`\
`
`3
`
`‘
`
`v.
`
`.fi
`
`_ 0“
`
`.
`
`_
`
`
`
`STATE PF ISRAEL
`
`*3 n-nyn'a mu
`
`mpnyn m: D‘D‘lyfi
`
`nianonn 5w nun:
`
`nbmnnh “pan-nu
`
`uaus'v nwpan ma
`nmwnn lawman 15':
`
`5w “mun 117.1312
`
` .nnmn
`
`'-
`
`A
`5
`
`—
`
`I”;
`'
`02$ 1“"
`
`This
`
`”min
`
`I/
`
`“mi? .n
`., m )4)! mum
`"fl;
`/‘/
`1‘1“me
`...
`I, 4.
`....._.
`.1
`, ‘...-.../~~
`
`‘3
`
`D‘UJDDH DW'I
`Registrar of Patenls
`
`)
`
`>
`
`110an
`-
`Certified
`SAMSUNG EX. 1010 - 1/20
`
`SAMSUNG EX. 1010 - 1/20
`
`
`
`
`
`fizwbn wanaub
`For Office Use
`
`Number
`
` "mm
`
`9 1
`
`‘7’”Date
`'05- 1998
`:fln‘ra/o'rpm
`Ante/Posbdated
`
`1967 — V'mun ,D’UJUDfi P171
`PATENTS LAW, 5727-1967
`
`usual-z rum-.72,
`‘
`-
`Application For Patent
`
`(mruunn mam n-mzm q» ua‘n mm ,v‘pnnn ow) pm
`I, (Name and address of applicant, and in case of body corporate-place of incorporation)
`
`bmtm ,47234 pawn rim ,3 115nm 'n-m ,mewv mm 11x71): ,7»:
`Mikj Mullor, Israeli citizen, of 3 Zelon St., Ramat Hasharon 47234, Israel
`A
`human ,4723411'wn nm ,3 115m: 'n-m ,vbmwv mm npm 124%?
`Julian Valiko, Israeli citizen, of 3, Zelon St., Ramat Hasharon 47234, Israel
`
`Being inventors
`mn nnww
`of an invention the title of which is
`
`omnmn 13mm
`
`no» 7124an by:
`Owner, by virtue of
`
`19%"! 3153311 1131 fi3213'1 315199 31533119 71‘3””
`
`Method of restricting software operation Within a licensed limitation
`
`.
`
`(mun)
`(Hebrew)
`
`(n’bmu)
`
`(English)
`
`A - - l. for Patent ofAddition
`moshmwpab '
`to Patent/App].
`
`Ivn
`
`mun/mun
`Number/Mark
`
`Date
`
`
`
`
`
`
`
`D3UD 7p” ’5 13'1” ’D-nNtfl, \Dpfln
`
`Priori Claim
`
`
`
`
`
`11mm mm:
`Convention Coun-
`
`Hereby apply for a patent to be granted to me in respect thereof.
`
`A ulication ofDivision
`
`
`
`mos swam
`
`from application
`
`No.
`Iv); No.
`
`
`gym dated
`a”);
`
`
`P.O.A. :
`z n: um ~
`
`
`
`To be filed
`wv 1w
`
`
`
`
`
`REINHOLD COHN AND PARTNERS
`
`
`
`C. 110713.5
`Patent Attorneys
`P.O.B. 4060, Tel-Aviv
`
`
`
`
`woman mama-i
`
`Signature oprplicant
`1998
`SUV)
`Max
`U‘DH‘J
`20
`UV?!
`
`
`of the year
`of
`This
`
`
`
`nmubn mow):
`For Office Use
`
`
`.7’9‘: o’mwfi fi’U‘lDW nwpnn mum: mom on ,nwnn Tmzmzi 12cm: obwmi woman new: own: yam): mow: at new:
`
`This form. impressed with the Seal of the Patent Office and indicating the number and date of filing, certifies the filing of the application the particulars of
`which are set out above.
`.
`mama 3'18 371'”: ‘
`Delete whatever is inapplicable
`
`bN‘IW’: mane): ”7’9”? 1mm
`Address for Service in Israel
`
`For the Applicants,
`REINHOLD COHN AND PARTNERS
`By:—
`
`\ow
`
`SAMSUNG EX. 1010 - 2/20
`
`J
`
`SAMSUNG EX. 1010 - 2/20
`
`
`
`
`
`www nbnm 1m mam 515199 numb mam
`
`Method of restricting software operation within a licensed limitation
`
`Miki Mullor
`
`Julian Valiko
`
`fimbm ’7)»:
`
`17,5118,»
`
`C.110713.5
`
`SAMSUNG EX. 1010 - 3/20
`
`SAMSUNG EX. 1010 - 3/20
`
`
`
`
`
`
`
`
`
`Method of Restricting Software Operation Within A License Limitation
`>1
`
`FIELD OF THE INVENTION
`
`This invention relates to a method and system of identifying and N
`
`restricting an unauthorized software program’s operation.
`
`BACKGROUND OF THE INVENTION
`
`Numerous methods have been devised for
`the identifying and -
`restricting of unauthorized sofiware program’s Operation. These methods
`
`have been primarily motivated by the grand proliferation of illegally copied
`
`software, which .is “engulfing the marketplace. This illegal copying represents _
`
`IO
`
`billions of dollars in lost profits to commercial software developers.
`
`Software based products have been developed to validate authorized
`
`software usage by writing a license signature onto the computer’s volatile
`
`memory (eg. hard disk). These products may be appropriate for restricting
`
`honest sofiware users, but they are very vulnerable to attack at the hands of
`
`15
`
`skilled system’s programmers (e.g. “hackers”). These license signatures are
`
`also subject to the physical instabilities of their volatile memory media.
`
`Hardware base products have also been developed to validate
`
`authorized software usage by accessing a dongle that is coupled e.g. to the
`
`parallel port of the RC. These units are expensive,
`
`inconvenient, and not
`
`SAMSUNG EX. 1010 - 4/20
`
`SAMSUNG EX. 1010 - 4/20
`
`
`
`
`
`
`
`particularly suitable for software that may be sold by downloading (e.g. over
`
`the internet).
`
`There is accordingly a need in the art to provide for a ’system and
`
`method that substantially reduce or overcome the drawbacks of hitherto
`
`known solutions.
`
`SUMMARY OF THE INVENTION
`
`The present
`
`invention relates to a method of restricting software
`
`operation within a license limitation. This method strongly relies on the use of
`
`10
`
`a key and of a record, which have been written into the non-volatile memory
`
`of a computer.
`
`For a better understanding of the underlying concept of the invention,
`
`there follows a specific non-limiting example. Thus, consider a conventional
`
`computer having a conventional BIOS module in which a key was embedded
`at
`the ROM section thereof, during manufacture. The key constitutes,
`
`15
`
`effectively, a unique identification code for the host computer. It is important
`
`-
`
`to nOte that the key is stored in. anon-volatile portion of the BIOS, i.e.
`
`it
`
`_
`
`cannot be removed or modified.
`
`Further, according to the invention, each application program that is to
`
`20
`
`be licensed to run on the specified computer,
`
`is associated with a license
`
`record; that consists of author name, program name and number of licensed
`
`users (for network). The license record may be held in either encrypted or
`
`explicit form.
`
`Now,
`
`there commences an initial
`
`license establishment procedure,
`
`25
`
`where a verification structure is set in the BIOS so as to indicate that the
`
`specified program is licensed to run on the specified computer. This is
`
`implemented by encrypting the license record (or portion thereof) using said
`
`key (or portion thereof) exclusively or in conjunction with other identification
`
`SAMSUNG EX. 1010 - 5/20
`
`SAMSUNG EX. 1010 - 5/20
`
`
`
`
`
`.
`
`_;
`
`information) as an encryption key. The resulting encrypted license record is
`stored in another (second) non-volatile section of the BIOS, e.g. EZPROM (or
`
`the ROM). It should be noted that unlike the first non-volatile section, the
`
`data in the second non-volatile memory may optionally be erased or modified
`
`5
`
`(using EZPROM manipulation commands), so as to enable to add, modify or
`remove licenses. The actual format of the license may. include a string of
`
`terms that correspond to a license registration entry (e. g. lookup table entry or
`entries) at a license registration bureau (which will be further described as
`
`part of the preferred embodiment of the present invention).
`
`10
`
`Having placed the encrypted license record in the second non-volatile
`
`memory (e.g.
`
`the EZPROM),
`
`the process of verifying a license may be
`
`commenced. Thus, when a program is loaded into the memory of the
`
`computer, a so called license verifier application, that is a priori running in
`
`the computer, accesses the program under question, retrieves therefi'om the
`
`15
`
`license record, encrypts the record utilizing the Specified unique key (as
`retrieved from the ROM section of the BIOS) and compares the so encrypted
`
`record to the encrypted records that reside in the EZPROM. In the case of
`
`,
`
`—
`
`~ match, the program is verified to run (on the computer. If on the other hand the__
`sought encrypted data record is not found in the EZPROM database, this
`
`20 means that
`
`the program under question is not properly licensed and
`
`appropriate application define action is invoked (e.g. informing to the user on
`
`the unlicensed status, halting the Operation of the program under question
`
`etc.)
`
`Those versed in the art will readily appreciate that any attempt to run a
`
`25 program at an unlicensed site will be immediately detected. Consider, for
`
`example, that a given application, say Lotus 123, is verified to run on a given
`
`computer having a first identification code (k1) stored in the ROM portion of
`
`the BIOS thereof. This obviously requires that the license record (LR) of the
`
`VSAMSUNG EX. 1010 - 6/20
`
`SAMSUNG EX. 1010 - 6/20
`
`
`
`
`
`
`
`application after having been encrypted using k1 giving rise to (LR)k1 is
`
`stored in the EZPROM of the first computer.
`
`Suppose now that a hacker attempts to run the specified application in
`
`a second computer having a second identification code (k2) stored in the
`
`ROM portion of the BIOS thereof. All or a portion the database contents
`(including of course (LR)k1 ) that reside in the EZPROM portion in the first
`
`computer may be copied in a known per se means to the second computer. It
`
`is important to note that the hacker is unable to modify the key in the ROM of
`
`the second computer to Kl, since, as recalled, the contents of the ROM is
`established during manufacture and is practically invariable.
`
`10'
`
`Now, when the application under question is executed in the second
`
`computer, the license verifier retrieves said LR fi'om the application and, as
`explained above, encrypts it using the key as retrieved from the ROM of the
`
`15
`
`second computer,
`i.e l_<2_ giving rise to encrypted license record (LR)k2.
`Obviously, the value (LR)k2 does-not reside in the EZPROM database section
`of the second computer (since\it was not legitimately licensed) and therefore
`the specified application is invalidated. It goes without saying that the data
`
`"-copied- from the first
`
`(legitimate) computer is
`
`rendered useless,
`
`since ,.
`
`comparing (LRM with the copied, value (LR)k1 results, of course,
`
`in
`
`20
`
`mismatch.
`
`The example above is given for clarity of explanation only and is by no
`
`means binding.
`
`In its broadest aspect,
`
`the invention provides
`
`for a method of
`
`restricting sofiware operation within a license limitation including;
`
`for a
`
`25
`
`computer having a first non-volatile memory area, a second non—volatile
`
`memory area, and a volatile memory area; the steps of: selecting a program
`
`residing in the volatile memory, setting up a verification structure in the
`
`non—volatile memories, verifying the program using the structure, and acting
`
`on the program according to the verification.
`
`SAMSUNG EX. 1010 - 7/20
`
`SAMSUNG EX. 1010 - 7/20
`
`
`
`
`
`
`
`
`
`
`
`An important advantage in utilizing non—volatile memory such as that
`
`residing in the BIOS is that the required level of system programming
`
`expertise that is necessary to intercept or modify commands, interacting with
`
`the BIOS, is substantially higher than those needed for tampering with data
`
`residing in volatile memory such as hard disk. Furthermore, there is a much
`higher cost to the programmer, if his tampering is unsuccessful, i.e. if data
`
`residing in the BIOS (which is necessary for the computer’s operability) is
`
`inadvertently changed by the hacker. This is too high of a risk for the ordinary
`
`software hacker to pay. Note that various recognized means for hindering the
`professional—like hacker may also be utilized (e.g. anti-debuggers, etc.) in
`
`10
`
`conjunction with the present invention.
`
`In the context of the present invention, a “computer” relates to a digital
`
`data processor. These processors are found in personal computers, or on one
`
`or more processing cards in multi-processor machines. Today, a processor
`
`15
`
`normally include a first non-volatile memory, 'a second non—volatile memory,
`
`and data linkage access to a volatile memory. There are also processors
`
`having only one non-volatile memory or having more than two non-volatile
`
`memories; all of which should be considered logically as relating to having a
`
`first and a second non-volatile memory areas. There are also computational
`
`20
`
`environments where the volatile memory is distributed into numerous
`
`physical components, using a bus, LAN, etc.; all of which should logically be
`
`considered as being a volatile memory area.
`
`According to the preferred embodiment of the present invention, there
`
`is further provided a license authentication bureau which can participate in
`
`25
`
`either or both of:
`
`(i) establishing the license record in the second non-volatile memory;
`
`and
`
`SAMSUNG EX. 1010 - 8/20
`
`SAMSUNG EX. 1010 - 8/20
`
`
`
`
`
`
`
`(ii) verifying if the key and license record in the non-volatile
`
`memorst) is compatible with the license record information as extracted
`
`
`
`
`,.,.._.;.':..--...I..
`
`
`from the application under question.
`
`The bureau is a telecommunications accessible processor where
`
`5
`
`fimctions such as formatting, encrypting, and verifying may be performed.
`
`Performing these or other
`
`functions at
`
`the bureau ’helps
`
`to limit
`
`the
`
`understanding of potential software hackers; since they can not observe how
`
`these functions are constructed. Additional security may also be achieved by
`forcing users of the bureau to register, collecting costs for connection to the
`10 bureau, logging transactions at the bureau, etc.
`
`According to one example of using the bureau, setting up a verification
`
`structure further includes the steps of: establishing, between the computer and
`
`the bureau, a two-way data-communications linkage; transferring, fiom the
`
`computer to the bureau, a request-for—license including an identification of the
`
`15
`
`computer and the license-record’s contents firom the selected program;
`forming an encrypted license-record at the bureau by encrypting parts of the
`
`request-for-license using part of the identification as the encryption key; and
`
`transferring, from the bureau to the computer, theencrypted license-record.
`
`_
`
`.According to another exampleof using the bureau, verifying the
`
`20 program further includes the steps of: establishing, between the computer and
`
`the bureau, a two—way data-communications linkage; transferring, from the
`
`computer
`
`to the bureau, a request-for—license-verification including an
`
`identification of the computer, the encrypted license-record for the selected
`
`program
`
`fiom
`
`the
`
`second
`
`non-volatile
`
`memory,
`
`and
`
`the
`
`25
`
`licensed—software-program’s license-record contents; enabling the comparing
`
`at the bureau; and transferring, from the bureau to the computer, the result of
`
`the comparing.
`
`The actual key that serves for identifying the computer may be
`
`composed of the pseudo-unique key exclusively, or, if desired, in combination
`
`SAMSUNG EX. 1010 - 9/20
`
`SAMSUNG EX. 1010 - 9/20
`
`
`
`
`
`with information, e.g. information related to the registration of the user such
`
`as e.g. place, telephone number, user name, license number, etc. In the context
`
`of the present invention, a “pseudo-unique” key may relate to a bit string
`
`which uniquely identifies each first non-volatile memory. Alternately the
`
`“pseudo-unique” key may relate to a random bit string (or to an assigned bit
`
`string) of sufficient length such that: there is an acceptably low probability of
`
`a successful unauthorized transfer of licensed software between two
`
`computers, where the first volatile memories of these two computers have the
`
`‘
`same key.
`It should be noted that the license bureau might maintain a registry of
`
`10
`
`keys and of licensed programs that have been registered at the bureau in
`
`association with these keys. This registry may be used to help facilitate the
`
`formalization of procedures for the transfer of ownership of licensed software
`
`from use on one computer to use on another computer.
`
`15
`
`Constructing the key in the manner specified may hinder the hacker in
`cracking the proposed encryption scheme of the invention, in particular when
`
`the establishment of the license record or the verification thereof is performed
`
`in the bureau. Those versed in the art will readily appreciate that the invention,
`
`_
`
`is by no means bound by the data, the algorithms, or the manner of operation
`
`20
`
`of the bureau. It should be noted that the tasks of establishing and/or verifying
`
`a license record may be shared between the bureau and the computer, done
`
`exclusively at
`
`the computer, or done exclusively at
`
`the bureau. The
`
`pseudo-unique key length needs to be long enough to hinder encryption attack
`
`schemes. The establishing of the key may be done at any time from the
`
`25
`
`non-volatile memory’s manufacture until an attempted use of an established
`
`license-record in the non-volatile memory. The key is used for encryption or
`
`decryption operations associated with license-records.
`
`In principle,
`
`manufacturer
`
`of
`
`the
`
`licensed-software-program may
`
`specify
`
`the
`
`the
`
`SAMSUNG EX. 1010 -10/20
`
`SAMSUNG EX. 1010 - 10/20
`
`
`
`
`
`
`
`license—record format and therefore different formats may, if desired, be used
`
`for respective applications.
`
`According to the preferred embodiment of the present invention, the
`pseudo-unique key is a unique-identification bit string that is written onto the
`
`5
`
`first non—volatile memory by the manufacturer of the is memory media.
`
`According to one, non-limiting, preferred embodiment of the present
`
`invention, the first non-volatile memory area is a ROM section of a BIOS; the
`
`second non-volatile memory area is a EZPROM section of a BIOS; and the
`
`volatile memory is a RAM e.g. hard disk and/or internal memory of the
`
`10
`
`computer .
`The present invention also relates to a non-volatile memory media
`
`used as a BIOS of a computer, for restricting software operation within a
`
`license limitation, wherein a pseudo-unique key is established.
`
`According to the preferred embodiment of the non—volatile memory
`
`15 media of the present invention, the pseudo-unique key is established in a
`
`ROM section of the BIOS.
`
`BRIEF DESCRIPTION OF THE DRAWINGS:
`
`In order to understand the'invention and to see how it may be carried
`
`20
`
`out in practice, a preferred embodiment will now be described, by way of
`
`non-limiting example only, with reference to the accompanying drawings, in
`
`which:
`
`Fig. 1 is a schematic diagram of a computer and a license bureau; and
`
`Fig. 2 is a generalized flow chart of the sequence of Operations
`
`25 performed according to one embodiment of the invention.
`
`SAMSUNG EX. 1010 - 11/20
`
`SAMSUNG EX. 1010 - 11/20
`
`
`
`
`
`
`
`
`
`DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT
`
`A schematic diagram of a computer and a license bureau is shown in
`
`Figure 1. Thus, a computer processor (1) is associated with input‘bperations
`
`(2) and with output operations (3). This computer (processor) internally
`
`contains a first non-volatile memory area (4) (e.g. the ROM section of the
`
`BIOS), a second non—volatile memory area (5) (e.g. the EZPROM section of
`
`the BIOS), and a volatile memory area (6) (e.g. the internal RAM memory of
`
`the computer).
`
`The computer processor is in temporary telecommunications linkage
`
`1O
`
`with a license bureau (7).
`
`The first non-volatile memory includes a pseudo~random identification
`
`key (8), which exclusively or in combination with other information (e.g. user
`
`name),
`
`is sufficient to uniquely differentiate this first non—volatile memory
`
`from all other first non-volatile memories. As specified before, said key
`
`15
`
`constitutes unique identification of the computer.
`The second non-volatile memory includes a license-record-area (9)
`
`e.g. for the containingof at least one encrypted license-record (e.g.
`
`three
`
`- records 10-12). The- volatile memory accommodates a license program (16)
`
`having license record fields (13-15) appended thereto. By way of example
`
`20
`
`said fields stand for Application name (e.g. Lotus 123), Vendor name (Lotus
`
`inc), and no of licensed copies (1 for stand alone usage, >1 for number of
`
`licensed users for a network application).
`Those versed in the art will readily appreciate that the license record is
`
`not necessarily bound to continuos fields. In fact, the various license content
`
`25
`
`components of the data record may be embedded in various locations in the
`
`application. Any component may, if desired, be encrypted.
`
`Each one of the encrypted license records (10-12) is obtained by
`
`encrypting the corresponding license record as extracted from program 16,
`
`utilizing for encryption the identification key (8).
`
`SAMSUNG EX. 1010 -12/20
`
`SAMSUNG EX. 1010 - 12/20
`
`
`
`
`
`.10.
`
`In
`
`a
`
`typical, yet not
`
`exclusive,
`
`sequence of operation,
`
`a
`
`transaction/request is sent, by the computer to the bureau. This transaction
`
`includes the key (8), the encrypted license-records (10-12), contents from the
`
`license program used in forming a license record (e.g. fields 13-15), and other
`
`items of information as desired.
`
`The bureau forms the proposed license-record from the contents,
`
`encrypts
`
`(utilizing predetermined encryption algorithm)
`
`the so formed
`
`license-record using the key (8), and compares the so formed encrypted
`
`license-record with the license-records (IO-12). The bureau generates an
`overlay according to the result of the (comparison indication successful
`
`IO
`
`comparison, non-critical failure comparison and critical failure comparison.
`
`The bureau returns the overlay which will direct the computer in
`
`subsequent operation. Thus, a success overlay will allow the license program
`
`to operate. A non—critical
`
`failure overlay will ask for additional user
`
`15
`
`interactions. A critical failure overlay will cause permanent disruption to the
`
`computer’s BIOS operations. Thus, software operation of the program is
`
`’ methodologicaily according to a license limitation restriction.
`
`Those versed. in the artwill readily appreciate that the implementation
`
`as described with reference to Fig. 1 is by no means binding. Thus, by way of
`
`20
`
`non—limiting example, the bureau, instead of being external entity may form
`
`part of the computer.
`
`Attention is now directed to Fig. 2, showing a generalized flow chart
`
`of the sequence of operations performed according to one embodiment of the
`
`invention.
`
`25
`
`Thus, selecting (17) a program includes the step of: establishing a
`
`licensed-sofiware-program in the volatile memory of the computer wherein
`
`the
`
`licensed-software-program includes
`
`contents
`
`used
`
`to
`
`form a
`
`license-record. These contents, be they centralize or decentralized, may
`
`include terms,
`
`identifications, specifications, or limitations related to the
`
`SAMSUNG EX. 1010 - 13/20
`
`SAMSUNG EX. 1010 - 13/20
`
`
`
`
`
`-11.
`
`
`
`manufacturer of a software product, the distributor of a software product, the
`
`purchaser of a software product, a licensor, a licensee, items of computer
`
`hardware or components thereof, or to other terms and conditions related to
`
`the aforesaid.
`
`the verification structure includes the steps of:
`Setting up (18)
`establishing or certifying the existence of a pseudo-unique key in the first
`
`non-volatile memory area; and establishing at
`
`least one license-record
`
`location in the first or the second nonvolatile memory area.
`
`Establishing a license-record includes
`
`the steps of:
`
`forming a
`
`10
`
`license-record by encrypting of the contents used to form a license-record
`
`with other predetermined data contents, using the key; and establishing the
`
`encrypted license-record in one of the at least one established license-record
`
`locations (e.g. 10-12 in Figure _1).
`
`Verifying (19) the program includes the steps of: encrypting the
`
`15
`
`licensedl-sottware-program’s
`
`license-record contents
`
`from . the volatile ‘
`
`memory area or decrypting’the license-record in the first or the second
`
`non-volatile memory area, using the key; and comparing the encrypted
`
`licensed-software—program’s
`
`license-record. contents withhthe encrypted .
`
`license-record in the first or the second non—volatile memory area, or
`
`20
`
`comparing the licensed-sofitware-program’s license-record contents with the
`
`decrypted license-record in the first or the second non-volatile memory area.
`
`Acting (20) on the program includes the step of:
`
`restricting the
`
`program’s operation with predetermined limitations if the comparing yields
`
`non—unity or insufiiciency. In this context “non-unity” relates to being unequal
`
`25
`
`with respect to a specific equation (e.g. A=B+l); and “insufficiency” relates
`
`to being outside of a relational bound (cg. A>B+1). “Restricting the
`
`progam’s Operation with predetermined limitations” may include actions
`
`such as erasing the sofiware in volatile memory, warning the license
`
`applicant/user, placing a fine on the applicant/user through the billing service
`
`SAMSUNG EX. 1010 - 14/20
`
`SAMSUNG EX. 1010 - 14/20
`
`
`
`
`
`
`
`-12.
`
`~-
`
`charges collected at the license bureau (if applicable), or scrambling sections
`
`of the BIOS of the computer (or of fimctions interacting therewith).
`
`The present invention has been described with a certain» degree of
`
`particularity but
`
`it should be understood that various modifications and
`
`5
`
`alterations may be made without departing from the scope or spirit of the
`
`invention as defined by the following claims:
`
`SAMSUNG EX. 1010 - 15/20
`
`SAMSUNG EX. 1010 - 15/20
`
`
`
`
`
`-13.
`
`
`
`r”.
`
`CLAIMS:
`
`1. A method of restricting sofiware operation within. a license
`
`limitation comprising; for a computer having a first non—volatile memory
`
`area, a second non-volatile memory area, and a volatile memory area; the
`
`5
`
`steps of: selecting a program residing in the volatile memory, setting up a
`
`verification structure in the non-volatile memories, verifying the program
`
`using the structure, and acting on the program according to the verification.
`
`‘
`
`2. A method according to claim 1, further comprising the step of:
`
`;
`A
`
`establishing a license authentication bureau.
`
`10
`
`3. A method according to claim 2, wherein setting up a verification
`
`structure filrther comprising the steps of: establishing, between the computer
`
`and the bureau, a two-way data-communications linkage; transferring, from
`
`the computer to the bureau, a request-for—license including an identification of
`
`15
`
`the computer and the license-record’s contents from the selected program;
`forming an encrypted license-record at the bureau by encrypting parts of the
`request-for-license using part of the identification as the encryption key; and
`transferring, from the bureau to the computer, theencrypted license—record:
`4. A method according to claim 2, wherein verifying the program
`further comprising the steps of: establishing, between the computer and the
`
`20 bureau, a two-way data-communications linkage;
`
`transferring,
`
`from the
`
`computer
`
`to the bureau, a request-for-license—verification including an
`
`identification of the computer, the encrypted license-record for the selected
`
`program
`
`from
`
`the
`
`second
`
`non-volatile
`
`memory,
`
`and
`
`the
`
`licensed-software-program’s license-record contents; enabling the comparing
`
`25
`
`at the bureau; and transferring, from the bureau to the computer, the result of
`
`the comparing.
`
`5. A method according to any of claims 3 or 4 wherein the
`
`identification of the computer includes the pseudo-unique key.
`
`SAMSUNG EX. 1010 - 16/20
`
`1
`
`SAMSUNG EX. 1010 - 16/20
`
`
`
`
`
`.14-
`
`6. A method according to claims 1 or 2 wherein selecting a program
`
`includes the step of: establishing a licensed-sofiware—program in the volatile
`
`memory of the computer wherein said licensed—software-program includes
`
`contents used to form a license—record.
`
`7. A method according to claims 1 or 2 wherein setting up the
`
`verification structure includes the steps of: establishing or certifying the
`
`lI
`
`lx
`
`existence of a pseudo-unique key in the first non-volatile memory area; and
`
`establishing at least one license-record location in the first or the second
`
`nonvolatile memory area.
`
`10
`
`8. A method according to claims. 6 and 7 wherein establishing a
`
`license-record includes the steps of: forming a license—record by encrypting of
`
`the contents used to form a license—record with other predetermined data
`
`contents, using the key; and establishing the encrypted license-record in one
`
`of the at least one established license-record locations.
`
`15
`
`' 9. A method according to claims 1 or 2 wherein verifying the program
`
`includes
`
`the
`
`steps
`
`of:
`
`encrypting
`
`the
`
`licensed-software-program’s
`
`license-record contents from the volatile memory area or decrypting the
`
`license-record in the first _or the second non-volatile memory area, using the
`
`key; and comparing the encrypted licensed-sofiware-program’s license—record
`
`20
`
`contents with the encrypted license—record in the first or
`
`the second
`
`non-volatile memory area, or comparing the licensed-software-program’s
`
`license-record contents with the decrypted license-record in the first or the
`
`second non-volatile memory area.
`
`10. A method according to any of claims 1 or 9 wherein acting on the
`
`25
`
`program includes the step of:
`
`restricting the program’s operation with
`
`predetermined limitations if the comparing yields non-unity or insufficiency.
`
`11. A method according to claim 1 wherein the first non—volatile
`
`memory area is a ROM section of a BIOS.
`
`SAMSUNG EX. 1010 - 17/20
`
`SAMSUNG EX. 1010 - 17/20
`
`
`
`
`
`.15.
`
`12. A method according to claim 1 wherein the second non—volatile
`
`memory area is a EZPROM section of a BIOS.
`
`13. A method according to claim 1 wherein the volatile memory is a
`
`RAM.
`
`14. A non-volatile memory media used as a BIOS of a computer, for
`restricting software operation within a
`license limitation, wherein a-
`
`pseudo-unique key is established.
`
`15._A non-volatile memory media according to claim 14 wherein the
`
`pseudo—unique key is established in a ROM section of the BIOS.
`
`IO
`
`For the Applicants,
`VREINHOLD COHN AND PARTNERS
`By:
`
`,
`
`
`
`Il ii
`
`lI
`
`-
`
`\A
`
`-(\n
`
`SAMSUNG EX. 1010 - 18/20
`
`SAMSUNG EX. 1010 - 18/20
`
`
`
`
`
`Miki Mullor
`
`Julian Valiko
`
`2 Sheets
`Sheet No. 1
`
`1st NON—VOLATILE
`MEMORY
`
`(5)
`
`9
`
`li-
`
`UCENCE RECORDS (1o)(11) (12)
`
`
`
`
`2nd NON—VOLAflLE’
`MEMORY
`
`(4)
`
`
`
`
` LICENSE PROGRAM
`
`
`IIIIIIII4J4'
`
`vounuE MEMORY(6)
`
`
`[:::}~\13
`
`
`
`
`(7)
`UCENSE BUREAU
`
`FIG21
`
`SAMSUNGEXhoungmo
`., a...“ .h ,
`
`SAMSUNG EX. 1010 - 19/20
`
`
`
`
`
`3
`g
`3
`
`Miki Mllllor
`I
`Julian Valiko
`
`/._T _
`
`2 Sheets
`Sheet No. 2
`
`_
`
`_
`
`1 7
`
`SELECTING
`
`'
`
`18
`
`SETTING UP
`
`
`
`
`
`
`
`
`
`VERIFYINC
`
`19
`
`20
`
`FIG.2
`
`, “W
`
`,,
`
`SAMSUNG EX. 1010 - 20/20
`
`1
`
`SAMSUNG EX. 1010 - 20/20
`
`