1. Technical Field
The present invention relates generally to distributing image content over a computer network. More specifically, the invention relates to protecting images via a policy-based set of credentials that results in the distribution of one of multiple versions of an image.
2. Description of the Related Art
The World Wide Web is the Internet""s multimedia information retrieval system. In the web environment, client machines effect transactions to web servers using the Hypertext Transfer Protocol (HTTP), which is a known application protocol providing users access to files (e.g., text, graphics, images, sound, video, etc.) using a standard page description language known as Hypertext Markup Language (HTML). HTML provides basic document formatting and allows the developer to specify xe2x80x9clinksxe2x80x9d to other servers and files. In the Internet paradigm, a network path to a server is identified by a so-called Uniform Resource Locator (URL) having a special syntax for defining a network connection. Use of an HTML-compatible browser (e.g., Netscape Navigator or Microsoft Internet Explorer) at a client machine involves specification of a link via the URL. In response, the client makes a request to the server identified in the link and, in return, receives in return a document or other object formatted according to HTML. A collection of documents supported on a web server is sometimes referred to as a web site.
One of the technical advantages of the World Wide Web is the ease with which digital content (e.g., images, graphics, sound, video, movies and the like) may be transmitted and distributed to many users. Indeed, copying a digital file is as easy as clicking on a computer mouse. Copyright laws afford a copyright owner the exclusive right to reproduce the copyrighted work in copies, to distribute such copies, and to publicly perform and display the work. Each time a digital file is transferred over the Internet and copied into memory of a user""s computer, the copyright owner""s exclusive reproduction right is implicated. Indeed, in an open system (e.g., a personal computer accessing the World Wide Web through an Internet Service Provider (ISP)), copies of copyrighted materials can undergo unlimited further copying and transmission without the ability of the owner to collect appropriate compensation. In addition, a site need not even host given content to cause infringement if it includes links to such content.
Many content providers naturally are hesitant to make their copyrighted works available over the Internet due to the ease with which these materials may be copied and widely disseminated without adequate compensation. Presently, Internet commerce remains highly unregulated, and there is no central authority for managing collection and allocation of content provider royalties. Moreover, while publishers and content rights societies and organizations are attempting to address the legal and logistical issues, the art has yet to develop viable technical solutions.
Protection of image content is of special concern to content providers. The growth of electronic commerce in particular has been fueled in large part by the widespread availability of image content on the web. While copyright provides significant protection for images, techniques for protecting images from wrongful copying and reuse have not kept pace. In this regard, it is known in the prior art to limit access to certain image content on an all or nothing basis. Thus, for example, access control technology, such as ACLs, are used to restrict certain content to certain authorized users. Such techniques either provide access to the images or they do not. Another approach to distribution of image content is described in U.S. Pat. No. 5,760,917 to Sheridan. This patent discloses a distributed system that controls access to images stored at a central hub. A content provider defines a set of access rights (e.g., view, print, copy) for given third parties that are permitted access to the images. The third party is then notified of his or her access rights. That notification may include a low resolution version of all or some of the images. In another technique, as described in U.S. Pat. No. 5,784,461, an encryption technique is used to secure high resolution images stored at an image fulfillment center. A permitted user is sent a low resolution image, together with information that enables the user to decrypt and access the high resolution image. A similar technique is described in U.S. Pat. No. 5,699,458, wherein images are encoded and users may only be allowed access to a low resolution image (i.e. a thumbnail) or the entire image, depending on the encoding scheme used.
While such techniques do provide secure and limited access to different image versions, they typically require complex and costly protection schemes. Moreover, these techniques often require specialized software at the client, which is undesirable.
There remains a need to provide an image distribution technique for the Internet that is lightweight, that uses existing protocols, and that is completely transparent to the end user. This invention solves this important problem.
The present invention protects images via a server-based policy that results in the selective distribution of one of multiple versions of an original image. The policy includes a set of one or more rules that each include given criteria. When a request for a web page is received, a given rule in the set is evaluated against client-specific data (e.g., such as the identity of the referring page) obtained from the client request. If a condition of the rule is satisfied against the client-specific data, a given restriction may be imposed on the image distribution.
Thus, the rules in the policy determine which version, if any, is served in a given page. Thus, for example, a given policy may include a rule that a given image is not distributed from the server to any referring pages outside of a given domain. Another rule may restrict distribution to a modified version of an image, e.g., a version that is overlaid with a company logo or watermark, to any client machine that is not on a permitted list of IP addresses. Yet another rule may restrict distribution to a low resolution version of the image to any referring page that is within a given third party domain. Of course, the above examples are merely exemplary.
Thus, with the policy-based implementation of the present invention, the web server administrator may develop an access policy comprising a set of one or more rules that limit how an image is distributed from the server in response to client-specific data included in server requests received from web clients in the network. The respective access policy may be based on given client-specific access criteria, e.g., the identity of the referring page, the client machine IP address, an ISP identity, a user identifier such as a cookie, the existence of a user authentication, or the like, however, the client-specific access restriction need not be exposed to the requesting clients.
In accordance with an embodiment of the invention, a method of restricting access to an image begins by establishing a distribution policy at a server. The policy defines at least one rule that defines criteria for permitted distribution of the image. In response to receipt of a request for the image (or for a page that includes the image), the method parses the request to identify specific data pertaining to the requesting client. This data is then compared to the distribution criteria in the rule. A given version of the image is then served as a result of the comparison. The version may have been stored at the server or it may generated xe2x80x9con-the-flyxe2x80x9d as the page is served to the requesting client.
The foregoing has outlined some of the more pertinent objects and features of the present invention. These objects should be construed to be merely illustrative of some of the more prominent features and applications of the invention. Many other beneficial results can be attained by applying the disclosed invention in a different manner or modifying the invention as will be described. Accordingly, other objects and a fuller understanding of the invention may be had by referring to the following Detailed Description of the Preferred Embodiment.