Computerized apparatus and method for version control and management

US 7,805,601 B2
Filed: 07/23/2007
Issued: 09/28/2010
Est. Priority Date: 02/02/2007
Status: Active Grant

First Claim

Patent Images

1. A computerized apparatus for version control and management, comprising:

at least one application agent having an operating system certificate issued by an operating system certificate authority, for obtaining a right object of a corresponding application;

a cryptography and boot loader, installed in a user device, and having a cryptography component, said cryptography and boot loader loading an operating system of said user device and an application, and storing a user key in said cryptography component; and

a control module on key usage, for checking whether versions of the loaded operating system and application meet a version requirement requested by said right object to determine if said user key should be accessed.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a computerized apparatus and method for version control and management. The apparatus includes a cryptography boot loader, a control module on key usage, and one or more agents. After the user'"'"'s device is powered on, the cryptography boot loader stores a user key, and checks an operating system (OS) certificate for an OS and an application certificate for an application to determine whether these certificates are valid. Then, a right object is obtained with a user certificate through an agent. The control module on key usage compares the OS version and the application version with the version required by the right object. The permission access to the user key is determined by the comparison result. This invention associates the cryptography component with the boot loader to develop a security mechanism performed by OS and application for using a secret key.

15 Citations

18 Claims

1. A computerized apparatus for version control and management, comprising:
- at least one application agent having an operating system certificate issued by an operating system certificate authority, for obtaining a right object of a corresponding application;
  
  a cryptography and boot loader, installed in a user device, and having a cryptography component, said cryptography and boot loader loading an operating system of said user device and an application, and storing a user key in said cryptography component; and
  
  a control module on key usage, for checking whether versions of the loaded operating system and application meet a version requirement requested by said right object to determine if said user key should be accessed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus as claimed in claim 1, wherein each of said at least one application agent is a digital content management agent.
  - 3. The apparatus as claimed in claim 1, wherein said at least one application agent further comprises:
    - a digital right management (DRM) agent, for accessing said right object; and
      
      an apply agent, for requesting a user certificate to a DRM right authority.
  - 4. The apparatus as claimed in claim 3, wherein said at least one application agent further includes a time agent for providing a time protocol.
  - 5. The apparatus as claimed in claim 4, wherein said time agent has a clock and a random number generator.
  - 6. The apparatus as claimed in claim 1, wherein said control module on key usage is software bounded together with said operating system.
  - 7. The apparatus as claimed in claim 1, wherein said control module on key usage is hardware bounded together with said cryptography component.
  - 8. The apparatus as claimed in claim 1, wherein said cryptography and boot loader has a time flag for determining whether to execute time confirmation.

9. A computerized method for version control and management, applicable to digital right management of digital contents, said method comprising the steps of:
- storing a user key and checking the validity of an operating system certificate of an operating system issued by an operating system certificate authority to determine whether to load said operating system;
  
  checking the validity of an application certificate of an application to determine whether to load said application;
  
  obtaining a right object through a corresponding application agent by using a user certificate;
  
  checking whether versions of a loaded operating system and a loaded application meet a version requirement requested by said right object; and
  
  determining whether to allow access to said user key.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 10. The method as claimed in claim 9, wherein said version requirement requested by said right object is minimum versions required by a right issuer.
  - 11. The method as claimed in claim 9, wherein checking whether versions of a loaded operating system and a loaded application meet a version requirement requested by said right object is executed in a zone of a core of said operating system.
  - 12. The method as claimed in claim 9, wherein checking whether versions of a loaded operating system and a loaded application meet a version requirement requested by said right object is executed in a zone of a core of a basic input output system.
  - 13. The method as claimed in claim 9, wherein said method further includes a time control process.
  - 14. The method as claimed in claim 13, wherein said time control process further includes the following steps of:
    - generating a first random number, recording a starting time of a clock, and transmitting said first random number and said starting time to a time center;
      
      receiving a time certificate returned by said time center, said time certificate at least comprising a second random number, a current time, and a signature signed by said time center;
      
      recording an ending time of said clock, and computing a time length; and
      
      determining whether to set the time on said clock as said current time on said time certificate.
  - 15. The method as claimed in claim 9, a user is not allowed to use a new right object and a content object corresponding to said new right object if said operating system certificate or said application certificate is invalid.
  - 16. The method as claimed in claim 9, a user is not allowed to use a new right object and a content object corresponding to said new right object if the versions of said loaded operating system and said loaded application do not meet said version requirement.
  - 17. The method as claimed in claim 9, wherein said application certificate is signed by an operating system vendor.
  - 18. The method as claimed in claim 13, wherein time control process is executed after a user device is booted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Industrial Technology Research Institute
Original Assignee
Industrial Technology Research Institute
Inventors
Chiou, Shin-Yan, Tseng, Yaudeh
Primary Examiner(s)
BUTLER, DENNIS

Application Number

US11/781,943
Publication Number

US 20080189542A1
Time in Patent Office

1,163 Days
Field of Search

713/1, 713/2, 713/100, 713/156, 713/168, 713/175
US Class Current

713/2
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/57   Certifying or maintaining t...

G06F 21/575   Secure boot

G06F 21/62   Protecting access to data v...

G06F 21/725   operating on a secure refer...

Computerized apparatus and method for version control and management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Computerized apparatus and method for version control and management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links