·,'·.
`
`SUBCLASS
`
`ART UNIT
`
`CLASS
`
`,31-P>i
`
`FILEDWI'rH:
`
`(Attache_~ i~ po·cket 9~ rightlns\de.flap)
`
`may be restricted, unauthorized disclosure may be prohibited by the United States'Code Title 35; Sections 122, 181 and 368.
`& Trademark Office is restricted to authorlzed.employees and contractors-only.
`·
`·
`
`I
`·
`
`.·
`
`~,jt~,Fee
`
`(LABEL AREA) .
`
`,;,,-... ·
`
`':vrm0! !Jravi:!nas (__silts) set_
`. (~.A,..CE)
`
`ANCC000008
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`Ill'.·.
`fc:'··
`
`----------;-·--.._
`
`\ r --
`
`:_ ....
`
`.. -·
`
`-:-
`
`'•.;:..
`
`···CONTENTS
`
`INITIALS----
`
`Date received
`(Incl. C. of M.},
`or··
`Date Mailed
`
`42.
`
`43. _ _ __;,_,j,L,
`.. ------~ - - - -
`1/"
`
`50.--~-------,
`
`•51 . ...;__~----~--- ---~-
`
`52.~--------- --'-'----'-
`
`"<JJ.I"-
`
`e:~.
`
`53.,.,--,-------'---- ----~
`~~~ - -+ - - - - - - - - -
`
`20. _ _ --"-~"------+- ____ _.;.,
`~~ .
`21. _ _ .....;-,-_;_ _ _ _ _ _ _ ~-----'-
`
`. . _,;~
`
`22. --,---_;_ _ _ _ _ _ _ _ - - - - -
`
`2,3. --'0---""''"':-"..,.,_..~----- - - - -
`24. -.,-,......,~-'7:--'-~-~­
`
`' 25 . .:.,' ~~---~--- --C.,----'--"-(cid:173)
`' i26.· -~~'--4'--~----- ~---
`27. --""'""'-,.~"'-"-~-..,-,---'-- -~--­
`·/':.
`2.S. --.,---'---i-_,___,,____..;__ _
`__,_ - - - - -
`
`;
`
`\
`
`58,
`Sit
`
`61 .
`62.
`
`.63 .
`
`. 64.
`
`65.
`
`66.
`
`67.
`
`6.8 ..
`
`6.9.
`
`70.
`
`71.
`
`72.
`,.['13:; -'
`
`74~·
`
`1'75.
`
`76.
`
`77.
`78.
`79.
`
`80.
`
`81.
`
`82.
`
`.:(
`
`(FRONT)
`
`(",
`
`:,_,.,_
`
`ANC9
`
`ANCC000009
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`SEARCH NOT6S
`(INCLUD~~"SEARCH S'J:!=I,ATEGY)
`
`Class
`
`Sub.
`
`Date
`
`Exmr.
`
`' .
`
`Class
`
`Sub.
`
`Date
`
`Exmr.
`
`ANCC000010
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`·_:..;'
`
`' ·.
`. ;~
`
`ISSl TE ~ 1 jp STAPLF AREA (for additional cross refe.rences)
`-::~,~5)72~-i~;"'' '-7·~ ..
`,,.,,;ytt~s{''?N; .
`.,,:'
`~:.;·~ '
`.:
`~· lt:J)
`~I !\;11'<:
`!£',(""'\
`ttl: }hJ:'
`· lit:.Vn:vv
`
`INITIALS
`
`~
`
`:
`
`••
`
`:.
`
`·.
`
`. .
`
`.
`
`,· ', <:·
`
`. • .·
`
`~
`
`•c
`
`.. -·
`
`IDNO.
`
`DATE
`
`l~Mr !/
`
`[;
`(a<;Cf'll
`INDEX OF CLAIMS
`
`/ ()- / 11' {;,y·
`/; ,·.
`'IJcJ9Cfl'c1 .
`I
`
`.•.
`
`I .
`
`'
`
`·'
`;:
`
`;
`
`';i "'·
`
`>;
`,.
`
`' ....
`................................. Rejected
`= .: ................................ Allowed
`- (Through numeral) Canceled
`+ ................................. Restricted
`
`N ................................. Non-elected
`I ................................. Interference
`A ................................. Appeal
`0 ................................. Objected
`
`;
`
`1!, .hl
`~:.] ~~ ~~ ~ '
`...
`-:!
`,I
`
`[Claim "~l~ ~('\
`
`1'-
`
`['...
`[:::.
`
`~
`
`I~
`I~
`I~
`~
`
`..
`
`•.::
`,.,
`....
`·""'
`..,
`.--
`
`·~·
`·""'
`[>::::
`
`.)
`
`~r--
`\ '\ 1\i IV r-.·
`A..' 1 \; "V
`'2>.·· 3
`·-<~4
`5'[. 5
`iO .• 6
`1- 7
`~· 8
`,;,, "t 9
`1'13- 10
`~~
`~
`:\\ ~13
`['1.4;
`lts.
`\1~ 116
`
`<
`
`I
`
`'I
`
`'
`
`,t
`
`"
`
`:~ [17
`[18
`·n· [19
`\'b~
`\'\ zt
`13'. 'SJ ~~
`. 15' r- 1..j
`[24
`[25
`126
`27
`28
`29_
`30
`31
`,32
`[33
`
`135_
`[36
`
`~''\\ ~~
`---)0~.
`'-~
`r-j4o \:~~
`
`I
`
`~-·
`
`1\'
`
`[',.
`
`~~·".,
`
`[\<::
`
`"
`
`c\
`""':
`
`· ...
`
`141
`42
`43
`4~
`145 .
`
`[46 "'·
`
`147
`148
`[49
`15.0
`
`I
`
`.,,
`
`:.
`
`.:;,,
`
`>•
`
`~-·:.rir·::'·• .·
`~r,;:? '
`. <:
`,·
`
`Claim
`
`Date
`
`Claim
`
`Date
`
`<ii
`c:
`~ :~
`u:: 0
`51
`52
`53
`54
`55
`56
`: 57
`58
`59
`60
`61
`62
`63
`64
`65
`66
`67
`68
`69
`70
`71
`72
`73
`74
`75
`76
`77
`78
`79
`70
`81
`82
`83
`84
`85
`86
`87
`88
`89
`90
`91
`92
`93
`94
`95
`96
`97
`98
`99
`Mo
`
`<ii
`c:
`<ii
`'5>
`.5 i5
`lL
`119
`112
`113
`11
`115
`116
`117
`118
`1.19
`10
`111
`112
`113
`114
`115
`116
`117
`118
`119
`20
`121
`122
`123
`124
`125
`26
`127
`128
`29
`30
`131
`32
`13
`13
`13
`13
`131
`38
`39
`40
`141
`14
`14
`144
`45
`46
`14
`4
`14
`15
`
`lf more than 150 claims or 10 actions
`.staple additional sheet here
`
`.. (LEF,T INSIDE)
`
`~--·--''·------··-----··---- ---~
`
`-=··
`
`-"•·
`
`' \';
`
`if. .
`
`if
`
`ANCC000011
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`(12) United States Patent
`Mullor et al.
`
`llllllllllllllllllllllllllllllllllll! u••~ ~1111111111111111111111111111111
`US006411941Bl
`US 6,411,941 Bl
`Jun.25,2002
`
`(IO) Patent No.:
`(45) Date of Patent:
`
`(54) METHOD OF RESTRICTING SOFTWARE
`OPERATION WITIUN A LICENSE
`LIMITATION
`
`(75)
`
`Inventors: Miki MuUor; Julian Valiko, both of
`Ramal H~haron (IL)
`
`(73) Assignee: Beeble, Inc., Newport Beach, CA (US)
`
`( *) Notice:
`
`Subject to any disclahner, the term ofthi?
`patent is extended or adjusted under 35
`U.S.C. 154(b)by 0 days.
`
`(21) Appl. No.: 09/164,777
`
`(22) Filed:
`
`Oct. 1,1998
`
`(30)
`
`Foreign Application Priority Data
`
`(D..)
`May 21, 1998
`................................................ 124571
`(51) Int. Cl? ................................................ G06F 17/60
`(52) U.S. Cl . ............................. 705/59; 705/50; 705/51;
`705/53; 705/57
`(58) Field of Search .............................. 705/51, 54, 56,
`705/57, 58, 59, 1, 50, 52, 53; 713/187,
`189, 200
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`4,866,769 A
`911989 Karp
`4,903,296 A
`211990 Chandra et al.
`4,924,378 A
`5/1990 Hershey et al.
`5,386,369 A
`111995 ·Christiano
`5,390,297 A
`2/1995 Barber eta!.
`5,479,639 A * 12/1995 Ewertz et al ............... 3951430
`5,490,216 A * 2/1996 Richadson, III ............... 380/4
`5,671,412 A
`9/1997 Christiano
`5,684,951 A * 11/1997 Goodman et al ...... 395/188.01
`5,754,763 A
`5/1998 Bereiter
`5,758,068 A
`5/1998 Brandt et al.
`5,758,069 A
`5/1998 Olsen
`5,790,664 A
`8/1998 Coley et al.
`5,826,011 A
`10/1998 Chou et al.
`5,892,900 A * 4/1999 Ginter et al ................ 395/186
`5,905,860 A
`5/1999 Olsen et a!.
`
`* 12/1999
`6,000,030 A
`6,006,190 A
`12/1999
`6,021,438 A
`212000
`6,0'.13,763 A
`2/2000
`6,052,600 A
`412000
`6,055,503 A
`412000
`6,067,582 A *
`512000
`6,073,256 A
`6/2000
`6,078,909 A
`6/2000
`6,128,741 A
`10/2000
`6,173,446 Bl
`1/2001
`6,189,146 Bl *
`2/2001
`6,192,475 Bl
`2/2001
`6,198,875 Bl *
`3/2001
`6,226,747 B1
`5/2001
`6,233,567 Bl
`5/2001
`6,243,468 B 1
`6/2001
`6,272,636 Bl
`8/2001
`6,298,138 Bl
`1012001
`
`Steinbet.~ et a!. ........... 713/200
`Baena-Amaiz et al.
`Duvvoori et al.
`Grumpstrup et al.
`.. ............... 455/509
`Fette et al.
`Horstmann
`Smith et al. ........ ... ........ 710/5
`Sesma
`Knutson
`Goetz et al.
`Khan et al.
`Misra et al. .. ................ 717/11
`Wa!lance
`Edens on et al. .. ............ 386/94
`Larsson et al.
`Cohen
`Pearce et al.
`Neville 'et al.
`Gotoh eta!.
`
`FOREIGN PATENT DOCUMENTS
`408286906 A * 11/1996
`
`............. G06F/9/06
`
`JP
`
`OTHER PUBLICATIONS
`
`Dornbusch et al., Destop management software: no need to
`adjust your set., Infoworld, vl7, n37, p60.*
`* cited by examiner
`
`Primary Examiner-Hyung-Sub Sough
`Assistant Examiner-Calvin L Hewitt
`(74) Attorney, Agent, or Finn-Venable; Robert Kinberg;
`Jeffri A. Kaminski
`
`(57)
`
`ABSTRACT
`
`A method of restricting software operation within a license
`limitation that is applicable for a computer having a first
`non-volatile memory area, a second non-volatile memory
`area, and a volatile memory area. The method includes the
`steps of selecting a program residing in the volatile memory,
`setting up a verification structure in the non-volatile
`memories, verifying the program using the structure, and
`acting on the program according to the verification.
`
`19 Claims, 2 Drawing Sheets
`
`M(MOR':'
`
`('·)
`
`l lstNON-vov.liLEI
`~··
`I~ UC[NCE RECOROS (10) {11) (12)
`
`2n<JNCN-YOLA!Ilf
`MEMORY
`
`(5)
`
`VOlATilE" MEMORY (li)
`
`I
`ILL .1
`
`ANC12
`
`ANCC000012
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`U.S. Patent
`
`Jun. 25,2002
`
`Sheet 1 of 2
`
`US 6,411,941 Bl
`
`/~
`
`'
`
`1st NON-VOLJ\TILE
`MEMORY
`
`(4)
`
`KEY (8) I
`
`2nd NON-VOLATILE
`MEMORY
`
`(5)
`
`/ 9
`LICENCE RECORDS ( 1 0) ( 11) ( 12) J
`
`VOLATILE MEMORY (6)
`
`LICENSE PROGRAM
`l 0
`I 0
`
`f-J14
`
`L_16
`~13 I
`C_15
`I 0
`I •
`
`\2) 0(3)
`
`j
`
`7
`
`LICENSE BUREAU
`
`(7)
`
`FIG.l
`
`ANC13
`
`ANCC000013
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`U.S. Patent
`
`Jun. 25,2002
`
`Sheet 2 of 2
`
`US 6,411,941 Bl
`
`SELECTING u
`
`17
`
`SETTING UP J
`
`1 8
`
`i '
`VERIFYING J
`
`1 9
`
`;
`ACTING J
`
`2 0
`
`FlG.2
`
`ANC14
`
`ANCC000014
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`US 6,411,941 Bl
`
`1
`METHOD OF RESTRICTING SOFTWARE
`OPERATION WITIDN A LICENSE
`LIMITATION
`
`FIELD OF THE INVENTION
`
`This invention relates to a method and system of identi(cid:173)
`fying and restricting an lillauthorized software program's
`operation.
`
`BACKGROUND OF THE INVENTION
`
`10
`
`Numerous methods have been devised for the identifying
`and restricting of an unauthorized software program's opera(cid:173)
`tion. These methods have been primarily motivated by the
`grand proliferation of illegally copied software, which is
`engulfing the marketplace. This illegal copying represents
`billions of dollars in lost profits to commercial software
`developers.
`Software based products have been developed to validate
`authorized software usage by writing a license signature
`onto the computer's volatile memory (e.g. hard disk). These
`products may be appropriate for restricting honest software
`users, but they are very vulnerable to attack at the hands of
`skilled system's programmers (e.g. "hackers"). These
`license signatures are also subject to the physical instabili(cid:173)
`ties of their volatile memory media.
`Hardware based products have also been developed to
`validate authorized software usage by accessing a dongle
`that is coupled e.g. to the parallel port of the P.C. These units
`are expensive, inconvenient, and not particularly suitable for 30
`software that may be sold tiy downloading (e.g. over the
`internet).
`There is accordingly a need in the art to provide for a
`system and method that substantially reduce or overcome
`the drawbacks of hitherto known solutions.
`
`35
`
`2
`ROM). It should be noted that unlike the first non-volatile
`section, 1he data in the second non-volatile memory may
`optionally be erased or modified (using E2 PROM manipu(cid:173)
`lation commands), so as to enable to add, modify or remove
`licenses. The actual format of the license may include a
`string of terms that correspond to a license registration entry
`(e.g. lookup table entry or entries) at a license registration
`bureau (which will be further described as part of the
`preferred embodiment of the present invention).
`Having placed the encrypted license record in the second
`non-volatile memory (e.g. the E 2PROM), the process of
`verifying a license may be o commenced. Thus, when a
`program is loaded into the memory of the computer, a so
`called license verifier application, 1hat is a priori running in
`15 1he computer, accesses the program under question, retrieves
`therefrom the license record, encrypts the record utilizing
`1he specified unique key (as retrieved from the ROM section
`of the BIOS) and compares the so encrypted record to the
`encrypted records that reside in the E 2PROM. In 1he case of
`20 match, the program is verified to run on the computer. If on
`the other hand the sought encrypted data record is not found
`in the E 2PROM database, this means 1hat the program under
`question is not properly licensed and appropriate application
`define action is invoked (e.g. informing to 1he user on the
`25 unlicensed status, halting the operation of the program under
`question etc.)
`Those versed in 1he art will readily appreciate that any
`attempt to run a program at an unlicensed site will be
`immediately detected. Consider, for example, 1hat a given
`application, say Lotus 123, is verified to run on a given
`computer having a first identification code (kl) stored in the
`ROM portion of the BIOS thereof. ·This obviously requires
`that 1he license record (LR) of the application after having
`been encrypted using kl giving rise to (LR)kl is stored in the
`E2PROM of the first computer.
`Suppose now that a hacker attempts to run the specified
`application in a second computer having a second identifi(cid:173)
`cation code (k2) stored in the ROM portion of the BIOS
`thereof. All or a portion the database contents (including of
`course (LR) kl ) that reside in the E2PROM portion in the first
`computer may be copied in a known per se means to the
`second computer. It is important to note that the hacker is
`unable to modify the key in the ROM of the second
`computer to Kl, since, as recalled, 1he contents of the ROM
`is established during manufacture and is practically invari-
`able . .
`Now, when the application under question is executed in
`the second computer, 1he license verifier retrieves said LR
`from 1he application and, as explained above, encrypts it
`using 1he key as retrieved from the ROM of the second
`computer, i.e k2 giving rise to encrypted license record
`(LR):.,2• Obviously, the value (LR)~a does not reside in the
`E2PROM database section of the second computer (since it
`55 was not legitimately licensed) and therefore the specified
`application is invalidated. It goes without saying that the
`data copied from the first (legitimate) computer is rendered
`useless, since comparing (LR)~a with the copied value
`(LR)., results, of course, in mismatch.
`The example above is given for clarity of explanation
`only and is by no means binding.
`In its broadest aspect, the invention provides for a method
`of restricting software operation within a license limitation
`including; for a computer having a first non-volatile memory
`65 area, a second non-volatile memory area, and a volatile
`memory area; the steps of: selecting a program residing in
`the volatile memory, setting up a verification structure in the
`
`SUMMARY OF THE INVENTION
`
`40
`
`The present invention relates to a method of restricting
`software operation within a license limitation. This method
`strongly relies on the use of a key and of a record, which
`have been written into the non-volatile memory of a com(cid:173)
`puter.
`For a better understanding of the underlying concept of
`the invention, there follows a specific non-limiting example. 45
`Thus, consider a conventional computer having a conven(cid:173)
`tional BIOS module in which a key was embedded at the
`ROM section thereof, during manufacture. The key
`constitutes, effectively, a unique identification code for 1he
`host computer. It is important to note 1hat the key is stored 50
`in a non-volatile portion of 1he BIOS, i.e. it cannot be
`removed or modified.
`Further, according to the invention, each application pro(cid:173)
`gr-am 1hat is to be licensed to run on 1he specified computer,
`is associated wi1h a license record; 1hat consists of author
`name, program name and number of licensed users (for
`network). The license record may be held in either encrypted
`or explicit form.
`Now, 1here commences an initial license establishment
`procedure, where a verification structure is set in the BIOS 60
`so as to indicate 1hat the specified program is licensed to run
`on the specified computer. This is implemented by encrypt(cid:173)
`ing the license record (or portion thereof) using said key (or
`portion thereof) exclusively or in conjunction with other
`identification information) as an encryption key. The result(cid:173)
`ing encrypted license record is stored in ano1her (second)
`non-volatile section of the BIOS, e.g. E2PROM (or the
`
`ANC15
`
`ANCC000015
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`US 6,411,941 Bl
`
`4
`for the selected program from the second non-volatile
`memory, and the licensed-software-program's license(cid:173)
`record contents; enabling the comparing at the bureau; and
`transferring, from the bureau to the computer, the result of
`the comparing.
`The actual key that serves for identifying the computer
`may be composed of the pseudo-unique key exclusively, or,
`if desired, in combination with information, e.g. ioformation
`related to the registration of the user such as e.g. place,
`10 telephone number, user name, license number, etc. In the
`context of the present iovention, a ''pseudo-unique" key may
`relate to a bit string which uniquely identifies each first
`non-volatile memory. Alternately the ''pseudo-unique" key
`may relate to a random bit string (or to an assigned bit string)
`IS of sufficient length such that: there is an acceptably low
`probability of a successful unauthorized transfer of licensed
`software between two computers, where the first volatile
`memories of these two computers have the same key.
`It should be noted that the license bureau might maintain
`20 a registry of keys and of licensed programs that have been
`registered at the bureau in association with these keys. This
`registry may be used to help facilitate the formalization of
`procedures for the transfer of ownership of licensed software
`from use on one computer to use on another computer.
`Constructing the key in the manner specified may hinder
`the hacker in cracking the proposed encryption scheme of
`the invention, in particular when the establishment of the
`license record or the verification thereof is performed in the
`bureau. Those versed in the art will readily appreciate that
`30 the invention is by no means bound by the data, the
`algorithms, or the manner of operation of the bureau. It
`should be noted that the tasks of establishing and/or veri(cid:173)
`fying a license record may be shared between the bureau and
`the computer, done exclusively at the computer, or done
`35 exclusively at the bureau. The pseudo-unique key length
`needs to be long enough to hinder encryption attack
`schemes. The establishing of the key may be done at any
`time from the non-volatile memory's manufacture until an
`attempted use of an established license-record io the non(cid:173)
`volatile memory. The key is used for encryption or decryp(cid:173)
`tion operations associated with license-records. In principle,
`the manufacturer of the licensed-software-program may
`specify the license-record format and therefore different
`formats may, if desired, be used for respective applications.
`According. to the preferred embodiment of the present
`invention, the pseudo-unique key is a unique-identification
`bit string that is written onto the first non-volatile memory
`by the manufacturer of the is memory media.
`According to one, non-limiting, preferred embodiment of
`so the present invention, the first non-volatile memory area is
`a ROM se~tion of a BIOS; the second non-volatile memory
`area is a E 2PROM section of a BIOS; and the volatile
`memory is a RAM e.g. hard disk and/or internal memory of
`the computer.
`The present invention also relates to a non-volatile
`memory media used as a BIOS of a computer, for restricting
`software operation within a license limitation, wherein a
`pseudo-unique key is established.
`According to the preferred embodiment of the non-
`60 volatile memory media of the present invention, the pseudo(cid:173)
`unique key is established in a ROM section of the BIOS.
`
`3
`non-volatile memories, verifying the program using the
`structure, and acting on the program according to the veri(cid:173)
`fication.
`An important advantage in utilizing non-volatile memory
`such as that residing in the BIOS is that the required level of
`system programming expertise that is necessary to intercept
`or modify commands, interacting with the BIOS, is substan(cid:173)
`tially higher than those needed for tampering with data
`residing in volatile memory such as hard disk. Furthermore,
`there is a much higher cost to the progranamer, if his
`tampering is unsuccessful, i.e. if data residing in the BIOS
`(which is necessary for the computer's operability) is inad(cid:173)
`vertently changed by the hacker. This is too high of a risk for
`the ordinary software hacker to pay. Note that various
`recognized means for hindeting the professional-like hacker
`may also be utilized (e.g. anti-debuggers, etc.) in conjunc(cid:173)
`tion with the present invention.
`In the context of the present invention, a "computer"
`relates to a digital data processor. These processors are
`found in. personal computers, or on one or more processing
`cards in multi-processor machines. Today, a processor nor(cid:173)
`mally includes a first non-volatile memory, a second non(cid:173)
`volatile memory, and data li!Jkage access to a volatile
`memory. There are also processors having only one non(cid:173)
`volatile memory or having more than two non-volatile 25
`memories; all of which should be considered logically as
`relating to having a first and a second non-volatile memory
`areas. There are also computational environments where the
`volatile memory is distributed into numerous physical
`components, using a bus, LAN, etc.; all of which should
`logically be considered as being a volatile memory area.
`According to the preferred embodiment of the present
`invention, there is further provided a license authentication
`bureau which can participate in either or both of:
`(i) establishing the license record in the second non(cid:173)
`volatile memory; and
`(ii) verifying if the key and license record in the non(cid:173)
`volatile memory(s) is compatible with the license
`record information as extracted from the application 40
`under question.
`The bureau is a telecommunications accessible processor
`where functions such as formatting, encrypting, and verify(cid:173)
`ing may be performed. Performing these or other functions
`at the bureau helps to limit the understanding of potential 45
`software hackers; since they can not observe how these
`functions are constructed. Additional security may also be
`achieved by forcing users of the bureau to register, collecting
`costs for connection to the bureau, logging transactions at
`the bureau, etc.
`According to one example of using the bureau, setting up
`a verification structure further includes the steps of:
`establishing, between the computer and the bureau, a two(cid:173)
`·way data-communications linkage; transferring, from the
`computer to the bureau, a request-for-license including an
`identification of the .computer and the license-record's con(cid:173)
`tents from the selected program; fanning an encrypted
`license-record at the bureau by encrypting parts of the
`request -for -license using part of the identification as the
`encryption key; and transferring, from the bureau to the
`computer, the encrypted license-record.
`According to another example of using the bureau, veri(cid:173)
`fying the program further includes the steps of: establishing,
`between the computer and the bureau, a two-way data(cid:173)
`communications linkage; transferring, from the computer to 65
`the bureau, a request-for-license-verification including an
`identification of the computer, the encrypted license-record
`
`55
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`In order to understand the invention and to see how it may
`be carried out in practice, a preferred embodiment will now
`be described, by way of non-limiting example only, with
`. reference to the accompanying drawiogs, in which:
`
`ANC16
`
`ANCC000016
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`US 6,411,941 Bl
`
`5
`FIG. 1 is a schematic diagram of a computer and a license
`bureau; and
`FIG. 2 is a generalized flow chart of the sequence of
`operations performed according to one embodiment of the
`invention.
`
`25
`
`DETAILED DESCRIPTION OF A PREFERRED
`EMBODIMENT
`A schematic diagram of a computer and a license bureau
`is shown in FIG. 1. Thus, a computer processor (1) is
`associated with input operations (2) and with output opera(cid:173)
`tions (3). Tills computer (processor) internally contains a
`first non-volatile memory area (4) (e.g. the ROM section of
`the BIOS), a second non-volatile memory area (5) (e.g. the
`E2PROM section of the BIOS), and a volatile memory area
`(6) (e.g. the internal RAM memory of the computer).
`The computer processor is in temporary telecommunica(cid:173)
`tions linkage with a license bureau (7).
`The first non-volatile memory includes a pseudo-random
`identification key (8), which exclusively or ih combination
`with other information (e.g. user name), is sufficient to
`uniquely differentiate this first non-volatile memory from all
`other first non'volatile memories. As specified before, said
`key constitutes unique identification of the computer.
`The second non-volatile memory includes a license(cid:173)
`record-area (9) e.g. which contains at least one encrypted
`license-record (e.g. three records 10-12). The volatile
`memory accommodates a license program (16) having
`license record fields (13-15) appended thereto. By way of
`example said fields stand for Application names (e.g. Lotus
`123), Vendor name (Lotus inc.), and number of licensed
`copies (1 for stand alone usage, >I for number of licensed
`users for a nerwork application).
`Those versed in the art will readily appreciate that the
`license record is not necessarily bound to continuous fields.
`In fact, the various license content components of the data
`record may be embedded in various locations in the appli(cid:173)
`cation. Any component may, if desired, be encrypted.
`Each one of the encrypted license records (10-12) is 40
`obtained by encrypting the corresponding license record as
`extracted from program 16, ·utilizing for encryption the
`identification key (8).
`In a typical, yet not exclusive, sequence of operation, a
`transaction/request is sent, by the computer to the bureau. 45
`This transaction includes the key (8), the encrypted license(cid:173)
`records (10-12), contents from the license program used in
`fomting a license record (e.g. fields 13-15), and other items
`of information as desired.
`The bureau fonns the proposed license-record from the
`contents, encrypts (utilizing predetermined encryption
`·algorithm) the so formed license-record using the key (8),
`and compares the so formed encrypted license-record with
`the license-record (10-12). The bureau generates an overlay
`according to the result of the comparison indicating suc(cid:173)
`cessful comparison, non-critical failure comparison and the
`critical failure comparison.
`The bureau returns the overlay which will direct the
`computer in subsequent operation. Thus, a success overlay
`will allow the license program to operate. A non-critical
`failure overlay will ask for additional user interactions. A
`critical failure overlay will cause permanent disruption to
`the computer's BIOS operations. Thus, software operation
`of the program is methodologically according to a license
`limitation restriction.
`Those versed in the art will readily appreciate that the
`implementation as described with reference to FIG. 1 is by
`
`6
`no means binding. Thus, by way of non-limiting example,
`the bureau, instead of being external entity may fonn part of
`the computer.
`Attention is now directed to FIG. 2, showing a general(cid:173)
`ized flow chart of the sequence of operations performed
`according to one embodiment of the invention.
`Thus, selecting (17) a program includes the step of:
`establishing a licensed-sofrware-program in the volatile
`memory of the computer wherein the licensed-software-
`tO program includes contents used to fonn a license-record.
`These contents, be they centralize or decentralized, may
`include tenns, identifications, specifications, or limitations
`related to the manufacturer of a software product, the
`distributor of a software product, the purchaser of a sofrware
`product, a licensor, a licensee, items of computer hardware
`15 or components thereof, or to other tenns and conditions
`related to the aforesaid.
`Setting up (18) the verification structure includes the steps
`of: establishing or certifying the existence bf a pseudo(cid:173)
`unique key in the first non-volatile memory area; and
`20 establishing at least one license-record location in the first or
`the second nonvolatile memory area.
`.
`Establishing a license-record includes the steps of: fann(cid:173)
`ing a license-record by encrypting of the contents used to
`form a license-record with other predetermined data
`contents, using the key; and establishing the encrypted
`license-record in one of the at least one established license(cid:173)
`record locations (e.g. 10-12 in FIG. 1).
`Verifying (19) the program includes the steps of: encrypt-
`30 ing the licensed-software-program's license-record contents
`from the volatile memory area or decrypting the license(cid:173)
`record in the first or the second non-volatile memory area,
`using the key; and comparing the encrypted licensed(cid:173)
`software-program's license-record contents with the
`35 encrypted license-record in the first or the second non(cid:173)
`volatile memory area, or comparing the licensed-software(cid:173)
`program's license-record contents with the decrypted
`license-record in the first or the second non-volatile memory
`area.
`Acting (20) on the program includes the step of: restrict(cid:173)
`ing the program's operation with predetermined liotitations
`if the comparing yields non-unity or insufficiency. In this
`context "non-unity" relates to being unequal with respect to
`a specific equation (e.g. A=B+l); and "insufficiency" relates
`to being outside of a relational bound (e.g. A>B+l).
`"Restricting the program's operation with predetermined
`limitations" may include actions such as erasing the soft(cid:173)
`ware in volatile memory, warning the license applicant/user,
`placing a fine on the applicant/user through the billing
`50 service charges collected at the license bureau (if
`applicable), or scrambling sections of the BIOS of the
`computer (or of functions interacting therewith).
`The present invention has been described with a certain
`degree of particularity but it should be understood that
`55 various modifications and alterations may be made without
`departing from the scope or spirit of the invention as defined
`by the following claims.
`What is claimed is:
`1. A method of resnicting software operation within a
`6o license for use with a computer including an erasable,
`non-volatile memory area of a BIOS of the computer, and a
`volatile memory area; the method comprising the steps of:
`selecting a program residing in the volatile memory,
`using an agent to set up a verification structure in the
`erasable, non-volatile memory of the BIOS, the veri(cid:173)
`fication structure accommodating data that includes at
`least one license record,
`
`65
`
`ANC17
`
`ANCC000017
`
`IPR2021-01406
`ANCORA EX2011
`
`

`

`US 6,411,941 Bl
`
`7
`verifying the program using at least the verification struc(cid:173)
`ture from the erasable non-volatile memory of the
`BIOS, and
`acting on the program according to the verification.
`2. A method according to claim 1, further comprising the
`steps of:
`establishing a license authentication bureau.
`3. A method according to claim 2, wherein setting up a
`verification structure further comprising the steps of:
`establishing, between the computer and the bureau, a two- 10
`way data-communications linkage; transferring, from the
`computer to the bureau, a request-for-license including an
`identification of the computer and the license-record's con(cid:173)
`tents from the selected program; forming an encrypted
`license-record at the bureau by encrypting parts of the 15
`request-for-license using part of the identification as an
`encryption key; transferring, from the bureau to the
`computer, the encrypted license-record; and storing the
`encrypted license record in the erasable non-volatile
`memory area of the BIOS.
`4. A method according to claim 2, wherein verifying the
`program further comprises the steps of: establishing,
`between the computer and the bureau, a two-way data(cid:173)
`communications linkage; transferring, from the computer to
`the bureau, a request-for-license verification including an 25
`identification of the computer, an encrypted license-record
`for the selected program from the erasable, non-volatile
`memory area of the BIOS, and the program's license-record;
`enabling the comparing at the bureau; and transferring, from
`the bureau to the computer, the result of the comparing.
`5. A method according to claim 3 wherein the identifica(cid:173)
`tion of the computer includes the unique key.
`6. A method according to claim 1 wherein selecting a
`program includes the steps of: establishing a licensed(cid:173)
`software-program in the volatile memory of the computer 35
`wherein said licensed-software-program includes contents
`used to form the license-record.
`7. A method according to claim 6 wherein using an agent
`to set up the verification structure includes the steps of:
`establishing or certifying the existence of a pseudo-unique 40
`key in a first non-volatile memory area of the computer; and
`establishing at least one license-record location in the first
`nonvolatile memory area or in the erasable, non-volatile
`memory area of the BIOS.
`8. A method according to claim 6 wherein establishing a 45
`license-record includes the steps of: forming a license(cid:173)
`record by encrypting o