WO2015059669A1 - System and method for monitoring third party access to a restricted item - Google Patents

System and method for monitoring third party access to a restricted item Download PDF

Info

Publication number
WO2015059669A1
WO2015059669A1 PCT/IB2014/065586 IB2014065586W WO2015059669A1 WO 2015059669 A1 WO2015059669 A1 WO 2015059669A1 IB 2014065586 W IB2014065586 W IB 2014065586W WO 2015059669 A1 WO2015059669 A1 WO 2015059669A1
Authority
WO
WIPO (PCT)
Prior art keywords
restricted item
key data
item
party
cryptocurrency
Prior art date
Application number
PCT/IB2014/065586
Other languages
French (fr)
Inventor
Gert-Jan VAN ROOYEN
Frederick Johannes LUTZ
Herman Arnold ENGELBRECHT
Original Assignee
Stellenbosch University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Stellenbosch University filed Critical Stellenbosch University
Priority to RU2016119148A priority Critical patent/RU2656995C2/en
Priority to CN201480071065.3A priority patent/CN105849757B/en
Priority to EP14806725.9A priority patent/EP3061057A1/en
Publication of WO2015059669A1 publication Critical patent/WO2015059669A1/en
Priority to ZA2016/03571A priority patent/ZA201603571B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0207Discounts or incentives, e.g. coupons or rebates
    • G06Q30/0208Trade or exchange of goods or services in exchange for incentives or rewards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0207Discounts or incentives, e.g. coupons or rebates
    • G06Q30/0226Incentive systems for frequent usage, e.g. frequent flyer miles programs or point systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0241Advertisements
    • G06Q30/0251Targeted advertisements
    • G06Q30/0254Targeted advertisements based on statistics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • This invention relates to a system and method for monitoring third party access to a restricted item.
  • Licensing agreements are a well-known method of managing rights to media
  • P2735PC00 Monitoring Third Party Access
  • some technologies aim to prevent, among other things, the accessing, printing or altering of media.
  • a notable example is the use of web-based permission schemes to prevent unauthorized access to media.
  • a notable problem associated with these and other existing media rights management technologies and strategies is that it may be difficult to determine at or near which point in time the restricted item was first distributed, accessed or used illegitimately or without appropriate authorization. In some cases, at the time when the illegitimate activities first become known to a responsible party, the restricted item may have already been made available to numerous individuals or entities.
  • P2735PC00 (Monitoring Third Party Access) attempts to redistribute or provide access to restricted items unlawfully or without appropriate authorization.
  • existing media rights management systems may adversely impact legitimate consumers. For example, fair usage of media may be restricted by preventing an entity authorized to possess media from moving the media from one personal device to another personal device, or by preventing the entity from editing certain media items.
  • Embodiments of the present invention aim to address these and other problems, at least to some extent.
  • a method of monitoring third party access to a restricted item the restricted item having key data embedded therein, the key data being associated with a store of value and usable to conduct a transaction against the store of value, wherein a record of the transaction becomes visible in a transaction ledger, the method including the steps of:
  • Further features of the invention provide for the method to include the steps of: storing, in a database, the key data or data derived at least partially therefrom in association with an entity credential of an authorized entity, the authorized entity authorized to possess the restricted item; if the restricted item is designated as accessed by a third party, identifying the authorized entity as a responsible party to be held accountable for the third party access; and, in response to determining that a transaction against the store
  • P2735PC00 Monitoring Third Party Access
  • updating the database to indicate that the key data or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value.
  • the store of value to have a balance of digital currency; for the transaction ledger to be a shared public ledger containing records of transactions conducted using the digital currency; for the digital currency to be a cryptocurrency; for the store of value to be a cryptocurrency address; and for the cryptocurrency address to be represented by or derived at least partially from a cryptocurrency public key corresponding to a cryptocurrency private key.
  • the key data to include the cryptocurrency private key or an address identifier derived at least partially from the cryptocurrency private key; for conducting a transaction against the store of value to include using at least the cryptocurrency private key to perform a cryptocurrency transaction; and for performing the cryptocurrency transaction to include transferring at least some of a balance of cryptocurrency held at the cryptocurrency address to a second, receiving cryptocurrency address represented by or derived at least partially from a second, receiving cryptocurrency public key.
  • a further feature of the invention provides for one or more of the cryptocurrency private key, the address identifier and the cryptocurrency public key to be associated with an authorized entity authorized to possess the restricted item and to be stored, in a database, in association with an entity credential of the authorized entity, wherein if the restricted item is designated as accessed by a third party, the authorized entity is identified as the responsible party to be held accountable for the third party access.
  • P2735PC00 Monitoring Third Party Access directly or using a software tool; and for the step of embedding key data in the restricted item to include embedding a plurality of sets of key data in the restricted item.
  • the plurality of sets of key data to provide progressive levels of key data, wherein different software tools are required to access each of the progressive levels or to read the key data from each of the progressive levels; and for a software tool required to access a particular level of key data or to read the key data from the particular level to be made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the restricted item.
  • Still further features of the invention provide for the cryptocurrency address to be controlled or managed by a party capable of monitoring the shared public ledger to determine whether a transaction against the store of value has occurred; and for the party controlling or managing the cryptocurrency address to be selected from the group consisting of: an individual having ownership or control of the restricted item, a group having ownership or control of the restricted item, an authorized entity authorized to possess the restricted item, a restricted item provider from which one or more authorized entity has requested the restricted item, and a third party associated with the restricted item provider.
  • the restricted item to be a media item; and for the media item to be a digital or analogue media item selected from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.
  • a digital or analogue media item selected from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.
  • step of embedding key data in the restricted item to include one or more of the steps of: embedding the key data in the restricted item using digital watermarking, embedding the key data in the restricted item using analogue watermarking, embedding the key data in the restricted item as a one-dimensional or two-dimensional barcode, embedding the key data in the restricted item as a graphical code, embedding the key data in the restricted item using steganography, embedding the key data in the restricted item using natural language watermarking or natural language morphology, embedding the key data in the restricted item using hidden text or invisible text or binary data embedding, and embedding the key data in the restricted item using visible text or visible binary data embedding.
  • the invention extends to a system for monitoring third party access to a restricted item comprising:
  • a restricted item receiving module configured to receive the restricted item
  • an embedding module the embedding module being in communication with the restricted item receiving module and configured to embed key data in the restricted item, the key data being associated with a store of value and usable to conduct a transaction against the store of value, wherein a record of the transaction becomes visible in a transaction ledger;
  • a monitoring module configured to monitor the transaction ledger to determine whether a transaction against the store of value has occurred
  • a designation module in communication with the monitoring module and configured to designate the restricted item as accessed by a third party in the event that a transaction against the store of value has occurred.
  • system to include a database configured to store the key data or data derived at least partially therefrom in
  • P2735PC00 Monitoring Third Party Access
  • association with an entity credential of an authorized entity the authorized entity authorized to possess the restricted item
  • the system for the system to be configured to perform the steps of: if the restricted item is designated as accessed by a third party, identifying the authorized entity as the responsible party to be held accountable for the third party access, and in response to determining that a transaction against the store of value has occurred, updating the database to indicate that the key data or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value.
  • Yet further features of the invention provide for the store of value to have a balance of digital currency; for the transaction ledger to be a shared public ledger containing records of transactions conducted using the digital currency; for the digital currency to be a cryptocurrency; for the store of value to be a cryptocurrency address; and for the cryptocurrency address to be represented by or derived at least partially from a cryptocurrency public key corresponding to a cryptocurrency private key.
  • the key data to include the cryptocurrency private key or an address identifier derived at least partially from the cryptocurrency private key; for conducting a transaction against the store of value to include using at least the cryptocurrency private key to perform a cryptocurrency transaction; and for performing the cryptocurrency transaction to include transferring at least some of a balance of cryptocurrency held at the cryptocurrency address to a second, receiving cryptocurrency address represented by or derived at least partially from a second, receiving cryptocurrency public key.
  • a further feature of the invention provides for one or more of the cryptocurrency private key, the address identifier and the cryptocurrency public key to be associated with an authorized entity authorized to possess the restricted item and to be stored, in a database, in association with an
  • P2735PC00 Monitoring Third Party Access
  • entity credential of the authorized entity wherein if the restricted item is designated as accessed by a third party, the authorized entity is identified as the responsible party to be held accountable for the third party access.
  • the key data to be readable from the restricted item by any third party that accesses the restricted item either directly or using a software tool; and for the step of embedding key data in the restricted item to include embedding a plurality of sets of key data in the restricted item.
  • Yet further features of the invention provide for the plurality of sets of key data to provide progressive levels of key data, wherein different software tools are required to access each of the progressive levels or to read the key data from each of the progressive levels; and for a software tool required to access a particular level of key data or to read the key data from the particular level to be made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the restricted item.
  • Still further features of the invention provide for the cryptocurrency address to be controlled or managed by a party capable of monitoring the shared public ledger to determine whether a transaction against the store of value has occurred; and for the party controlling or managing the cryptocurrency address to be selected from the group consisting of: an individual having ownership or control of the restricted item, a group having ownership or control of the restricted item, an authorized entity authorized to possess the restricted item, a restricted item provider from which one or more authorized entity has requested the restricted item, and a third party associated with the restricted item provider.
  • the restricted item to be a media item; and for the media item to be a digital or analogue media item selected
  • P2735PC00 Monitoring Third Party Access from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.
  • Yet further features of the invention provides for the step of embedding key data in the restricted item to include one or more of the steps of: embedding the key data in the restricted item using digital watermarking, embedding the key data in the restricted item using analogue watermarking, embedding the key data in the restricted item as a one-dimensional or two-dimensional barcode, embedding the key data in the restricted item as a graphical code, embedding the key data in the restricted item using steganography, embedding the key data in the restricted item using natural language watermarking or natural language morphology, embedding the key data in the restricted item using hidden text or invisible text or binary data embedding, and embedding the key data in the restricted item using visible text or visible binary data embedding.
  • the invention further extends to a computer program product for monitoring third party access to a restricted item, the restricted item having key data embedded therein, the key data being associated with a store of value and usable to conduct a transaction against the store of value, wherein a record of the transaction becomes visible in a transaction ledger
  • the computer program product comprising a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable program code executable by a processing circuit to perform the steps of:
  • P2735PC00 Monitoring Third Party Access
  • Further features of the invention provide for the computer-readable program code to be executable by the processing circuit to perform the further steps of: storing, in a database, the key data or data derived at least partially therefrom in association with an entity credential of an authorized entity, the authorized entity authorized to possess the restricted item; if the restricted item is designated as accessed by a third party, identifying the authorized entity as the responsible party to be held accountable for the third party access; and in response to determining that a transaction against the store of value has occurred, updating the database to indicate that the key data or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value.
  • Yet further features of the invention provide for the store of value to have a balance of digital currency; for the transaction ledger to be a shared public ledger containing records of transactions conducted using the digital currency; for the digital currency to be a cryptocurrency; for the store of value to be a cryptocurrency address; and for the cryptocurrency address to be represented by or derived at least partially from a cryptocurrency public key corresponding to a cryptocurrency private key.
  • the key data to include the cryptocurrency private key or an address identifier derived at least partially from the cryptocurrency private key; for conducting a transaction against the store of value to include using at least the cryptocurrency private key to perform a cryptocurrency transaction; and for performing the cryptocurrency transaction to include transferring at least some of a balance of cryptocurrency held at the cryptocurrency address to a second, receiving cryptocurrency address represented by or derived at least partially from a second, receiving cryptocurrency public key.
  • a further feature of the invention provides for one or more of the cryptocurrency private key, the address identifier and the cryptocurrency
  • P2735PC00 Monitoring Third Party Access public key to be associated with an authorized entity authorized to possess the restricted item and to be stored, in a database, in association with an entity credential of the authorized entity, wherein if the restricted item is designated as accessed by a third party, the authorized entity is identified as the responsible party to be held accountable for the third party access.
  • key data to be readable from the restricted item by any third party that accesses the restricted item either directly or using a software tool; and for the step of embedding key data in the restricted item to include embedding a plurality of sets of key data in the restricted item.
  • Yet further features of the invention provide for the plurality of sets of key data to provide progressive levels of key data, wherein different software tools are required to access each of the progressive levels or to read the key data from each of the progressive levels; and for a software tool required to access a particular level of key data or to read the key data from the particular level to be made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the restricted item.
  • Still further features of the invention provide for the cryptocurrency address to be controlled or managed by a party capable of monitoring the shared public ledger to determine whether a transaction against the store of value has occurred; and for the party controlling or managing the cryptocurrency address to be selected from the group consisting of: an individual having ownership or control of the restricted item, a group having ownership or control of the restricted item, an authorized entity authorized to possess the restricted item, a restricted item provider from which one or more authorized entity has requested the restricted item, and a third party associated with the restricted item provider.
  • the restricted item to be a media item; and for the media item to be a digital or analogue media item selected from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.
  • a digital or analogue media item selected from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.
  • Yet further features of the invention provides for the step of embedding key data in the restricted item to include one or more of the steps of: embedding the key data in the restricted item using digital watermarking, embedding the key data in the restricted item using analogue watermarking, embedding the key data in the restricted item as a one-dimensional or two-dimensional barcode, embedding the key data in the restricted item as a graphical code, embedding the key data in the restricted item using steganography, embedding the key data in the restricted item using natural language watermarking or natural language morphology, embedding the key data in the restricted item using hidden text or invisible text or binary data embedding, and embedding the key data in the restricted item using visible text or visible binary data embedding.
  • FIG. 1 is a schematic illustration a first embodiment of a system for monitoring third party access to a restricted item according to the invention
  • FIG. 2 is a block diagram illustrating a method of monitoring third party access to a restricted item according to the invention, using the system of Figure 1 ;
  • Figure 3 is a swim-lane flow diagram illustrating a sequence of steps whereby an authorized entity to which a restricted item was made available may be identified according to the invention
  • Figure 4 is a schematic illustration of a second embodiment of a system for monitoring third party access to a restricted item according to the invention
  • Figure 5 is a block diagram illustrating a method of monitoring third party access to a restricted item according to the invention, using the system of Figure 4;
  • Figure 6 is a schematic illustration of a third embodiment of a system for monitoring third party access to a restricted item according to the invention.
  • Figure 7 is a schematic illustration of a restricted item provided with progressive levels of key data according to embodiments of the invention.
  • Figure 8 is a block diagram illustrating a method of monitoring third party access to a restricted item according to the invention, wherein the restricted item is provided with progressive levels of key data.
  • FIG. 1 A first embodiment of a system (100) for monitoring third party access to a restricted item according to the invention is illustrated in Figure 1 .
  • the system (100) includes a restricted item provider (1 10), an authorized entity (120), and a financial system (130) providing at least one store of value (132).
  • the restricted item provider (1 10) possesses, controls or otherwise has access to a restricted item (1 12) which is to be made available to the authorized entity (120).
  • the restricted item (1 12) is a media item in the form of an e-book and the restricted item provider (1 10) is an online media content provider. Exemplary online media content providers include Amazon.com, Netflix, Hulu and the iTunes Store.
  • the authorized entity (120) has an electronic computing device (122), in this embodiment a desktop computer, by which it is able to communicate with the restricted item provider (1 10). Communications between the restricted item provider (1 10) and the electronic computing device (122) of the authorized entity (120) may be effected by way of any suitable wired or wireless communications channel. In this embodiment, the communications channel is the Internet.
  • the restricted item provider (1 10) has associated therewith a restricted item receiving module (1 14) configured to receive the restricted item (1 12) and an embedding module (1 16) in communication with the restricted item receiving module (1 14) configured to embed key data (134) in the restricted item (1 12).
  • the key data (134) is associated with the store of value (132) and usable to conduct a transaction against the store of value (132), a record of such a transaction becoming visible in a transaction ledger (140).
  • the restricted item provider (1 10) further has associated therewith a monitoring module (1 15) configured to monitor the transaction ledger to
  • P2735PC00 (Monitoring Third Party Access) determine whether a transaction against the store of value has occurred, and a designation module (1 17) in communication with the monitoring module (1 15) and configured to designate the restricted item (1 12) as accessed by a third party in the event that a transaction against the store of value has occurred.
  • a database (1 18) is operative in association with the restricted item provider (1 10).
  • the database (1 18) is configured to store the key data (134) embedded in the restricted item (1 12) or data at least partially derived therefrom in association with an entity credential of the authorized entity (120) which is authorized to possess the restricted item (1 12).
  • the block diagram (200) of Figure 2 illustrates a method of monitoring third party access to a restricted item according to the invention, using the system of Figure 1 .
  • the authorized entity (120) requests to obtain the restricted item (1 12) from the restricted item provider (1 10). For example, the entity (120) accesses a website of the restricted item provider (1 10) using the electronic computing device (122) and selects an e-book to purchase. The authorized entity (120) intends to permanently gain possession of the e-book in this embodiment.
  • the restricted item provider (1 10) desires to deter or prevent the authorized entity (120) from redistributing the restricted item (1 12) or reproductions thereof after it has been made available to the authorized entity (120).
  • the key data (134) which is to be embedded in the restricted item (1 12) is an identifier uniquely associated with the store of value (132).
  • the store of value (132) has a balance of digital currency.
  • the financial system (130) of Figure 1 is a system for digital currency in the form of a cryptocurrency.
  • the store of value (132) is a cryptocurrency address.
  • P2735PC00 (Monitoring Third Party Access) Cryptocurrencies allow digital currency to be transferred between cryptocurrency addresses without an intermediate financial institution or central authority.
  • Exemplary cryptocurrency systems include peer-to-peer, decentralised cryptocurrencies such as Bitcoin, Litecoin and PPCoin.
  • the cryptocurrency address (132) is represented by or derived from a cryptocurrency public key corresponding to a cryptocurrency private key.
  • the public key is used and/or derived to obtain the cryptocurrency address (132), the address (132) having a specific balance of cryptocurrency held therein.
  • the restricted item provider (1 10) utilizes the cryptocurrency system described above and generates a cryptographic key pair, in other words, a private key and a public key associated with a cryptocurrency address (132).
  • the restricted item provider (1 10) generates the key pair and transfers funds to the cryptocurrency address (132).
  • the private key represents a direct monetary value which can be traded in the cryptocurrency system.
  • the cryptocurrency address (132) has a particular balance associated therewith, indicated, for example, as 3.5 BTC or 0.0001 BTC in the case of Bitcoin.
  • the restricted item provider (1 10) embeds the key data in the restricted item (1 12) using the embedding module (1 16).
  • the key data (134) is the private key associated with the cryptocurrency address (132).
  • the restricted item receiving module (1 14) typically receives the media item
  • P2735PC00 Monitoring Third Party Access
  • the private key (134) is embedded in the media item (1 12), which is an e-book in Figure 1 , as a one-dimensional barcode (1 13).
  • the restricted item provider (1 10) stores the private key (134) in association with an entity credential in the database (1 18), as described above.
  • the entity credential includes a name, address and contact details of the authorized entity (120).
  • the database (1 18) therefore acts as a registry of keys, enabling the restricted item provider (1 10) to keep track of which private keys are associated with which authorized entity (120).
  • the restricted item (1 12) is then, at a next stage (210), made available to the authorized entity (120).
  • the authorized entity (120) may typically be able to download the e-book and store it locally or in any physical or cloud-based storage location as desired.
  • the transaction ledger (140) is a publicly visible shared transaction ledger.
  • the shared transaction ledger (140) includes all these transactions as a chain of transaction records or receipts, commonly referred to as a "block chain" in at least one known cryptocurrrency system. These transaction records are signed using both a private key and a public key, the private key being that of a party transferring value and the public key being associated with a receiving address.
  • the shared transaction ledger (140) is typically publically accessible via a website or other Internet-based platform.
  • Transaction records are verified by third parties carrying out what is known as "mining blocks”. Exemplary cryptocurrencies which make use of proof-of- work verification schemes, such as Secure Hash Algorithm 256 (SHA-256) or
  • P2735PC00 (Monitoring Third Party Access) scrypt, are Bitcoin and Litecoin.
  • An exemplary cryptocurrency system employing a combined proof-of-work / proof-of-stake verification scheme is PPCoin.
  • the principles and functioning of such cryptocurrencies having shared transaction ledgers containing transaction records will be well understood by those skilled in the art. Importantly, such a system allows a party having access to a private key or data at least partially derived therefrom to transact against a corresponding cryptocurrency address, in other words, either use the funds linked to the address or transfer the funds to a receiving address.
  • These systems also allow any party to inspect or analyse the shared transaction ledger to determine whether a particular address was transacted against.
  • the monitoring module (1 15) is used to inspect or analyse the shared transaction ledger (140), for example by using a web-based platform providing at least some of the transaction records, as illustrated in Figure 1 , whereby transaction records in the shared transaction ledger (140) can be accessed.
  • the authorized entity is therefore provided with a restricted item which has a reliable handle to a store of value embedded therein. Should the private key (134) not be read from the media item and used to transact against the cryptocurrency address, the funds stored therein remain untouched and the authorized entity either retains a deposit or token amount or is not held accountable and/or liable for unauthorized distribution.
  • the restricted item (1 12) is distributed, leading to the private key (134) being read from the restricted item (1 12) and used to transact in the cryptocurrency system, some or all of the funds may become lost to one or both of the authorized entity (120) and the restricted item provider (1 10). Furthermore, the transaction is visible in the shared transaction ledger (140), making the possibly fraudulent activity immediately or relatively quickly traceable.
  • P2735PC00 Monitoring Third Party Access
  • the flow diagram (300) of Figure 3 illustrates a sequence of steps whereby an authorized entity to which a restricted item was made available may be identified according to the invention.
  • the authorized entity (120) distributes the restricted item (1 12) or allows the restricted item (1 12) to be distributed or accessed, either purposefully or negligently.
  • a third party (301 ) obtains the restricted item (1 12) and reads the private key (134) from the media item (1 12).
  • the third party (301 ) may use a barcode-reading technique to obtain the private key (134) which is embedded in the e-book.
  • the private key may be readable from the restricted item by any third party that accesses the restricted item either directly or using a software tool.
  • the software tool may, for example, be a publicly available software tool. This may incentivize third parties to obtain key data from unlawfully distributed restricted items and transact using the value associated with the cryptocurrency address.
  • the third party (301 ) then, at a next stage (306), utilizes the cryptocurrency system to move funds from the cryptocurrency address (132) corresponding to the private key (134) to a desired address, or spends all or some of the funds in any other way.
  • Use of the private key (134), which serves as or may be derived from the key data uniquely associating the authorized entity (120) with the restricted item (1 12), may typically include use of the private key (134) and a receiving public key to conduct a cryptocurrency transaction against the cryptocurrency address (132) in favour of a receiving cryptocurrency address. Such a transaction may involve transferring at least some of a balance of
  • P2735PC00 Monitoring Third Party Access
  • cryptocurrency address (132) a second, receiving cryptocurrency address represented by or derived at least partially from a second, receiving cryptocurrency public key.
  • a record of the transaction becomes visible in the shared transaction ledger (140) or "block chain”.
  • the restricted item provider (1 10) or any other party fulfilling this function analyses the shared transaction ledger (140) at a next stage (310) to determine whether the private key (134) was used to conduct a transaction.
  • the shared transaction ledger (140) indicates, at a next stage (312), that the cryptocurrency address (132) was transacted against and therefore that the private key (134) was compromised.
  • the restricted item provider (1 10) at a final stage (314), in response to determining that a transaction was conducted against the store of value using the identifier which was embedded in the restricted item (1 12), updates the database (1 18) to indicate that the identifier was used to transact against the value store, in other words, that the private key (134) was compromised. This prompts the restricted item provider (1 10) or other party managing the monitoring of the shared transaction ledger (140) to designate the restricted item (1 12) as accessed by a third party.
  • the transaction record in the shared transaction ledger (140) may be used by the restricted item provider (1 10), or, of course, by any entity or agent monitoring the shared transaction ledger (140) on behalf of the restricted item provider (1 10), to extract, obtain or derive the private key (134), public key or simply the cryptocurrency address.
  • the obtained information is matched with the key data stored in the database (1 18) in association with the entity credential. In this way, the authorized entity (120) may be unambiguously identified and the restricted item provider (1 10) is able to determine that the private key (134) was in some way compromised.
  • P2735PC00 Monitoring Third Party Access
  • Various situations or courses of action may ensue after the private key (134) is compromised as described above, depending on the functioning of the cryptocurrency address (132) and ownership of the funds therein.
  • the entity (120) suffers financial loss.
  • the entity (120) may be held liable for the financial loss of the restricted item provider (1 10).
  • the authorized entity (120) may be held accountable or liable for unlicensed or unauthorized distribution of the media item (1 12), since the shared public ledger (140) contains proof that the private key (134) was compromised.
  • the monetary or digital currency value associated with the cryptocurrency address may function in a variety of ways.
  • these funds represent a token amount not intended to be spent, unless the private key is compromised and spent by a third party (typically used in the case of a permanent transfer of a physical, biological or media item).
  • the funds may represent a deposit paid by the authorized entity that may be forfeited if the authorized entity distributes the restricted item to a third party.
  • the funds may also be funds entrusted to the authorized entity by the restricted item provider, and for which the authorized entity is held accountable and/or liable if the private key is compromised and the funds spent or transferred. It should be appreciated that any combination of the above functions or further suitable functions may be employed.
  • the above description of the first embodiment of a system for monitoring third party access to a restricted item and methods for putting the system to use according to the invention is done by way of example only and it should
  • P2735PC00 Monitoring Third Party Access
  • private key any derivation thereof that can be used to reliably obtain the identifier or data signified by the term used.
  • Such a derivation of the private key for example a cryptographic hash thereof, may therefore be embedded in the restricted item.
  • the key data embedded in the restricted item includes the cryptocurrency private key or an address identifier derived at least partially from the cryptocurrency private key.
  • the address identifier may be a link, a tool or any other identifier usable to obtain or access the private key.
  • database should be interpreted so as to have its broadest meaning, and includes any data storage means whereby a credential of an entity can be reliably stored in association with key data or derivatives thereof.
  • the restricted item provider may, for example, be any media item or content provider or any digital or analogue media distributor.
  • the restricted item provider may be a satellite television service provider, a broadcasting corporation, a physical music or video distributor, an author, a photographer, a composer, an artist, a software provider or a publisher.
  • the restricted item provider may, in one scenario, be the author, creator or producer of the restricted item, for example, in the case that the restricted item provider is an artist.
  • the restricted item provider may, in a different scenario, be a distributor, retailer, or commercial restricted item provider, for example, in the case that the restricted item provider is a software provider.
  • the restricted item provider may be any other suitable entity in cases where the restricted item is not a media item.
  • the restricted item provider may be a plant breeder, developer or researcher in cases where the restricted item is a biological or genetic item.
  • the restricted item is not restricted to a media item and may be any item capable of being embedded with any form of data for the purpose of monitoring third party access to the restricted item.
  • the restricted item may be a physical item such as a book, a compact disc, a physical document, or a work of art, an electronic item such as digital media, a biological item such as a genetic sequence or biological matter, or any other item capable of being embedded with data.
  • the restricted item may be a digital media item or analogue media item.
  • the media item may be, among many others, one or more video files, one or more audio files, one or more electronic document files, one or more electronic books, one or more textual media files, one or more computer program files, computer gaming files or data, streaming media, and one or more image files.
  • the media item may, for example, be one or more video recordings or one or more audio recordings.
  • the media item may be textual media such as hypertexts, multimedia, digital art, e-mail, and the like.
  • the electronic computing device is not limited to a desktop or personal computer and may be any other communications device with substantially similar communications abilities, such as a mobile phone, a tablet computer or a laptop computer.
  • Communications between the restricted item provider and the electronic computing device of the authorized entity may, in alternative embodiments, be effected by way of a voice call or a mobile software platform used to request the restricted item from the restricted item provider.
  • the authorized entity may communicate with the restricted item provider without using electronic communications means.
  • the authorized entity may physically request and/or receive the restricted item from the restricted item provider, such as by way of a postal or courier service, or through over-the-counter sale or delivery.
  • the authorized entity may be any suitable entity, living or non-living, which is to receive the restricted item from the restricted item provider.
  • the authorized entity may be a consumer, institution, group, organization, electronic platform, or database receiving the restricted item from the restricted item provider. It should be appreciated that the same restricted item or copies or derivatives thereof may be provided to a plurality of authorized entities in further embodiments of the invention.
  • the authorized entity may be an original owner, author or creator of the restricted item or may otherwise have rights in respect of the restricted item.
  • the entity credential may be any suitable information serving to identify the authorized entity, for example, one or more of a name, an address, an e-mail address, a financial account number, a media service membership identifier, an identity number, contact details such as an a telephonic contact number, a physical address, employer information, details of a financial account and media service subscription information.
  • the key data may be any data or information capable of being used directly or indirectly to conduct a transaction against the store of value, either in the form in which it is embedded in the restricted item or a form derived therefrom.
  • the key data may be stored in the database such that, when the key data embedded in the restricted item or data derived therefrom is subsequently obtained by the restricted item provider from a source other than the
  • P2735PC00 Monitoring Third Party Access
  • the key data is subsequently obtained from a record of a transaction against the store of value from which the key data can be extracted or derived.
  • the key data may be embedded in the restricted item using any suitable information embedding technique, depending of course on the restricted item type.
  • the key data is embedded using one or more of the following techniques: embedding the key data in the restricted item using digital watermarking, embedding the key data in the restricted item using analogue watermarking, embedding the key data in the restricted item as a one-dimensional or two-dimensional barcode, embedding the key data in the restricted item as a graphical code, embedding the key data in the restricted item using steganography, embedding the key data in the restricted item using natural language watermarking or natural language morphology, embedding the key data in the restricted item using hidden text or invisible text or binary data embedding, and embedding the key data in the restricted item using visible text or visible binary data embedding.
  • the restricted item is a biological or genetic item and the key data is embedded, for example, in a genetic sequence.
  • a further example of an embedding technique is natural language watermarking or natural language morphology, whereby, for example, sentence construction of a document may be watermarked.
  • sentence construction of a document may be watermarked.
  • structure of one or more sentence constituents in a natural language text may be used to insert a watermark into a document.
  • the key data is embedded using a robust technique, which makes it relatively easy to read or derive the private key, while completely removing, obscuring or obliterating the key data from the restricted item is made comparatively difficult.
  • removing the key data from the restricted item destroys the item, makes the value associated with the
  • P2735PC00 (Monitoring Third Party Access) cryptocurrency address unusable, materially alters the item's content or makes it subsequently unusable.
  • the private key may simply be included in plaintext form in an electronic document or video, included in audio format in an audio or video file, or printed in a physical document.
  • more than one set of key data in other words, more than one private key or derivation thereof, may be embedded in a single restricted item.
  • the same set of key data may be embedded in multiple restricted items.
  • An example of such a case is a scenario wherein the authorized entity has an account at an online media library, such as iTunes. Any media item purchased or obtained using the account may then be embedded with the same key data or sets of key data, such that distribution of any or all of these media items may be unambiguously traced back to the authorized entity and/or the account.
  • each private key corresponds to a separate cryptocurrency address having a balance of cryptocurrency.
  • a single private key embedded in the restricted item may be associated with a plurality of cryptocurrency addresses in the database, the authorized entity typically being held liable for funds held in one or more of the plurality of addresses.
  • the restricted item provider may have management software used for any one or more of the following functions: to receive the restricted item using the restricted item receiving module, to generate the necessary cryptographic key pairs, to store keys in association with entity credentials, to embed private keys in restricted items using the embedding module, to distribute or otherwise allow entities to obtain requested items, to monitor the shared transaction ledger using the monitoring module, and to
  • P2735PC00 (Monitoring Third Party Access) use the designation module to designate a restricted item as accessed by a third party in the event that a transaction against a particular cryptocurrency address becomes visible in the shared transaction ledger.
  • Designating a restricted item as accessed by a third party may refer to any action taken an entity to confirm or establish that the key data embedded in the restricted item was compromised and used to transact against the relevant cryptocurrency address.
  • the cryptocurrency address may be controlled and/or managed by any party capable of monitoring the transaction ledger to determine whether a transaction against the store of value has occurred.
  • the party may typically be an individual having ownership or control of the restricted item, a group having ownership or control of the restricted item, the authorized entity itself, the restricted item provider as described above, or a third party associated with the restricted item provider.
  • the cryptocurrency address may be controlled and/or managed by a third party embedding service provider.
  • one or more of the restricted item receiving module, the embedding module, the monitoring module, the designation module and the database may be associated with the embedding service provider such that the embedding service provider is capable of embedding the key data in the restricted item on behalf of the restricted item provider and performing one or more of the further functions associated with the modules mentioned and the database.
  • the restricted item may be embedded with the key data by the embedding service provider on behalf of the authorized entity.
  • embedding the restricted item with the identifier and/or the managing of cryptocurrency addresses and keys are outsourced to and carried out by an external service provider.
  • P2735PC00 Monitoring Third Party Access
  • the entity controlling and/or managing the cryptocurrency address may elect to change the balance of cryptocurrency stored at the cryptocurrency address by conducting transactions against the address to increase or decrease its value. Such action may be taken, for example, in response to the restricted item becoming compromised or to create a reward or incentive for finding the restricted item and/or the key data embedded therein.
  • the restricted item may have various formats and is not limited to the transfer of a file or document.
  • the authorized entity may select media content to stream or video content to download to a personal device.
  • any suitable conventional payment systems and channels may be employed to purchase, rent or otherwise transact to obtain the restricted item.
  • no conventional payment may be required.
  • the cryptocurrency address is controlled and managed by the restricted item provider.
  • the restricted item provider then generates the key pair and transfers funds to the cryptocurrency address.
  • the cryptocurrency address may be associated with a key pair of the authorized entity, the authorized entity providing the restricted item provider with the private key to enable the restricted item provider to uniquely identify transactions conducted against the cryptocurrency address.
  • the authorized entity may have generated the key pair, provides the private key to the restricted item provider, and the restricted item provider transfers funds to the cryptocurrency address.
  • the authorized entity after generating the cryptocurrency address and transferring funds to the cryptocurrency address, provides the private key to the restricted item provider.
  • the cryptocurrency address is a 160-bit hash of the public portion of a public / private Elliptic Curve Digital Signature Algorithm (ECDSA) keypair.
  • EDSA Elliptic Curve Digital Signature Algorithm
  • the cryptocurrency address is therefore algorithmically converted from a public key.
  • the cryptocurrency address may be the public key itself, or any other identifier derived at least partially from the public key.
  • the cryptocurrency address and public key may thus comprise different values or strings of characters that are uniquely associated with each other such that the private key remains unambiguously linked to the cryptocurrency address.
  • the invention is not limited to one or more particular cryptocurrency systems, as will be apparent to those skilled in the art.
  • the balance associated with the crytocurrency address may be less than an inherent value of the restricted item.
  • the restricted item may be made available to the authorized entity permanently, as is the case in the example of Figure 1 . This may typically be the case for physical or biological items or media items such as, among others, music files, software and electronic books. If the restricted item is made available to the authorized entity permanently, the authorized entity may be held liable for unauthorized distribution of the restricted item at any time after the restricted item is made available to the authorized entity.
  • the restricted item may be made available for a predefined period of time or until a predefined condition is met.
  • the restricted item may be streaming media, in which case the authorized entity is only held liable for compromising the private key embedded in the media during a specific timeframe, for example, until streaming has ended.
  • a predefined condition which lifts accountability and/or liability from the
  • P2735PC00 Monitoring Third Party Access
  • authorized entity may be returning of the restricted item to the restricted item provider.
  • the restricted item provider may monitor the shared transaction ledger for a period of time to determine whether the cryptocurrency address is transacted against before liability is lifted.
  • the authorized entity may be held indefinitely liable.
  • the restricted item may be a digital media item in the form of a film provided to an individual or group for the purpose of viewing the film and returning the digital media item after a predefined period of time without distributing the item to any external party.
  • the digital media item may be embedded with key data associated with a cryptocurrency address having a value of, for example, $1 ,000.00 or $50,000.00, such that these funds may be spent if the item is distributed to external parties.
  • the embedded key data may then serve as a deposit, which is returned to the individual or group upon the restricted item provider being satisfied that an uncompromised digital media item has been returned.
  • the system (400) of Figure 4 is a second embodiment of a system for monitoring third party access to a restricted item according to the invention.
  • the system (400) is similar to the system (100) of Figure 1 , and like reference numerals represent like components, entities, systems or devices.
  • the restricted item provider (1 10) does not provide the restricted item (1 12) to a specific authorized entity. Furthermore, the key data embedded in the restricted item (1 12) is not stored in association with a particular entity such that the specific entity may be held accountable or liable for distributing the restricted item (1 12).
  • the embodiment of Figure 4 further includes a third party service provider (402), the service provider (402) responsible for operating the restricted item receiving module (1 14), the embedding module (1 16), the monitoring module (1 15) and the designation module (1 17) in a manner similar to the manner
  • the system configuration shown in Figure 4 may enable the restricted item provider (1 10) to become aware that the restricted item (1 12) has been used, distributed or otherwise operated without authorization, without requiring the restricted item provider (1 10) to associate the restricted item (1 12) with one or more specific authorized entities. This may be desirable in cases where the restricted item (1 12) is made available by the restricted item provider (1 10) to only a few individuals, for example. Also, in certain scenarios, the restricted item provider (1 10) may not desire to know the identity of the infringer, but simply that the restricted item (1 12) has been placed "in the clear” or "in the wild", where it can, for example, be uncontrollably distributed.
  • the block diagram (500) of Figure 5 illustrates a method of monitoring third party access to a restricted item according to the invention, using the system of Figure 4.
  • the restricted item provider (1 10) requests the third party service provider (402) to monitor third party access to the restricted item (1 12).
  • the service provider (402) at a next stage (504), generates a cryptographic key pair and transfers funds to a generated cryptocurrency address (132).
  • the service provider (402) then proceeds to embed key data in the restricted item (1 12) as described above, at a following stage (506).
  • the service provider (402) monitors the shared transaction ledger (140) for transactions against the relevant address (132) at a next stage (508), and, in the event of a transaction becoming visible, alerts the restricted item provider (1 10), at a final stage (510), that the key data has been compromised and the value stored at the cryptocurrency address (132) transacted against.
  • the restricted item provider (1 10) may be a software provider such as an anti-virus provider which may desire to update software once it is known that a certain restricted item is in the clear.
  • the restricted item provider (1 10) may desire to adapt its security measures to disallow access to software, online platforms or user accounts to users once it is known that a restricted item is in the clear.
  • the system (600) of Figure 6 is a third embodiment of a system for monitoring third party access to a restricted item according to the invention.
  • the system (600) is similar to the systems (100, 400) of Figures 1 and 4, and like reference numerals represent like components, entities, systems or devices.
  • the authorized entity (120) does not receive the restricted item (1 12) from an item provider. Instead, the authorized entity (120) desires to monitor third party access to a restricted item it already owns or controls.
  • the authorized entity (120) may be a composer aiming to become aware once musical works stored on the electronic computing device (122) of the composer have been compromised.
  • the authorized entity (120) may be an individual aiming to protect personal data such as bank account or credit card information.
  • the authorized entity (120) may embed key data in a document containing the personal data such that upon determining, from the shared transaction ledger (140), that a transaction has been conducted using the key data, it can be deduced that the personal data has been compromised. The authorized entity (120) may then take appropriate action to guard against losses, for example, by freezing relevant financial accounts.
  • the electronic computing device (122) of the authorized entity (120) may be utilized to operate the restricted item receiving module (1 14), the embedding module (1 16), the monitoring module (1 15) and the designation module (1 17) in a manner similar to the manner described above.
  • the authorized entity (120) in other words a legitimate user or controller of an item, which may be responsible for embedding key data in the item to, for example, protect the integrity of the item.
  • more than one set of key data in other words, more than one private key or derivation thereof, may be embedded in a single restricted item.
  • Figure 7 shows a schematic illustration of a restricted item (1 12) provided with progressive levels (701 , 71 1 , 721 ) of key data (702, 712, 722) according to embodiments of the invention.
  • reference numerals corresponding to reference numerals in Figures 1 to 6 represent like entities, components or devices.
  • multiple sets of key data (702, 712, 722) may be embedded in a single restricted item (1 12).
  • Each of the sets (702, 712, 722) represent or is associated with a private key corresponding to a public key, which in turn represents or is associated with a cryptocurrency address (703, 713, 723) usable to transact against in the cryptocurrency financial system (130).
  • the plurality of sets of key data (702, 712, 722) provides progressive levels (701 , 71 1 , 721 ) of key data, wherein different software tools are required to access each of the progressive levels or to read the key data from each of the progressive levels.
  • Any suitable software tool may be used which enables the user thereof to access the level and/or read the key data from the particular level.
  • the software tool may be browser add-on that checks downloaded files for key data.
  • P2735PC00 Monitoring Third Party Access
  • a software tool required to access a particular level of key data or to read the key data from the particular level may only be made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the restricted item.
  • the block diagram (800) of Figure 8 illustrates a method of monitoring third party access to a restricted item according to the invention, using progressive levels of key data as described with reference to Figure 7.
  • a plurality of sets of key data are embedded in the restricted item, using any of the methods or techniques described above.
  • three sets of key data (702, 712, 722) are embedded in a restricted item (1 12) such as a computer program file, thereby creating three progressive levels (701 , 71 1 , 721 ) of key data.
  • a software tool may be made available, for example, by making the tool downloadable from a website, which is to be used for reading key data (702) from the first progressive level (701 ).
  • the tool may typically be made available by an entity responsible for the restricted item (1 12) and controlling or managing the associated cryptocurrency addresses (703, 713, 723).
  • the entity then, at a next stage (806), monitors the shared transaction ledger and/or sources where the restricted item may be found to determine whether the first level key data (702) was removed and used to conduct a transaction.
  • the entity may, at a next stage (807), wish to take action to adapt the restricted item or access thereto. For example, once a software provider has determined that it has become possible to remove the key data from at least one progressive level from the restricted item before distributing it, it may wish to update or "patch" software to such an extent that an original restricted item which has come "in the clear" is no longer usable
  • a software tool is made available to be used for reading the key data (712) from the second progressive level (71 1 ).
  • the entity then, at a further stage (810), again monitors the shared transaction ledger and/or sources where the restricted item may be found to determine whether the second level key data (712) was removed and used to conduct a transaction.
  • the entity may, at a following stage (81 1 ) take desired action. Similar steps may be followed to monitor third party access to the restricted item (1 12) in respect of the third progressive level (721 ).
  • any suitable method may be used to determine whether key data has been removed from a restricted item in such cases.
  • an entity may search for the restricted item by searching for a particular set of key data, for example, in a search engine, to check whether there are items containing only some of the sets of key data, but being devoid of at least one set. Embedding multiple sets of key data may enhance the ability of a restricted item provider or authorized entity to monitor third party access to the restricted item.
  • embedding multiple sets of key data in the restricted item may also serve as a deterrent, as it may be the case that even though an entity has removed a first set of key data from the restricted item to obviate the risk of other parties using the key data to transact, the entity may still be aware of the risk that one or more further sets of key data may still be embedded in the restricted item.
  • Such a computer program product may typically comprise a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable
  • P2735PC00 Monitoring Third Party Access program code executable by a processing circuit to perform any one or more of the steps described with reference to Figures 1 to 8.
  • the steps described may include but are not limited to embedding key data in the restricted item, the key data being associated with a store of value and usable to conduct a transaction against the store of value and wherein a record of the transaction becomes visible in a transaction ledger, monitoring the transaction ledger to determine whether a transaction against the store of value has occurred, and designating the restricted item as accessed by a third party in the event that a transaction against the store of value has occurred.
  • the computer-readable program code may be executable by the processing circuit to further perform one or more of the steps of: storing, in a database, the key data or data derived at least partially therefrom in association with an entity credential of an authorized entity, the authorized entity authorized to possess the restricted item, if the restricted item is designated as accessed by a third party, identifying the authorized entity as the responsible party to be held accountable for the third party access, and in response to determining that a transaction against the store of value has occurred, updating the database to indicate that the key data or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value.
  • the restricted item provider may be an artist desiring to deter unauthorized distribution of a creative work in which media rights of the artist subsists.
  • the artist may then embed an identifier in the media item as described above.
  • the artist may use the services of a third party embedding service provider, as described above, to embed an identifier in the media and/or manage any number of identifiers, addresses and/or keys on behalf of the artist.
  • the identifier is a private key or derivatives thereof in embodiments of the invention described herein, the identifier may be any identifying code, image, string, reference, audio, video, or the like, which is usable to identify a source of funds which can be transacted against using information embedded in the restricted item or derivatives thereof.
  • the key data may therefore simply be usable as a handle to one or both of the private key or a source of funds or value.
  • a system and method for monitoring third party access to a restricted item is thus provided.
  • digital currency is essentially embedded in a restricted item by making a private key of a cryptocurrency address readable or derivable from the media item.
  • the system and method of the present invention may allow a relevant party to immediately or relatively quickly become aware that a restricted item has been distributed, copied, sold or the like. This may enable owners or controllers of restricted items to react quickly to such activities, for example, by releasing updated software or "patches", by making changes to software or media to make the restricted items subsequently unusable, or the like.
  • immediate penalty or punishment may be imposed on those distributing the restricted items without authorization.
  • the direct monetary value attached to a particular set of key data may incentivize or motivate a third party to conduct a transaction using compromised key data.
  • the third party may typically wish to harvest the value associated with the key data.
  • the embedded key data may further be used to uniquely identify an infringing restricted item or both the item and an infringing entity in places where compromised items are typically found, such as on file-sharing websites or in physical, copied media items.
  • the system and method may further be advantageous in that it can be implemented at a relatively low cost, by substantially using, for example, existing cryptocurrency platforms.
  • the system and method may aid in deterring individuals and entities from unlawfully or without authorization distributing analogue or digital media.
  • digital currency particularly the private key of a cryptocurrency
  • the system and method described may similarly aid in deterring or punishing individuals in cases where the restricted item is, for example, a biological or genetic item to which certain parties have exclusive or partially exclusive rights.
  • the present invention may lead to an improved experience for legitimate consumers of media items. For example, by allowing a user to fairly use a media item while ensuring that the media item is not distributed to third parties who may read and transact on embedded private keys, implementation of the system and method provided may obviate the need to place restrictions on, among other things, moving media from one device to another device or editing formats of certain media items.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Development Economics (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Game Theory and Decision Science (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Software Systems (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Probability & Statistics with Applications (AREA)
  • Storage Device Security (AREA)
  • Editing Of Facsimile Originals (AREA)

Abstract

A system and method for monitoring third party access to a restricted item is provided. Key data is embedded in the restricted item, the key data being associated with a store of value and usable to conduct a transaction against the store of value. A record of such a transaction becomes visible in a transaction ledger. The transaction ledger is monitored to determine whether a transaction against the store of value has occurred, and the restricted item is designated as accessed by a third party in the event that a transaction against the store of value has occurred.

Description

SYSTEM AND METHOD FOR MONITORING THIRD PARTY ACCESS TO
A RESTRICTED ITEM
CROSS-REFERENCES TO RELATED APPLICATIONS This application claims priority to South African provisional application number 2013/08093 entitled "System and Method for Managing Media Rights", filed on 25 October 2013, and to South African provisional application number 2014/00928 entitled "System and Method for Monitoring Third Party Access to a Restricted Item", filed on 7 February 2014. These applications are incorporated by reference herein for all purposes.
FIELD OF THE INVENTION This invention relates to a system and method for monitoring third party access to a restricted item.
BACKGROUND TO THE INVENTION
Numerous technologies and management strategies are employed by owners, distributors and providers of restricted items to control the distribution, access to and use of such restricted items, particularly in cases where property rights, copyright or other rights subsist in such items. Many of these technologies and strategies are directed at controlling the distribution, access to and use of restricted media items.
Licensing agreements are a well-known method of managing rights to media
P2735PC00 (Monitoring Third Party Access) items. Such agreements typically require a consumer to enter into an agreement restricting the consumer from redistributing media or content.
Various technologies have been devised to aid owners, distributors and providers of media in preventing unauthorized redistribution of content or deterring consumers from attempting such redistribution. For example, in the case of computer software, copy protection may be provided which allows a consumer to install the software on a limited number of computers using a unique code which grants access to the software.
In addition to preventing or deterring content reproduction and redistribution, some technologies aim to prevent, among other things, the accessing, printing or altering of media. A notable example is the use of web-based permission schemes to prevent unauthorized access to media.
A notable problem associated with these and other existing media rights management technologies and strategies is that it may be difficult to determine at or near which point in time the restricted item was first distributed, accessed or used illegitimately or without appropriate authorization. In some cases, at the time when the illegitimate activities first become known to a responsible party, the restricted item may have already been made available to numerous individuals or entities.
Additionally, there may be no immediate penalty or punishment imposed on a consumer who does, for example, unlawfully redistribute media. In many cases, the redistributed media becomes available to others to such an extent that tracing an infringing entity may become difficult or impracticable. In cases where the infringing entity can be traced, finding and taking action against the entity may be a drawn out process requiring considerable legal and administrative costs to be incurred.
Therefore, known techniques and strategies may not sufficiently deter
P2735PC00 (Monitoring Third Party Access) attempts to redistribute or provide access to restricted items unlawfully or without appropriate authorization. Furthermore, existing media rights management systems may adversely impact legitimate consumers. For example, fair usage of media may be restricted by preventing an entity authorized to possess media from moving the media from one personal device to another personal device, or by preventing the entity from editing certain media items.
Embodiments of the present invention aim to address these and other problems, at least to some extent.
SUMMARY OF THE INVENTION In accordance with the invention there is provided a method of monitoring third party access to a restricted item, the restricted item having key data embedded therein, the key data being associated with a store of value and usable to conduct a transaction against the store of value, wherein a record of the transaction becomes visible in a transaction ledger, the method including the steps of:
monitoring the transaction ledger to determine whether a transaction against the store of value has occurred; and
designating the restricted item as accessed by a third party in the event that a transaction against the store of value has occurred.
Further features of the invention provide for the method to include the steps of: storing, in a database, the key data or data derived at least partially therefrom in association with an entity credential of an authorized entity, the authorized entity authorized to possess the restricted item; if the restricted item is designated as accessed by a third party, identifying the authorized entity as a responsible party to be held accountable for the third party access; and, in response to determining that a transaction against the store
P2735PC00 (Monitoring Third Party Access) of value has occurred, updating the database to indicate that the key data or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value. Yet further features of the invention provide for the store of value to have a balance of digital currency; for the transaction ledger to be a shared public ledger containing records of transactions conducted using the digital currency; for the digital currency to be a cryptocurrency; for the store of value to be a cryptocurrency address; and for the cryptocurrency address to be represented by or derived at least partially from a cryptocurrency public key corresponding to a cryptocurrency private key.
Still further features of the invention provide for the key data to include the cryptocurrency private key or an address identifier derived at least partially from the cryptocurrency private key; for conducting a transaction against the store of value to include using at least the cryptocurrency private key to perform a cryptocurrency transaction; and for performing the cryptocurrency transaction to include transferring at least some of a balance of cryptocurrency held at the cryptocurrency address to a second, receiving cryptocurrency address represented by or derived at least partially from a second, receiving cryptocurrency public key.
A further feature of the invention provides for one or more of the cryptocurrency private key, the address identifier and the cryptocurrency public key to be associated with an authorized entity authorized to possess the restricted item and to be stored, in a database, in association with an entity credential of the authorized entity, wherein if the restricted item is designated as accessed by a third party, the authorized entity is identified as the responsible party to be held accountable for the third party access.
Further features of the invention provide for the key data to be readable from the restricted item by any third party that accesses the restricted item either
P2735PC00 (Monitoring Third Party Access) directly or using a software tool; and for the step of embedding key data in the restricted item to include embedding a plurality of sets of key data in the restricted item. Yet further features of the invention provide for the plurality of sets of key data to provide progressive levels of key data, wherein different software tools are required to access each of the progressive levels or to read the key data from each of the progressive levels; and for a software tool required to access a particular level of key data or to read the key data from the particular level to be made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the restricted item.
Still further features of the invention provide for the cryptocurrency address to be controlled or managed by a party capable of monitoring the shared public ledger to determine whether a transaction against the store of value has occurred; and for the party controlling or managing the cryptocurrency address to be selected from the group consisting of: an individual having ownership or control of the restricted item, a group having ownership or control of the restricted item, an authorized entity authorized to possess the restricted item, a restricted item provider from which one or more authorized entity has requested the restricted item, and a third party associated with the restricted item provider. Further features of the invention provide for the restricted item to be a media item; and for the media item to be a digital or analogue media item selected from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.
P2735PC00 (Monitoring Third Party Access) Yet further features of the invention provides for the step of embedding key data in the restricted item to include one or more of the steps of: embedding the key data in the restricted item using digital watermarking, embedding the key data in the restricted item using analogue watermarking, embedding the key data in the restricted item as a one-dimensional or two-dimensional barcode, embedding the key data in the restricted item as a graphical code, embedding the key data in the restricted item using steganography, embedding the key data in the restricted item using natural language watermarking or natural language morphology, embedding the key data in the restricted item using hidden text or invisible text or binary data embedding, and embedding the key data in the restricted item using visible text or visible binary data embedding.
The invention extends to a system for monitoring third party access to a restricted item comprising:
a restricted item receiving module configured to receive the restricted item;
an embedding module, the embedding module being in communication with the restricted item receiving module and configured to embed key data in the restricted item, the key data being associated with a store of value and usable to conduct a transaction against the store of value, wherein a record of the transaction becomes visible in a transaction ledger;
a monitoring module configured to monitor the transaction ledger to determine whether a transaction against the store of value has occurred; and
a designation module in communication with the monitoring module and configured to designate the restricted item as accessed by a third party in the event that a transaction against the store of value has occurred.
Further features of the invention provide for the system to include a database configured to store the key data or data derived at least partially therefrom in
P2735PC00 (Monitoring Third Party Access) association with an entity credential of an authorized entity, the authorized entity authorized to possess the restricted item; and for the system to be configured to perform the steps of: if the restricted item is designated as accessed by a third party, identifying the authorized entity as the responsible party to be held accountable for the third party access, and in response to determining that a transaction against the store of value has occurred, updating the database to indicate that the key data or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value.
Yet further features of the invention provide for the store of value to have a balance of digital currency; for the transaction ledger to be a shared public ledger containing records of transactions conducted using the digital currency; for the digital currency to be a cryptocurrency; for the store of value to be a cryptocurrency address; and for the cryptocurrency address to be represented by or derived at least partially from a cryptocurrency public key corresponding to a cryptocurrency private key.
Still further features of the invention provide for the key data to include the cryptocurrency private key or an address identifier derived at least partially from the cryptocurrency private key; for conducting a transaction against the store of value to include using at least the cryptocurrency private key to perform a cryptocurrency transaction; and for performing the cryptocurrency transaction to include transferring at least some of a balance of cryptocurrency held at the cryptocurrency address to a second, receiving cryptocurrency address represented by or derived at least partially from a second, receiving cryptocurrency public key.
A further feature of the invention provides for one or more of the cryptocurrency private key, the address identifier and the cryptocurrency public key to be associated with an authorized entity authorized to possess the restricted item and to be stored, in a database, in association with an
P2735PC00 (Monitoring Third Party Access) entity credential of the authorized entity, wherein if the restricted item is designated as accessed by a third party, the authorized entity is identified as the responsible party to be held accountable for the third party access. Further features of the invention provide for the key data to be readable from the restricted item by any third party that accesses the restricted item either directly or using a software tool; and for the step of embedding key data in the restricted item to include embedding a plurality of sets of key data in the restricted item.
Yet further features of the invention provide for the plurality of sets of key data to provide progressive levels of key data, wherein different software tools are required to access each of the progressive levels or to read the key data from each of the progressive levels; and for a software tool required to access a particular level of key data or to read the key data from the particular level to be made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the restricted item. Still further features of the invention provide for the cryptocurrency address to be controlled or managed by a party capable of monitoring the shared public ledger to determine whether a transaction against the store of value has occurred; and for the party controlling or managing the cryptocurrency address to be selected from the group consisting of: an individual having ownership or control of the restricted item, a group having ownership or control of the restricted item, an authorized entity authorized to possess the restricted item, a restricted item provider from which one or more authorized entity has requested the restricted item, and a third party associated with the restricted item provider.
Further features of the invention provide for the restricted item to be a media item; and for the media item to be a digital or analogue media item selected
P2735PC00 (Monitoring Third Party Access) from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.
Yet further features of the invention provides for the step of embedding key data in the restricted item to include one or more of the steps of: embedding the key data in the restricted item using digital watermarking, embedding the key data in the restricted item using analogue watermarking, embedding the key data in the restricted item as a one-dimensional or two-dimensional barcode, embedding the key data in the restricted item as a graphical code, embedding the key data in the restricted item using steganography, embedding the key data in the restricted item using natural language watermarking or natural language morphology, embedding the key data in the restricted item using hidden text or invisible text or binary data embedding, and embedding the key data in the restricted item using visible text or visible binary data embedding. The invention further extends to a computer program product for monitoring third party access to a restricted item, the restricted item having key data embedded therein, the key data being associated with a store of value and usable to conduct a transaction against the store of value, wherein a record of the transaction becomes visible in a transaction ledger, the computer program product comprising a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable program code executable by a processing circuit to perform the steps of:
monitoring the transaction ledger to determine whether a transaction against the store of value has occurred; and
designating the restricted item as accessed by a third party in the event that a transaction against the store of value has occurred.
P2735PC00 (Monitoring Third Party Access) Further features of the invention provide for the computer-readable program code to be executable by the processing circuit to perform the further steps of: storing, in a database, the key data or data derived at least partially therefrom in association with an entity credential of an authorized entity, the authorized entity authorized to possess the restricted item; if the restricted item is designated as accessed by a third party, identifying the authorized entity as the responsible party to be held accountable for the third party access; and in response to determining that a transaction against the store of value has occurred, updating the database to indicate that the key data or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value.
Yet further features of the invention provide for the store of value to have a balance of digital currency; for the transaction ledger to be a shared public ledger containing records of transactions conducted using the digital currency; for the digital currency to be a cryptocurrency; for the store of value to be a cryptocurrency address; and for the cryptocurrency address to be represented by or derived at least partially from a cryptocurrency public key corresponding to a cryptocurrency private key.
Still further features of the invention provide for the key data to include the cryptocurrency private key or an address identifier derived at least partially from the cryptocurrency private key; for conducting a transaction against the store of value to include using at least the cryptocurrency private key to perform a cryptocurrency transaction; and for performing the cryptocurrency transaction to include transferring at least some of a balance of cryptocurrency held at the cryptocurrency address to a second, receiving cryptocurrency address represented by or derived at least partially from a second, receiving cryptocurrency public key.
A further feature of the invention provides for one or more of the cryptocurrency private key, the address identifier and the cryptocurrency
P2735PC00 (Monitoring Third Party Access) public key to be associated with an authorized entity authorized to possess the restricted item and to be stored, in a database, in association with an entity credential of the authorized entity, wherein if the restricted item is designated as accessed by a third party, the authorized entity is identified as the responsible party to be held accountable for the third party access.
Further features of the invention provide for the key data to be readable from the restricted item by any third party that accesses the restricted item either directly or using a software tool; and for the step of embedding key data in the restricted item to include embedding a plurality of sets of key data in the restricted item.
Yet further features of the invention provide for the plurality of sets of key data to provide progressive levels of key data, wherein different software tools are required to access each of the progressive levels or to read the key data from each of the progressive levels; and for a software tool required to access a particular level of key data or to read the key data from the particular level to be made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the restricted item.
Still further features of the invention provide for the cryptocurrency address to be controlled or managed by a party capable of monitoring the shared public ledger to determine whether a transaction against the store of value has occurred; and for the party controlling or managing the cryptocurrency address to be selected from the group consisting of: an individual having ownership or control of the restricted item, a group having ownership or control of the restricted item, an authorized entity authorized to possess the restricted item, a restricted item provider from which one or more authorized entity has requested the restricted item, and a third party associated with the restricted item provider.
P2735PC00 (Monitoring Third Party Access) Further features of the invention provide for the restricted item to be a media item; and for the media item to be a digital or analogue media item selected from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.
Yet further features of the invention provides for the step of embedding key data in the restricted item to include one or more of the steps of: embedding the key data in the restricted item using digital watermarking, embedding the key data in the restricted item using analogue watermarking, embedding the key data in the restricted item as a one-dimensional or two-dimensional barcode, embedding the key data in the restricted item as a graphical code, embedding the key data in the restricted item using steganography, embedding the key data in the restricted item using natural language watermarking or natural language morphology, embedding the key data in the restricted item using hidden text or invisible text or binary data embedding, and embedding the key data in the restricted item using visible text or visible binary data embedding.
In order for the invention to be more fully understood, implementations thereof will now be described with reference to the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
In the drawings:- Figure 1 is a schematic illustration a first embodiment of a system for monitoring third party access to a restricted item according to the invention;
P2735PC00 (Monitoring Third Party Access) Figure 2 is a block diagram illustrating a method of monitoring third party access to a restricted item according to the invention, using the system of Figure 1 ;
Figure 3 is a swim-lane flow diagram illustrating a sequence of steps whereby an authorized entity to which a restricted item was made available may be identified according to the invention;
Figure 4 is a schematic illustration of a second embodiment of a system for monitoring third party access to a restricted item according to the invention;
Figure 5 is a block diagram illustrating a method of monitoring third party access to a restricted item according to the invention, using the system of Figure 4;
Figure 6 is a schematic illustration of a third embodiment of a system for monitoring third party access to a restricted item according to the invention;
Figure 7 is a schematic illustration of a restricted item provided with progressive levels of key data according to embodiments of the invention; and
Figure 8 is a block diagram illustrating a method of monitoring third party access to a restricted item according to the invention, wherein the restricted item is provided with progressive levels of key data.
DETAILED DESCRIPTION WITH REFERENCE TO THE DRAWINGS
P2735PC00 (Monitoring Third Party Access) A first embodiment of a system (100) for monitoring third party access to a restricted item according to the invention is illustrated in Figure 1 . The system (100) includes a restricted item provider (1 10), an authorized entity (120), and a financial system (130) providing at least one store of value (132).
The restricted item provider (1 10) possesses, controls or otherwise has access to a restricted item (1 12) which is to be made available to the authorized entity (120). In the embodiment of Figure 1 , and primarily for illustrative purposes, the restricted item (1 12) is a media item in the form of an e-book and the restricted item provider (1 10) is an online media content provider. Exemplary online media content providers include Amazon.com, Netflix, Hulu and the iTunes Store. The authorized entity (120) has an electronic computing device (122), in this embodiment a desktop computer, by which it is able to communicate with the restricted item provider (1 10). Communications between the restricted item provider (1 10) and the electronic computing device (122) of the authorized entity (120) may be effected by way of any suitable wired or wireless communications channel. In this embodiment, the communications channel is the Internet.
The restricted item provider (1 10) has associated therewith a restricted item receiving module (1 14) configured to receive the restricted item (1 12) and an embedding module (1 16) in communication with the restricted item receiving module (1 14) configured to embed key data (134) in the restricted item (1 12). The key data (134) is associated with the store of value (132) and usable to conduct a transaction against the store of value (132), a record of such a transaction becoming visible in a transaction ledger (140).
The restricted item provider (1 10) further has associated therewith a monitoring module (1 15) configured to monitor the transaction ledger to
P2735PC00 (Monitoring Third Party Access) determine whether a transaction against the store of value has occurred, and a designation module (1 17) in communication with the monitoring module (1 15) and configured to designate the restricted item (1 12) as accessed by a third party in the event that a transaction against the store of value has occurred.
A database (1 18) is operative in association with the restricted item provider (1 10). The database (1 18) is configured to store the key data (134) embedded in the restricted item (1 12) or data at least partially derived therefrom in association with an entity credential of the authorized entity (120) which is authorized to possess the restricted item (1 12).
The block diagram (200) of Figure 2 illustrates a method of monitoring third party access to a restricted item according to the invention, using the system of Figure 1 .
At a first stage (202), the authorized entity (120) requests to obtain the restricted item (1 12) from the restricted item provider (1 10). For example, the entity (120) accesses a website of the restricted item provider (1 10) using the electronic computing device (122) and selects an e-book to purchase. The authorized entity (120) intends to permanently gain possession of the e-book in this embodiment.
The restricted item provider (1 10) desires to deter or prevent the authorized entity (120) from redistributing the restricted item (1 12) or reproductions thereof after it has been made available to the authorized entity (120). In the embodiment of Figure 1 , the key data (134) which is to be embedded in the restricted item (1 12) is an identifier uniquely associated with the store of value (132). The store of value (132) has a balance of digital currency. The financial system (130) of Figure 1 is a system for digital currency in the form of a cryptocurrency. In this embodiment, the store of value (132) is a cryptocurrency address.
P2735PC00 (Monitoring Third Party Access) Cryptocurrencies allow digital currency to be transferred between cryptocurrency addresses without an intermediate financial institution or central authority. Exemplary cryptocurrency systems include peer-to-peer, decentralised cryptocurrencies such as Bitcoin, Litecoin and PPCoin.
In this embodiment, the cryptocurrency address (132) is represented by or derived from a cryptocurrency public key corresponding to a cryptocurrency private key. The public key is used and/or derived to obtain the cryptocurrency address (132), the address (132) having a specific balance of cryptocurrency held therein.
At a next stage (204), the restricted item provider (1 10) utilizes the cryptocurrency system described above and generates a cryptographic key pair, in other words, a private key and a public key associated with a cryptocurrency address (132). In this embodiment, the restricted item provider (1 10) generates the key pair and transfers funds to the cryptocurrency address (132). The private key represents a direct monetary value which can be traded in the cryptocurrency system. In the case where the cryptocurrency is, for example, Bitcoin or another cryptocurrency system using a similar key and address scheme, the cryptocurrency address (132) has a particular balance associated therewith, indicated, for example, as 3.5 BTC or 0.0001 BTC in the case of Bitcoin.
At a next stage (206), the restricted item provider (1 10) embeds the key data in the restricted item (1 12) using the embedding module (1 16). In the embodiment of Figure 1 , the key data (134) is the private key associated with the cryptocurrency address (132).
The restricted item receiving module (1 14) typically receives the media item
P2735PC00 (Monitoring Third Party Access) (1 12) before the private key (134) is embedded therein, from where it is transferred to the embedding module (1 16). In this embodiment, the private key (134) is embedded in the media item (1 12), which is an e-book in Figure 1 , as a one-dimensional barcode (1 13).
At a next stage (208), the restricted item provider (1 10) stores the private key (134) in association with an entity credential in the database (1 18), as described above. In this embodiment, the entity credential includes a name, address and contact details of the authorized entity (120). The database (1 18) therefore acts as a registry of keys, enabling the restricted item provider (1 10) to keep track of which private keys are associated with which authorized entity (120).
The restricted item (1 12) is then, at a next stage (210), made available to the authorized entity (120). In this embodiment, the authorized entity (120) may typically be able to download the e-book and store it locally or in any physical or cloud-based storage location as desired.
Records of all transactions conducted in the financial system (130) are held in the transaction ledger (140). In the embodiment of Figure 1 , the transaction ledger (140) is a publicly visible shared transaction ledger. Typically, the shared transaction ledger (140) includes all these transactions as a chain of transaction records or receipts, commonly referred to as a "block chain" in at least one known cryptocurrrency system. These transaction records are signed using both a private key and a public key, the private key being that of a party transferring value and the public key being associated with a receiving address. The shared transaction ledger (140) is typically publically accessible via a website or other Internet-based platform. Transaction records are verified by third parties carrying out what is known as "mining blocks". Exemplary cryptocurrencies which make use of proof-of- work verification schemes, such as Secure Hash Algorithm 256 (SHA-256) or
P2735PC00 (Monitoring Third Party Access) scrypt, are Bitcoin and Litecoin. An exemplary cryptocurrency system employing a combined proof-of-work / proof-of-stake verification scheme is PPCoin. The principles and functioning of such cryptocurrencies having shared transaction ledgers containing transaction records will be well understood by those skilled in the art. Importantly, such a system allows a party having access to a private key or data at least partially derived therefrom to transact against a corresponding cryptocurrency address, in other words, either use the funds linked to the address or transfer the funds to a receiving address. These systems also allow any party to inspect or analyse the shared transaction ledger to determine whether a particular address was transacted against. In the embodiment of Figure 1 , the monitoring module (1 15) is used to inspect or analyse the shared transaction ledger (140), for example by using a web-based platform providing at least some of the transaction records, as illustrated in Figure 1 , whereby transaction records in the shared transaction ledger (140) can be accessed.
The authorized entity is therefore provided with a restricted item which has a reliable handle to a store of value embedded therein. Should the private key (134) not be read from the media item and used to transact against the cryptocurrency address, the funds stored therein remain untouched and the authorized entity either retains a deposit or token amount or is not held accountable and/or liable for unauthorized distribution.
However, if the restricted item (1 12) is distributed, leading to the private key (134) being read from the restricted item (1 12) and used to transact in the cryptocurrency system, some or all of the funds may become lost to one or both of the authorized entity (120) and the restricted item provider (1 10). Furthermore, the transaction is visible in the shared transaction ledger (140), making the possibly fraudulent activity immediately or relatively quickly traceable.
P2735PC00 (Monitoring Third Party Access) The flow diagram (300) of Figure 3 illustrates a sequence of steps whereby an authorized entity to which a restricted item was made available may be identified according to the invention.
At a first stage (302), the authorized entity (120) distributes the restricted item (1 12) or allows the restricted item (1 12) to be distributed or accessed, either purposefully or negligently. At a next stage (304), a third party (301 ) obtains the restricted item (1 12) and reads the private key (134) from the media item (1 12). In the example of an e-book embedded with key data by way of a barcode described with reference to Figure 1 , the third party (301 ) may use a barcode-reading technique to obtain the private key (134) which is embedded in the e-book. The private key may be readable from the restricted item by any third party that accesses the restricted item either directly or using a software tool. The software tool may, for example, be a publicly available software tool. This may incentivize third parties to obtain key data from unlawfully distributed restricted items and transact using the value associated with the cryptocurrency address.
The third party (301 ) then, at a next stage (306), utilizes the cryptocurrency system to move funds from the cryptocurrency address (132) corresponding to the private key (134) to a desired address, or spends all or some of the funds in any other way.
Use of the private key (134), which serves as or may be derived from the key data uniquely associating the authorized entity (120) with the restricted item (1 12), may typically include use of the private key (134) and a receiving public key to conduct a cryptocurrency transaction against the cryptocurrency address (132) in favour of a receiving cryptocurrency address. Such a transaction may involve transferring at least some of a balance of
P2735PC00 (Monitoring Third Party Access) cryptocurrency held at the cryptocurrency address (132) to a second, receiving cryptocurrency address represented by or derived at least partially from a second, receiving cryptocurrency public key. After the third party (301 ) has conducted the above transaction, at a next stage (308), a record of the transaction becomes visible in the shared transaction ledger (140) or "block chain". The restricted item provider (1 10) or any other party fulfilling this function analyses the shared transaction ledger (140) at a next stage (310) to determine whether the private key (134) was used to conduct a transaction. In this case, due to the transaction conducted by the third party (301 ), the shared transaction ledger (140) indicates, at a next stage (312), that the cryptocurrency address (132) was transacted against and therefore that the private key (134) was compromised. The restricted item provider (1 10), at a final stage (314), in response to determining that a transaction was conducted against the store of value using the identifier which was embedded in the restricted item (1 12), updates the database (1 18) to indicate that the identifier was used to transact against the value store, in other words, that the private key (134) was compromised. This prompts the restricted item provider (1 10) or other party managing the monitoring of the shared transaction ledger (140) to designate the restricted item (1 12) as accessed by a third party.
The transaction record in the shared transaction ledger (140) may be used by the restricted item provider (1 10), or, of course, by any entity or agent monitoring the shared transaction ledger (140) on behalf of the restricted item provider (1 10), to extract, obtain or derive the private key (134), public key or simply the cryptocurrency address. The obtained information is matched with the key data stored in the database (1 18) in association with the entity credential. In this way, the authorized entity (120) may be unambiguously identified and the restricted item provider (1 10) is able to determine that the private key (134) was in some way compromised.
P2735PC00 (Monitoring Third Party Access) Various situations or courses of action may ensue after the private key (134) is compromised as described above, depending on the functioning of the cryptocurrency address (132) and ownership of the funds therein. In a first example, if the value held at the address (132) was a deposit put down by the authorized entity (120), the entity (120) suffers financial loss. In a second example, if the value held at the address (132) was funds provided by the restricted item provider (1 12), the entity (120) may be held liable for the financial loss of the restricted item provider (1 10).
Importantly, the authorized entity (120) may be held accountable or liable for unlicensed or unauthorized distribution of the media item (1 12), since the shared public ledger (140) contains proof that the private key (134) was compromised.
The monetary or digital currency value associated with the cryptocurrency address may function in a variety of ways. In the embodiment of Figure 1 , these funds represent a token amount not intended to be spent, unless the private key is compromised and spent by a third party (typically used in the case of a permanent transfer of a physical, biological or media item).
Alternatively, the funds may represent a deposit paid by the authorized entity that may be forfeited if the authorized entity distributes the restricted item to a third party. The funds may also be funds entrusted to the authorized entity by the restricted item provider, and for which the authorized entity is held accountable and/or liable if the private key is compromised and the funds spent or transferred. It should be appreciated that any combination of the above functions or further suitable functions may be employed. The above description of the first embodiment of a system for monitoring third party access to a restricted item and methods for putting the system to use according to the invention is done by way of example only and it should
P2735PC00 (Monitoring Third Party Access) be appreciated that numerous changes and modifications may be made to the embodiments described without departing from the scope of the invention. It should be noted that, throughout the entirety of this specification, wherever the terms "private key", "key data", "public key", "cryptocurrency address", or the like is used, the term may, of course, refer to any derivation thereof that can be used to reliably obtain the identifier or data signified by the term used. Such a derivation of the private key, for example a cryptographic hash thereof, may therefore be embedded in the restricted item. Importantly, the key data embedded in the restricted item includes the cryptocurrency private key or an address identifier derived at least partially from the cryptocurrency private key. For example, the address identifier may be a link, a tool or any other identifier usable to obtain or access the private key.
Throughout the entirety of this specification, the term "database" should be interpreted so as to have its broadest meaning, and includes any data storage means whereby a credential of an entity can be reliably stored in association with key data or derivatives thereof.
The restricted item provider may, for example, be any media item or content provider or any digital or analogue media distributor. For example, the restricted item provider may be a satellite television service provider, a broadcasting corporation, a physical music or video distributor, an author, a photographer, a composer, an artist, a software provider or a publisher.
The restricted item provider may, in one scenario, be the author, creator or producer of the restricted item, for example, in the case that the restricted item provider is an artist. The restricted item provider may, in a different scenario, be a distributor, retailer, or commercial restricted item provider, for example, in the case that the restricted item provider is a software provider.
P2735PC00 (Monitoring Third Party Access) The restricted item provider may be any other suitable entity in cases where the restricted item is not a media item. For example, the restricted item provider may be a plant breeder, developer or researcher in cases where the restricted item is a biological or genetic item.
The restricted item is not restricted to a media item and may be any item capable of being embedded with any form of data for the purpose of monitoring third party access to the restricted item. The restricted item may be a physical item such as a book, a compact disc, a physical document, or a work of art, an electronic item such as digital media, a biological item such as a genetic sequence or biological matter, or any other item capable of being embedded with data.
Particularly, the restricted item may be a digital media item or analogue media item. In cases where the media item is in a digital form, it may be, among many others, one or more video files, one or more audio files, one or more electronic document files, one or more electronic books, one or more textual media files, one or more computer program files, computer gaming files or data, streaming media, and one or more image files. In cases where the media item is in analogue form, it may, for example, be one or more video recordings or one or more audio recordings. The media item may be textual media such as hypertexts, multimedia, digital art, e-mail, and the like.
The electronic computing device is not limited to a desktop or personal computer and may be any other communications device with substantially similar communications abilities, such as a mobile phone, a tablet computer or a laptop computer.
Communications between the restricted item provider and the electronic computing device of the authorized entity may, in alternative embodiments, be effected by way of a voice call or a mobile software platform used to request the restricted item from the restricted item provider.
P2735PC00 (Monitoring Third Party Access) In further embodiments, the authorized entity may communicate with the restricted item provider without using electronic communications means. For example, the authorized entity may physically request and/or receive the restricted item from the restricted item provider, such as by way of a postal or courier service, or through over-the-counter sale or delivery.
The authorized entity may be any suitable entity, living or non-living, which is to receive the restricted item from the restricted item provider. For example, the authorized entity may be a consumer, institution, group, organization, electronic platform, or database receiving the restricted item from the restricted item provider. It should be appreciated that the same restricted item or copies or derivatives thereof may be provided to a plurality of authorized entities in further embodiments of the invention. Furthermore, the authorized entity may be an original owner, author or creator of the restricted item or may otherwise have rights in respect of the restricted item.
The entity credential may be any suitable information serving to identify the authorized entity, for example, one or more of a name, an address, an e-mail address, a financial account number, a media service membership identifier, an identity number, contact details such as an a telephonic contact number, a physical address, employer information, details of a financial account and media service subscription information. The key data may be any data or information capable of being used directly or indirectly to conduct a transaction against the store of value, either in the form in which it is embedded in the restricted item or a form derived therefrom. The key data may be stored in the database such that, when the key data embedded in the restricted item or data derived therefrom is subsequently obtained by the restricted item provider from a source other than the
P2735PC00 (Monitoring Third Party Access) database, it is able to match the key data with the entity credential in the database in order to unambiguously identify the authorized entity. Typically, the key data is subsequently obtained from a record of a transaction against the store of value from which the key data can be extracted or derived.
The key data may be embedded in the restricted item using any suitable information embedding technique, depending of course on the restricted item type. In embodiments of the invention, the key data is embedded using one or more of the following techniques: embedding the key data in the restricted item using digital watermarking, embedding the key data in the restricted item using analogue watermarking, embedding the key data in the restricted item as a one-dimensional or two-dimensional barcode, embedding the key data in the restricted item as a graphical code, embedding the key data in the restricted item using steganography, embedding the key data in the restricted item using natural language watermarking or natural language morphology, embedding the key data in the restricted item using hidden text or invisible text or binary data embedding, and embedding the key data in the restricted item using visible text or visible binary data embedding. In some embodiments, the restricted item is a biological or genetic item and the key data is embedded, for example, in a genetic sequence.
A further example of an embedding technique is natural language watermarking or natural language morphology, whereby, for example, sentence construction of a document may be watermarked. In one example, the structure of one or more sentence constituents in a natural language text may be used to insert a watermark into a document.
Preferably, the key data is embedded using a robust technique, which makes it relatively easy to read or derive the private key, while completely removing, obscuring or obliterating the key data from the restricted item is made comparatively difficult. In some embodiments, removing the key data from the restricted item destroys the item, makes the value associated with the
P2735PC00 (Monitoring Third Party Access) cryptocurrency address unusable, materially alters the item's content or makes it subsequently unusable.
The scope of the invention thus extends to any suitable information embedding technique. For example, the private key may simply be included in plaintext form in an electronic document or video, included in audio format in an audio or video file, or printed in a physical document.
It should also be appreciated that more than one set of key data, in other words, more than one private key or derivation thereof, may be embedded in a single restricted item. Furthermore, the same set of key data may be embedded in multiple restricted items. An example of such a case is a scenario wherein the authorized entity has an account at an online media library, such as iTunes. Any media item purchased or obtained using the account may then be embedded with the same key data or sets of key data, such that distribution of any or all of these media items may be unambiguously traced back to the authorized entity and/or the account.
In cases where more than one different private key is embedded in the restricted item, each private key corresponds to a separate cryptocurrency address having a balance of cryptocurrency. Alternatively, a single private key embedded in the restricted item may be associated with a plurality of cryptocurrency addresses in the database, the authorized entity typically being held liable for funds held in one or more of the plurality of addresses.
It is foreseen that the restricted item provider may have management software used for any one or more of the following functions: to receive the restricted item using the restricted item receiving module, to generate the necessary cryptographic key pairs, to store keys in association with entity credentials, to embed private keys in restricted items using the embedding module, to distribute or otherwise allow entities to obtain requested items, to monitor the shared transaction ledger using the monitoring module, and to
P2735PC00 (Monitoring Third Party Access) use the designation module to designate a restricted item as accessed by a third party in the event that a transaction against a particular cryptocurrency address becomes visible in the shared transaction ledger. Designating a restricted item as accessed by a third party may refer to any action taken an entity to confirm or establish that the key data embedded in the restricted item was compromised and used to transact against the relevant cryptocurrency address.
The cryptocurrency address may be controlled and/or managed by any party capable of monitoring the transaction ledger to determine whether a transaction against the store of value has occurred. The party may typically be an individual having ownership or control of the restricted item, a group having ownership or control of the restricted item, the authorized entity itself, the restricted item provider as described above, or a third party associated with the restricted item provider.
It should specifically be noted that the cryptocurrency address may be controlled and/or managed by a third party embedding service provider. In such cases, one or more of the restricted item receiving module, the embedding module, the monitoring module, the designation module and the database may be associated with the embedding service provider such that the embedding service provider is capable of embedding the key data in the restricted item on behalf of the restricted item provider and performing one or more of the further functions associated with the modules mentioned and the database.
The restricted item may be embedded with the key data by the embedding service provider on behalf of the authorized entity. In such cases, embedding the restricted item with the identifier and/or the managing of cryptocurrency addresses and keys are outsourced to and carried out by an external service provider.
P2735PC00 (Monitoring Third Party Access) It should be appreciated that the entity controlling and/or managing the cryptocurrency address may elect to change the balance of cryptocurrency stored at the cryptocurrency address by conducting transactions against the address to increase or decrease its value. Such action may be taken, for example, in response to the restricted item becoming compromised or to create a reward or incentive for finding the restricted item and/or the key data embedded therein.
It should be appreciated that the restricted item may have various formats and is not limited to the transfer of a file or document. In one example, the authorized entity may select media content to stream or video content to download to a personal device.
In addition to the use of a cryptocurrency system, any suitable conventional payment systems and channels may be employed to purchase, rent or otherwise transact to obtain the restricted item. Alternatively, no conventional payment may be required.
In the embodiment of Figure 1 , the cryptocurrency address is controlled and managed by the restricted item provider. The restricted item provider then generates the key pair and transfers funds to the cryptocurrency address.
Alternatively, the cryptocurrency address may be associated with a key pair of the authorized entity, the authorized entity providing the restricted item provider with the private key to enable the restricted item provider to uniquely identify transactions conducted against the cryptocurrency address. The authorized entity may have generated the key pair, provides the private key to the restricted item provider, and the restricted item provider transfers funds to the cryptocurrency address. In a further embodiment, the authorized entity, after generating the cryptocurrency address and transferring funds to the cryptocurrency address, provides the private key to the restricted item provider.
P2735PC00 (Monitoring Third Party Access) In an exemplary cryptocurrency system, Bitcoin, the cryptocurrency address is a 160-bit hash of the public portion of a public / private Elliptic Curve Digital Signature Algorithm (ECDSA) keypair. In at least one known cryptocurrency system, the cryptocurrency address is therefore algorithmically converted from a public key. However, it should be appreciated that the cryptocurrency address may be the public key itself, or any other identifier derived at least partially from the public key. The cryptocurrency address and public key may thus comprise different values or strings of characters that are uniquely associated with each other such that the private key remains unambiguously linked to the cryptocurrency address. The invention is not limited to one or more particular cryptocurrency systems, as will be apparent to those skilled in the art. In embodiments of the invention, the balance associated with the crytocurrency address may be less than an inherent value of the restricted item.
The restricted item may be made available to the authorized entity permanently, as is the case in the example of Figure 1 . This may typically be the case for physical or biological items or media items such as, among others, music files, software and electronic books. If the restricted item is made available to the authorized entity permanently, the authorized entity may be held liable for unauthorized distribution of the restricted item at any time after the restricted item is made available to the authorized entity.
Alternatively, the restricted item may be made available for a predefined period of time or until a predefined condition is met. For example, the restricted item may be streaming media, in which case the authorized entity is only held liable for compromising the private key embedded in the media during a specific timeframe, for example, until streaming has ended. A predefined condition which lifts accountability and/or liability from the
P2735PC00 (Monitoring Third Party Access) authorized entity may be returning of the restricted item to the restricted item provider. Alternatively, the restricted item provider may monitor the shared transaction ledger for a period of time to determine whether the cryptocurrency address is transacted against before liability is lifted. Alternatively, the authorized entity may be held indefinitely liable.
In one particular example, the restricted item may be a digital media item in the form of a film provided to an individual or group for the purpose of viewing the film and returning the digital media item after a predefined period of time without distributing the item to any external party. In such a case, the digital media item may be embedded with key data associated with a cryptocurrency address having a value of, for example, $1 ,000.00 or $50,000.00, such that these funds may be spent if the item is distributed to external parties. The embedded key data may then serve as a deposit, which is returned to the individual or group upon the restricted item provider being satisfied that an uncompromised digital media item has been returned.
The system (400) of Figure 4 is a second embodiment of a system for monitoring third party access to a restricted item according to the invention. The system (400) is similar to the system (100) of Figure 1 , and like reference numerals represent like components, entities, systems or devices.
In this embodiment, the restricted item provider (1 10) does not provide the restricted item (1 12) to a specific authorized entity. Furthermore, the key data embedded in the restricted item (1 12) is not stored in association with a particular entity such that the specific entity may be held accountable or liable for distributing the restricted item (1 12).
The embodiment of Figure 4 further includes a third party service provider (402), the service provider (402) responsible for operating the restricted item receiving module (1 14), the embedding module (1 16), the monitoring module (1 15) and the designation module (1 17) in a manner similar to the manner
P2735PC00 (Monitoring Third Party Access) described above. It should be appreciated that any one or more of the modules may be managed by the restricted item provider (1 10) instead.
The system configuration shown in Figure 4 may enable the restricted item provider (1 10) to become aware that the restricted item (1 12) has been used, distributed or otherwise operated without authorization, without requiring the restricted item provider (1 10) to associate the restricted item (1 12) with one or more specific authorized entities. This may be desirable in cases where the restricted item (1 12) is made available by the restricted item provider (1 10) to only a few individuals, for example. Also, in certain scenarios, the restricted item provider (1 10) may not desire to know the identity of the infringer, but simply that the restricted item (1 12) has been placed "in the clear" or "in the wild", where it can, for example, be uncontrollably distributed.
The block diagram (500) of Figure 5 illustrates a method of monitoring third party access to a restricted item according to the invention, using the system of Figure 4.
At a first stage (502), the restricted item provider (1 10) requests the third party service provider (402) to monitor third party access to the restricted item (1 12). The service provider (402), at a next stage (504), generates a cryptographic key pair and transfers funds to a generated cryptocurrency address (132). The service provider (402) then proceeds to embed key data in the restricted item (1 12) as described above, at a following stage (506).
The service provider (402) monitors the shared transaction ledger (140) for transactions against the relevant address (132) at a next stage (508), and, in the event of a transaction becoming visible, alerts the restricted item provider (1 10), at a final stage (510), that the key data has been compromised and the value stored at the cryptocurrency address (132) transacted against.
P2735PC00 (Monitoring Third Party Access) It may be advantageous for the restricted item provider (1 10) to become aware that the restricted item (1 12) has been compromised for several reasons. For example, the restricted item provider (1 10) may be a software provider such as an anti-virus provider which may desire to update software once it is known that a certain restricted item is in the clear. In a further example, the restricted item provider (1 10) may desire to adapt its security measures to disallow access to software, online platforms or user accounts to users once it is known that a restricted item is in the clear.
The system (600) of Figure 6 is a third embodiment of a system for monitoring third party access to a restricted item according to the invention. The system (600) is similar to the systems (100, 400) of Figures 1 and 4, and like reference numerals represent like components, entities, systems or devices.
In this embodiment, the authorized entity (120) does not receive the restricted item (1 12) from an item provider. Instead, the authorized entity (120) desires to monitor third party access to a restricted item it already owns or controls. For example, the authorized entity (120) may be a composer aiming to become aware once musical works stored on the electronic computing device (122) of the composer have been compromised.
In a further example, the authorized entity (120) may be an individual aiming to protect personal data such as bank account or credit card information. In such a case, the authorized entity (120) may embed key data in a document containing the personal data such that upon determining, from the shared transaction ledger (140), that a transaction has been conducted using the key data, it can be deduced that the personal data has been compromised. The authorized entity (120) may then take appropriate action to guard against losses, for example, by freezing relevant financial accounts.
P2735PC00 (Monitoring Third Party Access) In the embodiment of Figure 6, the electronic computing device (122) of the authorized entity (120) may be utilized to operate the restricted item receiving module (1 14), the embedding module (1 16), the monitoring module (1 15) and the designation module (1 17) in a manner similar to the manner described above. Importantly, in embodiments of the invention, it is the authorized entity (120), in other words a legitimate user or controller of an item, which may be responsible for embedding key data in the item to, for example, protect the integrity of the item. As described above, in embodiments of the invention, more than one set of key data, in other words, more than one private key or derivation thereof, may be embedded in a single restricted item. Figure 7 shows a schematic illustration of a restricted item (1 12) provided with progressive levels (701 , 71 1 , 721 ) of key data (702, 712, 722) according to embodiments of the invention. In Figure 7, reference numerals corresponding to reference numerals in Figures 1 to 6 represent like entities, components or devices.
As illustrated in Figure 7, multiple sets of key data (702, 712, 722) may be embedded in a single restricted item (1 12). Each of the sets (702, 712, 722) represent or is associated with a private key corresponding to a public key, which in turn represents or is associated with a cryptocurrency address (703, 713, 723) usable to transact against in the cryptocurrency financial system (130). In embodiments of the invention, the plurality of sets of key data (702, 712, 722) provides progressive levels (701 , 71 1 , 721 ) of key data, wherein different software tools are required to access each of the progressive levels or to read the key data from each of the progressive levels. Any suitable software tool may be used which enables the user thereof to access the level and/or read the key data from the particular level. For example, the software tool may be browser add-on that checks downloaded files for key data.
P2735PC00 (Monitoring Third Party Access) Furthermore, a software tool required to access a particular level of key data or to read the key data from the particular level may only be made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the restricted item.
The block diagram (800) of Figure 8 illustrates a method of monitoring third party access to a restricted item according to the invention, using progressive levels of key data as described with reference to Figure 7. At a first stage (802), a plurality of sets of key data are embedded in the restricted item, using any of the methods or techniques described above. For example, three sets of key data (702, 712, 722) are embedded in a restricted item (1 12) such as a computer program file, thereby creating three progressive levels (701 , 71 1 , 721 ) of key data.
At a next stage (804), a software tool may be made available, for example, by making the tool downloadable from a website, which is to be used for reading key data (702) from the first progressive level (701 ). The tool may typically be made available by an entity responsible for the restricted item (1 12) and controlling or managing the associated cryptocurrency addresses (703, 713, 723).
The entity then, at a next stage (806), monitors the shared transaction ledger and/or sources where the restricted item may be found to determine whether the first level key data (702) was removed and used to conduct a transaction. In the event that the entity does determine that a third party has transacted against the address (703), the entity may, at a next stage (807), wish to take action to adapt the restricted item or access thereto. For example, once a software provider has determined that it has become possible to remove the key data from at least one progressive level from the restricted item before distributing it, it may wish to update or "patch" software to such an extent that an original restricted item which has come "in the clear" is no longer usable
P2735PC00 (Monitoring Third Party Access) without the updated software.
At a next stage (808), a software tool is made available to be used for reading the key data (712) from the second progressive level (71 1 ). The entity then, at a further stage (810), again monitors the shared transaction ledger and/or sources where the restricted item may be found to determine whether the second level key data (712) was removed and used to conduct a transaction. Once again, the entity may, at a following stage (81 1 ) take desired action. Similar steps may be followed to monitor third party access to the restricted item (1 12) in respect of the third progressive level (721 ).
It should be appreciated that any suitable method may be used to determine whether key data has been removed from a restricted item in such cases. Where it is suspected that a set of key data has been removed from a restricted item containing more than one set of key data, an entity may search for the restricted item by searching for a particular set of key data, for example, in a search engine, to check whether there are items containing only some of the sets of key data, but being devoid of at least one set. Embedding multiple sets of key data may enhance the ability of a restricted item provider or authorized entity to monitor third party access to the restricted item. Also, embedding multiple sets of key data in the restricted item may also serve as a deterrent, as it may be the case that even though an entity has removed a first set of key data from the restricted item to obviate the risk of other parties using the key data to transact, the entity may still be aware of the risk that one or more further sets of key data may still be embedded in the restricted item.
The scope of the invention extends to a computer program product for monitoring third party access to a restricted item. Such a computer program product may typically comprise a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable
P2735PC00 (Monitoring Third Party Access) program code executable by a processing circuit to perform any one or more of the steps described with reference to Figures 1 to 8.
The steps described may include but are not limited to embedding key data in the restricted item, the key data being associated with a store of value and usable to conduct a transaction against the store of value and wherein a record of the transaction becomes visible in a transaction ledger, monitoring the transaction ledger to determine whether a transaction against the store of value has occurred, and designating the restricted item as accessed by a third party in the event that a transaction against the store of value has occurred.
In embodiments of the invention, and as the case may be in any one or more of the systems and methods described with reference to Figures 1 to 8, the computer-readable program code may be executable by the processing circuit to further perform one or more of the steps of: storing, in a database, the key data or data derived at least partially therefrom in association with an entity credential of an authorized entity, the authorized entity authorized to possess the restricted item, if the restricted item is designated as accessed by a third party, identifying the authorized entity as the responsible party to be held accountable for the third party access, and in response to determining that a transaction against the store of value has occurred, updating the database to indicate that the key data or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value.
The above description of embodiments of the invention is by way of example only and it should be appreciated that numerous changes and modifications may further be made to the embodiments described without departing from the scope of the invention.
It should specifically be appreciated that the restricted item provider may be
P2735PC00 (Monitoring Third Party Access) any suitable person or entity. For example, the restricted item provider may be an artist desiring to deter unauthorized distribution of a creative work in which media rights of the artist subsists. The artist may then embed an identifier in the media item as described above. Alternatively, the artist may use the services of a third party embedding service provider, as described above, to embed an identifier in the media and/or manage any number of identifiers, addresses and/or keys on behalf of the artist.
Although the identifier is a private key or derivatives thereof in embodiments of the invention described herein, the identifier may be any identifying code, image, string, reference, audio, video, or the like, which is usable to identify a source of funds which can be transacted against using information embedded in the restricted item or derivatives thereof. The key data may therefore simply be usable as a handle to one or both of the private key or a source of funds or value.
A system and method for monitoring third party access to a restricted item is thus provided. In embodiments of the invention, digital currency is essentially embedded in a restricted item by making a private key of a cryptocurrency address readable or derivable from the media item. In this way, the system and method of the present invention may allow a relevant party to immediately or relatively quickly become aware that a restricted item has been distributed, copied, sold or the like. This may enable owners or controllers of restricted items to react quickly to such activities, for example, by releasing updated software or "patches", by making changes to software or media to make the restricted items subsequently unusable, or the like. In cases where the restricted item was provided to a specific entity or entities, immediate penalty or punishment may be imposed on those distributing the restricted items without authorization.
P2735PC00 (Monitoring Third Party Access) The direct monetary value attached to a particular set of key data may incentivize or motivate a third party to conduct a transaction using compromised key data. For example, the third party may typically wish to harvest the value associated with the key data.
This may be effected by imposing direct cost or liability on the infringing entity if the embedded funds are compromised. A transaction conducted using a compromised private key immediately becomes visible in the shared transaction ledger, which shows that the embedded key data has been used to transact with funds linked therewith. This may obviate the need to perform a lengthy and/or expensive search in an attempt to find an infringing entity, and enable a restricted item provider to rapidly react to unlicensed distribution. The embedded key data may further be used to uniquely identify an infringing restricted item or both the item and an infringing entity in places where compromised items are typically found, such as on file-sharing websites or in physical, copied media items.
The system and method may further be advantageous in that it can be implemented at a relatively low cost, by substantially using, for example, existing cryptocurrency platforms.
In cases where the restricted items are media items, the system and method may aid in deterring individuals and entities from unlawfully or without authorization distributing analogue or digital media. By embedding digital currency, particularly the private key of a cryptocurrency, into the media itself, the risk arises that the embedded funds are lost and the activity traced if the media is distributed by the consumer. The system and method described may similarly aid in deterring or punishing individuals in cases where the restricted item is, for example, a biological or genetic item to which certain parties have exclusive or partially exclusive rights.
P2735PC00 (Monitoring Third Party Access) Finally, the present invention may lead to an improved experience for legitimate consumers of media items. For example, by allowing a user to fairly use a media item while ensuring that the media item is not distributed to third parties who may read and transact on embedded private keys, implementation of the system and method provided may obviate the need to place restrictions on, among other things, moving media from one device to another device or editing formats of certain media items.
P2735PC00 (Monitoring Third Party Access)

Claims

1 . A method of monitoring third party access to a restricted item (1 12), the restricted item (1 12) having key data (134) embedded therein, the key data (134) being associated with a store of value (132) and usable to conduct a transaction against the store of value (132), wherein a record of the transaction becomes visible in a transaction ledger (140), the method comprising:
monitoring the transaction ledger (140) to determine whether a transaction against the store of value (132) has occurred; and
designating the restricted item (1 12) as accessed by a third party in the event that a transaction against the store of value (132) has occurred.
2. The method as claimed in claim 1 , further including the steps of:
storing, in a database (1 18), the key data (134) or data derived at least partially therefrom in association with an entity credential of an authorized entity (120), the authorized entity (120) being authorized to possess the restricted item (1 12); and
if the restricted item (1 12) is designated as accessed by a third party, identifying the authorized entity (120) as the responsible party to be held accountable for the third party access.
3. The method as claimed in claim 2 further including the step of:
in response to determining that a transaction against the store of value (132) has occurred, updating the database (1 18) to indicate that the key data (134) or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value (132).
4. The method as claimed in any one of the preceding claims, wherein the store of value (132) has a balance of digital currency and wherein the
P2735PC00 (Monitoring Third Party Access) transaction ledger (140) is a shared public ledger containing records of transactions conducted using the digital currency.
5. The method as claimed in claim 4, wherein the digital currency is a cryptocurrency and the store of value (132) is a cryptocurrency address.
6. The method as claimed in claim 5, wherein the cryptocurrency address is represented by or derived at least partially from a cryptocurrency public key corresponding to a cryptocurrency private key.
7. The method as claimed in claim 6, wherein the key data (134) includes the cryptocurrency private key or an address identifier derived at least partially from the cryptocurrency private key.
8. The method as claimed in claim 7, wherein conducting a transaction against the store of value (132) includes using at least the cryptocurrency private key to perform a cryptocurrency transaction.
9. The method as claimed in claim 8, wherein conducting the cryptocurrency transaction includes transferring at least some of a balance of cryptocurrency held at the cryptocurrency address to a second, receiving cryptocurrency address represented by or derived at least partially from a second, receiving cryptocurrency public key.
10. The method as claimed in any one of claims claim 7 to 9, wherein one or more of the cryptocurrency private key, the address identifier and the cryptocurrency public key is associated with an authorized entity (120) authorized to possess the restricted item (1 12) and is stored, in a database (1 18), in association with an entity credential of the authorized entity (120), wherein if the restricted item (1 12) is designated as accessed by a third party, the authorized entity (120) is identified as the responsible party to be held accountable for the third party access.
P2735PC00 (Monitoring Third Party Access)
1 1 . The method as claimed in any one of the preceding claims, wherein the key data (134) is readable from the restricted item (1 12) by any third party that accesses the restricted item either directly or using a software tool.
12. The method as claimed in any one of the preceding claims, wherein a plurality of sets of key data (702, 712, 722) are embedded in the restricted item (1 12).
13. The method as claimed in claim 12, wherein the plurality of sets of key data (702, 712, 722) provide progressive levels of key data (701 , 71 1 , 721 ), wherein different software tools are required to access each of the progressive levels (701 , 71 1 , 721 ) so as to read the key data (702, 712, 722) from each of the progressive levels (701 , 71 1 , 721 ).
14. The method as claimed in claim 13, wherein a software tool required to access a particular level of key data so as to read the key data from the particular level is made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the restricted item (1 12).
15. The method as claimed in any one of claims 8 to 10, wherein the cryptocurrency address is controlled or managed by a party capable of monitoring the shared public ledger to determine whether a transaction against the store of value (132) has occurred.
16. The method as claimed in claim 15, wherein the party controlling or managing the cryptocurrency address is selected from the group consisting of: an individual having ownership or control of the restricted item, a group having ownership or control of the restricted item (1 12), an authorized entity (120) authorized to possess the restricted item (1 12), a restricted item provider (1 10) from which one or more authorized entity has requested the
P2735PC00 (Monitoring Third Party Access) restricted item (1 12), and a third party service provider (402) associated with a restricted item provider (1 10).
17. The method as claimed in any one of the preceding claims, wherein the restricted item (1 12) is a media item.
18. The method as claimed in claim 17, wherein the media item is a digital or analogue media item selected from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.
19. The method as claimed in any one of the preceding claims, including one or more of the steps of: embedding the key data in the restricted item using digital watermarking, embedding the key data in the restricted item using analogue watermarking, embedding the key data in the restricted item as a one-dimensional or two-dimensional barcode (1 13), embedding the key data in the restricted item as a graphical code, embedding the key data in the restricted item using steganography, embedding the key data in the restricted item using natural language watermarking or natural language morphology, embedding the key data in the restricted item using hidden text or invisible text or binary data embedding, and embedding the key data in the restricted item using visible text or visible binary data embedding.
20. A system (100, 400, 600) for monitoring third party access to a restricted item (1 12) comprising:
a restricted item receiving module (1 14) configured to receive the
restricted item (1 12);
P2735PC00 (Monitoring Third Party Access) an embedding module (1 16), the embedding module (1 16) being
in communication with the restricted item receiving module (1 14) and configured to embed key data (134) in the restricted item (1 12), the key data (134) being associated with a store of value (132) and usable to conduct a transaction against the store of value (132), wherein a record of the transaction becomes visible in a transaction ledger (140);
a monitoring module (1 15) configured to monitor the transaction ledger (140) to determine whether a transaction against the store of value (132) has occurred; and
a designation module (1 17) in communication with the monitoring
module (1 15) and configured to designate the restricted item (1 12) as accessed by a third party in the event that a transaction against the store of value (132) has occurred.
21 . The system (100) as claimed in claim 20, further comprising:
a database (1 18) configured to store the key data (134) or data derived at least partially therefrom in association with an entity credential of an authorized entity (120), the authorized entity (120) being authorized to possess the restricted item (1 12), and being further configured to perform the steps of:
if the restricted item (1 12) is designated as accessed by a
third party, identifying the authorized entity (120) as the responsible party to be held accountable for the third party access; and
in response to determining that a transaction against the store of value (132) has occurred, updating the database (1 18) to indicate that the key data (134) or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value (132).
P2735PC00 (Monitoring Third Party Access)
PCT/IB2014/065586 2013-10-25 2014-10-24 System and method for monitoring third party access to a restricted item WO2015059669A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
RU2016119148A RU2656995C2 (en) 2013-10-25 2014-10-24 System and method for monitoring third party access to restricted item
CN201480071065.3A CN105849757B (en) 2013-10-25 2014-10-24 System and method for monitoring access of the third party to restricted article
EP14806725.9A EP3061057A1 (en) 2013-10-25 2014-10-24 System and method for monitoring third party access to a restricted item
ZA2016/03571A ZA201603571B (en) 2013-10-25 2016-05-25 System and method for monitoring third party access to a restricted item

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
ZA201308093 2013-10-25
ZA2013/08093 2013-10-25
ZA201400928 2014-02-07
ZA2014/00928 2014-02-07

Publications (1)

Publication Number Publication Date
WO2015059669A1 true WO2015059669A1 (en) 2015-04-30

Family

ID=51796477

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2014/065586 WO2015059669A1 (en) 2013-10-25 2014-10-24 System and method for monitoring third party access to a restricted item

Country Status (6)

Country Link
EP (1) EP3061057A1 (en)
CN (1) CN105849757B (en)
GB (1) GB2514716A (en)
RU (1) RU2656995C2 (en)
WO (1) WO2015059669A1 (en)
ZA (1) ZA201603571B (en)

Cited By (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9794074B2 (en) 2016-02-04 2017-10-17 Nasdaq Technology Ab Systems and methods for storing and sharing transactional data using distributed computing systems
US9892460B1 (en) 2013-06-28 2018-02-13 Winklevoss Ip, Llc Systems, methods, and program products for operating exchange traded products holding digital math-based assets
US10068228B1 (en) 2013-06-28 2018-09-04 Winklevoss Ip, Llc Systems and methods for storing digital math-based assets using a secure portal
US10097356B2 (en) 2015-07-02 2018-10-09 Nasdaq, Inc. Systems and methods of secure provenance for distributed transaction databases
US10108812B2 (en) 2016-01-28 2018-10-23 Nasdaq, Inc. Systems and methods for securing and disseminating time sensitive information using a blockchain
US10269009B1 (en) 2013-06-28 2019-04-23 Winklevoss Ip, Llc Systems, methods, and program products for a digital math-based asset exchange
US10339523B2 (en) 2015-07-14 2019-07-02 Fmr Llc Point-to-point transaction guidance apparatuses, methods and systems
CN109976969A (en) * 2017-12-27 2019-07-05 航天信息股份有限公司 A kind of monitoring method, device, equipment and the medium of electronic invoice information
US10354325B1 (en) 2013-06-28 2019-07-16 Winklevoss Ip, Llc Computer-generated graphical user interface
US10373158B1 (en) 2018-02-12 2019-08-06 Winklevoss Ip, Llc System, method and program product for modifying a supply of stable value digital asset tokens
US10373129B1 (en) 2018-03-05 2019-08-06 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US10438290B1 (en) 2018-03-05 2019-10-08 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
WO2019200431A1 (en) * 2018-04-19 2019-10-24 Decentralised Illiteracy Organisation Pty Ltd Payment system
US10484376B1 (en) 2015-01-26 2019-11-19 Winklevoss Ip, Llc Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
US10504179B1 (en) 2015-12-08 2019-12-10 Fmr Llc Social aggregated fractional equity transaction partitioned acquisition apparatuses, methods and systems
US10540654B1 (en) 2018-02-12 2020-01-21 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US10644885B2 (en) 2015-07-14 2020-05-05 Fmr Llc Firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems
US10693632B1 (en) 2015-03-16 2020-06-23 Winklevoss Ip, Llc Autonomous devices
CN111428172A (en) * 2019-01-10 2020-07-17 嘉太科技(北京)有限公司 Method, device and platform for managing literary works in internet transmission
CN111510421A (en) * 2019-01-31 2020-08-07 金联汇通信息技术有限公司 Data processing method and device, electronic equipment and computer readable storage medium
US10778439B2 (en) 2015-07-14 2020-09-15 Fmr Llc Seed splitting and firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems
US10915891B1 (en) 2015-03-16 2021-02-09 Winklevoss Ip, Llc Autonomous devices
US10929842B1 (en) 2018-03-05 2021-02-23 Winklevoss Ip, Llc System, method and program product for depositing and withdrawing stable value digital assets in exchange for fiat
US10992469B2 (en) 2015-07-14 2021-04-27 Fmr Llc Seed splitting and firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems
US11139955B1 (en) 2018-02-12 2021-10-05 Winklevoss Ip, Llc Systems, methods, and program products for loaning digital assets and for depositing, holding and/or distributing collateral as a token in the form of digital assets on an underlying blockchain
US11200564B2 (en) 2015-03-31 2021-12-14 Nasdaq, Inc. Systems and methods of blockchain transaction recordation
US11200569B1 (en) 2018-02-12 2021-12-14 Winklevoss Ip, Llc System, method and program product for making payments using fiat-backed digital assets
US11282139B1 (en) 2013-06-28 2022-03-22 Gemini Ip, Llc Systems, methods, and program products for verifying digital assets held in a custodial digital asset wallet
US11308487B1 (en) 2018-02-12 2022-04-19 Gemini Ip, Llc System, method and program product for obtaining digital assets
US11334883B1 (en) 2018-03-05 2022-05-17 Gemini Ip, Llc Systems, methods, and program products for modifying the supply, depositing, holding and/or distributing collateral as a stable value token in the form of digital assets
US11436598B2 (en) 2017-12-15 2022-09-06 Fmr Llc Social data tracking datastructures, apparatuses, methods and systems
US11475442B1 (en) 2018-02-12 2022-10-18 Gemini Ip, Llc System, method and program product for modifying a supply of stable value digital asset tokens
US11488147B2 (en) 2015-07-14 2022-11-01 Fmr Llc Computationally efficient transfer processing and auditing apparatuses, methods and systems
US11501370B1 (en) 2019-06-17 2022-11-15 Gemini Ip, Llc Systems, methods, and program products for non-custodial trading of digital assets on a digital asset exchange
US11522700B1 (en) 2018-02-12 2022-12-06 Gemini Ip, Llc Systems, methods, and program products for depositing, holding and/or distributing collateral as a token in the form of digital assets on an underlying blockchain
US11636471B2 (en) 2017-12-15 2023-04-25 Fmr Llc Social data tracking datastructures, apparatuses, methods and systems
US11909860B1 (en) 2018-02-12 2024-02-20 Gemini Ip, Llc Systems, methods, and program products for loaning digital assets and for depositing, holding and/or distributing collateral as a token in the form of digital assets on an underlying blockchain

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016105265A1 (en) * 2014-12-22 2016-06-30 Cryex Group Ab Methods, apparatus and systems for enabling settlement of transactions of cryptographic assets
KR102556851B1 (en) 2015-02-09 2023-07-18 티제로 아이피, 엘엘씨 Crypto integration platform
US11704733B2 (en) 2015-05-01 2023-07-18 Tzero Ip, Llc Crypto multiple security asset creation and redemption platform
US9870562B2 (en) * 2015-05-21 2018-01-16 Mastercard International Incorporated Method and system for integration of market exchange and issuer processing for blockchain-based transactions
AU2016307202A1 (en) 2015-05-26 2017-12-07 Tzero Ip, Llc Obfuscation of intent in transactions using cryptographic techniques
GB2540976A (en) * 2015-07-31 2017-02-08 British Telecomm Access control
CN107145768B (en) * 2016-03-01 2021-02-12 华为技术有限公司 Copyright management method and system
BR112018071743A2 (en) 2016-04-29 2019-02-19 Nchain Holdings Ltd computer-implemented control method and system and control system incorporating a boolean calculation or operation
CN107967416B (en) * 2016-10-19 2021-07-09 华为技术有限公司 Copyright right-maintaining detection method, device and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080130058A1 (en) * 2006-12-04 2008-06-05 Chi-Chen Cheng Method of protecting digital data by utilizing an embedded watermark
WO2012162739A1 (en) * 2011-05-31 2012-12-06 Piratec Pty Ltd System and method for encrypted media distribution

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6108420A (en) * 1997-04-10 2000-08-22 Channelware Inc. Method and system for networked installation of uniquely customized, authenticable, and traceable software application
US7426750B2 (en) * 2000-02-18 2008-09-16 Verimatrix, Inc. Network-based content distribution system
US20040005078A1 (en) * 2002-06-21 2004-01-08 Spectra Systems Corporation Method and apparatus for digitally watermarking images created with a mobile imaging device
US7908477B2 (en) * 2004-07-27 2011-03-15 Seiji Eto System and method for enabling device dependent rights protection
RU2008118486A (en) * 2005-10-13 2009-11-20 Конинклейке Филипс Электроникс Н.В. (Nl) EFFECTIVE WATER DETECTION
JP5605810B2 (en) * 2007-10-05 2014-10-15 ディジマーク コーポレイション Content serialization by changing content characteristics, including changing the master copy watermark characteristics
US8635701B2 (en) * 2008-03-02 2014-01-21 Yahoo! Inc. Secure browser-based applications
US20090271319A1 (en) * 2008-04-29 2009-10-29 Microsoft Corporation Embedded Licenses for Content
US20090316950A1 (en) * 2008-06-23 2009-12-24 Alasia Alfred V Object Authentication Using a Programmable Image Acquisition Device
WO2010067433A1 (en) * 2008-12-11 2010-06-17 三菱電機株式会社 Self-authentication communication device, self-authentication verification communication device, device authentication system, device authentication method for device authentication system, self-authentication communication program, and self-authentication verification communication program
KR101631345B1 (en) * 2009-01-28 2016-06-17 헤드워터 파트너스 아이 엘엘씨 Security techniques for device assisted services
CA2836533A1 (en) * 2011-05-19 2012-12-13 Zoran Konevic Systems, methods and apparatus for distributing product samples
US9818109B2 (en) * 2012-08-16 2017-11-14 Danny Loh User generated autonomous digital token system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080130058A1 (en) * 2006-12-04 2008-06-05 Chi-Chen Cheng Method of protecting digital data by utilizing an embedded watermark
WO2012162739A1 (en) * 2011-05-31 2012-12-06 Piratec Pty Ltd System and method for encrypted media distribution

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SATOSHI NAKAMOTO: "Bitcoin: A Peer-to-Peer Electronic Cash System", 31 October 2008 (2008-10-31), XP055131503, Retrieved from the Internet <URL:https://bitcoin.org/bitcoin.pdf> [retrieved on 20140724] *

Cited By (78)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10984470B1 (en) 2013-06-28 2021-04-20 Winklevoss Ip, Llc Systems for redeeming shares in an entity holding digital math-based assets
US10984472B1 (en) 2013-06-28 2021-04-20 Winklevoss Ip, Llc Systems, methods, and program products for an application programming interface generating a blended digital math-based assets index
US9898782B1 (en) 2013-06-28 2018-02-20 Winklevoss Ip, Llc Systems, methods, and program products for operating exchange traded products holding digital math-based assets
US9965804B1 (en) 2013-06-28 2018-05-08 Winklevoss Ip, Llc Systems, methods, and program products for operating exchange traded products holding digital math-based assets
US9965805B1 (en) 2013-06-28 2018-05-08 Winklevoss Ip, Llc Systems, methods, and program products for operating exchange traded products holding digital math-based assets
US10002389B1 (en) 2013-06-28 2018-06-19 Winklevoss Ip, Llc Systems, methods, and program products for an application programming interface generating a blended digital math-based assets index
US10068228B1 (en) 2013-06-28 2018-09-04 Winklevoss Ip, Llc Systems and methods for storing digital math-based assets using a secure portal
US11423482B1 (en) 2013-06-28 2022-08-23 Gemini Ip, Llc Systems, methods, and program products for an application programming interface generating a blended digital math-based assets index
US11282139B1 (en) 2013-06-28 2022-03-22 Gemini Ip, Llc Systems, methods, and program products for verifying digital assets held in a custodial digital asset wallet
US11580532B1 (en) 2013-06-28 2023-02-14 Gemini Ip, Llc Systems, methods, and program products for a digital math-based asset exchange
US10255635B1 (en) 2013-06-28 2019-04-09 Winklevoss Ip, Llc Systems, methods, and program products for an application programming interface generating a blended digital math-based assets index
US10269009B1 (en) 2013-06-28 2019-04-23 Winklevoss Ip, Llc Systems, methods, and program products for a digital math-based asset exchange
US10325257B1 (en) 2013-06-28 2019-06-18 Winklevoss Ip, Llc Systems and methods for storing digital math-based assets using a secure portal
US11164251B1 (en) 2013-06-28 2021-11-02 Winklevoss Ip, Llc Computer-generated graphical user interface
US11995720B1 (en) 2013-06-28 2024-05-28 Gemini Ip, Llc Systems for purchasing shares in an entity holding digital math-based assets
US10354325B1 (en) 2013-06-28 2019-07-16 Winklevoss Ip, Llc Computer-generated graphical user interface
US11928732B1 (en) 2013-06-28 2024-03-12 Gemini Ip, Llc Computer-generated graphical user interface
US11087313B1 (en) 2013-06-28 2021-08-10 Winklevoss Ip, Llc Systems, methods, and program products for a digital math-based asset exchange
US11783417B1 (en) 2013-06-28 2023-10-10 Gemini Ip, Llc Systems for redeeming shares in an entity holding digital math-based assets
US11615404B1 (en) 2013-06-28 2023-03-28 Gemini Ip, Llc Systems, methods, and program products for a digital math-based asset exchange
US10650376B1 (en) 2013-06-28 2020-05-12 Winklevoss Ip, Llc Systems and methods for storing digital math-based assets using a secure portal
US11017381B1 (en) 2013-06-28 2021-05-25 Winklevoss Ip, Llc Systems, methods, and program products for a digital math-based asset exchange
US11568398B1 (en) 2013-06-28 2023-01-31 Gemini Ip, Llc Systems and methods for storing digital math-based assets using a secure portal
US9892460B1 (en) 2013-06-28 2018-02-13 Winklevoss Ip, Llc Systems, methods, and program products for operating exchange traded products holding digital math-based assets
US10929929B1 (en) 2013-06-28 2021-02-23 Winklevoss Ip, Llc Systems for purchasing shares in an entity holding digital math-based assets
US11283797B2 (en) 2015-01-26 2022-03-22 Gemini Ip, Llc Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
US10484376B1 (en) 2015-01-26 2019-11-19 Winklevoss Ip, Llc Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
US10778682B1 (en) 2015-01-26 2020-09-15 Winklevoss Ip, Llc Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
US10915891B1 (en) 2015-03-16 2021-02-09 Winklevoss Ip, Llc Autonomous devices
US11362814B1 (en) 2015-03-16 2022-06-14 Gemini Ip, Llc Autonomous devices
US10693632B1 (en) 2015-03-16 2020-06-23 Winklevoss Ip, Llc Autonomous devices
US11783323B1 (en) 2015-03-16 2023-10-10 Gemini Ip, Llc Autonomous devices
US11734675B2 (en) 2015-03-31 2023-08-22 Nasdaq, Inc. Systems and methods of blockchain transaction recordation
US11200564B2 (en) 2015-03-31 2021-12-14 Nasdaq, Inc. Systems and methods of blockchain transaction recordation
US11522716B2 (en) 2015-07-02 2022-12-06 Nasdaq, Inc. Systems and methods of secure provenance for distributed transaction databases
US11792017B2 (en) 2015-07-02 2023-10-17 Nasdaq, Inc. Systems and methods of secure provenance for distributed transaction databases
US10097356B2 (en) 2015-07-02 2018-10-09 Nasdaq, Inc. Systems and methods of secure provenance for distributed transaction databases
US10630485B2 (en) 2015-07-02 2020-04-21 Nasdaq, Inc. Systems and methods of secure provenance for distributed transaction databases
US10644885B2 (en) 2015-07-14 2020-05-05 Fmr Llc Firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems
US11488147B2 (en) 2015-07-14 2022-11-01 Fmr Llc Computationally efficient transfer processing and auditing apparatuses, methods and systems
US10992469B2 (en) 2015-07-14 2021-04-27 Fmr Llc Seed splitting and firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems
US10778439B2 (en) 2015-07-14 2020-09-15 Fmr Llc Seed splitting and firmware extension for secure cryptocurrency key backup, restore, and transaction signing platform apparatuses, methods and systems
US10339523B2 (en) 2015-07-14 2019-07-02 Fmr Llc Point-to-point transaction guidance apparatuses, methods and systems
US10504179B1 (en) 2015-12-08 2019-12-10 Fmr Llc Social aggregated fractional equity transaction partitioned acquisition apparatuses, methods and systems
US10579819B2 (en) 2016-01-28 2020-03-03 Nasdaq Inc. Systems and methods for securing and disseminating time sensitive information using a blockchain
US11704429B2 (en) 2016-01-28 2023-07-18 Nasdaq, Inc. Systems and methods for securing and disseminating time sensitive information using a blockchain
US10108812B2 (en) 2016-01-28 2018-10-23 Nasdaq, Inc. Systems and methods for securing and disseminating time sensitive information using a blockchain
US11188673B2 (en) 2016-01-28 2021-11-30 Nasdaq, Inc. Systems and methods for securing and disseminating time sensitive information using a blockchain
US11095462B2 (en) 2016-02-04 2021-08-17 Nasdaq Technology Ab Systems and methods for storing and sharing transactional data using distributed computer systems
US11695578B2 (en) 2016-02-04 2023-07-04 Nasdaq Technology Ab Systems and methods for storing and sharing transactional data using distributed computer systems
US9794074B2 (en) 2016-02-04 2017-10-17 Nasdaq Technology Ab Systems and methods for storing and sharing transactional data using distributed computing systems
US10541821B2 (en) 2016-02-04 2020-01-21 Nasdaq Technology Ab Systems and methods for storing and sharing transactional data using distributed computing systems
US10084607B2 (en) 2016-02-04 2018-09-25 Nasdaq Technology Ab Systems and methods for storing and sharing transactional data using distributed computing systems
US11436598B2 (en) 2017-12-15 2022-09-06 Fmr Llc Social data tracking datastructures, apparatuses, methods and systems
US11636471B2 (en) 2017-12-15 2023-04-25 Fmr Llc Social data tracking datastructures, apparatuses, methods and systems
CN109976969A (en) * 2017-12-27 2019-07-05 航天信息股份有限公司 A kind of monitoring method, device, equipment and the medium of electronic invoice information
US11522700B1 (en) 2018-02-12 2022-12-06 Gemini Ip, Llc Systems, methods, and program products for depositing, holding and/or distributing collateral as a token in the form of digital assets on an underlying blockchain
US11308487B1 (en) 2018-02-12 2022-04-19 Gemini Ip, Llc System, method and program product for obtaining digital assets
US10540654B1 (en) 2018-02-12 2020-01-21 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US11200569B1 (en) 2018-02-12 2021-12-14 Winklevoss Ip, Llc System, method and program product for making payments using fiat-backed digital assets
US10373158B1 (en) 2018-02-12 2019-08-06 Winklevoss Ip, Llc System, method and program product for modifying a supply of stable value digital asset tokens
US11909860B1 (en) 2018-02-12 2024-02-20 Gemini Ip, Llc Systems, methods, and program products for loaning digital assets and for depositing, holding and/or distributing collateral as a token in the form of digital assets on an underlying blockchain
US11475442B1 (en) 2018-02-12 2022-10-18 Gemini Ip, Llc System, method and program product for modifying a supply of stable value digital asset tokens
US11139955B1 (en) 2018-02-12 2021-10-05 Winklevoss Ip, Llc Systems, methods, and program products for loaning digital assets and for depositing, holding and/or distributing collateral as a token in the form of digital assets on an underlying blockchain
US10540653B1 (en) 2018-02-12 2020-01-21 Winklevoss Ip, Llc System, method and program product for modifying a supply of stable value digital asset tokens
US11562333B1 (en) 2018-03-05 2023-01-24 Gemini Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US10929842B1 (en) 2018-03-05 2021-02-23 Winklevoss Ip, Llc System, method and program product for depositing and withdrawing stable value digital assets in exchange for fiat
US11720887B1 (en) 2018-03-05 2023-08-08 Gemini Ip, Llc System, method and program product for depositing and withdrawing stable value digital assets in exchange for fiat
US11727401B1 (en) 2018-03-05 2023-08-15 Gemini Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US10540640B1 (en) 2018-03-05 2020-01-21 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US10438290B1 (en) 2018-03-05 2019-10-08 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US10373129B1 (en) 2018-03-05 2019-08-06 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US11017391B1 (en) 2018-03-05 2021-05-25 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US11334883B1 (en) 2018-03-05 2022-05-17 Gemini Ip, Llc Systems, methods, and program products for modifying the supply, depositing, holding and/or distributing collateral as a stable value token in the form of digital assets
WO2019200431A1 (en) * 2018-04-19 2019-10-24 Decentralised Illiteracy Organisation Pty Ltd Payment system
CN111428172A (en) * 2019-01-10 2020-07-17 嘉太科技(北京)有限公司 Method, device and platform for managing literary works in internet transmission
CN111510421A (en) * 2019-01-31 2020-08-07 金联汇通信息技术有限公司 Data processing method and device, electronic equipment and computer readable storage medium
US11501370B1 (en) 2019-06-17 2022-11-15 Gemini Ip, Llc Systems, methods, and program products for non-custodial trading of digital assets on a digital asset exchange

Also Published As

Publication number Publication date
GB201416002D0 (en) 2014-10-22
RU2656995C2 (en) 2018-06-07
RU2016119148A (en) 2017-12-01
GB2514716A (en) 2014-12-03
EP3061057A1 (en) 2016-08-31
ZA201603571B (en) 2017-11-29
CN105849757B (en) 2019-09-03
CN105849757A (en) 2016-08-10

Similar Documents

Publication Publication Date Title
US9595034B2 (en) System and method for monitoring third party access to a restricted item
WO2015059669A1 (en) System and method for monitoring third party access to a restricted item
US11934497B2 (en) Content anti-piracy management system and method
US10855475B1 (en) Systems and methods for securing data to an immutable distributed ledger
Konashevych General concept of real estate tokenization on blockchain: The right to choose
CN102073826B (en) Utilize the system and method for the digital copyright management of lightweight digital watermark adding component
US20200159890A1 (en) Securely storing digital content using a distributed ledger
US11048780B2 (en) Preventing fraud in digital content licensing and distribution using distributed ledgers
JP2005536951A (en) Apparatus, system, and method for securing digital documents in a digital device
US20230004970A1 (en) Distributed Ledgers with Ledger Entries Containing Redactable Payloads
US11917071B2 (en) Data protection using universal tagging
CN107770173A (en) Subscriber Management System, related identification information creation method and request method of calibration
KR102617151B1 (en) Contents blockchain platform
WO2023044496A1 (en) Systems and methods for token content unlocking, biometric authentication using privacy-protecting tokens, ownership-based limitations of content access, policy-based time capsule technology, and content lock mechanisms
KR20210037274A (en) Apparatus and method for managing contents
CN112052474A (en) Blu-ray copy service
US20240039731A1 (en) Authenticated Modification of Blockchain-Based Data
JP2004220546A (en) Management server of electronic utilization right, terminal device, management system and management method
Perwej et al. A technological perspective of blockchain security
CN111191271B (en) Computer-implemented method, system and storage medium
ur Rehman et al. Blockchain-based approach for proving the source of digital media
US10999077B2 (en) Data protection using sporadically generated universal tags
Alberini et al. Blockchain and data protection
US20240171414A1 (en) Blockchain-based electronic document vault
US20230334473A1 (en) Systems and Methods for Blockchain-Based Software Key Distribution

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14806725

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

REEP Request for entry into the european phase

Ref document number: 2014806725

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2014806725

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2016119148

Country of ref document: RU

Kind code of ref document: A