`=
`.
`Se.
`.
`=
`Smeeaee 2
`MIN2meTea
`
`
`
`STATE PF ISRAEL
`
`‘3 mand nxt
`
`OMpnya mr pA
`
`manonn Sw m21D)
`
`monns> wippmw
`
`papo> mwpan oy
`mnwin pT Dy
`
`Sw pwRin Tnys
`ADIT
`
`
`
`This
`
` Wien em ae te
`
`aoe
`
`mvIpeT OW
`
`Registrar of Patents
`
`)
`
`WRI
`~
`Certified
`SAMSUNG Ex. 1010 - 1/20
`
`SAMSUNG EX. 1010 - 1/20
`
`
`
`
`For Office Use 124574
`
`1967 —t/awWNn ,DwVvANn pin
`PATENTS LAW,5727-1967
`
`ps2055 AWwpPp2a
`
`icati
`Application For Patent
`
`ONAN117719 ATI4A 94951 IYI WAI OW) 29K
`I, (Name and address of applicant, and in case of body corporate-place of incorporation)
`
`NIWA wInIwys
`
`Number
`
`7900
`21 -05- 99g OeDate
`TANTI/OWPIN
`Ante/Post-dated
`
`SRW? 47234 WT 197 ,3 PINS NAN PINTW? NTN DWNT 9999
`Miki Mullor,Israeli citizen, of 3 Zelon St., Ramat Hasharon 47234,Israel
`:
`SN? 47234IW 07 3 PONY NW PINTW? NAN ,1979797 JN
`Julian Valiko,Israeli citizen, of 3, Zelon St., Ramat Hasharon 47234,Israel
`
`Beinginventors
`nin nawYW
`of an invention the title of which is
`
`DNYNN WHI
`
`Non NNYAN >Y¥3
`Owner, by virtue of
`
`Wows noaan pn Aan nwo noaans now
`
`Methodofrestricting software operation within a licensed limitation
`
`.
`
`(mesaya)
`(Hebrew)
`
`(7990962)
`(English)
`
`Hereby apply fora patent to be granted to me in respect thereof.
`
`Priority Claim
`
`No. 1°99|No. 'On
`
`p09 moby ob yn? 29NTS wpan
`
`
`
`Appl. for Patent of Addition
`Application of Division
`
`
`
`
`pivad/nWPpay*
`vive nvpan
`ywosaeN
`NNN M3979
`
`
`
`Date
`to Patent/Appl.
`from application
`Number/Mark
`Convention Count
`
`
`
`
`
`p9I9|dated
`
`7799) *
`
`
`
`
`war Ty
`To befiled
`
`
`SNAPane N05 IAT
`Address for Service in Israel
`
` REINHOLD COHN AND PARTNERS
`
`
`~
`Patent Attorneys
`C. 110713.5
`P.O.B. 4060, Tel-Aviv
`
`
`
`
`vaann nmenn
`
`1998)
`=mwv
`May
`wnna
`20
`pn
`
`
`Signature of Applicant
`ofthe year
`of
`This
`
`
`
`ADWIN WIPWT
`
`For Office Use
`
`5999 EMIT PIN’ AVIAN NANT TWN A WANA TANNA IIA DIWInt OrDIVaN Navy aMmina yan NIAws At vai
`This form, impressed with the Seal of the Patent Office and indicating the number and date offiling, certifies the filing of the application the particulars of
`
`which are set out above.
`.
`ANPAA AN PN*
`Delete whatever is inapplicable
`
`For the Applicants,
`REINHOLD COHN AND PARTNERS
`By :—
`
`\p
`
`SAMSUNG Ex. 1010 - 2/20
`
`SAMSUNG EX. 1010 - 2/20
`
`
`
`
`
`yw yan Tn Aan Nowa nyaan7 now
`
`Method ofrestricting software operation within a licensed limitation
`
`Miki Mullor
`Julian Valiko
`
`SIND 979999
`177959 NID?
`
`C.110713.5
`
`SAMSUNG Ex. 1010 - 3/20
`
`SAMSUNG EX. 1010 - 3/20
`
`
`
`
`
`
`
`
`
`Methodof Restricting Software Operation within A License Limitation
`a
`
`FIELD OF THE INVENTION
`
`This invention relates to a method and system of identifying and —
`
`restricting an unauthorized software program’s operation.
`
`BACKGROUND OF THE INVENTION
`
`the identifying and -
`Numerous methods have been devised for
`restricting of unauthorized software program’s operation. These methods
`have been primarily motivated by the grand proliferation of illegally copied
`software, which is engulfing the marketplace. This illegal copying represents .
`
`10
`
`15
`
`billions of dollars in lost profits to commercial software developers.
`Software based products have been developed to validate authorized
`software usage by writing a license signature onto the computer’s volatile
`memory (e.g. hard disk). These products may be appropriate for restricting
`honest software users, but they are very vulnerable to attack at the hands of
`skilled system’s programmers (e.g. “hackers’”’). These license signatures are
`also subject to the physical instabilities of their volatile memory media.
`Hardware base products have also been developed to validate
`authorized software usage by accessing a dongle that is coupled e.g. to the
`parallel port of the P.C. These units are expensive,
`inconvenient, and not
`
`SAMSUNG Ex. 1010 - 4/20
`
`SAMSUNG EX. 1010 - 4/20
`
`
`
`
`
`
`
`particularly suitable for software that may be sold by downloading (e.g. over
`
`the internet).
`
`There is accordingly a need in the art to provide for a System and
`
`method that substantially reduce or overcome the drawbacks of hitherto
`
`knownsolutions.
`
`SUMMARYOF THE INVENTION
`
`invention relates to a method of restricting software
`The present
`operation within a license limitation. This methodstrongly relies on the use of
`a key and of a record, which have been written into the non-volatile memory
`
`10
`
`of a computer.
`For a better understanding of the underlying concept of the invention,
`there follows a specific non-limiting example. Thus, consider a conventional
`computer having a conventional BIOS module in which a key was embedded
`at
`the ROM section thereof, during manufacture. The key constitutes,
`effectively, a unique identification code for the host computer. It is important
`to note that the key is stored in.a-non-volatile portion of the BIOS,.i.e.
`it
`
`....
`
`.
`
`cannot be removedor modified.
`
`Further, according to the invention, each application program that is to
`be licensed to run on the specified computer,
`is associated with a license
`record; that consists of author name, program name and number oflicensed
`users (for network). The license record may be held in either encrypted or
`
`explicit form.
`license establishment procedure,
`there commences an initial
`Now,
`where a verification structure is set in the BIOS so as to indicate that the
`specified program is licensed to run on the specified computer. This is
`implemented by encrypting the license record (or portion thereof) using said
`key (or portion thereof) exclusively or in conjunction with other identification
`
`15
`
`-
`
`20
`
`25
`
`c&
`
`\
`
`SAMSUNG Ex. 1010 - 5/20
`
`SAMSUNG EX. 1010 - 5/20
`
`
`
`
`
`@ :
`
`;
`
`information) as an encryption key. The resulting encrypted license record is
`stored in another (second) non-volatile section of the BIOS,e.g. E’PROM (or
`the ROM). It should be noted that unlike the first non-volatile section, the
`data in the second non-volatile memory may optionally be erased or modified
`(using E7PROM manipulation commands), so as to enable to add, modify or
`5
`remove licenses. The actual format of the license mayincludeastring of
`terms that correspondto a license registration entry (e.g. lookup table entry or
`entries) at a license registration bureau (which will be further described as
`part of the preferred embodimentof the present invention).
`Having placed the encrypted license record in the second non-volatile
`memory (e.g.
`the E’PROM),
`the process of verifying a license may be
`commenced. Thus, when a program is loaded into the memory of the
`computer, a so called license verifier application, that is a priori running in
`the computer, accesses the program under question, retrieves therefrom the
`license record, encrypts the record utilizing the specified unique key (as
`retrieved from the ROM section of the BIOS) and compares the so encrypted
`record to the encrypted records that reside in the EPROM.In the case of
`-. match, the program is verified to run on the computer. If on the other handthe..
`sought encrypted data record is not found in the E’PROM database, this
`20 means that
`the program under question is not properly licensed and
`appropriate application define action is invoked (e.g. informing to the user on
`the unlicensed status, halting the operation of the program under question
`
`10
`
`15
`
`_.-
`
`etc.)
`
`Those versed in the art will readily appreciate that any attempt to run a
`25 program at an unlicensed site will be immediately detected. Consider, for
`example,that a given application, say Lotus 123, is verified to run ona given
`computer havinga first identification code (k1) stored in the ROM portion of
`the BIOS thereof. This obviously requires that the license record (LR) of the
`
`SAMSUNG Ex. 1010 - 6/20
`
`SAMSUNG EX. 1010 - 6/20
`
`
`
`
`
`
`
`application after having been encrypted using kl giving rise to (LR)k1 is
`stored in the E7PROMofthefirst computer.
`Suppose nowthat a hacker attempts to run the specified application in
`a second computer having a second identification code (k2) stored in the
`ROM portion of the BIOS thereof. All or a portion the database contents
`(including of course (LR)) that reside in the E?PROM portion in the first
`computer may be copied in a known per se means to the second computer. It
`is important to note that the hackeris unable to modify the key in the ROM of
`the second computer to K1, since, as recalled, the contents of the ROM is
`established during manufacture andis practically invariable.
`Now, when the application under question is executed in the second
`computer, the license verifier retrieves said LR from the application and, as
`explained above, encrypts it using the key as retrieved from the ROM ofthe
`second computer,
`i.e k2 giving rise to encrypted license record (LR)w.
`Obviously, the value (LR)2 does-not reside in the E’PROM database section
`of the second computer (sinceit was not legitimately licensed) and therefore
`the specified application is invalidated. It goes without saying that the data
`--copied: from the first
`(legitimate) computer.
`is
`rendered useless,
`since -
`comparing (LR) with the copied value (LR)results, of course,
`in
`
`10.
`
`15
`
`20
`
`mismatch.
`The example aboveis given for clarity of explanation only andis by no
`
`25
`
`meansbinding.
`for a method of
`the invention provides
`In its broadest aspect,
`restricting software operation within a license limitation including;
`for a
`computer having a first non-volatile memory area, a second non-volatile
`memory area, and a volatile memory area; the steps of: selecting a program
`residing in the volatile memory, setting up a verification structure in the
`non-volatile memories, verifying the program using the structure, and acting
`on the program according to the verification.
`
`SAMSUNG Ex. 1010 - 7/20
`
`SAMSUNG EX. 1010 - 7/20
`
`
`
`
`
`
`
`
`
`An important advantage in utilizing non-volatile memory such as that
`residing in the BIOS is that the required level of system programming
`expertise that is necessary to intercept or modify commands,interacting with
`the BIOS,is substantially higher than those needed for tampering with data
`residing in volatile memory such as hard disk. Furthermore, there is a much
`higher cost to the programmer, if his tampering is unsuccessful, i.e. if data
`residing in the BIOS (which is necessary for the computer’s operability) is
`inadvertently changed by the hacker. This is too high of a risk for the ordinary
`software hacker to pay. Note that various recognized means for hindering the
`professional-like hacker may also be utilized (e.g. anti-debuggers, etc.) in
`conjunction with the present invention.
`In the context of the present invention, a “computer”relates to a digital
`data processor. These processors are found in personal computers, or on one
`or more processing cards in multi-processor machines. Today, a processor
`normally include a first non-volatile memory, a second non-volatile memory,
`and data linkage access to a volatile memory. There are also processors
`having only one non-volatile memory or having more than two non-volatile
`memories; all of which should be considered logically as relating to having a
`first and a second non-volatile memory areas. There are also computational
`environments where the volatile memory is distributed into numerous
`physical components, using a bus, LAN,etc.; all of which should logically be
`considered as being a volatile memory area.
`According to the preferred embodimentof the present invention, there
`is further provided a license authentication bureau which can participate in
`
`10
`
`15
`
`20
`
`25
`
`either or both of:
`
`(i) establishing the license record in the second non-volatile memory;
`
`and
`
`SAMSUNG Ex. 1010 - 8/20
`
`SAMSUNG EX. 1010 - 8/20
`
`
`
`
`
`
`
`
`
`vesareeseee!oe
`
`
`(ii) verifying if the key and license record in the non-volatile
`memory(s) is compatible with the license record information as extracted
`
`’
`from the application under question.
`The bureau is a telecommunications accessible processor where
`
`functions such as formatting, encrypting, and verifying may be performed.
`Performing these or other
`functions at
`the bureau helps to limit
`the
`understanding of potential software hackers; since they can not observe how
`these functions are constructed. Additional security may also be achieved by
`forcing users of the bureau to register, collecting costs for connection to the
`bureau, logging transactionsat the bureau, etc.
`According to one example of using the bureau,setting up a verification
`structure further includes the steps of: establishing, between the computer and
`the bureau, a two-way data-communications linkage; transferring, from the
`computer to the bureau,a request-for-license includingan identification of the
`computer and the license-record’s contents from the selected program;
`forming an encrypted license-record at the bureau by encrypting parts of the
`request-for-license using part of the identification as the encryption key; and
`transferring, from the bureau to the computer, the encrypted license-record.
`_
`_According to another example.of using the bureau, verifying the
`program further includesthe steps of: establishing, between the computer and
`the bureau, a two-way data-communications linkage; transferring, from the
`computer
`to the bureau, a request-for-license-verification including an
`identification of the computer, the encrypted license-record for the selected
`program
`from
`the
`second
`non-volatile
`memory,
`and
`the
`licensed-software-program’s license-record contents; enabling the comparing
`at the bureau; and transferring, from the bureau to the computer, the result of
`the comparing.
`The actual key that serves for identifying the computer may be
`composed ofthe pseudo-unique key exclusively, or, if desired, in combination
`
`10
`
`15
`
`20
`
`25
`
`SAMSUNG EX.1010 - 9/20
`
`SAMSUNG EX. 1010 - 9/20
`
`
`
`
`
`with information, e.g. information related to the registration of the user such
`as e.g. place, telephone number, user name,license number, etc. In the context
`of the present invention, a “pseudo-unique” key mayrelate to a bit string
`which uniquely identifies each first non-volatile memory. Alternately the
`“pseudo-unique” key may relate to a random bitstring (or to an assignedbit
`string) of sufficient length such that: there is an acceptably low probability of
`a
`successful unauthorized transfer of licensed software between two
`computers, where the first volatile memories of these two computers have the
`
`10
`
`15
`
`20
`
`25
`
`.
`same key.
`It should be noted that the license bureau might maintain a registry of
`keys and of licensed programs that have been registered at the bureau in
`association with these keys. This registry may be used to help facilitate the
`formalization of procedures for the transfer of ownership oflicensed software
`from use on one computerto use on another computer.
`Constructing the key in the manner specified may hinder the hacker in
`cracking the proposed encryption schemeofthe invention, in particular when
`the establishmentofthe license record or the verification thereof is performed
`in the bureau. Those versedin the art will readily appreciate that the invention _ |
`is by no means boundbythe data, the algorithms, or the manner of operation
`of the bureau. It should be noted that the tasks of establishing and/or verifying
`
`a license record may be shared between the bureau and the computer, done
`exclusively at
`the computer, or done exclusively at
`the bureau. The
`pseudo-unique key length needsto be long enough to hinder encryption attack
`schemes. The establishing of the key may be done at any time from the
`non-volatile memory’s manufacture until an attempted use of an established
`license-record in the non-volatile memory. The key is used for encryption or
`decryption operations associated with license-records.
`In principle,
`the
`manufacturer
`of
`the
` licensed-software-program may
`specify
`the
`
`SAMSUNG Ex. 1010 - 10/20
`
`SAMSUNG EX. 1010 - 10/20
`
`
`
`
`
`@.
`
`a
`
`
`
`license-record format and therefore different formats may, if desired, be used
`for respective applications.
`According to the preferred embodiment of the present invention, the
`pseudo-uniquekeyis a unique-identification bit string that is written onto the
`first non-volatile memory by the manufacturer of the is memory media.
`
`5
`
`10
`
`According to one, non-limiting, preferred embodiment of the present
`invention, the first non-volatile memory area is a ROM section of a BIOS; the
`second non-volatile memory area is a E2PROMsection of a BIOS; and the
`volatile memory is a RAM e.g. hard disk and/or internal memory of the
`computer.
`|
`The present invention also relates to a non-volatile memory media
`used as a BIOS of a computer, for restricting software operation within a
`license limitation, wherein a pseudo-uniquekeyis established.
`According to the preferred embodiment of the non-volatile memory
`15 media of the present invention, the pseudo-unique key is established in a
`
`ROMsection of the BIOS.
`
`BRIEF DESCRIPTION OF THE DRAWINGS:
`
`20
`
`In order to understand the invention and to see how it maybe carried
`out in practice, a preferred embodiment will now be described, by way of
`non-limiting example only, with reference to the accompanying drawings, in
`
`which:
`
`Fig. 1 is aschematic diagram of a computer and a license bureau; and
`Fig. 2 is a generalized flow chart of the sequence of operations
`25 performed according to one embodimentofthe invention.
`
`SAMSUNG Ex. 1010 - 11/20
`
`SAMSUNG EX. 1010 - 11/20
`
`
`
`
`
`
`
`DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT
`
`A schematic diagram of a computer and a license bureau is shown in
`Figure 1. Thus, a computer processor (1) is associated with input“operations
`(2) and with output operations (3). This computer (processor) internally
`contains a first non-volatile memory area (4) (e.g. the ROM section of the
`BIOS), a second non-volatile memory area (5) (e.g. the E’PROMsection of
`the BIOS), and a volatile memory area(6) (e.g. the internal RAM memory of
`
`the computer).
`The computer processor is in temporary telecommunications linkage
`with a license bureau (7).
`Thefirst non-volatile memory includes a pseudo-random identification
`key (8), which exclusively or in combination with other information(e.g. user
`name),
`is sufficient to uniquely differentiate this first non-volatile memory
`from all other first non-volatile memories. As specified before, said key
`
`constitutesunique identification of the computer.
`The second non-volatile memory includes a license-record-area (9)
`e.g. for the containing of at least one encrypted license-record (e.g.
`three
`- records 10-12). Thevolatile memory accommodates a license program (16)
`having license record fields (13-15) appended thereto. By way of example
`said fields stand for Application name (e.g. Lotus 123), Vendor name (Lotus
`inc.), and no of licensed copies (1 for stand alone usage, >1 for number of
`licensed users for a network application).
`Thoseversedin the art will readily appreciate that the license record is
`not necessarily bound to continuos fields. In fact, the various license content
`components of the data record may be embedded in variouslocations in the
`application. Any component may, if desired, be encrypted.
`Each one of the encrypted license records (10-12) is obtained by
`encrypting the corresponding license record as extracted from program 16,
`utilizing for encryption the identification key (8).
`
`10
`
`15
`
`20
`
`25
`
`SAMSUNG Ex.1010 - 12/20
`
`SAMSUNG EX. 1010 - 12/20
`
`
`
`
`
`-10-
`
`In
`
`a
`
`typical, yet not
`
`exclusive,
`
`sequence of operation,
`
`a
`
`transaction/request is sent, by the computer to the bureau. This transaction
`
`includes the key (8), the encrypted license-records (10-12), contents from the
`
`license program used in forminga license record (e.g. fields 13-15), and other
`
`items of information as desired.
`The bureau forms the proposed license-record from the contents,
`encrypts
`(utilizing predetermined encryption algorithm)
`the so formed
`license-record using the key (8), and compares the so formed encrypted
`
`license-record with the license-records (10-12). The bureau generates an
`overlay according to the result of the ‘comparison indication successful
`comparison, non-critical failure comparison andcritical failure comparison.
`The bureau returns the overlay which will direct the computer in
`
`subsequent operation. Thus, a success overlay will allow the license program
`to operate. A non-critical
`failure overlay will ask for additional user
`interactions. A critical failure overlay will cause permanentdisruption to the
`
`10
`
`15
`
`computer’s BIOS operations. Thus, software operation of the program is
`‘ methodologically according toalicense limitation restriction.
`Those versed.in the artwill readily appreciate that the implementation
`as described with reference to Fig. 1 is by no meansbinding. Thus, by way of
`non-limiting example, the bureau, instead of being external entity may form
`
`20
`
`part of the computer.
`Attention is now directed to Fig. 2, showing a generalized flow chart
`of the sequence of operations performed according to one embodimentofthe
`
`invention.
`
`25
`
`Thus, selecting (17) a program includes the step of: establishing a
`licensed-software-program in the volatile memory of the computer wherein
`the
`licensed-software-program includes
`contents
`used
`to
`form a
`license-record. These contents, be they centralize or decentralized, may
`include terms,
`identifications, specifications, or limitations related to the
`
`SAMSUNG Ex. 1010 - 13/20
`
`SAMSUNG EX. 1010 - 13/20
`
`
`
`
`
`-li-
`
`
`
`manufacturer of a software product, the distributor of a software product, the
`purchaser of a software product, a licensor, a licensee, items of computer
`hardware or components thereof, or to other terms and conditions related to
`
`the aforesaid.
`
`the verification structure includes the steps of:
`Setting up (18)
`establishing or certifying the existence of a pseudo-unique key in the first
`non-volatile memory area; and establishing at
`least one license-record
`
`location in the first or the second nonvolatile memory area.
`
`forming a
`the steps of:
`Establishing a license-record includes
`license-record by encrypting of the contents used to form a license-record
`with other predetermined data contents, using the key; and establishing the
`encrypted license-record in oneof the at least one established license-record
`locations (e.g. 10-12 in Figure 1).
`Verifying (19) the program includes the steps of: encrypting the
`licensed-software-program’s
`license-record contents
`from . the volatile -
`memory area or decrypting the license-record in the first or the second
`non-volatile memory area, using the key; and comparing the encrypted
`licensed-software-program’s
`license-record contents with the encrypted _
`license-record in the first or the second non-volatile memory area, or
`comparing the licensed-software-program’s license-record contents with the
`decrypted license-recordin the first or the second non-volatile memory area.
`Acting (20) on the program includes the step of:
`restricting the
`program’s operation with predetermined limitations if the comparing yields
`non-unity or insufficiency. In this context “non-unity” relates to being unequal
`with respect to a specific equation (e.g. A=B+1); and “insufficiency” relates
`to being outside of a relational bound (e.g. A>B+1). “Restricting the
`program’s operation with predetermined limitations” may include actions
`such as erasing the software in volatile memory, warning the license
`applicant/user, placing a fine on the applicant/user through the billing service
`
`10
`
`15
`
`20
`
`25
`
`SAMSUNG Ex. 1010 - 14/20
`
`SAMSUNG EX. 1010 - 14/20
`
`
`
`
`
`
`
`-12-
`
`charges collected at the license bureau (if applicable), or scrambling sections
`of the BIOS of the computer(or of functions interacting therewith).
`
`The present invention has been described with a certain: degree of
`particularity but
`it should be understood that various modifications and
`alterations may be made without departing from the scope or spirit of the
`
`invention as defined by the following claims:
`
`SAMSUNG Ex. 1010 - 15/20
`
`SAMSUNG EX. 1010 - 15/20
`
`
`
`
`
`_~@
`
`
`
`-13-
`
`CLAIMS:
`
`1. A method of restricting software operation within. a license
`limitation comprising; for a computer having a first non-volatile memory
`area, a second non-volatile memory area, and a volatile memory area; the
`steps of: selecting a program residing in the volatile memory, setting up a
`verification structure in the non-volatile memories, verifying the program
`
`using the structure, and acting on the program accordingto the verification.
`2. A method according to claim 1, further comprising the step of:
`establishing a license authentication bureau.
`3. A method according to claim 2, wherein setting up a verification
`structure further comprising the steps of: establishing, between the computer
`and the bureau, a two-way data-communications linkage; transferring, from
`the computerto the bureau, a request-for-license including an identification of
`the computer and the license-record’s contents from the selected program;
`forming an encrypted license-record at the bureau by encrypting parts of the
`request-for-license using part of the identification as the encryption key; and
`transferring, from the bureau to the computer, the encrypted license-record.
`4. A method according to claim 2, wherein verifying the program
`further comprising the steps of: establishing, between the computer and the
`bureau, a two-way data-communications linkage;
`transferring,
`from the
`computer
`to the bureau, a request-for-license-verification including an
`identification of the computer, the encrypted license-record for the selected
`program
`from
`the
`second
`non-volatile
`memory,
`and
`the
`licensed-software-program’s license-record contents; enabling the comparing
`at the bureau; and transferring, from the bureau to the computer, the result of
`
`the comparing.
`5. A method according to any of claims 3 or 4 wherein the
`identification of the computer includes the pseudo-unique key.
`
`10
`
`15
`
`20
`
`25
`
`SAMSUNGEx.1010 - 16/20
`
`|
`
`SAMSUNG EX. 1010 - 16/20
`
`
`
`
`
`-14-
`
`6. A method according to claims 1 or 2 wherein selecting a program
`
`includes the step of: establishing a licensed-software-program in the volatile
`
`memory of the computer wherein said licensed-software-program includes
`
`contents used to form a license-record.
`
`7. A method according to claims 1 or 2 wherein setting up the
`verification structure includes the steps of: establishing or certifying the
`
`existence of a pseudo-unique key in the first non-volatile memory area; and
`establishing at least one license-record location in the first or the second
`
`nonvolatile memory area.
`8. A method according to claims 6 and 7 wherein establishing a
`license-record includes the steps of: forming a license-record by encrypting of
`the contents used to form a license-record with other predetermined data
`
`contents, using the key; and establishing the encrypted license-record in one
`
`of the at least one established license-record locations.
`
`- 9. A method according to claims | or 2 wherein verifying the program
`includes
`the
`steps
`of:
`encrypting
`the
`licensed-software-program’s
`license-record contents from the volatile memory area or decrypting the
`license-record in the first or the second non-volatile memory area, using the
`
`key; and comparing the encrypted licensed-software-program’s license-record
`contents with the encrypted license-record in the first or
`the second
`non-volatile memory area, or comparing the licensed-software-program’s
`license-record contents with the decrypted license-record in the first or the
`
`second non-volatile memory area.
`
`10. A method according to any of claims 1 or 9 wherein acting on the
`program includes the step of:
`restricting the program’s operation with
`predetermined limitationsif the comparing yields non-unity orinsufficiency.
`11. A method according to claim 1 wherein the first non-volatile
`
`memory area is a ROM section of a BIOS.
`
`10
`
`15
`
`20
`
`25
`
`SAMSUNG Ex. 1010 - 17/20
`
`SAMSUNG EX. 1010 - 17/20
`
`
`
`
`
`12. A method according to claim 1 wherein the second non-volatile
`memory area is a E’7PROMsection of a BIOS.
`13. A method according to claim 1 wherein the volatile memory is a
`
`RAM.
`
`14. A non-volatile memory media used as a BIOS of a computer, for
`restricting software operation within a license limitation, wherein a
`pseudo-uniquekey is established.
`15..A non-volatile memory media according to claim 14 wherein the
`pseudo-unique keyis established in a ROM section of the BIOS.
`
`aT)
`
`at
`
`10
`
`For the Applicants,
`-REINHOLD COHN AND PARTNERS
`By:
`
`SAMSUNG Ex. 1010 - 18/20
`
`SAMSUNG EX. 1010 - 18/20
`
`
`
`
`
`&
`
`tbnsteRCinScetatayeaistetoedeteeyeaten“VtnbapetaaSSetia
`
`—
`
`faladiedPintirnARE
`
`Miki Mullor
`
`Julian Valiko
`
`2 Sheets
`Sheet No. 1
`
`1/2
`
`
` 1st NON—VOLATILE
`MEMORY
`
`MEMORY
`
`2nd NON-VOLATILE
`
`(5)
`
`LICENSE PROGRAM
`
`
`
`(7)
`
`LICENSE BUREAU
`
`FIG.1
`
`SAMSUNG EX.1010-19/20
`oh ace
`
`SAMSUNG EX. 1010 - 19/20
`
`
`
`myeeos,:ree:enelntnesgl '
`
`Miki Mullor
`
`Julian Valiko
`
`2 Sheets
`Sheet No. 2
`
`‘|
`
`SELECTING
`SETTING UP
` 20
`
` ACTING
`
`
`
` VERIFYING
`
`FIG.2
`
`SAMSUNG Ex. 1010 - 20/20
`
`SAMSUNG EX. 1010 - 20/20
`
`