WO2002019059A2

WO2002019059A2 - Clearinghouse for electronic sales and deliveries of digital works

Info

Publication number: WO2002019059A2
Application number: PCT/US2001/026770
Authority: WO
Inventors: Ravi Razdan
Original assignee: Ravi Razdan
Priority date: 2000-08-30
Filing date: 2001-08-30
Publication date: 2002-03-07
Also published as: AU2001285324A8; WO2002019059A8; WO2002019059A3; AU2001285324A1

Abstract

A digital-works clearinghouse comprises a database, which stores information relating to digital-works retailers and digital-works providers. Furthermore, the digital-works clearinghouse comprises a server configured to coordinate digital-works transactions, such that, when a digital-work request message is received, the server causes transmission of a digital work, which is not associated with a request-generating digital-works retailer, to a user without the user leaving a user presentation by the request-generating digital-works retailer.

Description

CLEARINGHOUSE FOR ELECTRONIC SALES AND

DELIVERIES OF DIGITAL WORKS

Background of the Invention 1. Field of the Invention

This invention relates to providing web services, specifically software application services and digital content delivery services over the Internet. 2. Related Art

The Internet and the World Wide Web ("Web") continue to expand their reach. This increase in interconnectedness results in continually increasing sources for digital works.

Digital works generally encompass all potentially copyrightable subject matter that can be stored in an electronic form and sold via a computer network. Typically, this electronic form is digital information, and the sale is of use of a copy of the digital information. Thus, digital works include traditionally static information objects, such as texts, images, music, movies and computer programs, and dynamic information objects, such as computer program application services and live broadcasts.

Many companies currently provide digital works to the public over the Web. For example, Content Service Providers ("CSPs"), such as www.reuters.com, provide digital content comprising static information objects. These CSPs provide this digital content to consumers as either a downloaded information object or a streamed information object, according to the terms of their service. Moreover, these CSPs bill the consumer directly for the delivered digital content, either electronically or through standard mail systems.

Other companies provide digital works that are dynamic information objects. For example, Application Service Providers ("ASPs"), such as www.yahoo.com, provide application services over the Web by making software available for use through the Web, such as Web-based calendaring and e-mail services. Typical ASPs do not bill for these services directly, but rely on advertising revenue instead. Other A$Ps, however, deliver complete software packages over the Web for later use by a consumer or require a user to login to the Web site in order to use the application services. These ASPs charge the consumer for the delivered software and services used.

The distinction between ASPs and CSPs is growing smaller. ASPs currently deliver both active services and complete software packages. Moreover, some CSPs currently require a customer to pay a fee and login to their Web site before allowing the customer access the CSP's digital content. Additionally, CSPs may add software-based features to their digital content in the future. For example, a future electronic book may include a computer game that allows virtual interaction with the book's characters. Thus, conventional ASPs and CSPs are moving into a common group of digital- works providers.

Conventional ASPs and CSPs, which charge customers for digital works used or delivered, each have their own billing system. Each such billing system is integrated into each ASP's or CSP's Web site. Typical ASPs provide one stop delivery of the few most common applications from one Web site with their billing system. If a customer wants other applications, they have to go to different Web sites. Thus, conventional digital-works sales and delivery systems require a consumer to find multiple Universal Resource Locators ("URLs") for multiple ASPs and maintain multiple bookmarks in order to use the customer's preferred application services. Conventional digital-works sales and delivery systems force customers to register with and login to multiple ASPs and CSPs for different services and content, and force customers to pay separate bills for the different services and content purchased.

This can generally be thought of as a customer-workload problem. In the offline world, a customer can find digital works from multiple providers all at the same retail location. In the online world, each digital- works retailer can only sell the digital works that have been integrated into their Web site and billing system. Thus, conventional digital- works sales and delivery systems limit the freedom of consumers, because no one Web site can have all the selections a consumer may want immediately available without extensive effort in digital-work integration. This is especially true for digital works comprising application services. One way to address this problem is to have an ASP create links to other ASPs. An ASP that has not integrated a particular application service into its Web site can link to a second ASP that has. When a customer clicks on that link, the customer is sent to the second ASP, and the second ASP is sent information that allows it to route money back to the original ASP for the referral, if a sale occurs. While this approach does reduce the number of bookmarks that a customer has to maintain, it does not solve the problem. The customer is still forced to create a user account with, and login to, multiple ASPs, and is still forced to pay multiple separate bills for the various desired application services. Hence, the customer must still deal with multiple billing procedures and contracts. Another way to address the customer- workload problem is for each ASP to integrate more and more applications into their Web sites. But this is not a long-term solution. There are currently thousands of software products for sale through standard channels in the offline world. Eventually, all of these software products will be made available through the Web or through some future networking technology and network protocol. As ASP services become more prevalent, consumer and business demand for such services is likely to increase, and the number of application services on offer via computer networks is likely to expand dramatically. If ASPs were to attempt to integrate all of these application services from multiple vendors into their existing Web sites and billing systems, an explosion of customized interfaces would result. The costs created by this explosion are likely to limit the number of ASPs that can provide comprehensive access to application services, thereby limiting competition and consumer choice. These problems apply equally to CSPs. Both ASPs and CSPs need a minimum customer base to pay for their infrastructure costs and the costs of attracting consumer attention on the Web. But the problems with conventional digital-works sales and delivery systems threaten to funnel online customers to a handful of large digital-works providers, thereby restricting the available customer base for smaller and newer providers. Therefore, a system and method for solving these problems with conventional digital- works sales and delivery systems is needed to enable customers to seamlessly access digital works from multiple providers through a single digital-works retailer of their choice. Summary of the Invention

This invention can be regarded as a method of enabling electronic sales by retailers of digital works, both digital content and application services, owned, by third party providers. The method includes the step of providing a digital- works clearinghouse attached to a computer network. The digital- works clearinghouse is designed to coordinate sales and deliveries of digital works to authorized customer access devices, whereby a retailer bills a customer for a digital work delivered electronically to the customer by a third party provider. In one embodiment, the digital work is encrypted and also watermarked in real time. Furthermore, in one embodiment, the method further includes the step of authorizing the customer access devices by providing a decryption key to a user interface component of one of the customer access devices, thereby enabling the user interface component to decrypt the encrypted digital work delivered electronically.

This invention can also be regarded as a method of supporting electronic sales of digital works and licenses to use digital works. The method includes the steps of receiving a request for a digital work from a retailer, determining if the digital work is available, and generating a transaction record if the digital work is available. The method further includes the steps of initiating transmission of the digital work to a customer access device identified in the request, finalizing the transaction record upon a successful delivery of the digital work, and transmitting an invoice to the retailer, thereby enabling the retailer to bill a customer associated with the customer access device for the delivered digital work.

In this fashion, the present invention enables a digital-works clearinghouse to seamlessly broker real-time access to a digital-works provider (either an ASP or a CSP) on behalf of a digital- works retailer.

This invention can also be regarded as a method of selling digital works owned by others. The method includes the step of providing a digital-works transfer system that includes a list of digital works and enables customers to electronically acquire a digital work for a fee. The method further includes the steps of receiving requests for digital works on the list, and identifying an original request for a digital work that is not immediately available through the digital-works transfer system. The method further includes the step of creating a new request for the digital work, the new request including customer identification information for a customer access device, which generated the original request. Finally, the method further includes the steps of transmitting the new request to a digital-works clearinghouse, receiving an invoice for delivery of the digital work if the digital-works clearinghouse fulfilled the new request, and billing the customer for the digital work. Thus, the present invention provides digital-works retailers the ability to easily integrate the digital works of digital- works providers into an existing digital-works sales and delivery system, thereby allowing a customer to easily obtain digital works, both content and application services, from multiple providers but only have to pay a single bill. Moreover, a retailer is enabled to easily provide digital works, both content and application services, from multiple providers and receive integrated billing by provider.

This invention can also be regarded as a computer-implemented digital-works clearinghouse system. The system includes a digital-works retailer having a user presentation that includes a control-input, which is associated with a digital work that is associated with a digital-works provider. The digital-works provider is separate from the digital- works retailer, and the digital- works retailer is configured such that selection of the • control-input by a user causes the digital-works retailer to transmit a message to a digital- works clearinghouse. The system further includes the digital-works clearinghouse, which is designed to coordinate digital-works transactions such that receipt of the message causes transmission of the digital work without the user leaving the user presentation. In one embodiment, the digital-works clearinghouse collects and cross-checks billing information in order to generate an invoice for transmission to the digital- works retailer upon a successful delivery of the digital work. Thus, the digital-works clearinghouse provides a transaction management, billing data, and payment/settlement service. In addition, the digital-works clearinghouse provides encryption and watermarking services to protect the interests of all parties involved in a digital works transaction.

The digital- works clearinghouse is configured to communicate with the digital-works retailer and the digital-works provider via a computer network. Finally, the system includes a media player designed to enable presentation of the digital work. The media player is configured to communicate with the digital-works clearinghouse, the digital-works retailer and the digital-works provider via the computer network. By creating a transaction protocol that delineates the information that must be provided between the digital-works retailer and the digital-works provider, the present invention eliminates the need for different software interfaces for each seller of digital works. In one embodiment, the transaction protocol is an XML based specification that controls how the various Web servers in the digital-works clearinghouse system communicate with each other.

Further features and advantages of the invention as well as the structure and operation of various embodiments of the invention are described in detail below with reference to the accompanying drawings.

Brief Description of the Figures

FIG. 1 is a block diagram illustrating a digital-works clearinghouse system in an example operational environment according to one embodiment of the invention;

FIG. 2 is a -block diagram illustrating primary components of a digital- works clearinghouse system according to one embodiment of the invention;

FIG. 3 is a block diagram illustrating event sequence and message flow in a digital- works clearinghouse system according to one embodiment of the invention; and

FIGS.4A, 4B, 4C and 4D are a flow chart depicting a process for requesting digital works and fulfilling such requests according to one embodiment of the invention.

Detailed Description of the Invention

The present invention is directed toward a system and method for enabling a digital- works retailer to sell to customers online content and application services provided by third parties. The present invention is disclosed and described herein in terms of Web sites running on dedicated servers utilizing the Internet and the World Wide Web. However, after reading this description, it will become apparent to one of ordinary skill in the art how to implement the invention in alternative embodiments and alternative network environments. For example, alternative embodiments include multiple servers for each Web site, or user interfaces that use hyperlinking protocols other than the Hypertext Transfer Protocol ("HTTP"). Alternative network environments include any "Future Net" and its accompanying networking protocols, which will likely encompass the functions now provided by today's Internet, cable and broadcast television, telephone communications and other linear and interactive business and telecommunications systems. As such, the description of this example embodiment should not be construed to limit the scope and breadth of the present invention.

FIG. 1 is a block diagram illustrating a digital-works clearinghouse system in an example operational environment according to one embodiment of the invention. A network 100 is a computer network such as the Internet, which allows multiple devices to be communicatively coupled together. In this example embodiment, the network 100 utilizes the Internet Protocol ("IP") to enable this communicative coupling, and the network 100 includes both wire/fiber and wireless network components.

Coupled with the network 100 are customer access devices 110. The customer access devices 110 are any network-enabled devices capable of presenting a user interface having control-inputs that cause network communications. Examples of such control-inputs include hyperlinks and submit buttons on Hypertext Markup Language / Extensible Markup

Language ("HTML/XML") forms. Examples of such network-enabled devices include devices such as a personal computer, a Web browsing appliance, a personal digital assistant

("PDA"), a mobile phone, a game machine, a watch, and a home entertainment system.

Although the invention is generally disclosed herein in terms of customer access devices 110 designed to present hyperlinked data in a graphical user interface, other types of interfaces are fully contemplated. For example, in one embodiment, a customer access device 11 OH is a mobile phone designed to present digital works through an audio user interface.

Also coupled with the network 100 are digital-works retailers 130. In one embodiment, the digital-works retailers 130 are Web sites running on dedicated servers. These Web sites include digital-works sales and distribution systems. Examples of Web server software that can be used to construct such systems include Apache, Microsoft Internet Information Server, and Netscape Enterprise Server. The Web server software can be designed to run on any number of computer hardware platforms with any number of operating systems and utilizing any number of programming languages for implementing scripts.

A digital-works clearinghouse 150 is also coupled with the network 100. In one embodiment, the digital- works clearinghouse 150 is a centralized Web server for coordinating digital-works transactions utilizing real-time encryption and watermarking. The digital- works clearinghouse 150 includes storage facilities for data that identifies providers for multiple types of digital works, such as digital content like music, images, video and electronic books, and application services like tax preparation software, financial planning software, calendaring services, e-mail services, and entertainment services. In one embodiment, the digital works comprising digital content are available in industry promulgated file formats.

Although the invention is disclosed herein in terms of a single centralized digital- works clearinghouse 150 with its own local storage, those skilled in the relevant art(s) will understand that the present invention encompasses multiple alternative architectures. For example, the functionality described herein can be distributed over a plurality of computers. In one embodiment, the digital-works clearinghouse 150 is configured in a distributed architecture, wherein databases and processors within the digital-works clearinghouse 150 are housed in separate units or locations. Some units perform the primary processing functions and contain, at a minimum, memory and a general processor. Each of these units is attached to a wide area network ("WAN") hub which serves as the primary communications link with the other units and interface devices. The WAN hub may have minimal processing capability itself, serving primarily as a communications router. Those skilled in the relevant art(s) will appreciate that an almost unlimited number of servers may be supported. This arrangement yields a more dynamic and flexible system, less prone to catastrophic hardware failures affecting the entire system. In an alternative embodiment, the digital-works clearinghouse 150 is configured in a distributed fashion, such that a separate digital-works clearinghouse is located in each geographical region and maintains communications with all other digital-works clearinghouses. In this embodiment, all the separate digital-works clearinghouses taken together form a single Web site residing in multiple geographically diverse data centers. Also coupled with the network 100 are digital- works providers 170. In one embodiment, the digital- works providers 170 are Web sites running on dedicated servers. These Web sites include digital- works sales and distribution systems, which have their own digital works for sale through the system. Thus, the digital- works providers 170 can also be regarded as digital-works retailers. In another embodiment, a digital- works provider 170 is a Web server configured to deliver digital works only to the digital-works clearinghouse 150. In this embodiment, the digital-works provider 170 does not deliver its digital works directly to customers.

Both the digital-works providers 170 and the digital-works retailers 130 may be designed using multiple alternative architectures as discussed previously in connection with the digital-works clearinghouse 150. Moreover, as discussed in greater detail below, the present invention enables any number of customer access devices 110 to purchase digital works from any number of digital- orks providers 170 through any number of digital-works retailers 130,- without a customer ever leaving a preferred user presentation created and displayed by the digital-works retailer. Note that in one Web-based embodiment, all communications utilize the Secure Sockets Layer ("SSL") for communication security.

In an alternative embodiment, a second network (not shown) is used to provide highly secure communications. For example, in one embodiment, the second network is a proprietary network connecting the digital-works providers 170 with the digital-works clearinghouse 150. In this embodiment, the digital-works providers 170 send digital works to the digital-works clearinghouse 150, with no encryption, using the second network. FIG. 2 is a block diagram illustrating primary components of a digital-works clearinghouse system according to one embodiment of the invention. Referring now to FIG. 2, the network 100 is the same as that shown in FIG. 1. Generally, unless otherwise indicated, like numerals refer to like elements throughout this specification. Coupled with the network 100 is a first customer access device 210. The first customer access device 210 comprises a user interface 212, a security engine 214, and a media player cache 216.

In this example embodiment, the user interface 212 comprises a Web browser and a media player plug-in. In one embodiment, the Web browser is browser software designed to use HTTP over TCP/IP (Transmission Control Protocol/Internet Protocol). Examples include Netscape Communicator and Microsoft Explorer. The media player plug-in is a software program designed to interface with the Web browser, thereby enabling use of the present invention. The media player plug-in can be obtained either online or offline and installed in manners well understood in the art.

In an alternative embodiment, the user interface 212 comprises a media player capable of managing and displaying multimedia content including audio, video, text, pictures and software, using HTTP over TCP/TP without a Web browser. Generally, the media player is designed to enable use of the present invention.

Although the invention is disclosed herein in terms of a graphical browser/media player utilizing HTTP for communications and XML for data exchange, the present invention fully contemplates the use of other high-level protocols residing over TCP/IP such as WAP (Wireless Application Protocol), and variants of HTTP such as HTTPS (Hypertext

Transfer Protocol Secure) and HTTP-NG (Hypertext Transfer Protocol - Next Generation), and alternative hypertext markup languages such as WML (Wireless Mark-up Language).

Moreover, the present invention fully contemplates the use of other networking protocols, both high-level and low-level, including those not yet developed.

In a presently preferred embodiment, access to digital works that have been previously purchased is controlled through the security engine 214. The security engine 214 interfaces with the user interface 212 and the media player cache 216. The media player cache 216 stores the previously purchased digital works, preferably in an encrypted form. In one embodiment, the user interface 212 and the security engine 214 have a decryption key. Moreover, the security engine 214 keeps track of customer owned devices. Thus, the security engine 214 knows what other devices the previously purchased digital works can be delivered to based on the serial numbers of those devices. A second customer access device 220 may also be coupled with the network 100.

The second customer access device 220 comprises a user interface 222. The user interface 222 is the same as the user interface 212, except that the user interface 222 is designed to interface with the security engine 214 through the network 100. In this fashion, a user of the present invention can access previously purchased digital works from multiple customer access devices, without requiring separate copies to be stored on each customer access device. For example, a user could purchase a new song and store it on their personal computer at home, or with a favorite "music locker'Vdigital storage service. Then, while on the road, that same user could access and play that same song through their network-enabled radio in their car. In alternative embodiments, the customer access device 210 is very similar or identical to the customer access device 220. For example, the security engine 214 and media player cache 216 may be located on a Web server connected to the network 100, thereby enabling a user to access their own personal archive of digital works at any time without having to purchase the storage components. In yet another embodiment, a user purchases all digital works on a one-time use basis, thus no security engine 214 or media player cache 216 are necessary.

Also coupled with the network 100 is an example retailer Web site 230. The retailer

Web site 230- sells digital works to consumers using a digital- wprks sales and billing system.

The retailer Web site 230 may or may not sell its own digital works. In this example ' embodiment, the retailer Web site 230 only sells the digital works of third parties.

The retailer Web site 230 comprises a Web server 232, an XML/HTML document database 234, and a transaction & security database 236. As discussed previously, the Web server 232 can be built using any number of computer hardware platforms running standard Web server software, such as Apache, Microsoft Internet Information Server, and Netscape Enterprise Server. The Web server 232 is customized using computer programs to create the digital-works sales and billing system. These computer programs enable dynamic creation of XML/HTML documents.

The Web server 232 is communicatively coupled with the customer access device 210 (and similarly the customer access device 220), and a clearinghouse Web site 250, via the network 100. The Web server 232 responds to customer requests from the customer access device 210 and also interfaces with the clearinghouse Web site 250. The Web server 232 logs transaction activity and performs customer validation using the XML/HTML document database 234 and the transaction & security database 236.

The XML/HTML document database 234 contains XML/HTML documents created for delivery by the Web server 232. The transaction & security database 236 contains computer programs and customer profile, billing, and transaction & security data necessary for implementing the digital- works sales and billing system. Although the retailer Web site 230 is shown and described in terms of two separate databases, those skilled in the relevant art(s) understand that multiple organizational structures are available for these databases. Additionally, in one embodiment, database software such as OracleSi, manufactured by Oracle Corporation, is used to create and manage these databases.

The clearinghouse Web site 250 is an example implementation of the digital-works clearinghouse 150. The clearinghouse Web site 250 comprises a Web server 252, a transaction & security database 254, a digital-works database 256, an encryption server 258, and a watermark server 260. As discussed previously, the Web server 252 can be built using any number of computer hardware platforms running standard Web server software, such as Apache, on generally available operating systems, such as Linux. The Web server 252 is customized using computer programs to implement the functionality described herein. In one embodiment, these computer programs are implemented using XML for dynamic behavior.

The Web server 252 is communicatively coupled with the customer access device 210 (and similarly the customer access device 220), the retailer Web site 230, and a provider Web site 270, via the network 100. The Web server 252 responds to requests from the retailer Web site 230 and also interfaces with the provider Web site 270. In certain special cases involving frequently requested digital works, the Web server 252 also interfaces with the customer access device 210 (and similarly the customer access device 220). The Web server 252 logs transaction activity using the transaction & security database 254, delivers frequently requested digital works using the digital-works database 256, and manages both the encryption server 258 and the watermark server 260. The transaction & security database 254 contains computer programs and transaction

& security data necessary for implementing the functionality described herein. This transaction & security data typically includes transaction record data, and billing, credit and security data for providers and retailers associated with the digital-works clearinghouse system. The digital-works database 256 contains commonly requested digital works, and in one embodiment, the digital-works database 256 is not present. Although the clearinghouse Web site 250 is shown and described in terms of two separate databases, those skilled in the relevant art(s) understand that multiple organizational structures are available for these databases. Additionally, in one embodiment, database software such as Oracleδi, manufactured by Oracle Corporation, is used to create and manage these databases.

The encryption server 258 provides encryption services to the Web server 252. In one embodiment, these encryption services enable real-time encryption of a digital work being delivered to a customer such that only that customer's media player can decrypt the digital work. The encryption server 258 encrypts the digital work before delivery to the end customer to prevent unauthorized use.

The watermark server 260 provides watermarking services to the Web server 252. In one embodiment, these watermarking services enable real-time watermarking of a digital work being delivered to a customer such that the watermark(s) identifies an association between the provider, the customer, the retailer, the clearinghouse or some combination of these, for that transaction, thereby enabling traceability. The watermark server 260 puts a digital watermark in requested digital works to identify any future copyright violations. The watermark(s) can be a character string indicating such an association or a numerical identifier that references such an association stored by the clearinghouse, the provider, the retailer or some combination of these. The watermarking procedure employed by the watermark server 260 is specific to the type of digital work. But the watermarking procedure should satisfy three basic requirements: (1) watermarking injection, or doping, is done in "real time" during the transaction, (2) the watermark is extractable from a sufficiently small and meaningful part of the digital work (for example, the watermark should be extractable from any five second clip of an audio digital work), and (3) the watermark is extractable without knowledge of the original digital work or the watermark itself. Those skilled in the relevant art(s) will understand how to implement this watermark procedure given the disclosure herein.

In an alternative embodiment, the Web server 252 also manages the encryption server 258 and the watermark server 260 to protect digital works received from a provider Web site 270, which are then to be sent to the customer by the clearinghouse Web site 250.

Also coupled with the network 100 is the provider Web site 270. The provider Web site 270 delivers digital works to consumers using the present invention, and comprises a

Web server 272, a transaction & security database 274, a digital-works database 276, an encryption server 278, and a watermark server 280. As discussed previously, the Web server

272 can be built using any number of computer hardware platforms running standard Web server software, such as Apache, on generally available operating systems, such as Linux.

The Web server 272 is customized using computer programs to implement the functionality described herein. In one embodiment, these computer programs are implemented using XML for dynamic behavior.

The Web server 272 is communicatively coupled with the customer access device 210 (and similarly the customer access device 220), and the clearinghouse Web site 250, via the network 100. The Web server 272 responds to requests from the clearinghouse Web site 250 and interfaces with the customer access device 210 (and similarly the customer access device 220). The Web server 272 manages both the encryption server 278 and the watermark server 280, records transaction activity using the transaction & security database 274, and transmits transaction activity information to the clearinghouse Web site 250.

The transaction & security database 274 contains computer programs and transaction & security data necessary for implementing the functionality described herein. This transaction & security data may include transaction record data, and billing, credit and security data for retailers associated with the digital- works clearinghouse system.

The digital-works database 276 contains digital works offered by the provider. Although the provider Web site 270 is shown and described in terms of two separate databases, those skilled in the relevant art(s) understand that multiple organizational structures are available for these databases. Additionally, in one embodiment, database software such as Oracleδi, manufactured by Oracle Corporation, is used to create and manage these databases.

The encryption server 278 provides encryption services to the Web server 272. In one embodiment, these encryption services enable real-time encryption of a digital work being delivered to a customer such that only that customer's media player can decrypt the digital work. The encryption server 278 encrypts the digital work before delivery to the end customer to prevent unauthorized use.

The watermark server 280 provides watermarking services to the Web server 272. In one embodiment, these watermarking services enable real-time watermarking of a digital work being delivered to a customer such that the watermark(s) identifies an association between the provider, the customer, the retailer, the clearinghouse or some combination of these, for that transaction, thereby enabling traceability. The watermark server 280 puts a digital watermark in requested digital works to identify any future copyright violations. The watermark(s) can be a character string indicating such an association or a numerical identifier that references such an association stored by the clearinghouse, the provider, the retailer or some combination of these.

The watermarking procedure employed by the watermark server 280 is specific to the type of digital work. But the watermarking procedure should satisfy three basic requirements: (1) watermarking injection, or doping, is done in "real time" during the transaction, (2) the watermark is extractable from a sufficiently small and meaningful part of the digital work (for example, the watermark should be extractable from any five second clip of an audio digital work), and (3) the watermark is extractable without knowledge of the original digital work or the watermark itself. Those skilled in the relevant art(s) will understand how to implement this watermark procedure given the disclosure herein. In an alternative embodiment, the provider Web site 270 also sells digital works to consumers using a digital-works sales and billing system, thereby making it a retailer Web site as well. In this alternative embodiment, the provider Web site 270 includes components and functionality shown and described in connection with the retailer Web site 230. In yet another alternative embodiment, the provider Web site 270 does not deliver digital works directly to consumers, but delivers digital works to the clearinghouse Web site 250 for subsequent delivery to consumers.

FIG. 3 is a block diagram illustrating event sequence and message flow in a digital- works clearinghouse system according to one embodiment of the invention. In this embodiment, communication between the different parts of the digital- works clearinghouse system takes place using HTTP (or its variant protocols such as HTTPS and HTTP-NG) and XML/HTML. Alternatively, other communication protocols may be used. The sequencing of this message flow through the digital-works clearinghouse system is essentially a transaction protocol that delineates the information that must be provided between the digital- works retailer and the digital- works provider.

In one embodiment, this transaction protocol is an XML based specification that controls how the various Web servers in the digital-works clearinghouse system communicate with each other. Preferably, all transaction mechanism communications will be secured by some method, such as encryption, use of a proprietary network, use of SSL or user digital certificates. But in some embodiments, only certain of these communications will be secured, depending on the nature of the channel used. For example, if the channel has limited bandwidth, or excessive congestion, only those communications containing security information, which if discovered could leave the system open to infiltration, are encrypted. This is done to improve the performance of the system. Referring now to FIG.3 , in order to purchase/license a digital work from the retailer

Web site 230, a customer using the customer access device 210 first logs in to the retailer Web site 230. This is done by taking an action that causes a login HTTP POST request message 302 to be sent by the customer access device 210 to the retailer Web site 230. This action can include things such as submitting an XML/HTML form, clicking a hyperlink, selecting a bookmark, or turning on the customer access device 210. At a minimum, the login HTTP POST request message 302 should contain a retailer-customer identifier and a password, which correspond to an existing retailer-customer account. The login HTTP POST request message 302 may also contain additional information, such as a security key from a user interface on the customer access device 210 and a digital certificate. In response to the login HTTP POST request message 302, the retailer Web site 230 sends a Web page HTTP response message 304, which contains an XML/HTML document in the entity body field. This XML/HTML document contains a control-input that enables a user of the customer access device 210 to generate a request for a digital work. For example, the control-input could be a hyperlink that identifies a particular song. Alternatively, the control-input could be a submit button on an XML/HTML form, which allows the user to purchase a book by entering author and title information.

Once the customer has decided to purchase/license a digital work, the customer indicates this by taking an action that causes a sale HTTP POST request message 306 to be sent by the customer access device 210 to the retailer Web site 230. This action can include things such as submitting an XML/HTML form or clicking a hyperlink. At a minimum, the sale HTTP POST request message 306 should contain a digital work identifier. Note that the sale HTTP POST request message 306 may also be an HTTP GET request message, provided the document to which the URL corresponds has an appropriate SET HTTP REDIRECT message within it. When the retailer Web site 230 receives the sale HTTP POST request message 306, it sends a sale request HTTP POST request message 308 to the clearinghouse Web site 250. The sale request HTTP POST request message 308 contains the digital work identifier, a retailer identifier, and a session identifier for the requesting customer. In addition, in one embodiment, the sale request HTTP POST request message 308 also contains the security key, the retailer's own user identifier for the requesting customer, and a provider identifier when the digital work is available from more than one provider.

In one embodiment, if the clearinghouse Web site 250 is able to fill the request directly, it initiates this fulfillment by sending a response message, which includes transaction information, to the retailer Web site 230. The retailer Web site 230 then redirects the customer access device 210 to the clearinghouse Web site 250. In this embodiment, the

1 R transaction information has a time-out associated with it, thereby adding additional security to the delivery process.

The clearinghouse Web site 250 sends one or more delivery HTTP response messages 310, which contain the requested digital work, preferably in an encrypted form. Then the clearinghouse Web site 250 sends a fulfillment HTTP POST message 312 back to the retailer Web site 230. The fulfillment HTTP POST message 312 contains a time stamp and a status indicator.

In one embodiment, the digital work in the one or more delivery HTTP response messages 3-10 also contains a digital watermark. This watermark contains the transaction information to help trace the original receiver of the digital work through an unauthorized copy. The transaction information may be simply a transaction number assigned by the clearinghouse Web site 250, or it may be more detailed. For example, in one embodiment, the transaction information comprises a transaction number, the session identifier, a content identifier, a provider identifier and a customer identifier. The content identifier may be the digital work identifier, which is either a character string or a number such as an International Standard Book Number ("ISBN"), or a number assigned by the clearinghouse Web site 250. The customer identifier may be the retailer's own user identifier, a user identifier assigned by the clearinghouse Web site 250, a serial number for the media player inside the customer access device 210, a combination of these, or any other appropriate identifier. When the digital work is sent in multiple delivery HTTP response messages 310, such as is the case in a service delivery, the watermark is the same as described above except that the transaction information also contains a segment identifier that specifically identifies the current chunk of the digital work being sent. When the digital work is a software application, selecting the chunks of data is relatively straightforward. But when the digital work is an active feed, such as a live broadcast, the watermarking is accomplished by monitoring the feed for good places to cut the digital work.

For example, in an embodiment where the transaction information consists of a transaction number, and a content number, the active feed will typically be broken up into chunks of less than five seconds. Each of these chunks should contain a watermark with sufficient information to point to the original copyright holder. Thus, the watermark should insert transaction information comprising at least 10 bits every five seconds. This process introduces some delay in the feed, but it is generally less than a few milliseconds and is thus not large enough to be noticeable. In an embodiment using watermarking, the watermarking process is preferably sufficiently robust to overcome jitter attacks. Once the customer access device 210 is done receiving the digital work, which may take a long time if the digital work is a service such as a live broadcast or a software application, it sends a receipt HTTP POST request message 314 to the clearinghouse Web site 250. This causes the clearinghouse Web site 250 to send an end-of-transaction HTTP POST request message 316 to the retailer Web site 230. The end-of-transaction HTTP POST request message 316 contains a time stamp and an invoice.

In addition, in one embodiment, the end-of-transactionHTTP POST request message 316 also contains a transaction identifier, and the clearinghouse Web site 250 redirects the customer access device 210 to the retailer Web site 230. Thus, the retailer Web site 230 does not have to maintain state information for the customer access device 210 during delivery of the digital work.

If the clearinghouse Web site 250 is not able to fill the request directly, it identifies a provider Web site 270 that can. In one embodiment, the clearinghouse Web site 250 sends a response message, which includes transaction information, to the retailer Web site 230. The retailer Web site 230 then redirects the customer access device 210 to the clearinghouse Web site 250. In this embodiment, the transaction information has a time-out associated with it, thereby adding additional security to the delivery process.

The clearinghouse Web site 250 sends a sale request HTTP POST request message 320 to the provider Web site 270. The sale request HTTP POST request message 320 contains the digital work identifier, and the transaction information for the requesting customer. In addition, in one embodiment, the sale request HTTP POST request message 320 also contains the security key, the session identifier, the retailer identifier, and the retailer's own user identifier for the requesting customer.

In one embodiment, if the provider Web site 270 is able to fill the request, it initiates this fulfillment by sending a response message to the clearinghouse Web site 250. The clearinghouse Web site 250 then redirects the customer access device 210 to the provider Web site 270. In this embodiment, the transaction information has a time-out associated with it, thereby adding additional security to the delivery process.

The provider Web site 270 sends one or more delivery HTTP response messages 322, which contain the requested digital work, preferably in an encrypted form. Then the provider Web site 270 sends a fulfillment HTTP POST message 324 back to the clearinghouse Web site 250. The fulfillment HTTP POST message 324 contains a time stamp and a status indicator. When the clearinghouse Web site 250 receives the fulfillment HTTP POST message 324, it sends a corresponding fulfillment HTTP POST message 326 back to the retailer Web site 230. In one embodiment, the digital work in the one or more delivery HTTP response messages 322 also contains a digital watermark. This watermark contains the transaction information to help trace the original receiver of the digital work through an unauthorized copy. The transaction information may be simply a transaction number assigned by either the clearinghouse Web site 250 or the provider Web site 270, or it may be more detailed. For example, in one embodiment, the transaction information comprises a transaction number, the session identifier, a content identifier, and a customer identifier. The content identifier may be the digital work identifier, which is either a character string or a number such as an ISBN, or a number assigned by the clearinghouse Web site 250 or the provider Web site 270. The customer identifier may be the retailer's own user identifier, a user identifier assigned by the clearinghouse Web site 250 or the provider Web site 270, a serial number for the media player inside the customer access device 210, a combination of these, or any other appropriate identifier.

When the digital work is sent in multiple delivery HTTP response messages 322, such as is the case in a service delivery, the watermark is generated and inserted in the same fashion as described previously.

Once the customer access device 210 is done receiving the digital work, which may take a long time if the digital work is a service such as a live broadcast or a software application, it sends a receipt HTTP POST request message 328 to the provider Web site 270. This causes the provider Web site 270 to send an HTTP POST request message 330 to the clearinghouse Web site 250. The HTTP POST request message 330 may be a receipt

91 or a time stamp and an invoice. In addition, in one embodiment, the provider Web site 270 redirects the customer access device 210 to the clearinghouse Web site 250. Thus the clearinghouse Web site 250 does not have to maintain state information for the customer access device 210 during delivery of he digital work. When the clearinghouse Web site 250 receives the HTTP POST request message

330, it sends an end-of-transactionHTTP POST request message 332 to the retailer Web site 230. The end-of-transaction HTTP POST request message 332 contains a time stamp and an invoice.

In addition, in one embodiment, the end-of-transactionHTTP POST request message 332 also contains a transaction identifier, and the clearinghouse Web site 250 redirects the customer access device to the retailer Web site 230. Thus, the retailer Web site 230 does not have to maintain state information for the customer access device 210 during delivery of the digital work.

Although the description of FIG. 3 is in terms of a request for a single digital work, those skilled in the relevant art(s) understand that the event sequencing and message flow shown is equally applicable to a request that references multiple digital works. For example, in one embodiment, a user of the customer access device 210 may check any number of check boxes on an XML/HTML form, each box identifying a separate song. In one embodiment, the XML/HTML form also has check boxes or drop-down menus that allow the user to specify a format for the songs to be delivered in, such as MP3 or WAV files. When the user clicks the submit button, the customer access device 210 generates and sends the sale HTTP POST request message 306.

The retailer Web site 230 parses the entity body of this sale HTTP POST request message 306 to identify which songs it can deliver and which it cannot. Those songs that it cannot deliver are put together in the sale request HTTP POST request message 308. The clearinghouse Web server 250 parses the entity body of the sale request HTTP POST request message 308 to extract the individual song requests and file formats. It then generates a single sale request HTTP POST request message 320 or multiple sale request HTTP POST request messages 320, depending on the number of providers required to fulfill the multi- song request. In one embodiment, when either the provider Web site 270 or the clearinghouse Web site 250 send multiple digital works in the one or more delivery HTTP response messages 322 or the one or more delivery HTTP response messages 310, the media player inside the customer access device 210 sends back a separate receipt for each digital work received. This is done to reduce the risk of losing data evidencing the transaction when only part of the transaction is completed due to network problems or failures of various components of the system.

Moreover, the media player preferably keeps a record of what digital works are actually delivered to help ensure that no transaction data is lost. For example, in one embodiment, the media player stores in permanent memory a record of each song delivered as part of a multi-song download, as each song is received in full, and does not delete that record until after it receives a confirmation of its receipt for the song. If the customer access device 210 crashes during a multi-song download, no transaction data is lost. When the customer access device 210 comes online again and the media player begins running, the media player identifies that some songs have been received without a receipt confirmation, and it then sends a receipt for each such song.

FIGS. 4A, 4B, 4C and 4D are a flow chart depicting a process for requesting digital works and fulfilling such requests according to one embodiment of the invention. The process begins with step 400, in which a customer requests a user presentation for a digital- works retailer. In one embodiment, the user presentation is a Web page with login functionality, and step 400 comprises transmitting an HTTP GET request message.

In step 402, the customer inputs and submits user identification data. This data preferably includes security/validation information for the customer. For example, in one embodiment, the customer enters a user identifier and a password into an XML/HTML form and then clicks a submit button. This causes an HTTP POST request message to be sent to the digital-works retailer. Additionally, in one embodiment, this HTTP POST request message includes a digital certificate to aid in verifying the identity of the sender.

The retailer receives the user identification data and validates the customer in step 404. In addition, in one embodiment, the retailer captures security data from the user interface on the customer's network access device. For example, in a Web implementation, the retailer's Web server checks the user identifier and password in its user database, captures the security key for the user's Web browser and establishes a session. If an existing user account is identified, the Web server retrieves billing information, such as the customer's credit card number and expiration, and billing address, then confirms that this data is still accurate and valid.

Steps 402 and 404 can generally be thought of as the validation process. This process can be accomplished in many ways, including without using a customer database local to the retailer. For example, in one embodiment, the customer submits all the necessary credit and billing information, or electronic cash, in step 402, and the retailer validates this credit, or funds, in step 404 and creates a customer record. Those skilled in the art will understand the wide array of methods for conducting this validation process.

In step 406, the retailer displays a personalized user presentation that includes means for selecting various digital works and includes at least one control-input. In one embodiment, the personalized user presentation is a set of customized Web pages. These customized Web pages include XML/HTML forms that allow searching for digital works and submission of purchase/license requests. These customized Web pages also include hyperlinks that allow the customer to navigate through the Web pages, gain additional information about particular digital works and logout from the retailer's Web site.

Once the customer has identified one or more digital works to purchase/license, the customer selects a control-input in step 408. This causes the digital-works request to be submitted to the retailer. In one embodiment, each digital work is identified by a single number, such as an ISBN number. In an alternative embodiment, each digital work is identified by a character string, which includes source and title information. For example, if the digital work is a song, the source could be "Led Zeppelin" and the title "Stairway to Heaven". Whereas, if the digital work is a software application or service, the source could be "Intuit" and the title "Quicken". Thus the source identifier may or may not also refer to the provider.

In an alternative embodiment, the validation process spans steps 402 through 408. For example, a retailer Web site is set up to allow any individual to navigate the site and search for digital works. In this embodiment, the customer submits the necessary credit and billing information along with a request to purchase/license a digital work in step 408. Thus, step 404 occurs after step 408 in this embodiment.

In step 410, the retailer checks whether any of the requested digital works are only offered by a third party. If not, the retailer has integrated that digital work into its digital- works sales and delivery system. For each such integrated digital work, the retailer fulfills the request before returning to step 406. If one or more of the requested digital works are not integrated into the retailer's system, control passes to step 412.

In step 412, the retailer constructs a new request for the non-integrated digital works and sends this new request to the digital-works clearinghouse. In one embodiment, the retailer knows where to send the new request because this information was received from the customer. For example, in a Web implementation, the media player inserts this information into the Accept header line of the original HTTP GET request message sent in step 400.

In an alternative embodiment, this information is stored in the retailer Web site. For example, each record of a digital work on the retailer Web site may include a clearinghouse Web site URL from which that digital work is available. In one embodiment, the clearinghouse Web site provides application services, as part of its retailer registration system, that allow a retailer Web site to automatically generate such records. Those skilled in the relevant art(s) will understand how to build such retailer registration systems given the disclosure herein. In addition, in one embodiment, the retailer always sends all non-integrated digital- work requests to the same clearinghouse. In this embodiment, the clearinghouse is designed to contact other clearinghouses or other networked sources of provider information if it does not have the provider association needed to fulfill a particular request.

When the retailer sends this new request in step 412, a process is initiated by which the requested digital work(s) are delivered to the customer without the customer ever leaving the preferred user presentation created and displayed by the retailer. Thus the customer believes that the retailer has fulfilled the digital-works request regardless of whether the retailer does in fact deliver the requested digital work(s). The new request includes a content identifier for each digital work. In one embodiment, the content identifier is the digital work identifier used by the retailer. In an alternative embodiment, the content identifier is not needed because this information is implicit in the new request, such as when the new request is a URL identifying a Common Gateway Interface ("CGI") script on the clearinghouse Web site that causes the delivery of a specific digital work.

Following step 412, the retailer waits for a response from the clearinghouse. If no response comes within a predefined time, the retailer times out, reports to the customer which digital work(s) are currently unavailable, and returns to step 406.

In step 414, the clearinghouse receives the new request, and validates the sending retailer. In one embodiment, the retailer has a pre-existing relationship with the clearinghouse. Thus, the new request includes a retailer identifier and security data, which allows the clearinghouse to confirm the retailer's account and credit. In an alternative embodiment, the new request includes credit and billing information, or electronic cash. In this embodiment, the clearinghouse can process the new request without any pre-existing relationship with the retailer.

In step 416, the clearinghouse checks a database that stores data regarding what digital works are available through which providers. In step 418, the clearinghouse determines if the requested digital work(s) in the new request is available. If not, control passes to step 420, in which the clearinghouse responds to the retailer's request with the cause for failure. This cause for failure may be that the digital work is unavailable from the clearinghouse, or may be a report of some internal error. Then the process returns to step 406.

When the retailer receives this failure response, it reports this failure to the customer. In one embodiment, the retailer reports alternate provider information to the customer as well.

In an alternative embodiment, when the clearinghouse determines that it does not have an association with a provider that makes a requested digital work available, the clearinghouse passes the request on to another clearinghouse. Or alternatively, the clearinghouse searches networked sources of provider information in an attempt to find an appropriate provider and automatically generates a request for the digital work from a found provider. If it receives the digital work, it stores it locally and proceeds to step 422 on FIG. 4B. If the clearinghouse determines in step 418 that the requested digital work(s) in the new request is available, control passes to step 422 on FIG. 4B.

Referring now to FIG. 4B, the clearinghouse generates a transaction record in step

422. In step 424, the clearinghouse checks a database to determine if the requested digital work(s) is available directly from the clearinghouse because it is stored in a local cache. If so, control passes to step 426. If not, control passes to step 438, in which the clearinghouse sends an appropriate request(s) and the transaction record to a provider.

In step 426, the clearinghouse sends a fulfillment message to the retailer. The fulfillment message includes a transaction number for tracking the transaction, and lets the retailer know that the clearinghouse is taking over the session with the customer's user interface on the customer access device. In one embodiment, the clearinghouse also sends a message to the provider reporting that a digital work delivery is in progress.

In step 428, the clearinghouse connects with the customer access device and validates the media player. In one embodiment, this connection is done via HTTP and the validation is a quick request to the media player, which must respond with a pre-defined response within a pre-defined time. The user of the customer access device preferably does not see any indication of step 428. From the user's perspective, he is still in communication with the retailer and does not know of the clearinghouse's involvement in the transaction.

In step 430, the clearinghouse sends the requested digital work(s) to the media player on the customer access device. In one embodiment, the clearinghouse encrypts and watermarks the digital work(s) in step 430 before sending it. The encryption and the watermark are specific to the media player. Thus, only that specific media player can decrypt the digital work(s), and the watermark identifies that specific media player as the recipient of the digital work(s). Once the media player has received each digital work, it sends a receipt back to the clearinghouse. The clearinghouse receives this receipt, or a timeout, in step 432. If a receipt is received, the clearinghouse logs the transaction record to evidence the completed delivery. If a timeout occurs in step 432, the clearinghouse logs the transaction record with an indication that follow up with that specific media player is required to confirm the delivery. In step 434, the clearinghouse sends a transaction message to the appropriate provider. The transaction message includes a bill of sale. In one embodiment, the transaction message also includes electronic cash.

In step 436, -the clearinghouse converts the receipt (which is also evidence of the transaction) into an invoice and sends it to the retailer in a completion message. This invoice instructs the retailer to pay the clearinghouse for the delivery, and enables the retailer to bill the customer appropriately. In addition, the completion message instructs the retailer to retake control of the session, before the process returns to step 406 on FIG. 4 A.

In one embodiment, the invoice sent by the clearinghouse is for information purposes only. In this embodiment, the clearinghouse sends a single integrated invoice to the retailer at the end of each month. This single integrated invoice includes all of the transactions for all of the customers who purchased digital works through that retailer for the month. This invoice may be delivered electronically or through standard mail systems. In either case, the retailer benefits by having all of the transactions for multiple customers, over an extended period of time, integrated into a single invoice.

If some or all of the requested digital works are not available directly from the clearinghouse, this determination is made in step 424, and control passes to step 438, in which the clearinghouse sends an appropriate request and the transaction record to a provider. In one embodiment, the appropriate request includes digital work, customer, retailer, and related security information. The customer information includes both the clearinghouse's user identifier and the retailer's user identifier, however, the clearinghouse's user identifier is the key because this identifier ensures that users can be uniquely identified for billing purposes. In one embodiment, the clearinghouse's user identifier comes directly from the media player's internal serial number, thus billing occurs by media player. The retailer's user identifier is used as a reference to the transaction because it is generally more readable by people than the clearinghouse's user identifier.

In step 438, the clearinghouse passes control of the session to the provider before the process, moves on to step 440 on FIG. 4C. Referring now to FIG. 4C, in step 440 the provider checks a database to determine if the requested digital work(s) is available. If so, control passes to step 448. If not, control passes to step 442.

In step 442, the provider responds to the clearinghouse with the cause for failure and passes control of the session back to the clearinghouse. The clearinghouse updates its database as necessary in step 444. Then the clearinghouse sends a failure message to the retailer in step 446. The clearinghouse also returns control of the session to the retailer before the process returns to step 406 on FIG. 4A.

In step 448, the provider sends a fulfillment message to the clearinghouse. The fulfillment -message includes the transaction number, and lets the clearinghouse know that the provider is taking over the session with the customer's user interface on the customer access device.

In step 450, the clearinghouse sends a fulfillment message to the retailer. The fulfillment message includes the transaction number for tracking the transaction, and lets the retailer know that the provider is taking over the session with the customer's user interface on the customer access device.

In step 452, the provider connects with the customer access device and validates the media player. In one embodiment, this connection is done via HTTP and the validation is a quick request to the media player, which must respond with a pre-defined response within a pre-defined time. The user of the customer access device preferably does not see any indication of step 452. From the user's perspective, he is still in communication with the retailer and does not know of the provider's involvement in the transaction.

In step 454, the provider sends the requested digital work(s) to the media player on the customer-access device. In one embodiment, the provider encrypts and watermarks the digital work(s) in step 454 before sending it. The encryption and the watermark are specific to the media player. Thus, only that specific media player can decrypt the digital work(s), and the watermark identifies that specific media player as the recipient of the digital work(s).

When the digital work is a service, the provider sends a service started message to the clearinghouse in step 454. In one embodiment, the clearinghouse and the provider continue to send messages during the term of the customer's use of the service. This allows active billing for the service. In fact, in one embodiment, the customer is actively shown how much the use of the service is costing in real time.

Once the media player has received the digital work(s) (or the customer terminates the service), it sends a receipt(s) back to the provider. The provider receives this receipt(s), or a timeout, in step 456. Then in step 458, the provider sends a completion message to the clearinghouse. The completion message either includes the receipt(s) from the media player, or an indication of the timeout. In addition, in one embodiment, the completion message includes the provider's own record of what was delivered. The provider returns control of the session to the clearinghouse before the process proceeds to step 460 on FIG. 4D. Referring now to FIG. 4D, the clearinghouse receives the completion message and logs the transaction record to evidence the completed delivery in step 460. If the completion message indicates that a timeout occurred in step 456, the clearinghouse logs the transaction record with an indication that follow up with that specific media player is required to confirm the delivery. In addition, in one embodiment, the clearinghouse logs the provider's record of delivery as well and cross checks this record with the receipt from the media player.

In step 462, the clearinghouse converts the receipt (which is also evidence of the transaction) into an invoice and sends it to the retailer in a completion message. This invoice instructs the retailer to pay the clearinghouse for the delivery, and enables the retailer to bill the customer appropriately. In addition, the completion message instructs the retailer to retake control of the session, before the process returns to step 406 on FIG. 4A.

The process depicted in FIGS. 4A, 4B, 4C and 4D shows the general steps for delivering digital works according to one embodiment of the invention. Because this process enables the creation of a digital-works clearinghouse system for supporting financial

1 transactions, additional steps may be added to help ensure proper security and fail-safes are in place. For example, various parts of the system may crash from time to time. If the provider's system goes down during a transaction, this is identified by a timeout mechanism in the clearinghouse that follows up with the media player to check the extent to which the transaction was carried out. If both the provider's system and the media player go down, the clearinghouse utilizes a roll-back mechanism in the media player to recover transaction

^* information once the media player reconnects with the clearinghouse. Those skilled in the relevant art(s) will understand how to implement these additional steps to ensure proper security and fail-safes given the disclosure herein. By creating a transaction protocol that delineates the information that must be provided between the digital-works retailer and the digital-works provider, the present invention eliminates the need for different software interfaces for each seller of digital works.

In one embodiment, the parameters that go into the various communications described above are as follows:

User Presents to the retail site:

User ID bhunter

Password crazyl23xyz

Browser Media Player ID 0123456789abcdef ( 128 bits) Browser/Media Player Digital Certificate 0123456789abcdef (128 bits)

Retailer Site Presents to Clearinghouse:

Retailer Account Number 01234567(64 bits)

Retailer Digital Certificate 0.123456789abcdef (128 bits) Session ID 0123456789abcdef0123456789abcdef (256 bits)

Browser Media Player ID 0123456789abcdef (128 bits)

Producer Account Number 01234567(64 bits)

Producer Service Number 0123(32 bits) Clearinghouse responds to Retailer:

Transaction ID 456xxx67777xyAZCVBBV (1024 bits)

Status Message IN PROGRESS (32 bytes)

COMPLETED FAILED USAGE CHARGES

Message Data ASP server down ( 128 bytes) Clearinghouse Presents to Provider (ASP/CSPV.

Transaction ID 456xxx67777xyAZCVBBV (1024 bits) Browser/Media Player ID 0123456789abcdef ( 128 bits)

Provider responds to Clearinghouse: Transaction ID 456xxx67777xyAZCVBBV (1024 bits) Status Message IN PROGRESS (32 bytes) TRANSACTION COMPLETED

Message Data ASP server down (128 bytes)

Provider asks Browser/Media Player: Browser/Media Player ID 0123456789abcdef ( 128 bits)

Browser/Media Player Digital Certificate 0123456789abcdef (128 bits) Provider sends to Browser/Media Player:

Transaction ID 456xxx67777xyAZCVBBV (1024 bits)

Browser/Media Player to Provider: Transaction ID 456xxx67777xyAZCVBBV (1024 bits) Status Message DONE (32 bytes) DEVICE FAILURE RECONNECTING AFTER FAILURE

Message Data Cause of failure ( 128 bytes)

TransactionID = USER ACC NUM + RETAILER ACC NUM + SESSION ID + PROVIDER ACC NUM + PROVIDER SRVC ID + CLEARINGHOUSE ID + CLEARINGHOUSE TRANS NUM + DATE TIME STAMP USER ACC NUM 8 bytes

REATILERACC NUM 8 bytes

SESSION ID 32 bytes

PROVIDER ACC NUM 8 bytes

PROVIDER SRVC NUM 4 bytes CLEARINGHOUSE ID 4 bytes

CLEARINGHOUSE TRANS NUM 60 bytes

DATE TIME 4 bytes

TOTAL 128 bytes

In addition, as mentioned previously, in one embodiment, all communications are implemented using SSL.

While various embodiments of the present invention have been described above, it should be understood that they have been presented by way of example only, and not limitation. It is to be understood that the description and drawings represent the presently preferred embodiment of the invention and are, as such, representative of the subject matter which is broadly contemplated by the present invention.

Furthermore-, the scope of the present invention fully encompasses other embodiments that may become obvious to those skilled in the relevant art(s). For example, reference characters used to designate claim steps are provided for convenience of description only, and are not intended to imply any particular order for performing the steps. Thus, the breadth and scope of the present invention should not be limited by any of the above-described exemplary embodiments, but should be defined only in accordance with the following claims and their equivalents.

Claims

What is claimed is: 1. A method of enabling electronic sales by retailers of digital works owned by third parties, the method comprising providing a digital-works clearinghouse configured to communicate via a computer network and designed to coordinate sales and deliveries of digital works to authorized customer access devices, whereby a retailer is enabled to bill a customer for a digital work delivered electronically to a customer access device by a third party.

2. The method of claim 1, further comprising the step of authorizing the customer access devices.

3. The method of claim 2, wherein the digital work is encrypted in real time before electronic delivery.

4. The method of claim 3, wherein the authorizing step comprises providing a decryption key to a user interface component of one of the customer access devices, thereby enabling the user interface component to decrypt the encrypted digital work delivered electronically.

5. The method of claim 4, wherein the digital work is watermarked in real time before electronic delivery.

6. The method of claim 5, further comprising the step of providing a retailer record-generation system for enabling retailers to create a record that references the digital work.

7. The method of claim 6, wherein the record is a hyperlink that initiates a digital-work request when selected by the customer.

8. The method of claim 1, wherein the computer network is the Internet, and wherein the digital-works clearinghouse is further designed to coordinate passing of a session identifier such that the encrypted digital work is delivered electronically to the customer without the customer realizing that the retailer is not delivering the digital work itself.

14

9. The method of claim 8, wherein the user interface component comprises: a Web browser; and a media player plug-in.

10. The method of claim 9, wherein the digital- works clearinghouse communicates using HTTP.

11. The method of claim 9, wherein the digital-works clearinghouse communicates using HTTPS.

12. The method of claim 9, wherein the digital- works clearinghouse communicates using HTTP-NG.

13. The method of claim 1, wherein the digital work comprises a digital file.

14. The method of claim 13 , wherein the digital file comprises an audio file in a specified format.

15. The method of claim 14, wherein the specified format is an industry promulgated format.

16. The method of claim 13, wherein the digital file comprises an electronic book.

17. The method of claim 13, wherein the digital file comprises a video.

18. The method of claim 13, wherein the digital file comprises an image.

19. The method of claim 13, wherein the digital file comprises software.

20. The method of claim 1 , wherein the third party is a manager of the digital- works clearinghouse.

21. The method of claim 1, wherein the digital work comprises a software service.

I

22. The method of claim 21 , wherein the software service comprises a financial planning service.

23. The ^"method of claim 21, wherein the software service comprises a calendaring service.

24. The method of claim 1 , wherein the digital work comprises an entertainment service.

25. The method of claim 24, wherein the entertainment service comprises a music . service.

26. In a system for electronic distribution of digital works via a computer network, a method of supporting electronic sales of digital works or licenses to use digital works, the method comprising: receiving a request for a digital work from a retailer; determining if the digital work is available; generating a transaction record if the digital work is available; initiating transmission of the digital work to a customer access device identified in the request; finalizing the transaction record; and transmitting an invoice to the retailer, thereby enabling the retailer to bill a customer associated with the customer access device for the delivered digital work.

27. The method of claim 26, wherein the determining step comprises checking a digital-works database for a record of the digital work.

28. The method of claim 27, further comprising the step of maintaining the digital-works database.

29. The method of claim 26, further comprising: confirming availability of the digital work with the retailer; and creating the invoice from the transaction record.

30. The method of claim 26, wherein the initiating step comprises: checking a local cache for the digital work; sending the digital work to the customer access device if the digital work is in the local cache; and sending a request for the digital work to a provider if the digital work is not in the local cache.

31. The method of claim 30, wherein the checking step only occurs if the digital work is a discreet piece of digital content, and wherein the local cache does not contain any digital works that are digital application services.

32. The method of claim 30, wherein the sending the digital work step comprises: connecting with the customer access device; verifying a media player; encrypting the digital work before transmission; and adding a watermark to the digital work before transmission.

33. The method of claim 30, wherein the finalizing step comprises: receiving a receipt for delivery of the digital work; cross-checking delivery information from the provider with delivery information from a media player if both sets of information are available; and obtaining delivery information from the media player at a later time if both sets of ^' information are not currently available.

34. The method of claim 33, wherem the retailer is a retailer Web site, the provider is a provider Web site, the media player is a plug-in to a Web browser, and the request for the digital work is an HTTP message.

35. In a system for electronic distribution of digital works via a computer network, a method of selling digital works owned by others, the method comprising:

11 providing a digital-works transfer system that includes a list of digital works and enables customers to electronically acquire a digital work for a fee; receiving requests for digital works on the list; identifying an original request for a digital work that is not immediately available through the digital-works transfer system; creating a new request for the digital- work, the new request including customer identification information for a customer access device, which generated the original request; transmitting the new request to a digital-works clearinghouse; receiving an invoice for delivery of the digital work if the digital- works clearinghouse fulfilled the new request; and billing the customer for the digital work.

36. The method of claim 35, wherein the digital- works transfer system enables both acquisitions that are purchases and acquisitions that are temporary licenses to use.

37. The method of claim 35, wherein the digital-works transfer system is a Web site system.

38. A computer-implemented digital-works clearinghouse system comprising: a digitalt-works retailer having a user presentation that includes a control-input, which is associated with a digital work that is associated with a digital-works provider, the digital-works provider being separate from the digital-works retailer, and the digital-works retailer being configured such that selection of the control-input by a user causes the digital-works retailer to transmit a message to a digital-works clearinghouse; the digital-works clearinghouse being designed to coordinate digital-works transactions such that receipt of the message causes transmission of the digital work without the user leaving the user presentation, and the digital- works clearinghouse being configured to communicate with the digital-works retailer and the digital- works provider via a computer network; and a media player designed to enable presentation of the digital work, the media player being configured to communicate with the digital-works clearinghouse, the digital- works retailer and the digital- works provider via the computer network.

39. The system of claim 38, wherein the transmission of the digital work is done using real-time encryption and watermarking.

40. The system of claim 39, wherein the digital-works clearinghouse is further designed such that it collects and cross-checks billing information, and generates an invoice for transmission to the digital- works retailer upon a successful delivery of the digital work.

41. The system of claim 40, wherein the user presentation is a set of Web pages, and wherein the control-input is a submit button on an HTML form.

42. The system of claim 41 , wherein the digital work is an audio file.

43. The system of claim 42, wherein the audio file is in an industry promulgated format.

44. The system of claim 38, wherein the digital- works clearinghouse is further configured to communicate with the digital-works providers via a second computer network.

45. A digital-works clearinghouse comprising: a database, which stores information relating to digital-works retailers and digital- • works providers; and a server configured to coordinate digital-works transactions such that, when a digital- work request message is received, the server causes transmission of a digital work, which is not associated with a request-generating digital-works retailer, to a user without the user leaving a user presentation preferred by the request- generating digital-works retailer.

1Q

46. The digital- works clearinghouse of claim 45, wherein the user presentation comprises a Web page, and the digital- work request message comprises an HTTP message.

47. A method of enabling an electronic sale of a digital work by an on-line retailer comprising: receiving a request for a digital work from a retailer; determining whether the digital work is stored in a local database; if the digital work is stored in the local database, transmitting the digital work to a customer access device without revealing that the digital work is not being transmitted directly from the retailer; if the digital work is not stored in the local database, determining whether the work is available from a third party; and if the digital work is available from a third party, instructing the third party to provide the digital work to the customer access device without revealing that the digital work is not being provided directly by the retailer.

4f>