Systems and methods for secure transaction management and electronic rights protection
First Claim
1. A system comprising:
- a host processing system comprising a central processing unit;
mass storage operatively connected to said central processing unita clock, wherein the value of the clock comprises high-order bits and low-order bits and the high-order bits change on time intervals of at least one hour;
a storage location containing an encrypted form of an expected execution time duration for a predetermined sequence of instructions; and
main memory operatively, connected to said central processing unit, wherein the main memory comprises instructions that, when executed by the central processing unit perform the following steps;
reading a first value of the clock prior to executing the predetermined sequence of instructions whose expected execution time duration is stored in encrypted form in the storage location;
executing the predetermined sequence of instructions whose expected execution time duration is stored in encrypted form in the storage location;
reading a second value of the clock subsequent to executing the predetermined sequence of instructions whose expected execution time duration is stored in encrypted form in the storage location;
calculating the actual execution time duration of the predetermined sequence of instructions by determining a difference between the first value of the clock and the second value of the clock;
separating the high-order bits of the second value of the clock from the low-order bits of the second value of the clock to form a first portion of the second value of the clock;
decrypting the encrypted form of the expected execution time duration of the predetermined sequence of instructions stored in the storage location with a decryption key comprising at least in part the first portion of the second value of the clock;
generating an unencrypted form of the expected execution time duration of the predetermined sequence of instructions and generating both the unencrypted form of the expected execution time duration and the actual execution time duration each at least in part from the second value of the clock; and
indicating whether the unencrypted form of the expected execution time duration of the predetermined sequence of instructions matches the actual execution time duration of the predetermined sequence of instructions.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides systems and methods for electronic commerce including secure transaction management and electronic rights protection. Electronic appliances such as computers employed in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Secure subsystems used with such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Secure distributed and other operating system environments and architectures, employing, for example, secure semiconductor processing arrangements that may establish secure, protected environments at each node. These techniques may be used to support an end-to-end electronic information distribution capability that may be used, for example, utilizing the “electronic highway.”
-
Citations
18 Claims
-
1. A system comprising:
-
a host processing system comprising a central processing unit; mass storage operatively connected to said central processing unit a clock, wherein the value of the clock comprises high-order bits and low-order bits and the high-order bits change on time intervals of at least one hour; a storage location containing an encrypted form of an expected execution time duration for a predetermined sequence of instructions; and main memory operatively, connected to said central processing unit, wherein the main memory comprises instructions that, when executed by the central processing unit perform the following steps; reading a first value of the clock prior to executing the predetermined sequence of instructions whose expected execution time duration is stored in encrypted form in the storage location; executing the predetermined sequence of instructions whose expected execution time duration is stored in encrypted form in the storage location; reading a second value of the clock subsequent to executing the predetermined sequence of instructions whose expected execution time duration is stored in encrypted form in the storage location; calculating the actual execution time duration of the predetermined sequence of instructions by determining a difference between the first value of the clock and the second value of the clock; separating the high-order bits of the second value of the clock from the low-order bits of the second value of the clock to form a first portion of the second value of the clock; decrypting the encrypted form of the expected execution time duration of the predetermined sequence of instructions stored in the storage location with a decryption key comprising at least in part the first portion of the second value of the clock; generating an unencrypted form of the expected execution time duration of the predetermined sequence of instructions and generating both the unencrypted form of the expected execution time duration and the actual execution time duration each at least in part from the second value of the clock; and indicating whether the unencrypted form of the expected execution time duration of the predetermined sequence of instructions matches the actual execution time duration of the predetermined sequence of instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A processing apparatus including
a central processing unit; -
main memory; a clock, wherein the value of the clock comprises high-order bits and low-order bits and the high-order bits change on time intervals of at least one hour; mass storage storing an encrypted form of an expected execution time duration for a predetermined sequence of instructions and tamper-resistant software designed to be loaded into said main memory and executed by said central processing unit, said tamper-resistant software including instructions that when executed cause the central processing unit to perform the steps of; generating values required for correct operation of at least certain functions of said processing apparatus, said values being generated pursuant to an algorithm which operates so as to render said values at least somewhat resistant to discovery by an unauthorized observer; using values from said clock to compare the duration of execution of said value generation programming to an expected value or range and set an indication depending on the result of said comparison by executing the following steps; reading a first value of the clock prior to executing the predetermined sequence of instructions whose expected execution time duration is stored in encrypted form in the mass storage; executing the predetermined sequence of instructions whose expected execution time duration is stored in encrypted form in the mass storage; reading a second value of the clock subsequent to executing the predetermined sequence of instructions whose expected execution time duration is stored in encrypted form in the mass storage and calculating the actual execution time duration of the predetermined sequence of instructions by determining a difference between the first value of the clock and the second value of the clock; separating the high-order bits of the second value of the clock from the low-order bits of the second value of the clock to form a first portion of the second value of the, clock decrypting the encrypted form of the expected execution time duration of the predetermined sequence of instructions stored in the mass storage with a decryption key comprising at least in part the first portion of the second value of the clock;
generating an unencrypted form of the expected execution time duration of the predetermined sequence of instructions, and generating both the unencrypted form of the expected execution time duration and the actual execution time duration each at least in part from the second value of the clock; and
indicating whether the unencrypted form of the expected execution time duration of the predetermined sequence of instructions matches the actual execution time duration ofthe predetermined sequence of instructions; and checking said indication and undertaking one or more security-related actions dependent on the state of said indication. - View Dependent Claims (16, 17, 18)
-
Specification