000001
`
`Symantec 1007
`IPR of U.S. Pat. No. 7,757,298
`
`

`
`U.S. Patent
`
`Apr. 13, 1999
`
`Sheet 1 of 6
`
`5,893,910
`
`r_—.._-..__ . _ _ - . . _ _ — . -_-.-- _ _ _ _ . _ . _ _ — _----—
`
`IIIIIIIIIIIIIIIIIIIIIIIIIIIIIII I
`
`I
`
`ADMIN.
`
`DATABASE
`
`COMMUNICATIONS
`EQUIPMENT
`
`
`
`KEYBOARD
`
` MOUSE, ETC.
`
`
`DISPLA Y
`
`
`
`EQUIPMENT 106
`
`COMMUNICATIONS
`
`COMPUTER
`
`0 O O V)I1127§N (DP!I§5 0 0 0
`
`107
`
`Fig. 1
`
`000002
`
`000002
`
`

`
`U.S. Patent
`
`Apr. 13, 1999
`
`Sheet 2 of 6
`
`5,893,910
`
` SET ALGORITHM
`
`T0 " a (O "
`
`301
`
`
`
`OBTAIN CURRENT
`
`ALGORITHM
`
`
`APPLY ALGORITHM
`
`Looxurxamnm
`
`
`RESULT AN
`
`ALGORITHM
`
`
`
`305
`
`SET FILE ID
`SET ALGORITHM
`
`TO RESULT
`NAME TO RESULT
`
`
`
`
`
`
`ALL FILES
`
`PROCESSED ?
`
`OBTAIN ID
`
`F°“F"E
`
`OBTAIN TEXT
`FOR FILE ID
`
`RECORD OR
`DISPLAY TEXT
`
` PICK A FILE
`TO FILE
`ON SERVER
`NAME ?
`
`Fig.2
`
`
`
`Fig.3
`
`000003
`
`000003
`
`

`
`U.S. Patent
`
`Apr. 13, 1999
`
`Sheet 3 of 6
`
`5,893,910
`
`500
`
`READ NEXT
`
`REQUEST
`
`ADMINISTRATIVE
`REQUEST?
`
`
`50]
`
`
`
`ITEM IN
`ADMINISTRATIVE
`DATABASE '.’
`
`
`
`
`
`TRIED TOO
`
`
`
`
`MANY FILES ?
`
`
`PROCESS
`NORMALLY
`
`503
`
`CHECK
`PASSWORD
`
`REPLY
`RECEIVED
`
`505
`
`
`
`
`
`
`STORE IT IN
`ADMINISTRATIVE
`DATABASE
`
`
`
`
`
`UPDATE SERVER
`RESPONSE TIMES
`
`Fig.4 I
`
`Fig.5
`
`000004
`
`000004
`
`

`
`U.S. Patent
`
`Apr. 13, 1999
`
`Sheet 4 of 6
`
`5,893,910
`
`0
`
`600
`
`601
`
`CANDIDATES
`
`RETRIEVE
`RESULT
`
`COMPUTE
`
`602
`
`603
`
`<2
`
`RETURN
`
`MATCHES
`
`605
`
`
`
`
`
`SELECT OR
`
`
`
`
`
`COMPUTE NEW
`ALGORITHM
`
`606
`
`607
`
`RETURN
`ALGORYTHM
`
`NAME
`
`Fig.6
`
`000005
`
`000005
`
`

`
`U.S. Patent
`
`Apr. 13, 1999
`
`Sheet 5 of 6
`
`5,893,910
`
` 700
`
`ALL THIS
`PROCESSED ?
`
`900
`
`CHECK ORDER
`
`FOR CONSISTENCY
`
` MATCHES
`STORED ID ?
`
`704
`
`705
`
`FLAG FILE
`FOR ATTENTION
`
`
`
`Fig. 7
`
`Fig.9
`
`000006
`
`
`
`
`ALL
`
`IN ORDER ?
`
`901
`
`903
`
`905
`
`GENERATE
`RECEIPT
`
`RETURN
`RECEIPT
`
`
`
`000006
`
`

`
`U.S. Patent
`
`Apr. 13, 1999
`
`Sheet 6 of 6
`
`5,893,910
`
`0
`
`800
`
`801
`
`802
`
`803
`
`OBTAIN TERMS
`FROM SERVER
`
`PRESENT TERMS
`T0 USER
`
`CONFIRMATION
`
`OBTAIN ORDER
`FROM USER
`
`REQUEST
`
`ox T0
`PROCEED 2
`
`3“
`
`ASSIGN CLIENT
`TRACKING NUMBER
`
`SEND TO SERVER
`OBTAIN RECEIPT
`
`PRESENT RESULT
`TO USER
`
`805
`
`806
`
`807
`
`
`
`TRANSACTION
`SUCCEEDED
`
`808
`
`809
`
`
`
`Fig.8
`
`’
`
`
`
`STORE RECEIPT
`IN ADMINISTRATIVE
`DATABASE
`
`
`
`
`OOOOO7
`
`000007
`
`

`
`5,893,910
`
`1
`METHOD AND APPARATUS FOR
`ESTABLISHING THE LEGITIMACY OF USE
`OF A BLOCK OF DIGITALLY
`REPRESENTED INFORMATION
`
`FIELD OF THE INVENTION
`
`This invention relates to the identification of the contents
`and ownership of digitally represented documents and other
`computer files. and the terms under which such files may be
`used; and the facilitation of appropriate administrative
`action on the basis of this information.
`
`10
`
`BACKGROUND OF THE INVENTION
`
`Almost any kind of information can be represented digi-
`tally as a computer file. Once so represented. this informa-
`tion becomes extremely easy to duplicate and transmit. This
`can be perceived as problematic for the owners of the
`information. who may wish to charge copying or licensing
`fees for the use of the material represented.
`In the case that the digital document is a piece of software.
`prior approaches to the problem have often depended on
`modifications to the operation of the software itself that
`check for some evidence that the terms of the license have
`been met. Prior approaches of more general applicability
`attempt
`to restrict access to digital documents through
`encryption or the imposition of access controls in the
`computer systems on which they are represented. These
`solutions share the failing that they either rely on specialized
`hardware or are easy to circumvent by removing the checks
`or re-saving the unprotected document after access has been
`granted. Furthermore. once these measures have been so
`circumvented. or if unprotected versions of documents are
`available from other sources. all protection for the document
`is lost: further unprotected versions of documents may now
`be duplicated and transmitted with case. All such solutions
`also pose a significant inconvenience to the legitimate user
`of the document. since either the process of moving the
`document onto their system or of using it thereafter involves
`the extra step of establishing the right to do so. through the
`presentation of physical evidence of that right. and in some
`cases the special configuration of access management facili-
`ties.
`
`20
`
`25
`
`30
`
`35
`
`The above difliculties and inconveniences generally arise
`from the presumption of an adversarial relationship between
`the producers and the users of digitally represented docu-
`ments.
`
`45
`
`These problems are exacerbated by the fact that digital
`documents may be a priori hard to examine: unless their
`format is known. the steps that must be taken to use them are
`not apparent. Even when the format is known. the means to
`interpret it may not be available. Thus. even when digital
`documents are nominally self-identifying (containing
`embedded bibliographic and licensing information. for
`example). it may not be feasible to read this information.
`Furthermore. the format of a document may simply lack a
`provision for the inclusion of such identifying data. Thus.
`even when the receiver of a digitally represented document
`wishes to comply with the conditions associated with its
`possession or use. it may not be feasible. in the current art.
`to determine what these conditions are.
`
`55
`
`These several difiiculties are especially pronounced when
`the person responsible for assuring compliance with
`licenses.
`the person responsible for acquiring digital
`documents. and the person using them. are distinct. as is
`typically the case in networked computing environments.
`Fortunately. in such environments there is typically no such
`
`65
`
`2
`
`need to assume an adversarial relationship between docu-
`ment producers and the person charged with assuring com-
`pliance with licenses.
`Thus there is a clear need for a system that informs users
`of the conditions associated with the duplication or use of a
`digital document that does not rely on the user having
`specialized hardware or on the particular representation of
`the document or the means by which it is usually processed.
`It can presume upon the co-operation of its user. if not of that
`of all users of the computing system on which it
`is
`employed.
`
`SUMMARY OF THE INVENTION
`
`As embodied and broadly described herein. the invention
`provides a system for supplying status data relative to a
`block of digitally represented information (by “block of
`digitally represented information” is meant binary data. such
`text file. a graphic file. sound recording file. software file
`directing the computer to perform a specific task or a
`combination thereof) stored on a computer. said system
`comprising:
`data processing means. including:
`a) memory means (for the purpose of this specification
`“memory means” is intended to designate an agency
`in which can be stored information. Examples
`include: magnetic media (hard disks. tapes. or flex-
`ible disks). optically read media (CD-ROM disks) or
`semiconductor memory (DRAM. SRAM. EEPROM
`etc.)
`b) means for receiving an identification code generated
`by the computer. the identification code being rep-
`resentative of the contents of the block of digitally
`represented information relative to other blocks of
`digital data also residing on the computer;
`c) said memory means containing a table (the expres-
`sion “table” is used in a general sense to indicate an
`orderly arrangement of data. that creates a relation-
`ship between individual data elements) establishing
`a correlation between possible identification codes
`that said data processing means is susceptible to
`receive and status data associated with each identi-
`fication code;
`d) means for generating either one of:
`i) status data in the event of a match between the
`identification code generated by the computer and
`an identification code stored in said table; and
`ii) data in the event of an inexact match for allowing
`the computer to produce a new identification code
`for the block of digitally represented information;
`and
`iii) data indicative of a no match condition between
`the identification code generated by the computer
`and an identification code stored in said table.
`In a most preferred embodiment. the system can be set up
`to notify individual users (or system administrators in the
`case of networked computer environments) whether one or
`more files residing on the computer of a user are being
`utilized in a legitimate manner. The user's computer is
`designed to remotely interrogate the above defined system.
`that can be in the form of a server. to obtain licensing
`information about one or more files in the user’s possession.
`That licensing information assists the user to ensure com-
`pliance with copyright laws and avoid illegal use of digitally
`recorded information.
`
`The server can be viewed as a depository of file material
`that is susceptible to reside on the user’s computer. For
`instance. software vendors deposit information about their
`
`000008
`
`000008
`
`

`
`5,893,910
`
`3
`
`products in a database administered by the server. When the
`user’s computer issues an information request about a par-
`ticular file. say a software file.
`the server consults the
`database to locate a corresponding entry. Assuming that a
`listing for the file exists. the information relative to the
`ownership and right
`to use is transmitted to the user’s
`computer. It is also possible to transmit additional data that
`can be of commercial nature. such as information about
`upgrades that the vendor is making available to the public.
`or information about amnesty clauses allowing a delinquent
`user to regularize his possession of the file.
`For reasons of privacy and to enhance performance of the
`transactions between the user’s computer and the server.
`entire files are not exchanged. Rather. an identifier. much
`shorter than the volume of the actual file. is sent by the user's
`computer to the server. Difierent identifiers may used allow-
`ing to characterize the contents of the file to various levels
`of distinctiveness. More preferably. the identifier substan-
`tially uniquely represents the file with relation to other files
`residing on the user’s computer. Most preferably. the iden-
`tifer provides a file signature unique among all the comput-
`ers that may be connected to the server. This approach is
`suitable if a one-step identification of the file is desired.
`In a variant. a multiple step approach is implemented. In
`such case. an identifier having a low level of discriminability
`is generated first. This is done to distinguish between groups
`of files. say software files (programs that direct the computer
`to perform a certain task) and data files (on which the
`software files may perform operations). Once this prelimi-
`nary characterization step has been completed. a new iden-
`tifier is generated to provide a unique or substantially unique
`file signature. This could be implemented as follows. When
`the server has received the low level discrimination
`identifier. it selects a new algorithm with which the file
`should be re-processed to generate the unique file signature.
`The selection can be made by table look-up or any other
`similar method of selection that depends upon pre-
`established criteria. The server then sends to the user’s
`computer data indicative of the algorithm to employ for
`re-processing the file. In a specific example. the algorithm
`identifer consists of two parts: (a) a fixed part from a
`predetermined list and (b) a sequence of parameters whose
`interpretation depends on the fixed part. and whose values
`influence the process and the result of the computation. For
`example the fixed part might specify the use of a Cyclic
`Redundancy Check (CRC) strategy; the variable part might
`then specify the particular irreducible polynomial to be used
`in the CRC according to a suitable encoding. Once the user’s
`computer receives the algorithm data it re-processes the file
`with the algorithm specified by the server. generates a new
`identifer and sends it to the server. The above operation
`assumes that the user’s system contains a set of algorithms
`among which the server can choose to direct the file iden-
`tification process.
`This iterative method is more elaborate than the one-step
`approach. however. it presents the advantage of better dis-
`crimination. More particularly. the results of the first iden-
`tification pass (the identifier of low discriminability level)
`can be used to select the algorithm to be used for processing
`the file at
`the second identification pass that creates the
`unique file signature. Thus. a very specific algorithm can be
`used at the second stage that is known to provide good
`results for a particular group of files. For instance. different
`algorithms may work better for prose and for code; by
`having the first identification pass simply establish which
`battery of tests to apply on the next pass. overall perfor-
`mance could be improved.
`
`4
`The database of the server contains a table of file identi-
`fiers correlated to licensing information. Once the server
`receives a file identifer from the user’s computer (generated
`either by the single-step or multi-step characterization
`process) it looks in the table to locate a corresponding entry.
`If an entry is found. the licensing information associated
`with this particular file is sent back to the user’s computer.
`In some instances. the file identifier generated by the
`user’s computer may not be suflicient to fully characterize
`the file on which licensing data is sought. Although unlikely.
`it is not impossible that different files may produce the same
`identifier. Take the example of two software vendors selling
`two totally ditferent software packages. that when processed
`with the algorithm used for the one-step characterization
`operation both generate the same identifier. The administra-
`tor of the server should in theory be aware that such a
`potentially ambiguous situation can occur with regard to the
`two particular software packages. Indeed. it is presumed that
`all
`the digitally represented material deposited with the
`server is tested with the algorithms that reside on the user’s
`computers for uniqueness of the file identifiers. thus allow-
`ing the detection of conflicts. In the situation described
`above. when the specific file identifier is received by the
`server. the system is aware of the fact that it cannot deter-
`mine with which software package the identifer is being
`associated. The problem can be resolved by requesting the
`user’s system to issue an additional identifier. more discrimi-
`native than the first one. The same procedure described in
`connexion with a multi-step characterization process is
`followed
`Another additional notion may be involved during a file
`characterization process. that of inexact match. In such case
`an approximative matching technique is deliberately
`adopted to identify modified copies of a protected object (for
`instance text files that have been re-formatted or programme
`files that have had identifying marks erased or modified).
`Here it does not sufiice to check that the file identifiers are
`
`identical; they are unlikely to be identical since the user has
`made modifications to the source file deposited with the
`server. Rather. some mathematical processing is necessary
`to determine which known code or codes are sufiiciently
`similar to the code extracted from the user’s data to be
`deemed a match. This is based on a probabilistic measure
`(even more so than the “substantial uniqueness” of the base
`technique). When using inexact match there may or may not
`be multiple candidate matches. and a second characteriza-
`tion pass may or may not be necessary——unlike the cases
`discussed above where the number of passes is in principle
`predictable in advance.
`The computer of the user also contains a database in
`which the results of previous licensing information requests
`sent to the server are stored along with data indicative of the
`option the user has chosen relative to the licensing rights and
`conditions of use. This feature avoids unnecessary server
`requests. particularly in instances where the file system of
`the user’s computer is unlikely to change much overtime. In
`the event that the user wishes to establish whether a new file
`
`in his possession is proprietary material or not. he initiates
`a server interrogation sequence that consists of generating an
`identifier. sending the identifier to the server and inspecting
`the response. If the response is an algorithm name. a second
`processing pass is made to produce a new identifier. This
`procedure is continued until the server finds a corresponding
`entry in its database or declares the file to be unknown
`(meaning that no information relative to the file has been
`deposited by the owner).
`Assuming that the server has a listing for the file. the
`licensing information is sent to the user’s computer. The
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`45
`
`50
`
`55
`
`65
`
`000009
`
`000009
`
`

`
`5
`
`6
`
`5,893,910
`
`information is presented to the user. who is given a number
`of options. including:
`a) informing the system that everything is in order. i.e. the
`user is of the View that he complies with the software
`licence;
`
`b) deleting the document;
`
`c) making the document temporarily inaccessible. pend-
`ing further administrative action; and
`
`d) with the permission of the document owner regulariz-
`ing the user’s possession and use of the document.
`possibly through registration and the payment of a fee.
`The choice entered by the user is recorded in his computer
`database so the next time the same file is questioned its
`status will be known. In short. the user (or the administrator
`of the system) needs merely to interrogate the local database
`to determine if a file is subjected to licensing conditions and
`whether the user (or system administrator) considers those
`conditions to be met. Requests need to be sent to the server
`for new files only. Note that an existing file whose contents
`have been modified may fall in this category.
`There are instances. however. when it is desirable to issue
`server requests for files even when entries exists in the local
`database. This allows to ensure that the licensing informa-
`tion relative to each file is kept up to date. If this feature is
`desired. the computer of the user is configured to elfect a
`global server request. for each file available in the system. at
`regular intervals. say every month. The entries in the local
`database are then overwritten and replaced with the new
`information issued by the server. Between global requests.
`the computer of the user operates as discussed earlier.
`The invention might typically be used by the administra-
`tors of a time-sharing computer or a network of computers
`in order to perform periodic audits and legal regularization
`of file system contents. Its great advantages lie in:
`(a) its independence of the mechanism of the manner in
`which digitally represented documents arrive on the
`computer system;
`
`10
`
`20
`
`25
`
`30
`
`35
`
`(b) its lack of reliance on special preparation or prior
`marking of the files to be identified;
`(c) the techniques that allow file identification to take
`place without revealing the contents of the user’s file to
`the server or any eavesdroppers on the communications
`channel to the server; and
`(d) its non-adversarial approach.
`As embodied and broadly described herein. the invention
`provides a system for auditing a block of digitally repre-
`sented information to determine legitimate usage of the
`digitally represented information. said system comprising:
`data processing means;
`memory means operatively connected to said data pro-
`cessing means. said memory means storing the block of
`digitally represented information;
`display means operatively connected to said data process-
`ing means;
`
`45
`
`55
`
`said data processing means. providing means for:
`a) processing the block of digitally represented infor-
`mation to generate an identification code represen-
`tative of the contents of the block of digitally rep-
`resented information relative to other blocks of
`
`digital data also residing in said memory means;
`b) transmitting said identification code to a remote
`computer that is capable of generating either one of
`status data and algorithm data;
`c) said processing means being capable of processing
`status data received from the remote computer to
`
`65
`
`generate information on said display means relative
`to a legitimacy of usage of the block of digitally
`represented information;
`d) in response to algorithm data said data processing
`means processing the block of digitally represented
`information according to an algorithm correlated to
`said algorithm data to generate a new identification
`code for transmission to the remote computer.
`As embodied and broadly described herein. the invention
`further provides a method for implementation on a computer
`for establishing a legitimacy of usage of a block of digitally
`stored information residing in a memory. said method com-
`prising the steps of:
`processing the block of digitally stored information to
`generate an identification code representative of the
`contents of the block of digitally represented informa-
`tion relative to other blocks of digital data also residing
`in said memory;
`transmitting said identification code to a remote computer
`containing a table establishing a correlation between a
`plurality of identification codes and status data associ-
`ated with each identification code. said status data
`being indicative of a legitimacy of usage of the block
`of digitally represented data represented by the asso-
`ciated identification code;
`searching said table and generating either one of:
`i) status data in the event of a match between the
`identification code generated by the computer and an
`identification code stored in said table; and
`ii) algorithm data in the event of an inexact match
`between the identification code generated by the
`computer and an identification code stored in said
`table for allowing the computer to produce a new
`identification code for the block of digitally repre-
`sented information; and
`iii) data indicative of a no match condition between the
`identification code generated by the computer and an
`identification code stored in said table.
`As embodied and broadly described herein. the invention
`also provides a method for auditing a block of digitally
`represented information to determine legitimate usage of the
`digitally represented information stored in a memory. said
`method comprising the steps of:
`a) processing the block of digitally represented informa-
`tion to generate an identification code substantially
`uniquely representative of the contents of the block of
`digitally represented information relative to other
`blocks of digital data also residing in said memory
`means;
`
`b) transmitting said identification code to a remote com-
`puter that is capable of generating either one of status
`data and algorithm data;
`c) processing status data received from the remote com-
`puter to generate information on said display means
`relative to a legitimacy of usage of the block of digitally
`represented information;
`d) in response to algorithm data processing the block of
`digitally represented information according to an algo-
`rithm correlated to said algorithm data to generate a
`new identification code for transmission to the remote
`computer.
`As embodied and broadly described herein. the invention
`also provides a machine readable storage medium for direct-
`ing a computer to perform an operation for establishing a
`legitimacy of usage of a block of digitally stored information
`residing in a memory of said computer. said storage medium
`comprising:
`
`000010
`
`000010
`
`

`
`7
`
`8
`
`5.893910
`
`means for directing said computer to process the block of
`digitally stored information to generate an identifica-
`tion code representative of the contents of the block of
`digitally represented information relative to other
`blocks of digital data also residing in said memory;
`means for directing said computer to transmit said block
`of digitally stored information to a remote computer
`containing a table establishing a correlation between a
`plurality identification codes and status data associated
`with each identification code. said status data being
`indicative of a legitimacy of usage of the block of
`digitally represented data represented by the associated
`identification code;
`
`means for directing the computer for searching said table
`for generating either one of:
`i) status data in the event of a match between the
`identification code generated by the computer and an
`identification code stored in said table; and
`ii) algorithm data in the event of an inexact match
`between the identification code generated by the
`computer and an identification code stored in said
`table for allowing the computer to produce a new
`identification code for the block of digitally repre-
`sented information; and
`iii) data indicative of a no match condition between the
`identification code generated by the computer and an
`identification code stored in said table.
`As embodied and broadly described herein. the invention
`further provides a machine readable storage medium for
`directing a computer to audit a block of digitally represented
`information stored in a memory of said computer to deter-
`mine legitimate usage of the digitally represented
`information. said machine readable storage medium com-
`prising:
`a) means for directing said computer to generate an
`identification code representative of the contents of the
`block of digitally represented information relative to
`other blocks of digital data also residing in said
`memory means;
`
`b) means for directing said computer to transmit said
`identification code to a remote computer that is capable
`of generating either one of status data and algorithm
`data;
`
`c) means for directing said computer to process status data
`received from the remote computer to generate infor-
`mation on said display means relative to a legitimacy of
`usage of the block of digitally represented information;
`(1) means for directing said computer to process the block
`of digitally represented information. in response to
`algorithm data received from the remote computer.
`according to an algorithm correlated to said algorithm
`data to generate a new identification code for transmis-
`sion to the remote computer.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`10
`
`20
`
`30
`
`35
`
`45
`
`50
`
`S5
`
`FIG. 1 is a block diagram of a system in accordance with
`the present invention;
`FIG. 2 is a flow chart diagrarnming the overall operation
`of the invention;
`
`FIG. 3 is a flow chart diagramming the overall method for
`obtaining the identification of a stored document;
`FIG. 4 is a flow chart diagramrning the method for
`obtaining information from a server;
`FIG. 5 is a flow chart diagramming the overall operation
`of a server;
`
`65
`
`FIG. 6 is a flow chart diagrarnrning the method by which
`a server processes each client request;
`FIG. 7 is a flow chart depicting an enhancement to the
`system for alerting the user to changes in document status on
`the basis of a stored policy;
`FIG. 8 is a flow chart diagrarnrning a method of offering
`goods and services for sale on the basis of information
`provided by the invention; and
`FIG. 9 is a flow chart diagrarnming the processing tech-
`nique for making and recording such sales.
`DESCRIPTION OF PREFERRED
`EMBODIMENTS
`
`The invention can be presented to its users in a number of
`ways. including (a) as a software package that they employ
`on their computer. (b) as an additional capability of another
`software package. or (c) embedded in a portable device that
`is connected to their computer and/or its file system in order
`to perform an audit. Here we describe only the first such
`mode of presentation; those skilled in the art will readily
`perceive the manner in which it might be adapted to other
`modes.
`
`FIG. 1 shows the equipment on which the present inven-
`tion may be carried out. It consists of a client computer 100
`connected to a file system 101 in which digitally represented
`documents are stored. and an administrative database 111 in
`which the invention stores additional information related to
`these documents and the policies of the client relating to the
`operation of the invention. as described below. The com-
`puter 100 is provided with the means of communicating with
`a user. in the form of a display 102 and mouse and keyboard
`103. and with communications equipment 104 whereby it
`can exchange electronic messages with a plurality of server
`devices 105. 106. 107 etc. The exact physical nature of the
`connection between the communications equipment
`is
`immaterial and may involve telephony. satellite
`communication. coaxial or fibre optic cable etc.. providing
`only that it permits digital message exchange. Each of the
`servers 105 etc. consists of a computer 108 connected to
`communications equipment 109 and a database 110 in which
`various information about registered documents is stored.
`The operation of the system is primarily controlled by
`software in the computers 100 and 108 in response to
`instructions issued by the user through the keyboard and
`mouse 103.
`The contents of the two databases. 110 and 111. are now
`described. The server database 110 contains:
`
`a) An identification code or further signature algorithm
`name for each signature expected to be generated for
`files registered with the server;
`b) A record of any text associated with each such identi-
`fication code; and
`c) An encoded description of the signature algorithm for
`each such signature algorithm name.
`including the
`pre-defined initial signature algorithm name. “a0”.
`The client’s administrative database contains:
`1. Entries corresponding to files in the filesystem 101.
`describing:
`a) Whether the file has previously been presented to the
`invention for identification;
`b) The result of such identification if so;
`c) Information regarding the legitimacy and terms of
`the client’s use of the tile. if known; and
`d) Such information concerning past. present or planned
`future action by the user of the invention. regarding the
`file. as may be provided by the user.
`
`00001 1
`
`000011
`
`

`
`5,893,910
`
`9
`2. Records of information previously obtained from the
`servers 105. 106 107 etc.. and as enumerated above.
`reducing or eliminating the necessity of repeating iden-
`tical requests to the server. These records can be
`removed periodically without detriment to the system.
`3. Entries detailing the user's administrative policy as
`regards the operation and use of the invention. includ-
`mg:
`a) Descriptions of files or classes of files that for
`reasons of policy or security are not to be processed
`by the invention;
`b) Descriptions of files or classes of files that are to be
`processed by the invention periodically and auto-
`matically; and
`c) Descriptions of any additional services offered by the
`server. such as promotional materials related to iden-
`tified files. that the client wishes to receive.
`d) Information related to the use of such supplemental
`services such as copies of orders and receipts from
`electronically mediated sales conducted through the
`medium of the invention.
`3. A table of available servers and a record of their recent
`performance. used in selecting a server for each query.
`The overall operation of the invention is represented in
`FIG. 2. Using the mouse. keyboard 103 and display 102 the
`user indicates a plurality of files is that are to be processed
`by the invention. While 200 the number of such files
`remaining unprocessed is nonzero. one of them is selected
`201 for processing. and its contents identified 202 relative to
`the server’s database 110. The stored information corre-
`sponding to this identification is now obtained 203 from a
`server as described below. and displayed or made available
`for display 204 to the user. The current file is now deemed
`processed and control flow returns to the
`decision
`point 200.
`Once a file has been so processed the associated
`information. if any. can be displayed for the user. In the
`display the file’ s name is presented along with an indication
`of its status. which depends on the information retrieved
`from the server and information previously stored in the
`administrative database 111. If. according to information
`stored in the administrative database. the file has not previ-
`ously been identified by the invention. or if the identification
`just obtained differs from that obtained previously. its status
`is given as: ‘OK’. if the file was successfully identified and
`is not associated with any licensing conditions;
`‘PROBLEMATIC’. if it was identified and a license or
`copying fee is required; or ‘UNKNOWN’ if it was not
`identified because the servers contain no corresponding
`listing.
`In the case that
`the file was deemed
`‘PROBLEMATIC’.
`the user’s attention is drawn to it
`through the use of such visible cues as a blinking indicator.
`red lettering. or a prominent visual icon. The use