US20160253483A1 - Systems, methods, and apparatus for facilitating client-side digital rights compliance - Google Patents
Systems, methods, and apparatus for facilitating client-side digital rights compliance Download PDFInfo
- Publication number
- US20160253483A1 US20160253483A1 US15/154,544 US201615154544A US2016253483A1 US 20160253483 A1 US20160253483 A1 US 20160253483A1 US 201615154544 A US201615154544 A US 201615154544A US 2016253483 A1 US2016253483 A1 US 2016253483A1
- Authority
- US
- United States
- Prior art keywords
- application
- drc
- domain
- content
- structured document
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 230000014509 gene expression Effects 0.000 claims description 34
- 238000013500 data storage Methods 0.000 claims description 15
- 230000001052 transient effect Effects 0.000 claims description 2
- 230000003993 interaction Effects 0.000 claims 3
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 238000013515 script Methods 0.000 description 5
- 244000035744 Hura crepitans Species 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 3
- 235000014510 cooky Nutrition 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 229920001690 polydopamine Polymers 0.000 description 2
- 238000009877 rendering Methods 0.000 description 2
- VYZAMTAEIAYCRO-UHFFFAOYSA-N Chromium Chemical compound [Cr] VYZAMTAEIAYCRO-UHFFFAOYSA-N 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G06F17/2247—
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/629—Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/10—Text processing
- G06F40/12—Use of codes for handling textual entities
- G06F40/14—Tree-structured documents
- G06F40/143—Markup, e.g. Standard Generalized Markup Language [SGML] or Document Type Definition [DTD]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
Definitions
- the described embodiments relate to facilitating digital rights compliance for content, and in particular to facilitating compliance with intellectual property rights of digital content by client-side computers.
- the Internet provides new opportunities and challenges to rights holders who wish to market their digital content (e.g. works such as electronic books, multimedia files, etc.). Significant resources are often expended tracking and registering the legal rights associated with such digital content. Furthermore, enforcing or ensuring end user compliance with the digital rights associated with digital content can result in processing and overhead that increases the cost of creating and using digital content. Specifically, in client-server environments in which digital content may originate from multiple sources, the management of digital rights can quickly become complex and expensive.
- Server-side solutions may be advantageous in some circumstances. For example, such approaches may permit circumventing of limitations that are inherent in client-side processing, such as restrictions on a client computer that prevent content from one origin from being used at another location.
- server-side solutions permit strict enforcement of end user compliance with digital rights, since digital content will not be provided to end users until compliance is confirmed (e.g. the user has paid for use of the digital content). Conversely, if digital content is sent to end users prior to compliance confirmation, there is an increased risk that end users may circumvent the digital rights associated with that content.
- FIG. 1 is a schematic diagram of a client computer for facilitating compliance with digital rights according to one embodiment shown connected to a first domain and a second domain;
- FIG. 2 is a schematic diagram illustrating components of the client computer of FIG. 1 ;
- FIG. 3 is a schematic diagram illustrating components of the application on the client computer of FIG. 1 ;
- FIG. 4 is a schematic diagram illustrating components of a structured document received by the application of FIG. 3 ;
- FIG. 5 is a schematic diagram illustrating components of a digital rights compliance (DRC) object received by the application of FIG. 3 ;
- DRC digital rights compliance
- FIG. 6 is a method for facilitating compliance with intellectual property rights according to another embodiment.
- FIG. 7 is a system for facilitating compliance with intellectual property rights according to another embodiment.
- Some embodiments of the systems and methods described herein may be implemented in hardware or software, or a combination of both. However, in some cases these embodiments are implemented in computer programs executing on programmable computers each comprising at least one processor, a data storage system (including volatile and non-volatile memory and/or other storage elements), at least one input device, and at least one output device.
- the programmable computers may be a mainframe computer, server, personal computer, laptop, personal data assistant, tablet computer, or cellular telephone.
- Program code may be applied to input data to perform the functions described herein and generate output information.
- the output information may be applied to one or more output devices in known fashions.
- Each program may be implemented in a high level procedural or object oriented programming and/or scripting language to communicate with a computer system.
- the programs can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language.
- Each such computer program may be stored on a storage media or a device (e.g. read only memory (ROM) or magnetic diskette) readable by a general or special purpose programmable computer, for configuring and operating the computer when the storage media or device is read by the computer to perform the procedures described herein.
- the systems may also be considered to be implemented as a non-transitory computer-readable storage medium, configured with a computer program, where the storage medium so configured causes a computer to operate in a specific and defined manner to perform the functions described herein.
- a client computer for facilitating intellectual property rights compliance having a hardware network module connectable to at least one first domain and at least one second domain, a processor operatively connected to the hardware network module, and a data-storage device operatively connected to the processor, the data-storage device storing instructions.
- the instructions are executable by the processor to provide an application for receiving a structured document from the first domain, the structured document having at least one content, a reference to at least one digital rights compliance (DRC) object located on at least one second domain, and application-specific instructions being executable by the application, the at least one DRC object being defined in a non-executable format and containing information indicative of rights associated with the at least one content, and executing the application-specific instructions to cause the application to send at least one request to the at least one second domain for the at least one DRC object, receive the at least one DRC object from the at least one second domain and present the at least one content in accordance with the at least one DRC object.
- the application is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from the first domain that access application-specific instructions from the at least one second domain.
- a method for facilitating intellectual property rights compliance by an application having the steps of receiving a structured document from a first domain, the structured document having at least one content object, a reference to at least one digital rights compliance (DRC) object located on a second domain and associated with the at least one content object, and application-specific instructions being executable by the application, the at least one DRC object being defined in a non-executable format and containing information indicative of rights associated with the at least one content, executing the application-specific instructions to cause the application to send at least one request to the second domain for the at least one DRC object, receiving the at least one DRC object from the second domain, executing the application-specific instructions to cause the application to modify the structured document by incorporating the at least one DRC object into the structured document, and executing the application-specific instructions to cause the application to present the at least one content object in accordance with the at least one DRC object.
- the application is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions
- a non-transient physical computer-readable storage medium storing a structured document, the structured document having at least one content object, a reference to at least one digital rights compliance (DRC) object located on another domain, the at least one DRC object being defined in a non-executable format and containing information indicative of rights associated with the at least one content, and instructions being executable by an application for performing operations comprising sending at least one request to the remote domain for the at least one DRC object, receiving the at least one DRC object from the remote domain, and presenting the at least one content in accordance with the at least one DRC object.
- the application is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from a first domain that causes the application to execute application-specific instructions from a second domain.
- the client computer 10 for facilitating intellectual property rights compliance for digital content according to one embodiment.
- the client computer 10 is shown connected to the Internet 12 , and (via the Internet 12 ) to a first domain 14 and a second domain 16 .
- the client computer 10 has a hardware network module 44 connectable to the first domain 14 and the second domain 16 .
- the client computer 10 also has a processor 42 operatively connected to the hardware network module 44 , and a data-storage device 46 operatively connected to the processor 42 .
- the processor 42 may be connected to an output device 48 , such as a display, as will be described further below.
- the client computer 10 may have a plurality of processors, network modules, and/or data storage devices.
- the client computer 10 may have other types of components, such as a discrete graphics processor, a discrete data storage device (or both) for graphics related data.
- the data storage device 46 of the client computer 10 stores instructions that are executable by the processor 42 to provide an application (e.g. application 50 as described below and shown in FIG. 3 ) that is configured to receive a structured document 20 (as shown in FIG. 4 ) from the first domain 14 .
- an application e.g. application 50 as described below and shown in FIG. 3
- a structured document 20 as shown in FIG. 4
- the structured document 20 includes at least one content 22 , a reference 24 to at least one digital rights compliance (DRC) object 30 located on the second domain 16 and which is associated with the at least one content 22 , and application-specific instructions 26 being executable by the application 50 .
- DRC digital rights compliance
- the DRC object 30 is defined in a non-executable format and contains information indicative of digital rights associated with the at least one content 22 .
- the application 50 executes the application-specific instructions to cause the application 50 to send at least one request to the second domain 16 for the at least one DRC object 30 , receive the at least one DRC object 30 from the second domain 16 , and present the at least one content 22 in accordance with the at least one DRC object 30 .
- the application 50 is configured so as to be compliant with a “same-origin security policy” that generally prohibits the application 50 from executing application-specific instructions 26 from one domain (e.g. the first domain 14 ) that would cause the application 50 to execute application-specific instructions from another domain (e.g. the second domain 16 ).
- a “same-origin security policy” that generally prohibits the application 50 from executing application-specific instructions 26 from one domain (e.g. the first domain 14 ) that would cause the application 50 to execute application-specific instructions from another domain (e.g. the second domain 16 ).
- the hardware network module 44 may be a device that is capable of facilitating data communication with the first domain 14 and the second domain 16 .
- the network module 44 may be a wired network device such as an Ethernet network card.
- the hardware network module 44 may be a wireless network device such as an IEEE 802.11 (“WiFi”) compliant network device, a cellular network device to connect to a cellular network (e.g. GSM, GPRS, EDGE, HSDPA), and so on.
- WiFi IEEE 802.11
- the network module 44 is operatively connected to the first domain 14 and the second domain 16 . As shown, in this embodiment the network module is connected to the Internet 18 and through the Internet 18 to the first domain 14 and the second domain 16 .
- the network module 44 may also connect to the domains 14 and 16 in other ways. For example, the network module 44 may connect to one of the domains 14 or 16 without connecting to the Internet 18 and then connect to the other domain through the Internet. In another example, the network module 44 may connect to both of the domains 14 , 16 without connecting to the Internet 18 (e.g. via an Intranet).
- the network module 44 may connect to more than the first domain 14 and second domain 16 , but may also connect to other domains.
- the processor 42 is also connected to the output device 48 .
- the output device 48 generally communicates information for consumption or observation by one or more users of the client computer 10 , and which may differ depending on the type of client computer 10 .
- the output device 48 may be an LCD or CRT display if the client computer 10 is a desktop, and a laptop display if the client computer 10 is a laptop.
- the output device 48 may be a display screen on a smart phone or a PDA.
- the output device 48 is operatively connected to the processor 42 .
- the output device 48 may be connected to a discrete graphics processor on a dedicated video card.
- the data storage device 46 may include volatile memory, non-volatile computer memory, or both.
- the data storage device 46 may include random access memory (RAM), magnetic computer storage devices such as hard disk drives, and flash memory.
- the client computer 10 may comprise more than one type of data storage device 46 .
- the client computer 10 may have a hard disk drive and RAM.
- the data storage device 46 generally has instructions being executable by the processor 42 to provide the application 50 , so that the application 50 is capable of retrieving and executing application-specific instructions 26 contained in the structured document 20 .
- Examples of the application 50 could include web-browser applications such as Microsoft Internet Explorer, Safari, Mozilla Firefox, Chrome, and so on.
- the application 50 may also differ based on the type of client computer 10 .
- the application 50 may be resident on and/or optimized for mobile computing platforms found on mobile computing devices, such as smart phones and PDAs.
- the data storage device 46 may contain instructions being executable by the processor 42 to provide more than one application 50 on a single client computer 10 .
- illustrated therein are various components of the application 50 .
- the components shown herein are only for illustrative purposes and the number and the type of components and the logical organization of the components may differ in other embodiments.
- the application 50 comprises instruction-execution module 52 for receiving and executing application-specific instructions.
- the application 50 may also have a number of optional plug-in applications installed.
- the installed plug-in applications could include a music playback plug-in 54 , video playback plug-in 56 , and flash plug-in 58 .
- the instruction execution module 52 generally receives and executes application-specific instructions 26 to provide various functionalities. For example, executing the application-specific instructions 26 may cause the application 50 to render various text, images or other digital content to the output device 48 for consumption by one or more users.
- application-specific instructions may be executed to render a specific text at a specific location of the web page for display.
- instructions may be executed to render an image file at a specific location of the web page for display.
- the application-specific instructions may be executed to cause the application 50 to solicit user input and then send the user input back to the web-server from which the web page was retrieved.
- the application-specific instructions 26 may be executed to cause the application 50 to retrieve another structured document from the same domain or from a different domain.
- the application-specific instructions may be executed to cause the application 50 to save some information on the data storage device 46 (e.g. a cookie).
- the application-specific instructions may be executed to cause the application 50 to render a video file for play back by a user.
- the application-specific instructions may be written in various programming languages that are compatible with the application 50 .
- the application-specific instructions may be provided in Hyper Text Mark-up Language (“HTML”).
- the application-specific instructions may be provided in the form of JavaScript language.
- HTML allows instructions in other languages to be embedded within HTML instructions.
- a web page may have a begin tag ⁇ HTML> and an end tag ⁇ /HTML> to indicate that the application-specific instructions contained therebetween are HTML syntax.
- the application 50 will recognize the “begin” tags and “end” tags and process the instructions contained therebetween (including the JavaScript) accordingly.
- the application-specific instructions may be linked from (i.e. received from) an external source.
- the instructions may not necessarily be contained in the structured document.
- the instructions, in JavaScript will be downloaded from URL_X and executed.
- the application 50 may include a language parser, or a compiler, or both.
- the instruction execution module 52 may be able to execute application-specific instructions 26 , it may not be able to execute instructions in content 22 to render the content embodied therein. In some situations, it may not be desirable for the instruction execution module 52 to render content 22 due to user-preference reasons, efficiency reasons, or other reasons.
- the instruction execution module 52 may be able to render some types of content 22 such as text, images, and basic sound effects. However, the instruction execution module 52 may not render other types of content 22 such as video, music, or flash based applications. Types of content 22 that are not rendered by the instruction execution module 52 may be provided to the installed plug-in applications 50 for execution.
- the music plug-in 54 the video plug-in 56 , and the flash plug-in 58 are installed. In other embodiments, there may be different plug-in applications installed. Some plug-in applications may be able to execute more than one type of content 22 . For example, a media-player plug-in application may be able to render both audio and video content 22 .
- Plug-in applications are generally used to render various types of content.
- the video plug-in 56 may play back a video file.
- the rendered video may be displayed as part of the application 50 or in a separate display.
- rendering of the content 22 may provide functionalities other than media playback.
- the flash plug-in 58 may execute flash content to provide an application or a game.
- plug-in applications render content 22 independently of the application 50 . That is, once invoked and the content 22 is provided to the plug-in application, the plug-in application will execute content 22 without further aid from the application 50 .
- the content 22 will contain an indicator of the type of content.
- the content 22 may be formatted as a JPG, TFF, PNG, or GIF files.
- the content 22 may be formatted as a SWF file.
- the content 22 is video file, it may be formatted as a MPEG or an AVI file.
- instructions in a structured document 20 are not executed by the client computer 10 at all.
- instructions provided in the form of Active Server Pages (ASP), Java server environments instructions, or CGI scripts may be directed to execution by server-side applications.
- structured documents 20 may be received from an untrustworthy domain, it is possible that some structured documents 20 may contain unscrupulous application-specific instructions 26 that can harm the client computer 10 when they are executed. For instance, in one example executing particular application-specific instructions 26 may cause the application 50 to provide personal information stored in a cookie file to an unauthorized domain. In another example, executing the application-specific instructions 26 may cause the application 50 to harm file systems of the client computer 10 .
- the application 50 is configured to limit the application-specific instructions 26 that the application 50 will execute. That is, the application 50 will not execute application-specific instructions 26 that will cause the application 50 to act in a prohibited manner, as described below.
- the application 50 may be restricted from executing application-specific instructions 26 that cause the application 50 to execute instructions that are received from or sent to another website.
- This is sometimes referred to as the “same-origin policy” in that a file that is created by a structured document from a domain may only be modified by a structured document from the same domain. This prevents a structured document from accessing a file that is created by another domain.
- the policy permits application-specific instructions 26 from a structured document 20 received from domain 14 to only access other application-specific instructions received from the same domain 14 . Execution of application-specific instructions received from other domains, also known as “cross-domain execution”, is prohibited.
- the application 50 may also be restricted from executing application-specific instructions 26 that cause the application 50 to modify any of the client computer 10 file systems beyond very narrowly defined “cookie” files. That is, the application-specific instructions 26 executed by the application 50 may be constrained to a “sandbox” and unable to modify files outside of that sandbox. This prohibits modification of the client computer 10 file systems that could otherwise be harmful to the client computer 10 .
- a web page may contain instructions in various languages, and certain instructions may be executed by the instruction execution module 52 , and others, by relevant plug-in applications.
- the instructions provided in JavaScript in web pages may be executed by the instruction execution module 52 within the application 50 without requiring a plug-in application. Since the application 50 limits the type of instructions that it executes for security reasons, the JavaScript instructions that are executed are contained in the sandbox and bound by the same origin policy.
- instructions executed by the plug-in applications and server side scripts are not being solely executed by the application 50 . As such, they are not necessarily bound by the security limitations of the web browser. Additionally, if plug-in applications are used to interpret and run the application, the plug-in applications need to be downloaded and installed in the client system.
- the client computer 10 is connected to the first domain 14 , which may be an Internet website hosted by a server or a pool of servers, and may be identifiable over the Internet based on the Domain Name System (DNS).
- DNS Domain Name System
- the first domain 14 is generally accessible by the client computer 10 and other computers connected to the Internet 18 .
- the first the domain 14 may employ authentication procedures before serving each computer that connects to the first domain.
- the first domain 14 may require the client computer 10 to provide a log-in identification and password prior to serving the client computer 10 .
- the first domain 14 contains structured documents.
- Structured documents are electronic documents that are provided to a recipient, usually over a communication network.
- the documents are formatted and structured in a manner recognizable by the recipient such that the recipient may understand information provided in the structured documents.
- the format and the structure of the structured documents may follow known industry protocols, languages and/or standards.
- the first domain 14 is a web server hosting a web site and the structured documents are web pages.
- the structured document 20 includes content 22 , reference to at least one digital rights compliance (DRC) object 24 , and application-specific instructions 26 .
- DRC digital rights compliance
- the content 22 may be instructions to recreate various works or other content that intellectual property rights might attach to.
- the content 22 may be instructions in binary or text to reproduce written works such as electronic books, articles, and learning objects.
- the content 22 may also be instructions to reproduce works such as images, audio recordings, video recordings, games, applications or other creations.
- the content 22 in its entirety may be part of the structured document.
- the content 22 may be relatively small such that the entire content 22 may be provided as part of the structured document 20 .
- the content 22 may also be a link to a different file outside of the structured document.
- the content 22 may be provided in a separate file and sent to the client computer 10 , and a reference to the file may be provided in the structured document 20 .
- the client computer 10 requests the structured document 20 from the domain 14 , the content 22 files referenced by the structured document 20 and external to the structured document 20 will also be transferred to the client computer 10 .
- this arrangement may be modified depending on user preferences, bandwidth and/or other factors.
- the content 22 may be streamed to the client computer 10 .
- the content 22 may be a lengthy video file, it may be preferable to stream the video file instead of providing the file in entirety. This permits appropriate application to start rendering the content 22 without having to have the entirety of the content 22 (e.g. the complete file) present on the client computer 10 .
- the structured document 20 also includes a reference to at least one DRC object 24 .
- the reference to the DRC object 24 indicates where a DRC object associated with the content 22 may be located.
- the reference to the DRC object 24 may be a web address of the second domain 16 whereby the associated DRC object may be obtained.
- the structured document 20 also includes application-specific instructions 26 .
- the application-specific instructions 26 are instructions that may be parsed and executed by applications for which the instructions are provided. In the embodiment as shown, application specific instructions 26 are application-specific instructions executable by the application 50 as described above.
- the client computer 10 is also connected to a second domain 16 , which may be an Internet website hosted by a server or a pool of servers, and which may be identifiable over the Internet based on the Domain Name System (DNS).
- DNS Domain Name System
- the second domain 16 is accessible by the client computer 10 and other computers connected to the Internet 18 .
- the second domain 16 is different domain from the first domain 14 in that structured documents received from the first domain 14 and the second domain 16 will not be considered to be from the same origin for the purposes of the same origin policy.
- characteristics such as the domain name, application layer protocol and TCP port of the web page may be considered.
- the first domain 14 and the second domain 16 may be considered as being from different origins even if they are from a single domain.
- the second domain 16 has at least one DRC object associated with the content 22 .
- DRC object 30 associated with the content 22 in the structured document 20 .
- the DRC object 30 is referenced by the reference to the DRC object 24 in the structured document 20 .
- the DRC object 30 includes rights expressions 32 .
- the rights expressions 32 contain information about permitted use of the associated content 22 and conditions for using the associated content 22 .
- Permitted uses of the content 22 may include various actions that may be performed with a given content 22 .
- permitted use of the content 22 may include viewing the content 22 , making a copy of the content 22 , modifying the content 22 , printing the content 22 , and/or redistributing the content 22 .
- Conditions for using the content 22 may include various terms such as paying of a prescribed fee, agreeing to abide by terms of use, or any other condition that the rights owner of the content 22 may wish to impose in exchange for the permitted use of the content 22 .
- a condition for printing a textbook may be to pay the rights holder a prescribed fee.
- permission may be granted to read the content 22 (but not make copies of the content 22 ) without paying a fee.
- the rights expressions 32 may also be presented as rights models.
- a rights model is a generic statement that identifies the owner of a set of content 22 and a set of zero or more licenses that are on offer with respect to the resources.
- a rights model may be that the owner of the content 22 will grant a license to any person to read but not to copy a document within a defined set of documents. This permits the owner of the document to define rights expressions 32 relating to a set of content 22 in bulk.
- the rights expressions 32 are provided in a manner that does not violate the same origin policy. That is, the rights expressions 32 are described in a manner that is understandable to the application-specific instructions 26 in the structured document 20 without violating the same origin policy.
- the rights expressions 32 may be described in a non-executable format such as the JSON format. Information provided in JSON is not compiled or executed. The rights expressions 32 defined in JSON format are not parsed and executed by the instruction execution module 32 . Instead, the rights expressions 32 defined in JSON format are treated as a data stack.
- a guided user interface may assist a user who is not skilled with JSON to create rights expressions 32 .
- a university instructor may be aided by a guided user interface to create rights expressions 32 in JSON.
- the DRC object 30 also includes metadata 34 .
- Metadata 34 may be application-specific instructions to incorporate the rights expressions 32 into the structured document 20 or any other information associated with the DRC object.
- the rights expressions 32 provided in JSON could be incorporated using the JavaScript “document.write( )” function.
- the application-specific instructions 26 may include the document.write( ) function to incorporate rights expressions 32 into the structured document 20 .
- rights expressions 32 are defined in JSON, even though the rights expressions 32 is located on a different domain, they may be referred to by the application specific-instructions 26 without violating the same origin policy of the application 50 .
- the application 50 on the client computer 10 is capable of receiving and executing application specific instructions 26 provided in the structured document 20 . Executing the application specific instructions 26 will cause the application 50 to function as follows.
- the application 50 sends at least one request to the second domain 16 for the DRC object 30 associated with the content 22 . This may be accomplished by using the network module 44 .
- the application 50 will then receive the DRC object 30 associated with the content 22 from the second domain 16 .
- the DRC object 30 comprises rights expressions 32 .
- the application 50 may then modify the structured document 20 by incorporating the DRC object 30 into the structured document 20 . As stated above, this may be accomplished by the application 50 executing application specific instructions 26 in JavaScript language to incorporate the rights expressions 32 defined using JSON format. In other embodiments, other languages/standards may be used to incorporate the rights expressions 32 defined in JSON format.
- the application 50 will then present the content 22 in accordance with the rights expressions 32 .
- the application 50 may redirect the user to a web site capable of processing payments.
- the web site may be the first domain 14 , the second domain 16 , or another domain.
- the application 50 may disable an option in the application 50 to print the content 22 .
- the rights expressions 32 may state a list of conditions for using the content 22 in a manner that prompts a user to indicate acceptance.
- the application 50 facilitates intellectual property rights compliance by a user of the client computer 10 .
- the application may be the same as or similar to the application 50 on the client computer 10 described herein, which enforces the same origin security policy when executing instructions.
- the method begins at step 152 at which the application receives a structured document from the first domain.
- the structured document may be the same as or similar to the structured document 20 , which in one embodiment is a web page as described above.
- the first domain may be the same as or similar to the first domain 14 , which in on embodiment is a web server as described herein above.
- the structured document has at least one content, a reference to at least one digital rights compliance (DRC) object located on a second domain and associated with the at least one content, and application-specific instructions being executable by the application.
- the content may be the same as or similar to content 22 described herein above.
- the reference to the DRC object may be the same as or similar to the reference to the DRC object 24 described herein above.
- the application-specific instructions may be the same as or similar to the application-specific instructions 26 described above.
- the method 150 executes the application-specific instructions to cause the application to send at least one request to the second domain for the at least one DRC object.
- the second domain may be the same as or similar to the second domain 16 , which in one embodiment is a web server.
- the method 150 then proceeds to step 156 .
- the method receives the at least one DRC object from the second domain.
- the DRC object may be the same as or similar to the DRC object 30 described herein above. Once the DRC object is received, the method 100 proceeds to step 158 .
- step 158 the method 150 executes the application-specific instructions to modify the structured document by incorporating the at least one DRC object into the structured document.
- the method 100 then proceeds to step 160 .
- the method 150 executes the application-specific instructions to present the at least one content in accordance with the at least one DRC object.
- the system 100 includes a client computer 102 , a marketplace 104 , a publisher 106 , and a content provider 108 .
- the client computer 102 , the marketplace 104 , the publisher 106 , and content provider 108 are connected to a communication network 110 (e.g. the Internet).
- a communication network 110 e.g. the Internet
- the client computer 102 is a computing device such as the client computer 10 as described hereinabove.
- the client computer 102 may be used by a student or another user desirous of obtaining access to content provided by the content provider 108 .
- the content provider 108 may be a web server hosting various content.
- the content may be the same as or similar to content 22 described herein above.
- the content may contain instructions to render a work such as text, image, video, or music.
- the content may be provided by various stakeholders in the education sector such as instructors, universities, colleges, or other educational institutions.
- the publisher 106 may be a web server hosting the at least one DRC object associated with the content.
- the DRC object may be the same as or similar to the DRC object 30 .
- the DRC object has rights expressions and the rights expressions in the DRC object may be controlled by various publishers of the associated content.
- the publisher 106 of the content in some embodiments may be the same as or similar to the content provider 108 . In other embodiments, the publisher of the content may be different from the content provider 108 .
- the publisher 106 may be one or more publishers of various education textbooks, articles, research publications, and other library materials.
- the marketplace 104 is a web server connected to the Internet.
- the content provider 108 may list contents that it wishes to make available to the client computer 10 at the marketplace 104 .
- the marketplace 104 may also be informed of the location of the associated DRC object associated with the available content.
- the marketplace 104 presents the available content to the client computer 102 for selection to the client computer 102 .
- the marketplace 104 Upon receiving a request from the client computer 102 , the marketplace 104 will prepare a structured document to provide the content to the client computer.
- the structured document may be the same as the structured document 20 described herein above.
- the structured document with the requested content, reference to the associated DRC object located on the publisher 106 , and browser application-specific instructions is then sent to the client computer 102 for execution.
- the client computer 102 will receive structured document and execute the instructions in the structured document.
- the client computer may perform the steps 152 - 160 as described above in method 150 to display the content in a manner to facilitate compliance with rights expressions in the DRC object.
Abstract
According to one aspect there is provided a method and an apparatus for facilitating intellectual property rights compliance that is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from the first domain that access application-specific instructions from the second domain. The method includes receiving a structured document from a first domain, the structured document having at least one content object, a reference to at least one digital rights compliance (DRC) object located on a second domain and associated with the at least one content object, and application-specific instructions being executable by the application. The at least one DRC object is defined in a non-executable format and contains information indicative of rights associated with the at least one content.
Description
- This application is a continuation of U.S. patent application Ser. No. 13/345,573 filed Jan. 6, 2012, now U.S. Pat. No. 9,342,665, which claims the benefit of U.S. Provisional Patent Application Ser. No. 61/430,605 filed Jan. 7, 2011, the entire contents of all applications hereby incorporated by reference herein for all purposes.
- The described embodiments relate to facilitating digital rights compliance for content, and in particular to facilitating compliance with intellectual property rights of digital content by client-side computers.
- The Internet provides new opportunities and challenges to rights holders who wish to market their digital content (e.g. works such as electronic books, multimedia files, etc.). Significant resources are often expended tracking and registering the legal rights associated with such digital content. Furthermore, enforcing or ensuring end user compliance with the digital rights associated with digital content can result in processing and overhead that increases the cost of creating and using digital content. Specifically, in client-server environments in which digital content may originate from multiple sources, the management of digital rights can quickly become complex and expensive.
- The development of digital rights compliance techniques in client-server environments has traditionally focused on proprietary server-side approaches. Server-side solutions may be advantageous in some circumstances. For example, such approaches may permit circumventing of limitations that are inherent in client-side processing, such as restrictions on a client computer that prevent content from one origin from being used at another location.
- It is also generally accepted that server-side solutions permit strict enforcement of end user compliance with digital rights, since digital content will not be provided to end users until compliance is confirmed (e.g. the user has paid for use of the digital content). Conversely, if digital content is sent to end users prior to compliance confirmation, there is an increased risk that end users may circumvent the digital rights associated with that content.
- However, proprietary server-side solutions must be implemented on the server side, which results in centralized and potentially closed systems of digital rights management that may be unable to effectively manage digital rights in open environments with multiple resource sources.
- The embodiments herein will now be described, by way of example only, with reference to the following drawings, in which:
-
FIG. 1 is a schematic diagram of a client computer for facilitating compliance with digital rights according to one embodiment shown connected to a first domain and a second domain; -
FIG. 2 is a schematic diagram illustrating components of the client computer ofFIG. 1 ; -
FIG. 3 is a schematic diagram illustrating components of the application on the client computer ofFIG. 1 ; -
FIG. 4 is a schematic diagram illustrating components of a structured document received by the application ofFIG. 3 ; -
FIG. 5 is a schematic diagram illustrating components of a digital rights compliance (DRC) object received by the application ofFIG. 3 ; -
FIG. 6 is a method for facilitating compliance with intellectual property rights according to another embodiment; and -
FIG. 7 is a system for facilitating compliance with intellectual property rights according to another embodiment. - It will be appreciated that numerous specific details are set forth in order to provide an understanding of the exemplary embodiments described herein. However, it will be understood by those of ordinary skill in the art that the embodiments described herein may be practiced without these specific details. In other instances, well-known methods, procedures and components have not been described in detail so as not to obscure the embodiments described herein. Furthermore, this description is not to be considered as limiting the scope of the embodiments described herein in any way, but rather as merely describing the implementation of the various embodiments described herein.
- Some embodiments of the systems and methods described herein may be implemented in hardware or software, or a combination of both. However, in some cases these embodiments are implemented in computer programs executing on programmable computers each comprising at least one processor, a data storage system (including volatile and non-volatile memory and/or other storage elements), at least one input device, and at least one output device. For example and without limitation, the programmable computers may be a mainframe computer, server, personal computer, laptop, personal data assistant, tablet computer, or cellular telephone. Program code may be applied to input data to perform the functions described herein and generate output information. The output information may be applied to one or more output devices in known fashions.
- Each program may be implemented in a high level procedural or object oriented programming and/or scripting language to communicate with a computer system. However, the programs can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language. Each such computer program may be stored on a storage media or a device (e.g. read only memory (ROM) or magnetic diskette) readable by a general or special purpose programmable computer, for configuring and operating the computer when the storage media or device is read by the computer to perform the procedures described herein. The systems may also be considered to be implemented as a non-transitory computer-readable storage medium, configured with a computer program, where the storage medium so configured causes a computer to operate in a specific and defined manner to perform the functions described herein.
- According to one aspect, there is provided a client computer for facilitating intellectual property rights compliance having a hardware network module connectable to at least one first domain and at least one second domain, a processor operatively connected to the hardware network module, and a data-storage device operatively connected to the processor, the data-storage device storing instructions. The instructions are executable by the processor to provide an application for receiving a structured document from the first domain, the structured document having at least one content, a reference to at least one digital rights compliance (DRC) object located on at least one second domain, and application-specific instructions being executable by the application, the at least one DRC object being defined in a non-executable format and containing information indicative of rights associated with the at least one content, and executing the application-specific instructions to cause the application to send at least one request to the at least one second domain for the at least one DRC object, receive the at least one DRC object from the at least one second domain and present the at least one content in accordance with the at least one DRC object. The application is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from the first domain that access application-specific instructions from the at least one second domain.
- According to another aspect, there is provided a method for facilitating intellectual property rights compliance by an application having the steps of receiving a structured document from a first domain, the structured document having at least one content object, a reference to at least one digital rights compliance (DRC) object located on a second domain and associated with the at least one content object, and application-specific instructions being executable by the application, the at least one DRC object being defined in a non-executable format and containing information indicative of rights associated with the at least one content, executing the application-specific instructions to cause the application to send at least one request to the second domain for the at least one DRC object, receiving the at least one DRC object from the second domain, executing the application-specific instructions to cause the application to modify the structured document by incorporating the at least one DRC object into the structured document, and executing the application-specific instructions to cause the application to present the at least one content object in accordance with the at least one DRC object. The application is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from the first domain that access application-specific instructions from the second domain.
- According to another aspect, there is provided a non-transient physical computer-readable storage medium storing a structured document, the structured document having at least one content object, a reference to at least one digital rights compliance (DRC) object located on another domain, the at least one DRC object being defined in a non-executable format and containing information indicative of rights associated with the at least one content, and instructions being executable by an application for performing operations comprising sending at least one request to the remote domain for the at least one DRC object, receiving the at least one DRC object from the remote domain, and presenting the at least one content in accordance with the at least one DRC object. The application is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from a first domain that causes the application to execute application-specific instructions from a second domain.
- Referring now to
FIG. 1 , illustrated therein is aclient computer 10 for facilitating intellectual property rights compliance for digital content according to one embodiment. Theclient computer 10 is shown connected to the Internet 12, and (via the Internet 12) to afirst domain 14 and asecond domain 16. - As shown in
FIG. 2 , theclient computer 10 has ahardware network module 44 connectable to thefirst domain 14 and thesecond domain 16. Theclient computer 10 also has aprocessor 42 operatively connected to thehardware network module 44, and a data-storage device 46 operatively connected to theprocessor 42. As shown, theprocessor 42 may be connected to anoutput device 48, such as a display, as will be described further below. In some embodiments, theclient computer 10 may have a plurality of processors, network modules, and/or data storage devices. Theclient computer 10 may have other types of components, such as a discrete graphics processor, a discrete data storage device (or both) for graphics related data. - Generally, the
data storage device 46 of theclient computer 10 stores instructions that are executable by theprocessor 42 to provide an application (e.g. application 50 as described below and shown inFIG. 3 ) that is configured to receive a structured document 20 (as shown inFIG. 4 ) from thefirst domain 14. - The
structured document 20 includes at least onecontent 22, areference 24 to at least one digital rights compliance (DRC)object 30 located on thesecond domain 16 and which is associated with the at least onecontent 22, and application-specific instructions 26 being executable by theapplication 50. TheDRC object 30 is defined in a non-executable format and contains information indicative of digital rights associated with the at least onecontent 22. - Generally, the
application 50 executes the application-specific instructions to cause theapplication 50 to send at least one request to thesecond domain 16 for the at least oneDRC object 30, receive the at least oneDRC object 30 from thesecond domain 16, and present the at least onecontent 22 in accordance with the at least oneDRC object 30. - The
application 50 is configured so as to be compliant with a “same-origin security policy” that generally prohibits theapplication 50 from executing application-specific instructions 26 from one domain (e.g. the first domain 14) that would cause theapplication 50 to execute application-specific instructions from another domain (e.g. the second domain 16). - Turning again to
FIG. 2 , in some embodiments, thehardware network module 44 may be a device that is capable of facilitating data communication with thefirst domain 14 and thesecond domain 16. For example, thenetwork module 44 may be a wired network device such as an Ethernet network card. Thehardware network module 44 may be a wireless network device such as an IEEE 802.11 (“WiFi”) compliant network device, a cellular network device to connect to a cellular network (e.g. GSM, GPRS, EDGE, HSDPA), and so on. - The
network module 44 is operatively connected to thefirst domain 14 and thesecond domain 16. As shown, in this embodiment the network module is connected to theInternet 18 and through theInternet 18 to thefirst domain 14 and thesecond domain 16. Thenetwork module 44 may also connect to thedomains network module 44 may connect to one of thedomains Internet 18 and then connect to the other domain through the Internet. In another example, thenetwork module 44 may connect to both of thedomains - In other examples, the
network module 44 may connect to more than thefirst domain 14 andsecond domain 16, but may also connect to other domains. - As stated above, there may be more than one
network module 44. If there is more than onenetwork module 44, it may be that one of the hardware modules connects to one of thedomains domains - As shown, the
processor 42 is also connected to theoutput device 48. Theoutput device 48 generally communicates information for consumption or observation by one or more users of theclient computer 10, and which may differ depending on the type ofclient computer 10. For example, theoutput device 48 may be an LCD or CRT display if theclient computer 10 is a desktop, and a laptop display if theclient computer 10 is a laptop. In another example, theoutput device 48 may be a display screen on a smart phone or a PDA. - As shown, the
output device 48 is operatively connected to theprocessor 42. In other embodiments, theoutput device 48 may be connected to a discrete graphics processor on a dedicated video card. - The
data storage device 46 may include volatile memory, non-volatile computer memory, or both. For example, thedata storage device 46 may include random access memory (RAM), magnetic computer storage devices such as hard disk drives, and flash memory. In some embodiments, theclient computer 10 may comprise more than one type ofdata storage device 46. For example, theclient computer 10 may have a hard disk drive and RAM. - The
data storage device 46 generally has instructions being executable by theprocessor 42 to provide theapplication 50, so that theapplication 50 is capable of retrieving and executing application-specific instructions 26 contained in the structureddocument 20. Examples of theapplication 50 could include web-browser applications such as Microsoft Internet Explorer, Safari, Mozilla Firefox, Chrome, and so on. - The
application 50 may also differ based on the type ofclient computer 10. For example, theapplication 50 may be resident on and/or optimized for mobile computing platforms found on mobile computing devices, such as smart phones and PDAs. - In some embodiments, it may be possible for the
data storage device 46 to contain instructions being executable by theprocessor 42 to provide more than oneapplication 50 on asingle client computer 10. - Returning again to
FIG. 3 , illustrated therein are various components of theapplication 50. The components shown herein are only for illustrative purposes and the number and the type of components and the logical organization of the components may differ in other embodiments. - Generally, the
application 50 comprises instruction-execution module 52 for receiving and executing application-specific instructions. Theapplication 50 may also have a number of optional plug-in applications installed. The installed plug-in applications could include a music playback plug-in 54, video playback plug-in 56, and flash plug-in 58. - The
instruction execution module 52 generally receives and executes application-specific instructions 26 to provide various functionalities. For example, executing the application-specific instructions 26 may cause theapplication 50 to render various text, images or other digital content to theoutput device 48 for consumption by one or more users. - In one example, application-specific instructions may be executed to render a specific text at a specific location of the web page for display. In another example, instructions may be executed to render an image file at a specific location of the web page for display. In another example, the application-specific instructions may be executed to cause the
application 50 to solicit user input and then send the user input back to the web-server from which the web page was retrieved. - In another example, the application-
specific instructions 26 may be executed to cause theapplication 50 to retrieve another structured document from the same domain or from a different domain. - In another example, the application-specific instructions may be executed to cause the
application 50 to save some information on the data storage device 46 (e.g. a cookie). - In another example, the application-specific instructions may be executed to cause the
application 50 to render a video file for play back by a user. - The application-specific instructions may be written in various programming languages that are compatible with the
application 50. For example, the application-specific instructions may be provided in Hyper Text Mark-up Language (“HTML”). In another example, the application-specific instructions may be provided in the form of JavaScript language. - It is also possible for the application-specific instructions to be provided in more than one language within the same structured document. In particular, HTML allows instructions in other languages to be embedded within HTML instructions. For example, a web page may have a begin tag <HTML> and an end tag </HTML> to indicate that the application-specific instructions contained therebetween are HTML syntax. However, within the HTML syntax, a second begin tag <SCRIPT language=“JavaScript”> and a second end tag </SCRIPT> may be provided to further indicate that the instructions therebetween are in JavaScript. The
application 50 will recognize the “begin” tags and “end” tags and process the instructions contained therebetween (including the JavaScript) accordingly. Furthermore, the application-specific instructions may be linked from (i.e. received from) an external source. That is, the instructions may not necessarily be contained in the structured document. For example, the tag <SCRIPT language-“JavaScript” src=[URL_X]“> indicates that the instructions in JavaScript are to be received from an external source, which in this example is URL_X. In other words, the instructions, in JavaScript, will be downloaded from URL_X and executed. - In some embodiments, the
application 50 may include a language parser, or a compiler, or both. - In some embodiments, while the
instruction execution module 52 may be able to execute application-specific instructions 26, it may not be able to execute instructions incontent 22 to render the content embodied therein. In some situations, it may not be desirable for theinstruction execution module 52 to rendercontent 22 due to user-preference reasons, efficiency reasons, or other reasons. - For example, the
instruction execution module 52 may be able to render some types ofcontent 22 such as text, images, and basic sound effects. However, theinstruction execution module 52 may not render other types ofcontent 22 such as video, music, or flash based applications. Types ofcontent 22 that are not rendered by theinstruction execution module 52 may be provided to the installed plug-inapplications 50 for execution. - In the
exemplary application 50 as shown inFIG. 3 , the music plug-in 54, the video plug-in 56, and the flash plug-in 58 are installed. In other embodiments, there may be different plug-in applications installed. Some plug-in applications may be able to execute more than one type ofcontent 22. For example, a media-player plug-in application may be able to render both audio andvideo content 22. - Plug-in applications are generally used to render various types of content. For example, the video plug-in 56 may play back a video file. The rendered video may be displayed as part of the
application 50 or in a separate display. - Depending on the type of
content 22, rendering of thecontent 22 may provide functionalities other than media playback. For example, the flash plug-in 58 may execute flash content to provide an application or a game. - Generally, plug-in applications render
content 22 independently of theapplication 50. That is, once invoked and thecontent 22 is provided to the plug-in application, the plug-in application will executecontent 22 without further aid from theapplication 50. - Generally, the
content 22 will contain an indicator of the type of content. For example HTML instruction <embed src=“music.mid”/> indicates that the instructions contained in the file entitled music.mid is a Musical Instrument Digital Interface MIDI-sequention Sound (“.mid”) file type. Accordingly, theapplication 50 will forward the file to the appropriate plug-in or theinstruction execution module 52 for playback. - For example, if the
content 22 is an image, it may be formatted as a JPG, TFF, PNG, or GIF files. In another example, if thecontent 22 is an Adobe Flash animation, it may be formatted as a SWF file. In yet another example, if thecontent 22 is video file, it may be formatted as a MPEG or an AVI file. - It is also possible that some instructions in a structured
document 20 are not executed by theclient computer 10 at all. For example, instructions provided in the form of Active Server Pages (ASP), Java server environments instructions, or CGI scripts may be directed to execution by server-side applications. - As the structured
documents 20 may be received from an untrustworthy domain, it is possible that somestructured documents 20 may contain unscrupulous application-specific instructions 26 that can harm theclient computer 10 when they are executed. For instance, in one example executing particular application-specific instructions 26 may cause theapplication 50 to provide personal information stored in a cookie file to an unauthorized domain. In another example, executing the application-specific instructions 26 may cause theapplication 50 to harm file systems of theclient computer 10. - To address these security concerns, the
application 50 is configured to limit the application-specific instructions 26 that theapplication 50 will execute. That is, theapplication 50 will not execute application-specific instructions 26 that will cause theapplication 50 to act in a prohibited manner, as described below. - Specifically, the
application 50 may be restricted from executing application-specific instructions 26 that cause theapplication 50 to execute instructions that are received from or sent to another website. This is sometimes referred to as the “same-origin policy” in that a file that is created by a structured document from a domain may only be modified by a structured document from the same domain. This prevents a structured document from accessing a file that is created by another domain. In other words, the policy permits application-specific instructions 26 from a structureddocument 20 received fromdomain 14 to only access other application-specific instructions received from thesame domain 14. Execution of application-specific instructions received from other domains, also known as “cross-domain execution”, is prohibited. - The
application 50 may also be restricted from executing application-specific instructions 26 that cause theapplication 50 to modify any of theclient computer 10 file systems beyond very narrowly defined “cookie” files. That is, the application-specific instructions 26 executed by theapplication 50 may be constrained to a “sandbox” and unable to modify files outside of that sandbox. This prohibits modification of theclient computer 10 file systems that could otherwise be harmful to theclient computer 10. - To determine whether instructions are received in a web page from a same origin, in addition to the domain name, application layer protocol and TCP port of the web page may also be considered. For example, a web page received from a same domain name but from a different TCP port or protocol may not be considered to be received from the same origin.
- While the
browser application 50 and theinstruction execution module 52 are bound by the above security guidelines, plug-in applications do not necessarily comply with these guidelines. - As stated above, a web page may contain instructions in various languages, and certain instructions may be executed by the
instruction execution module 52, and others, by relevant plug-in applications. - For example, the instructions provided in JavaScript in web pages may be executed by the
instruction execution module 52 within theapplication 50 without requiring a plug-in application. Since theapplication 50 limits the type of instructions that it executes for security reasons, the JavaScript instructions that are executed are contained in the sandbox and bound by the same origin policy. - However, instructions executed by the plug-in applications and server side scripts are not being solely executed by the
application 50. As such, they are not necessarily bound by the security limitations of the web browser. Additionally, if plug-in applications are used to interpret and run the application, the plug-in applications need to be downloaded and installed in the client system. - Referring back to
FIG. 1 , theclient computer 10 is connected to thefirst domain 14, which may be an Internet website hosted by a server or a pool of servers, and may be identifiable over the Internet based on the Domain Name System (DNS). Thefirst domain 14 is generally accessible by theclient computer 10 and other computers connected to theInternet 18. - The first the
domain 14 may employ authentication procedures before serving each computer that connects to the first domain. For example, thefirst domain 14 may require theclient computer 10 to provide a log-in identification and password prior to serving theclient computer 10. - The
first domain 14 contains structured documents. Structured documents are electronic documents that are provided to a recipient, usually over a communication network. The documents are formatted and structured in a manner recognizable by the recipient such that the recipient may understand information provided in the structured documents. The format and the structure of the structured documents may follow known industry protocols, languages and/or standards. - In the embodiment shown, the
first domain 14 is a web server hosting a web site and the structured documents are web pages. - Referring to
FIG. 4 , illustrated therein is a schematic diagram of components of an exemplary structureddocument 20. The structureddocument 20 includescontent 22, reference to at least one digital rights compliance (DRC)object 24, and application-specific instructions 26. - The
content 22 may be instructions to recreate various works or other content that intellectual property rights might attach to. For example, thecontent 22 may be instructions in binary or text to reproduce written works such as electronic books, articles, and learning objects. Thecontent 22 may also be instructions to reproduce works such as images, audio recordings, video recordings, games, applications or other creations. - Depending on the type and size of the work, the
content 22 in its entirety may be part of the structured document. For example, if the work in thecontent 22 is text, thecontent 22 may be relatively small such that theentire content 22 may be provided as part of the structureddocument 20. - However, the
content 22 may also be a link to a different file outside of the structured document. In such cases, thecontent 22 may be provided in a separate file and sent to theclient computer 10, and a reference to the file may be provided in the structureddocument 20. - Generally, when the
client computer 10 requests the structureddocument 20 from thedomain 14, thecontent 22 files referenced by the structureddocument 20 and external to the structureddocument 20 will also be transferred to theclient computer 10. However, this arrangement may be modified depending on user preferences, bandwidth and/or other factors. - In cases where the size of the work is relatively large, the
content 22 may be streamed to theclient computer 10. For example, if thecontent 22 is a lengthy video file, it may be preferable to stream the video file instead of providing the file in entirety. This permits appropriate application to start rendering thecontent 22 without having to have the entirety of the content 22 (e.g. the complete file) present on theclient computer 10. - The structured
document 20 also includes a reference to at least oneDRC object 24. The reference to theDRC object 24 indicates where a DRC object associated with thecontent 22 may be located. For example, the reference to theDRC object 24 may be a web address of thesecond domain 16 whereby the associated DRC object may be obtained. - The structured
document 20 also includes application-specific instructions 26. The application-specific instructions 26 are instructions that may be parsed and executed by applications for which the instructions are provided. In the embodiment as shown, applicationspecific instructions 26 are application-specific instructions executable by theapplication 50 as described above. - Also shown in
FIG. 1 , theclient computer 10 is also connected to asecond domain 16, which may be an Internet website hosted by a server or a pool of servers, and which may be identifiable over the Internet based on the Domain Name System (DNS). Generally, thesecond domain 16 is accessible by theclient computer 10 and other computers connected to theInternet 18. - The
second domain 16 is different domain from thefirst domain 14 in that structured documents received from thefirst domain 14 and thesecond domain 16 will not be considered to be from the same origin for the purposes of the same origin policy. As stated above, to determine whether instructions are received in a web page from a same origin, characteristics such as the domain name, application layer protocol and TCP port of the web page may be considered. As such, thefirst domain 14 and thesecond domain 16 may be considered as being from different origins even if they are from a single domain. - The
second domain 16 has at least one DRC object associated with thecontent 22. For example, referring toFIG. 5 , illustrated therein is an exemplary DRC object 30 associated with thecontent 22 in the structureddocument 20. The DRC object 30 is referenced by the reference to theDRC object 24 in the structureddocument 20. - The DRC object 30 includes
rights expressions 32. Therights expressions 32 contain information about permitted use of the associatedcontent 22 and conditions for using the associatedcontent 22. Permitted uses of thecontent 22 may include various actions that may be performed with a givencontent 22. For example, permitted use of thecontent 22 may include viewing thecontent 22, making a copy of thecontent 22, modifying thecontent 22, printing thecontent 22, and/or redistributing thecontent 22. - Conditions for using the
content 22 may include various terms such as paying of a prescribed fee, agreeing to abide by terms of use, or any other condition that the rights owner of thecontent 22 may wish to impose in exchange for the permitted use of thecontent 22. For example, a condition for printing a textbook may be to pay the rights holder a prescribed fee. In another example, permission may be granted to read the content 22 (but not make copies of the content 22) without paying a fee. - The
rights expressions 32 may also be presented as rights models. A rights model is a generic statement that identifies the owner of a set ofcontent 22 and a set of zero or more licenses that are on offer with respect to the resources. For example a rights model may be that the owner of thecontent 22 will grant a license to any person to read but not to copy a document within a defined set of documents. This permits the owner of the document to definerights expressions 32 relating to a set ofcontent 22 in bulk. - Because the
first domain 14 and thesecond domain 16 are considered to be from different origins for the purposes of the same origin security policy, therights expressions 32 are provided in a manner that does not violate the same origin policy. That is, therights expressions 32 are described in a manner that is understandable to the application-specific instructions 26 in the structureddocument 20 without violating the same origin policy. - For example, the
rights expressions 32 may be described in a non-executable format such as the JSON format. Information provided in JSON is not compiled or executed. Therights expressions 32 defined in JSON format are not parsed and executed by theinstruction execution module 32. Instead, therights expressions 32 defined in JSON format are treated as a data stack. - In some embodiments, a guided user interface may assist a user who is not skilled with JSON to create
rights expressions 32. For example, a university instructor may be aided by a guided user interface to createrights expressions 32 in JSON. - The DRC object 30 also includes metadata 34. Metadata 34 may be application-specific instructions to incorporate the
rights expressions 32 into the structureddocument 20 or any other information associated with the DRC object. - The
rights expressions 32 provided in JSON could be incorporated using the JavaScript “document.write( )” function. For example, the application-specific instructions 26 may include the document.write( ) function to incorporaterights expressions 32 into the structureddocument 20. - Because the
rights expressions 32 are defined in JSON, even though therights expressions 32 is located on a different domain, they may be referred to by the application specific-instructions 26 without violating the same origin policy of theapplication 50. - As described above, the
application 50 on theclient computer 10 is capable of receiving and executing applicationspecific instructions 26 provided in the structureddocument 20. Executing the applicationspecific instructions 26 will cause theapplication 50 to function as follows. - First, the
application 50 sends at least one request to thesecond domain 16 for theDRC object 30 associated with thecontent 22. This may be accomplished by using thenetwork module 44. - The
application 50 will then receive theDRC object 30 associated with the content 22 from thesecond domain 16. As stated above, theDRC object 30 comprisesrights expressions 32. - The
application 50 may then modify the structureddocument 20 by incorporating theDRC object 30 into the structureddocument 20. As stated above, this may be accomplished by theapplication 50 executing applicationspecific instructions 26 in JavaScript language to incorporate therights expressions 32 defined using JSON format. In other embodiments, other languages/standards may be used to incorporate therights expressions 32 defined in JSON format. - The
application 50 will then present thecontent 22 in accordance with therights expressions 32. For example, if therights expressions 32 indicate that there is an amount of money that is required to be paid for using thecontent 22, theapplication 50 may redirect the user to a web site capable of processing payments. The web site may be thefirst domain 14, thesecond domain 16, or another domain. - In another example, if the
rights expressions 32 indicate that thecontent 22 may be viewed but not printed, theapplication 50 may disable an option in theapplication 50 to print thecontent 22. In yet another example, therights expressions 32 may state a list of conditions for using thecontent 22 in a manner that prompts a user to indicate acceptance. - Other forms of presentation may be provided by the
application 50 depending on therights expressions 32. - By presenting the
content 22 in accordance with therights expressions 32, theapplication 50 facilitates intellectual property rights compliance by a user of theclient computer 10. - Referring now to
FIG. 6 , illustrated therein is amethod 150 for facilitating intellectual property rights compliance by an application according to another embodiment. The application may be the same as or similar to theapplication 50 on theclient computer 10 described herein, which enforces the same origin security policy when executing instructions. - The method begins at
step 152 at which the application receives a structured document from the first domain. The structured document may be the same as or similar to the structureddocument 20, which in one embodiment is a web page as described above. The first domain may be the same as or similar to thefirst domain 14, which in on embodiment is a web server as described herein above. - The structured document has at least one content, a reference to at least one digital rights compliance (DRC) object located on a second domain and associated with the at least one content, and application-specific instructions being executable by the application. The content may be the same as or similar to
content 22 described herein above. The reference to the DRC object may be the same as or similar to the reference to theDRC object 24 described herein above. The application-specific instructions may be the same as or similar to the application-specific instructions 26 described above. - At
step 154, themethod 150 executes the application-specific instructions to cause the application to send at least one request to the second domain for the at least one DRC object. The second domain may be the same as or similar to thesecond domain 16, which in one embodiment is a web server. Themethod 150 then proceeds to step 156. - At
step 156, the method receives the at least one DRC object from the second domain. The DRC object may be the same as or similar to theDRC object 30 described herein above. Once the DRC object is received, themethod 100 proceeds to step 158. - At
step 158, themethod 150 executes the application-specific instructions to modify the structured document by incorporating the at least one DRC object into the structured document. Themethod 100 then proceeds to step 160. - At
step 160, themethod 150 executes the application-specific instructions to present the at least one content in accordance with the at least one DRC object. - Referring to
FIG. 7 , illustrated therein is asystem 100 for disseminating content and facilitating intellectual property rights compliance according to another embodiment. Thesystem 100 includes aclient computer 102, amarketplace 104, apublisher 106, and acontent provider 108. Theclient computer 102, themarketplace 104, thepublisher 106, andcontent provider 108 are connected to a communication network 110 (e.g. the Internet). - The
client computer 102 is a computing device such as theclient computer 10 as described hereinabove. Theclient computer 102 may be used by a student or another user desirous of obtaining access to content provided by thecontent provider 108. - The
content provider 108 may be a web server hosting various content. The content may be the same as or similar tocontent 22 described herein above. For example, the content may contain instructions to render a work such as text, image, video, or music. The content may be provided by various stakeholders in the education sector such as instructors, universities, colleges, or other educational institutions. - The
publisher 106 may be a web server hosting the at least one DRC object associated with the content. The DRC object may be the same as or similar to theDRC object 30. - The DRC object has rights expressions and the rights expressions in the DRC object may be controlled by various publishers of the associated content. The
publisher 106 of the content, in some embodiments may be the same as or similar to thecontent provider 108. In other embodiments, the publisher of the content may be different from thecontent provider 108. Thepublisher 106 may be one or more publishers of various education textbooks, articles, research publications, and other library materials. - The
marketplace 104 is a web server connected to the Internet. Thecontent provider 108 may list contents that it wishes to make available to theclient computer 10 at themarketplace 104. Themarketplace 104 may also be informed of the location of the associated DRC object associated with the available content. Themarketplace 104 presents the available content to theclient computer 102 for selection to theclient computer 102. - Upon receiving a request from the
client computer 102, themarketplace 104 will prepare a structured document to provide the content to the client computer. The structured document may be the same as the structureddocument 20 described herein above. The structured document with the requested content, reference to the associated DRC object located on thepublisher 106, and browser application-specific instructions is then sent to theclient computer 102 for execution. - The
client computer 102 will receive structured document and execute the instructions in the structured document. In one embodiment, the client computer may perform the steps 152-160 as described above inmethod 150 to display the content in a manner to facilitate compliance with rights expressions in the DRC object. - While the steps of the above methods have been described sequentially hereinabove, it should be noted that sequential performance of the steps may not need to occur for successful implementation of the method. As will be evident to one skilled in the art, rearranging sequence of performance of the steps, omitting the performance of some steps, or performing the steps in parallel may be possible without abandoning the essence of the invention.
- While certain features have been illustrated and described herein, many modifications, substitutions, changes, and equivalents will now occur to those of ordinary skill in the art. It is, therefore, to be understood that the appended claims are intended to cover all such modifications and changes as fall within the true spirit of the invention.
Claims (27)
1. A client computer for facilitating intellectual property rights compliance comprising:
a hardware network module connectable to at least one first domain and at least one second domain;
a processor operatively connected to the hardware network module; and
a data-storage device operatively connected to the processor, the data-storage device storing instructions, the instructions being executable by the processor to provide an application for
i) receiving a structured document from the first domain, the structured document having at least one content, a reference to at least one digital rights compliance (DRC) object located on at least one second domain, and application-specific instructions being executable by the application, the at least one DRC object being defined in a non-executable format and containing information indicative of rights associated with the at least one content; and
ii) executing the application-specific instructions to cause the application to:
send at least one request to the at least one second domain for the at least one DRC object,
receive the at least one DRC object from the at least one second domain, and
present the at least one content in accordance with the at least one DRC object;
wherein the application is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from the first domain that access application-specific instructions from the at least one second domain.
2. The client computer of claim 1 , wherein the at least one DRC object comprises rights expressions indicative of permitted use and conditions for using the at least one associated content.
3. The client computer according to claim 1 wherein the application-specific instructions comprise instructions that will further cause the application to incorporate the at least one DRC object into the structured document.
4. The client computer according to claim 3 , wherein the at least one DRC object defined in the non-executable format is considered native to the structured document when the rights expressions are incorporated into the structured document such that the application may present the at least one content in accordance with the at least one incorporated DRC object without violating the same-origin security policy.
5. The client computer according to claim 1 , wherein the at least one DRC object is defined in JavaScript Object Notation (JSON) format.
6. The client computer according to claim 1 , wherein the application is further operable to control interaction with the at least one content based on the at least one DRC object.
7. The client computer according to claim 1 wherein the application is further operable to display at least some of the information contained in the at least one DRC object.
8. The client computer according to claim 1 , wherein the application is a web browser application and the structured document is a web page.
9. The client computer according to claim 8 wherein the at least one DRC object is defined using JSON format, and the application-specific instructions further comprise instructions provided in JavaScript language that when executed cause the application to incorporate the at least one DRC object into the structured document.
10. A method for facilitating intellectual property rights compliance by an application comprising:
receiving a structured document from a first domain, the structured document having:
at least one content object,
a reference to at least one digital rights compliance (DRC) object located on a second domain and associated with the at least one content object, and
application-specific instructions being executable by the application, the at least one DRC object being defined in a non-executable format and containing information indicative of rights associated with the at least one content;
executing the application-specific instructions to cause the application to send at least one request to the second domain for the at least one DRC object;
receiving the at least one DRC object from the second domain;
executing the application-specific instructions to cause the application to modify the structured document by incorporating the at least one DRC object into the structured document; and
executing the application-specific instructions to cause the application to present the at least one content object in accordance with the at least one DRC object;
wherein the application is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from the first domain that access application-specific instructions from the second domain
11. The method according to claim 10 , wherein the at least one DRC object comprises rights expressions indicative of permitted use and conditions for using the at least one associated content.
12. The method according to claim 10 , wherein the application-specific instructions comprise instructions that will further cause the application to incorporate the at least one DRC object into the structured document.
13. The method according to claim 12 , wherein the at least one DRC object defined in the non-executable format is considered native to the structured document when the rights expressions (antecedent basis) are incorporated into the structured document such that the application may present the at least one content in accordance with the incorporated at least one DRC object without violating the same-origin security policy.
14. The method according to claim 10 , wherein the at least one DRC object is being defined in JavaScript Object Notation (JSON) format.
15. The method according to claim 10 , wherein the application is further operable to control interaction with the at least one content based on the at least one DRC object.
16. The method according to claim 10 , wherein the application is further operable to display at least some of the information contained in the at least one DRC object.
17. The method according to claim 10 , wherein the application is a web browser application and the structured document is a web page.
18. The method according to claim 17 , wherein the at least one DRC object is defined using JSON format, and the application-specific instructions further comprise instructions provided in JavaScript language that when executed cause the application to incorporate the at least one DRC object into the structured document.
19. A non-transient physical computer-readable storage medium comprising:
a structured document, the structured document having at least one content object, a reference to at least one digital rights compliance (DRC) object located on another domain, the at least one DRC object being defined in a non-executable format and containing information indicative of rights associated with the at least one content, and instructions being executable by an application for performing operations including
sending at least one request to the remote domain for the at least one DRC object;
receiving the at least one DRC object from the remote domain; and
presenting the at least one content in accordance with the at least one DRC object;
wherein the application is compliant with a same-origin security policy that prohibits the application from executing application-specific instructions from a first domain that causes the application to execute application-specific instructions from a second domain.
20. The computer-readable storage medium according to claim 19 , wherein the at least one DRC object comprises rights expressions indicative of permitted use and conditions for using the associated at least one content.
21. The computer-readable storage medium according to claim 19 , wherein the application-specific instructions comprise instructions that will further cause the application to incorporate the at least one DRC object into the structured document.
22. The computer-readable storage medium according to claim 21 , wherein the at least one DRC object is defined in the non-executable format is considered native to the structured document when the rights expressions are incorporated into the structured document such that the application may present the at least one content in accordance with the incorporated at least one DRC object without violating the same-origin security policy.
23. The computer-readable storage medium according to claim 19 , wherein the at least one DRC object is defined in JavaScript Object Notation (JSON) format.
24. The computer-readable storage medium according to claim 19 , wherein the application is further operable to control interaction with the at least one content based on the at least one DRC object.
25. The computer-readable storage medium according to claim 19 , wherein the application is further operable to display at least some of the information contained in the at least one DRC object.
26. The computer-readable storage medium according to claim 19 , wherein the application is a web browser application and the structured document is a web page.
27. The computer-readable storage medium according to claim 26 , wherein the at least one DRC object is defined using JSON format, and the application-specific instruction further comprises instructions provided in JavaScript language that when executed cause the application to incorporate the at least one DRC object into the structured document.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/154,544 US20160253483A1 (en) | 2011-01-07 | 2016-05-13 | Systems, methods, and apparatus for facilitating client-side digital rights compliance |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201161430605P | 2011-01-07 | 2011-01-07 | |
US13/345,573 US9342665B2 (en) | 2011-01-07 | 2012-01-06 | Systems, methods, and apparatus for facilitating client-side digital rights compliance |
US15/154,544 US20160253483A1 (en) | 2011-01-07 | 2016-05-13 | Systems, methods, and apparatus for facilitating client-side digital rights compliance |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/345,573 Continuation US9342665B2 (en) | 2011-01-07 | 2012-01-06 | Systems, methods, and apparatus for facilitating client-side digital rights compliance |
Publications (1)
Publication Number | Publication Date |
---|---|
US20160253483A1 true US20160253483A1 (en) | 2016-09-01 |
Family
ID=46456252
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/345,573 Active 2032-08-09 US9342665B2 (en) | 2011-01-07 | 2012-01-06 | Systems, methods, and apparatus for facilitating client-side digital rights compliance |
US15/154,544 Abandoned US20160253483A1 (en) | 2011-01-07 | 2016-05-13 | Systems, methods, and apparatus for facilitating client-side digital rights compliance |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/345,573 Active 2032-08-09 US9342665B2 (en) | 2011-01-07 | 2012-01-06 | Systems, methods, and apparatus for facilitating client-side digital rights compliance |
Country Status (1)
Country | Link |
---|---|
US (2) | US9342665B2 (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9838351B2 (en) | 2011-02-04 | 2017-12-05 | NextPlane, Inc. | Method and system for federation of proxy-based and proxy-free communications systems |
US9716619B2 (en) | 2011-03-31 | 2017-07-25 | NextPlane, Inc. | System and method of processing media traffic for a hub-based system federating disparate unified communications systems |
US9203799B2 (en) | 2011-03-31 | 2015-12-01 | NextPlane, Inc. | Method and system for advanced alias domain routing |
US9077726B2 (en) | 2011-03-31 | 2015-07-07 | NextPlane, Inc. | Hub based clearing house for interoperability of distinct unified communication systems |
US10222926B2 (en) * | 2012-03-19 | 2019-03-05 | Citrix Systems, Inc. | Systems and methods for providing user interfaces for management applications |
US20140359457A1 (en) * | 2013-05-30 | 2014-12-04 | NextPlane, Inc. | User portal to a hub-based system federating disparate unified communications systems |
US9705840B2 (en) | 2013-06-03 | 2017-07-11 | NextPlane, Inc. | Automation platform for hub-based system federating disparate unified communications systems |
US9819636B2 (en) | 2013-06-10 | 2017-11-14 | NextPlane, Inc. | User directory system for a hub-based system federating disparate unified communications systems |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080034441A1 (en) * | 2006-08-07 | 2008-02-07 | Shoumen Saha | Updating content within a container document for user groups |
US7415439B2 (en) * | 2001-07-06 | 2008-08-19 | Nokia Corporation | Digital rights management in a mobile communications environment |
US20090138937A1 (en) * | 2007-11-23 | 2009-05-28 | Microsoft Corporation | Enhanced security and performance of web applications |
US20090265760A1 (en) * | 2008-04-20 | 2009-10-22 | Microsoft Corporation | Component-oriented architecture for web mashups |
US7669225B2 (en) * | 2003-05-06 | 2010-02-23 | Portauthority Technologies Inc. | Apparatus and method for assuring compliance with distribution and usage policy |
US20100269149A1 (en) * | 2007-12-18 | 2010-10-21 | Electronics And Telecommunications Research Institute | Method of web service and its apparatus |
US20100287618A1 (en) * | 2009-05-11 | 2010-11-11 | Microsoft Corporation | Executing Native-Code Applications in a Browser |
US20110145580A1 (en) * | 2009-12-15 | 2011-06-16 | Microsoft Corporation | Trustworthy extensible markup language for trustworthy computing and data services |
-
2012
- 2012-01-06 US US13/345,573 patent/US9342665B2/en active Active
-
2016
- 2016-05-13 US US15/154,544 patent/US20160253483A1/en not_active Abandoned
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7415439B2 (en) * | 2001-07-06 | 2008-08-19 | Nokia Corporation | Digital rights management in a mobile communications environment |
US7669225B2 (en) * | 2003-05-06 | 2010-02-23 | Portauthority Technologies Inc. | Apparatus and method for assuring compliance with distribution and usage policy |
US20080034441A1 (en) * | 2006-08-07 | 2008-02-07 | Shoumen Saha | Updating content within a container document for user groups |
US20090138937A1 (en) * | 2007-11-23 | 2009-05-28 | Microsoft Corporation | Enhanced security and performance of web applications |
US20100269149A1 (en) * | 2007-12-18 | 2010-10-21 | Electronics And Telecommunications Research Institute | Method of web service and its apparatus |
US20090265760A1 (en) * | 2008-04-20 | 2009-10-22 | Microsoft Corporation | Component-oriented architecture for web mashups |
US20100287618A1 (en) * | 2009-05-11 | 2010-11-11 | Microsoft Corporation | Executing Native-Code Applications in a Browser |
US20110145580A1 (en) * | 2009-12-15 | 2011-06-16 | Microsoft Corporation | Trustworthy extensible markup language for trustworthy computing and data services |
Non-Patent Citations (8)
Title |
---|
Anne Anderson and Hal Lockhart, editors. "SAML 2.0 profile of XACML v2.0" Published Feb. 1, 2005 (21 pages)http://docs.oasis-open.org/xacml/2.0/access.sub.--control-xacml-2.0-saml--profile-spec-os.pdf * |
Introducing JSON (Javascript Object Notation), 2006, available online at: http://www.json.org/. * |
Jake Wu and Panos Periorellis. "Authorization-Authentication Using XACML and SAML" May 2005 ©2004 University of Newcastle upon Tyne (20 pages) http://www.cs.ncl.ac.uk/publications/trs/papers/907.pdf * |
John Tolbert. "XACML for Export Control and Intellectual Property Protection" ©2009 The Boeing Company (5 pages) http://www.w3.org/2009/policy-ws/papers/Tolbert.pdf * |
Russel Kay. "ComputerWorld: How-To XACML" Published May 19, 2003 (2 pages) http://www.computerworld.com/article/2570927/app-development/xacml.html * |
Stephen Downes et al., Managing Digital Rights Using JSON, Jan. 9, 2010, available online at: http://www.downes.ca/post/51339. * |
Stephen Downes, Referrer System, 2003, available online at: http://web.archive.org/web/20030401084113/. * |
Wilbert Kraan, A feature or a bug; SCORM and cross domain scripting, CETIS, 2003, available online at: http://zope.cetis.ac.uk/content/20030622203659. * |
Also Published As
Publication number | Publication date |
---|---|
US9342665B2 (en) | 2016-05-17 |
US20120180105A1 (en) | 2012-07-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20160253483A1 (en) | Systems, methods, and apparatus for facilitating client-side digital rights compliance | |
US10965773B2 (en) | Adaptive system cache | |
Kouzis-Loukas | Learning scrapy | |
US10666763B2 (en) | Automatic integrity checking of content delivery network files | |
Subramanian et al. | Hands-On RESTful API Design Patterns and Best Practices: Design, develop, and deploy highly adaptable, scalable, and secure RESTful web APIs | |
US8725650B2 (en) | Document template licensing | |
US8074167B2 (en) | Cross domain presence of web user interface and logic | |
CA2858062C (en) | Reducing redirects | |
US9697562B2 (en) | Resource provisioning for electronic books | |
Huynh et al. | Hybrid app approach: could it mark the end of native app domination? | |
KR20140033094A (en) | Embedded web viewer for presentation applications | |
US20140282032A1 (en) | Dynamically configuring user experiences with action uniform resource identifiers | |
Love | Progressive Web Application Development by Example: Develop fast, reliable, and engaging user experiences for the web | |
US20140237333A1 (en) | Digital Media Personalization | |
US20130205401A1 (en) | Apparatuses and methods for content protection using digital rights management (DRM) in webview or webkit | |
Hustak et al. | Principles of usability in human-computer interaction | |
US20230026368A1 (en) | Virtual browser application systems and methods | |
US20160337475A1 (en) | Dynamic network construction | |
US20170300463A1 (en) | Automated content injection | |
US20130205402A1 (en) | Apparatuses and methods for content protection using Digital Rights Management (DRM) in WebView or WebKit | |
US20140212866A1 (en) | Method of inducing learner to log into learning content-providing server | |
US8862984B1 (en) | Data contracts for network page generation code | |
Chopra | Websocket essentials–building apps with html5 websockets | |
CN112328931A (en) | Method and device for generating webpage, computer system and storage medium | |
US9430618B2 (en) | Messaging administration based on digital rights management services |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |