Multiplexing a secure counter to implement second level secure counters
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/00
G06F-011/30
H04L-009/32
H04K-001/00
출원번호
US-0185506
(2002-06-28)
등록번호
US-7421579
(2008-09-02)
발명자
/ 주소
England,Paul
Peinado,Marcus
출원인 / 주소
Microsoft Corporation
대리인 / 주소
Woodcock Washburn LLP
인용정보
피인용 횟수 :
8인용 특허 :
8
초록▼
A multiplexed secure counter is provided, in which a multiplicity of child secure counters are secured by a parent secure counter. Child counters are stored with a parent secure counter value and a signature. Before a child counter is read, the signature is verified and value stored is checked again
A multiplexed secure counter is provided, in which a multiplicity of child secure counters are secured by a parent secure counter. Child counters are stored with a parent secure counter value and a signature. Before a child counter is read, the signature is verified and value stored is checked against the current value of the parent secure value. If the verifications are successful, the child secure counter can be used. To increment a child counter, the signature is verified and the value stored checked against the current value of the parent secure value. If the verifications are successful, the parent counter and the child counter are incremented, and the data is signed again.
대표청구항▼
What is claimed is: 1. A method for securing digital content in a computer system, the method comprising: implementing, in the computer system, a first level counter, where a first-level counter provides a first-level counter value, where said first-level counter provides an operation to increment
What is claimed is: 1. A method for securing digital content in a computer system, the method comprising: implementing, in the computer system, a first level counter, where a first-level counter provides a first-level counter value, where said first-level counter provides an operation to increment the value of said first-level counter; implementing, in the computer system, a second-level counter associated with a digital content file, where the second-level counter provides a second-level counter value and where the second-level counter provides an operation to increment the value of the second-level counter, the operation to increment the value of the second-level counter triggering the operation to increment the value of the first-level counter, and where data comprising a first-level counter value and said at least one second-level counter value are stored together in at least one file with verification information for said data; receiving a request to read the value of the second-level counter; authenticating the verification information for said data; comparing the current value of the first-level counter to the first-level counter value stored in said at least one file; and returning the value for said at least one second-level counter, when the current value of the first-level counter is equal to the first-level counter value stored in said at least one file. 2. The method of claim 1, where a trusted entity can sign data with a verifiable signature, and where said verification information for data comprises a signature from said trusted entity of said data. 3. The method of claim 2, where said authenticating the verification information for said data comprises: verifying said signature. 4. The method of claim 1, where said authenticating the verification information for said data comprises: returning an error message if said verification of the security of said at least one file is unsuccessful. 5. A method for securing digital content in a computer system, the method comprising: implementing, in the computer system, a first level counter, where a first-level counter provides a first-level counter value, where said first-level counter provides an operation to increment the value of said first-level counter; implementing, in the computer system, a second-level counter associated with a digital content file, where the second-level counter provides a second-level counter value and where the second-level counter provides an operation to increment the value of the second-level counter, and where data comprising a first-level counter value and said second-level counter value are stored together in at least one file with verification information for said data; determining that the digital content file was accessed; authenticating the verification information for said data; comparing the current value of the first level counter to the first-level counter value stored in said at least one value; incrementing the value for said second-level counter; incrementing the value for said first-level counter; and storing data comprising said first-level counter and said incremented second-level counter value together with verification information for said data in said at least one file. 6. The method of claim 5, where a trusted entity can sign data with a verifiable signature, and where said verification information for data comprises a signature from said trusted entity of said data. 7. The method of claim 6, where said authenticating the verification information for said data comprises: verifying said signature. 8. The method of claim 6, where said authenticating the verification information for said data comprises: returning an error message if said verification of the security of said at least one file is unsuccessful. 9. A method for securing digital content in a computer system, the method comprising: implementing, in the computer system, a first level counter, where a first-level counter provides a first-level counter value, where said first-level counter provides an operation to increment the value of said first-level counter; implementing, in the computer system, a second-level counter associated with a digital content file, where the second-level counter provides a second-level counter value and where the second-level counter provides an operation to increment the value of the second-level counter, and where data comprising a first-level counter value and said second-level counter value are stored together in at least one file with verification information for said data; receiving a request to add a new second-level counter associated with a second digital content file; authenticating the verification information for said data; comparing the current value of the first-level counter to the first-level counter value stored in said at least one file; generating a new second-level counter and incrementing the new second-level counter; incrementing the first-level counter; and storing data comprising said first-level counter value, the second-level counter value and said new second-level counter together with verification information in said at least one file. 10. A system for implementing at least one second-level counter, where a first-level counter provides a first-level counter value, where said first-level counter provides an operation to increment the value of said first-level counter but does not provide an operation to set said first-level counter to an arbitrary value, said system comprising: means for storing data comprising said first-level counter value and said at least one second-level counter together with verification information for said data in at least one file; means for responding to a read command for a specific one of said at least one second-level counters by verifying the security of said at least one file and returning a value for said at least one second-level counter, wherein verifying the security of said at least one file includes verifying that said stored first-level counter value corresponds to the current value of said first-level counter; and means for responding to an increment command for a specific one of said at least one second-level counters by verifying the security of said at least one file; incrementing a value for said specific second-level counter; incrementing a value for said at least one first-level counter; and storing data comprising said first-level counter and said incremented specific second-level counter value together with verification information for said data in said at least one file. 11. The system of claim 10, where a trusted entity can sign data with a verifiable signature, and where said verification information for data comprises a signature from said trusted entity of said data. 12. The system of claim 11, where said means for verifying the security of said at least one file comprises: means for verifying said signature. 13. The system of claim 10, where said means for verifying the security of said at least one file comprises: means for returning an error message if said verification of the security of said at least one file is unsuccessful. 14. The system of claim 10, where said means for incrementing of said at least one first-level counter comprises means for adding one to said first-level counter. 15. The system of claim 10, where said at least one file comprises one file for each of said at least one second-level counter. 16. The system of claim 10, further comprising: means for responding to a request to add a new second-level counter by storing data comprising said first-level counter value and said new second-level counter together with verification information in said at least one file. 17. The system of claim 16, where said means for responding to a request to add a new second-level counter comprises: means for incrementing said value for said first-level counter value; and means for storing data comprising said incremented first-level counter value and said new second-level counter together with verification information in said at least one file. 18. A computer storage media for implementing at least one second-level counter, where a first-level counter provides a first-level counter value, where said first-level counter provides an operation to increment the value of said first-level counter but does not provide an operation to set said first-level counter to an arbitrary value, said medium with instructions to perform acts comprising: storing data comprising said first-level counter value and said at least one second-level counter together with verification information for said data in at least one file; responding to a read command for a specific one of said at least one second-level counters by verifying the security of said at least one file and returning a value for said at least one second-level counter, wherein verifying the security of said at least one file includes verifying that said stored first-level counter value corresponds to the current value of said first-level counter; and responding to an increment command for a specific one of said at least one second-level counters by verifying the security of said at least one file; incrementing a value for said specific second-level counter; incrementing a value for said at least one first-level counter; and storing data comprising said first-level counter and said incremented specific second-level counter value together with verification information for said data in said at least one file. 19. The computer storage media of claim 18, where a trusted entity can sign data with a verifiable signature, and where said verification information for data comprises a signature from said trusted entity of said data. 20. The computer storage media of claim 19, where said verification of security of said at least one file comprises: verifying said signature. 21. The computer storage media of claim 18, where said verification of the security of said at least one file comprises: returning an error message if said verification of the security of said at least one file is unsuccessful. 22. The computer storage media of claim 18, where said at least file comprises one file for each of said at least one second-level counter. 23. The computer storage media of claim 18, said acts further comprising: responding to a request to add a new second-level counter by storing data comprising said first-level counter value and said new second-level counter together with verification information in said at least one file. 24. The computer storage media of claim 23, where response to a request to add a new second-level counter comprises: incrementing said value for said first-level counter value; and storing data comprising said incremented first-level counter value and said new second-level counter together with verification information in said at least one file.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.