Dynamic configuration of a gaming system
First Claim
1. A PKI certificate architecture for a network connected gaming system, wherein each software component within the gaming system subject to receive certification is signed with a distinctive certificate, the certificate being uniquely identified by at least one field.
4 Assignments
0 Petitions
Accused Products
Abstract
A method to enable dynamic configuration of gaming terminals installed in one or a plurality of gaming premises whereby certified games, certified data files and certified support software components are activated in accordance with a predetermined schedule or automatically in response to the observed gaming activity. The method may include allocating an individual PKI certificate to each executable software component and each of its versions, binding the PKI certificate to the executable software, associating a distinctive policy for each certificate and then enforcing the software execution policies in accordance with the desired authorized game configuration and schedule. The PKI certificate'"'"'s “Subject Name” (or “Issued to” field or “CommonName” field) may be a concatenation of the software component identification, its version number and optionally other identification characters. The method applies equally to other network connected gaming subsystems. The method enables a fine-grained and secure control of the authorized software components and thus the flexibility to securely configure the gaming system in accordance with a schedule or in a close-loop fashion in order to meet business objectives. In addition, a method to enable the certification authority to bind the certificates to the tested code is described.
237 Citations
96 Claims
- 1. A PKI certificate architecture for a network connected gaming system, wherein each software component within the gaming system subject to receive certification is signed with a distinctive certificate, the certificate being uniquely identified by at least one field.
-
17. A method for a network connected gaming system to prevent unauthorized software components from executing, comprising the steps of:
-
producing a separate PKI certificate for each software component subject to receiving certification;
code signing each software component subject to receiving certification with its respective PKI certificate, and configuring Software Restriction Policy certificate rules to allow execution of a selected set of each software component subject to receiving certification. - View Dependent Claims (18, 19)
-
-
20. A method for a network connected gaming system to enable only authorized software components to execute, comprising the steps of:
-
configuring a Software Restriction Policy for each authorized software component, and enforcing the Software Restriction Policy. - View Dependent Claims (21)
-
-
22. A method for a network connected gaming system to enable only authorized software components to execute, comprising the steps of:
-
configuring a certificate Software Restriction Policy for each authorized software component;
configuring a path Software Restriction Policy to prevent unauthorized software components from executing;
configuring a path Software Restriction Policy to prevent non-explicitly authorized software components from executing;
enforcing the certificate Software Restriction Policies, and enforcing the path Software Restriction Policies. - View Dependent Claims (23)
-
-
24. A method for a network connected gaming system to enable only authorized software components to execute, comprising the steps of:
-
producing a separate PKI certificate for each software component subject to receive certification;
signing each software component subject to receive certification with the its respective separate PKI certificate;
configuring a certificate Software Restriction Policy for each of the respective separate PKI certificates, and enforcing the certificate Software Restriction Policy for each of the respective separate PKI certificates.
-
-
25. A method for downloading authorized software components for a network connected gaming system, comprising the steps of:
-
code signing each authorized software component with a distinctive PKI certificate;
configuring install policies to install each code signed authorized software component;
configuring certificate rule policies to allow execution of the installed code signed authorized software component;
configuring enforcement of the policies.
-
-
26. A method for a network connected gaming system to enable selective execution of at least one authorized software component, comprising the steps of:
-
configuring Software Restriction Policies for the at least one authorized software component at a predetermined time;
unrestricting the Software Restriction Policies for the at least one authorized software component at a predetermined time;
enabling a link for the Software Restriction Policies for the at least one authorized software component at a predetermined time;
checking for a change of the Software Restriction Policies and if there is no policy change then looping to the beginning of this step, and enforcing the change of the Software Restriction Policies at a predetermined time. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
-
-
49. A method for a network connected gaming system to enable selective availability of games on gaming terminals, comprising the steps of:
-
installing a plurality of game software on a selected set of gaming terminals;
choosing a selected set of installed game software to offer to players of the gaming terminals;
a first activating the chosen selected set of installed game software on a selected set of gaming terminals;
monitoring the game activity of the players on a selected set of gaming terminals;
modifying the selected set of installed game software to offer to players;
a second activating the modified selected set of installed game software on a selected set of gaming terminals;
- View Dependent Claims (50, 51, 52)
-
-
53. A method for a network connected gaming system to enable selective availability of games on PC based gaming terminals, comprising the steps of:
-
selecting game software to be made available to players on a selected set of gaming terminals;
terminating all gaming software on a selected set of gaming terminals to transform each gaming terminals into a generic PC communicating in the network connected gaming system;
downloading via the network the selected game software to the generic PCs, and starting the game software to transform the generic PCs into gaming terminals. - View Dependent Claims (54, 55, 56, 57, 58, 59, 60, 61)
-
-
62. A method for a network connected gaming system to enable selective availability of games on PC based gaming terminals, comprising the steps of:
-
selecting game software to be made available to players on a selected set of gaming terminals;
terminating all gaming software on a selected set of gaming terminals to transform each gaming terminal into a generic PC communicating in the network connected gaming system;
booting the generic PCs;
starting an operating system on the generic PCs;
downloading via the network the selected game software to the generic PCs, and starting the game software to transform the generic PCs into gaming terminals. - View Dependent Claims (63, 64, 65, 66, 67, 68, 69, 70)
-
-
71. A method for a network connected gaming system to prevent unauthorized executable files from executing, comprising the steps of:
-
packaging the authorized executable files into a code signed MSI installation package;
configuring certificate rule policies to enable execution of the code signed MSI installation package;
enforcing the policies, and executing the code signed MSI installation package upon every computer startup or upon a command. - View Dependent Claims (72)
-
-
73. A method for a network connected gaming system to prevent unauthorized executable code from executing, comprising the steps of:
-
packaging the authorized executable files into a code signed MSI installation package;
configuring certificate rule policies to enable execution of the code signed MSI installation package;
configuring enforcement of the policies, and re-installing the code signed MSI installation package at every computer startup or upon a command. - View Dependent Claims (74)
-
-
75. A method for a network connected gaming system to prevent unauthorized non-executable files to affect game outcome, comprising the steps of:
-
packaging the non-executable files into a code signed MSI installation package;
configuring certificate rule policies to enable execution of the code signed MSI installation package;
configuring enforcement of the policies, and executing the code signed MSI installation package upon every computer startup or upon a command. - View Dependent Claims (76)
-
-
77. A method for trusting at least one authorized non-executable software component certified to comply with regulatory requirements downloaded into a network connected gaming system, comprising the steps of:
-
packaging the at least one non-executable file into at least one code signed MSI installation package;
configuring certificate rule policies to enable execution of the at least one code signed MSI installation package;
configuring enforcement of the policies, and re-installing the at least one code signed MSI installation package at every computer startup or upon a command. - View Dependent Claims (78)
-
-
79. A method for scheduling at least one authorized executable software component installed in a network connected gaming system, comprising the steps of:
-
packaging at least one authorized non-executable file that control the scheduling of the at least one authorized executable software component into at least one code signed MSI installation package;
configuring certificate rule policies to enable execution of the at least one code signed MSI installation package in a selected set of gaming terminals; and
configuring enforcement of the certificate rule policies; and
downloading the at least one code signed MSI installation package into a selected set of gaming terminals;
executing the at least one code signed MSI installation packages. - View Dependent Claims (80, 81)
-
-
82. An automated platform to enable the on-going regulatory certification of a substantial number of authorized software components, comprising:
-
a reference platform representative of a target network connected gaming system and comprising a software-building environment located at the manufacturer'"'"'s premises or designated subcontractors;
a certification platform located at a regulatory certification authority substantially identical to the reference platform, and code-signing means for associating a distinctive PKI certificate with each authorized software component. - View Dependent Claims (83, 84, 85, 86, 87, 88, 89, 90)
-
-
91. A method for a gaming terminal in a network connected gaming system to generate a list of authorized games available to the players comprising the steps of:
-
enforcing Software Restriction Policy for preventing non-authorized software components from executing;
enforcing Software Restriction Policy for enabling execution of a selected set of authorized games;
attempting to execute each game, and adding games that have not been denied execution to a menu list. - View Dependent Claims (92, 93)
-
-
94. A method for a gaming terminal in a network connected gaming system to generate a list of authorized games available to players comprising the steps of:
-
generating an executable companion file for each authorized game, wherein the executable companion file is substantially quicker to execute than starting execution of the game and, wherein the code-signed PKI certificate associated to the companion file is identical to the code-signed PKI certificate associated to the game main module;
enforcing Software Restriction Policy for preventing non-authorized software components from executing;
enforcing Software Restriction Policy for enabling execution of a selected set of authorized games;
attempting to execute each companion file, and adding only those games to a menu list whose companion file has not been denied execution. - View Dependent Claims (95, 96)
-
Specification