Patent•
Security system for microcomputers
11 Sep 1985-
TL;DR: A security system for a personal computer, in which hardware and software are combined to provide a tamper-proof manner of protecting user-access and file-access, is described in this article.
Abstract: A security system for a personal computer, in which hardware and software are combined to provide a tamper-proof manner of protecting user-access and file-access. The hardware component of the system is an expansion board for insertion into an expansion slot of the PC, and has a first EPROM chip containing four portions of machine code for initializing system function calls and for establishing the proper boot-processing of the PC; a second RAM chip serving as scratch pad memory; a third EEPROM chip storing passwords, audit trail log, protection and encryption system flags, and user-access rights; a fourth automatic encryption and decryption chip for files of the PC; and a fifth clock chip for the audit trail. The software component includes a batch file that runs a program in conjunction with the machine code on the EPROM of the expansion board ensuring access is gained only for valid users. The code on the EPROM monitors all DOS 21H file handling function calls, and initializes the 7CH interrupt vector for allowing the security system to access DOS and the files thereof. During boot processing, the 10H video interrupt handler is monitored to prevent circumventing the security system. Hard-disc format-protection is also provided by monitoring of the 13H interrupt function calls. Files may also be created that may not be copied.
Citations
More filters
Patent•
30 Sep 2010TL;DR: In this article, the authors proposed a secure content distribution method for a configurable general-purpose electronic commercial transaction/distribution control system, which includes a process for encapsulating digital information in one or more digital containers, a process of encrypting at least a portion of digital information, a protocol for associating at least partially secure control information for managing interactions with encrypted digital information and/or digital container, and a process that delivering one or multiple digital containers to a digital information user.
Abstract: PROBLEM TO BE SOLVED: To solve the problem, wherein it is impossible for an electronic content information provider to provide commercially secure and effective method, for a configurable general-purpose electronic commercial transaction/distribution control system. SOLUTION: In this system, having at least one protected processing environment for safely controlling at least one portion of decoding of digital information, a secure content distribution method comprises a process for encapsulating digital information in one or more digital containers; a process for encrypting at least a portion of digital information; a process for associating at least partially secure control information for managing interactions with encrypted digital information and/or digital container; a process for delivering one or more digital containers to a digital information user; and a process for using a protected processing environment, for safely controlling at least a portion of the decoding of the digital information. COPYRIGHT: (C)2006,JPO&NCIPI
7,643 citations
Patent•
09 Jan 1997
TL;DR: In this article, a method and device are provided for controlling access to data, where portions of the data are protected and rules concerning access rights to data are determined, and a method is also provided for distributing data for subsequent controlled use of those data.
Abstract: A method and device are provided for controlling access to data. Portions of the data are protected and rules concerning access rights to the data are determined. Access to the protected portions of the data is prevented, other than in a non-useable form; and users are provided access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. A method is also provided for distributing data for subsequent controlled use of those data. The method includes protecting portions of the data; preventing access to the protected portions of the data other than in a non-useable form; determining rules concerning access rights to the data; protecting the rules; and providing a package including: the protected portions of the data and the protected rules. A user is provided controlled access to the distributed data only in accordance with the rules as enforced by a mechanism protected by tamper protection. A device is provided for controlling access to data having protected data portions and rules concerning access rights to the data. The device includes means for storing the rules; and means for accessing the protected data portions only in accordance with the rules, whereby user access to the protected data portions is permitted only if the rules indicate that the user is allowed to access the portions of the data.
1,471 citations
Patent•
08 Oct 1987
TL;DR: In this article, a "return on investment" digital database usage metering, billing, and security system includes a hardware device which is plugged into a computer system bus (or into a serial or other functionally adequate connector) and a software program resident in the hardware device.
Abstract: A "return on investment" digital database usage metering, billing, and security system includes a hardware device which is plugged into a computer system bus (or into a serial or other functionally adequate connector) and a software program system resident in the hardware device. One or more databases are encrypted and stored on a non-volatile mass storage device (e.g., an optical disk). A tamper-proof decrypting device and associated controller decrypts selected portions of the stored database and measures the quantity of information which is decrypted. This measured quantity information is communicated to a remote centralized billing facility and used to charge the user a fee based on database usage. A system may include a "self-destruct" feature which .disables system operation upon occurrence of a predetermined event unless the user implements an "antidote"--instructions for implementing the antidote being given to him by the database owner only if the user pays his bill. Absolute database security and billing based on database usage are thus provided in a system environment wherein all database access tasks are performed at the user's site. Moreover, a free market competitive environment is supported because literary property royalties can be calculated based on actual data use.
1,132 citations
Patent•
06 Nov 1998TL;DR: In this article, a matching and classification utility system comprising a kind of Commerce Utility System is used to perform the matching, narrowcasting, classifying and/or selecting process, non-limiting examples of which include software objects.
Abstract: Rights management information is used at least in part in a matching, narrowcasting, classifying and/or selecting process. A matching and classification utility system comprising a kind of Commerce Utility System is used to perform the matching, narrowcasting, classifying and/or selecting. The matching and classification utility system may match, narrowcast, classify and/or select people and/or things, non-limiting examples of which include software objects. The Matching and Classification Utility system may use any pre-existing classification schemes, including at least some rights management information and/or other qualitative and/or parameter data indicating and/or defining classes, classification systems, class hierarchies, category schemes, class assignments, category assignments, and/or class membership. The Matching and Classification Utility may also use at least some rights management information together with any artificial intelligence, expert system, statistical, computational, manual, or any other means to define new classes, class hierarchies, classification systems, category schemes, and/or assign persons, things, and/or groups of persons and/or things to at least one class.
1,109 citations
Patent•
07 Apr 2005TL;DR: A trusted electronic go-between can validate, witness and/or archive transactions while, in some cases, actively participating in or directing the transaction as mentioned in this paper, while providing an extremely high degree of confidence and trustedness.
Abstract: Documents and other items can be delivered electronically from sender to recipient with a level of trustedness approaching or exceeding that provided by a personal document courier. A trusted electronic go-between can validate, witness and/or archive transactions while, in some cases, actively participating in or directing the transaction. Printed or imaged documents can be marked using handwritten signature images, seal images, electronic fingerprinting, watermarking, and/or steganography. Electronic commercial transactions and transmissions take place in a reliable, “trusted” virtual distribution environment that provides significant efficiency and cost savings benefits to users in addition to providing an extremely high degree of confidence and trustedness. The systems and techniques have many uses including but not limited to secure document delivery, execution of legal documents, and electronic data interchange (EDI).
923 citations
References
More filters
Patent•
11 Jul 1983
TL;DR: In this paper, the authors propose a software authorization system where a software can be authorized for use a given number of times by a base unit after which the base unit (computer, videogame base unit, record player, videorecorder or videodisk player) cannot use that software until the manufacturer sends an authorization for additional uses to the user's base unit.
Abstract: Software (programs, videogames, music, movies, etc.) can be authorized for use a given number of times by a base unit after which the base unit (computer, videogame base unit, record player, videorecorder or videodisk player) cannot use that software until the manufacturer sends an authorization for additional uses to the user's base unit. Authorizations may be sent via telephone line, mail, or whatever form of communication is most suited to the application. Authorizations cannot be reused, for example by recording the telephone authorization signal and replaying it to the base unit. Similarly, authorizations can be made base unit specific, so that an authorization for one base unit cannot be transferred to another base unit. This invention also solves the "software piracy problem" and allows telephone sales of software as additional benefits.
615 citations
Patent•
20 Sep 1982
TL;DR: In this paper, a method and apparatus are provided for inhibiting unauthorized copying, unauthorized usage and automated cracking of proprietary software used in computer systems, which are protected by encapsulation and/or encryption.
Abstract: A method and apparatus are provided for inhibiting unauthorized copying, unauthorized usage and automated cracking of proprietary software used in computer systems. The computer systems execute protected programs, which are protected by encapsulation and/or encryption. To provide security against unauthorized copying of software, means are provided that detect and inhibit automated cracking of protected programs. These means will destroy or make inaccessible information in the CPU during conditions when automated cracking could occur. These means will also store interrupt contexts in secret to prevent implementation of automated cracking. Additional features may be provided to allow operation as a general purpose computer system, where protected programs are distributed using public key cryptography and a means is provided to convert from this distribution form to the protected execution form.
321 citations
Patent•
27 Oct 1983
TL;DR: In this paper, a software access control system for controlling access to a protected application program is described, where a user terminal is actuated to transmit an access request message including a requested program identification manifestation to the first processor requesting permission to execute a particular application program.
Abstract: A software access control system is disclosed for controlling access to a protected application program. The software access control system comprises first and second processors, each having a terminal or port adapting its processor to be coupled with the other. The first processor is programmed to permit access to the protected application program and comprises a first memory storing the protected application program, a program identification manifestation and a customer identification manifestation. The second processor comprises a second memory for storing a program identification manifestation and a customer identification manifestation, as assigned to the second processor. A user terminal is actuated to transmit an access request message including a requested program identification manifestation to the first processor requesting permission to execute a particular application program. There is disclosed a two-step process of granting access to a protected application program. First, the requested program identification manifestation, as entered on the user terminal, is compared with a program identification manifestation retained within the second processor. If there is a first match, a customer authentication message is transmitted from the first processor to the second processor. In response, the second processor transmits its assigned customer identification manifestation to the first processor, wherein a comparison is made between the retained customer identification manifestation and the assigned customer identification transmission. If there is a second match, access to use and to execute the application program is granted.
217 citations
Patent•
IBM1
TL;DR: In this article, a tamper proof co-processor which forms a part of the computing machine is used to restrict the use of a program on a single machine to be executed on the original medium.
Abstract: Method and apparatus which restricts software, distributed on magnetic media, to use on a single computing machine. The original medium is functionally uncopyable, until it is modified by the execution of a program stored in a tamper proof co-processor which forms a part of the computing machine. The modified software on the original medium may then be copied, but the copy is operable only on the computing machine containing the co-processor that performed the modification.
204 citations
Patent•
17 Jan 1980
TL;DR: In this paper, a cryptographic microprocessor for processing data and executing programs which are stored in enciphered blocks to prevent unauthorized alteration and copying is described, and combined use of block and byte deciphering is described.
Abstract: A cryptographic microprocessor for processing data and executing programs which are stored in enciphered blocks to prevent unauthorized alteration and copying. Such a "crypto-microprocessor" deciphers the enciphered program and data blocks piecemeal as execution of the deciphered program proceeds. A product block cipher circuit makes each bit of a deciphered block a complicated function of each bit of an enciphered block, and each bit of an encryption key, and each bit of the digital address of the enciphered block. Combined use of block and byte deciphering is described. If a block of the enciphered program is altered, the crypto-microprocessor temporarily or permanently disables itself.
162 citations