Method and system of dynamic transformation of encrypted material
First Claim
1. A method of operating a virtual device driver or kernel mode driver to control the usage of encrypted material that has been installed on a computer comprising the steps of:
- monitoring all requests for access to the encrypted material;
upon receiving a request for access to the encrypted material, obtaining the encrypted material;
determining if a license exists to use the material;
if a license exists, decoding the encrypted material in real-time;
monitoring how much the decoded material is used; and
determining if the usage of the material complies with the license.
4 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a method and system that enables software-on-demand and software subscription services based on a dynamic transformation filter technology. The invention is also useful in the distribution of other electronic material. The apparatus utilized in this invention does not create any intermediate storage of decrypted material that is under the protection of this technology. Instead, the apparatus is implemented as a virtually integral part of the operating system that monitors and "filters" all read, write, and open/execute access to and from the I/O devices, such as a hard drive. As the protected material is being accessed for read, write or open/execute, the transformation filter positions itself in the critical path which is required for loading the material through the low level file system layer to the high level application layer. The material enters the transformation filter in its encrypted state. The transformation filter decrypts the material in real-time as it goes through, and hands over the material in its original state to the upper level operating system component to fulfill the access requests. Because the need for intermediate storage is eliminated, the decrypted material in its original state is only visible to integral parts of the operating system components and not to other system users. As a result, security is significantly improved over prior art systems.
-
Citations
20 Claims
-
1. A method of operating a virtual device driver or kernel mode driver to control the usage of encrypted material that has been installed on a computer comprising the steps of:
-
monitoring all requests for access to the encrypted material; upon receiving a request for access to the encrypted material, obtaining the encrypted material; determining if a license exists to use the material; if a license exists, decoding the encrypted material in real-time; monitoring how much the decoded material is used; and determining if the usage of the material complies with the license. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for installing software on a computer, said software comprising an encrypted portion, a unique code, and decrypting software for decrypting the encrypted portion, said method comprising the steps of:
-
separating from the software the encrypted portion, the unique code and the decryption software; storing said decryption software so that it is invoked whenever an attempt is made to access the encrypted portion; generating a unique ID from profile data and an encryption algorithm; decrypting the encrypted portion of the software to produce an unencrypted portion; encrypting the unencrypted portion using the unique ID and the unique code to produce a second encrypted portion; storing the second encrypted portion in said computer. - View Dependent Claims (17, 18)
-
-
14. Apparatus as implemented in a virtual device driver in a computer operating system for operating a computer on which encrypted material has been stored comprising:
-
means for monitoring all requests for access to the encrypted material; means for obtaining the encrypted material upon receiving a request for access to said material; means for determining if a license exists to use the material; means for decoding the encrypted material in real-time if a license exists; means for monitoring how much the encrypted material is used; and means for determining if the usage of the material complies with the license. - View Dependent Claims (15)
-
-
16. A method of operating a computer comprising the steps of:
-
installing on the computer a software package, said software package comprising an encrypted portion, a unique code, and decrypting software for decrypting the encrypted portion, said step comprising the steps of; separating from the software package the encrypted portion, the unique code and the decryption software; storing said decryption software so that it is invoked whenever an attempt is made to access the encrypted portion; generating a unique ID from the profile data and an encryption algorithm; decrypting the encrypted portion of the software to produce an unencrypted portion; encrypting the unencrypted portion using the unique ID and the unique code to produce a second encrypted portion; and storing the second encrypted portion in said computer; and
after the software package has been installed,monitoring all requests for access to the second encrypted portion; upon receiving a request for access to the second encrypted portion. obtaining said portion; determining if a license exists to use said portion; if a license exists, decoding the second encrypted portion in real-time; monitoring how much the decoded portion is used; and determining if the usage of the decoded portion complies with the license.
-
-
19. Apparatus as implemented in a kernel mode driver in a computer operating system for operating a computer on which encrypted material has been stored comprising:
-
means for monitoring all requests for access to the encrypted material; means for obtaining the encrypted material upon receiving a requests for access to the encrypted material; means for determining if a license exists to use the material; means for decoding the encrypted material in real-time if a license exists; means for monitoring how much the encrypted material is used; and means for determining if the usage of the material complies with the license. - View Dependent Claims (20)
-
Specification