Systems and methods for secure transaction management and electronic rights protection

US 8,291,238 B2
Filed: 07/12/2007
Issued: 10/16/2012
Est. Priority Date: 08/30/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A secure processing unit comprising a processor and security-relevant components, the security-relevant components including:

an encryption/decryption engine;

a random number generator;

secure memory comprising a plurality of domains, wherein the processor is associated with a particular domain while executing a process;

secure processor mode-enabling hardware or software configured to cause the processor to enter a secure processor mode, the secure processor mode-enabling hardware or software including;

component-accessing hardware or software configured to provide the processor with access to at least a portion of the secure memory and the security-relevant components while the processor operates in the secure processor mode;

component-accessing hardware or software configured to prevent the processor from accessing memory other than the secure memory while the processor operates in the secure processor mode;

secure code execution hardware or software configured to cause the processor to fetch and execute instructions from the secure memory while the processor operates in the secure processor mode and the processor to fetch and execute instructions from other than the secure memory while the processor does not operate in the secure processor mode;

secure code execution hardware or software configured to prevent the processor, while executing the process, from directly accessing at least the portion of the secure memory outside the particular domain and to allow the processor to indirectly access the portion of the secure memory outside the particular domain by interfacing with an operating system function;

secure code execution hardware or software configured to prevent the processor from fetching and executing instructions from memory other than the secure memory while the processor operates in the secure processor mode and from the secure memory while the processor does not operate in the secure processor mode;

external access blocking hardware or software configured to block attempts to access at least the portion of the secure memory that originate from outside the secure processing unit; and

secure processor mode-disabling hardware or software configured to cause the processor to exit the secure processor mode, the secure processor mode-disabling hardware or software including hardware or software configured to block access to at least the portion of the secure memory and the security-relevant components and to provide access to at least the portion of memory other than the secure memory while the processor does not operate in the secure processor mode.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides systems and methods for electronic commerce including secure transaction management and electronic rights protection. Electronic appliances such as computers employed in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Secure subsystems used with such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Secure distributed and other operating system environments and architectures, employing, for example, secure semiconductor processing arrangements that may establish secure, protected environments at each node. These techniques may be used to support an end-to-end electronic information distribution capability that may be used, for example, utilizing the “electronic highway.”

338 Citations

42 Claims

1. A secure processing unit comprising a processor and security-relevant components, the security-relevant components including:
- an encryption/decryption engine;
  
  a random number generator;
  
  secure memory comprising a plurality of domains, wherein the processor is associated with a particular domain while executing a process;
  
  secure processor mode-enabling hardware or software configured to cause the processor to enter a secure processor mode, the secure processor mode-enabling hardware or software including;
  
  component-accessing hardware or software configured to provide the processor with access to at least a portion of the secure memory and the security-relevant components while the processor operates in the secure processor mode;
  
  component-accessing hardware or software configured to prevent the processor from accessing memory other than the secure memory while the processor operates in the secure processor mode;
  
  secure code execution hardware or software configured to cause the processor to fetch and execute instructions from the secure memory while the processor operates in the secure processor mode and the processor to fetch and execute instructions from other than the secure memory while the processor does not operate in the secure processor mode;
  
  secure code execution hardware or software configured to prevent the processor, while executing the process, from directly accessing at least the portion of the secure memory outside the particular domain and to allow the processor to indirectly access the portion of the secure memory outside the particular domain by interfacing with an operating system function;
  
  secure code execution hardware or software configured to prevent the processor from fetching and executing instructions from memory other than the secure memory while the processor operates in the secure processor mode and from the secure memory while the processor does not operate in the secure processor mode;
  
  external access blocking hardware or software configured to block attempts to access at least the portion of the secure memory that originate from outside the secure processing unit; and
  
  secure processor mode-disabling hardware or software configured to cause the processor to exit the secure processor mode, the secure processor mode-disabling hardware or software including hardware or software configured to block access to at least the portion of the secure memory and the security-relevant components and to provide access to at least the portion of memory other than the secure memory while the processor does not operate in the secure processor mode.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The secure processing unit of claim 1, in which the external access blocking hardware or software comprises hardware or software configured to block direct memory access (DMA) accesses.
  - 3. The secure processing unit of claim 1, in which the secure code execution hardware or software comprises code authentication hardware or software configured to authenticate code modules.
  - 4. The secure processing unit of claim 3, in which the code authentication hardware or software comprises hardware or software configured to block execution of a code module if the code module is not authenticated.
  - 5. The secure processing unit of claim 3, in which the code authentication hardware or software comprises digital signature verification hardware or software configured to authenticate a code module by verifying a digital signature on the code module.
  - 6. The secure processing unit of claim 1, in which the secure processor mode-disabling hardware or software comprises memory invalidation hardware or software configured to clear or invalidate one or more memory or register locations.
  - 7. The secure processing unit of claim 1, in which the processor comprises a central processing unit (CPU), microprocessor, or microcontroller.

8. An electronic appliance, the electronic appliance comprising:
- a secure processing unit, the secure processing unit comprising;
  
  a processor;
  
  internal memory comprising a plurality of domains, wherein the processor is associated with a particular domain while executing a process;
  
  secure processor mode-enabling hardware or software configured to cause the processor to enter a secure processor mode, the secure processor mode-enabling hardware or software including;
  
  accessing hardware or software configured to provide the processor with access to at least a portion of the internal memory while the processor operates in the secure processor mode;
  
  accessing hardware or software configured to prevent the processor from accessing memory other than the internal memory while the processor operates in the secure processor mode;
  
  secure code execution hardware or software configured to cause the processor to fetch and execute instructions from the internal memory while the processor operates in the secure processor mode and from other than the internal memory while the processor does not operate in the secure processor mode;
  
  secure code execution hardware or software configured to prevent the processor, while executing the process, from directly accessing at least a portion of the internal memory outside the particular domain and to allow the processor to indirectly access the portion of the internal memory outside the particular domain by interfacing with an operating system function;
  
  secure code execution hardware or software configured to prevent the processor from fetching and executing instructions from memory other than the internal memory while the processor operates in the secure processor mode and the processor to fetch and execute instructions from the internal memory while the processor does not operate in the secure processor mode;
  
  external access blocking hardware or software configured to block attempts to access at least the portion of the internal memory that originate from outside the secure processing unit; and
  
  secure processor mode-disabling hardware or software configured to cause the processor to exit the secure processor mode, the secure processor mode-disabling hardware or software including hardware or software configured to block access to at least the portion of the internal memory and provide access to at least the portion of memory other than the secure memory while the processor does not operate in the secure processor mode.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 9. The electronic appliance of claim 8, further comprising one or more computer-readable mediums external to the secure processing unit, the computer-readable mediums storing at least rights management software comprising programming configured to apply one or more electronic controls to govern usage of an electronic content item, at least part of the programming designed to cause the secure processing unit to access information required for usage of the electronic content item.
  - 10. The electronic appliance of claim 9, wherein the one or more electronic controls specify one or more permitted or prohibited uses of the electronic content item.
  - 11. The electronic appliance of claim 10, in which at least one of the one or more electronic controls specifies at least one condition associated with a permitted use of the electronic content item.
  - 12. The electronic appliance of claim 11, in which the at least one condition comprises an indication that the permitted use may be made only for a certain time period.
  - 13. The electronic appliance of claim 11, in which the at least one condition comprises an indication that the permitted use may be exercised only by a certain user or class of users.
  - 14. The electronic appliance of claim 11, in which the at least one condition comprises a requirement that auditing information be collected regarding the permitted use.
  - 15. The electronic appliance of claim 8, further comprising:
    - a display;
      
      a keyboard; and
      
      a network connection.
  - 16. The electronic appliance of claim 8, in which the electronic appliance is selected from a group consisting of:
    - a computer, a television set-top box, a pager, a telephone, and a video game player.
  - 17. The electronic appliance of claim 9, in which the information required for usage of the electronic content item comprises a first cryptographic key, and in which a second cryptographic key is stored in the internal memory of the secure processing unit, the second cryptographic key being operable to directly or indirectly enable access to the first cryptographic key.

18. A processing unit comprising:
- a processor;
  
  internal memory comprising a plurality of domains, wherein the processor is associated with a particular domain while executing a process;
  
  secure processor mode-enabling hardware or software configured to cause the processor to enter a secure processor mode, the secure processor mode-enabling hardware or software including;
  
  accessing hardware or software configured to provide the processor with access to at least a portion of the internal memory while the processor operates in the secure processor mode;
  
  accessing hardware or software configured to prevent the processor from accessing memory other than the internal memory while the processor operates in the secure processor mode;
  
  secure code execution hardware or software configured to cause the processor to fetch and execute instructions from the internal memory while the processor operates in the secure processor mode and the processor to fetch and execute instructions from other than the internal memory while the processor does not operate in the secure processor mode;
  
  secure code execution hardware or software configured to prevent the processor, while executing the process, from directly accessing at least a portion of the internal memory outside the particular domain and to allow the processor to indirectly access the portion of the internal memory outside the particular domain by interfacing with an operating system function;
  
  secure code execution hardware or software configured to prevent the processor from fetching and executing instructions from memory other than the internal memory while the processor operates in the secure processor mode and from the internal memory while the processor does not operate in secure processor mode;
  
  external access blocking hardware or software configured to block attempts to access at least the portion of the internal memory that originate from outside the secure processing unit; and
  
  secure processor mode-disabling hardware or software configured to cause the processor to exit the secure processor mode, the secure processor mode-disabling hardware or software including hardware or software configured to block access to at least the portion of the internal memory and to provide access to at least the portion of memory other than the secure memory while the processor does not operate in the secure processor mode.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
- - 19. The processing unit of claim 18, in which the external access blocking hardware or software comprises hardware or software configured to block direct memory access (DMA) accesses.
  - 20. The processing unit of claim 18, in which the secure code execution hardware or software comprises code authentication hardware or software configured to authenticate code modules.
  - 21. The processing unit of claim 20, in which the code authentication hardware or software comprises hardware or software configured to block execution of a code module if the code module is not authenticated.
  - 22. The processing unit of claim 20, in which the code authentication hardware or software comprises digital signature verification hardware or software configured to authenticate a code module by verifying a digital signature on the code module.
  - 23. The processing unit of claim 18, in which the secure processor mode-disabling hardware or software comprises memory invalidation hardware or software configured to clear or invalidate memory or register locations.
  - 24. The processing unit of claim 18, further comprising a tamper-resistant housing.
  - 25. The processing unit of claim 18, in which the processing unit comprises an integrated circuit chip.

26. A processing unit comprising:
- a processor;
  
  internal memory comprising a plurality of domains, wherein the processor is associated with a particular domain while executing a process;
  
  secure processor mode-enabling means for causing the processor to enter a secure processor mode, the secure processor mode-enabling means including;
  
  means for providing the processor with access to at least a portion of the internal memory while the processor operates in the secure processor mode;
  
  means for preventing the processor from accessing memory other than the internal memory while the processor operates in the secure processor mode;
  
  means for causing the processor to fetch and execute instructions from the internal memory while the processor operates in the secure processor mode and the processor to fetch and execute instructions from other than the internal memory while the processor does not operate in the secure processor mode;
  
  means for preventing the processor, while executing the process, from directly accessing at least a portion of the secure memory outside the particular domain and for allowing the processor to indirectly access the portion of the secure memory outside the particular domain by interfacing with an operating system function;
  
  means for preventing the processor from fetching and executing instructions from memory other than the internal memory while the processor operates in the secure processor mode and from the internal memory while the processor does not operate in the secure processor mode;
  
  secure processor external access blocking means for blocking attempts to access at least the portion of the internal memory that originate from outside the secure processor; and
  
  secure processor mode-disabling means for causing the processor to exit the secure processor mode, the secure processor mode-disabling means including means for blocking access to at least the portion of the internal memory and for allowing access to memory other than the internal memory while the processor does not operate in the secure processor mode.
- View Dependent Claims (27, 28, 29, 30, 31, 32)
- - 27. The processing unit of claim 26, in which the means for blocking attempts to access at least the portion of the internal memory comprises means for blocking direct memory access (DMA) accesses.
  - 28. The processing unit of claim 26, in which the means for causing the processor to fetch and execute instructions comprises means for authenticating code modules.
  - 29. The processing unit of claim 28, in which the means for authenticating code modules comprises means for blocking execution of a code module if the code module is not authenticated.
  - 30. The processing unit of claim 28, in which the means for authenticating code modules comprises means for authenticating a code module by verifying a digital signature on the code module.
  - 31. The processing unit of claim 26, in which the secure processor mode-disabling means comprises means for clearing or invalidating memory or register locations.
  - 32. The processing unit of claim 26, further comprising a tamper-resistant housing means.

33. A system comprising:
- a processor;
  
  internal memory;
  
  secure processor mode-enabling hardware or software configured to cause the processor to enter a secure processor mode, the secure processor mode-enabling hardware or software including;
  
  hardware or software configured to provide the processor with access to at least a portion of a domain within the internal memory without interfacing with an operating system function while the processor operates in the secure processor mode, wherein the domain is associated with a process being executed by the processor;
  
  hardware or software configured to provide the processor with access to at least a portion of the domain not associated with the process being executed by the secure processor, within the secure memory, by interfacing with an operating system function;
  
  hardware or software configured to prevent the processor from accessing memory other than the internal memory while the processor operates in the secure processor mode;
  
  secure processor mode-disabling hardware or software configured to cause the processor to exit the secure processor mode, the secure processor mode-disabling hardware or software including hardware or software configured to block access to at least a portion of the internal memory and to provide access to memory other than the internal memory while the processor is not operating in the secure processor mode; and
  
  a computer-readable medium containing instructions that, when executed, perform the following steps;
  
  entering a secure processor mode;
  
  accessing, by the processor, through an operating system interface, at least the portion of the domain not associated with the process being executed by the processor, within the internal memory, while the processor is operating in the secure processor mode;
  
  accessing, by the processor, at least the portion of the domain within the internal memory associated with the process being executed by the processor while the processor is operating in the secure processor mode;
  
  blocking access, by the processor, to memory other than the internal memory while the processor is operating in the secure processor mode;
  
  exiting the secure processor mode;
  
  accessing, by the processor, at least the portion of memory other than the internal memory while the processor is not operating in the secure processor mode;
  
  blocking access, by the processor, to the internal memory while the processor is not operating in the secure processor mode; and
  
  blocking attempts to access at least the portion of the internal memory that originate from outside the processing unit.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 34. The system of claim 33, the computer-readable medium further comprising instructions that, when executed, perform the following step:
    - retrieving at least one cryptographic key from the internal memory while the processor is operating in the secure processor mode.
  - 35. The system of claim 34, the computer-readable medium further comprising instructions that, when executed, perform the following step:
    - decrypting a piece of electronic content using, at least in part, the at least one cryptographic key.
  - 36. The system of claim 35, wherein the processing unit further comprises hardware or software configured to cause the processor to fetch and execute instructions from the internal memory and to prevent the processor from fetching and executing instructions from memory other than the internal memory while the processor operates in the secure processor mode, and wherein the step of using the processor to decrypt the piece of electronic content comprises fetching instructions from the internal memory and executing the instructions, the instructions being configured, when executed by the processor, to cause the processor to decrypt the piece of electronic content.
  - 37. The system of claim 33, the computer-readable medium further comprising instructions that, when executed, perform the following steps:
    - fetching from the internal memory, while the processor is operating in the secure processor mode, rights management programming; and
      
      executing the rights management programming to govern use of a piece of electronic content stored in memory external to the processing unit.
  - 38. The system of claim 37, in which the rights management programming comprises instructions that, when executed by the processor, are configured to cause the processor to selectively grant a request to use the piece of electronic content in accordance with one or more controls associated with the piece of electronic content, the one or more controls specifying one or more permitted or prohibited uses of the piece of electronic content.
  - 39. The system of claim 38, in which at least one of the one or more electronic controls specifies at least one condition associated with a permitted use of the piece of electronic content.
  - 40. The system of claim 39, in which the at least one condition comprises an indication that the permitted use may be made only for a certain time period.
  - 41. The system of claim 39, in which the at least one condition comprises an indication that the permitted use may be exercised only by a certain user or class of users.
  - 42. The system of claim 39, in which the at least one condition comprises a requirement that auditing information be collected regarding the permitted use.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Ginter, Karl L., Shear, Victor H., Sibert, W. Olin, Spahn, Francis J., Van Wie, David M.
Primary Examiner(s)
Schwartz, Darren B

Application Number

US11/879,202
Publication Number

US 20080052541A1
Time in Patent Office

1,923 Days
Field of Search

713164-167, 713/187, 713/189, 713193-194, 726 26- 30
US Class Current

713/189
CPC Class Codes

G06F 21/1078   Logging; Metering

G06F 21/1082   Backup or restore

G06F 21/109   by using specially-adapted ...

G06F 21/16   Program or content traceabi...

G06F 21/42   using separate channels for...

G06F 21/51   at application loading time...

G06F 21/57   Certifying or maintaining t...

G06F 21/572   Secure firmware programming...

G06F 21/608   Secure printing

G06F 21/71   to assure secure computing ...

G06F 21/725   operating on a secure refer...

G06F 21/73   by creating or determining ...

G06F 21/74   operating in dual or compar...

G06F 21/78   to assure secure storage of...

G06F 21/86   Secure or tamper-resistant ...

G06F 21/87   by means of encapsulation, ...

G06F 2221/034   Test or assess a computer o...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2135   Metering

G06F 2221/2137 : Time limited access, e.g. t...

G06F 2221/2141 : Access rights, e.g. capabil...

G06F 2221/2143 : Clearing memory, e.g. to pr...

G06F 2221/2147 : Locking files

G06F 2221/2149 : Restricted operating enviro...

G06F 2221/2151 : Time stamp

G06Q 10/10 : Office automation; Time man...

G06Q 20/02 : involving a neutral party, ...

G06Q 20/06 : Private payment circuits, e...

G06Q 20/12 : specially adapted for elect...

G06Q 20/1235 : with control of digital rig...

G06Q 20/24 : Credit schemes, i.e. "pay a...

G06Q 20/382 : insuring higher security of...

G06Q 30/06 : Buying, selling or leasing ...

G07F 9/026 : for alarm, monitoring and a...

H04L 2463/101 : applying security measures ...

H04L 2463/102 : applying security measure f...

H04L 63/00 : Network architectures or ne...

H04L 63/04 : for providing a confidentia...

H04L 63/104 : Grouping of entities

H04L 63/20 : for managing network securi...

H04N 21/2347 : involving video stream encr...

H04N 21/2541 : Rights Management protectin...

H04N 21/26613 : for generating or managing ...

H04N 21/4405 : involving video stream decr...

H04N 21/4623 : Processing of entitlement m...

H04N 21/4627 : Rights management associate...

H04N 21/8355 : involving usage data, e.g. ...

View All

Systems and methods for secure transaction management and electronic rights protection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

338 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for secure transaction management and electronic rights protection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

338 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links