`(10) Patent No.:
`US 6,857,067 B2
`
`Edelman
`(45) Date of Patent:
`Feb. 15, 2005
`
`U5006857067B2
`
`(54) SYSTEM AND METHOD FOR PREVENTING
`UNAUTHORIZED ACCESS TO ELECTRONIC
`DATA
`
`.
`Inventor'
`
`(76)
`
`( 4 ) Notice:
`
`-
`-
`£43131“ 8' E4311“??? %SLa§;7gftar10
`a"
`organ“ 6’
`(
`)
`Subjectto any disclaimer, the term of this
`Patent IS extended or a0011518411 under 35
`U~S~C~ 154(b) by 641 day5~
`
`(21) Appl. No; 09/792 045
`’
`Feb. 26, 2001
`
`Filed:
`
`(22)
`
`12/1999 Horstmann .................... 705/1
`6,009,401 A
`12/1999 Horstmann .......
`713/200
`6,009,525 A
`
`.
`2/2000 Duvvoori et al.
`709/224
`6,021,438 A
`
`2/2000 Yamamura .....
`713/201
`6,023,766 A
`..... 705/34
`..
`2/2000 Barritz et al.
`6,029,145 A
`
`3/2000 Vaeth et al.
`713/201
`6,035,402 A
`4/2000 Benson ..........
`702/35
`6,047,242 A
`
`
`33888 5:12;); (it :11"
`73:65}:
`2822:;23 2
`
`6/2000 Staley ...........
`705/58
`6,073,123 A
`
`........ 705/59
`6/2000 Knutson .
`6,078,909 A
`7/2000 Gray .............
`.. 340/825.34
`6,087,955 A
`
`............. 713/201
`8/2000 Diersch et al.
`6,101,606 A
`10/2000 Goetz et al.
`................ 713/200
`6,128,741 A
`OTHER PUBLICATIONS
`
`(65)
`
`Prior Publication Data
`
`US 2002/0029347 A1 Man 7, 2002
`
`.
`.
`Charles Cagliostro, “Rosy Outlook Predicted for US Smart
`Card Market”, Card Forum International, pp. 45—47, Nov./
`Dec. 1999.
`
`Related U'S' Application Data
`Provisional application No. 60/229,934, filed on Sep. 1,
`2000.
`
`(60)
`
`Carol H. Fancher, “Smart Cards”, Scientific American, pp.
`1_10 Aug. 1996.
`
`Int. Cl.7 .................................................. G06F 1/26
`(51)
`(52) US. Cl.
`...................... 713/1.55; 713/182; 713/200;
`713/201
`
`Primary Examiner—Thomas R. Peeso
`(74) Attorney) Agenh 0r Firm—Fithatrick, Cella, Harper &
`SClntO
`
`(58) Field Of Search ................................. 713/155, 182,
`713/200, 201
`
`(57)
`
`ABSTRACT
`
`(56)
`
`References Cited
`
`U'S' PATENT DOCUMENTS
`5,502,764 A
`3/1996 Naccache .................... 380/23
`5,826,011 A
`10/1998 Chou et al.
`................. 395/186
`
`5,844,497 A
`12/1998 Gray ..............
`340/82534
`
`~~~~~~~~ 380/4
`59337498 A
`8/1999 SChneCk 6t a1~
`
`" 713/200
`5,935,246 A
`8/1999 B6950“ """"""
`5,940,504 A
`8/1999 Grlswold ....................... 380/4
`5,956,404 A
`.............. 380/25
`9/1999 Schneier et al.
`
`11/1999 Shin et al. ................ 380/25
`5,987,134 A
`6,008,737 A
`12/1999 Deluca et al.
`......... 340/825.34
`
`A system and method are provided for preventing unautho-
`rized access to electronic data stored on an electronic device.
`A portable licensing medium is configured to communicate
`With the electronic device for storing license data. The
`license data is used to determine Whether to allow access to
`the electronic data. A registration authority communicates
`With the electronic device. The registration authority has a
`database of verification data for verifying the license data
`stored on the licensing medium and provides updated license
`data to the licensing medium.
`
`113 Claims, 9 Drawing Sheets
`
`100
`
`140
`120 Smart Card
`
`Smart Card
`Reader
`
`PETITIONERS EX. 1001 Page 1
`
`PETITIONERS Ex. 1001 Page 1
`
`
`
`US. Patent
`
`Feb. 15, 2005
`
`Sheet 1 0f 9
`
`US 6,857,067 B2
`
`100
`
`140
`120 Smart Card
`
`Smart Card
`Reader
`
`Fig. 1
`
`PETITIONERS EX. 1001 Page 2
`
`PETITIONERS Ex. 1001 Page 2
`
`
`
`US. Patent
`
`Feb. 15, 2005
`
`Sheet 2 0f 9
`
`US 6,857,067 B2
`
`
`
`Fig. 2
`
`320
`
`I
`
`310
`
`315
`
`
`...
`4, {Teafm .
`
`
`:u» "L“
`g..
`e-
`»m
`,
`_
`OptionalApplicationcoa!-
`
`
`
`EEPROM
`325 Application
`
`.. Dumfiifis
`
`
`.
`
`_.
`
`., y...
`
`300
`
`C05 control are:
`
`( Internal parameters
`
`Passwords and
`confidentlal informati-
`
`01'
`
`
`Fig. 3
`
`PETITIONERS EX. 1001 Page 3
`
`PETITIONERS Ex. 1001 Page 3
`
`
`
`US. Patent
`
`Feb. 15, 2005
`
`Sheet 3 0f 9
`
`US 6,857,067 B2
`
`/16O
`
`140
`
`Smart Card
`
`Reader
`
`120
`
`100
`
`
`
`Client
`
`Registration Authority
`
`130
`
`
`
`
`
`/
`Illll
`
`
`
`
`
`
`Smart Card
`
`Vendor
`
`Fig. 4
`
`PETITIONERS EX. 1001 Page 4
`
`PETITIONERS Ex. 1001 Page 4
`
`
`
`US. Patent
`
`Feb. 15, 2005
`
`Sheet 4 0f 9
`
`US 6,857,067 B2
`
`
`
`LAN Server/
`License
`
`Manager
`
`Smart Card
`
`
`Reader
`
`110
`
`
`120
`
`Smart Card
`
`Redundant License Manager
`
`Vendor
`
`Fig. 5
`
`PETITIONERS EX. 1001 Page 5
`
`PETITIONERS Ex. 1001 Page 5
`
`
`
`US. Patent
`
`Feb. 15, 2005
`
`Sheet 5 0f 9
`
`US 6,857,067 B2
`
`gillgn}
`
`Smart1‘
`
`ma:n
`
`MI
`
`I I I1
`
`I
`
`| I
`
`InstaN software on mmpulm
`FEW,
`
`M'VICFU-MMM .n—u. _._.._.._...
`Obtain current Smartflard coatents
`,‘<___——:
`Send current contents, new product info
`
`I
`I
`
`.
`
`I
`I
`Send newI contents
`
`Cmaten
`
`I’EQIS1IB‘IIOn entry
`f 31w”
`""I
`
`LI
`I
`I
`
`I I
`
`I W'nte new content‘i
`I
`,
`L
`I
`
`1
`
`I
`
`I
`
`I
`I
`
`PETITIONERS EX. 1001 Page 6
`
`PETITIONERS Ex. 1001 Page 6
`
`
`
`US. Patent
`
`Feb. 15, 2005
`
`Sheet 6 0f 9
`
`US 6,857,067 B2
`
`I
`
`I
`
`
`
`SmWQECaId
`I
`r Chang
`Reader
`II
`
`‘veflf smartWard ts ms 11951
`
`i T
`
`Prompt user I smart card that "1495126
`
`
`
`alldate smafl can} not Iampemd by!“
`GE conlentg ofsmaxI ca'd forthis ptgdvIlci
`U
`:I]
`é__;L_———;'
`Use conlemsto vera'ythrg use: rs anthems? I'm II‘IS product
`37'" -.J
`
`I I | I I I I
`
`I
`
`PETITIONERS EX. 1001 Page 7
`
`I
`
`I
`Alia-w s (flwam 10 u»? usedl
`.
`,
`"m”;
`
`III”
`
`H
`
`I
`
`I
`
`I I I
`
`Fig. 7
`
`PETITIONERS Ex. 1001 Page 7
`
`
`
`US. Patent
`
`Feb. 15, 2005
`
`Sheet 7 0f 9
`
`US 6,857,067 B2
`
`Administ____1__ator}_eader ___a__:g_naer
`
`
`Network _anar
`Insert newer existing 3mg card
`de new employeelor look up 9:03th
`
`newcatdmahdat
`
`I
`
`card
`
`I
`
`IfnoI
`
`
`I
`Verify Inserted sIman catd IS for 3a ecIed employee
`I
`II “
`I
`1
`[
`‘v’erIfy sman CJU contents agamel! RA database
`E
`m.....-..m.. I
`I
`I
`I
`I
`
`8421»ch n9 .I pmducts
`
`
`I
`I
`Utah EMU I0 Ilard‘
`|
`
`I I I
`
`I I
`
`.
`
`i
`
`I
`
`l I I
`
`I
`
`I
`
`AgIhofiIg
`nggsjraflgn
`I
`I
`
`:
`
`I I I
`
`I
`1
`l
`
`..
`
`' 1'
`E‘end ‘ eex Info, new prgdtlct IMO
`
`
`
`PETITIONERS EX. 1001 Page 8
`
`:
`
`I
`
`—.~
`
`Nun? corsIenI$ to c
`_
`
`I I
`
`Fig. 8
`
`PETITIONERS Ex. 1001 Page 8
`
`
`
`US. Patent
`
`Feb. 15, 2005
`
`Sheet 8 0f 9
`
`US 6,857,067 B2
`
`a9!
`_ana
`“Rmmm:r _artar —en
`—€‘_I__Iem
`-I
`‘WIN»?smart cardI‘S Inserted
`
`I
`
`I I I I I
`
`I
`
`i I I I I
`
`U
`I
`I
`I
`I
`
`I I
`
`Prompt usm I smart card not miened
`
` I
`
`ahdate {man can} no! Iampered MI
`I
`I I
`canents nf smarl cardfm thus prodLet
`
`
`Use wntents to venfy thq user Is 320103029? for mu. produti
`I
`I
`Verifi‘ that lIcense IS stIll nalid
`l
`l
`I
`I
`I
`I
`I
`I
`I
`I
`
`AIIow suftv cur: to be mad
`
`
`
`Fig. 9
`
`PETITIONERS EX. 1001 Page 9
`
`PETITIONERS Ex. 1001 Page 9
`
`
`
`US. Patent
`
`Feb. 15, 2005
`
`Sheet 9 0f 9
`
`US 6,857,067 B2
`
`
`W I
`
`I
`
`I
`i
`
`I Smart Car
`I
`hem
`
`, gm Reade;
`V9”? smart card 15 Insider!
`. 3..me
`l
`a
`I
`I
`Pmmpt user ilsmart card no! Marked
`'
`
`~ M
`
`. Smart Lard
`L
`
`grqgngg
`I
`I Manager
`
`I
`1
`
`I
`I
`I
`I
`
`I
`I
`I
`I
`
`I I I l |
`
`l I
`
`‘ L
`7 I
`T
`I
`
`Vanda? smart card not zampered wmI
`
`”Tm"
`‘ 'T‘""“
`”513
`Glen! conteni 3 of smarI card for “us pmdtIact
`
`l—
`—
`‘
`I
`f‘:<_:l__.__——’L]I
`Use contents :0 mam-g 01.31: use: I? aUIthIZBfI f0l tins product
`I
`I
`521:”:
`l
`,i
`I
`I
`
`-
`lcense
`V 3- th
`t' e e ‘ an wall-
`I
`-_...- {”1}
`Ii.
`.._._ Ejl-xn- a‘ 'n-r '1:- . Inf—bl? 2
`I
`I
`r
`I Resewe license I
`I
`T
`”F“ ijmm;.1
`I
`wI
`I
`I
`I
`mm
`Aflow s. fiware to be used!
`i
`HIM—«-
`l
`I
`Releaseflc nsewhensoflwar
`. 3
`__
`______..___
`'
`i
`I
`‘IE
`I
`
`terminates
`
`I
`I
`
`Fig. 10
`
`PETITIONERS EX. 1001 Page 10
`
`PETITIONERS Ex. 1001 Page 10
`
`
`
`US 6,857,067 B2
`
`1
`SYSTEM AND METHOD FOR PREVENTING
`UNAUTHORIZED ACCESS TO ELECTRONIC
`DATA
`
`This application claims the benefit of US. Provisional
`Application No. 60/229,934, filed Sep. 1, 2000.
`
`BACKGROUND OF THE INVENTION
`
`1. Field of the Invention
`
`invention relates generally to preventing
`The present
`unauthorized access to electronic data, such as for example
`computer software, music, movies, e-books, and the like.
`More specifically, the present invention relates to an access
`authorization system and method in which a client electronic
`device communicates with a licensing medium that stores
`license data identifying the electronic data to which the user
`is authorized to have access. The client electronic device
`
`also communicates with a central registration authority that
`contains a database used to verify the license data.
`2. Related Art
`
`Electronic devices, both wired and wireless, such as
`personal computers, handheld computing devices, personal
`data assistants, cellular telephones and CD and DVD
`players, are ubiquitous. These devices perform an increasing
`array of functions, including business, entertainment and
`educational type functions, just to name a few.
`The common link between these electronic devices is
`
`their use of electronic data to perform their respective
`functions. The electronic data may be used to control the
`device itself, such as, for example, when the data comprise
`a computer software program. Alternatively, the electronic
`data may be intellectual content that is manipulated by these
`devices, such as, for example, when the data comprise
`music, movies, e-books, database information, or other
`forms of data that are privileged, copyrighted, proprietary or
`otherwise protected from unauthorized access.
`In either case, the electronic data are valuable because of
`the time and effort that was expended in their creation. For
`example, a computer software program typically is the
`product of a labor-intensive development that involves soft-
`ware engineers, programmers, artists and marketers, just to
`name a few. Similarly, music, movies and e-books typically
`are the product of creative endeavors of artists and authors.
`In addition, the creation of all of these forms of electronic
`data may involve extremely costly production and marketing
`efforts.
`
`By contrast, copying such electronic data typically
`requires very little time, effort and money. Consequently,
`unauthorized copying and distribution of electronic data is
`rampant. With regard to personal computer software, for
`example, it is estimated that 30% of software used in the
`United States is unlicensed and therefore unauthorized.
`
`in excess of 95% of the
`In certain foreign nations,
`software programs in use are unauthorized copies, which
`were created in the United States or elsewhere and sold at a
`
`small fraction of their US. retail price. In some of these
`foreign nations, software piracy has become a large industry.
`This widespread unauthorized use of software and other
`electronic data has a potential chilling effect on the artists,
`entrepreneurs, and others who would create it.
`The law, of course, provides some mechanisms for pre-
`venting or discouraging such piracy. Copyright protection,
`for example, is one of the most common legal means of
`protecting electronic data. Patent protection, also, is increas-
`ingly being used to protect some electronic data, particularly
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`various aspects of computer software. Contractual
`provisions, such as licenses, are widely used as an adjunct to
`other forms of protection.
`The right to use software under a license agreement may
`be restricted to a single user or a single computer. Where use
`on more than one computer is contemplated, such as in a
`local area network (LAN), the license may allow use on a
`number of computers. This sort of multiple computer license
`is often referred to as a site license, since it typically is
`implemented to allow several computers at a particular site
`to run the licensed software.
`
`However, the effectiveness of these legal and contractual
`measures has been inadequate. Accordingly, vendors of
`electronic data have turned to technological means of pro-
`tecting their intellectual content.
`For example, licensed electronic data, such as computer
`software, may be protected from unauthorized use and/or
`copying by using a protection scheme that requires the user
`to register the licensed software with the vendor. Generally,
`such protection schemes use a registration program that is
`included with the software and executes upon installation of
`the software.
`
`The registration program requires the user to enter a code
`sequence that was provided by the vendor with the software,
`e.g., printed on a CD-ROM case. The code sequence is
`checked by the registration program to determine whether it
`is valid. If it is valid, the registration program enables the
`user to use the software.
`
`Conventional registration programs determine the validity
`of the code sequence using mathematical algorithms.
`Typically, such algorithms are simply the inverse of the
`algorithm initially used by the vendor to generate the set of
`valid code sequences that are distributed with the software.
`While such conventional schemes do provide a rudimen-
`tary measure of security, they are far from unbeatable. In
`fact, such security systems are often thwarted by pirates who
`ascertain the algorithms for determining validity by analyz-
`ing the code sequences that they generate. Once an algo-
`rithm has been ascertained, it may be used by unauthorized
`users to generate valid code sequences for the licensed
`software. These valid code sequences or the algorithm itself,
`which is known as a keygen, then may be distributed widely
`to large numbers of unauthorized users. Indeed, keygens for
`many commercially successful licensed software products
`are freely available on the Internet.
`Some vendors have attempted to improve upon the code
`sequence protection scheme by requiring users to enter
`certain personal information, such as the user’s name and
`telephone number. This information is transmitted to the
`vendor where it is encoded and used in the code sequence
`generation process. The code sequence is sent back to the
`user, who uses it
`to unlock the software. However,
`this
`approach, like the code sequence approach discussed above,
`is also based on an ascertainable mathematical algorithm
`and therefore also may be circumvented for the same reason.
`Another approach to preventing unauthorized access to
`licensed software is to require the user to have hardware
`keys, which are referred to as dongles, connected to the
`user’s computer in order to use the licensed software.
`Typically, dongles are connected to the input/output (I/O)
`port of a computer.
`There are numerous disadvantages in the use of dongles.
`For example, each piece of licensed software requires a
`separate dongle, but computers typically have a limited
`number of I/O ports. Consequently, a number of dongles
`may have to be connected to a single I/O port if several
`
`PETITIONERS EX. 1001 Page 11
`
`PETITIONERS Ex. 1001 Page 11
`
`
`
`US 6,857,067 B2
`
`3
`pieces of license software are to be used. This may result in
`interference between the attached dongles, which may cause
`the dongles or the associated software to fail. Another
`disadvantage is that dongles may be easily lost or stolen.
`Software licensors typically replace lost or stolen dongles
`for a nominal fee, which may allow unauthorized users to
`easily obtain dongles.
`Another approach to preventing unauthorized use and/or
`copying of licensed software is to require the user to have a
`licensing module connected to the user’s network in order to
`use the licensed software. This approach is discussed in US.
`Pat. No. 6,101,606 (Diersch et al.). The module may contain
`an identification code and other licensing information. The
`licensed software periodically communicates with license
`management software on a network server. The license
`management software,
`in turn, communicates with the
`licensing module to determine whether a valid module is
`connected to the network.
`
`There are several disadvantages to the licensing module
`approach. The licensing module contains a fixed identifica-
`tion code that may be ascertained through analysis of the
`module. Ascertaining the identification code would allow an
`unauthorized user to duplicate the module. Another disad-
`vantage of the licensing module approach is that the licens-
`ing module is vulnerable to tampering. For example, a user
`may seek to increase the number of authorized users for a
`site licensing by changing licensing data stored in the
`module.
`
`Yet another disadvantage of the licensing module
`approach is that authorized users are unable to use the
`licensed software on computers that are not connected to the
`single,
`fixed network. For example, an authorized user
`would not be able to use the licensed software on a laptop
`computer, personal digital assistant or other type of mobile
`computing device.
`Another approach to preventing unauthorized use and/or
`copying of licensed software is to provide license manage-
`ment software that
`is installed on the user’s server, as
`discussed in US. Pat. No. 6,049,789 (Frison et al.). The
`management software transmits pay-per-use license requests
`for the licensed software to a central license management
`system. The central license management system grants pay-
`per-use licenses to the user upon receiving these requests
`and maintains billing records.
`This approach, however, suffers from the disadvantage
`that
`the user must be connected to the central
`license
`
`management system in order for a pay-per-use license to be
`granted. Consequently, as in the case of the licensing
`module,
`the software cannot be easily used on mobile
`electronic devices such as a laptop or personal data assistant.
`There is a need, therefore, for a system and method for
`preventing unauthorized access to electronic data that takes
`an entirely fresh approach and overcomes the drawbacks of
`the conventional techniques.
`SUMMARY OF THE INVENTION
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`The present invention generally provides a novel system
`and method for preventing unauthorized access to electronic
`data.
`
`60
`
`One aspect of the present invention provides a system and
`method for preventing unauthorized access to electronic data
`stored on an electronic device. Aportable licensing medium
`is configured to communicate with the electronic device for
`storing license data. The license data is used by the elec-
`tronic device to determine whether to allow access to the
`
`4
`communicate with the electronic device. The registration
`authority has verification data for verifying the license data
`stored on the licensing medium. The registration authority
`provides updated license data to the licensing medium.
`Embodiments of the present invention may include one or
`more of the following features. The electronic device may
`verify the validity of the licensing medium by comparing the
`license data to the verification data of the registration
`authority.
`The licensing medium may store a license data message
`digest produced by performing a hash of the license data.
`The verification data may include a copy of the license data
`message digest. The electronic device may verify the valid-
`ity of the licensing medium by comparing the license data
`message digest to the copy of the license data message digest
`in the verification data of the registration authority.
`The license data message digest may be encrypted with a
`private key associated with the registration authority. The
`private key may be one of a number of private keys
`associated with the registration authority. The verification
`data may include a copy of the encrypted license data
`message digest. The electronic device may verify the valid-
`ity of the licensing medium by comparing the encrypted
`license data message digest to the copy of the encrypted
`license data message digest in the verification data of the
`registration authority.
`The electronic device may verify the validity of the
`licensing medium by decrypting the license data message
`digest read from the licensing medium using a public key
`associated with the registration authority, generating a mes-
`sage digest by performing a hash on the license data read
`from the licensing medium, and comparing the decrypted
`message digest to the generated message digest.
`The electronic device may send registration information
`to the registration authority. The registration information
`may include a random identifier associated with the elec-
`tronic data. The verification data stored in the registration
`authority database may include a list of authorized identi-
`fiers that allow access to the electronic data. The registration
`authority may provide updated license data to the licensing
`medium when the identifier sent with the registration infor-
`mation corresponds to one of the authorized identifiers.
`The licensing medium may be a smart card having a
`memory. The smart card also may have a microprocessor.
`The smart card may decrypt a first message digest received
`from the registration authority using a public key associated
`with the registration authority, generate a second message
`digest by performing a hash on updated license data received
`from the registration authority, and compare the first mes-
`sage digest to the second message digest. The licensing
`medium may also be a memory stick,
`random access
`memory, or a computer disk (e.g., optical, magnetic, or
`electronic). The licensing medium may be a memory
`installed in a cellular telephone that may or may not be
`removable.
`
`The license data may include a licensing medium expi-
`ration date determined by a configurable time period during
`which the licensing medium is valid. The licensing medium
`expiration period may be, e.g., thirty days.
`The license data may include a software license expiration
`date determined by a configurable time period during which
`access to the electronic data is allowed. The software license
`
`expiration period may be, e.g., one day or thirty days.
`The license data may include a software security expira-
`tion date determined by a configurable time period during
`which access to the electronic data is allowed. The software
`
`65
`
`electronic data. A registration authority is configured to
`
`security expiration period may be, e.g., thirty days.
`
`PETITIONERS EX. 1001 Page 12
`
`PETITIONERS Ex. 1001 Page 12
`
`
`
`US 6,857,067 B2
`
`5
`Another aspect of the present invention provides a system
`and method for preventing unauthorized access to electronic
`data stored on an electronic device. A portable licensing
`medium is configured to communicate with the electronic
`device for storing license data. The license data is used to
`determine whether to allow access to the electronic data. A
`registration authority is configured to communicate with the
`electronic device. The registration authority has a first
`database of verification data for verifying license data stored
`in a second verification database. A license manager is
`configured to communicate with the electronic device and
`the registration authority. The license manager has a second
`database of verification data for verifying the license data
`stored on the licensing medium. The license manager pro-
`vides updated license data to the licensing medium.
`Embodiments of the present invention may include one or
`more of the following features. The electronic device may
`verify the validity of the licensing medium by comparing the
`license data to the second database of verification data of the
`
`license manager. The license manager may verify the valid-
`ity of the second database of verification data by comparing
`it to the first database of verification data of the registration
`authority.
`The licensing medium may store a license data message
`digest produced by performing a hash of the license data.
`The second database of verification data may include a copy
`of the license data message digest. The electronic device
`may verify the validity of the licensing medium by com-
`paring the license data message digest to the copy of the
`license data message digest
`in the second database of
`verification data of the license manager.
`The license data message digest may be encrypted with a
`private key associated with the registration authority or the
`license manager. The private key may be one of a number of
`private keys associated with the registration authority or the
`license manager. The second database of verification data
`may include a copy of the encrypted license data message
`digest.
`The electronic device may verify the validity of the
`licensing medium by comparing the encrypted license data
`message digest to the copy of the encrypted license data
`message digest in the second database of verification data of
`the license manager.
`The electronic device may verify the validity of the
`licensing medium by decrypting the license data message
`digest read from the licensing medium using a public key
`associated with the registration authority, generating a mes-
`sage digest by performing a hash on the license data read
`from the licensing medium, and comparing the decrypted
`message digest to the generated message digest.
`The license manager may send site license registration
`information to the registration authority. The site license
`registration information may include a random identifier
`associated with the electronic data. The verification data
`
`stored in the registration authority database may include a
`list of authorized identifiers that allow access to the elec-
`
`tronic data. The registration authority may provide updated
`verification data to the license manager when the identifier
`sent with the registration information corresponds to one of
`the authorized identifiers.
`
`The license manager may communicate with the regis-
`tration authority to verify that the verification data stored by
`the license manager corresponds to the verification data
`stored by the registration authority.
`These and other objects, features and advantages will be
`apparent from the following description of the preferred
`embodiments of the present invention.
`
`6
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`5
`
`The present invention will be more readily understood
`from a detailed description of the preferred embodiments
`taken in conjunction with the following figures.
`FIG. 1 is a block diagram of a system for protecting
`licensed electronic data used by a client computer.
`FIG. 2 shows a smart card with surface contacts.
`
`10
`
`FIG. 3 is a block diagram of the internal microchip of the
`smart card.
`
`FIG. 4 is a block diagram of a system for protecting
`licensed electronic data used by a remote client computer.
`FIG. 5 is a block diagram of a system for protecting
`licensed electronic data used by a client computer network.
`FIG. 6 is a diagram of software registration for a single-
`user system.
`FIG. 7 is a diagram of software startup for a single-user
`system.
`FIG. 8 is a diagram of adding a software license to an
`employee smart card in a multiple-user system.
`FIG. 9 is a diagram of software startup for a fixed-node
`license in a multiple-user system.
`FIG. 10 is a diagram of software startup for a floating
`license in a multiple-user system.
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`FIG. 1 depicts a block diagram which illustrates in general
`terms an embodiment of the present invention. In FIG. 1, a
`personal computer 100, referred to as the client device, may
`be configured to use licensed computer software provided by
`a third-party vendor.
`Of course, the present invention is not limited to prevent-
`ing unauthorized access to computer software on personal
`computers. Other examples of electronic devices that use
`licensed electronic data include DVD players, handheld
`computing devices, personal data assistants (PDAs), cellular
`or personal communication system (PCS) telephones, intel-
`ligent appliances (e.g., refrigerators and heating and cooling
`systems),
`internet appliances, etc. Other examples of
`licensed electronic data include computer software, music,
`movies, e-books, artwork, privileged data (such as
`databases, privileged publications and communications),
`etc. Still other examples of both exist as well.
`In general terms,
`the protection system of the present
`invention uses a registration authority 110 that determines
`whether a given user is authorized to have access to a given
`piece of electronic data. As used herein, the phrase “access
`to electronic data” and its derivatives (e.g., “accessing
`electronic data”) refers broadly to any type of manipulation
`of electronic data, including (but not limited to) installing,
`using, copying,
`inputting, outputting, reading, writing,
`deleting, viewing, playing, storing, moving, processing, etc.
`The registration authority 110 may be implemented as a
`server on a network, operated under the control of a software
`protection administrator. The software protection adminis-
`trator maintains the registration authority 110 in cooperation
`the vendors of the electronic data.
`
`the vendor may
`As part of such a protection system,
`require the user to install a client program provided by the
`software protection administrator. The client program
`installed on the client computer 100 communicates with a
`licensing information storage medium 120, referred to as the
`licensing medium, and the registration authority 110.
`Alternatively, the client program may be embedded in the
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`PETITIONERS EX. 1001 Page 13
`
`PETITIONERS Ex. 1001 Page 13
`
`
`
`US 6,857,067 B2
`
`7
`electronic data and may be executed in the course of
`accessing the electronic data, rather than being installed
`separately by the user. The registration authority 110, in turn,
`communicates with the vendor 130, which maintains a
`database of valid licenses issued for the electronic data.
`
`The licensing medium 120 is a portable component that
`contains information concerning the software or other
`licensed electronic data that the user is authorized to access.
`
`When a user seeks to access a vended piece of electronic
`data, the client program communicates with the licensing
`medium 120 to verify that the user is authorized to access the
`electronic data.
`
`10
`
`In general, the licensing medium 120 may be any type of
`portable electronic data storage medium that has a unique,
`unalterable serial number or other form of identification that
`
`15
`
`can be transmitted electronically. Examples include smart
`cards, memory sticks, magnetic strip cards, floppy disks and
`other removable computer storage media. The licensing
`medium 120 and the electronic device that uses the licensed
`electronic data need not have a wired connection. Awireless
`
`connection, e.g., an infrared or radio frequency (RF) link,
`may be used.
`the licensing
`In certain types of electronic devices,
`medium 120 may be configured so that it is not removable,
`e.g., certain types of cellular phones, hand-held computing
`devices, or cable television control boxes. For example, the
`licensing medium may be an internal
`random access
`memory (RAM) installed in a cellular phone. It is also
`contemplated that
`the invention can include stationary
`devices, e.g., refrigerators or other household appliances,
`that have a licensing medium that is not removable.
`In the example of FIG. 1, a smart card is employed as the
`licensing medium. As shown in FIG. 2, a smart card 120 is
`a plastic card containing a microchip 300. Contacts 305 for
`the microchip 300 are formed on the surface of the card 120
`to provide data input and output and power supply input.
`As shown in FIG. 3, the microchip 300 includes a central
`processing unit (CPU) 310 that has an associated random
`access memory (RAM) 315, although a smart card without
`a CPU also may be used. The RAM 315 is used to tempo-
`rarily store information during processing while power is
`being supplied to the card. Aread only memory (ROM) 320
`permanently stores the microchip operating system. An
`erasable programmable read only memory (EPROM) 325
`stores application code and data, such as the licensing
`information discussed above.
`
`Referring again to FIG. 1, the client program accesses the
`smart card 120 using a smart card reader 140 connected to
`the client computer 100. The smart card 120 contains
`licensing information that indicates to the client program
`which software the user is authorized to access. The licens-
`
`ing information may include other information as well, such
`as for example time-stamps that indicate when the license
`for each authorized software expires.
`The smart card may be a dedicated smart card that is
`specifically provided for use as a licensing medium.
`Alternatively, a generic smart card having other functions,
`e.g., a credit card, may be adapted for use as the licensing
`medium. In such a case, the smart card would function both
`for the original purpose and as the licensing medium.
`The registration authority 110 is a remote server that
`maintains a licensing database containing information for all
`of the licensing media 120 authorized by the software
`protection administrator and all of the software licenses
`authorized by the software vendors 130. The client program
`communicates with the registration authority 110 to perform
`
`8
`a number of functions associated with the operation of the
`protection system. The client program may communicate
`with the registration authority 110, for example, using the
`Internet 150.
`
`For example, the client program may verify the validity of
`the smart card 120 by communicating with the registration
`authority 110. As a further example,
`the client program
`communicates with the registration authority 110 to change
`the contents of th