Rollback attack prevention system and method

US 20050044401A1
Filed: 04/30/2004
Published: 02/24/2005
Est. Priority Date: 09/13/2002
Status: Active Grant

First Claim

Patent Images

1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:

a configuration log, wherein the configuration log includes an protected record of software that had been installed on the gaming machine; and

a revocation list, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A rollback attack prevention system 10 for a gaming machine 20 includes a configuration log 30 and a revocation list 40. Preferably, the configuration log 30 includes a protected record of software that has been installed on the gaming machine 20. Further, the revocation list 40 includes an inventory of unauthorized software that the prevention system 10 prevents from being installed and/or used on the gaming machine 20.

57 Citations

View as Search Results

48 Claims

1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
- a configuration log, wherein the configuration log includes an protected record of software that had been installed on the gaming machine; and
  
  a revocation list, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 2. The system of claim 1, wherein the configuration log is stored in a remote non-volatile memory storage device, the configuration log being protected using digital signature verification so that any unauthorized changes are easily identifiable.
  - 3. The system of claim 1, wherein the configuration log is stored in a remote non-volatile memory storage device, the configuration log being protected using message authentication code so that any unauthorized changes are easily identifiable.
  - 4. The system of claim 1, wherein the revocation list is stored in a remote non-volatile memory storage device, the configuration log being protected using digital signature verification so that any unauthorized changes are easily identifiable.
  - 5. The system of claim 1, wherein the revocation list is stored in a remote non-volatile memory storage device, the configuration log being protected using message authentication code so that any unauthorized changes are easily identifiable.
  - 6. The system of claim 1, wherein the configuration log is updated for each change to the software on the gaming machine, and wherein authorization for these updates is verified using digital signature verification.
  - 7. The system of claim 6, wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.
  - 8. The system of claim 1, wherein the configuration log is updated for each change to the software on the gaming machine, and wherein authorization for these updates is verified using message authentication code.
  - 9. The system of claim 8, wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.
  - 10. The system of claim 1, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using digital signature verification.
  - 11. The system of claim 10, wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.
  - 12. The system of claim 1, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code.
  - 13. The system of claim 12, wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.
  - 14. The system of claim 1, further comprising a local non-volatile memory storage device.
  - 15. The system of claim 14, the configuration log and the revocation list reside on the local non-volatile memory storage device.
  - 16. The system of claim 14, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is DSA encryption.
  - 17. The system of claim 14, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is RSA encryption.
  - 18. The system of claim 1, wherein the configuration log is updated by the system in response to an attempted or actual software installation on the gaming machine.
  - 19. The system of claim 1, wherein the revocation list is used to verify that new software is authorized for installation on the gaming machine, wherein installation and use of new software is not permitted if the new software is found on the revocation list, and wherein installation and use of new software is permitted if the new software is not found on the revocation list.
  - 20. The system of claim 19, wherein the revocation list is used to verify that existing software on the gaming machine is authorized for continued use on the gaming machine, wherein existing software that is listed on the revocation list is disabled for use on the gaming machine, and wherein existing software that is not on the revocation list continues to be enabled for use on the gaming machine.
  - 21. The system of claim 20, wherein disabling of existing software includes uninstalling the software on the gaming machine.
  - 22. The system of claim 1, further comprising an installation medium drive for loading software on the gaming machine from an installation medium.
  - 23. The system of claim 22, wherein the installation medium drive is a CD-ROM/DVD-ROM drive, and wherein the installation medium from which the loadable software is accessed is a CD-ROM/DVD-ROM.
  - 24. The system of claim 22, wherein the installation medium drive is an external drive.
  - 25. The system of claim 22, wherein the installation medium drive is an internal drive.
  - 26. The system of claim 22, wherein the installation medium drive is selected from the group consisting of networks, electronic keys, smart cards, memory sticks, memory cards, portable mini-drives.
  - 27. The system of claim 22, wherein the installation medium includes an updated revocation list.
  - 28. The system of claim 22, wherein the installation medium includes updates for the configuration log.

29. A method for preventing unauthorized installation and use of software on a gaming machine using a rollback attack prevention system, comprising:
- establishing a configuration log and loading a revocation list into a memory storage device associated with the gaming machine;
  
  using the revocation list to determine whether to disable or to permit continued use of existing software;
  
  in response to an attempt to load new software onto the gaming machine, using the revocation list to determine whether installation of the new software is permitted;
  
  updating the revocation list as required; and
  
  updating the configuration log as required.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
- - 30. The method of claim 29, wherein establishing a configuration log and loading a revocation list into a memory storage device comprises:
    - storing a configuration log, wherein the configuration log includes a protected record of software that had been installed on the gaming machine; and
      
      loading a revocation list, wherein the revocation list indicates software that is unauthorized for installation and use on the gaming machine.
  - 31. The method of claim 29, wherein establishing a configuration log comprises scanning the configuration history of the gaming machine, and wherein loading an initial revocation list comprises loading a revocation list from an installation medium onto the memory storage device associated with the gaming machine.
  - 32. The method of claim 29, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is DSA encryption.
  - 33. The method of claim 29, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is RSA encryption.
  - 34. The method of claim 29, wherein the non-volatile memory storage device is protected using digital signature verification so that any unauthorized changes are easily identifiable.
  - 35. The method of claim 29, wherein the non-volatile memory storage device is protected using message authentication code so that any unauthorized changes are easily identifiable.
  - 36. The method of claim 29, wherein the configuration log is updated by the system in response to an attempted or actual software installation on the gaming machine.
  - 37. The method of claim 29, wherein an installation medium drive and a installation medium containing the new software are used to attempt to load new software on the gaming machine.
  - 38. The method of claim 37, wherein the installation medium drive is a CD-ROM/DVD-ROM drive, and wherein the installation medium from which the loadable new software is accessed is a CD-ROM/DVD-ROM.
  - 39. The method of claim 29, wherein updating the revocation list comprises:
    - downloading a revocation list update, wherein the revocation list update includes information regarding software authorization criteria for installation and use on the gaming machine; and
      
      saving the updated revocation list to the memory storage device.
  - 40. The method of claim 29, further comprising:
    - checking an updated revocation list for new software to determine whether new software is authorized for installation and use on the gaming machine.
  - 41. The method of claim 40, wherein installation of the new software is permitted if the new software is not on the updated revocation list.
  - 42. The method of claim 29, wherein installation of the new software is not permitted if the new software is on the updated revocation list.
  - 43. The method of claim 29, further comprising:
    - checking an updated revocation list for existing software to determine whether continued use of existing software on the gaming machine is authorized.
  - 44. The method of claim 43, wherein the existing software is disabled if the existing software is on the updated revocation list.
  - 45. The method of claim 44, wherein the disabling of the existing software includes uninstalling the existing software from the gaming machine.
  - 46. The method of claim 43, wherein continued use of the existing software is authorized if the existing software is not on the updated revocation list.
  - 47. The method of claim 29, wherein updating the configuration log comprises:
    - saving data regarding at least the installation of new software on the gaming machine; and
      
      saving data regarding disablement, if any, of existing software on the gaming machine.

48. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
- a memory storage device;
  
  a configuration log, wherein the configuration log includes a protected record of software that had been installed or attempted to be installed on the gaming machine, and wherein the configuration log is stored in the memory storage device using digital signature verification such that unauthorized changes are easily identifiable; and
  
  a revocation list, wherein the revocation list includes a protected inventory listing of unauthorized software that the prevention system prevents from being installed or used on the gaming machine.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sg Gaming, Inc. (Scientific Games Corporation)
Original Assignee
Bally Gaming Incorporated (Scientific Games Corporation)
Inventors
Carman, David, Hein, Marv, Morrow, James

Granted Patent

US 7,907,729 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 11/006   Identification G06F11/2289 ...

G06F 11/0748   in a remote unit communicat...

G06F 11/2289   by configuration test

G06F 11/2294   by remote test

G11C 2029/4402   Internal storage of test re...

H04L 9/3247   involving digital signatures

H04L 9/3268   using certificate validatio...

Rollback attack prevention system and method

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

57 Citations

48 Claims

Specification

Use Cases

Quick Links

Others

Rollback attack prevention system and method

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

48 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others