(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2001/0051996 A1
`Cooper et al.
`(43) Pub. Date:
`Dec. 13, 2001
`
`US 20010051996A1
`
`(54) NETWORK-BASED CONTENT
`DISTRIBUTION SYSTEM
`(76) Inventors: Robin Ross Cooper, La Mesa, CA
`(US); Robert T. Kulakowski, Rancho
`Santa Fe, CA (US)
`Correspondence Address:
`KNOBBE MARTENS OLSON & BEAR LLP
`620 NEWPORT CENTER DRIVE
`SIXTEENTH FLOOR
`NEWPORT BEACH, CA 92660 (US)
`Appl. No.:
`09/789,298
`
`(21)
`(22) Filed:
`
`Feb. 20, 2001
`Related U.S. Application Data
`(63) Non-provisional of provisional application No.
`60/250,445, filed on Nov.30, 2000. Non-provisional
`of provisional application No. 60/223,128, filed on
`Aug. 7, 2000. Non-provisional of provisional appli
`cation No. 60/209,506, filed on Jun. 5, 2000. Non
`
`provisional of provisional application No. 60/183,
`638, filed on Feb. 18, 2000.
`
`Publication Classification
`
`(51) Int. Cl. ............................ G06F 15/16; G06F 17/60
`(52) U.S. Cl. ............................. 709/217; 709/229; 705/26
`(57)
`ABSTRACT
`A method and System for transferring electronic media
`information over a public network in Such a way as to
`provide Safeguards for inappropriate distribution of copy
`right or otherwise protected materials are described. The
`media information is transparently watermarked with a
`unique ID, such as one generated from X.509 Digital
`Certificate and public-key cryptography public/private key
`pairs, Such that the information can be identified as belong
`ing to a particular individual. A System and method for
`monitoring the movement of Such watermarked files, posi
`tively identifying people who have inappropriately distrib
`uted copyright materials over a public network without
`permission, and taking appropriate enforcement action
`against Such people.
`
`m
`
`|
`
`CERTIFICATION
`AUTHORY
`
`260
`
`
`
`
`
`
`
`
`
`280
`
`CREDIT
`CARD
`COMPANY
`
`210
`
`
`
`TRANSACTION
`MODULE
`
`ARCHIVE
`SERVER
`
`
`
`
`
`24
`
`Se
`
`ARCHIVE
`DATABASE
`
`TRANSACTION
`DATABASE
`
`218
`S-2
`MASTER
`
`
`
`ALAM
`MODULE
`
`GDRAS
`
`230
`
`COPYRIGHT / “
`REGISTRY
`
`CUSTOMER / "
`SITE
`
`USER
`DEVICE
`
`15
`
`115
`
`USER
`DEVICE
`
`USER
`DEWCE
`
`5
`
`MCM Ex. 2003, pg. 1
`
`

`

`Patent Application Publication Dec. 13, 2001 Sheet 1 of 7
`
`US 2001/0051996 A1
`
`9
`
`
`
`
`
`
`
`MCM Ex. 2003, pg. 2
`
`

`

`Patent Application Publication Dec. 13, 2001 Sheet 2 0f 7
`
`US 2001/0051996 A1
`
`o:__mo_>mo_
`
`
`
`mum:m:Emma/.000_>555?
`tommo_8N2920558
`
`
`2N$2058:_I
`
`mtw8m_rllllllllllllllllllll
`
`m:T_N_ovw05
`mo_>moCEm:A
`
`5:002_Em>_Iom<zo__.o<mz<E
`Wmm>mmm
`
`E
`
`m:Em:_mw<mE<o_zo:.o<mz<E_mw<m<k<o
`
`m>_Iom<
`
`moSmo
`
`_2<._<
`
`
`
` _0mmméflmumw<m<F<D_«Em/:2_£382_CNN
`
`__N.mu_n__EN
`
`._.IO_m>n_OO
`
`>N_._.w_0mw_
`
`MCM Ex. 2003, pg. 3
`
`MCM Ex. 2003, pg. 3
`
`
`
`

`

`Patent Application Publication Dec. 13, 2001 Sheet 3 of 7
`
`US 2001/0051996 A1
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`START
`
`INITIALIZATION
`
`310
`
`AUTHENTICATE USER
`AND GET
`DIGITAL CERTIFICATE
`
`320
`
`SEARCH FOR AND
`SELECT CONTENT
`
`PAYMENT
`
`WATERMARK
`
`330
`
`340
`
`350
`
`TRANSFER
`(DOWNLOAD)
`CONTENT TO USER
`
`360
`
`FIG. 3
`
`MCM Ex. 2003, pg. 4
`
`

`

`Patent Application Publication Dec. 13, 2001 Sheet 4 of 7
`
`US 2001/0051996 A1
`
`
`
`SCITEI-J
`
`MCM Ex. 2003, pg. 5
`
`

`

`Patent Application Publication Dec. 13, 2001 Sheet 5 of 7
`
`US 2001/0051996 A1
`
`START
`
`SEARCH FOR
`PUBLIC FILES
`
`FIND
`WATERMARK
`
`FIND DIGITAL
`CERTIFICATE
`SERIAL NUMBER
`
`AUTHENTICATE
`SERIAL NUMBER
`
`DECRYPT STRING
`N WATERMARK
`
`DETERMINE
`ORIGINATOR
`VAWATERMARK
`
`TAKE APPROPRIATE
`ACTION
`
`510
`
`520
`
`530
`
`540
`
`550
`
`560
`
`570
`
`NOTFY RECIPIENTS
`OF PIRATED
`CONTENT
`
`580
`
`END
`
`FIG. 5
`
`MCM Ex. 2003, pg. 6
`
`

`

`Patent Application Publication Dec. 13, 2001 Sheet 6 of 7
`
`US 2001/0051996 A1
`
`CONTENT DISTRIBUTION SYSTEM
`
`200
`
`F.G. 6
`
`MASTER
`DATABASE
`SERVER
`
`TRANSACTION
`SERVER
`
`TRANSACTION
`SERVER
`
`TRANSACTION
`SERVER
`
`116
`
`
`
`TRANSACTIONY
`DATABASE
`SERVER
`
`630
`
`614
`
`WLBS
`
`client
`
`WORKSTATION
`
`/ 11.
`
`115
`CLIENT /
`WORKSTATION
`
`CLENT PDA
`DEVICE
`
`115
`
`270
`
`640
`
`
`
`640
`
`640
`
`WLBS
`
`650
`
`B2C
`UNIX
`SERVER
`
`B2C
`N
`SERVER
`
`B2C
`LINUX
`SERVER
`
`CUSTOMERSITE
`
`MCM Ex. 2003, pg. 7
`
`

`

`Patent Application Publication Dec. 13, 2001 Sheet 7 of 7
`
`US 2001/0051996 A1
`
`CONTENT DISTRIBUTION SYSTEM
`
`200
`
`MASTER
`DATABASE
`SERVER
`
`TRANSACTION
`SERVER
`
`TRANSACTION
`SERVER
`
`TRANSACTION
`SERVER
`
`CLENT
`WORKSTATION
`UNIX/LINUX
`
`CLIENT
`WORKSTATION
`WINDOWS
`
`
`
`
`
`
`
`115
`
`115
`
`CLIENT
`PDA
`DEVICE
`
`270
`
`FIG. 7
`
`116
`
`
`
`B2C
`UNIX
`SERVER
`
`SERVER
`
`B2C
`LINUX
`SERVER
`
`CUSTOMERSITE
`
`MCM Ex. 2003, pg. 8
`
`

`

`US 2001/0051996 A1
`
`Dec. 13, 2001
`
`NETWORK-BASED CONTENT DISTRIBUTION
`SYSTEM
`
`RELATED APPLICATIONS
`0001. This application claims priority to U.S. Provisional
`Application No. 60/250,445, filed Nov. 30, 2000, U.S.
`Provisional Application No. 60/223,128, filed Aug. 7, 2000,
`U.S. Provisional Application No. 60/209,506, filed Jun. 5,
`2000, U.S. Provisional Application No. 60/183,638, filed
`Feb. 18, 2000, and U.S. application Ser. No.
`(VMATRIX.002A) filed Feb. 11, 2001 titled “WEB BASED
`HUMAN SERVICES CONFERENCING NETWORK,” all
`of which are hereby incorporated by reference.
`0002) BACKGROUND OF THE INVENTION
`0003) 1. Field of the Invention
`0004. The present invention relates to the field of elec
`tronic media file content distribution. Additionally, the
`invention relates to embedding unique electronic Signature
`information, referred to as watermarks, and inserting these
`watermarks into an electronic media file to facilitate the
`authentication of the perSon responsible for the file.
`0005 2. Description of the Related Art
`0006. The use of the Internet and the World Wide Web as
`tools for content delivery and e-commerce has increased
`dramatically in recent years. As a consequence, the delivery
`of electronic media content materials. Such as music, videos,
`Software, books, multi-media presentations, images, and
`other electronic media over a network to one or more
`consumerS has likewise increased dramatically. Users may
`download Such electronic media files legitimately from a
`content provider, for example a record label Such as Sony
`Records or Capitol Records, or inappropriately from one of
`the content download Services without the permission of the
`copyright owner. Using a network Such as the Internet, users
`may, and quite frequently do, transfer digital media files they
`have downloaded, whether legitimately or otherwise, to
`others.
`0007. In this way, consumers of electronic media infor
`mation may simply and freely distribute Such media infor
`mation over a public network Such as the Internet without
`the permission of the copyright owner (or other property
`rights owners). Such consumers who inappropriately dis
`tribute copyright material over public networks cannot cur
`rently be positively identified, if they can even be tracked
`down at all. Therefore, these consumers can quite often
`Successfully deny culpability.
`0008. A prevalent concern within the media publishing
`and/or distribution business is that the Supply VS. demand
`equation that drives the economics of valuable goods and
`Services no longer applies to digital media. Since a digital
`media file Such as a music or movie file can be duplicated
`essentially an unlimited number of times and distributed at
`Virtually no cost, the economics for providing Such digital
`materials to the public is not viable. In order to return the
`Supply verSuS demand equation back to the digital media
`domain, individual digital media files must be configured in
`Such a way as to give them properties Similar to physical
`objects. With Such physical properties, these files can be
`handled and monitored in ways that are Similar to physical
`objects, thus allowing the return of the necessary economic
`incentives and viability.
`
`0009. To date, there have been various approaches to
`Solving the problems associated with the management, con
`trol and distribution of digital media files. Most of these
`approaches focus on protecting digital media files in Such a
`way as to limit the functionality of such files when outside
`of the domain that has been pre-approved by the authorized
`distributor of Such media. An example is found in the
`distribution of encrypted digital information along with an
`encryption key that will only decrypt the information under
`a limited number of circumstances.
`0010 Although encryption schemes have provided solu
`tions to other problems involving digital media content, it is
`not the preeminent answer to the problem of identifying and
`monitoring content files. For example, encryption Schemes
`provide an unsatisfactory Solution for digital media for the
`following reasons:
`0011) 1) Encryption schemes are often targets for
`many hackers, and it is typically only a matter of
`time before decryption algorithms will be discovered
`and published on a wide Scale.
`0012 2) The market is overwhelmed with a number
`of encryption Schemes. Therefore, no Single Standard
`is likely to be adopted and enforced.
`0013 3) Encryption adds a great deal of expense to
`the distribution of digital media. In Some cases, this
`eXtra expense may make the difference between
`profitable and unprofitable distribution.
`0.014) 4) Encryption adds a layer of complexity for
`the consumer that will most likely result in lower
`consumer Satisfaction.
`0015 5) Popular media sharing facilities, for
`example Napster, have educated tens of millions of
`consumers about the ease with which media files can
`be transferred. It may in fact be too late to Success
`fully change the accepted model for electronic media
`distribution.
`0016 Consumers might possibly have embraced encryp
`tion of digital media files had it been introduced on a large
`Scale before the Napster file-sharing model. Consumers
`generally will learn to accept models that add a level of
`complexity if these models are in fact the only models
`available. However, the complexities that content distribu
`tors would like to introduce into the market with encryption
`will arrive after the Superior model has been introduced.
`This will likely result in media content file protection
`Schemes Such as encryption and copy protection disappear
`ing over time.
`
`SUMMARY OF THE INVENTION
`0017. The solution to the numerous problems confronting
`the rights owners of digital media is, therefore, not simply an
`issue of adding encryption. It is more accurately an issue of
`uniquely marking and identifying digital media files with
`authenticated information from a trusted authority and mak
`ing busineSS decisions that will maximize the potential
`return-on-investment for Such files. Therefore, there is a
`need in the electronic media content distribution field to be
`able to mark content files with an authenticated digital
`Signature that uniquely identifies the person who is the
`Source, to be able to monitor the files if they are transferred
`
`MCM Ex. 2003, pg. 9
`
`

`

`US 2001/0051996 A1
`
`Dec. 13, 2001
`
`to others, and to have these capabilities while imposing
`minimal burden and inconvenience on the consumer.
`0.018. One aspect of this system relates to a system for
`network-based content distribution. The System includes an
`interface module configured to interface with a network. A
`transaction module is coupled to the interface module and
`configured to initialize a transaction with the user, authen
`ticate the identity of a user, obtain a digital certificate related
`to Said user, Search for content desired by Said user, imple
`ment a payment transaction with the user, generate a water
`mark related to Said user and transfer content to Said user,
`and insert Said watermark into Said content. A transaction
`database is configured to Store information related to trans
`actions carried out by the transaction module. An archive
`database is configured to Store content Selected by users. A
`certification authority is configured to authenticate users and
`issue digital certificates.
`0.019 Another aspect of the invention relates to a method
`for distributing content over a network. The method includes
`initiating a transaction with the user. The digital certificate of
`the user is then authenticated. The user is allowed to Search
`for and Select content to be downloaded. A watermark is
`generated by the System which relates to the content to be
`downloaded, the source of the content and the identity of the
`user. The watermark is inserted into the content prior to its
`downloading to the user.
`0020. Another aspect of the invention relates to a method
`for Verifying, Searching for and identifying content acces
`Sible over a network. The method includes identifying files
`which are accessible over the network. For each Such
`identified file, the file is searched to determine whether it
`includes a watermark which is related to the Source of the
`content and the identification of the authorized user of the
`content. The method then involves determining whether the
`present location of the content with the watermark is an
`authorized location.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`0021. The above and other aspects, features and advan
`tages of the invention will be better understood by referring
`to the following detailed description, which should be read
`in conjunction with the accompanying drawings. These
`drawings and the associated description are provided to
`illustrate various embodiments of the invention, and not to
`limit the Scope of the invention.
`0022 FIG. 1 illustrates a typical network configuration
`in which this invention may operate.
`0023 FIG. 2 is a block diagram of an example of a
`System overview architecture.
`0024 FIG. 3 is a flowchart of a process of conducting a
`media content transaction.
`0.025
`FIG. 4 is a diagram of a typical watermark.
`0.026
`FIG. 5 is a flowchart of a process of embedding a
`watermark in media content data.
`0.027
`FIG. 6 is a block diagram of a content distribution
`System and customer Site.
`0028 FIG. 7 is a block diagram of a content distribution
`System and customer Site.
`
`DETAILED DESCRIPTION
`0029 Definitions
`0030 The following discussion provides a number of
`useful definitions of terms used in describing embodiments
`of the disclosed invention.
`0031 AS used herein, the terms “network” and “Internet”
`refer to a network or combination of networks spanning any
`geographical area, Such as a local area network, wide area
`network, regional network, national network, and/or global
`network. Those terms may refer to hardwire networks,
`wireleSS networks, or a combination of hardwire and wire
`leSS networkS. Hardwire networks may include, for example,
`fiber optic lines, cable lines, ISDN lines, copper lines, etc.
`WireleSS networks may include, for example, cellular SyS
`tems, personal communication Services (PCS) Systems, Sat
`ellite communication Systems, packet radio Systems, and
`mobile broadband Systems. A cellular System may use, for
`example, code division multiple access (CDMA), time divi
`Sion multiple access (TDMA), personal digital phone
`(PDC), Global System Mobile (GSM), or frequency division
`multiple access (FDMA), among others.
`0032. As used herein, a VPN is a secure and encrypted
`communications link between nodes on the Internet, a Wide
`Area Network (WAN), or an Intranet. These nodes can
`communicate with each other, however, it is virtually impos
`Sible for a hacker to either comprehend the meaning of the
`Signals or Send Signals that are believed to be authentic. One
`Secure communications technology that is designed to facili
`tate a VPN is Secure Sockets Layer (or SSL). Other secure
`communications technologies can be used as well. It is not
`a requirement that a VPN be a private network such as SITA,
`the international network for airline reservations.
`0033) As used herein, a VPN provider refers to software,
`hardware, or both that Secure an audio/video conferencing
`Session in Such a way as to minimize the possibility that it
`can altered or inappropriately viewed or transmitted. AVPN
`can operate between a number of internet-enabled devices,
`for example, a VPN can run on two PCs that are connected
`together using well known Security technologies. In another
`embodiment, a VPN can operate between a PC and a Web
`Site using Security technologies. In yet another embodiment,
`a VPN can additionally operate between many PCs and/or
`many Web Sites. Hand-held devices, mobile phones, and
`web-enabled TV sets can be used as client devices instead of
`PCs as part of the VPN as well.
`0034. As used herein, the term “website” refers to one or
`more interrelated web page files and other files and pro
`grams on one or more web servers, the files and programs
`being accessible over a computer network, Such as the
`Internet, by sending a hypertext transfer protocol (HTTP)
`request specifying a uniform resource locator (URL) that
`identifies the location of one of Said web page files, wherein
`the files and programs are owned, managed or authorized by
`a single business entity. Such files and programs can include,
`for example, hypertext markup language (HTML) files,
`common gateway interface (CGI) files, and Java applica
`tions. The web page files preferably include a home page file
`that corresponds to a home page of the website. The home
`page can Serve as a gateway or access point to the remaining
`files and programs contained within the website. In one
`embodiment, all of the files and programs are located under,
`
`MCM Ex. 2003, pg. 10
`
`

`

`US 2001/0051996 A1
`
`Dec. 13, 2001
`
`and accessible within, the Same network domain as the home
`page file. Alternatively, the files and programs can be located
`and accessible through Several different network domains.
`0035. As used herein, a “web page” comprises that which
`is presented by a Standard web browser in response to an http
`request Specifying the URL by which the web page file is
`identified. A web page can include, for example, text,
`images, Sound, Video, and animation.
`0.036 AS used herein, “content file”, “media content file”
`and “content data” refer to the delivery of electronic media
`content materials Such as music, Videos, Software, books,
`multi-media presentations, images, and other electronic
`data, for example over a network to one or more consumers.
`Content data will typically be in the form of computer files
`for Video, audio, program, data and other multimedia type
`content as well as actual physical copies of valuable content,
`for example CD-ROM, DVD, VCR, Audio, TV or radio
`broadcasted, Streaming audio and Video over networks, or
`other forms of embodying such information. The terms
`“content file”, “media content file' and “content data” are
`used interchangeably herein.
`0037 AS used herein, “consumer” and “user” refer to a
`person that seeks to transfer or download media content
`files, for example from a content provider or distributor. The
`terms “consumer' and “user' are used interchangeably
`herein.
`0.038. As used herein, a computer, may be any micropro
`ceSSor or processor controlled device that permits access to
`the Internet, including terminal devices, Such as personal
`computers, WorkStations, Servers, clients, mini computers,
`main-frame computers, laptop computers, a network of
`individual computers, mobile computers, palm-top comput
`ers, hand-held computers, Set top boxes for a television,
`other types of web-enabled televisions, interactive kiosks,
`personal digital assistants, interactive or web-enabled wire
`leSS communications devices, mobile web browsers, or a
`combination thereof. The computers may further possess
`one or more input devices Such as a keyboard, mouse, touch
`pad, joystick, pen-input-pad, and the like. The computers
`may also possess an output device, Such as a Screen or other
`Visual conveyance means and a speaker or other type of
`audio conveyance means.
`0.039 These computers may be uni processor or multi
`processor machines. Additionally, these computers include
`an addressable Storage medium or computer accessible
`medium, Such as random access memory (RAM), an elec
`tronically erasable programmable read-only memory
`(EEPROM), programmable read-only memory (PROM),
`erasable programmable read-only memory (EPROM), hard
`disks, floppy disks, laser disk players, digital video devices,
`compact disks, Video tapes, audio tapes, magnetic recording
`tracks, electronic networks, and other techniques to transmit
`or Store electronic content Such as, by way of example,
`programs and data. In one embodiment, the computers are
`equipped with a network communication device Such a
`network interface card, a modem, or other network connec
`tion device Suitable for connecting to the communication
`network. Furthermore, the computers execute an appropriate
`operating system such as Linux, Unix, Microsoft(R) Win
`dows(R 95, Microsoft(R) Windows(R 98, Microsoft(R) Win
`dows(R NT, Apple(R) MacOS(R), or IBM(R) OS/2(R). As is
`conventional, the appropriate operating System includes a
`
`communications protocol implementation which handles all
`incoming and outgoing message traffic passed over the
`Internet. In other embodiments, while the operating System
`may differ depending on the type of computer, the operating
`System will continue to provide the appropriate communi
`cations protocols necessary to establish communication
`links with the Internet.
`0040. The computers may advantageously contain pro
`gram logic, or other Substrate configuration representing
`data and instructions, which cause the computer to operate
`in a specific and predefined manner as described herein. In
`one embodiment, the program logic may advantageously be
`implemented as one or more object frameworks or modules.
`These modules may advantageously be configured to reside
`on the addressable Storage medium and configured to
`execute on one or more processors. The modules include,
`but are not limited to, Software or hardware components that
`perform certain tasks. Thus, a module may include, by way
`of example, components, Such as, Software components,
`object-oriented Software components, class components and
`task components, processes, functions, attributes, proce
`dures, Subroutines, Segments of program code, drivers, firm
`ware, microcode, circuitry, data, databases, data Structures,
`tables, arrays, and variables.
`0041. The various components of the system may advan
`tageously communicate with each other and other compo
`nents comprising the respective computers through mecha
`nisms Such as, by way of example, interprocess
`communication, remote procedure call, distributed object
`interfaces, and other various program interfaces. Further
`more, the functionality provided for in the components,
`modules, and databases may be combined into fewer com
`ponents, modules, or databases or further Separated into
`additional components, modules, or databases. Additionally,
`the components, modules, and databases may advanta
`geously be implemented to execute on one or more com
`puters. In another embodiment, Some of the components,
`modules, and databases may be implemented to execute on
`one or more computers external to the web site. In this
`instance, the web site includes program logic, which enables
`the web site to communicate with the externally imple
`mented components, modules, and databases to perform the
`functions as disclosed herein.
`0042. As used herein, the term “consumer ID' refers to a
`positive digital identification of the user, computer, or player
`device owned by a person who downloads content, has
`access to content download Systems, or can access the
`Systems described in this patent. A positive digital identifi
`cation may be any one or a plurality of the following: an
`individual's digital certificate, a digital certificate or digital
`certificate Serial number digitally signed using the user's
`private key, a transactional ID digitally signed using a user's
`private key that can be verified via the user's public key, the
`Serial numbers of computers or player devices owned by or
`registered to a user, a message received by a System con
`taining verified biometrics data (fingerprint, face recogni
`tion, eye/retina recognition, voice recognition etc.), or other
`legally recognizable means to identify an individual.
`0043. As used herein, the term “digitally signing”
`includes the cryptographically Standard process of using a
`private key to generate a message or message hash/digest
`that when decrypted using a public key validates that the
`message was generated using an individual’s private key.
`
`MCM Ex. 2003, pg. 11
`
`

`

`US 2001/0051996 A1
`
`Dec. 13, 2001
`
`0044 As used herein, the term “authentication” refers to
`making it possible for the receiver of a message or file to
`ascertain its origin, So that an intruder should not be able to
`masquerade as Someone else.
`0.045. As used herein, the term “integrity” refers to mak
`ing it possible for the receiver of a message or file to Verify
`that it has not been modified in transit, So that an intruder
`should not be able to Substitute a false message for a
`legitimate one.
`0046. As used herein, the term “non-repudiation” refers
`to minimizing the possibility of a Sender being able to falsely
`deny later that he participated in communications activities.
`0047. Additionally, this patent relates to new electronic
`Signature laws passed in the US and Europe and Soon to be
`passed in Japan. In late June of 2000, President Clinton
`signed the “Electronic Signatures in Global and National
`Commerce Act', or “E-Sign Bill'. This bill puts the force of
`national law behind electronic Signature transactions.
`0.048
`FIG. 1 illustrates a representative network configu
`ration 100 in which this invention may be implemented.
`However, various other types of electronic devices commu
`nicating in a networked environment may also be used. A
`user 102, which may be a consumer or any other recipient
`of content files, communicates with a computing environ
`ment, which may include multiple server computers 108 or
`a single Server computer 110 in a client/server relationship
`on a network communication medium 116. In a typical
`client/server environment, each of the server computers 108,
`110 may include a Server program that communicates with
`a client device 115, which may be a personal computer (PC),
`a hand-held electronic device, a mobile or cellular phone, a
`TV set or any number of other electronic devices.
`0049. The server computers 108, 110, and the client
`device 115 may each have any conventional general purpose
`Single- or multi-chip microprocessor, for example a Pen
`tium(R) processor, a Pentium(R) Pro processor, a 8051 pro
`cessor, a MIPS(R) processor, a Power PC(R) processor, an
`ALPHACR processor or any other processor. In addition, the
`microprocessor may be any conventional Special purpose
`microprocessor Such as a digital Signal processor or a
`graphics processor. Additionally, the Server computers 108,
`110 and the client device 115 may be desktop, server,
`portable, hand-held, Set-top, or any other desired type of
`device. Furthermore, the server computers 108, 110 and the
`client device 115 each may be used in connection with
`various operating Systems, including, for example, UNIX,
`LINUX, Disk Operating System (DOS), VxWorks, PalmOS,
`OS/2, Windows 3.X, Windows 95, Windows 98, and Win
`dows NT.
`0050. The server computers 108, 110 and the client
`device 115 may each include a network terminal equipped
`with a Video display, keyboard and pointing device. In one
`embodiment of the network configuration 100, the client
`device 115 includes a network browser 120 used to access
`the server computer 110. The network browser 120 may be,
`for example, Microsoft Internet Explorer or Netscape Navi
`gator.
`0051) The user 102 at the client device 115 may utilize
`the browser 120 to remotely access the Server program using
`a keyboard and/or pointing device and a visual display, Such
`
`as a monitor 118. Although FIG. 1 shows only one client
`device 115, the network configuration 100 may include any
`number of client devices.
`0052 The network 116 may be any type of electronic
`transmission medium, for example, including but not limited
`to the following networks: a virtual private network (here
`inafter VPN), a public Internet, a private Internet, a secure
`Internet, a private network, a public network, a value-added
`network, an intranet, or a wireleSS gateway. The term
`“Virtual Private Network” (VPN) refers to a secure and
`encrypted communications link between nodes on the Inter
`net, a Wide Area Network (WAN), Intranet, or any other
`network transmission means. While the VPN nodes may
`communicate with each other, it is virtually impossible for
`a hacker to either comprehend the meaning of the Signals or
`Send Signals that are believed to be authentic. One example
`of a Secure communications technology that is designed to
`facilitate a VPN is the Secure Sockets Layer (SSL). It is
`contemplated by this application that there may be much
`better techniques other than SSL that may be deployed in
`order to Scramble the data for content downloads. It is well
`known in the industry that other extremely effective Scram
`bling techniques exist and are commonly used. Although
`SSL is a transport protocol, other Scrambling techniques that
`are not transport protocol may be utilized. The non-SSL
`techniques may simply be techniques that will quickly and
`efficiently scramble and likewise unscramble the data that is
`being transmitted via the network.
`0053 While a VPN may be conducted on a private
`network, it may additionally be conducted on a public
`network as well. A VPN may include, for example, one or
`more client devices connected to a combination of web
`Server(s), Video archive server(s), Source server(s), or Multi
`Point Control Units (MCUs), which are secured using state
`of-the-art Security technologies.
`0054.
`In addition, the connectivity to the network may be,
`for example, via a remote modem, Ethernet (IEEE 802.3),
`Token Ring (IEEE 802.5), Fiber Distributed Datalink Inter
`face (FDDI) or Asynchronous Transfer Mode (ATM). The
`network 116 may additionally connect to the client device
`115 by use of a modem or by use of a network interface card
`that resides in the client device 115. The server computers
`108 may be connected via a wide area network 106 to a
`network gateway 104, which provides access to the wide
`area network 106 via a high-speed, dedicated data circuit.
`0055 Devices other than the hardware configurations
`described above may be used to communicate with the
`server computers 108, 110. If the server computers 108, 110
`are equipped with voice recognition or DTMF hardware, the
`user 102 may communicate with the server computers by
`use of a telephone 124. Other examples of connection
`devices for communicating with the server computers 108,
`110 include a portable personal computer (PC) 126 with a
`modem or wireleSS connection interface, a cable interface
`device 128 connected to a visual display 130, or a satellite
`dish 132 connected to a satellite receiver 134 and a televi
`sion 136. Still other methods of allowing communication
`between the user 102 and the server computers 108, 110 are
`contemplated by this application.
`0056. Additionally, the server computers 108,110 and the
`client device 115 may not necessarily be located in the same
`room, building or complex. In fact, the Server computers
`
`MCM Ex. 2003, pg. 12
`
`

`

`US 2001/0051996 A1
`
`Dec. 13, 2001
`
`108, 110 and the client device 115 could each be located in
`different physical locations, for example in different cities,
`States or countries. This geographic flexibility which net
`worked communications allows is within the contemplation
`of this application.
`0057 FIG. 2 is a block diagram of an example of a
`system overview architecture. The user devices 115 and
`network 116 are as described above in relation to FIG. 1.
`The user may obtain content media by initiating a transac
`tion with a user device 115. A typical transaction may
`include the actions of initialization, authenticating the user,
`retrieving or Storing a digital certificate, Searching for and
`Selecting content, payment, generating a Watermark and
`embedding in the content, and transferring the content to the
`user. These actions will be described in further detail with
`regards to FIG. 3. A non-exhaustive list of several transac
`tions includes a download Session, a streaming Session, a
`peer-to-peer Session, a transfer to another user, a gift to
`another perSon, and re-sale of digital media files.
`0.058
`Transactions containing s