WikiPatents - Community Patent Review
Create Free Account  |  License or Sell Your Patent  |  WikiPatents Marketplace  |  WikiPatents Blog
Username:  Password:  
    
Advanced Search
Deferred billing, broadcast, electronic document distribution system and method    
United States Patent5727065   
Link to this pagehttp://www.wikipatents.com/5727065.html
Inventor(s)Dillon; Douglas M. (Gaithersburg, MD)
AbstractAn electronic document delivery system and method in which a broadcast center periodically sends a "catalog" of available documents to a receiving computer, thereby allowing a user to browse through the available documents without having to access the broadcast center. The documents are transmitted as packets, and the packets are decrypted as soon as they are received, eliminating the need to store both an encrypted and an decrypted version of the documents at the receiving computer. The receiving computer periodically receives information allowing it to decrypt received documents and to encrypt billing information for the receiving computer. The invention is not limited to text-only documents and can receive all types of documents, such as software, images, text, and full-motion video.
   














 Title Information Submit all comments and votes
 
Patent Text Patent PDF Print Page Summary File History
Plain text PDF images Print Summary File History
Drawing from US Patent 5727065
Deferred billing, broadcast, electronic document distribution system and method - US Patent 5727065 Drawing
Deferred billing, broadcast, electronic document distribution system and method
Inventor     Dillon; Douglas M. (Gaithersburg, MD)
Owner/Assignee     Hughes Electronics (Los Angeles, CA)
Patent assignment
All assignments
Publication Date     March 10, 1998
Application Number     08/869,865
PAIR File History     Application Data   Transaction History
Image File Wrapper   Patent Term   Fees
Litigation
Filing Date     June 5, 1997
US Classification     705/52 380/44 380/231 380/233 705/26 725/1 725/31 725/131
Int'l Classification     H04L 009/00 H04N 007/167
Examiner     Tarcza; Thomas H.
Assistant Examiner     Laufer; Pinchus M.
Attorney/Law Firm     Whelan; John Low; Wanda , Denson-
Address
Parent Case     This application is a Continuation of Application Ser. No. 08/724,694, filed on Oct. 1, 1996 abandoned, which is a continuation of 08/340,349, filed on Nov. 14, 1994, now abandoned.
Priority Data    
USPTO Field of Search     380/6 380/20 380/44 380/49 380/21 348/3
Patent Tags     deferred billing, broadcast, electronic document distribution and
   
Enter a comma (,) or semicolon (;) between multiple tag words/phrases.
Describe this patent:
 Amusing   
 Clever   
 Complex   
 Efficient   
 Historic   
 Important   
 Innovative   
 Interesting   
 Practical   
 Simple   
[no votes]
Patent WIKI

Share information and news about this patent, including information and news about the technology, inventors, company, ligation and licensing.
 References Submit all comments and votes
 
*references marked with an asterisk below are user-added references
 U.S. References
 
Add a new US reference:  
ReferenceRelevancyCommentsReferenceRelevancyComments
5497420
Garneau
380/240
Mar,1996
[0 after 0 votes]		5481609
Cohen
380/227
Jan,1996
[0 after 0 votes]
5404505
Levinson
707/10
Apr,1995
[0 after 0 votes]		5319712
Finkelstein
380/44
Jun,1994
[0 after 0 votes]
5319705
Halter
705/54
Jun,1994
[0 after 0 votes]		4916737
Chomet
380/233
Apr,1990
[0 after 0 votes]
4829569
Seth-Smith
380/234
May,1989
[0 after 0 votes]		4751732
Kamitake
380/230
Jun,1988
[0 after 0 votes]
4720873
Goodman
725/32
Jan,1988
[0 after 0 votes]		4225884
Block
380/233
Sep,1980
[0 after 0 votes]
5400401
Wasilewski
380/212
Dec,1969
[0 after 0 votes]
 Foreign References
 Other References
 Market Review Submit all comments and votes
   
Market Size
Estimate the gross annual revenues of the relevant market sector:
> $10B
$5B - $10B
$2B - $5B
$500M - $2B
$100M - $500M
$10M - $100M
$1M - $10M
$500K - $1M
$100K - $500K
< $100K
[No votes]
$0
 
$0   $2.5B   $5B   $7.5B   $10B
Market Share
Estimate the percentage of the relevant market sector this invention will capture:
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Reasonable Royalty
What percentage of gross sales should the inventor or assignee be paid?
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Public's "Guesstimation" of Royalty Value
Market SizeN/A[No votes]
xMarket ShareN/A[No votes]
xReasonable RoyaltyN/A[No votes]
N/A
License Availablity
If you are NOT the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
License Availablity
If you ARE the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
Competitive Advantage
Does this invention have a significant competitive advantage over similar technologies?
Yes

No



 [No votes]
Most helpful competitive advantage comment
[No comments]
Commercial Alternatives
Are there viable commercial alternatives for this invention?
Yes

No



 [No votes]
Most helpful commercial alternative comment
[No comments]
 Technical Review Submit all comments and votes
 Claims Submit all comments and votes
 


What is claimed is:

1. A document delivery system, comprising:

a broadcast center that repeatedly sends a document as a plurality of encrypted packets;

a communication link connected to the broadcast center for carrying the packets;

a receiving computer, connected to the communication link, and including a memory and a broadcast receiver wherein the broadcast receiver decrypts each packet as it is received and stores only the decrypted packets that are not duplicates of previously received packets in the memory.

2. The document delivery system of claim 1, where the sent document consists of two or more from the following group: software, images, text, and full-motion video.

3. The document delivery system of claim 1, wherein the communication link includes a hybrid link, allowing fast broadcast communication from the broadcast center to the receiving computer and slower communication from the receiving computer to the broadcast center.

4. The document delivery system of claim 1, wherein the communication link is an satellite broadcast link with a dial-up modem return link.

5. The document delivery system of claim 1, wherein the system is a Local Area Network.

6. The document delivery system of claim 1, wherein the broadcast center also sends an unencrypted packet containing a catalog, and the receiving computer further includes a file browser, and wherein the file browser receives the catalog, stores the catalog in the memory, displays the stored catalog, and receives user input indicating a requested document in the catalog.

7. The document delivery system of claim 6, further comprising:

a security engine containing a number of keys;

means in the receiving computer to send a load request to the security engine when the file browser receives input indicating the requested document in the catalog.

8. The document delivery system of claim 7, further comprising:

means in the security engine to send a key corresponding to the requested document to the broadcast receiver,

wherein the broadcast receiver discards received data which does not correspond to the key.

9. The document delivery system of claim 7,

wherein the broadcast center includes means for sending an announcement message announcing that a specific document is about to be broadcast by the broadcast center; and

wherein the means for sending a load request sends a load request if the document request received by the browser corresponds to the document announced by the announcement message.

10. The document delivery system of claim 6, wherein a security engine sends billing information to the broadcast center on a predetermined periodic basis.

11. The document delivery system of claim 6, wherein a security engine sends encrypted billing information to the broadcast center on a predetermined periodic basis.

12. The document delivery system of claim 1, wherein the broadcast center includes means for sending an announcement message that a specific document is about to be broadcast by the broadcast center.

13. A document delivery system, comprising:

a broadcast center that sends a document as a plurality of encrypted packets;

a communication link connected to the broadcast center for carrying the packets;

a receiving computer, connected to the communication link, and including a memory and a broadcast receiver, wherein the broadcast receiver decrypts each packet as it is received and stores only the decrypted packets in the memory; and

a security engine, wherein the broadcast center includes means for sending account information to the security engine and the security engine uses the account information to generate keys used by the broadcast receiver to decrypt the received packets and wherein the account information includes key seeds and the security engine uses a one-way hashing method based on an identification of the sent document and one of the key seeds.

14. The document delivery system of claim 13 wherein the account information includes billing information.

15. The document delivery system of claim 13, wherein the account information includes an engine private key for encrypting billing information sent to the broadcast center on a periodic basis.

16. A receiving computer in a document delivery system having a broadcast center that sends a document as a plurality of encrypted packets and sends account information including key seeds to the receiving computer, the receiving computer comprising:

a memory;

a broadcast receiver that decrypts a packet as it is received and stores only the decrypted received packet in the memory; and

a security engine that generates keys used by the broadcast receiver to decrypt the received packets in accordance with a one-way hashing method based on a document ID of the sent document and one of the key seeds.

17. The receiving computer of claim 16, further comprising:

a file browser for receiving a catalog, storing the catalog in the memory, displaying the stored catalog, and receiving user input indicating a document in the catalog.

18. The receiving computer of claim 17, further comprising:

means in the file browser to send a load request to the security engine when the file browser receives input indicating a document in the catalog.

19. The receiving computer of claim 18, further comprising:

means in the security engine to send a key corresponding to the requested document to the broadcast receiver,

wherein the broadcast receiver discards received data which is not part of the document corresponding to the key.

20. The receiving computer of claim 18, wherein the means for sending a load request sends a load request if the document request received by the file browser corresponds to a document announced by an announcement message received from the broadcast center.

21. The receiving computer of claim 16, wherein the security engine sends billing information to the broadcast center on a predetermined periodic basis.

22. The receiving computer of claim 16, wherein the security engine sends encrypted billing information to the broadcast center on a predetermined periodic basis.

23. The receiving computer of claim 16, wherein communication between the broadcast center and the receiving computer occurs via a communication link that includes a hybrid link, allowing fast broadcast communication from the broadcast center to the receiving computer and slower communication from the receiving computer to the broadcast center.

24. A method for document delivery in a network system, including the steps of:

sending, by a broadcast center in the network, a document as a plurality of encrypted packets;

connecting a communication link to the broadcast center;

decrypting a received packet, in a receiving computer connected to the communication link, the receiving computer including a memory and a broadcast receiver, wherein the broadcast receiver performs the decrypting step on the packet as it is received and stores only the decrypted received packet in the memory;

sending, by the broadcast center, account information including key seeds to a security engine in the receiving computer; and

generating, by the security engine, keys used by the broadcast receiver to decrypt the received packets in accordance with a one-way hashing method based on a document number of the sent document and one of the key seeds.

25. A document delivery system, comprising:

a broadcast center that sends a documents as a plurality of encrypted packets;

a communication link connected to the broadcast center for carrying the packets;

a receiving computer, connected to the communication link, and including a memory and a broadcast receiver, wherein the broadcast receiver decrypts each packet as it is received and stores only the decrypted packets in the memory; and

a tamper-resistant security engine, wherein the broadcast center includes means for sending account information to the security engine and the security engine uses the account information to generate keys used by the broadcast receiver to decrypt the received packets.

26. A method for receiving documents by a receiving computer in a network system, including the steps of:

connecting a communication link to a broadcast center in the network;

receiving from the broadcast center, by a broadcast receiver, a document as a plurality of encrypted packets;

decrypting a received packet as it is received and storing only the decrypted received packet in a memory in the receiving computer;

receiving from the broadcast center, by a security engine in the receiving computer, account information including key seeds; and

generating, by the security engine, keys used by the broadcast receiver to decrypt the received packets in accordance with a one-way hashing method based on a document identification of the sent document and one of the key seeds.

27. A method for receiving documents by a receiving computer in a network system, including the steps of:

connecting a communication link to a broadcast center in the network;

receiving from the broadcast center, by a broadcast receiver, more than one copy of a document as a plurality of encrypted packets; and

decrypting a received packet as it is received and storing only the decrypted received packet in a memory in the receiving computer if the decrypted received packet is not a duplicate of a previously received packet.

28. The method of claim 27, further including the steps of:

receiving, by a file browser, a catalog;

storing the catalog in the memory;

displaying the stored catalog; and

receiving user input indicating a document in the catalog.

29. The method of claim 28, further including the steps of:

sending a load request from the file browser to a security engine when the file browser receives input indicating a document in the catalog;

sending from the security engine to the broadcast receiver a key corresponding to a requested document, and discarding received data which is not part of the document corresponding to the key.

30. The method of claim 27, further including the step of sending an announcement message from the broadcast center that a specific document is about to be broadcast by the broadcast center.
 Description Submit all comments and votes
 


BACKGROUND OF THE INVENTION

This application relates to a computer network and, more specifically, to a method and apparatus for implementing an electronic document delivery system where both documents and billing information are encrypted during transmission.

An electronic document delivery system transmits documents from a central depository to individual nodes or receiving computers. In some conventional document delivery systems, a user accesses a computer at the central depository, examines a list of available documents stored at the central depository, and requests that one or more of the documents be transmitted to him. In other conventional document delivery systems, a predetermined group of documents are sent from the central depository to the user and stored on the user's system. The user is then free to examine documents in the predetermined group. Still other conventional electronic document delivery systems can be used to send only certain types of documents, such as text-only documents.

Some electronic document delivery systems transmit documents to the user in encrypted form. The encrypted documents are received at the receiving computer and stored in a memory. Thereafter, the documents are decrypted and the decrypted form of the documents are also stored in a memory. Such double storage of documents is wasteful of memory and storage space.

What is needed is an electronic document delivery system in which a user can determine which documents he wishes to receive and in which the user is charged only for those documents that he receives. It is also desirable to allow the user to designate which documents he wishes to receive without having to access a central computer to view a list of available documents. Furthermore, it is desirable that such a system use encryption for all critical information passing between the central computer and the receiving computer. It also is desirable to avoid having both an encrypted and a decrypted version of a document stored at the receiving computer, as this is wasteful of memory space.

SUMMARY OF THE INVENTION

The present invention overcomes the problems and disadvantages of the prior art by having a central computer (or "broadcast center") periodically send a "catalog" of available documents to a receiving computer. The user can then browse through the available documents without having to access the broadcast center. The documents are transmitted as packets, and the packets are decrypted as soon as they are received, eliminating the need to store both an encrypted and a decrypted version of the documents at the receiving computer. Moreover, the invention is not limited to text-only documents and can receive all types of documents, such as software, images, text, and full-motion video. The receiving computer periodically receives information allowing it to decrypt received documents and to encrypt billing information to be sent to the broadcast center.

A purpose of the present invention is to allow all forms of electronic documents to be distributed in a cost-effective manner using broadcast technology in a way that prevents access to a document without paying for it.

In accordance with the purpose of the invention, as embodied and broadly described herein, the invention resides in a document delivery system comprising:

a broadcast center that sends a document as a plurality of encrypted packets;

a communication link connected to the broadcast center for carrying the packets;

a receiving computer, connected to the communication link, and including a memory and a broadcast receiver, wherein the broadcast receiver decrypts each packet as it is received and stores only the decrypted packets in the memory.

In further accordance with the purpose of the invention, as embodied and broadly described herein, the invention resides in a document delivery system in a network, comprising:

a broadcast center that sends a catalog containing a list of documents to be sent by the broadcast center;

a communication link connected to the broadcast center for carrying the catalog;

a receiving computer, connected to the communication link, and including a memory and a file browser, wherein the file browser receives the catalog and stores the catalog in the memory, displays the stored catalog, and receives user input indicating a document in the catalog.

In further accordance with the purpose of the invention, as embodied and broadly described herein, the invention resides in a method for document delivery in a network system, comprising:

the steps of sending, by a broadcast center in the network, a document as a plurality of encrypted packets;

connecting a communication link to the broadcast center;

decrypting a received packet in a receiving computer connected to the communication link, the receiving computer including a memory and a broadcast receiver, wherein the broadcast receiver performs the decrypting step on the packet as it is received and stores only the decrypted packet in the memory;

sending, by the broadcast center, account information including key seeds to a security engine in the receiving computer; and

generating, by the security engine, keys used by the broadcast receiver to decrypt the received packets in accordance with a one-way hashing method based on a document ID of the sent document and one of the key seeds.

It is understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention as claimed.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate several embodiments of the invention and, together with the description, serve to explain the principles of the invention.

FIG. 1 is a hardware block diagram of a preferred embodiment of the invention;

FIG. 2 is a detailed hardware block diagram of a broadcast center of FIG. 1;

FIG. 3 is a detailed hardware block diagram of a security engine of FIG. 1;

FIG. 4 is a detailed hardware block diagram of a receiving computer of FIG. 1;

FIG. 5 is a timing chart showing the overall operation of the present invention;

FIG. 6 is a flowchart of steps performed by the broadcast receiver of FIG. 1 in the function of receiving and decrypting packet information;

FIGS. 7(a) and 7(b) are flowcharts of steps performed by the file broadcast receiver of FIGS. 1 and 4 in the functions of receiving an announcement message and sending a load request, and receiving and processing a decrypted packet from the broadcast receiver;

FIG. 8 is a flowchart of steps performed by the security engine of FIG. 3 in the function of receiving and processing a load request from the file broadcast receiver; and

FIG. 9 is a flowchart of steps performed by the file browser of FIGS. 1 and 4 in the function of displaying a catalog and processing document requests .

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Reference will now be made in detail to the preferred embodiments of the invention, examples of which are illustrated in the accompanying drawings. Wherever possible, the same reference numbers will be used throughout the drawings to refer to the same or like parts.

a. General Overview

The following is a general discussion of networking hardware used in a preferred embodiment of the present invention.

In a preferred embodiment of the present invention a communication link between a broadcast center computer and a plurality of document receiving computers is implemented using satellite technology to implement a high-speed one way link between the document receiving computer and the broadcast center. This high-speed link is used to download documents and data from the network. The receiving computer also has a conventional link such as a dial-up modem and telephone line sending data to the network. The invention can use various forms of high-speed, one-way links, such as satellites, and cable television lines. The invention can use various forms of low-speed networks, such as TCP/IP networks, dial-up telephones, ISDN D-channel, CPDP, and low-speed satellite paths.

The described embodiment of the present invention uses satellites to provide a high-speed one-way link. Satellites can cover large geographical areas and are insensitive to the distance between a transmitter and a receiver. In addition, satellites are very efficient at point-to-point applications and broadcast applications, and are resilient and resistant to man-made disasters. Two-way satellites are expensive to use, however, because of the costs involved in purchasing an installing satellite ground terminal hardware. In the past, these costs have placed satellite communications outside the reach of an individual consumer.

The present invention allows a personal computer to receive downloaded information from the network via a satellite at a very practical cost. In the present invention, the cost of satellite communications is reduced because a one-way satellite link is used. Receive-only earth station equipment is cheaper to manufacture because it requires less electronics than send/receive antennae.

b. The Electronic Document Delivery System

The following paragraphs present a brief overview of a preferred embodiment of the present invention. A more detailed description follows thereafter.

The present invention is an electronic document delivery system in which a central broadcast center broadcasts documents on a predetermined schedule. Documents can include various types of files or data, including software, images, text, and full-motion video. Periodically, a catalog of documents to be sent during an upcoming time period is sent by the broadcast center to a plurality of receiving computers. Users of the receiving computers, either human beings or other computers, designate which documents in the catalog they wish to receive. Sometime later, the broadcast center broadcasts, in encrypted form, each of the documents listed in the catalog. As each document is received by a receiving computer, the receiving computer determines whether one or more of its users have designated the document as a document from the catalog that they would like to receive. If the document was designated by the user, the receiving computer decrypts the document and stores billing information about the received document. The billing information will be transferred back to the broadcast center at a later time.

The following paragraphs provide a more detailed description of a preferred embodiment of the present invention. FIG. 1 is a hardware block diagram 100 of a preferred embodiment of the invention. FIG. 1 includes a receiving computer 110, which is one of the plurality of receiving computers, a broadcast receiver 120, a security engine 130, a communications link 140, and a broadcast center 150. Receiving computer 110 includes a file broadcast receiver 112 and a file browser 114.

Communications link 140 preferably is a combination of a satellite broadcast channel plus a dial-up telephone line. Another embodiment of the invention uses a vertical blanking interval of broadcast television to carry the broadcast data.

In FIG. 1, communications link 140 includes an incoming link 142 carrying encrypted and non-encrypted data packets and an outgoing link 144 carrying encrypted billing information as discussed below.

FIG. 2 is a detailed hardware block diagram of broadcast center 150 of FIG. 1. As shown in FIG. 2, broadcast center 150 is preferably a general purpose computer including a CPU 202 and a memory 204. CPU 202 can be any type of known CPU that is capable of performing the functions described below in connection with broadcast center 150. Similarly, memory 204 is a generally known type of memory capable of holding information, such as RAM, ROM, a floppy disk, a hard disk, etc.

Memory 204 includes a software program that is executed by CPU 202 to perform functions F1, F2, F3, and F4, as described in connection with the table below. Memory 204 also includes a plurality of documents capable of being sent to ones of the receiving stations over communication link 140. Memory 204 also includes information about all documents available to be sent by broadcast center 150, such as document name, document length, origin of the document, ownership of the document, schedule on which the document is to be transmitted (e.g., periodically, or at a predetermined time or date), cost to a user of receiving the document, access control information indicating which receivers are authorized to receive the document, etc. The specific data and the format of the data stored in memory 204 may vary without departing from the spirit and scope of the invention. Memory 204 also includes a set of key seeds to be sent to security engine 130 of receiving computer 110, as described below.

FIG. 3 is a detailed hardware block diagram of security engine 130 of FIG. 1. As shown in FIG. 3, security engine 130 is preferably a general purpose computer including a CPU 302 and a memory 304. CPU 302 can be any type of known CPU that is capable of performing the functions described below in connection with security engine 130. Similarly, memory 304 is a generally known type of memory capable of holding information, such as RAM, ROM, a floppy disk, a hard disk, etc.

Security engine 130 preferably is a physically secure computer. Thus, it is physically locked or otherwise rendered physically inaccessible to unauthorized persons and its memory is not accessible to other computers or CPUs. Ensuring that security engine 130 is physically secure ensures that people only receive documents they will be billed for because the master key used to decrypt key sets and the key sets themselves are physically secure. A smart card is an example of such a security engine. Dallas Semiconductor "DS2252T Secure Micro Stik" is another. In one implementation of the invention, to reduce cost, link 144 is omitted and billing information is sent to broadcasting center 150 by way of receiving computer 110. In yet another implementation, the security engine may be integrated with the receiver to reduce cost and to maintain the secrecy of the keys.

Memory 304 includes a software program that is executed by CPU 302 to perform functions F10, F11, and F12 described in connection with the table below. A preferred embodiment of the present invention uses software based encryption because the amount of data to be encrypted and decrypted by the security engine is relatively small and relatively slow encryption and decryption is acceptable. In contrast, broadcast receiver 120 preferably implements a decryption algorithm in hardware using a symmetrical encoding scheme, such as the Data Encryption Standard (DES) Electronic Codebook implemented under Federal Standard 10-26, as shown in Telecommunications: Compatibility Requirements for Use of Data Encryption Standards, published Dec. 11, 1978 by the General Services Administration.

Memory 304 also includes an engine ID (a code uniquely identifying the security engine), an engine master key (for decrypting the account status information received from broadcast center 150 and for encrypting billing information and checksum to be sent to broadcast center 150), document ID data identifying a document requested by the user from the catalog (received as part of a load request), key seeds for generating keys to decode the documents listed in the catalog, account information received from broadcast center 150, billing information for documents received since billing information was most recently received from broadcast center 150, and a credit limit received from broadcast center 150. The specific data and the format of the data stored in memory 304 may vary without departing from the spirit and scope of the invention.

FIG. 4 is a detailed hardware block diagram of receiving computer 110 of FIG. 1. As shown in FIG. 4, receiving computer 110 is preferably a general purpose computer including a CPU 402 and a memory 404. CPU 402 can be any type of known CPU that is capable of performing the functions described below in connection with receiving computer 110. Similarly, memory 404 is a generally known type of memory capable of holding information, such as RAM, ROM, a floppy disk, a hard disk, etc.

Memory 404 includes a plurality of software programs that are executed by CPU 402 to perform functions F7, F8, F9, F13, and F14 described in connection with the table below. As can be seen from FIG. 1, receiving computer 110 includes both file broadcast receiver 112 and file browser 114. Both file broadcast receiver 112 and file browser 114 preferably are implemented as a plurality of software programs stored in memory 404 that are executed by CPU 402. As also shown in FIG. 1, file broadcast receiver 112 performs all interfacing to the "outside world" that is performed by receiving computer 110. File browser 114 only receives data from and sends data to file broadcast receiver 112 (although browser 114 also receives data from users during times when users are designating documents from the catalog).

Memory 404 also stores received documents and catalog data (including the document name, the document length, the origin of the document, the ownership of the document, the schedule on which the document is to be transmitted, e.g., periodically, or at a predetermined time or date, the cost to a user of receiving the document, a description of the document sufficient to allow a user to determine whether he desires the document, etc.). Memory 404 also stores a list of "documents of interest" which are the names of the documents designated by users browsing the catalog, and the account status (whether there is any credit remaining) of the receiving computer's account. The specific data and the format of the data stored in memory 204 may vary without departing from the spirit and scope of the invention.

The following paragraphs present an overview of the operation of the present invention with reference to the timing chart of FIG. 5. At a predetermined time interval, broadcast center 150 broadcasts the catalog "in the clear," i.e., in unencrypted form, to the plurality of receiving computers including receiving computer 110 using multicast addressing. The catalog preferably is broadcast in packet format. The described embodiment sends all packets in accordance with the IEEE 802.2 data communication standard. Broadcast receiver 120 receives the catalog and passes it to receiving computer 110. In receiving computer 110, the catalog is stored in memory 404, e.g., a hard disk. When a user, using file browser 114, designates a document from the catalog, broadcast file receiver 112 stores a document ID, e.g., a number or an unambiguous document name, in the list of "documents of interest" in memory 404.

Broadcast center 150 then proceeds to broadcast the documents listed in the catalog using multicast addressing. For each document, broadcast center 150 first multicasts an announcement message identifying the document to be sent next. The announcement message also includes a key seed ID identifying the key seed needed to decrypt the document. The announcement message is received and decrypted by broadcast receiver 120 and passed to file broadcast receiver 112. If the announced document is on the list of documents of interest, file broadcast receiver 112 sends a load request including the key seed ID to security engine 130. Security engine 130 determines if the user has sufficient credit and authorization to receive the document. If so, security engine 130 sends the key (obtained in accordance with the key seed ID) for the document to broadcast receiver 120.

After broadcast center 150 sends the announcement message for a document, it prepares to send the document itself. The document is packetized, encrypted, and broadcast over communications link 140. As broadcast receiver 120 receives each encrypted packet, it determines whether it is a packet for which broadcast receiver 120 has a key. Each document sent from broadcast center 150 is decrypted with a different key. If broadcast receiver 120 has received a correct key from security engine 130, it decrypts the packet and passes it to file broadcast receiver 112, where the packets of the received document are assembled in their correct order and stored in memory 404, e.g., on a hard disk. File broadcast receiver 112 then informs the user that the requested file has been received. In a preferred embodiment, all encryption is done using a symmetrical encoding scheme, such as the Data Encryption Standard (DES) method. Other embodiments may use a private key scheme for non-document data, e.g., billing information and key sets, sent between the broadcast center and the receiving station.

Another type of data transmitted by broadcast center 150 is account information. Account information is transmitted "in the clear," i.e., in unencrypted form, at least to the extent that broadcast receiver 120 does not decrypt it. The account information is passed through file broadcast receiver 112 and is passed to security engine 130 as account information. Security engine 130 decrypts the account information using a master key stored in memory 304. The account information includes key, seed, credit limit, etc. Since the account data is encrypted in a way that only the security engine 130 can decrypt, there is no need for the data to be further encrypted for transmission to the broadcast receiver 120. This allows for easier transmission of account information (the broadcast receiver 120 does not require a key to receive the account information) without compromising the security of the information (the data is still encrypted in a way that only the security engine 130 can decrypt).

Periodically, e.g., once a month, security engine 130 encrypts its billing information concerning documents received by receiving computer 110 during the past month and sends the encrypted billing information to broadcast center 150. This encryption is performed using a master key of broadcast center 150 that is stored in memory 304. This information may be encrypted using a symmetrical encryption method, such as DES or a private key method. Broadcast center 150 decrypts the received billing information using the master key and uses the decrypted information to send yet another updated account status to receiving computer 110.

The following table provides a list of the functions performed by the electronic document distribution system, according to which particular subsystem performs the function. These functions will be described in the following paragraphs, with reference to FIGS. 1-5.

______________________________________ FUNCTIONS PERFORMED BY ELECTRONIC DOCUMENT DISTRIBUTION SYSTEM SUB-SYSTEM FUNCTION ______________________________________ BROADCAST Send catalog (non-encrypted) (F1) CENTER Receive and decrypt billing (F2) information Periodically send account status (F3) (non-encrypted) and key seeds (encrypted) Send announcement message, and (F4) packetize, encrypt, and send document BROADCAST Receive and store key from (F5) RECEIVER security engine Receive packet and decrypt (F6) it if key is correct FILE BROADCAST Receive announcement message (F7) RECEIVER and load request Receive document request and (F8) store document ID on list of documents of interest Receive and process decrypted (F9) packet from broadcast receiver SECURITY Receive accounting statistics (F10) ENGINE and key seeds and store them in memory Periodically send billing (F11) information to broadcast center (encrypted) Receive and process load request (F12) from file broadcast receiver CATALOG Receive and store new catalog (F13) BROWSER Display catalog and process (F14) document requests ______________________________________

Functions F1, F2, F3, and F4 are performed by the broadcast center 150 of FIG. 2. In executing function F1, broadcast center 150 broadcasts to all potential receiving computers a catalog listing all documents to be sent during an upcoming predetermined time period, e.g., over the next week. The catalog is sent "in the clear," i.e., unencrypted, because none of the receivers are charged a fee to receive the catalog and there is no reason to limit access to the catalog.

In executing function F2, broadcast center 150 receives encrypted billing information from security engine 130. Broadcast center 150 receives similar billing information from each receiving computer on the network. The billing information details which documents were received during