Method of randomly and dynamically checking configuration integrity of a gaming system
First Claim
1. A method, comprising:
- (a) installing a game data set at a gaming module of a gaming system;
(b) providing an exact copy of at least a portion of the game data set at an oversight module of the gaming system;
(c) randomly and dynamically generating an integrity executable at the oversight module,wherein dynamically generating includes choosing a random subset of one or more security algorithms from a security algorithm database for the integrity executable, wherein the integrity executable contains the subset of one or more security algorithms randomly chosen from the security algorithm database;
(d) sending the integrity executable to the gaming module;
(e) using the integrity executable, computing a first outcome from the game data set at the gaming module;
(f) after computing the first outcome, sending the first outcome to the oversight module and removing the integrity executable from the gaming module;
(g) using the integrity executable, computing a second outcome from the game data set at the oversight module;
(h) comparing the first and second outcomes to determine whether the first and second outcomes match;
(i) if the first and second outcomes match, indicating that the game data set is authentic; and
(j) if the first and second outcomes do not match, indicating that the game data set is not authentic.
1 Assignment
0 Petitions
Accused Products
Abstract
In a gaming environment, a method of periodically downloading dynamically generated executable modules at random intervals that perform system configuration integrity checks in a secure and verifiable manner is disclosed. The dynamically generated executable modules are created on a server machine and are themselves signed using industry standard PKI techniques, and contain randomly chosen subset from a repertoire of proven hashing and encryption algorithms that are executed on the system to be checked to create a unique signature of the state of that system. The dynamically generated executable module returns the signature to the server machine from which it was downloaded and deletes itself from the system being checked. The next time such an executable module is downloaded, it will contain a different randomly chosen subset of hashing and encryption algorithms. The server that is performing the system configuration integrity check maintains a database of expected system configurations and performs the same subset of hashing and encryption algorithms as contained in the dynamically generated executable module. The result returned by the downloaded executable module is compared to that computed locally, and an error condition is raised if they do not match.
-
Citations
18 Claims
-
1. A method, comprising:
-
(a) installing a game data set at a gaming module of a gaming system; (b) providing an exact copy of at least a portion of the game data set at an oversight module of the gaming system; (c) randomly and dynamically generating an integrity executable at the oversight module, wherein dynamically generating includes choosing a random subset of one or more security algorithms from a security algorithm database for the integrity executable, wherein the integrity executable contains the subset of one or more security algorithms randomly chosen from the security algorithm database; (d) sending the integrity executable to the gaming module; (e) using the integrity executable, computing a first outcome from the game data set at the gaming module; (f) after computing the first outcome, sending the first outcome to the oversight module and removing the integrity executable from the gaming module; (g) using the integrity executable, computing a second outcome from the game data set at the oversight module; (h) comparing the first and second outcomes to determine whether the first and second outcomes match; (i) if the first and second outcomes match, indicating that the game data set is authentic; and (j) if the first and second outcomes do not match, indicating that the game data set is not authentic. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A gaming system, comprising:
an oversight module configured to randomly monitor the integrity of one or more gaming modules operatively coupled to the oversight module to ensure that the gaming modules have not been compromised, the oversight module randomly performing audits of at least the gaming code stored on the gaming modules, the audits indicating whether the gaming code has been changed or altered from a known configuration, wherein the oversight module includes; a gaming module configuration database having a copy of the gaming data for each gaming module; an algorithm database that includes a plurality of security algorithms; an integrity check generator configured for randomly and dynamically generating integrity executables, containing one or more security algorithms, to be run on both the oversight module and a gaming module, wherein dynamically generating includes choosing a random subset of one or more security algorithms from a security algorithm database for the integrity executable, wherein the integrity executable contains the subset of one or more security algorithms randomly chosen from the security algorithm database; and a comparator that compares the results of the executable run on the oversight module and the gaming module, a match indicating that the gaming module is trusted, a non match indicating that the gaming module is not trusted. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
Specification