Appeal 2007-0463
Application 09/896,537
particular subscriber is entitled to receive (col. 1, ll. 53-57). The access rights are
authenticated in the category key (col. 1, ll. 57-58). A problem with this and other
known systems is that it has been necessary to provide the authenticated access
rights with the encrypted category key in a single "category rekey" message (col. 1,
ll. 59-62). However, the access rights may be many bytes in length and each
category rekey message has a limited length (col. 1, ll. 62-65). If the number of
bytes required to define access rights were to become too large, a single category
rekey message could not hold the full description (col. 1, l. 67 to col. 2, l. 3).
Eyer discloses an access control system in which access rights can be
delivered incrementally to an access control processor using more than one
category rekey message (col. 2, ll. 4-6 and 19-21). More particularly,
[d]ata defining the access rights is divided into a plurality of
subgroups. The subgroups are transmitted to the processor as
authenticated data in a plurality of messages. A current cryptographic
key is derived using the authenticated data contained in a current
message upon receipt of that message by the processor. Each of the
subgroups is stored in a corresponding storage bank of the processor.
Each of the storage banks has a validity designation associated
therewith for said cryptographic key.
(Col. 2, ll. 19-24.)
Figure 2 of Eyer shows a key hierarchy that can be used for key encryption
(col. 4, ll. 48-49).
The only limitation of claim 1 argued by Appellants in response to the
anticipation rejection is the step of “receiving content comprising a set of attributes
having L through N levels of access” (Br. 17). We understand the phrase “a set of
attributes” to mean a plurality of attributes. As a result, the phrase “a set of
9
Page: Previous 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Next
Last modified: September 9, 2013