`
`=a== a
`._J- ——_’. g1
`,::3§EEE
`“~- g; ;
`: :__——— U)
`d =: '
`'"Hu::::’v
`.— ,_;
`if: E;
`555
`
`I
`
`Ii
`
`ATTORNEYS AT LAW
`
`VEWHEEBAEUE&IKNMMMD&IIVHETTLUI
`Including professional corporations
`$312211??? Yer;gvgnue,—N.W., Suite 300 East
`gon,
`.
`. 0005 3955
`(202) 414-4000, Fax (202) 414—4040
`,
`Telex 64267
`www.venab1e.com
`
`October 1, 1998
`
`OFFICESIN
`MARYLAND
`WASHINGTON D C
`’
`'
`Vmamm
`
`‘
`
`-——__
`r
`EarH-EEE
`
`—'——_\
`US
`5-4323
`IF-:==\t
`ln‘iuizfia
`gm'E'
`“7
`:—
`ot:3ia=
`
`Assistant Commissioner for Patents
`
`Washington, D.C. 20231
`
`Re: New Patent Application
`Inventor(s): Miki MULLOR and Julian VALIKO
`
`Attorney Docket: REINC 4237.01
`
`, s
`,_[s
`
`Sir:
`
`Please find attached hereto an application for patent which
`includes:
`
`Specification, Claims, Declaration, Power of Attorney.
`
`A certified copy of Israel Application No. 124571 filed May 21, 1998,
`the priority of which is claimed herewith under 35 U.S.C. 119.
`
`Verified Declaration Statement showing Small Entity Status:
`
`k
`
`*
`
` ”fig Basic Fee $395/790 ....................................
`
`Formal Drawings: Figures 1 and 2
`
`(2 sheets)
`
`Fee (see formula below) check enclosed.
`
`$
`
`395.00
`
`Additional Fees:
`
`Total number of claims in excess of 20 * times $11/22 $
`
`0 . 00
`
`Number of independent claims _1__
`$
`in excess of 3: *
`times $4l/82 .................
`An assignment is likewise enclosed; Recording Fee $40.$
`TOTAL FEES FOR THE ABOVE APPLICATION. .
`.
`$
`
`0.00
`40.00
`435.00
`
`In the event there is attached hereto no check, or a check for an insuffi—
`‘ cient amount, please charge the fee to our Account No. 19-3700 and notify us
`accordingly .
`
`Rbioa
`
`Respectfully submitted
`4
`
`31
`
`
`
`
`Robert Kinberg;
`26, 924
`Registration No.
`
`SAMSUNG EX. 1004 - 1/242
`
`SAMSUNG EX. 1004 - 1/242
`
`
`
`I
`
`n 4 /
`
`.
`
`l
`
`‘
`Applicant or Patentee:
`Serial or Patent Ma. "
`
`Filed or Issued:
`
`Attorney ‘ 3
`
`Docket No.
`
`~. \
`
`Fbr: METHOD QF RESTRICTING SOFTWARE OPERATION WITHIN A LICENSED LIMITATION
`
`VERIFIED STATEMENT (DECLARATION) CLAIMING SMALL ENTITY STATUS
`(37 CFR 1.9(f) and l.27(c)) - SMAIL BUSINESS CONCERN
`
`I hereby declare that I am
`,
`[
`]
`the owner of the small business concern identified below:
`_ [)(J an official of the small business concern empowered to act on behalf of the concern
`idaitified below:
`'
`NAME OF CONCERN ; M.Y.P.D. TECHNOLOGIES LTD.WM
`
`ADDRESS OF CONCERN
`CZO Keren~Shechter Law Firm,
`21 Her Sinai Street,
`Tel—Aviv 65816z Israel
`
`'
`
`I
`
`‘ I hereby declare that the above identified small business concern qualifies as a small
`basiness concern as defined in 13 CFR 121.3—18, and reproduced in 37 CFR l.9(d),for purposes
`paying reduced fees under section 41(a) and (b) of Title 35, United States Code,
`in that
`.,
`j be number of employees of the concern,including ,those of its affiliates, does not exceed
`561) persons. For purposes of this statement,(l) the number of employees of the business
`”concern is the average over the previous fiscal year of the concern of the persons employed
`on a full—time, part—time or temporary basis during each of the pay periods of the fiscal
`yganand (2) concerns are affiliates of each other when either,directly or indirectly,one
`
`concern controls or has the power to control the other,or a third party or parties controls
`has the power to control both.
`
`ereby declare that rights under contract or law have been conveyed to and remain with the
`small business concern identified above with regard to the invention, entitled METHOD
`OF RESTRICTING SOFTWARE OPERATION WITHIN A LICENSED,LIMITATDgNjnygnunxs)
`
`
`
`ed? crigeld in
`
`the application filed herewith
`[x]
`[
`] application serial no.
`[
`1 Patent no.
`
`a
`
`, filed
`,issued
`
`
`
`this rights held by the above identified small business concern are not exclusive, each
`igdiwfiualmoncern or organization having rights to the invention is listed below"“ and no
`rights to the invention are held by any person, other than, the inventor, who could not
`qualify as a small business concern under 37 CFR 1.9(d) or by any concern which would not
`qualify as a small business concern under 37 CFR 1.9(d) or a nonprofit organization under 37
`CFR 1.9(e) . *NOI‘E: Separate verified statements are required from each named person,
`concern or organization having rights to the invention averring to their status as small
`entities.
`(37 CFR 1.27)
`
`NAME
`ADDRESS
`
`l
`
`J
`
`INDIVIDUAL
`
`[
`
`] SMALL BUSINESS CONCERN
`
`[
`
`] NONPROFIT ORGANIZATION
`
` [
`
`NAME_
`ADDRESS
`
`[
`]
`INDIVIDUAL
`[
`] SMALL BUSINESS CONCERN
`[
`] NONPROFIT ORGANIZATION
`I acknowledge the duty to file, in this applicatimr or patent, notification of any change of
`status resulting in loss of entitlement to small entity status prior to paying, or at the
`time of paying,
`the earliest of the issue fee or any maintenance fee due after the date on
`which status as a small entity is no longer appropriate.
`(37 CFR l.28(b))
`
`I hereby declare that all statements made herein of my own knowledge are true and that all
`statements made on information and belief are believed to be true; and further that these
`statements were made with the knowledge that willful false statements and the like so made
`are punishable by fine or imprisonment, or both, under section 1001 of Title 18 of the
`United States Code, and that such willful false statements may jeopardize the validity of
`the application, any patent issuing thereon, or any patent to which this verified statement
`is directed.
`~
`-
`NAME OF PERSON SIGNINGX
`
`“KW {5’7“ ‘5 dew
`
`M
`
`vma
`
`'
`
`\
`
`'
`
`'
`
`SAMSUNG EX. 1004 - 2/242
`
`SAMSUNG EX. 1004 - 2/242
`
`
`
`Method of Restricting Software Operation within A License Limitation
`
`9‘
`
`:
`
`*
`
`FIELD OF THE INVENTION
`
`This invention relates to a method and system of identifying and
`
`restricting an unauthorized software program’s operation.
`
`5
`
` 10
`
`3‘,
`
`BACKGROUND OF THE INVENTION
`
`Numerous methods have been devised for
`
`the identifying and
`
`restricting of unauthorized software program’s operation. These methods have
`
`been primarily motivated by the grand proliferation of illegally copied
`
`software, which is engulfing the marketplace. This illegal copying represents
`
`billions of dollars in lost profits to commercial sofiware developers.
`
`Software based products have been developed to validate authorized
`
`~
`
`software usage by writing. a license signature onto the computer’s volatile
`
`memory (e.g. hard disk). These products may be appropriate for restricting
`
`honest soitware users, but they are very vulnerable to attack at the hands of
`
`skilled system’s programmers (e.g. “hackers”). These license signatures are
`
`15
`
`also subject to the physical instabilities of their volatile memory media.
`
`Hardware base products have also been developed to validate
`
`authorized sofiware usage by accessing a dongle that is coupled e.g. to the
`
`parallel port of the RC. These units are expensive, inconvenient, and not
`
`particularly suitable for software that may be sold by downloading (e.g. over
`
`20
`
`the internet).
`
`SAMSUNG EX. 1004 - 3/242
`
`SAMSUNG EX. 1004 - 3/242
`
`
`
`There is accordingly a need in the art to provide for a system and
`
`method that substantially reduce or overcome the drawbacks of hitherto
`
`known solutions.
`
`'
`:
`
`.
`
`
`
`5 SUMMARY OF THE INVENTION
`
`The present invention relates to a method of restricting software
`operation within a license limitation. This method strongly relies on the use of
`a key and of a record, which have been written into the non-volatile memory
`
`of a computer.
`
`10
`
`For a better understanding of the underlying concept of the invention,
`
`there follows a specific non—limiting example. Thus, consider a conventional
`
`computer having a conventional BIOS module in which a key was embedded
`
`at
`
`the ROM section thereof, during manufacture. The key constitutes,
`
`efiectively, a unique identification code for the host computer. It is important
`
`,5
`
`15
`
`to note that the key is stored in a non-volatile portion of the BIOS,
`
`i.e. it
`
`cannot be removed or modified.
`
`Further, according to the invention, each application program that is to
`
`be licensed to run on the specified computer,
`
`is associated with a license
`
`record; that consists of author name, program name and number of licensed
`
`20 users (for network). The license record may be held in either encrypted or
`
`explicit form.
`
`Now,
`
`there commences an initial
`
`license establishment procedure,
`
`where a verification structure is set in the BIOS so as to indicate that the
`
`specified program is licensed to run on the specified computer. This is
`
`25
`
`implemented by encrypting the license record (or portion thereof) using said
`
`key (or portion thereof) exclusively or in conjunction with other identification
`
`information) as an encryption key. The resulting encrypted license record is
`
`stored in another (second) non-volatile section of the BIOS, e.g. EZPROM (or
`
`SAMSUNG EX. 1004 - 4/242
`
`SAMSUNG EX. 1004 - 4/242
`
`
`
`;
`
`-
`
`
`
`the ROM). It should be noted that unlike the first non-volatile section, the data
`
`in the second non-volatile memory may optionally be erased or modified
`(using EZPROM manipulation commands), so as to enable to add, modify or
`
`remove licenses. The actual format of the license may include a string of
`
`5
`
`terms that correspond to a license registration entry (e.g. lookup table entry or
`
`entries) at a license registration bureau (which will be further described as part
`
`of the preferred embodiment of the present invention).
`
`Having placed the encrypted license record in the second non-volatile
`
`memory (e.g. the EZPROM),
`
`the process of verifying a license may be
`
`10
`
`commenced. Thus, when a program is loaded into the memory of the
`
`computer, a so called license verifier application, that is a priori running in the
`
`computer, accesses the program under question, retrieves therefrom the
`
`license record, encrypts the record utilizing the specified unique key (as
`
`retrieved from the ROM section of the BIOS) and compares the so encrypted
`
`15
`
`record to the encrypted records that reside in the‘EZPROM. In the case of
`
`?
`
`match, the program is verified to run on the computer. If on the other hand the
`
`sought encrypted data record is not found in the EZPROM database, this
`
`means that
`
`the program under question is not properly licensed and
`
`appropriate application define action is invoked (e.g. informing to the user on
`
`20
`
`the unlicensed status, halting the operation of the program under question etc.)
`
`Those versed in the art will readily appreciate that any attempt to run a
`
`program at an unlicensed site will be immediately detected. Consider, for
`
`example, that a given application, say Lotus 123, is verified to run on a given
`
`computer having a first identification code (kl) stored in the ROM portion of
`
`25
`
`the BIOS thereof. This obviously requires that the license record (LR) of the
`
`application after having been encrypted using kl giving rise to (LR)k1 is stored
`
`in the EZPROM ofthe first computer.
`
`Suppose now that a hacker attempts to run the specified application in
`
`a second computer having a second identification code (k2) stored in the
`
`SAMSUNG EX. 1004 - 5/242
`
`SAMSUNG EX. 1004 - 5/242
`
`
`
`.
`
`~
`
`
`
`-
`
`
`
`ROM portion of the BIOS thereof. All or a portion the database contents
`
`(including of course (LR)k1 ) that reside in the EZPROM portion in the first
`
`computer may be copied in a known per se means to the second computer. It
`
`is important to note that the hacker is unable to modify the key in the ROM of
`
`5
`
`the second computer to K1, since, as recalled, the contents of the ROM is
`
`established during manufacture and is practically invariable.
`
`Now, when the application under question is executed in the second
`
`computer, the license verifier retrieves said LR fiom the application and, as
`
`explained above, encrypts it using the key as retrieved from the ROM of the
`
`10
`
`second computer,
`
`i.e Q giving rise to encrypted license record (LR)k2,
`
`Obviously, the value (LR)k2 does not reside in the EZPROM database section
`
`of the second computer (since it was not legitimately licensed) and therefore
`
`the specified application is invalidated. It goes without saying that the data
`
`copied from the first
`
`(legitimate) computer
`
`is
`
`rendered useless,
`
`since
`
`15
`
`comparing (LR)k2 with the copied value (LR)1;1 results, of course,
`mismatch.
`
`in
`
`5‘
`
`The example above is given for clarity of explanation only and is by no
`
`means binding.
`
`In its broadest aspect, the invention provides for a method of restricting
`
`20
`
`software operation within a license limitation including; for a computer
`
`having a first non—volatile memory area, a second non-volatile memory area,
`
`and a volatile memory area; the steps of: selecting a program residing in the
`
`volatile memory, setting up a verification structure in the non-volatile
`
`memories, verifying the program using the structure, and acting on the
`
`25 program according to the verification.
`
`An important advantage in utilizing non-volatile memory such as that
`
`residing in the BIOS is that the required level of system programming
`
`expertise that is necessary to intercept or modify commands, interacting with
`
`the BIOS, is substantially higher than those needed for tampering with data
`
`SAMSUNG EX. 1004 - 6/242
`
`SAMSUNG EX. 1004 - 6/242
`
`
`
`residing in volatile memory such as hard disk. Furthermore, there is a much
`
`higher cost to the programmer, if his tampering is unsuccessful, i.e. if data
`
`residing in the BIOS (which is necessary for the computer’s operability) is
`
`inadvertently changed by the hacker. This is too high of a risk for the ordinary
`
`5
`
`software hacker to pay. Note that various recognized means for hindering the
`
`professional-like hacker may also be utilized (e.g. anti-debuggers, etc.) in
`
`conjunction with the present invention.
`
`In the context of the present invention, a “computer” relates to a digital
`
`'
`
`data processor. These processors are found in personal computers, or on one
`
`10
`
`or more processing cards in multi-processor machines. Today, a processor
`
`
`
`normally includes a first non-volatile memory, a second non-volatile memory,
`
`and data linkage access to a volatile memory. There are also processors
`
`having only one non-volatile memory or having more than two non-volatile
`
`memories; all of which should be considered logically as relating to having a
`
`15
`
`first and a second non-volatile memory areas. There are also computational
`
`environments where the volatile memory is distributed into numerous
`
`physical components, using a bus, LAN, etc.; all of which should logically be
`
`considered as being a volatile memory area.
`
`According to the preferred embodiment of the present invention, there
`
`20
`
`is further provided a license authentication bureau which can participate in
`
`either or both of:
`
`(i) establishing the license record in the second non-volatile memory;
`
`and
`
`(ii) verifying if the key and license record in the non-volatile
`
`25 memory(s) is compatible with the license record information as extracted
`
`fiom the application under question.
`
`The bureau is a telecommunications accessible processor where
`
`functions such as formatting, encrypting, and verifying may be performed.
`
`Performing these or other
`
`functions at
`
`the bureau helps to limit
`
`the
`
`SAMSUNG EX. 1004 - 7/242
`
`SAMSUNG EX. 1004 - 7/242
`
`
`
`understanding of potential software hackers; since they can not observe how
`
`these functions are constructed. Additional security may also be achieved by
`
`forcing users of the bureau to register, collecting costs for connection to the
`
`bureau, logging transactions at the bureau, etc.
`
`5
`
`According to one example of using the bureau, setting up a verification
`
`structure fiirther includes the steps of: establishing, between the computer and
`
`the bureau, a two—way data-communications linkage; transferring, from the
`
`computer to the bureau, a request—for—license including an identification of the
`
`'
`
`computer and the license-record’s contents from the selected program;
`
`10
`
`fonning an encrypted license-record at the bureau by encrypting parts of the
`
`
`
`
`.5
`
`W
`
`request-for-license using part of the identification as the encryption key; and
`
`transferring, firom the bureau to the computer, the encrypted license-record.
`
`According to another example of using the bureau, verifying the
`
`program further includes the steps of: establishing, between the computer and
`
`15
`
`the bureau, a two-way data-communications linkage; transferring, fiom the
`
`computer
`
`to the bureau, a request-for-license-verification including an
`
`identification of the computer, the encrypted license—record for the selected
`
`program
`
`from
`
`the
`
`second
`
`non-volatile
`
`memory,
`
`and
`
`the
`
`licensed-software-program’s license-record contents; enabling the comparing
`
`20
`
`at the bureau; and transferring, from the bureau to the computer, the result of
`
`the comparing.
`
`The actual key that serves for identifying the computer may be
`
`composed of the pseudo-unique key exclusively, or, if desired, in combination
`
`with information, e.g. information related to the registration of the user such
`
`25
`
`as e. g. place, telephone number, user name, license number, etc. In the context
`
`of the present invention, a “pseudo-unique” key may relate to a bit string
`
`which uniquely identifies each first non-volatile memory. Alternately the
`
`“pseudo-unique” key may relate to a random bit string (or to an assigned bit
`
`string) of sufficient length such that: there is an acceptably low probability of
`
`SAMSUNG EX. 1004 - 8/242
`
`SAMSUNG EX. 1004 - 8/242
`
`
`
`a successfiil unauthorized transfer of licensed software between two
`
`computers, where the first volatile memories of these two computers have the
`
`same key.
`
`It should be noted that the license bureau might maintain a registry of
`
`5 keys and of licensed programs that have been registered at the bureau in
`
`association with these keys. This registry may be used to help facilitate the
`
`formalization of procedures for the transfer of ownership of licensed software
`
`fiom use on one computer to use on another computer.
`
`Constructing the key in the manner specified may hinder the hacker in
`
`10
`
`cracking the proposed encryption scheme of the invention, in particular when
`
`the establishment of the license record or the verification thereof is performed
`
`in the bureau. Those versed in the art will readily appreciate that the invention
`
`is by no means bound by the data, the algorithms, or the manner of operation
`
`of the bureau. It should be noted that the tasks of establishing and/or verifying
`
`a license record may be shared between the bureau and the computer, done
`
`exclusively at
`
`the computer, or done exclusively at
`
`the bureau. The
`
`pseudo-unique key length needs to be long enough to hinder encryption attack
`
`schemes. The establishing of the key may be done at any time fi‘om the
`
`non-volatile memory’s manufacture until an attempted use of an established
`
`20
`
`license-record in the non-volatile memory. The key is used for encryption or
`
`decryption operations associated with license-records.
`
`In principle,
`
`the
`
`manufacturer of the licensed—software—program may specify the license—record
`
`format and therefore different formats may, if desired, be used for respective
`
`applications.
`
`25
`
`According to the preferred embodiment of the present invention, the
`
`pseudo-unique key is a unique-identification bit string that is written onto the
`
`first non-volatile memory by the manufacturer ofthe is memory media.
`
`According to one, non-limiting, preferred embodiment of the present
`
`invention, the first non-volatile memory area is a ROM section of a BIOS; the
`
`-
`
`~
`
`
`
`w.
`
`
`
`
`
`
`
`SAMSUNG EX. 1004 - 9/242
`
`SAMSUNG EX. 1004 - 9/242
`
`
`
`second non-volatile memory area is a EZPROM section of a BIOS; and the
`
`volatile memory is a RAM e.g. hard disk and/or internal memory of the
`
`computer.
`
`The present invention also relates to a non-volatile memory media
`
`5 used as a BIOS of a computer, for restricting software operation within a
`
`license limitation, wherein a pseudo-unique key is established.
`
`According to the preferred embodiment of the non-volatile memory
`
`media of the present invention, the pseudo-unique key is established in a
`
`~
`
`ROM section of the BIOS.
`
`10
`
`
`
`BRIEF DESCRIPTION OF THE DRAWINGS:
`
`In order to understand the invention and to see how it may be carried
`
`out in practice, a preferred embodiment Will now be described, by way of
`
`non-limiting example only, with reference to the accompanying drawings, in
`
`1"
`
`15 which:
`
`Fig. 1 is a schematic diagram of a computer and a license bureau; and
`
`Fig. 2 is a generalized flow chart of the sequence of operations
`
`performed according to one embodiment of the invention.
`
`20 DETAILED DESCRIPTION OF A PREFERRED EMBODHVIENT
`
`A schematic diagram of a computer and a license bureau is shown in
`
`Figure 1. Thus, a computer processor (1) is associated With input operations
`
`(2) and with output operations (3). This computer (processor) internally
`
`contains a first non-volatile memory area (4) (e.g. the ROM section of the
`
`25 BIOS), a second non-volatile memory area (5) (e.g. the EZPROM section of
`
`the BIOS), and a volatile memory area (6) (e.g. the internal RAM memory of
`
`the computer).
`
`SAMSUNG EX. 1004 - 10/242
`
`SAMSUNG EX. 1004 - 10/242
`
`
`
`‘
`
`‘
`
`..
`
`1
`
`
`
`The computer processor is in temporary telecommunications linkage
`
`with a license bureau (7).
`
`The first non-volatile memory includes a pseudo—random identification
`
`key (8), which exclusively or in combination with other information (e. g. user
`
`5
`
`name),
`
`is sufficient to uniquely difierentiate this first non-volatile memory
`
`from all other first non-volatile memories. As specified before, said key
`
`constitutes unique identification of the computer.
`
`The second non-volatile memory includes a license-record—area (9) e.g.
`
`for the containing of at least one encrypted license-record (e.g. three records
`
`10
`
`10-12). The volatile memory accommodates a license program (16) having
`license record fields (13-15) appended thereto. By way of example said fields
`
`stand for Application name (e.g. Lotus 123), Vendor name (Lotus inc.), and
`
`no of licensed copies (1 for stand alone usage, >1 for number of licensed users
`
`for a network application).
`
`15
`
`Those versed in the art will readily appreciate that the license record is
`
`not necessarily bound to continuos fields. In fact, the various license content
`
`components of the data record may be embedded in various locations in the
`
`application. Any component may, if desired, be encrypted.
`
`Each one of the encrypted license records (IO-12) is obtained by
`
`20
`
`encrypting the corresponding license record as extracted from program 16,
`
`utilizing for encryption the identification key (8).
`
`In
`
`a
`
`typical, yet not
`
`exclusive,
`
`sequence of operation,
`
`a
`
`transaction/request is sent, by the computer to the bureau. This transaction
`
`includes the key (8), the encrypted license-records (10-12), contents from the
`
`25
`
`license program used in forming a license record (e. g. fields 13-15), and other
`
`items of information as desired.
`
`The bureau forms the proposed license-record from the contents,
`
`encrypts (utilizing predetermined encryption algorithm)
`
`the so formed
`
`license-record using the key (8), and compares the so formed encrypted
`
`SAMSUNG EX. 1004 - 11/242
`
`SAMSUNG EX. 1004 - 11/242
`
`
`
`-10.
`
`license-record With the license-records (10-12). The bureau generates an
`
`overlay according to the result of the comparison indication successful
`
`comparison, non-critical failure comparison and critical failure comparison.
`
`The bureau returns the overlay which will direct the computer in
`
`5
`
`subsequent operation. Thus, a success overlay will allow the license program
`
`to operate. A non—critical
`
`failure overlay will ask for additional user
`
`%
`
`interactions. A critical failure overlay will cause permanent disruption to the
`
`computer’s BIOS operations. Thus, software operation of the program is
`
`
`
`
`methodologically according to a license limitation restriction.
`
`10
`
`Those versed in the art will readily appreciate that the implementation
`
`as described with reference to Fig. l is by no means binding. Thus, by way of
`
`non-limiting example, the bureau, instead of being external entity may form
`
`part of the computer.
`
`Attention is now directed to Fig. 2, showing a generalized flow chart
`
`15 of the sequence of operations performed according ”to one embodiment of the
`
`invention.
`
`Thus, selecting (17) a program includes the step of: establishing a
`
`licensed-software—program in the volatile memory of the computer wherein
`
`the
`
`licensed—software—program includes
`
`contents
`
`used
`
`to
`
`form a
`
`20
`
`license-record. These contents, be they centralize or decentralized, may
`
`include terms,
`
`identifications, specifications, or limitations related to the
`
`manufacturer of a software product, the distributor of a software product, the
`
`purchaser of a software product, a licensor, a licensee, items of computer
`
`hardware or components thereof, or to other terms and conditions related to
`
`25
`
`the aforesaid.
`
`Setting up (18)
`
`the verification structure includes the steps of:
`
`establishing or certifying the existence of a pseudo-unique key in the first
`
`non-volatile memory area; and establishing at
`
`least one license-record
`
`location in the first or the second nonvolatile memory area.
`
`SAMSUNG EX. 1004 - 12/242
`
`SAMSUNG EX. 1004 - 12/242
`
`
`
`.11.
`
`Establishing a license-record includes
`
`the steps of:
`
`forming a
`
`license-record by encrypting of the contents used to form a license-record
`
`with other predetermined data contents, using the key; and establishing the
`
`encrypted license-record in one of the at least one established license-record
`
`5
`
`locations (e.g. 10-12 inFigure l).
`
`Verifying (19) the program includes the steps of: encrypting the
`
`licensed-soitware—program’s
`
`license-record contents
`
`from the volatile
`
`memory area or decrypting the license-record in the first or the second
`
`non-volatile memory area, using the key; and comparing the encrypted
`
`10
`
`licensed-software—program’s
`
`license-record contents with the encrypted
`
`license-record in the first or the second non—volatile memory area, or
`
`comparing the licensed—sofiware—program’s license-record contents with the
`
`decrypted license-record in the first or the second non—volatile memory area.
`
`Acting (20) on the program includes the step of: restricting the
`
`15 program’s operation with predetermined limitations if the comparing yields
`
`non-unity or insufficiency. In this context “non-unity” relates to being unequal
`
`with respect to a specific equation (e.g. A=B+1); and “insufficiency” relates
`
`to being outside of a relational bound (e.g. A>B+1). “Restricting the
`
`program’s operation with predetermined limitations” may include actions
`
`20
`
`such as erasing the software in volatile memory, warning the license
`
`applicant/user, placing a fine on the applicant/user through the billing service
`
`charges collected at the license bureau (if applicable), or scrambling sections
`
`of the BIOS of the computer (or of fimctions interacting therewith).
`
`The present invention has been described with a certain degree of
`
`25 particularity but
`
`it should be understood that various modifications and
`
`alterations may be made without departing from the scope or spirit of the
`
`invention as defined by the following claims:
`
`-
`
`‘
`
`'
`
`
`
`
`SAMSUNG EX. 1004 - 13/242
`
`SAMSUNG EX. 1004 - 13/242
`
`
`
`.12.
`
`CLAIMS:
`
`1. A method of restricting software operation within a license
`
`limitation comprising; for a computer having a first non-volatile memory area,
`
`a second non-volatile memory area, and a volatile memory area; the steps of:
`
`5
`
`selecting a program residing in the volatile memory, setting up a verification
`
`structure in the non-volatile memories, verifying the program using the
`
`structure, and acting on the program according to the verification.
`
`'
`
`2. A method according to claim 1, further comprising the step of:
`
`
`
`
`establishing a license authentication bureau.
`
`10
`
`3. A method according to claim 2, wherein setting up a verification
`
`structure further comprising the steps of: establishing, between the computer
`
`and the bureau, a two-way data-communications linkage; transferring, from
`
`the computer to the bureau, a request—for—license including an identification of
`
`the computer and the license-record’s contents from the selected program;
`
`15
`
`forming an encrypted license-record at the bureau by encrypting parts of the
`
`request-for—license using part of the identification as the encryption key; and
`
`transferring, from the bureau to the computer, the encrypted license-record.
`
`4. A method according to claim 2, wherein verifying the program
`
`firrther comprising the steps of: establishing, between the computer and the
`
`20 bureau, a two—way data—communications linkage;
`
`transferring,
`
`from the
`
`computer
`
`to the bureau, a request-for—license-verification including an
`
`identification of the computer, the encrypted license~record for the selected
`
`program
`
`from the
`
`second
`
`non-volatile
`
`memory,
`
`and
`
`the
`
`licensed—software-program’s license—record contents; enabling the comparing
`
`25
`
`at the bureau; and transferring, from the bureau to the computer, the result of
`
`the comparing.
`
`5. A method according to claim 3 wherein the identification of the
`
`computer includes the pseudo—unique key.
`
`SAMSUNG EX. 1004 - 14/242
`
`SAMSUNG EX. 1004 - 14/242
`
`
`
`-13-
`
`6. A method according to claim 1 wherein selecting a program
`
`includes the step of: establishing a licensed—software-program in the volatile
`
`memory of the computer wherein said licensed-software—program includes
`
`contents used to form a license-record.
`
`5
`
`7. A method according to claim 1 wherein setting up the verification
`
`structure includes the steps of: establishing or certifiing the existence of a
`
`pseudo—unique key in the first non-volatile memory area; and establishing at
`
`_
`‘
`
`least one license—record location in the first or the second nonvolatile memory
`area.
`
`
`
`
`
`
`10
`
`8. A method according to claim 6 wherein establishing a license—record
`
`includes the steps of: forming a license-record by encrypting of the contents
`
`used to form a license-record with other predetermined data contents, using
`
`the key; and establishing the encrypted license-record in one of the at least
`
`one established license-record locations.
`
`15
`
`9. A method according to claim 1 wherein verifying the program
`
`includes
`
`the
`
`steps
`
`of:
`
`encrypting
`
`the
`
`licensed-software-program’s
`
`license—record contents fiom the volatile memory area or decrypting the
`
`license—record in the first or the second non-volatile memory area, using the
`
`key; and comparing the encrypted licensed-sofiware-program’s license-record
`
`20
`
`contents with the encrypted license-record in the first or
`
`the second
`
`non—volatile memory area, or comparing the licensed—sofiware—program’s
`
`license-record contents with the decrypted license-record in the first or the
`
`second non-volatile memory area.
`
`10. A method according to claim 1 wherein acting on the program
`
`25
`
`includes the step of: restricting the program’s operation with predetermined
`
`limitations if the comparing yields non-unity or insufiiciency.
`
`11. A method according to claim 1 wherein the first non-volatile
`
`memory area is a ROM section of a BIOS.
`
`SAMSUNG EX. 1004 - 15/242
`
`SAMSUNG EX. 1004 - 15/242
`
`
`
`.14.
`
`12. A method according to claim 1 wherein the second non—volatile
`
`memory area is a EZPROM section of a BIOS.
`
`13. A method according to claim 1 wherein the volatile memory is a
`
`RAM.
`
`5
`
`14. A non-volatile memory media used as a BIOS of a computer, for
`
`restricting software operation Within a license limitation, wherein a
`
`pseudo-unique key is established.
`
`15. A non-volatile memory media according to claim 14 wherein the
`
`~
`
`pseudo-unique key is established in a ROM section of the BIOS.
`
`l‘
`
`SAMSUNG EX. 1004 - 16/242
`
`SAMSUNG EX. 1004 - 16/242
`
`
`
`.15.
`
`ABSTRACT
`
`A method of restricting software operation Within a license limitation
`
`that is applicable for a computer having a first non-volatile memory area, a
`
`5
`
`second non—volatile memory area, and a volatile memory area. The method
`
`includes the steps of selecting a program residing in the volatile memory,
`
`setting up a verification structure in the non—volatile memories, verifying the
`
`program using the structure, and acting on the program according to the
`
`‘
`
`verification.
`
`10
`
`
`
`SAMSUNG EX. 1004 - 17/242
`
`SAMSUNG EX. 1004 - 17/242
`
`
`
`J
`
`2 / 95b
`
`DECLARATION FOR UNITED STATES PATENT APPLICATION,
`POWER OF ATTORNEY, DESIGNATION OF CORRESPONDENCE ADDRESS
`
`Attorney Docket
`
`I hereby declare that my residence, post office address and
`As a below named inventor,
`citizenship are as stated below next to my name, and that I believe I am the original, first
`and sole inventor (if only one name is listed below) or an original, first and joint inventor
`(if plural names are listed below)