License tracking system
First Claim
1. A method for maintaining remote data, the method comprising the following steps, in any suitable order:
- running an authenticated program on a trusted platform;
binding a first register and a second register on said trusted platform to said authenticated program;
storing a random secret in said first register, and insuring that only said authenticated program can read said random secret while said binding is in effect;
storing a unique integer value in a second register on said platform, and insuring that only said authenticated program can write to said second register while said binding is in effect;
deriving cipher keys from said first register and said second register;
maintaining exclusive access to a persistent data structure;
protecting said persistent data structure with said cipher keys;
parsing said persistent data structure into a list of controlled values, and modifying said controlled values based on commands from remote owners;
accepting a command from an authenticated server;
changing one of said controlled values, pursuant to said command;
changing said unique value in said second register to a distinct value;
loading said persistent data structure, and extracting a previously-saved second register value;
comparing said previously-saved second register value against the current value of said second register; and
refusing to decrypt if the values do not match.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and system for remotely maintaining data that is critical for license enforcement. The data consists of named values, is kept on a user'"'"'s trusted platform, and encrypted with the use of keys that are stored in two special registers. One register is exclusively readable by a trusted program, and holds a long-term secret. Another register is exclusively writable, and changed often, so that old backups of the named values can only be read if suitable permissions are obtained. It uses a hierarchy of servers that act as vendors and have contractual obligations. Vendor certificates specify that certain named values are stored on users'"'"' trusted platforms, but owned and controlled by servers (with the cooperation of the users).
-
Citations
11 Claims
-
1. A method for maintaining remote data, the method comprising the following steps, in any suitable order:
-
running an authenticated program on a trusted platform; binding a first register and a second register on said trusted platform to said authenticated program; storing a random secret in said first register, and insuring that only said authenticated program can read said random secret while said binding is in effect; storing a unique integer value in a second register on said platform, and insuring that only said authenticated program can write to said second register while said binding is in effect; deriving cipher keys from said first register and said second register; maintaining exclusive access to a persistent data structure; protecting said persistent data structure with said cipher keys; parsing said persistent data structure into a list of controlled values, and modifying said controlled values based on commands from remote owners; accepting a command from an authenticated server; changing one of said controlled values, pursuant to said command; changing said unique value in said second register to a distinct value; loading said persistent data structure, and extracting a previously-saved second register value; comparing said previously-saved second register value against the current value of said second register; and refusing to decrypt if the values do not match. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for maintaining remotely-controlled data, comprising:
-
a processor; a trusted platform running an authenticated program; a first register in said trusted platform, holding a random secret that only said authenticated program can read; a second register in said trusted platform, holding a unique value that only said authenticated program can write and that is readable by other programs; a cipher key derived from said first register and said second register; a persistent data structure protected with said cipher key; a list of controlled values, parsed from said persistent data structure, and modified based on commands from remote owners; means to accept a command from an authenticated server; means to change one of said controlled values, pursuant to said command; means to a change said unique value in said second register to a distinct value; means to load said persistent data structure, and extracting a previously-saved second register value; means to compare said previously-saved second register value against the current value of said second register; and means to refuse to decrypt if the values do not match.
-
Specification