`
`PCTIUS97Il5243
`
`(application models) that have more or less configurability which
`
`can be shaped by VDE participants, through the use, for
`
`example, of VDE templates, to employ specific capabilities, along,
`
`for example, with capability parameter data to reflect the
`
`5
`
`elements of one or more express electronic agreements between
`
`VDE participants in regards to the use of electronic content such
`
`as commercially distributed products. These control capabilities
`
`manage the use of, and/or auditing of use of, electronic content,
`
`as well as reporting information based upon content use, and any
`
`i 10
`
`payment for said use. VDEF capabilities may “'evolve" to reflect
`
`the requirements of one or more successive parties who receive
`
`or otherwise contribute to a given set of control information.
`
`Frequently, for a VDE application for a given content model
`
`(such as distribution of entertainment on CD-ROM, content
`
`15
`
`delivery from an Internet repository, or electronic catalog
`
`shopping and advertising, or some combination of the above)
`
`participants would be able to securely select from amongst
`
`available, alternative control methods and apply related
`
`parameter data, wherein such selection of control method and/or
`
`20
`
`submission of data would constitute their “contribution” of
`
`control information. Alternatively, or in addition, certain control
`
`methods that have been expressly certified as securely
`
`interoperable and compatible with said application may be
`
`independently submitted by a participant as part of such a
`
`-54-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2001
`
`Petitioner Apple Inc. - Ex. 1025, p. 2001
`
`
`
`WO 98109209
`
`PCTIUS97]15243
`
`contribution. In the most general example, a generally certified
`
`load module (certified for a given VDE arrangement and/or
`
`content class) may be used with many or any VDE application
`
`that operates in nodes of said arrangement. These parties, to the
`
`5
`
`extent they are allowed, can independently and securely add,
`
`delete, and/or otherwise modify the specification of load modules
`
`and methods, as well as add, delete or otherwise modify related
`
`information.
`
`10
`
`Normally the party who creates a VDE content container
`
`defines the general nature of the VDEF capabilities that will
`and/or may apply to certain electronic information. A VDE
`
`content container is an object that contains both content ( for
`
`example, commercially distributed electronic information
`
`15
`
`products such as computer software programs, movies, electronic
`
`publications or reference materials, etc.) and certain control
`
`information related to the use of the object’s content. A creating
`
`party may make a VDE container available to other parties.
`
`Control information delivered by, and/or otherwise available for
`
`20
`
`use with, VDE content containers comprise (for commercial
`
`content d.istribution purposes) VDEF control capabilities (and
`
`any associated parameter data) for electronic content. These
`
`capabilities may constitute one or more “proposed” electronic
`
`agreements (and/or agreement functions available for selection
`
`-55.
`
`Petitioner Apple Inc. - Ex. 1025, p. 2002
`
`Petitioner Apple Inc. - Ex. 1025, p. 2002
`
`
`
`WO 98109209
`
`'
`
`PCTIUS97I15243
`
`and/or use with parameter data) that manage the use and/or the
`
`consequences of use of such content and which can enact the
`
`terms and conditions of agreements involving multiple parties
`
`and their various rights and obligations.
`
`A VDE electronic agreement may be explicit, through a
`
`user interface acceptance by one or more parties, for example by”
`a “junior" party who has received control information from a
`
`“senior” party, or it may be a process amongst equal parties who
`
`10
`
`individually assert their agreement. Agreement may also result
`
`from an automated electronic process during which terms and
`
`conditions are “evaluated” by certain VDE participant control
`
`information that assesses whether certain other electronic terms
`
`and conditions attached to content and/or submitted by another
`
`15
`
`party are acceptable (do not violate acceptable control
`
`information criteria). Such an evaluation process may be quite
`
`simple, for example a comparison to ensure compatibility
`
`between a portion of, or all senior, control terms and conditions
`
`in a table of terms and conditions and the submitted control
`
`20
`
`information of a subsequent participant in a pathway of content
`
`control information handling, or it may be a more elaborate
`
`process that evaluates the potential outcome of, and/or
`
`implements a negotiation process between, two or more sets of
`
`control information submitted by two or more parties. VDE also
`
`-55-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2003
`
`Petitioner Apple Inc. - Ex. 1025, p. 2003
`
`
`
`WO 98/09209
`
`PCTIUS9'IIl5243
`
`accommodates a semi-automated process du.ring which one or
`
`more VDE participants directly, through user interface means,
`
`resolve “disagreements” between control information sets by
`
`accepting and/or proposing certain control information that may
`
`5
`
`be acceptable to control information representing one or more
`
`other parties interests and/or responds to certain user interface
`
`queries for selection of certain alternative choices and/or for
`
`certain parameter information, the responses being adopted if
`
`acceptable to applicable senior control information.
`
`10
`
`When another party (other than the first applier of rules),
`
`perhaps through a negotiation process, accepts, and/or adds to
`
`and/or otherwise modifies, “in place” content control information,
`
`a VDE agreement between two or more parties related to the use
`
`15
`
`of such electronic content may be created (so long as any
`
`modifications are consistent with senior control information).
`
`Acceptance of terms and conditions related to certain electronic
`
`
`‘content may be direct and express, or it may be implicit as a
`
`result of use of content (depending, for example, on legal
`
`20
`
`requirements, previous exposure to such terms and conditions,
`
`and requirements of in place control information).
`
`VDEF capabilities may be employed, and a VDE
`
`agreement may be entered into, by a plurality of parties without
`
`-57-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2004
`
`Petitioner Apple Inc. - Ex. 1025, p. 2004
`
`
`
`W0 98/09209
`
`PCl‘IUS97I15243
`
`the VDEF capabilities being directly associated with the
`
`controlling of certain, specific electronic information. For
`
`example, certain one or more VDEF capabilities may be present
`
`at a VDE installation, and certain VDE agreements may have
`
`5
`
`been entered into during the registration process for a content
`
`distribution application, to be used by such installation for
`
`securely controlling VDE content usage, auditing, reporting
`
`and/or payment. Similarly, a specific VDE participant may enter
`
`into a VDE user agreement with a VDE content or electronic
`
`10
`
`appliance provider when the user andlor her appliance register
`
`with such provider as a VDE installation and/or user. In such
`
`events, VDEF in place control information available to the user
`
`VDE installation may require that certain VDEF methods are
`
`employed, for example in a certain sequence. in order to be able
`
`15
`
`to use all and/or certain classes, of electronic content and/or VDE
`
`applications.
`
`VDE ensures that certain prerequisites necessary for a
`
`given transaction to occur are met. This includes the secure
`
`20
`
`execution of any required load modules and the availability of
`
`any required, associated data. For example, required load
`
`modules and data (e.g. in the form of a method) might specify
`
`that sufiicient credit from an authorized source must be
`
`confirmed as available. It might further require certain one or
`
`-53-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2005
`
`Petitioner Apple Inc. - Ex. 1025, p. 2005
`
`
`
`wo 93/09209
`
`V
`
`rcrrussv/15243
`
`more load modules execute as processes at an appropriate time
`
`to ensure that such credit will be used in order to pay for user
`
`use of the content. A certain content provider might, for
`
`example, require metering the number of copies made for
`
`5
`
`distribution to employees of a given software program (a portion
`
`of the program might be maintained in encrypted form and
`
`require the presence of a VDE installation to rim). This would
`
`require the execution of a metering method for copying of the
`
`property each time a copy was made for another employee. This
`
`10
`
`same provider might also charge fees based on the total number
`
`of different properties licensed from them by the user and a
`
`metering history of their licensing of properties might be
`
`required to maintain this information.
`
`15
`
`VDE provides organization, community, and/or universe
`
`wide secure environments whose integrity is assured by
`
`processes securely controlled in VDE participant user
`
`installations (nodes). VDE installations, in the preferred
`
`embodiment, may include both software and tamper resistant
`
`20
`
`hardware semiconductor elements. Such a semiconductor
`
`arrangement comprises, at least in part, special purpose circuitry
`
`that has been designed to protect against tampering with, or
`
`unauthorized observation of, the information and functions used
`
`in performing the VDE’s control functions. The special purpose
`
`-59-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2006
`
`Petitioner Apple Inc. - Ex. 1025, p. 2006
`
`
`
`WO 98/09209
`
`PC1'IUS97l152-13
`
`secure circuitry provided by the present invention includes at
`
`least one of: a dedicated semiconductor arrangement known as a
`
`Secure Processing Unit (SPU) and/or a standard microprocessor,
`
`microcontroller, and/or other processing logic that accommodates
`
`5
`
`the requirements of the present invention and functions as an
`
`SPU. VDE’s secure hardware may be found incorporated into,
`
`for example, a fax/modem chip or chip pack, I/O controller, video
`
`display controller, and/or other available digital processing
`
`arrangements. It is anticipated that portions of the present
`
`10
`
`invention’s VDE secure hardware capabilities may ultimately be
`
`standard design elements of central processing units (CPUs) for
`
`computers and various other electronic devices.
`
`Designing VDE capabilities into one or more standard
`
`15
`
`microprocessor, microcontroller and/or other digital processing
`
`components may materially reduce VDE related hardware costs
`
`by employing the same hardware resources for both the
`
`transaction management uses contemplated by the present
`
`invention and for other, host electronic appliance functions. This
`
`20
`
`means that a VDE SPU can employ (share) circuitry elements of
`
`a “standard” CPU. For example, if a “standard” processor can
`
`operate in protected mode and can execute VDE related
`
`instructions as a protected activity, then such an embodiment
`
`may provide sufiicient hardware security for a variety of
`
`-30-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2007
`
`Petitioner Apple Inc. - Ex. 1025, p. 2007
`
`
`
`wo 98109209
`
`rcr/us9'ms243
`
`applications and the expense of a special purpose processor
`
`might be avoided. Under one preferred embodiment of the
`
`present invention, certain memory (e.g., RAM, ROM, NVRAM) is
`
`maintained during VDE related instruction processing in a
`
`5
`
`protected mode (for example, as supported by protected mode
`
`microprocessors). This memory is located in the same package as
`
`the processing logic (e.g. processor). Desirably, the packaging
`
`and memory of such a processor would be designed using
`
`security techniques that enhance its resistance to tampering.
`
`10
`
`The degree of overall security of the VDE system is
`
`primarily dependent on the degree of tamper resistance and
`
`concealment of VDE control process execution and related data
`
`storage activities. Employing special purpose semiconductor
`
`15
`
`packaging techniques can significantly contribute to the degree
`
`of security. Concealment and tamper-resistance in
`
`semiconductor memory (e.g., RAM, ROM, NVRAM) can be
`
`achieved, in part, by employing such memory within an SPU
`
`package, by encrypting data before it is sent to external memory
`
`20
`
`(such as an external RAM package) and decrypting encrypted
`
`data within the CPU/RAM package before it is executed. This
`
`process is used for important VDE related data when such data
`
`is stored on unprotected media, for example, standard host
`
`storage, such as random access memory, mass storage, etc. In
`
`-51-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2008
`
`Petitioner Apple Inc. - Ex. 1025, p. 2008
`
`
`
`W0 98/09209
`
`PC'l'IUS97ll5243
`
`that event, a VDE SPU would encrypt data that results from a
`
`secure VDE execution before such data was stored in external
`
`memory.
`
`5
`
`Summary of Some Important Features Provided by VDE in
`
`Accordance With the Present Invention
`
`VDE employs a variety of capabilities that serve as a
`
`foundation for a general purpose, sufficiently secure distributed
`
`electronic commerce solution. VDE enables an electronic
`
`10
`
`commerce marketplace that supports divergent, competitive
`
`business partnerships, agreements, and evolving overall
`
`business models. For example, VDE includes features that:
`
`“sufficiently” impede unauthorized and/or
`
`15
`
`uncompensated use of electronic information and/or
`
`appliances through the use of secure
`
`communication, storage, and transaction
`
`management technologies. VDE supports a model
`
`wide, distributed security implementation which
`
`20 M
`
`creates a single secure "virtual" transaction
`
`processing and information storage environment.
`
`VDE enables distributed VDE installations to
`
`securely store and communicate information and
`
`remotely control the execution processes and the
`
`-62-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2009
`
`Petitioner Apple Inc. - Ex. 1025, p. 2009
`
`
`
`WO 98/09209
`
`PCI‘IUS97Il5243
`
`character of use of electronic information at other
`
`VDE installations and in a wide variety of ways;
`
`0
`
`support low-cost, efiicient, and efiective security
`
`5
`
`architectures for transaction control, auditing,
`
`reporting, and related communications and
`
`information storage. VDE may employ tagging
`
`related security techniques, the time-ageing of
`
`encryption keys, the compartmentalization of both
`
`10
`
`stored control information (including differentially
`
`tagging such stored information to ensure against
`
`substitution and tampering) and distributed content
`
`(to, for many content applications, employ one or
`
`more content encryption keys that are unique to the
`
`15
`
`specific VDE installation and/or user), private key
`
`techniques such as triple DES to encrypt content,
`
`public key techniques such as RSA to protect
`
`communications and to provide the benefits of
`
`digital signature and authentication to securely bind
`
`20
`
`together the nodes of a VDE arrangement, secure
`
`processing of important transaction management
`
`executable code, and a combining of a small amount
`
`of highly secure, hardware protected storage space
`
`with a much larger “exposed” mass media storage
`
`-63-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2010
`
`Petitioner Apple Inc. - Ex. 1025, p. 2010
`
`
`
`wo 93/09209
`
`PCTIUS97I15243
`
`space storing secured (normally encrypted and
`
`tagged) control and audit information. VDE
`
`employs special purpose hardware distributed
`
`throughout some or all locations of a VDE
`
`5
`
`‘
`
`implementation: a) said hardware controlling
`
`important elements of: content preparation (such as
`
`causing such content to be placed in a VDE content
`
`container and associating content control
`
`information with said content), content and/or
`
`10
`
`electronic appliance usage auditing, content usage
`
`analysis, as well as content usage control; and b)
`
`said hardware having been designed to securely
`
`handle processing load module control activities,
`
`wherein said control processing activities may
`
`15
`
`involve a sequence of required control factors;
`
`0
`
`support dynamic user selection of information
`
`subsets of a VDE electronic information product
`
`(VDE controlled content). This contrasts with the
`
`20
`
`constraints of having to use a few high level
`
`individual, pre-defined content provider information
`
`increments such as being required to select a whole
`
`information product or product section in order to
`
`acquire or otherwise use a portion of such product or
`
`-54.
`
`Petitioner Apple Inc. - Ex. 1025, p. 2011
`
`Petitioner Apple Inc. - Ex. 1025, p. 2011
`
`
`
`wo 98109209
`
`'
`
`1>c'rrus97/15243
`
`5
`
`10
`
`section. VDE supports metering and usage control
`
`over a variety of increments (including “atomic”
`
`increments, and combinations of different increment
`
`types) that are selected ad hoc by a user and
`
`represent a collection of pre-identified one or more
`
`increments (such as one or more blocks of a
`
`preidentified nature, e.g., bytes, images, logically
`
`related blocks) that form a generally arbitrary, but .-
`
`logical to a user, content “deliverable.” VDE control
`
`information (including budgeting, pricing and
`
`metering’) can be configured so that it can
`
`specifically apply, as appropriate, to ad hoc selection
`
`of different, unanticipated variable user selected
`
`aggregations of information increments and pricing
`
`15
`
`levels can be, at least in part. based on quantities
`
`and/or nature of mixed increment selections (for
`
`example, a certain quantity of certain text could
`
`mean associated images might be discounted by
`
`15%; a greater quantity of text in the “mixed”
`
`20
`
`increment selection might mean the images are
`
`discounted 20%). Such user selected aggregated
`
`information increments can reflect the actual
`
`requirements of a user for information and is more
`
`flexible than being limited to a single, or a few, high
`
`-55-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2012
`
`Petitioner Apple Inc. - Ex. 1025, p. 2012
`
`
`
`WO 98109209
`
`PCITUS97/15243
`
`level, (e.g. product, document, database record)
`
`predetermined increments. Such high level
`
`increments may include quantities of information
`
`not desired by the user and as a result be more
`
`5
`
`costly than the subset of information needed by the
`
`user if such a subset was available. In sum, the
`
`present invention allows information contained in
`
`electronic information products to be supplied
`
`according to user specification. Tailoring to user
`
`10
`
`specification allows the present invention to provide
`
`the greatest value to users, which in turn will
`
`generate the greatest amount of electronic commerce
`
`activity. The user, for example, would be able to
`
`define an aggregation of content derived from
`
`_
`
`15
`
`various portions of an available content product, but
`
`which, as a deliverable for use by the user. is an
`
`entirely unique aggregated increment. The user
`
`may, for example, select certain numbers of bytes of
`
`information from various portions of an information
`
`20
`
`product, such as a reference work, and copy them to
`
`disc in unencrypted form and be billed based on
`
`total number of bytes plus a surcharge on the
`
`number of “articles” that provided the bytes. A
`
`content provider might reasonably charge less for
`
`-33-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2013
`
`Petitioner Apple Inc. - Ex. 1025, p. 2013
`
`
`
`WO 98/09209
`
`PCTIUS97/15243
`
`such a user defined information increment since the
`
`user does not require all of the content from all of
`
`the articles that contained desired information. This
`
`process of defining a user desired information
`
`increment may involve artificial intelligence
`
`database search tools that contribute to the location
`
`of the most relevant portions of information from an
`
`information product and cause the automatic display
`
`to the user of information describing search criteria
`
`hits for user selection or the automatic extraction
`
`and delivery of such portions to the user. VDE
`
`further supports a wide variety of predefined
`
`increment types including:
`
`0
`
`0
`
`0
`
`bytes,
`
`images,
`
`content over time for audio or video, or any
`
`other increment that can be identified by content
`
`provider data mapping efforts, such as:
`
`0
`
`0
`
`0
`
`0
`
`0
`
`sentences,
`
`paragraphs,
`
`articles,
`
`database records, and
`
`byte offsets representing increments of
`
`logically related information.
`
`-67-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2014
`
`10
`
`15
`
`20
`
`Petitioner Apple Inc. - Ex. 1025, p. 2014
`
`
`
`W0 98/09209
`
`PCT/US97Il5243
`
`VDE supports as many simultaneous predefined increment types
`
`as may be practical for a given type of content and business
`
`model.
`
`5
`
`O
`
`securely store at a user’s site potentially highly
`
`detailed information reflective of a user’s usage of a
`
`variety of different content segment types and
`
`employing both inexpensive “exposed” host mass
`
`storage for maintaining detailed information in the
`
`10
`
`form of encrypted data and maintaining summary
`
`information for security testing in highly secure
`
`special purpose VDE installation nonvolatile
`
`memory (if available).
`
`15
`
`0
`
`support trusted chain of handling capabilities for
`
`pathways of distributed electronic information
`
`and/or for content usage related information. Such
`
`chains may extend, for example, from a content
`
`creator, to a distributor, a redistributor, a client
`
`20
`
`user, and then may provide a pathway for securely
`
`reporting the same and/or differing usage
`
`information to one or more auditors, such as to one
`
`or more independent clearinghouses and then back
`
`to the content providers, including content creators.
`
`-68-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2015
`
`Petitioner Apple Inc. - Ex. 1025, p. 2015
`
`
`
`wo 93/09209
`
`PCFIUS97/15243
`
`The same and/or different pathways employed for
`
`certain content handling, and related content control
`
`information and reporting information handling,
`
`may also be employed as one or more pathways for
`
`5
`
`electronic payment handling (payment is
`
`characterized in the present invention as
`
`administrative content) for electronic content and/or
`
`appliance usage. These pathways are used for
`
`conveyance of all or portions of content, and/or
`
`10
`
`content related control information. Content
`
`creators and other providers can specify the
`
`pathways that, partially or fully. must be used to
`
`disseminate commercially distributed property
`
`content, content control irifoimation, payment
`
`15
`
`administrative content, andior associated usage
`
`reporting information. Control information specified
`
`by content providers may also specify which specific
`
`parties must or may (including, for example, a group
`
`of eligible parties from which a selection may be
`
`20
`
`made) handle conveyed information. It may also
`
`specify what transmission means (for example
`
`telecommunication carriers or media types) and
`
`transmission hubs must or may be used.
`
`-59-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2016
`
`Petitioner Apple Inc. - Ex. 1025, p. 2016
`
`
`
`W0 98l09209
`
`,
`
`PCT/US97/1524.3
`
`0
`
`support flexible auditing mechanisms, such as
`
`employing ‘bitmap meters,” that achieve a high
`
`degree of efliciency of operation and throughput and
`
`allow, in a practical manner, the retention and
`
`5
`
`ready recall of information related to previous usage
`
`10
`
`activities and related patterns. This flexibility is
`
`adaptable to a wide variety of billing and security
`
`control strategies such as:
`
`I
`
`I
`
`I
`
`upgrade pricing (e.g. suite purchases),
`
`pricing discounts (including quantity
`
`discounts),
`
`billing related time duration variables such as
`
`discounting new purchases based on the
`
`timing of past purchases, and
`
`15
`
`I
`
`security budgets based on quantity of
`
`different, logically related units of electronic
`
`information used over an interval of time.
`
`Use of bitmap meters (including “regular” and
`
`20
`
`“wide” bitmap meters) to record usage and/or
`
`purchase of information, in conjunction with other
`
`elements of the preferred embodiment of the present
`
`invention, uniquely supports efiicient maintenance
`
`of usage history for: (a) rental, (b) flat fee licensing
`
`-70-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2017
`
`Petitioner Apple Inc. - Ex. 1025, p. 2017
`
`
`
`WO 98109209
`
`PCI‘IUS97Il5243
`
`or purchase. (c) licensing or purchase discounts
`
`based upon historical usage variables, and (d)
`
`reporting to users in a manner enabling users to
`determine whether a certain item was acquired, or
`
`5
`
`acquired within a certain time period (without
`
`requiring the use of conventional database
`
`mechanisms, which are highly inefficient for these
`
`applications). Bitmap meter methods record
`
`activities associated with electronic appliances,
`
`10
`
`properties. objects, or portions thereof, and/or
`
`administrative activities that are independent of
`
`specific properties, objects, etc., performed by a user
`
`and/or electronic appliance such that a content
`
`and/or appliance provider and/or controller of an
`
`15
`
`administrative activity can determine whether a
`
`certain activity has occurred at some point, or
`
`during a certain period, in the past (for example,
`
`certain use of a commercial electronic content
`
`product and/or appliance). Such determinations can
`
`20
`
`then be used as part of pricing and/or control
`
`strategies of a content and/or appliance provider,
`
`and/or controller of an administrative activity. For
`
`example, the content provider may choose to charge
`
`only once for access to a portion of a property,
`
`__ V
`
`.71.
`
`Petitioner Apple Inc. - Ex. 1025, p. 2018
`
`Petitioner Apple Inc. - Ex. 1025, p. 2018
`
`
`
`WO 98109209
`
`PCTIUS97I15243
`
`U!
`
`10
`
`15
`
`20
`
`regardless of the number of times that portion of the
`
`property is accessed by a user.
`
`support “launchable” content, that is content that
`
`can be provided by a content provider to an
`
`end-user, who can then copy or pass along the
`
`content to other end-user parties without requiring
`
`the direct participation of a content provider to
`
`register and/or otherwise initialize the content for
`
`use. This content goes “out of (the traditional
`
`distribution) channel” in the form of a “traveling
`
`object.” Traveling objects are containers that
`
`securely carry at least some permissions information
`
`and/or methods that are required for their use (such
`
`methods need not be carried by traveling objects if
`
`the required methods will be available at, or directly
`
`available to, a destination VDE installation).
`
`Certain travelling objects may be used at. some or all
`
`VDE installations of a given VDE arrangement since
`
`‘they can make available the content control
`
`information necessary for content use without
`
`requiring the involvement of a commercial VDE
`
`value chain participant or data security
`
`administrator (e.g. a control officer or network
`
`-72-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2019
`
`Petitioner Apple Inc. - Ex. 1025, p. 2019
`
`
`
`wo 93/09209
`
`PCI'IUS97Il5243
`
`administrator). As long as traveling object control
`
`information requirements are available at the user
`
`VDE installation secure subsystem (such as the
`
`presence of a suficient quantity of financial credit
`
`5
`
`from an authorized credit provider), at least some
`
`travelling object content may be used by a receiving
`
`party without the need to establish a connection
`
`with a remote VDE authority (until, for example,
`
`budgets are exhausted or a time content usage
`
`10
`
`reporting interval has occurred). Traveling objects
`
`can travel “out-of-channel,” allowing, for example, a
`
`user to give a copy of a traveling object whose
`
`content is a software program, a movie or a game, to
`
`a neighbor, the neighbor being able to use the
`
`15
`
`traveling object if appropriate credit (e.g. an
`
`electronic clearinghouse account from a
`
`clearinghouse such as VISA or AT&T) is available.
`
`Similarly, electronic information that is generally
`
`available on an Internet, or a similar network,
`
`20
`
`repository might be provided in the form of a
`
`traveling object that can be downloaded and
`
`subsequently copied by the initial downloader and
`
`then passed along to other parties who may pass the
`
`object on to additional parties.
`
`-73-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2020
`
`Petitioner Apple Inc. - Ex. 1025, p. 2020
`
`
`
`W0 98/D9209
`
`PC!‘/US9‘7Il52-13
`
`0
`
`provide very flexible andextensible user
`
`identification according to individuals, installations,
`
`by groups such as classes, and by function and
`
`hierarchical identification employing a hierarchy of
`
`5
`
`levels of client identification (for example, client
`
`organization ID, client department ID, client
`
`network ID, client project ID, and client employee
`
`ID, or any appropriate subset of the above).
`
`10
`
`0
`
`provide a general purpose, secure, component based
`
`content control and distribution system that
`
`functions as a foundation transaction operating
`
`system environment that employs executable code
`
`pieces crafted for transaction control and auditing.
`
`15
`
`These code pieces can be reused to optimize
`
`efficiency in creation and operation of trusted,
`
`distributed transaction management arrangements.
`
`VDE supports providing such executable code in the
`
`form of “atomic” load modules and associated data.
`
`20
`
`Many such load modules are inherently
`
`configurable, aggregatable, portable, and extensible
`
`and singularly, or in combination (along with
`
`associated data), run as control methods under the
`
`VDE transaction operating environment. VDE can
`
`-74-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2021
`
`Petitioner Apple Inc. - Ex. 1025, p. 2021
`
`
`
`WO 98/09209
`
`PCTIUS97Il5243
`
`satisfy the requirements of widely diflering
`
`electronic commerce and data security applications
`
`by, in part, employing this general purpose
`
`transaction management foundation to securely
`
`process VDE transaction related control methods.
`
`Control methods are created primarily through the
`
`use of one or more of said executable, reusable load
`
`module code pieces (normally in the form of
`
`executable object components) and associated data.
`
`10
`
`The component nature of control methods allows the
`
`present invention to efliciently operate as a highly
`
`configurable content control system. Under the
`
`present invention, content control models can be
`iteratively and asynchronously shaped, and
`
`15
`
`otherwise updated to accommodate the needs of
`
`VDE participants to the extent that such shaping
`
`and otherwise updating conforms to constraints
`
`applied by a VDE application, if any (e.g., whether
`
`new component assemblies are accepted and, if so,
`
`20
`
`what certification requirements exist for such
`
`component assemblies or whether any or certain
`
`participants may shape any or certain control
`
`information by selection amongst optional control
`
`information (permissions record) control methods.
`
`-75-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2022
`
`Petitioner Apple Inc. - Ex. 1025, p. 2022
`
`
`
`WO 98109209
`
`PCTIUS97/15243
`
`This iterative (or concurrent) multiple participant
`
`process occurs as a result of the submission and use
`
`of secure, control information components
`
`(executable code such as load modules and/or
`
`5
`
`methods, and/or associated data). These
`
`components may be contributed independently by
`
`secure communication between each control
`
`information influencing VDE participant’s VDE
`
`installation and may require certification for use
`
`10
`
`with a given application, where such certification
`
`was provided by a certification service manager for
`
`the VDE arrangement who ensures secure
`
`interoperability and/or reliability (e.g., bug control
`
`resulting from interaction) between appliances and
`
`15
`
`submitted control methods. The transaction
`
`management control functions of a VDE electronic
`
`appliance transaction operating environment
`
`interact with non-secure transaction management
`
`operating system fimctions to properly direct
`
`20
`
`transaction processes and data related to electronic
`
`information security, usage control, auditing, and
`
`usage reporting. VDE provides the capability to
`
`manages resources related to secure VDE content
`
`-76-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2023
`
`Petitioner Apple Inc. - Ex. 1025, p. 2023
`
`
`
`wo 98/09209
`
`1>crrus97/15243
`
`and/or appliance control information execution and
`
`data storage.
`
`0
`
`facilitate creation of application and/or system
`
`5
`
`functionality under VDE and to facilitate integration
`
`into electronic appliance environments of load
`
`modules and methods created under the present
`
`invention. To achieve this, VDE employs an
`
`Application Programmer’s Interface (API) and/or a
`
`10
`
`transaction operating system (such as a ROS)
`
`programming language with incorporated functions,
`
`both of which support the use of capabilities and can
`
`be used to efiiciently and tightly integrate VDE
`
`functionality into commercial and user applications.
`
`15
`
`0
`
`support user interaction through: (a) “Pop-Up”
`
`applications which, for example, provide messages to
`
`users and enable users to take specific actions such
`
`20
`
`as approving a transaction, (b) stand-alone VDE
`
`applications that provide administrative
`
`environments for user activities such as: end-user
`
`preference specifications for limiting the price per
`
`transaction, unit of time, and/or session, for
`
`-77-
`
`Petitioner Apple Inc. - Ex. 1025, p. 2024
`
`Petitioner Apple Inc. - Ex. 1025, p. 2024
`
`
`
`wo 93/09209
`
`PC!‘/US97I15243
`
`accessing history infonnation concerning previous l
`
`transactions, for reviewing fina