Program, communication device, data processing method, and communication system

US 8,484,449 B2
Filed: 04/27/2005
Issued: 07/09/2013
Est. Priority Date: 05/26/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A non-transitory computer readable storage medium encoded with computer program instructions which when executed, cause a computer to implement a method, comprising:

verifying whether a security chip is present in a first communication device by comparing first boot hash data generated in response to booting the first communication device via a boot program of the first communication device and received from the first communication device with second boot hash data received from a second communication device, the first and second boot hash data identifying the first communication device, the security chip guaranteeing that hardware identification data is provided in the first communication device and cannot be rewritten by a user of the first communication device;

verifying whether the hardware identification data included in a registration request received from the first communication device is not registered; and

registering the hardware identification data included in the registration request and issuing unique anonymous user identification data and key data corresponding to the unique anonymous user identification data to the user when determining via security chip verification that the security chip is present and determining via registration verification that the hardware identification data is not registered.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is provided a program for making a computer perform a first procedure for verifying whether an platform guaranteeing that device identification data for identifying a communication device cannot be rewritten by the user is provided in the communication device, a second procedure for verifying whether the device identification data included in a registration request received from the communication device is not yet registered, and a third procedure for registering the device identification data included in the registration request and issuing user identification data to the user when the program determines in the first procedure that the platform is provided and determines in the second procedure that the device identification data is not yet registered.

Citations

14 Claims

1. A non-transitory computer readable storage medium encoded with computer program instructions which when executed, cause a computer to implement a method, comprising:
- verifying whether a security chip is present in a first communication device by comparing first boot hash data generated in response to booting the first communication device via a boot program of the first communication device and received from the first communication device with second boot hash data received from a second communication device, the first and second boot hash data identifying the first communication device, the security chip guaranteeing that hardware identification data is provided in the first communication device and cannot be rewritten by a user of the first communication device;
  
  verifying whether the hardware identification data included in a registration request received from the first communication device is not registered; and
  
  registering the hardware identification data included in the registration request and issuing unique anonymous user identification data and key data corresponding to the unique anonymous user identification data to the user when determining via security chip verification that the security chip is present and determining via registration verification that the hardware identification data is not registered.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The non-transitory computer readable storage medium of claim 1, wherein the hash data received from the first communication device is automatically generated at the security chip of the first communication device when a program is booted at the first communication device.
  - 3. The non-transitory computer readable storage medium of claim 1, wherein the registering stores the key data linked with the user identification data, and the non-transitory computer readable storage medium includes computer instructions which cause the computer to execute processing, further comprising:
    - decrypting encrypted data received and linked with unique anonymous user identification data issued in the registering, using the key data linked with the unique anonymous user identification data.
  - 4. The non-transitory computer readable storage medium of claim 3, wherein the first and second boot hash data includes program BIOS and operating system data of the booted first communication device.
  - 5. The non-transitory computer readable storage medium of claim 4, wherein the verifying further compares first application hash data of an application program booted by the first communication device and received from the first communication device with second application hash data received from the second communication device.
  - 6. The non-transitory computer readable storage medium of claim 1, wherein the first and second boot hash data includes program BIOS and operating system data of the booted first communication device.
  - 7. The non-transitory computer readable storage medium of claim 6, wherein the verifying further compares first application hash data of an application program booted by the first communication device and received from the first communication device with second application hash data received from the second communication device.

8. A first communication device comprising:
- an interface to receive a registration request from a second communication device; and
  
  an execution circuit toverify whether a security chip is present in the second communication device by comparing first boot hash data generated in response to booting the second communication device via a boot program of the second communication device and received from the second communication device with second boot hash data received from a third communication device, the first and second boot hash data identifying the second communication device, the security chip guaranteeing that hardware identification data is present in the second communication device and cannot be rewritten by a user of the second communication device,verify whether the hardware identification data included in a registration request from the second communication device is not registered by communicating with the second communication device through the interface,register the hardware identification data included in the registration request when the second communication device includes the security chip and the hardware identification data is not registered, andissue unique anonymous identification data and key data corresponding to the unique anonymous user identification data to the second communication device when the second communication device includes the security chip and the hardware identification data is not registered.

9. A data processing method of a server device, comprising:
- verifying whether a security chip is present in a first communication device, by comparing first boot hash data generated in response to booting the first communication device via a boot program the first communication device and received from the first communication device with second boot hash data received from a second communication device, the first and second boot hash data identifying the first communication device, to guarantee that hardware identification data is provided in the first communication device and cannot be written by a user of the first communication device,verifying whether the first hardware data included in a registration request received from the first communication device is not registered; and
  
  registering the hardware identification data included in the registration request and issuing unique anonymous user identification data and key data corresponding to the unique anonymous user identification data to the first communication device when security chip verification verifies that the security chip is present, and registration verification determines that the hardware identification data is not registered.

10. A non-transitory computer readable storage medium encoded with computer program instructions executable by a computer to cause the computer to implement a method, comprising:
- assigning single unique pseudonym identification data used to verify a security chip to each of a plurality of users;
  
  verifying that the security chip is present at a communication device by comparing first boot hash data generated in response to booting the communication device via a boot program of the communication device and received from the first communication device with second boot hash data received from a second communication device, the first and second boot hash data identifying the first communication device, the security chip guaranteeing that the pseudonym identification data cannot be rewritten by the users of the first communication device;
  
  verifying whether pseudonym identification data received from the first communication device is not registered;
  
  registering the pseudonym identification data received from the first communication device; and
  
  issuing unique anonymous user identification data and key data corresponding to the unique anonymous user identification data to the user relating to the registration request when security chip verification verifies that the security chip is present in the first communication device and registration verification verifies that the pseudonym identification data is not registered.
- View Dependent Claims (11)
- - 11. The non-transitory computer readable storage medium of claim 10, wherein the registering stores the pseudonym identification data linked with the unique anonymous user identification data, and the non-transitory computer readable storage medium includes instructions executable by the computer, further comprising:
    - decrypting the encrypted data received and linked with the unique anonymous user identification data issued in the registering, using the pseudonym identification data linked with the unique anonymous user identification data in the registering.

12. A first communication device comprising:
- an interface receiving a registration request from a second communication device; and
  
  an execution circuit toassign a single unique pseudonym identification data used to verify a security chip to each of a plurality of users,verify whether the security chip is present at the second communication device by comparing first boot hash data generated in response to booting the second communication device via a boot program of the second communication device and received from the second communication device with second boot hash data received from a third communication device, the first and second boot hash data identifying the second communication device, the security chip guaranteeing that the pseudonym identification data cannot be rewritten by the user of the second communication device,verify whether the pseudonym identification data received from the second communication device is not registered,register said pseudonym identification data received from said second communication device through the interface when security chip verification verifies that the security chip is provided in the second communication device and the pseudonym identification data is not registered, andissue unique anonymous user identification data and key data corresponding to the unique anonymous user identification data to the user relating to the registration request when the verification verifies that the security chip is provided in the second communication device and the pseudonym identification data is not registered.

13. A data processing method executed by a server device, comprising:
- assigning single unique pseudonym identification data used to verify a security chip to each of a plurality of users;
  
  verifying that the security chip is present at a communication device by comparing first boot hash data generated in response to booting the communication device via a boot program of the communication device and received from the communication device with second identification data received from a second communication device, the first and second boot hash data identifying the first communication device, the security chip guaranteeing that the pseudonym identification data cannot be rewritten by the users of the first communication device;
  
  verifying whether the pseudonym identification data received from the first communication device is not registered;
  
  registering the pseudonym identification data received from the first communication device; and
  
  issuing unique anonymous user identification data and key data corresponding to the unique anonymous user identification data to the user relating to the registration request when determining at the first step that the security chip is provided in the first communication device and determining via registration verification that the pseudonym identification data is not registered.

14. A communication system comprising:
- a first communication device configured to transmit a registration request including first boot hash generated in response to booting the first communication device via a boot program of the first communication device data; and
  
  a second communication device configured to issue unique anonymous user identification data in accordance with the registration request received from the first communication device,the second communication device verifying whether a security chip is present at the first communication device by comparing the first boot hash data received from the first communication device with second identification data received from a third communication device, the first and second boot hash data identifying the first communication device, the security chip guaranteeing that hardware identification data cannot be rewritten by a user of the first communication device, by communicating with the first communication device through the interface,the second communication device verifying whether hardware identification data included in a registration request received from the first communication device is not registered, andthe second communication device registering the hardware identification data included in the registration request and issuing unique anonymous user identification data to the user when determining that the first communication device is provided with the security chip and that the hardware identification data is not registered.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.)
Original Assignee
Sony Corporation (Sony Group Corp.)
Inventors
Yasuda, Yasunori, Shinozaki, Ikuo
Primary Examiner(s)
Orgad, Edan
Assistant Examiner(s)
SCHMIDT, KARI L

Application Number

US11/115,120
Publication Number

US 20050268087A1
Time in Patent Office

2,995 Days
Field of Search

713/2, 713/176, 713/1, 713/168, 713/156, 713/182, 380/255, 380/258, 380/266, 380/270, 726/1, 726/27, 726/32, 726/34
US Class Current

713/2
CPC Class Codes

G06F 21/33 using certificates

Program, communication device, data processing method, and communication system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Program, communication device, data processing method, and communication system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links