1. Field of the Invention
The present invention relates to a system for and method of providing secure data. The present invention is particularly suited for, though not restricted to, providing secure data over a wireless transmission system.
2. Description of the Related Art
The automatic distribution of multimedia content is becoming widely available. By way of example, publicly available terminals or kiosks are often provided in such locations as shopping malls and convenience stores to enable people to access audio or video material without the need for a sales representative. A person wishing to obtain such media can select from available media and receive the selected media in various forms, for example by means of loud speakers or headphones or by means of a video screen or by downloading the media in electronic form. The person obtaining the media might be doing so simply for one time information or entertainment value. Alternatively, the person might desire to retain a magnetic copy of the media, permitting the person to have repeated access to the media.
In some applications, the media might be made available to the person desiring it at no charge. For example, a store selling musical compact disks might have kiosks at which selections from available compact disks can be sampled. Such a store might wish to limit the number of selections that any one customer can sample so as to prevent people from simply listening to numerous samples with no interest in purchasing any. A method must be provided to limit the number of samples which the customer can access. Alternatively, such a store might have kiosks at which for an appropriate charge the complete contents of a compact disk can be downloaded for duplication. In such event, a method must be provided to assure that an appropriate charge is paid.
In other situations, multimedia content might be made available to persons authorized to receive such content, but must be inaccessible by others. For example, kiosks might be provided at which persons who are traveling can obtain access to e-mail that is intended for them, even though they do not have their own computer or other terminal device with them. Even if a person has a notebook computer or other terminal device accessible, the person may not have e-mail access from that device. In such cases, a secure manner must be provided to assure that e-mail can be accessed only by the correct recipient, and is not accessible by others. Similarly, multimedia content intended only for persons above a particular age might be accessible, but persons not authorized for receipt of such multimedia must not be able to access it. For example, a kiosk might be equipped to permit users to play video games, but some of the games might have content that makes it desirable to restrict access to those games to persons of at least some minimum age, such as 18, while permitting access to others of the games by all persons regardless of age.
A computer network might be accessed by a user who types in an identification and a password. After accessing the network, the user then must type in the identification of files that he or she desires to access. All of this requires a user terminal equipped with appropriate input devices, such as a keyboard and/or a mouse, and requires manual typing or other selection by the user. An undesirable amount of time is required for such a procedure, particularly if the user makes an error in the typing or other selection. In addition, significant bandwidth is required for the communication link between the user and the desired file.
Public key systems are used as signatures and for security. An entity called a certification authority (CA) performs two central functions: issuance and revocation of certificates, and secure delivery. A certificate is used as a secure way of delivering data. The certificate is signed by the CA. To verify the certificate, an authentic copy of the CA's public signature verification key is required. For example, if a person or entity has the public key of a particular CA (CA1), this person or entity can verify certificates issued by another particular CA (CA2) only if CA2's public key has been certified by CA1. This type of cross-certification of CAs is referred to as a “public key infrastructure” (PKI).
Integrated Circuit (IC) cards or electronic chip cards such as smart cards are usually the size of a conventional credit card and have six or eight electrical contacts on one face. Such smart cards contain an IC with a memory and perhaps a microprocessor. Data and programs for manipulating the data and communicating outside the card are included in the IC. In the past these cards, like prepaid cards, have been widely used in the purchase of telephone service, particularly in France and Germany, where public pay telephones accept the prepaid cards instead of coins. Typically the prepaid cards are purchased at a post office for a specific amount. The cards are inserted in a public pay telephone, connection is made to the contacts, and units of value are removed from the card as the telephone call progresses. The mechanical and electrical specifications of the cards are standardized, and one set of standards is published by the ANSI (American National Standards Institute), 11 West 42 Street, New York, N.Y. 10036 under the title “Identification cards-IC(s) cards and contacts” ISO 7816-1 and ISO 7816-2. IC cards have been manufactured and are commercially available from several companies including, for example, GEMPLUS Card International, Avenue du Pic de Bertagne, Parc d'activities de la Plane de Jougues, 13420 Gemenos, France. Once the value on the prepaid card has been consumed, for example, all of the units or value of the card have been used conventionally in telephone calls, the user has to buy another card or to refill the empty card to continue with the service.
The following summarizes some of the prior art systems for providing multimedia content to users:
Published International Patent Application No. WO 00/30117, the disclosure of which is incorporated herein by reference, shows a system for downloading music from a publically available terminal or kiosk to a self-contained personal music device for subsequent playback, with the kiosk being activated in response to insertion of a credit card or cash.
U.S. Pat. No. 5,734,719, the disclosure of which is also incorporated herein by reference, discloses a system for providing access at a retail site to a remote database to create a compact disk or a magnetic tape of a desired media, such as an audio or a video selection.
U.S. Pat. No. 5,963,916, the disclosure of which is also incorporated herein by reference, shows a similar system, with the user or customer being issued an IC card which the customer uses to activate a kiosk from which the media is accessible.
U.S. Pat. No. 6,055,314, the disclosure of which is also incorporated herein by reference, concerns a system in which a customer is issued a smart card that includes a decryption key, allowing the customer to download a video selection that is associated with the particular decryption key.
U.S. Pat. No. 6,032,130, the disclosure of which is also incorporated herein by reference, discloses a kiosk which can be activated by a credit card to allow copying of media.
U.S. Pat. No. 5,758,257, the disclosure of which is also incorporated herein by reference, shows a system for making media available to customers in which the system captures information about each customers selections and then uses that information to build a customer profile for each customer. When a previous customer returns, the system might suggest media which the customers previous selections, as incorporated in the customer profile, indicate the customer might like.
U.S. Pat. No. 5,857,175, the disclosure of which is also incorporated herein by reference, shows customer cards, each customer card having machine readable card information indicating at least identification of the card with a particular customer account; and a customer interface in communication with a computer to transfer data therebetween. The customer cards are used as medium to store individual profiles and parameters that help the delivering entity to establish profiles and produce content.
These prior art systems not only require the customer or other user to manually input information, but also do not adequately assure access only by persons authorized for access to selected multimedia content. An open communication environment and uncertainty in privacy are becoming more general, as computers, mobile phones, and the distribution channels become more popular. As a result, parties involved in the delivery and usage process are looking for more advanced ways to assure secure delivery and controlled usage of data.