1. Field of the Invention
The invention relates generally to digital representations of images and other information and more specifically to techniques for protecting the security of digital representations and of analog forms produced from them.
2. Description of the Prior Art
Nowadays, the easiest way to work with pictures or sounds is often to make digital representations of them. Once the digital representation is made, anyone with a computer can copy the digital representation without degradation, can manipulate it, and can send it virtually instantaneously to anywhere in the world. The Internet, finally, has made it possible for anyone to distribute any digital representation from anywhere in the world
From the point of view of the owners of the digital representations, there is one problem with all of this: pirates, too, have computers, and they can use them to copy, manipulate, and distribute digital representations as easily as the legitimate owners and users can. If the owners of the original digital representations are to be properly compensated for making or publishing them, the digital representations must be protected from pirates. There are a number of different approaches that can be used:
the digital representation may be rendered unreadable except by its intended recipients; this is done with encryption techniques;
the digital representation may be marked to indicate its authenticity; this is done with digital signatures;
the digital representation may contain information from which it may be determined whether it has been tampered with in transit; this information is termed a digest and the digital signature often includes a digest;
the digital representation may contain a watermark, an invisible indication of ownership which cannot be removed from the digital representation and may even be detected in an analog copy made from the digital representation; and
the above techniques can be employed in systems that not only protect the digital representations, but also meter their use and/or detect illegal use. For an example of a system that uses encryption to protect digital representations, see U.S. Pat. No. 5,646,999, Saito, Data Copyright Management Method, issued Jul. 8, 1997; for a general discussion of digital watermarking, see Jian Zhao, xe2x80x9cLook, It""s Not Therexe2x80x9d, in: BYTE Magazine, January, 1997. Detailed discussions of particular techniques for digital watermarking may be found in E. Koch and J. Zhao, xe2x80x9cTowards Robust and Hidden Image Copyright Labelingxe2x80x9d, in: Proc. Of 1995 IEEE Workshop on Nonlinear Signal and Image Processing, Jun. 20-22, 1995, and in U.S. Pat. No. 5,710,834, Rhoads, Method and Apparatus Responsive to a Code Signal Conveyed through a Graphic Image, issued Jan. 20, 1998. For an example of a commercial watermarking system that uses the digital watermarking techniques disclosed in the Rhoads patent, see Digimarc Watermarking Guide, Digimarc Corporation, 1997, available at http://www.digimarc,com in March, 1998.
FIG. 1 shows a prior-art system 101 which employs the above protection techniques. A number of digital representation clients 105, of which only one, digital representation client 1050) is shown, are connected via axe2x80x2 network 103 such as the Internet to a digital representation server 129 which receives digital representations from clients 105 and distributes them to clients 105. Server 129 includes a data storage device 133 which contains copied digital representations 135 for distribution and a management database 139. Server 129 further includes a program for managing the digital representations 135, a program for reading and writing watermarks 109, a program for authenticating a digital representation and confirming that a digital representation is authentic 111, and a program for encrypting and decrypting digital representations 113. Programs 109, 111, and 113 together make up security programs 107.
Client 105 has its own versions of security programs 107; it further has editor/viewer program 115 which lets the user of client 105 edit and/or view digital representations that it receives via network 103 or that are stored in storage device 117. Storage device 117 as shown contains an original digital representation 119 which was made by a user of client 105 and a copied digital representation 121 that was received from DR Server 129. Of course, the user may have made original representation 119 by modifying a copied digital representation. Editor/viewer program 115, finally, permits the user to output digital representations to analog output devices 123. Included among these devices are a display 125, upon which an analog image 124 made from a digital representation may be displayed and a printer 127 upon which an analog image 126 made from the digital representation may be printed. A loudspeaker may also be included in analog output devices 123. The output of the analog output device will be termed herein an analogform of the digital representation. For example, if the output device is a printer, the analog form is printed sheet 126; if it is a display device, it is display 124.
When client 105(j) wishes to receive a digital representation from server 129, it sends a message requesting the digital representation to server 129. The message includes at least an identification of the desired digital representation and an identification of the user. Manager 131 responds to the request by locating the digital representation in CDRs 135, consulting management data base 139 to determine the conditions under which the digital representation may be distributed and the status of the user of client 105 as a customer. If the information in data base 139 indicates to manager 131 that the transaction should go forward, manager 131 sends client 1050) a copy of the selected digital representation. In the course of sending the copy, manager 131 may use watermark reader/writer 109 to add a watermark to the digital representation, use authenticator/confirmer 111 to add authentication information, and encrypter/decrypter 113 to encrypt the digital representation in such a fashion that it can only be decrypted in DR client 105(j).
When client 105(j) receives the digital representation, it decrypts it using program 113, confirms that the digital representation is authentic using program 111, and editor/viewer 115 may use program 109 to display the watermark. The user of client 1050) may save the encrypted or unencrypted digital representation in storage 117. The user of client 105 (j) may finally employ editor/viewer 115 to decode the digital representation and output the results of the decoding to an analog output device 123. Analog output device 123 may be a display device 125, a printer 127, or in the case of digital representations of audio, a loudspeaker.
It should be pointed out that when the digital representation is displayed or printed in analog form, the only remaining protection against copying is watermark 128, which cannot be perceived in the analog form by the human observer, but which can be detected by scanning the analog form and using a computer to find watermark 128. Watermark 128 thus provides a backup to encryption: if a digital representation is pirated, either because someone has broken the encryption, or more likely because someone with legitimate access to the digital representation has made illegitimate copies, the watermark at least makes it possible to determine the owner of the original digital representation and given that evidence, to pursue the pirate for copyright infringement and/or violation of a confidentiality agreement.
If the user of client 105(j) wishes to send an original digital representation 119 to DR server 129 for distribution, editor/viewer 115 will send digital representation 119 to server 129. In so doing, editor/viewer 115 may use security programs 107 to watermark the digital representation, authenticate it, and encrypt it so that it can be decrypted only by DR Server 129. Manager 131 in DR server 129 will, when it receives digital representation 119, use security programs 107 to decrypt digital representation 119, confirm its authenticity, enter information about it in management data base 139, and store it in storage 133.
In the case of the Digimarc system referred to above, manager 131 also includes a World Wide Web spider, that is, a program that systematically follows World Wide Web links such as HTTP and FTP links and fetches the material pointed to by the links.
Manager program 131 uses watermark reading/writing program to read any watermark, and if the watermark is known to management database 139, manager program 131 takes whatever action may be required, for example, determining whether the site from which the digital representation was obtained has the right to have it, and if not, notifying the owner of the digital representation.
While encryption, authentication, and watermarking have made it much easier for owners of digital representations to protect their property, problems still remain. One such problem is that the techniques presently used to authenticate digital documents do not work with analog forms; consequently, when the digital representation is output in analog form, the authentication is lost. Another is that present-day systems for managing digital representations are not flexible enough. A third is that watermark checking such as that done by the watermark spider described above is limited to digital representations available on the Internet. It is an object of the present invention to overcome the above problems and thereby to provide improved techniques for distributing digital representations.
One aspect of the invention is an improved general understanding of the techniques for hiding authentication information first disclosed in the parent patent application. As presently understood, apparatus which authenticates a digital representation of an object will have an authenticator which uses first information in a first portion of the digital representation to produce first authentication information and an incorporator which incorporates the first authentication information in a second portion of the digital representation which does not overlap the first portion.
The authentication information may be produced from more significant portions of items of data that represent physical effects and may be incorporated into less significant portions of such items that do not overlap the more significant portions. The authentication information may further be produced from a first specific region of an image and incorporated into a second specific region that does not overlap the first specific region or from a document layer and incorporated into an image layer that is separate from the document layer in the digital representation. With any of the above aspects of the invention, the authentication information may also be semantic information. Semantic information may further include vector data, content codes, and metadata.
Another aspect of the invention is apparatus for determining authenticity of a digital representation of an object where the digital representation includes embedded first authentication information. The apparatus includes a storage system in which stored keys are associated with stored reference numbers and a processor that receives the digital representation and a reference code associated with the digital representation. The processor further includes an authentication information reader and a comparator. The processor employs the reference code to retrieve a key associated with the reference number from the storage system and the authentication information reader uses the key to read the embedded first authentication information. The comparator then compares the read first authentication information with second authentication information. The second authentication information may either be stored in the storage system and retrievable by the reference code or may be semantic information in the digital representation which is read as described in the parent. The digital representation may have been made from an analog form and the analog form may have included a security pattern that is a physical part of the analog form. The security pattern may be included with the digital representation and may be used in determining authenticity of the digital representation.
Another aspect of the invention is a technique for reducing the errors due to an OCR device when a first digital document that contains one or more alphanumeric characters that confuse the OCR device is the source of an analog form that is scanned to produce a second digital document that is read by the OCR device. In the technique, the first digital document is searched to find the confusing alphanumeric characters and a character string of the found confusing characters is made. The order of the confusing characters in the character string is determined by the order of the confusing characters in the first digital document. A representation of the character string is then incorporated into the digital document in a portion thereof that does not overlap with the representations of the alphanumeric characters. The representation may be incorporated as a watermark.
Other objects and advantages of the invention will be apparent to those skilled in the arts to which the invention pertains upon perusing the following Detailed Description and Drawing, wherein: