`
`alicia Be
`
`
`
`
`
`
`
`
`Noted byyentior
`
`
`i::;::i:i::i::: x
`
`SPR RES
` "y a ss = & &
`PSS ANE
`
` es
`Alar aay Taaiiot Sivas :
`SERVOWANNARATANSEIWAMNHNNINRIEUAERAREVADTRANSAYWAYVSIVSSSSSISINNSSNISSANWSRSSNSSSNSSSAASRSNSRSASSSWRT
`
`[PSASSAEIAREEANNEEIARETN
`.
`2
`alka
`.
`5
`ae :
`5
`.
`=
`ange eye! ot
`ost exbasissos]
`St
`See ees
`Py
`z
`
`BRASRNR
`SMEAR SSAC RAS
`BART HS
`SEER ASS GRY
`$
`
`BeveeeeeeeennniecerastVRSRVRPREAARNAAWDABENTDNBANNANHASENTAASABINERDASSNSASSRNANANSIARRAS
`zSgz
`ARIETESTATEASAASTASSMSTAATA
`=
`==s2
`
`
`
`
`
`zz
`
`
`
`
` Say oe
`
`
`x
`
`
`
`
`
`
`
`
`
`Seenins Oo otaee
`ps
`SET SAE
`aE
`se
`
`
`
`
`
`
`
`
`
`ypeensnsensreensneensneensneansneensnengpecensncunsncunsneursnctnsncunsncersnetrsnetrsaetnsgetéit
`Libbitdbbdetdbdeedbhecdiderdittrnyinstrenthreree.
`
`
`
`
`
`
`
`RPOETOORLESERESEREDIEE,
`
`POMCECEEETtEAPOEEDADLentCEsseAEIEETD
`
`
`
`LenteatPPLAERESERPLSEROLDEEPLNEEDLAERbLAEEPLDEESEDSOLEEERELED,
`
` Hananangtninane:
`PRR OUR E Orr enn an aAateEe yang tenga SeeeT
`
`3
`tit
`geting
`
`at SEAS
`fed
`Sanahaeea teeheeaba
`
`
`¢fz
`
`
`
` Sr yah na OES NSN EVES TAN eaeeset eae an aed
`
`
`
`+
`IEE I OE nn aE SEE SSIES EE CET REETW SANTIS SETS TER IE ENE NRna RS EOSeCRNEEe
`
`
`
`ig
`:
`(Sige
`i
`PEEaNeeYSRRRERNEWNESVWWVSSWNSEAASNNNNAPAASRNNAASNNN
`
`
`
`peat
`phd.
`
`
`
`ee Sy Seseey.
`:
`PAS
`
`4
` =
`
`
`
`
`
`LAS
`
`pea
`
`y
`
`
`
`
`
` Ay Leek
`Aesnecrssaetbaceres
`ord
`2
`_ REM
`,
`
`SANNAENANEISESABAASAENAISABINIOMABINRNABINMSRSRIBINTMNSAIATRINRIATANTNNONADNANADNANWAM RTAAfABB
`
`aaied nA
`
`sanaeaNeeMPPPPVPAA
`EOAAELAAIELS Seraversae
`
` aADEBATAANARRSSAIAAAAAAAPANAAAASAADAAARA
`
`
`
`
`
`2 es 4 at Eyesnat ath ota
`
`seventh outRT,
`Shs Sey AN
`
`
`
` vent 8
`
`
`
`SEES
`
`
`APPLE EXHIBIT1102, Page 1 of 1048
`
`APPLE EXHIBIT 1102, Page 1 of 1048
`
`

`

`SNA
`
`:
`
`ASANAA
`
`AA
`
`WASRARKAAAAASANAN
`
`SAARNA
`
`Z3Z3
`
`NAANBANWISNAARAISRSAAtantbainannemnen
`=
`
`NADLEAPARRARTARTARENAMERNASE
`
`See SNESET NSEaS wv
`
`neVRAEATWVE OSSWESMgdEE
`
`itiiititii+izt
`
`:t
`
`S
`
`SeeeeeSESEREEEEERESSERNESEEEEISAEIEASTESRESETTTEESEEVEEAENYEETESRSEEVIEIVEHERETENAEESEEERRAHEYATEAESSAHAAAA
`
`Ceree
`
`SnAaLE REVELaLSLAALY AaanoRE8 OREN
`
`BORGCEBITEEEREEE
`
`AaREELTEREERISEETIEEILELSTEELSSLEEPEDPIEEIS
`
`
`
`
`PnAMAMDAAADAOACOALPATNEEEAAEEEELELEELEEELSESAAEPsaiSilat
`
`
`
`PUPECEIIIIAALEEEEOHESLOEEEPEELTESLPTEEIPESELSTOtag
`
`NANNERLAVRSRIRANASEORENNIAMSERNEARNRESSEANARRASIANRSCENWISNWINKMNSWRNWLWASARERRAD
`al
`/-
`
`
`
`
`
`stneh a”Da SNAPNEAROS$»oeRVeREINEWWENNETNIESRIIWANREMERON2AMRYMNERNIEIVANTANMRRITERDNe
`
`
`
`
`
`Johoneennnemananns
`
`
`
`
`
`
`
`ieSih
`
`SAReentenneenENT,
`
`AAAALAAULey
`
`RANEY
`
`AARAWASaAARA A
`
`ts&
`ye
`
`ee bet
`eek
`
`phate 8,
`ingest
`
`aAs
`
`fain
`
`os
`
`Anny
`
`3
`fy Manas 2
`
`APPLE EXHIBIT1102, Page 2 of 1048
`
`APPLE EXHIBIT 1102, Page 2 of 1048
`
`
`
`
`
`
`
`
`
`
`
`
`
`

`

`ageURNSVSSSthhtthhveSRLWLAEEREABABAAISNESESSLSSARAAERARNASSAL
`=2
`?=
`
`
`
`
`
`
`
`
`
`POOLEEAEELEEECOLETEOLECEEEETEOLEEEEEESEORELEEEESEOLLLSALEEOSEESSDEESSEETILLEDCEGETCEETRECOTCOOTTOETEROOTECCTEDTEROEIOLLTEIEEDEOOOIVEE,
`
`SERREHOHvetURACAINTIANSNNSAINEMNNRARNBTNSWNTNAIASLRShhAANENWRINNENNSA
`
`ey
`oa
`SAAMISIMALSAARAAinsiterssnesitisinieraANAAN
`AORTATLICTUAENARNAANERTEAASATSIAILAAAVESWSSYKSERS
`PEEMEAaaateaisoeahaasatsaneAnNANaN
`IRANNWAAAAAIaehotananiwantnatantentRDASADRRMNMANAAARIIRRAIIASATESASANSSW5SPSYTVIMSLTEASEAARANAehARR
`
`
`
`
`
`
`
`{
`
`i
`
`t
`
`5
`
`£
`
`ii::ijie
`
`gi
`
`zéé
`
`
`
`
`
`iii:iiiii:i
`
`5
`
`
`
`wate eane en nee eng
`
`x=
`aN
`\FEE
`
`e.
`
`tS
`
`i£i
`
`ii:i::fiiiii
`
`3
`
`
`
`
`
`
`
`YpeecedscevesdecedseddiserdidebidersébeediseddidddecbtcdeetsedtiiiitanisbinAgetiitféépiestLaapmaasessiipbierinpiseenironeinnntiineriveateseee
`
`PMEnay
`
`
`
`
`
`APPLE EXHIBIT1102, Page 3 of 1048
`
`APPLE EXHIBIT 1102, Page 3 of 1048
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`

`

`x:::::
`
`re
`ANSreeannARANNACAANSANNESENAAWRRAAVAonacennnennnn annATNANNIESNANAVLE
`*
`
`it5iitiitiiéiiii£;i£
`
`
`
`4tiigiitZzt£tttisit5i
`
`5
`
`3:?2£3is3is3i
`
`3
`
`3
`
`PEERRRHEED GALESSENETee
`
`Yercerercereecers
`
`ii}i:::
`
`i
`
`;i
`
`j;3i;:FOEOEREECLUEEECOLELOUEEESERSLISESIIGSSLELSSIOSAETEEEPCtdenBbtEPEOOLEDEOLEDOELEDEEDEOOOLEOOEEEOELTEDOULUEDLDLECALLEDLSEEADESALINALDIASAEYSDTIAE
`
`
`
`
`
`
`
`
`SETS NERS RENSERS Danaea ree tee
`
`os
`oO}ARRASSYRR
`ARSCWSRSENNABNEERANNDEDENSAWALAtttenet
`oh
`x
`30
`gSNI
`
`WAR
`
`wp.
`eee
`
`ree
`eaewe
`
`Be
`ae
`
`Pe
`
`Sheng
`PETS
`
`Shyer
`Stent
`TANpagy
`FRNAUAE
`CaS Sates
`
`SAAR SERREARERRVbENENS GENESEE deve nae ee
`ee
`y
`unin
`s
`ax
`
`APPLE EXHIBIT1102, Page 4 of 1048
`
`APPLE EXHIBIT 1102, Page 4 of 1048
`
`
`
`
`
`
`
`
`
`
`
`
`

`

`REMOTE UPDATE OF COMPUTERS BASED ON PHYSICAL DEVICE
`
`RECOGNITION
`
`[0001]
`
`This application claims priority to U.S. Provisional Application No. 61/220,092 which
`
`was filed June 24, 2009 and whichis fully incorporated herein by reference.
`
`Field of the Invention
`
`BACKGROUND
`
`(O002]
`
`The present invention relates to computers and, in particular, to methods, apparatus
`
`and systems
`
`for maintaining appropriate
`
`configuration updates
`
`to
`
`software/hardware
`
`configuration through the use of physical device recognition to tailor configuration updates.
`
`Description of the Related Art
`
`[0003] Monitoring changes and updates to the plurality of computer programs resident on a
`
`client device is a difficult task for the typical user to consistently perform.
`
`In addition, the latest
`
`update from a vendor may not be appropriate considering the hardware,
`
`software or
`
`physical/geo-location of the client device. Thus, there is a need in the art for a tool that will
`
`automate the program configuration update process and optimize the suggested updated program
`
`configuration to match the environmentofthe client device.
`
`[0004] The present invention is directed toward a system, method and apparatus for remote
`
`updating of the configuration of a computer. One embodiment of the invention is system for
`
`remote updating a computer configuration, comprising: a client device configured to load a
`
`computer program to perform a remote update; a processor, at the client device, configured to
`
`perform physical device recognition on the client device to determine machine parameters,
`
`wherein unique device identifiers are generated forthe client device, at least in part, based on the
`
`determined machine parameters; a transceiver configured to send the unique device identifiers to
`
`at least one of an auditing server and an update server via Internet; an update server configured
`
`to collect the unique device identifiers from at least one client device; a processor, at the update
`
`server, configured to analyzed the unique identifiers at the update server, wherein the analyzed
`
`unique identifiers determine an updated program configuration; and a transceiver, at the update
`
`server, configured to deliver the updated program configuration to the client device via Internet.
`
`APPLE EXHIBIT1102, Page 5 of 1048
`
`APPLE EXHIBIT 1102, Page 5 of 1048
`
`

`

`[0005]
`
`In accordance with one aspect of the embodiments described herein, there is provided
`
`an apparatus for remote update of a program, comprising: means for loading a client device with
`
`a computer program configured to perform a remote update; means for performing physical
`
`device recognition on the client device to determine machine parameters; means for generating
`
`unique device identifier based at least in part on the determined machine parameters; means for
`
`sending the unique device identifier to at least one of an auditing server and an update server;
`
`and means for receiving an updated program configuration from the update server,
`
`[0006]
`
`In accordance with another aspect of the embodiments described herein,
`
`there is
`
`provided a method for remote update of a program, comprising: collecting unique identifiers
`
`from at least one of an audit server and client device at an update server; analyzing the unique
`
`identifiers; determining an updated program configuration for the client device from the
`
`analyzed unique identifiers; and delivering the updated program configuration to the client.
`
`[0007]
`
`In accordance with another aspect of the embodiments described herein,
`
`there is
`
`provided a tangible computer readable medium having stored thereon, computer-executable
`
`instructions that, if executed by a computing device, cause the computing device to perform a
`
`method comprising:
`
`loading a client device with a computer program configured to perform a
`
`remote update; performing physical device recognition on the client device to determine
`
`machine parameters; generating unique device identifier based at least in part on the determined
`
`machine parameters; sending the unique device identifier to at least one of an auditing server and
`
`an update server; and receiving an updated program configuration from the update server.
`
`[0008]
`
`In accordance with another aspect of the embodiments described herein,
`
`there is
`
`provided an apparatus for remote updating of a program, comprising: means for collecting
`
`unique identifiers from at least one of an audit server and client device; means for analyzing the
`
`unique identifiers; means for determining an updated program configuration for the client device
`
`from the analyzed unique identifiers; and means
`
`for delivering the updated program
`
`configuration to the client.
`
`(0009]
`
`In accordance with another aspect of the embodiments described herein,
`
`there is
`
`provided a tangible computer readable medium having stored thereon, computer-executable
`
`instructions that, if executed by a computing device, cause the computing device to perform a
`
`method comprising: collecting unique identifiers from at least one of an audit server and client
`
`APPLE EXHIBIT1102, Page 6 of 1048
`
`APPLE EXHIBIT 1102, Page 6 of 1048
`
`

`

`device; analyzing the unique identifiers; determining an updated program configuration for the
`
`chent device from the analyzed unique identifiers; and delivering the updated program
`
`configuration to the client,
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`(0010)
`
`FIG. 1 is a schematic diagram of a system for remote updating of a client device by an
`
`update server in accordance with an embodiment of the invention.
`
`(0011)
`
`FIG. 2 is a flow diagram of a method for remote updating of a client device in
`
`accordance with an embodimentof the invention implemented on the client device.
`
`(0012]
`
`FIG. 3 is a block diagram of an apparatus according to the invention that may be
`
`configured as a client device, or as a processoror similar device for use within a client device.
`
`(0013]
`
`FIG. 4 is a flow diagram of a method for remote updating of a client device in
`
`accordance with an embodimentof the invention implemented on the update server.
`
`[0014]
`
`FIG. 5 is a block diagram of an apparatus according to the invention that may be
`
`configured as an update server, or as a processor or similar device for use within an update
`
`server,
`
`[0015]
`
`FIG. 61s a block diagram of memoryallocation for a unique device identifier used in
`
`the various exemplary embodiments of the invention.
`
`DETAILED DESCRIPTION
`
`[0016]
`
`In accordance with the present technology, there is provided a system, method and
`
`apparatus for the remote update of computer software licenses through the use of physical device
`
`recognition.
`
`In particular, FIG.
`
`1 shows an exemplary schematic diagram for a system for
`
`remote updating of at least one client device 100 by an update server 120 in accordance with an
`
`exemplary embodiment of the invention.
`
`In particular, FIG. 1, shows an exemplary system
`
`having at least one computing/network client device 100 that is in operative communication via
`
`the Internet 102 with an audit server 110 and an update server 120. While only one client device
`
`100 is illustrated in FIG. 1, it will be understood that a given system may comprise any number
`
`of client devices and use any numberof apparatuses and methods of the invention as described
`
`herein. Further details regarding the system of PIG. | are provided below.
`
`APPLE EXHIBIT1102, Page 7 of 1048
`
`APPLE EXHIBIT 1102, Page 7 of 1048
`
`

`

`[0017]
`
`FIG. 2 provides an exemplary flow diagram of a method for remotely updating a client
`
`device.
`
`In particular,
`
`in step 210 of FIG. 2, the loading of at least one client device with a
`
`computer program for remote updating is performed. Physical device recognition of at least one
`
`of a software, hardware and geo-location environment of the client device is performed to
`
`determine machine parameters in step 220.
`
`Step 230 involves generating unique device
`
`identifiers, at
`
`least
`
`in part, from the determined machine parameters.
`
`The unique device
`
`identifiers are sent to at least one of an audit server 110 and an update server 120, as shown in
`
`PIG, 1, in step 240.
`
`In step 250, the client device 100 receives an updated program configuration
`
`from the update server 120, as shown in FIG. 1.
`
`[0018]
`
`FIG. 3 illustrates an exemplary apparatus that may be configured as a client device,
`
`comprising: a transceiver 304, a processor 306 and a memory 308; or as a processor 306; or as a
`
`similar device for use within a client device 100, as shown in FIG. 1, which provides the means
`
`for implementing the method, as disclosed in FIG. 2, on the client device 100.
`
`In particular,
`
`apparatus 300 may comprise means for loading 320 a client device with a computer program for
`
`performing a remote update.
`
`In addition, the apparatus 300 may comprise means for performing
`
`320 physical device recognition of one or more machine parameters of the client device. The
`
`machine parameters may comprise a combination ofat least one user-configurable parameter and
`
`at least one non-user-configurable parameterof the client device. Further, the apparatus 300 may
`
`comprise a means for generating 340 a device identifier for the device based at least in part on
`
`the collected one or more machine parameters. Furthermore, apparatus 300 may comprise means
`
`for sending unique identifiers to at least one of an audit server and an update server. Moreover,
`
`apparatus 300 may comprise means for receiving 360 an updated program configuration from the
`
`update server.
`
`[0019]
`
`In addition, apparatus 300 may further comprise a means for determining the geo-
`
`location code for the device and for associating the geo-location code with a unique device
`
`identifier; and a software identifier to generate an audit number. The geo-location code may
`
`comprise, but is not limited to an Internet protocol (IP) address,
`
`[0020]
`
`The apparatus 300 may further comprise a means for generating a device identifier by
`
`implementing or executing at
`
`least one irreversible transformation such that
`
`the machine
`
`APPLE EXHIBIT1102, Page 8 of 1048
`
`APPLE EXHIBIT 1102, Page 8 of 1048
`
`

`

`parameters cannot be derived from the device identifier. Additionally, at
`
`least one of the
`
`irreversible transformations may comprise, but is not limited to a cryptographic hash function.
`
`[0021]
`
`It is noted that apparatus 300 may optionally include a processor module 306 having at
`
`least one processor, in the case of apparatus 300 configured as computing device, rather than as a
`
`processor. Processor module 306, in such case, may be in operative communication with means
`
`for determining the geo-lacation code; means for generating a device identifier by implementing
`
`or executing at least one irreversible transformation and components thereof, via a bus 302 or
`
`similar communication coupling. Processor 306 may effect initiation and scheduling of the
`
`processes or functions performed by means for generating a device identifier by implementing or
`
`executing at least one irreversible transformation, and components thereof.
`
`[0022]
`
`In related aspects, apparatus 300 may include a
`
`transceiver module 304 for
`
`communicating with means for generating a device identifier by implementing or executing at
`
`least one irreversible transformation, and components thereof. A stand alone receiver and/or
`
`stand alone transmitter may be used in lieu of or in conjunction with the transceiver 304,
`
`[0023]
`
`In addition, apparatus 300 may optionally include a meansfor storing information, such
`
`as, for example, a computer readable medium or memory device/module 308. Further,
`
`the
`
`memory device/module 308 may be operatively coupled to the other components of apparatus
`
`300 via bus 302 or the like. The computer readable medium or memory device 308 may be
`
`adapted to store computer readable instructions and data for effecting the methods of FIG, 2;
`
`and, as shown in FIG, 3, the processes and behavior of means 320-360; means for determining
`
`the geo-location code; means for generating a device identifier by implementing or executing at
`
`least one irreversible, and components thereof; or processor 306 (in the case of apparatus 300
`
`being configured as a computing device) or the methods disclosed herein.
`
`[0024]
`
`In yet further related aspects,
`
`the memory module 308 may optionally include
`
`executable code for the processor module 304 configured to: (a) determine machine parameters
`
`of a client
`
`device, the machine parameters comprising a combination of at least one user-
`
`configurable parameter and at
`
`least one non-user-configurable parameter of the device; (b)
`
`generate a device identifier for the device based, at least in part, on the machine parameters; and
`
`(c) determine whether an Intemet connection is available for the client device. One or more of
`
`APPLE EXHIBIT1102, Page 9 of 1048
`
`APPLE EXHIBIT 1102, Page 9 of 1048
`
`

`

`steps (a)-(c) may be performed by a processor modulein lieu of or in conjunction with the means
`
`described above.
`
`[0025]
`
`FIG. 4 shows an exemplary flow diagram of a method for remote updating of a client
`
`device in accordance with an embodimentof the invention on the update server 120, as shown in
`
`FIG.
`
`|.
`
`In particular, in step 410 the unique identifiers are collected by update server 120 from
`
`at least one of the audit server 110 and the client device 100, as shown FIG. 1. The unique
`
`identifiers are then analyzed on the update serverin step 420. Step 430 involves determining an
`
`updated program configuration for the client device from the analysis of the unique identifiers.
`
`The updated program configuration is delivered to the client device in step 440.
`
`[0026]
`
`FIG. 5 shows an exemplary apparatus that may be configured as either an update
`
`server, OF as a processor or similar device for use within the update server.
`
`an exemplary
`
`apparatus diagram that may be configured as an update server comprising: a transceiver 504, a
`
`processor 506 and a memory 508; or as a processor 506; or as a similar device for use within an
`
`update server 120, as shown tn FIG.
`
`|, which provides the means for implementing the method,
`
`as disclosed in FIG, 4, on the update server 120, as disclosed in FIG, 1,
`
`In particular, apparatus
`
`500 may comprise means for collecting 520 unique identifiers from at least one of an audit server
`
`and at least one client device with a computer program for performing a remote update.
`
`In
`
`addition, the apparatus 300 may comprise means for analyzing 530 the unique identifiers that are
`
`determined, at least in part, from the machine parameter, The machine parameters may comprise
`
`a combination of at least one user-configurable parameter and at least one non-user-configurable
`
`parameter of the client device.
`
`Further,
`
`the apparatus 500 may comprise a means for
`
`determining 540 an updated program configuration for the device based, at least in part, on the
`
`collected one or more machine parameters, Furthermore, apparatus 500 may comprise means for
`
`delivering the updated program configuration for the client device 100 from the update server
`
`120, as shownin FIG. |.
`
`[0027]
`
`It is noted that apparatus 500 may optionally include a processor module 506 having at
`
`least one processor, in the case of apparatus 500 configured as a computing device, rather than as
`
`a processor.
`
`In related aspects, apparatus 500 may include a transceiver module 504 for
`
`communicating with means for generating a device identifier by implementing or executing at
`
`APPLE EXHIBIT 1102, Page 10 of 1048
`
`APPLE EXHIBIT 1102, Page 10 of 1048
`
`

`

`least one irreversible transformation, and components thereof. A stand alone receiver and/or
`
`stand alone transmitter may be used in lieu of or in conjunction with the transceiver 504,
`
`[0028]
`
`In addition, apparatus 500 may optionally include a means for storing information, such
`
`as, for example, a computer readable medium or memory device/module 508. Further,
`
`the
`
`memory device/module 508 may be operatively coupled to the other components of apparatus
`
`900 via bus 302 or the like. The computer readable medium or memory device 508 may be
`
`adapted to store computer readable instructions and data for effecting the methods of FIG, 4;
`
`and, as shownin FIG. 5, the processes and behavior of means 520-550, and components thereof;
`
`or processor 506 (in the case of apparatus 300 being configured as a computing device).
`
`[0029]
`
`In yet further related aspects,
`
`the memory module 508 may optionally include
`
`executable code for the processor module 504 configured to: (a) collect unique identifiers from at
`
`least one of an audit server and client device; (b) analyze the collected unique identifiers; (c)
`
`determine an updated program configuration for the client device; and (d) deliver the updated
`
`program configuration to the client device(s). One or more of steps (a)-(d) may be performed by
`
`a processor module in lieu of or in conjunction with the means described above.
`
`[0030]
`
`FIG. 6, discloses, for one or more embodiments described herein, an exemplary format
`
`for a unique device identifier 600, which may further include two components: (1) a variable key
`
`portion; and (2) a system key portion. The variable key portion may be generated at the time of
`
`registration of client device 100 by reference to a variable platform parameter, such as, but not
`
`limited to: a reference to system time information, location and/or other parameters that are
`
`variable in nature may be utilized in other embodiments. The system key portion may include
`
`the above described parameters expected to be unique to the client device 100, that are for
`
`example, but not limited to: hard disk volume name, user name, computer name, user password,
`
`hard disk initialization date, or combinations thereof. The variable key portion and/or system
`
`key portion may be combined with the IP address and/or other platform parameters of the client
`
`device 100.
`
`It 1s noted that unique device identifiers, or portions thereof, may be encrypted to
`
`add an additional layer of specificity and security.
`
`[0031] With respect
`
`to the system, method and apparatus of the invention,
`
`the following
`
`paragraphs provide additional detail regarding the implementation of each of the embodiments
`
`discussed above.
`
`APPLE EXHIBIT 1102, Page 11 of 1048
`
`APPLE EXHIBIT 1102, Page 11 of 1048
`
`

`

`(0032]
`
`The machine parameters may further include, but are not limited to: user account
`
`information, program information (e.g., serial number);
`
`location of a user within a given
`
`application program, and features of the software/hardware the useris entitled to use. As shown
`
`in FIG. 1, block 107,
`
`the updated program configuration delivered to the client device may
`
`include, but is not limited to: binary, executables, paths, dlls, miss orassets.
`
`[0033]
`
`The client device 100 may be, but is not limited to, a personal computer, a server
`
`computer, a laptop computer, a tablet computer, a personal digital assistant, a mobile phone, a
`
`wireless communication device, an onboard vehicle computer, a game console, or any other
`
`machine/device capable of communication with a computer network, such as but not limited to
`
`the Internet.
`
`In related aspects, in wireless communications, Over The Air (OTA) Push orthe
`
`like may be implemented to download onto or upgrade (e.g., configuration/settings, etc.) client
`
`network devices. OTA Push involves the use of wireless phone numbers (MS-ISDN) rather than
`
`IP.
`
`[0034]
`
`The client device 100 may comprise software (e.g., an operating system or other
`
`applications) that requires a license to be authorized for use, The client device 100 may further
`
`comprise an auditing tool or application. The auditing application may be any program or
`
`application that collects identifying information regarding the client device 100 and/or software
`
`on the client device 100. The auditing application may comprise a stand alone application or an
`
`applet running within a web browser on the client device [00 (e.g, an applet comprising
`
`executable code for a Java Virtual Machine).
`
`[0035]
`
`The auditing application may be embedded in or associated with another software
`
`application, including, but not limited to software. For example, the auditing application may be
`
`embeddedin or associated with a tool bar of a software application, for example, but not limited
`
`to a web browser. The auditing application may prompt the user to register with an online
`
`software registration service, or may run in the background with little or no interaction with the
`
`userof the client device 100.
`
`[0036]
`
`The auditing application may include a registration routine that collects information
`
`regarding client device 100 by checking a numberof parameters which are expected to be unique
`
`to the client device environment. The parameters checked may include, but are not limited to:
`
`hard disk volume name, user name, device name, user password, hard disk initialization date, etc.
`
`APPLE EXHIBIT 1102, Page 12 of 1048
`
`APPLE EXHIBIT 1102, Page 12 of 1048
`
`

`

`The collected information may include, but is not limited to:
`
`information that identifies the
`
`hardware comprising the platform on which the web browser runs, such as, CPU number, or
`
`other unique parameters associated with the firmware in use. The system information may
`
`further include, but is not limited to: system configuration information, amount of memory, type
`
`of processor, software or operating system serial number,etc.
`
`[0037]
`
`In the alternative, or in addition,
`
`the parameters checked may include, but are not
`
`limited to virtual machine specifications, Examples of virtual machine specifications may
`
`include, but are not limited to: information relating to virtual processors, virtual BIOS, virtual
`
`memory, virtual graphics, virtual IDE drives, virtual SCSI devices, virtual PCI slots, virtual
`
`floppy drives, virtual serial (COM) ports, virtual parallel (LPT) ports, virtual keyboard, virtual
`
`mouse and drawing tablets, virtual Ethernet card, virtual networking, virtual sound adapter,etc,
`
`[0038] Based on the collected information, the auditing application may generate a device
`
`identifier that 1s unique for the client device 100.
`
`In the alternative, or in addition, the auditing
`
`application may gather and send the device parameters to a remote server, such as audit server
`
`110, which in turn generates the device identifier. The device identifier may be stored in a
`
`hidden directory of the client device 100 and/or at a remote location, such as the audit server
`
`110. The device identifier may incorporate the device’s IP address and/or other geo-location
`
`code (e.g., GPS data, cell site triangulation data, or the like, or combinations thereof) to add
`
`anotherlayer of specificity to client device’s unique identifier.
`
`[0039] An application (e.g., auditing application) running on the client device 100 or otherwise
`
`having access to the hardware and file system of the client device 100 may generate a device
`
`identifier (e.g., a unique device identifier) using a process that operates on data indicative of the
`
`configuration and hardware of the client device 100. The device identifier may be generated
`
`using a combination of user-configurable and non-user-configurable machine parameters as input
`
`to a process that results in the device identifier, which may be expressed in digital data as a
`
`binary number.
`
`[0040]
`
`Each machine parameter is data determined by a hardware component, software
`
`component, or data component specific to the client device 100. Machine parameters may be
`
`selected based on the target device system configuration such that the resulting device identifier
`
`APPLE EXHIBIT 1102, Page 13 of 1048
`
`APPLE EXHIBIT 1102, Page 13 of 1048
`
`

`

`has a very high probability (e.g., greater than 99.999) of being a unique identifier of the client
`
`device 100.
`
`(0041]
`
`In addition,
`
`the machine parameters may be selected such that the device identifier
`
`includes at least a stable unique portion up to and including the entire identifier that has a very
`
`high probability of remaining unchanged during normal operation of the client device 100. As a
`
`result, the device identifier should be highly specific, unique, reproducible and stable as a result
`
`of properly selecting the machine parameters.
`
`[0042]
`
`The application for generating the unique device identifier may also operate on the
`
`collected parameters with one or more algorithms to generate the device identifier. This process
`
`may include at least one irreversible transformation, such as, but not limited to a cryptographic
`
`hash function. As a result, the input machine parameters cannot be derived from the resulting
`
`device identifier. Thus, each device identifier, to a very high degree of certainty, cannot be
`
`generated except by the suitably configured application operating or otherwise having had access
`
`to the same client device for which the device identifier was first generated. Conversely, each
`
`device identifier, again to a very high degree ofcertainty, can be successfully reproduced by the
`
`suitably configured application operating or otherwise having access to the same client device
`
`100 on which the device identifier was first generated.
`
`[0043]
`
`The auditing application may operate by performing a system scan to determine a
`
`present configuration of the client device, The auditing application may then select the machine
`
`parameters to be used as input for generating the unique device identifier.
`
`Selection of
`
`parameters may vary depending on the system configuration. Once the parameters are selected,
`
`the application may generate the device identifier.
`
`[0044]
`
`Further, generating the device identifier may also be described as generating a device
`
`fingerprint and may entail the sampling of physical, non-user configurable properties as well as a
`
`variety of additional parameters such as uniquely generated hashes and time sensitive values.
`
`During a standard operating lifetime,
`
`the process of passing electricity through the various
`
`switches causes a computer chip to degrade. These degradations manifest as gradually slower
`
`speeds that extend the processing time required to compute various benchmarking algorithms.
`
`Physical device parameters available for sampling may include, but are not limited to: unique
`
`manufacturer characteristics, carbon and silicone degradation and small device failures.
`
`10
`
`APPLE EXHIBIT 1102, Page 14 of 1048
`
`APPLE EXHIBIT 1102, Page 14 of 1048
`
`

`

`[0045]
`
`The process of measuring carbon and silicone degradation may be accomplished by
`
`measuring a chip's ability to process complex mathematical computations, and tts ability to
`
`respond to intensive time variable computations. These processes measure how fast electricity
`
`travels through the carbon. Using variable offsets to compensate for factors such as, but not
`
`limited to: heat and additional stresses placed on a chip during the sampling process. This
`
`approach allows for each and every benchmark to reproduce the expected values.
`
`(0046]
`
`In addition to the chip benchmarking and degradation measurements, the process for
`
`generating a device
`
`identifier may include measuring physical, non-user-configurable
`
`characteristics of disk drives and solid state memory devices. Each data storage device has a
`
`large variety of damage and unusable data sectors that are nearly unique to each physical unit.
`
`The ability to measure and compare values for damaged sectors and data storage failures
`
`provides a method foridentifying storage devices.
`
`[0047] Device parameter sampling, damage measurement and chip benchmarking makeup just
`
`a part of device fingerprinting technologies described herein. These tools may be further
`
`extended by the use of complex encryption algorithms to convolute the device identifier values
`
`during transmission and comparisons. Such encryption processes may be used in conjunction
`
`with random sampling and key generations.
`
`[0048]
`
`The device identifier may be generated by utilizing machine parameters associated
`
`with, but not limited to, one or more of the following: machine model; machine serial number;
`
`machine copyright; machine ROM version; machine bus speed; machine details; machine
`
`manufacturer; machine ROM release date; machine ROM size; machine UUID; and machine
`
`service tag. Further, the device identifier may also be generated by utiliz