Title of Invention

METHOD AND SYSTEM FOR OPERATING A COMPUTER NETWORK WHICH IS INTENDED FOR CONTENT PUBLISHING

Abstract

The invention relates to a method of operating a computer network which consists of a plurality of computer servers and at least one client terminal comprising a specific computer software program for consulting digital pages and which connects at least two different entities, namely: a rights management system and one or more network operators. The invention is characterised in that it comprises the following steps: a first step involving the initialisation of the computer network using two digital documents signed by the rights manager with a root key, one of said documents being a digital certificate of the network; a step involving the identification of the topology of the network, which results in, for example, the production of a list of servers L1 and the recording of a digital document containing list L1, said digital document being signed by the network operator using a network key; a step involving the resolution of an address using an address lookup server; and a step in which the above-mentioned specific software program is used in order to consult computer objects hosted on the server(s) specified in the address parameters. According to the invention, the digital certificate from the aforementioned computer network initialisation step contains administrative and technical information which enables the user to access the network, the technical information containing, for example, the public part of the network key. The invention also relates to a system for carrying out said method.

Full Text

METHOD AND SYSTEM FOR OPERATION OF A COMPUTER NETWoRK INTENDED FOR THE PUBLICATION OF CONTENT This invention relates -to the domain of Informtion and Communication Technologies. This invention is most particularly related to the domain of content publication. Prior art has already disclosed an elect -onic multimedia data publishing system as described in p itent application PCT WO 01/95147 (STG Interactive SA) , comprising a server connected to a computer network and a number of host terminals connected to the computer network, the server including a database where in are stored digital files containing descriptors of multimedia pages and a software program which manages the data base and exchanges with the host terminals, the host termLinals being equipped with a random access memory to tempoiarily store digital files downloaded from the server da1 abase and a consultation program to visually display files in accordance with descriptors of a downloaded page, wherein selected digital files include descriptors with at least two visual display modes of the same digital file. The FSDL (Frogans Slide Description Languag ) is also a well known easy-to-use XML language that can be used to develop and publish content and manipulate Frogans type computer objects (registered trademark of STG Interactive SA). One fundamental technical problem in the implementation and management of a computer network is to identify the topology of servers and lookup of addresses. The conventional DNS (Domain Name System has demonstrated its reliability and robustness over many years. However, this system is not designed so that advanced functions can easily be added to it, particularly concerning descriptions of content and heir accessibility- Its main function is the lookup of addresses. This invention is intended to overcome the disadvantages of prior art by proposing a technical mmethod for the operation of a computer network that is particularly suitable for the publication of conten . and particularly consulting of computer objects. This IT ithod and the associated system have many advantages coreared •with what is known in prior art. In particular the mmethod according to the invention has many advanced functions. Although systems for publication of conventional digital files (for example of Web type) have a free, obscure and almost anarchic organization, the it mmethod according to the invention provides a means of obtaining clear referencing and precise naming of the content. The use of a computer network using the mmethod according to the invention enables distributors to have better control over the content that they publish, and distribution of this content- For example, a user could access a descriptive file of a content before loading this ccntent from the server to his specific consultation prc gram, which helps to optimize network resources. At least three levels of very important adva3 tages of this invention can be immediately distinguished: • User access Descriptors can be used for example to indicate whether or not the content is on line, whether or not a filter is present to protect minors from a c ntent specifically aimed at adults, and the mmethod by which the users should authenticate themselves to access the content. • Connection to the server For example, descriptors can be used to indicat the connection protocol (http...) and the reference file ( ome-slide). • Format of content For example, descriptors can be used to indicat * the version of the publication language used and the enc >ding format• Furthermore, the mmethod according to the invention can be used for optimized management of a cache in >rder to reduce network traffic and improve access time. Thus, the mmethod according to the inventic n is extremely pleasant for an end-user: it is very si npler very coherent, very ergonomic and does not require any complex technical parameter settings. The inventior also has many advantages for the network administrator: ie is less in demand by users, so he can focus on more interesting and high level tasks. The m twork administrator benefits significantly from the inv* ation in terms of productivity, performances and work satisfaction. The invention also provides a rights manager with control over computer network operators. The ights manager delegates the possibility of managing a n The mmethod according to the invention also pr >vides a means of obtaining the signature of all co iputer network operation functions, while conventionally it is only possible to obtain the signature of co itent published through a computer network. In its most generally accepted version, this invention relates to a mmethod of operating a com niter network the said network comprising firstly a numb *r of computer servers and at least one client station on 7hich specific computer software is installed for consu .ting digital pages, and connecting at least two distinct entities: a rights manager and one or several ne :work operator(s), characterized in that it comprises: • a prior step to initialize the computer neiwork by the means of two digital documents signed b} the rights manager using a root key, one being a di gital certificate of the said network and the other be ng a document containing links to digital pages used to £;cess the said digital certificate of the network; • a step to identify the network topology 1c ading to: - obtaining a list of servers Ll, - recording a digital document containing the said list Llf this digital document being signed b^ the network operator using a network keyr and - assignment of a coefficient to each server c £ the said list Llr that in particular represents its processing capability; • an address lookup step by the means of a £ arver used to resolve addresses (called a lookup server), this step being implemented using two digital documents , one intended for error management and the other contz ining address parameters, these digital documents being Eigned by the network operator using the network key; • a step to consult computer objects hoste i on the server(s) specified in the address parameters, sing the said specific software; • the digital certificate of the computer network initialization step containing administrative and technical type information that the user uses to a cess the network , the technical information containin in particular the public part of the network key. Preferably, the mmethod also comprises a prior step to install the specific software for consulting digitai pages on the client station. Advantageously, the mmethod also comprises a step to update the specific software for consulting digital bages on the client station, this update being managed by a computer server using a status digital document and an update digital document, these documents being signed by the rights manager using the root key and these documents also being specific to the platform of the cLient station. According to one preferred variant, one or se veral of the said computer servers are dedicated to user technical assistance [help]* According to one particularly advantageous variant, the mmethod implements mechanisms for load balancing between the different servers. According to one preferred execution mmethod the mmethod uses service re-assignment mechanisms if a erver is anavailable [fail over]. According to one preferred variant, one o the address parameters is a digital filtering ind cator taking into account the content of corresponding digital pages, for example but not exclusively in order to lanage the authorization to consult these pages in regads to the age of the user [digital filter for the protect!* n of minors]. According to one particular embodiment, the act vity of the said operator is taking place on a public net ork, for example the Internet network. According to another particular embodiment, the activity of the said operator is taking place on at east a private computer network [for example an IP type network] Preferably, the digital documents have an XML compatible format• Advantageously, the specific software on the cLient station makes a distinction between different networks during an identification phase and makes simultaneous use of different computer networks possible. According to one particular variant, the lights manager is divided amongst a number of rights managers. Advantageously, the mmethod implements a cache for example but. not necessarily at the level of the said specific software, for consulting on the client station. Preferably, the said cache has two validity durations: a relative duration starting from a given event and an absolute duration corresponding to a predetermined expiration date. According to one particular embodiment, the said event is the loading of one of the said digital documents According to one particularly advant-geous embodiment, the list of servers LI also comrises indicators representing the geographic location c the said servers. According to one particular variant, the step to initialize the computer network is implemented automatically, and is executed using only the said digital certificate. According to one particular embodiment, the step to initialize the computer network automatically uses predetermined addresses. According to one variant, at the moment of the network topology identification step, the digital document is signed by the rights manager using the network key, this network key then being kept by the rights manager• According to one embodiment, at the moment o: the address lookup step, the digital documents are signed by the rights manager using the network key, this network key then being kept by the rights manager, Advantageously, the mmethod also comprises a step to validate the public part of the network key by suppLying the signature of a predetermined character string asing the network key. Preferably, each digital document has a inique identifier determined partly by the rights manage and partly by the network operator. According to a first variant, the signature is included in the document, for each digital document According to a second variant, the s ignatu -e is referenced by the document and is not included in the document, for each digital document. According to one preferred embodiment, the a- dress parameters define whether or not a user hould authenticate himself or herself to access a conterv , and if sor the means to be used. Advantageously, the address parameters defire the format of the content to be published. According to one particularly advantageous variant, different colors can be used to display the addressess of the different computer networks. According to one preferred variant, the digital document containing the address parameters Furthermore, this invention also relates to a method of digital coircnunication between at least two compting equipments on a computer network operated in accorance with the operation mmethod presented above, characteized in that, during at least one of the steps in the method, the digital data exchanged between the two compting equipments comprise at least one address for which the format has a header corresponding to the name of the network and a descriptor determined by a content producer. According to one preferred variant, the step in the mmethod in question is the address lookup step. Finally, this invention also relates to a computer network operating system, the said network compiLsing firstly a number of computer servers and at leas one client station on which specific software is installed for consulting digital pages, and connecting at least two distinct entities: a rights manager and at leas . one network operator. The invention will be better understood after reading the following purely explanatory descriptin of one embodiment of the invention with reference to the attached Drawings: * Drawing 1 illustrates an example of a system using the mmethod according to the invention; and • Drawings 2 and 3 are diagrams represei ting document exchange flows between the rights manage *, a network operator and the specific software on the user station. The mmethod according to the invention is implemented in the system illustrated in Drawing 1. A specific software for consulting the content is installed on a client station. Information exchanges are made be ween this software and different servers. This arrangement is not the only possible arrangement: different functions can be located on a single server* The final objecti 'e is the consultation of content hosted on a dedicated server, this consultation being dependent of the address parameters and being made using the said specific software installed on the client station. In Drawing 1, the "C-RA" indicator means tha the document is signed by the root key and the "C-RE" indicator means that the document is signed by the network key. In our example embodiment, the digital certificate required to initialize a network includes the following fields: • the name of the computer network • a unique identifier • a relative validity duration • an expiration date • the operator's name • the operator's address • the type, description, reference, expilation date and license supplier, • an URL leadind to a Web help site • colors of the addresses and of the address background of the computer network • locations of "certificate", "topology" and "status" digital documents • the length and exponent of the public key (for an RSA type encryption) • the public part of the network key and a "heck print" of this key and finally a signature of the document by the root key. In our example embodiment, the lookup file (address lookup) includes the following fieldsi • the name of the computer network • a digital identifier • a relative validity duration • an expiration date • an address of the content to be published • a flag whether or not the content is on line • an indication of a filter (for example: content exclusively for adults or not) • an address expiration date • an indication about the user's authentication mmethod • a descriptor of the connection protocol • the location of the content • the location of a reference slide (home, sids) • the version and encoding of the content publication language • indications about whether the content by longs tx> thematic channels; groups, families, etc. and finally a signature of the document by the network key* The possible step to update the specific softwa: e on the client station involves two digital documents: the status document and the update document. The status digital document (status) lists active versions of the software and the update digital document (update) contains the most recent version of the software. Three different statuses can be assigned in the status file: - up to date (OK) - expiration date is near (update recommended} - obsolete (update necessary). When an address of the network, is re-opened from a the specific software, only certain steps will be executed depending on whether or not the certificate has expired, whether or not the topology has expired and then whether or not the lookup has expired in the cache. Tables I and II indicate "who signs what document, and using which key" in two cases: the general case with delegation and the case without delegation. Table I: Signature of digital documents in the general case: with delegation Drawings 2 and 3 show document exchange flows between servers hosting these documents and the user station, in the case of a public network and then in the case of a private network. Obviously, many other arrangements would be possible, for example some flows could be separated. In Drawings 2 and 3, flow reference 1 is the flow of the set-up and certificate documents, flow reference 2 is the flow of the topology and lookup I error document 3 and flow reference 3 is the flow of status and up date documents The above description of the invention is given as an example. Obviously, those skilled in the art would be capable of making different variants of the invertion without going outside the scope of the patent. CLAIMS 1. Computer network operating method, the said network comprising firstly a number of computer servers ar i at least one client station on which specific computer software is installed for consulting digital pages, and connecting at least two distinct entities: a r ghts manager and one or several network operato (s), characterized in that it comprises: • a prior step to initialize the computer ne .work by the means of two digital documents signed by the rights manager using a root key, one being a digital certificate of the said network and the other be. ng a document containing links to digital pages used to a ;cess the said digital certificate of the network; • a step to identify the network topology l€ ading to: - obtaining a list of servers LI, - recording a digital document containing the said list LI, this digital document being s igned by the network operator using a network key, and - assignment of a coefficient to each server :n the said list LI, that in particular represents its processing capability; • an address lookup step by the means of a erver used to resolve addresses (called a lookup server) this step being implemented using two digital document; , one intended for error management and the other cont lining address parameters, these digital documents being ;igned by the network operator using the network key; • a step to consult computer objects hosed on the server(s) specified in the address parameters, using the said sDecific software; the digital certificate of the computer network initialization step, containing administrative and technical type information that the user uses to access the network, the technical information in particular containing the public part of the network key. 2. Computer network operating method according to claim 1, characterized in that it also comprises a prior step to install the specific software for consulting digital pages on the client station. 3. Computer network operating method according to claim 1 or 2, characterized in that it also comprises a step to update the specific software for consulting digital pages on the client station, this update being managed by a computer server using a status digital document and an update digital document, these documents being signed by the rights manager using the root key and these documents also being specific to the platform of the cLaim station. 4. Computer network operating method according to any one of the previous claims, characterized in that o e or several of the said computer servers are servers dedicated to user technical assistance [help], 5. Computer network operating method according to any one of the previous claims, characterized in that the rethod also implements mechanisms for load balancing between the different: servers. 6. Computer network operating method according to any one of the previous claims, characterized in that the hethod also uses service re-assignment mechanisms if a server is unavailable [fail over]. 7. Computer network operating method according to an; one of the previous claims, characterized in that one o: the address parameters is a digital filtering indicator talcing into account the content of corresponding digital pages, for example but not exclusively in order to manage the authorization to consult these pages in regards to the age of the user [digital filter for the protection of minors] ♦ 8. Computer network operating method according to any one of the previous claims, characterized in that the activity of the said operator is taking place on a public network, for example the Internet network. 9. Computer network operating method according to any one of claims 1 to 8, characterized in that the activity of the said operator is taking place on at least a private computer network [for example an IP type network]. 10. Computer network operating method according to any one of the previous claims, characterized in that the digital documents have an XML compatible format. 11. Computer network operating method according to any one of the previous claims, characterised in the - the specific software on the client station makes a distinction between different networks durin \ an identification phase and makes simultaneous use of different, computer networks possible. 12 • Computer network operating method according to any one of the previous claims, characterized in that the rights manager is divided amongst a number of rights managers• 13. Computer network operating method according tc any one of the previous claims, characterized in that the method implements a cache, for example but not necessarily at the level of the said specific software, for consulting on the client station. 14, Computer network operating method according to claim 13, characterized in that the said cache has two validity durations: a relative duration starting from a given event and an absolute duration corresponding to a predetermined expiration date. 15 . Computer network operating method according claim 14, characterized in that the said event is the loading of one of the said digital documents. 16. Computer network operating method according to any one of the previous claims, characterized in that the said list of servers Ll also comprises indicators representing the geographic location of the said servers. 17. Computer network operating method according to any one of the previous claims, characterized in that the step to initialize the computer network is implemented automatically, and is executed using only the said digital certificate. 18. Computer network operating method according to c laim 17, characterized in that the step to initialize the computer network automatically uses predeterr ined addresses. 19. Computer network operating method according tc any one of the previous claims, characterized in that, at the moment of the network topology identification step, the digital document is signed by the rights manager sing the network key, this network key then being kept by the rights manager. 2 0. Computer network operating method according tc any one of the previous claims, characterized in that, at the moment of the address lookup step, the digital documents are signed by the rights manager using the network key, this network key then being kept by the rights manager. 21. Computer network operating method according to any one of the previous claims,, characterized in that the method also comprises a step to validate the public part of the network key by supplying the signature of a predetermined character string using the network key 22. Computer network operating method according to any one of the previous c laims, characterized in that each digital document has a unique identifier deter mined partly by the rights manager and partly by the network operator. 23. Computer network operating method according to any one of the previous claims, characterized in that the signature is included in the document, for each digital document. 2 4 • Computer network operating method according to any one of the previous claims, characterized in that the signature is referenced by the document and is not included in the document, for each digital document. 25. Computer network operating method according to any one of the previous claims, characterized in that the address parameters define whether or not a user should authenticate himself or herself to access a content and if so, the means to be used* 26. Computer network operating method according to any one of the previous claims, characterized in that the address parameters define the format of the content to be published. 27. Computer network operating method according to any one of the previous claims, characterized in that different colors can be used to display the addresses of the different computer networks. 28. Computer network operating method according to any one of the previous claims, characterized in that the digital document containing the address parameters (lookup document) also contains a certificate to authenticate a content server. 29. Method of digital communication between at leas-to two computing equipments on a computer network operated in accordance with the operation method presented bove, characterized in that, during at least one of the steps in the method, the digital data exchanged between that two computing equipments comprise at least one address for which the format has a header corresponding to the name of the network and a descriptor determined by a co tent producer. 30, Method of digital communication according to claim 29, characterized in that the step in the method 1 in question is the address lookup step. 31. Computer network operating system, the said network comprising firstly a number of computer servers and at least one client station on which a specific softwa re is installed for consulting digital pages, and connecting at least two distinct entities: a rights manager and at least one network operator for use of the operating method according to any one of claims 1 to 28. Dated this 14 day of July 2006

Documents:

2577-CHENP-2006 ENGLISH TRANSLATION 07-07-2011.pdf

2577-CHENP-2006 AMENDED CLAIMS 31-05-2012.pdf

2577-CHENP-2006 CORRESPONDENCE OTHERS 07-07-2011.pdf

2577-CHENP-2006 AMENDED CLAIMS 14-06-2012.pdf

2577-CHENP-2006 CORRESPONDENCE OTHERS 14-06-2012.pdf

2577-CHENP-2006 EXAMINATION REPORT REPLY RECEIVED 31-05-2012.pdf

2577-CHENP-2006 FORM-3 31-05-2012.pdf

2577-CHENP-2006 OTHER PATENT DOCUMENT 31-05-2012.pdf

2577-CHENP-2006 POWER OF ATTORNEY 31-05-2012.pdf

2577-chenp-2006-abstract.pdf

2577-chenp-2006-claims.pdf

2577-chenp-2006-correspondnece-others.pdf

2577-chenp-2006-description(complete).pdf

2577-chenp-2006-drawings.pdf

2577-chenp-2006-form 1.pdf

2577-chenp-2006-form 3.pdf

2577-chenp-2006-form 5.pdf

2577-chenp-2006-pct.pdf