WO2001030041A2 - System and method for secure data handling over a network - Google Patents

System and method for secure data handling over a network Download PDF

Info

Publication number
WO2001030041A2
WO2001030041A2 PCT/CA2000/001218 CA0001218W WO0130041A2 WO 2001030041 A2 WO2001030041 A2 WO 2001030041A2 CA 0001218 W CA0001218 W CA 0001218W WO 0130041 A2 WO0130041 A2 WO 0130041A2
Authority
WO
WIPO (PCT)
Prior art keywords
key
data
rules
encrypted
payload data
Prior art date
Application number
PCT/CA2000/001218
Other languages
French (fr)
Other versions
WO2001030041A3 (en
Inventor
George J. Tomko
Original Assignee
Tomko George J
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tomko George J filed Critical Tomko George J
Priority to AU78959/00A priority Critical patent/AU7895900A/en
Publication of WO2001030041A2 publication Critical patent/WO2001030041A2/en
Publication of WO2001030041A3 publication Critical patent/WO2001030041A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Definitions

  • This invention relates to a method, system, receiver, and data structure for the controlled use of data.
  • the Internet is used as a source of data and for electronic commerce.
  • One of the drawbacks of the Internet is the inability of data providers to control data on the Internet even though such data may comprise intellectual property (e.g., copyright material) or personal data. Even if data is encrypted and a key for decryption provided only once a user pays a fee, once decrypted by the user, multiple copies of the "plain text" data may readily be made without knowledge of the data provider. This problem arises even with the use of data metering schemes since such schemes may be defeated without great difficulty. Thus, while personal and proprietary data have value, a method to securely handle the use of valued data in cyberspace does not exist. Accordingly, much of the data on the Internet is freely available even though some of this data could have an economic value if its use could be controlled.
  • the present invention provides a data structure which may be analogised to a biological cell.
  • the nucleus comprises encrypted payload data components, the cytoplasm, rules for decryption, and the cell wall, a plain text description of the payload data and a digest created at least in part from the plain text description.
  • a special purpose receiver uses the plain text description and digest in checking the genuineness of the cell and will only decrypt data in the cell in accordance with the rules for decryption. In some embodiments, the receiver outputs only drive voltages, rather than the decrypted data itself.
  • a method for the controlled use of payload data on a network comprising: receiving encrypted payload data; receiving an encrypted rules key, said rules key encrypted with a public key; receiving control data, said control data comprising rules for decryption of said payload data; decrypting said rules key with a private key paired with said public key; and decrypting said encrypted payload data utilising said decrypted rules key in accordance with said rules for decryption.
  • a method for the controlled use of payload data comprising: receiving payload data, verification data, and an encrypted verification digest; receiving a hash algorithm for verification; hashing said received verification data with said hash algorithm to obtain a derived verification digest; receiving a digest key; decrypting said encrypted verification digest with said digest key; and comparing said derived verification digest with said decrypted verification digest to determine whether said payload data is genuine.
  • a method for the controlled use of payload data comprising: establishing a temporary rules key; encrypting each of a plurality of payload data components with said rules key; receiving a request for certain data components; receiving a key; encrypting said rules key with said received key; sending said encrypted rules key and encrypted payload data components represented by said request.
  • a receiver for the controlled use of payload data comprising; a persistent memory for storing a secret key and an identification number; a volatile memory for temporarily storing decrypted payload data; an interface to a data network; an interface for outputting signals in response to contents of said volatile memory; a processor for: receiving encrypted payload data; receiving control data comprising a payload data key and rules for decryption of said payload data; decrypting said encrypted rules key with said secret key; decrypting said encrypted payload data with said decrypted rules key in accordance with said rules for decryption; and passing said decrypted payload data to said interface.
  • a transmitter comprising: means for establishing a temporary rules key; means for encrypting each of a plurality of payload data components with said rules key; means for receiving a request for certain data components; means for receiving a key; means for encrypting said rules key with said received key; means for sending said encrypted rules key and encrypted payload data components represented by said request.
  • a data structure comprising: a plurality of components of encrypted payload data; for each of said plurality of encrypted payload data components, rules data providing rules for decryption; a plain text description of said plurality of encrypted payload data components and a digest created at least in part from said plain text description.
  • a method of initialising a data access and control device having an identification number stored in secure memory comprising: on receiving an initialisation request, utilising a random number generator to construct a public/private key pair; outputting said identification number and said public key; and storing said private key in said secure memory.
  • the present invention allows individuals to specify uses for their data and have protections against use of the data in any other way, even though they are not physically present when the data is being used. Also, an individual can place a value on their data and receive payment of the specified amount each time the data is used.
  • a data owner can circulate copies of its data on a network such as the Internet but control use of the data so as to create a revenue generating entity.
  • a network such as the Internet
  • use of proprietary data such as videos, music and software can be restricted in a manner specified by the owner and protections are provided against illegitimate copying.
  • the present invention has application in protecting copyright, in protecting personal privacy, and in generating revenue.
  • figure 1 is a schematic diagram of a system made in accordance with this invention
  • figure 2 is a schematic diagram detailing a portion of figure 1
  • figure 3 is a schematic illustration of a data structure used in the system of figure 1
  • figures 4A,4B, and 4C are flow diagrams for a portion of the system of figure 1
  • figure 5 is a schematic illustration of another data structure used in the system of figure 1
  • figure 6 is a flow diagram for another portion of the system of figure 1.
  • a system 10 for the controlled use of data comprises servers 12a, 12b, computers 14a, 14b, and a certification authority (CA) 15 connected to a network 16.
  • the network may be a public network, such as the Internet.
  • Data may be uploaded to a server 12a by a terminal 18 associated therewith.
  • a card docking station 20 is connected to computer 14 via data path 22 and to an output system 26 via lines 24a, 24b.
  • the output system may be an audio system or a liquid crystal display (LCD).
  • the docking station may receive a data access and control card 30.
  • card 30 is detailed in figure 2.
  • card 30 comprises a user interface 34 and an output interface 36 (which can include digital to analog conversion circuitry).
  • the user interface is connected to path 22 and the output interface is connected to lines 24a, 24b.
  • Card 30 also comprises a persistent memory 40, a volatile memory 42, and a random number generator 44, each connected to a processor 50.
  • the processor 50 also connects to each of the interfaces 34 and 36.
  • the persistent memory and some appropriate circuitry within card 30 may comprise a field programmable mixed signal array (FPMA) in which a private key and a card identification number is stored.
  • FPMA field programmable mixed signal array
  • card 30 may be considered a smart card.
  • the set up required to use the system 10 is described from the perspective of the data provider and the data user.
  • a data provider creates a data structure patterned after a biological cell, as follows.
  • the data provider first divides valued data (payload data) into economic components and encrypts each component with a secret (i.e., symmetric) key. This results in encrypted payload data components 82a, 82b, 82c which may be considered the "nucleus" of a "cell" 80.
  • the data provider constructs rules for the use of the data of each component. These rules are encrypted by the secret key of the data provider to obtain a control component 84 associated with the encrypted payload data components as "cell cytoplasm".
  • the data provider associates "metadata" 86 with the encrypted payload data components.
  • This metadata comprises (i) a plain text portion 87 identifying the data provider and describing the payload data and, possibly, its rules and cost of use (as will become apparent, portion 87 also acts as verification data) and (ii) an encrypted digest 88 for use by a user in verifying she has reached a genuine data provider.
  • the digest is created by passing the plain text portion 87 through a one-way hash algorithm.
  • the digest is then encrypted by the data provider's private (asymmetric) key.
  • the metadata may be considered as the "cell wall", which is visible to the outside world.
  • the "cell” 80 may reside on a server 12a, 12b or the cell may be contained in an intelligent agent structure such that the cell may circulate on the network 16.
  • the data provider publishes (possibly through a certification authority) the hash algorithm and a public key which is paired with the data provider's private key.
  • a prospective user of payload data may obtain a data access and control card 30 from certification authority 15 (or an affiliated agency).
  • the card has an identification number in its persistent memory 40.
  • processor 50 operating under an appropriate algorithm, in conjunction with random number generator 44, generates a public/private key pair.
  • the private key is stored within the secure environment of persistent memory 40 and is never made public.
  • the public key and identification number are output to the certification authority which keeps the public key in association with the identification number.
  • each data provider and each card has a public/private (asymmetric) key pair.
  • a user of a computer 14a may employ a web browser for network 16 to download the metadata 86 of the cell 80. If, after review of the plain text portion 87 of the metadata, the user wishes to obtain one of the payload data components of cell 80, the user may insert her card 30 in docking station 20 and download the metadata 86 to the user interface 34 of the card 30 on path 22.
  • processor 50 of card 30 receives this information (S102) and then verifies that the cell 80 was created by the data provider identified in the metadata, as follows. The processor first obtains the hash algorithm and public key published for the data provider identified with the cell (S104).
  • the algorithm and key may be obtained by the user from a published source using the identity of the data provider in the plain text portion of the metadata and passed to the card 30 via the user interface 34.
  • the processor then hashes the plain text portion of the metadata into a new digest (S106) and uses the data provider's public key to decipher the encrypted digest received with the metadata (S108).
  • the decrypted digest and new digest are then compared (SI 10). If they match, the metadata obtained is considered to be genuinely from the data provider indicated in the plain text portion.
  • the processor 50 therefore sends an indication of this to the user via user interface 34 (SI 12); otherwise a non-match indication is sent (Sill).
  • the user may then use computer 14 to send a request for certain payload data components in the cell 80 to server 12a.
  • the user may also be required to stipulate intended usage of the requested payload data. Any payment stipulated by the plain text portion of the metadata may also be sent, either to the server if this may be accomplished in some secure fashion, or via a separate secure network (such as a telephone network).
  • the computer also prompts the card 30 to provide its identification number. More particularly, referencing figure 4B, the processor 50 of the card 30, upon receiving this prompt (SI 14), retrieves the identification number of the card from memory 40 (SI 18) and passes this number to computer 14 for transmission to server 12a (S120).
  • server 12a constructs a "daughter" cell 80a (figure 5) from "master” cell 80 (figure 3) for transmission to computer 14a, as follows.
  • the encrypted payload data component(s) for the requested data say component 82a
  • S202 data provider's private key
  • Each of these components is then re-encrypted with a temporary symmetric rules key which is created by the server especially for the purpose of the data transaction.
  • rules for the use of the requested data may be encrypted with the rules key (S204).
  • the usage rules encrypted by the rules key comprise an encrypted control component 84a associated with the encrypted data component 82a.
  • the server 12a queries the certification authority 15 with the card's identification number over network 16 (or over another network) (S206). The certification authority returns the public key associated with this identification number. Server 12a uses the card's public key to encrypt the rules key to obtain an encrypted rule key 90 (S210). Lastly, the server obtains subsidiary metadata 86a comprising plain text, which may describe the data sent and which identifies the data provider, along with an encrypted digest. In this case, the digest is created from the complete daughter cell 80a (by passing the entire daughter cell through the one-way hash algorithm); the digest is then encrypted by the data provider's private key (S212). The encrypted data component 82a, control component 84a, subsidiary metadata 86a, and the encrypted rules key 90 comprise the daughter cell 80a which is sent to computer 14a (S214).
  • Computer 14a passes the daughter cell 80a to card 30.
  • the processor 50 of the card first verifies that the entire cell is genuine using the digest included in subsidiary metadata 86a and the published hash algorithm and public key of the data provider, as described before (S128).
  • the processor next obtains the card's private key from persistent memory 40 to decrypt the encrypted rules key 90 (SI 30).
  • the rules key is then used to decrypt the rules and the data key of control component 84a.
  • the processor 50 then decrypts the encrypted payload data component 82a using the key of component 84a in accordance with the rules of component 84a. In part, these rules may enforce the rules initially described to the user in the plain text portion 87 of the metadata of the master cell 80.
  • the rules could specify the length of time the data may be used or how many times it can be used. Also, the rules could specify that the data be output only in audio form or only as text on a CRT display. In addition, for personal data, the rules can specify that the personal identifying information never be output together with certain pieces of data that the owner considers sensitive.
  • the decrypted data is temporarily stored in volatile memory 42 and passed to output interface 36 such that, as data is passed to the output interface, that data is not retained in the volatile memory (SI 34).
  • the output interface may comprise an interface which receives a textual data input and outputs analog (or digital) drive voltages on two or more lines for an analog (or digital) LCD tablet.
  • the output system 26 is such a tablet and the card is designed for handling textual data. Assuming then that the data output to the output interface is text of a book, the output interface will drive the LCD tablet to display pages of the book.
  • the output interface may comprise an audio interface designed to receive digitally encoded music or digital text and output left and right audio voltages on two (or more) lines.
  • the output system 26 could comprise a speaker preamplifier.
  • card 30 could have both interfaces and appropriate switching for use of the proper interface.
  • the card could be used to allow for either the display or audio presentation of a book.
  • the output system 26 may be a digital storage device and the output interface 36 may output decrypted data on a digital line to the storage device. This digital data would be stripped of any association with the data provider. In this way, non-identifying data from many data providers may be obtained for data mining, and the data providers compensated for provision of the data.
  • the decrypted data is software.
  • the output system 26 may be a dumb terminal.
  • the processor 50 on decryption of the software, establishes a fast logical connection between itself and the dumb terminal allowing execution of the software in its volatile memory 42 by processor 50 while the connection persists. (It may be possible to omit the output interface 36 in this embodiment and employ the computer 14a as the dumb terminal via user interface 34.)
  • each component may be encrypted with a different temporary symmetric data key.
  • the temporary data keys are encrypted with the temporary symmetric rules key and these encrypted temporary data keys become part of the control component of the daughter cell.
  • the rules in the control component of the daughter cell are not encrypted.
  • Data in a daughter cell has been described as being encrypted with a symmetric (secret) temporary key, which symmetric key is encrypted by a public key of a card.
  • the reason for this approach rather than an approach of encrypting the data itself with the card's public key is the slowness of decryption algorithms for asymmetric keys.
  • An advantage of the described system is that a user will never know her private key.
  • a user may use their card with any computer 14 of system 10.
  • the docking station may be part of computer 14a rather than a separate component.
  • a computer 14a operating with a card acts as a special purpose receiver.
  • a special purpose communication device such as a digital phone could use the described encryption scheme to ensure private communications.
  • a PCMIA or other suitable device capable of providing the described functionality may be used.

Abstract

To facilitate the controlled use of information in a public network, data comprising verification data, an encrypted verification digest, and payload data representing information may be received along with a hash algorithm for verification. The received verification data is hashed with the hash algorithm to obtain a derived verification digest. A digest key is received and used for decrypting the encrypted verification digest. Then the derived verification digest may be compared with said decrypted verification digest to determine whether the payload data is genuine.

Description

SYSTEM AND METHOD FOR SECURE DATA HANDLING OVER A NETWORK
FIELD OF THE INVENTION
This invention relates to a method, system, receiver, and data structure for the controlled use of data.
BACKGROUND OF THE INVENTION
Increasingly the Internet is used as a source of data and for electronic commerce. One of the drawbacks of the Internet is the inability of data providers to control data on the Internet even though such data may comprise intellectual property (e.g., copyright material) or personal data. Even if data is encrypted and a key for decryption provided only once a user pays a fee, once decrypted by the user, multiple copies of the "plain text" data may readily be made without knowledge of the data provider. This problem arises even with the use of data metering schemes since such schemes may be defeated without great difficulty. Thus, while personal and proprietary data have value, a method to securely handle the use of valued data in cyberspace does not exist. Accordingly, much of the data on the Internet is freely available even though some of this data could have an economic value if its use could be controlled.
Therefore, there is a need for approaches which allow for controlling the use of data on networks.
SUMMARY OF THE INVENTION
The present invention provides a data structure which may be analogised to a biological cell. The nucleus comprises encrypted payload data components, the cytoplasm, rules for decryption, and the cell wall, a plain text description of the payload data and a digest created at least in part from the plain text description. A special purpose receiver uses the plain text description and digest in checking the genuineness of the cell and will only decrypt data in the cell in accordance with the rules for decryption. In some embodiments, the receiver outputs only drive voltages, rather than the decrypted data itself.
According to the present invention, there is provided a method for the controlled use of payload data on a network, comprising: receiving encrypted payload data; receiving an encrypted rules key, said rules key encrypted with a public key; receiving control data, said control data comprising rules for decryption of said payload data; decrypting said rules key with a private key paired with said public key; and decrypting said encrypted payload data utilising said decrypted rules key in accordance with said rules for decryption.
According to another aspect of the present invention, there is provided a method for the controlled use of payload data, comprising: receiving payload data, verification data, and an encrypted verification digest; receiving a hash algorithm for verification; hashing said received verification data with said hash algorithm to obtain a derived verification digest; receiving a digest key; decrypting said encrypted verification digest with said digest key; and comparing said derived verification digest with said decrypted verification digest to determine whether said payload data is genuine.
According to a further aspect of the invention, there is provided a method for the controlled use of payload data, comprising: establishing a temporary rules key; encrypting each of a plurality of payload data components with said rules key; receiving a request for certain data components; receiving a key; encrypting said rules key with said received key; sending said encrypted rules key and encrypted payload data components represented by said request.
In an aspect of the present invention, there is provided a receiver for the controlled use of payload data, comprising; a persistent memory for storing a secret key and an identification number; a volatile memory for temporarily storing decrypted payload data; an interface to a data network; an interface for outputting signals in response to contents of said volatile memory; a processor for: receiving encrypted payload data; receiving control data comprising a payload data key and rules for decryption of said payload data; decrypting said encrypted rules key with said secret key; decrypting said encrypted payload data with said decrypted rules key in accordance with said rules for decryption; and passing said decrypted payload data to said interface.
According to a further aspect of the invention, there is provided a transmitter, comprising: means for establishing a temporary rules key; means for encrypting each of a plurality of payload data components with said rules key; means for receiving a request for certain data components; means for receiving a key; means for encrypting said rules key with said received key; means for sending said encrypted rules key and encrypted payload data components represented by said request.
According to another aspect of the invention, there is provided a data structure comprising: a plurality of components of encrypted payload data; for each of said plurality of encrypted payload data components, rules data providing rules for decryption; a plain text description of said plurality of encrypted payload data components and a digest created at least in part from said plain text description.
According to yet a further aspect of the invention, there is provide a method of initialising a data access and control device having an identification number stored in secure memory, comprising: on receiving an initialisation request, utilising a random number generator to construct a public/private key pair; outputting said identification number and said public key; and storing said private key in said secure memory.
The present invention allows individuals to specify uses for their data and have protections against use of the data in any other way, even though they are not physically present when the data is being used. Also, an individual can place a value on their data and receive payment of the specified amount each time the data is used.
With the present invention, a data owner can circulate copies of its data on a network such as the Internet but control use of the data so as to create a revenue generating entity. Thus, with this invention, use of proprietary data such as videos, music and software can be restricted in a manner specified by the owner and protections are provided against illegitimate copying.
The present invention has application in protecting copyright, in protecting personal privacy, and in generating revenue.
BRIEF DESCRIPTION OF THE DRAWINGS
In the figures which disclose an example embodiment of the invention, figure 1 is a schematic diagram of a system made in accordance with this invention, figure 2 is a schematic diagram detailing a portion of figure 1 , figure 3 is a schematic illustration of a data structure used in the system of figure 1 , figures 4A,4B, and 4C are flow diagrams for a portion of the system of figure 1 , figure 5 is a schematic illustration of another data structure used in the system of figure 1, and figure 6 is a flow diagram for another portion of the system of figure 1.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
With reference to figure 1, a system 10 for the controlled use of data comprises servers 12a, 12b, computers 14a, 14b, and a certification authority (CA) 15 connected to a network 16. The network may be a public network, such as the Internet. Data may be uploaded to a server 12a by a terminal 18 associated therewith. A card docking station 20 is connected to computer 14 via data path 22 and to an output system 26 via lines 24a, 24b. By way of example, the output system may be an audio system or a liquid crystal display (LCD). The docking station may receive a data access and control card 30.
Card 30 is detailed in figure 2. Turning to figure 2 along with figure 1, card 30 comprises a user interface 34 and an output interface 36 (which can include digital to analog conversion circuitry). When the card is docked in docking station 20 the user interface is connected to path 22 and the output interface is connected to lines 24a, 24b. Card 30 also comprises a persistent memory 40, a volatile memory 42, and a random number generator 44, each connected to a processor 50. The processor 50 also connects to each of the interfaces 34 and 36. The persistent memory and some appropriate circuitry within card 30 (such as processor 50) may comprise a field programmable mixed signal array (FPMA) in which a private key and a card identification number is stored. As will be appreciated by those skilled in the art, information stored in an FPMA is virtually impossible to obtain by unauthorised probing. In view of processor 50 in card 30, card 30 may be considered a smart card.
The set up required to use the system 10 is described from the perspective of the data provider and the data user.
With reference to figure 3, a data provider creates a data structure patterned after a biological cell, as follows. The data provider first divides valued data (payload data) into economic components and encrypts each component with a secret (i.e., symmetric) key. This results in encrypted payload data components 82a, 82b, 82c which may be considered the "nucleus" of a "cell" 80. The data provider constructs rules for the use of the data of each component. These rules are encrypted by the secret key of the data provider to obtain a control component 84 associated with the encrypted payload data components as "cell cytoplasm". Lastly, the data provider associates "metadata" 86 with the encrypted payload data components. This metadata comprises (i) a plain text portion 87 identifying the data provider and describing the payload data and, possibly, its rules and cost of use (as will become apparent, portion 87 also acts as verification data) and (ii) an encrypted digest 88 for use by a user in verifying she has reached a genuine data provider. The digest is created by passing the plain text portion 87 through a one-way hash algorithm. The digest is then encrypted by the data provider's private (asymmetric) key. The metadata may be considered as the "cell wall", which is visible to the outside world. The "cell" 80 may reside on a server 12a, 12b or the cell may be contained in an intelligent agent structure such that the cell may circulate on the network 16.
The data provider publishes (possibly through a certification authority) the hash algorithm and a public key which is paired with the data provider's private key.
Returning to figures 1 and 2, a prospective user of payload data may obtain a data access and control card 30 from certification authority 15 (or an affiliated agency). The card has an identification number in its persistent memory 40. During initialisation of the card, processor 50 operating under an appropriate algorithm, in conjunction with random number generator 44, generates a public/private key pair. The private key is stored within the secure environment of persistent memory 40 and is never made public. The public key and identification number are output to the certification authority which keeps the public key in association with the identification number.
From the foregoing, it will be apparent that each data provider and each card has a public/private (asymmetric) key pair.
Assuming a cell 80 resides on server 12a, in operation, a user of a computer 14a may employ a web browser for network 16 to download the metadata 86 of the cell 80. If, after review of the plain text portion 87 of the metadata, the user wishes to obtain one of the payload data components of cell 80, the user may insert her card 30 in docking station 20 and download the metadata 86 to the user interface 34 of the card 30 on path 22. With reference to figure 4A along with figures 1 to 3, processor 50 of card 30 receives this information (S102) and then verifies that the cell 80 was created by the data provider identified in the metadata, as follows. The processor first obtains the hash algorithm and public key published for the data provider identified with the cell (S104). The algorithm and key may be obtained by the user from a published source using the identity of the data provider in the plain text portion of the metadata and passed to the card 30 via the user interface 34. The processor then hashes the plain text portion of the metadata into a new digest (S106) and uses the data provider's public key to decipher the encrypted digest received with the metadata (S108). The decrypted digest and new digest are then compared (SI 10). If they match, the metadata obtained is considered to be genuinely from the data provider indicated in the plain text portion. The processor 50 therefore sends an indication of this to the user via user interface 34 (SI 12); otherwise a non-match indication is sent (Sill).
The user may then use computer 14 to send a request for certain payload data components in the cell 80 to server 12a. The user may also be required to stipulate intended usage of the requested payload data. Any payment stipulated by the plain text portion of the metadata may also be sent, either to the server if this may be accomplished in some secure fashion, or via a separate secure network (such as a telephone network). When a request for payload data is sent, the computer also prompts the card 30 to provide its identification number. More particularly, referencing figure 4B, the processor 50 of the card 30, upon receiving this prompt (SI 14), retrieves the identification number of the card from memory 40 (SI 18) and passes this number to computer 14 for transmission to server 12a (S120).
With reference to figure 6 along with figures 1 to 3 and 5, when a request for data is received by the server 12a, if proper payment is also received, server 12a constructs a "daughter" cell 80a (figure 5) from "master" cell 80 (figure 3) for transmission to computer 14a, as follows. The encrypted payload data component(s) for the requested data, say component 82a, is retrieved and decrypted with the data provider's private key (S202). Each of these components is then re-encrypted with a temporary symmetric rules key which is created by the server especially for the purpose of the data transaction. As well, rules for the use of the requested data may be encrypted with the rules key (S204). The usage rules encrypted by the rules key comprise an encrypted control component 84a associated with the encrypted data component 82a.
The server 12a then queries the certification authority 15 with the card's identification number over network 16 (or over another network) (S206). The certification authority returns the public key associated with this identification number. Server 12a uses the card's public key to encrypt the rules key to obtain an encrypted rule key 90 (S210). Lastly, the server obtains subsidiary metadata 86a comprising plain text, which may describe the data sent and which identifies the data provider, along with an encrypted digest. In this case, the digest is created from the complete daughter cell 80a (by passing the entire daughter cell through the one-way hash algorithm); the digest is then encrypted by the data provider's private key (S212). The encrypted data component 82a, control component 84a, subsidiary metadata 86a, and the encrypted rules key 90 comprise the daughter cell 80a which is sent to computer 14a (S214).
Computer 14a passes the daughter cell 80a to card 30. Turning to figure 4C, on obtaining the daughter cell, the processor 50 of the card first verifies that the entire cell is genuine using the digest included in subsidiary metadata 86a and the published hash algorithm and public key of the data provider, as described before (S128). The processor next obtains the card's private key from persistent memory 40 to decrypt the encrypted rules key 90 (SI 30). The rules key is then used to decrypt the rules and the data key of control component 84a. The processor 50 then decrypts the encrypted payload data component 82a using the key of component 84a in accordance with the rules of component 84a. In part, these rules may enforce the rules initially described to the user in the plain text portion 87 of the metadata of the master cell 80. For example, the rules could specify the length of time the data may be used or how many times it can be used. Also, the rules could specify that the data be output only in audio form or only as text on a CRT display. In addition, for personal data, the rules can specify that the personal identifying information never be output together with certain pieces of data that the owner considers sensitive.
The decrypted data is temporarily stored in volatile memory 42 and passed to output interface 36 such that, as data is passed to the output interface, that data is not retained in the volatile memory (SI 34).
The output interface may comprise an interface which receives a textual data input and outputs analog (or digital) drive voltages on two or more lines for an analog (or digital) LCD tablet. In such case, the output system 26 is such a tablet and the card is designed for handling textual data. Assuming then that the data output to the output interface is text of a book, the output interface will drive the LCD tablet to display pages of the book.
Alternatively, the output interface may comprise an audio interface designed to receive digitally encoded music or digital text and output left and right audio voltages on two (or more) lines. In such case, the output system 26 could comprise a speaker preamplifier.
Optionally, card 30 could have both interfaces and appropriate switching for use of the proper interface. In such instance, the card could be used to allow for either the display or audio presentation of a book.
The advantage of this arrangement is that only analog (or digital) drive voltages are output from docking station 20, which are much less easily pirated than digital data signals. Further, a pirated recording of drive voltages would only be useful with the proper special purpose output system.
In a further embodiment, the output system 26 may be a digital storage device and the output interface 36 may output decrypted data on a digital line to the storage device. This digital data would be stripped of any association with the data provider. In this way, non-identifying data from many data providers may be obtained for data mining, and the data providers compensated for provision of the data.
In a further embodiment, the decrypted data is software. In such instance, the output system 26 may be a dumb terminal. The processor 50, on decryption of the software, establishes a fast logical connection between itself and the dumb terminal allowing execution of the software in its volatile memory 42 by processor 50 while the connection persists. (It may be possible to omit the output interface 36 in this embodiment and employ the computer 14a as the dumb terminal via user interface 34.)
If a daughter cell contains more than one data component, rather than encrypting each component with the same temporary rules key, each component may be encrypted with a different temporary symmetric data key. In such case, the temporary data keys are encrypted with the temporary symmetric rules key and these encrypted temporary data keys become part of the control component of the daughter cell. Also, while not preferred, optionally the rules in the control component of the daughter cell are not encrypted.
Data in a daughter cell has been described as being encrypted with a symmetric (secret) temporary key, which symmetric key is encrypted by a public key of a card. The reason for this approach rather than an approach of encrypting the data itself with the card's public key is the slowness of decryption algorithms for asymmetric keys.
While the data components and rules in the master cell 80 have been described as being encrypted with the secret key of the data provider, this may not be necessary where the master cell is only ever located in a secure environment.
An advantage of the described system is that a user will never know her private key.
Obviously, a user may use their card with any computer 14 of system 10. As will be apparent, the docking station may be part of computer 14a rather than a separate component. A computer 14a operating with a card acts as a special purpose receiver. Thus, in place of a general-purpose computer 14a and a server 12a, a special purpose communication device, such as a digital phone could use the described encryption scheme to ensure private communications.
Rather than using a data access and control card 30 in the described system, a PCMIA or other suitable device capable of providing the described functionality may be used.
Other modifications within the spirit of the invention will be apparent to those skilled in the art.

Claims

WHAT IS CLAIMED IS:
1. A method for the controlled use of payload data on a network, comprising: receiving encrypted payload data; receiving an encrypted rules key, said rules key encrypted with a public key; receiving control data, said control data comprising rules for decryption of said payload data; decrypting said rules key with a private key paired with said public key; and decrypting said encrypted payload data utilising said decrypted rules key in accordance with said rules for decryption.
2. The method of claim 1 further comprising: converting said decrypted payload data to drive voltages; and outputting said drive voltages.
3. The method of claim 2 wherein said drive voltages comprise speaker drive voltages.
4. The method of claim 2 wherein said drive voltages comprise liquid crystal display drive voltages.
5. The method of claim 1 wherein said control data is encrypted by said rules key and further comprising decrypting said control data with said decrypted rules key.
6. A method for the controlled use of payload data, comprising: receiving data comprising verification data, an encrypted verification digest, and payload data; receiving a hash algorithm for verification; hashing said received verification data with said hash algorithm to obtain a derived verification digest; receiving a digest key; decrypting said encrypted verification digest with said digest key; and comparing said derived verification digest with said decrypted verification digest to determine whether said payload data is genuine.
7. The method of claim 6 wherein said verification data comprises said payload data.
8. The method of claim 6 wherein said payload data is encrypted and further comprising: receiving an encrypted rules key, said rules key encrypted with a public key; decrypting said rules key with a private key paired with said public key; and decrypting said encrypted payload data utilising said decrypted rules key.
9. The method of claim 8 further comprising: converting said decrypted payload data to drive voltages; and outputting said drive voltages.
10. The method of claim 8 further comprising receiving control data comprising data prescribing rules for decryption of said payload data and wherein said decrypting said encrypted payload data comprises decrypting said encrypted payload data in accordance with said rules for decryption.
11. A method for the controlled use of payload data, comprising: establishing a temporary rules key; encrypting each of a plurality of payload data components with said rules key; receiving a request for certain data components; receiving a key; encrypting said rules key with said received key; sending said encrypted rules key and encrypted payload data components represented by said request.
12. The method of claim 11 further comprising: establishing rules for when different parts of each payload data component may be decrypted; encrypting said rules with said rules key; and wherein said sending further comprises sending encrypted rules which are associated with said requested encrypted payload data components.
13. The method of claim 11 further comprising: on receiving a request for certain data components: establishing verification data; hashing said verification data to obtain a verification digest; encrypting said verification digest with a key; and wherein said sending further comprises sending said verification data and encrypted verification digest.
14. A receiver for the controlled use of payload data, comprising; a persistent memory for storing a secret key and an identification number; a volatile memory for temporarily storing decrypted payload data; an interface to a data network; an interface for outputting signals in response to contents of said volatile memory; a processor for: receiving encrypted payload data; receiving control data comprising a payload data key and rules for decryption of said payload data; decrypting said encrypted rules key with said secret key; decrypting said encrypted payload data with said decrypted rules key in accordance with said rules for decryption; and passing said decrypted payload data to said interface.
15. The receiver of claim 14 wherein said interface is for converting said decrypted payload data to drive voltages for output.
16. A transmitter, comprising: means for establishing a temporary rules key; means for encrypting each of a plurality of payload data components with said rules key; means for receiving a request for certain data components; means for receiving a key; means for encrypting said rules key with said received key; means for sending said encrypted rules key and encrypted payload data components represented by said request.
17. A data structure comprising: a plurality of components of encrypted payload data; for each of said plurality of encrypted payload data components, rules data providing rules for decryption; a plain text description of said plurality of encrypted payload data components and a digest created at least in part from said plain text description.
18. A method of initialising a data access and control device having an identification number stored in secure memory, comprising: on receiving an initialisation request, utilising a random number generator to construct a public/private key pair; outputting said identification number and said public key; and storing said private key in said secure memory.
PCT/CA2000/001218 1999-10-20 2000-10-17 System and method for secure data handling over a network WO2001030041A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU78959/00A AU7895900A (en) 1999-10-20 2000-10-17 System and method for secure data handling over a network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US42127099A 1999-10-20 1999-10-20
US09/421,270 1999-10-20

Publications (2)

Publication Number Publication Date
WO2001030041A2 true WO2001030041A2 (en) 2001-04-26
WO2001030041A3 WO2001030041A3 (en) 2001-09-20

Family

ID=23669872

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2000/001218 WO2001030041A2 (en) 1999-10-20 2000-10-17 System and method for secure data handling over a network

Country Status (2)

Country Link
AU (1) AU7895900A (en)
WO (1) WO2001030041A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9344393B2 (en) 2002-01-08 2016-05-17 Seven Networks, Llc Secure end-to-end transport through intermediary nodes

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5319705A (en) * 1992-10-21 1994-06-07 International Business Machines Corporation Method and system for multimedia access control enablement
EP0686906A2 (en) * 1994-06-10 1995-12-13 Sun Microsystems, Inc. Method and apparatus for enhancing software security and distributing software
EP0715247A1 (en) * 1994-11-23 1996-06-05 Xerox Corporation System for controlling the distribution and use of digital works using digital tickets
WO1997014087A1 (en) * 1995-10-13 1997-04-17 Trustees Of Dartmouth College System and methods for managing digital creative works
US5765152A (en) * 1995-10-13 1998-06-09 Trustees Of Dartmouth College System and method for managing copyrighted electronic media

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5319705A (en) * 1992-10-21 1994-06-07 International Business Machines Corporation Method and system for multimedia access control enablement
EP0686906A2 (en) * 1994-06-10 1995-12-13 Sun Microsystems, Inc. Method and apparatus for enhancing software security and distributing software
EP0715247A1 (en) * 1994-11-23 1996-06-05 Xerox Corporation System for controlling the distribution and use of digital works using digital tickets
WO1997014087A1 (en) * 1995-10-13 1997-04-17 Trustees Of Dartmouth College System and methods for managing digital creative works
US5765152A (en) * 1995-10-13 1998-06-09 Trustees Of Dartmouth College System and method for managing copyrighted electronic media

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9344393B2 (en) 2002-01-08 2016-05-17 Seven Networks, Llc Secure end-to-end transport through intermediary nodes
US9438550B2 (en) 2002-01-08 2016-09-06 Seven Networks, Llc Mobile device power management in data synchronization over a mobile network with or without a trigger notification
US9602457B2 (en) 2002-01-08 2017-03-21 Seven Networks, Llc Mobile device having power save feature for establishing communications
US9608968B2 (en) 2002-01-08 2017-03-28 Seven Networks, Llc Connection architecture for a mobile network
US9712476B2 (en) 2002-01-08 2017-07-18 Seven Networks, Llc Secure end-to-end transport through intermediary nodes
US10135771B2 (en) 2002-01-08 2018-11-20 Seven Networks, Llc Secure end-to-end transport through intermediary nodes

Also Published As

Publication number Publication date
WO2001030041A3 (en) 2001-09-20
AU7895900A (en) 2001-04-30

Similar Documents

Publication Publication Date Title
EP1376980B1 (en) Secure server plug-in architecture for digital rights management systems
AU2006200096B2 (en) Flexible licensing architecture in content rights management systems
AU2004200468B2 (en) A method, system and computer-readable storage for a licensor to issue a digital license to a requestor
US7200230B2 (en) System and method for controlling and enforcing access rights to encrypted media
US7891007B2 (en) Systems and methods for issuing usage licenses for digital content and services
KR100753932B1 (en) contents encryption method, system and method for providing contents through network using the encryption method
US20090268906A1 (en) Method and System for Authorized Decryption of Encrypted Data
US7007173B2 (en) Content distribution system, copyright protection system and content receiving terminal
US20030079133A1 (en) Method and system for digital rights management in content distribution application
EP1376309A2 (en) DRM system for protecting digital content
EP1378812A2 (en) Using a rights template to obtain a signed rights label (SRL) for digital content in a digital rights management system
US20060280309A1 (en) Systems and methods for providing secure server key operations
KR20050058488A (en) Apparatus, system and method for securing digital documents in a digital appliance
CN101496327A (en) Rights management system for streamed multimedia content
JP2002244927A (en) Data distribution system
JPH1131130A (en) Service providing device
US20030188150A1 (en) System and method for media authentication
US20050060544A1 (en) System and method for digital content management and controlling copyright protection
US20100077486A1 (en) Method and apparatus for digital content management
US20090282245A1 (en) Security method and system for media playback devices
Lee et al. A portable DRM scheme using smart cards
WO2001030041A2 (en) System and method for secure data handling over a network
JP2001147899A (en) System for distributing contents
US20030046565A1 (en) Method for encrypting and decrypting contents data distributed through network, and system and user terminal using that method

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP