Rollback attack prevention system and method
First Claim
Patent Images
1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
- a non-volatile memory device associated with and local to the gaming machine, wherein the memory device contains a configuration log, wherein the configuration log includes a record of software changes that had been made on the gaming machine; and
a revocation list stored in the memory device, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine, wherein the inventory includes at least software that has been superseded, wherein the inventory is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification;
wherein the authorization for the updates is verified in conjunction with the use of bKey electronic identifiers.
7 Assignments
0 Petitions
Accused Products
Abstract
A rollback attack prevention system 10 for a gaming machine 20 includes a configuration log 30 and a revocation list 40. Preferably, the configuration log 30 includes a protected record of software that has been installed on the gaming machine 20. Further, the revocation list 40 includes an inventory of unauthorized software that the prevention system 10 prevents from being installed and/or used on the gaming machine 20.
-
Citations
38 Claims
-
1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
-
a non-volatile memory device associated with and local to the gaming machine, wherein the memory device contains a configuration log, wherein the configuration log includes a record of software changes that had been made on the gaming machine; and a revocation list stored in the memory device, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine, wherein the inventory includes at least software that has been superseded, wherein the inventory is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification; wherein the authorization for the updates is verified in conjunction with the use of bKey electronic identifiers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for preventing unauthorized installation and use of software on a gaming machine using a rollback attack prevention system, comprising:
-
establishing a configuration log and loading a revocation list into a non-volatile memory storage device associated with the gaming machine, wherein the configuration log includes a record of software that is currently installed on the gaming machine and software that had been previously installed on the gaming machine; using the revocation list to determine whether to disable or to permit continued use of existing software; in response to an attempt to load new software onto the gaming machine, using the revocation list to determine whether installation of the new software is permitted; updating the configuration log as required; and updating the revocation list as required, wherein the revocation list is updateable after each change to the software on the gaming machine, wherein authorization for any such updates is verified using message authentication code and digital signature verification, and wherein the authorization for the updates is verified in conjunction with the use of bKey electronic identifiers. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
-
38. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
-
a memory storage device associated with and local to the gaming machine; a configuration log stored in the memory storage device, wherein the configuration log includes a record of software that is currently installed on the gaming machines, had been previously installed on the gaming machines, and was attempted to be installed on the gaming machine; and a revocation list stored in the memory storage device, wherein the revocation list includes an inventory listing of unauthorized software that the prevention system prevents from being installed or used on the gaming machine, wherein the inventory includes at least software that has been superseded, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification; wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.
-
Specification