Search Images Maps Play YouTube News Gmail Drive More »
Sign in
Screen reader users: click this link for accessible mode. Accessible mode has the same essential features but works better with your reader.

Patents

  1. Advanced Patent Search
Publication numberCN1236387 C
Publication typeGrant
Application numberCN 02149370
Publication date11 Jan 2006
Filing date25 Feb 1998
Priority date25 Feb 1997
Also published asCA2282602A1, CA2282602C, CA2643148A1, CN1148686C, CN1249041A, CN1516022A, CN1776701A, CN1776701B, CN1776702A, DE69837545D1, DE69837545T2, EP1004068A1, EP1004068B1, EP1655653A2, EP1655653A3, EP1655654A2, EP1655654A3, EP1657618A2, EP1657618A3, EP1657618B1, EP1816579A2, EP1816579A3, EP1826653A2, EP1826653A3, US5920861, US6138119, WO1998037481A1
Publication number02149370.7, CN 02149370, CN 1236387 C, CN 1236387C, CN-C-1236387, CN02149370, CN02149370.7, CN1236387 C, CN1236387C
Inventors埃德温J霍耳, 维克多H希尔, 卢克S托马塞洛, 大卫M万维, 罗伯特P韦伯, 金沃森克罗夫特, 徐学军
Applicant联信技术公司
Export CitationBiBTeX, EndNote, RefMan
External Links: SIPO, Espacenet
Technique for defining, using and controlling authority management data structure
CN 1236387 C
Abstract  translated from Chinese
一种提供对诸如安全容器的权限管理数据结构的抽象表达的描述性数据结构。 An abstract representation, such as providing rights management data structure of the secure container descriptive data structure. 该抽象表达可以描述权限管理数据结构的规划。 The abstract expression can describe the planning rights management data structure. 它也可以提供元数据描述或定义权限管理数据结构使用和/或处理的其它特征。 It can also provide metadata describing or defining rights management data structures and / or treatment of other features. 例如,描述性数据结构可以提供完整性约束以提供描述相关信息的规则的方式。 For example, the descriptive data structure may provide a description of the rules of integrity constraints in order to provide information about the way. 该抽象表达可以被用于创建相互之间有互操作性和兼容性的权限管理数据结构。 The abstract expression can be used to create interoperability and compatibility have rights management data structures to each other. 此种设计在不损害安全性的同时保证了灵活性和易用性。 This design without compromising security while ensuring the flexibility and ease of use.
Claims(22)  translated from Chinese
1.一种使用描述性数据结构的方法,在第一地址处按第一数据处理安排,所述方法包括:在所述第一数据处理安排的通讯端口从所述第一地址的远程地址接收第一安全容器,所述第一安全容器至少具有(a)内容,以及(b)至少一种规则,该规则被设计用于至少部分地支配所述内容的至少一次使用或存取,所述支配至少包括将某些与所述使用或存取相关的信息临时地存储起来的要求;在所述通讯端口从所述第一地址的远程地址接收第二安全容器,所述第二安全容器至少具有(a)一种描述性数据结构,包括至少部分地描述或代表所述第一安全容器内容的组织的至少一方面的信息,以及(b)至少一种规则,该规则被设计用于至少部分地支配所述描述性数据结构的至少一次使用或存取;使用所述第二容器规则以存取所述描述性数据结构的至少一部分;以及至少在一次使用所述第一安全容器内容的处理中,使用所述描述性数据结构部分;其中,所述描述性数据结构部分的使用还包括使用所述组织信息,用于识别所述第一安全容器内容的指定部分;所述第一数据处理安排还包括具有描述性数据结构解释程序的第一计算机程序;以及使用所述描述性数据部分的步骤包括促成该使用的所述第一计算机程序。 1. A method of using a descriptive data structure at a first address in a first data processing arrangement, the method comprising: receiving from a remote address in the first address of the first data processing arrangement communications port a first secure container, said container having at least a first secure (a) content, and (b) at least one rule that is designed for at least partially operating said at least one use or access the content, the including at least some of the requirements for disposal with the use or access information relating to the temporarily stored; receiving a second secure container from a remote address of said first address in said communication port, said second secure container at least having (a) a descriptive data structure, comprising at least one aspect of information, and (b) at least one rule or the at least partially describes the first secure container contents on behalf of the organization, the rules are designed for at least dominant part of the data structure described at least one use or access; using said second container rule to access at least a portion of said descriptive data structure; and at least one use of said first secure container contents processing, using said descriptive data structure portion; wherein the portion using the descriptive data structure further comprises using the organizational information, for specifying portion identifying said first secure container content; the first data a first processing arrangement further includes a computer program having a descriptive data structure interpreter; and a step of using said descriptive data portion including facilitating the use of the first computer program.
2.根据权利要求1所述的方法,其中:所述第一计算机程序包括一个浏览器,而且使用所述描述性数据结构部分的步骤还包括:所述浏览器使用所述描述性数据结构用于识别并定位所述第一安全容器的内容部分;所述浏览器使所述定位后的第一安全容器内容部分被显示出来。 2. The method of claim 1, wherein: said first computer program includes a browser, and the step of using said descriptive data structure portion further comprises: said browser using said descriptive data structures to identify and locate said first secure container content portion; the browser makes a first secure container content portion of the positioned is displayed.
3.根据权利要求2所述的方法,其中:所述浏览器使用所述描述性数据结构用于识别并定位所述第一安全容器内容部分的步骤还包括,所述浏览器从所述描述性数据结构接收单元标识符,所述单元标识符识别所述第一安全容器内容部分;以及所述浏览器显示所述定位后的第一安全容器内容部分的步骤还包括,所述浏览器存取所述使用所述单元标识符的第一安全容器内容部分。 3. The method of claim 2, wherein: said browser using said descriptive data structure to identify and locate the first step of the secure container content portion further includes said browser from the description data structure of the receiving unit identifier, the unit identifier identifying the first secure container content portion; and said step of displaying said browser after positioning a first secure container content portion further includes said browser deposit take the unit using the first secure container content identifier portion.
4.根据权利要求3所述的方法,还包括:所述识别完成后,至少使用一种所述第一安全容器的规则以存取所述标识后的第一安全容器内容部分。 4. The method according to claim 3, further comprising: after completion of the identification, using at least one of said first secure container rules to access a portion of said first secure container contents identification after.
5.根据权利要求4所述的方法,还包括:在所述通讯端口接收第三安全容器,所述第三安全容器包括(1)与所述描述性数据结构相关的元数据;以及(2)至少一种被设计用于至少部分地支配所述元数据结构的一次使用或存取的规则;以及使用所述描述性数据结构的所述步骤还包括:在所述描述性数据结构中,将引用存取到元数据;使用所述第三容器的至少一种规则以存取所述元数据的至少一部分;以及在与所述第三安全容器内容的使用相关的使用所述描述性数据结构的处理中使用所述元数据。 5. The method according to claim 4, further comprising: at said communications port receiving a third secure container, said third secure container including (1) with the descriptive data structure associated metadata; and (2 ) at least one at least partially designed for single use disposable or access rules of the metadata structure; and said step of using said descriptive data structure further including: in said descriptive data structure, The reference access to the metadata; rule using the at least one third container to access at least a portion of the metadata; and using said descriptive data using said third secure container contents related processing structure used in the metadata.
6.根据权利要求5所述的方法,其中:使用所述元数据的步骤包括,使用所述元数据中的信息,用于至少部分地决定所述第一安全容器内容的一部分是否应被显示给用户。 6. A method according to claim 5, wherein: the step of using said metadata includes using information in the metadata, for at least partially determines the first secure container content should be displayed whether a portion to the user.
7.根据权利要求6所述的方法,其中所述元数据的使用包括:如果一些或所有所述第一安全容器内容被显示出来,元数据包括指定那些被指定信息必须被显示的信息;使用所述元数据的步骤包括显示被指定信息的步骤。 7. The method according to claim 6, wherein the metadata comprises: if some or all of said first secure container contents are displayed, the metadata includes information specifying information that is designated to be displayed; use step comprises the step of the metadata information displayed is designated.
8.根据权利要求7所述的方法,其中:所述指定信息包括标识所述第一安全容器内容部分的至少一个所有者或创建者的信息。 8. The method according to claim 7, wherein: said specified information comprises at least one owner or creator of identifying said first secure container content portion information.
9.根据权利要求5所述的方法,其中:从第二数据处理安排接收所述第一安全容器;以及从第三数据处理安排接收所述第二安全容器和第三安全容器;所述第二数据处理安排和所述第三数据处理安排被定位在彼此分离之处,且所述第二数据处理安排和所述第三数据处理安排的地址都与所述第一数据处理安排被定位的地址不同。 9. The method of claim 5, wherein: receiving data from the second processing arrangement of said first secure container; and receiving a second secure container and said third secure container from the third data processing arrangement; the first second data processing arrangement and the third data processing arrangement is positioned separated from each other in, and the second data processing arrangement and the third data processing arrangement of addresses with the first data processing arrangement is positioned different addresses.
10.一种分布式数据处理装置,包括:第一数据处理装置包括:一个中央处理器;存储描述性数据结构的第一存储器,所述描述性数据结构包括:在安全容器中与第一单元组织有关的信息,所述信息包括:在所述安全容器中与所述单元组织有关的信息;以及,在所述安全容器中与至少一些所述单元的地址有关的信息;通讯装置,所述描述性数据结构可以通过该通讯装置和与所述第一数据处理装置不同的数据处理装置进行通讯;具有与所述第一数据处理装置的地址不同地址的第二数据处理装置,所述第二数据处理装置包括:一个中央处理器;一个第二存储器包括:第一安全容器至少包括:至少部分地根据所述描述性数据结构具有的信息构成的数据单元;以及至少一种规则,该规则被用于至少部分地支配所述数据单元的存取或使用的至少一方面;至少有一种所述规则需要这样的信息,即至少一种所述数据单元的至少一次使用可以至少被临时记录下来;以及至少在一次操作中,在所述第一安全容器或所述第一安全容器的内容上,至少有一段计算机程序被设计用于所述描述性数据结构的一部分;所述使用包括至少使用与在所述第一安全容器中识别和/或定位至少一个所述单元的单元组织相关的所述信息;通讯装置,所述第二数据处理装置可以通过该通讯装置接收所述描述性数据结构或其副本的至少一部分。 A distributed data processing apparatus, comprising: a first data processing apparatus comprising: a central processing unit; a first memory for storing descriptive data structure, the descriptive data structure comprising: in the secure container in the first cell organization of information, said information comprising: the secure container with information related to the cell tissue; and, the information in the secure container with at least some of the address of the unit concerned; communication device, wherein Descriptive data structures can be the first communication means and said data processing apparatus different data processing means to communicate; the second data processing apparatus having a different address with the address of the first data processing means, said second Data processing apparatus comprising: a central processing unit; a second memory comprising: a first secure container comprising at least: at least in part on data units of said descriptive data structure information having a configuration; and at least one rule that is at least in part disposable data units of said access or use of at least one hand; at least one of said rules require such information, i.e., at least one of said at least one data unit may be at least temporarily using recorded; and at least in one operation, the first secure container content or said first secure container, at least some portion of the computer program is designed for the descriptive data structure; and the use comprises the use of at least means tissue in said first secure container identification and / or location of said at least one unit of the information associated; communication device, said second data processing means via the communication means receives said descriptive data structure, or At least part of its copy.
11.根据权利要求10所述的分布式数据处理装置,其中:所述应用包括一浏览器,该浏览器使用所述与单元组织信息有关的信息,在所述第一安全容器中至少部分地控制来自所述安全容器的至少部分信息的显示。 11. A distributed data processing apparatus according to claim 10, wherein: said application includes a browser, the browser uses the information on the cell tissue information, and in said first secure container is at least partially At least part of the display control information from the secure container.
12.根据权利要求10所述的分布式数据处理装置,其中:所述计算机程序被集成到一个操作系统中。 12. A distributed data processing apparatus according to claim 10, wherein: said computer program is integrated into an operating system.
13.根据权利要求12所述的分布式数据处理装置,其中:所述操作系统与微软视窗操作系统的至少一种版本相兼容。 13. A distributed data processing apparatus according to claim 12, wherein: the at least one version of the operating system and the Microsoft Windows operating system compatible.
14.根据权利要求10所述的分布式数据处理装置,其中:所述描述性数据结构包括在第二安全容器中;所述第二安全容器至少包括:所述描述性数据结构;以及至少一种规则,该规则至少部分地支配所述描述性数据结构的至少一部分的至少一次使用。 14. A distributed data processing apparatus according to claim 10, wherein: said descriptive data structure comprises a second secure container; said second secure container comprising at least: the descriptive data structure; and at least one species rule that at least partially describes said at least one use disposable at least a portion of the data structure.
15.根据权利要求14所述的分布式数据处理装置,其中:所述计算机程序包括用于所述第二容器规则以支配所述描述性数据结构的所述计算机程序的使用的至少一方面的装置。 15. A distributed data processing apparatus according to claim 14, wherein: said computer program comprising a second container for the disposal of the rules to describe the data structure using the computer program of at least one aspect of the devices.
16.根据权利要求15所述的分布式数据处理装置,还包括:与所述第一安全容器相关的元数据。 16. A distributed data processing apparatus according to claim 15, further comprising: said first secure container and associated metadata.
17.根据权利要求16所述的分布式数据处理装置,其中所述元数据被存储在所述第二安全容器中。 17. A distributed data processing apparatus according to claim 16, wherein the metadata is stored in said second secure container.
18.根据权利要求16所述的分布式数据处理装置,其中所述元数据被存储在第三安全容器中。 18. A distributed data processing apparatus according to claim 16, wherein the metadata is stored in the third secure container.
19.根据权利要求18所述的分布式数据处理装置,还包括:第三数据处理设备,所述第三数据处理设备包括:一个中央处理器;一个第三存储器,所述第三存储器包括:一个包括所述元数据的第三安全容器;至少一种规则,用于至少部分地支配所述元数据的存取或使用的至少一方面;以及通讯装置,所述第三数据处理装置可以通过该通讯装置使所述第三安全容器,或所述第三安全容器的副本与所述第二数据处理装置进行通讯。 19. A distributed data processing apparatus according to claim 18, further comprising: a third data processing apparatus, the third data processing apparatus comprising: a central processor; a third memory, the third memory comprises: a third secure container including the metadata; at least one rule, for at least partially disposable or access the metadata using at least one hand; and communication means, said third data processing apparatus by The communication device of said third secure container, or the third copy of the secure container and said second data processing means communicate.
20.根据权利要求10所述的分布式数据处理装置,其中:所述规则包括至少一种至少部分地控制审计处理的至少一方面的规则。 20. A distributed data processing apparatus according to claim 10, wherein: said rules include at least one at least partially control the audit process rules at least one aspect.
21.根据权利要求10所述的分布式数据处理装置,其中:所述规则包括至少一种至少部分地控制预算处理的至少一方面的规则。 21. A distributed data processing apparatus according to claim 10, wherein: said rules include at least one at least partially controlling at least one aspect of the budget process rules.
22.根据权利要求10所述的分布式数据处理装置,其中:所述第二数据处理装置包括一个安全电子设备。 22. A distributed data processing apparatus according to claim 10, wherein: said second data processing apparatus comprises a secure electronic device.
Description  translated from Chinese
定义、使用和操纵权限管理数据结构的技术 Definition, using and manipulating rights management data structures technology

本发明所属技术领域本发明涉及定义、创建和操纵权限管理数据结构的技术。 TECHNICAL FIELD The present invention belongs The present invention relates to the definition, creation and manipulation techniques rights management data structures. 更确切地说,本发明提供了用以定义和/或描述一个安全电子权限管理容器(container)的至少某些数据特征的系统和处理过程。 More specifically, the present invention provides for the definition and / or description of a secure electronic rights management container (container) of at least some of the characteristics of the system and data processing. 本发明还提供了用以支持权限管理数据结构的完整性、灵活性、互操作性、用户及系统透明性和兼容性的技术。 The present invention also provides a support for rights management data structure integrity, flexibility, interoperability, user and system transparency, and compatibility technology.

发明背景及概述人们正日益增多的使用安全数字容器来安全可靠地存储和传送数字内容。 Background of the Invention and outlines the growing number of people are using the secure digital containers to safely and securely store and transmit digital content. 一个安全数字容器模型是由位于美国加里福尼亚州的桑尼维尔市的InterTrust技术公司开发的“DigiBoxTM”容器。 A secure digital container model is located in Sunnyvale, California, United States of InterTrust technology developed "DigiBoxTM" container. Ginter elal.的专利说明书描述了该DigiBoxTM容器模型的许多特征——强大、灵活、通用的结构能够对各种的电子商务关系进行安全的有效的和可互操作的电子描述和调节,这些关系包括安全传送、存储和该容器内部的对象和数据信息的权限管理接口。 . Ginter elal patent specification describes many features of the DigiBoxTM container model - a powerful, flexible, general structure of the various e-commerce relationship can secure efficient and interoperable electronic description and regulation of these relationships include rights management interface to the secure transmission, storage, and the interior of the container objects and data information.

简单的说,DigiBox容器是抗干扰数字容器,可以被用于包装任何类型的数字信息,比如文本,图形,可执行软件,音频和/或视频信息。 Simply put, DigiBox containers are interference digital container that can be used to package any kind of digital information, such as text, graphics, executable software, audio and / or video information. DigiBoxTM容器中使用的权限管理环境允许商务参与者把规则和数字信息(内容)关联起来。 DigiBoxTM container use rights management environment allows participants to business rules and digital information (content) associate. 该权限管理环境也允许安全的把规则(此处包括规则和参数数据控制)和别的权限管理信息如规则,在使用数字信息期间产生的审核记录和保证该环境正常工作的管理信息,包括确认权和各种组件间协议等关联起来。 The rights management environment also allows the safety rules (here including rules and parameter data controls) and other rights management information such as rules, audit records and ensure that management information using digital information generated during the normal work environment, including the recognition of the right to associate and various agreements between the components. DigiBoxTM电子容器可被用于存储、传送并提供权限管理接口给数字信息,相关规则和别的权限管理信息,还有分布式权限管理环境内的其它对象和/或数据。 DigiBoxTM electronic container can be used to store, transmit and provide rights management interface to digital information, related rules and other objects other rights management information, as well as within the distributed rights management environment and / or data. 该设计可用于当容器从一个实体移到另一个实体时提供一个含有权限管理的处理和控制的电子增强链。 This design can be used when the container moves from one entity to another entity to provide a chain comprising electronic rights management enhancement processing and control. 该功能有助于支持一个数字权限管理体系结构,它允许内容合法持有者(含任何与该内容相关的系统授权的团体,比如,内容出版商甚至政府机关)安全地控制和管理内容、事件、交易规则、和使用结果,包含任何必要的支付和/或使用报告。 This feature helps support a digital rights management architecture, which allows the legitimate owner of the content (including any system authorization groups related to the content, for example, content publishers and even government agencies) to safely control and manage content, event , trading rules, and use the results, including any necessary payments and / or use of the report. 当内容在创建者,分布者,重定向者,消费者,分散支付者,和其它的价值链参与者之间传递、使用、和通过时,该安全控制和管理会始终如一地进行权限保护。 When the content creator, distributed by, redirect, consumers, payers dispersed, and among the other participants in the value chain transfer, use, and through the security control and management will consistently permission protection.

比如,内容创建者可以将一个或多个数字信息与规则集打包到DigiBox安全容器中--该规则能可变地位于一个或多个容器中和/或客户控制节点中——并传送该容器到分布者(distribute)。 For example, content creators can package one or more digital information and rule sets to DigiBox safe container - the rule can be variably located in one or more containers and / or client control nodes - and send the container to the distribution of those (distribute). 分布者可以用创建者(creator)允许的参数增加和/或修改容器内的规则。 Distribution can use the creator (creator) allows an increase in the parameters and / or rule changes within the container. 而后分布者可以按任何允许的(或不被禁止的)方式传送容器一比如,通过如国际互联网的电子网络传送。 Then distributed in any container can transfer allowed (or not prohibited) One way, for example, through electronic networks such as the Internet transmission. 消费者可以下载容器,并按照容器内的规则使用容器。 Consumers can download the container, and the use of container in accordance with the rules of the container. 容器被打开,规则被InterTrust软件增强到本地计算机或别的被称为InterTrust商务节点的InterTrust敏感性设备上。 The container is opened, the rule is to enhance InterTrust software to the local computer or other sensitive devices are called InterTrust InterTrust Commerce node. 消费者可以转发容器(或者拷贝)到其它消费者,后者可以(在规则允许的情况下)按照同样、不同或其它被包含的规则使用内容。 Consumers can forward the container (or copied) to other consumers, who can (if the rules allow the case) in the same, different or additional rules are included to use the content. 这些规则的使用取决于用户可获得的权限,如,用户特定识别码,以及任何类成员资格(如汽车俱乐部或某一特定大学的雇员),与这些规则相一致,使用和/或支付信息由节点收集并传送到一个或多个用于支付结帐的清查屋,并传送使用信息给那些有权限接受的人。 Using these rules depends on the user permissions available, such as user-specific identification code, as well as any kind of membership (such as a car club or a particular university employees), consistent with these rules, use, and / or payment information by node collected and transferred to those who have permission to accept one or more of the checkout to pay for housing inventory, and send the information to use.

上文描述的容器模型几乎有无限的灵活性,该描述还可参见Ginter et.al.专利说明书(包含相似的其它DigiBox/VDE(虚拟分布环境)模型)。 Container model described above almost unlimited flexibility, see also the description of the patent specification Ginter et.al. (containing similar other DigiBox / VDE (Virtual Distribution Environment) models). 它可被应用于许多不同的环境和特定的实现中。 It can be applied to many different environments and particular implementation. 比如,参看图1A和1B,报纸出版商可以在容器100A中分布报纸102。 For example, referring to Figures 1A and 1B, a newspaper publisher can distribute a newspaper 102 in the container 100A. 时尚杂志出版商可以在另一个容器100C中分布时尚杂志106。 Fashion magazine publishers can be distributed in another container 100C in 106 fashion magazines. 相似的,大规模银行环境也可以使用一个容器,电子贸易系统也可以使用一个容器等等。 Similarly, wholesale banking environment may also be used a container, an electronic trading system may use a container and the like.

InterTrust DigiBox容器模型允许且便于这些或别的不同的容器使用。 InterTrust DigiBox container model allows and facilitates these and other different containers. 它为不同的应用和/或类应用和/或意在满足不同需要和商业模型的用户提供了定制复杂容器的便利,此种定制能力是十分重要的,特别是当应用于连接如Ginter et.al.所描述的通用的分布式的权限管理环境时。 It provides for different applications and / or type of application and / or intended to meet different user needs and business models of complex custom container convenience, this customization capability is very important, especially when applied to the connection as Ginter et. al. Universal distributed rights management environment when described. 该环境要求实用的可定制性优化,包含可定制性和对容器模型的透明性。 The environmental requirements can be customized to optimize utility, including customizability and transparency for container model. 这种定制灵活性有许多优势,比如,允许为每个特定应用或环境进行复杂容器设计的优化(如最大有效性,最小间接费用),以便允许为许多不同目的(如商业模型)而设计的不同容器同时并存,并被位于用户电子设备如计算机或娱乐设备的权限控制客户(节点)所使用。 This customization flexibility has many advantages, such as allowing for complex vessel design optimized for each specific application or environment (such as maximum effectiveness and minimum overheads) to allow for many different purposes (such as business model) and design the coexistence of different containers, and are located in the user electronic devices such as a computer or entertainment device permissions control client (node) is used.

尽管支持高度灵活性有巨大的优势,它可能对一般用户产生困难。 Despite the high degree of flexibility to support a huge advantage, it may create difficulties for the average user. 我们考虑一下绘画过程,绘画大师在空白画布上作画,因为画布起初是空白的,画师完全没有被约束,画可以是风景、人物、海景,或别的任何图象——唯一的限制是画师的想象力。 We consider the process of painting, painter painting on a blank canvas, because initially blank canvas, the artist has not been constrained, painting can be landscapes, figures, seascape, or any other image - the only limit is the artist's imagination. 该灵活性允许绘画大师创作一件如“蒙娜丽莎”那样的名作。 This flexibility allows the creation of a painter such as the "Mona Lisa" as a masterpiece. 然而,空白画布绘制令人满意的作品需要巨大的技巧。 However, a blank canvas to draw a satisfactory work requires tremendous skill. 结果,没有经验的画师如果在空白画布上作画不可能创作出好画。 As a result, there is no experience of the artist painting on a blank canvas if you can not create a good painting.

现在我们考虑一个业余画家开始作画,它没有技能把空白画布绘成一幅令人满意的图画,业余画家不必花费数年时间学习这种技能,他可以出去买一个“按数作画”绘画工具箱。 We now consider an amateur painter started painting, it does not put a blank canvas skills plotted a satisfactory picture, amateur painter does not have to take years to learn this skill, he can go out and buy a "paint by number" Drawing toolbox. 抛开空白画布,业余画家从已定义好要画的图象和预先印制的画布开始作画,按照说明(“标有12的所有区域绘成暗红色,标有26的所有区域绘成亮蓝色”),业余画家可以用相当少的技巧绘制出一幅相对令人满意的图画,为了作到这一点,业余画家必须严格遵守预先印在画布上的说明,任何偏差都可能导致最后图画变糟。 Aside blank canvas, amateur painter to draw from a well-defined image and pre-printed canvas began to paint, follow the instructions ("marked 12 in all regions plotted dark red, marked with all the plotted area 26 bright blue color "), an amateur painter can use considerably less skill to draw a picture of a relatively satisfactory picture order to do this, an amateur painter must strictly abide by pre-printed on the canvas suggests that any deviation could result in the final picture becomes worse.

计算机领域的易用性问题可以类比为“按数作画”的情形。 Usability problems in the field of computer can be compared to "paint by number" of the situation. 如果对未经训练和/或没有经验的用户使用特定软件很重要的话,系统设计者会预先定义特定的结构并把它们设计到系统中,该技术允许没有经验的用户在不必完全理解的情况下使用潜在的非常复杂的设计。 If you use a specific software for untrained and / or inexperienced users is very important, the system designer can pre-define the specific design of the structure and put them into the system, in the case of the technology allows inexperienced users do not have to fully understand the use of potentially very complicated designs. 但这通常严格定义即严格限制了使用该程序可获得的功能和灵活性。 But usually strict definition that strictly limit the use of the program available functionality and flexibility. 结果,为了提供实用价值,有创意的问题解决方案被限制。 As a result, in order to provide practical and innovative solutions to problems is limited. 另外,即使是对有经验的用户使用预先实现的设计也会大有裨益。 In addition, even for experienced users using pre-designed to achieve will benefit. 因为,比如说用户有能力编制复杂的程序,但这并不意味着编制一个特定目的的程序是有效的或合适的,即使这种预先实现的程序不是理想的,如果编制新程序花费太多时间或金钱资源,如果可以预先搞到手的话,有经验的用户通常也会使用预先实现的程序。 Because, for example, users have the ability to prepare complex procedures, but that does not mean that the preparation of a particular purpose of the program is effective or appropriate, even if the pre-implemented program is not ideal, if the preparation of a new program to spend too much time resources or money, if you can pre-picking, then experienced users might use the pre-implemented program. 因而,与定制相关的最大的总实现价值在于能够用巨大的易用性和有效性实现定制,以便使费用不会超过所得利益。 Thus, to achieve maximum total value associated with the custom of being able to use the huge usability and effectiveness of customized so that the cost does not exceed the resulting benefits.

一致性、灵活性、兼容性、和可互操作性是计算机应用领域需要考虑的其他因素,尤其是当涉及系统支持定制时。 Consistency, flexibility, compatibility, and interoperability are other factors that need to be considered in the field of computer applications, especially when it comes to system support customization. 在绘画时,人眼可以评价独特性——名作如蒙娜丽莎的“自成一派”的特性相当大程度上决定了该画如此有价值。 When painting, the human eye can evaluate the uniqueness - masterpieces such as the decision of the Mona Lisa painting is so valuable, "a faction" features a large extent. 相反,在计算机领域,人们希望一致性,至少在总体上和事物的格式上一致。 In contrast, in the computer field, it is desirable consistency, at least on the format of things in general agreement. 对计算机而言,预先知道如何处理和使用对象会大有效率。 On the computer, the pre know how to handle and use objects will be of great efficiency. 如果计算机不预先知道如何读取或处理输入对象,那么我们说计算机和对象“不兼容”,即它们不能一起工作,当多台计算机可以一起工作时,我们称它们是“可互操作的”,不兼容和互操作性问题可能阻止计算机与别的计算机交谈,也可能妨碍使用别的计算机创建的数据。 If the computer does not know in advance how to read or process the input object, then we say that computer and objects "incompatible", that is, they do not work together, when multiple computers can work together, we say they are "interoperable" compatibility and interoperability issues are not likely to prevent the computer to talk to another computer, it may interfere with another computer using the data created.

比如,在非计算机世界,一个只懂一点英语的法国人可能会发现使用自己的本族语——法语更能有意义地和有效地描述一个复杂的问题。 For example, in the non-computer world, a Frenchman spoke little English may find the use of their native - French more meaningfully and effectively describe a complex problem. 但当他与另一个不懂法语的英国人说话时,他们两人用法语不能“互操作“,这个法国人只能求助于效率远低的英语来跟该英国人会话。 But when he spoke with another Englishman do not understand French, both of whom French is not "interoperable", the Frenchman only resort efficiency is much lower in English with the British session. 当然,这总比他跟一个既不懂英语又不懂法语的德国人交谈要好得多,这两人在讨论问题时是不能“互操作的”。 Of course, this is better than he already does not speak English with a German who does not speak French much better conversation, the two men in the discussion of the question is not "interoperable." 相似的,因为权限管理容器可能被大量不同的用户、群组、和组织为大量不同的目的而交流和使用,提供兼容性和可互操作性是十分重要的,如果这些不同的团体,每个都参与到一个或多个不同的权限管理模型中,它们就希望有效地互操作。 Similarly, because rights management containers may be a number of different users, groups, and organizations for a number of different purposes and use the exchange to provide compatibility and interoperability are very important, and if these different groups, each are involved in one or more different rights management models, they want to interoperate effectively. 例如,如果一个权限管理容器被用于发布新闻邮件并且被按此目的优化,新闻邮件的每个用户必须有一个计算机系统或软件”知道“如何读取容器及其中的新闻邮件。 For example, if a rights management container is being used to publish newsletters and press optimization purposes, each user must have a newsletter or computer system software "knows" how to read the container and the newsletter. 由于诸如发布新闻邮件之类的商务需要尽可能的高效低费,优化即定制权限管理容器来最优地反映这些模型的需求,并且抛弃对每个个别应用或类应用而言不必要的特征是十分重要的,因为这些不必要的特征会消耗不必要的计算机间接费用和/或存储空间。 Due to business needs, such as publishing newsletters and the like as the high efficiency and low cost, that is customized to optimize container rights management best reflect the needs of these models, and discard unwanted applications for each individual application or a class is characterized by very important, because these unnecessary features will consume unnecessary overheads computer and / or storage space.

不同的新闻邮件出版者可能使用不同的容器格式定制成他们自己特定的新闻邮件和/或内容类型和/或格式。 Different newsletter publishers may use different container formats customized to their own specific newsletters and / or content type and / or format. 可阅读许多不同新闻邮件的新闻邮件阅读器需要有能力阅读大量不同格式,它通常将不会高效地(或者由于安全性问题,将不会适当地)分析所传递的各种不同容器也难以查明或识别特定的使用格式。 Can read a number of different news mail newsletter reader needs to have the ability to read a large number of different formats, it usually will not be efficient (or, due to security issues, will not be properly) Analysis of the various containers is difficult to check the transmitted Ming or identify a specific use format.

出版标准有助于为给定类型的应用获得一定层次的互操作性,但对任何特定标准它通常要花费很长时间获得工业范围内的认可,而且标准需要根据不同类型的应用做大幅改变。 Publishing standards contribute to a given type of application to obtain a certain level of interoperability, but to any particular standard it usually takes a recognized industry-wide for a long time, and the standard needs to be done to change dramatically depending on the type of application. 进而言之,数据结构和其它标准常常被设计成最低常用主导者——即,它们包含一些不必要的域和需求或遗漏一些在特定例子中优化的其它特征。 Into words, the data structure and other standards are often designed to the lowest common leader - i.e., they contain unnecessary fields and other features demand or omissions optimized in a particular example. 如果被迫使用特定标准,那么总有不能被优化成高效和/或可操作的应用。 If forced to use a specific standard, then there can not always be optimized efficiency and / or operational application.

一旦考虑安全性,那么灵活性,易用性,兼容性和可互操作性之间的折衷会进一步复杂化。 Once the security consideration, then a compromise will be flexibility, ease of use, compatibility and interoperability between further complicated. 为了保证在众多电子商务应用中的有效性,电子容器设计必须是抗干扰的和安全的。 In order to ensure the effectiveness of the many e-commerce applications, electronic container design must be interference and security. 必须假定任何广泛用于创建和/或使用容器的工具会落入那些试图破坏或砸开容器的人或未经授权而使用电子信息的人手中。 Must assume that any widely used to create and / or use of the container tools fall into those trying to destroy or break open the container or the unauthorized use of electronic information in the hands of the people. 因此,容器创建和使用工具必须自身是安全的,它们必须保护关于容器设计的特定细节,这种附加的安全性需求可能使提供容器的易用性和互操作性更加困难。 Therefore, the container itself to create and use tools must be safe, they must protect the specific details regarding the design of the container, this additional security requirements may provide container usability and interoperability more difficult.

上面引用的Ginter el.al.专利说明以不彻底的例子描述了作为控制说明设备(或设备集)的“模板“和/或用于对象控制软件的数据。 Ginter el.al. patents cited above is not completely explained in the example described the data as a control description of the device (or set of devices) "template" and / or used for object control software. 参见在Ginter el.al.说明中讨论的“对象创建和初始控制结构”,“模板和分类”和“对象定义文件”,“信息”方法和“内容”方法。 See the discussion in the Ginter el.al. description "Object Creation and Initial Control Structure", "Templates and classification" and "object definition file," "information" method and "content" methods. 所述模板至少在一些例子中能够与用户指示和所提供的内容相互作用以创建(和/或修改)对象。 The template can, at least in some instances with the user instructions and provided content to create interactions (and / or modifying) objects. Ginter el.al.揭示出模板可以表达成定义了特定结构和/或元件组列的文本文件,这些模板-与它们的结构和/或元件组列一道--可以作为对象授权和/或对象控制应用。 Ginter el.al. reveals the template can be expressed as the definition of the specific structure and / or group of elements column text file, these templates - and their structure and / or group of elements a row - can be used as an object authorization and / or object control applications. Ginter el.al.说,模板有助于在特定的工业和/或商业和/或应用环境中增强固有的灵活性和可配置能力,提供一个操作框架和/或结构使现有的工业和/或应用和/或商业操纵熟悉的概念,诸如,内容类型、分布方式、价格机制,用户与内容相互作用和/或相关管理活动、预算等相似的概念,这有益于追求优化的商业模型和提供有效性、透明性、高效性之间的权限平衡的价值链。 Ginter el.al. said templates help to enhance flexibility and configurability capabilities inherent in specific industrial and / or commercial and / or the application environment, providing an operational framework and / or structure of existing industries and / Similar concepts or applications and / or commercial manipulation of familiar concepts, such as content type, distribution methods, pricing mechanisms, user interaction with the content and / or related administrative activities, budgets, etc., which is beneficial to pursue the optimization of business models and provide Permissions effectiveness, transparency, balance between efficient value chain.

本发明扩展了该项技术,除了其它特性外,还提供一种机器可读的描述性数据结构用于关联的权限管理数据结构,如安全容器。 The present invention extends this technology, in addition to other characteristics, but also provides rights management data structure of a machine readable descriptive data structure for association, such as a secure container. 在一个例子中,这种机器可读的描述性数据结构可以制作出权限管理数据结构中的数据格式的快速抽象表达,该抽象数据表达可被用于描述单一权限管理数据结构,它也适合于遵循同一格式和/或别的由抽象表达定义的特征的一族数据结构。 In one example, the machine readable descriptive data structure can produce quick abstract representation rights management data structure in the data format, the abstract data representation can be used to describe a single rights management data structure, it is also suitable for follow the same format and / or other expression characterized by an abstract definition of a family of data structures. 该抽象表达可被用于创建权限管理数据结构,允许其它权限管理节点阅读和理解该数据结构并操纵部分或全部数据结构。 The abstract expression can be used to create rights management data structure, allowing other rights management nodes to read and understand the data structure and manipulate some or all of the data structures.

描述性数据结构可被用做“模板”来帮助创建和描述其它节点,权限管理数据结构,以及被用于帮助理解和操纵该权限管理数据结构。 Descriptive data structure can be used as a "template" to help create, and describe to other nodes, rights management data structures, and management data structures are used to help understand and manipulate the permissions.

在特别有利的设计中,该种机器可读描述性数据结构可关联到一个或一族相应的权限管理数据结构中,因而可以独立于任何特定的权限管理数据结构。 In a particularly advantageous design, this kind of machine readable descriptive data structure may be associated with one or a family of corresponding rights management data structure, which can be independent of any particular rights management data structure. 例如,描述性数据结构的拷贝可与这种数据结构一起保存。 For example, the copy of the descriptive data structure may be saved with this data structure. 另一种情况是,部分或全部描述性数据结构可从其它地方(如清查屋或仓库)获得并独立的在所需基础上传送。 Another situation is that some or all of the descriptive data structure may be obtained from other sources (such as clearinghouse or repository) and independently on the basis of the desired transmission.

在一个例子中,该机器可读描述性数据结构提供了在权限管理数据结构中反应和/或定义相应结构的描述。 In one example, the machine readable descriptive data structure provides a description of the reaction and / or define the corresponding structures in the rights management data structure. 例如,描述性数据结构可以提供了递归的层次性列表反映和/或定义相应的在权限管理数据结构中的递归的层次性结构。 For example, the descriptive data structure may provide a recursive hierarchical list reflects and / or define the corresponding rights management data structure in hierarchical structure recursive. 在其它例子中,由描述性数据结构提供的描述可以与复杂的有2、3或几维的多维数据结构通信,描述性数据结构可以直接或间接指定在关联的权限管理数据结构的何处可以发现相应的定义好了的数据类型。 In other examples, the description provided by the descriptive data structure may have 2, 3, or with a complex of several dimensional multi-dimensional data structure communication, the descriptive data structure may directly or indirectly specify where the associated rights management data structure can be find a good definition of the appropriate data type. 描述性数据结构可以进一步提供元数据来描述一个或多个相应的权限管理数据属性和/或用于创建和/或使用它的处理过程。 Descriptive data structure may further provide metadata to describe one or more corresponding rights management data attributes and / or used to create and / or use of its process. 在一个例子中,整个描述性数据结构可被称为元数据。 In one example, the entire descriptive data structure may be referred to as metadata.

机器可读的描述性数据结构根据不同的特定应用可以或不可以部分或全部的被保护。 Machine readable descriptive data structure depending on the particular application or all may or may not partially protected. 一些机器可读的描述性数据结构可以被整个或部分地加密,而别的描述性数据结构可能保持“未加密”形式以便它们能被方便地获得。 Some machine readable descriptive data structures may be encrypted in whole or in part, and other descriptive data structure may remain "unencrypted" form so that they can be easily obtained. 一些机器可读的描述性数据结构,不论是否加密,可能部分或全部进行完整性保护,使用加密哈希(杂凑)算法结合一个安全算法来形成一个加密封条,和/或通过使用别的保护技术(包括硬件,例如,安全半导体和/或硬件打包保护方式)。 Some machine readable descriptive data structures, whether encrypted, possibly some or all of integrity protection using cryptographic hash (hash) algorithm combined with a secure encryption algorithm to form a seal, and / or by using other protection technology (including hardware, for example, security semiconductors and / or hardware packaging protection). 机器可读的描述性数据结构可以自我封装在权限管理数据结构中,控制它们的访问和使用的规则(如许可记录)也被关联在一起。 Machine-readable descriptive data structure can be packaged in a self-rights management data structures, control their access to and use of rules (eg license record) has also been associated with.

与如何有效利用描述性数据结构的本发明的实施例相一致,机器可读的描述性数据结构可被供应商创建来描述供应商的特定权限管理数据结构如安全容器的总体规划。 Consistent with embodiments of how to effectively use the descriptive data structure of the present invention, a machine readable descriptive data structure may be created to describe the vendor specific permissions vendor management data structure such as the overall planning secure container. 这种描述性数据结构(“描述性数据结构”)模板可被用于创建容器,在两个或多个可能的描述性数据结构之间可以选择基于一个或多个类,其中一个或多个类可以基于参数数据。 This descriptive data structure ("DDS") templates may be used to create the container, between two or more possible descriptive data structure can be selected based on one or more classes, in which one or more of class can be based on the parameter data. 描述性数据结构可作为被创建的安全容器的规划被装载和使用,供应商可以保持描述性数据结构私有,或发布它以便其它供应商可以创建兼容的、可互操作的基于同一描述性数据结构的容器。 Descriptive data structure can be created as a secure container is loaded and use planning, suppliers can keep descriptive data structure private, or publish it so that other vendors can create compatible, interoperable and based on the same descriptive data structure container.

描述性数据结构也可以被容器查看器,浏览器,阅读器或任何设计好与容器一起工作的其它终端用户应用。 Descriptive data structures can also be a container viewer, browser, reader, or any other end users to work with a good design and container applications. 真正合适的查看器,或别的应用能够处理任何格式的容器至少部分使用描述性数据结构。 Really suitable container viewer, or other application capable of handling any format to use at least part of the descriptive data structure. 因而,描述性数据结构可能至少暂时被用于转换和/或定制一个通用查看器(和/或别的应用),或一个特定的围绕一个或多个容器类优化的查看器(和/或别的应用)。 Thus, a descriptive data structure may be used to convert at least temporarily and / or customize a generic viewer (and / or other applications), or around a particular class of optimization of one or more containers viewer (and / or other application). 另外,特定的阅读器可被提供给有效处理的描述性数据结构来定位关键媒体元素(例如,封面页,内容表,广告索引,词汇表,论文,未保护的预览,价格,和/或关于查看、打印、保存、重分布的权限信息,相关预算和/或别的参数信息等)。 In addition, specific reader may be provided to deal effectively with the descriptive data structure to locate key media elements (e.g., cover page, table of contents, advertising index, glossary, articles, unprotected preview, price, and / or on View, print, save, redistribution rights information, relevant budgets and / or other parameter information, etc.).

这种专门阅读器可以无缝地,透明地,自动地处理从而提供给用户为特定应用容器和/或用户而优化的易用接口(比如,用图标显示每一个关键媒体元素)。 Such specialized readers can seamlessly, transparently, thereby handled automatically provided to the user and optimized for a particular application container and / or user-to-use interface (for example, by displaying each icon key media elements). 例如,这些元素可以基于用户和/或用户节点的识别符以不同的形式被显示或使用,并且把影响这种自动处理的一个或多个类属性也考虑在内。 For example, these elements may be based on a user identifier and / or user nodes is displayed or used in different forms, and the impact of such one or more class attributes are automatically processed into account.

举例而言,两个或多个描述性数据结构不仅可被关联到一个或多个用户和/或节点类,而且可被关联到容器和/或容器内容。 For example, two or more descriptive data structures can only be associated with one or more user and / or node classes, and can be associated to the container and / or container contents. 因此,可以基于一个以上的分类和/或一个以上的基于参数数据的分类在两个以上可能的描述性数据结构中选择,用于给定的容器和/或容器内容。 Thus, classification may be based on more than one and / or more than one classification based on parameter data in the descriptive data structure may be two or more selected, for a given container and / or container contents. 总而言之,定制容器模型所具有的易于特征化,循环利用存储性能优化的能力和随之而来的从定制容器(如特定的描述性数据结构)转译成通用权限管理应用的透明性是特别有用的。 In short, the customized container model has the characteristics of easy recycling storage capacity and performance optimization consequent from the customized container (such as a specific descriptive data structure) translates generic rights management application transparency is particularly useful a. 例如,这种定制的描述性数据结构能作为基础来创建定制的,优化显示的容器内容和/或控制信息,从而显著地改善分布式通用权限管理环境的易用性,有效性,透明性和优化性。 For example, this custom descriptive data structure can be used as a basis for creating customized, optimized container contents and / or control the information displayed, thereby significantly improving the ease of use of the Distributed Common rights management environment, effectiveness, transparency and optimality. 在该环境中,用户节点能够与不同的描述性数据结构相互作用,自动调节来满足商业的或与描述性数据结构相关的其它权限模型的需求。 In this environment, a user node can with a different descriptive data structure interactions, are automatically adjusted to meet the needs of a commercial or other permissions model and associated descriptive data structure.

一些供应商可能花费相当多的时间设计复杂的容器描述性数据结构来描述他们的容器的总体结构。 Some providers may spend considerable time designing sophisticated container descriptive data structure to describe the overall structure of their container. 由于在结构和格式上的这种花费,描述性数据结构常常会在相同或相似的应用中有极大的重利用价值。 Because of this spent on the structure and format, the descriptive data structure will often have significant value in the re-use of the same or similar applications. 实体可利用描述性数据结构来确保所创建容器的一致性和高效性。 Entities may use descriptive data structures to ensure the consistency and create a container efficiency. 第三方供应商(即除负责创建描述性数据结构的供应商之外的供应商)可使用这些描述性数据结构,如果他们想创建与别的实体兼容的容器的话。 Third-party vendors (ie, in addition to the descriptive data structure responsible for the creation of vendor suppliers) can use these descriptive data structures, if they want to create containers compatible with other entities words. 例如,一家发行量大的报纸出版商开发了一个描述性数据结构来阅读其报纸,别的小报纸通过采用同样的容器格式与大发行量的报纸使用同样的查看器或其他工具,描述性数据结构拥有版权,可以受到法律和权限管理系统自身的双重保护。 For example, a large circulation newspaper publishers have developed a descriptive data structure to read the newspaper, other small newspapers by using the same container format and large circulation newspapers use the same viewer or other tools, descriptive data structure copyright laws and rights management system itself may be subject to double protection. 例如,它们也可以被自身的容器和相关控制所保护,确保描述性数据结构创建者,和/或发布者,和/或描述性数据结构的其它用户受到公正的权限系统管理,以回报他们创建和/或使用描述性数据结构的努力。 For example, they can be their own containers and associated control protected to ensure that other users of the data structure describing the creator, and / or publisher, and / or descriptive data structure rights to a fair system of management in order to return them to create effort and / or the use of descriptive data structures.

除了前文所述,下文列出了本发明的特点和优势:完整性约束:描述性数据结构允许供应商通过实现完整性约束保护其内容的完整性。 In addition to the foregoing, the following lists the features and advantages of the invention: integrity constraints: descriptive data structures allow vendors to achieve integrity constraints to protect the integrity of its contents. 完整性约束为描述与内容有关的规则的完整性提供了途径。 Integrity constraints to describe the contents of the relevant rules and integrity provides a way.

应用生成:描述性数据结构可被用于生成操纵权限管理结构的软件程序的一个或多个部分。 Application Generation: The descriptive data structure may be used to generate one or more portions manipulate rights management structures of the software program. 比如,描述性数据结构能作为“指令”驱动数字内容的自动包装程序和/或是象显示优先权和组织(如,顺序和/或规划)之类的数字内容的自动阅读器。 For example, the descriptive data structure can be used as "instruction" drive automatic packaging digital content program and / or the like display priority and organizations (eg, order and / or planning) digital content like automatic reader.

创建应用的动态用户界面:应用可读取描述性数据结构来产生优化了的界面用于某一特定模型的数据创建、编辑、和/或写作,这些模型包括复杂的内容,诸如文件、音频、视频、交互(如询问)元素。 • Create dynamic user interface applications: Applications can read the description of the data structure to produce an interface optimized for a particular data model to create, edit, and / or writing, these models include complex content, such as documents, audio , video, interactive (e.g. prompting) element. 数据形式可能是容器,数据库和/或任何其它数字信息组织,比如任何简单或复杂的文件格式。 Data may be in the form of a container, database and / or any other digital information organization, such as any simple or complex file format. 应用也可通过读取描述性数据结构来学会如何最好地显示用于收集和/或创建内容的界面。 Applications can also read a descriptive data structure to learn how to best display for collecting and / or create content interface.

显示应用的动态用户界面:应用通过读取描述性数据结构来产生显示数据的适当界面。 Display applications and dynamic user interfaces: application by reading the description of the data structure to generate the appropriate interface to display data. 数据可以是容器,数据库或任何其它复杂的文件格式。 Data may be a container, database or any other complex file format. 应用还可通过读取描述性数据结构来学会如何最好地显示界面以提供相应内容。 Applications can also read a descriptive data structure to learn how to best display interface to provide the appropriate content. 应用还可进一步通过读取描述性数据结构来学会如何管理关于与其它一个或多个应用、代理、计算环境、用户和/或用户节点的实体(包含实体类)等等相互作用的显示功能,这些显示功能包括内容创建和/或打包和/或用户目的显示,以及对相互作用的优化。 Applications can further read a descriptive data structure to learn about how to manage with one or more other applications, agents, computing environments, users and / or user nodes entity (including an entity class), and so the interaction of display, These features include display content creation and / or packaging and / or user display purposes, as well as optimization of the interaction. 举例来说,用户界面可能被优化成不同形式在下列用户之间相互作用:美国空军战士对大学社会科学专业教师,基瓦尼俱乐部(美国工商业人士的一个俱乐部)成员对新教徒教堂俱乐部成员,美国公民对沙特阿拉伯公民。 For example, the user interface may be optimized for different forms of interaction between the following user: USAF fighter university social sciences teacher, Kiwanis club (a club of American business people) members of the Protestant Church of the club members, US citizens in Saudi Arabia citizens. 显示内容应包括对预期类成员标志以及相关组织的适当显示,或者取消显示某些不适当的信息。 Display should include appropriate expectations for the class members display signs and related organizations, or suppress certain inappropriate information.

自动识别和定位数据域的能力:全文检索,代理,网络蜘蛛等等有益于也有能力与描述性数据结构的一个或多个区域中包含的信息相互作用,若已知数据文件中的区域包含潜在的令人感兴趣的信息,而且该信息已用预定义的格式提供的话。 The ability to automatically identify and locate data fields: full-text search, agents, web spiders, etc. There is also information useful for one or more regional capacity and descriptive data structure contains the interaction, if the known data in the file area contains potential information of interest, and that the information has been provided by the words of predefined formats.

在没有数据格式的第一手知识的时候提取所需数据的能力:全文检索,代理,网络蜘蛛等等有益于也有能力与描述性数据结构的一个或多个区域中包含的信息相互作用,若任意复杂性、未知作者的大数据文件不需要特别的知识即可被处理的话。 No first-hand knowledge extraction data format when the data capacity required: full-text search, agents, web spiders, etc. There is also information useful for one or more regional capacity and descriptive data structure contains the interaction, if arbitrary complexity, the unknown author of large data files do not need special knowledge can then be processed.

高效的,人机可读的数据抽象:描述性数据结构可优化成小型、方便、低费用的方式来处理、传送和/或存储。 Efficient, human-readable data abstraction: descriptive data structure can be optimized for a small, convenient, low-cost way to process, transmit and / or storage.

可重用、可销售——独立于实际数据:描述性数据结构有任意复杂性,因而可能花费大量时间创建并需要特定的专门技术,这赋予了描述性数据结构销售价值。 Reusable and sales - independent of the actual data: descriptive data structure of arbitrary complexity, which may spend a lot of time to create and require specific expertise, which gives the descriptive data structure the sales value.

内容规划的飞行定义和重定义:使用规划工具可以快速反复设计(规划)(包括编辑和修改),这可能比创建同一规划更方便、更低费,何况创建规划可能相当有难度,超出了许多用户的技能。 Content planning and redefine the definition of flight: Repeated use planning tool to quickly design (planning) (including editing and modification), it may be more convenient than creating the same plan, lower costs, not to mention create a plan can be quite difficult, than many user skills.

描述性数据结构属性允许在实际数据中隐藏元特征:因为同一描述性数据结构被创建过程和后创建过程所处理,元数据可放入其打包内容不可获取的描述性数据结构中。 Descriptive data structure attributes allow hidden features in real data element: Because the same descriptive data structure is created after the creation process and the handling process, the metadata can be placed in their packaging content not available descriptive data structure. 是否显示一个特定域的一个例子是“必须”或“隐藏”。 Whether to display an example of a specific domain of a "must" or "hidden."

通过描述性数据结构“精灵工具”使设计自动化:以“精灵工具”方式可以使描述性数据结构自身获得进一步自动化。 By descriptive data structure "Wizard tool" to make design automation: the "Wizard tool" ways to make the descriptive data structure itself for further automation. 比如说,可设计一个描述性数据结构来帮助定义其它描述性数据结构。 For example, can be designed a descriptive data structure to help define other descriptive data structures. 定义其它描述性数据结构的描述性数据结构可以代表一本书或杂志的不完整的描述性数据结构。 Define other descriptive data structures descriptive data structure may represent a book or magazine incomplete descriptive data structure. “精灵工具”可提供一系列对话框,显示给用户来填写留空的信息,从而使其成为完整的描述性数据结构。 "Wizard tool" provides a series of dialog is displayed to the user to fill in the blank of information, making it a complete description of the data structure.

特定的权限管理体系之外的应用:例如,多形态应用可使用描述性数据结构来决定特定数据的可能化属性和/或需求,比如何种视觉和感觉应显示给用户。 Application-specific rights management system beyond: for example, multi-form applications can use descriptive data structure to determine possible attributes specific data and / or needs, such as what kind of look and feel should be displayed to the user. 如果描述性数据结构包含一个字处理文档,多形态应用程序能创建一个适合显示和编辑该文档的界面,如果描述性数据结构包含许多可执行程序,多形态应用程序可能会询问用户文件应被存放在何处。 If the description of the data structure contains a word processing document, and more to create a form of application for displaying and editing the document interface, if descriptive data structure contains a number of executable programs, polymorphous application might ask the user file should be stored where.

伞应用程序能够处理描述性数据结构并代表未知文件类型和过程:伞(或多形态)应用程序能够作为特定数据文件操作。 Umbrella application to process descriptive data structure and represent unknown file types and processes: Umbrella (or morphology) is operable as an application specific data file. 这个伞应用程序可以提取并处理它关心的数据文件中的事情,尽管它忽略或代表(用户和/或价值链伙伴(如分布者)来控制这些项目的显示)那些它不理解的事情。 This umbrella application can extract and process it cares about the things in the data file, even though it ignores or representative (user and / or value chain partners (such as the distribution of those) to control the display of these items) those things it does not understand.

实时翻译:有可能实时的翻译描述性数据结构,实质性地增加其高效性和及时性。 Real-time translation: There may be real-time translation of descriptive data structure, substantially increase its efficiency and timeliness.

实时自适应性:通过使用描述性数据结构系统能适应实时到达的动态数据。 Real-time adaptive: By using descriptive data structure of the system can adapt to dynamic data in real-time arrival.

自动转换能力:描述性数据结构可用于自动的从一种格式转换成另一种格式。 Automatic conversion capability: descriptive data structure can be used to automatically switch from one format into another format.

简化系统设计:使用描述性数据结构可以显著减少对附加的“打包器”应用编程接口(API)或别的容器创建过程安全包装设计的需要。 Simplified system design: Use descriptive data structure can significantly reduce the additional "packer" application programming interface (API) or other container to create packaging design process safety needs. 这种“打包器”API需要控制或限制容器创建过程来确保所有创建的容器是相互兼容的,因而限制了灵活性和定制的能力。 This "packer" API need to control or restrict the container creation process is created to ensure that all containers are compatible, thus limiting the flexibility and customization capabilities.

面向对象模板编程环境:通过高层用户界面,优先权和相关参数数据说明可以选择使用显示相关、相互作用相关、权限相关的概念对象,这使创建诸如建构和显示提示信息之类的特定模板范畴变得十分容易。 Object-oriented programming environment template: through high-level user interface, priority and description of relevant parameters can be selected using the display data related to the interaction between the relevant permissions related concepts object, which makes creating a template, such as construction and display specific categories of information like tips become very easy.

模板语言和通过语言元素的使用和这种语言的翻译支持编程的翻译器的使用:Ginter el.al.描述的节点通过使用语言元素和该语言的翻译器支持编程。 Template programming language support through the use of language elements of translation and language translation and use: Node Ginter el.al. described through the use of language elements and the language translator supports programming. 该语言元素包括显示描述、权限、程序相互作用元素、优先权、和参数数据。 The language elements include display description, privileges, programs interacting elements, priority, and parameter data.

附图的简要说明本发明的实施例的特点和优势通过结合下述附图的详细描述可获得更好且更完整的效果: Brief Description of the Drawings Features and advantages of embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings for better and more complete results:

图1A和1B显示内容容器实例。 1A and 1B show the contents of the container instance.

图2A和2B显示与描述性数据结构相关的内容容器的实例。 Figures 2A and 2B show examples of data structures associated with the descriptive content of the container.

图3显示描述性数据结构创建和使用过程的实施例。 Figure 3 shows an embodiment of the descriptive data structure creation and usage process.

图4显示创建和使用过程的另一实施例。 Figure 4 shows another process of creating and using an embodiment.

图5显示使用描述性数据结构的实施例系统体系。 Figure 5 shows the embodiment of the system using the descriptive data structure of the system.

图5A显示由图5系统完成的实施例过程。 Figure 5A shows the process of the embodiment in Figure 5 system completed.

图6显示等级式描述性数据结构组织。 Figure 6 shows the hierarchical structure of the organization descriptive data.

图6A显示描述性数据结构如何与原子传送数据一起使用的实施例。 Figure 6A shows an embodiment of how descriptive data structures used to transfer data with the atoms together.

图7显示描述性数据结构格式实施例。 Figure 7 shows an embodiment of descriptive data structure format.

图8显示描述性数据结构创建图形界面实施例。 Figure 8 shows the descriptive data structure creation graphical examples.

图9显示跟踪描述性数据结构权限管理相关数据的实施例过程。 Figure 9 shows an embodiment of the process of tracking descriptive data structure rights management related data.

图10A显示使用描述性数据结构提供环境之间的互操作性的实施例。 Figure 10A shows the use of descriptive data structures to provide interoperability between environments embodiment.

图10B进一步详细描述图10A所示描述性数据结构的组织方式。 Figure 10B shown in FIG. 10A descriptive data structure organization described in further detail.

本发明的详细描述图2A、2B显示图1A、1B中的实例容器100a,100c及其相关的机器可读描述性数据结构200和200'。 Detailed Description of the invention Figure 2A, 2B shown in Figure 1A, 1B in Examples containers 100a, 100c and its associated machine readable descriptive data structures 200 and 200 '. 参看图2A,描述性数据结构200与内容容器100a相关联,该描述性数据结构200可用于定义容器100a的内容(以及特定的其它特征)。 Referring to Figure 2A, a descriptive data structure 200 is associated with content container 100a, the descriptive data structure 200 can be used to define the contents of the container 100a (and certain other characteristics). 在所示例子中,描述性数据结构200定义了许多栏目的报纸风格内容102,比如标题(描述符202a)、发行日期(描述符202b)、重要新闻(描述符202c)、爆炸性新闻(描述符202d)、图片(描述符202e)、广告(描述符202f)和栏目(描述符202g)。 In the example shown, the descriptive data structure 200 defines a number of sections of newspaper style content 102, such as the title (descriptors 202a), release date (descriptors 202b), important news (descriptor 202c), breaking news (descriptor 202d), pictures (descriptors 202e), advertisements (descriptors 202f) and columns (descriptors 202g).

在本例中,描述性数据结构定义202并未包括或指定报纸102的相应区域的特定内容,而是更抽象的定义了报纸风格出版所可能使用的一般格式。 In this example, the descriptive data structure definitions 202 does not include or specify a particular newspapers area 102 corresponding to the content, but more abstract definitions of the general format of the newspaper style publication could use. 例如,图2A实例描述性数据结构标题定义202a并未指定某一特定标题(如:“美国佬赢了三角旗!”),而是定义了该标题信息驻留在容器数据结构100a(以及其它特征)中的位置。 For example, Figure 2A instance descriptive data structure headline definition 202a does not specify a particular headline (e.g.,:! "Yankees Win the Pennant"), but the header information defines the data structures residing in the container 100a (as well as other Characteristics) position. (比如逻辑或其它偏移地址)。 (Such as logical or other offset address). 因为描述性数据结构200通用于一类或一族报纸风格内容出版,它可以被重新利用。 Because descriptive data structure 200 are common to a class or family of newspaper style content publishing, it can be reused. 举例说明,每份按日发行的报纸可创建使用相关的同一描述性数据结构200。 For example, each daily issue of a newspaper can be created using the same associated descriptive data structure 200. 通过抽象的定义数据格式和报纸风格内容102的其它特征,描述性数据结构200允许方便的创建、使用和操纵报纸风格内容102。 By the definition of abstract data format and contents of the other features of 102 newspaper style, descriptive data structure 200 allows easy creation, use and manipulate the contents of 102 newspaper style.

参照图2B,另一不同的描述性数据结构200'可用于定义其它类型的内容出版物106,比如,时尚杂志,该内容类的描述性数据结构200'反应了一种与图2A的描述性数据结构200不同的格式(或可能的其它特征)。 Referring to Figure 2B, a different descriptive data structure 200 'can be used to define other types of content publications 106 such as fashion magazines, descriptive data structure 200 of the contents of the class' reaction of a descriptive. 2A and FIG. different format data structure 200 (or possibly other characteristics). 举例而言,既然典型的时尚杂志不包括标题或爆炸性新闻,实例描述性数据结构200'就不定义这种格式。 For example, since fashion magazines typically do not include headlines or breaking news, examples of descriptive data structure 200 'does not define such formatting. 相反,定义一类时尚杂志内容的描述性数据结构200'可能定义发行日期(描述符204a),杂志名(描述符204b),摄影者姓名(描述符204c)以及相关艺术设计(描述符204d)。 Instead, the definition of a class of fashion magazine content descriptive data structure 200 'might be defined release date (descriptor 204a), magazine name (descriptor 204b), the name of the photographer (descriptor 204c) and the related art and design (descriptors 204d) .

图2A和2B举例说明了描述性数据结构200、200'在内容对象容器100a、100c以及相关内容102、106中传递。 2A and 2B illustrate the descriptive data structure 200, 200 'is passed in the content object container 100a, 100c and 102, 106 of the relevant content. 例如,描述性数据结构200可被独立的在其自己容器中传送并用相应的规则来控制其访问和/或使用。 For example, descriptive data structure 200 can be independently transferred in its own container and with the appropriate rules to control its access and / or use. 另外,描述性数据结构200可被存储于库中,并在所需基础上按照特定需求的不同而以安全或不安全的形式传送。 In addition, descriptive data structure 200 may be stored in the library, and in accordance with the desired different specific needs and to secure or insecure form the basis of the transfer.

除此之外,尽管图2A和2B是印刷出版内容的实例,描述性数据结构200的应用却并不受此限制。 In addition, although Figures 2A and 2B are printed publication content examples, the application descriptive data structure 200 but is not so limited. 相反,描述性数据结构200能被用于定义包括如下所列的大量不同类型的数字信息的格式和/或其它特征。 Instead, descriptive data structure 200 can be used to define the number of different types of digital information including the format listed below and / or other features.

图象声音视频计算机程序方法可执行程序翻译器货币对象货币对象的货币容器规则任意计算机输入任意计算机输出其他描述性数据结构 Video and audio Video Methods and computer program executable interpreter Currency Currency object object container Rules currency from any computer to any computer input output Other descriptive data structure

任何其他信息创建和使用描述性数据结构的实施例过程图3显示创建和使用描述性数据结构200的实例过程。 Any other information to create and use descriptive data structure Figure 3 shows the embodiment of the process of creating and using descriptive data structure instance process 200. 在本例中,规划工具300被用于创建描述性数据结构200。 In the present embodiment, the planning tool 300 is used to create descriptive data structure 200. 该规划工具300可以是,例如,与人通过图形用户界面交互的软件控制过程。 The planning tool 300 may be, for example, and controlled process via a graphical user interface interaction software. 它生成的结果描述性数据结构200(可被存储于大容量存储设备或别的存储器上)就能方便地用于任何数量的别的过程来创建或解释所存储的数据。 Data (which may be stored on a mass storage device or other memory) can easily be used for any number of other processes to create or interpret stored result it generates descriptive data structure 200. 比如说,描述性数据结构可被用于创建过程302。 For example, descriptive data structure 302 can be used to create the process. 创建过程302读取描述性数据结构并且作为响应,用预先定义的格式创建输出文件400,例如,与通过描述性数据结构200描述的格式相应的容器100。 Creation process 302 reads the descriptive data structure and, in response, create an output file 400 with a predefined format, for example, and by the descriptive data structure 200 described in a format corresponding container 100. 查看过程304使用描述性数据结构200在输出文件400中定位重要项目并加以显示。 Viewing process descriptive data structures 304 200 400 locate important items in the output file and displayed. 浏览过程306使用描述性数据结构200在所存储的输出文件400中定位诸如关键字或别的可搜寻文本之类的项目。 Browse process 306 to use the descriptive data structure 200 is positioned items such as keywords or else be like searching for text stored in 400 output files. 描述性数据结构200提供完整性约束或规则来保护内容使用和/或访问期间的相应内容的完整性。 Descriptive data structure 200 provides integrity constraints or rules to protect content using and / or the corresponding period of the integrity of content access.

图4给出了描述性数据结构创建和使用过程的更详细的例子。 Figure 4 shows a more detailed example descriptive data structure creation and usage process. 在本例中,规划工具300通过图形用户界面312接受用户输入310。 In the present embodiment, the planning tool 300 through a graphical user interface 312 accepts user input 310. 规划工具300的输出可能是一个文本文件形式的描述性数据结构200。 Output planning tool 300 may be a text file in the form of descriptive data structure 200. 安全打包过程302a接受容器特定数据作为输入,它还可能接受描述性数据结构200作为只读输入。 Secure packaging process 302a receptacle specific data as input, it may accept the descriptive data structure 200 as a read-only input. 打包器302a把容器特定数据314包装入安全容器100。 302a of the container packer specific data packed into a secure container 100 314. 它也可能在有要求的情况下把描述性数据结构200包装入同一容器100。 It may also be required in the case of the descriptive data structure 200 into the same packaging container 100. 查看器304借助描述性数据结构200并根据规则316可查看数据314。 Viewer 304 With descriptive data structure 200 and 316 can view the data in accordance with the rules 314. 应用于数据314和/或描述性数据结构200的规则316也被打包进入该容器。 Rules are applied to the data 314 and / or the descriptive data structure 200 316 is also packaged into the said container.

使用描述性数据结构的实施例体系图5显示了适合于使用描述性数据结构200的实例安全系统体系。 Use the descriptive data structure in Example 5 shows a system suitable for use with descriptive data structure 200 instance security system architecture. 在本例中,位于抗干扰屏蔽502中的电子设备500就是上文引用的Ginter et al.专利说明所描述的那类设备。 In this embodiment, the shield 502 is located in interference electronic device 500 is in the above-cited Ginter et al. Patent specification that type of equipment as described. 电子设备500包含一个应用编程接口(API)504。 Electronic device 500 includes an application programming interface (API) 504. 一个或多个应用506通过API504与电子设备500通讯。 One or more applications 506 and the electronic device 500 by API504 communication. 在有些情况下,应用506可以在安全的电子设备500中执行。 In some cases, application 506 may be performed in a secure electronic device 500. 每个应用506都包括描述性数据结构解释程序508。 Each application 506 includes descriptive data structure interpreter 508. 在使用时,电子设备500访问安全容器100并根据规则316访问描述性数据结构200及其包含的内容102,并且提供内容到应用506。 In use, the electronic device 500 to access the secure container 100 and in accordance with rules 316 to access the descriptive data structure 200 and content 102 contains, and provide content to the application 506. 在应用506中的解释程序508可依次地读取和使用描述性数据结构200。 Interpreter in the application 506 508 may be sequentially read and use the descriptive data structure 200. 除此之外,应用506可以是多形态的,它可以表现出至少部分由描述性数据结构200所定义的特性或行为。 In addition, application 506 may be polymorphic, it may exhibit, at least in part by descriptive data structure 200 defines characteristics or behavior.

图5A详细显示图5中实例安全系统体系实现过程的例子。 The example in Figure 5 Figure 5A instance security system architecture shown in detail the implementation process. 在本例中,应用506要求设备500从容器100中提取描述性数据结构200(如方框550所示)。 In the present embodiment, the application 506 requires the device 500 extracts descriptive data structure 100 from container 200 (shown as block 550). 电子设备500读取描述性数据结构200,并且根据相应规则316所指定的条件,把描述性数据结构提供给应用506(如方框552所示)。 Electronic device 500 reads the descriptive data structure 200, and is used under the conditions specified in the rules 316, provides the descriptive data structure to the application 506 (shown as block 552). 应用506要求其解释程序508解释描述性数据结构200(方框554)。 Application 506 requires its interpreter 508 interpret the descriptive data structure 200 (block 554). 解释程序508告诉应用506描述性数据结构200所表达之意(方框556)。 Italian interpreter tells the application 508 506 describes the data structures expressed in 200 (block 556). 应用506从解释程序508提取或获得其所需的描述性数据结构信息(方框558)。 Application 506 508 it needs to extract or obtain descriptive data structure information (block 558) from the interpreter. 例如,假设应用506希望显示如图2A所示报纸风格内容的“标题”信息,应用506就要求解释程序508给它提供信息帮助其定位、阅读、格式化和/或显示此“标题”信息。 For example, suppose the application 506 is displayed as shown in FIG hope 2A "Title" newspaper style content information, application 506 requires interpreter 508 to provide it with information to help them locate, read, format and / or display this "headline" information.

另举一例,解释程序508可给应用506提供相应于报纸风格内容的“标题”信息的元素识别码(如十六进制数或其它识别符)(方框558)。 As another example, interpreter 508 may be provided to the application 506 corresponding to the newspaper style content "title" information element identifier (e.g., a hexadecimal number or other identifier) (block 558). 然后应用506通过API504提供给电子设备500适当的内容信息来要求电子设备500回馈给它容器100中的“标题”(或其它)内容信息102(方框560)。 Is then provided to the application 506 by API504 electronic device 500 to request the appropriate content information back to the electronic device 500 in which container 100 "title" (or other) content information 102 (block 560). 例如,应用506把解释程序508提供的元素识别码传递给电子设备500。 For example, application of the element identification code interpreter 508 provides 506 is transmitted to the electronic device 500. 即使应用506没有关于容器100的直接知识(可能它只能通过由设备500提供的安全VDE节点访问容器100),解释程序508(通过查看描述性数据结构200)可以告诉应用506足够的信息以便它能够知道如何从电子设备500处请求所需的信息。 Even if the application 506 is no direct knowledge about the container (which may only be accessed through a secure VDE node provided by the device 500 container 100) 100, interpreter 508 (by looking at descriptive data structure 200) can tell application 506 enough information so that it information required to know how to request from the electronic device 500.

电子设备访问容器100中的信息102,并传送(根据容器内的规则316)所请求的信息给应用506(方框562),而后,应用506至少部分基于解释程序508所告诉它的关于内容的信息来使用电子设备500提供的信息(方框564)。 Electronic device 100 access the information in the container 102, and transmitting (316 according to the rules within the container) the requested information to the application 506 (block 562), then, at least in part on application 506 interpreter 508 to tell it about the content information to use the information provided by the electronic device 500 (block 564). 比如,描述性数据结构200可能提供了关于应用506该如何处理信息102的特征。 For example, descriptive data structure 200 may provide application 506 on how to handle information 102 of the characteristic. 描述性数据结构200能够告诉应用506总是显示某一特定字段(如,作者或版权字段)而总不显示别的信息(如应该对大多数用户隐藏的信息)。 Descriptive data structure 200 can tell the application to a particular field 506 is always displayed (eg, author or copyright field) and the total does not display other information (such as most users should be hidden information). 描述性数据结构200也能提供完整表述或“可视化”信息以便信息供应商能够在信息被显示或提交时控制信息的视觉和感觉。 Descriptive data structure 200 can also provide a complete representation of control information or "visual" information so that the information can be displayed or vendor information submitted in the look and feel. 描述性数据结构200可用元数据的形式提供对其它特征的编码,该元数据也能在创建、使用和操纵容器100过程中被应用506使用。 Descriptive data structure 200 can be used in the form of metadata to provide other features of coding, the metadata can also create, use and manipulate the process container 100 is applied 506 to use. 描述性数据结构200可被用于生成软件程序来操纵权限管理结构。 Descriptive data structure 200 may be used to generate a software program to manipulate rights management structures. 比如,描述性数据结构200能作为“指令”来驱动数字信息的自动包装应用或数字内容的自动阅读器。 For example, descriptive data structure 200 can serve as "instructions" to drive automated packaging application or automated reader of digital content of the digital information.

描述性数据结构提供的描述实施例图6举例说明了描述性数据结构200如何描述和定义任何复杂度的信息结构,比如级联式容器100。 Descriptive data structure provides a description of the embodiment of Figure 6 illustrates how descriptive data structures 200 describe and define the structural complexity of any information, such as cascade container 100. 在该例中,容器100包括特性600(1),600(2)。 In this example, container 100 includes properties 600 (1), 600 (2). 特性600(1)包括n个属性602(1),602(2),…602(n)。 Characteristics 600 (1) comprises a n attributes 602 (1), 602 (2), ... 602 (n). 特性600(2)包括任意数目的属性604(1),604(2)…它还包括一个附加特性606。 Characteristics 600 (2) include any number of attributes 604 (1), 604 (2) ... 606 further comprising an additional characteristic. 依次地,特性606也有自己的属性608(1),608(2)…相关的描述性数据结构可被组织成树状结构列表250提供一个递推结构来反映容器100内容本身的递推结构。 In turn, 606 properties have their own property 608 (1), 608 (2) ... the list of tree-related descriptive data structure 250 can be organized into a recursive structure to reflect the contents of the container itself 100 recursive structure. 例如,列表250包括分别相应于特性600(1),600(2)的特性描述符252(1)。 For example, list 250 includes features 600 respectively corresponding to (1), 600 (2) characteristic descriptors 252 (1). 252(2)构成的特性分支。 252 (2) constitutes a feature branch. 依次地,每个特性描述符252又以同样的递推、级联式设计包含属性列表254或者可能包含附加特性描述符256以反映实例内容容器结构。 In turn, each feature descriptor 252 Youyi the same recursive cascade design contains a list of 254 properties may include additional features or descriptors 256 to reflect the contents of the container structure instance. 描述性数据结构200可用于描述任意复杂度,任意维数(1到n)的级联式或非级联式数据结构。 Descriptive data structure 200 can be used to describe the complexity of any arbitrary number of dimensions (1 to n) of the cascade or cascade data structure.

图6A显示描述性数据结构200可被用于连接任何类型的信息诸如定义“原子交易”(如房地产交易)那样的事件或方法。 Figure 6A shows the descriptive data structure 200 can be used to connect any type of information, such as the definition of an event or method "atomic transaction" (such as real estate transactions) like that. 在图6A所示例子中,容器100包括一个或多个与定义房地产交易的一系列“事件”700相关的描述性数据结构200及其相应控制集合316。 In the example shown in Figure 6A, the container 100 includes one or a series of "events" 700 and define a plurality of real estate transactions associated descriptive data structure 200 and its corresponding control set 316. 比如,描述性数据结构200可能包括许多与不同的交易“事件”相关的不同的项200A-200N(如“提交”,“接受”,“买/卖”,“检查”,“抵押”等)。 For example, the descriptive data structure 200 may include a number of different trading "events" related to different entries 200A-200N (such as "Submit", "acceptance", "buy / sell", "check", "mortgage", etc.) . 项200A-200N定义了事件在容器100中的位置。 Entries 200A-200N defined event in the container 100 position. 项200A-200N也可包括元数据以提供相应于事件的附加特征(如关于事件的特定信息应如何显示)。 Item 200A-200N may also include metadata corresponding to the event in order to provide additional features (such as specific information on how the event should be displayed).

描述性数据结构格式的实施例图7用一个例子说明描述性数据结构是如何格式化的。 Embodiment Fig descriptive data structure format 7 with an example of how descriptive data structures formatted. 如上所述,描述性数据结构200可能包含列表,比如链接表。 As mentioned above, descriptive data structure 200 may contain a list, such as the link table. 每个表项260(1),260(2)可能包括如下的一系列数据字段:对象名称字段262一个或多个元数据字段264(它可能是描述性数据结构的一部分和/或被描述性数据结构引用)定位信息266(它帮助识别容器数据结构100的相应信息) Each entry 260 (1), 260 (2) may include the following series of data fields: Object Name field 262. One or more metadata fields 264 (which may be part of the descriptive data structure and / or descriptive data structure references) and positioning information 266 (which help identify the corresponding information container data structure 100)

对象名称字段262可能包含相应于(或描述了)一类信息的常数。 Object Name field 262 may contain corresponding to (or describe) a class of constant information. 比如,对象名称字段262可作为内容或数据的“句柄”;它可以是对内容或数据的间接引用;它可被用于寻找内容或数据。 For example, the object name field 262 can be used as a "handle" the content or data; it can be for an indirect reference to the content or data; it can be used to search for content or data. 以下是对象名称的实例:通用目的对象名称数字字符串日期标题描述作者供应商多用途的网际邮件扩充协议(MIME)类型版本统一资源定位符(URL)电子邮件新组文件名关键字创建日期修改日期最后访问日期本地平台大小内容预览草图(thumbnail)文本作品说明未知模板列表名称容器书籍风格对象名称截止日期标题页序言介绍摘要目录表章章号索引电子邮件风格对象名称从(发信人)到(收信人)抄送主题消息主体封装报纸风格对象名称发行日期文章栏目封面故事重要故事爆炸性新闻广告节社论描述性数据结构200可能包括或引用任何类型的数据或元数据。 The following are examples of object names: general-purpose object name string of digits Date Title Description Author supplier Multipurpose Internet Mail Extensions (MIME) type version of the Uniform Resource Locator (URL) E-mail a new group name keyword file creation date modified date last visit local platform size Preview sketch (thumbnail) text template list, works of unknown name of the container object name book style cut-off date title page catalog preface describes the summary chapter number Index Biaozhang style object names from email (sender) to ( recipient) Cc theme encapsulates the message body style object names Released newspaper article section cover story important breaking news stories Advertising Festival editorial descriptive data structure 200 may include or refer to any type of data or metadata. 在本例中,描述性数据结构200用对象名称字段262来指向或引用元数据。 In this case, descriptive data structure 200 using the object name field 262 to point to or reference the metadata. 元数据可定义与对象名称相关的特定特征。 Metadata can define the specific features associated with the object name. 例如,元数据可能在创建和/或使用过程中施加完整性或别的约束(如,“当你创建对象时,你需提供某某信息”,或者“当你显示对象时,你需显示某某信息”),元数据264可进一步描述或限制相应的对象名称。 For example, the metadata may be applied to create and / or use of integrity or other constraints (such as, "When you create an object, you must provide certain information," or "When you display objects, you need to show a certain information "), metadata 264 may be further described or restrict the corresponding object name.

在一个例子中,描述性数据结构200使用对象名称262引用存储在其它地方如容器100中的元数据。 In one example, the descriptive data structure 200 uses object name 262 refers to the meta data stored in other places in the container 100. 该引用技术有许多优势,比如,在与描述性数据结构200分离的安全容器100中存储元数据是有用的,这种情形的出现是因为人们希望使描述性数据结构方便的访问外部应用,但又同时保护相关元数据。 The reference technology has many advantages, such as, in the secure container 200 and the descriptive data structure 100 is stored in separate metadata is useful, the case arises because people want to make the descriptive data structure to facilitate the access to an external application, but but while protecting the associated metadata. 例如,我们考虑一个处理网络蜘蛛查询的例子,网络蜘蛛可能询问描述性数据结构200某一特定的对象名称262,如果对象名称找到了,那么网络蜘蛛会请求相应的元数据,网络蜘蛛可以方便地访问元数据,但只能在适当的条件下访问来自容器100的相关元数据。 For example, we consider an example query processing web spider, spider may ask descriptive data structure 200 of a particular object name 262, if the object name is found, then the spider will request the appropriate metadata, web spiders can easily access the metadata, but can only access the associated metadata from the container 100 under appropriate conditions. 该条件由基于相关规则316的相应安全电子设备500控制。 The conditions of the corresponding electronic device 500 is controlled by the safety rules based on 316. 其另一个优势是,把元数据存储在与描述性数据结构200分离的地方,可允许同一描述性数据结构用于不同环境中的不同元数据。 Its further advantage is that the metadata is stored in a separate descriptive data structure 200 and places, the same descriptive data structure allows for different environments different metadata. 假设描述性数据结构200包含对象名称,如“关键字“。 Assuming descriptive data structure 200 contains the object name, such as "keyword." 当描述性数据结构200与容器100A相关联时,描述性数据结构对象名称”关键字“引用容器100A中的关键字元数据。 When describing data structure 200 associated with the container 100A, descriptive data structure of the object name "keyword" in a reference to the container 100A keyword metadata. 然而,如果该同一描述性数据结构200后来又关联(如打包)到一个不同的容器100c,那么描述性数据结构对象名称”关键字“就引用容器100B的关键字数据。 However, if the same descriptive data structure 200 and later association (such as packaging) into a different container 100c, then the description of the data structure of the object name "keyword" to quote the keyword data container 100B.

尽管人们更喜欢用对象名称262来引用存储于其它地方的元数据,然而,仍然有别的实例需要在描述性数据结构200中清楚地包含元数据,为说明起见,图7所示实例描述性数据结构200既包含了元数据字段264,又使用对象名称262引用位于容器100中的元数据,任一技术都可使用。 Although people prefer to use object name 262 to refer to metadata stored elsewhere, however, there are still other instances need to be clearly included in the descriptive metadata data structure 200, for illustration, descriptive examples shown in Figure 7 Data structure 200 contains both the metadata fields 264, and 262 using the object name located in the container 100 references meta data, either technique may be used.

因此,描述性数据结构200允许价值链参加者通过实现完整性约束说明保护内容的完整性。 Therefore, the description of the data structure 200 allows value chain participants to achieve integrity constraints described by the integrity of protected content. 描述性数据结构200完整性约束提供了一种方式来描述关于内容的规则。 Descriptive data structure 200 integrity constraints provide a way to describe the rules about the content. 比如,描述性数据结构200可以指定报纸的一篇文章在其标题未被查看到时,其内容不能被查看,相应的完整性约束可表达成规则“如果有文章,那么必须有标题”。 For example, descriptive data structure 200 may specify a newspaper article is not in view when its title, its contents can not be viewed, the corresponding integrity constraint can be expressed as the rule "if the article, it must have a title." 另举一例,作为杂志一部分的照片和其说明必需同进同出,描述性数据结构200提供的完整性约束规则可能是“不要提供不带相应说明的照片”。 As another example, as part of the magazine's photo and a description is necessary into the same, integrity constraint rules provide descriptive data structure 200 may be "not provided appropriate instructions without pictures."

描述性数据结构200完整性约束为价值链参与者提供了一个工具来保护描述性数据结构200的使用,确保特定的描述性数据结构表达的内容包含了所有必要的组件。 Descriptive data structure 200 for the value chain participants integrity constraints provide a tool to protect the descriptive data structure 200 used to ensure that the contents of a particular expression of the descriptive data structure contains all the necessary components. 这正是描述性数据结构的表现。 This is the description of the performance of the data structure. 它为供应商提供了建立规范并增加使用的标准化的途径,有许多可能的完整性约束,下面仅举几例,必须:a是内容的必须部分可选:a是内容的可选组件必需关系:如果a存在,那么b也要存在,或者,如果a提交给b,那么c和d也必须提交,相反的,如果b不存在,那么a也不能存在,此类关系是1:m(m>0)。 It provides a way to establish a standard suppliers and increased use of standardized, there are many possible integrity constraints, the following name a few, must: a content to be part Optional: a is an optional component content * Required relationship: if a present, then b must exist, or if a submission to b, then c and d are also required to submit, on the contrary, if b does not exist, nor the existence of a such a relationship is: m (m> 0).

可选关系:如果a存在,b可以存在也可以不存在。 Optional relationship: If a is present, b may be present or may not exist. 如果b存在,那么授权a存在。 If b is present, then authorize a presence. 此类关系是1:n(n>=0)重复:a必须发生n次(n>1)。 Such relationship is 1: n (n> = 0) Repeat: a must occur n times (n> 1). 此处可指定取值范围等。 Here you can specify the range and so on.

其它规则和/或需求元数据264创建描述性数据结构的图形界面的实施例图8显示了描述性数据结构创建图形用户界面312的事例。 Other rules and / or requirements Metadata 264 embodiment of FIG create a graphical depiction of the data structure interface 8 shows the descriptive data structure to create a graphical user interface 312 cases. 在本例中,图形用户界面312显示给用户对象名称。 In this example, the graphical user interface 312 is displayed to the user object name. 另外,图形用户界面312提供选项用于指定相关元数据264,如图8所示选项可以是:“构筑类型”元数据(构筑对象时,该信息是必需的,构筑对象时,对象创建工具总是或永不提示该信息)显示元数据(如:总是显示相关信息,如版权提醒,作者名之类,或者总是或永不提示该信息。) In addition, the graphical user interface 312 provides options for specifying the associated metadata 264, the options shown in Figure 8 can be: "to build the type of" meta-data (when constructing the object, this information is required when constructing the object, the object creation tools suggesting that the information is always or never) Display metadata (such as: always display relevant information, such as copyright reminders, like the author, or always or never prompt the message).

规划“暗示”和字段定义(例如:文本,文本块,整型,文件,图片或别的数据类型)元数据描述并不仅限上述例子,其它元数据特征和属性也可以使用。 Plan "hint" and field definitions (e.g.: text, text block, integer, file, image or other data type) is not limited to the above-described metadata describing examples, other metadata characteristics and attributes may also be used.

使用描述性数据结构的实施例过程图9举出一个描述性数据结构实例设计,该设计使用了在美国专利申请08/699,712(上文引用)中描述的基础结构,图9所示的设计在许多不同环境中都可使用。 Use the descriptive data structure embodiment the process of Figure 9 include a descriptive data structure instance design that used in U.S. Patent Application 08 / 699,712 (referenced above) is described in the infrastructure, the design shown in FIG. 9 can be used in many different environments. 例如,描述性数据结构200的供应商600想知道哪种描述性数据结构200是其消费者最喜欢的,以便他/她能够改善其产品的质量。 For example, the descriptive data structure 200 600 suppliers want to know what kind of descriptive data structure 200 is its consumer favorite, so he / she can improve the quality of its products. 或者,供应商600可能要求消费者在单用户方式或其它基础上使用描述性数据结构200。 Alternatively, the supplier may require consumers to use 600 descriptive data structure 200 in single-user mode, or other basis. 在其它例子中,一些描述性数据结构200或描述性数据结构200类可能仅限授权用户或授权用户类使用。 In other instances, some descriptive data structure 200 or 200 class descriptive data structure may be limited to authorized users or authorized user classes.

如图9所示,描述性数据结构供应商600传送描述性数据结构200和相应控制集316到价值链参与者602。 9, the descriptive data structure supplier 600 transmits descriptive data structures 200 and 316 corresponding to the control set 602 to value chain participants. 控制316提供规则及其结果来控制或影响价值链参与者602对描述性数据结构200的使用或其它操作。 Control 316 provides rules and their results to control or influence the value chain participant 602 pairs descriptive data structure 200 used or other operations. 控制316和描述性数据结构200可打包入容器100。 Control 316 and the descriptive data structure 200 may be packaged into the container 100. 价值链参与者602可以从描述性数据结构供应商600处直接获得包含描述性数据结构200的容器100;另一情形是,供应商把它提供给权限许可清查屋,然后参与者602从清查屋(或其它地方)获得它(参见图中容器100B)。 602 participants in the value chain can be obtained from the descriptive data structure 600 suppliers directly to the container that contains descriptive data structure 200, 100; Another scenario is that suppliers provide it to inventory Licenses house, then 602 participants from the inventory of houses (or elsewhere) to get it (see Figure container 100B).

价值链参与者602使用描述性数据结构200来建立内容102,参与者602把内容102和相关控制316A打包入容器100A。 Value chain participant 602 using the descriptive data structure 200 to create content 102, content 102 participants 602 and associated controls 316A packed into the container 100A. 如果它愿意的话,参与者602可以把描述性数据结构200及其相关控制316a,316b以及内容102包入同一容器,或者基于供应商600和/或权限许可清查屋604独立的传送描述性数据结构及其控制给最终用户606。 If it wishes, 602 participants can describe data structures 200 and its associated control 316a, 316b and 102 content pack into the same container, or on vendor 600 and / or 604 Licenses independent transmission housing inventory descriptive data structure 606 and its control to the end user.

最终用户606(1)…606(n)结合内容102并根据控制316来使用描述性数据结构200(比如读取,浏览或访问容器内容)。 End user 606 (1) ... 606 (n) combined with the content 102 and control 316 according to the descriptive data structure 200 (such as read, browse or access the container content). 控制316,316a要求用户设备提供使用数据610到使用清查屋612,使用清查屋612把访问和/或使用描述性数据结构200的使用数据610A提供给描述性数据结构供应商600,并把访问和/或使用内容102的使用数据610B独立的提供给价值链参与者602。 Control 316,316a require users to provide usage data 610 to the device using the clearinghouse 612, use clearinghouse 612 to access and / or use descriptive data structure 200 610A using data supplied to the descriptive data structure 600 suppliers, and to access and / or use of content usage data 610B 102 is supplied to a separate value chain participants 602.

描述性数据结构用于获得权限管理环境之间的一定程度的互操作性本发明提供的描述性数据结构200可在源权限管理环境和目标权限管理环境之间提供一定程度的互操作性,和/或提供桥梁使权限管理环境和其外部世界之间获得至少一定程度的互操作性。 Descriptive data structure is used to describe data structures to obtain a certain degree of rights management interoperability between the environment provided by the invention can provide a degree of 200 between the source and destination rights management rights management environment interoperability, and / or provide a bridge to make rights management environment and its outside world to obtain at least some degree of interoperability.

不同的权限管理环境在定义有关对象的权限时可能有巨大的不兼容机制。 Different rights management environment when defining permissions related objects may have huge incompatible mechanisms. 描述性数据结构200提供了至少部分桥梁来获得一定程度的兼容性和互操作性。 Descriptive data structure 200 is provided at least in part to the bridge to obtain a certain degree of compatibility and interoperability. 比如,供应商在源权限管理环境中定义对象时创建的描述性数据结构可被用于一个或多个目标权限管理环境的过程中。 For example, the descriptive data structure suppliers when defining objects created in the source rights management environment can be used to process one or more target rights management environment. 对象创建者或别的供应商可以在描述性数据结构200中指定特定规则、完整性约束和/或其他特征,当它进入目标权限管理环境之后,即可应用于对象,目标权限管理环境可根据它对源环境的信任程度有选择地增强这些规则、约束和/或其他特征。 Object creator or other provider can specify a specific rule in the descriptive data structure 200, integrity constraints, and / or other characteristics, when it enters the target rights management environment can be applied to the object, according to the target rights management environment It trust the source environment selectively enhance these rules, constraints and / or other characteristics. 例如,从一个应用X.12安全性的EDI系统导入的对象可能比从别的具有较少(或没有)安全性的环境中导入的对象更值得信任。 For example, importing objects from one application of EDI X.12 security system may have less than the other (or no) object security environment to import more trustworthy.

另举一例,在任何权限管理环境之外创建对象的供应商可创建描述性数据结构200以便使用,如果该对象导入一个或多个权限管理环境的话。 As another example, to create an object in addition to any rights management environment, suppliers can create descriptive data structure 200 for use, if the object into one or more words of rights management environment. 目标权限管理环境可利用描述性数据结构有效的理解和处理对象。 Target rights management environment can take advantage of descriptive data structure effectively understand and handle objects. 进而言之,在权限管理环境中创建的描述性数据结构可被导出到该环境之外的一个或多个应用中,并帮助这些应用来解释导出的内容或其他信息。 Into words, descriptive data structure created in the rights management environment can be exported to one or more applications in the environment outside, and help to explain the content of these applications or other information derived.

图10A举例说明了描述性数据结构200如何用于提供互操作性。 Figure 10A illustrates how descriptive data structure 200 is used to provide interoperability. 在图10A所示例子中,描述性数据结构创建工具800创建了包含一个或多个目标数据块801的描述性数据结构200。 In the example shown in Figure 10A, DDS creation tool 800 creates one or more target data blocks 801 of the descriptive data structure 200. 描述性数据结构创建工具800可能基于和/或包含规划工具300的某些或全部能力,除此之外,还提供互操作的能力。 DDS creation tool 800 and based on some or all of the capabilities may / or planning tool 300 comprises, in addition, also provides the ability to interoperate. 另一种情况是,描述性数据结构创建工具800不包括规划工具300的任何能力,而是单独为互操作目的创建描述性数据结构200。 Another case is that descriptive data structure creation tool 800 does not include any capacity planning tool 300, but create a separate descriptive data structure 200 for interoperability purposes. 描述性数据结构创建工具800可以是带有图形用户界面的应用程序,仅当用户配制时才显示用户界面的后台进程,操作系统的一部分,计算机固件的一部分,在系统之间(如公用网络和私有网络,两个或多个私有网络,局部网和广域网等等)作为部分或全部“网关”而独立运作的服务器进程,或者是任何其它希望的实现或整合。 DDS creation tool 800 may be an application with a graphical user interface, if the user shows a part of the preparation of background processes of the user interface, operating system, part of the computer's firmware only if, between the system (such as a public network and private network, two or more private networks, local networks and wide area networks, etc.) as part or all of the "gateway" to operate independently of the server process, or implement or integrate any other desired.

目标数据块801提供信息用于提供与特定目标环境850之间的互操作性。 Target data block 801 to provide information for the particular target environment 850 providing interoperability between. 在某种情况下,单一的描述性数据结构200通过包含相应于不同目标环境850(1)…850(n)的n个目标数据块801(1)…801(n)来提供与n个不同目标环境850的互操作性。 In some cases, a single descriptive data structure 200 by including the corresponding to different target environments 850 (1) ... 850 (n) of the n target data blocks 801 (1) ... 801 (n) to provide the n different 850 interoperability target environment.

在本例中,每个目标数据块801包含规则(控制)信息。 In this example, each target data block 801 includes rule (control) information. 不同的目标数据块801为不同的目标环境850提供不同的规则信息,可以是相关目标环境850中的应用程序功能856的有关操作(事件)和/或结果,如下所例:允许和/或必需操作允许和/或必需操作的固有操作和/或扩展操作 Provide different rule information different from target data block 801 for different target environments 850, 850 may be associated in the target environment 856 of application functions related operations (events) and / or results, the following example: permissions and / or Required operating permit and / or intrinsic operations necessary for the operation and / or expand operations

执行允许和/或必需操作的结果如果需要,目标数据块801也可包括附加信息来发出指令给位于相应目标环境850中的描述性数据结构分析程序852和/或解释程序854。 • Execute permission and / or results of operations required, if necessary target data block 801 may also include additional information to issue commands to the target environment is located 850 corresponding descriptive data structure analysis program 852 and / or 854 interpreter.

图10B显示一个详细例子来说明在描述性数据结构200中目标信息的组织方式。 Figure 10B shows a detailed example to illustrate the organization of the descriptive data structure 200 in the object information. 在该例中,描述性数据结构创建工具800创建一个描述性数据结构头805,该描述性数据结构头805引用一个或多个目标记录头807。 In this example, the descriptive data structure creation tool 800 creates a DDS header 805, the first descriptive data structure 805 references one or more target recording head 807. 如图所示,描述性数据结构头805可能包括如下字段:“目标号”字段809用来指示描述性数据结构200中的目标数据块801的编号,“对第一个目标数据区域的偏移”字段811用来提供描述性数据结构200中第一个目标数据块801(1)的位置,“源消息”字段812A用以识别源环境,可选的“创建者封条”字段812B可用于验证描述性数据结构200的完整性和正当性。 As shown, the first descriptive data structure 805 may include the following fields: "Target Number" field 809 is used to indicate the descriptive data structure 200 the number of target data blocks 801, "offset to first target data area "field 811 is used to provide descriptive data structure 200 in the first target data block 801 (1) of the position," the source message "field 812A to identify the source environment, optional" creator seals "field 812B can be used to verify Descriptive data structure 200 integrity and legitimacy. ″源消息″字段812A(可选)包括“源ID”(用于帮助验证描述性数据结构200的源环境)和可选的“源封条”(可以出现也可以不出现在“源消息”字段中)。 "Source Message" field 812A (optional) includes a "source ID" (used to help verify the source environment descriptive data structure 200) and the optional "Source seal" (also may not be present may appear "Source Message" field in). 描述性数据结构200中的每个目标数据块801的开头是一个目标记录头807,它包括“目标ID”字段813,“长度”字段815,“对下一个目标数据区域的偏移”字段817,可选的“创建者封条”字段819,以及可选的“源消息”字段821。 The beginning of the descriptive data structure 200 for each target data block 801 is a target of the recording head 807, which includes the "target ID" field 813, "length" field 815, "the next target data area offset" field 817 optional "creator seals" field 819, and an optional "news source" field 821. “目标ID”字段813指定唯一的识别号或识别值相应于关联的目标数据块801和/或识别扩展的目标环境。 "Target ID" field 813 specifies a unique identification number or value corresponding to the identification data block associated with the target 801 and / or identification extension target environment. “长度”字段815指明目标数据块801的长度,“偏移”字段817指明描述性数据结构200中下一个目标数据块801的(相对或绝对)位置(对最后一个目标数据块而言,该字段取空值)。 "Length" field 815 indicates the length of the target data block 801, the "offset" field 817 indicates the descriptive data structure 200, the next target data block 801 (relative or absolute) position (for the last target data block is concerned, the field null value).

可选的“创建者封条”字段812B,819(以及“源封条”)可以是密码封条用于分别确保描述性数据结构200和目标记录801自创建以来未被改变,并且也可识别出描述性数据结构200的创建者和/或源。 The optional "creator seals" field 812B, 819 (as well as the "source seal") can be used separately to ensure that the password seals since descriptive data structure 200 and the target record 801 not changed since its inception, and can also identify the descriptive create data structures and / or source 200. 可选的源消息812C和821可提供信息帮助确保目标环境知道哪个源环境创建了描述性数据结构200。 Optional source message 812C and 821 can provide information to help ensure the target environment knows which source environment created the descriptive data structure 200.

重新参照图10A,描述性数据结构创建工具800在创建描述性数据结构200的过程中,可使用合适的加密过程来加密封装描述性数据结构200及每个目标数据块801以使其完整。 Referring back to Figure 10A, DDS creation tool 800 in the process of creating the descriptive data structure 200 may be used to encrypt the encryption process suitable package descriptive data structure 200 and each target data block 801 so as to complete. 加密过程的一个例子是首先对数据运行加密哈希(杂凑)函数(如SHA,MD5等),然后用不对称加密系统(如RSA,El Gamal等)所关联的描述性数据结构创建者的私钥加密结果哈希值。 An example of the encryption process is run first data encryption hash (hash) function (such as SHA, MD5, etc.), and then use an asymmetric encryption system (such as RSA, El Gamal, etc.) associated with descriptive data structure created by the private key encryption result hash. 如果使用了封装,描述性数据结构创建者应确保公钥以及加密私钥被认证(如用认证授权的私钥加密)并且能让目标环境可以利用它来验证封装(如,通过在描述性数据结构200中包含认证并在公用网络上发行认证)。 If the package, descriptive data structure creators should ensure public and private key encryption is certified (such as private keys encrypted with the authentication and authorization), and let the target environment can use it to verify the package (eg, through the data in the descriptive structure 200 contains the certification and issuance of the certificate on a public network).

如果使用了源消息812C,821,它们应提供源环境的代表性信息以便帮助目标环境识别源环境,也能进一步帮助确认描述性数据结构200确实是由源环境所创建(因而它能扩展到信任源环境的环境中)。 If source messages 812C, 821, they should provide a source of information to help the environment representative target environment identify the source environment, but also further assist in identifying the descriptive data structure 200 is actually created by the source environment (and therefore it can expand to trust source environment environment). 例如,源环境有一个受保护处理环境(PPE),其形式可参见上文引用的Ginter et al.专利申请的描述。 For example, a source environment protected processing environment (PPE) described by the patent application, the form can be found in the above-referenced Ginter et al.. 该种受保护处理环境有可获取的密钥(如公钥/私钥对中的私钥)用于加密描述性数据结构头805或目标数据块头807中合适的密码哈希。 The species protected processing environment available keys (such as public / private key pair private key) is used to encrypt data structure describing the first 805 or target appropriate password hash data block header 807. 在本例中,目标环境需要使用信任技术(如传递受信认证机关签发的认证)来获得相应的密钥(如公钥/私钥对中的公钥)以便评估源消息。 In this example, the target environment requires trust techniques (e.g. authentication information transmitted by the authentication authority issued) to obtain the corresponding key (e.g. public / private key pair the public key) in order to assess the source message. 另一种情形是,描述性数据结构创建工具800在被制造时就装备有密钥,人们可使用该密钥而不是来自受保护处理环境的密钥,尽管通常该种技术更易于被有经验的计算机黑客所破解从而一定程度上不易被目标环境所信任。 Another scenario is that the descriptive data structure creation tool 800 at the time of manufacture is equipped with a key, one can use the key instead of the key protected processing environment from, although usually this kind of technology is more easily experience Computer hackers break so easily be trusted target environment to some extent.

另外(如果加密技术不合适或并不需要),源消息可以包含一个相应于源环境的唯一的识别符。 Also (if encryption is inappropriate or not required), the source message may contain a unique environment corresponding to the source identifier.

描述性数据结构创建工具800(见图10A)把结果描述性数据结构200和相应的对象830一起打包入安全容器100。 DDS creation tool 800 (see Fig. 10A) of the results of descriptive data structures 200 and 830 together with the corresponding object 100 packed into a secure container. 另一种情形是,描述性数据结构创建工具800把描述性数据结构200嵌入或关联到对象830,'对象830'提供方法把描述性数据结构发行给目标环境分析程序852。 Another scenario is that the descriptive data structure creation tool descriptive data structure 800 200 830 embedded or linked to an object, 'Object 830' provides a method to describe the data structure to be issued to the target environment parser 852. 描述性数据结构200及其关联的对象830就可传送到一个或多个目标环境850以供处理。 Object descriptive data structure 830 and 200 can be associated to one or more target environments 850 for processing.

目标环境分析程序852(和/或解释程序854)可以是应用程序的一部分,操作系统的一部分,或者是应用程序和/或操作系统所使用或关联的实用程序的一部分。 Target environment parser 852 (and / or interpreter 854) may be part of the application, part of the operating system, part of, or application and / or operating system you are using, or associated utilities. 目标环境分析程序852接受描述性数据结构200并分析描述性数据结构200来定位相应于目标环境850(k)的目标数据块801(k)。 Target environment parser 852 to accept the descriptive data structure 200 and analyzes descriptive data structure 200 to locate corresponding to the target environment 850 (k) of the target data block 801 (k). 分析程序852而后根据相应的目标数据块801决定目标数据块包含的规则。 Analysis program 852 then determines the rules of the target data block contains data based on the corresponding target block 801. 分析程序852能够很好的理解描述性数据结构200的结构从而(用如图10B所示的头信息)发现其相应的适当目标数据块801,分析程序也能够理解目标数据块中的规则。 Analysis Program 852 can well understand the structure of descriptive data structure 200 and thus (with the header information in FIG. 10B) is found to be accompanied by appropriate target data block 801, the program can be analyzed to understand the rules the target data block. 目标环境分析程序852并不需要理解任何附加性的规则316,后者可能被打包入容器100或与对象830一起传送;但如果需要,分析程序可以使用任何该类附加规则(例如,当它发现描述性数据结构200中没有相应于特定目标环境850的目标数据块801时,它能够通过理解其它目标数据块801(其规则基于出版说明和/或标准)来了解特定目标环境850)。 Target environment parser 852 does not need to understand any additional rules 316 of the latter may be packed into the container 100 or transmitted together with the object 830; but if necessary, the analysis can use any such additional rules (e.g., when it finds When the descriptive data structure 200 does not correspond to the specific target environment 850 target data block 801, it can be understood by other target data block 801 (whose rules are based on published descriptions and / or standard) to understand the specific target environment 850).

目标环境分析程序852可以从目标数据块801获得实用的目标规则,并提供这些规则给应用程序函数856。 Target environment analysis program 852 can obtain practical goals rule from the target data block 801, and provided to the application of these rules function 856. 应用程序函数856可定义任意有关于对象830的操作,举例如下:剪切拷贝 Applications can define an arbitrary function 856 has 830 operating on an object, for example as follows: Cut copy

打印粘贴保存改变删除任何其它操作分析程序852提供的目标规则可以被用于许可、请求和/或阻止特定操作;执行特定操作的扩展定义(如限制拷贝数目,定义扩展剪切,应用于剪切信息的后续使用的规则等);定义执行特定操作的结果(例如,要求用户打印、使用和/或访问全部或部分对象830,维护执行该类操作的时间记录和/或数量记录). Print paste Save change, deletion, any objective analysis of the rules of other operating procedures can be used to provide 852 licenses, requests and / or block specific actions; define extensions to perform certain actions (such as limiting the number of copies, define an extended cut Cut, cut rules that apply to the subsequent use of the information, etc.); the result is defined to perform specific actions (for example, requires users to print, use, and / or access to all or part of the object 830, the execution time of the recording of such maintenance operations and / or The number of records).

另一方面,分析程序852也将其从目标数据块801中获得的部分或全部规则提供给其它设计以应用这些规则,比如“其它的权限管理函数”块858。 On the other hand, analysis of the program will also offer some of its 852 obtained from the target data block 801, or all of the rules designed to apply to other rules, such as "other rights management functions" Block 858. 块858可提供任何类型的权限管理函数。 Block 858 can provide any kind of rights management functions. 如果需要让应用程序函数856和/或“其它的权限管理函数”块858理解规则,可使用解释程序854。 If you need to make an application function 856 and / or "other rights management functions" understand the rules block 858, 854 can be used to explain the program. 在某种情况下,解释程序854可用于进一步使获自目标数据块801的规则信息更加精细化、参数化和/或安全,所以它们与“其它的权限管理函数”块858更加兼容甚至完全兼容。 In some cases, the interpreter 854 may be used to further the rules obtained from the target data block 801 more refined information, arguments and / or safe, so they and the "other rights management functions" block 858 is fully compatible with even more compatible .

上文结合实用的和现存的具体实施例描述了一个有用的数据结构定义方法和设计。 And above in the existing practical embodiments describe a particular useful data structure definition and design methods. 本发明并不仅限于这些实例,相反地,它包含了定义于权利要求中的各种变化和等值物,并体现在权利要求的精神中。 The present invention is not limited to these examples, on the contrary, it contains a definition of the various changes and equivalents to the claims, and is reflected in the spirit of the claims.

Legal Events
DateCodeEventDescription
28 Jul 2004C06Publication
29 Sep 2004C10Request of examination as to substance
4 Feb 2005REGReference to a national code
Ref country code: HK
Ref legal event code: DE
Ref document number: 1064763
Country of ref document: HK
11 Jan 2006C14Granted