Rollback attack prevention system and method

US 7,907,729 B2
Filed: 04/30/2004
Issued: 03/15/2011
Est. Priority Date: 09/13/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:

a non volatile memory device associated with and local to the gaming machine;

a configuration log stored in the non volatile memory device, wherein the configuration log includes a record of software changes that had been made on the gaming machine, protected against undetected modification; and

a revocation list stored in the memory device, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine, protected against undetected modification, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification;

wherein the inventory of unauthorized software includes at least software that was previously loaded on the gaming machine but later disabled or uninstalled after new software superseded it;

wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A rollback attack prevention system 10 for a gaming machine 20 includes a configuration log 30 and a revocation list 40. Preferably, the configuration log 30 includes a protected record of software that has been installed on the gaming machine 20. Further, the revocation list 40 includes an inventory of unauthorized software that the prevention system 10 prevents from being installed and/or used on the gaming machine 20.

37 Citations

View as Search Results

22 Claims

1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
- a non volatile memory device associated with and local to the gaming machine;
  
  a configuration log stored in the non volatile memory device, wherein the configuration log includes a record of software changes that had been made on the gaming machine, protected against undetected modification; and
  
  a revocation list stored in the memory device, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine, protected against undetected modification, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification;
  
  wherein the inventory of unauthorized software includes at least software that was previously loaded on the gaming machine but later disabled or uninstalled after new software superseded it;
  
  wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is DSA encryption.
  - 3. The system of claim 1, wherein the non-volatile memory storage device is protected using digital signature verification, and wherein the digital signature verification is RSA encryption.
  - 4. The system of claim 1, wherein the revocation list is used to verify that new software is authorized for installation on the gaming machine, wherein installation and use of new software is not permitted if the new software is found on the revocation list, and wherein installation and use of new software is permitted if the new software is not found on the revocation list.
  - 5. The system of claim 4, wherein the revocation list is used to verify that existing software on the gaming machine is authorized for continued use on the gaming machine, wherein existing software that is listed on the revocation list is disabled for use on the gaming machine, and wherein existing software that is not on the revocation list continues to be enabled for use on the gaming machine.
  - 6. The system of claim 5, wherein disabling of existing software includes uninstalling the software on the gaming machine.
  - 7. The system of claim 1, further comprising an installation medium drive for loading software on the gaming machine from an installation medium.
  - 8. The system of claim 7, wherein the installation medium includes an updated revocation list.
  - 9. The system of claim 7, wherein the installation medium includes updates for the configuration log.

10. A method for preventing unauthorized installation and use of software on a gaming machine using a rollback attack prevention system, comprising:
- establishing a configuration log and loading a revocation list into a non volatile memory storage device associated with and local to the gaming machine wherein establishing a configuration log into the non volatile memory storage device comprises storing a configuration log, wherein the configuration log includes a record of software that is currently installed on the gaming machine, and had been previously installed on the gaming machine, protected against undetected modification;
  
  using the revocation list to determine whether to disable or to permit continued use of existing software;
  
  in response to an attempt to load new software onto the gaming machine, using the revocation list to determine whether installation of the new software is permitted;
  
  in response to loading new software onto the gaming machine, adding software superseded by the new software to the revocation list;
  
  updating the configuration log as required; and
  
  updating the revocation list as required, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification; and
  
  wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 11. The method of claim 10, wherein establishing a revocation list into a memory storage device comprises:
    - loading a revocation list, wherein the revocation list indicates software that is unauthorized for installation and use on the gaming machine.
  - 12. The method of claim 10, whereinestablishing a configuration log comprises scanning the configuration history of the gaming machine, andloading an initial revocation list comprises loading a revocation list from an installation medium onto the memory storage device associated with the gaming machine.
  - 13. The method of claim 10, wherein the configuration log is updated by the system in response to an attempted or actual software installation on the gaming machine.
  - 14. The method of claim 10, wherein an installation medium drive and a installation medium containing the new software are used to attempt to load new software on the gaming machine.
  - 15. The method of claim 10, wherein updating the revocation list comprises:
    - downloading a revocation list update, wherein the revocation list update includes information regarding software authorization criteria for installation and use on the gaming machine; and
      
      saving the updated revocation list to the memory storage device.
  - 16. The method of claim 10, further comprising:
    - checking an updated revocation list for new software to determine whether new software is authorized for installation and use on the gaming machine.
  - 17. The method of claim 16, wherein installation of the new software is permitted if the new software is not on the updated revocation list.
  - 18. The method of claim 10, wherein installation of the new software is not permitted if the new software is on the updated revocation list.
  - 19. The method of claim 10, further comprising:
    - checking an updated revocation list for existing software to determine whether continued use of existing software on the gaming machine is authorized, wherein the existing software is disabled if the existing software is on the updated revocation list, wherein the disabling of the existing software includes uninstallinq the existing software from the gaming machine.
  - 20. The method of claim 19, wherein continued use of the existing software is authorized if the existing software is not on the updated revocation list.
  - 21. The method of claim 10, wherein updating the configuration log comprises:
    - saving data regarding at least the installation of new software on the gaming machine; and
      
      saving data regarding disablement, if any, of existing software on the gaming machine.

22. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
- memory storage device associated with and local to the gaming machine;
  
  a configuration log stored in the memory storage device, wherein the configuration log includes a record of software that is currently installed on the gaming machine, had been previously installed on the gaming machine, and was attempted to be installed on the gaming machine, protected against undetected modification, wherein the configuration log is stored in the memory storage device using digital signature verification such that unauthorized changes are easily identifiable; and
  
  a revocation list stored in the memory storage device, wherein the revocation list includes an inventory listing of unauthorized software, protected against undetected modification, that the prevention system prevents from being installed or used on the gaming machine, wherein the revocation list is stored in the memory storage device using digital signature verification such that unauthorized changes are easily identifiable, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification;
  
  wherein the inventory of unauthorized software includes at least software that was previously loaded on the gaming machine but later disabled or uninstalled after new software superseded it;
  
  wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sg Gaming, Inc. (Scientific Games Corporation)
Original Assignee
Bally Gaming Incorporated (Scientific Games Corporation)
Inventors
Carman, David, Hein, Marv, Morrow, James
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Traore; Fatoumata

Application Number

US10/837,209
Publication Number

US 20050044401A1
Time in Patent Office

2,510 Days
Field of Search

726/26, 726/30
US Class Current

380/251
CPC Class Codes

G06F 11/006   Identification G06F11/2289 ...

G06F 11/0748   in a remote unit communicat...

G06F 11/2289   by configuration test

G06F 11/2294   by remote test

G11C 2029/4402   Internal storage of test re...

H04L 9/3247   involving digital signatures

H04L 9/3268   using certificate validatio...

Rollback attack prevention system and method

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

37 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Rollback attack prevention system and method

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others