Protection of software on portable medium

US 8,667,604 B2
Filed: 09/13/2007
Issued: 03/04/2014
Est. Priority Date: 09/13/2007
Status: Active Grant

First Claim

Patent Images

1. A machine-implemented method for preventing unauthorized use of executable software stored on a rewritable removable medium, the machine-implemented method comprising:

executing, by a host processing device to which the rewritable removable medium is removably attached, a first portion of the executable software directly from the rewritable removable medium without installing the first portion of the executable software on the host processing device in order to obtain information from the rewritable removable medium, wherein the obtained information includes at least one of a type of the rewritable removable medium, a brand of the rewritable removable medium, a manufacturer of the rewritable removable medium, or an identifier of the rewritable removable medium;

determining, by the host processing device, whether execution of a second portion of the executable software directly from the rewritable removable medium is permitted based on the information obtained from the rewritable removable medium, the determining whether execution of the second portion of the executable software directly from the rewritable removable medium is permitted further comprises;

submitting, by the host processing device to an embedded processing device of the rewritable removable medium, an unsigned data object for the embedded processing device to sign with a private key, wherein the private key is inaccessible to the host processing device;

receiving, by the host processing device, the signed copy of the data object from the embedded processing;

processing the received signed copy of the data object with a public key that is accessible to the host processing device;

comparing the unsigned copy of the data object to the processed signed copy of the data object; and

determining, by the host processing device, whether the execution of the second portion of the executable software directly from the rewritable removable medium is permitted based on the at least one determined type of the rewritable removable medium, the brand of the rewritable removable medium, the manufacturer of the rewritable removable medium, or the identifier of the rewritable removable medium; and

selectively executing, by the host processing device, the second portion of the executable software with unaltered behavior directly from the rewritable removable medium based on the comparison of the unsigned copy of the data object to the processed signed copy of the data object.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A portable rewritable medium and a method are provided for preventing unauthorized use of executable software stored on the portable rewritable medium. A portion of the software stored on the portable rewritable medium may include instructions for a processing device to determine whether execution of the executable software is permitted. If execution of the executable software is permitted, the processing device may execute the executable software directly from the portable rewritable medium. Characteristics of the portable rewritable medium may be checked to determine whether functionality of the executable software is to be limited.

24 Citations

View as Search Results

20 Claims

1. A machine-implemented method for preventing unauthorized use of executable software stored on a rewritable removable medium, the machine-implemented method comprising:
- executing, by a host processing device to which the rewritable removable medium is removably attached, a first portion of the executable software directly from the rewritable removable medium without installing the first portion of the executable software on the host processing device in order to obtain information from the rewritable removable medium, wherein the obtained information includes at least one of a type of the rewritable removable medium, a brand of the rewritable removable medium, a manufacturer of the rewritable removable medium, or an identifier of the rewritable removable medium;
  
  determining, by the host processing device, whether execution of a second portion of the executable software directly from the rewritable removable medium is permitted based on the information obtained from the rewritable removable medium, the determining whether execution of the second portion of the executable software directly from the rewritable removable medium is permitted further comprises;
  
  submitting, by the host processing device to an embedded processing device of the rewritable removable medium, an unsigned data object for the embedded processing device to sign with a private key, wherein the private key is inaccessible to the host processing device;
  
  receiving, by the host processing device, the signed copy of the data object from the embedded processing;
  
  processing the received signed copy of the data object with a public key that is accessible to the host processing device;
  
  comparing the unsigned copy of the data object to the processed signed copy of the data object; and
  
  determining, by the host processing device, whether the execution of the second portion of the executable software directly from the rewritable removable medium is permitted based on the at least one determined type of the rewritable removable medium, the brand of the rewritable removable medium, the manufacturer of the rewritable removable medium, or the identifier of the rewritable removable medium; and
  
  selectively executing, by the host processing device, the second portion of the executable software with unaltered behavior directly from the rewritable removable medium based on the comparison of the unsigned copy of the data object to the processed signed copy of the data object.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The machine-implemented method of claim 1, wherein:
    - the obtained information also includes at least one characteristic of the rewritable removable medium, andthe determining, by the host processing device, whether execution of the second portion of the executable software directly from the rewritable removable medium is permitted further comprises;
      
      determining, by the host processing device, whether the execution of the second portion of the executable software directly from the rewritable removable medium is permitted based also on the at least one determined characteristic of the rewritable removable medium.
  - 3. The machine-implemented method of claim 1, wherein the at least one characteristic includes at least one of a speed of the rewritable removable medium, a security feature of the rewritable removable medium, or a storage capacity of the rewritable removable medium.
  - 4. The machine-implemented method of claim 1, further comprising:
    - sending, by the host processing device to a server computing device, information identifying a product including the second portion of the executable software stored on the rewritable removable medium; and
      
      receiving, by the host processing device, a response from the server computing device in response to the sending of the information to the server computing device, whereinthe determining, by the host processing device, whether execution of the second portion of the executable software directly from the rewritable removable medium is permitted further comprises;
      
      determining, by the host processing device, whether the execution of the second portion of the executable software directly from the rewritable removable medium is permitted based also on the received response from the server computing device.
  - 5. The machine-implemented method of claim 1, further comprising:
    - determining at least one characteristic of the host processing device to which the rewritable removable medium is currently associated, anddetermining whether the execution, by the host processing device, of the second portion of the executable software stored on the rewritable removable medium is permitted based also on the at least one characteristic of the host processing device.
  - 6. The machine-implemented method of claim 1, further comprising:
    - extracting, from the host processing device to which the rewritable removable medium is removably attached, information for identifying the host processing device, anddetermining whether the execution of the second portion of the executable software stored on the rewritable removable medium is permitted based also on the information for identifying the host processing device.
  - 7. The machine-implemented method of claim 1, further comprising:
    - verifying an existence of a valid tamper proof identifier on the host processing device to which the rewritable removable medium is currently associated, anddetermining whether the execution, by the host processing device, of the second portion of the executable software stored on the rewritable removable medium is permitted based also on the verifying of the existence of the valid tamper proof identifier on the host processing device.
  - 8. The machine-implemented method of claim 1, further comprising:
    - altering functionality of the second portion of the executable software based, at least in part, on at least one determined characteristic of the rewritable removable medium included in the obtained information.

9. A portable machine-readable storage medium having executable software recorded thereon, a first portion of the executable software comprising:
- instructions for a processing device to obtain information from the portable machine-readable medium while the portable machine-readable storage medium is removably attached to the processing device, wherein the obtained information includes at least one of a type of the portable machine-readable medium, a brand of the portable machine-readable medium, a manufacturer of the portable machine-readable medium, or an identifier of the portable machine-readable medium;
  
  instructions for the processing device to determine whether a second portion of the executable software stored on the portable machine-readable storage medium is permitted to be executed by the processing device based on the obtained information from the portable machine-readable storage medium, the instructions for the processing device to determine whether the second portion of the executable software stored on the portable machine-readable storage medium is permitted to be executed by the processing device further comprises;
  
  instructions for the processing device to submit an unsigned data object to an embedded processing device of the portable machine-readable storage medium for the embedded processing device to sign with a private key that is inaccessible to the processing device;
  
  instructions for the processing device to receive the signed copy of the data object from the embedded processing device;
  
  instructions for the processing device to process the received signed copy of the data object with a public key that is accessible to the processing device;
  
  instructions for the processing device to compare the unsigned copy of the data object to the processed signed copy of the data object; and
  
  instructions for the processing device to determine whether the execution of the second portion of the executable software directly from the portable machine-readable medium is permitted based on the at least one determined type of the portable machine-readable medium, the brand of the portable machine-readable medium, the manufacturer of the portable machine-readable medium, or the identifier of the portable machine-readable medium; and
  
  instructions for the processing device to permit selective execution of the second portion of the executable software, with unaltered behavior, if the execution of the second portion of the executable software stored on the portable machine-readable storage medium is determined, by the processing device, to be permitted based on the comparison of the unsigned copy of the data object to the processed signed copy of the data object, the second portion of the executable software stored on the portable machine-readable storage medium being arranged to be executed, by the processing device, directly from the portable machine-readable storage medium.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The portable machine-readable storage medium of claim 9, wherein:
    - the obtained information also includes a characteristic of the portable machine-readable storage medium, andthe instructions for the processing device to determine whether the second portion of executable software stored on the portable machine-readable storage medium is permitted to be executed by the processing device based also on the obtained information from the portable machine-readable medium further comprises;
      
      instructions for the processing device to determine whether the characteristic of the portable machine-readable storage medium has a specific value or has a value within a predetermined range, execution of the second portion of the executable software with the unaltered behavior to be permitted only when the characteristic of the portable machine-readable storage medium has the specific value or has the value within the predetermined range.
  - 11. The portable machine-readable medium of claim 9, wherein the first portion of the executable software further comprises:
    - instructions for the processing device to send product information to a server,instructions for receiving, by the processing device, a server response responsive to the sending of the product information, andinstructions for determining, by the processing device, whether the second portion of the executable software stored on the portable machine-readable storage medium is permitted to be executed by the processing device based also on the received server response.
  - 12. The portable machine-readable storage medium of claim 9, wherein the instructions for the at least one processor of the host processing device to compare the unsigned copy of the data object to the processed signed copy of the data object are instructions for the processing device to determine whether the signed copy of the data object has a valid signature that indicates that the execution of the first portion of the executable software stored on the portable machine-readable storage medium is permitted, with unaltered behavior, by the processing device.
  - 13. The portable machine-readable storage medium of claim 9, wherein:
    - the obtained information also includes previously-stored processing device information, andthe instructions for the processing device to determine whether the second portion of the executable software stored on the portable machine-readable storage medium is permitted to be executed by the processing device based on the obtained information from the portable machine-readable medium further comprise;
      
      instructions for the processing device to determine whether previously-stored processing device information included on the portable machine-readable storage medium matches information regarding the processing device, the second portion of the executable software stored on the portable machine-readable storage medium being determined to be permitted to be executed, with the unaltered behavior, by the processing device if the previously-stored processing device information included in the obtained information matches the information regarding the processing device.
  - 14. The portable machine-readable storage medium of claim 9, further comprising:
    - instructions for determining at least one characteristic of the portable machine-readable storage medium, andinstructions for altering functionality of the second portion of the executable software based on the at least one determined characteristic of the portable machine-readable storage medium.
  - 15. The portable machine-readable storage medium of claim 9, further comprising:
    - instructions for determining at least one characteristic of the portable machine-readable storage medium, andinstructions for altering functionality of the second portion of the executable software based on the at least one determined characteristic of the portable machine-readable storage medium, whereinthe at least one characteristic includes at least one of a speed of the portable machine-readable storage medium, a security feature of the portable machine-readable storage medium, or a storage capacity of the portable machine-readable storage medium.

16. A portable machine-readable and machine-writable storage medium having executable software recorded thereon for at least one processor of a host processing device, a first portion of the executable software comprising:
- instructions, for the at least one processor of the host processing device to which the portable machine-readable and machine writable storage medium is removably attached, to obtain information from the portable machine-readable and machine writable storage medium, the first portion of the executable software stored on the portable machine-readable and machine-writable storage medium being arranged to be executed directly by the at least one processor of the host processing device without installing the first portion of the executable software on the host processing device, wherein the obtained information includes at least one of a type of the portable machine-readable and machine writable storage medium, a brand of the portable machine-readable and machine writable storage medium, a manufacturer of the portable machine-readable and machine writable storage medium, or an identifier of the portable machine-readable and machine writable storage medium;
  
  instructions for determining at least one characteristic of the portable machine-readable and machine-writable storage medium based on the obtained type of the portable machine-readable and machine writable storage medium, brand of the portable machine-readable and machine writable storage medium, manufacturer of the portable machine-readable and machine writable storage medium, and/or identifier of the portable machine-readable and machine writable storage medium;
  
  instructions for the at least one processor of the host processing device to submit an unsigned data object to an embedded processing device of the portable machine-readable and machine-writable storage medium for signing of the data object with a private key that is inaccessible to the processing device by the embedded processing device of the portable machine-readable and machine-writable storage medium;
  
  instructions for the at least one processor of the host processing device to receive a signed copy of the data object from the embedded processing device of the portable machine-readable and machine-writable storage medium, in response to submitting the data object to the embedded processing device;
  
  instructions for the at least one processor of the host processing device to process the signed copy of the data object with a public key that is accessible to the host processing device;
  
  instructions for the at least one processor of the host processing device to compare the unsigned copy of the data object to the processed signed copy of the data object; and
  
  instructions for the at least one processor of the host processing device to selectively alter a functionality of a second portion of the executable software based on the determined at least one characteristic of the portable machine-readable and machine-writable storage medium and on the comparison of the unsigned copy of the data object to the processed signed copy of the data object.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The portable machine-readable and machine-writable storage medium of claim 16, wherein the instructions for the at least one processor of the host processing device to selectively alter the functionality of the second portion of the executable software further comprise:
    - instructions for the at least one processor of the host processing device to prevent execution of the second portion of the executable software.
  - 18. The portable machine-readable and machine-writable storage medium of claim 16, wherein the instructions for the at least one processor of the host processing device to selectively alter the functionality of the second portion of the executable software further comprises:
    - instructions for the at least one processor of the host processing device to permit execution of some functions of the second portion of the executable software, andinstructions for the at least one processor of the host processing device to prevent execution of other functions of the second portion of the executable software.
  - 19. The portable machine-readable and machine-writable storage medium of claim 16, further comprising:
    - instructions for the at least one processor of the host processing device to verify an existence of a valid tamper proof identifier associated with the host processing device; and
      
      instructions for preventing the executing of the second portion of the executable software by the at least one processor of the host processing device as a result of a failure to verify the existence of the valid tamper proof identifier.
  - 20. The portable machine-readable and machine-writable storage medium of claim 16, further comprising:
    - instructions for the at least one processor of the host processing device to determine a speed of reading and writing with respect to the portable machine-readable and machine-writable storage medium; and
      
      instructions for the at least one processor of the host processing device to limit a speed of execution of instructions of the second portion of the executable software based, at least in part, on the determined speed of reading and writing with respect to the portable machine-readable and machine-writable storage medium.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Karki, Mukesh, Atas, Yusuf, Sareen, Bhrighu, Unal, Serdar
Primary Examiner(s)
Orgad, Edan
Assistant Examiner(s)
Kabir, Jahangir

Application Number

US11/854,565
Publication Number

US 20090077671A1
Time in Patent Office

2,364 Days
Field of Search

726 26- 30, 711/100, 711/101, 711/115
US Class Current

726/27
CPC Class Codes

G06F 21/1014 to tokens

G06F 21/125 by manipulating the program...

Protection of software on portable medium

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Protection of software on portable medium

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links