WO2019102199A1 - Apparatus and methods for virtual asset management - Google Patents

Abstract

A system for managing virtual assets is disclosed that comprises apparatus for managing the storage of virtual assets, apparatus for providing access to virtual assets, access devices for accessing virtual assets and apparatus for providing information about available access devices. Virtual assets are associated with an attribute representing physical requirements that have to be met for the virtual asset to be accessible. The virtual assets are encrypted with a symmetric cryptographic key. The symmetric cryptographic key is encrypted using a respective public cryptographic key associated with each physical requirement that has to be met. The encrypted symmetric cryptographic key is added to the encrypted virtual asset as encrypted metadata.

Description

Apparatus and Methods for Virtual Asset Management

The present invention relates to a virtual asset management system and to associated apparatus and methods. The invention has particular although not exclusive relevance to the management of access to electronic data files based on geographic location and/or access device.

In the modern world, the use of digital electronic data has become ubiquitous and has given rise to the increased reliance on‘virtual’ assets. A virtual asset comprises digital data that, whilst intangible, represents something far more tangible that typically has some kind of value (e.g. commercial or sentimental) to its owner or user. Virtual assets may include, for example, electronic documents, emails, digital images and videos, electronic financial information, digital music etc. However, the electronic data which makes up the virtual assets has no tangible real world physical presence. Humans do not share the same space as the electronic data but, instead, interacts with it through devices such as smart phones, televisions, computers or the like using appropriate interfaces such as web browsers, media specific applications, e-readers, music players, streaming applications etc. The digital data itself exists in its own perceived digital domains such as flash memory or the internet.

Thus, whilst the use of digital data provides many advantages its intangible nature makes it, and hence the virtual assets it represents, difficult to manage efficiently and securely whilst still benefiting from the advantages of digital data and providing an end user of the virtual asset with a sense of the virtual asset as something more tangible.

The present invention seeks to provide a virtual asset management system and associated apparatus and methods for meeting or at least partially addressing the above issues.

In one aspect of the invention there is provided apparatus for managing the storage of virtual assets in a system for managing virtual assets, the apparatus comprising: means for associating the virtual asset with an attribute representing at least one physical requirement that has to be met for the virtual asset to be accessible; means for encrypting the virtual asset with a symmetric cryptographic key to produce an encrypted virtual asset; means for encrypting the symmetric cryptographic key using at least one public cryptographic key, wherein the at least one public cryptographic key comprises a respective public cryptographic key associated with each attribute representing a physical requirement that has to be met for the virtual asset to be accessible; means for adding the encrypted symmetric cryptographic key to the encrypted virtual asset as encrypted metadata; and means for storing the encrypted virtual asset to which the corresponding encrypted metadata has been added in a data store.

The at least one attribute representing a physical requirement that has to be met for the virtual asset to be accessible may comprise at least one attribute representing a pre-defined physical location, or group of locations, wherein a device attempting to access the virtual asset must be located in the pre-defined physical location, or at least one of the group of locations, in order for the physical requirement to be met.

The at least one attribute representing a physical requirement that has to be met for the virtual asset to be accessible may comprise at least one attribute representing a designated device, or a set of designated devices, wherein a device attempting to access the virtual asset must be the designated device, or one of the set of designated devices, in order for the physical requirement to be met.

The at least one attribute representing a physical requirement that has to be met for the virtual asset to be accessible may comprise at least one attribute representing a timing, wherein an attempt to access the virtual asset must be made in accordance with the timing in order for the physical requirement to be met.

The symmetric key may be randomly generated symmetric key.

The means for encrypting the symmetric cryptographic key may be configured to retrieve the at least one public cryptographic key from the data store (e.g. a data store that is located remotely from the apparatus).

The means for encrypting the symmetric cryptographic key may be configured to encrypt the symmetric cryptographic key using a plurality of public cryptographic keys, wherein each of the public cryptographic keys may be associated with a different respective attribute representing a physical requirement that has to be met for the virtual asset to be accessible.

The apparatus may form part of user equipment (e.g. a smart phone, personal computer, laptop computer, tablet computer or the like).

In one aspect of the invention there is provided apparatus for providing access to virtual assets in a system for managing virtual assets, the apparatus comprising: means for storing at least one private key, each private key being associated with a respective attribute representing at least one physical requirement that has to be met, for a virtual asset that is available via the apparatus and that has that attribute, to be accessible via said apparatus; means for receiving, from an access device, a request for information relating to available virtual assets; means for retrieving for each available virtual asset, metadata for the at least one available virtual asset from the data store; means for determining, for at least one said attribute, if the access device meets the at least one physical requirement that has to be met for a virtual asset having that attribute to be accessible via said apparatus and means for processing the retrieved metadata, wherein: when it is determined that the access device meets the at least one physical requirement, the processing comprises applying at least one private cryptographic key associated with that at least one attribute to the retrieved metadata in an attempt to decrypt the retrieved metadata for the at least one available virtual asset and sending the resulting processed metadata to the access device; and when it is determined that the access device does not meet the at least one physical requirement, sending the retrieved metadata to the access device without applying the at least one private cryptographic key associated with that at least one attribute in an attempt to decrypt the retrieved metadata.

The at least one attribute representing a physical requirement that has to be met for a virtual asset having that attribute to be accessible may comprise at least one attribute representing a pre-defined physical location, or group of locations, wherein a device attempting to access the virtual asset must be located in the pre-defined physical location, or at least one of the group of locations, in order for the physical requirement to be met.

The means for determining may be configured to determine, for at least one said attribute, if the access device meets the at least one physical requirement that has to be met for a virtual asset having that attribute to be accessible via said apparatus by: sending, to apparatus for providing information on access devices, a request for information identifying any access devices that meet the at least one physical requirement; and receiving, from the apparatus for providing information on access devices, the requested information identifying any access devices that meet the at least one physical requirement.

In one aspect of the invention there is provided an access device for accessing virtual assets in a system for managing virtual assets, the device comprising: means for sending, to apparatus for providing access to virtual assets, a request for information relating to available virtual assets; and means for receiving, for each virtual asset available via the apparatus, respective metadata; wherein at least one asset for which metadata is received has an associated attribute representing at least one physical requirement that has to be met for that virtual asset to be accessible; wherein when the access device does not meet the at least one physical requirement that has to be met for a particular virtual asset having an associated attribute to be accessible, the received metadata for that particular virtual asset is encrypted with a public cryptographic key associated with that corresponding attribute; and wherein when the access device does meet the at least one physical requirement that has to be met for a particular virtual asset having an associated attribute to be accessible, the received metadata for that particular virtual asset is not encrypted with the public cryptographic key associated with that corresponding attribute.

The received metadata for at least one available virtual asset may be encrypted with a public cryptographic key associated with the access device, and the access device may be configured to store at least one private cryptographic key corresponding to the public cryptographic key associated with the access device, and for applying the at least one private cryptographic key to decrypt received metadata encrypted with the public cryptographic key associated with the access device.

The apparatus may further comprise means for requesting access to: any virtual asset for which metadata has been received that is not encrypted with a public cryptographic key associated with a corresponding attribute; and/or any virtual asset for which metadata has been received that is encrypted with a public cryptographic key associated with the access device and that has been successfully decrypted by the access device.

In one aspect of the invention there is provided apparatus for providing information about access devices for accessing virtual assets in a system for managing virtual assets, the apparatus comprising: means for receiving, from apparatus for providing access to virtual assets, a request for information identifying any access devices that meet at least one physical requirement that has to be met for a virtual asset to be accessible; means for identifying, in response to the request, any access devices that meet the at least one physical requirement that has to be met for the virtual asset to be accessible; and means for providing to the apparatus for providing access to virtual assets, based on the identification, the requested information identifying any access devices that meet at least one physical requirement that has to be met for a virtual asset to be accessible. In one aspect of the invention there is provided a system for managing virtual assets comprising at least one apparatus for managing the storage of virtual assets, at least one apparatus for providing access to virtual assets, at least one access device for accessing virtual assets, and at least one apparatus for providing information about access devices for accessing virtual assets.

In one aspect of the invention there is provided a method performed by apparatus for managing the storage of virtual assets in a system for managing virtual assets, the method comprising: associating the virtual asset with an attribute representing at least one physical requirement that has to be met for the virtual asset to be accessible; encrypting the virtual asset with a symmetric cryptographic key to produce an encrypted virtual asset; encrypting the symmetric cryptographic key using at least one public cryptographic key, wherein the at least one public cryptographic key comprises a respective public cryptographic key associated with each attribute representing a physical requirement that has to be met for the virtual asset to be accessible; adding the encrypted symmetric cryptographic key to the encrypted virtual asset as encrypted metadata; and storing the encrypted virtual asset to which the corresponding encrypted metadata has been added in a data store.

In one aspect of the invention there is provided a method performed by apparatus for providing access to virtual assets in a system for managing virtual assets, the method comprising: storing at least one private key, each private key being associated with a respective attribute representing at least one physical requirement that has to be met, for a virtual asset that is available via the apparatus and that has that attribute, to be accessible via said apparatus; receiving, from an access device, a request for information relating to available virtual assets; retrieving for each available virtual asset, metadata for the at least one available virtual asset from the data store; determining, for at least one said attribute, if the access device meets the at least one physical requirement that has to be met for a virtual asset having that attribute to be accessible via said apparatus and processing the retrieved metadata, wherein: when it is determined that the access device meets the at least one physical requirement, the processing comprises applying at least one private cryptographic key associated with that at least one attribute to the retrieved metadata in an attempt to decrypt the retrieved metadata for the at least one available virtual asset and sending the resulting processed metadata to the access device; and when it is determined that the access device does not meet the at least one physical requirement, sending the retrieved metadata to the access device without applying the at least one private cryptographic key associated with that at least one attribute in an attempt to decrypt the retrieved metadata.

In one aspect of the invention there is provided a method performed by an access device for accessing virtual assets in a system for managing virtual assets, the method comprising: sending, to apparatus for providing access to virtual assets, a request for information relating to available virtual assets; and receiving, for each virtual asset available via the apparatus, respective metadata; wherein at least one asset for which metadata is received has an associated attribute representing at least one physical requirement that has to be met for that virtual asset to be accessible; wherein when the access device does not meet the at least one physical requirement that has to be met for a particular virtual asset having an associated attribute to be accessible, the received metadata for that particular virtual asset is encrypted with a public cryptographic key associated with that corresponding attribute; and wherein when the access device does meet the at least one physical requirement that has to be met for a particular virtual asset having an associated attribute to be accessible, the received metadata for that particular virtual asset is not encrypted with the public cryptographic key associated with that corresponding attribute.

In one aspect of the invention there is provided a method performed by apparatus for providing information about access devices for accessing virtual assets in a system for managing virtual assets, the apparatus comprising: receiving, from apparatus for providing access to virtual assets, a request for information identifying any access devices that meet at least one physical requirement that has to be met for a virtual asset to be accessible; identifying, in response to the request, any access devices that meet the at least one physical requirement that has to be met for the virtual asset to be accessible; and providing to the apparatus for providing access to virtual assets, based on the identification, the requested information identifying any access devices that meet at least one physical requirement that has to be met for a virtual asset to be accessible.

Aspects of the invention extend to computer program products such as computer readable storage media having instructions stored thereon which are operable to program a programmable processor to carry out a method as described in the aspects and possibilities set out above or recited in the claims and/or to program a suitably adapted computer to provide the apparatus recited in any of the claims. Each feature disclosed in this specification (which term includes the claims) and/or shown in the drawings may be incorporated in the invention independently (or in combination with) any other disclosed and/or illustrated features. In particular but without limitation the features of any of the claims dependent from a particular independent claim may be introduced into that independent claim in any combination or individually.

Embodiments of the invention will now be described by way of example only with reference to the attached figures in which:

Figure 1 is a simplified schematic illustrating, in overview, one implementation of a virtual asset management system;

Figure 2 is a simplified block diagram illustrating the main components of a user device for use in the virtual asset management system shown in Figure 1 ;

Figure 3 is a simplified block diagram illustrating the main components of a reader device for use in the virtual asset management system shown in Figure 1 ;

Figure 4 is a simplified block diagram illustrating the main components of a data store for use in the virtual asset management system shown in Figure 1 ;

Figure 5 is a simplified block diagram illustrating the main components of a key store for use in the virtual asset management system shown in Figure 1 ;

Figure 6 is a simplified block diagram illustrating the main components of a location provider for use in the virtual asset management system shown in Figure 1 ;

Figure 7 is a simplified sequence diagram illustrating a method for placing a virtual asset in the virtual asset management system of Figure 1 ; and

Figure 8 is a simplified sequence diagram illustrating a method for virtual asset discovery and retrieval in the virtual asset management system of Figure 1.

Overview

Figure 1 is a simplified schematic illustrating, in overview, one implementation of a virtual asset management system generally at 100 in which virtual assets 102, in the form of data files (in this example electronic documents), are attributed with one or more specific artificial locations (i.e. they are, in effect, placed into the artificial locations). Each artificial location represents at least one respective real physical location 104-1 , 104-2, 104-3 (or part of such a physical location) within which the virtual assets are virtually, but not necessarily physically, located. In this example, each virtual asset 102 may also be attributed with one or more specific reader devices 106-1 , 106-21 , 106-22, 106-3 (referred to as‘readers’), or groups of such readers 106, on which the virtual asset can be opened successfully.

As seen in Figure 1 the virtual asset management system 100 comprises one or more user devices 108-1 , 108-2 each comprising a respective local software ‘placement’ module 110-1 , 110-2 for‘placing’ protected virtual assets 102’ into the virtual asset management system 100. The virtual asset management system 100 also comprises at least one data store 112 for storing the protected virtual assets 102’ placed into the virtual asset management system 100 by the placement module 110 of a corresponding user device 108. The virtual management system 100 comprises, for each artificial location, corresponding location provision apparatus 114-1 , 114-2, 114-3 (referred to as a location provider) for determining which readers 106, if any, are present at (or absent from) the artificial location. The location provider 114 provides, over a secure wireless or wired communication link, the information on readers 106 that are present at the corresponding physical location 104, to a local key store 116-1 , 116-2, 116-3, associated with the artificial location, and that stores, owns and protects cryptographic keys associated with that location.

Each user device 108 is, in this example a general purpose computational device capable of providing a user with access to data files of the type being placed as virtual assets 102 into the artificial locations available in the system 100.

Each placement module 110, in this example, is an application or‘app’ running on the user device that acts in the manner of a virtual printer driver to allow any data file that can be printed to be placed into the system 100 by using a normal printer dialogue, selecting a ‘virtual printer’ representing the virtual asset management system and then selecting one or more artificial locations representing the physical location 104 (or sub-location thereof) at which the data file is to be made accessible. On selecting the virtual printer the user may also be presented with options to select specific users or associated readers 106 that are allowed to access the data file being printed.

The placement module 110 protects the virtual assets 102 that it places, and associates them with information for restricting access to those virtual assets to any specific devices and to any artificial location(s) attributed to that virtual asset 102. As illustrated by arrow P, each placement module 110 converts a virtual asset 102 that is being placed into the system 100, into a file having a standardized format (which may be specific to the system) and encrypts the resulting standardized data file. The security key required to decrypt the encrypted standardised data file is itself encrypted, by the placement module 110, using a public key associated with any specific devices / device groups allowed to access the virtual asset, and using a public key associated with any location(s) at which the virtual asset 102 is to be made available. The encrypted standardized data file is bound together with metadata including the encrypted security key to form a protected virtual asset 102’ that is then placed into the system 100 as indicated by arrows A and A’.

The data store 112 comprises a data storage technology that is suitable for storing, on request of a placement module 110, the protected virtual assets 102’ placed in the system 100 and to, provide, on request any protected virtual assets 102’ so stored. The data store 112 has the ability to authenticate itself to users and to protect data stored on it from alteration. In this example, in addition to the encrypted virtual asset data 102’, the data store 112 also stores a public key directory 118 including public keys both for the artificial locations forming part of the system 100 and for the devices that can potentially access the virtual assets. Beneficially, however, the data store 112 does not need any additional capability for making the data private, or have the ability to maintain users or permissions (although such functionality is not precluded for example to provide additional layers of security).

Each reader 106 is a dedicated device on which a virtual asset 102, that has been placed in the system 100, can be opened and viewed when that reader 106 is in a physical location 104 corresponding to an artificial location attributed to that virtual asset 102 (assuming the reader 106 is a device, or one of a group of devices, allowed to access that virtual asset 102). The reader 106 may be in the form of an E- ink reader, or the like.

The reader 106 is compatible with the location providers 114 and is able to communicate with a given location provider 114 to allow that location provider 114 to determine the presence and/or relative location of the reader 106. The reader 106 can also communicate with the local key store 116 to send periodically, or in response to a trigger event (such as a user intervention), a discovery message for discovering virtual assets 102 that can be accessed by that reader 106 at that physical location 104. The reader 106 owns and protects its own private key and can decrypt any response(s) to the discovery messages using this private key. When entering a physical location covered by the system 100, a reader 106 receives, from the local key store 116 (depending on the configuration of the system 100) information comprising: a list of available virtual assets 102 in that location 104 (that can be accessed by that reader 106); information representing the last virtual asset 102 (that can be accessed by that reader 106) placed in the system 100 for that location; and/or information representing the last available virtual asset that was accessed using that reader 106 (or by the user of that reader) at that location 104.

The received information is presented via a display of the reader 106 to the user of the reader 106 for selection of an available virtual asset 102 and/or continued accessing of a previously accessed virtual asset 102.

Each location provider 114 for an artificial location comprises a localisation technology that is suitable for identifying the presence of readers 106 in the location that the location provider 114 covers and for determining a relative location for each of the readers 114 that are present. The location provider 114 is able to communicate the determined presence and/or location information securely with the local key store 116 for that artificial location. The components of the location provider 114 are physically secured in place at its physical location 104 to ensure that relative location information that is provided to the key store 116 accurately reflects the position of the reader 106 to which the location information relates.

The precision with which a location provider 114 will need to able to determine a relative location (i.e. in order to provide a required level of overall security and system precision) will be dependent on the requirements of the implementation in question and any localisation technology suitable for meeting the requirements may be used. For example, in the system 100 of Figure 1 , the localisation provider 114 comprises a number of wireless (e.g. Wi-Fi) access points and relative positioning of a given reader 106 is based on the results of measurements of the intensity of the received signal (e.g. received signal strength indication or RSSI measurements) from that reader, at different access points of known location, and trilateration (or multilateration) calculations. It will be appreciated that other forms of localisation (e.g. using time of flight measurements for radio frequency (RF) signals) may be used. Each local key store 116 stores cryptographic keys for the location with which it is associated. The key store 116 is securely connected and paired with the associated location provider 114. The key store 116 is able to store cryptographic secrets internally, use them for cryptographic operations internally whilst making them inaccessible externally. The key store 116 is able to perform asymmetric cryptographic operations.

In operation, when a reader 106 attempts to discover or access documents, the local key store 116 will retrieve a list of virtual assets 102, and their associated metadata, as indicated by arrows B and B’. If the corresponding location provider 114 confirms that the reader 106 is in an artificial location associated with a virtual asset 102, the key store 116 strips out the location encryption layer of the encrypted security key for that virtual asset 102 and provides the metadata comprising a security key protected only with device layer encryption (if used) to the reader 106 attempting discovery. If, on the other hand, the reader 106 is not in the artificial location associated with the virtual asset 102, then the key store 116 will not strip out the location encryption layer of the encrypted security key. The metadata for the protected virtual asset 102’ (with or without its associated location layer security) is provided to the reader 106. Thus, when the reader 106 receives this metadata, the reader 106 can, if necessary, attempt to decrypt the received metadata and security key using its own private security key. If decryption is successful (e.g. because the location layer security has been removed at the key store) the reader 6 thus recovers the original security key used for encrypting the virtual asset and the associated metadata. The reader 106 can then proceed with requesting the protected virtual asset 102’, whose metadata it was able to recover, from the data store and use the recovered symmetric key to decrypt the virtual asset 102. In the case of a document, typically the reader 106 will decrypt the document on a page by page basis so that only one page, the page being read, is decrypted at a time.

In essence, therefore, it can be seen that in the system of Figure 1 virtual assets, such as digital documents or other data files, are each provided with one or more attributes (or properties) normally associated with a physical, rather than a virtual, object. In the system of Figure 1 , for example, at least one physical location is respectively attributed to each virtual asset as an artificial location. A given virtual asset, stored in a data store that is accessible at a number of physical locations, can only be accessed by a user, at the specific physical location(s) attributed to that virtual asset, but not at any of the other physical locations, even though the data store is, itself, accessible at that location.

Apparatus: User Device

Figure 2 is a simplified block diagram illustrating the main components of a user device 108 for use in the virtual asset management system shown in Figure 1. As shown, the user device 108 has a transceiver circuit 202 that is operable to communicate with the virtual asset management system 100, for example by sending data such as protected virtual assets 102’ to, and receiving signals (e.g. confirmation signals) from, the data store 112. The transceiver circuit 202 communicates with the virtual asset management system 100 by means of a network interface 204 which may comprise any suitable interface including an interface that allows wired communication (e.g. via one or more optic fibres and/or telephone lines) and/or wireless communication (via one or more antenna). The user device 108 also has an associated user interface 206 to allow the user to interact with the user device 108, for example to select and place documents into the virtual asset management system 100.

The user device 108 has a controller 208 (for example comprising a microcontroller, microprocessor central processing unit or the like) to control the operation of the user device 108. The controller 208 is associated with a memory 210 and is coupled to the transceiver circuit 202. Although not necessarily required for its operation, the user device 108 might of course have all the usual functionality of a conventional computer or smart phone and this may be provided by any one or any combination of hardware, software and firmware, as appropriate. Software may be pre-installed in the memory 210 and/or may be downloaded via a communications network (such as the internet) or from a removable data storage device (RMD), for example.

The controller 208 is configured to control overall operation of the user device 108 by, in this example, program instructions or software instructions stored within memory 210. As shown, these software instructions include, among other things, an operating system 212, a communications control module 214, a virtual asset management module 216, an output module 218, a key management module 220, and the placement module 110.

The communications control module 214 is operable to control the communication between the user device 108 and other communication entities either forming part of the virtual asset management system 100 or external to it. The virtual asset management module 216 manages virtual assets 102 and may have functionality including, for example, the creation, editing, viewing and/or handling of virtual assets 102, such as electronic documents or other such data files. The virtual asset management module 216 is capable of decoding and rendering the required format for the virtual asset 102 and for outputting the rendered document for printing (or possibly other forms of output for a data file, such an audio-visual file, which cannot readily be printed). Where the virtual asset is an electronic document, the virtual asset management module 216 may, for example, comprise the features of a conventional word processor, electronic document viewer or the like.

The output module 218 manages the output of virtual assets 102, such as electronic documents, from the virtual asset management module 216 to a real or virtual printer (or other suitable real or virtual output device). The output module 218 provides the user with appropriate options for outputting the virtual asset such as conventional printing options or the like. The output module 218 also provides the user with a list of available real or virtual output devices (in this example printers) including at least one virtual output device representing the virtual asset management system 100 and/or each of the artificial locations forming part of the virtual asset management system 100.

The key management module 220 forms part of the placement module 110 and manages the generation of random symmetric keys for use in encrypting the virtual assets 102. The key management module 220 also manages, when required, the retrieval, by the placement module 110, of public keys for artificial locations and reader devices 106 from the key directory 118 of the data store 112.

The placement module 110 manages the details of the virtual output devices representing artificial locations forming part of the virtual asset management system 100 and provides this information, when required, to the output module 218. It will be appreciated that to allow a virtual asset to be made generally available at all locations, one of these virtual output devices may represent all available artificial locations (or more simply no location based encryption). When one of these virtual output devices is selected, for output, via the output module 216 the placement module protects the virtual assets 102 and places them in the virtual asset system 100 generally as described with reference to Figure 1.

In particular the placement module 110 allows the user to select any user devices to which access should be restricted and manages the encryption of the virtual asset 102 using a symmetric key generated by the key management module 220. The placement module 102 generates metadata for the virtual asset 102, comprising the symmetric key used to encrypt the virtual asset, and handles encryption of that symmetric key, if required, with the public key associated with any specific device(s) to which access to the virtual asset is to be restricted. The placement module 102 also handles encryption of the metadata, including the symmetric key, if required, with the public key associated with any specific artificial location(s) to which access to the virtual asset is to be restricted. The placement module 110 also manages communication with the data store 112 to place the virtual assets in the data store 112, to obtain confirmation at the user device 108 of successful placement, and to provide that confirmation to the user.

Apparatus: Reader Device

Figure 3 is a simplified block diagram illustrating the main components of a reader device 106 for use in the virtual asset management system shown in Figure 1. As shown, the reader device 106 has a transceiver circuit 302 that is operable to communicate with the virtual asset management system 100, for example by sending discovery requests to, and receiving signals (e.g. carrying virtual asset data) from, a key store 116. The transceiver circuit 302 communicates with other entities of the virtual asset management system 100 by means of at least one interface 304 which may comprise any suitable interface including an interface that allows wired communication (e.g. via one or more optic fibres and/or telephone lines) and/or wireless communication (via one or more antenna).

The reader device 106 also has an associated user interface 306 to allow the user to interact with the user device 108, for example to select virtual assets 102 for retrieval from the virtual management system 100 and to view a selected virtual asset 102 (that the reader 106 it is allowed to view in that location).

The reader device 106 has a controller 308 (for example comprising a microcontroller, microprocessor central processing unit or the like) to control the operation of the user device 106. The controller 308 is associated with a memory 310 and is coupled to the transceiver circuit 302. Although not necessarily required for its operation, the reader device 106 might of course have other functionality associated with a conventional computer, smart phone or the like and this may be provided by any one or any combination of hardware, software and firmware, as appropriate. Software may be pre-installed in the memory 310 and/or may be downloaded via a communications network (such as the internet) or from a removable data storage device (RMD), for example.

The controller 308 is configured to control overall operation of the reader device 106 by, in this example, program instructions or software instructions stored within memory 310. As shown, these software instructions include, among other things, an operating system 312, a communications control module 314, a virtual asset management module 316, a discovery management module 318, a key management module 320 and a decryption module 322.

The communications control module 314 is operable to control the communication between the user device 106 and other communication entities either forming part of the virtual asset management system 100 or external to it.

The virtual asset management module 316 manages the viewing of virtual assets 102, such as electronic documents or other such data files. The virtual asset management module 316 is capable of rendering the required format for the virtual asset 102 for outputting via the user interface 306. Where the virtual asset is an electronic document, the virtual asset management module 316 may, for example, comprise the features of a conventional electronic document viewer or the like. The virtual asset management module 316 handles the identification of virtual assets that are available for viewing at the location in which the reader 106 is located, based on information received from the key store 116, and for providing lists of accessible virtual assets to the user via the user interface 306. The virtual asset management module 316 also manages the retrieval of protected virtual assets 102’ that are accessible, from the document store 112, when requested to do so by a user.

The discovery management module 318 manages the generation of discovery requests, when the reader 106 is turned on, for identifying virtual assets available in a given location. The discovery management module 318 also manages the generation of random ‘one use’ identifiers (or nonces) which are used for identification of the reader 106. When the reader is within the vicinity of a location provider 114, a nonce is generated signed and provided to the location provider 114. Thus the location provider 114 can identify the nonce of each reader device within a given artificial location and provide the nonce of each reader device to the key store 116. The discovery management module 318 includes a current nonce for the reader 106 in each discovery request to enable the key store 116 to establish, via communication with the corresponding location provider 114, if a given discovery request comes from a reader device that is identified by the location provider 114 to be in a given artificial location.

The key management module 320 manages the reader specific private keys that may be used by the reader to decrypt the symmetric key that was used to encrypt virtual assets (that the reader device is allowed to access).

The decryption module 322 performs decryption of the symmetric key that was used to encrypt virtual assets (that the reader device is allowed to access) and uses the symmetric key obtained in this way to decrypt the associate virtual asset 102.

Apparatus: Data Store

Figure 4 is a simplified block diagram illustrating the main components of a data store 112 for use in the virtual asset management system shown in Figure 1. As shown, the data store 112 has a transceiver circuit 402 that is operable to communicate with the virtual asset management system 100, for example by receiving data such as protected virtual assets 102’ from, and sending signals (e.g. confirmation signals) to, a user device 108 and by communicating with a key store 116 to provide protected virtual assets 102’ (or metadata related to them) to the key store 116. The transceiver circuit 402 communicates with the virtual asset management system 100 by means of a network interface 404 which may comprise any suitable interface including an interface that allows wired communication (e.g. via one or more optic fibres and/or telephone lines) and/or wireless communication (via one or more antenna).

The data store 112 has a controller 408 (for example comprising a microcontroller, microprocessor central processing unit or the like) to control the operation of the data store 112. The controller 408 is associated with a memory 410 and is coupled to the transceiver circuit 402. Although not necessarily required for its operation, the data store 112 might of course have other functionality of a conventional computer such as a user interface and this may be provided by any one or any combination of hardware, software and firmware, as appropriate. Software may be pre-installed in the memory 410 and/or may be downloaded via a communications network (such as the internet) or from a removable data storage device (RMD), for example.

The controller 408 is configured to control overall operation of the data store 112 by, in this example, program instructions or software instructions stored within memory 410. As shown, these software instructions include, among other things, an operating system 412, a communications control module 414, a virtual asset management module 416, virtual asset storage 418, and public key storage 420.

The communications control module 214 is operable to control the communication between the data store 112 and other communication entities either forming part of the virtual asset management system 100 or external to it.

The virtual asset management module 416 manages the reception of protected virtual assets 102’ from user devices 108, the storage of those protected virtual assets 102’, and the provision of stored protected virtual assets 102’ (and/or metadata relating to the stored protected virtual assets 102’) to the key stores 116. The virtual asset management module 416 stores the protected virtual assets 102’ in the virtual asset storage 418.

The key storage 420 stores the public key directory 118 of public keys for artificial locations and reader devices.

Apparatus: Key Store

Figure 5 is a simplified block diagram illustrating the main components of a key store 116 for use in the virtual asset management system shown in Figure 1. As shown, the key store 116 has a transceiver circuit 502 that is operable to communicate with the virtual asset management system 100, for example by receiving data such as protected virtual assets 102’ (or metadata related to them) from, and sending signals to, the data store 112 and by communicating with a reader device 106 to provide protected virtual assets 102’ (or metadata related to them) to the reader device 106. The transceiver circuit 502 communicates with the reader devices of the virtual asset management system 100 by means of a reader interface 502 and with other entities of the virtual asset management system 100 by means of a network interface 504. The interfaces 502/504 may comprise any suitable interface including an interface that allows wired communication (e.g. via one or more optic fibres and/or telephone lines) and/or wireless communication (via one or more antenna).

The key store 116 has a controller 508 (for example comprising a microcontroller, microprocessor central processing unit or the like) to control the operation of the key store 116. The controller 508 is associated with a memory 510 and is coupled to the transceiver circuit 502. Although not necessarily required for its operation, the key store 508 might of course have other functionality of a conventional computer such as a user interface and this may be provided by any one or any combination of hardware, software and firmware, as appropriate. Software may be pre-installed in the memory 510 and/or may be downloaded via a communications network (such as the internet) or from a removable data storage device (RMD), for example.

The controller 508 is configured to control overall operation of the key store 116 by, in this example, program instructions or software instructions stored within memory 510. As shown, these software instructions include, among other things, an operating system 512, a communications control module 514, a virtual asset management module 516, a discovery management module 518, a key management module 520 and a decryption module 522.

The communications control module 514 is operable to control the communication between the key store 116 and other communication entities either forming part of the virtual asset management system 100 or external to it.

The virtual asset management module 516 manages the retrieval of metadata for protected virtual assets 102’ from the data store 112. The virtual asset management module 516 also manages the provision of metadata for the protected virtual assets 102’ to the reader devices 106.

The discovery management module 518 manages the receipt and handling of discovery requests from the reader devices 106 and for providing the information identifying virtual assets available at the artificial location(s) associated with the key store 116 to the reader devices 106. The discovery management module 518 also manages the retrieval of information identifying devices located in the artificial location(s) associated with the key store 116 from the location provider 114.

The key management module 520 manages the location specific private keys. The decryption module 522 performs the decryption of the symmetric key that was used to encrypt virtual assets, to the extent that the symmetric key was encrypted with a corresponding location specific public key, in order to strip any location layer encryption from the symmetric key before the resulting decrypted virtual asset data (which may comprise a symmetric key that is still encrypted with device level encryption) is provided to a reader device 106 that is performing discovery.

Apparatus: Location Provider

Figure 6 is a simplified block diagram illustrating the main components of a location provider 114 for use in the virtual asset management system shown in Figure 1. As shown, the location provider 114 has a transceiver circuit 602 that is operable to communicate with the virtual asset management system 100, for example by receiving requests for information on devices in the artificial location(s) associated with the location provider 114 from, and by providing the requested information to an associated key store 116. The location provider 114 may also receive, from a reader device 106 in the vicinity, an associated nonce to allow the reader device 106 to be identified to the key store 116. The transceiver circuit 602 communicates with the key store of the virtual asset management system 100 and possibly with other entities of the virtual asset management system 100 by means of a network interface 604. The interface 604 may comprise any suitable interface including an interface that allows wired communication (e.g. via one or more optic fibres and/or telephone lines) and/or wireless communication (via one or more antenna).

The key store 116 has a controller 608 (for example comprising a microcontroller, microprocessor central processing unit or the like) to control the operation of the location provider 114. The controller 608 is associated with a memory 610 and is coupled to the transceiver circuit 602. Although not necessarily required for its operation, the location provider 114 might of course have other functionality of a conventional computer such as a user interface and this may be provided by any one or any combination of hardware, software and firmware, as appropriate. Software may be pre-installed in the memory 610 and/or may be downloaded via a communications network (such as the internet) or from a removable data storage device (RMD), for example.

The controller 608 is configured to control overall operation of the location provider 114 by, in this example, program instructions or software instructions stored within memory 610. As shown, these software instructions include, among other things, an operating system 612, a communications control module 614, a localisation module 616 and a discovery management module 618.

The communications control module 614 is operable to control the communication between the location provider 114 and other communication entities either forming part of the virtual asset management system 100 or external to it.

The localisation module 616 manages localisation of the reader devices 106, for example by performing trilateration based on the measurement of signals received from the reader devices 106 at three or more wireless access points of known location. The discovery management module 618 manages the receipt and handling of discovery requests from an associated key store 116 to request a list of devices in the artificial location(s) associated with the location provider 114. The discovery management module 618 also manages the retrieval of information identifying devices located in the artificial location(s) associated with the location provider 114 and the provision of the information to the associated key store 116.

Operation: Document Placement

Figure 7 is a simplified sequence diagram illustrating, by way of example only, a method of placing a virtual asset, such as a document, in the virtual asset management system 100 of Figure 1.

In the method of Figure 1 , a user first accesses a user device 108 via the user interface 206. The user opens a desired document or other data file in a software application capable of decoding and rendering the required data file format and of printing the rendered data file (or outputting it in another appropriate manner). The user uses an associated printer dialogue to select a virtual printer representing the virtual asset management system 100. The user is presented with a dialogue box to enter artificial location(s) where the document is to be made available and any reader device(s) 106 to which access is restricted. The user selects the required artificial location(s) and any reader device(s) 106 and initiates placement (‘printing’) of the data file in the virtual asset management system 100 virtually at the artificial locations and virtually on the selected reader(s) 106 by confirming the selections. This generates, at S700, an appropriately formatted command instructing the placement module 110 to place the virtual asset in the virtual asset management system 100.

At S702, the placement module 110 encodes the data file to be placed in the virtual asset management system 100 into a unified file format and encrypts it using a symmetric key that is randomly generated at the placement module 110. At S704 the placement module 110 requests, from the data store 112, public keys for the artificial location(s) and/or reader device(s) at which the virtual asset is to be available. At S706 the data store 112 returns the requested public keys from its public key directory 118.

At S708 the placement module 110 encrypts the symmetric key with any public key(s) of the selected device(s), if required. At S710 the placement module 110 encrypts the result of S708 with any public key(s) of the selected location(s), if required. At S712 the encrypted symmetric key is attached to the encrypted virtual asset as part of that virtual asset’s metadata. The resulting protected asset is then sent to the data store 112, as S714, where the protected virtual asset is stored at S716.

Successful storage of the virtual asset is confirmed to the placement module at S718 and this confirmation is relayed to the user interface 206, at S720 which displays, at S722 an appropriate confirmation message to the user.

Operation: Document Discovery and Retrieval

Figure 8 is a simplified sequence diagram illustrating, by way of example only, a method of virtual asset discovery and retrieval in the virtual asset management system 100 of Figure 1.

The procedure begins when a user and turns on their reader device 106. It will be appreciated that the user, together with their reader device 106, may be physically present in a physical location represented by an artificial location of the virtual asset management system or may be at some remote location. The reader device 106 issues, S800, a discovery request to a key store 116, with a randomly generated identifier (nonce), to request discovery of virtual assets 102 available in that artificial location. Since the request may come from a reader device 106 may not be physically present in a physical location corresponding to the artificial location with which the key store 116 receiving the request is associated, the key store 116 requests, at S802, a list of devices (each identified by its respective nonce) present in that artificial location from the location provider 114 (i.e. a list of those reader devices 106 that have provided a signed version of their current nonce to that location provider 114 to confirm their presence). Substantially at the same time, the key store 116 requests, at S804, a list of available virtual assets 102 and their associated metadata, from the data store 112.

If the nonce of the requesting reader device is not present in the artificial location then procedure A in Figure 8 is followed. If the nonce of the requesting reader device is present in the artificial location then procedure B in Figure 8 is followed.

The location provider performs, at S805, a discovery procedure to discover the respective nonce of each reader device 106 in the artificial location and provides the information, at S806-1 or S806-2, to the key store 116. The data store 112 prepares the list of available assets and associated metadata and provides it to the key store 116 at S808-1 or S808-2. The requested list may be sorted appropriately e.g. in reverse chronological or some other order.

If the nonce of the requesting reader device is present then, at S810, the key store 116 passes the encrypted symmetric key data contained in the document metadata received from the data store 112 through a decryption algorithm to decrypting the location layer encryption with the corresponding private key (if location layer encryption is present). The key store 116 then provides the decrypted information to the reader device 106 responsive to the reader device’s original discovery request as S812-2. Contrastingly, if the nonce of the requesting reader device 106 is not present then the key store 116 simply passes the document metadata unchanged to the reader device 106 at S812-1.

In either case, the reader device 106 applies, at S814, its own private key to the received metadata, if needed. Hence, if decryption is successful, it is able to retrieve the document encryption symmetric key and read the associated metadata.

The reader device can then proceed to request, from the data store 112, a virtual asset whose metadata it was able to successfully decrypt and uses the symmetric key recovered as S814 to decrypt the first page of the document and hence render its context for the user to read. The reader device repeats this step every time the user switches to the next page.

In this way, therefore, the when the reader device 106 is physically present in a physical location represented by the artificial location with which the key store 116 is associated it can access documents that are restricted to that artificial location (e.g. documents that are encrypted with the key corresponding to that artificial location) and documents for which there is no location restriction (e.g. for which there no location based encryption) assuming, of course, that those documents are not otherwise restricted in a manner inaccessible to that reader device.

When the reader device 106 is not physically present in a physical location represented by the artificial location with which the key store 116 is associated it cannot access documents that are restricted to that artificial location even if it would otherwise be able to access that document (e.g. the symmetric key does not have another layer of encryption or is only encrypted in a manner that the reader device 106 can decrypt). Thus, the reader device 106 can only access documents for which there is no location restriction and for which the symmetric key does not have another layer of encryption that the reader device 106 cannot decrypt. Summary

It can be seen, therefore, that the virtual asset management system described has the potential to provide an efficient and secure method of distributing data. The virtual asset management system has the potential, for example, to allow virtual assets to be experienced as ‘physical things’ - for example in the manner of borrowing a video tape or passing someone a document to sign. Bringing back some of these physical constraints helps create the sense of the virtual objects as things in the physical world.

The virtual asset management system allows assets to be managed by physical location and/or reader device and could be adapted to many applications based on this feature including, for example: as a virtual bookstore; as a virtual library for eBook distribution with access books only in a given location (e.g. a specified public space, a workplace for training, a school, a university or the like); in-transit magazine and entertainment (restricted to access in a specific vehicle); provision of location specific information, such as airport information, direct to a smartphone, as you enter the location; provision of relative location specific information, such as exhibit information in a museum/art gallery, with the information being attached to the exhibit itself etc.

Modifications and alternatives

It will be appreciated that whilst it is particularly beneficial to attribute a physical location to a virtual asset as an artificial location, one or more other physical properties may be attributed to the document in addition to (or instead of) a geographic location using a similar layered encryption based technique to that described for physical locations.

For example, each virtual asset may alternatively or additionally be attributed with a physical time based attribute such as: a start time after which an inaccessible virtual asset becomes accessible; an end (or‘expiry’) time after which an accessible virtual asset becomes inaccessible; a time period (one-off, reoccurring a limited number of times or reoccurring indefinitely) during which a virtual document is accessible (or is inaccessible); and a frequency with which the document can be accessed (e.g. number of times per day or per week). Such attributes may be useful, for example, to facilitate: restricted access to commercially sensitive documents outside a designated reviewing time period (e.g. a during a physical or virtual meeting); the automatic virtual return of a borrowed document / multimedia asset after a designated borrowing period has expired; virtual opening times for a specialist reading room in a virtual library; a seller of multimedia or similar digital products providing of a short‘taster’ time period during which a potential purchaser can have ‘full’ access to the product; the automatic expiry of older virtual assets (e.g. technical manuals / regulatory documents) to avoid the inadvertent use of out-of-date documents; etc.

In these examples the symmetric key (e.g. forming part of metadata) of the virtual asset may be encrypted with a public key that is associated with the physical time based attribute. The key store (or an equivalent device) may attempt to decrypt the symmetric key (and other metadata) using a time based private key that will only result in successful encryption if the current time represents a time at which the physical time based attribute indicates the virtual asset should be accessible.

Each virtual asset may alternatively or additionally be attributed with a physical user based attribute of a user such as a biometric based attribute (e.g. a fingerprint, an iris pattern) or an attribute based on a chip implanted in the user or forming part of a device owned by the user. Such attributes may be useful, for example, to facilitate restricting access to a virtual asset to when the user is physically present (e.g. an advisor’s access to the medical records of the user) without the need for a user to remember a password or the like.

In these examples the symmetric key (e.g. forming part of metadata) of the virtual asset may be encrypted with a public key that is associated with the user based attribute. In the case of a biometric attribute, the key store (or an equivalent device) may be able to generate (or otherwise obtain) the corresponding private key based when the user provides the physical attribute as an input to the key store (e.g. by placing a finger on (or an eye in front of) an appropriate biometric reader device). In this example, the key store (or equivalent device) may be owned by the user to which the attribute relates (e.g. it may be the chip implanted in the user or forming part of a device owned by the user.

It will be appreciated that a reader device may receive metadata for multiple virtual assets only some of which it is able to successfully decrypt and display. It will be appreciated that even when a reader device has successfully decrypted and decoded the metadata (e.g. the symmetric key) for one asset, it may continue to attempt to decode the metadata for each virtual asset for which metadata has been received and to display a list of the virtual assets for which metadata was successfully retrieved. The reader device can thus present a user with a list of the virtual assets which the device is able to decrypt and allows the user to make a selection of one of the listed virtual assets. The reader device then requests the selected document from the data store, decrypts it, and displays for the user to read.

It will be appreciated that symmetric keys once decrypted may be associated with a non-alterable lifetime (a predefined time interval after which the symmetric key expires and is permanently deleted from the reader device’s memory - e.g. 1 minute). A specified time before the expiry, the reader device may initiate a key refresh procedure in which it requests the key store to provide the document metadata again (with a newly generated nonce). The key store can then repeat the procedure described with reference to Figure 8 in which it requests a list of present devices from the location provider. Thus, if a current virtual asset being accessed on the reader device is placed at a specified location only, once the reader device leaves that artificial location, the location provider will no longer list its nonce in the present device list, resulting in the key store not stripping the location encryption layer from the document metadata. In such case the reader device will fails to refresh the symmetric key before it expires, resulting in the document becoming inaccessible because the symmetric key is no longer decryptable.

It will be appreciated that, the artificial location(s) attributed to a given virtual asset may represent a fixed geospatial location (e.g. a specific geographic area such as a specific precinct, specific building, specific room of a building or the like) and/or may comprise a specific location that is not necessarily geographically fixed but may move (e.g. a vehicle such as a specific train, specific ship, specific aircraft, specific road vehicle or the like).

It will be appreciated that although the system is described in terms of virtual assets comprising electronic document data files, the system could be adapted to any suitable form of electronic file, for example files representing: image data, audio data, audio-visual data, scientific data, project data, design data, etc. The system could thus be used for virtual assets including, but not limited to, documents, music / sound recordings, video and television and associated data streams, software, photographs, artwork etc.

It will be appreciated, therefore, that the reader devices may be any viewing or listening device capable of reading the data of the virtual asset and presenting it to a user in an appropriate manner (e.g. via a visual display and/or as an audio output). It will be appreciated that a specific virtual asset is attributed may be attributed to a predefined group of artificial locations representing a predetermined group of physical locations (e.g. locations having a common factor such as, for example: being owned by a particular entity such as a company or university; and/or being locations of a specific type such as a library, board room, reading room or the like). Similarly, each specific device to which a virtual asset is attributed may be associated with a specific user or group of users (e.g. users having a common factor such as, for example: a particular seniority level; and/or being a particular user type such as a student, lecturer or the like).

The user devices on which the placement module is provided may comprise any suitable form of user equipment such as, for example: a general purpose personal computer; a smart phone; a machine type communication (MTC), narrowband (NB) and/or internet of things (loT) device; a dedicated computer; etc.

In the above embodiments, a number of software modules were described. As those skilled in the art will appreciate, the software modules may be provided in compiled or un-compiled form and may be supplied to the devices as a signal over a computer network, or on a recording medium. Further, the functionality performed by part or all of this software may be performed using one or more dedicated hardware circuits. For example, although a software placement module has been described it will be understood that the placement module could be implemented using dedicated hardware or a mixture of dedicated hardware and software. It will be appreciated that although the placement module is described as being part of the user device it could be implemented as part of a separate dedicated entity to which the user device has to be connected, either wirelessly or by a wired connection, in order to place virtual assets in the system.

Various other modifications will be apparent to those skilled in the art and will not be described in further detail here.

Claims

Claims

1. Apparatus for managing the storage of virtual assets in a system for managing virtual assets, the apparatus comprising: means for associating the virtual asset with an attribute representing at least one physical requirement that has to be met for the virtual asset to be accessible; means for encrypting the virtual asset with a symmetric cryptographic key to produce an encrypted virtual asset; means for encrypting the symmetric cryptographic key using at least one public cryptographic key, wherein the at least one public cryptographic key comprises a respective public cryptographic key associated with each attribute representing a physical requirement that has to be met for the virtual asset to be accessible; means for adding the encrypted symmetric cryptographic key to the encrypted virtual asset as encrypted metadata; and means for storing the encrypted virtual asset to which the corresponding encrypted metadata has been added in a data store.

2. Apparatus as claimed in claim 1 wherein the at least one attribute representing a physical requirement that has to be met for the virtual asset to be accessible comprises at least one attribute representing a pre-defined physical location, or group of locations, wherein a device attempting to access the virtual asset must be located in the pre-defined physical location, or at least one of the group of locations, in order for the physical requirement to be met.

3. Apparatus as claimed in claim 1 or 2 wherein the at least one attribute representing a physical requirement that has to be met for the virtual asset to be accessible comprises at least one attribute representing a designated device, or a set of designated devices, wherein a device attempting to access the virtual asset must be the designated device, or one of the set of designated devices, in order for the physical requirement to be met.

4. Apparatus as claimed in claim 1 , 2 or 3 wherein the at least one attribute representing a physical requirement that has to be met for the virtual asset to be accessible comprises at least one attribute representing a timing, wherein an attempt to access the virtual asset must be made in accordance with the timing in order for the physical requirement to be met.

5. Apparatus as claimed in any preceding claim wherein the symmetric key is randomly generated symmetric key.

6. Apparatus as claimed in any preceding claim wherein the means for encrypting the symmetric cryptographic key is configured to retrieve the at least one public cryptographic key from the data store (e.g. a data store that is located remotely from the apparatus).

7. Apparatus as claimed in any preceding claim wherein the means for encrypting the symmetric cryptographic key is configured to encrypt the symmetric cryptographic key using a plurality of public cryptographic keys, wherein each of the public cryptographic keys is associated with a different respective attribute representing a physical requirement that has to be met for the virtual asset to be accessible.

8. Apparatus as claimed in any preceding claim wherein the apparatus forms part of user equipment (e.g. a smart phone, personal computer, laptop computer, tablet computer or the like).

9. Apparatus for providing access to virtual assets in a system for managing virtual assets, the apparatus comprising: means for storing at least one private key, each private key being associated with a respective attribute representing at least one physical requirement that has to be met, for a virtual asset that is available via the apparatus and that has that attribute, to be accessible via said apparatus; means for receiving, from an access device, a request for information relating to available virtual assets; means for retrieving for each available virtual asset, metadata for the at least one available virtual asset from the data store; means for determining, for at least one said attribute, if the access device meets the at least one physical requirement that has to be met for a virtual asset having that attribute to be accessible via said apparatus and means for processing the retrieved metadata, wherein: when it is determined that the access device meets the at least one physical requirement, the processing comprises applying at least one private cryptographic key associated with that at least one attribute to the retrieved metadata in an attempt to decrypt the retrieved metadata for the at least one available virtual asset and sending the resulting processed metadata to the access device; and when it is determined that the access device does not meet the at least one physical requirement, sending the retrieved metadata to the access device without applying the at least one private cryptographic key associated with that at least one attribute in an attempt to decrypt the retrieved metadata.

10. Apparatus as claimed in claim 9 wherein the at least one attribute representing a physical requirement that has to be met for a virtual asset having that attribute to be accessible comprises at least one attribute representing a pre-defined physical location, or group of locations, wherein a device attempting to access the virtual asset must be located in the pre-defined physical location, or at least one of the group of locations, in order for the physical requirement to be met.

11. Apparatus as claimed in claim 9 or 10 wherein the means for determining is configured to determine, for at least one said attribute, if the access device meets the at least one physical requirement that has to be met for a virtual asset having that attribute to be accessible via said apparatus by: sending, to apparatus for providing information on access devices, a request for information identifying any access devices that meet the at least one physical requirement; and receiving, from the apparatus for providing information on access devices, the requested information identifying any access devices that meet the at least one physical requirement.

12. An access device for accessing virtual assets in a system for managing virtual assets, the device comprising: means for sending, to apparatus for providing access to virtual assets, a request for information relating to available virtual assets; and means for receiving, for each virtual asset available via the apparatus, respective metadata; wherein at least one asset for which metadata is received has an associated attribute representing at least one physical requirement that has to be met for that virtual asset to be accessible; wherein when the access device does not meet the at least one physical requirement that has to be met for a particular virtual asset having an associated attribute to be accessible, the received metadata for that particular virtual asset is encrypted with a public cryptographic key associated with that corresponding attribute; and wherein when the access device does meet the at least one physical requirement that has to be met for a particular virtual asset having an associated attribute to be accessible, the received metadata for that particular virtual asset is not encrypted with the public cryptographic key associated with that corresponding attribute.

13. Apparatus as claimed in claim 12 wherein the received metadata for at least one available virtual asset is encrypted with a public cryptographic key associated with the access device, and wherein the access device is configured to store at least one private cryptographic key corresponding to the public cryptographic key associated with the access device, and for applying the at least one private cryptographic key to decrypt received metadata encrypted with the public cryptographic key associated with the access device.

14. Apparatus as claimed in claim 12 or 13 further comprising means for requesting access to: any virtual asset for which metadata has been received that is not encrypted with a public cryptographic key associated with a corresponding attribute; and/or any virtual asset for which metadata has been received that is encrypted with a public cryptographic key associated with the access device and that has been successfully decrypted by the access device.

15. Apparatus for providing information about access devices for accessing virtual assets in a system for managing virtual assets, the apparatus comprising: means for receiving, from apparatus for providing access to virtual assets, a request for information identifying any access devices that meet at least one physical requirement that has to be met for a virtual asset to be accessible; means for identifying, in response to the request, any access devices that meet the at least one physical requirement that has to be met for the virtual asset to be accessible; and means for providing to the apparatus for providing access to virtual assets, based on the identification, the requested information identifying any access devices that meet at least one physical requirement that has to be met for a virtual asset to be accessible.

16. A system for managing virtual assets comprising at least one apparatus for managing the storage of virtual assets according to any of claims 1 to 8, at least one apparatus for providing access to virtual assets according to any of claims 9 to 11 , at least one access device for accessing virtual assets according to any of claims 12 to 14, and at least one apparatus for providing information about access devices for accessing virtual assets according to claim 15.

17. A method performed by apparatus for managing the storage of virtual assets in a system for managing virtual assets, the method comprising: associating the virtual asset with an attribute representing at least one physical requirement that has to be met for the virtual asset to be accessible; encrypting the virtual asset with a symmetric cryptographic key to produce an encrypted virtual asset; encrypting the symmetric cryptographic key using at least one public cryptographic key, wherein the at least one public cryptographic key comprises a respective public cryptographic key associated with each attribute representing a physical requirement that has to be met for the virtual asset to be accessible; adding the encrypted symmetric cryptographic key to the encrypted virtual asset as encrypted metadata; and storing the encrypted virtual asset to which the corresponding encrypted metadata has been added in a data store.

18. A method performed by apparatus for providing access to virtual assets in a system for managing virtual assets, the method comprising: storing at least one private key, each private key being associated with a respective attribute representing at least one physical requirement that has to be met, for a virtual asset that is available via the apparatus and that has that attribute, to be accessible via said apparatus; receiving, from an access device, a request for information relating to available virtual assets; retrieving for each available virtual asset, metadata for the at least one available virtual asset from the data store; determining, for at least one said attribute, if the access device meets the at least one physical requirement that has to be met for a virtual asset having that attribute to be accessible via said apparatus and processing the retrieved metadata, wherein: when it is determined that the access device meets the at least one physical requirement, the processing comprises applying at least one private cryptographic key associated with that at least one attribute to the retrieved metadata in an attempt to decrypt the retrieved metadata for the at least one available virtual asset and sending the resulting processed metadata to the access device; and when it is determined that the access device does not meet the at least one physical requirement, sending the retrieved metadata to the access device without applying the at least one private cryptographic key associated with that at least one attribute in an attempt to decrypt the retrieved metadata.

19. A method performed by an access device for accessing virtual assets in a system for managing virtual assets, the method comprising: sending, to apparatus for providing access to virtual assets, a request for information relating to available virtual assets; and receiving, for each virtual asset available via the apparatus, respective metadata; wherein at least one asset for which metadata is received has an associated attribute representing at least one physical requirement that has to be met for that virtual asset to be accessible; wherein when the access device does not meet the at least one physical requirement that has to be met for a particular virtual asset having an associated attribute to be accessible, the received metadata for that particular virtual asset is encrypted with a public cryptographic key associated with that corresponding attribute; and wherein when the access device does meet the at least one physical requirement that has to be met for a particular virtual asset having an associated attribute to be accessible, the received metadata for that particular virtual asset is not encrypted with the public cryptographic key associated with that corresponding attribute.

20. A method performed by apparatus for providing information about access devices for accessing virtual assets in a system for managing virtual assets, the apparatus comprising: receiving, from apparatus for providing access to virtual assets, a request for information identifying any access devices that meet at least one physical requirement that has to be met for a virtual asset to be accessible; identifying, in response to the request, any access devices that meet the at least one physical requirement that has to be met for the virtual asset to be accessible; and providing to the apparatus for providing access to virtual assets, based on the identification, the requested information identifying any access devices that meet at least one physical requirement that has to be met for a virtual asset to be accessible.

21. A computer program product comprising instructions which, when the program is executed by a computer, cause the computer to carry out the method of any of claims 17 to 20.