Rollback attack prevention system and method
First Claim
Patent Images
1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
- a non volatile memory device associated with and local to the gaming machine;
a configuration log stored in the non volatile memory device, wherein the configuration log includes a record of software changes that had been made on the gaming machine, protected against undetected modification; and
a revocation list stored in the memory device, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine, protected against undetected modification, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification;
wherein the inventory of unauthorized software includes at least software that was previously loaded on the gaming machine but later disabled or uninstalled after new software superseded it;
wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.
7 Assignments
0 Petitions
Accused Products
Abstract
A rollback attack prevention system 10 for a gaming machine 20 includes a configuration log 30 and a revocation list 40. Preferably, the configuration log 30 includes a protected record of software that has been installed on the gaming machine 20. Further, the revocation list 40 includes an inventory of unauthorized software that the prevention system 10 prevents from being installed and/or used on the gaming machine 20.
37 Citations
22 Claims
-
1. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
-
a non volatile memory device associated with and local to the gaming machine;
a configuration log stored in the non volatile memory device, wherein the configuration log includes a record of software changes that had been made on the gaming machine, protected against undetected modification; anda revocation list stored in the memory device, wherein the revocation list includes an inventory of unauthorized software that the prevention system blocks from being installed or used on the gaming machine, protected against undetected modification, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification; wherein the inventory of unauthorized software includes at least software that was previously loaded on the gaming machine but later disabled or uninstalled after new software superseded it; wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for preventing unauthorized installation and use of software on a gaming machine using a rollback attack prevention system, comprising:
-
establishing a configuration log and loading a revocation list into a non volatile memory storage device associated with and local to the gaming machine wherein establishing a configuration log into the non volatile memory storage device comprises storing a configuration log, wherein the configuration log includes a record of software that is currently installed on the gaming machine, and had been previously installed on the gaming machine, protected against undetected modification; using the revocation list to determine whether to disable or to permit continued use of existing software; in response to an attempt to load new software onto the gaming machine, using the revocation list to determine whether installation of the new software is permitted; in response to loading new software onto the gaming machine, adding software superseded by the new software to the revocation list; updating the configuration log as required; and updating the revocation list as required, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification; and wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A rollback attack prevention system that controls installation and use of software on a gaming machine, the system comprising:
-
memory storage device associated with and local to the gaming machine; a configuration log stored in the memory storage device, wherein the configuration log includes a record of software that is currently installed on the gaming machine, had been previously installed on the gaming machine, and was attempted to be installed on the gaming machine, protected against undetected modification, wherein the configuration log is stored in the memory storage device using digital signature verification such that unauthorized changes are easily identifiable; and a revocation list stored in the memory storage device, wherein the revocation list includes an inventory listing of unauthorized software, protected against undetected modification, that the prevention system prevents from being installed or used on the gaming machine, wherein the revocation list is stored in the memory storage device using digital signature verification such that unauthorized changes are easily identifiable, wherein the revocation list is updateable after each change to the software on the gaming machine, and wherein authorization for any such updates is verified using message authentication code and digital signature verification; wherein the inventory of unauthorized software includes at least software that was previously loaded on the gaming machine but later disabled or uninstalled after new software superseded it; wherein the authorization for these updates is verified in conjunction with the use of bKey electronic identifiers.
-
Specification