Method and system of digital rights execution

FIELD: digital rights control system.

SUBSTANCE: system contains first user device designed for query message setup and transfer, indicating transaction to be run in relation to digital content of at least one object of digital rights (OR), rights issuer aimed to receive query message from first user device, to identify transaction and to process this transaction and to provide access rights to digital content conjointly with server for second user device designed to receive information on stated access right concession. Receive of mentioned information by second user device on digital content access right concession is confirmation of execution of this right to second user device. Method describes operation of mentioned system.

EFFECT: ability of authorized user to transfer partially used or unused object of right to another user and return of OR.

49 cl, 15 dwg, 2 tbl

 

The technical field to which the invention relates.

The present invention relates to a system digital rights management (DRM) (DRM), and in particular to the message for processing a rights object (OP) (RO) in the DRM system and to a method and system for processing OP with it.

The level of technology

With the rapid centralization firewall business in online communities and e-business transactions, the majority of the interactive content providers deliver a variety of content that may be of interest to users. Such content is often multimedia, for example music, images, videos. Different types of multimedia data are used in numerous areas, including webcasting, training, transfer news, sports gear, expert advice in matters of travel and the like, which creates new services in the virtual space.

Compared to the existing analog content digital content has many advantages from the point of view of the generation, processing, treatment and distribution, and on the other hand, because of those characteristics that a copy can easily be made the same as the original, there are serious problems with the protection of the rights for the generated digital image products.

The DRM system, which is the m is the mechanism for the sustainable protection and systematic management of digital rights, property, not only prevents the infringement of copyright on the content, but also provides a number of protection systems and control in the process of generating, publishing, distribution and use of content. In the system of DRM digital content there is in coded form, so that only the authorized user can immediately decode it to use, and even if the content is copied by the user, not counting the authorized user, the user may not use the content, whereby to prevent illegal piracy.

The DRM system must constantly protect digital content and apply different rules for the use of digital content. Even if the content based on the DRM, this content must be able to tolerate the existing method of distribution and use of digital information as it is, and technological protection measures DRM should not cause inconvenience to users.

However, the General DRM system has the following problem. When an authorized user wants to transfer the rights (rights object)remaining after use rights (rights object), issued digital content or unused rights object rights to another user, or when an authorized user wants to repay qi is the global content and get back its cost, or wants other OP, this request of the user is not supported.

Disclosure of invention

Therefore, one objective of the present invention is to provide a message for processing a rights object (OP) in the DRM system and method and system for processing OP with it, which can allow an authorized user to pass partially consumed OP or unused OP in relation to digital content to another user.

Another objective of the present invention is to provide a message for processing a rights object (OP) in the DRM system and method and system for processing OP with it, which can allow an authorized user to return partially consumed OP or unused OP in relation to digital content.

Another objective of the present invention is to provide a message for processing a rights object (OP) in the DRM system and method and system for processing OP with it, where the message to request the return of the OP or the OP transfer to another person is determined and sent between the authorized user and the Issuer's rights (EP), so that EP may request the return of OP from authorized user or request to transfer OP to another person and to perform the appropriate procedure.

To achieve at least the above purposes in whole or in part, a system for processing OP in the DRM system, comprising: the first device to send a message of a request to transfer OP in relation to digital content; EP to analyze the message of a request to transfer OP and to send OP; and a second device for receiving OP from EP.

System for registration of OP in the DRM system further includes a presentation server (PS) (PS) to provide digital content to the first and second devices together with the EP.

To achieve at least these advantages in whole or in part the following is a suggested way to design OP in the DRM system, comprising: a sending of a request to transfer OP in relation to digital content from the first device to the EP (the Issuer rights); the analysis of the message of a request to transfer OP Issuer's rights; and sending the OP a rights Issuer to the second device, if the message is a request to transfer OP is a message requesting the transfer of the OP.

According to the analysis, if the identifier of the second device included in the additional information message of a request to transfer OP, this message of a request to transfer OP is defined as a message requesting the transfer OP, and if additional information parameter does not include the identifier of the second device, the message of a request to transfer OP is defined as a message that requests shivaye return OP.

Way to design OP in the DRM system includes hereinafter: the Issuer's rights procedures for returning the OP, if the message is a request to transfer OP is a message requesting the return of the OP.

To achieve at least these advantages in whole or in part the following is a suggested way to design OP in the DRM system, comprising: a message of a request to transfer OP sent from the first device to the EP in order to apply for the re-use of OP in relation to digital content; and a reply message to the message request to transfer OP.

The message of a request to transfer OP includes: a device ID indicating the ID of the first device to send a message of a request to transfer OP; EP ID indicating the ID of the EP to receive the message of a request to transfer OP; the device for this case, indicating a random value generated by the first device; protected OP, OP indicates, subject to refund or transfer; enabling the chain that indicates the authorization procedure between agencies; expansion, namely extended information; and a digital signature.

The response message includes status information indicating that you have successfully passed the OD to the ID of the mouth of the STS, specifies the ID of the first device, which has sent a message of a request to transfer OP; ID; ID VC indicating the ID of the EP, sending a response message; a device for this case to use the device for this case, included in the message request to transfer OP; and a digital signature that specifies a digital signature.

Additional advantages, objectives and features of the invention will be partially set forth in the following description, and in part will become apparent to specialists when considering the following or may be learned from the practical application of the invention. Objectives and advantages of the present invention may be realized and attained as particularly specified in the appended claims.

Brief description of drawings

The invention will be described in detail with reference to the following drawings, in which identical reference position refer to similar elements.

Figure 1 illustrates an example system design for decoration OP in the DRM system in accordance with the preferred embodiment of the present invention.

Figure 2 illustrates the schema that defines the structure, content and semantic syntax message of a request to transfer OP in accordance with the preferred option assests the of the present invention.

Figure 3 illustrates the schema that defines the structure, content and semantic syntax response message on the transfer of the OP in accordance with the preferred embodiment of the present invention.

Figa and 4B show an example of a message of a request to transfer OP encoded using XML (extensible markup language).

Figure 5 illustrates an example of a response message of the transmission OP encoded using XML.

6 illustrates an example method for transmitting OP in the DRM system.

Fig.7 illustrates the procedure in the DRM system, when the rights Issuer (EP), may not successfully pass OP receptor.

Figa illustrates the procedure when 7 select payment cybernetically.

Figv illustrates the procedure when 7 you click retry.

Figs illustrates the procedure when 7 selects a different point of release.

Fig.8D illustrates the procedure when you click the return offered to transfer OP.

Fig.9 illustrates a method of obtaining digital content receiver, when the receiver does not have digital content corresponding to the OP received by EP.

Figure 10 illustrates another example of the transfer method OP in the DRM system in accordance with repectfully of the embodiment of the present invention.

11 illustrates a method of returning the OP in the DRM system in accordance with the preferred embodiment of the present invention.

The implementation of the invention

Now will be described the preferred implementation of the present invention with reference to the accompanying drawings.

Figure 1 illustrates an example system design for decoration OP in the DRM system in accordance with the preferred embodiment of the present invention.

As shown in figure 1, the system for registration of SOS (rights object) in the DRM system includes: a first device 10 to send the message of a request to transfer OP in relation to digital content; EP (the Issuer rights) 20 to analyze the message of a request to transfer OP and to send the OP; a second device 11 for receiving OP from EP 20; and a presentation server (PS) 30 to provide digital content to the first and second devices 10 and 11 in conjunction with EP 20.

PS 30 may include ES (the Issuer of the contents) to issue digital content, or may work in conjunction with ES.

In the present invention, for example, when the first device 10 accepts OP for the same digital content from EP 20 and the second device 11 is authorized or not on this digital content is determined by the message of a request to transfer OP sent to the first device 10 to EP 20, to request the transfer of unused OP or partially consumed OP from the first device 10 to the second device 11, or to return unused OP or partially consumed OP from the first device to EP 20.

In addition, in the present invention as a response message to a message of a request to transfer OP is determined by the response message on the transfer of the OP sent from EP 20 the first device 10.

First will be described the response message transmission OP as follows.

With reference to the shown below Table 1 the message of a request to transfer OP includes options such as "device ID", "ID " EP", "Device for this case, Protected OP", "certificate Chain", "Extension", "Digital signature".

"Device ID" specifies the ID of the device that sends the message of a request to transfer OP. In this case, as the identifier is typically the phone number of the device, and in the case of VIM (temporary identity of the mobile subscriber) (TMSI) or MIME (international identification of the mobile subscriber (IMSI) (in the GSM system (global system for mobile communication), you can use the IP address (Internet Protocol) (in case of IPv6). "EP ID" specifies the ID of that EP that PR is receives a message of a request to transfer OP. As Devices of this case" use an arbitrary value generated by the device. "Protected OP"encoded OP, OP specifies, transferable or return. "Certificate chain" specifies the authorization procedure between agencies. Extensions indicate information added to the message request to transfer OP. As a "Digital signature" is commonly used method PKI (public key infrastructure (PKI) (PKI).

Figure 2 illustrates the schema that defines the structure, content and semantic syntax message of a request to transfer OP in accordance with the preferred embodiment of the present invention.

Table 1
Pop Message of a request to transfer OP
Required/optional
The device IDN
ID EPN
The device for the caseN
Protected OPN
The certificate chainAbout
ExtensionsAbout
SignatureN

As shown in Table 1, the parameter which measures the "certificate Chain" and "Extensions" are included in the message request to transfer selectively OP.

In the present invention, in order to indicate that the message is a request to transfer OP is a message for requesting transmission of SNPS in the options "Extensions" enabled ID redirection. The ID of the forwarding specifies the identifier of the receiving device, which takes the value of Protected OP". The ID of the receiving device can be WIM, MIME or IP address, or telephone number of the receiving device.

If the ID of the redirect is not in the Extensions parameter in the message of a request to transfer OP, this message of a request to transfer OP is defined as a message requesting the return of the OP.

Now will be described the response message of the transmission OP as follows.

With reference to the shown below Table 2 response message on the transfer of the OP includes options such as "Status", "device ID", "ID", "ID " EP", "Device for this case" and "Digital signature".

"Status" is a status information indicating that you have successfully passed the appropriate OP in response to the request message of a request to transfer OP. As a "device ID" is the device ID included in the message of a request to transfer OP. "And edificator domain" is an optional parameter. "ID " EP" is an EP ID included in the message of a request to transfer OP. As "ID " EP" is the identity EP, sending a response message on the transfer of the OP. As Devices of this case is used the device for this case, included in the message request to transfer OP. As a "Digital signature" is commonly used method IEC.

Table 2
Pop Response on the transfer OP
Required/optional
StatusN
The device IDN
Domain IDAbout
ID EPN
The device for the caseN
SignatureN

Figure 3 illustrates the schema that defines the structure, content and semantic syntax response message on the transfer of the OP in accordance with the preferred embodiment of the present invention. Figa and 4B show an example of a message of a request to transfer OP encoded using XML (extensible markup language). Figure 5 illustrates an example of cvetnogo messages on the transfer of the OP, encoded using XML.

As shown in figa and 4B, the Extensions parameter in the message of a request to transfer the OP included the ID of the forwarding number, and its value is "093210932091". Namely, the message of a request to transfer OP is a message for requesting transmission OP receiving device having the value "093210932091" (the phone number of the receiving device or WIM: in this case we use the WIM).

The response message on the transfer of the OP, shown in figure 5, is a response message to a message of a request to transfer OP, shown in figa and 4B, which indicates that OP transmitted normally.

The operation execution OP in the DRM system in accordance with the present invention will be described as follows.

Will be described: one case (A), when the unused OP or partially consumed OP in relation to digital content is offered to other user, namely a different device, and another case (C), when the unused OP or partially consumed OP returns to EP 20.

(A) In the case when the unused OP or partially consumed OP is transmitted to another user:

6 illustrates an example method of transmitting OP in the DRM system.

For example, when the first device 10 wishes to send unused OP or partially consumed OP in from the Oseni arbitrary digital content to the second device 11, the first device 10 writes the unused OP or partially consumed OP in the parameter "Protected OP" in the message of a request to transfer OP and writes the ID of the second device 11, which should accept a parameter "Protected OP" as the value of the ID of the redirect parameter Extensions.

In addition, the first device 10 writes the identifier of the first device 10 in the parameter "device ID", writes the ID of the EP, which should take the message of a request to transfer OP, in the ID parameter EP" and fills in the values of other important parameters.

Thus, the first device 10 generates a message request to transfer OP by filling in the values of parameters "device ID", "ID " EP", "Device for this case, Protected OP", "Expansion" and "Digital signature".

The first device 10 sends the generated message is a request to transfer OP to EP 20 (step S10).

When receiving a message of a request to transfer OP EP 20 checks whether the ID value divert the Extensions parameter in the message of a request to transfer OP. If the value of the ID of the redirect exists, EP 20 recognizes that it must pass OP corresponding to the value of parameter C is diminnie OP", the receiving device corresponding to the ID value of the redirect and sends a response message of the transmission OP the first device 10 (step S11). EP 20 sends transferable OP in the appropriate storage unit (step S12).

The first device 10 receives the response message on the transfer of the OP and, if this is the response message of the transmission OP has information successful state, the first device 10 deletes the OP that this is the first device intended to transmit to the second device (step S13). In this case, the first device 10 may delete the content together with OD or may not delete it.

EP 20 transmits OP the second device 11 through a unidirectional pop Protocol (acquisition of rights) (ROAP). In this case, if the second device 11 has already digital content (the same digital content, the first device 10), corresponding to the adopted OP, and the OP successfully transmitted to the second device 11, the OP to the second device 11 is completed. The fact that the second device 11 has already digital content, means that the second device 11 is registered for EP 20.

Now will be described a case where EP 20 OP wants to pass the second device 11, but can't do it, or the second device can't take the OP for some reason.

Fig.7 illustrates the procedure design the Oia in the DRM system, when the rights Issuer (EP) may not successfully pass OP receptor.

Steps S20 through S23 are the same as steps 6, so that their description is omitted.

EP 20 checks whether it can send to the second device 11 of the OP, which has received the request for transmission to the first device 10, and if the OP cannot be sent to the second device 11 due to power failure or the like in the second device 11, if the EP sent SOS to the second device 11 through a unidirectional pop (step S24), but no response on receiving from the second device 11, or if the EP receives from the second device 11 a message that the OP cannot be taken due to the fact that the memory is full (step S25), EP 20 determines that OP transfer cannot be performed normally (step S26), and sends the trigger pop the first device 10 (step S27). The trigger pop carries such content that the OP from the first device 10 cannot be transferred to the second device 11, and if the OP is desirable to return, connect to the CID (uniform resource locator) (URL) "xxx.html" the presentation server (PS) 30.

When the first device 10 is connected to the CID in Psalm 30 (step S28), the PC 30 displays the first device 10 a lot of options (step S29). This set of options covers cybernetically, again, the acquisition of another OP and shall attend (or return) of the original OP, which it is desired to convey. For reference, when the OP returns cybernetically, when OP is issued as the other OP, or OP when withdrawn withdrawn is paid value or newly issued, the value may be the same value as the original OP, or a smaller value than the original OP, which must be transferred from the first device 10 to the second device 11.

With reference to figa, when the first device 10 selects the option to pay by cybernetically" (step S30), the PC 30 according to EP 20 that the first device 10 wants to receive payment (step S31). EP 20, which controls the account of cyberneticist the first device 10, pays the appropriate OP-cybernetically and reserves paid cyberneticist on account of cyberneticist the first device 10, and informs the PS 30 to reserve cyberneticist the first device 10 (step S32).

EP 20 informs the first device 10 about the payment and sends the trigger pop, indicating the address of the CID in PS 30 to confirm the payment of the first device 10 (step S33).

When the first device 10 is connected to the corresponding address of the CID in PS 30 to confirm the content of the payment (step S34), the PC 30 displays the first device 10 is cyberneticist the first device 10 from the payment (step S35).

In step S28, as shown in figv, when the first device 10 selects p the tubing retry (step S40), PS 30 informs EP 20 that the first device 10 wants to make a second attempt (step S41). Then EP 20 transmits OP the second device 11 through a unidirectional pop (step S42). When OP is successfully transmitted to the second device 11, EP 20 follows the procedure 6, or otherwise EP 20 follows the procedure 7 (step S43).

In step S23 in Fig.7, when the first device 10 selects the option to purchase another OP", as shown in figs (step S50), PS 30 prepares the values of the new digital content and the corresponding OP (step S51). Then, the first device 10 selects one of the digital content from the prepared values and value to create the corresponding OP (step S52). PS 30 sends the selected digital content and information (e.g., cost) to create a corresponding OP in EP 20 (step S53). EP 20 prepares OP and digital content according to the value (step S54).

EP 20 sends a trigger pop for messages that other (new) OP and digital content can be taken by the first device 10 (step S55). Then, the first device 10 deletes the OP, which is the first device for transmission to the second device 11 (step S56). The first device 10 performs bidirectional General procedure pop to take other SOS and digital content that is selected. Namely, the first device 10 prompts another OP from EP 20, and EP 20 you the AET another OP to the first device 10 in response to the request from the first device 10.

In step S28 in Fig.7, when the first device 10 selects the option to revert to the original OP, which it was desirable to pass" (step S60), the PC 30 according to EP 20 that the first device 10 wants to regain the corresponding OP (step S61). EP 20 prepares the appropriate OP and digital content of the first device 10 (step S62). And then EP 20 sends a trigger pop to specify return the corresponding OP the first device 10. The first device 10 returns a proper OP through the implementation of a common bidirectional procedures pop. Namely, the first device 10 prompts EP 20 re-issue the OP that the first device 10 wanted to transmit to the second device 11. Then EP 20 reissues the corresponding OP the first device 10.

Now will be described a case where EP 20 transmits OP the second device 11, but the second device 11 does not have the same content as the first device 10.

Fig.9 illustrates a method of obtaining digital content receiving device when the receiving device does not have digital content corresponding to the OP received by EP.

The first device 10 sends to EP 20 the message of a request to transfer the OP to request a transfer of the unused OP or partially consumed OP the second device 11 (step S70). EP 20 delivers the requested OP the second device 11 through one of the directional pop (step S71).

When receiving OP through unidirectional pop second device 11 checks whether it has content corresponding to the accepted definition. If the second device 11 does not have this digital content, the second device 11 according to EP 20 that it does not have this digital content (step S72). Then EP 20 checks to see if the second device 11 and whether it is digital content. If the second device 11 is not registered and does not have digital content, EP 20 sends the second device 11 trigger pop to return to the team to perform General registration procedures and General procedures for the issuance of OP (step S73). When receiving a trigger pop second device 11 is registered for EP 20 according to the General procedure of registration (using common chetyrehyadernogo registration Protocol), downloads the digital content corresponding to the OP, after 30 PS, and then adopts delivered OP through a common bidirectional pop (step set S74).

Figure 10 illustrates another example of the transfer method OP in the DRM system in accordance with the preferred embodiment of the present invention.

When the second device 11 already has the same digital content, the first device 10, the first device 10 sends to EP 20 the message of a request to transfer the OP to request a transfer of the unused OP or in part p is trebling OP the second device 11 (step S80). EP 20 transmits the requested OP the second device 11 through a unidirectional pop (step S81). When OP is successfully transmitted, EP 20 sends to the first device 10 a response message of the transmission OP, i.e. the response message to a message of a request to transfer OP (step S82). The step of sending the message of a request to transfer OP (step S80), the step of transmitting OP through unidirectional pop (step S81), and the step of sending a response message on the transfer of OP (step S82) are processed in a single transaction.

When the steps S80, S81 and S82 is executed successfully, the OP to the second device 11 is completed, and the first device 10 deletes the OP, which is transferred to the second device 11 (step S83). In this case, the first device 10 can also delete or not the corresponding digital content.

(C) when the unused OP or partially consumed OP returns to EP 20:

11 illustrates a method of returning the OP in the DRM system in accordance with the preferred embodiment of the present invention.

The first device 10 generates a message request to transfer OP, which does not include the identifier of the forwarding, and sends the generated message is a request to transfer OP to EP 20 (step S90). In recognition of the fact that ID call forwarding not accepted the message of a request to transfer OP, EP 20 is determined is, the message of a request to transfer OP is a message requesting the return of SNPS contained in this message. Accordingly EP 20 informs PS 30 that the first device 10 has requested the return OP (step S91). PS 30 prepares the service returns and reports EP 20 on preparation services return (step S93). Then EP 20 sends to the first device 10, the trigger pop to return to the command connect to PS 30 for return OP (step S94).

The first device 10 is connected to the corresponding address of the CID in PS 30 according to the trigger pop (step S95), and PS 30 provides the first device 10 to the paragraph "payment by cybernetically for payment cybernetically corresponding to the value smaller than the value returned by OP, and the item "other OP" to accept the new OP, corresponding to a value smaller than the value returned by OP (step S96).

Then, the first device 10 selects one of the items of choice. If the first device 10 selects the item "payment by cybernetically", the operation of payment by cybernetically is exactly the same as on figa (description omitted). If the first device 10 selects the item "other OP", the operation of issuing another OP is exactly the same as on figs (description omitted).

As described so far, the message for processing OP in the DRM system and the act is about and the system for registration of OP with it in accordance with the present invention have the following advantages.

That is, for example, because the message is authorized for the device to send to another device partially consumed OP or unused OP in relation to digital content or the request for return OP from EP is recalculated, and a new message device is recognized by the rights Issuer, the authorised device can transmit the corresponding OP to another device via VC or return EP appropriate OP.

In addition, when the device wants to transfer unused OP or partially consumed OP another device through the EP, but the other device can't take the OP, EP can make authorized device to perform a procedure known as a payment, issue of the other SOS and return yourself OP, and when the other device does not have digital content corresponding to the OP, EP may cause another device to perform the normal registration procedure, thereby providing user convenience.

The above options for implementation and advantages are merely exemplary and should not be construed as limiting the present invention. This disclosure may be applied to other types of devices. The description of the present invention is intended to be illustrative and not limiting of its scope defined by the claims. Many changes, modify the tion and variants will be clear to experts. In the claims the wording of a means-plus-function aims to capture these patterns, as performing the stated function and not only structural equivalents, but also equivalent structures.

1. System for registration of rights of access to digital content in the system of digital rights management (DRM), containing

the device of the first user, intended for generating and transmitting a request message indicating a transaction that must be exercised with respect to digital content, at least one rights object (OP),

the Issuer's rights, intended for receiving a request message from the device of the first user, determine the transaction, process the transaction and provide, in conjunction with server access rights to digital content, the device of the second user, intended for reception information providing him with the specified access rights

when the receiving device of the second user specified information to grant him access rights to digital content rights object is a confirmation of registration of this right device of the second user.

2. The system according to claim 1, in which the transaction also includes returning at least one rights object (OP).

3. The system according to claim 1, to the second server contains the Issuer's rights (EP), adapted to receive the request message to identify the transaction and the transaction is processed.

4. The system according to claim 3, in which the server also contains a presentation server (PS)adapted to provide digital content to at least one of the first and second devices in accordance with the EP.

5. The system according to claim 1, in which the request message is a message transfer request of the OP.

6. The system according to claim 1, which also contains the Issuer of contents (ES) for delivery of digital content.

7. The system according to claim 4, in which the request message contains

the ID of the first device, transmitting the request message,

ID EP, which transmitted the request message, and

the identifier of at least one OP.

8. The system according to claim 7, in which the identifier of at least one OP is protected OP.

9. The system according to claim 7, in which the request message also contains

the derived value generated by the first device,

indicator procedures upolnomochenaya, and

the digital signature.

10. The system according to claim 9, in which the derived value is determined by the device for this case, the indicator procedures upolnomochenaya is enabling the chain between EP and FP, and the digital signature contains the public key infrastructure (PKI).

11. The system according to claim 3, in which the EP is also adapted to generate and transmit to the first device a request message that indicates a successful or failed transaction.

12. The system according to claim 11, in which the first device removes OP after receiving a request message that indicates a successful transaction.

13. The system according to claim 4, in which the EP is also adapted to determine that the transaction is a transfer of at least one OP on the second device, if the request message contains the identifier of the second device, and to determine that the transaction is a return of at least one OP, if the request message does not contain the ID of the second device.

14. The system according to claim 3, in which VC transmits at least one OP, after determining that the transaction is a transfer of at least one OP on the second device.

15. The system according to claim 4, in which the EP performs a procedure to return at least one OP, after determining that the transaction is a return of at least one OP, when this procedure is performed when interacting with PS.

16. The system of clause 15, in which the EP is also adapted to inform the cops of the transaction and PS also is adapted to generate and transmit a message of preparation for EP and EP transmits a message about the connection to the first device is after the message is received training from the substation, the message about the connection instructs the first device to connect to the substation in order to return at least one OP.

17. System according to clause 16, in which the message of this training is the completion report preparation services return and the message about the connection is the causative agent Protocol acquisition rights (pop).

18. System according to clause 16, in which PS is also adapted to provide at least one option of returning to the first device after the first device connects to the PC, and to perform together with the EP process associated with the selected first device option.

19. System p, in which at least one option return contains payment cybernetically and issue another OP.

20. Way of issuing access rights to digital content in the system of digital rights management (DRM), namely, that

transmit a query that specifies a transaction that must be carried out in relation to digital content, at least one rights object (OP), the Issuer's rights, through the device of the first user, intended for creation and transmission of messages;

analyze the request by the Issuer's rights to identify the transaction and transfer in accordance with the transaction access rights to the digital soda is the substance, at least one rights object (OD) of the device of the second user, intended for reception information providing him with the specified access rights;

provide, in conjunction with the server, the digital content rights object to the second user device by the receiving device of the second user specified information to grant him access rights to digital content rights object and confirm the execution of this right on the device of the second user.

21. The method according to claim 20, in which the server contains the Issuer's rights (EP).

22. The method according to claim 20, in which the transaction also includes returning at least one OP.

23. The method according to claim 20, in which the request message is defined as the transfer of at least one OP on the second device, if the request message contains the identifier of the second device.

24. The method according to item 21, in which the procedure for transferring at least one OP the second device includes:

EP transmits the request message to the first device,

the first device removes at least one OP after receiving the request message, and

EP transmits at least one OP the second device.

25. The method according to paragraph 24, which also contains

EP determines that the OP may not be successfully transmitted to the second device,

EP PE edit to the first device, the status message which indicates that the transmission was unsuccessful,

the first device is connected with PC, use the connection information contained in the status message, and

PS provides at least one option of returning to the first device.

26. The method according A.25 where VC determines that the OP may not be successfully transferred if one of the second device is in the off state, there is no response from the second device that indicates that the reception is impossible.

27. The method according A.25, in which the connection information contained in the status message contains the CID address PS.

28. The method according A.25, in which at least one option return contains at least two payment cybernetically, re-attempt the transfer, other SOS and feedback OP.

29. The method according A.25, which also includes a stage on which the PS performs jointly with the EP process associated with the selected first device option.

30. The method according to paragraph 24, which also contains the time that

EP determines that the second device does not have digital content corresponding to at least one OP,

EP transmits to the second device, the registration message, which instructs the second device about the registration process, and

the second device performs a registration procedure, a modification of the t at least one OP by TS.

31. The method according to item 21, in which the at least one OP the second device contains

EP successfully passed at least one OP the second device

EP transmits to the first device, the status message that indicates that the transfer was successful, and

the first device removes at least one OP.

32. The method according to p, in which the transfer request message to the first device EP, transmitting at least one OP from the VC to the second device, and sending a status message from the VC to the first device, executed as a single transaction.

33. The method according to item 21, in which the request message is defined as a return of at least one OP, if the request message does not contain the ID of the second device.

34. The method according to item 21, in which the refund is at least one OP contains the time that

EP inform the cops about the transaction,

SS transmits on the EP message of preparation, which indicates that the cops are ready to return at least one OP, and

EP transmits to the first device, the message about the connection, which instructs the first device to connect to the substation in order to return at least one OP.

35. The method according to clause 34, in which the message about the connection is the causative agent Protocol purchase amount is the rights (pop).

36. The method according to clause 34, in which the refund is at least one OP contains the time that

the first device is connected with PC,

PS provides at least one option of returning to the first device, and

PS performs jointly with the EP process associated with the selected first device option.

37. The method according to p, in which at least one option return contains payment cybernetically and issuing at least one other OP.

38. The device of the first user, intended for forming and transfer requests when making a right of access to digital content in the system of digital rights management (DRM), containing

means forming a query that specifies a transaction that must be carried out in relation to digital content, at least one rights object (OP)owned by the first user, with the specified transaction involves the transfer of access rights to the specified digital content device of the second user, intended to receive information about granting him access rights to digital content,

and means of transmission of the request to the rights Issuer and the server for the definition and implementation of the specified transaction, carrying out, therefore, the transfer of access rights to digital the content rights object from the device of the first user to the second user device.

39. The device according to 38, in which the transaction also includes returning at least one rights object (OP) to the server.

40. The device according to 38, which is adapted to generate a request message containing

the ID of the terminal

the identity of the server and

the identifier of at least one OP.

41. The device according to p, which is adapted to generate a request message containing

derived value

indicator procedures upolnomochenaya performed by a server, and

the digital signature.

42. The device according to 38, which is adapted to generate a request message containing the identifier of the second terminal if the transaction is a transfer of at least one OP the second device.

43. The device according to 38, which is adapted to remove at least one OP after receiving the response message indicating that the transaction was completed successfully.

44. The device according to 39, which is adapted to connect to the server in order to return at least one OP after receiving a message about the connection after sending a request message indicating that the transaction is a return of at least one OP.

45. The device according to item 44, which is adapted to select the option of return by at least one option return presented by the server.

46. The device according to item 45, in which at least one option return contains payment cybernetically and issuing at least one other OP.

47. The device according to 38, which is adapted to connect to the server using the connection information contained in a received status message indicating that transmission of at least one OP the second device was unsuccessful.

48. The device according to 38, which is adapted to select the option of return of the at least one option of a refund, provided by the server.

49. The device according to p, in which at least one option return contains at least two payment cybernetically, re-attempt the transfer, other SOS and feedback OP.



 

Same patents:

FIELD: portable electronic devices.

SUBSTANCE: portable electronic device includes memory to store a secret code in the form of pre-defined character sequence; rotating device with touch surface providing for user tactile impact and installed in such a manner as to provide for rotation around its axis; feedback tools separated from the rotating device to provide for feedback to user when turning the rotating device; conversion tool to convert each turn in sequence of turns of the rotating device to a character of corresponding ordered test character sequence, and verification tool to verify the test character sequence by comparing it with pre-defined character sequence.

EFFECT: user convenience during input of test character sequence along with provision of security and restriction of access to the device or to its individual functions.

33 cl, 7 dwg

FIELD: cryptography.

SUBSTANCE: in accordance to the method, cryptographic module is provided with two types of data, which may be received even from a communication partner who is not cryptographically reliable, and which either remain in cryptographic module, or are connected to the document. The information, which remains in cryptographic module, is used to protect the information in the document by generation of a check value, and information which is transferred to document, is used to confirm the fact that the document is protected by a cryptographic module, during the check of document authenticity in a control device.

EFFECT: the contact between cryptographically reliable contact device and document creator is realized directly.

2 cl, 3 dwg

FIELD: infrastructure of public keys (PKI), namely, registration and activation of PKI functions in infrastructures of public keys in SIM-cards.

SUBSTANCE: in accordance to the method, reference code and corresponding activation code are recorded in a table at protection server integrated in PKI or connected to PKI. The user inputs reference code or number in record form together with his personal data, after that the form is sent to PKI and to protection server. After registration is confirmed from the side of PKI, the confirmation information is transmitted to user and supplemented with a request to input activation code at user terminal. Simultaneously, the activation code associated with reference code in the table and identification data of smart-card of user are transmitted to activation module in PKI, then activation code together with identification data of smart-card is transmitted from terminal to activation module and on receipt thereof the activation module determines whether the data coincides with activation code and identification data, provided in advance by protection server, and in case they do, the module performs command of activation of PKI-component of smart-card.

EFFECT: reduced processing time.

13 cl

FIELD: methods and system for processing visualized digital information.

SUBSTANCE: the system for protecting visualized digital data contains a set of computing devices, where at least one of them is the main device, and at least another one is a remote computing device, where each one of aforementioned devices contains one or more processing components, configured for usage in data processing chain, consisting of components for processing protected information, subject to visualization for user, individual processing components which support one or more of such interfaces, such as authentication interface and intermediary authentication interface, where the intermediary authentication interface ensures reading of authentication identifiers and recording of authentication identifiers, and authentication identifier uses for each one of one or more lists for checking each component in each one of aforementioned one or more lists, to determine authorized components, where an authorized component may receive non-encrypted data. Methods describe operation of the system.

EFFECT: protection from unsanctioned access or duplication of unprotected information immediately after that information reaches visualization device, such as a user computer.

20 cl, 8 dwg

FIELD: online transactions.

SUBSTANCE: method for conducting an online transaction includes providing a transaction manager. Single use transaction request identification is generated, transaction manager compares transaction request identification to banking information of registered user. Registered user is provided with transaction request identification, registered user requests purchase of product or service from a merchant, where purchase requests includes providing transaction request identification to the merchant. The merchant dispatches a request to transaction manager for payment by money transfer from user to merchant, where payment request includes identification of transaction request and cost; check by transaction manager of trustworthiness of transaction request identification; and, if transaction request information is trustworthy, request for electronic transfer of money is dispatched to financial institution to transfer a sum of money from user account to another account; it is checked, whether sufficient sum of money is available on banking account of user, and, if sufficient amount is available, the financial institution conducts the transfer according to banking information; and transaction manager receives confirmation about transaction from financial institution and dispatches a confirmation to the merchant.

EFFECT: increased efficiency.

5 cl, 16 dwg

FIELD: protocols for interaction of peer entities of network structure and, in particular, concerns protective infrastructures for protocols of interaction of peer entities.

SUBSTANCE: methods are provided, which suppress capability of malicious node to disrupt normal operation of peer-to-peer network. Claimed methods allow nodes to use both protected and unprotected data about identity, ensuring self-check thereof. Then necessary or comfortable, association of ID is checked by "enclosing" a trustworthiness checking procedure into appropriate messages. Probability of connection to malicious node is initially reduced due to random selection of node with which connection is established. Also, information from malicious nodes is identified and may be discarded by recording information about previous connections, which will require a response in the future.

EFFECT: creation of protection infrastructure for a system with peer-to-peer network structure.

4 cl, 6 dwg

FIELD: communications engineering, possible use for checking protection of message (Msg), which is transmitted and received in electronic form.

SUBSTANCE: in accordance to the invention method contains stages at transmitting side, at which unambiguous message identifier is associated with message (IDMsg) and control identifier (IDCONTR) of identification code of message owner, which is received by applying encoding (12), connected to owner of transmitted message, to unambiguous message identifier (IDMsg). At receiving side method contains stages, at which fact of presence or absence of already received message with the same associated unambiguous message identifier (IDMsg) is checked and transmitted by means of signal, and match is determined between unambiguous message identifier (IDMsg), associated with received message, and result (IDDCONTR) of decoding of user name of control (IDCONTR).

EFFECT: ensured control of protection of message which is transmitted and received in electronic form.

3 cl, 3 dwg

FIELD: computer networks.

SUBSTANCE: in accordance to the invention, in home computer network, formed with presence of controlling devices and control station, device for notifying control station about operation state of digital rights management relatively to control device includes: DRM module, which executes digital rights management; module for generating status variables, which receives information about operation condition of DRM from DRM module, which indicates condition of current active DRM process, and on basis of received DRM status information generates DRM status variables; and module for universal detection and auto-adjustment of devices (uPnP), which, using uPnP protocol, transmits generated status variables to control station.

EFFECT: recognition of operation state of digital rights management (DRM) process in DRM system, which uses universal protocol (uPnP) for recognition and auto-adjustment of devices.

2 cl, 7 dwg

FIELD: engineering of systems for protecting communication channels, which realize claimed method for user authentication on basis of biometric data by means of provision and extraction of cryptographic key and user authentication.

SUBSTANCE: in accordance to the invention, neither biometric template nor cryptographic user key are explicitly represented in information storage device, without provision of biometric sample and information storage device with a pack stored on it, any cryptographic operations with data are impossible.

EFFECT: creation of biometric access system and method for provision/extraction of cryptographic key and user authentication on basis of biometry, increased key secrecy level, increased reliability, expanded functional capabilities and simplified system creation process.

2 cl, 2 dwg

FIELD: information processing devices.

SUBSTANCE: communication system contains data transfer device, consisting of command transmission block, control block, block for generation of expected value, authentication block, block for measuring response time, block for determining data transfer permission, and data receipt device consisting of command receipt block, block for generating authentication data, block for generating response message, block for transferring response message into data transfer device. Also disclosed are data transfer devices, data receiving devices, data transfer methods, data receipt methods.

EFFECT: increased precision of time measurement, required for transfer of data to communication partner.

14 cl, 16 dwg

Method of gambling // 2324228

FIELD: electricity, sports.

SUBSTANCE: in method of gambling each player who is going to leave casino and to continue gambling in this casino remotely is required to deposit certain money by either cash or cashless payment to his/her personal account in automated database of player personal accounts. Payment can be made by the player in cash or cashless form as a certain sum of money, which the casino transfers to appropriate personal account in the automated database of player personal accounts using a remote terminal. Payment can be made by the player through buying a gambling card that is provided with a unique code covered with erasable protective layer. Then the player activates this card. Using appropriate messages (for example, SMS messages) sent to game operator through telecommunication devices (mobile phones) and thanks to telecommunication services provided by telecommunication operators players make their bets by transferring corresponding sums of money from their personal accounts in the automated database of personal accounts to corresponding accounts of the automated database of bet accounts. Using software/hardware tool the game operator defines winnings by calculating won bets within the total number of bets recorded in accounts of the automated database of bet accounts. Based on results of said calculation the game operator transfers winnings to corresponding personal accounts of the automated database of player personal accounts. The casino receives corresponding information on winnings recorded in the database through terminal and pays out winnings based on this information.

EFFECT: provision of player mobility within the process of gambling allowing player to leave casino and to perform other types of activities in his/her discretion and to move freely without interrupting the process of gambling.

3 cl, 3 dwg

FIELD: electricity.

SUBSTANCE: method includes phases as follows: wireless communication device is registered on wireless communication network; identification data is transferred from said wireless communication device to said wireless communication network; data is transferred from said wireless communication network to said wireless communication device including at least a questionnaire and the data transferred within the first procedure of wireless communication device registration; the questionnaire is displayed on the screen of end-user; feedback of the end-user is collected; feedback is transferred from said wireless communication device to said wireless communication network within the second registration procedure.

EFFECT: increasing of veracity of accepted data.

7 cl, 9 dwg

FIELD: engineering of systems for controlling processes related to usage of informational resources, possible use in health care for realization of organizational technologies.

SUBSTANCE: the system contains periodical control and information gathering block, decision making block, adder, comparison block, memory block, logical ranking block and information output device.

EFFECT: expanded functional capabilities of system, simplified usage.

5 dwg

FIELD: forfeiting transactions, in particular, methods for controlling computerized forfeiting exchange, including creation of forfeiting transactions.

SUBSTANCE: in accordance to the invention, in Internet network, a document for selecting opposite side on request is provided for browsing on web-site with a device for inputting aforementioned selection, and seller is permitted to identify types of buyers by inputting variants of selection in aforementioned selection document, proposal document is provided on seller request, trader is permitted to present an instance of proposal document, buyer is permitted to create an instance of document of opposing proposal, creation of an instance of opposing proposal is permitted and access of opposing side to it is ensured.

EFFECT: ensured capacity for selecting types of opposite sides and types of assets in computerized forfeiting exchange.

3 cl, 5 dwg

FIELD: technology for electronic purchase of goods and services using mobile components.

SUBSTANCE: method includes selection of goods through a trading terminal, identification of prepayment account through a trading terminal, provision of payment information, replenishment of prepayment account by providing prepayment account information from transaction system to one of providers of selected product or service. The account replenishment system contains a mobile component, a trading terminal, transaction system of data transmission network, which contains a routing system and an application server, a set of providers, a set of payment systems.

EFFECT: expanded functional capabilities, due to replenishment of prepayment account.

2 cl, 6 dwg

FIELD: computer engineering, in particular, system for maintaining electronic files of personnel book-keeping of municipal structures.

SUBSTANCE: the system contains a block for receiving user requests, a block for selecting address of records in server database, block for identification of number of cycles of database record reading, block for selecting time limits of data records selection, block for forming signals for reading records of database, block for identification of database records, block for determining depth of data selection, block for accumulating addition of analytical data and a data dispensing block.

EFFECT: increased speed of system operation due to localization of range of data search addresses in database of system server.

10 dwg

FIELD: method and informational systems for accounting and controlling movement of objects in business turnaround.

SUBSTANCE: method includes forming groups of identifiers matching the number of objects of each name, subject-owner during transfer of objects to subject-getter transfers changed database access code to him. During control of authenticity of objects, facts of coincidence of identifiers in requests to database are detected for objects which belong simultaneously to different subjects, and such objects are identified as falsified. System for realization of the method is described.

EFFECT: prevented protection of marked objects from falsification.

2 cl, 3 dwg

FIELD: methods for determining authenticity of wares which are produced and realized in a legitimate way.

SUBSTANCE: in accordance to the method, an N-digit number is applied onto a product or its package together with an instruction for checking aforementioned number. Aforementioned N-digit numbers and unique codes, which correspond to numbers, are generated by means of a program once during the installation of the system. N-digit number is assigned to product in the center for assigning unique product codes. Simultaneously, information is recorded into unified database, which includes following information, corresponding to N-digit number: unique code of product which contains country code, manufacturer code, product code, additional information codes, including those intended for advertising. Authenticity of goods is checked by checking the unique product code which corresponds to N-digit number, reported by a consumer through means of telecommunications. If the reported N-digit number matches the N-digit number from the unified database, information about the product is provided to the consumer, which indicates that the product is considered authentic, and if the numbers do not match, information about the product is provided to the consumer, which indicates that the product is considered to be a result of counterfeiting.

EFFECT: increased reliability when checking authenticity of goods.

3 cl, 1 dwg

FIELD: electronic systems for mutual payments.

SUBSTANCE: the system contains commercial accounting devices, each one provided with a block for automatic regulation of volume of provided services and with a device for electronic input-output of related characteristics depending on numerical characteristics, payment receiving station, payment processing center with a module for conducting clearing operations, made with possible regular exchange of information with databases of service providers and/or authorized banks, and/or executive power, and/or controlling (supervising) structures, at least one database of mutual obligations and demands, database of indications of commercial accounting devices, block for differentiation of payments, check connection block for connecting payment receiving station to payment processing center, at least one payment splitting module and personal information carrier, made with possible exchange and overwriting of aforementioned characteristics and containing constant information about the client, sufficient for identification of the client (features, shared with a prototype), while at least one commercial accounting device and one payment receiving station are structurally combined in one device, which is installed in a location, which is accessible for each client of the system and provided with a module for recognition of commands of identified client which concern setting priorities for paying off mutual obligations and demands, and for transmitting aforementioned commands to payment differentiation block and/or module for conducting clearing operations and/or module for splitting payments. Or, instead of the personal information carrier, the system is provided with the module for identification of the client on basis of biometric data.

EFFECT: expanded functional capabilities with increased adaptability of the system and with possible control over the movement of monetary resources.

2 cl, 2 dwg

FIELD: informational and telecommunication technologies, possible use in management systems of military structures, in control systems which are used in case of breakdowns and emergencies.

SUBSTANCE: in accordance to the first variant, the management system contains two subsystems with analogical technical means. Technical means in each subsystem are connected to local area computing network. In the local area network of first subsystem, one computer has additional network connection for communication with analogical output of corresponding computer from local area network of the second subsystem. To exchange data between subsystems, local area network is used, which is created by connecting aforementioned outputs. In accordance to the second variant, a commutator is introduced to the system, and in local area network of first subsystem one of computers has an additional network output, connected to commutator, to outputs of which additional network outputs of active computers of other subsystems are connected. For exchanging data, a local area network is created on the basis of commutator and computer with additional network outputs. In accordance to third variant, introduced into management system are access point and other radio devices, which in conjunction ensure functioning of a wireless local area network. In the local area network of first subsystem, one of computers has an additional network output, connected to the access point. Analogical additional network outputs of corresponding computers from local area networks of other subsystems are connected to radio devices. Described wireless local area network is used to exchange data.

EFFECT: expanded functional capabilities of the system.

3 cl, 5 dwg

FIELD: computer engineering, possible use for trusted loading of a computer and for protection from unsanctioned access to information, which is stored in personal computers and in computerized informational and computing systems.

SUBSTANCE: device contains controller for exchanging information with external information carrier, controller for exchanging information with computer, processor for identification and authentication of users, blocks of energy-independent memory, module for blocking common control bus and exchanging computer data when an attempt of unsanctioned access to it is made, power management device, block of interfaces of external devices, module for blocking external devices, energy-independent flash memory, hardware indicator of random numbers, microcontroller of sensors of opening and extraction of computer components, random-access memory device, where introduced additionally to identification and authentication processor are module of constant user authentication, module for checking integrity and conditions of hardware components of protection device, module for controlling load on switches of hardware encoder, module for controlling network adapters, module for interaction with system for delimiting access and module for interaction with servers of informational and computing system.

EFFECT: expanded functional capabilities and increased efficiency of protection of information from unsanctioned access.

1 dwg

Up!