Enabling bits sealed to an enforceably-isolated environment
First Claim
1. A method of enforcing rules on the use of first data, the method comprising:
- establishing a first trust in a first component that said first component will unseal data only for an entity to which the data is sealed;
establishing a second trust in a second component that said second component will provide mutually isolated spaces within a machine, such that each of the spaces on the machine is isolated from acts arising in other spaces on the machine;
establishing a third trust in an environment, the first data being sealed to said environment, said environment being configured to enforce a rule as to the first data, or to executes software that enforces said rule as to the use of the first data, said trust representing an expectation that said environment will not use the first data in a manner contrary to said rule;
providing the first data in a secure form, and said rule, to said environment;
using said first component to isolate said environment;
using said second component to unseal the first data for said environment;
using, by said environment, the first data only in a manner permitted by said rule.
2 Assignments
0 Petitions
Accused Products
Abstract
Prevention of unpermitted use of enabling bits is achieved by sealing the enabling bits to an environment in such a way that the bits can only be unsealed by or from the environment, and by using an isolation mechanism to isolate the environment from other environments on the machine on which the environment operates. The environment is trusted not to use the enabling bits except in accordance with a set of rules governing the bits. The enabling bits may be a decryption key for DRM-protected content, and the rules may be a license governing the use of that content. Trust that the enabling bits will not be misused is established by trusting the environment not to use the enabling bits contrary to the rules, trusting the isolation mechanism to isolate the environment, and trusting the unsealing mechanism only to unseal the bits for the environment.
28 Citations
20 Claims
-
1. A method of enforcing rules on the use of first data, the method comprising:
-
establishing a first trust in a first component that said first component will unseal data only for an entity to which the data is sealed;
establishing a second trust in a second component that said second component will provide mutually isolated spaces within a machine, such that each of the spaces on the machine is isolated from acts arising in other spaces on the machine;
establishing a third trust in an environment, the first data being sealed to said environment, said environment being configured to enforce a rule as to the first data, or to executes software that enforces said rule as to the use of the first data, said trust representing an expectation that said environment will not use the first data in a manner contrary to said rule;
providing the first data in a secure form, and said rule, to said environment;
using said first component to isolate said environment;
using said second component to unseal the first data for said environment;
using, by said environment, the first data only in a manner permitted by said rule. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable medium encoded with sets of computer-executable instructions, the sets of instructions comprising:
-
a first set of instructions that performs acts comprising;
instantiating plural environments on a computing device; and
maintaining a level of isolation between said plural environments; and
a second set of instructions distinct from said first set of instructions that, when instantiated, constitutes one of said plurality of environments, and that performs acts comprising;
issuing a request to unseal first data that has been sealed to said second set of instructions;
receiving a set of rules associated with said first data; and
enforcing said set of rules such that said first data is not used in a manner contrary to said set of rules;
wherein said first data comprises a hash of said second set of instructions and wherein said request to unseal said first data is received by a module that will not unseal said first data unless said request to unseal has been received from said first set of instructions, or from software that operates within the environment constituted by said first set of instructions. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. In system that comprises:
-
an isolation mechanism that enables a plurality of environments to be instantiated on a computing device and that maintains a level of isolation among said plurality of environments; and
an unsealing mechanism that receives a request to unseal data and that unseals the data only if the request has been received from an entity to which the data is sealed;
the improvement comprising;
an environment that can be on the computing device and that can be isolated from other environments on said computing device by said isolation mechanism, said environment issuing a request to said unsealing mechanism to unseal first data, said environment enforcing a set of rules governing the use of said first data, said environment, wherein an owner of said first data, or a party having an interest in said first data, has established first trust in said isolation mechanism and second trust in said unsealing mechanism, and relies on said environment preventing said first data from being used contrary to said set of rules based on said first trust and on said second trust, without establishing trust that said environment will resist attempts from outside of said environment to misuse said first data. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification