WikiPatents - Community Patent Review
Create Free Account  |  License or Sell Your Patent  |  WikiPatents Marketplace  |  WikiPatents Blog
Username:  Password:  
    
Advanced Search
Encryption system with transaction coded decryption key    
United States Patent5889860   
Link to this pagehttp://www.wikipatents.com/5889860.html
Inventor(s)Eller; Marlin J. (Seattle, WA), Mills; Brent R. (Seattle, WA)
AbstractThe encryption secured computer system (10) includes a server (12) that communicates with clients (14-20) across a public network (21) using a novel transaction coded decryption key technology that discourages wrongful redistribution of protected information such as digital musical scores, and allows for tracking of infringing activity. In one implementation, the server (12) distributes access software and partially encrypted musical scores to clients upon request. A client can sample the partially encrypted scores prior to consummating a transaction. When a score is selected, the client enters payment information and is assigned a password that is specific to the client and transaction. The password functions as a decryption key to enable use of the musical score by the client employing the access software. Any subsequent wrongful redistribution of the musical score together with the decryption password can be traced due to client identifying information encoded into the password.
   














 Title Information Submit all comments and votes
 
Patent Text Patent PDF Print Page Summary File History
Plain text PDF images Print Summary File History
Inventor     Eller; Marlin J. (Seattle, WA) , Mills; Brent R. (Seattle, WA)
Owner/Assignee     Sunhawk Corporation, Inc. (Seattle, WA)
Patent assignment
All assignments
Publication Date     March 30, 1999
Application Number     08/744,430
PAIR File History     Application Data   Transaction History
Image File Wrapper   Patent Term   Fees
Litigation
Filing Date     November 8, 1996
US Classification     705/51 705/26 705/58 705/71 726/31 726/6
Int'l Classification    
Examiner     Hayes; Gail O.
Assistant Examiner     Laufer; Pinchus M.
Attorney/Law Firm     Seed & Berry LLP
Address
Parent Case    
Priority Data    
USPTO Field of Search     380/4 380/21 380/49 395/186 395/187.01 395/188.01 705/26 705/27
Patent Tags     encryption transaction coded decryption key
   
Enter a comma (,) or semicolon (;) between multiple tag words/phrases.
Describe this patent:
 Amusing   
 Clever   
 Complex   
 Efficient   
 Historic   
 Important   
 Innovative   
 Interesting   
 Practical   
 Simple   
[no votes]
Patent WIKI

Share information and news about this patent, including information and news about the technology, inventors, company, ligation and licensing.
 References Submit all comments and votes
 
*references marked with an asterisk below are user-added references
 U.S. References
 
Add a new US reference:  
ReferenceRelevancyCommentsReferenceRelevancyComments
5661799
Nagel

Aug,1997
[0 after 0 votes]		5636276
Brugger

Jun,1997
[0 after 0 votes]
5586186
Yuval et al.

Dec,1996
[0 after 0 votes]		5561849
Mankovitz

Oct,1996
[0 after 0 votes]
5524051
Ryan

Jun,1996
[0 after 0 votes]		5509070
Schull

Apr,1996
[0 after 0 votes]
5406558
Rovira et al.

Apr,1995
[0 after 0 votes]		5400403
Fahn et al.

Mar,1995
[0 after 0 votes]
5337357
Chou et al.

Aug,1994
[0 after 0 votes]		5333155
Dambacher

Jul,1994
[0 after 0 votes]
5252775
Urano

Oct,1993
[0 after 0 votes]		5239540
Rovira et al.

Aug,1993
[0 after 0 votes]
5208665
McCalley et al.

May,1993
[0 after 0 votes]		5191611
Lang

Mar,1993
[0 after 0 votes]
5146833
Lui

Sep,1992
[0 after 0 votes]		5086475
Kutaragi et al.

Feb,1992
[0 after 0 votes]
5010571
Katznelson

Apr,1991
[0 after 0 votes]		4991207
Shiraishi et al.

Feb,1991
[0 after 0 votes]
4956768
Sidi et al.

Sep,1990
[0 after 0 votes]		4958551
Lui

Sep,1990
[0 after 0 votes]
4790010
Sgrignoli

Dec,1988
[0 after 0 votes]		4794644
Philip et al.

Dec,1988
[0 after 0 votes]
4789863
Bush

Dec,1988
[0 after 0 votes]		4710921
Ishidoh et al.

Dec,1987
[0 after 0 votes]
4535356
Nakagawa et al.

Aug,1985
[0 after 0 votes]		4528643
Freeny, Jr.

Jul,1985
[0 after 0 votes]
4458315
Uchenick

Jul,1984
[0 after 0 votes]
 Foreign References
 Other References
 Market Review Submit all comments and votes
   
Market Size
Estimate the gross annual revenues of the relevant market sector:
> $10B
$5B - $10B
$2B - $5B
$500M - $2B
$100M - $500M
$10M - $100M
$1M - $10M
$500K - $1M
$100K - $500K
< $100K
[No votes]
$0
 
$0   $2.5B   $5B   $7.5B   $10B
Market Share
Estimate the percentage of the relevant market sector this invention will capture:
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Reasonable Royalty
What percentage of gross sales should the inventor or assignee be paid?
75% - 100%
50% - 74.99%
25% - 49.99%
10 - 24.99%
5 - 9.99%
2 - 4.99%
1 - 1.99%
< 1%
[No votes]
0.0%
 
0%   25%   50%   75%   100%
Public's "Guesstimation" of Royalty Value
Market SizeN/A[No votes]
xMarket ShareN/A[No votes]
xReasonable RoyaltyN/A[No votes]
N/A
License Availablity
If you are NOT the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
License Availablity
If you ARE the owner or assignee, answer here:
Yes, license is available for purchase

No, license is not currently available



 [No votes]
Competitive Advantage
Does this invention have a significant competitive advantage over similar technologies?
Yes

No



 [No votes]
Most helpful competitive advantage comment
[No comments]
Commercial Alternatives
Are there viable commercial alternatives for this invention?
Yes

No



 [No votes]
Most helpful commercial alternative comment
[No comments]
 Technical Review Submit all comments and votes
 Claims Submit all comments and votes
 


We claim:

1. A method for use in monitoring distribution of copies of information items accessible through a public network to a plurality of network clients, said information items included in a database at a server of said public network, comprising the steps of:

for each request for an information item by a network client of the plurality of network clients;

assigning a password to the network client for uniquely encrypting and decrypting the information item, the password including an identifier for identifying the client;

uniquely encrypting at least a portion of said information item using a key-based encryption system and the password to produce a uniquely encrypted information portion, wherein said key-based encryption system requires entry of the password to decrypt said uniquely encrypted information portion;

transmitting the uniquely encrypted information portion to the network client; and

transmitting said password to the network client, wherein said password can be used to monitor distribution of said information item on a client-specific basis, wherein the step of transmitting said uniquely encrypted information portion to said client is prior to said step of transmitting said password.

2. A method as set forth in claim 1 wherein said information item comprises a digital musical score and said step of encrypting at least a portion of said information item comprises retaining a second portion of said digital musical score in an unencrypted form so as to allow for sampling of said digital musical score prior to decryption.

3. A method as set forth in claim 1 wherein said step of assigning said password comprises acquiring identification information regarding said client and encoding said password using said acquired identification information.

4. A method as set forth in claim 3 wherein said password comprises a password that is indexed to a client database including said acquired identification information.

5. A method as set forth in claim 3 wherein said password includes information for identifying client equipment.

6. A method as set forth in claim 3 wherein said password includes information for identifying a client user.

7. A method as set forth in claim 1, further comprising receiving payment/purchase information from the network client before transmitting the password to the network client.

8. A method as set forth in claim 1, further comprising the step of transmitting accessing software to the client, said accessing software being operative for allowing said client to access said information in said database.

9. A method as set forth in claim 8, further comprising the step of employing said accessing software to print an unencrypted copy of said uniquely encrypted information portion.

10. A method as set forth in claim 8 wherein said information item comprises a digital musical representation of a musical score, and said method further comprises the step of employing said accessing software to decrypt the uniquely encrypted information portion and play back said musical score.

11. A method as set forth in claim 8, further comprising the step of displaying said information.

12. A method as set forth in claim 1, further comprising the steps of storing said uniquely encrypted information portion in a first area of memory of the network client and storing said password in a second area of memory of the network client separate from said first area, wherein said uniquely encrypted information portion and said password can be separately accessed.

13. A method as set forth in claim 1, further comprising the steps of storing said uniquely encrypted information portion in a client memory in encrypted form, receiving a request to output said uniquely encrypted information portion, and decrypting said encrypted information in response to said output request.

14. A method as set forth in claim 1, further comprising the step of using said password to track subsequent redistribution of said uniquely encrypted information portion.

15. A method as set forth in claim 1, further comprising the steps of outputting an output copy of said uniquely encrypted information portion and embedding identification information in said output copy, wherein said identification information facilitates tracking of redistribution of said information item.
 Description Submit all comments and votes
 


FIELD OF THE INVENTION

The present invention relates generally to monitoring the distribution of information that is accessible through a public network and, in particular, to a method and system for using key-based encryption to inhibit and track unauthorized distribution by a key holder. The invention has particular application with regard to the commercial distribution of copyrighted works or other proprietary subject matter over a public network.

BACKGROUND OF THE INVENTION

The advent of widely available public computer networks, and particularly public networks capable of supporting multimedia functions such as the Internet, presents a great opportunity for consumers and content providers such as music publishers. Such networks afford content providers increased access to an ever growing market. Consumers benefit from improved access to information and greater convenience. Moreover, in some cases, the digital nature of the information received over a network is preferable to more conventional modes such as printed media. For example, digital sheet music can be printed to replicate its printed media counterpart. Additionally, the digital sheet music can be directly processed by audio and video playback programs, as well as by a variety of digital musical instruments and equipment such as Musical Instrument Digital Interface (MIDI) devices.

Despite this potential, content providers have been reluctant to embrace this market in many cases. One reason for this reluctance has been a perceived threat that access to proprietary subject matter such as copyrighted music over a public network will erode ownership interests in and revenues from such subject matter. The concern is that unscrupulous persons will wrongfully access such subject matter or that authorized users, having rightfully accessed the subject matter, will thereafter distribute the subject matter in contravention of the content providers' rights. Although such possibilities exist in connection with other modes of distribution, public network distribution is thought by some to present peculiar dangers due to the ease with which widespread distribution can be accomplished, e.g., via bulletin boards and the like.

Indeed, conventional computer security systems developed to control access to restricted access data are not well-suited to address these concerns of content providers. For example, access password systems are somewhat effective in limiting access to designated information, but do not afford protection once the information is transmitted from the server system to a public network. Encryption systems have been devised to prevent use of information that is wrongfully intercepted as a result of transmission over a network. In this regard, in key-based encryption systems, authorized clients are provided with a decryption key. The protected information is then transmitted in encrypted form to prevent use by any intercepting party. The authorized client receives the encrypted information and uses the decryption key to decrypt the information. Unfortunately, such encryption systems generally do not provide adequate safeguards to discourage the authorized clients from subsequently redistributing the protected information.

SUMMARY OF THE INVENTION

The present invention is directed to a method and system for controlling access to protected information from a server, as well as discouraging and tracking subsequent redistribution of such information after it has been transmitted from the server. The invention facilitates commercial distribution of proprietary subject matter through public or open networks by providing improved protection of proprietary rights and increasing the likelihood that infringing activity will be corrected. Moreover, the invention provides increased marketing flexibility by allowing for limited, multiple-use authorization and pre-purchase sampling of copyrighted works or other confidential subject matter. The invention also provides a novel, encryption on-demand capability which, it is believed, has not been feasible in connection with physical storage media such as CD-ROM and magnetic storage media.

According to one aspect of the present invention, a method and corresponding system is provided for monitoring distribution of information accessible over a public network on a client-specific basis. The method includes the steps of: establishing a database of information at a server; encrypting at least a portion of the information using a key-based encryption system; in connection with a request by a client, assigning a client-specific key to the client; and transmitting the key to the client. The client-specific key includes some indicia that can be used to identify the client, thereby allowing for monitoring of information use on a client-specific basis.

The database can include various types of information, for example, digital sheet music, literary or artistic works, software programs, or other subject matter transmittable in digital form. Any identifying information can be coded into the key for client identification. Examples include: personal or financial data provided by the client; address information for the clients' computer or web site; account numbers or serial numbers; other information for identifying the computer used by the client; and abbreviated or encoded versions of any of the above. Conveniently, such information can be stored in a separate client database and indexed to the key. Preferably, the decryption system requires entry of the key each time the protected information is used (i.e., the system does not store the information in decrypted form) and appends the client identifying information to any redistributed digital or hard copies of the information. In this manner, the client is discouraged from redistributing the protected information because the key is required to use the information in its original digital form, and distribution of the key or an identified hard copy may involve disclosure of sensitive information or otherwise create a traceable record of the client's infringing activity.

According to another aspect of the present invention, a method and corresponding system is provided for enabling transaction-specific access authorization with respect to protected information. The method involves the use of a key-based encryption system, such as generally discussed above, where decryption keys are assigned on a transaction-by-transaction basis. That is, decryption keys are assigned on demand in connection with a transaction involving communication of the protected information from the server to a client. For example, the transaction may involve the purchase of a copy of sheet music, a digital musical score or other protected information, or it may involve paying a license fee to use such information a designated number of times, for a designated duration, or during a designated license term. The key can include information sufficient to identify the subject information and/or the client. The invention thereby allows for transaction-specific authorization and increased marketing/distribution possibilities.

According to a further aspect of the present invention, partially encrypted information is transmitted prior to providing a decryption key so as to allow for sampling of the information before a transaction is consummated. In particular, the associated method involves establishing a database of information at a network server, encrypting a portion of the information and receiving an access request. Upon receiving an access request, a selected portion of the information is transmitted in partially encrypted form and, thereafter, a decryption key is transmitted to the client. By way of example, the partially encrypted information can be sheet music where only the first page of a score is unencrypted for viewing. The client can thereby browse through a selection of scores prior to making a purchasing decision, authorizing payment and, in response, receiving a decryption key.

According to a still further aspect of the present invention, a method and corresponding system is provided for enabling post-transmission monitoring of information use by a client. The method includes the steps of: receiving encrypted information and storing the information in memory in its encrypted form; receiving a decryption key and storing the key in memory separate from the encrypted information, for example, in a cache; identifying a request by a client to access the information; in response to the request, retrieving the encrypted information and key from memory and, thereafter, decrypting the information; and outputting the information for use by the client. The method can be implemented, for example, by playback/display software running on a client computer. The software can be programmed for limiting access to the protected information according to transaction parameters, e.g., limiting access to the scope of a license purchased by the client. The access request can be an "open file," "display," or "print" message or the like.

In a preferred implementation, the protected information is never saved in its decrypted form but, rather, is only decrypted on a just-in-time basis when the corresponding file(s) is opened for use. Accordingly, redistribution of the information in its decrypted form is discouraged or practically prevented. Moreover, in order to permit third-party use of the information, redistribution of the information in its encrypted form will also require distribution of the decryption key, which may be an unattractive option for the client.

The present invention thus allows for monitoring access to protected information on a server and subsequent use or redistribution by a client. Additionally, the invention allows for tracking of any unauthorized redistribution and thus facilitates enforcement of server rights. The invention also provides for increased marketing/distribution options and novel on-demand decryption key coding. By virtue of these and other advantages, the invention promotes distribution of proprietary subject matter over public networks to the mutual benefit of consumers and content providers.

BRIEF DESCRIPTION OF THE DRAWINGS

For a more complete understanding of the present invention and further advantages thereof, reference is now made to the following detailed description, taken in conjunction with the drawings, in which:

FIG. 1 is a schematic diagram of a computer system in accordance with the present invention;

FIG. 2 is a chart providing a functional overview of the distribution monitoring system of the present invention;

FIG. 3 is a diagram of the Music Viewer download function of the system of FIG. 2;

FIG. 4 is a diagram of the music download function of the system of FIG. 2;

FIG. 5 is a diagram of the on-line music purchase function of the system of FIG. 2;

FIG. 6 is a flow chart of the music printing function of the system of FIG. 2;

FIG. 7 is a flow chart of the music viewing function of the system of FIG. 2;

FIG. 8 is a schematic diagram of the encryption/decryption components of the system of FIG. 2; and

FIG. 9 is a flow chart of the encryption/decryption function of the system of FIG. 2.

DETAILED DESCRIPTION OF THE INVENTION

The distribution monitoring system of the present invention is useful in a variety of applications where it is desired to monitor the distribution of proprietary subject matter over a public network. In the following description, the invention is set forth in the context of monitoring distribution of digital musical scores over a network. It will be appreciated that this particular application is set forth for the purpose of illustrating the invention, and various aspects of the invention have broader application as defined by the claims below.

FIG. 1 illustrates an encryption secured computer system 10 according to the present invention. The computer system 10 includes a server 12 that can communicate with clients 14-20 across a public network 21 such as the Internet. In the case of the Internet, the server 12 can be accessed via the Netscape 2.01 or Microsoft Internet Explorer 3.0, or higher browsers. The server 12 generally includes a processor 22 and a library or database of digital musical scores stored in a memory 24 as files 26-32. As discussed in detail below, the server 12 is operative for receiving access requests from clients 14-20, assigning decryption keys or passwords and transmitting an accessing program and selected scores to the clients 14-20 over network 21. A number of other functions relating to receiving payment, indexing and storing encoded decryption passwords and the like are also performed by server 12.

For present purposes, the clients 14-20 may be considered as being functionally equivalent. Details of only one of the clients 14 are shown in FIG. 1. Generally, the client 14 includes a central processing unit (CPU) 34, an internal cache 36 and/or external cache 38, memory 40 and input/output (I/O) hardware 42, all interconnected via data bus 44. The CPU, which may include any suitable microprocessor, is operative for downloading and running the accessing program, accessing memory 40 and caches 36 and 38, and communicating with I/O hardware 42. In the illustrated embodiment, the CPU 34 also includes a built-in, internal cache for storing the decryption key used to decrypt downloaded musical scores. Generally, cache 36 is an area of extremely fast Random Access Memory (RAM) for storing frequently used or time critical data so as to allow for faster operation. The cache 36 can be accessed more rapidly than memory 40. Alternatively, the decrypting key can be stored in an external cache 38, which may comprise a RAM chip located on the computer motherboard. Memory 40, which is separate from caches 36 and 38, may include computer memory as well as the storage of floppy disks, CD-ROM drives and hard drives. The I/O hardware 42 can include a number of types of devices including a mouse, keyboard or other user input device; a viewing monitor; a printer; or a MIDI device.

FIG. 2 provides a functional overview of a music distribution monitoring system 46 used in connection with the computer system 10 of FIG. 1. As shown in FIG. 2, the monitoring system 46 can be broken down into a number of functions that are executed by logic on the server and/or a client. The functions of the illustrated system 46 include: downloading (48) a music accessing program, in this case designated the "Music Viewer," for use by a client in accessing music files stored on the server; downloading (50) a selected musical score from the server; purchasing (52) music on-line (and thereby obtaining an access license and encoded decryption key); printing (54) and/or viewing (56) the music and music encryption/decryption. It will be appreciated that the music may also be reproduced from digital information using a MIDI device or the like. Each of these functions is discussed in turn below.

FIG. 3 illustrates the Music Viewer download function of one implementation of the present invention. After communication between the server and client has been established through the network, the client initiates the download function by requesting (58) the server to download the program. This request can be entered by following appropriate prompts from the server site. The server receives (60) the download request and sends (62) the Viewer software package to the client. Upon receiving (64) the software package, the client runs the setup code to install the Music Viewer software. In order to access musical scores stored in the server library in the illustrated system, the client is assigned a unique Viewer identification code. Accordingly, the client is prompted to request (66) a Viewer ID as part of the download procedure. In response to the ID request, the server generates (68) a Viewer ID and logs the ID in a Viewer database. The server then sends (70) the newly generated Viewer ID to the client and logs the transmission time and date, the Internet Protocol (IP) address (or similar information for other networks) of the client, and the client's machine name or type (as entered by the client user or determined from a transmission header or the like). The client then receives (72) the assigned Viewer ID and a successful installation is thus completed.

The system of the illustrated embodiment allows the client user to browse through the music library and view a selected portion, e.g., the first page, of musical scores prior to consummating a transaction by purchasing a music copy or paying a license fee. FIG. 4 illustrates the associated pre-purchase music download function. The function is initiated when the client selects a score to sample and requests (74) the music from the server. In this regard, the score may be selected from a list of titles by scrolling through the library and clicking on a selected title, by using a search function to call a title, or by any other appropriate means. The Viewer ID is also sent to the server at this time. Upon receiving the request, the server finds (76) the requested musical score, compresses and encrypts (or partially encrypts) the score as will be described below, and stores the encrypted score in the download area. In addition, the server assigns and logs a decryption key that is unique to the client and also logs an identification code for the score, the download IP, and the Viewer ID for the transmission. For example, the key can be a password composed of two 32 bit numbers where one of the numbers is an index to identify the client in a client database and the other number is random, or encoded with additional information as desired. By indexing the key or password to the client database in this manner, the password can be used to identify the client, look up license or account information and otherwise monitor distribution on a client-specific and transaction-specific basis.

The server then sends (78) the client the Uniform Resource Locator (URL) address of the newly encrypted music. Upon receiving (80) the URL, the client can request (82) a download of the file or files containing the encrypted music. The server then finds (84) the encrypted music in the download area, queues up the music, and downloads (86) the music to the client. The client receives (88) the encrypted music and stores the music in memory, e.g., computer memory, hard drive storage, etc. At this point in the illustrated implementation, i.e., prior to purchase, only the first page of the score is not encrypted. Accordingly, the client user can play and view (90) the first page of the music to verify that the downloaded score is the score desired by the user and to otherwise e