Method and apparatus for protecting information and privacy

US 20030220882A1
Filed: 05/02/2003
Published: 11/27/2003
Est. Priority Date: 05/02/2002
Status: Active Grant

First Claim

Patent Images

1. A method of protecting software comprising the steps of:

a. signing protection information at a protection center using a signature key;

b. sending said protection information from a protection center to a supervising program of a user device; and

c. said supervising program of the user device verifying said signature using a verification key for said protection center signature key, the protection information including at least one of;

superfingerprints, a software validator, a software patch, a device-validator, digital signature verification keys and associated digital signature verification keys, a parameter package, a list of one-way function values, and a software update set.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for protecting software against piracy while protecting a user'"'"'s privacy enables enhancements to the protection software in a user device and extended protections against piracy. The protection system allows the user device to postpone validation of purchased tags stored in a tag table for installed software and to re-establish ownership of a tag table to recover from invalidation of a tag table identifier value resulting from revelation of a tag table identifier value. Continued use of the tag table is provided by the use of credits associated with a tag table. A protection center is protected against denial of service attacks by making calls to the protection center cost time or money to the attackers.

Citations

42 Claims

1. A method of protecting software comprising the steps of:
- a. signing protection information at a protection center using a signature key;
  
  b. sending said protection information from a protection center to a supervising program of a user device; and
  
  c. said supervising program of the user device verifying said signature using a verification key for said protection center signature key, the protection information including at least one of;
  
  superfingerprints, a software validator, a software patch, a device-validator, digital signature verification keys and associated digital signature verification keys, a parameter package, a list of one-way function values, and a software update set.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein the software validator includes a portion of software and a hash function value of said portion.
  - 3. The method of claim 1 wherein the software patch includes new code for the supervising program and an operating system.
  - 4. The method of claim 1 wherein the device-validator checks a property of the user device.
  - 5. The method of claim 1 wherein the digital signature verification key lists include names of entities authorized to sign messages employed in protection of software, and their associated digital signature verification keys.
  - 6. The method of claim 1 wherein the parameter package includes parameter values to be employed by a supervising program on the user device for protection of software.
  - 7. The method of claim 1 wherein the parameter values are employed by the supervising program to enforce software protection, said parameter values adjusted at different times.
  - 8. The method of claim 1 wherein the list of one-way function values includes:
    - a one-way function;
      
      a value, said value is a result of applying said one-way function to a second value; and
      
      an action.

9. A method of checking whether software may be used comprising the step of:
- determining whether any combination of at least two tags together convey permission to use the software.

10. A method used by a protection center of sending protection information to a class of user devices having common properties comprising the step of:
- signing a message including said protection information to be sent, the common properties, and an expiration time for said protection information.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10 further comprising the steps of:
    - sending said signed message to user devices; and
      
      downloading said signed message by one of the user devices from one of said other user devices.
  - 12. The method of claim 11 wherein the step of sending sends to at least one storage device and the step of downloading downloads from the at least one storage device.
  - 13. The method of claim 10 further comprising the steps of:
    - a. receiving said signed message by a supervising program on each user device;
      
      b. verifying by the supervising program the message has been signed by said protection center using a verification key on said user device, that said common properties correspond to one of a set of actual properties of the user device and a set of properties listed in the supervising program, and that the expiration time is greater than a current time; and
      
      upon successful verification, accepting the message by the user device.

14. A method of permitting a user device to perform an action comprising the steps of:
- a. sending, by a secure authoritative server, to the user device, a value from a domain of a one-way function;
  
  b. applying, by a supervising program on the user device, said one-way function to said value to obtain a range value from a range of the one-way function; and
  
  c. if said range value equals a stored range value from the range already held on the user device, performing the stored action associated with that one-way function during a time period associated with said value and said stored range value.
- View Dependent Claims (15)
- - 15. The method of claim 14 wherein said action is postponement of a required call-up by said user device to a guardian center.

16. A method of permitting a user device to perform an action comprising the steps of:
- a. sending, by a secure authoritative server, a signed message stating that said action can be performed in a given time period;
  
  b. verifying, by a supervising program on the user device, a signature on said signed message as coming from said secure authoritative server; and
  
  c. if verified, performing said action by the supervising program during said time period.
- View Dependent Claims (17)
- - 17. The method of claim 16 wherein said action is postponement of a required call-up by said user device to a guardian center.

18. A method of postponing validation of a tag table in user device, comprising the steps of:
- a. determining, by a supervising program of said user device, credits associated with the tag table identifier; and
  
  b. upon determining sufficient credits, allowing the tag table to remain valid at a first time, said first time is after a time to next call-up contained in a latest continuation message associated with that tag table.

19. A method of protecting software comprising the steps of:
- upon receiving a call-up for a tag table at a first time, by a guardian center, said first time past a time to next call-up held in a last continuation message sent to a user device for said tag table; and
  
  updating in the next continuation message, credits remaining for said tag table based on one or more of the credits in the last continuation message, the first time, and the time to next call-up held in the last continuation message.
- View Dependent Claims (20, 21)
- - 20. The method of claim 19 further comprising the step of:
    - decreasing available credits, by the guardian center, if the user device indicates in a call-up message that its user device descriptive values have significantly changed.
  - 21. The method of claim 19 further comprising the step of:
    - preventing the use of credits, by the supervising program, if the user device descriptive values have changed significantly since the occurrence of a previous continuation message.

22. A method of requesting a continuation message comprising the steps of:
- storing a call-up message in a user device, the call-up message including;
  
  a. a tag table identifier value;
  
  b. a set of user device descriptive values;
  
  c. a large randomly generated number; and
  
  d. a hash function; and
  
  applying said hash function to the combination of said set of user device descriptive values and said large randomly generated number to provide a hash result value; and
  
  securely sending from the user device to a guardian center said tag table identifier value and said hash result value in a call-up message.
- View Dependent Claims (23, 24, 25)
- - 23. The method of claim 22 further comprising the steps of:
    - a. upon receiving said call-up message, said guardian center invalidating tag table identifier values that have participated in more than a specified number of call-ups over a specified time;
      
      b. forming a continuation message, by said guardian center, by signing a message containing the call-up message, and at least one of a list of valid tag table identifier values, a time to next call-up for each valid tag table identifier value and an indication of the invalid tag table identifier values; and
      
      c. securely sending, by said guardian center, said continuation message to the user device.
  - 24. The method of claim 23 further comprising the steps of a. verifying, by the supervising program on said user device the signature on the continuation message;
    - b. verifying, by said supervising program, that the continuation message includes said call-up message;
      
      c. invalidating, by said supervising program, the associated tag table, for each said invalidated tag table identifier value; and
      
      d. storing, by said supervising program, said continuation message.
  - 25. The method of claim 24 further comprising the step of:
    - invalidating all tags associated with said invalidated tag tables.

26. A method of re-establishing ownership of a tag table, comprising the steps of:
- a. securely sending, by a user device, a message to an authorized server, the message including a new tag table identifier, a tag table identifier, an original tag table identifier and an ownership certificate pertaining to the original tag table identifier;
  
  b. verifying, by the authorized server, that said ownership certificate pertains to the original tag table identifier and securely sending to the user device a digitally signed message allowing the user device to employ the new tag table identifier;
  
  c. creating, by the authorized server, an association between said second tag table identifier and said original tag table identifier, said new tag table identifier and said tag table identifier both related to said original tag table identifier; and
  
  d. ensuring by the authorized server that call-ups including said tag table identifier without said new tag table identifier are rejected.
- View Dependent Claims (27)
- - 27. The method of claim 26 further comprising the steps of:
    - e. including, by the user device, said new tag table identifier in a future call-up message;
      
      f. verifying, by the guardian center, said association between said new table identifier and said original tag table identifier; and
      
      performing, by the guardian center, further processing based on said original tag table identifier.

28. A method of re-establishing ownership of a tag table employing a one-way function, comprising the steps of:
- a. securely sending, by a user device, a message to an authorized server, the message including a new tag table identifier;
  
  b. verifying, by the authorized server, that applying said one-way function to the new tag table identifier yields a tag table identifier, the tag table identifier stored on the authorized server and associated with an original tag table identifier, said new tag table identifier and said tag table identifier both related to said original tag table identifier;
  
  c. creating, by the authorized server, an association between said new tag table identifier and said original tag table identifier; and
  
  d. ensuring, by the authorized server, that call-ups including said tag table identifier without said new tag table identifier are rejected.
- View Dependent Claims (29)
- - 29. The method of claim 28 further comprising the steps of:
    - e. including, by the user device, said new tag table identifier in a call-up message;
      
      f. verifying, by the guardian center, the association between said new table identifier and said original tag table identifier; and
      
      performing, by the guardian center, further processing based on said original tag table identifier.

30. A method of creating a proof of purchase of software comprising the steps of:
- a. selecting a large random integer which is unlikely to be guessed;
  
  b. creating a message including said large random integer; and
  
  c. adding said large random integer to a list of integers maintained by a vendor
- View Dependent Claims (31, 32, 33, 34, 35, 36)
- - 31. The method of claim 30 wherein said message further includes at least one of a name of a software, a hash value of said software, and a usage policy for said software.
  - 32. The method of claim 31 further comprising the steps of:
    - downloading said message by the user; and
      
      employing said message to obtain a tag for said software.
  - 33. The method of claim 31 wherein said message is associated with said software at a point of sale and is transferred to a purchaser.
  - 34. The method of claim 33 wherein said message is securely concealed until opened by said purchaser.
  - 35. The method of claim 31 further comprising the steps of:
    - a. upon receipt of said message, said vendor checking whether said large random integer is in said list of integers; and
      
      b. upon successful check, said vendor allowing issuance of a tag for software and removing said large random integer from said list of integers.
  - 36. The method of claim 30 wherein said message is signed.

37. A method of protecting a protection center, comprising the steps of:
- a. forming, at the protection center, a puzzle comprising a function and a value in the range of said function, execution of the function causing at least one of a registration or a call-up to the protection center to consume resources of a calling user device;
  
  b. sending, by said protection center, said function and said value to the requester of a service in the user device;
  
  c. receiving, at the protection center, the second value from the requester;
  
  d. testing whether said function applied to the second value equals said value in the range of said function; and
  
  e. offering the service, if the test is successful.

38. A method of protecting a protection center, comprising the steps of:
- a. forming, at a user device, a request, the request including a token of monetary value, the request requiring resources of the user device; and
  
  b. sending said request to the protection center, the request being granted only if the protection center verifies payment of said monetary value.

39. A method of authorizing an organization'"'"'s security center to generate and use a signature key and verification key pair based on a master authorization signature key comprising the steps of:
- a. allowing said security center to generate said signature and verification keys; and
  
  b. signing with the master authorization signature key said organization verification key.
- View Dependent Claims (40)
- - 40. The method of claim 39 wherein the step of signing further comprises having a user device recognize the validity of said organization verification key by verifying the signature of the master authorization signature key in the signed organization verification key.

41. A method of preventing repudiation of a call-up message comprising:
- requiring each user device to sign each call-up message with a key whose owner can be established by a third party.

42. A method of setting time on a user device comprising:
- a. sending a time request containing a first large randomly generated number to a certified time server;
  
  b. waiting for less than a specified number of seconds until the certified time server sends a signed message including a second large randomly generated number and a time value;
  
  c. setting by a supervising program, a trusted clock in the user device to said time value included in the signed message provided that said signed message from the certified time server has arrived within said specified number of seconds after the request and the second randomly generated number in said signed message is the same as the first randomly generated number in said request; and
  
  d. thereafter advancing the trusted clock value in accordance with elapsed time read

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Corporation
Original Assignee
ShieldIP, Inc.
Inventors
Caceres, Ramon, Molnar, David, Karia, Timir, Beinart, Yossi, Shasha, Dennis E., Rolinson, Sean, Rabin, Michael O.

Granted Patent

US 7,406,593 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/57
CPC Class Codes

G06F 21/1077   Recurrent authorisation

G06F 21/6254   by anonymising data, e.g. d...

G06F 21/725   operating on a secure refer...

G06Q 20/367   involving electronic purses...

Method and apparatus for protecting information and privacy

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for protecting information and privacy

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links