SECURE DOWNLOAD AND SERVER CONTROLLED ACCESS TO "PROPRIETARY DATA WITH LIMITED BANDWIDTH REQUIREMENTS
FIELD OF THE INVENTION The present invention generally relates to restricting access in time and/or location to proprietary material which is stored and distributed in digital format using networks and computers. More particularly, this invention relates to systems and techniques for ensuring that such proprietary materials can, utilizing known and standardized protocols such as FTP and HTTP and known encryption methods such as Blowfish or TASC, be securely downloaded over a period of time before their use, and be stored in advance, thereby circumventing the need for the excessive bandwidth resources which would be required should the download be executed in real time.
While such download methods are known and are frequently used, the present invention furnishes systems and methods for managing and controlling momentary access to the preloaded material as governed by an online process and transaction sequence involving a central server. The present invention also relates to the detailed management of an access control process in terms of timing and activities, such as when the process is initiated, opened, ongoing, changed, finalized or closed.
In addition to the fields covered above the invention relates to all and any forms of digital communication of proprietary material where there is a need for momentary and timely control of access to the material, regardless of which type of computer system or operating system or other electronic means of digital communication or network or hardware environment or configuration.
BACKGROUND
The lives of people and businesses are becoming increasingly dependent on the distribution of materials by electronic means . Concurrent with this digital evolution there is an increasing need to protect certain material from unauthorized access and for this purpose a number of encryption methods and security procedures have been developed by a large number of inventors. While these prior inventions cover a large part of the needs of a more computer dependent world, there are some specific needs and problems which the current invention intends to cover and solve.
Although more and more people, business and institutions which are linked up to the "Information Highway" or Internet at increasing bandwidths, it would be very limiting to certain operations to have to rely on being able to do business or deal only with clients and customers that are favourably in the possession of broadband connections. An example of where such limitation would be very detrimental is the e-learning environment. While learning and the access to knowledge, up to and including a large part of the previous century was largely confined to specific locations and learning institutions and libraries, such knowledge is now more and more widely available through electronic means and accessible from the home or work place. Distance learning is becoming one of the more favoured ways of obtaining skills and knowledge and universities are facing the challenge of providing service to an increasing part of their alumni over the Internet. Authors, artists and producers, are likewise facing the need for distributing their work by electronic means . While some are slow in adapting to these new channels for distribution, others have been fast in establishing new forms of businesses working mainly and sometimes entirely via electronic media. For each such effort there has most likely been a solution for
their specific needs, in part using already invented solutions.
The present solution has sprung from -the need for a solution to such a specific and segmented digital distribution problem, namely the situation where there is a need for providing the client or customer with an advance copy of the proprietary material but where the said client or customer must not be granted access to the material at the same time. This is the case for instance when a limited bandwidth connection prevents access in real time, such as access to learning materials or a video movie or a high resolution image or similar digitized material. The natural solution when the real time execution of electronic material is prevented by limitations of the network connection is to preload the material. The material is pre- loaded while the user is doing something else and as soon as the preload is finished the users can start using or viewing the material. This is all fine and workable as long as the material is not proprietary; the user is allowed to keep an unprotected copy of the material on his hard disc or mass storage device; there are no payment transactions or other prerequisite activities involved before access can be permitted. Often this is not the case. A company providing online certification or knowledge assessments over a network or Internet must ensure that the user is barred from access to the material except in the exact time frame in which the assessment is being carried out. Likewise, an institution providing learning materials over a network or Internet has a need for limiting access to certain parts of the material until certain requirements have been met by the user. An example is for instance if the course being provided over the Internet contains a several megabyte large real time video segment. It is inconceivable that the student should have to wait twenty minutes while the segment is being downloaded over
a slow modem. The preferred solution would be to let the student download all materials so that they are available instantly when they are called for. This however presents the problems described before, or more in detail:
Can the user be given access to the material as soon as it is downloaded?
Is it acceptable that the user can browse the material out of sequence?
Can the user be allowed to copy and redistribute the material?
Will the user have access to the material before he/she actually paid for it?
Should access be limited to a specific moment in time?
There are certainly other and similar issues involved but the above gives a fairly comprehensive picture of the problems being solved by the current invention.
US 6,185,306 Bl discloses a method of transmitting protected video and/or graphic data over the Internet from a Web site, by encrypting the video and/or graphic data and storing it at a Web site associated with a server, and by encrypting a video player and storing it at the Web site. Both are then downloaded to a requesting computer via the Internet or Intranet. The requesting computer decrypts the video and/or graphic data and video player via a previously supplied decryption key, so that the video may be played back by the decrypted player. The user of the requesting computer is in full control of the playback and once the video and/or graphic data has been downloaded the sending party has no control of how the data is accessed.
SUMMARY OF THE INVENTION
An object of the present invention is to provide a method and a system of the kind initially described wherein the above mentioned problems with prior art systems are solved or at least minimised. Thus, a first object is to provide a method and a system wherein proprietary material can be downloaded by a client or customer in advance, but where the client or customer must not be granted access to the material at the same time.
A further object is to provide a method and a system wherein proprietary material previously encrypted and downloaded can be momentarily accessed.
A yet further object is to provide a computer program product directly loadable into the internal memory of a server or client computer and which is used to implement the above mentioned methods .
The above objects are attained by a method, a system, and a computer program product as defined in the appended claims 1, 8, 9, and 10, respectively.
From this aspect the present invention provides systems and methods for the control of the users as governed by certain transactions and an uninterrupted connection to an Access Control Server (ACS), which usually will be the same or a related server to the server from which the initial download was done. This feature of the present invention ensures that:
The user has access to the material only during the specific time period when it is intended that the user should have access .
There is no access to the material in unencrypted form either before or after the period of access.
Unauthorized use of the material during the actual access period is made extremely difficult if not impossible.
The present invention is designed to resolve the problem of controlling and permitting access in real time while pre- venting unauthorized access at other times, to proprietary materials in digital format while still making it possible to download and store such materials in advance of their actual use on a remote computer hard disk or mass storage device. Thereby a number of advantages are facilitated, such as the display and use, in real time, of materials which would otherwise be impossible to show due to bandwidth requirements; the possibility of downloading materials in advance but releasing it once payment has been made; the possibility of terminating access to materials once a certain time period has expired or as soon as a transactions signal is sent over the network or a network connection is interrupted.
BRIEF DESCRIPTION OF DRAWINGS
The invention is now described, by way of example, with reference to the accompanying drawings , in which:
Fig. 1 shows a simplified outline of a system according to the invention comprising an Access Control Server and a remote client computer;
Fig. 2 shows a flow diagram for logical circuitry of an automated client software residing in the remote client computer of Fig. 1;
Fig. 3 shows a flow diagram for the logical circuitry of the Access Control Server of Fig. 1; and
Fig. 4 shows a principal flow diagram over the relationship between the remote client computer and the Access Control Server of Fig. 1.
DETAILED DESCRIPTION OF THE INVENTION
In the following a detailed description of preferred embodiments of the present invention will be given. In this description, "ACS" or "Access Control Server" refers to a central computer which may or may not harbour the material which is being secured and which governs the downloading processes and remote access of those materials at a client computer while "Client software" refers to a specific computer programme or software which cannot operate on its own but which operates as interdependent on software running on a server, in this case the Access Control Server.
As described previously, the present invention directs itself to the process of providing and controlling access to proprietary materials, which have been downloaded in advance, at a remote location.
It must be noted that the present invention does not involve itself with the actual method or protocol of the downloading in itself . The inventor acknowledges that there are methods and protocols for the downloading process such as FTP or HTTP to give a few examples. That such methods and download protocols are readily available does not ensure that a prior download can be done without compromising or exposing the material being downloaded.
Again, it must be noted that the present invention does not involve itself with any actual encryption method or algorithm being used in order to prevent unauthorized access to the materials in question. The inventor acknowledges that there are methods readily available in order to securely lock any digital material from the unwanted access by an unauthorized user, such as Blowfish or TASC and other systems. Immediately when such an algorithm has been used in order to decrypt the material however, the material is unlocked and usually free
for the user to use in whichever way he wants to use it, to copy it, alter it or redistribute it, which is in itself a form of unauthorized access and which the present invention directs itself at preventing.
The system according to the invention comprises two main components, designed as hardware or software, which operate in symbiosis to achieve the desired result of being able to manage the access at a remote location to materials previously downloaded. Although the components of the invention are relying on the generic processing power of the computers they reside in, they do in themselves contain the needed logic and device capability for completing the entire access and control procedure. As shown in Fig. 1, the system comprises a central computer called the Access Control Server or ACS 10 which is provided with an interface connecting it to the Internet or other Information Highway shown as Network 20 and which can be reached through an Internet Protocol address, through the DNS network or similar addressing system. The ACS contains one or more data bases which hold the names or identities in other forms of the individuals that have requested access to certain materials. The data bases also contain information on whether these individuals are to be granted access or not and define the conditions under which the individuals will be permitted access and to what materials. The ACS 10 further contains active server circuitry (not shown) which is controlling at each moment whether any of these individuals or individuals not yet registered is seeking access or is logged in or is connected to the server.
The system also comprises a client computer 30 containing a mass storage device for harbouring downloads, client software for the automated downloads and integral execution software for the display of the materials during the periods for which
utilization has been granted from the ACS 10. A segment 34 of the internal storage 32 of the client computer is utilized for an automated advanced download of proprietary materials in encrypted format. Access to the material is governed by the ACS 10.
Even though that is not a prerequisite, a transaction process, which is outlined in Figs. 2 and 3, may start with that an individual visits a certain web page resident on or linking to the server. The visiting individual makes a selection, a selection to participate in a certain certification or assessment or a selection to join a certain educational activity or course or simply a choice to watch a certain cinematographic video or listen to choice music. Thus, the environment can be an assessment and certification environ- ment, an education environment, a music, video, photography or similar environment wherein secure download of proprietary material is required.
At that stage the individual would identify him/herself as a prerequisite to continue the process and the server responds by generating a personal code which relates to the individual being registered as well as a code relating to the choice having been made by the individual. At this stage, or later if the operator of the invention so wishes, the client software is allowed to be manually downloaded from the web page by the individual and is installed as a normal software program on the client computer 30.
The identity code and selection code which were generated by the sever, in a format decided by the operator of the invention, are then forwarded, preferably as an electronic mail or in any other way, to the individual wishing to register for the service.
When the codes are received by the individual he/she must start the software previously downloaded and installed in order to activate the software using his personal identity code and selection code. At that time the individuals computer must be connected to the Internet or to the network in question and the software verifies the connection. Having received the necessary codes, these are entered into appropriate fields displayed by the software and a personal password is chosen and entered, alternatively such a password is proposed by the server and is accepted or changed by the user.
At this point the software is activated and the identity of the user and his/her choice is known to the ACS. The download of the materials needed for the selected service starts in the background and continues until it is downloaded in its entirety in a format utilizing encryption techniques such as
Blowfish or TASC. The download is of course interrupted if the Internet or other network connection is interrupted before the download is finished. Preferably the download is paused whenever the user pushes a key of his keyboard in order to not slow down the normal operation of the computer during the time of the download. In order to make sure that the download is really completed even if the user decides to restart his/her computer, the software is preferably registered as a service or auto start object on the computer. The download activity would then resume, if not finished, even after a reboot of the computer and would continue whether the display of the client software is visible on the users screen or not. When it is not shown, the software simply operates in the background.
To keep the user informed of the current status of the down- load it is intended that the software displays an indicator in the system tray of the computer or otherwise, for example an
iconified light emitting diode showing a red light for ongoing download and a green light for a completed download.
The user is free to start using the materials so downloaded as soon as the indicator mentioned above has shown that the down- loading cycle has finished. When the user starts the software at this stage, its character has changed from a download manager client to an operational client. The user is requested to log in to the ACS using the same codes as when the download was started and to enter his/her personal password. An Inter- net or other network connection is a prerequisite at this time. The ACS verifies that all and any additional prerequisites, such as prior payment or procedures decided by the operator of the invention, have been met. When the prerequisites have been verified as met, the ACS generates the appropriate decryption key thereby enabling transparent decryption on the user's client machine. An automatic download of a control programme from the ACS then takes place . The control programme which is designed to regulate the display of the service is loaded into the RAM memory of the client computer 30 and is executed immediately. This programme may govern for example the rate and sequence with which the questions of an assessment are going to be presented or regulate some other feature of the previously downloaded resources. The desired service, as governed by the control programme then starts, whether an assessment procedure, a training course segment, a cinematographic video show, a musical performance or something else. The service is allowed to continue as long as the control programme runs according to schedule and is terminated when that schedule terminates or when and if the Internet or network connection is broken. If the connection is accidentally broken or is broken due to technical difficulties beyond the control of the user i.e. in the middle of a training course segment, sufficient informa-
tion will have been transmitted to the ACS during the activity of the control programme in order for the programme to be able to restart at the point where it was interrupted if that is the desired action to take.
It should also be noted that the encrypted materials residing on the hard disk or mass storage of the users computer remains encrypted at all times and exists in decrypted format only briefly in volatile memory, such as the RAM of the users computer during the display of the materials as governed by the control programme.
The principal operation of the procedure of how the materials are decrypted into RAM and are displayed on the screen of the user's computer is outlined in Fig. 4. Recordable activities of the user, while operating the client software, are registered by the ACS in appropriate data bases, for instance the progress of the user through the material; any responses given to questions; the time spent on each segment of the presentation etc. The ACS is also responsible for any interactive server responses that need to be given to the user at his request or as a response to specific steps of the procedure. This is not an indispensable ingredient of the invention but is more for the reason of optimizing security and operation of the procedure . Preferably it is thus seen that the resources needed for the presentation, especially the resources which require time and bandwidth to download, are provided as previously encrypted and downloaded and any other responses are provided by the ACS directly. In this context the ACS may also be required to redirect a response from the user to an online support person or to a queue for matters awaiting a manual response. The support line may or may not be equipped with voice and/or video capability.
At a time when such is required by the schedule of an automatically downloaded control programme or as scheduled by data in the data bases of the ACS, the resources downloaded on the user's computer are deleted, thus completing the entirety of the transactions . If so is desired by the operator of the service according to the invention however, it may be desirable to download materials in excess of what the user has requested in order to be prepared for additional request which are anticipated by the user. This could be for instance an automated download of musical items that are in alignment with the user's musical taste, a list of video films present on a film of the week list or a follow up training course in addition to a course the user has chosen to do. The main reason for doing this would be to be able to provide a desired service faster at a time when the user wants it. In order to facilitate this, the user should preferably be required to enter the amount of disk space which he/she is prepared to set aside for the service, already at the time when he first activates the client software handling the automated back- ground download cycle.
While a number of interacting processes have been described above as being contained and being interoperable in the execution and use of this invention, the key to the invention as stated in the claims below, should be recognized as being the way in which an ACS is governing the distribution of selective decryption keys and the way it is monitoring and controlling the momentary and timely access to proprietary materials during such time that the users computer is online with the Access Control Server.
It has been stated that an automatic download of the control programme from the ACS takes place when the user starts the software for accessing the materials. It will be appreciated
that the control programme can be downloaded together with the materials instead and that its execution is started when the materials are accessed.