As is well known in the computer field, client-server computing architectures separate a client from a server and are generally implemented over computer networks such as the Internet, but not so limited. Each client or server connected to a computer network is also referred to as a “node”. The basic type of client-server architecture employs two types of nodes which are clients and servers. Note that in this context the terms “client” and “server” generally refer to software rather than the underlying computing platforms or devices or hardware, which are also sometimes referred to as “clients” and “servers”. This architecture allows computing devices to share files and resources. Each instance of the client software can send data requests to one or more connected servers. In turn, the servers accept these requests, process them, and return the requested information to the client. The clients are sometimes web browsers but not necessarily. In the present case the clients are generally not generic web browsers, however. Servers typically include web servers, database servers, and email servers.
Client-server architecture enables the roles and responsibilities of the computing system to be distributed among several independent computer platforms that are coupled only through the network. Typically the data is stored on the server platforms, which generally have greater security controls than do most clients.
In a somewhat related field, the protection of digital content transferred between computers over networks such as from a server to a client is important for many enterprises. Enterprises attempt to secure this protection by implementing some form of Digital Rights Management referent process. The DRM process often involves encrypting the piece of content (e.g., encrypting the binary form of the content) to restrict usage to those who have been granted a right to the content.
Cryptography is a traditional method of protecting data in transit across a network. In its typical application, cryptography protects communications between two mutually trusting parties from thievery. However, in many digital file transfer applications today, e.g., for the transfer of audio or video content, the party that receives the content may try to break the DRM encryption that has been earlier applied to the content.
In many known DRM systems today, the weakest link in the resulting security is not the encrypted data but rather the overall cryptographic process. For instance, one of the more successful DRM systems distributes music and video programs on line. This DRM system distributes to a user's computer content that has been similarly encrypted for all users. The user's computer then decrypts received content, generates local keys for encrypting the content, and uses these locally generated keys to re-encrypt the content.
The example of DRM systems here is merely an example where the DRM system is a client application in terms of the portion of the DRM system resident at the client platform. A complementary portion of the DRM system is resident at the server platform. It is the nature of such DRM systems that they are frequently updated or changed, usually to enhance security or for other reasons. This introduces another known technology, which is referred to as Version Control or Revision Control, which is an aspect of software configuration management. This generally is the management of change to documents, programs (including so-called software applications), and other information stored as computer files. It is commonly used in software development where a number of people may be altering the same files. A version change is usually identified by a number or letter code, termed a revision number, revision level or the revision such as V1, V1.2, V2, etc.
There are a number of known version control systems which typically run as stand-alone applications but may be embedded in various types of software of other types and in various content management systems. Typically such versions are backward-compatible, but not always. It is common for multiple versions of the same software application to be employed at different clients and for some clients to be using, for instance, version 1 while other clients are using version 2. At the same time the associated server may be using different versions.
There are known version controls for application servers which may deploy sets of applications to many client devices. These typically manage updates to the applications and provide other management to deployment of the applications. The client device may in turn include an application management client that communicates with the server in terms of managing the versions. The management client may add or remove applications in the client device based on a policy received from the server and may query the server to determine a currently available application.
Thus, the server may be able to install and serve new versions of an application at the clients while simultaneously serving an older version of the same application. However, generally such systems do not also provide the security aspects, for instance in DRM, which imposes its own restrictions as identified by the present inventors.