Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
1998-03-23
2001-10-09
Peeso, Thomas R. (Department: 2123)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C713S167000, C380S280000
Reexamination Certificate
active
06301660
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention relates to mechanisms for protecting electronic documents (files) against unauthorized use, and, in particular, against unauthorized copying or printing.
An electronic document is an electronic information container. The information stored in the container may include, but is not limited to, characters, graphic images, moving pictures, sound, and animation.
It is quite difficult to protect against unauthorized leaks of information. Photocopy machines, facsimiles, and other technologies permit information that has been fixed on a paper medium to be easily copied and distributed. In the case of electronically stored information, computers can instantly construct a virtually unlimited number of identical copies of electronically stored information.
One object of the invention is to designate one or more people as authorized distributors. A further object of the invention is to designate one or more people as authorized customers with the following constraints:
i) The authorized distributor may designate itself or others as authorized customers.
ii) The authorized distributors may distribute an electronic document to one or more authorized customers.
iii) For each electronic document distributed to each authorized customer, the authorized distributor may assign one or more document handling rules. Example document handling rules are permitting read-only access or permitting read and print access.
iv) Authorized customers may not distribute documents unless they are also authorized distributors. It is possible that zero or more authorized customers are also authorized distributors.
Consider the situation described in FIG.
1
. In
FIG. 1
, an authorized distributor
101
sends information
106
(electronic documents) to each of several authorized customers
102
,
103
,
104
. The distributor
101
sends the information
106
in encrypted form to ensure that no unauthorized intruder can view the information while the information is in transit. Many of the customers, e.g., an authorized first customer
102
and an authorized second customer
103
use the documents
106
as intended. That is, the customers who use the document correctly do not forward the documents to others. However, some customers, e.g., an authorized third customer
104
, may attempt to perform actions beyond his or her authorization. That is, the third customer
104
may attempt to forward the documents
106
to one or more unauthorized customers
105
. The present invention prohibits the third customer
104
from forwarding the documents
106
to any unauthorized customer
105
unless the authorized third customer
104
is also an authorized distributor.
Some example requirements that a security mechanism may potentially satisfy are listed below:
The authorized customers should not be prohibited from making backups.
Only standard hardware and software assumptions should be made. For example, although hardware dongles provide copy protection services, many vendors do not wish to limit the sale of the software to the collection of customers who own or are willing to install a dongle.
When a customer legitimately obtains a document, the customer should be able to use the document on any machine regardless of ownership. The customer should optionally be able to authorize simultaneous usage of the document in multiple machines.
The distributor should be permitted to distribute an identical version of the document software to all authorized customers. This requirement permits the documents to be distributed through normal channels such as, for example, CD-ROMs, floppy disks, or network bulletin boards.
It should be excessively difficult and/or computationally infeasible for a potential pirate to circumvent the security mechanism.
The security mechanism should not disclose the customer's private keying material to the distributor, any program distributed or produced by the distributor, or any potential Trojan horse program. Though the primary functionality is to protect the document vendor and distributor, one must not do so at the expense of the customer.
The present invention complies with the example requirements by providing a special copy protected program called the Viewer program that displays the contents of the protected document (file). The term “display” is used liberally in order to include showing, audio-broadcasting, or printing. The present invention's security mechanism ensures that one cannot view the protected file without using the Viewer program. Furthermore, the Viewer program prohibits viewing by anyone other than an authorized user.
The present invention can be used for any file which is used via a program, independent from the content of the file.
The protection of such files is important in very different scenarios, some of them are explained below:
Micro Publishers:
A micro publisher is a home hobbyist or small business who is willing to experiment with Internet publishing. An example micro publisher is a photographer who takes pictures at a sporting event and then sells the pictures to a newspaper.
Legacy Electronic Publishers:
The Legacy electronic publishers publish electronic documents. An example legacy electronic publisher is a major encyclopedia company.
Copyright Enforcers and Direct Marketers:
Some organizations are more interested in preventing copyright infringement rather than generating revenue.
Advertisers:
Advertisers are filling to pay advertising fees when they are sure that the advertisement is, in fact, embedded in the file and cannot be changed without authorization.
Document Labelers:
A document labeler inserts a label on a document, e.g., company confidential. The document labeler also inserts a document handling rule. For example, no non-company employee is an authorized customer of any company confidential document.
In “
Cryptolope Container Technology
,” by International Business Machines, Mar. 3, 1997 (available on World Wide Web at http://www. cryptolope.ibm.com/white.htm), an application layer cryptographic encapsulation mechanism is described.
The basic mechanism is as illustrated in FIG.
2
. The mechanism initiates when a vendor
201
generates a file (e.g. a document with the content of a newspaper, magazine, music, etc.) and encrypts the file using a symmetric key K. The vendor encrypts the symmetric key using the vendor's public key
204
. The vendor sends as shown at
202
both the encrypted document
203
and the encrypted symmetric key
204
to a customer
209
. Subsequently, the customer
209
and the vendor
201
coordinate payment information. During this coordination, the customer
209
sends a purchase request which includes the encrypted symmetric key
205
(copied from the encrypted symmetric key
204
) and a certificate containing the customer's public key
207
. Next, the vendor
201
decrypts the symmetric key using the vendor's private key and then re-encrypts the symmetric key using the customer's public key
207
(obtained from the customer's certificate). The vendor
201
sends as shown at
210
the re-encrypted symmetric key
208
back to the customer
209
. Using the customer's private key, the customer
209
decrypts the original file. All of the customer's functionality described above is performed by a special Viewer program.
In the above mentioned mechanism, the customer
209
must perform an asymmetric decryption operation to obtain a symmetric file encryption key K. The intent is that the customer
209
must have his or her asymmetric private key in order to perform the asymmetric decryption operation.
However, the above mentioned mechanism is vulnerable to attack, e.g. by the following attack scenario as illustrated in FIG.
3
:
1. After completing the correctly authorized scenario of
FIG. 2
, an authorized customer
209
obtains an encrypted file
203
. The file
203
is encrypted using the symmetric key K.
2. The encrypted symmetric key
208
is provided to the customer
209
.
3. The customer's decryption mechanism, e.g., smart card
Peeso Thomas R.
Schiff & Hardin & Waite
Siemens Aktiengesellschaft
LandOfFree
Computer system for protecting a file and a method for... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Computer system for protecting a file and a method for..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Computer system for protecting a file and a method for... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2617753