Specifying security for an element by assigning a scaled value representative of the relative security thereof
First Claim
Patent Images
1. A method of specifying security for a computer-type operational element, the method comprising:
- assigning a scaled numerical value representative of the relative security of the element, the scaled numerical value being selected from a number scale with a first value indicative of an element that has been deemed not secure, and with a second value indicative of an element that has been deemed highly secure; and
associating the scaled value with the element, wherein a determination of whether digital content can be released to the element is made based on the assigned and associated scaled value numerical thereof.
2 Assignments
0 Petitions
Accused Products
Abstract
To determine whether digital content can be released to an element such as a computer application or module, a scaled value representative of the relative security of the element is associated therewith, and the digital content has a corresponding digital license setting forth a security requirement. The security requirement is obtained from the digital license and the scaled value is obtained from the element, and the scaled value of the element is compared to the security requirement of the digital license to determine whether the scaled value satisfies the security requirement. The digital content is not released to the element if the scaled value does not satisfy the security requirement.
114 Citations
35 Claims
-
1. A method of specifying security for a computer-type operational element, the method comprising:
-
assigning a scaled numerical value representative of the relative security of the element, the scaled numerical value being selected from a number scale with a first value indicative of an element that has been deemed not secure, and with a second value indicative of an element that has been deemed highly secure; and
associating the scaled value with the element, wherein a determination of whether digital content can be released to the element is made based on the assigned and associated scaled value numerical thereof. - View Dependent Claims (2, 3, 4, 6, 7, 9, 10, 11, 12, 13, 14, 15)
4.The method of claim 3 comprising associating the scaled valued with the element in a digital certificate having the scaled value in an encrypted form. -
4. The method of claim 3 comprising associating the scaled value with the element in a digital certificate tied to the element.
-
6. The method of claim 1 further comprising encrypting the scaled value.
-
7. The method of claim 1 further comprising tying the scaled value to the element.
-
9. The method of claim 1 comprising assigning the scaled value in an objective manner.
-
10. The method of claim 1 comprising assigning the scaled value in a subjective manner.
-
11. The method of claim 1 wherein the element has a particular source/supplier/developer, the method comprising assigning the scaled value based on the particular source/supplier/developer of the element.
-
12. The method of claim 1 comprising assigning the scaled value based on a determination of tamper-resistance of the element.
-
13. The method of claim 1 comprising assigning the scaled value based on whether any associated keys of the element are well-hidden.
-
14. The method of claim 1 comprising assigning the scaled value based on what kind of history of trust has been established with regard to the element.
-
15. The method of claim 1 comprising assigning a plurality of scaled values and associating the plurality of scaled values with the element.
-
-
5. The method of claim 5 comprising associating the scaled valued with the element in a digital certificate that includes a hash based on the element, wherein the hash is verified against the element to verify the digital certificate.
-
8. The method of claim 8 comprising placing the scaled value in a digital certificate that includes a hash based on the element, wherein the hash is verified against the element to verify the digital certificate.
- 16. The method of claim 16 comprising assigning a plurality of scaled values, at least one of the scaled values being indicative of a pre-determined factor.
-
18. A method of determining whether digital content can be released to a computer-type operational element, a scaled numerical value representative of the relative security of the element being associated therewith, the scaled numerical value being selected from a number scale, the digital content having a corresponding digital license setting forth a security requirement specifying a minimum value, the method comprising:
-
obtaining the minimum value of the security requirement from the digital license;
obtaining from the element the scaled numerical value; and
comparing the scaled numerical value of the element to the minimum value of the security requirement of the digital license to determine whether the scaled numerical value satisfies the security requirement, wherein the digital content is not released to the element if the scaled numerical value does not satisfy the minimum value of the security requirement.
-
- 19. The method of claim 19 wherein the scaled value is in a digital certificate associated with the element, the method comprising obtaining from the digital certificate the scaled value.
-
20. The method of claim 20 wherein the scaled value is assigned by a security value certifying authority, wherein the security value certifying authority issues the digital certificate associating the scaled value with the element, and wherein the digital license includes trusted security value certifying authority information regarding security value certifying authorities to be trusted, the method further comprising
obtaining the trusted security value certifying authority information from the digital license; -
obtaining indicia of the security value certifying authority from the digital certificate associated with the element;
comparing the indicia of the security value certifying authority to the trusted security value certifying authority information to determine whether the security value certifying authority satisfies the trusted security value certifying authority information, wherein the digital content is not released to the element if the security value certifying authority does not satisfy the trusted security value certifying authority information.
-
-
21. The method of claim 21 wherein the digital certificate includes a hash based on the element, the method further comprising verifying the hash against the element to verify the digital certificate.
-
24. The method of claim 24 wherein the corresponding digital license sets forth a plurality of security requirements respectively corresponding to the plurality of scaled values, the method comprising
obtaining the plurality of security requirements from the digital license; - and
comparing each scaled value to the respective security requirement to determine whether such scaled value satisfies such security requirement, wherein the digital content is not released to the element if the plurality of scaled values do not satisfy the plurality of security requirements. - View Dependent Claims (25)
obtaining the security requirement from the digital license;
applying the plurality of scaled values to the security requirement to produce a result; and
comparing the result to the range of acceptable results to determine whether such result satisfies such range, wherein the digital content is not released to the element if the result does not satisfy the range.
- and
-
26. A method of determining whether digital content can be released to a computer-type operational element, a scaled numerical value representative of the relative security of the element being associated therewith, the scaled numerical value being selected from a number scale with a first value indicative of an element that has been deemed not secure, and with a second value indicative of an element that has been deemed highly secure, the determination being made with respect to a pre-defined security requirement specifying a minimum value between the first value and the second value, the method comprising:
-
obtaining from the element the scaled numerical value; and
comparing the scaled numerical value of the element to the minimum value of the security requirement to determine whether the scaled numerical value is less than the minimum value of the security requirement, wherein the digital content is not released to the element if the scaled numerical value is less than the minimum value.
-
- 27. The method of claim 27 wherein the determination is made with respect to a pre-defined security requirement stored in a digital rights management (DRM) system, the method comprising obtaining the security requirement from the DRM system.
-
29. The method of claim 29 wherein the scaled value is assigned by a security value certifying authority, wherein the security value certifying authority issues the digital certificate associating the scaled value with the element, and wherein pre-defined trusted security value certifying authority information is maintained regarding security value certifying authorities to be trusted, the method further comprising
obtaining the trusted security value certifying authority information; -
obtaining indicia of the security value certifying authority from the digital certificate associated with the element;
comparing the indicia of the security value certifying authority to the trusted security value certifying authority information to determine whether the security value certifying authority satisfies the trusted security value certifying authority information, wherein the digital content is not released to the element if the security value certifying authority does not satisfy the trusted security value certifying authority information.
-
- 30. The method of claim 30 wherein the pre-defined trusted security value certifying authority information is stored in a digital rights management (DRM) system, the method comprising obtaining the trusted security value certifying authority information from the DRM system.
-
34. The method of claim 34 wherein the determination is made with respect to a plurality of pre-defined security requirements respectively corresponding to the plurality of scaled values, the method comprising
obtaining the plurality of security requirements; - and
comparing each scaled value to the respective security requirement to determine whether such scaled value satisfies such security requirement, wherein the digital content is not released to the element if the plurality of scaled values do not satisfy the plurality of security requirements. - View Dependent Claims (35)
obtaining the security requirement;
applying the plurality of scaled values to the security requirement to produce a result; and
comparing the result to the range of acceptable results to determine whether such result satisfies such range, wherein the digital content is not released to the element if the result does not satisfy the range.
- and
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Corporation
-
InventorsAbburi, Rajasekhar, Peinado, Marcus, Bell, Jeffrey R. C.
-
Primary Examiner(s)MOISE, EMMANUEL LIONEL
-
Application NumberUS09/526,291Time in Patent Office1,728 DaysField of Search713/2, 713/176, 713/186, 713/164, 713/168, 713/165, 713/162, 713/167, 380/201, 380/43, 380/277, 705/51US Class Current713/156CPC Class CodesG06F 21/109 by using specially-adapted ...G06F 21/71 to assure secure computing ...G06F 21/84 output devices, e.g. displa...G06F 2211/007 Encryption, En-/decode, En-...G06F 2221/2105 Dual mode as a secondary as...G06F 2221/2107 File encryptionG06F 2221/2137 Time limited access, e.g. t...G06Q 30/06 Buying, selling or leasing ...G07F 9/002 Vending machines being part...H04L 2463/101 applying security measures ...H04L 63/0442 wherein the sending and rec...H04L 63/068 using time-dependent keys, ...H04L 63/0823 using certificates cryptogr...H04L 63/12 Applying verification of th...
