[go: up one dir, main page]

WO2007066354A1 - A system and method to share digital data in a secure and fine grained controlled manner over a communication network - Google Patents

A system and method to share digital data in a secure and fine grained controlled manner over a communication network Download PDF

Info

Publication number
WO2007066354A1
WO2007066354A1 PCT/IN2006/000381 IN2006000381W WO2007066354A1 WO 2007066354 A1 WO2007066354 A1 WO 2007066354A1 IN 2006000381 W IN2006000381 W IN 2006000381W WO 2007066354 A1 WO2007066354 A1 WO 2007066354A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
persistent
universal
abstract
content
Prior art date
Application number
PCT/IN2006/000381
Other languages
French (fr)
Other versions
WO2007066354B1 (en
Inventor
Ajay Madhok
Original Assignee
Ajay Madhok
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ajay Madhok filed Critical Ajay Madhok
Publication of WO2007066354A1 publication Critical patent/WO2007066354A1/en
Publication of WO2007066354B1 publication Critical patent/WO2007066354B1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4552Lookup mechanisms between a plurality of directories; Synchronisation of directories, e.g. metadirectories

Definitions

  • the invention relates generally to communication systems and networks.
  • the present invention relates to providing a system and method to share digital content through communication network by introduction of a universal single, abstract, persistent, identifier for representing a real world identity to make sharing extremely simple, secure and controlled.
  • 3 Rd Generation Partnership Project 3 Rd Generation Partnership Project (3GPP) has defined a model IP communication network in Release 5 specification. These specifications are under continuous improvements and enhancements, such as Release 6, Release 7, to incorporate past experience, technology advancements, and future requirements.
  • 3GPP Technical Specification 3GPP TS 23.140 “Multimedia Messaging Service (MMS) (TS 23.140 v6.8.0 (2004-12)), which is herein incorporated by reference in its entirety, describes a method to send and receive digital content (e.g. text, image, audio, video, vector graphics etc.) from a mobile device. It also describes a standard architecture and elements (MMS User Agent, MMS Server/Relay, Message Store, HLR, MMS VAS Applications, and External Server) to support such service. These elements form a group represented as MMS Environment (MMSE). Chapter 4.3 of TS 23.140 describes the addressing scheme to be used for recipients. These schemes are E- Mail addresses (RFC 2822), MSISDN (E.164), and service provider specific address.
  • RRC 2822 E- Mail addresses
  • E.164 MSISDN
  • service provider specific address service provider specific address.
  • Chapter 5 of TS 23.140 describes the functional capabilities of the involved elements including the User Agent, and the MMS Server/Relay.
  • Chapter 7 describes the service behaviour of MMS for each element in MMSE.
  • Chapter 7.1.1 of TS 23.140 describes the capabilities of a sending MMSE including User Agent, and MMS Server/Relay to set parameters for the Multimedia Message (MM) to control delivery of the message.
  • Chapter 7.1.2 of TS 23.140 describes the capabilities and behaviour of the receiver MMSE including User Agent, and MMS Server/Relay.
  • the MM is stored by the MMS Server associated with the target MMS Relay.
  • Target MMS Server stores, the message on Message Store
  • Target MMS Relay sends a notification to target MMS User Agent
  • Target MMS User Agent notifies the target user of new MM available
  • the steps described above are only an example of normal operation of sending and receiving MM by User Agents. It does not give detailed descriptions, including but not limited to, of protocols, signaling, message formats, and error handling mechanism used during the operation.
  • the receiver can use, save, forward the MM as long as it is not expired on the receiving MMS Server 10.
  • the sender User Agent does not have any control over the MM.
  • the scheme treats all addresses (MSISDN, E-Mail, or service provider specific) different even if it belongs to the same person or application. There is no method to unify these addresses and configure rules for controlling access, privacy, usage, expiry, compliance and synchronization control of the shared data. In the current scheme, if possible, these rules have to be set for individual addresses
  • a User Agent sends an MMS to recipients, it loses controls (including but not limited to access, privacy, usage, expiry, compliance and synchronization control) over the MMS as the receiver can use, store, forward the MMS in whatever way it wishes to.
  • controls including but not limited to access, privacy, usage, expiry, compliance and synchronization control
  • the receiver is free to use the MMS in whatever way it wishes to, till the expiry of the MMS.
  • An object of the present invention is to make sharing of digital content secure and controlled.
  • Another object of the present invention is to provide for a system and method that is extensible to incorporate other routable addresses that are popular in use, e.g. instant messaging, SIP (RFC 3261) for addressing user agent.
  • SIP instant messaging
  • a further object of the present invention is to provide a user with a reconfigurable dedicated button on the mobile device.
  • the present invention solves the problem of addressing by using a universal single, abstract, persistent Identity for users.
  • the present invention solves the control problem by making all the elements involved in MMSE as Identity aware. What it means that these elements understand constructs of a digital identity as represented by a universal, abstract, persistent identifier such as XRI and are able to follow the controlling contracts based on persistent Identities.
  • An Identity refers to a representation of a real world identity entity that is capable of triggering a resource transfer and represents either an originating or a terminating end point in any sharing transaction referred to. during the course of this document. For representation, abstraction and resolution of these identities, an appropriate addressing scheme is used to uniquely and persistently identity users and the associated channel and / or applications.
  • An identity represents a user that has different identifiers for various channels and / or applications. Any such user could also have multiple distinct identifiers for the same channels and / or application. These identities can be associated to any subscribers, application, machines, etc.
  • IDENTIFIER An identifier is a construct used to define parameters of the sharing relationship that may exist vis-a-vis another user identity for / across various channels, networks, applications, domains etc.
  • the nature of identifiers used throughout the document include - Universal single, abstract , persistent and standard based identifier that encompasses several concrete identifiers representing same / different domains, channels and applications
  • absolute identifier (representing a non persistent, temporal identity of a user on a single domain and / or channel and / or application)
  • a multimedia resource can be either stream or a discrete format.
  • the ownership of the resource may either lie solely with the originator or jointly between the originating end point and the terminating end point identities, depending on the terms of the contract defined by the originating identity.
  • the resolution process refers to sequences of steps carried out to locate a real - world identity across same / different domains and / pr channels and / or applications.
  • Resolution Process for sharing of resource between 2 identities through SAP (single, abstract, persistent) Identifiers The process includes -
  • the process includes - 1. authenticating a user based on his universal single, abstract, persistent identifier, 2. uploading the resource to a shared, mutually accessible (by originating and terminating end point identities) repository,
  • CONTRACT A contract refers to a defined structure that holds terms of data sharing from originating end point identity to terminating end point identity. It may represent enforceable rules pertaining to zero. or more resources, that extends multi-dimensional controls (access, privacy, usage, synchronization and compliance) to any / all resources shared and / or transferred by the originating end point identity to the terminating end point identity. Examples of controls extended would include enforced time based access to the shared resource, permissions associated with usage and / or distribution of the resource etc.
  • originator originating identity
  • originating ⁇ real world entity originating end point identity
  • terminating identity terminating real world entity
  • terminating end point terminating end point identity
  • identity and real world identity are synonymous in usage.
  • Figure 1 is a block diagram that illustrates an overview of the current MMS Architectural Elements (prior-art).
  • Figure 2 is a block diagram that illustrates logical representation of an 'abstract identifier' (single, abstract and persistent) as per an embodiment of the present invention
  • Figure 4 is . a block diagram illustrating the sharing of a resource between two entities, the sender being represented by a single, abstract, persistent identifier and the receiver being represented by a single, non-persistent identifier and vice versa as per an embodiment of the present invention
  • the present invention is directed towards providing a system and method to make sharing of digital content over communication network using universal and persistent Identity such as an extensible Resource Identifier.
  • This invention further provides for digital content to be secure, controlled and unified for a user.
  • FIG. 2 is a block diagram that represents a real world identity as a universal, single, abstract, persistent (SAP) identifier.
  • This procedure is capable of encompassing various concrete identifiers belonging to different addressing domains through abstraction and static / dynamic resolution. For any inbound or outbound transaction based on these identifiers, the location of the relevant end point takes place based on a resolution process using a set of criteria which may depend on current set of attributes / preferences / presence information, etc pertaining to the real world entity at the respective end point.
  • Commonly used communication media like Email, IM, VoIP, etc. use single, concrete and absolute identifiers, to represent the end points for any transaction / communication. These identifiers may again be broadly classified into various standards such as the UR! and E.164.
  • the Identifier Abstraction and Resolution procedure converts these various formats into a SAP identifier, which is further processed by the communication framework to deliver the service required.
  • Figure 3 is a block diagram that represents the transfer / sharing of a resource from an originating real world entity to a terminating end point real world entity represented by universal single, abstract, persistent identifiers, while extending control (including but not limited to access, privacy, usage, expiry, compliance and synchronization control) of the said resource by means of enforcing contracts (extended or otherwise) defining the privileges associated with resource by the originating end point and the preferences associated with the receiving end point as defined through the current set of attributes or preferences or presence information pertaining to the terminating end point real world entity.
  • the underlying architecture When communication is sought by two or more identities the underlying architecture provides for a seamless addressing mechanism along with more advanced control of the resource and its representation for the identities involved in the communication.
  • the actual resource may or may not be transferred to the end point.
  • the resource may be retained at a common location or at the originator location and a representation or view of the resource may be presented to the end point.
  • the representation of the resource can also be enhanced using privileges set by the originator and preferences set by the end point identity. All preferences / settings which are set for a particular contract may be changed during the lifetime of the contract based on various access control mechanisms which may be built into the contract properties.
  • Figure 4 is a block diagram that represents the transfer / sharing of a resource from an originating real world entity represented through a universal single, abstract, persistent identifier to a terminating end point real world entity represented by a single, concrete, absolute identifier and vice versa, while extending control (including but not limited to access, privacy, usage, expiry, compliance and synchronization control) of the said resource by means of enforcing contracts (extended or otherwise) defining the privileges associated with resource by the originating end point.
  • control including but not limited to access, privacy, usage, expiry, compliance and synchronization control
  • the conversion from a SAP identifier to the traditional single, concrete, absolute identifier requires a conversion from the large set of features provided by the SAP addressing scheme to the limited set of features of the other identifiers.
  • This conversion may either be a simple static conversion to access the resource or a dynamic conversion.
  • Identities at originator end points can publish the digital data in three steps by selecting the data, selecting the receivers, and using the publish button to share the data.
  • the above can be carried out using a programmable button on a user / communication device.
  • the transfer / sharing of a resource by an originating real world entity represented by a single, concrete, absolute identifier, to a terminating real world entity represented through a universal single, abstract, persistent does not include extending control beyond access of the said resource.
  • the reception location of the resource however would be subject to the preferences associated with the receiving end point as defined through the current set of attributes or preferences or presence information pertaining to terms of the contract as set by the terminating end point real world entity with respect to the originator or otherwise.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention describes a system and method of easily sharing digital content from user devices capable of using universal, single, abstract and persistent identifiers such as XRI based universal Identity for addressing the sender and receiver(s) for sharing digital content over communication network and providing fine grained control over access, privacy, usage, expiry, compliance and synchronization of the digital content. This standard based universal and persistent Identity is used for controlling access, privacy, usage, expiry, compliance and synchronization control of the digital content. Further the invention also stores the digital content on a network storage device to share and archive the data.

Description

A system and method to share digital data in a secure and fine grained controlled manner over a communication network
BACKGROUND Field of the invention
The invention relates generally to communication systems and networks. In particular, the present invention relates to providing a system and method to share digital content through communication network by introduction of a universal single, abstract, persistent, identifier for representing a real world identity to make sharing extremely simple, secure and controlled.
Description of the related Art With the advent of new technologies like MMS, related protocols, sharing across multiple domains and devices is no longer a telecom service provider's nightmare.
3Rd Generation Partnership Project (3GPP) has defined a model IP communication network in Release 5 specification. These specifications are under continuous improvements and enhancements, such as Release 6, Release 7, to incorporate past experience, technology advancements, and future requirements.
3GPP Technical Specification 3GPP TS 23.140: "Multimedia Messaging Service (MMS) (TS 23.140 v6.8.0 (2004-12)), which is herein incorporated by reference in its entirety, describes a method to send and receive digital content (e.g. text, image, audio, video, vector graphics etc.) from a mobile device. It also describes a standard architecture and elements (MMS User Agent, MMS Server/Relay, Message Store, HLR, MMS VAS Applications, and External Server) to support such service. These elements form a group represented as MMS Environment (MMSE). Chapter 4.3 of TS 23.140 describes the addressing scheme to be used for recipients. These schemes are E- Mail addresses (RFC 2822), MSISDN (E.164), and service provider specific address. Chapter 5 of TS 23.140 describes the functional capabilities of the involved elements including the User Agent, and the MMS Server/Relay. Chapter 7 describes the service behaviour of MMS for each element in MMSE. Chapter 7.1.1 of TS 23.140 describes the capabilities of a sending MMSE including User Agent, and MMS Server/Relay to set parameters for the Multimedia Message (MM) to control delivery of the message. Chapter 7.1.2 of TS 23.140 describes the capabilities and behaviour of the receiver MMSE including User Agent, and MMS Server/Relay.
Figure 1 is a block diagram that illustrates an overview of the current MMS Architectural Elements (prior-art). System elements numbered 9 to 24 are directly taken from TS 23.140 for reference.
During normal operation, following steps are followed to send and receive an MM
• A user composes an MM through User Agent using the content to be sent
• User selects or enters recipients for sending the MM to recipients using address format described in TS 23.140
• User submits the MM through User Agent to its associated MMS Relay
• MMS Relay resolves the addresses of the recipient(s)■
• MMS Relay routes forward the MM to each target MMS Relay in the target network
• The MM is stored by the MMS Server associated with the target MMS Relay. Target MMS Server stores, the message on Message Store
• Target MMS Relay sends a notification to target MMS User Agent
• Target MMS User Agent retrieves the MM from the target MMS
Server • Target MMS User Agent notifies the target user of new MM available
• Target user requests rendering of received MM
• Target MMS User Agent renders MM on target user's terminal
The steps described above are only an example of normal operation of sending and receiving MM by User Agents. It does not give detailed descriptions, including but not limited to, of protocols, signaling, message formats, and error handling mechanism used during the operation. Once the MM is sent by a User Agent, the receiver can use, save, forward the MM as long as it is not expired on the receiving MMS Server 10. The sender User Agent does not have any control over the MM.
Some of the deficiencies in above scheme are as follows:
• The scheme treats all addresses (MSISDN, E-Mail, or service provider specific) different even if it belongs to the same person or application. There is no method to unify these addresses and configure rules for controlling access, privacy, usage, expiry, compliance and synchronization control of the shared data. In the current scheme, if possible, these rules have to be set for individual addresses
• The scheme does not provide a method to incorporate other routable addresses which are popular in use e.g. Instant Messenger, SIP
(RFC 3261) for addressing User Agents
• According to the scheme, once a User Agent sends an MMS to recipients, it loses controls (including but not limited to access, privacy, usage, expiry, compliance and synchronization control) over the MMS as the receiver can use, store, forward the MMS in whatever way it wishes to. Although Chapter 7.1.1 of TS 23.140 mandates ability for the User Agent to set expiry time for the MMS, the receiver is free to use the MMS in whatever way it wishes to, till the expiry of the MMS.
Therefore, what is required is a system and method that obviates the above deficiency and provides a mechanism to make sharing of digital content secure, controlled and unified to all routable addresses.
SUMMARY
An object of the present invention is to make sharing of digital content secure and controlled.
Another object of the present invention is to make sharing extremely simple across all the addresses (MSISDN, Email, or service provider specific) of an identity / application by using a universal single, abstract, and persistent identifiers such as XRI (extensible Resource Identifiers).
Another object of the present invention is to provide for a system and method that is extensible to incorporate other routable addresses that are popular in use, e.g. instant messaging, SIP (RFC 3261) for addressing user agent.
Yet another object of the present invention is to enable User with fine grained control (that includes, but is not limited to access, privacy, usage, expiry, compliance and synchronization control) over the messages sent to recipients.
A further object of the present invention is to provide a user with a reconfigurable dedicated button on the mobile device.
The present invention solves the problem of addressing by using a universal single, abstract, persistent Identity for users. The persistent
Identity enables the system to link different addressable identities e.g.
MSISDN, E-Mail, or any other identity and use the Identity to configure rules for control. It also allows linking any other routable addresses with the persistent Identity such that it can be used for sending and controlling MM. The present invention solves the control problem by making all the elements involved in MMSE as Identity aware. What it means that these elements understand constructs of a digital identity as represented by a universal, abstract, persistent identifier such as XRI and are able to follow the controlling contracts based on persistent Identities.
DEFINITIONS AND PRESUMPTIONS IDENTITY
An Identity refers to a representation of a real world identity entity that is capable of triggering a resource transfer and represents either an originating or a terminating end point in any sharing transaction referred to. during the course of this document. For representation, abstraction and resolution of these identities, an appropriate addressing scheme is used to uniquely and persistently identity users and the associated channel and / or applications. An identity represents a user that has different identifiers for various channels and / or applications. Any such user could also have multiple distinct identifiers for the same channels and / or application. These identities can be associated to any subscribers, application, machines, etc.
IDENTIFIER An identifier is a construct used to define parameters of the sharing relationship that may exist vis-a-vis another user identity for / across various channels, networks, applications, domains etc. The nature of identifiers used throughout the document include - Universal single, abstract , persistent and standard based identifier that encompasses several concrete identifiers representing same / different domains, channels and applications
- Concrete, absolute identifier (representing a non persistent, temporal identity of a user on a single domain and / or channel and / or application)
RESOURCE
A Resource is a passive entity that gets shared and / or transferred completely / partially between the two real world identities on same / different domains and / or channels and / or applications. A resource may be of types -
- Multimedia (audio, video, text, image)
- stream / discrete (chunk) formats A multimedia resource can be either stream or a discrete format.
The ownership of the resource may either lie solely with the originator or jointly between the originating end point and the terminating end point identities, depending on the terms of the contract defined by the originating identity.
RESOLUTION PROCESS
The resolution process refers to sequences of steps carried out to locate a real - world identity across same / different domains and / pr channels and / or applications. Resolution Process for sharing of resource between 2 identities through SAP (single, abstract, persistent) Identifiers The process includes -
1. authenticating a user based on his universal single, abstract, persistent identifier,
2. uploading the resource to a shared, mutually accessible (by originating and terminating end point identities) repository,
3. gathering / modifying relevant information about privileges associated with the shared resource,
4. gathering preferences associated with the receiving end point based on temporal set of criteria of the terminating end point, 5. resolving the underlying absolute identifiers based on the terminating end point's preferences, attributes and presence information,
6. pushing a referential link to the concrete, absolute identifier (address), 7. authenticating the terminating end point on access attempt to the shared resource,
8. extending the resource as per contract as defined by the originating identity for the terminating end point identity through the telecom service provider's network.
Resolution Process for sharing of resource by an identity represented by a SAP Identifier to an identity (Non SAP) represented by Single, Concrete Identifier
The process includes - 1. authenticating a user based on his universal single, abstract, persistent identifier, 2. uploading the resource to a shared, mutually accessible (by originating and terminating end point identities) repository,
3. gathering / modifying relevant information about privileges associated with the shared resource, 4. resolving the absolute identifiers (or address) for the terminating end point,
5. pushing a referential link to the concrete, absolute identifier
(address),
6. authenticating the terminating end point on access attempt to the shared resource,
7. extending the resource as per contract as defined by the
originating identity for the terminating end point identity through the telecom service provider's network.
CONTRACT A contract refers to a defined structure that holds terms of data sharing from originating end point identity to terminating end point identity. It may represent enforceable rules pertaining to zero. or more resources, that extends multi-dimensional controls (access, privacy, usage, synchronization and compliance) to any / all resources shared and / or transferred by the originating end point identity to the terminating end point identity. Examples of controls extended would include enforced time based access to the shared resource, permissions associated with usage and / or distribution of the resource etc.
Phrases & Words
In this description the words originator, originating identity, originating real world entity and originating end point identity are synonymous in usage. The words terminating identity, terminating real world entity, terminating end point and terminating end point identity are synonymous in usage. The words identity and real world identity are synonymous in usage.
The singular includes the plural and vice-versa, unless repugnant to the context. Phrases are gender neutral BRIEF DESCRIPTION OF THE DRAWINGS
The preferred embodiments of the invention will hereinafter be described in conjunction with the appended drawings provided to illustrate and not to limit the invention, wherein like designations denote like elements, and in which: Figure 1 is a block diagram that illustrates an overview of the current MMS Architectural Elements (prior-art).
Figure 2 is a block diagram that illustrates logical representation of an 'abstract identifier' (single, abstract and persistent) as per an embodiment of the present invention
Figure 3 is a block diagram illustrating the sharing of a resource between two identities where both the real world entities are represented by single, abstract, persistent identifiers as per an embodiment of the present invention
Figure 4 is . a block diagram illustrating the sharing of a resource between two entities, the sender being represented by a single, abstract, persistent identifier and the receiver being represented by a single, non-persistent identifier and vice versa as per an embodiment of the present invention
While the invention is susceptible to various modifications and alternative forms, specific embodiments of the invention are provided as examples in the drawings and detailed description. It should be understood that the drawings and detailed description are not intended to limit the invention to the particular form disclosed. Instead, the intention is to cover all modifications, equivalents and alternatives failing within the spirit and scope of the invention as defined by the appended claims. DESCRIPTION OF PREFERRED EMBODIMENTS
The present invention is directed towards providing a system and method to make sharing of digital content over communication network using universal and persistent Identity such as an extensible Resource Identifier. This invention further provides for digital content to be secure, controlled and unified for a user.
Figure 2 is a block diagram that represents a real world identity as a universal, single, abstract, persistent (SAP) identifier. This procedure is capable of encompassing various concrete identifiers belonging to different addressing domains through abstraction and static / dynamic resolution. For any inbound or outbound transaction based on these identifiers, the location of the relevant end point takes place based on a resolution process using a set of criteria which may depend on current set of attributes / preferences / presence information, etc pertaining to the real world entity at the respective end point. Commonly used communication media like Email, IM, VoIP, etc. use single, concrete and absolute identifiers, to represent the end points for any transaction / communication. These identifiers may again be broadly classified into various standards such as the UR! and E.164. The Identifier Abstraction and Resolution procedure converts these various formats into a SAP identifier, which is further processed by the communication framework to deliver the service required.
Figure 3 is a block diagram that represents the transfer / sharing of a resource from an originating real world entity to a terminating end point real world entity represented by universal single, abstract, persistent identifiers, while extending control (including but not limited to access, privacy, usage, expiry, compliance and synchronization control) of the said resource by means of enforcing contracts (extended or otherwise) defining the privileges associated with resource by the originating end point and the preferences associated with the receiving end point as defined through the current set of attributes or preferences or presence information pertaining to the terminating end point real world entity.
When communication is sought by two or more identities the underlying architecture provides for a seamless addressing mechanism along with more advanced control of the resource and its representation for the identities involved in the communication. In the process the actual resource may or may not be transferred to the end point. The resource may be retained at a common location or at the originator location and a representation or view of the resource may be presented to the end point. The representation of the resource can also be enhanced using privileges set by the originator and preferences set by the end point identity. All preferences / settings which are set for a particular contract may be changed during the lifetime of the contract based on various access control mechanisms which may be built into the contract properties.
Identities at either end points can publish the digital data in three steps by selecting the data, selecting the receivers, and using the publish button to share the data. The above can be carried out using a programmable button on a user / communication device. The relationship authority, attribute authority and the context authority provide information required by other components in the system, pertaining to the identities (involved in a particular transaction / communication), their preferences for the communication and the resources involved in the communication etc.
Figure 4 is a block diagram that represents the transfer / sharing of a resource from an originating real world entity represented through a universal single, abstract, persistent identifier to a terminating end point real world entity represented by a single, concrete, absolute identifier and vice versa, while extending control (including but not limited to access, privacy, usage, expiry, compliance and synchronization control) of the said resource by means of enforcing contracts (extended or otherwise) defining the privileges associated with resource by the originating end point.
The conversion from a SAP identifier to the traditional single, concrete, absolute identifier requires a conversion from the large set of features provided by the SAP addressing scheme to the limited set of features of the other identifiers. This conversion may either be a simple static conversion to access the resource or a dynamic conversion.
The static conversion is a procedure where the conversion takes place only once from a SAP identifier to the other identifiers. The resource and / or its representation may get transferred to the end point based on the preferences and privileges of the contract. After this conversion the resource and the contract may be expired by the identity subsystem if there are no other contracts linked to it.
The dynamic conversion procedure is activated every time an end point identity requests access to the resources which are a part of the transaction / communication, and the concrete identifiers are built dynamically on a per request basis, by enforcing various other permissions and privileges set into the contract. During the dynamic resolution process the resource and / or its representation are located within the SAP based Identity subsystem / framework.
Identities at originator end points can publish the digital data in three steps by selecting the data, selecting the receivers, and using the publish button to share the data. The above can be carried out using a programmable button on a user / communication device. The transfer / sharing of a resource by an originating real world entity represented by a single, concrete, absolute identifier, to a terminating real world entity represented through a universal single, abstract, persistent does not include extending control beyond access of the said resource. The reception location of the resource however would be subject to the preferences associated with the receiving end point as defined through the current set of attributes or preferences or presence information pertaining to terms of the contract as set by the terminating end point real world entity with respect to the originator or otherwise.
While the preferred embodiments of the invention have been illustrated and described, it will be clear that the invention is not limited to these embodiments only. Numerous modifications, changes, variations, substitutions and equivalents will be apparent to those skilled in the art without departing from the spirit and scope of the invention as described in the claims.

Claims

CLAIMS:
What is claimed is: 1. A method to provide a single, unified identity to a user having A method to share digital data / content over a telecommunication network by using standard based universal and persistent identity (such as an XRI), such method comprising the steps of: addressing the receiver(s) for sharing digital content; and controlling the access, privacy, usage, expiry, compliance and synchronization of the said digital content wherein the sender and receiver(s) can be addressed using a combination of universal, single, abstract, persistent Identifiers and / or the concrete and / or absolute identifiers.
2. A method of claim 1 , further comprising of storing the digital data / content at a mutually accessible repository to store, share and archive the data
3. A method of claim 2, wherein the said repository can exist on a network storage device.
4. A method of claim 2, wherein the said repository can exist on the sender's location / device.
5. The method of claim 1 , wherein a reconfigurable dedicated button (referred as publish button) is provided on the user device to invoke the application responsible for publishing the data.
6. The method to publish data of claim 5, further comprising the steps of selecting the data; selecting the receivers; and using the publish button to share the data.
7. The method of claim 6, wherein the ability to publish the data comprises of invoking these steps in any order.
8. The method of claim 1, further comprising of providing users with a publication wizard so as to take the user through a step-by-step process to select receivers from an address book stored locally or on a network, use and / or modify existing contract(s), set up configuration parameters, and to publish the data
9. The method of claim 8, wherein the sender, represented by a universal, single, abstract, persistent Identifier, can associate control parameters (including but not limited to access, privacy, usage, expiry, compliance and synchronization) with the digital data / content on a per receiver basis by means of Contracts specifying the terms of control extended over the said digital content
10. The method of claim 9, wherein the sender, represented by a universal, single, abstract, persistent Identifier, can create and / or edit and / or extinguish the said contract in part / whole
11. The method of claim 8, wherein the configuration parameters comprise of meta-data related to the shared digital data / content and / or repository such as storage directory, comment, description etc. for every receiver, to be set during publication process
12. The method of claim 1 , wherein the receivers can be addressed by their persistent Identity (using a standard based universal, single, abstract and persistent identifier), or by any concrete and / or absolute identifier such as a telephone number or any other electronically addressable identifier
13. The method of claim 2 or claim 9, wherein the digital data can be saved, downloaded, and archived
14. The method of claim 13, wherein the stored digital data is used for publishing and sharing with receivers including people,
applications, services, and publishing it on the Internet
15. The method of claim 13, wherein the stored digital data is sent directly to the receivers capable of receiving and using the data.
16. A system to share digital data / content over a telecommunication network, such system comprising of: module to address the receiver(s) for sharing digital content; and module to control the access, privacy, usage, expiry, compliance and synchronization of the digital content. wherein the sender and receiver(s) can be addressed using a combination of universal, single, abstract, persistent Identifiers and / or the concrete and / or absolute identifiers.
17. The system of claim 16, further comprising of a storage device for the digital data / content to share and archive the data.
18. The system of claim 16, further comprising of a reconfigurable
dedicated button (referred as publish button) on the user device to invoke the application responsible for publishing the data.
19. The system of claim 18, further comprising of a publication wizard on a device so as to take the user through a step-by-step process to select receivers from an address book stored locally or on a network, use and / or modify existing contract(s), set up configuration parameters, and to publish the data.
20. The method of claim 19, wherein the sender, represented by a universal, single, abstract, persistent Identifier, can associate control parameters (including but not limited to access, privacy, usage, expiry, compliance and synchronization) with the digital data / content on a per receiver basis by means of Contracts specifying the terms of control extended over the said digital content
21. The method of claim 20, wherein the sender, represented by a universal, single, abstract, persistent Identifier, can create and / or edit and / or extinguish the said contract in part / whole
22. A computer readable medium comprising program instructions to implement: addressing receiver(s) to share digital content; and controlling the access, privacy, usage, expiry, compliance and synchronization of the said digital content wherein the sender and receiver(s) can be addressed using a combination of universal, single, abstract, persistent Identifiers and/ or the concrete and / or absolute identifiers
PCT/IN2006/000381 2005-09-21 2006-09-21 A system and method to share digital data in a secure and fine grained controlled manner over a communication network WO2007066354A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN2549DE2005 2005-09-21
IN2549/DEL/2005 2005-09-21

Publications (2)

Publication Number Publication Date
WO2007066354A1 true WO2007066354A1 (en) 2007-06-14
WO2007066354B1 WO2007066354B1 (en) 2007-07-26

Family

ID=38122527

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2006/000381 WO2007066354A1 (en) 2005-09-21 2006-09-21 A system and method to share digital data in a secure and fine grained controlled manner over a communication network

Country Status (1)

Country Link
WO (1) WO2007066354A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009072734A1 (en) * 2007-12-04 2009-06-11 Electronics And Telecommunications Research Institute Data synchronizing system and method using xri data link
US8196181B2 (en) 2006-10-13 2012-06-05 Quipa Holdings Limited Private network system and method
US20140189888A1 (en) * 2012-12-29 2014-07-03 Cloudcar, Inc. Secure data container for an ambient intelligent environment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002019072A1 (en) * 2000-08-28 2002-03-07 Kent Ridge Digital Labs Distribution of digital content in mobile computing environments
GB2383149A (en) * 2001-12-14 2003-06-18 Tornado Entertainment Ltd Digital content distribution

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002019072A1 (en) * 2000-08-28 2002-03-07 Kent Ridge Digital Labs Distribution of digital content in mobile computing environments
GB2383149A (en) * 2001-12-14 2003-06-18 Tornado Entertainment Ltd Digital content distribution

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8196181B2 (en) 2006-10-13 2012-06-05 Quipa Holdings Limited Private network system and method
WO2009072734A1 (en) * 2007-12-04 2009-06-11 Electronics And Telecommunications Research Institute Data synchronizing system and method using xri data link
KR100921426B1 (en) 2007-12-04 2009-10-14 한국전자통신연구원 Data synchronization system and method using jr data link
US20140189888A1 (en) * 2012-12-29 2014-07-03 Cloudcar, Inc. Secure data container for an ambient intelligent environment

Also Published As

Publication number Publication date
WO2007066354B1 (en) 2007-07-26

Similar Documents

Publication Publication Date Title
US7274943B2 (en) Service subscription in a communication system
US9043404B2 (en) System, apparatus and method for providing partial presence notifications
EP1665713B1 (en) Data sharing in a multimedia communication system
CN101355797B (en) Method for obtaining user terminal equipment information and communication service function entity
KR101635906B1 (en) Method for providing the communication history
JP5080479B2 (en) Group communication in communication systems
EP1520388B1 (en) Updating presence information
EP2087746A1 (en) System and method for providing converged messaging service
JP2011090685A (en) Transmission of application information and command using presence technology
EP1932074A1 (en) Group communications
KR20130018414A (en) Universal address book enabling updateable electronic business cards
CA2776863A1 (en) Method and internet protocol short message gateway (ip-sm-gw) for providing an interworking service between converged ip messaging (cpm) and short message service (sms)
EP2116003B1 (en) Subscriber data management in communication networks
US20120166562A1 (en) System and method for routing session initiation protocol conversation
WO2012013033A1 (en) Method and system for processing request message
CN101686230A (en) Realization method of telephone book, system and address server
WO2007066354A1 (en) A system and method to share digital data in a secure and fine grained controlled manner over a communication network
CN101677302B (en) Method and apparatus for providing information to a user in a multi-device environment
US8738716B2 (en) System and method for routing instant messages
WO2009054661A1 (en) Procedure for managing data synchronization under multiple devices environment
US20120208575A1 (en) Method and device for message handling
WO2009121974A1 (en) Method and system for processing data messages and message chains by comparing the originating address and the destination address for a match
EP2400718B1 (en) Managing presence history in communications system
GB2492049A (en) Distributing status information for a telecommunications network subscriber
KR20080064066A (en) Method and system for providing service in communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06847310

Country of ref document: EP

Kind code of ref document: A1