1. Field of the Invention
The exemplary embodiments of the present invention generally relate to distribution of digital works and more particularly to controlling usage rights to digital works or other items by stakeholders thereof.
2. Description of Related Art
One of the most important needs to enable the development of widespread distribution of digital works, for example, documents or other content in forms readable by computers, and management of the use of digital works via electronic means, and the Internet in particular, is the ability to designate and enforce the intellectual property rights and other rights of content owners, consumers and other stakeholders during the distribution and use of digital works. Efforts to meet this need have been termed Intellectual Property Rights Management (IPRM), Digital Property Rights Management (DPRM), Intellectual Property Management (IPM), Rights Management (RM), and Electronic Copyright Management (ECM), collectively referred to as Digital Rights Management (DRM) herein. There are a number of issues to be considered in digital rights management. For example, authentication, authorization, accounting, payment and financial clearing, rights specification, rights verification, rights enforcement, and document protection issues should be addressed. Commonly-assigned U.S. Pat. No. 5,530,235, No. 5,629,980, No. 5,634,012, No. 5,638,443, No. 5,715,403, No. 6,233,684, and No. 6,236,971, the entire disclosures of all of which are hereby incorporated by reference herein, disclose Digital Rights Management systems and methods addressing these and other issues.
In the world of printed documents, a work created by an author usually can be provided to a publisher, which can format and print numerous copies of the work. Such copies then can be sent by a distributor to bookstores or other retail outlets from which the copies can be purchased by end users. While the low quality of copying and the high cost of distributing printed material have served as deterrents to unauthorized copying of most printed documents, it is far too easy to copy, modify, and redistribute unprotected digital works. Accordingly, some method of protecting digital works is necessary to make it more difficult to copy or otherwise use such works without authorization.
It has been widely recognized that it is difficult to prevent, or even deter people from making unauthorized copies, distributions or other uses of electronic works within current general-purpose computing and communications systems, such as personal computers, workstations, and other devices connected over communications networks, such as local area networks (LANs), intranets, and the Internet. Many attempts to provide hardware-based solutions to prevent unauthorized copying have proven to be unsuccessful. In addition, hardware-based solutions can fail to protect the rights of consumers, and the like, because such solutions can prevent exercise of legitimate rights, for example, such as authorized copying. The proliferation of high bandwidth or broadband communications technologies will render it even more convenient to distribute large documents electronically, including video files, such as full-length motion pictures, and thus will remove remaining deterrents to unauthorized copying, distribution or other uses of digital works, as well as increase the need to enable authorized use. Accordingly, Digital Rights Management technologies are becoming a high priority.
Two basic Digital Rights Management schemes have been employed to attempt to solve the document protection problem, including secure containers and trusted systems. A secure container or an encrypted document offer a way to keep document contents encrypted until a set of authorization conditions are met and some copyright terms are honored, such as payment for use. After the various conditions and terms are verified with the document provider, the document can be released to the user in clear form. Commercial products, such as CRYPTOLOPES from IBM and DIGIBOXES from InterTrust can fall into this category. The secure container approach provides a solution to protecting the document during delivery over insecure channels, but does not provide any mechanism to prevent legitimate users from obtaining the clear document and then using and redistributing the clear document in violation of intellectual property rights of the content owners.
Cryptographic mechanisms typically are used to encrypt or encipher documents that are then distributed and stored publicly, and ultimately privately deciphered by authorized users. Such mechanisms provide a basic form of protection during document delivery from a document distributor to an intended user over a public network, as well as during document storage on an insecure medium.
In the trusted system approach, the entire system is responsible for preventing unauthorized use and distribution of the document. Building a trusted system usually entails introducing new hardware, such as a secure processor, secure storage and secure rendering devices. This also requires that all software applications that run on trusted systems be certified to be trusted. While building tamper-proof trusted systems is a real challenge to existing technologies, current market trends suggest that open and untrusted systems, such as personal computers (PCs) and workstations using browsers to access the Web, will be the dominant systems used to access digital works. In this sense, existing computing environments, for example, PCs, laptop computers, handheld computers, workstations, and the like, equipped with popular operating systems, such as Windows, Macintosh, Linux, UNIX, and the like, rendering applications, such as Web browsers, and the like, typically are not trusted systems and typically cannot be made into trusted systems without significantly altering the architectures thereof. However, alteration of the architecture defeats a primary purpose of the Web, such as flexibility and compatibility.
U.S. Pat. No. 5,634,012, for example, discloses a system for controlling the distribution of digital documents, wherein each rendering device can include a repository associated therewith. A predetermined set of usage transaction steps can be used to define a protocol used by the repositories for carrying out usage rights associated with a document. Conceptually, a repository can include a set of functional specifications defining core functionality. A repository can include a trusted system in that the repository can maintain physical integrity, communications integrity and behavioral integrity. A repository can be removable or stationary, can be big or small or portable, can be in any suitable shape, such as a card or smartcard, or can have other functionalities, such as a microprocessor.
Usage rights can be encapsulated with the document content or otherwise associated with the document to travel with the document. The usage rights can permit various type or manners of use of the content, such as viewing only, use once, distribution, and the like. Usage rights can be granted based on payment or other conditions or variables and are generally set prior to distribution to the user. For example, usage rights may grant a user of content certain privileges, such as the ability to view and print the content, in exchange for a specific fee. However, there are dynamic conditions that can affect the cost or desirability of distributing content and Digital Rights Management techniques typically do not account for such dynamic conditions.