Method and apparatus for protecting information and privacy
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/00
H04K-001/00
G06F-015/16
출원번호
US-0429218
(2003-05-02)
등록번호
US-7406593
(2008-07-29)
발명자
/ 주소
Rabin,Michael O.
Shasha,Dennis E.
Beinart,Yossi
Caceres,Ramon
Karia,Timir
Molnar,David
Rolinson,Sean
출원인 / 주소
ShieldIP, Inc.
대리인 / 주소
Hamilton, Brook, Smith & Reynolds, P.C.
인용정보
피인용 횟수 :
8인용 특허 :
65
초록▼
A system for protecting software against piracy while protecting a user's privacy enables enhancements to the protection software in a user device and extended protections against piracy. The protection system allows the user device to postpone validation of purchased tags stored in a tag table for
A system for protecting software against piracy while protecting a user's privacy enables enhancements to the protection software in a user device and extended protections against piracy. The protection system allows the user device to postpone validation of purchased tags stored in a tag table for installed software and to re-establish ownership of a tag table to recover from invalidation of a tag table identifier value resulting from revelation of a tag table identifier value. Continued use of the tag table is provided by the use of credits associated with a tag table. A protection center is protected against denial of service attacks by making calls to the protection center cost time or money to the attackers.
대표청구항▼
What is claimed is: 1. A method of requesting a continuation message comprising the steps of: storing a call-up message in a user device, the call-up message being generated by a user device including: a. a tag table identifier value; b. a set of user device descriptive values, where one or more of
What is claimed is: 1. A method of requesting a continuation message comprising the steps of: storing a call-up message in a user device, the call-up message being generated by a user device including: a. a tag table identifier value; b. a set of user device descriptive values, where one or more of the user device descriptive values provide information concerning a state associated with the user device; c. a nonce; and d. a hash function; and applying said hash function to the combination of said set of user device descriptive values and said nonce to provide a hash result value that conceals the user device descriptive values from a guardian center and all other devices, where the concealing of the user descriptive values protects the privacy of a user associated with the user device; processing the call-up message at the guardian center to detect use of an infringing copy of software on the user device, where the call-up message is used to prevent a tag table identifier value from being used simultaneously on multiple user devices; and requesting a continuation message for use in connection with controlling use of protected software on the user device by securely sending from the user device to the guardian center said tag table identifier value and said hash result value in a call-up message. 2. The method of claim 1 further comprising the steps of: a. upon receiving said call-up message, said guardian center invalidating tag table identifier values that have participated in more than a specified number of call-ups over a specified time; b. forming a continuation message, by said guardian center, by signing a message containing the call-up message, and at least one of a list of valid tag table identifier values, a time to next call-up for each valid tag table identifier value and an indication of the invalid tag table identifier values; and c. securely sending, by said guardian center, said continuation message to the user device. 3. The method of claim 2 further comprising the steps of: a. verifying, by a supervising program on said user device the signature on the continuation message; b. verifying, by said supervising program, that the continuation message includes said call-up message; c. invalidating, by said supervising program, the associated tag table, for each said invalidated tag table identifier value; and d. storing, by said supervising program, said continuation message. 4. The method of claim 3 further comprising the step of: invalidating all tags associated with said invalidated tag tables. 5. A method of re-establishing ownership of a tag table, comprising the steps of: a. securely sending, by a user device, a message to an authorized server, the message including a new tag table identifier, a tag table identifier, an original tag table identifier and an ownership certificate pertaining to the original tag table identifier, where the new tag table identifier identifies a tag table having one or more tags, the tags indicating a right to use protected software; b. verifying, by the authorized server, that said ownership certificate pertains to the original tag table identifier and securely sending to the user device a digitally signed message allowing the user device to employ the new tag table identifier; c. creating, by the authorized server, an association between said new tag table identifier and said original tag table identifier, said new tag table identifier and said tag table identifier both related to said original tag table identifier; d. processing, by the authorized server, call-up messages to detect use of an infringing copy of software on the user device, where a call-up message is used to prevent a tag table identifier from being used simultaneously on multiple user devices, the call-up message including a concealed portion to protect the privacy of a user associated with the user device; and e. ensuring, by the authorized server, that call-up messages including said tag table identifier without said new tag table identifier are rejected. 6. The method of claim 5 further comprising the steps of: a. including, by the user device, said new tag table identifier in a future call-up message; b. verifying, by the guardian center, said association between said new table identifier and said original tag table identifier; and performing, by the guardian center, further processing based on said original tag table identifier. 7. A method of re-establishing ownership of a tag table employing a one-way function, comprising the steps of: a. securely sending, by a user device, a message to an authorized server, the message including a new tag table identifier, where the new tag table identifier identifies a tag table having one or more tags, the tags indicating a right to use protected software; b. verifying, by the authorized server, that applying one-way function to the new tag table identifier yields a tag table identifier, the tag table identifier stored on the authorized server and associated with an original tag table identifier, said new tag table identifier and said tag table identifier both related to said original tag table identifier; c. creating, by the authorized server, an association between said new tag table identifier and said original tag table identifier; d. processing, by the authorized server, call-up messages to detect use of an infringing copy of software on the user device, where a call-up message is used to prevent a tag table identifier from being used simultaneously on multiple user devices, the call-up message including a concealed portion to protect the privacy of a user associated with the user device; and e. ensuring, by the authorized server, that call-up messages including said tag table identifier without said new tag table identifier are rejected. 8. The method of claim 7 further comprising the steps of: a. including, by the user device, said new tag table identifier in a call-up message; b. verifying, by the guardian center, the association between said new table identifier and said original tag table identifier; and performing, by the guardian center, further processing based on said original tag table identifier. 9. The method of claim 1 wherein the user device descriptive values include one or more of the following: number of files on the user device, size of files on the user device, number of directories on the user device, characteristics of indexes used to access data, a processor identifying number, a BIOS identifier, or a network interface identifier. 10. The method of claim 1 wherein the user device descriptive values include biometric information about a particular individual associated with the user device. 11. The method of claim 1 wherein the user device descriptive values are chosen such that they are slowly changing, if at all, during use of the user device. 12. The method of claim 3 further comprising the steps of: determining, by the supervising program of said user device, credits associated with the tag table identifier, where the credits represent the total time available to postpone a call-up; and preventing the use of credits, by the supervising program, if the user device descriptive values have changed significantly since the occurrence of a previous continuation message. 13. The method of claim 3 further comprising the steps of: determining, by the supervising program of said user device, credits associated with the tag table identifier, where the credits represent the total time available to postpone a call-up; and decreasing the credits, by the guardian center, if the user device indicates in a call-up message that its user device descriptive values have significantly changed. 14. The method of claim 1 wherein processing the call-up message at the guardian center to detect use of an infringing copy of software on the user device further includes, responding to determining that a tag table identifier is being used simultaneous on multiple user devices by sending a continuation message specifying that the tag table identifier is invalid. 15. The method of claim 5 wherein processing, by the authorized server, call-up messages to detect use of an infringing copy of software on the user device further includes, responding to determining that a tag table identifier is being used simultaneous on multiple user devices by sending a continuation message specifying that the tag table identifier is invalid. 16. The method of claim 7 wherein processing, by the authorized server, call-up messages to detect use of an infringing copy of software on the user device further includes, responding to determining that a tag table identifier is being used simultaneous on multiple user devices by sending a continuation message specifying that the tag table identifier is invalid.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (65)
Corbin John R. (Sunnyvale CA), Apparatus and method for licensing software on a network of computers.
Curry Stephen M. ; Loomis Donald W. ; Fox Christopher W., Apparatus for transfer of secure information between a data carrying module and an electronic device.
Yurt Paul (P.O. Box 676 ; Times Square Station New York NY 10108) Browne H. Lee (Two Soundview Dr. Greenwich CT 06830), Audio and video transmission and receiving system.
Glover John J., Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information.
Leighton, F. Thomson; Lewin, Daniel M., Content delivery network using edge-of-network servers for providing content delivery to a set of participating content providers.
Grube Gary W. (157 Cedarwood Ct. Palatine IL 60067) Markison Timothy W. (555 Northview La. Hoffman Estates IL 60194), Detection of unauthorized use of software applications in processing devices.
Katz Donald R. ; Lau Edwin J. ; Mott Timothy ; Brenneman Scott A. ; Jun Benjamin Che-Ming ; Pai Samuel Hong-Yen, Digital information library and delivery system with logic for generating files targeted to the playback device.
Bains Jeffrey E. (Madison AL) Case Willard W. (Madison AL), Distributed license administration system using a local policy server to communicate with a license server and control e.
Cooper Thomas E. (Louisville CO) Philips Hudson W. (Boulder CO) Pryor Robert F. (Longmont CO), Method and apparatus for enabling trial period use of software products: Method and apparatus for utilizing a decryption.
Mott Timothy ; Story Guy ; Jun Benjamin Che-Ming ; Pai Samuel Hong-Yen ; Kocher Paul, Method and apparatus for targeting a digital information playback device.
Johnson Herrick J. (Marblehead MA) Olson Margaret (Nashua NH) Jones Stuart (Cambridge MA) Bodoff Stephanie (Somerville MA) Bertrand Stephen C. (Waltham MA) Levine Paul H. (Carlisle MA), Network license server.
Walker, Lee Anthony; Cook, Mark Douglas; Linzell, Christopher Robert; Valentine, Simon Peter, Network management apparatus and method employing "object tips" for the display of detailed data.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
Doherty, Robert J.; Tierney, Peter L.; Arnaoutoglou-Andreou, Marios, System and embedded license control mechanism for the creation and distribution of digital content files and enforcement of licensed use of the digital content files.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
Vetrivelkumaran, Vellore T.; Gulabani, Raju; Falcon, Stephen R.; Malik, Neel, Systems and methods for controlling the number of clients that access a server.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M., Systems and methods for secure transaction management and electronic rights protection.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.