System and method for an autonomous software protection device
First Claim
1. A software protection device for carrying out computations in a protected environment, the device comprising:
- a processing unit;
means of preventing access to at least part of said processing unit from outside of said processing unit;
a decryption means for decrypting protected data said decryption means configured to decrypt at least partly encrypted data by said processing unit using said means of preventing access to at least part of said processing unit;
a virtual machine configured for executing computer program code said virtual machine configured to execute at least partially by said processing unit using said means of preventing access to at least part of said processing unit;
whereby decryption of at least partly encrypted program and execution of decrypted said at least partly encrypted program by said virtual machine within at least part of said software protection device protects code contents and protects said virtual machine executing said code contents from outside of said software protection device.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method is introduced for protecting software from being altered, duplicated, inspected or used in an unauthorized manner. An autonomous software protection device is presented, containing encryption and decryption unit along with an independent execution environment such as a Java Virtual Machine to carry out computations in a protected environment. The software protection device carries out protected code and may make use of protected data to carry out protected computations. Unsecured memory may be used securely by software protection device through an internal virtual memory mechanism managed by the independent execution environment. The software protection device may serve an external computing device for making computations that are protected from software and data alteration and inspection while preventing duplication and usage not as intended by the software and data owner.
11 Citations
17 Claims
-
1. A software protection device for carrying out computations in a protected environment, the device comprising:
-
a processing unit; means of preventing access to at least part of said processing unit from outside of said processing unit; a decryption means for decrypting protected data said decryption means configured to decrypt at least partly encrypted data by said processing unit using said means of preventing access to at least part of said processing unit; a virtual machine configured for executing computer program code said virtual machine configured to execute at least partially by said processing unit using said means of preventing access to at least part of said processing unit; whereby decryption of at least partly encrypted program and execution of decrypted said at least partly encrypted program by said virtual machine within at least part of said software protection device protects code contents and protects said virtual machine executing said code contents from outside of said software protection device. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for executing a protected program in a protected manner using a software protection device the method comprising:
-
a. sending one or more at least part of at least partially encrypted programs to said software protection device; b. preventing access to at least part of said software protection device from outside of said software protection device; c. decrypting said at least one part of one of said at least partially encrypted programs within said at least part of said software protection device prevented from access outside of said device; d. executing said at least one partially decrypted program part by a virtual machine configured to execute computer program code within at least part of said software protection device prevented from access outside of said device. - View Dependent Claims (7, 8, 9)
-
-
10. A secure software protection unit configured for limiting access to restricted data for carrying out computations in a protected environment, the software protection unit comprising:
-
a processing unit; means of preventing access to at least part of said processing unit from outside of said processing unit; a virtual machine configured for executing computer program code using said processing unit said virtual machine configured to execute at least partially on said processing unit using said means of preventing access to at least part of said processing unit external memory located outside of said processing unit; means of securely making use of at least part of said external memory to execute said virtual machine wherein contents of said at least part of said external memory used by said virtual machine is encrypted for use of said processing unit; whereby computer program executed by said virtual machine using said at least part of said processing unit and using said at least part of said external memory to execute said computer program in a protected environment.
-
-
11. A method for executing a protected program in a protected manner using a software protection device the method comprising:
-
a. sending one or more at least part of at least partially authorized programs to said software protection device; b. preventing access to at least part of said software protection device from outside of said software protection device; c. authorizing said at least one part of one of said at least partially authorized programs within said at least part of said software protection device prevented from access outside of said device; d. executing said at least one partially authorized program part by a virtual machine configured to execute computer program code within at least part of said software protection device prevented from access outside of said device. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method for executing a protected program in a protected manner using a software protection device the method comprising:
-
a. preventing access to at least part of processing unit of said software protection device from outside of said processing unit (for securing execution of said virtual machine); b. executing said protected computer program using a virtual machine executing on at said at least part of said processing unit at least partially prevented from access outside of said software protection device; c. securely making use of at least part of external memory located outside of said processing unit by said virtual machine for said executing said protected computer program at least partially prevented from access outside of said software protection device wherein said at least part of external memory used by said virtual machine is encrypted for use of said virtual machine.
-
Specification