JP2000122977A - System for controlling distribution and use of digital work and supply method for water mark - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a trust rendering system used in a system for controlling the distribution and use of a digital work. SOLUTION: Rendering right where water mark information showing information recognizing a rendering result is clearly written is allocated to a digital work and is stored in a distribution repository., The ciphering version of the digital work is stored in a user repository from the distribution repository. When the rendering of the digital work is requested, the user repository decides whether the digital work has appropriate rendering right or not. When it has, the user repository communicates with the rendering repository and establishes a trust session and transfers the digital work to it. The rendering repository collects water mark information written in rendering right, encodes data for the water mark, decodes the password of the digital work, buries water mark information and transmits it to the rendering device and executes rendering.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

FIELD OF THE INVENTION The present invention relates to the field of implementation of distribution and usage rights for digitally encoded work, and in particular, to rendered and rendered renders.
ed) For identifying unauthorized copies of digitally encoded work.

[0002]

2. Description of the Related Art A system for controlling the distribution and use of digital works (System For Controlling the Dis
U.S. Pat. No. 5,629,980, issued May 13, 1997, entitled "Distribution And Use Of Digital Works", discloses the protection and distribution of digitally encoded work (hereinafter referred to as digital work). Describes a system that compensates for a digital work. However, once the digital work leaves the digital domain (eg, is printed, played, or rendered), the digital work is no longer protected and is copied without authorization. The potential comes up, a problem for every rendered digital work.

[0003] Two known techniques for protecting digital work by adding information to the work itself are "watermarking" and "fingerprinting". Historically, the term watermark refers to a translucent design that is imprinted on paper during the manufacturing process and is visible when the paper is viewed through light. Since watermarks are stamped using a combination of water, heat, and pressure, it is not easy to add or change watermarks outside of the paper mill. Watermarks are used when creating a letterhead to indicate that the source and document are fair and original and not a copy.

[0004] The term watermark is now used to cover a wide range of technologies for marking rendered work (including text, digital images, and digital audio) along with information identifying the work or publisher. ing. Some watermarks are noticeable, others are hidden. Information embedded in one type of watermark is human readable, whereas information embedded in another type of watermark is readable only by a computer.

[0005] The term fingerprint is sometimes used in contrast to a watermark, and refers to a mark that holds information about the end user or rendering event rather than the document or publisher. These marks are called "fingerprints" because they can be used to track where they were copied and to locate the person or computer that rendered the original.

[0006]

These types of marks and mark technology can be used to carry both watermark and fingerprint information.
In fact, this is not only possible, but it is often desirable and convenient to combine both types of information (watermarks and fingerprints) into one mark.

[0007]

SUMMARY OF THE INVENTION A trusted rendering system used in a system for controlling the distribution and use of digital works.
g) The system is disclosed. The preferred embodiment of the present invention is implemented as a trusted printer. However, the description of the invention described herein is suitable for any rendering device. Trusted printers facilitate the protection of printed documents printed from systems that control the distribution and use of digital works. A system for controlling the distribution and use of a digital work places a permanent use right on the digital work. Digital works are transferred in cryptographic form between the repository (storage location) and the repository. Repositories are used to request and grant access to digital works. Such repositories are also connected to credit servers that pay for any fees accrued as a result of accessing and using the digital work.

The present invention extends the existing capabilities of systems for controlling the distribution and use of digital works and provides a means of protection when documents are printed. The present invention adds to this system the ability to add watermark information to a document when the document is rendered (ie, when the print rights associated with the document are executed).
In the preferred embodiment of the trusted printer, the watermark is visible, but other "invisible" watermarking techniques may be used. Watermark data typically contains information about the owner of the document, rights to copy the document, and information about rendering events (eg, when and where the document was printed).
I will provide a. This information generally helps prevent or prevent unauthorized copying of the rendered work. It is worth noting that the present invention provides more types of watermarks on the same digital work.

[0009]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS The risk of unauthorized copying of a digital document mainly occurs in the following three ways. First, digital copy interception (interruption) when a digital copy is transmitted (eg, wiretapping [telephone] eavesdropping (wiretapping)
g) or by packet snooping), the unauthorized use and rendering of a remotely stored digital copy, and the third is an unauthorized copy of the rendered digital work. The trust rendering device design described herein addresses all these risks.

[0010] Trust replay combines four elements: usage rights terms, encrypted online distribution, automatic billing of copy fees, and digital watermarks for marking the copies to be rendered. Usage rights terms: Content providers indicate the terms, conditions, and charges for printing a document in machine-readable property terms. Encrypted distribution: digital work is distributed from the trust system to the trust rendering device via a computer network. Encrypt the digital work to reduce the risk of unauthorized interruption of the digital work during transmission. Communication with the rendering system is through a request-response protocol that checks the permissions and security (security) of the rendering device. • Automatic billing: Usage billing is done automatically online to ensure a reliable deposit flow to the content provider. • Watermark: Finally, mark the rendered work with a watermark to record data about its digital work and rendering events to reduce the risk of the rendered work being copied. In addition, the watermark is designed to distinguish the copy from the original. As described below, the watermark information is specified in terms of usage rights within the scope of rendering or playback rights.

The preferred embodiment of the present invention is implemented as a trust printer. Although the foregoing description relates primarily to printers, the concepts and techniques described therein apply equally to other types of rendering systems (eg, audio players, video players, displays, or multimedia players, etc.).

A preferred embodiment of the present invention is a system for controlling the distribution and use of digital works (Syst
em for Controlling the Distribution and Use of Dig
U.S. Patent No. 5,62, issued entitled "ItalWorks)"
No. 9,980 (incorporated herein by reference)
Operating in a system for controlling the distribution and use of digital works as described in US Pat. Digital works include computer programs that can be translated into digital form or generated in digital form and regenerated using suitable rendering means such as software programs, including writing, audio, graphics,
Or any video-based work. This system allows the owner of a digital work to attach usage rights to the work. The right to use a work defines how the work is used and distributed. Digital works and their usage rights are stored in a security (secure) repository. Digital works can only be accessed by other security repositories. The repository is protected if it possesses a valid digital (digital) certificate issued by the master repository and can prove it in the request-response protocol.

[0013] The usage rights terms for controlling digital works are defined by a flexible (flexible) and extensible usage rights grammar. Conceptually, a right written in the usage right grammar is a label attached to a given action and defines the conditions for enforcing the right. For example, the COPY right indicates that the digital work may be copied. A condition for enforcing this right is that the requestor must pass certain security standards. There may be conditions to restrict the rights themselves. For example, a work is lent out (LO
ANed) A LOAN right may be defined to limit the time period. In some cases, requirements for toll payment may be included.

The repository comprises a storage means for storing the digital work and usage rights attached thereto, an external interface for receiving and transmitting data, a processor, and a clock. Repositories generally have two main modes of operation: server (supplier)
Mode and a requester (client) mode. The repository responds to an access request to the digital work when operating in the server mode, and makes an access request to the digital work when operating in the requester mode.

In general, the repository processes each access request to a digital work by examining the right to use the work. For example, in a copy request for a digital work, the digital work is checked for such "copy" rights, and then the conditions for performing that right (eg, the right to make two copies).
Is checked. If the conditions for that right are met, the copy can be made. Any designation changes to the rights set for copies of digital work,
Attached to a copy of the digital work before transferring the digital work.

[0016] The repository communicates using a set of repository transactions. A repository transaction includes a set of protocols for establishing a secure (hereinafter confidential) session connection between repositories and for processing requests for access to the digital work. Note that digital works and various communications are always encrypted when sent between repositories.

The digital work is reproduced by a rendering system. A rendering system comprises at least a rendering repository and a rendering device (eg, a printer, display, or audio system). The playback system is internally secure. Access to digital works that are not stored in the rendering repository is performed via a repository transaction with an external repository that contains the desired digital works. As described in more detail below, the presently preferred embodiment of the present invention is implemented as a rendering system for printing digital works.

FIG. 1 shows the basic interaction between repositories classified by type in the present invention. As is evident from FIG. 1, different types of repositories provide different functions. It is fundamental that multiple repositories share a set of core functions that can enable secure and reliable communication. Referring to FIG. 1, the repository 101
Represents a general instance of the repository. The repository 101 has two operation modes, a server mode and a requester mode. The repository receives and processes an access request to the digital work in the server mode, and starts an access request to the digital work in the requester mode. The repository 101 has a plurality of other repositories: an authorization repository 102, a rendering repository 103, and a master repository 1
04. Communication between the repositories is performed using the repository transaction protocol 105.

Communication with the authorization repository 102 occurs when the digital work being accessed has conditions that require authorization. Conceptually, a permission is a digital certificate that requires possession of a certificate (document) to gain access to the digital work. Permissions themselves are digital works that can move between repositories and be subject to fees and usage rights terms. Authorization may be required by both repositories involved in accessing the digital work.

Communication with the rendering repository 103 is performed in connection with rendering of a digital work. As described in further detail below, the rendering repository is stored on a rendering device (eg, a printer device).
And a rendering system.

Communication with the master repository 104 is performed in connection with obtaining an identification (ID proof). Identification is the means by which repositories are recognized as "trusted." The use of identification is described below for the enrollment transaction.

FIG. 2 shows the repository 101 connected to the credit server 201. Credit server 201
Is a device for accumulating charges for the repository 101. Credit server 201 communicates with repository 101 via billing transaction 202 to record the billing transaction. The billing transaction is performed by the credit server 201 at the clearing house (bi
lling clearinghouse) 203 periodically.
Credit server 201 clearing house transaction 20
4 and communicates with the toll clearing house 203. The clearinghouse transaction 204 enables secure encrypted transmission of information to the fare clearinghouse 203.

A rendering system is generally defined as a system that includes a repository and a rendering device that can render a digital work in a desired format. The rendering system may be a computer system, a digital audio system, or a printer. In a preferred embodiment, the rendering system is a printer. In any case, the rendering system has the feature of repository security. The combination of the rendering repository with the rendering device can be done in a manner appropriate for the type of rendering device.

FIG. 3 shows a printer as an example of the rendering system. Referring to FIG. 3, the printer system 301 includes a printer repository 302 and a printer device 303. Note that the dashed lines defining printer system 301 define a secure system boundary. It is assumed that communication within this boundary is secure and clear (ie, not encrypted). In some security severs, this boundary also represents a barrier that aims to provide physical integrity. Printer repository 302
Is a specific example of the rendering repository 103 shown in FIG. Printer repository 302 optionally contains a temporary copy of the digital work, which copy remains until printed out by print engine 303. In other cases, print repository 302 may include digital work, such as fonts, which remain and are charged for use. This design ensures that all communication lines between the printer repository and the printing device are encrypted except when within physically secure boundaries. This design feature eliminates potential "obstacle" points through which digital work can be unfairly acquired. Printer device 303 represents a printer component used to generate print output.

FIG. 3 also shows a repository 304. The repository 304 is connected to the printer repository 302. Repository 304 represents an external repository containing digital work.

FIG. 4 shows the functional elements of the trusted printer repository. Note that these functional elements also exist in any rendering repository. With reference to FIG.
10, a core repository service 411, and a print repository function 412. Operating system 410 is specific to the repository and is typically based on the type of processor used to implement the repository. Operating system 410 also provides a basic server for controlling and interfacing between the basic components of the repository.

The core repository service 411 includes a set of functions required by each and all repositories. In a trusted printer repository, the core repository service involves a request-response protocol for receiving digital work and decrypting the received digital data.

Print repository function 412
Includes features for rendering and printing workpieces and for collecting and generating data for digital watermarks. Features that are unique to print repositories will become apparent from the following description, particularly with reference to the flowchart of FIG.

FIG. 5 shows a flowchart illustrating the basic steps for creating a digital work that can be printed on a trusted printer so that the final printed document is also secure. Note that many well-known execution steps, such as encryption of digital works, have been omitted so as not to deviate from the basic steps. First, a digital work is written, a usage right including a print right for designating watermark information is allocated, and the digital work is deposited in the repository 1 (step 501). As will be described in further detail below, the assignment of usage rights is performed using a rights editor. The deposition of the digital work in repository 1 indicates that the digital work has been placed in the controlled system. Next, repository 1 receives a request to access a digital work from repository 2 (step 502), and repository 1 transfers a copy of the digital work to repository 2 (step 503). In this example, assume that a "trusted" session has been established between repository 1 and repository 2. The request-response protocol used in this interaction is disclosed in the aforementioned U.S. Pat. No. 5,629,980, and thus need not be further described in the request-response protocol.

Repository 2 next receives a user request to print the digital work (step 504).
Repository 2 then establishes a trust session with the printer repository of the printing system where the digital work is to be printed (step 505). The printer repository receives the encrypted digital work and checks whether the work has print rights (step 506). If the digital work has printing rights, the printer repository decrypts the digital work to generate a watermark, and the watermark is printed on the digital work (step 507).
The printer repository then sends the decrypted digital work with the watermark to the printer for printing (step 508). For example, a decrypted digital work is a digital work postscript (Po
stscript, trademark).

Management and sales of digital work (governing sa
The main concept in le), distribution and usage management is that the issuer can assign "rights" to the work that specify usage periods and conditions. These rights are expressed in terms of rights as described in the aforementioned U.S. Pat. No. 5,629,980. For a number of reasons, it is advantageous to specify watermark information within its grammar within rendering or playback rights. First, the notation written in this way is technically independent. Thus, different watermarking techniques can be used and changed without changing the digital document. Second, multiple watermarking techniques (eg, visible and invisible watermarking techniques) can be applied to the same digital work. Therefore, even if a visible watermark is deleted, an invisible watermark remains. Third, the watermark information attached to the digital work may be related to a rendering event rather than a distribution result. Fourth, the watermark information can be extended to include the entire distribution chain of the digital work. Fifth, the security and watermarking capabilities of the rendering system may be specified as rendering conditions. This will further ensure trust rendering of the digital work.

As a result of these advantages, the specification of this type of watermark information can be used for digital work superdistribution.
n) support well. Superdistribution is a distribution concept in which all subsequent distributions are taken into account, where every processor of the digital work can also be a distributor of the digital work.

When the publisher assigns the right to the digital work, the publisher can distinguish the viewing (or reproduction) right or the printing right according to the usage right. The playback right is used to make a temporary copy of the work, such as a text image on a display or the sound of music from a speaker. Print rights are used to make persistent copies, such as audio recordings on pages or magnetic media from laser printers.

FIG. 6 is an example of a usage right for a digital work enabling trusted (reliable) printing from a personal computer. Referring to FIG. 6, various tags for digital work are used. Tag "description"
601, “work-ID” 602, and “owner” 60
3 is identification information (ID information) for the digital work
I will provide a.

The usage rights are specified individually and as part of a group of rights. Rights group 6
04 is named "Regular". This bundle label provides the payee 605 and the minimum security level 606 that applies to all rights in the group. Fee payee 605 indicates who is paid for the performance of the right. The minimum security level 606 is used to indicate the minimum security level for a repository that wants to access the associated digital work.

Next, the rights in the group are individually specified. This usage right does not include a fee for transfer 608, delete 609, or playback 610, but a fee of $ 5 for digital copy 607. The usage right also has two printing rights 611 and 612, both of which require a trusted printer (designated by 613). The first print right 611 can be used when the user has a specific prepaid ticket (prepaid ticket, designated by 614). The second print right is 10
Has a flat rate of dollars (designated by 615). In this example, the copy right can be implemented and the digital work can be sent to the user's computer, and the user can use the play and print rights to play or print the work at his / her convenience. Assume that Fees are recorded from the user's workstation each time the right is executed.

FIG. 6 shows the watermark specifications 616 and 617. Specific details of the watermark specifications 616 and 617 are described below with reference to FIG.

FIG. 7 illustrates a different set of rights for the same digital book. In this version, the publisher does not want a digital transmission to the customer's workstation. The practical view in favor of this choice is that the issuer wants to minimize the risk of unauthorized digital copying, and that the level of trust available on the workstations is less than that provided by the trust system. Would require high security. Instead,
The publisher wants to send the book directly from the online book store to a trusted printer. Printing must be prepaid with a digital ticket (see fee details 701). In order to allow digital distribution to authorized distributors rather than directly to customers, the issuer requires that both parties in the copy and transfer rights (ie, distributors and customers) have authorized digital licenses (see certification statements 72 and 73). It is necessary to have Without such a license, the customer cannot access the work at the workstation. Instead, he / she must print the work.

FIG. 7 also shows a watermark specification 704. The watermark specification 704 is described in further detail below with reference to FIG.

There are three main requirements for watermarking on a trusted printer. • Social reminder: This requirement is for a visible printed indication of whether photocopying is allowed. This may be a description printed on the document indicating the security level of the document or an icon or symbol defined in the company. Audit: This requirement includes the printing results, such as who owns the printing rights, whether photocopying is allowed, who or what printer printed the document, and when the document was printed. This is because of the way that information about is documented. Copy search: This requirement is a way to differentiate between printed originals and photocopies. Generally, this requirement involves the use of printed patterns on the page that tend to be deformed by photocopiers and scanners. In some patterns, the difference between the copy and the printed original is detectable by the human eye, while in other patterns, the computer can detect the difference using a scanner.

In the preferred embodiment, the watermark is created using embedded data techniques, such as the glyph technique developed by Xerox Corporation. Glyph technology used as embedded data printed on media is known as "Hardcopy Lossless Data Storage and Communication for Electronic Document Processing Systems."
sless Data Storage and Communications For Electron
ic Document Processing Systems), which is incorporated herein by reference. US Pat. No. 5,486,686, the disclosure of which is incorporated herein by reference.
The use of glyphs as digital watermarks on printed documents is based on a quasi-copying technique (Quasi-Repr) that applies various embedded data to copyright management and distribution control.
ographics With Variable Embedded Data With Applica
tions To Copyright Management, Distribution Contro
l, etc.) ", pending patent application Ser. No. 08/7.
No. 34,570. That patent is assigned to the assignee of the present invention and is incorporated herein by reference.

In general, embedded data technology is used to put machine readable data on a printed medium. Machine readable data is often an encoded form of data that is difficult, if not impossible, for a human to read. Another example of an embedded data technology is a barcode.

The embedded data technique can be used to hold hundreds of bits of embedded data per square inch in various achromatic patterns (gray patterns) on the page. Preferably, the marks representing the encoded data are used to generate marks that are more aesthetically appealing than other embedded data techniques,
Glyphs are used. With careful design, glyphs can be integrated with graphic elements in the page layout. Glyphs can be used with any kind of document. The glyph watermark holding the document ID (identification) can be embedded by the publisher, but glyphs with data about the print result can be added to the watermark when printing is being performed by the printing system. it can. Document ID
And fingerprint data can both be embedded in the same watermark.

A disadvantage of using glyphs and all types of visible separable watermarks is that they can be removed from the document by mechanical or computer work.

FIG. 8 shows an example of a document image having a watermark in which glyphs are embedded. Referring to FIG.
Document page 801 has various texts 802. Also, a watermark 803 in which a glyph is embedded is included. It should be noted that the document is not limited to text and may include image and graphic data.

This section briefly describes how embedded data technology can be used in a trusted printing system to embed watermarking data. Describes how glyph and watermark data is processed at each stage of generating, publishing, and printing a document.

In order to integrate embedded data such as glyphs into the trust printing system, it has been decided to include the following necessary items. Document designers such as authors and publishers must specify the position and shape of the watermark on each page, so that the watermark can be incorporated into the design of the document. No. The method must be compatible with mainline document generation (eg, word processing) systems. This method must work within the existing printer protocol. This method must preserve fingerprint (or run-time) data in the usage rights specification. -This method should not significantly reduce the printing speed.

As used herein, "media-dependent data" is used to refer to information about how watermarks are located and formed in document content.
data) ". In this method, the data is encoded into the watermark, depending on how the usage rights are used.

Publishers use many different tools to create documents. Different text editors or word processors have different methods and degrees of control over the layout of the text, pictures, and diagrams they provide. One thing all text editors have is a way to place text on a page. In fact, this is the least common divisor (minimum common function) of all system functions (capabilities).

By developing this common function, one can gain insight into how glyphs are used to represent watermarks. Glyph watermarks are organized graphically as rectangular boxes.・ Boxes of different sizes have different data holding capacity. For a 300 dpi printer, about 3 per inch
00 bytes can be encoded in the glyph. Note that this can represent more data if the original data is compressed before encoding the glyph. Note that some data may be repeated redundantly to increase reliability, but at the expense of reliability and data capacity. Each glyph watermark is displayed in the document creation program as a character in the initial glyph watermark font. Boxes of different sizes and shapes are represented as different characters in earlier glyph watermark fonts. When a digital work is printed, the encoding of the data is similar to the calculation and modification of its watermark font.

In practice, the designer laying out the document opens a page in the glyph catalog containing glyph boxes of different sizes. Glyph boxes in catalogs are probably test data, for example

[0052]

[Outside 1]

Glyph ASCII code). Designers want to encode as much data per page as soon as possible (eg, 10
0, 300, 500 or 1000 bytes).
The designer copies a correspondingly sized “box” (actually a letter) into his document and places this box anywhere on the page (typically incorporating this box as a design element) .

FIG. 9 illustrates a set of sample watermark characters (ie, glyph boxes) having different storage capacities. The actual catalog contains additional forms and is annotated according to the data ownership of the glyph.

Note that the glyph-encoded watermark can also be placed in the figure, since the drawing program also has the ability to position characters on the page.

When the creator saves his or her work, the document creation program writes a file in which glyph font characters are used to represent a watermark. If the creator prints the document at this stage, the creator must replace the test data encoded in the achromatic (gray-tone) glyph box with later dynamically generated watermark data, You will see more or less what the final sold version (sold version) will look like.

When the author or publisher is ready to publish the work and put it into a system for controlling the distributed use of digital work, one of the steps is to edit the rights editor To assign rights to the work. The rights editor is a program used by the document owner to specify the period and conditions for using the digital work.

At this point, the document identification data and the print result data are specified. FIG. 10 shows the watermark information specified for the print right. Note that the representation of the watermark information is arbitrary within the scope of the grammar. Referring to FIG. 10, the print right 1001
Specifies that the purchaser of the document must pay $ 10 to print the document (Charge 1
002). The document should only be printed on a given type of trusted printer (printer specification 1003). In addition, the watermark is a specific string "Title:
Moby Dog Copyright 1994 by Zeke Jones. All Rights
It is necessary to embed “Reserved” and also include various data about the print result (watermark token specification 1004). Here, the specified print result data is who printed it, the name of the institution that printed it, the name of the printer, the location of the printer, and the time the digital work was printed. This information is obtained when printed, as described in detail below.

FIG. 11 shows a flowchart summarizing the basic steps for a creator to place a watermark in his or her document. As part of the layout of the text document, the designer determines how much data is needed for the watermark (step 1101). An appropriate watermark character (eg, a glyph box) is selected based on the required amount of data (step 1102). Next, the watermark character is placed on the page (s) of the digital work (step 1103). Finally, a printing right having a watermark specification is created as part of the rights assignment for the digital work document (step 110).
4). At this point, when the document is viewed, the watermark is located at a desired position on the document. However, no actual fingerprint and other data identification data has yet been generated in the embedded data format. It is generated dynamically when printing, as described below.

The next step for digital work is:
Issuing and distributing this work. During this process, the digital work is protected by encryption and other security systems used, and its rights move with the document. Through this part of the process, any printer or workstation that has a copy of the document will also have its trust system, trust printer,
May have a digital certificate containing information identifying the user etc. (this process is issued US Pat.
629,980).

FIG. 12 shows a flow chart of the steps required to print a document. Referring to FIG. 12, at a certain point, the user decides to print a document (step 1201). Typically, this is done by a print command invoked over some interface on the user system. This opens a request-response protocol between the "user" repository containing the document and the printer repository (step 120).
2). During this exchange, the security and watermark capabilities of the printer are checked. If the printer does not have adequate security or watermarking capabilities, the digital work cannot be printed on the printer. The printer's security level and watermark capabilities are specified in the printer's ID certificate. Assuming that the printer has the appropriate security level and watermark, the "user" repository then checks whether the user has the necessary printing rights (step 1203). Assuming that the user has the necessary printing rights, the user repository interfaces with the credit server and reports the fee required to print the digital work (step 1204). The actual billing of the digital work occurs when the right is invoked, either when the print is made or when the document can be proven to have been printed. The latter protects the user from situations where printing can be accidentally terminated before all the digital work has been printed.

Next, a calculation is performed to collect information to be embedded in the watermark and incorporate it into a new font for the watermark character. First, information (ie, name, location, current date and time, etc.) must be gathered from the digital ID certificate belonging to the user or trusted printer (step 1205). This information is "printed" in a computer memory to generate a bitmap image consisting of a plurality of glyph boxes of different sizes (step 1206). Since the generation and encoding of glyphs is described in the aforementioned U.S. Pat. No. 5,486,686, it does not seem necessary to describe the encoding of glyph patterns. In any case, this information is then assembled into a font definition (step 1207).

Next, the digital work is decrypted and downloaded into the printer (step 120).
8). When the digital work is downloaded into the printer, parts of the protocol are also downloaded to a new "revised" glyph font (now having characters corresponding to the grig box at this time). This font is used by the publisher when generating the document, except that the gray code in the font box then embeds the data the publisher wants to represent, at least in the watermark of the document. Resembles a font.

Next, the printer prints the digital work (step 1209). When the document is printed, the glyphs that appear on the page contain the desired watermark data.

FIG. 13 is a flowchart showing an outline of basic steps for extracting embedded data. First, the printed document is scanned to obtain a digital representation (step 1301). next,
The position of the watermark and the corresponding embedded data is found (step 1302). Watermarks can be found using techniques for finding characteristic pixel patterns in a digital representation of a printed document. Alternatively, a template for the document may have been generated that can be used to quickly locate the watermark.
In any case, the embedded data is extracted from the watermark and decoded (step 1303). Next, the unencoded (decoded) data is converted into a human-readable format (step 1304). This can be done on screen or printed. Next, the extracted data is used to confirm who and where the unauthorized duplication of the digital work was performed. .

It should be noted that the means for extracting the watermark data depends on the technique used to embed the watermark data. Thus, the actual extraction steps may vary, but do not depart from the spirit and scope of the present invention.

[Brief description of the drawings]

FIG. 1 is a block diagram illustrating the basic interaction between repositories by repository type in a system for controlling the distribution and use of digital works in a presently preferred embodiment of the present invention.

FIG. 2 illustrates a repository connected to a credit server for usage fee reporting, such as used in a system for controlling distribution and use of digital work in a presently preferred embodiment of the present invention.

FIG. 3 is a representation of a printer as a rendering system, as used in a system for controlling distribution and use of digital works in a presently preferred embodiment of the present invention.

FIG. 4 is a block diagram illustrating functional components of a trusted printer repository in a presently preferred embodiment of the present invention.

FIG. 5 depicts a flowchart of the basic steps for creating a digital work for printing on a trusted printer, as implemented in a presently preferred embodiment of the present invention.

FIG. 6 illustrates, in a presently preferred embodiment of the invention, a usage rights notation for a digital work printed on a user's trusted printer.

FIG. 7 illustrates a usage right notation for a digital work that can only be printed on a shared trusted printer on a network in a currently preferred embodiment of the present invention.

FIG. 8 illustrates a printed page having a watermark with glyphs encoded.

FIG. 9 illustrates a set of sample embedding data boxes with different capacities, such as used as watermark characters in a watermark font set in a currently preferred embodiment of the present invention.

FIG. 10 represents a print right with designated watermark information, such as a set used in the presently preferred embodiment of the present invention.

FIG. 11 depicts a flowchart outlining the basic steps for a creator to place a watermark in his or her document, as performed in a presently preferred embodiment of the present invention.

FIG. 12 shows a flowchart of the steps required for printing a document as performed in the presently preferred embodiment of the present invention.

FIG. 13 shows an outline flowchart of the basic steps for embedded data extraction as performed in the presently preferred embodiment of the present invention.

[Explanation of symbols]

 105 Repository transaction 202 Billing transaction 204 Clearing transaction 301 Printer system 801 Document page 802 Text 803 Watermark with embedded glyph 1001 Printing rights

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) H04N 7/08 H04N 7/08 Z 7/081 (72) Inventor Glenn W .. Petrie United States 95030 Los Gatos Pierce Road, California 26150 (72) Inventor Steve A. Okamoto United States 90505 Trans Call du Arboret, California 5512 (72) Inventor Nicholas H. Briggs United States 94306 Palo Alto La Donna Avenue, California 3994 F-term (reference) 5B017 AA06 AA07 BA06 BA07 BB02 BB07 BB10 CA16 5B085 AC03 AC04 AE06 AE29 BE07 5C063 AC10 CA40 5C076 AA14 AA40 BA06

Claims (2)

[Claims] Claims: 1. A system for controlling the distribution and use of a digital work, comprising means for generating usage rights, each usage right specifying how the digital work is to be used or distributed. Means for attaching a generated set of usage rights, including rendering rights, to the digital work, wherein the rendering rights are rights to authorize rendering of the digital work; Further specifies watermark information to be embedded in the rendering of the digital work, wherein the watermark information includes information about the rendering of the digital work, and for linking repositories to enable the exchange of repository transaction messages. Use of communication media And a rendering repository for receiving a digital work to be rendered from the general repository, and a rendering device for rendering the digital work. The rendering repository further comprising: means for collecting watermark information specified in rendering rights associated with the digital work to be rendered; and for embedding in the rendered digital work. Means for encoding said watermark information, the system for controlling distribution and use of digital works. 2. A method for providing a watermark to a rendered digital work in a system for controlling distribution and use of a digital work, the method comprising: a) a creator of the digital work rendering Assigning rights to the digital work and storing the rights in the distribution repository, wherein the rendering rights specify watermark information indicating information confirming a rendering event; and b) a user can download the digital work from the distribution repository. Obtaining a cryptographic version and storing it in a user repository; c) the user requesting a rendering of the digital work; d) the user repository having the proper rights of the digital work for rendering. Whether to have E) if the digital work has proper rendering rights, the user repository communicates with a rendering repository to establish a trust session; and f) the user repository stores the trust repository in the rendering repository. Transferring the digital work; g) collecting the watermark information specified in the rendering right by the rendering repository; h) encoding the data for the watermark in the rendering repository. I) the rendering repository decrypts the digital work and embeds the watermark information; j) before the rendering repository has embedded the watermark information. Providing a watermark to the rendered digital work, comprising transmitting the digital work to a rendering device for rendering.