WO2001055944A1 - Empathic validation - a method for securing digital assets - Google Patents

Empathic validation - a method for securing digital assets Download PDF

Info

Publication number
WO2001055944A1
WO2001055944A1 PCT/US2001/003127 US0103127W WO0155944A1 WO 2001055944 A1 WO2001055944 A1 WO 2001055944A1 US 0103127 W US0103127 W US 0103127W WO 0155944 A1 WO0155944 A1 WO 0155944A1
Authority
WO
WIPO (PCT)
Prior art keywords
solution
shoppers
digital assets
access
session
Prior art date
Application number
PCT/US2001/003127
Other languages
French (fr)
Inventor
Joseph S. Tung
Bharat Sastri
Original Assignee
Hellobrain.Com
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hellobrain.Com filed Critical Hellobrain.Com
Priority to AU2001238000A priority Critical patent/AU2001238000A1/en
Publication of WO2001055944A1 publication Critical patent/WO2001055944A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes

Definitions

  • This invention relates generally to electronic data processing systems and in particular to securing data transferred in electronic commerce.
  • Digital assets e.g., a database, source code, object code, executable code, i-nomes, copyrighted jingles, graphic chip designs, test vectors, mechanical drawings, simulation data, gene sequences, corporate policies, legal documents, plans for nuclear reactors, circuit schematics, 3D models, manufacturing processes, chemical formulas and synthesis methods, drug design, empirical research data, drug test results, etc.
  • digital assets e.g., a database, source code, object code, executable code, i-nomes, copyrighted jingles, graphic chip designs, test vectors, mechanical drawings, simulation data, gene sequences, corporate policies, legal documents, plans for nuclear reactors, circuit schematics, 3D models, manufacturing processes, chemical formulas and synthesis methods, drug design, empirical research data, drug test results, etc.
  • digital assets are protected using a variety of methods such as encryption of the assets, restricted use of the assets, handicapping the functionality of the assets, and through legal means.
  • each of these existing methods have disadvantages, especially when the
  • digital assets are often provided to prospective purchasers before a purchase is actually made so that the purchaser can test, use, and/or view or otherwise be assured that the asset functions properly. This may be the case when a purchaser wants to purchase a new software program from a software developer. If the digital asset is in a readily copyable form (e.g., source code) , the prospective purchaser may secretly copy, reverse engineer, or otherwise misappropriate the digital asset without ever purchasing it. Encryption cannot protect the digital asset in this instance since the digital asset must be unencrypted prior to testing. Restricting the use of the asset is also difficult since the software is in the hands of the prospective purchaser and not the software developer.
  • a readily copyable form e.g., source code
  • purchasers and providers of digital assets may be in geographically remote locations, thereby making direct communications difficult.
  • the invention provides a method and system for sharing digital assets between solution providers and solution shoppers using a solution broker.
  • a session is initiated between the solution providers and the solution shoppers.
  • a data communications link between the solution shoppers and the solution providers is provided.
  • the solution broker administers the flow of data between the solution providers and the solution shoppers over the data communications link.
  • the solution shoppers are allowed to access the digital assets provided by the solution providers.
  • the present invention provides access to digital assets while, at the same time, protecting the digital assets from being copied, reverse engineered, or otherwise misappropriated.
  • the present invention allows solution shoppers and solution providers to share digital assets regardless of their respective geographical locations.
  • FIG. 1 is a block diagram showing an empathic validation system, in accordance to an embodiment of the present invention.
  • FIG. 2 is a flowchart illustrating a method for sharing digital assets in accordance to the present invention.
  • FIGS. 3A-3D illustrate different ways in which solution shoppers and solution providers can communicate during a session, in accordance to embodiments of the present invention.
  • FIGS. 4A and 4B show two ways in which control tokens can be used in accordance to the present invention.
  • FIGS. 5A-5D show how parameters are used to control the portions of a screen viewed by solution shoppers during a session, in accordance to the present invention.
  • FIGS. 6A-6C illustrate where digital assets are stored during a session, in accordance to the present invention .
  • FIG. 1 illustrates an empathic validation system m accordance to the principles of the present invention.
  • Solution shopper lOOn is a person or entity that desires certain digital assets.
  • digital assets describes any information that may be digitized and stored on a computer readable storage medium (e.g., a dataoase, source code, object code, executable code, l-nomes (any transactable quantity of information), copyrighted j ingles, graphic chip designs, test vectors, mechanical drawings, simulation data, gene sequences, corporate policies, legal documents, plans for nuclear reactors, circuit schematics, 3D models, manufacturing processes, chemical formulas and synthesis methods, drug design, empirical research data, drug test results, etc.).
  • Solution broker 110 is a person or entity that connects or matches solution shopper lOOn to solution provider 120U. Solution broker 110 administers the flow of data between solution shopper lOOn and solution provider 120U.
  • Solution provider 120U is a person or entity that possesses digital assets, which are desired by one or more solution shoppers lOOn.
  • solution shopper lOOn, solution broker 110, and solution provider 120U each comprise a computer system.
  • Solution shopper lOOn is connected to solution broker 110 through data communications link 130
  • solution broker 110 is connected to solution provider 120U through data communications link 135.
  • Data communications links 130 and 135 may oe telephone networks, a wireless networks, local, wide or global area computer networks (including the Internet) , or any other computer network connection or communications link and/or any combination thereof known in the art .
  • FIG. 2 is a flowchart illustrating a method for sharing digital assets in accordance to the present invention. In Step 10, solution shopper lOOn makes a request for certain digital assets.
  • solution shopper lOOn can request digital assets through a Web site provided by solution broker 110.
  • Solution shopper lOOn first connects to the solution broker's web site.
  • solution broker 110 provides a request page that allows solution shopper lOOn to enter information or criteria that describes the type of digital asset desired. After inputting the information, solution shopper lOOn submits the information to solution broker 110.
  • solution broker 110 processes the request from solution shopper lOOn.
  • Solution broker 110 uses the information or criteria provided by solution shopper lOOn to match solution shopper lOOn to one or more solution providers that possess digital assets that meet the solution shopper's criteria.
  • solution broker 110 display the solution shopper's criteria on the solution broker's web site.
  • a potential solution provider 120U could then access the solution broker's web site, search the site for certain criteria, view the criteria, and determine whether or not it has digital assets that fulfill the solution shopper's criteria. If solution provider 120U determines that it possesses digital assets that fulfill the solution shopper's criteria, solution provider 120U can then take further steps to contact solution shopper lOOn (as described below) .
  • solution broker 110 may find that: (1) multiple solution providers 120U meet the solution shopper's criteria; (2) no solution providers 120U meet the solution shopper's criteria; or (3) more information is needed to determine whether any solution providers 120U meet the solution shopper's criteria.
  • solution broker 110 may determine which solution provider 120U is most likely to meet the solution shopper's criteria. Alternatively, solution broker 110 may contact solution shopper 10 On and allow solution shopper lOOn to determine which solution provider 120U is most appropriate. In yet another scenario, solution broker 110 may request more detailed information from solution shopper 10On such that a more appropriate solution provider 120U can be determined.
  • solution broker 110 may request additional information from solution shopper 10On and use this information to ascertain whether there may be an appropriate solution provider.
  • Solution broker 110 may also log the solution shopper's criteria, and contact the solution shopper lOOn at later date if solution broker 110 finds a solution provider 120U that meets the solution shopper's criteria.
  • Solution broker 110 may also determine that more information is needed to find an appropriate solution provider 120U. In this case, solution broker 110 can contact solution shopper lOOn and request more detailed request information.
  • Step 20 two examples have been described above showing how solution shopper lOOn can be matched to a solution broker 120U. It should be apparent to one skilled in the art that these examples are only two of many different ways to match solution shopper lOOn to one or more solution providers 120U, and that these two examples are in no way intended to limit the spirit or scope of the present invention.
  • Step 30 A session allows solution shopper lOOn and solution provider 120U to share digital assets in a controlled environment.
  • solution provider 120 retains possession and/or control of the digital assets while allowing solution shopper lOOn to test, use, and/or view the digital assets.
  • solution broker 110 administers the flow of information between solution shopper lOOn and solution provider 120U. The identity of solution shopper lOOn may be withheld from solution provider 120U during the session.
  • solution shopper lOOn and solution provider 120U make an appointment. The appointment specifies the date and time a session will take place. At the time of the appointment, solution shopper lOOn connects to solution broker 110 via data communications link 130, and solution provider 120U connects to solution broker 110 via data communications link 135. For example, solution shopper 110 and solution provider 120U can both connect to a solution broker's Web site. After solution shopper lOOn and solution provider 120U connect to solution broker 110, solution broker 110 connects solution shopper lOOn and solution provider 120U. Solution broker 110 then administers the flow of information between solution shopper lOOn and solution provider 120U.
  • solution provider 120U digital assets are shared among solution shopper lOOn and solution provider 120U according to parameters defined by solution provider 120U.
  • the parameters define which digital assets solution shopper lOOn is entitled to test, use, and/or view during the session. Normally, all or a significant portion of the digital assets will remain in the possession of solution provider 120U during the session.
  • the digital assets may reside on the solution provider' s computer system. Alternatively, the digital assets may reside on a neutral third party' s computer system or even the solution broker's computer system. In all cases, however, possession and control of the digital assets are not turned over to solution shopper lOOn. Rather, possession and control is retained by solution provider 120U.
  • This technique allows solution shopper 10 On to test, use, and/or view the digital assets and therefore be assured that the digital assets meet the solution shopper's required criteria. At the same time, this technique assures solution provider 120U that the digital assets will not copied, reverse engineered, or otherwise misappropriated by solution shopper lOOn.
  • solution shopper may agree to purchase the digital assets from solution provider 120U.
  • solution provider 120U may transfer the digital assets to solution shopper lOOn.
  • FIGS. 3A-3D illustrate different ways in which solution shopper lOOn and solution provider 120U can communicate during a session. Communicating during a session is advantageous for many reasons. For example, solution shopper 10On may need instructions on how to use or test the digital asset possessed by solution provider 120U. Likewise, solution shopper lOOn may need to ask questions that require immediate response while testing, using, and/or viewing the digital asset.
  • FIG. 3A shows one way of communicating during a session.
  • a text based system is used to send messages back and forth between solution shopper lOOn and solution provider 120U.
  • Solution shopper lOOn types questions and sends the questions to solution provider 120U.
  • Solution provider 120U answers the questions and sends answers back to solution shopper lOOn.
  • the text messages can be multiplexed over data communications links 130 and 135 or can be sent via conventional email.
  • FIG. 3B shows another way of communicating during a session.
  • voice device 140 is connected to the solution shopper's computer system and voice device 145 is connected to the solution provider's computer system.
  • the voice devices digitize speech and the-digitized speech is sent over data communications links 130 and 135 on an audio channel.
  • solution shopper lOOn can speak with solution provider 120U and vice versa during the session in a convenient and efficient manner.
  • FIG. 3C illustrates another way of communicating during a session.
  • solution shopper lOOn and solution provider 120U communicate using conventional telephone link 150.
  • m FIG. 3D the solution shopper lOOn and the solution provider 120U communicate using cellular telephone link 160. Both methods allow solution shopper 100 and solution provider 120 to communicate m a convenient and efficient manner.
  • control tokens are generally used to solve contention problems.
  • a person or entity that possesses the control token has control of a specific task to the exclusion of all other persons or entities that may desire control of that specific task. Once the token is relinquished, other persons or entities can gain control of the token, and therefore control of the task.
  • FIG. 4A illustrates one way control tokens are used m the present invention
  • tokens are used to control access to the digital assets provided by a solution provider. This example assumes that only one solution shopper can have access to a solution provider' s digital assets at a time.
  • Solution Shopper #1 has possession of control token 170, and therefore can access the digital assets of
  • FIG. 4B illustrates another way in which control tokens can be used in the present invention.
  • audio control token 180 is used to control audio.
  • Solution Shoppers #1 through #N are simultaneously participating in a session with Solution Provider #1 (this example assumes that multiple solution shoppers can access the solution provider's digital assets simultaneously) .
  • Solution Provider #1 uses the audio control token 180 to allow only one of the solution shoppers to "talk" at any one time.
  • Solution Shopper #1 possesses audio control token 180.
  • Solution Shopper #1 can communicate via audio with Solution Provider #1 whereas Solution Shoppers #2 through #N cannot communicate via audio with Solution Provider #1 (even though they are participating in a session with Solution Provider #1) .
  • This technique prevents the obvious problem of having more than one solution shopper talking at the same time.
  • the solution provider may have absolute control over the audio token thereby having the ability to take the token away from a solution provider at any time.
  • a queue may be provided for solution shoppers to request control of the audio token.
  • the token becomes available e.g., another solution shopper has relinquished control of the token
  • the first solution shopper in the queue can take control of the token and therefore speak to the solution provider.
  • Yet another way to determine possession of the audio control token would be by creating a hierarchy of control among solution shoppers or groups of solution shoppers . Solution shoppers that are higher on the hierarchy would be able to take control away from solution shoppers that are lower on the hierarchy. Control can also be tied to keyboard or mouse control.
  • control tokens can be used in accordance with the spirit and scope of the present invention.
  • FIGS. 5A-5D show how solution provider 120U can use parameters to control which portions of a screen can be viewed by solution shopper lOOn during a session.
  • FIG. 5A-5D show how solution provider 120U can use parameters to control which portions of a screen can be viewed by solution shopper lOOn during a session.
  • FIGS. 5B, 5C, and 5D show how solution provider 120 can, at his discretion, move circular window 190 throughout the screen allowing solution shopper lOOn to view only selected portions of the screen.
  • solution shopper 100 is viewing very sensitive material (e.g., source code) and solution provider 120U wants to retain maximum control over that material.
  • solution provider 120U can slowly move the circular window across the computer screen allowing the solution shopper to read the sentence "This is a secret" one word at a time.
  • the window can be any shape or size and may zoom-in or zoom-out.
  • the window may also be toggled on or off using a key on a computer keyboard, thereby allowing the solution provider to turn on or off the obscuring feature manually during a session.
  • Solution provider 120U can also use parameters to limit access by creating user accounts.
  • Each user account corresponds to a particular solution shopper or to a group of solution shoppers .
  • Each user account may have a different set of parameters which define the degree of access the solution shopper or group of solution shoppers will have to certain digital assets. For example, one user account may allow a solution shopper (or group of solution shoppers) the right to view a certain digital asset whereas another user account may allow a different solution shopper (or group of solution shoppers) the right to view and use the same digital asset .
  • User accounts may also define permissions given to directories and files (e.g., permission to read, write, and/or execute) .
  • a graphical user interface may be provided by solution broker 110 or solution provider 120U.
  • the GUI allows solution shopper lOOn to request access to the digital assets that it cannot currently access.
  • Solution provider 12 OU then receives the request and determines whether or not access to the digital assets should be granted.
  • the GUI therefore provides a dynamic mechanism for changing parameters and therefore granting greater access during a session.
  • the activities that take place during a session can be monitored, recorded, and stored. Monitoring may be used in different ways for different reasons. Monitoring may be necessary to assure solution provider 120U that solution shopper lOOn is not attempting to surreptitiously access any digital assets that he is not authorized to access. Some solution shoppers 10On may attempt to "hack" or defeat the parameters or safety measures set up by solution provider 120U. Solution provider 120U, solution broker 110, or a third party may, therefore, monitor the solution shopper's activities during a session. This may be accomplished automatically using a computer program designed to monitor such activities, or it may be accomplished manually by having a human operator observe the solution shopper's activities.
  • solution provider 120U is monitoring solution shopper lOOn and becomes aware that solution shopper lOOn is acting m a suspicious or undesirable manner
  • solution provider 12 OU can send a warning to solution snopper lOOn or terminate the session.
  • solution broker 110 or a third party is monitoring solution snopper lOOn and becomes aware that solution shopper lOOn is acting in a suspicious or undesirable manner
  • solution broker 110 or the third party can terminate the session, send a warning to solution shopper 110, or notify solution provider 120U of solution shopper's con ⁇ uct .
  • a computer program resides on the solution provider's computer system and allows the solution shopper's activities (e.g., keystrokes, mouse movements, etc.) to be displayed on the solution provider's computer screen.
  • a similar program may be used by solution broker 110 or a third party to monitor solution shopper lOOn.
  • Monitoring may also be necessary to assure solution shopper lOOn that solution provider 120U is not attempting to falsify, fabricate, or otherwise misrepresent the digital asset.
  • a computer program may be provided that displays the solution provider' s activities during the session thereby giving solution shopper lOOn some assurances that the digital asset is not being misrepresented in any way.
  • a similar program may be used by solution broker 110 or a third party to monitor solution provider 120U.
  • the data transferred during a session or specific events which take place during a session may also be recorded and stored by solution shopper lOOn, solution broker 110, solution provider 120U, or a third party.
  • the stored recordings can be used for a variety of purposes including: allowing solution provider 120U to review the portions of the digital asset which were disclosed during a session; allowing solution provider 120U to review the solution provider's activities during the session; or allowing solution shopper lOOn to review the solution provider's activities during tne session.
  • the digital assets provided by the solution provider are located on a computer system under the control of the solution provider.
  • the solution shopper will not have possession of the digital assets during a session.
  • FIG. 6A illustrates the typical case where digital assets 210 reside on the solution provider's computer system during a session.
  • FIG. 6B illustrates the case where digital assets 210 reside on the solution broker' s computer system.
  • FIG. 6C illustrates the case where digital assets 210 reside on a neutral third party's computer system during a session.
  • solution shopper lOOn will test, use, and/or view the digital asset on the solution provider' s computer system. But, prior to purchasing the digital asset, the solution shopper may want to be assured that the solution provider' s digital assets function properly when the digital assets are located on a different computer system.
  • solution provider 120U still defines the parameters and thus can limit the solution shopper's access to the digital assets in these cases .
  • a solution shopper has requested marketing information which includes the names and addresses of Los Angeles residents that have purchased automobiles over the Internet in the past year. Further suppose that a solution provider has a database that contains this information. Prior to purchasing the database information, however, a solution shopper would like to see a small sample of the database, for example, the names and addresses of people that live on a particular street in Los Angeles that have purchased automobiles in the past year. Without revealing the contents of the entire database, the solution provider can define parameters which will only allow the solution shopper to view the names and address of the people that live on that particular street in Los Angeles . The buyer could then randomly select one of the entries and confirm that this person had in fact purchased an automobile over the Internet in the past year. Thus, this technique gives the solution shopper ample proof that the database is legitimate while, at the same time, assuring the solution provider that the database will not be copied or otherwise misappropriated .
  • a solution shopper wants to purchase a new software program. However, prior to purchasing the program the solution shopper requires proof that the program complies correctly. At the same time, the solution provider does not want to present the source code to the solution shopper since the solution shopper may copy, reverse engineer, or otherwise misappropriate the source code without the solution provider's permission. In this case, the solution shopper can initiate a session through a solution broker.
  • the solution provider can define parameters that grant the solution shopper limited access to the source code. This limited access will allow the solution shopper to log onto the solution provider' s computer system and remotely compile the source code thereby verifying that the source code will indeed compile correctly. As a result, the solution shopper is assured of a working product, while the solution provider is assured that their source code has not been copied, reverse engineered, or otherwise misappropriated.
  • a solution shopper is a company that uses software products to verify that its designs work (e.g., a semiconductor design company) .
  • the solution shopper could submit its design to the solution provider through the solution broker and have the solution provider process the design data. The results of the simulation or verification could then be sent back to the solution shopper.
  • the solution shopper may want to purchase a design simulation or verification software program, but may want to test the program before purchasing it.
  • the solution shopper would submit a request to a solution broker.
  • the solution broker would then identify a solution provider that meets the needs of the solution shopper.
  • the solution broker would initiate a session between the solution shopper and the solution provider which would allow data to be transmitted from the solution shopper to the solution provider and vice versa.
  • the amount of data that is transmitted from the solution provider to the solution shopper is restricted using parameters. This is accomplished by manually or automatically restricting the portions of data that can be transferred from the solution shopper to the solution provider.
  • the restriction mechanism can be resident on either the solution provider' s computer system or the solution broker's computer system. To further illustrate how parameters can be used to restrict access, suppose that a solution shopper wants to purchase a new software program, but, prior to purchasing the program the solution shopper requires proof that the program complies correctly. At the same time, the solution provider does not want to present the source code to the solution shopper since the solution shopper may copy, reverse engineer, or otherwise misappropriate the source code without the solution provider's permission.
  • the solution shopper can contact the solution broker and have the solution broker initiate a session.
  • the solution shopper can then connect to the solution provider's computer system.
  • the solution shopper will be granted limited access to the source code, and will be allowed to compile the source code on the solution provider' s computer system and to verify that the code will indeed compile correctly.
  • the solution shopper is assured of a working product, while the solution provider is assured that their source code has not been copied, reverse engineered, or otherwise misappropriated .
  • the solution shopper has an encrypted file in its possession. Further suppose that the solution shopper cannot unencrypt the file and does not know anyone who can unencrypt the file.
  • the solution shopper can connect to a solution broker.
  • the solution shopper can request a program that will unencrypt the file.
  • the solution broker can then post the request on its web site or it can seek out a potential solution provider. If a solution broker has a program that can unencrypt the file, the solution broker can contact the solution shopper and set up an appointment to conduct a session.
  • the solution provider can allow the solution shopper to test, view, and/or use the program so that the solution shopper can be assured that the program in fact works. If the solution shopper requires further assurances the program works prior to purchasing the program, the solution shopper can request to test, view, and/or use the program on a neutral third party' s computer system. If the solution provider agrees, the solution provider can transfer the program to a neutral third party' s computer system. Note that the solution provider can still limit the solution shoppers access to the program on the third party's computer system. If the solution shopper is satisfied with the program after further testing, viewing, or using and if the solution shopper and the solution provider agree on a price for the program, a sales agreement is then executed. Thereafter, the program is transferred to the solution shopper, and the solution shopper can use the program in accordance with the sales agreement .
  • the present invention can also be used for remote diagnosis or troubleshooting of a digital asset.
  • the solution shopper possesses a digital asset, but needs a solution provider to diagnose and possibly fix the problem. Note that in this case it is the solution shopper and not the solution provider that is in possession of the digital asset. Accordingly, the solution shopper will define the parameters to limit the solution provider's access to the digital assets.
  • the solution shopper can make a request, via a solution broker, for a solution provider that can diagnose the problem with the computer system and possibly fix the problem.
  • the solution shopper and the solution provider will initiate a session through the solution broker.
  • the solution shopper will define parameters and limit access to its computer system.
  • the solution provider will only be able to access portions of the solution shoppers computer system, those portions that are necessary to diagnose and possibly fix the problem.
  • the solution provider will attempt to diagnose the problem and possibly fix it. If the solution provider cannot diagnose the problem the solution shopper may terminate the session and perhaps have another solution provider attempt to diagnose and fix the problem.

Abstract

The invention provides a method and system for sharing digital assets between solution providers (120A ... 120N) and solution shoppers (100A ... 100N) using a solution broker (110). A session is initiated between the solution providers (120A ... 120N) and the solution shoppers (100A ... 100N). During the session, a data communications link (130, 135) between the solution providers (120A ... 120N) and the solution shoppers (100A ... 100N) is provided. The solution broker (110) administers the flow of data between the solution providers (120A ... 120N) and the solution shoppers (100A ... 100N) over the data communications link (130, 135). The solution shoppers (100A ... 100N) are allowed to access the digital assets provided by the solution providers (120A ... 120N). Thus, the present invention provides access to digital assets while, at the same time, protecting the digital assets from being copied, reverse engineered, or otherwise misappropriated. In addition, the present invention allows the solution shoppers (100A ... 100N) and the solution providers (120A ... 120N) to share digital assets regardless of their respective geographical locations.

Description

EMPATHIC VALIDATION - A METHOD FOR SECURING DIGITAL ASSETS
BACKGROUND OF THE INVENTION
Field of the Invention
This invention relates generally to electronic data processing systems and in particular to securing data transferred in electronic commerce.
Related Art
Protection of digital assets (e.g., a database, source code, object code, executable code, i-nomes, copyrighted jingles, graphic chip designs, test vectors, mechanical drawings, simulation data, gene sequences, corporate policies, legal documents, plans for nuclear reactors, circuit schematics, 3D models, manufacturing processes, chemical formulas and synthesis methods, drug design, empirical research data, drug test results, etc.) is becoming increasingly important. Currently, digital assets are protected using a variety of methods such as encryption of the assets, restricted use of the assets, handicapping the functionality of the assets, and through legal means. However, each of these existing methods have disadvantages, especially when the digital assets must be tested, used, viewed, or otherwise disclosed in an uncontrolled environment before they are purchased.
For example, digital assets are often provided to prospective purchasers before a purchase is actually made so that the purchaser can test, use, and/or view or otherwise be assured that the asset functions properly. This may be the case when a purchaser wants to purchase a new software program from a software developer. If the digital asset is in a readily copyable form (e.g., source code) , the prospective purchaser may secretly copy, reverse engineer, or otherwise misappropriate the digital asset without ever purchasing it. Encryption cannot protect the digital asset in this instance since the digital asset must be unencrypted prior to testing. Restricting the use of the asset is also difficult since the software is in the hands of the prospective purchaser and not the software developer. Handicapping the functionality of the asset is problematic since the asset must ordinarily be transferred to the prospective purchaser, and while in the hands of the prospective purchaser, the handicapping mechanism may be covertly defeated. Finally, protecting the digital asset through legal means is difficult since a prospective purchaser may copy, reverse engineer, or otherwise misappropriate the digital asset in a clandestine way, therefore providing no indication to the software developer that their legal rights have been violated.
In addition, purchasers and providers of digital assets may be in geographically remote locations, thereby making direct communications difficult.
Accordingly, there is a need for a method and system that allows digital assets to be tested, used, or viewed while protecting the digital assets from being copied, reverse engineered, or otherwise misappropriated.
SUMMARY OF THE INVENTION
The invention provides a method and system for sharing digital assets between solution providers and solution shoppers using a solution broker. A session is initiated between the solution providers and the solution shoppers. During the session, a data communications link between the solution shoppers and the solution providers is provided. The solution broker administers the flow of data between the solution providers and the solution shoppers over the data communications link. The solution shoppers are allowed to access the digital assets provided by the solution providers. Thus, the present invention provides access to digital assets while, at the same time, protecting the digital assets from being copied, reverse engineered, or otherwise misappropriated. In addition, the present invention allows solution shoppers and solution providers to share digital assets regardless of their respective geographical locations.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram showing an empathic validation system, in accordance to an embodiment of the present invention.
FIG. 2 is a flowchart illustrating a method for sharing digital assets in accordance to the present invention. FIGS. 3A-3D illustrate different ways in which solution shoppers and solution providers can communicate during a session, in accordance to embodiments of the present invention.
FIGS. 4A and 4B show two ways in which control tokens can be used in accordance to the present invention.
FIGS. 5A-5D show how parameters are used to control the portions of a screen viewed by solution shoppers during a session, in accordance to the present invention.
FIGS. 6A-6C illustrate where digital assets are stored during a session, in accordance to the present invention .
DETAILED DESCRIPTION OF THE INVENTION General Operation
FIG. 1 illustrates an empathic validation system m accordance to the principles of the present invention. The empathic validation system of FIG. 1 includes solution shoppers 10 On (where n = A, B, C, D etc.) , a solution broker 110, and solution providers 120U (where n = A, B, C, D etc. ) .
Solution shopper lOOn is a person or entity that desires certain digital assets. As used herein, the term "digital assets" describes any information that may be digitized and stored on a computer readable storage medium (e.g., a dataoase, source code, object code, executable code, l-nomes (any transactable quantity of information), copyrighted j ingles, graphic chip designs, test vectors, mechanical drawings, simulation data, gene sequences, corporate policies, legal documents, plans for nuclear reactors, circuit schematics, 3D models, manufacturing processes, chemical formulas and synthesis methods, drug design, empirical research data, drug test results, etc.). Solution broker 110 is a person or entity that connects or matches solution shopper lOOn to solution provider 120U. Solution broker 110 administers the flow of data between solution shopper lOOn and solution provider 120U. Solution provider 120U is a person or entity that possesses digital assets, which are desired by one or more solution shoppers lOOn.
In one example of the invention, solution shopper lOOn, solution broker 110, and solution provider 120U each comprise a computer system. Solution shopper lOOn is connected to solution broker 110 through data communications link 130, and solution broker 110 is connected to solution provider 120U through data communications link 135. Data communications links 130 and 135 may oe telephone networks, a wireless networks, local, wide or global area computer networks (including the Internet) , or any other computer network connection or communications link and/or any combination thereof known in the art . FIG. 2 is a flowchart illustrating a method for sharing digital assets in accordance to the present invention. In Step 10, solution shopper lOOn makes a request for certain digital assets. For example, solution shopper lOOn can request digital assets through a Web site provided by solution broker 110. Solution shopper lOOn first connects to the solution broker's web site. On the Web site, solution broker 110 provides a request page that allows solution shopper lOOn to enter information or criteria that describes the type of digital asset desired. After inputting the information, solution shopper lOOn submits the information to solution broker 110. It should be apparent to those skilled in the art that there are many other ways for solution shopper 10On to request digital assets. In Step 20, solution broker 110 processes the request from solution shopper lOOn. Solution broker 110 uses the information or criteria provided by solution shopper lOOn to match solution shopper lOOn to one or more solution providers that possess digital assets that meet the solution shopper's criteria.
One way of matching solution shopper 10On to solution provider 120U is to have solution broker 110 display the solution shopper's criteria on the solution broker's web site. A potential solution provider 120U could then access the solution broker's web site, search the site for certain criteria, view the criteria, and determine whether or not it has digital assets that fulfill the solution shopper's criteria. If solution provider 120U determines that it possesses digital assets that fulfill the solution shopper's criteria, solution provider 120U can then take further steps to contact solution shopper lOOn (as described below) .
An alternative way of matching solution shopper lOOn to one or more solution providers is for solution broker 110 to determine whether any solution providers possess digital assets that meet the solution shopper's criteria. In making this determination, solution broker 110 may find that: (1) multiple solution providers 120U meet the solution shopper's criteria; (2) no solution providers 120U meet the solution shopper's criteria; or (3) more information is needed to determine whether any solution providers 120U meet the solution shopper's criteria.
If multiple several solution providers 120U meet the solution shopper's criteria, solution broker 110 may determine which solution provider 120U is most likely to meet the solution shopper's criteria. Alternatively, solution broker 110 may contact solution shopper 10 On and allow solution shopper lOOn to determine which solution provider 120U is most appropriate. In yet another scenario, solution broker 110 may request more detailed information from solution shopper 10On such that a more appropriate solution provider 120U can be determined.
If no solution providers 120U meet the solution shopper's criteria, solution broker 110 may request additional information from solution shopper 10On and use this information to ascertain whether there may be an appropriate solution provider. Solution broker 110 may also log the solution shopper's criteria, and contact the solution shopper lOOn at later date if solution broker 110 finds a solution provider 120U that meets the solution shopper's criteria. Solution broker 110 may also determine that more information is needed to find an appropriate solution provider 120U. In this case, solution broker 110 can contact solution shopper lOOn and request more detailed request information.
With respect to Step 20, two examples have been described above showing how solution shopper lOOn can be matched to a solution broker 120U. It should be apparent to one skilled in the art that these examples are only two of many different ways to match solution shopper lOOn to one or more solution providers 120U, and that these two examples are in no way intended to limit the spirit or scope of the present invention.
After a solution provider 120U and a solution shopper lOOn have been matched, a session is initiated between solution shopper lOOn and solution provider 120U. This is shown in Step 30. A session allows solution shopper lOOn and solution provider 120U to share digital assets in a controlled environment. During the session, solution provider 120 retains possession and/or control of the digital assets while allowing solution shopper lOOn to test, use, and/or view the digital assets. During the session, solution broker 110 administers the flow of information between solution shopper lOOn and solution provider 120U. The identity of solution shopper lOOn may be withheld from solution provider 120U during the session. Similarly, the identity of solution provider 120U may be withheld from solution shopper lOOn during the session. In one example of the invention, solution shopper lOOn and solution provider 120U make an appointment. The appointment specifies the date and time a session will take place. At the time of the appointment, solution shopper lOOn connects to solution broker 110 via data communications link 130, and solution provider 120U connects to solution broker 110 via data communications link 135. For example, solution shopper 110 and solution provider 120U can both connect to a solution broker's Web site. After solution shopper lOOn and solution provider 120U connect to solution broker 110, solution broker 110 connects solution shopper lOOn and solution provider 120U. Solution broker 110 then administers the flow of information between solution shopper lOOn and solution provider 120U.
During the session digital assets are shared among solution shopper lOOn and solution provider 120U according to parameters defined by solution provider 120U. The parameters define which digital assets solution shopper lOOn is entitled to test, use, and/or view during the session. Normally, all or a significant portion of the digital assets will remain in the possession of solution provider 120U during the session. The digital assets may reside on the solution provider' s computer system. Alternatively, the digital assets may reside on a neutral third party' s computer system or even the solution broker's computer system. In all cases, however, possession and control of the digital assets are not turned over to solution shopper lOOn. Rather, possession and control is retained by solution provider 120U. This technique allows solution shopper 10 On to test, use, and/or view the digital assets and therefore be assured that the digital assets meet the solution shopper's required criteria. At the same time, this technique assures solution provider 120U that the digital assets will not copied, reverse engineered, or otherwise misappropriated by solution shopper lOOn.
After solution shopper lOOn has tested, used, and/or viewed the digital assets, solution shopper may agree to purchase the digital assets from solution provider 120U. At this time, solution provider 120U may transfer the digital assets to solution shopper lOOn.
To this point, the general operation of the present invention has been disclosed. The following sections of the disclosure will discuss particular aspects of the present invention in greater detail.
Communications During A Session
FIGS. 3A-3D illustrate different ways in which solution shopper lOOn and solution provider 120U can communicate during a session. Communicating during a session is advantageous for many reasons. For example, solution shopper 10On may need instructions on how to use or test the digital asset possessed by solution provider 120U. Likewise, solution shopper lOOn may need to ask questions that require immediate response while testing, using, and/or viewing the digital asset.
FIG. 3A shows one way of communicating during a session. Here, a text based system is used to send messages back and forth between solution shopper lOOn and solution provider 120U. Solution shopper lOOn types questions and sends the questions to solution provider 120U. Solution provider 120U answers the questions and sends answers back to solution shopper lOOn. The text messages can be multiplexed over data communications links 130 and 135 or can be sent via conventional email.
FIG. 3B shows another way of communicating during a session. Here, voice device 140 is connected to the solution shopper's computer system and voice device 145 is connected to the solution provider's computer system. The voice devices digitize speech and the-digitized speech is sent over data communications links 130 and 135 on an audio channel. As a result, solution shopper lOOn can speak with solution provider 120U and vice versa during the session in a convenient and efficient manner.
FIG. 3C illustrates another way of communicating during a session. Here, solution shopper lOOn and solution provider 120U communicate using conventional telephone link 150. Similarly, m FIG. 3D the solution shopper lOOn and the solution provider 120U communicate using cellular telephone link 160. Both methods allow solution shopper 100 and solution provider 120 to communicate m a convenient and efficient manner.
Control Tokens
The present invention makes use of control tokens m several ways. In general, control tokens are generally used to solve contention problems. A person or entity that possesses the control token has control of a specific task to the exclusion of all other persons or entities that may desire control of that specific task. Once the token is relinquished, other persons or entities can gain control of the token, and therefore control of the task. FIG. 4A illustrates one way control tokens are used m the present invention In this example, tokens are used to control access to the digital assets provided by a solution provider. This example assumes that only one solution shopper can have access to a solution provider' s digital assets at a time. In other words, if multiple solution shoppers want access to a particular solution providers' digital assets, the solution shoppers wij.1 have to access these assets one at a time. Referring to FIG. 4A, Solution Shopper #1 has possession of control token 170, and therefore can access the digital assets of
Solution Provider #1. Solution Shoppers #2 through #N do not have possession of control token 170, and therefore cannot access the digital assets provided by Solution provider #1. When Solution Shopper #1 relinquishes control of control token 170, one of the other solution shoppers can seize control token 170 and gain access to Solution Provider #l's digital assets. FIG. 4B illustrates another way in which control tokens can be used in the present invention. In this example, audio control token 180 is used to control audio. For example, in FIG. 4B Solution Shoppers #1 through #N are simultaneously participating in a session with Solution Provider #1 (this example assumes that multiple solution shoppers can access the solution provider's digital assets simultaneously) . Solution Provider #1 uses the audio control token 180 to allow only one of the solution shoppers to "talk" at any one time. In FIG. 4B, Solution Shopper #1 possesses audio control token 180.
Thus, Solution Shopper #1 can communicate via audio with Solution Provider #1 whereas Solution Shoppers #2 through #N cannot communicate via audio with Solution Provider #1 (even though they are participating in a session with Solution Provider #1) . This technique prevents the obvious problem of having more than one solution shopper talking at the same time.
In this example, there are numerous ways to determine possession of audio control token 180. The solution provider may have absolute control over the audio token thereby having the ability to take the token away from a solution provider at any time. Alternatively, a queue may be provided for solution shoppers to request control of the audio token. When the token becomes available (e.g., another solution shopper has relinquished control of the token) , the first solution shopper in the queue can take control of the token and therefore speak to the solution provider. Yet another way to determine possession of the audio control token would be by creating a hierarchy of control among solution shoppers or groups of solution shoppers . Solution shoppers that are higher on the hierarchy would be able to take control away from solution shoppers that are lower on the hierarchy. Control can also be tied to keyboard or mouse control.
Those skilled in the art will appreciate that there are many different ways to allocate control of the audio control token. In addition, those skilled in the art will appreciate that there are many other ways control tokens can be used in accordance with the spirit and scope of the present invention.
Parameters
As mentioned above, digital assets are shared during a session according to parameters defined by solution provider 12OU. As used herein, the term parameters is broadly defined as the digital assets solution shopper lOOn is entitled to test, use, and/or view during a session. Thus, parameters are used to allow solution shopper lOOn to test, use, and/or view the digital assets while protecting the digital assets from being copied, reverse, engineered, or otherwise misappropriated by solution shopper lOOn. One skilled in the art will recognize that there are numerous ways to define parameters . FIGS. 5A-5D show how solution provider 120U can use parameters to control which portions of a screen can be viewed by solution shopper lOOn during a session. FIG. 5A shows computer screen 200 with circular window 190 covering a portion of the screen. The portion of computer screen 200 that lies outside of circular window 190 is obscured (i.e., it cannot be viewed) while the portion of computer screen 200 that lies inside of circular window 190 is not obscured (i.e., it can be viewed) . Solution provider 120U can move circular window 190 using a mouse or using keystrokes. This allows solution provider 120U to control the areas of computer screen 200 that can be viewed. FIGS. 5B, 5C, and 5D show how solution provider 120 can, at his discretion, move circular window 190 throughout the screen allowing solution shopper lOOn to view only selected portions of the screen. This technique may be particularly useful when solution shopper 100 is viewing very sensitive material (e.g., source code) and solution provider 120U wants to retain maximum control over that material. Thus, in FIGS. 5A-5D the solution provider can slowly move the circular window across the computer screen allowing the solution shopper to read the sentence "This is a secret" one word at a time.
The window can be any shape or size and may zoom-in or zoom-out. The window may also be toggled on or off using a key on a computer keyboard, thereby allowing the solution provider to turn on or off the obscuring feature manually during a session.
Solution provider 120U can also use parameters to limit access by creating user accounts. Each user account corresponds to a particular solution shopper or to a group of solution shoppers . Each user account may have a different set of parameters which define the degree of access the solution shopper or group of solution shoppers will have to certain digital assets. For example, one user account may allow a solution shopper (or group of solution shoppers) the right to view a certain digital asset whereas another user account may allow a different solution shopper (or group of solution shoppers) the right to view and use the same digital asset . User accounts may also define permissions given to directories and files (e.g., permission to read, write, and/or execute) . In another example of the invention, a graphical user interface (GUI) may be provided by solution broker 110 or solution provider 120U. The GUI allows solution shopper lOOn to request access to the digital assets that it cannot currently access. Solution provider 12 OU then receives the request and determines whether or not access to the digital assets should be granted. The GUI therefore provides a dynamic mechanism for changing parameters and therefore granting greater access during a session.
Those skilled in the art will appreciate that there are many different ways to define parameters, and therefore define which digital assets solution shopper lOOn is entitled to test, use, and/or view during a session.
Session Monitoring, Recording And Storing
The activities that take place during a session can be monitored, recorded, and stored. Monitoring may be used in different ways for different reasons. Monitoring may be necessary to assure solution provider 120U that solution shopper lOOn is not attempting to surreptitiously access any digital assets that he is not authorized to access. Some solution shoppers 10On may attempt to "hack" or defeat the parameters or safety measures set up by solution provider 120U. Solution provider 120U, solution broker 110, or a third party may, therefore, monitor the solution shopper's activities during a session. This may be accomplished automatically using a computer program designed to monitor such activities, or it may be accomplished manually by having a human operator observe the solution shopper's activities. If solution provider 120U is monitoring solution shopper lOOn and becomes aware that solution shopper lOOn is acting m a suspicious or undesirable manner, solution provider 12 OU can send a warning to solution snopper lOOn or terminate the session. Similarly, if solution broker 110 or a third party is monitoring solution snopper lOOn and becomes aware that solution shopper lOOn is acting in a suspicious or undesirable manner, solution broker 110 or the third party can terminate the session, send a warning to solution shopper 110, or notify solution provider 120U of solution shopper's conαuct . In one example of the invention, a computer program resides on the solution provider's computer system and allows the solution shopper's activities (e.g., keystrokes, mouse movements, etc.) to be displayed on the solution provider's computer screen. A similar program may be used by solution broker 110 or a third party to monitor solution shopper lOOn.
Monitoring may also be necessary to assure solution shopper lOOn that solution provider 120U is not attempting to falsify, fabricate, or otherwise misrepresent the digital asset. A computer program may be provided that displays the solution provider' s activities during the session thereby giving solution shopper lOOn some assurances that the digital asset is not being misrepresented in any way. A similar program may be used by solution broker 110 or a third party to monitor solution provider 120U.
The data transferred during a session or specific events which take place during a session may also be recorded and stored by solution shopper lOOn, solution broker 110, solution provider 120U, or a third party. The stored recordings can be used for a variety of purposes including: allowing solution provider 120U to review the portions of the digital asset which were disclosed during a session; allowing solution provider 120U to review the solution provider's activities during the session; or allowing solution shopper lOOn to review the solution provider's activities during tne session.
Those skilled in the art will appreciate that there are many other different ways to monitor, record, store the activities m accordance with the present invention.
Location Of The Digital Assets During A Session
In general, the digital assets provided by the solution provider are located on a computer system under the control of the solution provider. Thus, the solution shopper will not have possession of the digital assets during a session.
FIG. 6A illustrates the typical case where digital assets 210 reside on the solution provider's computer system during a session. FIG. 6B illustrates the case where digital assets 210 reside on the solution broker' s computer system. FIG. 6C illustrates the case where digital assets 210 reside on a neutral third party's computer system during a session. Often solution shopper lOOn will test, use, and/or view the digital asset on the solution provider' s computer system. But, prior to purchasing the digital asset, the solution shopper may want to be assured that the solution provider' s digital assets function properly when the digital assets are located on a different computer system. Since the solution provider will not allow the solution shopper to transfer the digital assets onto the solution shoppers' computer system for fear of misappropriation, a compromise can be reached by placing the digital assets on either the solution broker's computer system (FIG. 6B) or a neutral third party's computer system 220 (FIG. 6C) and then allowing solution shopper lOOn to test, use, and/or view the digital asset there. Note that solution provider 120U still defines the parameters and thus can limit the solution shopper's access to the digital assets in these cases .
Examples of The Present Invention In Practice Applicants have provided several examples below demonstrating practical applications of the present invention. As should be apparent to one skilled in the art, the present invention has numerous applications. Accordingly, the examples provided below are in no way intended to limit the sprit or scope of the present invention.
Database Example
Suppose a solution shopper has requested marketing information which includes the names and addresses of Los Angeles residents that have purchased automobiles over the Internet in the past year. Further suppose that a solution provider has a database that contains this information. Prior to purchasing the database information, however, a solution shopper would like to see a small sample of the database, for example, the names and addresses of people that live on a particular street in Los Angeles that have purchased automobiles in the past year. Without revealing the contents of the entire database, the solution provider can define parameters which will only allow the solution shopper to view the names and address of the people that live on that particular street in Los Angeles . The buyer could then randomly select one of the entries and confirm that this person had in fact purchased an automobile over the Internet in the past year. Thus, this technique gives the solution shopper ample proof that the database is legitimate while, at the same time, assuring the solution provider that the database will not be copied or otherwise misappropriated .
Software Program Example
Suppose that a solution shopper wants to purchase a new software program. However, prior to purchasing the program the solution shopper requires proof that the program complies correctly. At the same time, the solution provider does not want to present the source code to the solution shopper since the solution shopper may copy, reverse engineer, or otherwise misappropriate the source code without the solution provider's permission. In this case, the solution shopper can initiate a session through a solution broker. The solution provider can define parameters that grant the solution shopper limited access to the source code. This limited access will allow the solution shopper to log onto the solution provider' s computer system and remotely compile the source code thereby verifying that the source code will indeed compile correctly. As a result, the solution shopper is assured of a working product, while the solution provider is assured that their source code has not been copied, reverse engineered, or otherwise misappropriated.
Verification Example
Suppose a solution shopper is a company that uses software products to verify that its designs work (e.g., a semiconductor design company) . Rather than purchasing an expensive software verification product, the solution shopper could submit its design to the solution provider through the solution broker and have the solution provider process the design data. The results of the simulation or verification could then be sent back to the solution shopper. This could result in cost savings to the solution shopper since the solution shopper would not have to purcnase the solution provider's verification software. Rather, the solution shopper would only neeα to "rent" the software for a short period of time. This scenario results in a more efficient use of resources and is thus very desirable.
In a different scenario, the solution shopper may want to purchase a design simulation or verification software program, but may want to test the program before purchasing it. Here, the solution shopper would submit a request to a solution broker. The solution broker would then identify a solution provider that meets the needs of the solution shopper. Next, the solution broker would initiate a session between the solution shopper and the solution provider which would allow data to be transmitted from the solution shopper to the solution provider and vice versa.
The amount of data that is transmitted from the solution provider to the solution shopper, however, is restricted using parameters. This is accomplished by manually or automatically restricting the portions of data that can be transferred from the solution shopper to the solution provider. The restriction mechanism can be resident on either the solution provider' s computer system or the solution broker's computer system. To further illustrate how parameters can be used to restrict access, suppose that a solution shopper wants to purchase a new software program, but, prior to purchasing the program the solution shopper requires proof that the program complies correctly. At the same time, the solution provider does not want to present the source code to the solution shopper since the solution shopper may copy, reverse engineer, or otherwise misappropriate the source code without the solution provider's permission. In this case, the solution shopper can contact the solution broker and have the solution broker initiate a session. The solution shopper can then connect to the solution provider's computer system. Then the solution shopper will be granted limited access to the source code, and will be allowed to compile the source code on the solution provider' s computer system and to verify that the code will indeed compile correctly. Thus, the solution shopper is assured of a working product, while the solution provider is assured that their source code has not been copied, reverse engineered, or otherwise misappropriated .
Encryption Example
Suppose the solution shopper has an encrypted file in its possession. Further suppose that the solution shopper cannot unencrypt the file and does not know anyone who can unencrypt the file.
According to the principles of the present invention, the solution shopper can connect to a solution broker. The solution shopper can request a program that will unencrypt the file. The solution broker can then post the request on its web site or it can seek out a potential solution provider. If a solution broker has a program that can unencrypt the file, the solution broker can contact the solution shopper and set up an appointment to conduct a session.
In the session, the solution provider can allow the solution shopper to test, view, and/or use the program so that the solution shopper can be assured that the program in fact works. If the solution shopper requires further assurances the program works prior to purchasing the program, the solution shopper can request to test, view, and/or use the program on a neutral third party' s computer system. If the solution provider agrees, the solution provider can transfer the program to a neutral third party' s computer system. Note that the solution provider can still limit the solution shoppers access to the program on the third party's computer system. If the solution shopper is satisfied with the program after further testing, viewing, or using and if the solution shopper and the solution provider agree on a price for the program, a sales agreement is then executed. Thereafter, the program is transferred to the solution shopper, and the solution shopper can use the program in accordance with the sales agreement .
Remote Diagnosis And Troubleshooting Example
The present invention can also be used for remote diagnosis or troubleshooting of a digital asset. In this case, the solution shopper possesses a digital asset, but needs a solution provider to diagnose and possibly fix the problem. Note that in this case it is the solution shopper and not the solution provider that is in possession of the digital asset. Accordingly, the solution shopper will define the parameters to limit the solution provider's access to the digital assets.
To illustrate, suppose a solution shopper has a computer program that is not working correctly on the solution shoppers computer system. The solution shopper can make a request, via a solution broker, for a solution provider that can diagnose the problem with the computer system and possibly fix the problem. In this case, the solution shopper and the solution provider will initiate a session through the solution broker. However, the solution shopper will define parameters and limit access to its computer system. Thus, the solution provider will only be able to access portions of the solution shoppers computer system, those portions that are necessary to diagnose and possibly fix the problem. During the session, the solution provider will attempt to diagnose the problem and possibly fix it. If the solution provider cannot diagnose the problem the solution shopper may terminate the session and perhaps have another solution provider attempt to diagnose and fix the problem.
While particular examples of the present invention have been shown and described, it will be obvious to those skilled in the art that changes and modifications may be made without departing from this invention in its broader aspects and, therefore, the appended claims are to encompass within their scope all such changes and modifications as fall within the true spirit and scope of this invention.

Claims

CLAIMSWe claim:
1. A method for sharing digital assets between one or more solution providers and one or more solution shoppers, the method comprising: initiating a session between the solution providers and the solution shoppers, the session comprising: providing a data communications link between the solution shoppers and the solution providers; and allowing at least one of the solution shoppers to access the digital assets provided by at least one of the solution providers.
2. The method of claim 1, further comprising a solution broker administering the flow of data between the solution providers and the solution shoppers over the data communications link.
3. The method of Claim 1 wherein the data communications link between the solution shoppers and the solution providers further comprises an audio channel.
4. The method of Claim 1 wherein access to the audio channel is regulated using a control token.
5. The method of Claim 1 further comprising: providing an independent communications link.
6. The method of Claim 1 wherein the solution shoppers' access to the digital assets is restricted according to parameters established by the solution providers .
7. The method of Claim 6 wherein the parameters permit the solution shoppers to test, use, and/or view a portion of the digital assets.
8. The method of Claim 6 wherein the digital assets are displayed on a computer screen, and wherein the solution shoppers can only view a portion of the computer screen .
9. The method of Claim 6 wherein the solution providers can manually determine the portions of a computer screen that can be viewed by the solution shoppers .
10. The method of Claim 1 wherein access to the digital assets is regulated using a control token.
11. The method of Claim 1 wherein access to the digital assets is regulated using a graphical user interface, wherein the graphical user interface allows the solution shoppers to make requests for access to portions of the digital assets during a session, and wherein the graphical user interface allows the solution provider to respond to the solution shoppers' requests.
12. The method of Claim 1 wherein the digital assets are maintained on a computer system possessed by a solution provider, and wherein the solution provider can control access to the computer system using parameters.
13. The method of Claim 11 wherein the parameters are defined according to a user account.
14. The method of Claim 1 wherein the digital assets are maintained on a computer system possessed by a neutral third party, and wherein the solution provider can control access to the computer system using parameters.
15. The method of Claim 14 wherein the parameters are defined according to a user account.
16. The method of Claim 2 wherein the session further comprises: monitoring the solution shoppers' access to the digital assets .
17. The method of Claim 16 wherein the solution shoppers' access to the digital assets is automatically monitored by a computer program provided by the solution brokers and/or the solution providers, and wherein the solution shoppers access to the digital assets can be automatically restricted.
18. The method of Claim 16 wherein the solution shoppers' access to the digital assets is manually monitored by a human operator provided by the solution brokers and/or the solution providers, and wherein the solution shoppers' access to the digital assets can be manually restricted.
19. The method of Claim 1 wherein the session further comprises : recording the solution shoppers' access to the digital assets during a session; and storing the solution shoppers' access to the digital assets during a session.
20 The method of Claim 1 wherein the session further comprises: displaying and recording the solutior shoppers' activities during a session.
21 The method of Claim 1 wherein the session further comprises : displaying and recording the solution providers' activities during a session.
22. The method of Claim 1 wherein the session further comprises : agreeing to purchase the digital asset; and transferring the digital asset to the solution shopper.
23. The method of Claim 1 further comprising: agreeing to purchase the digital asset; and transferring the digital asset to a third party.
24. The method of Claim 1 wherein the data communications link furtner comprises the Internet.
25. A system for sharing digital assets between one or more solution providers and one or more solution shoppers comprising: one or more solution shoppers, wherein the solution shoppers comprise one or more computer systems connected to one or more computer networks; one or more solution providers, wherein the solution providers comprise one or more computer systems connected to one or more computer networks; and one or more computer programs, wherein the computer programs are for initiating a session, and wherein the session comprises: providing a data communications link between the solution shoppers and the solution providers; and
26. The system of Claim 25 further comprising: a solution broker, wherein the solution broker comprises a computer system connected to one or more computer networks; the solution broker administering the flow of data between the solution providers and the solution shoppers over the data communications link; and allowing at least one of the solution shoppers to access the digital assets provided by at least one of the solution providers .
27. The system of Claim 25 wherein the data communications link between the solution shoppers and the solution providers further comprises an audio channel.
28. The system of Claim 27 wherein access to the audio channel is regulated using a control token.
29. The system of Claim 25 further comprising: an independent communications link.
30. The system of Claim 25 wherein the solution shoppers' access to the digital assets is restricted according to parameters established by the solution providers .
31. The system of Claim 30 wherein the parameters permit the solution shoppers to test, use, and/or view a portion of the digital assets.
32. The system of Claim 30 wherein the digital assets are displayed on a computer screen, and wherein the solution shoppers can only view a portion of the computer screen.
33. The system of Claim 30 wherein the solution providers can manually determine the portions of a computer screen that can be viewed by the solution shoppers .
34. The system of Claim 25 wherein access to the digital assets is regulated using a control token.
35. The system of Claim 25 wherein access to the digital assets is regulated using a graphical user interface, wherein the graphical user interface allows the solution shoppers to make requests for access to portions of the digital assets during a session, and wherein the graphical user interface allows the solution provider to respond to the solution shoppers' requests.
36. The system of Claim 25 wherein the digital assets are maintained on a computer system possessed by a solution provider, and wherein the solution provider can control access to the computer system using parameters.
37. The system of Claim 36 wherein the parameters are defined according to a user account.
38. The system of Claim 26 wherein the digital assets are maintained on a computer system possessed by a neutral third party, and wherein the solution provider can control access to the computer system using parameters.
39. The system of Claim 38 wherein the parameters are defined according to a user account.
40. The system of Claim 25 wherein the session further comprises : monitoring the solution shoppers' access to the digital assets.
41. The system of Claim 40 wherein the solution shoppers' access to the digital assets is automatically monitored by a computer program provided by the solution brokers and/or the solution providers, and wherein the solution shoppers access to the digital assets can be automatically restricted.
42. The system of Claim 40 wherein the solution shoppers' access to the digital assets is manually monitored by a human operator provided by the solution brokers and/or the solution providers, and wherein the solution shoppers' access to the digital assets can be manually restricted.
43. The system of Claim 25 wherein the session further comprises: recording the solution shoppers' access to the digital assets during a session; and storing the solution shoppers' access to the digital assets during a session.
44. The system of Claim 25 wherein the session further comprises : displaying and recording the solution shoppers' activities during a session.
45. The system of Claim 25 wherein the session further comprises : displaying and recording the solution providers' activities during a session.
46. The system of Claim 25 wherein the session further comprises : agreeing to purchase the digital asset; and transferring the digital asset to the solution shopper.
47. The system of Claim 25 further comprising: agreeing to purchase the digital asset; and transferring the digital asset to a third party.
48. The system of Claim 25 wherein the data communications link further comprises the Internet .
PCT/US2001/003127 2000-01-31 2001-01-30 Empathic validation - a method for securing digital assets WO2001055944A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001238000A AU2001238000A1 (en) 2000-01-31 2001-01-30 Empathic validation - a method for securing digital assets

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US49479200A 2000-01-31 2000-01-31
US09/494,792 2000-01-31

Publications (1)

Publication Number Publication Date
WO2001055944A1 true WO2001055944A1 (en) 2001-08-02

Family

ID=23965990

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/003127 WO2001055944A1 (en) 2000-01-31 2001-01-30 Empathic validation - a method for securing digital assets

Country Status (2)

Country Link
AU (1) AU2001238000A1 (en)
WO (1) WO2001055944A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5809145A (en) * 1996-06-28 1998-09-15 Paradata Systems Inc. System for distributing digital information
US5862223A (en) * 1996-07-24 1999-01-19 Walker Asset Management Limited Partnership Method and apparatus for a cryptographically-assisted commercial network system designed to facilitate and support expert-based commerce
US6076077A (en) * 1995-10-27 2000-06-13 Mitsubishi Corporation Data management system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6076077A (en) * 1995-10-27 2000-06-13 Mitsubishi Corporation Data management system
US5809145A (en) * 1996-06-28 1998-09-15 Paradata Systems Inc. System for distributing digital information
US5862223A (en) * 1996-07-24 1999-01-19 Walker Asset Management Limited Partnership Method and apparatus for a cryptographically-assisted commercial network system designed to facilitate and support expert-based commerce

Also Published As

Publication number Publication date
AU2001238000A1 (en) 2001-08-07

Similar Documents

Publication Publication Date Title
US8533860B1 (en) Personalized digital media access system—PDMAS part II
KR100893035B1 (en) System and method for protecting identity informaiion
US8887308B2 (en) Digital cloud access (PDMAS part III)
US8402555B2 (en) Personalized digital media access system (PDMAS)
Swanson et al. Generally accepted principles and practices for securing information technology systems
KR101219819B1 (en) Flexible licensing architecture for licensing digital application
TWI220620B (en) Method of protecting and managing digital contents and system for using thereof
US20180144148A1 (en) Encryption and decryption system and method
US20110099382A1 (en) Personalized digital media access system (pdmas)
US20040039705A1 (en) Distributing a software product activation key
MXPA06001252A (en) Flexible licensing architecture in content rights management systems.
JP2005506627A (en) Method and system for digital rights management in content distribution applications
JPH10513289A (en) Method and system for managing data objects to meet predetermined usage conditions
KR20050084386A (en) System to allow content sharing
US6173282B1 (en) Electronic sealed envelope
CN110383240A (en) The method and apparatus of safe computing resource for containerization
US20030172273A1 (en) Method for controlling the distribution of data
CN101243469A (en) Digital license migration from first platform to second platform
JP2003271782A (en) Personal information management system
WO2001055944A1 (en) Empathic validation - a method for securing digital assets
Lizar et al. Usable consents: tracking and managing use of personal data with a consent transaction receipt
Vaughan Library privacy policies
Kostic et al. Do users want to use digital identities? a study of a concept of an identity wallet
Hoofnagle Digital rights management: Many technical controls on digital content distribution can create a surveillance society
JP2007004291A (en) Fragility diagnostic method, fragility diagnostic device to be used for the same, fragility diagnostic program and recording medium with its program recorded, diagnostic report preparing device, diagnostic report preparing program and recording medium with its program recorded

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP