`
`PCl‘lUS96l02303
`
`secure communications, systems integration software, and
`
`distributed software control information and support structures,
`
`to achieve the electronic contract/rights protection environment _
`
`of the present invention. Together, these VDE components
`
`comprise a secure, virtual, distributed content and/or appliance
`control, auditing (and other administration), reporting, and
`
`payment environment. In some embodiments and Where
`
`commercially acceptable, certain VDE participants, such as
`
`clearinghouses that normally maintain sufliciently physically
`secure non-VDE processing environments, may be allowed to
`
`employ I-IPEs rather VDE hardware elements and interoperate,
`
`for example, with VDE end-users and content providers. VDE
`
`components together comprise a configurable, consistent, secure,
`
`and “trusted” architecture for distributed, asynchronous control
`of electronic content and/or appliance usage. ‘VDE supports a
`
`“universe wide” environment for electronic content delivery,
`
`broad dissemination, usage reporting, and usage related payment
`
`activities.
`
`10
`
`15
`
`20
`
`VDE provides generalized con.figurability. This results, in
`
`_part, from decomposition of generalized requirements for
`supporting electronic commerce and data security into a broad
`
`range of constituent “atomic” and higher level components ‘(such
`
`as load modules, data elements, and methods) that may be
`
`25
`
`variously aggregated together to form control methods for
`
`-35-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6001
`
`Petitioner Apple Inc. - Ex. 1025, p. 6001
`
`
`
`W0 96I27l55
`
`PCTIUS96l02303
`
`electronic commerce applications, commercial electronic
`
`agreements, and data security arrangements. VDE provides a
`
`secure operating environment employing VDE foundation
`
`elements along with secure independently deliverable VDE
`
`components that enable electronic commerce models and
`
`relationships to develop.
`
`specifically supports the unfolding
`
`‘of distribution models in which content providers, over time, can
`
`expressly agree to, or allow, subsequent content providers and/or
`
`users to participate in shaping the control information for, and
`
`10
`
`consequences of, use of electronic content and/or appliances. A
`
`very broad range of the functional attributes important for
`
`supporting simple to very complex electronic commerce and data
`
`security activities are supported by capabilities of the present -
`
`I
`
`invention. As a result, VDE supports most types of electronic
`
`15
`
`information and/or appliance: usage control (including
`
`distribution), security, usage auditing, reporting, other
`
`administration,
`
`payment arrangements.
`
`VDE, in its preferred embodiment, employs object software
`
`20
`
`technology and uses object technology to form “containers” for
`
`delivery of information that is (at least in part) encrypted or
`
`otherwise secured. These containers may contain electronic
`
`content products or other electronic information and some or all
`
`of their associated permissions (control) information. These
`
`25
`
`container objects may be distributed along pathways involving
`
`-37-
`
`Petitioner Apple Inc. - Ex. -1025, p. 6002
`
`Petitioner Apple Inc. - Ex. 1025, p. 6002
`
`
`
`W0 96,2-7155
`
`PCT/US96l02303
`
`content providersand/or content users. ‘They may be securely
`moved among nodes of a Virtual Distribution Environment
`
`(VDE) arrangement, which nodes operate VDE foundation
`
`software and execute control methods to enact electronic
`
`information usage control and/or administration models. The
`
`containers delivered through use of the preferred embodiment of
`
`the present invention may be employed both for distributing VDE
`
`control instructions (information) and/or to encapsulate and
`
`electronically distribute content that has been at least partially
`
`10
`
`secured.
`
`Content providers who employ the present invention_may
`
`include, for example, software application and game publishers,
`
`database publishers, cable, television, and radio broadcasters,
`
`15
`
`electronic shopping vendors, and distributors of information in
`
`electronic document, book, periodical, e-mail and/or other forms.
`
`Corporations, government agencies, and/or individual “end-users”
`
`who act as storers of, and/or distributors of, electronic
`
`information, may also be VDE content providers (in a restricted
`
`20
`
`model, a user provides content only to himself and employs VDE
`
`to secure his own confidential information against unauthorized
`
`use by other parties). Electronic information may include
`
`proprietary and/or confidential information for personal or
`internal organization use, as well as information, such as
`
`25
`
`software applications, documents, entertainment materials,
`
`-38 -
`
`Petitioner Apple Inc. - Ex. 1025, p. 6003
`
`Petitioner Apple Inc. - Ex. 1025, p. 6003
`
`
`
`W0 96/27155
`
`PCI‘/US96I02303
`
`and/or reference information, which may be provided to other
`
`pa.rties. Distribution may be by, for example, physical media
`
`delivery, broadcast and/or telecommunication means, and in the
`form of “static” files‘ and/or streams of data. VDE may also be
`
`used, for example, for multi-site “real-time” interaction such as
`teleconferencing, interactive games, or on-line bulletin boards,
`
`where restrictions on, and/or auditing of, the use of all or portions
`
`of communicated information is enforced.
`
`10
`
`VDE provides important mechanisms for both enforcing
`
`commercial agreements and enabling the protection of privacy
`
`rights. VDE can securely deliver information from one party to
`
`another concerning the use of commercially distributed electronic
`
`content. Even if parties are separated by several "steps" in a
`
`15
`
`"chain (pathway) of handling for such content usage information,
`
`such information is protected by VDE through encryption and/or
`
`other secure processing. Because of that protection, the accuracy
`
`of such information is guaranteed by VDE, and the information
`
`can be trusted by all parties to whom it is delivered.
`
`20-
`
`Furthermore, VDE guarantees that all parties can trust that
`
`such information cannot be received by anyone other than the
`intended, authorized, party(ies) because it is encrypted such that
`
`only an authorized party, or her agents, can decrypt it. Such
`
`information may also be derived through a secure VDE process at
`
`25
`
`a previous pathway-of-handling location to produce secure VDE
`
`-39-
`
`"Petitioner Apple Inc. - Ex. 1025, p. 6004
`
`Petitioner Apple Inc. - Ex. 1025, p. 6004
`
`
`
`wo 96127155
`
`.
`
`'
`
`PCT/U596/92303
`
`reporting information that is then communicated securely to its
`
`intended recipient's VDE secure subsystem. Because VDE can
`
`deliver such information securely, parties to an electronic
`
`agreement need not trust the accuracy of commercial usage
`
`5
`
`and/or other infonnation delivered through means other
`
`'
`
`»
`
`those under control of VDE.
`
`VDE participants in a commercial value chain can be
`
`“commercially” confident (that is, sufiiciently confident for
`
`10 '
`
`commercial purposes) that the direct (constituent) and/or
`
`“extended” electronic agreements they entered into through the
`
`use of VDE can be enforced reliably. These agreements may have
`
`both “dynamic” transaction management-related aspects, such as
`
`content usage control information enforced through budgeting,
`
`15
`
`metering, and/or reporting of electronic information and/or
`appliance use, and/or they may include “static” electronic
`
`assertions, such as an end-user using the system to assert his or
`
`her agreement to pay for services, not to pass to unauthorized
`
`parties electronic information derived from usage of content or
`
`20
`
`systems, and/or agreeing to observe copyright laws. Not only can
`electronically reported transaction related information be trusted
`
`under the present invention, but payment may be automated by
`the passing ofpayment tokens through a pathway ofpayment
`
`(which may or may not be the same as a pathway for reporting).
`
`25
`
`Such payment can be contained within a VDE ‘container created
`
`-40-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6005
`
`Petitioner Apple Inc. - Ex. 1025, p. 6005
`
`
`
`wo 96I27155
`
`PCTlUS96I02303
`
`automatically by a VDE installation in response to control
`
`information (located, in the preferred embodiment, in one or more
`
`permissions records) stipulating the “withdrawal” of credit or
`
`electronic currency (such as tokens) from an electronic account
`
`5
`
`(for example, an account securely maintained by a user’s VDE
`installation secure subsystem) based upon usage ofVDE
`
`controlled electronic content and/or appliances (such as
`
`governments, financial credit providers, and users).
`
`10
`
`,
`
`VDE allows the needs of electronic commerce participants
`
`to be served and it can bind such participants together in a
`
`universe wide, trusted commercial network that can be secure
`enough to support very large amounts of commerce. VDE’s
`
`security and metering secure subsystemcore will be present at
`
`15
`
`all physical locations where VDE related content is (a) assigned
`
`usage related control information (rules and mediating data),
`
`and/or (b) used. This core can perform security and auditing
`fimctions (including metering) that operate within a “virtual
`
`black box,” a collection of distributed, very secure VDE related
`
`20
`
`hardware instances that are interconnected by secured
`
`information exchange (for example, telecommunication) processes
`
`and distributed database means. VDE further includes highly
`
`configurable transaction operating system technology, one or
`
`more associated libraries of load modules along with afliliated
`
`25
`
`data, VDE related administration, data preparation, and analysis
`
`-41-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6006
`
`Petitioner Apple Inc. - Ex. 1025, p. 6006
`
`
`
`W0 9607155
`
`.
`
`PCT/US96/02303
`
`applications, as well as system softwareidesigned to enable VDE
`
`integration into host environments and applications. VDE’s
`
`usage control information, for example, provide for property
`
`content and/or appliance related: usage authorizafion, usage
`
`5
`
`auditing (which may include audit reducfion), usage billing,
`
`usage payment, privacy filtering, reporting, and security related
`
`communication and encrypfion techniques.
`
`VDE extensively employs methods in the form of software
`objects to augment configurability, portability, and security ofthe
`
`10
`
`VDE environment. It also employs a software object architecture
`
`for VDE contentcontainers that carries protected content and
`
`may also carry both freely available information (e.g, summary,
`
`table of contents) and secured content control informafion which _
`ensures the performance of control information. Content control
`
`15 W
`
`information governs content usage according to criteria set by
`holders ofrights to an object’s contents and/or according to
`
`parties who otherwise have rights associated with distributing
`
`such content (such as governments, financial credit providers,
`
`20
`
`and users).
`
`In part, security is enhanced by object methods employed
`
`by the present invention because the encryption schemes used to
`
`protect an object can efficiently be further used to protect the
`
`25 .
`
`.associated content control information (software control
`
`‘-42-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6007
`
`Petitioner Apple Inc. - Ex. 1025, p. 6007
`
`
`
`wo 95,2355
`
`'
`
`.
`
`rcr/osss/02303
`
`information and relevant data) from modification. Said object
`
`techniques also enhance portability between various computer
`and/or other appliance environments because electronic
`
`information in the form of content can be inserted along with (for
`
`5
`
`example, in the same object container as) content control
`
`information (for said content) to produce a “published” object. As
`
`a result, various portions of said control information may be
`
`specifically adapted for different environments, such as for
`
`diverse computer platforms and operating systems, and said
`
`10
`
`various portions may all be carried by a VDE container.
`
`An objective of VDE is supporting a
`
`transaction/distribution control standard. Development of such a
`
`standard has many obstacles, given the security requirements
`
`15
`
`and related hardware and communications issues, widely
`
`differing environments, information types, types of information
`
`usage, business and/or data security goals, _varieties of
`
`participants, and properties of delivered information. A
`
`significant feature ofVDE accommodates the many, varying I
`
`20
`
`distribution and other transaction variables by, in part,
`
`decomposing electronic commerce and data security functions
`
`into generalized capability modules executable within a secure
`
`hardware SPU and/or corresponding software subsystem and
`
`further allowing extensive flexibility in assembling, modifying,
`
`25
`
`and/or replacing, such modules (e.g. load modules and/or
`
`-43-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6008
`
`Petitioner Apple Inc. - Ex. 1025, p. 6008
`
`
`
`WO 96127155
`
`PCT/US96/02303
`
`methods) in applications run on a VDE installation foundation.
`
`This configurability and reconfigurability allows electronic
`
`V
`
`commerce and data security participants to reflect their priorities
`
`and requirements through a process of iteratively shaping an
`
`5
`
`evolving extended electronic agreement (electronic control I
`
`model). This shaping can occur as content control information
`passes from one VDE participant to another and to the extent
`
`allowed by “in place” content control information. This process
`
`allows users ofVDE to recast existing control information and/or
`
`10
`
`’
`
`_ add new control information as necessary (including the
`
`elimination of no longer requiredelements).
`
`VDE supports trusted (sufliciently secure) electronic
`
`information distribution and usage control models for both
`
`15
`
`' commercial electronic content distribution and data security
`
`applications. Itcan be configured tomeet the diverse
`requirements of a network of interrelated participants that may
`
`include content creators, content distributors, client
`
`administrators, end users, and/or clearinghouses and/or other
`
`20
`
`content usage information users. These parties may constitute a
`
`network of participants involved in simple to complex electronic
`
`‘content dissemination, usage control, usage reporting, and/or
`
`usage payment. Disseminated content may include both
`
`originally provided and VDE generated information (such as
`
`25 _
`
`content usage information) and content control information may
`
`Petitioner Apple Inc. - Ex. 1025, p. 6009
`
`Petitioner Apple Inc. - Ex. 1025, p. 6009
`
`
`
`wo 95/27155
`
`PCT/US96/02303
`
`persist through both chains (one or more pathways) of content
`
`and content control information handling, as well as the direct
`
`usage of content. The configurability provided by the present
`
`5
`
`invention is particularly critical for supporting electronic
`commerce, that is enabling businesses to create relationships and
`evolve strategies that ofi'er competitive value. Electronic
`
`commerce tools that are not inherently configurable and
`
`interoperable will ultimately fail to produce products (and
`
`services) that meet both basic requirements and evolving needs of
`
`10
`
`most commerce applications.
`
`VDE’s fundamental configurability will allow a broad
`
`range of competitive electronic commerce business models to
`
`flourish. It allows business models to be shaped to maximize
`
`15
`
`revenues sources, end-user product value, and operating
`
`efliciencies. VDE can be employed to support multiple, differing
`
`models, take advantage of new revenue opportunities, and
`
`deliver product configurations most desired by users. Electronic
`
`commerce technologies that do not, as the present invention does:
`I
`!
`support a broad range ofpossible, complementary
`
`20
`
`revenue activities,
`
`‘
`
`offer aflexible array of content usage features most
`
`desired by customers, and
`
`exploit opportunities for operating efliciencies,
`
`!
`
`!
`
`-45-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6010 h
`
`Petitioner Apple Inc. - Ex. 1025, p. 6010
`
`
`
`wo 95/27155
`
`PCI‘IUS96I02303
`
`will result in products that are often intrinsically more costly and
`
`less appealing and therefore less competitive in the marketplace.
`
`Some of the key factors contributing to the configurability
`
`5
`
`intrinsic to the present invention include:
`
`(a)
`
`integration into the fimdamental control
`
`environment of a broad range of electronic
`
`appliances «through portable API and programming
`
`10
`
`language tools that eficiently support merging of
`
`control and auditing.capabil.ities in nearly any
`electronic appliance environment while maintaining
`
`overall system security;
`
`15
`
`(b) modular data structures;
`
`(c)
`
`generic content model;
`
`(d)
`
`general modularity and independence of foundation
`
`20
`
`architectural components;
`
`(e) modular security structures;
`
`i (1)
`
`variable length and multiple branching chains of
`
`25
`
`control; and
`
`‘-46-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6011
`
`Petitioner Apple Inc. - Ex. 1025, p. 6011
`
`
`
`W0 95/27155
`
`PCNUS96/02303
`
`(g)
`
`‘independent, modular control structures in the form
`
`of executable load modules that can be maintained in
`one or more libraries, and assembled into control
`
`methods and models, and where such model control
`
`schemes can “evolve” as control information passes
`through the
`installations of participants of a
`A pathway ofVDE content control information
`
`handling.
`
`5
`
`10
`
`Because of the breadth of issues resolved by the present
`
`invention, it can provide the emerging “electronic highway’? with
`
`a single transaction/distribution control system that can, for a
`
`very broad range of commercial and data security models, ensure
`
`against unauthorized use of confidential and/or proprietary
`
`15
`
`information and commercial electronic transactions. ‘VDE’s
`
`electronic transaction management mechanisms can enforce the
`electronic
`and agreements of all parties participating in
`, widely varying business and data security models, and this can
`
`be efliciently achieved through a single VDE implementation
`
`20
`
`within each VDE participants electronic appliance. VDE
`
`supports widely varying business and/or data security models
`
`that can involve a broad range of participants at various “levels”
`
`ofVDE content and/or content control information pathways of
`
`handling. Different content control and/or auditing models and
`
`25
`
`agreements may be available on the same VDE installation.
`
`-47-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6012
`
`Petitioner Apple Inc. - Ex. 1025, p. 6012
`
`
`
`hwo 95/2755
`
`‘ PCI'IUS96I02303
`
`These models and agreements may control content in
`relationship to, for example,
`installations and/or users in
`
`general; certain specific users, installations, classes and/or other
`
`groupings of installations and/or users; as well as to electronic
`content generally on a given installation, to specific properties,
`
`5
`
`-
`
`property portions, classes and/or other groupings of content.
`
`Distribution using VDE may package both the electronic
`
`content and controlinformation into the same VDE container,
`
`10
`
`.
`
`and/or may involve the delivery to
`
`end-user site. of different
`
`pieces ofthe same VDE managed propertyfrom plural separate
`
`remote locations and/or in plural separate VDE content
`
`containers and/or employing plural diflerent delivery means.
`
`Content control information may be partially or fully delivered
`
`15
`
`separately from its associated content to a user VDE installation
`
`in one or more VDE administrative objects. Portions of said
`
`control information may be delivered from one or more sources.
`
`Control information may also be available for use by access from
`
`a user’s VDE installation secure sub-system to one or more
`
`I
`
`20
`
`remote VDE secure sub-systems and/or VDE compatible, certified
`
`secure remote locations. VDE control processes such as
`
`metering, budgeting, decrypting and/or fingerprinting, may as _
`
`relates to a certain user content usage activity, be performed in a
`
`. user’s local VDE installation secure subsystem, or said processes
`
`25
`
`may be divided amongst plural secure subsystems which may be
`
`"-48-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6013
`
`Petitioner Apple Inc. - Ex. 1025, p. 6013
`
`
`
`W0 9607155
`
`PCT/US96l02303
`
`located in the same user VDE installations and/or in a network
`
`server and in the user installation. For example, a local VDE
`installation may perform decryption and save any, or all of, usage
`
`metering information related to content and/or electronic
`
`appliance usage at such user installation could be performed at
`the server employing secure (e.g., encrypted) communications
`
`between said secure subsystems. Said server location may also
`
`be used for near real time, frequent, or more periodic secure
`
`receipt of content usage information from said user installation,
`
`with, for example, metered information being maintained only
`
`temporarily at a local user installation.
`
`Delivery means for VDE managed content may include
`
`electronic data storage means such as optical disks for delivering
`one portion of said information and broadcasting and/or
`
`telecommunicating means for other portions of said information.
`
`Electronic data storage means may include magnetic media,
`
`optical media, combined magneto-optical systems, flash RAM
`
`memory, bubble memory, and/or other memory storage means
`
`10
`
`15
`
`20
`
`such as huge capacity optical storage systems employing
`
`holographic, frequency, and/or polarity data storage techniques.
`
`Data storage means may also employ layered disc techniques,
`
`such as the use of generally transparent and/or translucent
`
`materials that pass light through layers of data ca.rrying discs
`
`25
`
`which themselves are physically packaged together as one
`
`-49-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6014
`
`Petitioner Apple Inc. - Ex. 1025, p. 6014
`
`
`
`wo 95/;7155
`
`PCT/US96I02303
`
`thicker disc. Data carrying locations on such discs may be, at
`
`least in part, opaque.
`
`VDE supports a. general purpose foundation for secure
`
`5
`
`transaction management, including usage control, auditing,
`
`.
`
`_.
`
`reporting, and/or payment. This general purpose foundation is
`
`called “VDE Functions” ("VDEFs"). ' VDE also supports a
`
`collection of “atomic” application elements (e.g., load modules)
`
`that can be selectively aggregated together to form various VDEF
`
`10
`
`capabilities called control methods and whichserve as VDEF
`
`applications and operating system functions. When a host
`
`operating environment of an electronic appliance includes VDEF
`
`capabilities, it is called a “Rights Operating System” (ROS).
`
`VDEF load modules, associated data, and methods form a body of
`
`information that for the purposes of the present invention are
`called “control information.” VDEF control information may be
`
`specifically associated with one or more pieces of electronic
`content and/or it may be employed as a general component ofthe
`
`operating system capabilifies of a VDE installation.
`
`15
`
`20
`
`VDEF transaction control elements reflect and enact
`
`content specific and/or more generalized administrative (for
`
`example, general operating system) control information. VDEF
`
`capabilities which can generally take the form of applications
`
`25
`
`(application models) that have more or less configurability which
`
`-50-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6015
`
`Petitioner Apple Inc. - Ex. 1025, p. 6015
`
`
`
`W0 96/27155
`
`PCI'lUS96l02303
`
`can be shaped by VDE participants, through the use,‘ for
`
`example, of templates, to employ specific capabilities, along,
`
`for example, with capability parameter data to reflect the
`
`- elements of one or more express electronic agreements between
`
`VDE participants in regards to the use of electronic content such
`as commercially distributed products. These control capabilities
`
`manage the use of, and/or auditing of use of, electronic content,
`
`as well as reporting information based upon content use, and any
`
`payment for said use. VDEF capabilities may “evolve” to reflect
`the requirements of one or more successive parties who receive or
`
`10
`
`otherwise contribute to a given set of control information.
`
`Frequently, for a VDE application for a given content model (such
`
`as distribution of entertainment on CD-ROM, content delivery
`
`from an Internet repository, or electronic catalog shopping and
`
`15
`
`advertising, or some combination of the above) participants,
`
`would be able to securely select from amongst‘ available,
`
`alternative control methods and apply related parameter data,
`
`wherein such selection of control method and/or submission of
`
`data would constitute their “contribution” of control information.
`
`20
`
`Alternatively, or in addition, certain control methods that have
`
`been ‘expressly certified as securely interoperable and compatible
`with said application may be independently submitted by a
`
`participant as part of such a contribution. In the most general
`
`example, a generally certified load module (certified for a given
`
`25
`
`VDE arrangement and/or content class) may beiused with many
`
`-51-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6016
`
`Petitioner Apple Inc. - Ex. 1025, p. 6016
`
`
`
`WO 96127155
`
`PC!‘/US96I02303
`
`or any VDE. application that operates in nodes of said
`
`arrangement. These parties, to the eirtent they are allowed, can
`
`independently and securely add, delete, and/or otherwise modify
`
`the specification of load modules and methods, as well as add,
`
`delete or otherwise modify related information.
`
`Normally the party who creates a VDE content container
`
`defines the general natureof the VDEF capabilities that will
`
`and/or may apply to certain electronic information. A VDE
`
`10
`
`content container is an object that contains both content ( for
`
`example, commercially distributed electronic information
`
`products such as computer soflzware programs, movies, electronic
`
`publications or reference materials, etc.) and certain control
`
`information related to the use of the object’s content. A creating
`
`15.
`
`party may make a VDE container available to other parties.
`
`Control information delivered by, and/or otherwise available for
`
`use with,
`
`content containers comprise (for commercial
`
`content distribution purposes) control capabilities (and
`
`any associated parameter data) for electronic content. These
`
`20
`
`capabilities may constitute one or more “proposed” electronic
`
`agreements (and/or agreement fimctions available for selection 4
`and/or use with parameter data) that manage the use and/or the
`
`consequences of use of such content and which can enact the
`
`terms and conditions ofagreements involving multiple parties 7
`
`25
`
`and their various rights and obligations.
`
`-52-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6017
`
`Petitioner Apple Inc. - Ex. 1025, p. 6017
`
`
`
`W0 96/27155
`
`PCI‘lUS96l02303
`
`A
`
`electronic agreement maybe explicit, through a
`
`user interface acceptance by one or more parties, for example by
`
`a “junior” party who has received control information fi'om a
`
`“senior” party, or it may be a process amongst equal parties who
`
`individually assert their agreement. Agreement may also result
`from an automated electronic process during which terms and
`conditions are “evaluated” by certain
`participant control
`
`information that assesses whether certain other electronic terms
`
`and conditions attached to content and/or submitted by another
`party are acceptable (do not violate acceptable control .
`
`information criteria). Such an evaluation process may be quite
`simple, for example a comparison to ensure compatibility
`
`between a portion of, or all senior, control terms and conditions in
`
`a table of terms and conditions and the submitted control
`
`information of a subsequent participant in a pathway of content
`
`control information handling, or it may be a more elaborate
`process that evaluates the potential outcome of, and/or
`
`implements a negotiation process between, two or more sets of
`
`control information submitted by two or more parties. VDE also
`
`10
`
`15
`
`20
`
`accommodates a semi-automated process during which one or
`
`more VDE participants directly, throughluser interface means,
`
`resolve “disagreements” between control information sets by
`
`accepting and/or proposing certain control information that may
`
`be acceptable to control information representing one or more
`
`25
`
`other parties interests and/or responds to certain user interface
`
`-53-
`
`Petitioner Apple Inc. - Ex. 1025, p. 6018
`
`Petitioner Apple Inc. - Ex. 1025, p. 6018
`
`
`
`WO 96127155
`
`'
`
`.
`
`PCT/US96/02303
`
`queries for selection of certain alternative choices and/or for
`
`certain parameter information, the responses being adopted if
`
`acceptable to applicable senior control information.
`
`When another party (other than the first applier of rules),
`perhaps through a negotiation process, accepts, and/or adds to
`
`and/or otherwise modifies, “in place” content control information,
`
`a VDE agreement between two or more parties related to the use
`
`of such electronic content may be created (so long as any
`
`10
`
`modifications are consistent with senior control information).
`
`Acceptance of terms and conditions related to certain electronic
`
`content may be direct and express, or it may be implicit as a
`
`result of use of content (depending, for example, on legal
`
`. requirements, previous exposure to such terms and conditions,
`
`15
`
`and requirements of in place control information).
`
`capabilities may be employed, and a VDE
`
`agreement may be entered into, by a plurality of parties without
`
`the VDEF capabilities being directly associated with the
`
`20
`
`controlling of certain, specific electronic information. For
`
`example, certain one or more
`
`capabilities may be present
`
`at a VDE installation, and certain VDE agreements may have
`
`been entered into during the registration process for a content
`distribution application, to be used by such installation for
`
`25
`
`securely controlling VDE content usage, auditing, reporting
`
`Petitioner Apple Inc. - Ex. 1025, p. 6019
`
`Petitioner Apple Inc. - Ex. 1025, p. 6019
`
`
`
`W0 96/27155
`
`PC!‘/US96/02303
`
`and/or payment. Similarly, a specific
`
`participant may enter
`
`into a VDE user agreement with a VDE content or electronic
`
`appliance provider when the user and/or her appliance register
`
`with such provider as a VDE installation and/or user. In such
`
`events, VDEF in place control information available to the user
`
`VDE installation may require that certain VDEF methods are
`
`employed, for example in a certain sequence, in order to be able
`
`to use all and/or certain classes, of electronic content and/or VDE
`
`applications.
`
`VDE ensures that certain prerequisites necessary for a
`
`given transaction to occur are met. This includes the secure
`
`execution of any required load modules and the availability of
`
`any required, associated data. For example, required load
`
`modules and data (e.g. in the form of a method) might specify
`
`that sufiicient credit from an authorized source must be
`
`confirmed
`
`available. It might further require certain one or
`
`more load modules execute as processes at an appropriate time to
`
`10
`
`15
`
`' ensure that_ such credit will be used in order to pay for user use of
`
`20
`
`-
`
`the content. A certain content provider might, for example,
`
`require metering the number of copies made for distribution to
`
`employees of a given sofisware program (a portion ofthe program _
`
`might be maintained in encrypted form and require the presence
`
`of a VDE installation to run). This would require the execution of
`
`25
`
`a metering method for copying of the property each time a copy
`
`‘-55-
`
`Petitionel‘ Apple Inc. - Ex. 1025, p. 6020
`
`Petitioner Apple Inc. - Ex. 1025, p. 6020
`
`
`
`wo 95/27155
`
`PCTlUS96/02303
`
`same provider might also
`was made for another employee.
`charge fees based on the ‘total number of different properties
`licensed from them by the user and a metering history oftheir
`
`licensing of properties might be required to maintain this
`
`5
`
`information.
`
`VDE provides organization, community, and/or universe
`
`wide secure environments whose integrity is assured by
`
`processes securely controlled in
`
`participant user
`
`10
`
`installations (nodes). VDE installations, in the preferred
`
`embodiment, may include both software and tamper resistant ‘
`
`hardware semiconductor elements. Such a semiconductor
`
`arrangement comprises, at least in part, special purpose circuitry
`
`that has been designed to protect against tampering with, or
`
`15
`
`unauthorized observation of, the information and functions used
`
`in performing the VDE’s control functions. The special purpose
`
`secure circuitry provided by the present invention includes at
`
`least one of: a dedicated semiconductor arrangement known as a
`
`Secure Processing Unit (SPU) and/or a standard microprocessor,
`
`20
`
`microcontroller, and/or other processing logic that accommodates
`
`the requirements of the present invention and functions. as an
`
`SPU. VDE’s secure hardware may be found incorporated into, for
`example, a fax/modem chip or chip pack, I/O controller, video
`
`display controller, and/or other available digital processing
`
`25
`
`arrangements. It is anticipated that portions ofthe present
`
`-55-
`
`Petitioner App