This invention relates to a system and method for managing virtual property, more particularly, for managing virtual property over a distributed computer system.
With the advance of the Internet and networking technologies, a need has developed for conducting secure business transactions between distributed computer systems. These systems are typically connected through a communications network. Such a network may be, for example, a public network like the Internet or a semi-private network such as a corporate Intranet. Systems on these networks may be subject to types of attacks that may compromise or destroy data communicated between these systems. To combat these attacks, encryption technologies have been developed. Currently, computer systems implementing encryption technologies are available which allow computers to transmit secure information such as credit card information over non-secure networks such as the Internet to conduct purchases. Because private purchases may now be executed over public networks, electronic commerce has recently become popular for consumer transactions for purchasing virtual property.
Virtual property in a software construct may be a digital object or other software token that represents actual property or serves as a substitute for actual property in certain transactions. Actual property may include stocks, bonds, or any other real, tangible, or intangible property. Both virtual property and paper instruments such as a check represent actual property. Unfortunately, these cryptographic systems are also subject to attacks that may compromise the security of their transactions.
There are conventional systems which allow a user to perform secure electronic transactions between distributed computer systems. For example, the Cryptolopes system from IBM provides such a system (Cryptolopes is a registered trademark of International Business Machines, Inc.). The Cryptolopes system uses a complex rights management language to perform transactions. This system uses public-key cryptography to encode transactions and uses digital signatures to create digitally-signed digital objects which may be purchased by a user as virtual property. These digitally-signed objects may be, for example, checks, bonds, or any representation of real property that may be purchased through the system.
Such a system can be prohibitively expensive when the system supports a large number of digitally-signed digital objects because each of the digital objects are stored on the system. In particular, the objects are stored in their entirety at the centralized server such that the items cannot be forged because they are not transmitted to clients over the network. Thus, the server would require a large storage system and would require a high-performance computer system to track all of the objects.
The invention is generally directed to a system and method for managing virtual property over a distributed computer system in a secure manner.
In one aspect of the invention, a system is provided for managing virtual property represented by an identification of items and associated data, including a plurality of processes executing on one or more computer systems which exchange a digest, wherein the digest is a compressed representation of the virtual property. In another aspect, the digest is determined by performing a hashing function on an index of the virtual property. In another aspect, the index is an array of virtual property items. In another aspect, the hashing function is an MD5 hashing function.
In another aspect, a system is provided for managing virtual property including one or more computer systems functioning as owner, authenticator, and provider systems, the system comprising a plurality of owners each having a collection of one or more virtual items, wherein each collection has an associated digest, the digest being a compressed representation of an owner""s collection, an authenticator including a database of digests, and a provider which is configured to conduct a transaction with the one of the plurality of owners on the basis of a comparison between the digest of the authenticator database and the digest of the owner.
In another embodiment of the invention, a system is provided for managing virtual property including one or more computer systems functioning as owner, authenticator, and provider systems, the system comprising an owner having a collection of one or more virtual items and determining a digest according to the collection, an authenticator including a database storing the digests of said plurality of owners, and a provider which is configured to sell one or more items to one of the plurality of owners and which determines a calculated digest from a transmitted collection of virtual items when the calculated digest matches a digest stored in the database associated with the one owner.
In another embodiment of the invention, a method is provided for managing a collection of virtual items belonging to an owner and having an index associated therewith, the method comprising the steps of determining a digest by performing a hash function on the index, sending the digest to a provider, verifying the digest with an authenticator, and conducting a transaction session between the provider and the owner. In another aspect of the invention, the step of determining includes a step of performing an MD5 hashing function on the index. In another aspect, the index is an array of virtual items. In another aspect, the index is a concatenation of a plurality of virtual item indices.
In another embodiment of the invention, a method is provided for conducting transactions over a distributed network, the method comprising steps of a) authenticating an owner system to a provider system, b) verifying the virtual property of the owner by performing steps of 1) computing a digest of a collection of virtual property, 2) comparing the digest to a predetermined digest which tracks the collection, the predetermined digest being stored in a database of digests, and c) permitting the owner to perform a transaction involving the collection.
In another embodiment of the invention, a method is provided for computing a digest from a collection of virtual property items, the method comprising steps of combining indices associated with each of the virtual property items into a pre-hash index and performing a hashing function on the pre-hash index to obtain the digest.
In another embodiment of the invention, a method is provided for computing a digest from a collection of virtual property items, the method comprising the steps of storing virtual property items in a database and performing a hashing function on the database to obtain the digest.
In another embodiment of the invention, a digital information product is provided containing a data structure representing a plurality of virtual property items having a plurality of indices, wherein the data structure is created from a pre-hash index, the pre-hash index being formed by one or more of the plurality of indices of virtual property, and wherein the data structure is formed by performing a hashing function on the pre-hash index. In another aspect, the data structure has a fixed length. In another aspect, the hashing function is an MD5 hashing function. In another aspect, the data structure is determined for a subset of the plurality of virtual property items. In another aspect, the pre-hash index is formed by a concatenation of one or more of the plurality of indices of virtual property. In another aspect, the pre-hash index is a database of virtual items.
In another aspect, a method is provided for conducting transactions over a distributed network including one or more computer systems functioning as an owner, authenticator, and provider systems, the method comprising steps of a) indicating, by a first owner, a second owner with whom to trade, b) indicating a trade defining a first set of one or more virtual property items offering to trade and a second set of one or more items which are expected in return for the first set, and c) after both the first and second owner indicate that they wish to trade, confirming that both the first and second owner wish to execute the trade.
In another embodiment of the invention, a system is provided for managing virtual property including one or more computer systems functioning as owner, authentication, and provider systems, the system comprises a plurality of owners each having a collection of one or more virtual items, wherein each collection has an associated digest, the digest being a compressed representation of an owner""s collection and an authenticator including a database of digests and configured to authenticate the owner system to another system.
Further features and advantages of the present invention as well as the structure and operation of various embodiments of the present invention are described in detail below with reference to the accompanying drawings.