System method and model for maintaining device integrity and security among intermittently connected interoperating devices

US 20060015937A1
Filed: 06/08/2005
Published: 01/19/2006
Est. Priority Date: 06/08/2004
Status: Active Grant

First Claim

Patent Images

1. A method for limiting access to and or the understanding of resources or capabilities of an interoperability application package and or resources or capabilities of interoperability devices, the method comprising:

(1) forming a basis for security using at least a plurality of the following steps;

(a) automatically collecting an entropy state measure associated with the device;

(b) generating a key pair;

(c) generating a device Id; and

(d) storing the key pairs, device id, and the entropy state measure on the device for continued use whenever the device is active;

(2) forming rules for allowing or preventing the limiting access; and

(3) using the formed basis and formed rules to provide a security task at least for the device.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System, device, method, and computer program and computer program products for providing communicating between devices having similar or dissimilar characteristics and facilitating seamless interoperability between them. Computer program software and methods of and systems and devices for sharing of content, applications, resources and control across similar and dissimilar permanently or intermittently connected electronic devices. Devices, systems, appliances, and the like communicating and/or interoperating within the framework provided. An interoperability security model, method, and system, such as a Dart Security model, method and system provide an infrastructure for protecting the integrity of a device and its content from viral, other malicious, or accidental damage.

104 Citations

View as Search Results

31 Claims

1. A method for limiting access to and or the understanding of resources or capabilities of an interoperability application package and or resources or capabilities of interoperability devices, the method comprising:
- (1) forming a basis for security using at least a plurality of the following steps;
  
  (a) automatically collecting an entropy state measure associated with the device;
  
  (b) generating a key pair;
  
  (c) generating a device Id; and
  
  (d) storing the key pairs, device id, and the entropy state measure on the device for continued use whenever the device is active;
  
  (2) forming rules for allowing or preventing the limiting access; and
  
  (3) using the formed basis and formed rules to provide a security task at least for the device.

2. A method for limiting access to and or the understanding of resources or capabilities of an interoperability application package and or resources or capabilities of interoperability devices, the method comprising:
- (1) forming a basis for security in at least one of the following steps when a device first starts operation;
  
  (a) automatically collecting of entropy;
  
  (b) generating a public/private key pair;
  
  (c) generation of a unique device Id; and
  
  (d) storing the public and private key pairs, device unique id, and the entropy state for a random number generator on the device for continued use whenever the device is active;
  
  (2) forming rules for allowing or preventing the limiting access;
  
  (3) use of the formed basis for one or more of the following security tasks;
  
  (a) enforcing the rules for access to devices, applications and resources;
  
  (b) securing the rules themselves so that they cannot be modified by an unauthorized user or agent;
  
  (c) securing the storage of the public and private key pairs, device unique id, and the entropy state for a random number generator;
  
  (d) securing operating parameters or data to be shared between applications and devices;
  
  (e) securing communication channels;
  
  (f) encrypting resources so that they can only be understood or used by a particular device or set of devices, and/or a particular application or set of applications, and/or when accessed using a shared secret; and
  
  (g) generating universally unique ids and using them for identifying devices, applications, data formats, collections, records, individual media files, or even individual data items valid across all devices and or applications and or datasets or items for all times.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 3. The method of claim 2, further comprising:
    - revoking or modifying the rules used to limit access.
  - 4. The method of claim 2, wherein the limiting access to and or the understanding of resources of comprise one or more of the following in any combination:
    - (1) enforcing rules for which devices are allowed to communicate with each other and or for what purposes devices are allowed to communicate;
      
      (2) encrypting data that flows between devices so that other devices which might have access to the data will not be able to understand or make use of the data;
      
      (3) signing packages of data, content, code or other resources to ensure that the packages have not been modified since the signing took place; and
      
      (4) managing digital rights to enforce a set of rules for the handling of data, code content, or any other digitally representable resources with regard to one or more of the following actions;
      
      sharing, copying, printing, displaying, performing, distributing, playback, rendering, executing, modifying, or any combination of these.
  - 5. The method of claim 2, wherein one or more of the following are true:
    - (a) the application package conforms to an interoperability format or the Dart Format and or is a Dart; and
      
      (b) the limiting access is performed at least in part by an Interoperability Engine or is performed at least in part by a DartEngine or by a DartPlayer.
  - 6. The method of claim 2, wherein the forming the basis for security is performed only once for any particular device.
  - 7. The method of claim 2, wherein the forming the basis for security is comprised of the following steps when a device first starts operation:
    - (a) the automatic collection of entropy state;
      
      (b) the generation of public/private key pairs;
      
      (c) the generation of a unique device Id; and
      
      (d) the storage of the public and private key pairs, device unique id, and the entropy state for a random number generator on the device for continued use whenever the device is active.
  - 8. The method of claim 2, wherein the forming rules for limiting access further comprise:
    - (i) collecting the unique ids of devices and/or applications which wish to interoperate (ii) collecting the set of access rights needed or requested for the interoperation;
      
      (iii) obtaining permission to allow or the directive to disallow the range of access rights;
      
      (iv) creating a unique id for the set of access rights; and
      
      (v) storing the unique id and set of access rights on all devices and or in all the application packages which are to interoperate.
  - 9. The method of claim 7, wherein the basis of claim 15A is used for the generation and storage of unique ids.
  - 10. The method of claim 2, wherein use of the basis is used for one or more of the following security procedures alone or in any combination:
    - (a) enforcing rules for access to devices and resources;
      
      (b) securing the rules themselves;
      
      (c) securing communication channels;
      
      (d) encrypting resources so that they can only be understood by a particular device or set of devices, and or a particular application or set of applications, and or when accessed using a shared secret;
      
      (e) generating universally unique ids and using them for identifying devices, applications, data formats, collections, records, individual media files, or even individual data items valid across all devices and or applications and or datasets or items for all times; and
      
      (f) revoking or modifying the rules used to limit access.
  - 11. The method of claim 2, wherein the resources or capabilities are one or more of the resources or capabilities in the set consisting of:
    - (a) a data or data sets of any form;
      
      (b) a code of any form;
      
      (c) a content of any form;
      
      (d) a capability to communicate in any form and to any other device;
      
      (e) a capability to control any aspect of the device or any other device;
      
      (f) a capability to control any aspect of the device'"'"'s operation and or of any other devices'"'"' operations;
      
      (g) a capability to render and/or print and/or display and/or modify and/or copy and/or distribute data or any other element which can be represented by a binary sequence or set of binary sequences;
      
      (h) a capability to collect information in any digital form by any means;
      
      (i) a capability to physically change the position, disposition, properties and or location of physical objects;
      
      (j) a capability to run code and process data; and
      
      (k) any combination of the above.
  - 12. The method of claim 2, wherein the method applies to the applications whether they are stored as an application image and or running on one or more devices.
  - 13. The method of claim 2, wherein the basis is implemented in a manner where entropy gathering and the random number generation is seeded and then used to generate a unique id is automatically initiated when the device is first turned on or is made use of so that the manufacturer does not need to assign or install different software or hardware to assure that each device has a universally unique id.
  - 14. The method of claim 2, wherein the entropy is gathered by collecting via the execution of software running on a processor timing or data or counter or hardware state values which are at least partially generated by any one or more of:
    - quantum electrical effects, communications or other electrical circuits running on a clock unsynchronized to the processor clock, air currents, or any other physical phenomena.
  - 15. The method of claim 7, wherein the basis set forth is used for the generation and storage of unique ids.
  - 16. The method of claim 15, wherein the if a device loses its unique id or private or public key and cannot be recovered, it will be necessary for a new unique id and private and public key to be generated for the device before the device can again be used.
  - 17. The method of claim 16, wherein after a new unique id and private and public key is generated for the device, the device is considered for all purposes of security to be a new device.
  - 18. The method of claim 2, wherein a device or application unique id is revoked, the unique id is placed on a list of revoked unique ids that is maintained and distributed on teamed devices and or other devices so that the device or application will no longer function as part of a team or teams when it tries to interoperate with any of the devices with the revoked unique id which is on such a list.
  - 19. The method of claim 18, wherein when a revoked device forms a communication link with another device which has the revoked device'"'"'s unique id on its revocation list, the software driving the communication link will initiate the destruction of the unique id and public and private keys of the revoked device.
  - 20. The method of claim 18, wherein the revoked id list is maintained and distributed using the social synchronization procedure.
  - 21. The method of claim 18, wherein only devices with certain permissions, unique id, or shared secret is allowed to place a device or application id on any revocation list.
  - 22. The method of claim 19, wherein one or more master devices with certain permission, unique id or shared secret or has the capability to communicate of a special secure channel can initiate the destruction of the unique id and public and private keys on the revoked device over the special secured channel.
  - 23. The method of claim 22, wherein the master device is at the headend of a mobile phone network can initiate the destruction of the unique id and public and private keys on the revoked device over the mobile data network or a side channel thereof.
  - 24. The method of claim 2, wherein the rules are stored as lists of the unique ids of devices and applications associated with a certain level of security.
  - 25. The method of claim 24, wherein the rules are stored as lists of the unique ids of devices and applications associated with a certain level of security, and each level of security is associated with certain access rights binary flags, with each binary flag associated with permission to access a particular category of data, resource, code or capability.
  - 26. The method of claim 25, wherein a device or the runtime context in which an executable image is running maintains the access rights flags values which determine which types of access or elements are to be allowed for the executable images running on that device or the executable image running a particular runtime context.
  - 27. The method of claim 26, wherein an interoperability engine running an interoperability instruction set checks any or all of the flag values whenever an application attempts to access the elements or capabilities which correspond to the flags, and does not allow such access if the flag values indicate that such access is not to be allowed.
  - 28. The method of claim 27, wherein one or more of the following are true:
    - (1) the interoperability engine is any interoperability engine or the DartEngine; and
      
      (2) the interoperability instruction set any interoperability instruction set or is the DartInstructionSet.
  - 29. The method of claim 25, wherein the rules embodied by the stored lists are generated using one or more of the following method:
    - (1) default mappings for flags to security level numbers are supplied by the manufacturer and optionally modifiable by possibly secured interfaces on the manufactured device;
      
      (2) the security level and or flag values that are needed for a particular executable image to carry out one or more operations of an interoperability application software package is embedded in the image, which is optionally signed to ensure that the security level and or flag values have not been tampered with;
      
      (3) when an executable image is to be loaded by an interoperability engine, the embedded level and or flag values are compared to the stored rules to see if permissions to access all the needed access is allowed;
      
      (4) if all permissions are allowed the executable image is loaded to run in a context that contains the access flag values embedded in the executable image;
      
      (5) if during execution, assess to any resource or capability for which the flags in the context do not allow access causes the interoperability engine to immediately stop execution without allowing the access; and
      
      (6) if any of the permissions are not allowed the interoperability engine will not load or run the executable image.
  - 30. The method of claim 2, wherein the method is used for one or more of the following purposes or operations:
    - (1) assurance that the content, code, and or data hasn'"'"'t changed since some predetermined date or event;
      
      (2) assurance that the content, code; and
      
      or data has been inspected or otherwise certified by a particular party as one or more of the following in any combination;
      
      (a) robust;
      
      (b) devoid of viruses, malicious code, of other undesirable features or operations;
      
      (c) devoid of a predetermined or dynamically determined particular kind of objectionable materials;
      
      (d) to have been created by or received from a particular third party; and
      
      (e) being or not being any one or combination of the above;
      
      (3) protection from the spread of software viruses or malicious computer code;
      
      (4) protecting intellectual property rights including but not limited to copyrights and trademarks;
      
      (5) enforcing intellectual property rights and agreements;
      
      (6) obfuscation of the rules, unique ids, code or data on a device so that it is difficult for someone to find and or understand the meaning of the obfuscated items; and
      
      (7) the generation of universally unique ids to assign to data sets, data items, categories of items or any other element or grouping of elements or ideas which needs to be uniquely identified.

31. A computer program product for use in conjunction with a computer system or information appliance, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
- a program module that directs the computer system or information appliance to function in a specified manner for limiting access to and or the understanding of resources or capabilities of an interoperability application package and or resources or capabilities of interoperability devices, the program module including instructions for;
  
  (1) forming a basis for security using at least a plurality of the following steps;
  
  (a) automatically collecting an entropy state measure associated with the device;
  
  (b) generating a key pair;
  
  (c) generating a device Id; and
  
  (d) storing the key pairs, device id, and the entropy state measure on the device for continued use whenever the device is active;
  
  (2) forming rules for allowing or preventing the limiting access; and
  
  (3) using the formed basis and formed rules to provide a security task at least for the device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
David E. Kahn
Original Assignee
Covia Labs, Inc.
Inventors
Bernstein, Bruce, Mirabella, Richard, Pieb, Wolfgang, Illowsky, Daniel, Wenocur, Michael, Tiberi, Richard, Sidney, Raymond

Granted Patent

US 7,596,227 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/18
CPC Class Codes

G06F 1/3203   Power management, i.e. even...

G06F 11/2082   Data synchronisation

G06F 16/2365   Ensuring data consistency a...

G06F 21/445   by mutual authentication, e...

G06F 21/6218   to a system of files or obj...

G06F 2209/5015   Service provider selection

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2149   Restricted operating enviro...

G06F 8/10   Requirements analysis; Spec...

G06F 8/20   Software design

G06F 8/24   Object-oriented

G06F 8/30   Creation or generation of s...

G06F 8/41   Compilation

G06F 8/61   Installation

G06F 8/63   Image based installation; C...

G06F 8/658   Incremental updates; Differ...

G06F 8/71   Version control security ar...

G06F 9/449   Object-oriented method invo...

G06F 9/4843   by program, e.g. task dispa...

G06F 9/5011   the resources being hardwar...

G06F 9/5027 : the resource being a machin...

G06F 9/5044 : considering hardware capabi...

G06F 9/5072 : Grid computing

G06F 9/54 : Interprogram communication

G06F 9/541 : via adapters, e.g. between ...

G06F 9/542 : Event management; Broadcast...

H04L 65/1083 : In-session procedures

H04L 65/1094 : Inter-user-equipment sessio...

H04L 65/80 : Responding to QoS

H04L 67/10 : in which an application is ...

H04L 67/104 : Peer-to-peer [P2P] networks

H04L 67/1068 : Discovery involving direct ...

H04L 67/1072 : Discovery involving ranked ...

H04L 67/1095 : Replication or mirroring of...

H04L 67/14 : Session management for real...

H04L 67/51 : Discovery or management the...

H04L 69/08 : Protocols for interworking;...

H04L 69/24 : Negotiation of communicatio...

H04L 69/328 : in the presentation layer [...

H04N 21/41265 : having a remote control dev...

Y02D 10/00 : Energy efficient computing,...

Y02D 30/00 : Reducing energy consumption...

View All

System method and model for maintaining device integrity and security among intermittently connected interoperating devices

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

104 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

System method and model for maintaining device integrity and security among intermittently connected interoperating devices

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

104 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links