comprises said identifying code.

4. A system as recited in claim 3 wherein said identifying code is representative of an attribute.

5. A system as recited in claim 4 wherein said attribute is representative of a use of said data.

6. A system as recited in claim 1 wherein said controller means is a hardware configuration.

7. A system as recited in claim 1 wherein said controller means is a software configuration.

8. A system as recited in claim 1 wherein said data stored on said portable data storage means includes identifying codes associated with each of said different portions of said data.

9. A system as recited in claim 8 wherein said identifying codes are correlated with attributes.

10. A system as recited in claim 9 wherein said attribute is representative of use of said data.

11. A method for distributing data to a user comprising the steps of:

on a portable data storage unit, providing encrypted data, such requiring an access code to decrypt said data to provide access thereto wherein at least a portion of said encrypted data is correlated with a corresponding access code identifier for identifying access codes;

delivering said portable data storage unit to said user;

at a remote location, storing a plurality of access codes together with corresponding access code identifiers;

at said remote location generating an authorization signal when particular access conditions are met, wherein said authorization signal causes one of said access codes to be transmitted to said user to enable said user to access a portion of said encrypted data by decrypting a portion of said encrypted data and wherein said access conditions include the receipt of one of said access code identifiers from said user;

applying said access code to said encrypted data to decrypt a portion of said encrypted data; and

processing said decrypted portion of said encrypted data.

12. A method as recited in claim 11 further comprising a plurality of portable data storage means each of which includes data stored on certain ones of said plurality of portable data storage means including portions selected by said user, said selected portions on said certain portable storage means being accessible by a set of access codes, wherein one of said set of access codes is a transmitted access code, such transmitted to said user to provide access to said selected portions of said data stored on certain ones of said plurality of portable data storage means.

13. A method as recited in claim 12 wherein said plurality of data storage means includes means cooperative with said one transmitted access code for generating updated access codes for access to previously unaccessible parts of said selected portions of said data on certain ones of said plurality of portable data storage means.

14. A method as recited in claim 12 wherein said selected portions of said data stored on certain ones of said plurality of portable data storage means are provided to said user sequentially and said transmitted access code provides said user with access to said data stored on the first portable data storage means of said sequence of portable data storage means.

15. A method as recited in claim 14 wherein said authorization request by said user includes said access code identifier.

16. A method as recited in claim 14 wherein said access code identifier is representative of an attribute.

17. A method as recited in claim 16 wherein said attribute is representative of use of said data.

18. A method as recited in claim 11 wherein said applying step is carried out by hardware configuration.

19. A method as recited in claim 11 wherein said applying step is carried out by software configuration.

20. A method as recited in claim 11 wherein said data stored on said portable data storage unit includes identifying codes associated with different portions of said data.

21. A method as recited in claim 20 wherein said identifying codes are correlated with attributes.

22. A method as recited in claim 21 wherein said attributes are representative of use of said data.

23. A method for distributing information in the form of data sets and providing access thereto, comprising the steps of:

encrypting said data sets so that different access codes are required to decrypt different portions of said data sets;

correlating said data sets with access codes identifiers which identify particular access codes which will decrypt said data sets;

writing said data sets onto a data storage means;

remotely providing a data access controller with one of said different access codes to decrypt a selected one of said encrypted data sets in response to the receipt of one of said access code identifiers;

transferring said data storage means from a first location to a second location wherein at said second location a data storage controller which is capable of applying said access codes to said data storage means is provided;

said data access controller accessing said data sets written onto said data storage means; and

wherein said access codes are further associated and stored with attributes defined in a manner which corresponds to particular to particular to particular properties of said data sets, both of which are transmitted to said data access controller in response to the receipt of one of said access code identifiers.

24. A method as recited in claim 23 further comprising a plurality of data storage means each of which includes data stored on certain ones of said plurality of data storage means including portions selected by said user, said selected portions on said certain storage means being accessible by a set of access codes, wherein one of said set of access codes is a transmitted access code, such transmitted to said user to provide access to said selected portions of said data stored on certain ones of said plurality of data storage means.

25. A method as recited in claim 24 wherein said plurality of data storage means includes means cooperative with said one transmitted access code for generating updated access codes for access to previously unaccessible parts of said selected portions of said data on certain ones of said plurality of portable data storage means.

26. A method as recited in claim 24 wherein said selected portions of said data stored on certain ones of said plurality of data storage means are provided to said user sequentially and said transmitted access code provides said user with access to said data stored on the first data storage means of said sequence of data storage means.

27. A method as recited in claim 23 wherein said attributes are representative of use of said data.

28. A system for encrypting data, comprising:

receiving means for receiving said data;

segmenting means in communication with said receiving means for segmenting said data into individual data sets;

a memory medium in a first location in communication with said segmenting means, said memory medium including programming means stored thereon for encrypting said individual data sets and for assigning access code identifiers to said individual data sets, each of said access code identifiers associated with and used in identifying a particular access code for decrypting one of said individual data sets, said access code identifier for identifying said particular access code;

processor means in communication with said memory medium for writing said encrypted individual data sets to a portable data storage means so that at least some of said individual data sets are stored in conjunction with access code identifiers on said portable storage means; and

a remote access code distribution controller in communication with said memory medium for transferring a particular one of said access codes for use with a particular one of said portable data storage means upon receipt of one of said access code identifiers sent from a second location.

29. A system as recited in claim 32 wherein said plurality of data storage means includes means cooperative with said one transmitted access code for generating updated access codes for access to previously unaccessible parts of said selected portions of said data on certain ones of said plurality of portable data storage means.

30. A system as recited in claim 28 wherein said access code is further associated with an attribute.

31. A system as recited in claim 30 wherein said attribute is representative of use of said data set.

32. A system as recited in claim 28 further comprising:

transfer means for transferring said portable data storage means in a remote location;

controller means for receiving a particular access code for decrypting one of said individual data sets and for providing access thereto by a processor; and

authorization means for providing one of said different access codes to said controller means in response to an authorization request.

33. A system as recited in claim 32 wherein said controller means is a hardware configuration.

34. A system as recited in claim 32 wherein said controller means is a software configuration.

35. A method for encrypting data sets to control access thereto, comprising the steps of:

defining attributes in a manner which corresponds to particular properties of said data sets;

binding said attributes to access codes and storing them in a first location;

encoding said data sets so they may be decrypted by said access codes when said access codes signals are applied to said data sets by a processor;

storing said encoded data sets on portable data storage means;

transferring said portable data storage means to a second location; and

transmitting to said second location from said first location one of said access codes bound to one of said attributes.

36. A method as recited in claim 35 wherein attributes are representative of a use of said data.

37. A method as recited in claim 35 wherein said access codes are correlated with identifying codes.

38. A method as recited in claim 35 wherein access to said encoded data sets on said portable data storage means is provided by a remote authorization center and further comprising a controller in communication with said portable data storage means and wherein, upon transmitting one of said identifying codes to said remote authorization center, one of said access codes is downloaded to said controller in communication with said portable data storage means wherein said controller provides access to said data sets stored on said portable data storage means.

39. A method as recited in claim 38 wherein said controller means is a hardware configuration.

40. A method as recited in claim 38 wherein said controller means is a software configuration.

41. A method as recited in claim 35 further comprising a plurality of potable data storage means each of which includes data stored on certain ones of said plurality of potable data storage means including portions selected by said user, said selected potions on said certain potable storage means being accessible by a set of access codes, wherein one of said set of access codes is a transmitted access code, such transmitted to said user to provide access to said selected potions of said data stored on certain ones of said plurality of potable data storage means.

42. A method as recited in claim 41 wherein said plurality of data storage means includes means cooperative with said one transmitted access code for generating updated access codes for access to previously unaccessible parts of said selected portions of said data on certain ones of said plurality of portable data storage means.

43. A method as recited in claim 41 wherein said selected portions of said data stored on certain ones of said plurality of portable data storage means are provided to said user sequentially and said transmitted access code provides said user with access to said data stored on the first portable data storage means of said sequence of portable data storage means.

44. A data retrieval system for use by a user comprising a plurality of portable data storage means each of which includes data stored on certain ones of said plurality of portable data storage means including portions selected by said user, said selected portions on said certain portable storage means being accessible by a set of access codes, wherein one of said set of access codes is transmitted by a remote central processing unit to a user at a second location, such transmitted to said user to provide access to said selected portions of said data stored on certain ones of said plurality of portable data storage means; and

wherein said plurality of data storage means includes update means cooperative with said transmitted access code for automatically generating updated access codes for access to previously unaccessible parts of said selected portions of said data on certain ones of said plurality of portable data storage means when electronic update counter conditions are met.

45. A system as recited in claim 44 wherein said selected portions of said data stored on certain ones of said plurality of portable data storage means are provided to said user sequentially and said transmitted access code provides said user with access to said data stored on the first portable data storage means of said sequence of portable data storage means.

46. A system as recited in claim 8 wherein said authorization request includes one of said identifying codes.
 Description Submit all comments and votes
 


FIELD OF THE INVENTION

The present invention relates to providing access to data stored on a portable data storage unit. More particularly, it relates to a system for delivering encrypted data on a portable data storage unit and transmitting an access code from a remote location to decrypt the encrypted data.

BACKGROUND OF THE INVENTION

As advances in data high density storage technology continue to progress, more homes and business are acquiring computer peripherals capable of reading the new forms of portable data storage media. For example, high-density media such as compact disc--read only memory (CD-ROM) is becoming a popular medium for storing advanced forms of electronic information such as textual, visual (video or photographs) and audio information as well as interactive media. CD-ROMs contain enough storage space to hold the equivalent of 250,000 pages of text, 12,000 images, 1.5 hours of video, 500 paperback books or 430 magazines. Moreover, CD-ROM technology supports an extremely cost effective replication feature averaging $0.05 per replicated CD. CD-ROM players can be coupled to television sets or computers so that the user can access textual and visual information as well as audio information stored on a CD-ROM.

It is common practice for most publishers to collect and process their information electronically, that is, on word processors and computers. Their data is maintained in electronic form until it is time to mail it to the subscriber. At that time, the information is printed, subscribers mail labels are attached and the published information is sent via a postal service to the subscriber. Under this system, the costs of printing and delivery are extremely high. Moreover, environmental concerns have necessitated the need to consider paper a critical resource. Accordingly, the need for a new publishing medium has been recognized. For example, see U.S. Pat. Nos. 4,827,508, 4,977,594 and 5,050,213, issued May 2, 1989, Dec. 11, 1990 and Sep. 17, 1991 respectively to Shear.

Subscription services to the home and office through standard postal channels provide subscribers with magazines, trade journals, financial updates and book of the month clubs. These subscription services require the user (subscriber) to pay a fixed amount either in advance or monthly. During the time which the subscription is valid, the publisher continues to mail its information to that subscriber. Moreover, any single user may be the subscriber of a multitude of journals or magazines. It is also likely a single subscriber may hold subscriptions to several magazines published by the same publisher.

Also other types of published or archived information, such as corporate, government, or legal records, are printed on paper for dissemination. When disseminated, such records may inadvertently or intentionally be read by those unauthorized to do so since there is no way to insure that the reader is authorized to access to printed matter. Moreover, since some published corporate or legal information is subject to constant updates which renders the previously published material obsolete, it is preferable but often difficult to purge dated material from circulation.

Again referring to the Shear patents, these systems audit or meter a user's access activity. Because a key to unlock encrypted data is present on the user's hardware, such as a PCMCIA card, the decryption function is inhibited at the user's site in order to prevent unauthorized access to the data. Thus, according to the systems of Shear, access to the information on the portable storage medium, such as a CD-ROM, is available to a user without prior authorization for access. Therefore, there is no way to insure that the reader is authorized to access to the information stored on the CD-ROM prior to the user's access. Furthermore, those systems do not provide a way in which access to out-of-date information can be blocked.

The need for protection of information stored on, for example, CD-ROMs, from unauthorized access needs to be satisfied before such a publication distribution system is acceptable to publishers. Security provided at both the publisher's site and subscriber's site is needed to prevent the unauthorized access to data contained on the media. Moreover, valid subscribers need to be protected when their subscription service is terminated.

SUMMARY OF THE INVENTION

There are at least three basic features of the present invention. They include, encryption of data in a particular manner, distribution of the data under a particular distribution scheme and controlling the use of the data through an update scheme. Many benefits are provided by these basic features as will be discussed in detail below.

This invention includes publishing data on a removable or portable media, preferably high density, such as a CD-ROM or a magnetic optical (MO). Thus, one or more publishers may incorporate several, if not, all of their periodic publications on a single media. The present invention includes partitioning the media according to the different publications into data sets, and then providing a protection, access, and use audit scheme to these data sets. Thus, only validated subscribers are able to gain access to the information stored on the CD-ROM.

Another important feature of the present invention is that it provides the publisher the tools to configure and set up data and billing according to the publisher's own choice. At the time they create the media, publishers are provided flexibility in billing to charge subscribers in accordance with the type of information being sold. This flexibility is incorporated into the publishing process.

More specifically, the protection and access scheme of the present invention includes providing the publisher with an encryption tool on, for example, a personalized PCMCIA, or other suitable program storage medium. Under this implementation of the present invention, when the publisher loads a program stored locally, menu driven options appear on the publisher's computer screen which allow the publisher to define the user's or subscriber's access to the publisher's data. The billing options are also known as "attributes," which include, for example, subscription duration. The billing attributes are associated with Key Material Identifiers (KMIDs), which are in essence, indexes or identifying codes for the purpose of correlating billing attributes with access codes. Access code and key are used interchangeably herein. An access code corresponding to a particular segment of data stored on the CD-ROM is ultimately downloaded to the subscriber so that they may gain access to the information.

The program stored on the publisher's PCMCIA enables the publisher to encrypt the data so that an access code or key is required to decrypt it. The encrypted or scrambled data along with the KMID is then stored on a portable storage medium. Corresponding billing information is also stored in a separate file for the user's review. The CD-ROM is then transferred to the user. The user is also in possession of a PCMCIA, or other suitable storage medium which has on it software for communicating with the billing/access center and managing downloaded access codes. The user further has available a telephone line or comparable medium, a computer with a modem and peripherals capable of reading the PCMCIA and the CD-ROM.

An application on the user's personal computer enables a menu to appear on the screen of the computer when the user loads the CD-ROM containing publisher's data into its reading hardware. The menu lists, for example, the publications available for sale and the billing information. The user then, via the software stored on the PCMCIA card, requests access to one or more of the publications by highlighting or pointing to a publication for sale and then sending the request to the billing/access center. The KMID or identifying index and required billing data, such as a credit or debit card number, is sent to a remote billing station via the telephone line. The billing station, upon credit approval, matches the KMID to the access code and transmits the key and access parameter, e.g. time of subscription purchased, to the user via the telephone line. The key is then installed on the user's PCMCIA card. The user may then access the particular publication which is accessible by that particular access code or key.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts the overall system of the present invention;

FIG. 2 shows the user/billing station subsystem of Box 11 of FIG. 1;

FIG. 3 shows the publisher/billing station subsystem of Box 12 of FIG. 1;

FIG. 4 is a schematic showing the information sent to the billing/access center by the publisher and by the user;

FIG. 5 is a block diagram of some elements of the publisher's station of the present invention;

FIG. 6 is a block diagram of the publisher's PCMCIA;

FIG. 7 is a flow chart of publisher's billing software;

FIG. 8 depicts a screen display of attribute choices available during the publisher's utilization of the present invention;

FIG. 9 depicts a second screen display of security choices available during the publisher's utilization of the present invention;

FIG. 10 shows a list of the type of information stored on the removable media of the present invention;

FIG. 11 is a block diagram of some elements of the subscriber's station of the present invention;

FIG. 12 is a block diagram of the subscriber's PCMCIA;

FIG. 13 is a flow chart of the subscriber's key request process;

FIG. 14 is a block diagram of key data base and billing/access center;

FIG. 15 is a flow chart of the billing/access center process; and

FIG. 16 is a chart illustrating the cryptographic update feature of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

The system and method of the present invention generally includes two subsystems and submethods. The first part of this discussion will focus upon the two subsystems and how they interrelate in order to make the whole system. The second part of this discussion which begins below, will concentrate on the implementation of each part of the system.

Referring to FIG. 1, box 11 and box 12 are two different portions of the overall system which overlap at box 13. In box 12, the publisher 21 of data is shown. The data can include any type of data which can be stored on a portable storage unit 22 such as, and hereinafter referred to as CD-ROM 22. After the data is generated and before it is stored on the CD-ROM 22, it is encrypted or scrambled so that it cannot be accessed without the appropriate access code. Accordingly, the present invention incorporates standard cryptographic techniques such as symmetric key encryption, digital signature, asymmetric key exchanges, or challenge response. Alternatively, this invention may utilize any non-standard cryptographic techniques.

After the publisher 21 encodes the data, it communicates certain information to billing/access center 23 shown in box 13, as will be discussed in detail below. The publisher 21 stores the encrypted data on the CD-ROM 22 and then distributes the data via distribution channels such as the postal service 24. Distribution channels can also include inter-office distribution, for example, in a corporate, government or legal environment among others. Ultimately, the CD-ROM is received by a user 26. The user has a computer (which includes a processor) or a television set or monitor with a processor and a CD-ROM reader. The user's computer is equipped with either a software program and/or hardware which is used to communicate with billing/access center 23 and which has a controller to process the data received from billing/access center 23.

When the user 26 loads the CD-ROM 22 into its CD-ROM reader, the user is presented with a menu on the computer or television monitor or screen which indicates what data is stored on the CD-ROM 22. A portion of the data on the CD-ROM 22 may not be encrypted so the user can access that portion without an access code. However, at least a portion of the data, according to the present invention, is encrypted. In order for the user to access the encrypted data, the user must obtain an access code or a key to decrypt the encrypted data. In order to obtain an access code, the user 26 communicates with the billing/access center 23 via connection 27, which is a telephone line or other communication apparatus or device, sending a request for a particular access code. Upon authorization, billing/access center 23 downloads or sends to the user 26 via connection 27, an access code to decrypt the data.

FIG. 2 shows the user/billing/access center subsystem in more detail. As mentioned above, the user's computer is equipped with either a software program and/or hardware which is used to communicate with billing/access center 23 and which is used control the data received from billing/access center 23. As depicted in FIG. 2, an application to open and provide use "screens" is resident on the machine. Communication is therefore enabled between the PCMCIA card 29 which is loaded into PCMCIA drive 32 and the user operating the computer 31. The PCMCIA card 29 is supplied to user so that the user can provide a request 27' to the billing/access center 23 for an access code to decrypt encrypted data. Upon authorization, billing/access center 23 downloads or sends to the user 26 the access code via connection 27". Connection 27' and 27" can be the same line or transmission means, such including standard electronic mail formats. The access code or key is stored on the user's PCMCIA card 29 for reasons which will become clear below.

Now referring to FIG. 3, the publisher's station 36 consists of a workstation for organizing and gathering information. A writer device to create CD-ROM 35 is in communication with the publishers workstation. The publisher is provided its own publisher PCMCIA card 33 on which a software program is stored in order to allow the publisher to define and control access to the data at the time the information is organized for publication on the CD-ROM. Alternatively, hardware can be provided to the publisher in place of software.

The data 34, as mentioned above can include, for example video, image, photographs, databases, sound, software. The data is either generated on or loaded onto the publisher's computer 36. In accordance with the present invention, before the data is stored on the CD-ROM 22, the publisher determines the billing partitions which are based on like data, e.g. singles magazines, single database, group of similar photographs, modules of executable software and single fonts. The publisher also separates the data into different data sets such as files, sub directories, directories and volumes under different symmetric cryptographic keys so that access to each different segment is only possible with a key which matches that data segment.

The billing partitions are categorized according to how the publisher wants to bill for access to the data. Access control to the data set(s) is therefore controlled via the billing or "attribute" mechanism of the present invention. Attributes are assigned to the data sets by the publisher 21 and are bound to the access code which is hereinafter referred to as the key, such used by the user 26 to decrypt the individual data sets. Each individual symmetric key is then bound to or assigned a unique Key Material Identifier (KMID) which will be described in detail below.

The attributes are defined, implemented and used to determine charges for access to the data encrypted by the user 26 prior to access. One example of an attribute is time duration. For example, one CD-ROM may contain a January issue of a magazine. CD-ROMs issued for months following January may contain subsequent issues of the same magazine. The publisher may wish to offer 1 year, 2 year and 3 years subscriptions, as well as a free 1 month trial subscription. These four different time durations constitute four different attributes. Thus, according to the present invention, a cryptographic update process is applied to allow can be access for fixed periods of time depending on which time duration was chosen by the user. A configuration for an attribute is a data structure of variable length containing flags indicating which metric is present and parameters indicating metric values and units.

Other examples of attributes include "one time buy" attribute where the information is purchased once, and all information protected by that key is available to the subscriber. Also included is an "on demand" attribute where the use of the data is monitored based on a publisher defined parameter including number of times the key can be used, the number of transactions, number of bytes or number of files transferred. Moreover, advertising attributes such are available. For example, a "file bypass" attribute allows the publisher to define files or data sets which are bypassed or are in plain text. Also, a "trial period" attribute allows the user to obtain access to these files for a fixed period of time without a copy or print capability. Application