Secure digital data format and code enforced policy

US 20030182574A1
Filed: 03/19/2002
Published: 09/25/2003
Est. Priority Date: 03/19/2002
Status: Active Grant

First Claim

Patent Images

1. A method for securing digital data that are to be distributed for use on a computing device, comprising the steps of:

(a) processing the digital data to create a data digest that uniquely corresponds to the digital data;

(b) including the data digest in a header of the digital data;

(c) processing the header to create a header digest that uniquely corresponds to the header;

(d) encrypting the header digest with a private key, said private key having a corresponding public key that is provided when the digital data are to be used on the computing device; and

(e) distributing the digital data with the encrypted header to an end user, for use on the computing device.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authenticity of digital data, security policies, and usage of game software are enforced on a game console. When the software is secured prior to distribution on media, a private key is used to encrypt a header digest that includes a digest of each section of the software and information specifying a region, a rating, and media type of the software. A hashing algorithm is applied to produce the digests. On the game console, a public key is used to decrypt the header digest for comparison to a hash of the header. A digest of each section of digital data is computed and compared to the corresponding digest in the header to authenticate the data. The console will not execute the software unless the parameters in the header information match those stored in the console and the computed digests for each section match those in the header on the medium.

115 Citations

54 Claims

1. A method for securing digital data that are to be distributed for use on a computing device, comprising the steps of:
- (a) processing the digital data to create a data digest that uniquely corresponds to the digital data;
  
  (b) including the data digest in a header of the digital data;
  
  (c) processing the header to create a header digest that uniquely corresponds to the header;
  
  (d) encrypting the header digest with a private key, said private key having a corresponding public key that is provided when the digital data are to be used on the computing device; and
  
  (e) distributing the digital data with the encrypted header to an end user, for use on the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the steps of creating the data digest and the header digest each comprise the step of employing a hashing algorithm to produce the data digest and the header digest, respectively.
  - 3. The method of claim 1, wherein:
    - (a) the digital data comprise a plurality of sections;
      
      (b) the step of processing the digital data to create the data digest comprises the step of processing each of the plurality of section to produce a plurality of section digests uniquely corresponding to the plurality of sections of the digital data; and
      
      (c) the step of including the data digest comprises the step of including the plurality of section digest in the header.
  - 4. The method of claim 1, further comprising the step of including information for controlling use of the digital data on the computing device within the header from which the header digest is created.
  - 5. The method of claim 4, wherein the information includes at least one of:
    - (a) an indication of a geographic region in which the digital data are authorized to be used;
      
      (b) an indication of a type of media from which the digital data are authorized to be loaded into the computing device for use;
      
      (c) a rating that is based upon at least one characteristic of the digital data;
      
      (d) a console system setting that must be in place prior to use of the digital data;
      
      (e) a fault tolerance indication of whether the digital data can be trusted when certain system components are determined to be at fault; and
      
      (f) an ejection control indication of whether the digital data can be trusted to permit removal of a portable medium upon which the digital data is stored.
  - 6. The method of claim 1, wherein the step of distributing comprises the step of storing the digital data with the encrypted header on a medium that is usable by the computing device to run the digital data.
  - 7. The method of claim 1, wherein the step of distributing comprises at least one of the steps of:
    - (a) storing the digital data with the encrypted header on a storage media usable by the computing device; and
      
      (b) transmitting the digital data with the encrypted header over at least one of wire and a wireless communication network, for use by the computing device.
  - 8. The method of claim 1, wherein the digital data comprise game software;
    - and wherein the computing device runs the game software to enable a game to be played by an end user.

9. A method for enabling use of digital data on a computing device, so as to ensure that the digital data have not been altered and so as to enforce policies regarding use of the digital data, said digital data being distributed along with a header and with an encrypted header digest for the digital data that was produced by encrypting the header digest with a private key, comprising the steps of:
- (a) using the computing device, decrypting the encrypted header digest with a public key that corresponds to the private key, to recover the header digest;
  
  (b) creating a confirming header digest of the header that was distributed with the digital data, said confirming header digest being produced using a method identical to that employed in producing the header digest that was encrypted;
  
  (c) comparing the confirming header digest with the header digest that was recovered by decrypting; and
  
  (d) only enabling the digital data to be used on the computing device if the confirming header digest is identical to the header digest that was recovered.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9, wherein the digital data comprise at least one section, said header including a section digest uniquely corresponding to one section of the digital data that was produced prior to distribution of the digital data, further comprising the steps of:
    - (a) using the computing device to process each section of the digital data with a procedure identical to that previously used to produce the corresponding section digest included in the header, producing a confirming section digest for each section;
      
      (b) comparing the confirming section digest for a section with the section digest that was included in the header; and
      
      (c) only enabling a section of the digital data to run on the computing device if the confirming section digest for said section is identical to the section digest for said section that was included in the header.
  - 11. The method of claim 9, wherein if the step of comparing results in enabling the digital data to be used on the computing device, further comprising the step of determining whether information included with the digital data relating to use of the digital data enables the digital data to be used on the computing device, and if not, precluding the digital data from use on the computing device.
  - 12. The method of claim 11, wherein the information includes an indication of at least one of:
    - (a) a geographical region in which the digital data are permitted to be used on the computing device;
      
      (b) a type of media from which the digital data are permitted to be loaded onto the computing device for use;
      
      (c) a rating that is based upon at least one characteristic of the digital data;
      
      (d) a console system setting that must be in place prior to use of the digital data;
      
      (e) a fault tolerance indication of whether the digital data can be trusted when certain system components are determined to be at fault; and
      
      (f) an ejection control indication of whether the digital data can be trusted to permit removal of a portable medium upon which the digital data is stored.
  - 13. The method of claim 11, wherein the step of determining comprises the step of comparing said information with a corresponding parameter that is set on the computing device, and if a result of the comparison confirms that the use is authorized, enabling the digital data to be used by the computing device, and if not, precluding the digital data from being used by the computing device.
  - 14. The method of claim 13, further comprising the step of enabling an authorized user to enter and store a setting for a parameter that defines a rating of the digital data that the authorized user permits to be used on the computing device.
  - 15. The method of claim 13, wherein the parameter is set before the computing device is provided to an end user.
  - 16. A memory medium on which are provided machine instructions for carrying out the steps of claim 9.

17. A method for enforcing a secure policy on distributed digital data which are intended to be used on a computing device, comprising the steps of:
- (a) securing the digital data prior to distribution by;
  
  (i) determining a data digest for the digital data in accord with a predefined procedure that produces the data digest in a form uniquely related to the digital data;
  
  (ii) including the data digest in a header for the digital data;
  
  (iii) determining a header digest for the header using the predefined procedure, said header digest being uniquely related to the header;
  
  (iv) encrypting the header digest using a private key that is secret;
  
  (b) distributing the encrypted header digest, the header, and the digital data;
  
  (c) prior to use of the digital data on the computing device, confirming an authenticity of the digital data by;
  
  (i) decrypting the encrypted header digest using a public key that corresponds to the private key, to recover the header digest;
  
  (ii) determining a confirmation digest of the header using the predefined procedure;
  
  (iii) comparing the confirmation header digest of the header to the header digest that was recovered by the step of decrypting, to confirm whether the header that was distributed with the digital data was altered; and
  
  if not altered, (iv) determining a confirmation data digest of the digital data, corresponding to the data digest included in the header, using the predefined procedure; and
  
  (v) comparing the confirmation data digest to the data digest included in the header, to confirm whether the digital data that were distributed have been altered after the step of securing; and
  
  (d) preventing the computing device from further using the digital data if either of the following occurs;
  
  (i) the confirmation header digest does not match the header digest that was recovered by the step of decrypting; and
  
  (ii) the confirmation data digest does not match the data digest that was included in the header.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 18. The method of claim 17, wherein the step of securing the digital data prior to distribution comprises the steps of:
    - (a) including information in the header specifying criteria for the secure policies that will be enforced on the computing device regarding use of the digital data; and
      
      (b) including the information as part of the header when the predefined procedure is applied to the header to determine the header digest.
  - 19. The method of claim 18, prior to enabling use of the digital data on the computing device and if the confirmation header digest matches the header digest that was recovered by the step of decrypting, further comprising the steps of:
    - (a) determining if the information in the header enables use of the digital data on the computing device; and
      
      if so, (b) enabling further use of the digital data on the computing device, unless otherwise prevented because the authenticity of the digital data is not confirmed; and
      
      if not, (c) preventing any further use of the digital data on the computing machine.
  - 20. The method of claim 19, wherein the step of determining if the information in the header enables use of the digital data on the computing device comprises the step of comparing an indication of a secure policy criterion included in the information within the header with a state of the criterion on the computing device, to confirm that they match.
  - 21. The method of claim 20, further comprising the step of enabling an authorized user to select the state of the criterion on the computing machine.
  - 22. The method of claim 20, wherein the criterion is stored in a memory on the computing device and is not accessible or alterable by a user of the computing device.
  - 23. The method of claim 18, wherein the information indicates at least one of:
    - (a) a geographical region in which the digital data are permitted to be used on the computing device;
      
      (b) a type of media from which the digital data are permitted to be loaded into the computing device for use;
      
      (c) a rating that is based upon at least one characteristic of the digital data;
      
      (d) a console system setting that must be in place prior to use of the digital data;
      
      (e) a fault tolerance indication of whether the digital data can be trusted when certain system components are determined to be at fault; and
      
      (f) an ejection control indication of whether the digital data can be trusted to permit removal of a portable medium upon which the digital data is stored.
  - 24. The method of claim 17, wherein the predefined procedure comprises a hashing algorithm.
  - 25. The method of claim 17, wherein the digital data are divided into a plurality of sections;
    - and wherein the step of determining the data digest comprises the step of applying the predefined procedure to each section to produce a section digest for each section, all of said section digests together comprising the data digest.
  - 26. The method of claim 25, wherein the step of determining a confirmation data digest of the digital data comprises the step of applying the predefined procedure to each section to produce a confirming section digest for each section, all of said confirming section digests together comprising the confirming data digest.
  - 27. The method of claim 26, wherein the step of comparing the confirmation data digest to the data digest included in the header comprises the step of comparing each confirming section digest to its corresponding section digest in the header prior to using any digital data included therein.
  - 28. The method of claim 27, wherein the step of preventing the computing device from further using the digital data comprises the step of preventing the computing device from using the digital data included in any section for which the confirming section digest does not match its corresponding section digest in the header.
  - 29. A memory medium on which are provided machine instructions for carrying out the steps of claim 17.

30. A method for enforcing a secure policy regarding use of digital data distributed for use on a computing device, comprising the steps of:
- (a) including with the digital data that are distributed, information indicating any limitation on the use of the digital data, and an encrypted digest, said digest being uniquely derived from a portion of the digital data that includes the information;
  
  (b) causing the computing device to decrypt the encrypted digest to recover the digest;
  
  (c) creating a confirmation digest with the computing device, using an identical technique that was previously used to create the digest that was previously encrypted;
  
  (d) comparing the confirmation digest with the digest that was decrypted; and
  
  (e) if the confirmation digest matches the digest that was decrypted, using the information to enforce the secure policy regarding use of the digital data on the computing device, and if not, precluding use of the digital data on the computing device.
- View Dependent Claims (31, 32, 33, 34, 35)
- - 31. The method of claim 30, wherein the information is indicative of at least one of:
    - (a) a geographical region in which the digital data are permitted to be used on the computing device;
      
      (b) a type of media from which the digital data are permitted to be loaded into the computing device for use;
      
      (c) a rating that is based upon at least one characteristic of the digital data;
      
      (d) a console system setting that must be in place prior to use of the digital data;
      
      (e) a fault tolerance indication of whether the digital data can be trusted when certain system components are determined to be at fault; and
      
      (f) an ejection control indication of whether the digital data can be trusted to permit removal of a portable medium upon which the digital data is stored.
  - 32. The method of claim 31, wherein the rating relates to a secure policy providing parental control of the digital data that are used on the computing device, further comprising the step of enabling only an authorized user to set a specific rating limit on the computing device, said specific rating limit being stored on the computing device and not readily altered by any unauthorized user.
  - 33. The method of claim 32, wherein the specific rating limit corresponds to an age level rating that is compared to the rating indicated in the information, said digital data only being enabled for use on the computing device if the age level rating is not exceeded by the rating indicated by the information.
  - 34. The method of claim 30, wherein the computing device comprises a game console and wherein the digital data comprise game software that is executed on the computing device, if enabled, so that a player can play the game software.
  - 35. A memory medium on which are provided machine instructions for carrying out the steps of claim 30.

36. A system for securing digital data so that a secure policy is enforced on the digital data to control its use on a computing device, comprising:
- (a) a memory in which are stored machine instructions; and
  
  (b) a processor that is coupled to the memory, said processor executing the machine instructions, which cause the processor to carry out a plurality of functions, including;
  
  (i) processing the digital data to create a data digest that uniquely corresponds to the digital data;
  
  (ii) including the data digest in a header of the digital data;
  
  (iii) processing the header to create a header digest that uniquely corresponds to the header; and
  
  (iv) encrypting the header digest with a private key to produce an encrypted header digest, said private key having a corresponding public key that is provided when the digital data are to be used on the computing device, producing secured digital data that include the header, and the encrypted header digest for distribution and use on the computing device.
- View Dependent Claims (37, 38, 39, 40, 41, 42)
- - 37. The system of claim 36, wherein the machine instructions cause the processor to implement a hashing algorithm to produce the data digest and the header digest, respectively.
  - 38. The system of claim 36, wherein:
    - (a) the digital data comprise a plurality of sections; and
      
      (b) the machine instructions further cause the processor to;
      
      (i) process each of the plurality of sections to produce a plurality of section digests uniquely corresponding to the plurality of sections of the digital data; and
      
      (ii) include the plurality of section digest in the header.
  - 39. The system of claim 36, wherein information for controlling use of the digital data on the computing device is included within the header from which the header digest is created.
  - 40. The system of claim 39, wherein the information includes at least one of:
    - (a) an indication of a geographic region in which the digital data are authorized to be used;
      
      (b) an indication of a type of media from which the digital data are authorized to be loaded into the computing device for use;
      
      (c) a rating that is based upon at least one characteristic of the digital data;
      
      (d) a console system setting that must be in place prior to use of the digital data;
      
      (e) a fault tolerance indication of whether the digital data can be trusted when certain system components are determined to be at fault; and
      
      (f) an ejection control indication of whether the digital data can be trusted to permit removal of a portable medium upon which the digital data is stored.
  - 41. The system of claim 36, further comprising a removable non-volatile storage medium that is coupled to the processor, wherein the machine instructions further cause the processor to store the digital data with the encrypted header on the removable medium.
  - 42. The system of claim 36, wherein the machine instructions cause the processor to transmit the digital data with the encrypted header over at least one of wire and a wireless communication network, for use by the computing device.

43. A system for authenticating digital data, so as to ensure that the digital data have not been altered and so as to enforce policies regarding use of the digital data, said digital data being distributed along with a header and with an encrypted header digest for the digital data that was produced by encrypting the header digest with a private key, comprising:
- (a) a memory in which are stored machine instructions; and
  
  (b) a processor that is coupled to the memory, said processor executing the machine instructions, which cause the processor to carry out a plurality of functions, including;
  
  (i) decrypting the encrypted header digest with a public key that corresponds to the private key, to recover the header digest;
  
  (ii) creating a confirming header digest of the header that was distributed with the digital data, said confirming header digest being produced in accord with the machine instructions that carry out a method identical to that employed in producing the header digest that was encrypted;
  
  (iii) comparing the confirming header digest with the header digest that was recovered by decrypting; and
  
  (iv) only enabling the digital data to be used on the system if the confirming header digest is identical to the header digest that was recovered.
- View Dependent Claims (44, 45, 46, 47, 48, 49)
- - 44. The system of claim 43, wherein the digital data comprise at least one section, said header including a section digest uniquely corresponding to said at least one section of the digital data that was produced prior to distribution of the digital data, said machine instructions further causing the processor to carry out the following functions:
    - (a) process each section of the digital data with a procedure identical to that previously used to produce the corresponding section digest included in the header, producing a confirming section digest for each section;
      
      (b) compare the confirming section digest for a section with the section digest that was included in the header; and
      
      (c) only enabling a section of the digital data to run on the system if the confirming section digest for said section is identical to the section digest for said section that was included in the header.
  - 45. The system of claim 43, wherein if the processor enables the digital data to be used on the system based upon results of the comparison that was made, the machine instructions further cause the processor to determine whether information included with the digital data relating to use of the digital data enables the digital data to be used on the system, and if not, precludes the digital data from being used on the system.
  - 46. The system of claim 45, wherein the information includes an indication of at least one of:
    - (a) a geographical region in which the digital data are permitted to be used on the system;
      
      (b) a type of media from which the digital data are permitted to be loaded into the memory;
      
      (c) a rating that is based upon at least one characteristic of the digital data;
      
      (d) a console system setting that must be in place prior to use of the digital data;
      
      (e) a fault tolerance indication of whether the digital data can be trusted when certain system components are determined to be at fault; and
      
      (f) an ejection control indication of whether the digital data can be trusted to permit removal of a portable medium upon which the digital data is stored.
  - 47. The system of claim 45, wherein the machine instructions further cause the processor to compare said information with a corresponding parameter that is set in the memory of the system, and if a result of the comparison confirms that the use is authorized, enables the digital data to be used by the system, and if not, precludes the digital data from being used by the system.
  - 48. The system of claim 47, wherein the machine instructions enable an authorized user to enter and store a setting in the memory for a parameter that defines a rating of the digital data that the authorized user permits to be used on the system.
  - 49. The system of claim 47, wherein the parameter is set before the system is made available for use by an end user.

50. A system for enforcing a secure policy regarding use of digital data distributed for use on the system, said digital data including information on any limitation on the use of the digital data on the system and an encrypted digest, a digest that was encrypted to provide the encrypted digest being uniquely derived from a portion of the digital data that includes the information, comprising:
- (a) a memory in which a plurality of machine instructions are stored; and
  
  (b) a processor that is coupled to the memory and which executes the machine instructions, causing the processor to carry out the following functions;
  
  (i) decrypting the encrypted digest to recover the digest;
  
  (ii) creating a confirmation digest, using an identical technique that was previously used to create the digest that was previously encrypted;
  
  (iii) comparing the confirmation digest with the digest that was decrypted; and
  
  (iv) if the confirmation digest matches the digest that was decrypted, using the information to enforce use of the digital data on the system in accord with the secure policy, and if not, precluding use of the digital data on the system.
- View Dependent Claims (51, 52, 53, 54)
- - 51. The system of claim 50, wherein the information is indicative of at least one of:
    - (a) a geographical region in which the digital data are permitted to be used on the computing device;
      
      (b) a type of media from which the digital data are permitted to be loaded into the computing device for use;
      
      (c) a rating that is based upon at least one characteristic of the digital data;
      
      (d) a console system setting that must be in place prior to use of the digital data;
      
      (e) a fault tolerance indication of whether the digital data can be trusted when certain system components are determined to be at fault; and
      
      (f) an ejection control indication of whether the digital data can be trusted to permit removal of a portable medium upon which the digital data is stored.
  - 52. The system of claim 51, wherein the rating relates to a secure policy providing parental control of the digital data that are used on the system, further comprising the step of enabling only an authorized user to set a specific rating limit on the system, said specific rating limit being stored in the memory and not readily altered by an unauthorized user.
  - 53. The system of claim 52, wherein the specific rating limit corresponds to an age level rating that is compared to the rating indicated in the information, said digital data only being enabled for use on the system if the age level rating is not exceeded by the rating indicated by the information.
  - 54. The system of claim 50, wherein the system comprises a game console and wherein the digital data comprise game software that is executed on the computing device, if enabled, so that a player can play the game software.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Lange, Jonathan E., Asmi, Yasser B., Whitten, Jon Marcus Randall, Sharpe, Tracy Clayton, Pirich, Christopher Michael, Thomason, Jonathan Gerald

Granted Patent

US 7,627,753 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

A63F 13/12   involving interaction betwe...

A63F 13/30   Interconnection arrangement...

A63F 13/71   using secure communication ...

A63F 13/73   Authorising game programs o...

A63F 13/77   involving data related to g...

A63F 13/95   Storage media specially ada...

A63F 2300/401   Secure communication, e.g. ...

A63F 2300/532   using secure communication,...

G06F 21/51   at application loading time...

Secure digital data format and code enforced policy

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

115 Citations

54 Claims

Specification

Solutions

Use Cases

Quick Links

Secure digital data format and code enforced policy

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

115 Citations

54 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links