US007032240B1
`
`United States Patent
`(12)
`(10) Patent No.:
`US 7,032,240 B1
`a
`Cronce et al.
`45 Date of Patent:
`A r. 18 2006
`
`
`(54) PORTABLE AUTHORIZATION DEVICE FOR
`AUTHORIZING USE OF PROTECTED
`INFORMATION AND ASSOCIATED
`METHOD
`
`(75)
`
`Inventors: Paul Allen Cronce, San Jose, CA (US);
`.(Ifisstgph M. Fontana, San Jose, CA
`
`5,050,213 A
`5,081,676 A
`5,212,279 A
`5,222,133 A *
`5,293,424 A
`5’329’623 A
`
`9/1991 Shear
`1/1992 Chou et a1.
`5/1993 Nomura et a1.
`6/1993 Chou et a1.
`................... 705/55
`3/1994 Holtey et al.
`7/1994 smlth et 31'
`(Continued)
`FOREIGN PATENT DOCUMENTS
`
`(73) Assignee: Pace Anti-Piracy, Inc., San Jose, CA
`(US)
`
`W0
`
`WO 87/03977
`
`7/1987
`
`( * ) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`
`(21) App]. No.: 09/503,778
`
`(22)
`
`Filed:
`
`Feb. 14, 2000
`
`(Continued)
`OTHER PUBLICATIONS
`
`Coffee P., “Fear of prosecution prompts comeback of hard-
`ware keys”, PC Week, V01. 6, No. 13, p. 13, Apr. 3, 1989.
`
`(Continued)
`
`(60)
`
`Related US. Application Data
`.
`.
`.
`.
`Prov151ona1 appllcatlon No. 60/169,506, filed on Dec.
`7, 1999-
`
`Primary Examiner4rogory Morse
`Assistant ExamineriThomas Ho
`(74) Attorney, Agent, or Firmistrategic Patent Group;
`Stephen G. Sullivan
`
`(51)
`
`Int- Cl-
`(2006.01)
`H04L 9/00
`(52) US. Cl.
`...............................
`726/2; 726/27; 705/51
`(58) Field of Classification Search ................ 713/200,
`713/189, 193; 726/2, 27; 705/51
`See application file for complete search history.
`
`56
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`4,562,306 A
`4,609,777 A
`4,652,990 A
`4,683,553 A
`4,747,139 A
`4,796,181 A
`4,799,153 A
`4,827,508 A
`4,932,054 A
`4,977,594 A
`5,047,928 A
`
`12/1985 Chou et a1.
`9/1986 Cargile
`3/1987 Pailen et a1.
`7/1987 Mollier
`5/1988 Taaffe
`1/1989 Wiedemer
`1/1989 Hann et a1.
`5/1989 Shear
`6/1990 Chou et a1.
`12/1990 Shear
`9/1991 Wiedemer
`
`(57)
`
`ABSTRACT
`
`An authorization system and associated method for selec—
`tively authorizing a host system to use one or more items of
`protected information associated with the host system. The
`authorization system includes a portable authorization
`device that is removabl
`cou lable to the host 5 stem. The
`y
`P
`y
`portable authorization device is capable of receiving and
`storing multiple items of authorization information associ-
`ated with a plurality of respective items of protected infor-
`mation from one or more information authorities. Preferably,
`the portable authorization device is capable of communicat-
`ing with multiple types of information authorities. The
`portable authorization device selectively authorizes the host
`system to use the one or more respective items of protected
`information based upon the respective authorization infor-
`mation stored therein.
`
`37 Claims, 7 Drawing Sheets
`
`100
`
`/
`185
`
`NETWORKED
`INDIRECT INFORMATION
`
`AUTHORITY
`
`
`
`
`PORTABLE
`
`AUTHORIZATION
`
`171, 173
`
`171, 173)
`
` 171, 173
`
`
`PHYSICAL DIRECT
`PHYSICAL INDIRECT
`INFORMATION
`
`
`INFORMATION
`
`
`AUTHORITY
`AUTHORITY
`
`
`
`
`PETITIONERS EX. 1002 Page 1
`
`PETITIONERS Ex. 1002 Page 1
`
`

`

`US 7,032,240 B1
`
`Page 2
`
`US. PATENT DOCUMENTS
`
`5,754,761 A *
`
`5/1998 Willsey ...................... 713/200
`
`5337357 A
`5,343,524 A
`5,353,124 A
`5357573 A
`5,359,495 A
`5,375,037 A
`5,386,369 A
`5,390,297 A
`5,410,598 A
`5,448,045 A
`5,497,464 A
`5,500,517 A
`5,509,070 A
`5,540,597 A
`5,542,045 A
`5,564,055 A
`5,568,552 A
`5,584,043 A
`5,590,193 A
`5,596,739 A
`5:215:29; :
`5,638,444 A
`5,664,950 A
`5,671,412 A
`5,706,426 A
`5,737,424 A
`
`8/1994 Chou et a1.
`8/1994 Mu et a1.
`10/1994 Chou et a1.
`10/1994 Walters
`10/1994 Margalit et 31,
`12/1994 Le Roux
`1/1995 Christiano
`2/1995 Barber et a1.
`4/1995 Shear
`9/1995 Clark
`3/1996 Yeh
`3/1996 Cagliostro
`4/1996 Schull
`......................... 705/54
`7/1996 Budman et a1.
`7/ 1996 Levine
`10/1996 Asnaashari et 31.
`10/1996 Davis .......................... 705/59
`12/1996 Burkart
`””996 Le Roux
`1/1997 Kane et a1.
`i133; Efifiggtfil'
`6/1997 Chou et a1.
`9/1997 Lawrence
`9/1997 Christiano
`1/1998 Hsu
`4/ 1998 Elteto et al.
`
`7/1998 Caputo et a1.
`5,778,071 A *
`9/1998 Hsu et a1.
`5,812,662 A
`10/1998 Chou et al.
`5,826,011 A
`12/1998 Postlewaite et a1.
`5,854,891 A
`6,671,808 B1* 12/2003 Abbott et a1.
`............... 713/200
`
`.............. 713/159
`
`FOREIGN PATENT DOCUMENTS
`
`W0
`
`2/1998
`WO 98/07255
`OTHER PUBLICATIONS
`
`MethVin D., “Security key: pros and cons”, PC Week, V01.
`8 N0. 21
`. 111.
`.
`.
`,,
`a P
`“a
`Take Control of Your Desktop , PCDEFENDER, Tr1the1m
`Technologies, Inc, Technical
`information, www.tritheim.
`com/pedefender/technical.html, Jul. 27, 1999, 7 pgs.
`Souccar M., “MasterCard’s Chip Card Chief Jumps to
`Publicard”, The American Banker, CARDS, p. 13, Jan. 11,
`1999: 3 pgs.
`Dennis. S., “Tritheim Gets Patent For Virtual Token Tech”,
`Newsbltes, Jan. 28, 1999: 2 Figs
`The Seybold Report on Internet Publishing, Dec. 1997, No.
`4, vol, 2, pp, 3—9,
`
`* cited by examiner
`
`PETITIONERS EX. 1002 Page 2
`
`PETITIONERS Ex. 1002 Page 2
`
`

`

`U.S. Patent
`
`Apr. 18, 2006
`
`Sheet 1 0f 7
`
`US 7,032,240 B1
`
`/
`187
`185
`
`
`NETWORKED
`INDIRECT INFORMATION
`AUTHORITY
`
`100
`
`171,173
`
`
`
`
`
`
`PORTABLE
`AUTHORIZATION
`DEVICE
`
`
`171, 173
`
` 171, 173
`
`
`PHYSICAL DIRECT
`
`PHYSICAL INDIRECT
`
`
`INFORMATION
`
`INFORMATION
`
`AUTHORITY
`
`AUTHORITY
`
`
`
`
`FIG._ 1
`
`
`
`
`TRANSFER AUTHORIZATION
`INFORMATION (KEY SELECTOR)
`FROM INFORMATION AUTHORITY TO
`PORTABLE AUTHORIZATION DEVICE.
`
`
`
`
`
`
`210
`
`AUTHORIZE HOST SYSTEM TO USE
`PROTECTED INFORMATION BASED
`
`
`UPON VALUE OF AUTHORIZATION
`INFORMATION (KEY SELECTOR).
`
`
`220
`
`FIG._2
`
`PETITIONERS EX. 1002 Page 3
`
`PETITIONERS Ex. 1002 Page 3
`
`

`

`U.S. Patent
`
`Apr. 18, 2006
`
`Sheet 2 0f 7
`
`US 7,032,240 B1
`
`
`
`147
`
`I '
`
`145
`
`
`PHYSICAL DIRECT
`
`:
`INFORMATION
`
`PROCESSING
`AUTHORITY
`160
`UNIT
`
`HOST
`SYSTEM
`110
`
`
`
`
`
`
`PROGRAM
`ROM
`
`PROGRAM &
`DATA RAM
`
`
`
`
`
`_ ’5’
`
`FIXED KEY ID
`152
`FIXED SECRET KEY
`
`
`153
`
`FIXED USER DATA
`
`PASSWORD
`DYNAMIC SEED
`
`DYNAMIC
`KEY SELECTOR DATA
`
`FIG._5
`
`DYNAMIC USER DATA
`
`
`
`
`
`
`154
`155
`
`’55
`
`157
`
`PETITIONERS EX. 1002 Page 4
`
`PETITIONERS Ex. 1002 Page 4
`
`

`

`U.S. Patent
`
`Apr. 18, 2006
`
`Sheet 3 0f 7
`
`US 7,032,240 B1
`
`142
`
`\
`
`TO DIRECT
`INFORMATION AUTHORITY
`160
`‘
`
`TO STORAGE
`MEDIUM
`144
`
`A
`
` DIRECT INFORMATION
`AUTHORITY INTERFACE
`
`286
`
`KEY
`ENCRYPTOR
`
`
`
`
`
`DIRECT MESSAGE
`AUTHORITY
`AUTHENTICATOR
`
`
`284
`
`282
`
`287
`
`288
`
`280
`
`28 7
`
`
`
`KEY MANAGER "l MESSAGEMANAGER
`HOST . HOSTCOMMAND
`
`
`
`
` HOST SYSTEM
`
`
`AUTHENTICATOR
`
`PROCESSOR
`
`HOST
`AUTHORIZER
`
`_
`
`285
`
`INTERFACE
`
`FIG 4
`--—
`
`FIG_ 6
`-
`
`I
`TO HOST
`SYSTEM 110 &
`INDIRECT INFORMATION
`AUTHORITIES 180 / 185
`
`FEATURE /
`ENABLE FIELD
`
`157
`
`r—A—fi
`ADDRESSN XXXXXXXX
`ADDRESS N+1 xxxxxxyy<—\ 157(b)
`W‘s/J
`FEATURE FEATURE
`ENABLE
`CREDIT
`FIELD
`COUNTER
`
`157(3)
`
`PETITIONERS EX. 1002 Page 5
`
`PETITIONERS Ex. 1002 Page 5
`
`

`

`U.S. Patent
`
`Apr. 18, 2006
`
`Sheet 4 0f 7
`
`US 7,032,240 B1
`
`160\
`
`PORTABLE
`AUTHOR-
`IZATION
`DEVICE
`140
`
`
`
`PROCESSING
`UNIT
`
`
`
`165
`
`
`
`PROGRAM
`ROM
`
`162
`
`PROGRAM &
`DATA RAM
`
`163
`
`
`
`
`
`’54
`
`161
`
`KEY ID
`
`KEY SELECTOR
`
`COUNTER
`
`KEY AUTHORIZATION
`COUNTER
`
`USER DATA
`
`USER DATA
`AUTHORIZATION
`
`170
`
`170
`
`’72
`
`173
`
`174
`
`FIG._ 7
`
`FIG._ 8
`
`
`
` PORTABLE
`AUTHORIZATION
`
`DEVICE 1
`
`
`HOST SYSTEM
`
`FIG._ 12
`
`PORTABLE
`
`AUTHORIZATION
`
`DEVICE 2
`
`
`PETITIONERS EX. 1002 Page 6
`
`PETITIONERS Ex. 1002 Page 6
`
`

`

`U.S. Patent
`
`Apr. 18, 2006
`
`Sheet 5 0f 7
`
`US 7,032,240 B1
`
`0 2
`
`11
`
`21A/
`
`CONNECT THE PORTABLE
`DEVICE TO A HOST SYSTEM.
`
`ESTABLISH CONNECTION
`BETWEEN THE INFORMATION
`AUTHORITY AND THE PORTABLE
`
`AUTHORIZATION DEVICE.
`
`2,2
`
`AUTHENTICATE THE INFORMATION
`AUTHORITY AND THE PORTABLE
`AUTHORIZATION DEVICE.
`
`213
`
`VERIFY THAT THE PORTABLE
`AUTHORIZATION DEVICE IS
`AUTHORIZED TO RECEIVE A KEY
`SELECTOR ASSOCIATED WITH THE
`PROTECTED INFORMATION FROM
`THE INFORMATION AUTHORITY
`
`(OPTIONAL).
`
`DETERMINE WHETHER THE KEY
`SELECTOR ALREADY EXISTS IN THE
`PORTABLE AUTHORIZATION DEVICE.
`
`DETERMINE WHETHER THE KEY
`COUNTER. IS GREATER THAN ZERO.
`
`
`
`TRANSMIT THE KEY SELECTOR
`FROM THE INFORMATION
`AUTHORITY TO THE PORTABLE
`AUTHORIZATION DEVICE.
`
`
`
`
`
`214
`
`275
`
`2’6
`
`217
`
`ENCRYPT THE KEY SELECTOR
`IN THE PORTABLE
`AUTHORIZATION DEVICE.
`
`_
`
`218
`
`FIG._9
`
`PETITIONERS EX. 1002 Page 7
`
`PETITIONERS Ex. 1002 Page 7
`
`

`

`U.S. Patent
`
`Apr. 18, 2006
`
`Sheet 6 0f 7
`
`US 7,032,240 B1
`
`{- 220
`
`
`CONNECT THE PORTABLE
`AUTHORIZATION DEVICE TO THE
`
`HOST SYSTEM ASSOCIATED WITH THE
`ITEM OF PROTECTED INFORMATION
`TO BE USED.
`
`
` 221
`
`
`START USE OF ITEM OF PROTECTED
`INFORMATION ASSOCIATED WITH
`THE HOST SYSTEM.
`
`
`
`ENTER PASSWORD FOR THE
`PORTABLE AUTHORIZATION DEVICE
`
`
`AND VERIFY THAT PASSWORD IS
`
`
`CORRECT (OPTIONAL).
`
`
`
`TRANSMIT A CHALLENGE MESSAGE
`FROM THE HOST SYSTEM TO THE
`PORTABLE AUTHORIZATION DEVICE.
`
`222
`
`223
`
`224
`
`GENERATE SECRET KEY
`FROM THE KEY SELECTOR.
`
`225
`
`GENERATE AND TRANSMITA
`RESPONSE MESSAGE BASED ON
`BOTH THE CHALLENGE MESSAGE
`AND THE SECRET KEY TO THE
`
`HOST SYSTEM.
`
`226
`
`VERIFY THAT THE RESPONSE
`MESSAGE IS THE CORRECT RESPONSE
`TO THE CHALLENGE MESSAGE.
`
`227
`
`AUTHORIZE THE HOST SYSTEM '
`TO TRANSMIT OR ACCESS THE
`ITEM OF PROTECTED INFORMATION.
`
`228
`
`FIG._ 10
`
`PETITIONERS EX. 1002 Page 8
`
`PETITIONERS Ex. 1002 Page 8
`
`

`

`U.S. Patent
`
`Apr. 18, 2006
`
`Sheet 7 of 7
`
`US 7,032,240 B1
`
`55m5
`
`HIV
`
`553%Ex3::LFE54/5
`.mokommm----------._...........EmokomdmEx
`
`
`@E\1"HmHmmmmmYE:E.meoww‘wbwm.
`
`
`%WM§mmm.m._.H.-.H.H.H.z:
`..........
`
`mm
`m.
`
`0=2<z>o
`
`
`
`
`
`SE“mOk0m._mm>wv.
`
`
`
`
`wmmm8mmozmdozmHm
`
`E::z..2:
`
`8mm«mam883:.023m925m
`88+8%-.z:
`
`
`
`
`3%88£3E[a888.
`
`
`
`mmww3mm.
`
`2362Kimwmw\s@§:23?Ex9325
`
`
`
`E88%mmm_\fiafiafi
`365mmmmHHHHfififim
`
`
`
`in?SEE<._.<n_mOhomqmm
`
`
`
`ozm._m/ozmjm.2:3.93«fmfl
`
`o__2<z>o
`
`2...GE
`
`PETITIONERS EX. 1002 Page 9
`
`PETITIONERS Ex. 1002 Page 9
`
`
`

`

`US 7,032,240 B1
`
`1
`PORTABLE AUTHORIZATION DEVICE FOR
`AUTHORIZING USE OF PROTECTED
`INFORMATION AND ASSOCIATED
`METHOD
`
`CROSS-REFERENCE TO RELATED
`APPLICATIONS
`
`This application claims priority to provisional Application
`No. 60/169,506, filed Dec. 7, 1999.
`
`10
`
`BACKGROUND OF THE INVENTION
`
`1. Field of the Invention
`
`This invention relates generally to techniques for autho-
`rizing the use of protected information and, in particular, to
`a portable authorization device (commonly known as a
`“dongle”) for authorizing a host system to use protected
`information.
`
`2. Description of the Related Art
`A software “wrapper” is a commonly used technique for
`selectively authorizing the use of protected information
`associated with a host system such as a personal computer
`or a server. The protected information, for example, may
`comprise a software program to be executed, or data to be
`processed, by the host system. The software wrapper permits
`an end-user to access or execute the protected program or
`data only if a predetermined condition is met. The prede-
`termined condition can be, for example, the running of a trial
`period that allows the end-user to evaluate the protected
`program or data or the presentation of the proper authori-
`zation information by the end-user. The authorization infor-
`mation, for example, may be a password manually entered
`by the end-user or digitally encoded data. A discussion of
`software wrappers can be found, for example, in The Sey-
`bold Report on Internet Publishing, December 1997, no. 4,
`vol. 2, p. 3.
`There are several techniques known in the art for deliv-
`ering authorization information to authorize a host system to
`use protected information. In one technique, the authoriza-
`tion information is stored on a portable authorization device
`that is commonly known as a “dongle.” Dongles are small,
`readily transportable electronic devices as described, for
`example, in US. Pat. No. 4,562,306. Dongles are typically
`provided by the software vendor together with the wrapped
`software program they are intended to authorize.
`To enable the software program to run on a particular
`computer,
`the end-user simply connects the dongle to a
`communications port of the computer, such as a parallel port
`or Universal Serial Bus (USB) port. Therefore, the end-user
`can authorize a number of different computers to run the
`program simply by connecting the dongle to whichever
`computer that he or she desires to run the program on at any
`given time.
`However, a disadvantage presented by dongles is that they
`typically store authorization information for only one soft-
`ware program or perhaps for a group of software programs
`from a single vendor. Consequently, because an end-user
`typically might use several software programs from multiple
`vendors at any given time, he or she might have to carry
`around multiple dongles, which could be cumbersome and
`inconvenient.
`
`Another disadvantage is that the authorization informa-
`tion stored in the dongle is typically set by the software
`vendor during manufacture and generally cannot be subse-
`quently updated. As a result, when a software vendor
`provides an end-user with a software upgrade, add-on or
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`
`plug-in, etc. for a protected software program, the vendor
`often also delivers a new dongle to authorize the associated
`software. This is not very cost-effective for software vendors
`because the cost of the dongle itself can be significant in
`relation to the value of the associated software.
`
`In a second technique known in the art, the authorization
`information is stored on a magnetic floppy disk known as a
`“key diskette.” The key diskette may be considered a type of
`information authority, which is a secure and trusted device
`for transmitting and receiving information. The key diskette
`is typically provided by the software vendor with the
`wrapped software program. To authorize the software pro-
`gram to run on a particular computer, the end-user inserts the
`key diskette in the computer to transfer the authorization
`information, typically a secret key, from the key diskette to
`the hard disk drive of the computer. Before the computer
`begins execution of the program,
`the software wrapper
`verifies that the correct key is present on the hard disk drive,
`and if so, allows the computer to execute the program. This
`technique is used in the Pace Anti-Piracy InterLok product,
`which was developed by the applicant of the present inven-
`tion.
`
`An advantage of this technique over dongles is that
`authorization information for many different software pro-
`grams from multiple vendors can be stored on the hard disk
`drive of the computer. Consequently, an end-user who runs
`multiple programs on a computer does not need to keep
`multiple key diskettes on hand to authorize each of the
`programs.
`
`This technique suffers from several shortcomings, how-
`ever. First,
`the authorization information is not readily
`transferable between computers. Typically, the key diskette
`is permitted to transfer the authorization information to only
`a limited number of computers at any given time. Once the
`authorization information is transferred to a particular com-
`puter, the authorization cannot be readily transferred from
`that computer to another computer because it is stored on
`that computer’ s internal hard disk drive. Consequently, if the
`end-user wants to authorize a new computer to run a
`software program but
`the key diskette has run out of
`authorizations,
`the authorization information must be
`removed from one of the computers containing the autho-
`rization information and transferred to the new computeria
`rather cumbersome operation. Therefore, unlike dongles,
`this technique does not allow authorization information to be
`readily transferred between computers. Another disadvan-
`tage of this technique is that floppy disks are gradually being
`phased out of use as data input devices for computers so that
`in the near future computers may not be able to read the key
`diskettes.
`
`A third technique described in US. Pat. No. 5,854,891,
`issued to Postlewaite (“the ’891 patent”) describes a security
`device for enabling selected functions to be performed by or
`within a computer connected to the security device. The
`security device includes a smart card reader for reading data
`from smart cards, which may be considered to be a type of
`information authority. The security device also includes a
`control module having a segmented non-volatile memory
`composed of a plurality of segments. Enabling data from a
`plurality of smart cards is read by the smart card reader and
`entered into the segmented non-volatile memory. Each seg-
`ment of the segmented non-volatile memory creates a virtual
`token essentially duplicating the enabling ability of the
`corresponding smart card. The security device is detachable
`from the computer and thus can be used to enable functions
`on multiple computers.
`
`PETITIONERS EX. 1002 Page 10
`
`PETITIONERS Ex. 1002 Page 10
`
`

`

`US 7,032,240 B1
`
`3
`An advantage of the security device described in the ’891
`patent
`is that
`it
`is relatively inexpensive for a software
`vendor to provide authorization information for software
`updates, add-ons, plug-ins, etc. because the authorization
`information is delivered using smart cards rather than
`dongles. Smart cards are significantly less expensive than
`conventional dongles because they are typically imple-
`mented with simpler hardware.
`However, the security device of the ’891 patent suffers
`from several disadvantages. First,
`the security device
`requires a “segmented” memory to prevent the smart cards
`stored in the memory from interfering with each other and
`possibly corrupting one another’s data. This increases the
`complexity and cost of the security device because it neces-
`sitates that the device implement memory management or
`protection mechanisms in hardware and/or software. Sec-
`ond, the security device apparently is not capable of receiv-
`ing authorization information from multiple types of infor-
`mation authorities. The ’891 patent mentions that
`the
`security device can receive enabling data or authorization
`information from smart cards. However, the patent does not
`disclose or suggest that the device can receive authorization
`information from other types of information authorities,
`such as floppy disks or computer servers. Consequently, it
`appears that the use of the security device as an authorization
`device is limited to those software vendors that support
`smart cards as a data delivery mechanism.
`In view of the shortcomings of the above-described
`techniques, it is an object of the invention to provide an
`authorization device for authorizing the use of protected
`information that can be updated with new authorization
`information and yet is removably couplable to host devices,
`readily portable and relatively inexpensive.
`A second object of the invention is to provide a portable
`authorization device that can receive and store authorization
`
`information from multiple types of information authorities.
`A third object of the invention is to provide a portable
`authorization device that offers a high level of security to
`prevent unauthorized access to the authorization information
`when stored or being transmitted.
`
`SUMMARY OF THE INVENTION
`
`The invention provides an authorization system and asso-
`ciated method for selectively authorizing a host system to
`use one or more items of protected information associated
`with the host system. The authorization system includes a
`portable authorization device that is removably couplable to
`the host system. The portable authorization device is capable
`of receiving and storing multiple items of authorization
`information associated with a plurality of respective items of
`protected information from one or more information authori-
`ties. Preferably, the portable authorization device is capable
`of communicating with multiple types of information
`authorities.
`
`The portable authorization device of the present invention
`selectively authorizes the host system to use the one or more
`respective items of protected information based upon the
`respective authorization information stored therein.
`These and other features of the invention will be better
`
`appreciated from the following detailed description of the
`invention together with the appended drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a diagram of an authorization system for
`selectively authorizing a host system to use a plurality of
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`
`items of protected information in accordance with a pres-
`ently preferred embodiment of the invention, including a
`portable authorization device, a host system and multiple
`types of information authorities.
`FIG. 2 is a flow chart of the operation of the authorization
`system shown in FIG. 1 to authorize the host system.
`FIG. 3 is a diagram of the hardware components of the
`portable authorization device shown in FIG. 1.
`FIG. 4 is a diagram of the functional components
`executed by the portable authorization device shown in FIG.
`3.
`
`FIG. 5 is a diagram of the data stored in the EEPROM of
`the portable authorization device shown in FIG. 3.
`FIG. 6 is a diagram showing the format of the dynamic
`user data stored in the EEPROM of the portable authoriza-
`tion device shown in FIG. 3.
`
`FIG. 7 is a diagram of the hardware components of the
`physical direct information authority shown in FIG. 1.
`FIG. 8 is a diagram of the data stored in the EEPROM of
`the physical direct information authority shown in FIG. 7.
`FIG. 9 is a flow chart showing the details of the key
`exchange process shown in FIG. 2.
`FIG. 10 is a flow chart showing the details of the host
`system authorization process shown in FIG. 2.
`FIG. 11 illustrates an exemplary key blending algorithm
`for blending the dynamic key selectors stored in the
`EEPROM of the portable authorization device.
`FIG. 12 is a diagram showing a key exchange between
`two portable authorization devices in accordance with an
`alternative embodiment of the invention.
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`The invention comprises an authorization system includ-
`ing a portable authorization device and associated method
`for selectively authorizing a host system to use a plurality of
`items of protected information. The following description is
`presented to enable any person skilled in the art to make and
`use the invention, and is provided in the context of a
`particular application and its requirements. Various modifi-
`cations to the preferred embodiment will be readily apparent
`to those skilled in the art, and the generic principles defined
`herein may be applied to other embodiments and applica-
`tions without departing from the spirit and scope of the
`invention. Moreover, in the following description, numerous
`details are set forth for purpose of explanation. However,
`one of ordinary skill
`in the art would realize that
`the
`invention may be practiced without the use of these specific
`details.
`In other
`instances, well-known structures and
`devices are shown in block diagram form in order not to
`obscure the description of the invention with unnecessary
`detail. Thus, the invention is not intended to be limited to the
`embodiment shown, but is to be accorded the widest scope
`consistent with the principles and features disclosed herein.
`FIG. 1 illustrates an authorization system 100 in accor-
`dance with a presently preferred embodiment of the inven-
`tion. The authorization system 100 comprises one or more
`access control programs 117 associated with a host system
`110, a portable authorization device 140, and one or more
`information authorities 160, 180 and 185. The authorization
`system 100 selectively authorizes the host system 110 to use
`a plurality of items of protected information 115 associated
`with the host system, as described in detail below.
`Each of the access control programs 117, which may also
`be referred to as a “software wrapper,” is used to control
`access to one of the respective items of protected informa-
`
`PETITIONERS EX. 1002 Page 11
`
`PETITIONERS Ex. 1002 Page 11
`
`

`

`US 7,032,240 B1
`
`5
`tion 115. The access control program 117 authorizes the host
`system 110 to use the associated item of protected informa-
`tion 115 only if the end-user provides the correct authori-
`zation information to the access control program. The access
`control programs 117, in conjunction with the host system
`110, are also used to control communications between the
`indirect information authorities 180 and 185 and the host
`
`system 110. Each item of protected information 115 and
`respective access control program 117 are typically provided
`by the software vendor as an integrated product for instal-
`lation on the host system 110.
`In a presently preferred embodiment of the invention, the
`items of protected information 115 may each comprise a
`software program or data. The host system 110 in this
`embodiment may comprise a personal computer or a server
`computer connected to a network.
`The portable authorization device 140 of the authorization
`system 100 is a relatively small and simple “dongle-like”
`device that stores one or more items of authorization infor-
`
`mation 171 for authorizing the host system 110 to use the
`respective items of protected information 115. The portable
`authorization device 140 includes a microprocessor or dedi-
`cated logic for performing secure transactions with the host
`system 110 and a memory for storing the authorization
`information 171. Like a conventional dongle, the portable
`authorization device 140 is readily transportable and can be
`used with a number of different host systems 110. To use the
`portable authorization device 140 with a host system 110,
`the end-user may simply connect the device to a communi-
`cations port of the host system, such as a parallel port or
`USB port. Unlike a conventional dongle, however,
`the
`portable authorization device 140 can store multiple items of
`authorization information 171 to authorize the use of respec-
`tive items of protected information 115.
`Furthermore, the portable authorization device 140 can be
`updated with new authorization information 171 from infor-
`mation authorities 160/180/185, as explained below. An
`advantage provided by this feature is that it is relatively
`inexpensive for a software vendor to authorize the use of a
`new version of software. The vendor can update the portable
`authorization device 140 with the new authorization infor-
`
`mation by providing a relatively simple and inexpensive
`information authority, rather than a dongle, to the end-user.
`In a presently preferred embodiment of the invention, the
`authorization information 171 stored in the portable autho-
`rization device 140 comprises one or more dynamic key
`selectors, which are used to derive the secret keys. In other
`embodiments, the authorization information 171 may con-
`sist of one or more secret keys. The portable authorization
`device 140 may be referred to as a “key repository,” as it is
`used to store multiple dynamic key selectors or keys for
`authorization purposes.
`The information authorities 160, 180 and 185 are trusted
`devices for transmitting and receiving information, such as
`messages, from the portable authorization device 140. The
`information authorities 160, 180 and 185 provide respective
`authorization information 171 for transmission to the por-
`table authorization device 140 to authorize the use of the
`
`items of protected information 115. In a presently preferred
`embodiment, the information authorities 160, 180 and 185
`comprise message authorities for transmitting and receiving
`messages from the portable authorization device 140. The
`information authorities 160, 180 and 185 may be used, for
`example, by software vendors as a means to deliver soft-
`ware, upgrades, authorization information, etc. to end-users.
`In a presently preferred embodiment of the invention, the
`authorization information 171 transmitted by the informa-
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`6
`tion authorities 160, 180 and 185 comprises dynamic key
`selectors, which do not themselves authorize the use of the
`protected information 115 on the host system 110, but are
`used to generate the secret keys that perform such authori-
`zation. In other embodiments, however, the authorization
`information 171 may comprise the secret keys themselves.
`In addition to providing authorization information 171,
`the information authorities 160, 180 and 185 may also
`provide user data 173 and other types of data for transmis-
`sion to the portable authorization device 140. The user data
`173 transmitted by the information authorities 160, 180 and
`185 may be used to replace or update the user data stored in
`the portable authorization device 140. Alternatively, for
`example, the user data 173 may comprise data that enables
`specific security options in the portable authorization device
`140.
`
`The authorization system 100 may support multiple types
`of information authorities. The types of information authori-
`ties supported may include a physical direct information
`authority 160, a physical indirect information authority 180
`and a networked indirect information authority 185. The
`multiple types of information authorities 160, 180 and 185
`each communicate with the portable authorization device
`140 in a different manner, as explained below. An advantage
`provided by this feature is that, unlike the security device of
`the ’891 patent, the portable authorization device 140 is
`capable of receiving software, upgrades or authorization
`information from multiple software vendors supporting dif-
`ferent types of information authorities, such as magnetic
`media (e.g., key diskettes), servers connected to the Internet,
`smart cards, etc.
`The access control programs 117 of the host system 110
`may be used to control which of the information authorities
`160, 180 and 185 are permitted to communicate with the
`portable authorization device 140. The access control pro-
`grams 117 may also be used to control the order in which the
`information authorities are to be accessed by the portable
`authorization device. The access control programs 117 can
`be configured with this information by the software vendor
`prior to delivery of the respective items of protected infor-
`mation 115 to the user.
`
`information authority 160 can be a
`A physical direct
`relatively small, simple and transportable device that stores
`authorization information 171 and other data associated with
`
`one or more items of protected information 115 for trans-
`mission to the portable authorization device 140. The direct
`information authority 160 is “direct” in that it communicates
`directly with the portable authorization device 140 rather
`than through some intermediary device. The physical direct
`information authority 160 interfaces with the portable autho-
`rization device 140 by being placed either in direct contact
`with, or in close physical proximity to, the authorization
`device. The physical direct
`information authority 160
`includes a microprocessor or dedicated logic for performing
`secure transactions with the portable authorization device
`140 and a memory for storing the authorization information
`171 and other data.
`
`Unlike a conventional dongle or smart card, the physical
`direct information authority 160 is not required to perform
`or support the authorization process itself, but merely can
`provide an item of authorization information used to per-
`form the authorization. As a result,
`the physical direct
`information authority 160 can have more modest hardware
`and software requirements than either a dongle or a smart
`card, and can be smaller and less expensive. Examples of
`physical direct information authorities 160 include smart
`
`PETITIONERS EX. 1002 Page 12
`
`PETITIONERS Ex. 1002 Page 12
`
`

`

`US 7,032,240 B1
`
`7
`cards as well as devices with more rudimentary processing
`and storage capabilities than smart cards.
`The physical direct information authority 160 is typically
`supplied to the end-user by the vendor of the item of
`protected information 115 together with the protected infor-
`mation. The physical direct information authority 160 may
`be referred to as a “license chip,” as it in effect confers a
`license to use the item of protected information 115.
`The physical indirect information authority 180 and the
`networked indirect information authority 185 are devices
`that communicate with the portable authorization device 140
`through the host system 110, and are thus “indirect.” The
`access control programs 117 of the host system 110 control
`which one of the indirect information authorities 180 or 185
`
`communicates with the portable authorization device 140 at
`any given time. The access control programs 117 also
`provide the communication protocol for communications
`between the indirect information authorities 180 and 185
`
`and the host system 110.
`The physical indirect information authority 180 can be a
`physical medium that stores authorization information 171
`and other data associated with one or more items of pro-
`tected information 115. In a preferred embodiment of the
`invention, the physical indirect information authority 180 is
`a magnetic medium, such as the “key diskette” described
`above, that is inserted into a floppy di