Abstract: A computer network having a requesting node and a providing node permits data transfer therebetween when permitted by an authorizing node. Reports generated in response to authorizations and reports generated in response to data transfers are reconciled at a reconciliation node to improve the accuracy of payments collected and paid for use of the data. Such payments include copyright royalties for audio, video, and other works recorded in digital format.

Abstract: In a contents sale system, original contents data are encrypted into encryption-resultant contents data in response to original playback key data. The original playback key data are encrypted into first encryption-resultant playback key data. The first encryption-resultant playback key data are encrypted into second encryption-resultant playback key data in response to an ID of a sale destination terminal apparatus. The encryption-resultant contents data and the second encryption-resultant playback key data are transmitted to the sale destination terminal apparatus. The sale destination terminal apparatus is enabled to decrypt the second encryption-resultant playback key data into the first encryption-resultant playback key data in response to the ID of the sale destination terminal apparatus. The sale destination terminal apparatus is enabled to decrypt the first encryption-resultant playback key data into the original playback key data.

Abstract: Devices and methods are disclosed for controlling content within a device environment through interaction among electronic devices of the environment. The device has a transmitter, receiver, memory storing interaction rules and content rules and a processor for implementing the interaction rules and content rules in association with the transmitter, receiver, and other devices of the environment. Methods involve obtaining content information of the media about to be played and comparing the content information to the content rules stored at a device. An instruction about playback of the media content is generated. Methods may also involve seeking rights information for media content and determining whether rights information exists for identified media content in response to the request. When rights information does exist for the identified media content, a message is sent that includes the rights information.

Abstract: A data recording apparatus capable of preventing easily copying of information is disclosed with which, even if information is copied, the copied information cannot be reproduced, the data recording apparatus having a terminal to which encoder ID specific for the data recording apparatus is input, a recording unit for recording at least the encoder ID on an optical disk, and an encoding circuit for, in accordance with the encoder ID, encoding data supplied through a terminal and required to be recorded so that encoded data is, together with the encoder ID, recorded on the optical disk.

Abstract: In each digital content utilize session, a memory card generates conversion key information for specifying a data conversion, while a player generates inverse conversion key information for specifying an inverse data conversion. The memory card then performs the data conversion specified by the conversion key information on management information stored therein, and sends the converted management information and digital content stored therein to the player. The player performs the inverse data conversion specified by the inverse conversion key information on the converted management information to restore the management information, and utilizes the digital content in accordance with restrictions set in the restored management information to limit the use of the digital content.

Abstract: A data copying system of the present invention includes a data copying apparatus for copying data recorded on a first recording medium to a second recording medium. The data copying apparatus includes: a data read section for reading out the data from the first recording medium; a data modification control section for controlling modification of the data in accordance with modification control information, the modification control information being provided for controlling the modification of the data; and a data write section for writing an output of the data modification control section to the second recording medium. The modification control information includes a copying permission flag indicating whether the copying of the data permitted, a quality control flag for controlling a quality of modified data which is obtained by modifying the data, and a billing control flag for controlling billing for the copying of the data.

Abstract: A contents provider stores contents data in a container in a format which can only be decoded with a key distributed from an EMD service center, and transmits the container to a service provider. The service provider adds pricing information and the like and distributes this to a user home network. The user home network pays charges to the EMD service center based on the pricing information, receives the key, and decodes the contents data. Information regarding the number of times which copying is permitted is contained in the secure container, and the number of times permitted is increased each time charges are paid, thereby enabling copying to other media and the like. It is impossible to make copies from a container simply copied, or in cases where in the number of permitted times of copies has been used up. Thus, contents data can be distributed in a format wherein copying of contents data can be controlled including the number of copies made.

Abstract: An electronic ticket comprises a ticket ID 233, an issuer ID 237, right information 239 of the electronic ticket, and issue, transfer and redeem conditions 240, 241 and 242, the entire block of these pieces of information being attached with an issuer's signature 235. In each of the issue, transfer and redeem conditions there are recorded ticket schema ID's which specify the types of tickets that the ticket sender and receiver are required to possess, and in each phase of the issue, transfer and redeem transactions it is verified whether these conditions are satisfied.

Abstract: A method and system for selling a software product, and for preventing theft at the point of purchase, comprises: manufacturing a product (26), preferably at a sales outlet (20); generating a unique unlock code for the product, without which the product will not operate; displaying the product for sale at the sales outlet, while storing the unlock code separately form the product; and, on purchase of the product by a customer, supplying the customer with both the product and the unlock code. Since the unlock code is not printed onto the packaging, nor is it burned to the CD or other machine-readable media, the product can safely be left out for display and purchase in store without substantial risk of theft.

Abstract: A method of restricting access to recorded digital data on a digital support medium (2) using an integrated circuit e.g. on a smart card (4) containing a first decryption key (Kf) characterized in encrypting with a corresponding encryption key (Kf) one or more elements of the volume descripter (V) of the support medium (2), recording the encrypted elements of the volume descripter together with non-encrypted data on the support medium and, when accessing the support medium (2), using the integrated circuit decryption key (Kf) to decrypt the encrypted elements of the volume descripter (V) and to supply a reader (5) with these elements so as to permit the reading and/or writing of non-encrypted data on the support medium (2).

Abstract: A system for controlling access to online content referenced in a hardcopy document. A user requesting access to online content available on a server responds to an authentication challenge from the server using a password mechanism printed in the hardcopy document. The password mechanism allows the user to identify a password for responding to an authentication request by the server. After authenticating the user, the server initiates a state change to enable subsequent access to the online content by the user with a different password that is also identified with the password mechanism.

Abstract: Copyrighted electronic media are packaged in a secure electronic format, and registered on associated registration server, which serves to provide on-line licensing and copyright management for that media. Users are connected to the server, e.g., through a computer network or the Internet, to enable data transfers and to transact licenses to utilize the media. Packaged electronic media are typically created by an author or derivative user of the work. Once the packaged media is registered on the server, the media is made available for limited use and possible license through an authorization server. This limited use is specified within the minimum permissions data set assigned to each packaged media. Without a license, users are typically permitted to view the packaged media—through a system which unpackages the media—but cannot save or otherwise transfer the media without obtaining auxiliary permissions to do so from the authorization server.

Abstract: A system for protecting software that can be executed on a computer machine, the system being of the type in which the software is associated with a memory card for insertion in a reader connected to the computer machine. The software stores a public key, and periodically generates a pseudo-random number. A first algorithm is implemented by using the public key on information received from the reader. The result of implementing the first algorithm is compared with the pseudo-random number. Execution of the software is interrupted in response to such comparison. The card has protected storage means for storing an associated private key and means for implementing a second algorithm using the private key upon receiving information issued by the computer machine, thereby obtaining encoded information. The encoded information is transmitted from the card to the computer machine.

Abstract: A transaction processing system employs an authentication device which receives identifying and authentication information from a token such as a credit or debit card. The authentication device forms an information block comprising the identifying and authentication information and encrypts the information block using a preprogrammed key. The information block is transferred to a transaction terminal such as a merchant terminal or customer computer and subsequently transferred to an authorizing server. The authorizing server transfers the information block to an authenticating server, which decrypts the information block, extracts the identifying and authentication information and compares the identifying and authentication information against similar information accessible to the authenticating server. The authenticating server instructs the authorizing server to accept or reject the transaction based on the result of the comparison.

Abstract: An universal positive pay match, authentication, authorization, clearing and settlement system to reduce check and card fraud. The system includes several technologies for inputting check register information connectively from various users of the system, a database for storing the check register information and the check histories, software that searches for and captures escheated check register information, software that automatically polls check register information from the customer, the customer's bank or merchant and conducting and transmitting a partial or full reconciliation of the check register information from the system to the customer. Also included in the system is the ability of the customer's bank to provide either a stalled debit or debit stall to the customer.

Abstract: A switching portion of an IRD supplies a non-descrambled TS (transport stream) received from a front end portion or a descrambled TS received from a descrambler to a DVCR connected to an IEEE 1394 interface. In addition, data received from the DVCR is supplied to the descrambler.

Abstract: A person-to-person electronic commerce system that protects the anonymity of buyers and sellers. Embodiments of the present invention interpose a trusted intermediary between the buyer and seller during the transaction fulfillment process. Buyer and seller may disclose their personal information to the trusted intermediary. The trusted intermediary then arranges payment and shipping on behalf of the parties. In this way, neither buyer nor seller need know anything about the other in order to fulfill the transaction.

Abstract: Several commercial models relating to the payment for online content are disclosed herein. In lieu of prior art username/password combinations to gain access to exclusive on-line content, a tangible asset, namely a smart card, is used. Access is automatically granted when the smart card is inserted into a reader attached to the user's PC, and cut off when the smart card is removed from the reader. In this new model, the smart card provides a tangible, saleable, value-carrying asset that can be retailed, or otherwise distributed, which grants access to exclusive on-line content.

Abstract: A system for controlling the distribution and use of digital works using digital tickets. In the present invention, a “digital ticket” is used to entitle the ticket holder to exercise some usage right with respect to a digital work. Usage rights are used to define how a digital work may be used or distributed. Each usage right may specify a digital ticket which must be present before the right may be exercised. Digital works are stored in repositories which enforce a digital works usage rights. Each repository has a “generic ticket agent” which punches tickets. In some instances only the generic ticket agent is necessary. In other instances, punching by a “special ticket agent” residing on another repository may be needed.

Abstract: A system for transmitting and recording digital data is included. Further, a system for transmitting transmit scrambled audio data that is to be recorded on a mini disc reader is included. A system for transmission and recording of digital data includes transmission means adapted to prepare and transmit scrambled digital data together with at least one encrypted control word and a digital recording device adapted to receive and record the scrambled digital data and encrypted control word on a digital support. The digital recording device further includes an access control means adapted to decrypt the control word and thereafter descramble the digital data during playback.

Abstract: A method, apparatus, article of manufacture, and a memory structure for a USB-compliant personal key has been described. The personal key includes an integrated connector design that is simple and easy to manufacture, and allows broken or defective connecting pins to be easily replaced. In the several embodiments disclosed, the personal key also comprises a biometric sensor for authenticating the identity of the user, and visual and aural sensors for providing information to the user.

Abstract: A system and method for creating a rights expression for association with an item for use in a system for controlling use of the item in accordance with the rights expression, including specifying rights expression information indicating a manner of use of an item, the rights expression information including at least one element, the element having a variable and corresponding value for the variable; and performing an encoding process, including determining an identifier associated with a template corresponding to the rights expression information, extracting from the rights expression information the value for the variable corresponding to the element, and encoding a license adapted to be enforced on a device based on the variable and the identifier, the license including an identification of the template and the value for the variable.

Abstract: A system and method for creating a rights expression for association with an item for use in a system for controlling use of the item in accordance with the rights expression, including specifying rights expression information indicating a manner of use of an item, the rights expression information including at least one element, the element having a variable and corresponding value for the variable; generating a profile of the rights expression information, including removing the value for the variable from the element; and generating an identification for the profile, whereby the rights expression information can be enforced on a device based on the variable and the identification for the profile.

Abstract: An e-mail firewall (105) applies policies to e-mail messages (204) between a first site and a plurality of second sites in accordance with a plurality of administrator selectable policies (216). The firewall comprises a simple mail transfer protocol (SMTP) relay (202) for causing the e-mail messages (204) to be transmitted between the first site and selected ones of the second sites. A plurality of policy managers (216) enforce administrator selectable policies. The policies, such as encryption and decryption policies, comprise at least a first source/destination policy (218), at least a first content policy (220) and at least a first virus policy (224). The policies are characterized by a plurality of administrator selectable criteria (310), a plurality of administrator selectable exceptions (312) to the criteria and a plurality of administrator selectable actions (314, 316, 322) associated with the criteria and exceptions.

Abstract: The present invention relates to a digital contents selling system for selling digital contents. Identification information of digital contents selected by a customer is received. Personal digital contents are generated by setting identification information for identifying the customer in the selected digital contents as status information for permitting the customer to replay the selected digital contents. The generated digital contents are sold. Thereby, a technique is provided for preventing the illegal use of the sold digital contents.

Abstract: A system, portable device, server, apparatus and method for controlling access to a secure location or container, or for controlling access to selected television programs or classes of programs. The invention provides a system for controlling access to a facility, comprising a portable communicating device, a server means, and one or more access control devices in communication across a network, data storage means available to said server means for storing access control data, said server means being adapted to receive access requests identifying a user of said portable communicating means and including: generating means within said server means for generating access criteria from said access control data according to said user's identity, and communicating means for communicating said access criteria to at least one of said access control means and said portable communicating means, wherein said access control means is adapted to permit access responsive to said user satisfying said access criteria.

Abstract: The invention concerns a process to protect a vulnerable software working on a data processing system against its unauthorized usage using a memorizing unit. The process comprises creating a protected software by choosing in the source of the vulnerable software at least one variable and by producing the source of the protected software by modifying the source of the vulnerable software, so that the chosen variable resides in the memorizing unit.

Abstract: A method and apparatus for protecting computer software from unauthorized execution or duplication using a hardware key is disclosed. The apparatus comprises a means for communicating with the computer to receive command messages from the computer in the hardware key and to provide response messages to the computer, a memory for storing data for translating command messages into response messages enabling software execution, and a processor coupled to the interface port for translating command messages into response messages using the data stored in the memory. The processor further comprises a memory manager, for logically segmenting the memory storing the data into at least one protected segment, and for controlling access to the protected segment.

Abstract: A personal key having an inexpensive and robust integrated USB connector is disclosed. The apparatus comprises a circuit board having a processor and a plurality of conductive traces communicatively coupling the processor to a peripheral portion of the circuit board. The plurality of conductive traces includes, for example, a power trace, a ground trace, and at least two signal traces. The apparatus also comprises a first housing, having an aperture configured to accept the periphery of the circuit board therethrough, thereby presenting the plurality of conductive traces exterior to the aperture. The apparatus also comprises a shell, surrounding the plurality of conductive traces, the shell including at least one locking member interfacing with the first housing.

Abstract: A transportation intermediation apparatus includes a main control section. The main control section causes a consignor to input a transportation condition of a package with a consignor client, shows transportation fees of respective forwarding agents matching with the transportation condition to the consignor, causes the consignor to select a forwarding agent as a transportation assignee from a plurality of forwarding agents, and orders a forwarding agent client of the selected forwarding agent to perform a transportation business through the internet.

Abstract: An information recording apparatus comprises an encryption section encrypting contents information and also a license condition referred to limit use of the contents information and a decoding key for decoding the encrypted contents information to generate license information, and a recording section recording the encrypted contents information and the generated license information on a recording medium. An information reproducing apparatus comprises a decoder unit decoding the license information recorded on the recording medium using a second decoding key for decoding the license information and deciding on the basis of the license condition contained in the decoded license information whether the contents information can be used. If it is decided that the contents information can be used, the encrypted contents information recorded on the recording medium is decoded using the first decoding key contained in the decoded license information.

Abstract: A document transfer system enabling a consumer to obtain a document from an owner upon payment using a cryptographic protocol involving the consumer, the owner, a document source, such as printer, and a mediator, according to which protocol the consumer requests a document, the owner provides the source with first and third portions of the key and provides the mediator with a fourth portion of the key, which fourth portion can combine with said first portion to generate the complete key, the consumer provides the owner with the payment and the owner provides the source with a second portion of the key which can combine with said first portion to generate the complete key.

Abstract: A device and a method of preventing pirated copies of computer programs. The device has input and output devices for bidirectional data exchange with an electronic computer and a first memory element containing a data file that can be transferred to the electronic computer over the output device. In addition, a second memory element into which data can be written via the input device is also provided. The method includes the following steps. First, this device is connected to an electronic computer for bidirectional data exchange. Then a first data file containing an electronic key is transferred from the device to the electronic computer. Subsequently a second data file containing an identifier of the electronic computer is copied from the electronic computer to the device.

Abstract: The invention provides a security system and methods for high level transactions between devices. The system includes a non-deterministic hardware random number generator to provide multi-level encryption between a remote and host device.

Abstract: A method of protecting an executable image from unlicensed use is provided by remote execution of sequences of microprocessor instructions. Means of selecting sequences of instructions that execute infrequently and provide a high level of security against reverse engineering is provided. Selection means includes run-time profiling of an executable running under normal conditions. The selected sequences of instructions are replaced with instructions that interrupt the normal flow of execution and transfer control to a license server. A client computer executes the modified executable until the replaced sequences interrupt the normal flow of execution and transfer control to a license server. The license server executes the instructions which were replaced in the modified executable upon proper authorization by emulating the client microprocessor.

Abstract: A system is provided for retrieving secured electronic information stored in at least one storage device, where each storage device, such as a CD-ROM, is at least partially encrypted and is coupled to a user station. Each user station is coupled to at least one storage device, such as a CD-ROM, having electronic database files stored therein. At least one of the database files stores numerous decryption keys, each key corresponding to decrypting a predetermined data portion of the secured electronic information. Further, a metering device is coupled to each user station. When the metering device is valid, each respective user station is able to retrieve decryption keys for use in decrypting the corresponding selected data portion. In addition, a server that is selectably connected to each user station across a network controls whether the metering device is valid and operable so as to permit or deny the user station to retrieve the corresponding decryption keys.

Abstract: An electronic document delivery system and method in which a broadcast center periodically sends a “catalog” of available documents to a receiving computer, thereby allowing a user to browse through the available documents without having to access the broadcast center. The documents are transmitted as packets, and the packets are decrypted as soon as they are received, eliminating the need to store both an encrypted and an decrypted version of the documents at the receiving computer. The receiving computer periodically receives information allowing it to decrypt received documents and to encrypt billing information for the receiving computer. The invention is not limited to text-only documents and can receive all types of documents, such as software, images, text, and full-motion video.

Abstract: A method and apparatus for protecting computer software from unauthorized execution or duplication using a hardware key is disclosed. The apparatus comprises a means for communicating with the computer to receive command messages from the computer in the hardware key and to provide response messages to the computer, a memory for storing data for translating command messages into response messages enabling software execution, and a processor coupled to the communicating means for translating command messages into response messages using the data stored in the memory. The processor further comprises a memory manager, including means for logically segmenting the memory storing the data into at least one protected segment, and a means for controlling access to the protected segment.

Abstract: A method for downloading a document via a communications medium operatively associated with a communications interface, the method including receiving the document from the communications medium, placing an information storage smart card in removable operative association with the communications interface, and conditionally transmitting the document from the communications interface to the information storage smart card and storing the document in the information storage smart card. Other related methods and apparatus are also provided.

Abstract: A customer information collection method in which personal information of an individual who intends to download and use digital information is collected as customer information by a third party other than such an individual as a result of said third party acquiring the right to use the digital information, and the method comprising the steps of receiving an indication of a desire to use the digital information from the individual, prompting such an individual who has indicated the desire to input his/her own personal information as customer information, collecting and compiling such an inputted customer information, and transmitting a password is to the individual who has sent his/her own personal information to the third party so that such an individual can download and use the desired digital information.

Abstract: A method for downloading a document via a communications medium operatively associated with a communications interface, the method including receiving the document from the communications medium, placing an information storage smart card in removable operative association with the communications interface, and conditionally transmitting the document from the communications interface to the information storage smart card and storing the document in the information storage smart card. Other related methods and apparatus are also provided.

Abstract: A secure cryptographic rights unit for cryptographically regulating access to digital content includes an interface control processor and a specialized cryptographic unit that protects access to a memory. Rights keys, which allow access to content, are added by the cryptographic unit by transforming data received from the control processor and storing the result in the protected memory. The cryptographic unit then produces content decryption keys by using stored rights keys to transform other data received from the control processor. Because the control processor does not have the ability to directly access the protected memory, the security can remain effective even if the control processor is compromised. To prevent reverse engineering of the cryptographic transformations, the invention provides for an algorithm generator that uses random sources to produce algorithm definitions in machine-readable form. Because the generator itself does not contain any secrets, it can be submitted for open review.

Abstract: Electronic steganographic techniques can be used to encode a rights management control signal onto an information signal carried over an insecure communications channel. Steganographic techniques ensure that the digital control information is substantially invisibly and substantially indelibly carried by the information signal. These techniques can provide end-to-end rights management protection of an information signal irrespective of transformations between analog and digital. An electronic appliance can recover the control information and use it for electronic rights management to provide compatibility with a Virtual Distribution Environment. In one example, the system encodes low data rate pointers within high bandwidth time periods of the content signal to improve overall control information read/seek times.

Abstract: A billing system is provided that allows a consumer to order products from computers connected to the Internet, wherein the consumer is automatically billed for the ordered good or service by its telephone service provider. The billing system comprises a plug-in component (52, 52′), a billing server component (62, 62′), and in some embodiments, a merchant session gateway component (65). When a consumer orders a product over the Internet (20), the plug-in component (52) of the consumer's computer (42) establishes an Internet connection to a billing server (34) located elsewhere on the Internet (20) to order the product. In a first embodiment, the billing server component (62) of the billing server (34) transfers an encrypted version of the product to the plug-in component (52). The plug-in component (52) then disconnects from the Internet (20) and establishes a point-to-point (PPP) connection with the billing server (34).

Abstract: A system and method for rewriting software into a protected form, called cloaked software, such that this cloaked form is protected from analysis or reverse engineering while at the same time the cloaked software is executable. Further, said cloaked software may be set up so that it requires a correct key or keys to be supplied, when it is to be run, for it to execute correctly. Cloaking modifies the basic operations within the software so that the logical connections or data flow among the program operations is no longer visible. In fact, cloaking makes the correct dataflow among operations dependent on a complex interrelated set of addressing operations within the cloaked program. These addressing operations are designed so that their analysis is equivalent to a computationally intractable NP-complete problem. This situation prevents reverse-engineering and unauthorized tampering.

Abstract: A method and apparatus for distributing information products is described that comprises: receiving an encrypted launch code; decrypting the encrypted launch code with a string, R, as the key to recover a first candidate authentication code and an indicium of a first information product; and installing the first information product onto the computer when the candidate authorization code matches a first known authorization code.

Abstract: In one aspect, a method for activating, installing, and regulating use of a licensed product is disclosed. A customer licenses or buys a licensed product from a distributor. The distributor registers information describing the customer, the licensed product, and other information about the transaction at a database maintained by the licensor, manufacturer, or developer of the licensed product. The licensor communicates information describing the transaction to the customer, and the distributor ships media containing the licensed product to the customer. The customer connects to the database through a server and requests the licensed product to be activated, providing the information that describes the transaction in its request. In response, the server of the licensor generates encrypted key information that uniquely identifies the customer, the licensed product, and a license level or other information about the maximum permitted extent of use of the licensed product.

Abstract: The present invention provides a central computer site on a computer network for detecting authorized or unauthorized duplication of software on computers connected to such a network. The computers on the network may be continually connected, like computers on a Local Area Network, or intermittently connected, like computers on the Internet. Every time a user of the distributed software attempts to execute that software, a connection to the central computer site on the network is made, and a previously-created information token is presented by the user's software to the central site. The central site evaluates that token, and possibly issues a new token to be kept by the user for the next transaction. These transactions need no human intervention, and may take place without the software user's knowledge. At the same time, the central site may provide or withhold permission for the user to execute the distributed software.

Abstract: A method for transmitting credit card numbers in a secure manner through an electronic medium such as the Internet. Credit card numbers typically consist of a string of 10-20 digits, with the exact number of digits depending upon the provider of the credit card. The security is provided by transmitting the credit card number in a plurality of different transmissions, each transmission containing at least one digit of the credit card number, but fewer than all of the digits of the credit card number. Preferably, the user selects the number of digits from the credit card number to send with each transmission. Thus, the entire credit card number can only be determined by receiving all of the transmissions from the user, thereby significantly increasing the difficulty of intercepting the credit card number.

Abstract: Portable data media are known of which many have the uniform format of a standardized credit card and which are used in different ways for monetary transactions, preferably for the cash-less payment of services. Small portable terminals are also known which can be used together with such data media in order to display for example the contents of specific memories in the data medium or also to execute specific operations in the data medium. As a function of the application purpose of the data medium many diverse functions are desired. In order to avoid that for diverse functions, respectively for different data media with the most diverse applications, a special terminal must be used in each instance, it is suggested according to the invention to provide the terminal with further receiving means for a second data medium which comprises a control circuit cooperating with the terminal.