HK1100991B - Method and system for operating a computer network which is intended for content publishing - Google Patents
Method and system for operating a computer network which is intended for content publishing Download PDFInfo
- Publication number
- HK1100991B HK1100991B HK07108927.4A HK07108927A HK1100991B HK 1100991 B HK1100991 B HK 1100991B HK 07108927 A HK07108927 A HK 07108927A HK 1100991 B HK1100991 B HK 1100991B
- Authority
- HK
- Hong Kong
- Prior art keywords
- computer network
- operating
- digital
- network
- computer
- Prior art date
Links
Description
Technical Field
The present invention relates to the field of information and communication technology.
More particularly, the present invention relates to the field of content publishing.
Background
There has been disclosed in the prior art an electronic multimedia data publishing system, as described in patent application PCT WO 01/95147(STG Interactive SA), comprising a server connected to a computer network, the server comprising a database in which are stored digital files comprising descriptors of multimedia pages, and a plurality of host terminals associated with the computer network, the host terminals being provided with random access memory for temporarily storing the digital files downloaded from the server database and for consulting a software program for visually displaying the files according to the descriptors of the downloaded pages, wherein selected digital files comprise descriptors having at least two visual display modes of the same digital file, and a software program for managing the database and for exchanging with the host terminals.
The FSDL Language (scans Slide Description Language) is known as an easy-to-use XML Language that is capable of developing, publishing contents and operating a scans-type computer object (registered trademark of STG Interactive SA).
A fundamental technical problem in implementing and managing computer networks is to identify the topology of the servers and to look up the addresses.
For many years, traditional DNS (domain name system) has shown to be reliable and robust. However, the system is not designed such that it can be easily added with advanced functionality, in particular regarding the description of the content and their accessibility. Its main function is to look up an address.
Disclosure of Invention
The object of the present invention is to obviate the drawbacks of the prior art by providing a technical method for operating a computer network, which is particularly suitable for publishing contents, in particular for consulting (rendering) computer objects. The method and related system have a number of advantages over methods and systems known in the art. In particular, the method according to the invention has many advanced functions.
Although the systems for publishing traditional digital documents (for example of the Web type) have a free, unclear and almost disorderly organization, the method according to the invention provides a means of obtaining a clear reference and precise naming of the content. The use of a computer network employing the method according to the invention enables publishers to better control the content they publish and the distribution of that content. For example, a user can access a descriptive file of content before loading it from the server to his particular viewer, which facilitates optimization of network resources.
The very important advantages of at least three aspects of the invention can be immediately distinguished:
accessibility of users
The descriptor can be used, for example, to show whether the content is online, whether a filter exists to protect minors from content that is specific to adults, and the way in which a user should authenticate himself to access the content.
Connecting to a server
For example, descriptors can be used to display connection protocols (http..) and reference files (home-slide).
Content format
For example, the descriptor can be used to display the version and encoding format of the publishing language used.
Furthermore, the method according to the invention can be used for optimized management of cache memories to reduce network traffic and improve access times.
The method according to the invention is therefore extremely comfortable for the end user: it is very simple, well-organized, ergonomic and does not require any complex technical parameter settings. The invention has many advantages for network administrators: he is rarely needed by the user and all he can focus on more meaningful and higher level tasks. The present invention provides a significant gain in network administrators in terms of labor productivity, performance, and satisfaction with their job.
The present invention also provides a rights manager with control over the computer network operator. The rights administrator authorizes the possibility of managing the network using a digital key called root key. The network operator then manages his network using another digital key, called the network key.
The method according to the invention also provides for obtaining a signature of all the operating functions of the computer network and generally only of the content published through the computer network.
In its most generally accepted form, the invention therefore relates to a method of operating a computer network, said network comprising first of all a plurality of computer servers and at least one client station equipped with specific computer software for consulting digital pages, and said network connecting at least two different entities: a rights administrator and one or more network operators, the method comprising:
a preceding step of initializing a computer network by means of two digital documents signed by a rights administrator using a root key, one of said documents being a digital certificate of said network and the other being a document containing links to digital pages for accessing said digital certificate of the network;
a step of identifying a network topology which results in:
-obtaining a list of servers L1,
-recording a digital document comprising said list L1, the digital document being signed by a network operator using a network key; and
-assigning to each server of said list L1 a coefficient that in particular represents its processing power;
a step of address lookup by a server for resolving addresses (called lookup server), this step being implemented by two digital documents, one for error management and the other comprising address parameters, these digital documents being signed by the network operator by means of a network key;
a step of referring to the computer object registered on the server specified by the address parameter by the specific software;
the digital certificate of the computer network initialization step comprises information of the type of management and technology used by the user to access the network, the technical information comprising, among other things, the public part of the network key.
Preferably, the method further comprises the step of pre-installing specific software on the client station for consulting the digital pages.
Advantageously, the method further comprises updating the specific software on the client station for consulting the digital pages, the updating being managed by the computer server using the status digital document and the updated digital document, the documents being signed by the rights administrator with the root key and the documents being specific to the platform of the client station.
According to a preferred alternative embodiment (variant), one or more of said computer servers are dedicated to user technical assistance [ help ].
According to a particularly preferred alternative embodiment of the invention, the method implements a mechanism for load balancing between different servers [ network load balancing ].
According to a preferred embodiment, the method uses a service reallocation mechanism [ network fault tolerant backup ] if one server is not available.
According to a preferred implementation variant, one of the address parameters is a digital filtering identifier (or indicator) that takes into account the content of the corresponding digital pages, for example but not exclusively for managing the authorized reference to these pages according to the age of the user [ digital filters for protecting minors ].
According to a particular embodiment, the activities of the operator take place over a public network, such as the internet.
According to another particular embodiment, said activity of the operator takes place on at least one private computer network [ for example an IP type network ].
Preferably, the digital document has an XML compatible format.
Advantageously, the specific software on the client station distinguishes between the different networks during the identification phase and makes it possible to use the different computer networks simultaneously.
According to a particular embodiment (variant), the rights administrator may be divided into a plurality of rights administrators.
Advantageously, the method consults at the client station using a cache, for example but not necessarily at the level of the particular software.
Preferably, the cache memory has two valid durations: a relative duration from a given event, and an absolute duration corresponding to a predetermined expiration date.
According to a specific embodiment, the event is loading one of the digital documents.
According to a particularly preferred embodiment, the list of servers L1 also comprises an identifier representing the geographical location of the server.
According to a particular embodiment, the step of initializing the computer network is performed automatically and is implemented using only said digital certificate.
According to a particular embodiment, the step of initializing the computer network, performed automatically, uses a predetermined address.
According to an alternative embodiment, at the moment of the step of identifying the network topology, the digital document is signed by the rights administrator by means of a network key, which is kept in custody by the rights administrator.
According to one embodiment, at the time of the step of address lookup, the digital document is signed by the rights administrator using a network key, and the network key is kept in custody by the rights administrator.
Advantageously, the method further comprises the step of validating the public part of the network key by using the network key to provide a signature of the predetermined string.
Preferably, each digital document has a unique identifier determined in part by the rights administrator and in part by the network operator.
According to a first variant, for each digital document, a signature is included in the document.
According to a second variant, for each digital document, the signature is provided by the document and is not included in the document.
According to a preferred embodiment, the address parameter defines whether the user should authenticate himself in order to access the content, and if so, in what manner.
Advantageously, the address parameter defines the format of the content to be published.
According to a particularly preferred variant, different colors can be used for displaying the addresses of different computer networks.
According to a preferred variant, the digital document (lookup document) comprising the address parameter also comprises a certificate for authenticating the content server.
The invention also relates to a method for digital communication between at least two devices on a computer network operating according to the aforementioned operating method, characterized in that in at least one step of the method, the digital data exchanged between the two devices comprises at least one address in a format having a title corresponding to the network name and a descriptor determined by a content generator.
According to a preferred variant, the step of the method in question is an address lookup step.
Finally, the invention also relates to a computer network operating system, said network comprising firstly a number of computer servers and at least one client station on which specific software for consulting digital pages is installed, and said network connecting at least two different entities: a rights administrator and at least one network operator.
Drawings
The invention will be better understood after reading the following purely explanatory description of an embodiment thereof, with reference to the attached drawings, in which:
FIG. 1 shows an example of a system using a method according to the invention; and
fig. 2 and 3 are diagrams illustrating the document exchange flow between specific software of a rights administrator, a network operator, and a user station.
Detailed Description
The method according to the invention is implemented in the system shown in fig. 1. Specific software for referring to the content is installed at the client station. Information is exchanged between the software and the different servers. This arrangement is not the only possible arrangement: the different functions can be located on a single server. The ultimate goal is to consult the content hosted on the dedicated server, this consultation being dependent on the address parameters and being made with said specific software installed on the client station.
In FIG. 1, the "C-RA" indicator indicates that the document is signed by the root key, and the "C-RE" indicator indicates that the document is signed by the network key.
In one exemplary embodiment, the digital certificate required to initialize the network includes the following fields:
-name of computer network
-a unique identifier
Duration of relative effectiveness
-expiration date
Name of operator
-address of operator
Type, description, reference, expiration date and licensing vendor
-URL to Web help site
-the color of the address color and the address background of the computer network
Location of the "certificate", "topology" and "status" digital documents
Length and exponent of public key (for RAS type encryption)
Public part of the network key and "check printing" of this key "
And finally document signing by root key
In our exemplary embodiment, the find document (address lookup) includes the following fields:
-name of computer network
-a numerical identifier
Duration of relative effectiveness
-expiration date
-address of content to be published
-indicia of whether the content is online or not
Indication of filters (e.g. content suitable only for adults)
Address of expiration date
-indication of user authentication method
Descriptor of a connection protocol
-location of content
-location of reference independent web page (slide) (home-slide)
Version and coding of a content publishing language
-indications as to whether the content belongs to topic routes, groups, classes, etc
And finally document signing by the network key.
Possible steps for updating the specific software of the client station involve two digital documents: a status document and an update document.
The status digital document (status) lists the current version of the software and the update digital document (update) includes the latest version of the software.
Three different states can be given in the state document:
-most recent (OK)
Due date (recommended update)
Outdated (must be updated)
Only certain steps will be performed when the network address is reopened from a particular piece of software, depending on whether the certificate expires, whether the topology expires, and whether the lookup in the cache memory expires.
Tables I and II indicate "who signed what document, which key was used" in two cases (general case with authorization and case without authorization).
Table I: signing of digital documents in the general case with authorization
Table II: signing of digital documents without authorization
Figures 2 and 3 show the document exchange flow between the server hosting these documents and the user stations in the case of public and private networks. Obviously, many other arrangements are possible, e.g. some (switching) streams may be split.
In fig. 2 and 3, a stream number 1 is a stream of a setting document and a certificate document, a stream number 2 is a stream of a topology document and a search error document, and a stream number 3 is a stream of a status document and an update document.
The above description of the invention has been given as an example. It will be apparent to those skilled in the art that various changes and modifications may be made without departing from the scope of the invention.
Claims (36)
1. Method of operating a computer network, said network comprising first of all a plurality of computer servers and at least one client station on which computer software for consulting digital pages is installed and to which at least two different entities are connected: a rights administrator and one or more network operators, comprising:
● the preceding step of initializing the computer network by two digital documents signed by the rights administrator using a root key, one of the two digital documents being a digital certificate for the network and the other being a document containing digital pages linked to digital certificates for accessing the network;
●, a step of identifying the network topology that results in:
-obtaining a list of servers,
-recording a digital document containing said list, the digital document being signed by said network operator using a network key, and
-assigning to each server in said list a coefficient representing the processing power of said server;
● Address lookup step for a server resolving addresses, the step being performed using two digital documents, one for error management and the other including an address parameter, the digital documents being signed by a network administrator using a network key;
● a step of referring to the computer object registered in the server specified in the address parameter using the software;
● the digital certificate of the computer network initialization step includes information of the type of management and technology used by the user to access the network, the type of technology information including the public part of the network key.
2. A method of operating a computer network according to claim 1 further comprising the step of installing said software for referring to digital pages on said client station prior to the step of initializing.
3. A method of operating a computer network according to claim 1, further comprising the step of updating said software on said client station for consulting digital pages, the updating being managed by a computer server using a state digital document and an update digital document, the documents being signed by said rights administrator using said root key and being specific to the platform of said client station.
4. A method of operating a computer network according to claim 2, further comprising the step of updating said software on said client station for consulting digital pages, the updating being managed by a computer server using a status digital document and an update digital document, the documents being signed by said rights administrator using said root key and being specific to the platform of said client station.
5. Method of operating a computer network according to any of claims 1-4, characterized in that one or more of said computer servers are servers dedicated to user technical assistance.
6. Method of operating a computer network according to any of claims 1-4, characterized in that the method also implements a mechanism for load balancing between different servers.
7. Method of operating a computer network according to any of claims 1-4, characterized in that the method also uses a service reallocation mechanism in case a server is not available.
8. Method of operating a computer network according to any of claims 1-4, characterized in that one of the address parameters is a numeric filter identifier taking into account the content of the corresponding numeric page.
9. The method of claim 8, wherein the address parameter is used to manage authorization to review the pages based on the age of the user.
10. Method of operating a computer network according to any of claims 1-4, characterized in that the activities of the operator take place in a public network.
11. The method of computer network operation of claim 10, wherein the public network is the internet.
12. Method for operating a computer network according to any of claims 1 to 4, characterized in that the activities of the operator take place in at least one personal computer network.
13. The method of computer network operation according to any of claims 1-4, wherein the digital document has an XML-compatible format.
14. Method of operating a computer network according to any of claims 1-4, characterized in that the software on the client station distinguishes between different networks in the identification phase and makes it possible to use different computer networks simultaneously.
15. The method of operating a computer network according to any one of claims 1-4, wherein there are a plurality of said rights administrators.
16. Method of operating a computer network according to any of claims 1-4, wherein the method uses a cache memory at the client station.
17. The method of computer network operation of claim 16 wherein said method is consulted at said client station at the software level using a cache memory.
18. The method of computer network operation of claim 16, wherein the cache memory has two valid durations: one relative duration, which starts from a given event, and one absolute duration, which corresponds to a predetermined expiration date.
19. The method of computer network operation of claim 17, wherein the cache memory has two valid durations: one relative duration, which starts from a given event, and one absolute duration, which corresponds to a predetermined expiration date.
20. The method of computer network operation of claim 18, wherein the event is loading of one of the digital documents.
21. The method of any of claims 1-4, wherein the list of servers further comprises an identifier representing a geographic location of the server.
22. Method of operating a computer network according to any of claims 1-4, characterized in that the step of initializing the computer network is carried out automatically and is performed solely using the digital certificate.
23. The method of operating a computer network according to claim 22, wherein the step of initializing the computer network performed automatically uses a predetermined address.
24. Method of operating a computer network according to any of claims 1-4, characterized in that at the moment of the network topology identification step, said digital document is signed by said rights administrator using said network key, which is kept in custody by said rights administrator.
25. Method of operating a computer network according to any of claims 1-4, characterized in that at the moment of the address lookup step the digital document is signed by the rights administrator using the network key, which is kept in custody by the rights administrator.
26. The method of operating a computer network according to any of claims 1-4, further comprising the step of validating the public portion of the network key by providing a signature of a predetermined string using the network key.
27. The method of operating a computer network according to any of claims 1-4, wherein each digital document has a unique identifier determined in part by the rights administrator and in part by the network operator.
28. Method of operating a computer network according to any of claims 1-4, characterized in that for each digital document a signature is included in the document.
29. Method of operating a computer network according to any of claims 1-4, characterized in that for each digital document a signature is provided by the document and is not included in the document.
30. Method of operating a computer network according to any of claims 1-4, characterized in that the address parameter defines whether the user should authenticate himself for accessing the content and, if so, in what way.
31. Method of operating a computer network according to any of claims 1-4, characterized in that the address parameter defines the format of the content to be published.
32. Method for operating a computer network according to any of claims 1-4, characterized in that different colors can be used for displaying the addresses of different computer networks.
33. The method of any of claims 1-4, wherein the digital document including the address parameter further includes a certificate for authenticating a content server.
34. Method for digital communication between at least two devices on a computer network operating according to any one of the preceding claims, characterized in that in at least one of said steps of said digital communication method, the data exchanged between said two devices comprise at least one address in a format having a title corresponding to the name of said network, and a descriptor determined by the content generator.
35. The digital communication method according to claim 34, wherein said step of said digital communication method is an address lookup step.
36. A computer network operating system, said network comprising first of all a plurality of computer servers and at least one client station on which software for consulting digital pages is installed, and said network connecting at least two different entities: a rights administrator and at least one network operator for using the method of operation according to any one of claims 1 to 33.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| FR0450079 | 2004-01-14 | ||
| FR0450079A FR2865051B1 (en) | 2004-01-14 | 2004-01-14 | METHOD AND SYSTEM FOR OPERATING A COMPUTER NETWORK FOR CONTENT RELEASE |
| PCT/FR2005/050019 WO2005074225A1 (en) | 2004-01-14 | 2005-01-13 | Method and system for operating a computer network which is intended for content publishing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| HK1100991A1 HK1100991A1 (en) | 2007-10-05 |
| HK1100991B true HK1100991B (en) | 2011-04-01 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12242985B2 (en) | Portable network interfaces for authentication and license enforcement | |
| US7290699B2 (en) | Protected content distribution system | |
| US7484237B2 (en) | Method and apparatus for role-based security policy management | |
| US6978024B2 (en) | Publication certifying system, viewing-access-log recording server, publishing-access-log recording server, digital-signature server, and information terminal for access-to-view | |
| US6633978B1 (en) | Method and apparatus for restoring computer resources | |
| US20050044546A1 (en) | Method of allowing printing from a network attached device | |
| WO2008051792A2 (en) | Data file access control | |
| CN101127606A (en) | Method and device for transmitting data object | |
| JP2004295846A (en) | License management system, license management server, license management method, program, and recording medium | |
| US20080165967A1 (en) | Method and Device For Migrating a Specifically Encrypted Access Object From a First Terminal Unit to a Second Terminal Unit | |
| WO2007106237A1 (en) | Method and system for certified publication of content | |
| CN1918880B (en) | Method and system for operating a computer network for publishing content | |
| CN1953454A (en) | A safe audit method based on role management and system thereof | |
| JP6319006B2 (en) | Authentication service method, authentication service server, and authentication service system | |
| HK1100991B (en) | Method and system for operating a computer network which is intended for content publishing | |
| JP2008287359A (en) | Authentication apparatus and program | |
| JP2004030056A (en) | Method and equipment for controlling contents use and program | |
| WO2006092642A1 (en) | Access rights control in a device management system | |
| EP1494102A1 (en) | A method of allowing printing from a network attached device | |
| JP3829650B2 (en) | Device and method for issuing unique data | |
| US8606748B2 (en) | Customer detail publication in an internal UDDI | |
| Kirstein et al. | Handling the internet of things with care | |
| JP2004102783A (en) | Content distribution control device, method and program | |
| Larsen | Addressing Security Requirements within the SPACE System | |
| Ardestani et al. | Security in the Intranet |