1. Field of the Invention
The present invention is directed to digital rights management systems for controlling the distribution of items, such as digital content. In particular, the present invention is directed to such systems that distribute content to specified end users.
2. Description of Related Art
One of the most important issues impeding the widespread distribution of digital works (i.e. documents or other content in forms readable by computers), via electronic means, and the Internet in particular, is the current lack of ability to enforce the intellectual property rights of content owners during the distribution and use of digital works. Efforts to resolve this problem have been termed xe2x80x9cIntellectual Property Rights Managementxe2x80x9d (xe2x80x9cIPRMxe2x80x9d), xe2x80x9cDigital Property Rights Managementxe2x80x9d (xe2x80x9cDPRMxe2x80x9d), xe2x80x9cIntellectual Property Managementxe2x80x9d (xe2x80x9cIPMxe2x80x9d), xe2x80x9cRights Managementxe2x80x9d (xe2x80x9cRMxe2x80x9d), and xe2x80x9cElectronic Copyright Managementxe2x80x9d (xe2x80x9cECMxe2x80x9d), collectively referred to as xe2x80x9cDigital Rights Management (DRM)xe2x80x9d herein. There are a number of issues to be considered in effecting a DRM system. For example, authentication, authorization, accounting, payment and financial clearing, rights specification, rights verification, rights enforcement, and document protection issues should be addressed. U.S. Pat. Nos. 5,530,235, 5,634,012, 5,715,403, 5,638,443, and 5,629,980, the disclosures of which are incorporated herein by reference, disclose DRM systems addressing these issues.
In the world of printed documents and other physical content, a work created by an author is usually provided to a publisher, which formats and prints numerous copies of the work. The copies are then sent by a distributor to bookstores or other retail outlets, from which the copies are purchased by end users. While the low quality of copying and the high cost of distributing printed material have served as deterrents to unauthorized copying of most printed documents, it is far too easy to copy, modify, and redistribute unprotected digital works with high quality. Accordingly, mechanisms of protecting digital works are necessary to retain rights of the owner of the work.
Unfortunately, it has been widely recognized that it is difficult to prevent, or even deter, people from making unauthorized copies of electronic works within current general-purpose computing and communications systems such as personal computers, workstations, and other devices connected over communications networks, such as local area networks (LANs), intranets, and the Internet. Many attempts to provide hardware-based solutions to prevent unauthorized copying have proven to be unsuccessful. The proliferation of high band-width xe2x80x9cbroadbandxe2x80x9d communications technologies and the development of what is presently known as the xe2x80x9cNational Information Infrastructurexe2x80x9d (NII) will render it even more convenient to distribute large documents electronically, including video files such as full length motion pictures, and thus will remove any remaining deterrents to unauthorized copying and distribution of digital works. Accordingly, DRM technologies are becoming a high priority.
Two basic DRM schemes have been employed, secure containers and trusted systems. A xe2x80x9csecure containerxe2x80x9d (or simply an encrypted document) offers a way to keep document contents encrypted until a set of authorization conditions are met and some copyright terms are honored (e.g., payment for use). After the various conditions and terms are verified with the document provider, the document is released to the user in clear form. Commercial products such as CRYPTOLOPES(trademark) and DIGIBOXES(trademark) fall into this category. Clearly, the secure container approach provides a solution to protecting the document during delivery over insecure channels, but does not provide any mechanism to prevent legitimate users from obtaining the clear document and then using and redistributing it in violation of content owners"" intellectual property.
In the xe2x80x9ctrusted systemxe2x80x9d approach, the entire system is responsible for preventing unauthorized use and distribution of the document. Building a trusted system usually entails introducing new hardware such as a secure processor, secure storage and secure rendering devices. This also requires that all software applications that run on trusted systems be certified to be trusted. While building tamper-proof trusted systems is a real challenge to existing technologies, current market trends suggest that open and untrusted systems, such as PC""s and workstations using browsers to access the Web, will be the dominant systems used to access digital works. In this sense, existing computing environments such as PC""s and workstations equipped with popular operating systems (e.g., Windows(trademark), Linux(trademark), and UNIX) and rendering applications, such as browsers, are not trusted systems and cannot be made trusted without significantly altering their architectures. Of course, alteration of the architecture defeats a primary purpose of the Web, i.e. flexibility and compatibility.
U.S. Pat. No. 5,634,012, the disclosure of which is incorporated herein by reference, discloses a system for controlling the distribution of digital documents. Each rendering device has a repository associated therewith. A predetermined set of usage transaction steps define a protocol used by the repositories for enforcing usage rights associated with a document. Usage rights persist with the document content. The usage rights can permit various manners of use such as, viewing only, use once, distribution, and the like. Usage rights can be contingent on payment or other conditions.
A first aspect of the invention is a rights management system for managing use of items having usage rights associated therewith. The system comprises a user device adapted to receive a license having usage rights specifying a manner of use and being associated with at least one item, and allow authorized users to access the at least one item in accordance with the license. An access list associated with the at least one item is provided, the access list having identification mechanisms associated with the authorized users. In addition, a means is provided for receiving a license request for access to the at least one item on behalf of a license requesting user, the license requesting user having an associated identification mechanism. The system also comprises an access list managing device adapted to determine whether the identification mechanism associated to the license requesting user is in the access list, and provide instructions to issue the license associated with the at least one item. The system also comprises a license device adapted to issue the license associated with the at least one item upon receiving instructions from the access list managing device. The access list managing device is further adapted to provide instructions to the license device to issue the license associated with the at least one item upon determining that the identification mechanism associated to the license requesting user is in the access list.
A second aspect of the invention is a method for managing use of items having usage rights associated therewith. In one embodiment, the method includes receiving a request for a license associated with an item on behalf of a license requesting user, the license requesting user having an associated identification mechanism. The method also includes determining whether the identification mechanism associated to the license requesting user is in an access list associated with the item, the access list having identification mechanisms associated with authorized users. The method further includes issuing the license associated with the item to the license requesting user upon determining that the identification mechanism associated to the license requesting user is in the access list.