SECURE LOCAL UPDATE OF CONTENT MANAGEMENT SOFTWARE

US 20110258437A1
Filed: 04/16/2010
Published: 10/20/2011
Est. Priority Date: 04/16/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a software update at a computing device having an existing software application, the existing software application having an historic public/private key pair including an historic private key and an historic public key, the historic private key usable by the existing software application to access historic protected content, the historic protected content previously protected using the historic public key and the existing software application; and

applying the software update to the existing software application to provide an updated software application, applying the software update including;

retaining the historic private key for use by the updated software application to access the historic protected content, the historic private key not usable to access new protected content, the new protected content protected by a new public key and the updated software application; and

generating a new public/private key pair locally at the computing device, the new public/private key pair including the new public key and a new private key, the new public key usable to protect content to provide the new protected content, the new private key usable by the updated software application to access the new protected content.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This document describes tools that enable a computing device to receive an update to content management software. The tools also enable the computing device to generate new public and private keys without the use of a key server.

78 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving a software update at a computing device having an existing software application, the existing software application having an historic public/private key pair including an historic private key and an historic public key, the historic private key usable by the existing software application to access historic protected content, the historic protected content previously protected using the historic public key and the existing software application; and
  
  applying the software update to the existing software application to provide an updated software application, applying the software update including;
  
  retaining the historic private key for use by the updated software application to access the historic protected content, the historic private key not usable to access new protected content, the new protected content protected by a new public key and the updated software application; and
  
  generating a new public/private key pair locally at the computing device, the new public/private key pair including the new public key and a new private key, the new public key usable to protect content to provide the new protected content, the new private key usable by the updated software application to access the new protected content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method as recited in claim 1, further comprising:
    - submitting a request for content to a content provider, the request including the new public key;
      
      receiving the requested content from the content provider, the requested content protected using the new public key; and
      
      accessing the requested content using the new private key.
  - 3. The method as recited in claim 2, wherein the content is an audio or video file.
  - 4. The method as recited in claim 1, wherein the software update includes a symmetric key and applying the software update further includes:
    - encrypting the new private key at the computing device using the symmetric key to create an encrypted private key thereby preventing the new private key from being determined by unauthorized software applications or users; and
      
      storing the encrypted private key within a key file located at the computing device, the updated software application capable of accessing the new private key by decrypting the encrypted private key using the symmetric key.
  - 5. The method as recited in claim 4, wherein the software update includes an historic symmetric key and the key file includes the historic private key in an encrypted form that can be decrypted using the historic symmetric key.
  - 6. The method as recited in claim 4, wherein applying the software update includes retaining an historic symmetric key and the key file includes the historic private key in an encrypted form that can be decrypted using the historic symmetric key.
  - 7. The method as recited in claim 4, wherein:
    - an original installation of the existing software application has sub-versions each associated with other symmetric keys;
      
      a particular sub-version of the sub-versions is selected based on device-specific information associated with the computing device;
      
      the software update is one of multiple software updates, each of the multiple software updates associated with one of the sub-versions of the original installation of the existing software application; and
      
      the software update and the symmetric key are associated with the particular sub-version and the software update does not include symmetric keys associated with others of the sub-versions.
  - 8. The method as recited in claim 4, wherein encrypting the new private key includes altering one or more cryptographic algorithms using device-specific information unique to the computing device.
  - 9. The method as recited in claim 8, wherein altering the cryptographic algorithms includes setting an initialization vector of at least one of the cryptographic algorithms using the device-specific information.
  - 10. The method as recited in claim 8, wherein device-specific information includes one or more of:
    - a serial number associated with one or more hardware components of the computing device;
      
      a hardware identifier associated with one or more hardware components of the computing device;
      
      a media-access-control (MAC) address associated with a network adapter of the computing device;
      
      ora globally-unique-identifier (GUID) associated with the computing device.
  - 11. The method as recited in claim 4, wherein the symmetric key is created by a key authority using a key-file-key seed, the key-file-key seed altering one or more cryptographic algorithms so that a master-secret key is capable of deriving the symmetric key.
  - 12. The method as recited in claim 1, wherein generating the new public/private key pair includes altering one or more cryptographic algorithms using device-specific information unique to the computing device.
  - 13. The method as recited in claim 12, wherein altering the cryptographic algorithms includes setting an initialization vector of at least one of the cryptographic algorithms using the device-specific information.
  - 14. The method as recited in claim 12, wherein device-specific information includes one or more of:
    - a serial number associated with one or more hardware components of the computing device;
      
      a hardware identifier associated with one or more hardware components of the computing device;
      
      a media-access-control (MAC) address associated with a network adapter of the computing device;
      
      ora globally-unique-identifier (GUID) associated with the computing device.

15. A method comprising:
- selecting one or more historic symmetric keys associated with an existing software application on a remote computing device, the historic symmetric keys for decrypting one or more encrypted historic private keys stored at the remote computing device to provide one or more historic private keys for accessing historic protected content previously protected using the existing software application; and
  
  sending a software update to the remote computing device, the software update including a new symmetric key and the one or more historic symmetric keys and capable, once applied to the existing software application by the remote computing device, of providing an updated software application, the new symmetric key for encrypting a new private key generated at the remote computing device, the new private key for accessing new protected content protected using the updated software application.
- View Dependent Claims (16, 17)
- - 16. The method as recited in claim 15, further comprising generating the new symmetric key using a key-file-key seed, the key-file-key seed altering one or more cryptographic algorithms to provide a master-secret key encrypted using the new symmetric key.
  - 17. The method as recited in claim 15, wherein selecting the one or more historic symmetric keys includes selecting the software update from a set of software updates, each software update associated with one of multiple sub-versions of an original installation of the existing software application.

18. One or more tangible computer-readable media having stored thereon computer-executable instructions that, if executed by a computing device, cause the computing device to perform a method comprising:
- receiving a software update at the computing device, the computing device including an existing software application having an historic public/private key pair including an historic private key and an historic public key, the historic private key usable by the existing software application to access historic protected content, the historic protected content previously protected using the historic public key and the existing software application; and
  
  applying the software update to the existing software application to provide an updated software application, applying the software update including;
  
  retaining the historic private key for use by the updated software application to access the historic protected content, the historic private key not usable to access new protected content, the new protected content protected by a new public key and the updated software application; and
  
  generating a new public/private key pair locally at the computing device, the new public/private key pair including the new public key and a new private key, the new public key usable to protect content to provide the new protected content, the new private key usable by the updated software application to access the new protected content.
- View Dependent Claims (19, 20)
- - 19. The media as recited in claim 18, wherein the software update includes a symmetric key and applying the software update further includes:
    - encrypting the new private key at the computing device using the symmetric key to create an encrypted private key; and
      
      storing the encrypted private key within a key file located at the computing device, the updated software application capable of accessing the new private key by decrypting the encrypted private key using the symmetric key.
  - 20. The media as recited in claim 19, wherein the software update includes an historic symmetric key and the key file includes the historic private key in an encrypted form that can be decrypted using the historic symmetric key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
McKelvey, Alexander, Burns, Quintin S., Strom, Clifford P.

Granted Patent

US 8,555,059 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/165
CPC Class Codes

G06F 21/46   by designing passwords or c...

G06F 21/572   Secure firmware programming...

G06F 2221/2101   Auditing as a secondary aspect

H04L 2463/062   applying encryption of the ...

H04L 63/06   for supporting key manageme...

H04L 9/0891   Revocation or update of sec...

H04L 9/14   using a plurality of keys o...

SECURE LOCAL UPDATE OF CONTENT MANAGEMENT SOFTWARE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

78 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE LOCAL UPDATE OF CONTENT MANAGEMENT SOFTWARE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links