CA1296104C - Metering retrieval of encrypted data stored in customer data retrieval terminal - Google Patents
Metering retrieval of encrypted data stored in customer data retrieval terminalInfo
- Publication number
- CA1296104C CA1296104C CA000546253A CA546253A CA1296104C CA 1296104 C CA1296104 C CA 1296104C CA 000546253 A CA000546253 A CA 000546253A CA 546253 A CA546253 A CA 546253A CA 1296104 C CA1296104 C CA 1296104C
- Authority
- CA
- Canada
- Prior art keywords
- data
- retrieval
- file
- terminal
- customer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 230000015654 memory Effects 0.000 claims abstract description 67
- 238000013475 authorization Methods 0.000 claims abstract description 50
- 238000000034 method Methods 0.000 claims description 31
- 230000004044 response Effects 0.000 claims description 12
- 238000010586 diagram Methods 0.000 description 5
- 238000013478 data encryption standard Methods 0.000 description 3
- 241000180579 Arca Species 0.000 description 1
- 101150087426 Gnal gene Proteins 0.000 description 1
- 230000007274 generation of a signal involved in cell-cell signaling Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B27/00—Editing; Indexing; Addressing; Timing or synchronising; Monitoring; Measuring tape travel
- G11B27/02—Editing, e.g. varying the order of information signals recorded on, or reproduced from, record carriers
- G11B27/031—Electronic editing of digitised analogue information signals, e.g. audio or video signals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/04—Billing or invoicing
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/30—Individual registration on entry or exit not involving the use of a pass
- G07C9/32—Individual registration on entry or exit not involving the use of a pass in combination with an identity check
- G07C9/33—Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F17/00—Coin-freed apparatus for hiring articles; Coin-freed facilities or services
- G07F17/0014—Coin-freed apparatus for hiring articles; Coin-freed facilities or services for vending, access and use of specific services not covered anywhere else in G07F17/00
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F17/00—Coin-freed apparatus for hiring articles; Coin-freed facilities or services
- G07F17/16—Coin-freed apparatus for hiring articles; Coin-freed facilities or services for devices exhibiting advertisements, announcements, pictures or the like
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2135—Metering
Abstract
METERING RETRIEVAL OF ENCRYPTED DATA
STORED IN CUSTOMER DATA RETRIEVAL TERMINAL
ABSTRACT OF THE DISCLOSURE
A system for controlling and accounting for retrieval of data from a CD-ROM memory containing encrypted data files from which retrieval must be authorized. The system includes an authorization and key distribution terminal and a plurality of customer data retrieval terminals having such memories loaded therein. The authorization terminal authorizes retrieval of data by authorized customer terminals by providing to the authorized customer terminals an encryption key for enabling retrieval of the data and a authenticated credit signal for use in limiting the amount of data to be retrieved from the files. The encryption key is encrypted for communication to the customer terminals in unique unit keys that are stored in the respective customer terminals. The customer terminal limits the amount of data retrieved from the files in accordance with the credit signal; records the amount of data retrieved from the files; and provides to the authorization terminal an authenticated report of the recorded amount of data retrieved from said files. The memory includes data files of different data vendors; and the customer terminal separately records the retrieval of data from the files of the different vendors.
STORED IN CUSTOMER DATA RETRIEVAL TERMINAL
ABSTRACT OF THE DISCLOSURE
A system for controlling and accounting for retrieval of data from a CD-ROM memory containing encrypted data files from which retrieval must be authorized. The system includes an authorization and key distribution terminal and a plurality of customer data retrieval terminals having such memories loaded therein. The authorization terminal authorizes retrieval of data by authorized customer terminals by providing to the authorized customer terminals an encryption key for enabling retrieval of the data and a authenticated credit signal for use in limiting the amount of data to be retrieved from the files. The encryption key is encrypted for communication to the customer terminals in unique unit keys that are stored in the respective customer terminals. The customer terminal limits the amount of data retrieved from the files in accordance with the credit signal; records the amount of data retrieved from the files; and provides to the authorization terminal an authenticated report of the recorded amount of data retrieved from said files. The memory includes data files of different data vendors; and the customer terminal separately records the retrieval of data from the files of the different vendors.
Description
METERING RETRIEVAL OF ENCRYPTED DATA
STORED IN CUSTOMER DATA RETRIEYAL TERMINAL
BACKGROUND OF THE INVENTION
The present invention generally pertains to data retrieval and is particularly directed to limiting and accounting for the retrieval of data from encrypted data files.
SUMMARY OF THE INVENTION
The pesent invention is a method and system for controlling and accounting for retrieval of data from a memory containing an encrvpted data filefrom which retrieval must be authorized. The system includes means for authorizing such retrieval by providing an encryption kev for enabling retrieval of the data and a credit signal for use in limiting the amount ot data to be retrieved from the file; means for limiting the amount of data retrieved from the file in accordance with the credit signal; and means for recording the amount of data retrieved from the file. The system may futher include means for reporting the recorded amount of data retrieved from the file; and means for authenticating such report.
The present invention is particulary suited for retrieving data files stored in a compact disc read-onlv-memory (CD-ROM).
.
~104 Additional features of the invention are discussed in relation to the description of the preterred embodiment.
8RIEF DESCRIPTION OF THE DR~WING
Figure 1 is a block diagram illustrating the signals communicated between an authorization and kev distribution terminal and a customer data retrieval terminal in a preferred embodiment of the present invention.
Figure 2 is a fun~ctional block diayram ot the customer data retrieval terminal in the embodiment of Figure 1.
Figure 3 is a flow diagram showing operational routines in an alternative preferred embodiment of the present invention.
Figure 4 is a flow diagram showing operational routines in another alternative preferred embodiment of the present invention.
Figure 5 is a flow diagram showing certain aspects ot the operational routines in still another alternative preferred embodiment of the present invention.
Figure 6 is a block diagram illustrating the use of a customer data retrieval terminal in a personal computer for retrievina data from a CD-ROM.
Figure 7 illustrates an exemplary scheme ot tiering the retrieval of different types of data fields from a memory in accordance wi~h a preferred embodiment of the present invention.
2a 72046 11 In accordance Wit]l the present invention there is provided a method of controlling and accounting for retrieval of data from a memory, comprising the steps of (a) providing a memory containing an encrypted data file from which retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling retrieval of said data and a credit signal for use in limiting the amount of data to be retrieved from said file; (c) limiting the amount of data retrieved from said file in accordance with said credit signal; and (d) recording the amount of data retrieved from said file.
In accordance with the present invention there is also r provided a method of controlling and accounting for retrieval of data from a plurality of identical memories by a corresponding plurality of different data retrieval terminals, comprising the steps of (a) providing a memory containing an encrypted data file from which retrieval must be authori~ed; (b) providing a different unit key in each of the retrieval terminals; (c) authorizing said retrieval by providing an encryption key encrypted in the unit key of the given retrieval terminal for enabling retrieval of said data in the given retrieval terminal and by providing a credit signal addressed to the given retrieval terminal for use in limiting the amount of data to be retrieved from said file by the given retrieval terminal; (d) limiting the amount of data retrieved from said file in the given retrieval terminal in accordance with said credit signal; and (e) recording ()4 2b 72046-11 the amount of data retrieved from said file in said retrieval terminal.
In accordance with the present invention there is further provided a method of controlling and accounting for retrieval of data from a memory in a customer data retrieval terminal, comprising the steps of (a) providing in the customer data retrieval terminal a memory containing an encrypted data file from which retrieval must be authorized; (b) authorizing said retrieval in response to a request to retrieve data from said file in said customer data retrieval terminal by determining in an authorization centre located remotely from the customer terminal whether the status of an account associated with said customer terminal warrants authorizing said retrieval, and, if so, providing in the customer terminal an encryption key for enabling retrieval of data from said file; and (c) recording the retrieval of data from said file by said customer retrieval terminal and debiting said account for said retrieval.
In accordance with the present invention there is yet provided a system for controlling and accounting for retrieval of data from a memory containing an encrypted data file from which retrieval must be authorized, comprising means for authorizing said retrieval by providing an encryption key for enabling retrieval of said data and a credit signal for use in limiting the amount of data to be retrieved from said file; means for limiting the amount of data retrieved from said file in ri `.,~
129Sl(~4 ~ 72046-11 accordance with said credit signal; and means for recordiny the amount of data retrieved from said file.
In accordance with the present invention there is provided a system for controlling and accountin~ for retrieval of data from a plurality of identical memories by a corresponding plurality of different data retrieval terminals, wherein each memory contains an encrypted data file from which retrieval must be authorized, the system comprising means providing a different unit key in each of the retrieval terminals; means for authorizing said retrieval by providing an encryption key encrypted in the unit key of the given retrieval terminal for enabling retrieval of said data in the given retrieval terminal and by providing a credit signal addressed to the given retrieval terminal for use in limiting the amount of data to be retrieved from said file by the given retrieval terminal; means for limiting the amount of data retrieved from said file in the given retrieval terminal in accordance with said credit signal; and means for recording the amount of data ret:rieved from said file in said retrieval terminal.
In accordance with the present invention there is also provided a system for controlling and accounting for retrieval of data from a memory in a customer data retrieval terminal, wherein the memory contains an encrypted data file from which retrieval must be authorized, the system comprising means for authorizing said retrieval in response to a request to retrieve data from 6~
2d 720~-1]
said file in said customer data retrieval terminal by determininy in an authorization centre :Located remotely form the customer terminal whether the status of an account associated with said customer terminal warrants authorizing said retrieval, and, if so, providing in the customer terminal an encryption key for enabling retrieval of data from said file and means for recording the retrieval of data from said file by said customer retrieval terminal and debiting said account for said retrieval.
.~ LO~ 72046-1 1 DESCRIPTION OF Ti~iE PREFERRED EMBODIMENTS
The use of a preferred embodimQnt ot the system o~ the present inventlon is generally described with refYrence to Figure 1 The sVstem essentially includes an authorizstion and kev distribution termlnal 10 and a customer data retrleval terminal 11; it being understood that in practice there are a plurality of customer data retrievsl terminals tl that communicate with a single authorization and key distrlbutlon terminail 10 A memory containing an encrypted data tile from which r0trieval must be authorized is loaded in the customer data retrieval termlnal 11 Dlfferent data tiles in the memory ma~ ba associated with different data vendors Typically communications bet~veen the ~uthorization and key distribution terminal 10 and the customer dats retrieval terminal 11 are transmitted over telephone lines In order to gain authorization to retrieve encrypted data from a given file stored in the memory loaded in the customer data retrieval terminal 11 the customer causes a file use request signal 12 to be communicated to the authorization and key distribution terminal 10 The file usrs request signal identities the file for which retrieval authorization is requested and also cont3ins an ID
number iden~ifying the customer terminal 11 from which the request signal 12 is sent 7204~
The author~zation and key distributlon terminal 10 processes the request signal to determine whether the custom~r terminal 11 Identified bv the ID numbercontained in the fil~ use request slgnal 12 is authorized to retrleve data from the file identifled in the file use request signal 12. Such determination includes check-S Ing on the status of a customer account associated with the customer terminal 11 from whTch the request signal 12 is received; and may turther include determining the eligibility of the customer to retrieve data from such file notwithstanding the outcome of the credit check Upon determining that the status of the customer account associated lQ with the customer terminal 11 warrants authorizing retrieval of data from the file identified in the file use request signal 12 the authorization terminal 10 authorizes the customer terminal 11 to retrieve data from said file by providing to the cus-tomer terminal 11 both an encrypted key 13 and an authenticated cr~dit data sig-nal 14. The credit data signal 14 indicates an amount of credit to b0 extended to the customer terminal 11 for retrieval of data from the file identified in the file use requast signal 12.
The file ksy 13 is encrypted in a unit key that ~s unique to the customer terminal lt to which the encrypted file key 13 and the authent~cated cred~t s~gnal 14 are being communicated. Unit keys for each of th0 customer terminals 11 as-sociated with a given authorization and key distribution terminal 10 are stored in the authorizatlon and key distribution terminal 10 and are individuallv retrieYed in 1;~ 4 accordance with the customer terminal ID number that is included in the file userequest signal 12. Each customer data retrieval terminal also permanently stores it own unique unit kev. The authenticated credit data signal 14 is generated by including both unencrypted credit data and encrypted credit data that is formed by encrypting the unencrypted credit data with the unit key of the customer terminal that is being authorized.
The operation of the customer data retrieval terminal 11 in retrieving the encrypted data from the memory loaded therein is described with reference to Figure 2. Certain functional units of the customer data retrieval terminal 11 are implemented in a microcompu~er. These functional units include a data decryptionunit 16, a file key decryption unit 17, a cost data authentication unit 18, a credit data authentication unit 19, an authenticated credit and debit status report generation unit 20, an authenticated usage report generation unit 21, a retrieval control unit 22 associated with each data vendor, a use history storage unit 23 associated with each data vendor, a unit key memory 24 and a random acess memory (RAM) 25. The retrieval control unit 22 includes a credit register 27, a debit register 28, an accumulator 29, a comparator 30 and a logic unit 31. The customer data retrieval terminal 11 further includes a keyboard 33 for generating a file use request 34 and a file access command 35.
STORED IN CUSTOMER DATA RETRIEYAL TERMINAL
BACKGROUND OF THE INVENTION
The present invention generally pertains to data retrieval and is particularly directed to limiting and accounting for the retrieval of data from encrypted data files.
SUMMARY OF THE INVENTION
The pesent invention is a method and system for controlling and accounting for retrieval of data from a memory containing an encrvpted data filefrom which retrieval must be authorized. The system includes means for authorizing such retrieval by providing an encryption kev for enabling retrieval of the data and a credit signal for use in limiting the amount ot data to be retrieved from the file; means for limiting the amount of data retrieved from the file in accordance with the credit signal; and means for recording the amount of data retrieved from the file. The system may futher include means for reporting the recorded amount of data retrieved from the file; and means for authenticating such report.
The present invention is particulary suited for retrieving data files stored in a compact disc read-onlv-memory (CD-ROM).
.
~104 Additional features of the invention are discussed in relation to the description of the preterred embodiment.
8RIEF DESCRIPTION OF THE DR~WING
Figure 1 is a block diagram illustrating the signals communicated between an authorization and kev distribution terminal and a customer data retrieval terminal in a preferred embodiment of the present invention.
Figure 2 is a fun~ctional block diayram ot the customer data retrieval terminal in the embodiment of Figure 1.
Figure 3 is a flow diagram showing operational routines in an alternative preferred embodiment of the present invention.
Figure 4 is a flow diagram showing operational routines in another alternative preferred embodiment of the present invention.
Figure 5 is a flow diagram showing certain aspects ot the operational routines in still another alternative preferred embodiment of the present invention.
Figure 6 is a block diagram illustrating the use of a customer data retrieval terminal in a personal computer for retrievina data from a CD-ROM.
Figure 7 illustrates an exemplary scheme ot tiering the retrieval of different types of data fields from a memory in accordance wi~h a preferred embodiment of the present invention.
2a 72046 11 In accordance Wit]l the present invention there is provided a method of controlling and accounting for retrieval of data from a memory, comprising the steps of (a) providing a memory containing an encrypted data file from which retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling retrieval of said data and a credit signal for use in limiting the amount of data to be retrieved from said file; (c) limiting the amount of data retrieved from said file in accordance with said credit signal; and (d) recording the amount of data retrieved from said file.
In accordance with the present invention there is also r provided a method of controlling and accounting for retrieval of data from a plurality of identical memories by a corresponding plurality of different data retrieval terminals, comprising the steps of (a) providing a memory containing an encrypted data file from which retrieval must be authori~ed; (b) providing a different unit key in each of the retrieval terminals; (c) authorizing said retrieval by providing an encryption key encrypted in the unit key of the given retrieval terminal for enabling retrieval of said data in the given retrieval terminal and by providing a credit signal addressed to the given retrieval terminal for use in limiting the amount of data to be retrieved from said file by the given retrieval terminal; (d) limiting the amount of data retrieved from said file in the given retrieval terminal in accordance with said credit signal; and (e) recording ()4 2b 72046-11 the amount of data retrieved from said file in said retrieval terminal.
In accordance with the present invention there is further provided a method of controlling and accounting for retrieval of data from a memory in a customer data retrieval terminal, comprising the steps of (a) providing in the customer data retrieval terminal a memory containing an encrypted data file from which retrieval must be authorized; (b) authorizing said retrieval in response to a request to retrieve data from said file in said customer data retrieval terminal by determining in an authorization centre located remotely from the customer terminal whether the status of an account associated with said customer terminal warrants authorizing said retrieval, and, if so, providing in the customer terminal an encryption key for enabling retrieval of data from said file; and (c) recording the retrieval of data from said file by said customer retrieval terminal and debiting said account for said retrieval.
In accordance with the present invention there is yet provided a system for controlling and accounting for retrieval of data from a memory containing an encrypted data file from which retrieval must be authorized, comprising means for authorizing said retrieval by providing an encryption key for enabling retrieval of said data and a credit signal for use in limiting the amount of data to be retrieved from said file; means for limiting the amount of data retrieved from said file in ri `.,~
129Sl(~4 ~ 72046-11 accordance with said credit signal; and means for recordiny the amount of data retrieved from said file.
In accordance with the present invention there is provided a system for controlling and accountin~ for retrieval of data from a plurality of identical memories by a corresponding plurality of different data retrieval terminals, wherein each memory contains an encrypted data file from which retrieval must be authorized, the system comprising means providing a different unit key in each of the retrieval terminals; means for authorizing said retrieval by providing an encryption key encrypted in the unit key of the given retrieval terminal for enabling retrieval of said data in the given retrieval terminal and by providing a credit signal addressed to the given retrieval terminal for use in limiting the amount of data to be retrieved from said file by the given retrieval terminal; means for limiting the amount of data retrieved from said file in the given retrieval terminal in accordance with said credit signal; and means for recording the amount of data ret:rieved from said file in said retrieval terminal.
In accordance with the present invention there is also provided a system for controlling and accounting for retrieval of data from a memory in a customer data retrieval terminal, wherein the memory contains an encrypted data file from which retrieval must be authorized, the system comprising means for authorizing said retrieval in response to a request to retrieve data from 6~
2d 720~-1]
said file in said customer data retrieval terminal by determininy in an authorization centre :Located remotely form the customer terminal whether the status of an account associated with said customer terminal warrants authorizing said retrieval, and, if so, providing in the customer terminal an encryption key for enabling retrieval of data from said file and means for recording the retrieval of data from said file by said customer retrieval terminal and debiting said account for said retrieval.
.~ LO~ 72046-1 1 DESCRIPTION OF Ti~iE PREFERRED EMBODIMENTS
The use of a preferred embodimQnt ot the system o~ the present inventlon is generally described with refYrence to Figure 1 The sVstem essentially includes an authorizstion and kev distribution termlnal 10 and a customer data retrleval terminal 11; it being understood that in practice there are a plurality of customer data retrievsl terminals tl that communicate with a single authorization and key distrlbutlon terminail 10 A memory containing an encrypted data tile from which r0trieval must be authorized is loaded in the customer data retrieval termlnal 11 Dlfferent data tiles in the memory ma~ ba associated with different data vendors Typically communications bet~veen the ~uthorization and key distribution terminal 10 and the customer dats retrieval terminal 11 are transmitted over telephone lines In order to gain authorization to retrieve encrypted data from a given file stored in the memory loaded in the customer data retrieval terminal 11 the customer causes a file use request signal 12 to be communicated to the authorization and key distribution terminal 10 The file usrs request signal identities the file for which retrieval authorization is requested and also cont3ins an ID
number iden~ifying the customer terminal 11 from which the request signal 12 is sent 7204~
The author~zation and key distributlon terminal 10 processes the request signal to determine whether the custom~r terminal 11 Identified bv the ID numbercontained in the fil~ use request slgnal 12 is authorized to retrleve data from the file identifled in the file use request signal 12. Such determination includes check-S Ing on the status of a customer account associated with the customer terminal 11 from whTch the request signal 12 is received; and may turther include determining the eligibility of the customer to retrieve data from such file notwithstanding the outcome of the credit check Upon determining that the status of the customer account associated lQ with the customer terminal 11 warrants authorizing retrieval of data from the file identified in the file use request signal 12 the authorization terminal 10 authorizes the customer terminal 11 to retrieve data from said file by providing to the cus-tomer terminal 11 both an encrypted key 13 and an authenticated cr~dit data sig-nal 14. The credit data signal 14 indicates an amount of credit to b0 extended to the customer terminal 11 for retrieval of data from the file identified in the file use requast signal 12.
The file ksy 13 is encrypted in a unit key that ~s unique to the customer terminal lt to which the encrypted file key 13 and the authent~cated cred~t s~gnal 14 are being communicated. Unit keys for each of th0 customer terminals 11 as-sociated with a given authorization and key distribution terminal 10 are stored in the authorizatlon and key distribution terminal 10 and are individuallv retrieYed in 1;~ 4 accordance with the customer terminal ID number that is included in the file userequest signal 12. Each customer data retrieval terminal also permanently stores it own unique unit kev. The authenticated credit data signal 14 is generated by including both unencrypted credit data and encrypted credit data that is formed by encrypting the unencrypted credit data with the unit key of the customer terminal that is being authorized.
The operation of the customer data retrieval terminal 11 in retrieving the encrypted data from the memory loaded therein is described with reference to Figure 2. Certain functional units of the customer data retrieval terminal 11 are implemented in a microcompu~er. These functional units include a data decryptionunit 16, a file key decryption unit 17, a cost data authentication unit 18, a credit data authentication unit 19, an authenticated credit and debit status report generation unit 20, an authenticated usage report generation unit 21, a retrieval control unit 22 associated with each data vendor, a use history storage unit 23 associated with each data vendor, a unit key memory 24 and a random acess memory (RAM) 25. The retrieval control unit 22 includes a credit register 27, a debit register 28, an accumulator 29, a comparator 30 and a logic unit 31. The customer data retrieval terminal 11 further includes a keyboard 33 for generating a file use request 34 and a file access command 35.
2 0 A read only memory (ROM) 37 contsining the encrypted data files is loaded in the customer data retrieval terminal 11. The ROM 37 includes a plurality lZ96~
of encryptsd data tiles, File A, Fi'e B. Each data tile includes encrypted data blocks, 810ck 1, 910ck 2, ..., Olock 5. Each data file Includes blocks ot data ot a glven type of associatlon. The different data file~ ma~r be associated with d~fterent data vendors and there may be a plurlalty ot dat~ file~ associated wlth each of the different vendors. Each block ot data includes encrvpted data, a block ID
~identiflcatlon) signal, and authenticated cost data. The authentlcatad cost data indlcates the cost associated with retrieving the given encrvpted block o~ data.
To enable the customer data retrieval terminel 11 to retrieve data from any given flle in the ROM 37, the tile use request 34 identifying a given file i~
generated by use of the keyboard 33 and combinad with the unit ID number 39 for the customer terminal 11 to provide the tile use request signal 12 that is communlcated to the authorization and key distributlon terminal 10. As discussedabove, the authorlzation and key distribution terminal 10 responds to the file use request signal 12 bV providing the encrvpted file key 13 and the authenticated credit data signal 14 to the customer terminal 11 when the authorizaeion and keydistribution termin~l determines thct thQ customer terminal 11 is authorized to retrieve the data identifled in the file use request signal 12.
The encrypted file key 13 is stored in the i~AM 25.
rhe received credit data signal 14 comaining ~he credit data in both encrvpted and unencrypted form is authenticated bV the credit data authentication unit 19, which is keyed by the unit key 42 stored in the unit key memory 24 to ,,, decrypt the encrvpted credit data and thereby provide a decrypted credit data signal, which is compared with the unencrypted credit data signal in the authenticated credit data signal 14 to authenticate the received credit data signal 14. An authenticated credit data signal 41 is stored in the credit register 27 of the retrieval control unit 22 associated with the same vendor as ths file from whichda~a retrieval is being authorized. If the credit registar 27 already has a credit balance, such balance is incremented bV the amount indicated by the authenticated credit signal 41.
A message (not shown) indicating that authorization has been granted for the customer terminal 11 to retrieve data from the requested file is also communicated by the authorization and key distribution center 10 to the customerterminal 11 and displayed on a monitor (not shown) at the customer terminal 11.
To retrieve a given block of data from an authorized data file in the ROM
37, the keyboard 33 is operated to provide a file access command 35 which l S includes an address signal 44 directed to the ROM 37 for accessing the given block of data. In the example shown in Figure 1, the accessed block of data is block 5 of file R. Upon the block of data being accessed, the encrypted data 46,the block ID signal 47 and authenticated cost data 48 are read therefrom. The authenticated cost data includes both unencryptsd cost data and encrypted cost data formed by encrypting the unencrypted cost data with the applicable file keyfor the file containing the block of data that is being retrieved.
~2~ C!4 The applicable encrypted flle key 13 is retrieved from the RAM 25 In response to a flle address 49 Included in the file access command 35 and decrypted by the tlle kev decryption unit 17 which Is keyed by the unlt key 42 stored in the unit key memory 24. The file key decryption unit 17 provides a decrypted file key 50 to the data decryption unit 16 and the cost data authentlca-tlon unit 18.
The retrieved cost data signal 48 containing cost data in both encrypted and unencrypted form is authenticated by the cost data authentication unit 18 which is keyed by the file key 50 and initialized by the block ID slgnal 47 (used as lO. an initialization vector) to decrypt the encrypted cost data and thereby provide a decrypted cost data signal which is compared with the unencrypted cost dats sig-nal in the retrieved cost data signal 48 to authanticate the cost data signal.
An authenticated cost data signal 51 is provided to the debit register 28 and the accumulator 29. The debit register 28 Is not immediately incremented by 15 the cost data signal 51 however. First the accumulator 29 adds the cost data sig-nal 51 to a debit signal 52. The debit signal 52 indicated the sum of previous data retrieval costs accumulated in the debit register 28. The sum 53 of the cost data and the previously accumulated data retrieval costs indicated in the accumulator29 is then compared by the comparator 30 with an accumulated credit signal 54 20 from the credit register 27 to determine whether the customer terminal 11 hasbeen credited with sufficient credit to authorize retrieval of data from the ., requested file. When the comparison indicates that there is sufficient accumulated credit to authorize such retrieval, the logic unit 31 provides an enable signal 56 to the data decryption unit 16, the debit register 28 and the use history storage unit 23. The enable signal 56 enables the cost data 51 to be incremented into the debit register 28. As noted above, the customer terminal 11 includes a plurality of retrieval control units 22 corresponding to a plurality of different vendors for accounting for the retrieval of data from the files associated with each of the different vandors.
The enable signal 56 also enables the operation of the data decryption unit 16. The data decryption unit 16 is keyed bV the unit key 42 stored in the unit key memory 24 fo- decrypting the encrypted data 46 and providing retrieved data 58. The block ID signal 47 is used as an initialization vector by the data decryption unit 16 in combination with decrypted file key 50 for decrvpting the decrypted data 46.
Upon being enabled bV the enable signal 56, the use history storage unit 23 stores the block ID signal 47 to record the identity of the block of data retrieved from the ROM 37. The block ID signal identifies the file from which the data was retrieved and includes an address identifying the vendor associated with the retrieved file for addressing the use history storage unit 23 associated with the vendor of the data in the retrieved file. As noted above, the customer terminal 11 includes a plurality of use history storage units 23 corresponding to a pluralitv of l~g~4 different vendors for separately recording the amount of data retrieved trom thefiles associated with each of the different vendors.
A usage report 60 indicating the usage historv recorded in the use history storage unit 23 is generated for communication to the authorization and key distribution terminal 10 in response to either operation of the keyboard 33 or an interrogation signal 61 received from the authorization and key distribution terminal 10.
The block ID number further identifies the retrisved data by type;
whereupon the tvpe of dats retrieved is recorded in the history storage unit 23 and included in the usage report 60.
An authenticated usage report 62 is generated by the authenticated usage report generation unit 21, which is keyed by the unit key 42 stored in the unit key memory 24, to encrypt the usage report. The authenticated usage report generation unit 21 provides the authenticated usage report 62, which includes the usage report in both encrvpted and unencryp~ed form and is combined with the unit ID number 39 for communication to the authorization and key distribution terminal 10 as an authenticated usage report and unit ID signal 63.
Together with the authenticated usage report and unit ID signal 63, there also is communicated to the authorization and key dis~ribution terminal 10 an authenticatad credit and debit status report and unit ID signal 64. This signal 64 is provided in response to 0ither operation of the kevboard 33 or tha interrogation 3~
signal 61 being directed to the retrieval control unit 22. Signals 66 and 67 respectively indicating the status of the credit and debit registers 27 and 28 are encrypted bV the authenticated credit and debit status report generation unit 20, which is keyed bV the unit ksy 42 stored in the unit key mamory 24. The authenticated credit and debit ststus report generator 20 provides an authenticated credit and debit status report signal 68, which includes such status report in both encrypted and unencrypted form, and which is combined with the unit ID number 39 to provide the authenticated credit and debit status report and unit ID signal 64.
The credit register 27, the debit register 28 and the use history storage unit 23 for any given vendor can be reset to zero when desired in response to a refresh registers command 70 (Fig. 1) communicated from the authorization and key distribution terminal 1 Q. Such command 70 would be communicated, for example, when a given customer terminal account associated with a given vendor is closed out.
In an alternative preferred embodiment, as shown in Figure 3, a separate file use request is communicated from a customer data retrieval terminal 72 to an authorization and key distribution terminal 73 for each data file that is be retreived.
The operational routines illustrated in Figure 3 are implemented by a microcomputer.
2 0 Initially, a routine 75 is performed in the customer terminal 72 for generating an authenticated file use request containing a unit ID number 76 for the ~Z~ 4 customer terminal 72 and the file number 77 for the desired file. The generated file use request is encrypted in the unit encrvption key 78 that is unique to the customer terminal 72 and communicated to the authorization and key distribution terminal 73 in an authenticated file use request message 79 that also includes the unencrypted unit ID number 76.
Upon receipt of the message 79, the authorization and key distribution terminal 73 performs a look-up routine 80 for looking up the unit kev for the customer terminal 72 identified by the recieved unencrypted unit ID number.
Using the looksd-up unit key 81, the authorization and key distribution terminal 73 performs a decryption routine 82 for decrypting the unit ID number and the desired file ID number from the received message 79.
The terminal 73 then performs another look-up routine 83, wherein the decrypted file ID number 84 is used to look up the file key 85 that was used forencrypting the file identified bV ~he decrypted file number 84.
1 5 The terminal 73 also performs an authentication routine 86 for determining whether the recieved message 79 is authentic, wherein the decrypted unit ID number 87 is compared with the unit ID number contained in the received message 79. If it is determined from such comparison 86 that ~he message 79 is not authentic, the terminal 73 generates an error message 88 indicating that thereceived message 89 is not authentic. The error message is then communicated to and displayed 89 at the customer terminal 72.
If it is determined from the comparison 86 that the message 79 is authentic, the terminal 73 performs a credit check routine 90 for the customer terminal 72 identified by the unit ID number. If it is determined from such credit check 90, that credit should not be extended for retrieval of data from the requested file by the identified customer terminal 72, the authorization and keydistribution terminal 73 generates an arror message 88 indicating that credit is not authorized and communicates the error message to the customer terminal for display 89 at the customer terminal 72.
If it is determined from the credit check 90 that credit should be extended for retrieval of data from the requested file bV the identified customer terminal 72, the file kev 85 is encrypted in the unit key 81 for the identified customer terminal 72 by an ancryption routine 91 and the encrypted file key 92 is communicated to the customer terminal 72.
The customer terminal 72 than performs a decryption routine 93, wherein the unit key 78 stored therein is used to decrypt the ancrypted file kev 92.
Next, the customer terminal performs a decryption routine 94. wherin the decrypted file key 95 is used to decr~pt the file header for the encrypted data file 96 identified by the desired file number 77. The decrypted file header 97 is communicated to the authorization and key distribution terminal 73, which in turn performs a comparison routine 98 to determine whether the decrypted header is the correct header for the file identified by the decrypted file number 84. This J 2961(~4 routine 98 verifies the decryption of the encrvpted file kev 92 communicated to the customer terminal 72 prior to debiting the account maintained for the customer terminal 72. If it is determined that the correct header has not been decrvpted,the terminal 73 performs an error message routine 88, wherein an error message indicating the error is generated and communicated to the customer terminal 72 for display 89.
If it is determined that the correct header has been decrypted, an enable signal is communicated 2O the customer tsrminal 72 to anable a data file decrvption routine 100. The enable signal 39 also intiates a routine 101 in the authorization and key distribution terminal 73, wherein a transaction report identifying the customer terminal 72 and the data file is generated and communicated to a billing terminal 102 for billin~ the customer associated with the customer terminal 72 for the retrieval of data from the requested file.
In an alternative preferred embodiment shown in Figure 4, an authorization terminal 105 and a customer terminal 106 perform several authentication and reporting routines. The operational routines illustrated in Figure 4 are implemented bV a microcomputer.
Initially, the customer terminal 106 performs a routine 107 wherein an authorization request 108 con~aining the customer terminal unit ID number 109 is generated and communicated to the authorization termina~ 105. The authorization terminal 105 performs a look-up routine 1û9 for looking up the unit kev 110 for the customer terminal 106 identified by the unit ID number contained in the request 108.
The authorization terminal then performs an authenticated signal generation routine 11 1, wherein the unit kev 1 10 is used to encrypt an interrogation command. The encrypted interrogation command 11 2 is combined with the unencrypted interrogation command to provide an authenticated interrogation command, which is communicated to the customer terminal 106, where it is authenticated by using the unit key 113 stored therein.
The routines for generating authenticated given data that are described herein include the steps of encrvpting the given data and generating a signal that includes the given data in both encrypted and unencrypted form.
The routines for authenticating given data that are described herein include the steps of decrypting given data that has been encrypted and comparingthe decrypted data to the given data in unencrypted form.
It is to be understood that other techniques of generating authenticated data and of authentlcating given data may be used in other embodiments of the present invention.
The customer terminal 106 responds to the interrogation command 112 by retrieving a use history report 114 for the user terminal 106 from a use history storage unit 115 and a debit and credit report 11~ for the customer terminal 106 ~L2~61(~4 from debit and credit registers 1 t7. The customer terminal then performs an authentication routine 118 wherein the unit kay 1 t3 is used to encrypt the use history report 114 and the debit and credit report 116. An authenticated report 119 including the reports 114 and 116 in both encrypted and unencrypted form is communlcated to the authorization terminal 105.
The authorization terminal pertorms a routine 121 using the unit key 110 to authenticate the report 119. The use historv and debit and credit reports also are processed in relation to each other in accordance with certain criteria to determine their authentlcity. If it is determined thst the report 119 is not authentic a report 123 is generated in the authorization terminal tO5 and an error message is communicated to and displayed 124 in customer terminal 106.
- If it is determined that the reports 11g is authentic the use historv is stored 125 tor a report 125a to a billiny terminel 126 and the authorization terminal 105 performs a credit check routlne 127 in view ot the status ot the accounts for the customer terminal 106 as updated by the authenticated report 119 to determine whether the customer terminal 106 should be authorized to retr~eve data from encrypted data fil6s loaded thsrein. In conducting such credit check. the credit check routine 127 also accesses a credit look-up table 128 that includes a bad credit 11st 129 recieved trom the billlng terminal 126.
l~ the credit check routine 127 determines that the customer terminal 106 should not be authorized to retrieve data from encrypted data files loaded therein.
. ~ ., an error report 130 is generated in the authorization terminsl 105 and an error message is communicsted to and displayed 124 in the customer terminal 106.
If the credit check routine 127 determines that the customer terminal 106 should be authorized to retrieve data from encrvpted data files loaded therein, the authorization terminal 105 performs a routine 132, wherain the unit key 110 is used to generate an authenticated credit data signal 133, which is communicated to the customer terminsl 106. The credit data signal indicates a predetermined number of retrieval units in accordance with the credit rating assigned to the customerterminal 1û6.
The customer terminal performs an authentication routine 134 on the credit dsta signal 133 by using the unit key 113 stored in the customer terminal106. If it is determined pursuan~ to the authentication routine 134 that the credit data signal 133 is not authentic, an error messaye is displayed 124 in the customer terminsl 106 and reported in the authorization terminal 105.
If the authentication routine 134 determines that ~he encrypted credit signal is authentic, the credit register in the customsr t0rminal 106 is updated 136 and decryption of the data in the data file loaded in the customer terminal is enabled 137 in accordance with the amount of updated credit.
The opera~ion of providing an encrypted file key from the authorization center 105 to the customer terminal 106 is not necessarily included in combination with the operations described in relation to the embodiment of Figure 4, although it maV be if desired. Alternatively, a file key for each vendor maV be permanently stored in the customer terminal 106 for use in decrvpting data encrvpted in the file kev for the respective vendor; or a file key for each vendor may be contained in a card that is independently loaded into the customer terminal 106, and which may be changed from time to time or in accordance with the particular vendor from whose data file the data is to be retrieved.
Figure 5 illustrates an exemplarv series of operational routines that maV
be used with the embodiment of Figure 4 for controlling the retrieval of data from different encrypted data files associa~ed with each vendor and for recording theretrieval of data from such files. The operations described with reference to Figure 5 are performed bV a microcomputer in the customer tsrminal. In this example, each data file includes a plu-ality of data blocks and data blocks of different types.
Each different type of data block has its own unique cost data manifested in a specified amount of retrieval units R associated therewith.
Pursuant to a plurality of retrieval routines 140, a quantity of N blocks of a type having a retrieval cost R are retrieved from data files associated with vendor Y; whereupon the use history storage for vendor Y is updated 141 and the debit register for vendor Y is incremented by N times R retrieval units 142. A
comparison routine 143 is performed each time the debit register is incremented to determine whether ~he amount in the debit register for vendor Y is equal to or exceeds the amount in the credit register for vendor Y. If not, further data retrieval from the data files associated with vendor Y maV continue. When the amount in the debit register equals or exceeds the amount in the credit register, decryption is disabled 144 and a message ehat retrieval is '~unauthorizedU is displayed 145 at the customer terminal.
The customer then knows that he must cause the customer terminal to generate another authorization request 108, as in the embodiment of Figure 4, inorder to receive a further credit signal from the authorization terminal and thereby increment the credit register before further retrieval from the data files ot vendor Y will be authori2ed.
In view of its storage capacity and ease of data retrieval, a CD-ROM is preferred as the storage medium for the data files to be retrieved in accordancewith ths present invention. Referring to Figure 6, a CD-ROM 148 is loaded into aCD-ROM drive 149, which is connected to a customer data retrieval terminal 150, such as that described with reference to Figure 2. The customer data retrieval lS terminal 150 is contained in a microcomputer in a personal computer 151 and uses the microcomputer bus 152 to communicate with an authorization and keV
distribution terminal (not shown) via a telephone modem 153 and the telephone line 154-The Data Encryption Standard (DES) algorithm is preferred for the encrvption and decrvption steps described herein. The unit kev memory in the customer data retrieval terminals is a secure memor~ included in an integrated _19_ 12~6iO4 circuit chip having an architecture that prevents the memory from being accessedfrom off the chip. The secure memory can be accessed only by the processor in the microcomputer that performs the DES algorithm.
The retrieval of different types of data from the memory loaded in the customer data retrieval terminal may be authorized in predetermined tiers corresponding to the different types of data, as shown in an example illustrated in Figure 7. In this example data file J includes data blocks 1, 2, 3, each of which include a plurality of ccrresponding different data fields a, b, c, d, e. Each of the commonlv designated data fields is related to a common type of data. In the example of Figure 7, each data block a, b, c, d, e, pertains to a different companV;
field "a~ contains the company name; field ~b~v contains the zip code; field "c contains the number of employees; field ~d~ contains the plant arca; and field "e"
contains annual revenue. Each data block also includes a block ID number.
In order to limit the retrieval authorization for different customer terminals to different types of data, the file key Is. subdivided into a plurality of fieltl keys corresponding to the different data fields. Accordingly, the file key for data field J includes field keys aJ, bJ, CJ, dJ, eJ. Different authorization tiers A, B, C, are assigned to different customer terminals in accordance with the differentcombinations of the difterent types of data fields that they are authorized to 2 o retrieve. In the example of Figure 7, tier A is assigned to customer terminals authorized to retrieve data from all of the data fields in the data file; tier B is ~Z~lo~.~
assigned to customer terminals authorized to retrieve data from onlv tields b and d; and tier C is assigned to customer terminals authorized to retrieve data tromonly fields b, c, and e.
of encryptsd data tiles, File A, Fi'e B. Each data tile includes encrypted data blocks, 810ck 1, 910ck 2, ..., Olock 5. Each data file Includes blocks ot data ot a glven type of associatlon. The different data file~ ma~r be associated with d~fterent data vendors and there may be a plurlalty ot dat~ file~ associated wlth each of the different vendors. Each block ot data includes encrvpted data, a block ID
~identiflcatlon) signal, and authenticated cost data. The authentlcatad cost data indlcates the cost associated with retrieving the given encrvpted block o~ data.
To enable the customer data retrieval terminel 11 to retrieve data from any given flle in the ROM 37, the tile use request 34 identifying a given file i~
generated by use of the keyboard 33 and combinad with the unit ID number 39 for the customer terminal 11 to provide the tile use request signal 12 that is communlcated to the authorization and key distributlon terminal 10. As discussedabove, the authorlzation and key distribution terminal 10 responds to the file use request signal 12 bV providing the encrvpted file key 13 and the authenticated credit data signal 14 to the customer terminal 11 when the authorizaeion and keydistribution termin~l determines thct thQ customer terminal 11 is authorized to retrieve the data identifled in the file use request signal 12.
The encrypted file key 13 is stored in the i~AM 25.
rhe received credit data signal 14 comaining ~he credit data in both encrvpted and unencrypted form is authenticated bV the credit data authentication unit 19, which is keyed by the unit key 42 stored in the unit key memory 24 to ,,, decrypt the encrvpted credit data and thereby provide a decrypted credit data signal, which is compared with the unencrypted credit data signal in the authenticated credit data signal 14 to authenticate the received credit data signal 14. An authenticated credit data signal 41 is stored in the credit register 27 of the retrieval control unit 22 associated with the same vendor as ths file from whichda~a retrieval is being authorized. If the credit registar 27 already has a credit balance, such balance is incremented bV the amount indicated by the authenticated credit signal 41.
A message (not shown) indicating that authorization has been granted for the customer terminal 11 to retrieve data from the requested file is also communicated by the authorization and key distribution center 10 to the customerterminal 11 and displayed on a monitor (not shown) at the customer terminal 11.
To retrieve a given block of data from an authorized data file in the ROM
37, the keyboard 33 is operated to provide a file access command 35 which l S includes an address signal 44 directed to the ROM 37 for accessing the given block of data. In the example shown in Figure 1, the accessed block of data is block 5 of file R. Upon the block of data being accessed, the encrypted data 46,the block ID signal 47 and authenticated cost data 48 are read therefrom. The authenticated cost data includes both unencryptsd cost data and encrypted cost data formed by encrypting the unencrypted cost data with the applicable file keyfor the file containing the block of data that is being retrieved.
~2~ C!4 The applicable encrypted flle key 13 is retrieved from the RAM 25 In response to a flle address 49 Included in the file access command 35 and decrypted by the tlle kev decryption unit 17 which Is keyed by the unlt key 42 stored in the unit key memory 24. The file key decryption unit 17 provides a decrypted file key 50 to the data decryption unit 16 and the cost data authentlca-tlon unit 18.
The retrieved cost data signal 48 containing cost data in both encrypted and unencrypted form is authenticated by the cost data authentication unit 18 which is keyed by the file key 50 and initialized by the block ID slgnal 47 (used as lO. an initialization vector) to decrypt the encrypted cost data and thereby provide a decrypted cost data signal which is compared with the unencrypted cost dats sig-nal in the retrieved cost data signal 48 to authanticate the cost data signal.
An authenticated cost data signal 51 is provided to the debit register 28 and the accumulator 29. The debit register 28 Is not immediately incremented by 15 the cost data signal 51 however. First the accumulator 29 adds the cost data sig-nal 51 to a debit signal 52. The debit signal 52 indicated the sum of previous data retrieval costs accumulated in the debit register 28. The sum 53 of the cost data and the previously accumulated data retrieval costs indicated in the accumulator29 is then compared by the comparator 30 with an accumulated credit signal 54 20 from the credit register 27 to determine whether the customer terminal 11 hasbeen credited with sufficient credit to authorize retrieval of data from the ., requested file. When the comparison indicates that there is sufficient accumulated credit to authorize such retrieval, the logic unit 31 provides an enable signal 56 to the data decryption unit 16, the debit register 28 and the use history storage unit 23. The enable signal 56 enables the cost data 51 to be incremented into the debit register 28. As noted above, the customer terminal 11 includes a plurality of retrieval control units 22 corresponding to a plurality of different vendors for accounting for the retrieval of data from the files associated with each of the different vandors.
The enable signal 56 also enables the operation of the data decryption unit 16. The data decryption unit 16 is keyed bV the unit key 42 stored in the unit key memory 24 fo- decrypting the encrypted data 46 and providing retrieved data 58. The block ID signal 47 is used as an initialization vector by the data decryption unit 16 in combination with decrypted file key 50 for decrvpting the decrypted data 46.
Upon being enabled bV the enable signal 56, the use history storage unit 23 stores the block ID signal 47 to record the identity of the block of data retrieved from the ROM 37. The block ID signal identifies the file from which the data was retrieved and includes an address identifying the vendor associated with the retrieved file for addressing the use history storage unit 23 associated with the vendor of the data in the retrieved file. As noted above, the customer terminal 11 includes a plurality of use history storage units 23 corresponding to a pluralitv of l~g~4 different vendors for separately recording the amount of data retrieved trom thefiles associated with each of the different vendors.
A usage report 60 indicating the usage historv recorded in the use history storage unit 23 is generated for communication to the authorization and key distribution terminal 10 in response to either operation of the keyboard 33 or an interrogation signal 61 received from the authorization and key distribution terminal 10.
The block ID number further identifies the retrisved data by type;
whereupon the tvpe of dats retrieved is recorded in the history storage unit 23 and included in the usage report 60.
An authenticated usage report 62 is generated by the authenticated usage report generation unit 21, which is keyed by the unit key 42 stored in the unit key memory 24, to encrypt the usage report. The authenticated usage report generation unit 21 provides the authenticated usage report 62, which includes the usage report in both encrvpted and unencryp~ed form and is combined with the unit ID number 39 for communication to the authorization and key distribution terminal 10 as an authenticated usage report and unit ID signal 63.
Together with the authenticated usage report and unit ID signal 63, there also is communicated to the authorization and key dis~ribution terminal 10 an authenticatad credit and debit status report and unit ID signal 64. This signal 64 is provided in response to 0ither operation of the kevboard 33 or tha interrogation 3~
signal 61 being directed to the retrieval control unit 22. Signals 66 and 67 respectively indicating the status of the credit and debit registers 27 and 28 are encrypted bV the authenticated credit and debit status report generation unit 20, which is keyed bV the unit ksy 42 stored in the unit key mamory 24. The authenticated credit and debit ststus report generator 20 provides an authenticated credit and debit status report signal 68, which includes such status report in both encrypted and unencrypted form, and which is combined with the unit ID number 39 to provide the authenticated credit and debit status report and unit ID signal 64.
The credit register 27, the debit register 28 and the use history storage unit 23 for any given vendor can be reset to zero when desired in response to a refresh registers command 70 (Fig. 1) communicated from the authorization and key distribution terminal 1 Q. Such command 70 would be communicated, for example, when a given customer terminal account associated with a given vendor is closed out.
In an alternative preferred embodiment, as shown in Figure 3, a separate file use request is communicated from a customer data retrieval terminal 72 to an authorization and key distribution terminal 73 for each data file that is be retreived.
The operational routines illustrated in Figure 3 are implemented by a microcomputer.
2 0 Initially, a routine 75 is performed in the customer terminal 72 for generating an authenticated file use request containing a unit ID number 76 for the ~Z~ 4 customer terminal 72 and the file number 77 for the desired file. The generated file use request is encrypted in the unit encrvption key 78 that is unique to the customer terminal 72 and communicated to the authorization and key distribution terminal 73 in an authenticated file use request message 79 that also includes the unencrypted unit ID number 76.
Upon receipt of the message 79, the authorization and key distribution terminal 73 performs a look-up routine 80 for looking up the unit kev for the customer terminal 72 identified by the recieved unencrypted unit ID number.
Using the looksd-up unit key 81, the authorization and key distribution terminal 73 performs a decryption routine 82 for decrypting the unit ID number and the desired file ID number from the received message 79.
The terminal 73 then performs another look-up routine 83, wherein the decrypted file ID number 84 is used to look up the file key 85 that was used forencrypting the file identified bV ~he decrypted file number 84.
1 5 The terminal 73 also performs an authentication routine 86 for determining whether the recieved message 79 is authentic, wherein the decrypted unit ID number 87 is compared with the unit ID number contained in the received message 79. If it is determined from such comparison 86 that ~he message 79 is not authentic, the terminal 73 generates an error message 88 indicating that thereceived message 89 is not authentic. The error message is then communicated to and displayed 89 at the customer terminal 72.
If it is determined from the comparison 86 that the message 79 is authentic, the terminal 73 performs a credit check routine 90 for the customer terminal 72 identified by the unit ID number. If it is determined from such credit check 90, that credit should not be extended for retrieval of data from the requested file by the identified customer terminal 72, the authorization and keydistribution terminal 73 generates an arror message 88 indicating that credit is not authorized and communicates the error message to the customer terminal for display 89 at the customer terminal 72.
If it is determined from the credit check 90 that credit should be extended for retrieval of data from the requested file bV the identified customer terminal 72, the file kev 85 is encrypted in the unit key 81 for the identified customer terminal 72 by an ancryption routine 91 and the encrypted file key 92 is communicated to the customer terminal 72.
The customer terminal 72 than performs a decryption routine 93, wherein the unit key 78 stored therein is used to decrypt the ancrypted file kev 92.
Next, the customer terminal performs a decryption routine 94. wherin the decrypted file key 95 is used to decr~pt the file header for the encrypted data file 96 identified by the desired file number 77. The decrypted file header 97 is communicated to the authorization and key distribution terminal 73, which in turn performs a comparison routine 98 to determine whether the decrypted header is the correct header for the file identified by the decrypted file number 84. This J 2961(~4 routine 98 verifies the decryption of the encrvpted file kev 92 communicated to the customer terminal 72 prior to debiting the account maintained for the customer terminal 72. If it is determined that the correct header has not been decrvpted,the terminal 73 performs an error message routine 88, wherein an error message indicating the error is generated and communicated to the customer terminal 72 for display 89.
If it is determined that the correct header has been decrypted, an enable signal is communicated 2O the customer tsrminal 72 to anable a data file decrvption routine 100. The enable signal 39 also intiates a routine 101 in the authorization and key distribution terminal 73, wherein a transaction report identifying the customer terminal 72 and the data file is generated and communicated to a billing terminal 102 for billin~ the customer associated with the customer terminal 72 for the retrieval of data from the requested file.
In an alternative preferred embodiment shown in Figure 4, an authorization terminal 105 and a customer terminal 106 perform several authentication and reporting routines. The operational routines illustrated in Figure 4 are implemented bV a microcomputer.
Initially, the customer terminal 106 performs a routine 107 wherein an authorization request 108 con~aining the customer terminal unit ID number 109 is generated and communicated to the authorization termina~ 105. The authorization terminal 105 performs a look-up routine 1û9 for looking up the unit kev 110 for the customer terminal 106 identified by the unit ID number contained in the request 108.
The authorization terminal then performs an authenticated signal generation routine 11 1, wherein the unit kev 1 10 is used to encrypt an interrogation command. The encrypted interrogation command 11 2 is combined with the unencrypted interrogation command to provide an authenticated interrogation command, which is communicated to the customer terminal 106, where it is authenticated by using the unit key 113 stored therein.
The routines for generating authenticated given data that are described herein include the steps of encrvpting the given data and generating a signal that includes the given data in both encrypted and unencrypted form.
The routines for authenticating given data that are described herein include the steps of decrypting given data that has been encrypted and comparingthe decrypted data to the given data in unencrypted form.
It is to be understood that other techniques of generating authenticated data and of authentlcating given data may be used in other embodiments of the present invention.
The customer terminal 106 responds to the interrogation command 112 by retrieving a use history report 114 for the user terminal 106 from a use history storage unit 115 and a debit and credit report 11~ for the customer terminal 106 ~L2~61(~4 from debit and credit registers 1 t7. The customer terminal then performs an authentication routine 118 wherein the unit kay 1 t3 is used to encrypt the use history report 114 and the debit and credit report 116. An authenticated report 119 including the reports 114 and 116 in both encrypted and unencrypted form is communlcated to the authorization terminal 105.
The authorization terminal pertorms a routine 121 using the unit key 110 to authenticate the report 119. The use historv and debit and credit reports also are processed in relation to each other in accordance with certain criteria to determine their authentlcity. If it is determined thst the report 119 is not authentic a report 123 is generated in the authorization terminal tO5 and an error message is communicated to and displayed 124 in customer terminal 106.
- If it is determined that the reports 11g is authentic the use historv is stored 125 tor a report 125a to a billiny terminel 126 and the authorization terminal 105 performs a credit check routlne 127 in view ot the status ot the accounts for the customer terminal 106 as updated by the authenticated report 119 to determine whether the customer terminal 106 should be authorized to retr~eve data from encrypted data fil6s loaded thsrein. In conducting such credit check. the credit check routine 127 also accesses a credit look-up table 128 that includes a bad credit 11st 129 recieved trom the billlng terminal 126.
l~ the credit check routine 127 determines that the customer terminal 106 should not be authorized to retrieve data from encrypted data files loaded therein.
. ~ ., an error report 130 is generated in the authorization terminsl 105 and an error message is communicsted to and displayed 124 in the customer terminal 106.
If the credit check routine 127 determines that the customer terminal 106 should be authorized to retrieve data from encrvpted data files loaded therein, the authorization terminal 105 performs a routine 132, wherain the unit key 110 is used to generate an authenticated credit data signal 133, which is communicated to the customer terminsl 106. The credit data signal indicates a predetermined number of retrieval units in accordance with the credit rating assigned to the customerterminal 1û6.
The customer terminal performs an authentication routine 134 on the credit dsta signal 133 by using the unit key 113 stored in the customer terminal106. If it is determined pursuan~ to the authentication routine 134 that the credit data signal 133 is not authentic, an error messaye is displayed 124 in the customer terminsl 106 and reported in the authorization terminal 105.
If the authentication routine 134 determines that ~he encrypted credit signal is authentic, the credit register in the customsr t0rminal 106 is updated 136 and decryption of the data in the data file loaded in the customer terminal is enabled 137 in accordance with the amount of updated credit.
The opera~ion of providing an encrypted file key from the authorization center 105 to the customer terminal 106 is not necessarily included in combination with the operations described in relation to the embodiment of Figure 4, although it maV be if desired. Alternatively, a file key for each vendor maV be permanently stored in the customer terminal 106 for use in decrvpting data encrvpted in the file kev for the respective vendor; or a file key for each vendor may be contained in a card that is independently loaded into the customer terminal 106, and which may be changed from time to time or in accordance with the particular vendor from whose data file the data is to be retrieved.
Figure 5 illustrates an exemplarv series of operational routines that maV
be used with the embodiment of Figure 4 for controlling the retrieval of data from different encrypted data files associa~ed with each vendor and for recording theretrieval of data from such files. The operations described with reference to Figure 5 are performed bV a microcomputer in the customer tsrminal. In this example, each data file includes a plu-ality of data blocks and data blocks of different types.
Each different type of data block has its own unique cost data manifested in a specified amount of retrieval units R associated therewith.
Pursuant to a plurality of retrieval routines 140, a quantity of N blocks of a type having a retrieval cost R are retrieved from data files associated with vendor Y; whereupon the use history storage for vendor Y is updated 141 and the debit register for vendor Y is incremented by N times R retrieval units 142. A
comparison routine 143 is performed each time the debit register is incremented to determine whether ~he amount in the debit register for vendor Y is equal to or exceeds the amount in the credit register for vendor Y. If not, further data retrieval from the data files associated with vendor Y maV continue. When the amount in the debit register equals or exceeds the amount in the credit register, decryption is disabled 144 and a message ehat retrieval is '~unauthorizedU is displayed 145 at the customer terminal.
The customer then knows that he must cause the customer terminal to generate another authorization request 108, as in the embodiment of Figure 4, inorder to receive a further credit signal from the authorization terminal and thereby increment the credit register before further retrieval from the data files ot vendor Y will be authori2ed.
In view of its storage capacity and ease of data retrieval, a CD-ROM is preferred as the storage medium for the data files to be retrieved in accordancewith ths present invention. Referring to Figure 6, a CD-ROM 148 is loaded into aCD-ROM drive 149, which is connected to a customer data retrieval terminal 150, such as that described with reference to Figure 2. The customer data retrieval lS terminal 150 is contained in a microcomputer in a personal computer 151 and uses the microcomputer bus 152 to communicate with an authorization and keV
distribution terminal (not shown) via a telephone modem 153 and the telephone line 154-The Data Encryption Standard (DES) algorithm is preferred for the encrvption and decrvption steps described herein. The unit kev memory in the customer data retrieval terminals is a secure memor~ included in an integrated _19_ 12~6iO4 circuit chip having an architecture that prevents the memory from being accessedfrom off the chip. The secure memory can be accessed only by the processor in the microcomputer that performs the DES algorithm.
The retrieval of different types of data from the memory loaded in the customer data retrieval terminal may be authorized in predetermined tiers corresponding to the different types of data, as shown in an example illustrated in Figure 7. In this example data file J includes data blocks 1, 2, 3, each of which include a plurality of ccrresponding different data fields a, b, c, d, e. Each of the commonlv designated data fields is related to a common type of data. In the example of Figure 7, each data block a, b, c, d, e, pertains to a different companV;
field "a~ contains the company name; field ~b~v contains the zip code; field "c contains the number of employees; field ~d~ contains the plant arca; and field "e"
contains annual revenue. Each data block also includes a block ID number.
In order to limit the retrieval authorization for different customer terminals to different types of data, the file key Is. subdivided into a plurality of fieltl keys corresponding to the different data fields. Accordingly, the file key for data field J includes field keys aJ, bJ, CJ, dJ, eJ. Different authorization tiers A, B, C, are assigned to different customer terminals in accordance with the differentcombinations of the difterent types of data fields that they are authorized to 2 o retrieve. In the example of Figure 7, tier A is assigned to customer terminals authorized to retrieve data from all of the data fields in the data file; tier B is ~Z~lo~.~
assigned to customer terminals authorized to retrieve data from onlv tields b and d; and tier C is assigned to customer terminals authorized to retrieve data tromonly fields b, c, and e.
Claims (43)
1. A method of controlling and accounting for retrieval of data from a memory, comprising the steps of (a) providing a memory containing an encrypted data file from which retrieval must be authorized;
(b) authorizing said retrieval by providing an encryption key for enabling retrieval of said data and a credit signal for use in limiting the amount of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with said credit signal; and (d) recording the amount of data retrieved from said file.
(b) authorizing said retrieval by providing an encryption key for enabling retrieval of said data and a credit signal for use in limiting the amount of data to be retrieved from said file;
(c) limiting the amount of data retrieved from said file in accordance with said credit signal; and (d) recording the amount of data retrieved from said file.
2. A method according to Claim 1, further comprising the steps of (e) reporting the recorded amount of data retrieved from said file; and (f) authenticating said report.
3. A method according to Claim 1, wherein step (b) comprises the step of (e) encrypting said encryption key.
4. A method according to Claim 1, wherein step (b) comprises the step of (e) authenticating said credit signal.
5. A method according to Claim 1, further comprising the step of (e) determining whether credit should be extended in response to a retrieval request, and, if so. the amount of said credit to be indicated by said credit signal.
6. A method according to Claim 1, wherein step (a) comprises providing a memory containing encrypted data files for each of a plurality of different data vendors, with a different said encryption key being required to retreive data file(s) associated with each of said vendors;
step (b) comprises providing a separate set of encryption key and credit signal for each vendor associated with a said file retreival authorization;
step (c) comprises limiting retrieval of files associated with different vendors separately in accordance with the encryption key and credit signal provided for said vendor; and step (d) comprises separately recording the amount of retrieved data with respect to each vendor.
step (b) comprises providing a separate set of encryption key and credit signal for each vendor associated with a said file retreival authorization;
step (c) comprises limiting retrieval of files associated with different vendors separately in accordance with the encryption key and credit signal provided for said vendor; and step (d) comprises separately recording the amount of retrieved data with respect to each vendor.
7. A method according to Claim 6, wherein step (a) comprises providing a memory containing a plurality of encrypted data files for a given data vendor; and step (d) comprises separately recording the amount of retreived data with respect to each data file of said given vendor.
8. A method according to Claim 1, wherein step (a) comprises providing a memory containing a plurality of encrypted data files for a given data vendor: and step (d) comprises separately recording the amount of retreived data with respect to each data file of said given vendor.
9. A method according to Claim 1, wherein step (a) comprises providing a said memory that further contains unencrypted initialization vector data associated with the encrypted data file; and the method further comprises the step of (e) using said initialization vector data in combination with said encryption key to retrieve data from said file.
10. A method according to Claim 1, wherein step (a) comprises providing a said memory that further contains unencrypted initialization vector data uniquely associated with different blocks of data within the encrypted data file; and the method further comprises the steps of (e) using said initialization vector data in combination with said encryption key to retrieve data from said file; and (f) using said unique initialization vector data upon said retrieval to record the identity of the block of data retreived from said file.
11. A method according to Claim 1, wherein step (a) comprises providing a said memory that further contains unencrypted identification data uniquely associated with different blocks of data within the encrypted data file; and the method further comprises the step of (e) using said unique identification data upon said retrieval to record the identity of the block of data retreived from said file.
12. A method according to Claim 1, wherein step (a) comprises providing a said memory that further contains cost data associated with different blocks of data that can be retrieved from said memory; and the method further comprises the steps of (e) processing the cost data with said credit signal in response to a request to retrieve a given said block of data to determine whether retrieval of said requested block of data is authorized.
13. A method according to Claim 12, further comprising the step of (f) authenticating said cost data prior to said processing of same.
14. A method according to Claim 1, wherein step (a) comprises providing said memory in a customer data retreival terminal; and step (b) comprises determining in an authorization center located remotely from said customer terminal whether the status of an account associated with said customer terminal warrants authorizing said retreival, and, if so, providing said encryption key and said credit signal in the customer data retrieval terminal.
15. A method according to Claim 14, wherein step (a) comprises providing a said memory that further contains cost data associated with different blocks of data that can be retrieved from said memory; and the method further comprises the steps of (e) recording in said customer terminal, the cost data for the blocks of data retrieved in relation to said credit signal provided therein; and (f) reporting to the authorization center the record of said cost data in relation to said credit signal.
16. A method according to Claim 15, futher comprising the step of (g) authenticating said report of the record of said cost data in relation to said credit signal.
17. A method of controlling and accounting for retrieval of data from a plurality of identical memories by a corresponding plurality of different data retrieval terminals, comprising the steps of (a) providing a memory containing an encrypted data file from which retrieval must be authorized;
(b) providing a different unit key in each of the retreival terminals;
(c) authorizing said retrieval by providing an encryption key encrypted in the unit key of the given retreival terminal for enabling retrieval of said data in the given retrieval terminal and by providing a credit signal addressed to the given retrieval terminal for use in limiting the amount of data to be retrieved from said file by the given retrieval terminal;
(d) limiting the amount of data retrieved from said file in the given retrieval terminal in accordance with said credit signal; and (e) recording the amount of data retrieved from said file in said retrieval terminal.
(b) providing a different unit key in each of the retreival terminals;
(c) authorizing said retrieval by providing an encryption key encrypted in the unit key of the given retreival terminal for enabling retrieval of said data in the given retrieval terminal and by providing a credit signal addressed to the given retrieval terminal for use in limiting the amount of data to be retrieved from said file by the given retrieval terminal;
(d) limiting the amount of data retrieved from said file in the given retrieval terminal in accordance with said credit signal; and (e) recording the amount of data retrieved from said file in said retrieval terminal.
18. A method of controlling and accounting for retrieval of data from a memory in a customer data retrieval terminal, comprising the steps of (a) providing in the customer data retrieval terminal a memory containing an encrypted data file from which retrieval must be authorized;
(b) authorizing said retrieval in response to a request to retrieve data from said file in said customer data retrieval terminal by determining in an authorization center located remotely from the customer terminal whether the status of an account associated with said customer terminal warrants authorizing said retrieval, and, if so, providing in the customer terminal an encryption key for enabling retrieval of data from said file; and (c) recording the retrieval of data from said file by said customer retrieval terminal and debiting said account for said retrieval.
(b) authorizing said retrieval in response to a request to retrieve data from said file in said customer data retrieval terminal by determining in an authorization center located remotely from the customer terminal whether the status of an account associated with said customer terminal warrants authorizing said retrieval, and, if so, providing in the customer terminal an encryption key for enabling retrieval of data from said file; and (c) recording the retrieval of data from said file by said customer retrieval terminal and debiting said account for said retrieval.
19. A method according to Claim 18, wherein step (b) comprises the step of (d) encrypting said encryption key.
20. A method according to Claim 18, further comprising the step of (d) verifying decryption of data pursuant to use of said encryption key prior to debiting said account.
21. A system for controlling and accounting for retrieval of data from a memory containing an encrypted data file from which retrieval must be authorized, comprising means for authorizing said retrieval by providing an encryption key for enabling retrieval of said data and a credit signal for use in limiting the amount of data to be retrieved from said file;
means for limiting the amount of data retrieved from said file in accordance with said credit signal; and means for recording the amount of data retrieved from said file.
means for limiting the amount of data retrieved from said file in accordance with said credit signal; and means for recording the amount of data retrieved from said file.
22. A system according to Claim 21, further comprising means for reporting the recorded amount of data retrieved from said file;
and means for authenticating said report.
and means for authenticating said report.
23. A system according to Claim 21, wherein the authorization means comprises means for encrypting said encryption key.
24. A system according to Claim 21, wherein the authorization means comprises means for authenticating said credit signal.
25. A system according to Claim 21, further comprising means for determining whether credit should be extended in response to a retrieval request, and, if so, the amount of said credit to be indicated by said credit signal.
26. A system according to Claim 21, wherein said memory contains encrypted data files for each of a plurality of different data vendors, with a different said encryption key being required to retreive data file(s) associated with each of said vendors;
the authorization means comprises means for providing a separate set of encryption key and credit signal for each vendor associated with a said file retreival authorization;
the limiting means comprises means for limiting retrieval of files associated with different vendors separately in accordance with the encryption key and credit signal provided for said vendor; and the recording means comprises means for separately recording the amount of retrieved data with respect to each vendor.
the authorization means comprises means for providing a separate set of encryption key and credit signal for each vendor associated with a said file retreival authorization;
the limiting means comprises means for limiting retrieval of files associated with different vendors separately in accordance with the encryption key and credit signal provided for said vendor; and the recording means comprises means for separately recording the amount of retrieved data with respect to each vendor.
27. A system according to Claim 26 wherein the memory contains a plurality of encrypted data files for a given data vendor; and the recording means comprises means for separately recording the amount of retreived data with respect to each data file of said given vendor.
28. A system according to Claim 21 wherein the memory contains a plurality of encrypted data files for a given data vendor; and the recording means comprises means for separately recording the amount of retreived data with respect to each data file of said given vendor.
29. A system according to Claim 21 wherein the memory further contains unencrypted initialization vector data associated with the encrypted data file; and the system further comprises means for using said initialization vector data in combination with said encryption key to retrieve data from said file.
30. A system according to Claim 21, wherein the memory further contains unencrypted initialization vector data uniquely associated with different blocks of data within the encrypted data file; and the system further comprises means for using said initialization vector data in combination with said encryption key to retrieve data from said file; and means for using said unique initialization vector data upon said retrieval to record the identity of the block of data retreived from said file.
31. A system according to Claim 21, wherein the memory further contains unencrypted identification data uniquely associated with different blocks of data within the encrypted data file; and the system further comprises means for using said unique identification data upon said retrieval to record the identity of the block of data retreived from said file.
32. A system according to Claim 21, wherein the memory further contains cost data associated with different blocks of data that can be retrieved from said memory; and the system further comprises means for processing the cost data with said credit signal in response to a request to retrieve a given said block of data to determine whether retrieval of said requested block of data is authorized.
33. A system according to Claim 32, further comprising means for authenticating said cost data prior to said processing of same.
34. A system according to Claim 21, wherein said memory is in a customer data retreival terminal; and the authorization means comprises means for determining in an authorization center located remotely from said customer terminal whether the status of an account associated with said customer terminal warrants authorizing said retreival, and, if so, providing said encryption key and said credit signal in the customer data retrieval terminal.
35. A system according to Claim 34, wherein the memory further contains cost data associated with different blocks of data that can be retrieved from said memory; and the system further comprises means for recording in said customer terminal, the cost data for the blocks of data retrieved in relation to said credit signal provided therein; and means for reporting to the authorization center the record of said cost data in relation to said credit signal.
36. A system according to Claim 35 further comprising means for authenticating said report of the record of said cost data in relation to said credit signal
37. A system according to Claim 21 wherein the memory Is a compact disc ROM.
38. A system for controlling and accounting for retrieval of data from a plurality of identical memories by a corresponding plurality of different data retrieval terminals. wherein each memory contains an encrypted data file from which retrieval must be authorized the system comprising means providing a different unit key in each of the retreival terminals;
means for authorizing said retrieval by providing an encryption key encrypted in the unit key of the given retreival terminal for enabling retrieval of said data in the given retrieval terminal and by providing a credit signal addressed to the given retrieval terminal for use in limiting the amount of data to be retrieved from said file by the given retrieval terminal;
means for limiting the amount of data retrieved from said file in the given retrieval terminal in accordance with said credit signal; and means for recording the amount of data retrieved from said file in said retrieval terminal.
means for authorizing said retrieval by providing an encryption key encrypted in the unit key of the given retreival terminal for enabling retrieval of said data in the given retrieval terminal and by providing a credit signal addressed to the given retrieval terminal for use in limiting the amount of data to be retrieved from said file by the given retrieval terminal;
means for limiting the amount of data retrieved from said file in the given retrieval terminal in accordance with said credit signal; and means for recording the amount of data retrieved from said file in said retrieval terminal.
39. A system according to Claim 38, wherein the memory is a compact disc ROM.
40. A system for controlling and accounting for retrieval of data from a memory in a customer data retrieval terminal, wherein the memory contains an encrypted data file from which retrieval must be authorized, the system comprising means for authorizing said retrieval in response to a request to retrieve data from said file in said customer data retrieval terminal by determining in an authorization center located remotely from the customer terminal whether the status of an account associated with said customer terminal warrants authorizing said retrieval, and, it so, providing in the customer terminal an encryption key for enabling retrieval of data from said file; and means for recording the retrieval of data from said file by said customer retrieval terminal and debiting said account for said retrieval.
41. A system according to Claim 40, wherein the authorizing means comprise means for encrypting said encryption key.
42. A system according to Claim 40, further comprising means for verifying decryption of data pursuant to use of said encryption key prior to debiting said account.
43. A system according to Claim 40, wherein the memory is a compact disc ROM.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US06/905,775 US5010571A (en) | 1986-09-10 | 1986-09-10 | Metering retrieval of encrypted data stored in customer data retrieval terminal |
US905,775 | 1986-09-10 |
Publications (1)
Publication Number | Publication Date |
---|---|
CA1296104C true CA1296104C (en) | 1992-02-18 |
Family
ID=25421449
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA000546253A Expired - Lifetime CA1296104C (en) | 1986-09-10 | 1987-09-08 | Metering retrieval of encrypted data stored in customer data retrieval terminal |
Country Status (10)
Country | Link |
---|---|
US (1) | US5010571A (en) |
EP (1) | EP0282570B1 (en) |
JP (1) | JP2738427B2 (en) |
AT (1) | ATE107818T1 (en) |
AU (2) | AU600763B2 (en) |
CA (1) | CA1296104C (en) |
DE (1) | DE3750131T2 (en) |
DK (1) | DK174885B1 (en) |
NO (1) | NO302209B1 (en) |
WO (1) | WO1988002202A1 (en) |
Families Citing this family (210)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4965825A (en) | 1981-11-03 | 1990-10-23 | The Personalized Mass Media Corporation | Signal processing apparatus and methods |
US7831204B1 (en) | 1981-11-03 | 2010-11-09 | Personalized Media Communications, Llc | Signal processing apparatus and methods |
USRE47642E1 (en) | 1981-11-03 | 2019-10-08 | Personalized Media Communications LLC | Signal processing apparatus and methods |
US4827508A (en) * | 1986-10-14 | 1989-05-02 | Personal Library Software, Inc. | Database usage metering and protection system and method |
US5050213A (en) * | 1986-10-14 | 1991-09-17 | Electronic Publishing Resources, Inc. | Database usage metering and protection system and method |
ATE166986T1 (en) * | 1988-08-16 | 1998-06-15 | Cryptologics International Inc | INFORMATION DISTRIBUTION SYSTEM |
GB2228807A (en) * | 1989-03-03 | 1990-09-05 | Esselte Letraset Ltd | Data retrieval system |
ATE143511T1 (en) * | 1989-04-28 | 1996-10-15 | Softel Inc | METHOD AND DEVICE FOR REMOTE CONTROL AND MONITORING THE USE OF COMPUTER PROGRAMS |
CA2053261A1 (en) * | 1989-04-28 | 1990-10-29 | Gary D. Hornbuckle | Method and apparatus for remotely controlling and monitoring the use of computer software |
US5138712A (en) * | 1989-10-02 | 1992-08-11 | Sun Microsystems, Inc. | Apparatus and method for licensing software on a network of computers |
US5940504A (en) * | 1991-07-01 | 1999-08-17 | Infologic Software, Inc. | Licensing management system and method in which datagrams including an address of a licensee and indicative of use of a licensed product are sent from the licensee's site |
US6134324A (en) * | 1991-07-31 | 2000-10-17 | Lsi Logic Corporation | Method and system for distributing a plurality of software products, and limiting access thereto |
JP2942837B2 (en) * | 1992-01-31 | 1999-08-30 | 株式会社セガ・エンタープライゼス | Security check method, game device, and information storage medium used for them |
US5214696A (en) * | 1992-02-04 | 1993-05-25 | International Business Machines Corporation | Data processing system and method to produce softcopy book readers which are limited to reading only books published by a specific publisher |
JP3073590B2 (en) * | 1992-03-16 | 2000-08-07 | 富士通株式会社 | Electronic data protection system, licensor's device and user's device |
USRE39802E1 (en) | 1992-03-16 | 2007-08-28 | Fujitsu Limited | Storage medium for preventing an irregular use by a third party |
US5440631A (en) * | 1992-04-24 | 1995-08-08 | Fijitsu Limited | Information distribution system wherein storage medium storing ciphered information is distributed |
CA2073495C (en) * | 1992-07-08 | 1999-01-12 | Michael Wright | Option selection and control |
US5293422A (en) * | 1992-09-23 | 1994-03-08 | Dynatek, Inc. | Usage control system for computer software |
FR2697357B1 (en) * | 1992-10-23 | 1994-12-23 | Gemplus Card Int | Software acquisition process and computer system for implementing the process. |
US7831516B2 (en) * | 1992-12-15 | 2010-11-09 | Sl Patent Holdings Llc | System and method for redistributing and licensing access to protected information among a plurality of devices |
US7089212B2 (en) * | 1992-12-15 | 2006-08-08 | Sl Patent Holdings Llc | System and method for controlling access to protected information |
US6266654B1 (en) * | 1992-12-15 | 2001-07-24 | Softlock.Com, Inc. | Method for tracking software lineage |
US7209901B2 (en) | 1992-12-15 | 2007-04-24 | Sl Patent Holdings Llc C/O Aol Time Warner | Method for selling, protecting, and redistributing digital goods |
US5337357A (en) * | 1993-06-17 | 1994-08-09 | Software Security, Inc. | Method of software distribution protection |
US5416840A (en) * | 1993-07-06 | 1995-05-16 | Phoenix Technologies, Ltd. | Software catalog encoding method and system |
WO1995003655A1 (en) * | 1993-07-26 | 1995-02-02 | Oakleigh Systems, Inc. | Cd prom encryption system |
US5596639A (en) * | 1993-07-26 | 1997-01-21 | Elonex Ip Holdings Ltd. | Cd-prom |
JPH0750725A (en) * | 1993-08-06 | 1995-02-21 | Sony Corp | System and method for managing information |
US5400403A (en) * | 1993-08-16 | 1995-03-21 | Rsa Data Security, Inc. | Abuse-resistant object distribution system and method |
US5677953A (en) * | 1993-09-14 | 1997-10-14 | Spyrus, Inc. | System and method for access control for portable data storage media |
IL110891A (en) * | 1993-09-14 | 1999-03-12 | Spyrus | System and method for data access control |
US5572589A (en) * | 1993-12-09 | 1996-11-05 | Microsoft Corporation | Disc serialization |
US5495411A (en) * | 1993-12-22 | 1996-02-27 | Ananda; Mohan | Secure software rental system using continuous asynchronous password verification |
US5394469A (en) * | 1994-02-18 | 1995-02-28 | Infosafe Systems, Inc. | Method and apparatus for retrieving secure information from mass storage media |
US6298441B1 (en) | 1994-03-10 | 2001-10-02 | News Datacom Ltd. | Secure document access system |
IL111151A (en) * | 1994-10-03 | 1998-09-24 | News Datacom Ltd | Secure access systems |
JPH07271865A (en) | 1994-04-01 | 1995-10-20 | Mitsubishi Corp | Method for managing copyright of data base |
US6473860B1 (en) | 1994-04-07 | 2002-10-29 | Hark C. Chan | Information distribution and processing system |
US6188869B1 (en) | 1994-04-07 | 2001-02-13 | Hark C. Chan | Information distribution and processing system |
US7991347B1 (en) * | 1994-04-07 | 2011-08-02 | Data Innovation Llc | System and method for accessing set of digital data at a remote site |
US6021307A (en) * | 1994-04-07 | 2000-02-01 | Chan; Hark C. | Information distribution and processing system |
US6314574B1 (en) | 1994-06-08 | 2001-11-06 | Hark Chan | Information distribution system |
JPH0823315A (en) * | 1994-07-08 | 1996-01-23 | Sony Corp | Information presetting system |
US6289200B1 (en) | 1994-07-25 | 2001-09-11 | Hark C. Chan | Information distribution system which intermittaly transmits radio frequency signal digital data |
US7181758B1 (en) | 1994-07-25 | 2007-02-20 | Data Innovation, L.L.C. | Information distribution and processing system |
US5719938A (en) * | 1994-08-01 | 1998-02-17 | Lucent Technologies Inc. | Methods for providing secure access to shared information |
US7302415B1 (en) * | 1994-09-30 | 2007-11-27 | Intarsia Llc | Data copyright management system |
US6424715B1 (en) * | 1994-10-27 | 2002-07-23 | Mitsubishi Corporation | Digital content management system and apparatus |
DE69532434T2 (en) | 1994-10-27 | 2004-11-11 | Mitsubishi Corp. | Device for file copyright management system |
US5634012A (en) * | 1994-11-23 | 1997-05-27 | Xerox Corporation | System for controlling the distribution and use of digital works having a fee reporting mechanism |
JPH08263438A (en) * | 1994-11-23 | 1996-10-11 | Xerox Corp | Distribution and use control system of digital work and access control method to digital work |
US5715403A (en) * | 1994-11-23 | 1998-02-03 | Xerox Corporation | System for controlling the distribution and use of digital works having attached usage rights where the usage rights are defined by a usage rights grammar |
US20050149450A1 (en) * | 1994-11-23 | 2005-07-07 | Contentguard Holdings, Inc. | System, method, and device for controlling distribution and use of digital works based on a usage rights grammar |
US6865551B1 (en) | 1994-11-23 | 2005-03-08 | Contentguard Holdings, Inc. | Removable content repositories |
US6963859B2 (en) | 1994-11-23 | 2005-11-08 | Contentguard Holdings, Inc. | Content rendering repository |
US5629980A (en) * | 1994-11-23 | 1997-05-13 | Xerox Corporation | System for controlling the distribution and use of digital works |
US7117180B1 (en) | 1994-11-23 | 2006-10-03 | Contentguard Holdings, Inc. | System for controlling the use of digital works using removable content repositories |
US5638443A (en) * | 1994-11-23 | 1997-06-10 | Xerox Corporation | System for controlling the distribution and use of composite digital works |
US5812663A (en) * | 1994-12-29 | 1998-09-22 | Fujitsu Limited | Data reproducing device |
US5943422A (en) | 1996-08-12 | 1999-08-24 | Intertrust Technologies Corp. | Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels |
US7133846B1 (en) * | 1995-02-13 | 2006-11-07 | Intertrust Technologies Corp. | Digital certificate support system, methods and techniques for secure electronic commerce transaction and rights management |
US6948070B1 (en) * | 1995-02-13 | 2005-09-20 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
US7133845B1 (en) * | 1995-02-13 | 2006-11-07 | Intertrust Technologies Corp. | System and methods for secure transaction management and electronic rights protection |
US5892900A (en) | 1996-08-30 | 1999-04-06 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
US6658568B1 (en) | 1995-02-13 | 2003-12-02 | Intertrust Technologies Corporation | Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management |
EP1555591B1 (en) * | 1995-02-13 | 2013-08-14 | Intertrust Technologies Corp. | Secure transaction management |
US7095854B1 (en) * | 1995-02-13 | 2006-08-22 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
US6157721A (en) | 1996-08-12 | 2000-12-05 | Intertrust Technologies Corp. | Systems and methods using cryptography to protect secure computing environments |
US7165174B1 (en) * | 1995-02-13 | 2007-01-16 | Intertrust Technologies Corp. | Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management |
US5822291A (en) * | 1995-03-23 | 1998-10-13 | Zoom Television, Inc. | Mass storage element and drive unit therefor |
US5887060A (en) * | 1995-06-07 | 1999-03-23 | Digital River, Inc. | Central database system for automatic software program sales |
US5903647A (en) * | 1995-06-07 | 1999-05-11 | Digital River, Inc. | Self-launching encrypted digital information distribution system |
US5883955A (en) * | 1995-06-07 | 1999-03-16 | Digital River, Inc. | On-line try before you buy software distribution system |
US5870543A (en) * | 1995-06-07 | 1999-02-09 | Digital River, Inc. | System for preventing unauthorized copying of active software |
US5883954A (en) * | 1995-06-07 | 1999-03-16 | Digital River, Inc. | Self-launching encrypted try before you buy software distribution system |
EP0870381A4 (en) * | 1995-06-07 | 1999-09-29 | Digital River Inc | Try-before-you-buy software distribution and marketing system |
US5592549A (en) * | 1995-06-15 | 1997-01-07 | Infosafe Systems, Inc. | Method and apparatus for retrieving selected information from a secure information source |
JPH09115241A (en) * | 1995-06-30 | 1997-05-02 | Sony Corp | Device and method for recording data, device and method for reproducing data, and recording medium |
CA2179971C (en) * | 1995-06-30 | 2001-10-30 | Takahisa Yamamoto | An adaptable communication apparatus and an adaptable communication system |
JP3507594B2 (en) * | 1995-07-31 | 2004-03-15 | 株式会社東芝 | Computer |
JPH0973480A (en) * | 1995-09-01 | 1997-03-18 | Fujitsu Ltd | System and method for charging content vending price |
US8595502B2 (en) | 1995-09-29 | 2013-11-26 | Intarsia Software Llc | Data management system |
CN100347985C (en) * | 1995-10-09 | 2007-11-07 | 松下电器产业株式会社 | Content reproduction apparatus and method |
US6141652A (en) * | 1995-10-10 | 2000-10-31 | British Telecommunications Public Limited Company | Operating apparatus |
US5825876A (en) * | 1995-12-04 | 1998-10-20 | Northern Telecom | Time based availability to content of a storage medium |
US5857020A (en) * | 1995-12-04 | 1999-01-05 | Northern Telecom Ltd. | Timed availability of secured content provisioned on a storage medium |
US5974307A (en) * | 1995-12-21 | 1999-10-26 | Pitney Bowes Inc. | Method and system communicating with a voice response unit over a cellular telephone network |
US5740247A (en) * | 1995-12-22 | 1998-04-14 | Pitney Bowes Inc. | Authorized cellular telephone communication payment refill system |
US5768383A (en) * | 1995-12-22 | 1998-06-16 | Pitney Bowes Inc. | Authorized cellular voice messaging and/or analog or digital data communication access and verification control system |
US5812945A (en) * | 1995-12-22 | 1998-09-22 | Pitney Bowes Inc. | Metered payment cellular telephone communication system |
US5765106A (en) * | 1995-12-22 | 1998-06-09 | Pitney Bowes Inc. | Authorized cellular telephone communication access and verification control system |
US6035043A (en) * | 1995-12-22 | 2000-03-07 | Pitney Bowes Inc. | Cellular telephone manifest system |
EP0880840A4 (en) * | 1996-01-11 | 2002-10-23 | Mrj Inc | System for controlling access and distribution of digital property |
US20060265336A1 (en) * | 1996-02-26 | 2006-11-23 | Graphon Corporation | Automated system for management of licensed digital assets |
US20010011253A1 (en) * | 1998-08-04 | 2001-08-02 | Christopher D. Coley | Automated system for management of licensed software |
JPH09231276A (en) * | 1996-02-27 | 1997-09-05 | Canon Inc | Charging device, communication device, and communication system |
ATE196398T1 (en) | 1996-03-18 | 2000-09-15 | News Datacom Ltd | CHIP CARD COUPLING FOR PAY-TV SYSTEMS |
US7356847B2 (en) * | 1996-06-28 | 2008-04-08 | Protexis, Inc. | System for dynamically encrypting content for secure internet commerce and providing embedded fulfillment software |
US5809145A (en) * | 1996-06-28 | 1998-09-15 | Paradata Systems Inc. | System for distributing digital information |
JP3093678B2 (en) * | 1996-06-28 | 2000-10-03 | 株式会社東芝 | Encryption method, decryption method, recording / reproducing device, decryption device, decryption unit device and recording medium manufacturing method |
US7010697B2 (en) * | 1996-06-28 | 2006-03-07 | Protexis, Inc. | System for dynamically encrypting information for secure internet commerce and providing embedded fulfillment software |
US7770230B2 (en) | 2002-04-22 | 2010-08-03 | Arvato Digital Services Canada, Inc. | System for dynamically encrypting content for secure internet commerce and providing embedded fulfillment software |
US5889860A (en) * | 1996-11-08 | 1999-03-30 | Sunhawk Corporation, Inc. | Encryption system with transaction coded decryption key |
US5893903A (en) * | 1996-12-20 | 1999-04-13 | At&T Corp. | Multimedia message system with revenue allocation |
US5920861A (en) | 1997-02-25 | 1999-07-06 | Intertrust Technologies Corp. | Techniques for defining using and manipulating rights management data structures |
US6233684B1 (en) * | 1997-02-28 | 2001-05-15 | Contenaguard Holdings, Inc. | System for controlling the distribution and use of rendered digital works through watermaking |
US5915093A (en) * | 1997-04-24 | 1999-06-22 | Howard Berlin | Computer network debit disk used for prepayment to transfer information from a central computer |
US6173403B1 (en) * | 1997-04-30 | 2001-01-09 | Achates Reference Publishing, Inc. | Method and apparatus for distributing information products |
US6161179A (en) * | 1997-09-05 | 2000-12-12 | Wea Manufacturing, Inc. | Key-based protection method for light-readable discs |
US6330549B1 (en) | 1997-10-30 | 2001-12-11 | Xerox Corporation | Protected shareware |
IL122106A (en) * | 1997-11-04 | 2010-11-30 | Enco Tone Ltd | Method and algorithms for identification and validation |
US6112181A (en) | 1997-11-06 | 2000-08-29 | Intertrust Technologies Corporation | Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information |
US7092914B1 (en) * | 1997-11-06 | 2006-08-15 | Intertrust Technologies Corporation | Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information |
US5987125A (en) * | 1997-12-15 | 1999-11-16 | Western Atlas International, Inc. | Method for communicating seismic data |
US6021391A (en) * | 1998-03-03 | 2000-02-01 | Winbond Electronics Corp. | Method and system for dynamic data encryption |
US6738905B1 (en) | 1998-04-15 | 2004-05-18 | Digital Video Express, L.P. | Conditional access via secure logging with simplified key management |
US7246246B2 (en) * | 1998-04-17 | 2007-07-17 | Iomega Corporation | System for keying protected electronic data to particular media to prevent unauthorized copying using a compound key |
US6223288B1 (en) | 1998-05-22 | 2001-04-24 | Protexis Inc. | System for persistently encrypting critical software file to prevent installation of software program on unauthorized computers |
JP4051510B2 (en) * | 1998-07-16 | 2008-02-27 | ソニー株式会社 | Data storage device and data storage method |
IL126552A (en) * | 1998-10-13 | 2007-06-03 | Nds Ltd | Remote administration of smart cards for secure access systems |
US7068787B1 (en) | 1998-10-23 | 2006-06-27 | Contentguard Holdings, Inc. | System and method for protection of digital works |
US6434535B1 (en) | 1998-11-13 | 2002-08-13 | Iomega Corporation | System for prepayment of electronic content using removable media and for prevention of unauthorized copying of same |
US7617124B1 (en) | 1998-12-04 | 2009-11-10 | Digital River, Inc. | Apparatus and method for secure downloading of files |
US20030195974A1 (en) | 1998-12-04 | 2003-10-16 | Ronning Joel A. | Apparatus and method for scheduling of search for updates or downloads of a file |
US7058597B1 (en) * | 1998-12-04 | 2006-06-06 | Digital River, Inc. | Apparatus and method for adaptive fraud screening for electronic commerce transactions |
US7356688B1 (en) | 1999-04-06 | 2008-04-08 | Contentguard Holdings, Inc. | System and method for document distribution |
US6859533B1 (en) | 1999-04-06 | 2005-02-22 | Contentguard Holdings, Inc. | System and method for transferring the right to decode messages in a symmetric encoding scheme |
US6937726B1 (en) | 1999-04-06 | 2005-08-30 | Contentguard Holdings, Inc. | System and method for protecting data files by periodically refreshing a decryption key |
US7286665B1 (en) | 1999-04-06 | 2007-10-23 | Contentguard Holdings, Inc. | System and method for transferring the right to decode messages |
AU5910800A (en) * | 1999-06-30 | 2001-01-31 | Accenture Llp | A system, method and article of manufacture for tracking software sale transactions of an internet-based retailer for reporting to a software publisher |
WO2001006374A2 (en) | 1999-07-16 | 2001-01-25 | Intertrust Technologies Corp. | System and method for securing an untrusted storage |
US7152165B1 (en) * | 1999-07-16 | 2006-12-19 | Intertrust Technologies Corp. | Trusted storage systems and methods |
US7243236B1 (en) * | 1999-07-29 | 2007-07-10 | Intertrust Technologies Corp. | Systems and methods for using cryptography to protect secure and insecure computing environments |
KR20010086038A (en) * | 1999-09-17 | 2001-09-07 | 이데이 노부유끼 | Data providing system and method therefor |
US7188255B1 (en) * | 1999-09-23 | 2007-03-06 | Hewlett-Packard Development Company, L.P. | Software delivery system |
US6988085B2 (en) * | 1999-10-19 | 2006-01-17 | Shad Hedy | System and method for real-time electronic inquiry, delivery, and reporting of credit information |
US6885748B1 (en) | 1999-10-23 | 2005-04-26 | Contentguard Holdings, Inc. | System and method for protection of digital works |
JP2001202338A (en) * | 2000-01-20 | 2001-07-27 | Sony Corp | System and method for providing contents, device and method for monitoring contents providing condition and device and method for using contents |
US7073199B1 (en) | 2000-08-28 | 2006-07-04 | Contentguard Holdings, Inc. | Document distribution management method and apparatus using a standard rendering engine and a method and apparatus for controlling a standard rendering engine |
US6931545B1 (en) * | 2000-08-28 | 2005-08-16 | Contentguard Holdings, Inc. | Systems and methods for integrity certification and verification of content consumption environments |
US7743259B2 (en) | 2000-08-28 | 2010-06-22 | Contentguard Holdings, Inc. | System and method for digital rights management using a standard rendering engine |
US7603319B2 (en) * | 2000-08-28 | 2009-10-13 | Contentguard Holdings, Inc. | Method and apparatus for preserving customer identity in on-line transactions |
EP1260966A4 (en) * | 2000-09-05 | 2006-03-15 | Ntt Docomo Inc | Pay information distribution system |
JP2002105639A (en) * | 2000-09-25 | 2002-04-10 | L'air Liquide | Copperr raw material solution for mocvd treatment and its manufacturing method |
US7343324B2 (en) * | 2000-11-03 | 2008-03-11 | Contentguard Holdings Inc. | Method, system, and computer readable medium for automatically publishing content |
US6912294B2 (en) * | 2000-12-29 | 2005-06-28 | Contentguard Holdings, Inc. | Multi-stage watermarking process and system |
US7028009B2 (en) * | 2001-01-17 | 2006-04-11 | Contentguardiholdings, Inc. | Method and apparatus for distributing enforceable property rights |
US20030220880A1 (en) * | 2002-01-17 | 2003-11-27 | Contentguard Holdings, Inc. | Networked services licensing system and method |
US7206765B2 (en) * | 2001-01-17 | 2007-04-17 | Contentguard Holdings, Inc. | System and method for supplying and managing usage rights based on rules |
US8069116B2 (en) * | 2001-01-17 | 2011-11-29 | Contentguard Holdings, Inc. | System and method for supplying and managing usage rights associated with an item repository |
US7774279B2 (en) * | 2001-05-31 | 2010-08-10 | Contentguard Holdings, Inc. | Rights offering and granting |
AU2002234254B2 (en) | 2001-01-17 | 2005-04-21 | Contentguard Holdings, Inc. | Method and apparatus for managing digital content usage rights |
US6754642B2 (en) | 2001-05-31 | 2004-06-22 | Contentguard Holdings, Inc. | Method and apparatus for dynamically assigning usage rights to digital works |
US20070219918A1 (en) * | 2001-01-19 | 2007-09-20 | Jonathan Schull | System and method for controlling access to protected information |
US20020114453A1 (en) * | 2001-02-21 | 2002-08-22 | Bartholet Thomas G. | System and method for secure cryptographic data transport and storage |
ATE381211T1 (en) * | 2001-02-27 | 2007-12-15 | Koninkl Philips Electronics Nv | PROCEDURE FOR CALCULATING BONUS POINTS |
US20020188466A1 (en) * | 2001-04-18 | 2002-12-12 | Barrette Pierre Philip | Secure digital medical intellectual property (IP) distribution, market applications, and mobile devices |
US20030043852A1 (en) * | 2001-05-18 | 2003-03-06 | Bijan Tadayon | Method and apparatus for verifying data integrity based on data compression parameters |
US7152046B2 (en) * | 2001-05-31 | 2006-12-19 | Contentguard Holdings, Inc. | Method and apparatus for tracking status of resource in a system for managing use of the resources |
US8001053B2 (en) * | 2001-05-31 | 2011-08-16 | Contentguard Holdings, Inc. | System and method for rights offering and granting using shared state variables |
US6895503B2 (en) * | 2001-05-31 | 2005-05-17 | Contentguard Holdings, Inc. | Method and apparatus for hierarchical assignment of rights to documents and documents having such rights |
US8275716B2 (en) | 2001-05-31 | 2012-09-25 | Contentguard Holdings, Inc. | Method and system for subscription digital rights management |
US6973445B2 (en) * | 2001-05-31 | 2005-12-06 | Contentguard Holdings, Inc. | Demarcated digital content and method for creating and processing demarcated digital works |
US8275709B2 (en) * | 2001-05-31 | 2012-09-25 | Contentguard Holdings, Inc. | Digital rights management of content when content is a future live event |
US6876984B2 (en) | 2001-05-31 | 2005-04-05 | Contentguard Holdings, Inc. | Method and apparatus for establishing usage rights for digital content to be created in the future |
US7725401B2 (en) * | 2001-05-31 | 2010-05-25 | Contentguard Holdings, Inc. | Method and apparatus for establishing usage rights for digital content to be created in the future |
US20030009424A1 (en) * | 2001-05-31 | 2003-01-09 | Contentguard Holdings, Inc. | Method for managing access and use of resources by verifying conditions and conditions for use therewith |
US7222104B2 (en) * | 2001-05-31 | 2007-05-22 | Contentguard Holdings, Inc. | Method and apparatus for transferring usage rights and digital work having transferrable usage rights |
US6976009B2 (en) | 2001-05-31 | 2005-12-13 | Contentguard Holdings, Inc. | Method and apparatus for assigning consequential rights to documents and documents having such rights |
US8099364B2 (en) * | 2001-05-31 | 2012-01-17 | Contentguard Holdings, Inc. | Digital rights management of content when content is a future live event |
AU2002312351B2 (en) * | 2001-06-07 | 2006-11-30 | Contentguard Holdings, Inc. | Method and apparatus managing the transfer of rights |
US7774280B2 (en) * | 2001-06-07 | 2010-08-10 | Contentguard Holdings, Inc. | System and method for managing transfer of rights using shared state variables |
US6824051B2 (en) * | 2001-06-07 | 2004-11-30 | Contentguard Holdings, Inc. | Protected content distribution system |
AU2002305814B2 (en) * | 2001-06-07 | 2004-06-10 | Contentguard Holdings, Inc. | Cryptographic trust zones in digital rights management |
JP2003345641A (en) * | 2002-05-29 | 2003-12-05 | Ricoh Co Ltd | Storage medium and program |
WO2004051399A2 (en) * | 2002-10-10 | 2004-06-17 | Household International, Inc. | Quality control for loan processing |
JP4247044B2 (en) * | 2003-05-23 | 2009-04-02 | 株式会社東芝 | Content distribution service providing apparatus and content distribution service terminal apparatus |
US7191898B1 (en) | 2003-09-04 | 2007-03-20 | Union Rich Usa, Llc | Saw blade case |
US20050223182A1 (en) * | 2004-04-04 | 2005-10-06 | Guobiao Zhang | User-configurable pre-recorded memory |
US7386652B2 (en) * | 2004-04-04 | 2008-06-10 | Guobiao Zhang | User-configurable pre-recorded memory |
JP4828155B2 (en) * | 2005-05-12 | 2011-11-30 | 株式会社日立製作所 | Storage system |
US20060271915A1 (en) * | 2005-05-24 | 2006-11-30 | Contentguard Holdings, Inc. | Usage rights grammar and digital works having usage rights created with the grammar |
US8335920B2 (en) * | 2005-07-14 | 2012-12-18 | Imation Corp. | Recovery of data access for a locked secure storage device |
US8321953B2 (en) * | 2005-07-14 | 2012-11-27 | Imation Corp. | Secure storage device with offline code entry |
US8438647B2 (en) * | 2005-07-14 | 2013-05-07 | Imation Corp. | Recovery of encrypted data from a secure storage device |
US8015606B1 (en) | 2005-07-14 | 2011-09-06 | Ironkey, Inc. | Storage device with website trust indication |
US7438078B2 (en) * | 2005-08-05 | 2008-10-21 | Peter Woodruff | Sleeping bag and system |
NZ568867A (en) * | 2005-08-24 | 2010-12-24 | Pioneer Hi Bred Int | Compositions providing tolerance to multiple herbicides and methods of use thereof |
US20070067620A1 (en) * | 2005-09-06 | 2007-03-22 | Ironkey, Inc. | Systems and methods for third-party authentication |
EP1946478B1 (en) * | 2005-09-19 | 2019-10-23 | Data Locker Inc. | Recovery of encrypted data from a secure storage device |
US8639873B1 (en) | 2005-12-22 | 2014-01-28 | Imation Corp. | Detachable storage device with RAM cache |
US8266378B1 (en) | 2005-12-22 | 2012-09-11 | Imation Corp. | Storage device with accessible partitions |
US20070300031A1 (en) * | 2006-06-22 | 2007-12-27 | Ironkey, Inc. | Memory data shredder |
WO2008109848A2 (en) | 2007-03-07 | 2008-09-12 | Bigfix, Inc. | Pseudo-agent |
US8495157B2 (en) | 2007-03-07 | 2013-07-23 | International Business Machines Corporation | Method and apparatus for distributed policy-based management and computed relevance messaging with remote attributes |
US20100332640A1 (en) * | 2007-03-07 | 2010-12-30 | Dennis Sidney Goodrow | Method and apparatus for unified view |
JP2009027525A (en) * | 2007-07-20 | 2009-02-05 | Nec Corp | Optical transmission system and optical transmission method |
KR101187178B1 (en) | 2007-09-12 | 2012-09-28 | 소니 픽쳐스 엔터테인먼트, 인크. | Open market content distribution |
WO2009137371A2 (en) * | 2008-05-02 | 2009-11-12 | Ironkey, Inc. | Enterprise device recovery |
US20100228906A1 (en) * | 2009-03-06 | 2010-09-09 | Arunprasad Ramiya Mothilal | Managing Data in a Non-Volatile Memory System |
CA2659016A1 (en) * | 2009-03-23 | 2010-09-23 | Doug P. Horsley | Polychromatic harmonica |
US8683088B2 (en) | 2009-08-06 | 2014-03-25 | Imation Corp. | Peripheral device data integrity |
US8745365B2 (en) * | 2009-08-06 | 2014-06-03 | Imation Corp. | Method and system for secure booting a computer by booting a first operating system from a secure peripheral device and launching a second operating system stored a secure area in the secure peripheral device on the first operating system |
US8966110B2 (en) * | 2009-09-14 | 2015-02-24 | International Business Machines Corporation | Dynamic bandwidth throttling |
US20110093581A1 (en) * | 2009-10-16 | 2011-04-21 | Naveen Venkatachalam | Coordinated Computer Network |
US20100185868A1 (en) * | 2010-03-21 | 2010-07-22 | William Grecia | Personilized digital media access system |
US8402555B2 (en) | 2010-03-21 | 2013-03-19 | William Grecia | Personalized digital media access system (PDMAS) |
US11475105B2 (en) | 2011-12-09 | 2022-10-18 | Rightquestion, Llc | Authentication translation |
US9294452B1 (en) | 2011-12-09 | 2016-03-22 | Rightquestion, Llc | Authentication translation |
Family Cites Families (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3573747A (en) * | 1969-02-24 | 1971-04-06 | Institutional Networks Corp | Instinet communication system for effectuating the sale or exchange of fungible properties between subscribers |
US3956615A (en) * | 1974-06-25 | 1976-05-11 | Ibm Corporation | Transaction execution system with secure data storage and communications |
US4196310A (en) * | 1976-04-09 | 1980-04-01 | Digital Data, Inc. | Secure SCA broadcasting system including subscriber actuated portable receiving terminals |
US4048619A (en) * | 1976-09-07 | 1977-09-13 | Digital Data Inc. | Secure two channel sca broadcasting system |
US4262329A (en) * | 1978-03-27 | 1981-04-14 | Computation Planning, Inc. | Security system for data processing |
FR2448824A1 (en) * | 1979-02-06 | 1980-09-05 | Telediffusion Fse | VIDEOTEX SYSTEM PROVIDED WITH INFORMATION ACCESS CONTROL MEANS |
FR2448825A1 (en) * | 1979-02-06 | 1980-09-05 | Telediffusion Fse | SYSTEM FOR TRANSMITTING INFORMATION BETWEEN A TRANSMISSION CENTER AND RECEIVING STATIONS, WHICH IS PROVIDED WITH A MEANS OF CONTROLLING ACCESS TO THE INFORMATION TRANSMITTED |
US4433207A (en) * | 1981-09-10 | 1984-02-21 | Best Robert M | Cryptographic decoder for computer programs |
US4484217A (en) * | 1982-05-11 | 1984-11-20 | Telease, Inc. | Method and system for remote reporting, particularly for pay television billing |
US4588991A (en) * | 1983-03-07 | 1986-05-13 | Atalla Corporation | File access security method and means |
FR2550638A1 (en) * | 1983-08-11 | 1985-02-15 | Christophe Leveque | DEVICE FOR PROTECTING SOFTWARE USED BY A COMPUTER CONNECTED TO AT LEAST ONE PERIPHERAL TERMINAL |
GB2149944A (en) * | 1983-11-14 | 1985-06-19 | Softnet Inc | Software distribution |
JPS60160451A (en) * | 1984-01-31 | 1985-08-22 | Toshiba Corp | Picture information storage retriever |
US4712238A (en) * | 1984-06-08 | 1987-12-08 | M/A-Com Government Systems, Inc. | Selective-subscription descrambling |
US4677434A (en) * | 1984-10-17 | 1987-06-30 | Lotus Information Network Corp. | Access control system for transmitting data from a central station to a plurality of receiving stations and method therefor |
JPS61150046A (en) * | 1984-12-25 | 1986-07-08 | Fujitsu Ltd | File management system |
JPS61211748A (en) * | 1985-03-18 | 1986-09-19 | Hitachi Ltd | Data base security system |
JPS62285161A (en) * | 1986-06-04 | 1987-12-11 | Hitachi Ltd | Data protection system |
US4827508A (en) * | 1986-10-14 | 1989-05-02 | Personal Library Software, Inc. | Database usage metering and protection system and method |
-
1986
- 1986-09-10 US US06/905,775 patent/US5010571A/en not_active Expired - Lifetime
-
1987
- 1987-09-08 AT AT87906513T patent/ATE107818T1/en not_active IP Right Cessation
- 1987-09-08 JP JP62505888A patent/JP2738427B2/en not_active Expired - Lifetime
- 1987-09-08 CA CA000546253A patent/CA1296104C/en not_active Expired - Lifetime
- 1987-09-08 DE DE3750131T patent/DE3750131T2/en not_active Expired - Lifetime
- 1987-09-08 EP EP87906513A patent/EP0282570B1/en not_active Expired - Lifetime
- 1987-09-08 AU AU80247/87A patent/AU600763B2/en not_active Expired
- 1987-09-08 WO PCT/US1987/002301 patent/WO1988002202A1/en active IP Right Grant
-
1988
- 1988-05-09 NO NO882023A patent/NO302209B1/en unknown
- 1988-05-09 DK DK198802547A patent/DK174885B1/en active
-
1990
- 1990-06-05 AU AU56802/90A patent/AU614693B2/en not_active Expired
Also Published As
Publication number | Publication date |
---|---|
DK254788D0 (en) | 1988-05-09 |
JPH01501274A (en) | 1989-04-27 |
EP0282570A1 (en) | 1988-09-21 |
EP0282570A4 (en) | 1990-09-26 |
US5010571A (en) | 1991-04-23 |
DK254788A (en) | 1988-05-09 |
JP2738427B2 (en) | 1998-04-08 |
DE3750131D1 (en) | 1994-07-28 |
DK174885B1 (en) | 2004-01-19 |
WO1988002202A1 (en) | 1988-03-24 |
EP0282570B1 (en) | 1994-06-22 |
AU614693B2 (en) | 1991-09-05 |
AU8024787A (en) | 1988-04-07 |
DE3750131T2 (en) | 1994-11-24 |
AU5680290A (en) | 1990-09-27 |
NO882023D0 (en) | 1988-05-09 |
NO302209B1 (en) | 1998-02-02 |
NO882023L (en) | 1988-07-08 |
ATE107818T1 (en) | 1994-07-15 |
AU600763B2 (en) | 1990-08-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA1296104C (en) | Metering retrieval of encrypted data stored in customer data retrieval terminal | |
US5857021A (en) | Security system for protecting information stored in portable storage media | |
US5036461A (en) | Two-way authentication system between user's smart card and issuer-specific plug-in application modules in multi-issued transaction device | |
US4916738A (en) | Remote access terminal security | |
US4961142A (en) | Multi-issuer transaction device with individual identification verification plug-in application modules for each issuer | |
US4386266A (en) | Method for operating a transaction execution system having improved verification of personal identification | |
AU651326B2 (en) | Method and system for personal identification using proofs of legitimacy | |
CA2130531C (en) | Method and apparatus for verification of classes of documents | |
CA2026739C (en) | Transaction system security method and apparatus | |
US7254706B2 (en) | System and method for downloading of files to a secure terminal | |
US5771291A (en) | User identification and authentication system using ultra long identification keys and ultra large databases of identification keys for secure remote terminal access to a host computer | |
US4864616A (en) | Cryptographic labeling of electronically stored data | |
US5982899A (en) | Method for verifying the configuration the computer system | |
US5548721A (en) | Method of conducting secure operations on an uncontrolled network | |
US6934855B1 (en) | Remote administration of smart cards for secure access systems | |
US4357529A (en) | Multilevel security apparatus and method | |
Guillou | Smart cards and conditional access | |
EP0981807A2 (en) | Integrated circuit card with application history list | |
EP0138320B1 (en) | Cryptographic key management system | |
GB2270446A (en) | Establishing a common cryptographic key at two cryptographic sites | |
CA1165445A (en) | Method for operating a transaction execution system having improved verification of personal identification | |
GB2368948A (en) | Smart card authentication |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
MKEX | Expiry |