Rollback attack prevention system and method

US 8,165,294 B2
Filed: 02/01/2011
Issued: 04/24/2012
Est. Priority Date: 09/13/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:

a non-volatile memory device associated with and local to the gaming machine, wherein the memory device contains a configuration log, wherein the configuration log includes a record of software changes that had been made on the gaming machine; and

a revocation list stored in the memory device, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine, wherein the inventory includes at least software that has been superseded, wherein the inventory is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification;

wherein the authorization for the updates is verified in conjunction with the use of bKey electronic identifiers.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A rollback attack prevention system 10 for a gaming machine 20 includes a configuration log 30 and a revocation list 40. Preferably, the configuration log 30 includes a protected record of software that has been installed on the gaming machine 20. Further, the revocation list 40 includes an inventory of unauthorized software that the prevention system 10 prevents from being installed and/or used on the gaming machine 20.

Citations

38 Claims

1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
- a non-volatile memory device associated with and local to the gaming machine, wherein the memory device contains a configuration log, wherein the configuration log includes a record of software changes that had been made on the gaming machine; and
  
  a revocation list stored in the memory device, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine, wherein the inventory includes at least software that has been superseded, wherein the inventory is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification;
  
  wherein the authorization for the updates is verified in conjunction with the use of bKey electronic identifiers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The system of claim 1, wherein the configuration log is protected using digital signature verification so that any unauthorized changes are easily identifiable.
  - 3. The system of claim 1, wherein the configuration log is protected using message authentication code so that any unauthorized changes are easily identifiable.
  - 4. The system of claim 1, wherein the revocation list is protected using digital signature verification so that any unauthorized changes are easily identifiable.
  - 5. The system of claim 1, wherein the revocation list being protected using message authentication code so that any unauthorized changes are easily identifiable.
  - 6. The system of claim 1, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is DSA encryption.
  - 7. The system of claim 1, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is RSA encryption.
  - 8. The system of claim 1, wherein the configuration log is updated by the system in response to an attempted or actual software installation on the gaming machine.
  - 9. The system of claim 1, wherein the revocation list is used to verify that new software is authorized for installation on the gaming machine, wherein installation and use of new software is not permitted if the new software is found on the revocation list, and wherein installation and use of new software is permitted, if the new software is not found on the revocation list.
  - 10. The system of claim 9, wherein the revocation list is used to verify that existing software on the gaming machine is authorized for continued use on the gaming machine, wherein existing software that is listed on the revocation list is disabled for use on the gaming machine, and wherein existing software that is not on the revocation list continues to be enabled for use on the gaming machine.
  - 11. The system of claim 10, wherein disabling of existing software includes uninstalling the software on the gaming machine.
  - 12. The system of claim 1, further comprising an installation medium drive for loading software on the gaming machine from an installation medium.
  - 13. The system of claim 12, wherein the installation medium drive is a CD-ROM/DVD-ROM drive, and wherein the installation medium from which the loadable software is accessed is a CD-ROM/DVD-ROM.
  - 14. The system of claim 12, wherein the installation medium drive is an external drive.
  - 15. The system of claim 12, wherein the installation medium drive is an internal drive.
  - 16. The system of claim 12, wherein the installation medium drive is selected from the group consisting of networks, electronic keys, smart cards, memory sticks, memory cards, portable mini-drives.
  - 17. The system of claim 12, wherein the installation medium includes an updated revocation list.
  - 18. The system of claim 12, wherein the installation medium includes updates for the configuration log.

19. A method for preventing unauthorized installation and use of software on a gaming machine using a rollback attack prevention system, comprising:
- establishing a configuration log and loading a revocation list into a non-volatile memory storage device associated with the gaming machine, wherein the configuration log includes a record of software that is currently installed on the gaming machine and software that had been previously installed on the gaming machine;
  
  using the revocation list to determine whether to disable or to permit continued use of existing software;
  
  in response to an attempt to load new software onto the gaming machine, using the revocation list to determine whether installation of the new software is permitted;
  
  updating the configuration log as required; and
  
  updating the revocation list as required, wherein the revocation list is updateable after each change to the software on the gaming machine, wherein authorization for any such updates is verified using message authentication code and digital signature verification, and wherein the authorization for the updates is verified in conjunction with the use of bKey electronic identifiers.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
- - 20. The method of claim 19, wherein establishing a configuration log and loading a revocation list into a memory storage device comprises:
    - storing a configuration log, wherein the configuration log includes a protected record of software that had been installed on the gaming machine; and
      
      loading a revocation list, wherein the revocation list indicates software that is unauthorized for installation and use on the gaming machine.
  - 21. The method of claim 20, wherein installation of the new software is permitted if the new software is not on the updated revocation list.
  - 22. The method of claim 19, wherein establishing a configuration log comprises scanning the configuration history of the gaming machine, and wherein loading an initial revocation list comprises loading a revocation list from an installation medium onto the memory storage device associated with the gaming machine.
  - 23. The method of claim 19, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is DSA encryption.
  - 24. The method of claim 19, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is RSA encryption.
  - 25. The method of claim 19, wherein the non-volatile memory storage device is protected using digital signature verification so that any unauthorized changes are easily identifiable.
  - 26. The method of claim 19, wherein the non-volatile memory storage device is protected using message authentication code so that any unauthorized changes are easily identifiable.
  - 27. The method of claim 19, wherein the configuration log is updated by the system in response to an attempted or actual software installation on the gaming machine.
  - 28. The method of claim 19, wherein an installation medium drive and an installation medium containing the new software are used to attempt to load new software on the gaming machine.
  - 29. The method of claim 28, wherein the installation medium drive is a CD-ROM/DVD-ROM drive, and wherein the installation medium from which the loadable new software is accessed is a CD-ROM/DVD-ROM
  - 30. The method of claim 19, wherein updating the revocation list comprises:
    - downloading a revocation list update, wherein the revocation list update includes information regarding software authorization criteria for installation and use on the gaming machine; and
      
      saving the updated revocation list to the memory storage device.
  - 31. The method of claim 19, further comprising:
    - checking an updated revocation list for new software to determine whether new software is authorized for installation and use on the gaming machine.
  - 32. The method of claim 19, wherein installation of the new software is not permitted if the new software is on the updated revocation list.
  - 33. The method of claim 19, further comprising:
    - checking an updated revocation list for existing software to determine whether continued use of existing software on the gaming machine is authorized.
  - 34. The method of claim 33, wherein the existing software is disabled if the existing software is on the updated revocation list.
  - 35. The method of claim 34, wherein the disabling of the existing software includes uninstalling the existing software from the gaming machine.
  - 36. The method of claim 33, wherein continued use of the existing software is authorized if the existing software is not on the updated revocation list.
  - 37. The method of claim 19, wherein updating the configuration log comprises:
    - saving data regarding at least the installation of new software on the gaming machine; and
      
      saving data regarding disablement, if any, of existing software on the gaming machine.

38. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
- a memory storage device associated with and local to the gaming machine;
  
  a configuration log stored in the memory storage device, wherein the configuration log includes a record of software that is currently installed on the gaming machines, had been previously installed on the gaming machines, and was attempted to be installed on the gaming machine; and
  
  a revocation list stored in the memory storage device, wherein the revocation list includes an inventory listing of unauthorized software that the prevention system prevents from being installed or used on the gaming machine, wherein the inventory includes at least software that has been superseded, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification;
  
  wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sg Gaming, Inc. (Light & Wonder Incorporated)
Original Assignee
Bally Gaming Incorporated (Light & Wonder Incorporated)
Inventors
Morrow, James W., Hein, Marvin A., Carman, David W.
Primary Examiner(s)
Goodarzi, Nasser
Assistant Examiner(s)
Traore, Fatoumata

Application Number

US13/019,148
Publication Number

US 20110123024A1
Time in Patent Office

448 Days
Field of Search

None
US Class Current

380/251
CPC Class Codes

G06F 11/006   Identification G06F11/2289 ...

G06F 11/0748   in a remote unit communicat...

G06F 11/2289   by configuration test

G06F 11/2294   by remote test

G11C 2029/4402   Internal storage of test re...

H04L 9/3247   involving digital signatures

H04L 9/3268   using certificate validatio...

Rollback attack prevention system and method

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Rollback attack prevention system and method

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links