Method and apparatus for protecting information and privacy
First Claim
1. A method used by a protection center of sending protection information for protected software to a class of user devices having common properties comprising the steps of:
- signing a message including said protection information to be sent, the common properties, and an expiration time for said protection information;
sending the signed protection information from a protection center to a class of user devices, such that the protection information identifies the protected software without revealing information about a user to whom the protected software was sold;
verifying the signed protection information using a verification key;
receiving said signed message by a supervising program on each user device;
at each user device, using the protection information to detect and prevent infringing use of the protected software by verifying, using the supervising program, that the message has been signed by said protection center using a verification key on said user device, that said common properties correspond to one or more of a set of actual properties of the user device and a set of properties listed in the supervising program, and that the expiration time is greater than a current time, where the protection information facilitates the detection and prevention of infringing use of the protected software without requiring modification of the protected software; and
upon successful verification, accepting the message by the user device.
5 Assignments
0 Petitions
Accused Products
Abstract
A system for protecting software against piracy while protecting a user'"'"'s privacy enables enhancements to the protection software in a user device and extended protections against piracy. The protection system allows the user device to postpone validation of purchased tags stored in a tag table for installed software and to re-establish ownership of a tag table to recover from invalidation of a tag table identifier value resulting from revelation of a tag table identifier value. Continued use of the tag table is provided by the use of credits associated with a tag table. A protection center is protected against denial of service attacks by making calls to the protection center cost time or money to the attackers.
-
Citations
20 Claims
-
1. A method used by a protection center of sending protection information for protected software to a class of user devices having common properties comprising the steps of:
-
signing a message including said protection information to be sent, the common properties, and an expiration time for said protection information; sending the signed protection information from a protection center to a class of user devices, such that the protection information identifies the protected software without revealing information about a user to whom the protected software was sold; verifying the signed protection information using a verification key; receiving said signed message by a supervising program on each user device; at each user device, using the protection information to detect and prevent infringing use of the protected software by verifying, using the supervising program, that the message has been signed by said protection center using a verification key on said user device, that said common properties correspond to one or more of a set of actual properties of the user device and a set of properties listed in the supervising program, and that the expiration time is greater than a current time, where the protection information facilitates the detection and prevention of infringing use of the protected software without requiring modification of the protected software; and upon successful verification, accepting the message by the user device. - View Dependent Claims (2, 3)
-
-
4. A system used by a protection center of sending protection information to a class of user devices having common properties comprising:
-
means for signing a message including said protection information to be sent, the common properties, and an expiration time for said protection information; means for sending the signed protection information from a protection center to a class of user devices, such that the protection information identifies the protected software without revealing information about a user to whom the protected software was sold; means for verifying the signed protection information using a verification key; means for receiving said signed message by a supervising program on each user device; at each user device, means for using the protection information to detect and prevent infringing use of protected software by verifying, using the supervising program, that the message has been signed by said protection center using a verification key on said user device, that said common properties correspond to one or more of a set of actual properties of the user device and a set of properties listed in the supervising program, and that the expiration time is greater than a current time, the protection information facilitating the detection and prevention of infringing use of the protected software without requiring modification of the protected software; and upon successful verification, accepting the message by the user device.
-
-
5. A system of controlling use of protected software on a user device, the system comprising:
-
one or more processors configured to process a call-up message generated by a user device, the call-up message facilitating prevention of piracy of the protected software, the call-up message configured to include; a tag table identifier value associated with the protected software; a set of user device descriptive values, where one or more of the user device descriptive values provide information concerning a state associated with the user device; a nonce; and a one-way function; and said one-way function is applied to said set of user device descriptive values and said nonce to provide a one-way function result value that conceals the user device descriptive values from other devices, where the concealing of the user device descriptive values from other devices provides privacy protection for a user of the user device; and the call-up message configured to prevent the tag table identifier value associated with the protected software from being used simultaneously on more than one user device. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system of re-establishing ownership of a tag table, the system comprising:
-
an authorized server in communication with a user device, the authorized server receiving a message regulated to re-establishing ownership of a tag table; the message including a new tag table identifier, an original tag table identifier, an original tag table identifier and an ownership certificate pertaining to the original tag table identifier, where the new tag table identifier identifies a tag table having one or more tags, the tags indicating a right to use protected software; the authorized server verifying that said ownership certificate pertains to the original tag table identifier and securely sending to the user device a digitally signed message allowing the user device to employ the new tag table identifier; and the authorized server creating an association between said new tag table identifier and said original tag table identifier, said new tag table identifier and said tag table identifier both related to said original tag table identifier.
-
Specification