I lllll llllllll Ill lllll lllll lllll lllll lllll 111111111111111111111111111111111
`US007079649B 1
`
`c12) United States Patent
`Bramhill et al.
`
`(IO) Patent No.:
`(45) Date of Patent:
`
`US 7,079,649 Bl
`Jul. 18, 2006
`
`(54) COPY PROTECTION OF DATA
`
`(75)
`
`Inventors: Ian Duncan Bramhill, Ipswich (GB);
`Matthew Robert Charles Sims,
`Ipswich (GB)
`
`(73) Assignee: British Telecommunications public
`limited company, London (GB)
`
`( *) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 709 days.
`
`(21) Appl. No.:
`
`09/091,735
`
`(22) PCT Filed:
`
`Mar. 18, 1998
`
`(86) PCT No.:
`
`PCT /GB98/00808
`
`§ 371 (c)(l),
`(2), ( 4) Date:
`
`Jun.24, 1998
`
`(87) PCT Pub. No.: W098/44402
`
`PCT Pub. Date: Oct. 8, 1998
`
`(30)
`
`Foreign Application Priority Data
`
`Mar. 27, 1997
`
`(EP)
`
`.................................. 97302194
`
`(51)
`
`Int. Cl.
`(2006.01)
`H04K 1100
`(52) U.S. Cl. ............................ 380/21; 382/233; 713/1;
`705/400
`(58) Field of Classification Search ................ 713/156,
`713/158, 164, 200, 201, 160; 705/55-59;
`340/825.31; 380/227-228, 239, 278; 707/9-10
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,809,145 A *
`5,819,293 A *
`5,841,978 A *
`5,845,281 A *
`5,982,899 A *
`5,983,348 A *
`6,014,651 A *
`6,055,314 A *
`6,092,192 A *
`6,122,403 A *
`6,173,332 Bl*
`6,182,142 Bl*
`6,212,640 Bl*
`6,216,173 Bl*
`6,253,193 Bl*
`
`9/1998 Slik et al ...................... 705/52
`10/1998 Comer et al ................ 707/203
`11/1998 Rhoads .......................... 9/217
`12/1998 Benson et al. ................. 70719
`11/1999 Probst ........................... 713/1
`11/1999 Ji ............................... 713/200
`1/2000 Crawford .................... 705/400
`412000 Spies et al. ................... 380/21
`712000 Kanevsky et al.
`.......... 713/186
`912000 Rhoads ....................... 382/233
`1/2001 Hickman .................... 709/235
`1/2001 Win et al. ................... 7091229
`4/2001 Abdelnur et al ............ 713/201
`412001 Jones et al. ................. 709/202
`................. 705/57
`6/2001 Ginter et al.
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`WO
`
`A-0718761
`WO-A-9407204
`
`* 6/1996
`* 3/1994
`
`OTHER PUBLICATIONS
`
`Kobielus, "Buyer's guide, Gotcha!" from Network World
`Journal, p. 45, Sep. 9, 1996.*
`Yordon E., "Java, the Web, and software development",
`Computer, vol. 29, No. 8, Aug. 1996.*
`
`(Continued)
`
`Primary Examiner--Cuong Nguyen
`(74) Attorney, Agent, or Firm-Nixon & Vanderhye, P.C.
`
`(57)
`
`ABSTRACT
`
`A copyright protection scheme downloads data from a
`server, typically over the World Wide Web to a client for
`presentation to a user. The downloaded data is cryptographi(cid:173)
`cally protected, by encryption and hashing. When displayed
`by the client, storing and copying functions are selectively
`disabled in respect of the data, in order to prevent unautho(cid:173)
`rized copying.
`
`5,235,642 A *
`
`8/1993 Wobber et al .............. 713/156
`
`26 Claims, 8 Drawing Sheets
`
`r-------------,
`I
`I
`I
`
`web server
`L ___________ J
`
`World Wide Web
`
`MobileIron, Inc., Ex. 1017 - Page 001
`
`

`

`US 7,079,649 Bl
`Page 2
`
`OTHER PUBLICATIONS
`
`Bender W. et al., "Techniques for data hiding", IBM systems
`journal, vol. 35, No. 3, pp. 313-335, Apr. 1996. *
`Dean eta!., "Java security: from HotJava to Netscape and
`beyond", Proc. of the 1996 IEEE symposium on security and
`privacy, Oakland, CA., pp. 190-200, May 1996.*
`M. Satyanarayanan, Coda: A highly available file system for
`a distributed workstation environment, IEEE, pp. 114-117,
`Dec. 1989.*
`M. Satyanarayanan, et al., A highly available file system for
`a distributed workstation environment, IEEE, pp. 447-459,
`Apr. 1990.*
`Tobbicke, Distributed file systems: Focus on Andrew File
`System/Distributed File Service (AFS/DFS), Dec. 1994.*
`
`Gupta et al., Reliable garage collection in distributed object
`oriented system, Proceedings COMPSAC 88: The 12th
`Inter. Computer Software and applications conference, Oct.
`5-7, 1988, pp. 324-328.*
`Journalist's SIG, Feb. 8, 1997, pp. 1-2.
`IMPRIMATUR: Special Interest Group Manual, 1997, pp.
`1-20.
`Koblin et al., "The IMPRIMATUR Multimedia IPR Man(cid:173)
`agement System", TELES AG (1997).
`IMPRIMATUR: "Protection of Technological Measures",
`Institute for Information Law, Amsterdam, Nov. 1998, pp.
`1-74.
`
`* cited by examiner
`
`MobileIron, Inc., Ex. 1017 - Page 002
`
`

`

`U.S. Patent
`
`Jul. 18, 2006
`
`Sheet 1 of 8
`
`US 7,079,649 Bl
`
`web server
`
`1
`
`2
`
`World Wide Web
`
`\\
`D
`
`client computer
`
`Fig. 1
`(Prior Art)
`
`3
`
`MobileIron, Inc., Ex. 1017 - Page 003
`
`

`

`U.S. Patent
`
`Jul. 18, 2006
`
`Sheet 2 of 8
`
`US 7,079,649 Bl
`
`Welcome to Company X's Homepage
`8
`
`graphics display
`
`9
`
`link to another web page
`•
`~, 10
`
`6
`
`7
`
`5
`
`4
`Fig. 2 (Prior Art)
`
`Welcome to Company X's Homepage
`with added copyright protection
`
`11
`
`graphics display
`
`Copyright
`protected
`document
`
`12
`
`~ link to another web page
`- , 10
`
`7
`
`Fig. 4
`
`4
`
`MobileIron, Inc., Ex. 1017 - Page 004
`
`

`

`U.S. Patent
`
`Jul. 18, 2006
`
`Sheet 3 of 8
`
`US 7,079,649 Bl
`
`,-------------,
`
`13
`
`cryptographic
`processes
`
`watermark
`processes
`
`14
`
`main
`processes
`
`15
`
`web server
`
`L_
`
`_ _____ _J
`
`I
`L-1
`I
`I
`I
`I
`
`World Wide Web
`
`Fig. 3
`
`D
`
`client compute
`
`3
`· · ---~--java-app1er- ---:
`~---------------J
`
`MobileIron, Inc., Ex. 1017 - Page 005
`
`

`

`U.S. Patent
`
`Jul. 18, 2006
`
`Sheet 4 of 8
`
`US 7,079,649 Bl
`
`Web server 1
`
`Client 3
`
`'
`' 1
`HTTP request for web page
`S1~1 :-----------------------------~-----
`
`52r : ------~-re~p~ly~:_H_T_M_L_c_o_d~e_fo_r_w_e~bp~a~g~e------~>i
`
`I
`
`HTTP request for gif. file
`s~·~--------------------------------~
`
`I
`I
`I
`
`S4:
`
`binary data
`
`request for applet
`$~--------------------------------~
`
`Fig. 5
`
`download applet bytecodes
`
`BTC file request
`
`I
`
`s6 I
`
`I
`I
`I
`
`S?,
`
`I
`I
`
`I
`
`s~
`' I
`s9, authentication
`
`I
`
`I >'
`
`run applet
`
`I
`I
`I
`I
`I
`
`s1:0 prepare BTC file for downloading
`
`s1~!1------~-d_o_w_n_lo_a_d_B_T~C~fl~le:__ ____________ ~;.
`
`I
`
`'
`process BTC file
`
`MobileIron, Inc., Ex. 1017 - Page 006
`
`

`

`U.S. Patent
`
`Jul. 18, 2006
`
`Sheet 5 of 8
`
`US 7,079,649 Bl
`
`step S 10
`
`510.1
`
`get file
`
`\J
`
`510.2
`
`watermark file
`
`\ I
`
`510.3
`
`hash with algorithm HE
`& key KH
`
`Fig. 6
`
`'I
`
`510.4
`
`encrypt with algorithm
`EA& key KE
`
`' 'I
`
`510.5
`
`wrap file
`
`\ I
`
`go to step 511
`
`MobileIron, Inc., Ex. 1017 - Page 007
`
`

`

`U.S. Patent
`
`Jul. 18, 2006
`
`Sheet 6 of 8
`
`US 7,079,649 Bl
`
`BTC file format
`
`header information
`
`embedded file information
`
`\
`
`EF
`
`step S 10.5
`
`put into header:
`1. version number
`2. specific control options (Cl)
`
`S10.5.1
`
`Fig. 7
`
`~
`
`generate HV
`head
`using HA& HK
`head
`
`~
`
`& HV
`head
`
`put HK
`head
`into header
`
`i
`
`S10.5.2
`
`S10.5.3
`
`write watermarked and encrypted
`file into EF (Fig. 7)
`
`S10.5.4
`
`t
`
`write HV
`embedded
`and HK
`embedded
`to EF (Fig. 7)
`
`S10.5.5
`
`Fig. 8
`
`MobileIron, Inc., Ex. 1017 - Page 008
`
`

`

`U.S. Patent
`
`Jul. 18, 2006
`
`Sheet 7 of 8
`
`US 7,079,649 Bl
`
`Fig. 9
`
`step S 12
`
`generate HV
`
`head'
`using HA & HK
`head
`
`N
`
`N
`
`S12.1
`
`S12.2
`
`S12.4
`
`decrypt embedded file
`using EA & KE
`
`S12.5
`
`generate HV
`embedded'
`using HA & HK
`embedded
`
`N
`
`y
`
`S12.6
`
`S12.7
`
`S12.3
`
`display error
`banner
`
`display file
`
`S12.8
`
`MobileIron, Inc., Ex. 1017 - Page 009
`
`

`

`U.S. Patent
`
`Jul. 18, 2006
`
`Sheet 8 of 8
`
`US 7,079,649 Bl
`
`Registration
`Web server 1
`
`Client 3
`
`' R1 :~'------in_it_ia_la_c_ce_s_s ________ ~
`
`I
`
`R~
`
`I
`
`' R2~:-----s_u~pp~ly~d_o~g~ta~g~C_D--=by~m_a_i_I ---->~:
`' I
`execute Dogtag
`to pro"·de MID
`upload MID
`R~-----------------
`RS Embed individual cryptographic key
`: and MID in applet
`download applet bytecodes
`R~
`
`Fig. 10
`
`Ri
`
`I
`
`Authentication
`Web server 1
`
`I
`
`01 ;
`' ' 02:
`
`' '
`Store appl~t in client
`'
`
`Client 3
`
`use dogtag to compute current MID
`'
`compare current Ml~ with version on hard disk
`
`If current MID=stoted MID, upload to server
`
`I
`
`I
`I
`I
`
`'
`generate random number
`ch~llenge = RAND
`download RAND
`.
`04 ,....' __ ____ __ _______ _ __;::;.,
`
`I
`
`'
`05 generate RESPONSE'
`
`I
`I
`
`I
`I
`I
`I
`g~nerate RESPONSE
`
`I
`
`OS --=:i<::-------u...!.p_lo_a_d_R_E_S_P_O_N..;;.S..;:E ____ __,
`
`I
`
`07:
`
`I
`
`'
`successful authentication if RESPONSE = RESPqNSE'
`
`I
`
`Fig. 11
`
`MobileIron, Inc., Ex. 1017 - Page 010
`
`

`

`US 7,079,649 Bl
`
`1
`COPY PROTECTION OF DATA
`
`BACKGROUND OF THE INVENTION
`
`2
`and rendering the cryptographically protected data in an
`unprotected form suitable for presentation to the user, the
`program object being operative such that no, or restricted,
`copy or save functions are offered to the user in respect of
`the downloaded data in its unprotected form.
`The invention has particular but not exclusive application
`to downloading data over a network such as the World Wide
`Web, but is also applicable to LANs, WANs and to distri(cid:173)
`bution of data using long term storage media such as 3.5"
`10 floppy discs or CD-ROM based technology.
`The method of the invention may be used with a conven(cid:173)
`tional browser.
`A message concerning a webpage may be downloaded
`from the server to the client, the message including infor-
`15 mation concerning the program object, such that a request is
`then uploaded to the server in response to the message, in
`order to retrieve the program object. The webpage may be
`written in HTML code. The program object may comprise a
`Java applet although the invention envisages the use of other
`20 program objects such as Active X or OLE.
`As a result of processing a Java applet, the usual copy and
`save functions will not be presented to the user, thereby
`providing security in respect of the unprotected data pre(cid:173)
`sented to the user.
`The data presented may comprise text, graphics, pictures,
`audio or any other suitable form.
`The program object may include data concerning a cryp(cid:173)
`tographic key, which can then be used to render the down(cid:173)
`loaded cryptographically protected data into an unprotected
`form suitable for presentation to the user.
`An authentication procedure may be employed to ensure
`that the cryptographically protected data is only downloaded
`to an authenticated client. The authentication process may be
`performed by reference to a payment scheme, to enable a
`royalty to be collected in respect of the downloaded, cryp(cid:173)
`tographically protected data.
`It will be understood that no copy protection scheme can
`ever be completely successful, because when data is pre(cid:173)
`sented to users, they will have the opportunity to copy it.
`However in accordance with the invention the effort
`required to break the protection scheme provided by the
`inventive method may be significantly greater than the
`payment of a monetary sum to permit use of the protected
`data, thereby reducing the risk to the owner of the data
`releasing it through the World Wide Web or other open
`access networks.
`The downloaded data may be steganographically marked,
`for example with a digital watermark. When the identity of
`50 the client is known, the watermark may include the client
`identity, in order to provide additional security in the event
`that fraudulent copies are made by the user.
`The invention also includes a server configured to per(cid:173)
`form the inventive method.
`The invention furthermore includes a method of down(cid:173)
`loading encrypted data from a server to a client, including:
`registering the client with the server by determining a
`machine identifier of the client by analysing its hardware
`and/or its software configuration, transmitting the machine
`identifier to the server, combining the transmitted machine
`identifier with a cryptographic key to form a unique deter(cid:173)
`minator for the client, and transmitting the unique determi(cid:173)
`nator to the client, to be stored therein for use subsequently
`in identifying the client to the server, to permit encrypted
`data to be downloaded thereto from the server; subsequently
`identifying the client to the server on the basis of the unique
`determinator; and then downloading data encrypted by
`
`1. Field of the Invention
`This invention relates to protecting data against copying
`and has particular application to protecting data transmitted
`through a network, such as hypermedia transmitted over a
`web-based network.
`2. Related Art
`It is known that data in the form of hypermedia such as
`hypertext, is often written in the hypertext language HTML
`and arranged in webpages that are provided by a server
`connected through a network to a client. The client may
`comprise a personal computer or other processing device
`capable of presenting the data retrieved from the server to a
`user. The network may comprise a local area network
`(LAN), a wide area network (WAN) or may comprise the
`Internet. For example, the World Wide Web comprises many
`servers connected over the Internet in a web, which have
`addresses in the form of universal resource locators (URL).
`The hypertext information is arranged in webpages which
`include hotspots to allow the user to establish a link to
`another webpage, which may be located on the same or a
`different server, the routing to the document being achieved 25
`by use of a URL in the webpage at the hotspot.
`Web clients typically access the hypermedia information
`using a browser. An overview of the World Wide Web and
`HTML is given in Chapter 1 of "HTML 3.2 and CGI
`Unleashed" J. December and M. Ginsberg 1996 (ISBN 30
`1-57521-177-7).
`As well known in the art, HTML webpages can display
`text, graphics and files of other descriptions such as video
`images, animated graphics and audio samples. Hypermedia
`have the significant advantage that the client can rapidly 35
`transfer viewing from one document to another by using a
`mouse to click on hotspots in the document, permitting the
`user to transfer from one web site to another, which may be
`at different physical locations.
`The individual works which are displayed on the HTML 40
`pages may be copyright works. Because of the ease with
`which the copyright work may be viewed, transmitted and
`copied on the web, it is difficult for a copyright owner to
`enforce its copyright. For example, when a graphics file has
`been downloaded to a client, it may be readily copied onto 45
`the hard disc of a client's computer and replicated many
`times digitally, with no significant degradation from copy to
`copy.
`
`SUMMARY OF THE INVENTION
`
`With a view to overcoming this problem, the invention
`provides a method of copy protecting data sent from a server
`to a client for presentation to a user, comprising: crypto(cid:173)
`graphically protecting the data; sending the cryptographi- 55
`cally protected data to the client; and selectively controlling
`copying functions of the client in respect of the data whilst
`the data is being held by the client in a form suitable for
`presentation to the user.
`The data may be cryptographically protected by encryp- 60
`tion and/or by an integrity checking procedure such as
`hashing.
`More specifically, the method according to the invention
`may include downloading a program object to the client,
`running the program object on the client such that a request 65
`is uploaded to the server for a file containing the crypto(cid:173)
`graphically protected data, downloading the file to the client,
`
`MobileIron, Inc., Ex. 1017 - Page 011
`
`

`

`US 7,079,649 Bl
`
`3
`means of the cryptographic key to the identified client, for
`decryption by the client using the key from the unique
`determinator.
`The downloaded data can be decrypted at the client using
`the key from the unique determinator.
`The client may be identified to the server by again
`determining the machine identifier for the client, comparing
`it with the machine identifier included in said unique deter(cid:173)
`minator, and signalling to the server on the basis of the
`outcome of the comparison.
`The client may be authenicated by the server prior to
`downloading the encrypted data. This may be carried out by
`generating a challenge, generating a response as a predeter(cid:173)
`mined cryptographic function of the cryptographic key for
`the client as held by the server, and as a function of the key 15
`included in the unique determinator stored in the client, and
`authenticating the client on the basis of the outcome of the
`comparison.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`4
`The client 3 runs a browser which receives the HTML
`documents from the web server 1 and displays them on the
`display of the computer. In this example, the browser is Java
`aware i.e. can interpret Java bytecodes received from the
`server. More particularly, as known in the art, when the
`HTML document includes a so-called Java applet tag, the
`server downloads a corresponding applet, consisting of Java
`bytecodes, which are interpreted and run by the browser.
`Typically, the downloaded Java applet allows interactivity
`10 between the user of the computer 3 and the displayed image.
`For further information, reference is directed to "HTML 3.2
`and CGI Unleashed", supra, Chapter 18.
`An example of the screen display of an HTML webpage
`is shown in FIG. 2. The display is provided within a window
`4 presented by the browser. Examples of a suitable browser
`are the Microsoft Internet Explorer 3.1 and the Netscape
`Navigator. The browser includes a number of conventional
`controls which are operated by clicking on a mouse, in the
`usual way. For example, the browser includes a print button
`20 5 which allows a screen print to be produced of the entire
`page shown within the browser window 4. Also, the browser
`includes a control, shown schematically at 6, with a drop(cid:173)
`down menu option "view source", which allows a display to
`be provided of the actual HTML code which is being run.
`A page 7 is shown within the window 4 of the browser.
`The page is defined by a sequence of lines of HTML code
`which specify the text and layout provided on the page. Also,
`the code specifies areas which receive graphical, image data
`or other data that is downloaded in separate files which have
`a predetermined tag. In this example a graphics file with a
`tag "gif' is displayed. The HTML code causes the gif file to
`be displayed within the pre-defined area of the page. Thus,
`in the page 7, the gif file is displayed in region 8 defined by
`the downloaded HTML code. An example of the code for the
`gif file is shown in Code Extract No. 1, below.
`
`In order that the invention may be more fully understood
`an example will now be described with reference to the
`accompanying drawings, in which:
`FIG. 1 is a schematic illustration of a conventional client 25
`and server connected through the World Wide Web;
`FIG. 2 is a schematic illustration of a conventional display
`provided by a web browser on the client 3;
`FIG. 3 is a schematic illustration of a web server 1
`connected to a client 3 through the World Wide Web 2, in 30
`accordance with the invention;
`FIG. 4 is a schematic illustration of the display of a web
`browser in accordance with the invention;
`FIG. 5 is a schematic illustration of data flows between
`the client and server in accordance with an example of the 35
`invention;
`FIG. 6 is a schematic flow diagram associated with step
`SlO of FIG. 5;
`FIG. 7 is a schematic illustration of the BT copyright
`(BTC) file structure;
`FIG. 8 is a flow chart showing in detail the actions carried
`out during the wrapping step 10.5 of FIG. 6;
`FIG. 9 is a schematic flow diagram associated with step
`S12 of FIG. 5;
`FIG. 10 is a schematic illustration of data flows associated
`with a procedure for registering a client with the server; and
`FIG. 11 is a schematic illustration of authentication,
`subsequent to registration according to FIG. 10, correspond(cid:173)
`ing to step S9 of FIG. 5.
`
`Code Extract No. 1
`
`40
`
`CEl.1
`CEl.2
`CEl.3
`CEl.4
`CEl.5
`CE! 6
`45 CE1:7
`CEl.8
`CEl.9
`CEl.10
`CEl.11
`CEl.12
`50 CEl.13
`
`<HTML>
`
`<HEAD><TITLE>Company X's Homepage</TITLE></HEAD>
`
`<BODY>
`Welcome to Company X's Homepage
`
`<IMG ALIGN~middle SRC~"a_graphic.gif'><P>
`
`<A HREF~"another.html">link to another web page</ A>
`</BODY>
`
`</HTML>
`
`DETAILED DESCRIPTION
`
`An example of the invention will now be described in
`relation to the World Wide Web (WWW). As is well known,
`a page of information on a web server is identified on the
`web by means of an individual URL so that it can be
`accessed by a browser running on a client computer. Refer(cid:173)
`ring to FIG. 1, a web server 1 is connected through the World
`Wide Web 2, to a client computer in the form of a PC 3.
`HTML webpages can be downloaded to the client computer
`3 from the web server 1, to be displayed to the user of the
`client computer 3. The HTML document may include links
`to other HTML pages on the same or a different web server,
`in a manner well known per se. The HTML webpages may 65
`also include embedded objects such as graphics, images and
`the like.
`
`If the user clicks the computer's mouse in the area of the
`displayed image 8, using the right mouse button, a drop-
`55 down menu 9 is displayed which gives the user options
`including "save", to save the digital data corresponding to
`the gif file to the computer's hard disc or to some other
`storage location, and also the option to print, using a printer
`connected to the computer 3 (not shown). Thus, the user of
`60 computer 3 can make a copy of the digital data which
`comprises the graphics displayed in region 8 and the data
`can then be forwarded to other locations in an unrestricted
`manner. Because the data is recorded in digital form, it can
`be replicated many times without degradation of image
`quality.
`Also, the entire page 7, including the graphics display 8,
`can be printed using the browser print button 5. However,
`
`MobileIron, Inc., Ex. 1017 - Page 012
`
`

`

`US 7,079,649 Bl
`
`5
`the printed image quality can only at best be of that
`displayed on the screen of the computer. The printed image
`will be in the analogue domain so any processes that return
`the image to the digital domain will only further reduce the
`quality.
`The displayed HTML page 7 also includes a hotspot 10.
`When the computer's mouse is clicked on the hotspot, a link
`is established to another webpage, which is then displayed
`within the window 4. The HTML code associated with the
`hotspot 10 includes a URL in order to establish the link to
`another webpage, in a manner well known per se.
`As is well known in the art, HTML code can also include
`a Java applet. This consists of a programming object which
`is downloaded from the server 1, that can be run locally,
`within the browser 4. An applet is specified in HTML by a
`code tag-applet as will be described hereinafter. When the
`HTML interpreter in the browser encounters such a tag in a
`webpage, it refers back to the web server, which then
`downloads Java bytecodes to the browser. Typically, applets
`are used to display animated graphic symbols in a webpage,
`although many other applications can be provided, as well
`known to those skilled in the art. The location and size of the
`applet display is determined by instructions in lines of the
`HTML code.
`If the user clicks the right mouse button on the data 25
`displayed by running the applet, no drop-down menu is
`
`6
`At step Sl the client 3 uploads a request to the server 1 for
`details of a webpage. The request comprises a conventional
`hypertext file transfer protocol (HTTP) page request. The
`server then, at step S2, gets the page, or constructs it "on the
`fly" and downloads the HTML code corresponding to the
`page, to the client 3 through the World Wide Web (WWW)
`2. In the usual way, the HTML code includes references for
`images, graphics, sound bytes and the like and in response
`10 to such codes, the server will upload HTTP requests for
`corresponding files to be displayed in the webpage. For
`example, referring to the webpage 7 shown in FIG. 4, it
`includes a graphical image 11 constituted by a gif file. In
`order to obtain the data for the display 11, an HTTP request
`15 is uploaded at step S3 to the server, and corresponding
`binary graphical data is downloaded at step S4. This data is
`then displayed in region 11 of the page 7 shown in FIG. 4.
`However, this data is not copyright protected because the
`user can save and copy it using the right mouse button as
`previously explained with reference to FIG. 2.
`However, in accordance with the invention, region 12 of
`the displayed page 7 is copyright protected. The HTML code
`associated with the page 7 of FIG. 4 is shown in Code
`Extract No. 2, below, and references an applet Al at line
`CE2.8.
`
`20
`
`Code Extract No. 2
`
`<HTML>
`
`<HEAD><TITLE>Company X's Homepage</TITLE></HEAD>
`
`CE2.1
`CE2.2
`CE2.3
`CE2.4
`<BODY>
`CE2.5
`CE2.6 Welcome to Company X's Homepage with added copyright protection
`CE2.7
`<APPLET CODE~BTCBrowserApplet.class WIDTH~200 HEIGHT~150>
`CE2.8
`<PARAM NAME~ file VALUE~"a_graphic.gif'>
`CE2.9
`</APPLET>
`CE2.10
`CE2.11 <IMG SRC~"another_graphic.gif'><P>
`CE2.12
`CE2.13
`CE2.14
`CE2.15
`CE2.16
`
`<A HREF~"another.html">link to another web page</ A>
`</BODY>
`
`</HTML>
`
`provided corresponding to the menu 9 shown in FIG. 2. The
`user can use the view-source button 6 to display the lines of
`code which make up the HTML page being displayed, but
`this does not reveal the data that is displayed when the applet
`is run by the browser. The Java interpreter can display gif
`files when running an applet, within the applet, although
`normally, gif files are downloaded directly into the webpage
`because it is not normally necessary to process them in terms
`of Java bytecodes.
`The present invention provides a method by which data
`can be downloaded to the webpage in a secure manner, and
`cannot be saved or copied whilst being displayed without
`significant fraudulent effort.
`An example of a downloading process in accordance with 60
`the invention will now be described in more detail with
`reference to FIGS. 3, 4 and 5. In this example, a webpage
`containing copyright protected image data is downloaded
`from the server 1 to client computer 3 through the World
`Wide Web 2. The resulting display in the browser 4 is shown
`in FIG. 4 and the processing steps are shown in more detail
`in FIG. 5.
`
`The Java bytecodes for running the applet are downloaded
`to the client from the server 1 to the client 3 at step S6 in
`FIG. 5. The applet Al is then run on the client, using the Java
`50 interpreter within the browser, in order to prepare the
`browser to receive data to be displayed in region 12 of the
`webpage, downloaded from the server.
`The data to be displayed in region 12 is cryptographically
`55 protected so that it cannot be readily deciphered, by moni(cid:173)
`toring the downloaded signals. In this example, the crypto(cid:173)
`graphic protection includes encryption of the downloaded
`data together with hashing, as will be explained in more
`detail hereinafter.
`The applet Al allows the downloaded file to be decrypted
`and checked for integrity i.e. hash verified. More specifi(cid:173)
`cally, the applet Al includes the following: a hashing
`algorithm HA, a master hashing key KMH' an encryption
`65 algorithm EA, an encryption key KE and a BTC file request.
`As used herein, the term BTC refers to a file of copyright
`protected data, for display at the browser.
`
`MobileIron, Inc., Ex. 1017 - Page 013
`
`

`

`US 7,079,649 Bl
`
`7
`The applet Al is run at step S7 on the client computer 3
`and at step SS, the applet causes a BTC file request to be
`uploaded to the server 1.
`At step S9, the server performs an authentication step in
`order to determine whether it is safe to download the 5
`requested BTC file to the client. The authentication may be
`carried out in a number of different ways. For example, the
`server may only download the file if the client has made a
`payment, so as to allow the owner of the copyright of the
`BTC file to collect a royalty for the act of viewing the file. 10
`A micropayment scheme for this purpose is described in our
`co-pending patent application No. GB 9624127.8 entitled
`Transaction System. Alternatively, the client 3 may be
`known to the server in respect of some other service being
`provided, for example an Internet home shopping scheme, 15
`and the client's credentials may be authenticated by means
`of procedures already in use for the service.
`Assuming that the client 3 passes the authentication step
`S9, the server then, at step SlO, prepares the BTC file for
`downloading to the client 3.
`The step SlO is shown in more detail in FIG. 6. At step
`Sl0.1 the relevant data is fetched. This may comprise
`graphics data, audio, video, text or an other appropriate data
`format.
`At step Sl0.2, the data is watermarked. This may involve 25
`changing some of the bits in the data stream so as to record
`a pattern which is imperceptible in the image displayed by
`the browser 4, when the data is downloaded to the client.
`Watermarking is a well known example of a technique
`termed steganography. For a general review of this tech- 30
`nique and digital watermarks, reference is directed to "Dis(cid:173)
`appearing Cryptography", P. Wayner, Academic Press 1996
`(ISBN 0-12-738671-8). Watermarking gives additional
`security in the event the protected data is copied, because
`knowledge of the source of copying can be determined from 35
`the watermark. Thus, if the authentication step (step S9)
`provides the server with a particular identity for the client,
`the identity may be watermarked at step Sl0.2 into the data.
`At step Sl0.3, the watermarked data is hashed at the
`server, using a copy of the hashing algorithm HA that was 40
`downloaded in applet Al and a file-specific session hashing
`key KsH The hashing process consists of using the algo(cid:173)
`rithm HA and the key KsH together with the data bits of the
`encrypted data, to form additional bits HY, in the manner of
`parity bits, that are added to the data string. The hashing 45
`ensures that sections of data are not removed and replaced
`by others, in order to ensure that for example a command
`"pay U$1" is not changed to "pay US$100". A suitable form
`of hashing algorithm is SHA which is described in more
`detail in National Institute of Standards and Technology, 50
`Federal Information Processing Standards Publication 180-1
`(NIST PIPS PUB 180-1) SECURE HASH STANDARD.
`As step Sl0.4 the data is encrypted at the server 1, using
`a copy of the algorithm EA and the key KE which were
`downloaded previously to the client, in the Java bytecodes 55
`of applet Al. An example of an encryption algorithm is the
`DES algorithm and reference is directed to the National
`Institute of Standards and Technology, Federal Information
`Processing Standards Publication 46-2 (NIST PIPS PUB
`46-2) DATA ENCRYPTION STANDARD (DES). The 60
`encryption algorithm AE is actually a pair of algorithms, one
`of which is used to encrypt and the other to decrypt. It will
`be understood that the key KE is changed periodically as is
`known to be good practice in the art.
`Then the resulting file, at step Sl0.5 is wrapped in a 65
`proprietary BTC file format which itself includes additional
`cryptographic protection techniques.
`
`8
`The proprietary BTC file format is shown in FIG. 7. The
`BTC file format comprises header information H, and an
`embedded file EF. The processing performed at step Sl0.5 is
`shown in more detail in FIG. 8.
`The BTC file in step Sl0.5 is generated as follows. In step
`Sl0.5.1 partial information for the header H is generated.
`This comprises a version number for the file format, and any
`specific copyright protection control information CI for the
`file.
`In step Sl0.5.2 the integrity of all of this information is
`protected by generating a hash value HV head using a hashing
`key HKhead·
`In step Sl0.5.3 the hashing key used on the header
`HKhead' and the generated hash value HVhead are both
`appended to the header H, so as to complete it.
`In step Sl0.5.4 the watermarked, and encrypted file
`generated in step Sl0.4 is appended to the header H to form
`part of the embedded file EF in FIG. 7.
`In step Sl0.5.5 information which describes the hashing
`20 that was performed in step Sl0.3 is appended to the file EF.
`This information comprises the specific session hashing key
`KsH used on the embedded file hereinafter referred to as
`HKembedded and the hash value HV generated in step Sl0.3
`hereinafter referred to as HVembedded· This completes the
`BTC file.
`At step Sll (FIG. 5) the BTC file is downloaded t