Method and apparatus for protecting information and privacy

US 7,406,593 B2
Filed: 05/02/2003
Issued: 07/29/2008
Est. Priority Date: 05/02/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method of requesting a continuation message comprising the steps of:

storing a call-up message in a user device, the call-up message being generated by a user device including;

a. a tag table identifier value;

b. a set of user device descriptive values, where one or more of the user device descriptive values provide information concerning a state associated with the user device;

c. a nonce; and

d. a hash function; and

applying said hash function to the combination of said set of user device descriptive values and said nonce to provide a hash result value that conceals the user device descriptive values from a guardian center and all other devices, where the concealing of the user descriptive values protects the privacy of a user associated with the user device;

processing the call-up message at the guardian center to detect use of an infringing copy of software on the user device, where the call-up message is used to prevent a tag table identifier value from being used simultaneously on multiple user devices; and

requesting a continuation message for use in connection with controlling use of protected software on the user device by securely sending from the user device to the guardian center said tag table identifier value and said hash result value in a call-up message.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for protecting software against piracy while protecting a user'"'"'s privacy enables enhancements to the protection software in a user device and extended protections against piracy. The protection system allows the user device to postpone validation of purchased tags stored in a tag table for installed software and to re-establish ownership of a tag table to recover from invalidation of a tag table identifier value resulting from revelation of a tag table identifier value. Continued use of the tag table is provided by the use of credits associated with a tag table. A protection center is protected against denial of service attacks by making calls to the protection center cost time or money to the attackers.

89 Citations

View as Search Results

16 Claims

1. A method of requesting a continuation message comprising the steps of:
- storing a call-up message in a user device, the call-up message being generated by a user device including;
  
  a. a tag table identifier value;
  
  b. a set of user device descriptive values, where one or more of the user device descriptive values provide information concerning a state associated with the user device;
  
  c. a nonce; and
  
  d. a hash function; and
  
  applying said hash function to the combination of said set of user device descriptive values and said nonce to provide a hash result value that conceals the user device descriptive values from a guardian center and all other devices, where the concealing of the user descriptive values protects the privacy of a user associated with the user device;
  
  processing the call-up message at the guardian center to detect use of an infringing copy of software on the user device, where the call-up message is used to prevent a tag table identifier value from being used simultaneously on multiple user devices; and
  
  requesting a continuation message for use in connection with controlling use of protected software on the user device by securely sending from the user device to the guardian center said tag table identifier value and said hash result value in a call-up message.
- View Dependent Claims (2, 3, 4, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1 further comprising the steps of:
    - a. upon receiving said call-up message, said guardian center invalidating tag table identifier values that have participated in more than a specified number of call-ups over a specified time;
      
      b. forming a continuation message, by said guardian center, by signing a message containing the call-up message, and at least one of a list of valid tag table identifier values, a time to next call-up for each valid tag table identifier value and an indication of the invalid tag table identifier values; and
      
      c. securely sending, by said guardian center, said continuation message to the user device.
  - 3. The method of claim 2 further comprising the steps of:
    - a. verifying, by a supervising program on said user device the signature on the continuation message;
      
      b. verifying, by said supervising program, that the continuation message includes said call-up message;
      
      c. invalidating, by said supervising program, the associated tag table, for each said invalidated tag table identifier value; and
      
      d. storing, by said supervising program, said continuation message.
  - 4. The method of claim 3 further comprising the step of:
    - invalidating all tags associated with said invalidated tag tables.
  - 9. The method of claim 1 wherein the user device descriptive values include one or more of the following:
    - number of files on the user device, size of files on the user device, number of directories on the user device, characteristics of indexes used to access data, a processor identifying number, a BIOS identifier, or a network interface identifier.
  - 10. The method of claim 1 wherein the user device descriptive values include biometric information about a particular individual associated with the user device.
  - 11. The method of claim 1 wherein the user device descriptive values are chosen such that they are slowly changing, if at all, during use of the user device.
  - 12. The method of claim 3 further comprising the steps of:
    - determining, by the supervising program of said user device, credits associated with the tag table identifier, where the credits represent the total time available to postpone a call-up; and
      
      preventing the use of credits, by the supervising program, if the user device descriptive values have changed significantly since the occurrence of a previous continuation message.
  - 13. The method of claim 3 further comprising the steps of:
    - determining, by the supervising program of said user device, credits associated with the tag table identifier, where the credits represent the total time available to postpone a call-up; and
      
      decreasing the credits, by the guardian center, if the user device indicates in a call-up message that its user device descriptive values have significantly changed.
  - 14. The method of claim 1 wherein processing the call-up message at the guardian center to detect use of an infringing copy of software on the user device further includes, responding to determining that a tag table identifier is being used simultaneous on multiple user devices by sending a continuation message specifying that the tag table identifier is invalid.

5. A method of re-establishing ownership of a tag table, comprising the steps of:
- a. securely sending, by a user device, a message to an authorized server, the message including a new tag table identifier, a tag table identifier, an original tag table identifier and an ownership certificate pertaining to the original tag table identifier, where the new tag table identifier identifies a tag table having one or more tags, the tags indicating a right to use protected software;
  
  b. verifying, by the authorized server, that said ownership certificate pertains to the original tag table identifier and securely sending to the user device a digitally signed message allowing the user device to employ the new tag table identifier;
  
  c. creating, by the authorized server, an association between said new tag table identifier and said original tag table identifier, said new tag table identifier and said tag table identifier both related to said original tag table identifier;
  
  d. processing, by the authorized server, call-up messages to detect use of an infringing copy of software on the user device, where a call-up message is used to prevent a tag table identifier from being used simultaneously on multiple user devices, the call-up message including a concealed portion to protect the privacy of a user associated with the user device; and
  
  e. ensuring, by the authorized server, that call-up messages including said tag table identifier without said new tag table identifier are rejected.
- View Dependent Claims (6, 15)
- - 6. The method of claim 5 further comprising the steps of:
    - a. including, by the user device, said new tag table identifier in a future call-up message;
      
      b. verifying, by the guardian center, said association between said new table identifier and said original tag table identifier; and
      
      performing, by the guardian center, further processing based on said original tag table identifier.
  - 15. The method of claim 5 wherein processing, by the authorized server, call-up messages to detect use of an infringing copy of software on the user device further includes, responding to determining that a tag table identifier is being used simultaneous on multiple user devices by sending a continuation message specifying that the tag table identifier is invalid.

7. A method of re-establishing ownership of a tag table employing a one-way function, comprising the steps of:
- a. securely sending, by a user device, a message to an authorized server, the message including a new tag table identifier, where the new tag table identifier identifies a tag table having one or more tags, the tags indicating a right to use protected software;
  
  b. verifying, by the authorized server, that applying one-way function to the new tag table identifier yields a tag table identifier, the tag table identifier stored on the authorized server and associated with an original tag table identifier, said new tag table identifier and said tag table identifier both related to said original tag table identifier;
  
  c. creating, by the authorized server, an association between said new tag table identifier and said original tag table identifier;
  
  d. processing, by the authorized server, call-up messages to detect use of an infringing copy of software on the user device, where a call-up message is used to prevent a tag table identifier from being used simultaneously on multiple user devices, the call-up message including a concealed portion to protect the privacy of a user associated with the user device; and
  
  e. ensuring, by the authorized server, that call-up messages including said tag table identifier without said new tag table identifier are rejected.
- View Dependent Claims (8, 16)
- - 8. The method of claim 7 further comprising the steps of:
    - a. including, by the user device, said new tag table identifier in a call-up message;
      
      b. verifying, by the guardian center, the association between said new table identifier and said original tag table identifier; and
      
      performing, by the guardian center, further processing based on said original tag table identifier.
  - 16. The method of claim 7 wherein processing, by the authorized server, call-up messages to detect use of an infringing copy of software on the user device further includes, responding to determining that a tag table identifier is being used simultaneous on multiple user devices by sending a continuation message specifying that the tag table identifier is invalid.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Corporation
Original Assignee
ShieldIP, Inc.
Inventors
Rolinson, Sean, Rabin, Michael O., Shasha, Dennis E., Beinart, Yossi, Caceres, Ramon, Karia, Timir, Molnar, David
Primary Examiner(s)
Revak, Christopher
Assistant Examiner(s)
AVERY, JEREMIAH L

Application Number

US10/429,218
Publication Number

US 20030220882A1
Time in Patent Office

1,915 Days
Field of Search

None
US Class Current

713/150
CPC Class Codes

G06F 21/1077   Recurrent authorisation

G06F 21/6254   by anonymising data, e.g. d...

G06F 21/725   operating on a secure refer...

G06Q 20/367   involving electronic purses...

Method and apparatus for protecting information and privacy

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

89 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for protecting information and privacy

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

89 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links