Methods and arrangements for limiting access to computer controlled functions and devices

US 7,950,048 B2
Filed: 09/06/2005
Issued: 05/24/2011
Est. Priority Date: 03/29/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

verifying that a first application is authorized to set an initial range for a controlled parameter setting of a device;

when it has been verified that the first application is authorized, allowing the first application to set an initial range for the controlled parameter setting of the device, where the first application is not allowed to set the initial range until it has been verified that it is authorized; and

in response to the first application setting the initial range, allowing at least a second application to modify the controlled parameter setting within the initial range set by the first application.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and arrangements are provided to verify if a requesting computer application is authorized to change a controlled parameter associated with a computer controlled device and/or function. To accomplish this, one or verification functions are employed to analyze a security code or absence thereof, as identified by a requesting application. If the security code, which may be encrypted, matches a known or calculated valid security code, then the requesting application is deemed to be authorized to change the controlled parameter and/or modify certain limitations associated with an acceptable range for the controlled parameter. If the security code does not match a known or calculated valid security code, then the requesting application is deemed to be unauthorized to change the controlled parameter outside of a previously established acceptable range for the controlled parameter. The verification function can be implemented in a ROM to increase the security and to thwart attempts to circumvent the authorization scheme. Several independent verification functions can be arranged to support the verification of a plurality of authorized applications.

22 Citations

47 Claims

1. A method comprising:
- verifying that a first application is authorized to set an initial range for a controlled parameter setting of a device;
  
  when it has been verified that the first application is authorized, allowing the first application to set an initial range for the controlled parameter setting of the device, where the first application is not allowed to set the initial range until it has been verified that it is authorized; and
  
  in response to the first application setting the initial range, allowing at least a second application to modify the controlled parameter setting within the initial range set by the first application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. A method as recited in claim 1, wherein the first application is verified based on a first security code.
  - 3. A method as recited in claim 2, wherein the first security code is at least partially encrypted.
  - 4. A method as recited in claim 1, wherein the first application is verified based at least partially on memory location information associated with a verifying function.
  - 5. A method as recited in claim 4, wherein the memory location information associated with the verifying function defines memory location within a read only memory (ROM).
  - 6. A method as recited in claim 1, wherein the initial range includes at least a maximum controlled parameter setting, and the second application is not allowed to modify the controlled parameter setting beyond the maximum controlled parameter setting.
  - 7. A method as recited in claim 1, wherein the initial range includes at least a minimum controlled parameter setting, and the second application is not allowed to modify the controlled parameter setting below the minimum controlled parameter setting.
  - 8. A method as recited in claim 1, further comprising:
    - verifying that the second application is authorized to modify a current range for the controlled parameter setting;
      
      when it has been verified that the second application is authorized, allowing the second application to modify the current range for the controlled parameter setting; and
      
      subsequently, allowing at least a third application to modify the controlled parameter setting within the current range as modified by the second application.
  - 9. A method as recited in claim 8, wherein the second application is verified based on a second security code.
  - 10. A method as recited in claim 9, wherein the second security code is at least partially encrypted.
  - 11. A method as recited in claim 8, wherein the second application is verified based at least partially on memory location information associated with a verifying function.
  - 12. A method as recited in claim 11, wherein the memory location information associated with the verifying function defines memory location within a read only memory (ROM).
  - 13. A method as recited in claim 8, wherein the current range includes at least a maximum controlled parameter setting, and the third application is not allowed to modify the controlled parameter setting beyond the maximum controlled parameter setting.
  - 14. A method as recited in claim 8, wherein the current range includes at least a minimum controlled parameter setting, and the third application is not allowed to modify the controlled parameter setting below the minimum controlled parameter setting.
  - 15. A method as recited in claim 1, wherein the controlled parameter setting is selected from a group of settings comprising an audio volume control parameter, an audio tone control parameter, an illumination control parameter, a visual display control parameter, a temperature control parameter, a communication access control parameter, a peripheral device control parameter, a vehicle control parameter, and an environment control parameter.
  - 16. A method as recited in claim 1, wherein verifying that the first application is authorized to set the initial range for the controlled parameter setting further includes using at least one verifier selected from a group comprising at least a first verifier and a second verifier.
  - 17. A method as recited in claim 8, wherein verifying that the first application is authorized to set the initial range for the controlled parameter setting further includes using at least one verifier selected from a group comprising at least a first verifier and a second verifier.

18. A computer-readable medium having computer-executable instructions for performing steps comprising:
- verifying that a first application is authorized to set an initial range for a controlled parameter setting of a device;
  
  when it has been verified that the first application is authorized, allowing the first application to set an initial range for the controlled parameter setting of the device, where the first application is not allowed to set the initial range until it has been verified that it is authorized; and
  
  in response to the first application setting the initial range, allowing at least a second application to modify the controlled parameter setting within the initial range set by the first application.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 19. A computer-readable medium as recited in claim 18, wherein the first application is verified based on a first security code.
  - 20. A computer-readable medium as recited in claim 19, wherein the first security code is at least partially encrypted.
  - 21. A computer-readable medium as recited in claim 18, wherein the first application is verified based at least partially on memory location information associated with a verifying function.
  - 22. A computer-readable medium as recited in claim 21, wherein the memory location information associated with the verifying function defines memory location within a read only memory (ROM).
  - 23. A computer-readable medium as recited in claim 18, wherein the initial range includes at least a maximum controlled parameter setting, and the second application is not allowed to modify the controlled parameter setting beyond the maximum controlled parameter setting.
  - 24. A computer-readable medium as recited in claim 18, wherein the initial range includes at least a minimum controlled parameter setting, and the second application is not allowed to modify the controlled parameter setting below the minimum controlled parameter setting.
  - 25. A computer-readable medium as recited in claim 18, having computer-executable instructions for performing steps further comprising:
    - verifying that the second application is authorized to modify a current range for the controlled parameter setting;
      
      if authorized, allowing the second application to modify the current range for the controlled parameter setting; and
      
      subsequently, allowing at least a third application to modify the controlled parameter setting within the current range as modified by the second application.
  - 26. A computer-readable medium as recited in claim 25, wherein the second application is verified based on a second security code.
  - 27. A computer-readable medium as recited in claim 26, wherein the second security code is at least partially encrypted.
  - 28. A computer-readable medium as recited in claim 25, wherein the second application is verified based at least partially on memory location information associated with a verifying function.
  - 29. A computer-readable medium as recited in claim 28, wherein the memory location information associated with the verifying function defines memory location within a read only memory (ROM).
  - 30. A computer-readable medium as recited in claim 25, wherein the current range includes at least a maximum controlled parameter setting, and the third application is not allowed to modify the controlled parameter setting beyond the maximum controlled parameter setting.
  - 31. A computer-readable medium as recited in claim 25, wherein the current range includes at least a minimum controlled parameter setting, and the third application is not allowed to modify the controlled parameter setting below the minimum controlled parameter setting.
  - 32. A computer-readable medium as recited in claim 18, wherein the controlled parameter setting is selected from a group of settings comprising an audio volume control parameter, an audio tone control parameter, an illumination control parameter, a visual display control parameter, a temperature control parameter, a communication access control parameter, a peripheral device control parameter, a vehicle control parameter, and an environment control parameter.
  - 33. A computer-readable medium as recited in claim 18, wherein verifying that the first application is authorized to set the initial range for the controlled parameter setting further includes using at least one verifier selected from a group comprising at least a first verifier and a second verifier.
  - 34. A computer-readable medium as recited in claim 25, wherein verifying that the first application is authorized to set the initial range for the controlled parameter setting further includes using at least one verifier selected from a group comprising at least a first verifier and a second verifier.

35. A computer-readable storage medium having computer-executable instructions for performing steps comprising:
- monitoring an audio system within a vehicle for a request to modify a controlled parameter and an authorized range for a controlled parameter;
  
  receiving a first request by an application to set the authorized range for the controlled parameter;
  
  verifying that the application is authorized to modify an authorized range for a controlled parameter of the audio system, the verifying comprising;
  
  analyzing the request to determine whether it is accompanied by a pointer to a security code stored in a memory, wherein the request is further analyzed to determine whether the request originates from a predefined memory location in a read only portion of a memory, andanalyzing the security code to determine whether it matches at least one of a plurality of security codes associated with an authorized application;
  
  when the verifying determines the application is authorized, actively allowing the application to set an authorized range and a current value for the controlled parameter;
  
  when the verifying determines the application is unauthorized, restricting the application to setting the current value of the controlled parameter to be within a pre-established limit of the authorized range, wherein the application is restricted from setting the authorized range;
  
  receiving a second request to change the current value of the controlled parameter from the application, wherein the second request to change the current value of the controlled parameter is outside the authorized range;
  
  determining that the application has been previously authorized according to the verifying;
  
  changing the current value of the controlled parameter to the requested value of the second request;
  
  otherwise, verifying that the application is authorized to modify the authorized range for the controlled parameter, prior to changing the current value of the controlled parameter to the requested value using the verifying.
- View Dependent Claims (36, 37, 38, 39)
- - 36. A computer-readable medium as recited in claim 35, wherein verifying that the application is authorized to modify the authorized range for the controlled parameter further comprises changing the authorized range to include the requested value when the application is authorized to modify the authorized range.
  - 37. A computer-readable medium as recited in claim 36, wherein the authorized range includes at least one authorized limit selected from a group including a minimum authorized limit and a maximum authorized limit.
  - 38. A computer-readable medium as recited in claim 37, further comprising computer-executable instructions for performing the step of changing the current value of the controlled parameter to the minimum authorized limit if the requested value is less than the minimum authorized limit and the application is not authorized to modify the authorized range.
  - 39. A computer-readable medium as recited in claim 37, further comprising computer-executable instructions for performing the step of changing the current value of the controlled parameter to the maximum authorized limit if the requested value is more than the maximum authorized limit and the application is not authorized to modify the authorized range.

40. A vehicle computer system comprising:
- a processor; and
  
  a memory coupled to the processor to facilitate storage of one or more of;
  
  a parameter manager configurable to receive a parameter change request from one or more computer applications and selectively output a corresponding parameter value to one or more vehicle component controls;
  
  at least one verifier function accessible by the parameter manager and configured to determine if the parameter change request is from a computer application that is authorized to exceed a parameter limitation for the one or more vehicle component controls; and
  
  a device driver coupled to the parameter manager and configured to receive the parameter value from the parameter manager and output a corresponding control parameter suitable for use by the processing device.
- View Dependent Claims (41, 42, 43, 44, 45, 46, 47)
- - 41. A computer system as recited in claim 40, wherein the verifier determines if the parameter change request is from the computer application authorized to exceed the parameter limitation by analyzing a security code identified by the first application.
  - 42. A computer system as recited in claim 41, wherein the verifier decodes the security code and compares the resulting data to a valid security code to determine if the computer application is authorized to exceed the parameter limitation.
  - 43. A computer system as recited in claim 40, wherein at least a portion of the verifier is Invoked by the parameter manager in a predefined, identifiable manner, such that if Invoked otherwise the computer application is deemed unauthorized to exceed the parameter limitation.
  - 44. A computer system as recited in claim 43, further comprising a memory, and wherein the at least a portion of the verifier that is invoked by the parameter manager in a predefined, identifiable manner is associated with at least one memory location within a read only portion of the memory.
  - 45. A computer system as recited in claim 41, wherein the security code is uniquely associated a software developer entity responsible for providing the computer application and the verifier.
  - 46. A computer system as recited in claim 40, wherein the parameter manager, verifier, and device driver are part of a computer system within a vehicle.
  - 47. A computer system as recited in claim 40, wherein the at least one device includes a computer implemented function.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Falcon, Stephen Russell, Yip, Clement Chun Pong
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Tran, Tongoc

Application Number

US11/219,936
Publication Number

US 20060010499A1
Time in Patent Office

2,086 Days
Field of Search

713/182, 713/168, 713/156, 726/26, 726 2- 5, 707/9, 707/10, 709/224, 709/212, 709/229, 709/217, 701/36
US Class Current

726/4
CPC Class Codes

G06F 21/572 Secure firmware programming...

Methods and arrangements for limiting access to computer controlled functions and devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

47 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and arrangements for limiting access to computer controlled functions and devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

47 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links