Abstract: A method for securing an electronic document (22) comprising attaching a biometric characteristic (20) and the electronic document (22) to form a biometric characteristic-document combination and encrypting the biometric characteristic-document combination to form an encrypted data package (24).

Abstract: Included are systems and methods for data authentication. At least one embodiment of a system includes a secure processor configured as a physically secure environment, the secure processor further configured to receive a control word from a headend, the secure processor further configured to encrypt the received control word using a first encryption key. Other embodiments of a system includes a transport processor configured to receive the encrypted control word, the transport processor further configured to decrypt the received control word using a first decryption key, wherein the first decryption key is compatible with the first encryption key.

Abstract: A method and apparatus for time-based charging for viewing content from a broadcast-multicast service (BCMCS) at a mobile station of a wireless communication system is disclosed. A count value (SKCount) is determined based upon the number of generated short-term keys (SK) that are used to decrypt particular content from the BCMCS. The amount of time the particular content is viewed at the mobile station may be determined as a function of the count value (SKCount) and the period (SKPeriod) between the generation of the short-term keys. This provides information about a user's actual content view time since the short-term key is needed to view the particular content broadcast to the mobile station.

Abstract: Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.

Abstract: The invention relates to a method of managing files. In this invention, a method of managing a file stored in an external memory device of a computer having an application that starts when it is read by the computer consists of a step of accepting an instruction for starting up the application, and a step of automatically deleting the application program from the external memory device when the started application terminates. This file managing method can automatically delete the application program from the external memory device when the started application terminates.

Abstract: A database-modeled security policy includes policy statements stored in a database. Each policy statement has associated standards, guidelines, and procedures. Policy statements are grouped together into tag groups, which are in turn grouped together to form metapolicies. A security administrator uses a security policy management application to create metapolicies for specific audiences. A lightweight directory access protocol module manages access to the security policy. The security policy management application also provides scoring, reporting, and project management functionalities.

Abstract: The invention, an electronic book selection and delivery system, is a new way to distribute books and other textual information to bookstores, libraries and consumers. The primary components of the system are a subsystem for placing text in a video signal format and a subsystem for receiving and selecting text that is placed in the video signal format. The system configuration for consumer use contains additional components and optional features that enhance the system, namely: (1) an operation center, (2) a video distribution system, (3) a home subsystem, including reception, selection, viewing, transacting and transmission capabilities, and (4) a billing and collection system. The operation center and/or video distribution points perform the functions of manipulation of text data, security and coding of text, cataloging of books, messaging center, and uplink functions.

Abstract: When content data are distributed from an information center via a predetermined communication line to a terminal apparatus loaded with a recording medium recorded with its identifier and prepaid information, the information center manages the usable remaining amount of money in the recording medium loaded in the terminal apparatus and updates this usable remaining amount of money every time content data are distributed. Further, if the usable remaining amount of money is smaller than the price of the content data distributed from the information center, the information center instructs the terminal apparatus to load another recording medium having a usable remaining amount of money sufficient to cover the content data to be distributed. Still further, a remaining recordable capacity of a recording medium loaded in the terminal apparatus is transmitted to the information center, and the information center compares the remaining recordable capacity with the size of the data content to be distributed.

Abstract: A system for distributing an electronic version of a printed document is disclosed. The system comprises a memory device storing at least one document file that is based at least in part on a source document, which is an electronic version of a printed document. The system further comprises a distribution system programmed for: responding to requests from a client for delivery of a document file; retrieving a file copy from the memory device; assigning at least one right to the file copy, the right defining at least one action capable of being performed on at least a portion of the file copy; encrypting the file copy with a key based at least in part on the identity of the client and on the at least one right; and providing the encrypted file copy, with the associated key, to the client.

Abstract: A software audit system is provided in conjunction with an anti-virus system. A computer virus scan request received by the anti-virus system (16) is used to trigger an audit data generator (18) to generate audit data. The audit data generator (18) may also serve to ban certain computer programs from execution and monitor the concurrent usage of other computer programs.

Abstract: A data delivery system has a capability of effectively and reliably protecting copyright of the data. A video source of a movie or the like is delivered in the form of encrypted data from a server apparatus to a playback apparatus. A decryption key used to decrypt the encrypted data is stored on a storage medium such as a memory card, and the storage medium is sent from the server apparatus to the playback apparatus in parallel with the delivery of the encrypted data. After completion of the playing of the movie by the playback apparatus in a movie theater, the storage medium is returned to the server apparatus. The server apparatus examines information stored on the storage medium to check whether the video source delivered in the form of data has been properly used in an authorized manner.

Abstract: A key-sharing scheme is used to control distribution and use of video and audio content in personal digital assistants (PDAs) and other wireless devices. A private key is split into key-shares using a Blakley-Shamir key splitting technique and the key-shares are distributed to various network entities including a finance server and security server. Key-shares are also stored in a user's subscriber identity module (SIM) and a security processor of the PDA. The key-shares from the network entities are provided to the PDA after the user requests specific video or audio content and a credit verification is performed. The PDA's security processor combines the key-shares to form the decryption key for use in playing the content by the PDA's communications processor. When a service limit is reached, the PDA's security processor purges the key-shares to prevent further use of the content.

Abstract: A method is disclosed for enforcing the sequential playback of a multimedia file. In one aspect of the method, a sending server stores a multimedia file which is then partitioned into a plurality of sequential data blocks. The server generates a plurality of enabling tokens each corresponding to one of the plurality of sequential data blocks. The server then encodes each respective one of the pluralities of sequential data blocks with a corresponding one of the plurality of enabling tokens, producing a plurality of encoded sequential data blocks. The server then transfers the encoded sequential data blocks to a receiving client. The server also transfers the plurality of enabling tokens to the receiving client. In this manner, the server retains control over the client receiver's playback of the multimedia file.

Abstract: Methods for providing a receiver subsystem with access via a clearing house subsystem to a content item broadcast from a content provider subsystem. A method includes generating the request for access in the receiver subsystem, and employs a content key, a blocking nonce, a public key of a public-private key pair, a public key encrypted content key, and a double encrypted content key. The method may also include, in the receiver subsystem, encrypting the request for access based on the private key of the public-private key pair. Provides apparatus for providing access to a broadcast content item. A receiver subsystem is arranged to generate the request for access. In an example embodiment the receiver subsystem is arranged to encrypt the request for access based on the private key of the public-private key pair. Provides a receiver subsystem, a content provider subsystem, and a clearing house subsystem.

Abstract: A method and apparatus for broadcast services transmission and reception. Reception of a broadcast multicast transmission is requested. Preliminary short time updated key information is transmitted or received prior to transmitting or receiving a broadcast subscription key for the requested broadcast services transmission. An encrypted broadcast services transmission is transmitted or received. The encrypted broadcast services transmission is encrypted or decrypted using the preliminary short time updated key information.

Abstract: A system for monitoring licensing eligibility of a computational component, the computational component being associated with a unique identifier, is provided. The system comprises (i) an input and/or interface 120 operable to receive a request to authorize operation of at least part of the computational component; (ii) a memory, such as licensing database 128, comprising licensing database information associated with the identifier, the information comprising a licensing state indicator; and (iii) an activator, such as remote feature activator 112, operable to (a) authorize operation of the at least part of the computational component when the licensing state indicator has a first state and (b) not authorize operation of the at least part of the computational component when the licensing state indicator has a second state other than the first state.

Abstract: A security system for preventing unauthorized use of a computer device. An extractable security piece includes an extractable main private key and a main PC public key. A PC security area which is a non-extractable part of the computer device includes a PC private key and an extractable main public key, which, together with the keys of the extractable security piece, constitute a Public Key Infrastructure. The extractable security piece and the PC security area include processing means for mutual authentication of the extractable security piece and the PC security area after the extractable security piece, which had been previously removed, has been reinserted in the computer device, thereby enabling the authorized user to access data stored in the computer device.

Abstract: This invention concerns a system and a method of transmission and storage of audio/video data in encrypted form between a distribution centre and at least one exploitation module. Instead of transmitting the information allowing the decryption in parallel to said data, these information are regrouped in a decryption data file comprising equally the data that define the access conditions to said audio/video data. This file is stored independently from said data and can be used for either an immediate use or a deferred one.

Abstract: A terminal device, a memory module and a system for and method of distributing electronic content. A content provider stores a number of multimedia files. A first integrated circuit card interface receives a host integrated circuit card containing first authorization information, and a second integrated circuit card interface receives a user integrated circuit card containing second authorization information. An input device permits selection of one or more multimedia files from the stored of multimedia files. A control unit is responsive to insertion into the second integrated circuit card interface of a user interface card containing second authorization information compatible with the first authorization information contained in a host integrated circuit card inserted in the first integrated circuit card interface to actuate an output device to provide the content of multimedia files selected by the input device.

Abstract: A system for providing rights controlled access to digital media comprises a server data processor and a client data processor connected by a communications network. The user data processor provides access to a data object in accordance with rules associated with the data object by the server data processor. The client data processor comprises a machine key device and a user key device. The machine key device is preferably an installed component of the client data processor that provides encryption, decryption, and authentication functionality for the client data processor. The user key device is preferably a removable, portable device that connects to the client data processor and provides encryption, decryption, and authentication functionality for the user. A method restricts the use of a data object to a particular user and a particular data processor through the use of additional layers of encryption.

Abstract: The Digital Video Authenticator (DVA) addresses law enforcement concerns for a means to authenticate digital video (DV) so that it will be admissible and trusted as evidence in court. The DVA is a peripheral device attached to a commercial digital video recording device whose purpose is to generate and record authentication data simultaneously as DV is recorded by the video recording device. Verification of the authenticity of a DV sample will be accomplished using non-real-time software tools. The DVA system and method reads digital video (DV) data from a digital video recording device; parses the DV data into elements representing video, audio, control and timing data; and creates digital signatures that can be used to validate the original DV tape. The combination of secure digital signatures and repeatability of the DV data stored on tape provides the basis for proving the original video has not been modified.

Abstract: A backup method of applications of a portable cellular phone is provided which is capable of preventing the applications from being copied by a person being not an owner of the portable cellular phone. The application of the portable cellular phone to be backed up is saved in the backup device and, when the application saved in the backup device is used as backup data for the portable cellular phone, a manufacture serial number and/or a phone number of the portable cellular phone are compared and, only when these numbers match each other, the application for the backup is copied in the portable cellular phone.

Abstract: A product distribution and payment system for limited use or otherwise restricted digital software products. Digital content data comprising a software product to be rented is made available to customers through a detachable local storage medium, such as a DVD or CD-ROM disc, or over a network connection. The product digital content is capable of being accessed and played back through a computer or game console at the customer site. The software product may comprise a limited use product that is restricted in the number of plays or duration of use. The customer is allowed to download and purchase the product using his computer or playback console. The product purchase information is encoded and transmitted to the content distributor. When the preset time or number of plays has elapsed the software program is frozen and access to the program is not allowed.

Abstract: The invention discloses a system for enhancing trust in transactions, most particularly in remote transactions between a plurality of transactional parties, for instance a seller and buyer(s) of goods and/or services over a public computer network such as the internet. Trust is disclosed to be a multivalent commodity, in that the trust that is to be enhanced relates to information about the subject matter of the transactions (e.g., the suitability of the goods and services sold), the bona fides of the supplier of the goods and services, the appropriateness of a pricing structure for a particular transaction or series of transactions, a quantum of additional transactional value that may be imparted to the transactional relationship, security of information exchange, etc.

Abstract: A method of public access computing comprises providing a computer system for accessing computer software applications, and selectively permitting access to the computer system with an electronic payment mechanism. A selective access computer system comprises a computing workstation having at least one software application and a selective access mechanism connected to the workstation. The selective access mechanism is configured for obtaining electronic payment authorization for a user's financial instrument and for permitting selective access to the computer workstation upon payment authorization for the user.

Abstract: An electronic program guide (EPG) hardware card is disclosed. The card is insertable into a television tuning device having EPG capability. A non-volatile memory, such as flash memory, is situated within a case of the hardware card, and has data stored thereon representing one or more loader programs for the device. Each program corresponds to an EPG provider, and gives the device the capability to receive EPG information from this provider. The case of the hardware card may have a form factor such as a Smart Card, a Compact Flash, a Smart Media, or another form factor. Alternatively, the data stored on the card represents non-executable information corresponding to an EPG provider. A business model and a server-based embodiment are also disclosed.

Abstract: A management center registers user information which includes user identification information for identifying a user terminal and improvement-information identification information for identifying improvement information recorded in an optical disk and processed by the user terminal. When a user terminal requests improvement information through a network, the management center searches for another user terminal which can provide necessary information, according to user information, and obtains the improvement information from the another user terminal searched for, through the network. The management center then provides the obtained improvement information for the user terminal which requested it, through the network.

Abstract: The information reproduction device for reproducing contents information based on license information added to the contents information and required for reproducing the contents information, includes a determining section for determining whether encrypted contents information is the officially copied contents information or privately copied contents information based on the contents of the license information, and a reproduction section configured to reproduce the contents information determined as the privately copied contents information by the determining section under more severe restriction than the officially copied contents information. Thus, the contents copied by the proper route (officially copied contents) can be distributed in a more advantageous form than the contents copied without proper authorization.

Abstract: A data distribution system is provided which supplies customers with an executable for requested secured data files to provide the customer with fulfillment software, obviating the need for the customer to download fulfillment software prior to requesting secure data. The data distribution system is characterized by server technology which can dynamically encrypt secured data files just prior to a customer request to download the data file. A framework for building a universal data distribution infrastructure is provided which employs Requesters.

Abstract: At the time of moving a content from an e-book content receiving terminal 102 to a copyright protection medium 103, from among a plurality of usage rules set to the content, those defined by the copyright protection medium 103 is moved to the copyright protection medium 103 by a content moving section 106, and those not defined by the copyright protection medium 103 are transmitted to a usage rule management server 104 via a communications section 105. On the other hand, at the time of moving the content from the copyright protection medium 103 to the e-book content receiving terminal 102, the usage rules from the copyright protection medium 103 and the usage rules from the usage rule management server 104 are combined together. In this manner, even when a content is moved through a copyright protection medium in a which usage rules of the content are not fully defined therein, none of the usage rules is lost.

Abstract: Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.

Abstract: The invention relates to an internet payment system based on return traffic. In regard of payment for content delivered across the internet an aspect of the invention provides for initiation of an explicit return flow of packets. Reception by the server of these return packets entails reception of payment tokens of the client by the server and a sign to the server to continue with the delivery of the content. Maskerading by the client can be prevented by sending challenges along with the data packets and by having the client to send responses to the same along with the return packets.

Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.

Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.

Abstract: Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.

Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.

Abstract: A system and method is disclosed for the secure distribution and consumption of electronic documents using a standard rendering engine. The documents have usage rights associated therewith. A server stores the documents in computer readable form. A user operates a client having a standard application program including a rendering engine capable of rendering unencrypted documents for viewing. The client and the server are coupled by a communications network. A rights management module receives a request from the client for at least one of the documents on the server and delivers the document and a set of rights associated with the document to the client. A connection module attached to the rendering engine receives the set of rights associated with the document. A user interface module attached to the rendering engine controls the user's access to the document in accordance with the list of rights for the user associated with the document.

Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.

Abstract: Systems and methods are disclosed for using an arbitrary fixed channel to carry third-party information. In one embodiment, the present invention provides systems and methods for enabling existing content rendering devices to accept content encoded in a proprietary format, such as an encoding format used by a digital rights management system. The encoded content is rendered by the device in the normal manner, and decoded by a retrofitting appliance connected to the device's output. The retrofitting appliance may apply decoded rules and controls to the decoded content, thereby managing use of the content.

Abstract: A method and apparatus for establishing a secure communications channel between a first repository and a second repository using a repository transaction protocol. A registration identifier and registration message including an identification certificate, and an identifier of a master repository that encrypted the identification certificate are generated by the first repository. The registration identifier and message are sent to the second repository and the identity of the first repository by is verified by verifying the identification certificate. Messages containing at least one session key are exchanged between the first and second repositories and a usage transactions related to a digital work are conducted between the first repository and the second repository using the session keys.

Abstract: A trusted rendering system for use in a system for controlling the distribution and use of digital works. A trusted rendering system facilitates the protection of rendered digital works which have been rendered on a system which controls the distribution and use of digital works through the use of dynamically generated watermark information that is embedded in the rendered output. The watermark data typically provides information relating to the owner of the digital work, the rights associated with the rendered copy of the digital work and when and where the digital work was rendered. This information will typically aid in deterring or preventing unauthorized copying of the rendered work to be made. The system for controlling distribution and use of digital works provides for attaching persistent usage rights to a digital work. Digital works are transferred between repositories which are used to request and grant access to digital works.

Abstract: A receiver which receives a multichannel signal and which detects and outputs an unscrambled desired signal to a video display and speaker unit includes a first unit, a second unit and a controller. The first unit comprises a frequency agile tuner for receiving said multichannel signal and for outputting a selected CATV signal. The a second unit includes a unit means for receiving the selected CATV channel signal; a unit for detecting whether the selected CATV channel signal is scrambled; and a descrambler for descrambling a scrambled CATV channel signal and for outputting a descrambled CATV channel signal. The controller controls the output of the receiver such that a signal is output from the first unit to said video display and speaker unit when the selected CATV signal is unscrambled and a signal is output from the second unit to the video display and speaker unit only when a scrambled signal is detected. The content of the selected CATV channel signal controls the operation of the second unit.

Abstract: The aim of the present invention is to propose a method that allows the reduction of the bandwidth needs in a structure that implements an operating center and a plurality of user units, ensuring the availability for the final user, of a product amongst a vast choice and being able to be downloaded by said user in a short period of time. This aim is achieved by a system that implements at least one operating center that has a great number of products, a plurality of user units comprising security and storage means, characterized in that the link between at least one group of user units is of the bidirectional type and that the operating center comprises means for the transfer of a product that is stored in the storage means of a user unit to another user unit.

Abstract: An optical medium uses a single structure or format (such as identical materials, layers and the like) for both a region for holding mastered data and a writeable area. In one aspect, a writeable region of a medium with mastered content is used in connection with paying, collecting or accounting for usage or royalties for proprietary intellectual property embodied in or associated with the content. In one embodiment, the (preferably write-once) writeable area can be used for storing later-written information such as annotations, highlighting, reordering, remixing, modifications, supplements, collections, additions, bookmarks, cross references, hypertext or hyperlinks and the like. Preferably, annotations and similar materials can be associated, by the user, with particular portions or content of the mastered data.

Abstract: Based on the detailed reproduction control information defining the reproduction control state of data to be transmitted, the CPU 12 of the data transmission apparatus creates a simplified reproduction control information roughly defining the reproduction control state of the data, stores the simplified reproduction control information of the data in the packet header of a data packet carrying the data, stores the detailed reproduction control information in the data, and transmits the simplified reproduction control information and the detailed reproduction control information as well as the data to the data receiving apparatus 20 through the transmission channel 30 from the input-output interface 16.

Abstract: In an information delivery system, a security device (SD) manages an access to information (INF). The security device (SD) is capable of providing a pointer (PO) which indicates a location (LO) from which additional data (ADA) may be obtained. The additional data (ADA) may be a description of the information (INF) which is offered. For example, in a pay TV system, the information (INF) may be a particular movie of which the description is “James Bond, Dr. No, action category, 12 year and older, broadcast April 19, at 20H30.” In that case, the pointer (PO) may be used to inform a subscriber that his security device (SD) allows him to watch this particular movie. However, the additional data (ADA) contained in the location (LO) indicated by the pointer (PO), may also be software for various purposes such as, for example, playing games or configuring a receiver (REC) which co-operates with the security device (SD).

Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.

Abstract: A method and system for creating a new digital work from one or more existing digital works having parts. A first part of a digital work has first usage rights associated therewith, the first usage rights specifying a particular manner of use for the first part. A second part of a digital work has second usage rights associated therewith, the second usage rights specifying a particular manner of use for the second part. A new digital work is created by combining the first part and the second part as new content and associating new usage rights with the new content. The new usage rights specify a particular manner of use for the new digital work.

Abstract: Scheme for switching a computer system (21), which is connectable via a communication interface and a network (22) to a server module (23), into a special mode of operation. The computer system (21) comprises a software component (26) for sending an identifier (w) assigned to the computer system (21) via the communication interface and the network (22) to the server module (23). In response, the software component (26) receives a token (S), issued by the server module (23), whereby the token (S) comprises a credit (C). In addition, the computer system (21) comprises a trusted hardware component (25) storing the identifier (w) and comprising a credit counter (44) with a credit which is automatically exhaustible step-by-step, and which is updateable with the credit (C) received from the server module (23). The computer system (21) has a trigger unit for switching the computer system (21) into the special mode of operation, e.g.

Abstract: An editing apparatus generates a capsular work in which usage conditions for each of plural usages and usage secret information, obtained by encrypting a decryption key of encrypted work data with ticket keys which differ depending on usage from each other, are encapsulated together with the encrypted work data. A ticket server apparatus, which manages the usage conditions and the ticket keys, issues a ticket containing a ticket key in the case of allowing a user to practice the usage requested by the user. A distribution center apparatus, which manages the capsular work, distributes the capsular work in accordance with the user's request. An audiovisual apparatus acquires the capsular work from the distribution center apparatus and requests the ticket necessary to make use of the capsular work from the ticket server apparatus.