公开(公告)号：JPH1040100A

公开(公告)日：1998-02-13

申请号：JP7138897

申请日：1997-03-25

Applicant: IBM

Inventor： AUERBACH JOSHUA SETH ,  CHOW CHEE-SENG ,  KAPLAN MARC ADAM ,  CRIGLER JEFFREY CHARLES

IPC: G06F21/22 ,  G06F9/06 ,  G06F13/00 ,  G06F21/00 ,  G06Q10/00 ,  G06Q30/00 ,  G07F7/12 ,  G09C1/00 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  G06F15/00 ,  G06F17/60

Abstract: PROBLEM TO BE SOLVED: To obtain a method for preparing, distributing, and vending a digital document, and a method for managing access to the digital document by providing a step for enciphering one of information parts by a part enciphering key, and preparing an enciphered part to be housed in an envelope. SOLUTION: A document part 203 can be enciphered. The enciphered document part 203 can be a 'valuable content' (for example, the chapter of a book, high resolution JPEG picture, or MPEG stream) to be purchased by a user. A non-enciphered part is a 'thesis' (for example, a book review by the others, index, summarization, or low resolution JPEG picture). The purpose of the non-enciphered part is to allow the user to attain the 'preview', 'sampling' or 'browse' of the content of the enciphered envelope before actually purchasing it.

公开(公告)号：DE69736310T2

公开(公告)日：2007-07-05

申请号：DE69736310

申请日：1997-02-27

Applicant: IBM

Inventor： AUERBACH JOSHUA SETH ,  CHOW CHEE-SENG ,  KAPLAN MARC ADAM ,  CRIGLER JEFFREY CHARLES

IPC: G06F21/22 ,  H04L9/32 ,  G06F9/06 ,  G06F13/00 ,  G06F21/00 ,  G06Q10/00 ,  G06Q30/00 ,  G07F7/10 ,  G07F7/12 ,  G09C1/00 ,  H04L9/08 ,  H04L9/14

Abstract: A method and apparatus to create, distribute, sell and control access to digital documents using secure cryptographic envelopes. An envelope is an aggregation of information parts, where each of the parts to be protected are encrypted with a corresponding part encryption key. These encrypted information parts along with the other information parts become part of the envelope. Each part encryption key is also encrypted with a public key, and these encrypted part encryption keys are also included in the envelope. The envelope also includes a list of parts where each entry in the list has a part name and a secure hash of the named part. The list is then signed with a secret key to generate a signature, which is also included in the envelope. The signature can be verified using a second public key associated with first secret key, and the integrity of any information part in the envelope can be checked by computing a second hash and comparing it with the corresponding hash in the list of parts. Also, the information content of any encrypted part can only be recovered by knowledge of a second secret key corresponding to the public key that was used to encrypt the part encryption keys.

公开(公告)号：DE69736310D1

公开(公告)日：2006-08-24

申请号：DE69736310

申请日：1997-02-27

Applicant: IBM

Inventor： AUERBACH JOSHUA SETH ,  CHOW CHEE-SENG ,  KAPLAN MARC ADAM ,  CRIGLER JEFFREY CHARLES

IPC: G06F21/22 ,  H04L9/32 ,  G06F9/06 ,  G06F13/00 ,  G06F21/00 ,  G06Q10/00 ,  G06Q30/00 ,  G07F7/10 ,  G07F7/12 ,  G09C1/00 ,  H04L9/08 ,  H04L9/14

Abstract: A method and apparatus to create, distribute, sell and control access to digital documents using secure cryptographic envelopes. An envelope is an aggregation of information parts, where each of the parts to be protected are encrypted with a corresponding part encryption key. These encrypted information parts along with the other information parts become part of the envelope. Each part encryption key is also encrypted with a public key, and these encrypted part encryption keys are also included in the envelope. The envelope also includes a list of parts where each entry in the list has a part name and a secure hash of the named part. The list is then signed with a secret key to generate a signature, which is also included in the envelope. The signature can be verified using a second public key associated with first secret key, and the integrity of any information part in the envelope can be checked by computing a second hash and comparing it with the corresponding hash in the list of parts. Also, the information content of any encrypted part can only be recovered by knowledge of a second secret key corresponding to the public key that was used to encrypt the part encryption keys.