Method and apparatus to detect clock roll-forward attacks in a computing device or similar system. This protects against hackers who tamper with the system clock of, for instance, a digital media playback device in order to access a content item which has been rented for a limited time. By detecting
Method and apparatus to detect clock roll-forward attacks in a computing device or similar system. This protects against hackers who tamper with the system clock of, for instance, a digital media playback device in order to access a content item which has been rented for a limited time. By detecting clock roll-forward tampering, the present method and system prevent such hackers from accessing the content item outside its authorized rental time period.
대표청구항▼
1. A method for detecting tampering with timing in a system before allowing access to a piece of protected content, wherein the time is maintained by a clock associated with the system, the method comprising: storing, for each of a plurality of files stored by the system, (i) a time stamp that indic
1. A method for detecting tampering with timing in a system before allowing access to a piece of protected content, wherein the time is maintained by a clock associated with the system, the method comprising: storing, for each of a plurality of files stored by the system, (i) a time stamp that indicates a most recent time that the file was modified, and (ii) a content identification value that is based on content of the file, such that if the content of the file has been modified, the content identification value of the file is different, wherein the plurality of files comprises a group of files that does not include the piece of protected content:receiving a request to access the piece of protected content;in response to receiving the request, for each file of a set of the plurality of files: determining a relationship between the stored time stamp of the file and a current time stamp of the file; andwhen the stored time stamp of the file and the current time stamp of the file are the same, determining whether the stored content identification value is the same as a current content identification value; andenabling the system to access the piece of protected content when (i) no stored time stamp for any particular file is more recent than the current time stamp for the particular file, and (ii) for all files for which the stored time stamp is the same as the current time stamp, the stored content identification value is the same as the current content identification value. 2. The method of claim 1 further comprising, for each file of the set of the plurality of files, replacing (i) the stored time stamp with the current time stamp and (ii) the stored content identification value with the current content identification value for each file when the current time stamp of the file is more recent than the stored time stamp of the file. 3. The method of claim 1, wherein enabling the system to access includes providing at least one key for decrypting the piece of protected content. 4. The method of claim 1, wherein the method is part of a Digital Rights Management system. 5. The method of claim 4, wherein the Digital Rights Management system sets a time period for access to the file. 6. The method of claim 1, wherein the system is one of a computer, mobile telephone device, media playback device, and personal digital assistant. 7. The method of claim 1, wherein the system is not connected to a network during performance of the method. 8. The method of claim 1, wherein determining the relationship between the current time stamp and the stored time stamp comprises determining whether the current time stamp is (i) more recent than the stored time stamp, (ii) the same as the stored time stamp, or (iii) older than the stored time stamp. 9. The method of claim 1, wherein said storing comprises storing in a secure manner. 10. The method of claim 9, wherein the secure manner includes encryption. 11. The method of claim 1, wherein said storing comprises storing the time stamp and content identification value for each file in a database. 12. The method of claim 1, wherein the plurality of files comprises all files in a directory. 13. The method of claim 1, wherein the plurality of files comprises only selected files in a directory. 14. A computing device comprising: a set of processing units;a non-transitory machine readable storage for storing a computer program, the computer program comprising sets of instructions for: storing, for each of a plurality of files stored by the computing device, (i) a time stamp that indicates a most recent time that the file was modified, and (ii) a content identification value that is based on content of the file, such that if the content of the file has been modified, the content identification value of the file is different, wherein the plurality of files comprises a group of files that does not include a piece of protected content;receiving a request to access the piece of protected content;in response to receiving the request, for each file of a set of the plurality of files: determining a relationship between the stored time stamp of the file and a current time stamp of the file; andwhen the stored time stamp of the file and the current time stamp of the file are the same, determining whether the stored content identification value is the same as a current content identification value; andenabling the computing device to access the piece of protected content only when (i) no stored time stamp for any particular file is more recent than the current time stamp for the particular file, and (ii) for all files for which the stored time stamp is the same as the current time stamp, the stored content identification value is the same as the current content identification value. 15. A non-transitory machine readable medium for storing a computer program for execution in a computing device, the computer program comprising sets of instructions for: storing, for each of a plurality of files stored by the computing device, (i) a time stamp that indicates a most recent time that the file was modified, and (ii) a content identification value that is based on content of the file, such that if the content of the file has been modified, the content identification value of the file is different, wherein the plurality of files comprises a group of files that does not include a piece of protected content;receiving a request to access the piece of protected content;in response to receiving the request, for each file of a set of the plurality of files: determining a relationship between the stored time stamp of the file and a current time stamp of the file; andwhen the stored time stamp of the file and the current time stamp of the file are the same, determining whether the stored content identification value is the same as a current content identification value; andenabling the computing device to access the piece of protected content only when (i) no stored time stamp for any particular file is more recent than the current time stamp for the particular file, and (ii) for all files for which the stored time stamp is the same as the current time stamp, the stored content identification value is the same as the current content identification value. 16. The non-transitory machine readable medium of claim 15, wherein the program further comprises a set of instructions for replacing, for each file of the set of the plurality of files, (i) the stored time stamp with the current time stamp and (ii) the stored content identification value with the current content identification value for each file when the current time stamp of the file is more recent than the stored time stamp of the file. 17. The non-transitory machine readable medium of claim 15, wherein the set of instructions for enabling the computing device to access comprises a set of instructions for providing at least one key for decrypting the piece of protected content. 18. The non-transitory machine readable medium of claim 15, wherein the set of instructions for storing comprises a set of instructions for storing in a secure manner. 19. The non-transitory machine readable medium of claim 18, wherein the secure manner includes encryption. 20. The non-transitory machine readable medium of claim 15, wherein the plurality of files comprises all files in a directory. 21. The computing device of claim 14, wherein the program further comprises a set of instructions for replacing, for each file of the set of the plurality of files, (i) the stored time stamp with the current time stamp and (ii) the stored content identification value with the current content identification value for each file when the current time stamp of the file is more recent than the stored time stamp of the file. 22. The computing device of claim 14, wherein the set of instructions for enabling the computing device to access comprises a set of instructions for providing at least one key for decrypting the piece of protected content. 23. The computing device of claim 14, wherein the set of instructions for storing the content identification value comprises a set of instructions for calculating the content identification value using a hash function. 24. The computing device of claim 14, wherein the set of instructions for storing the content identification value comprises a set of instructions for calculating the content identification value using a set of bytes of the content of the file. 25. The computing device of claim 24, wherein the set of bytes comprises a first byte and a last byte of the content of the file.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (10)
Nakase Akihiko,JPX ; Kakimoto Mitsuru,JPX ; Oyanagi Shigeru,JPX, Apparatus and a method for analyzing time series data for a plurality of items.
Cooper Thomas Edward ; Philips Hudson Wayne ; Pryor Robert Franklin, Method and apparatus for enabling trial period use of software products: method and apparatus for utilizing an encryptio.
Steele Douglas William ; Bryant Craig William ; Goin Todd M. ; Moos Thomas J., Method for tracking configuration changes in networks of computer systems through historical monitoring of configuration status of devices on the network..
Erik H. van der Kaay ; David Tyo ; David Robinson ; Gregory L. Dowd, System and methods for generating trusted and authenticatable time stamps for electronic documents.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter,Karl L.; Shear,Victor H.; Sibert,W. Olin; Spahn,Francis J.; Van Wie,David M., Systems and methods for secure transaction management and electronic rights protection.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.