(f
`
`PTOAfheSs.
`c135_U
`
`01/98
`10/
`o/Mt
`QIMJ
`
`VENABLE,BAETJER, HOWARD &CIVILETTL,LLP
`
`Including professional corporations
`Neen Yorkaeee Suite300 East
`ton,
`D.C. 20005-3955
`(202) 414-4000, Fax (202) 414-4040
`Telex 64267
`www.venable.com
`
`OFFICESIN
`MARYLAND
`WASHINGTON, D.C
`a
`VIRGINIA
`
`Mi|
`pa = 2
`c
`oo —— an
`—_ = -
`: oi — 4
`po =
`
`
`a~
`
`ATTORNEYS AT LAW
`
`October 1, 1998
`
`Assistant Commissioner for Patents
`
`Washington, D.C. 20231
`
`Re:
`
`New Patent Application
`Inventor(s): Miki MULLOR and Julian VALIKO
`Attorney Docket: REINC 4237.01
`
`Sir
`
`Please find attached hereto an application for patent which
`includes:
`
`Specification, Claims, Declaration, Power of Attorney.
`
`A certified copy of Israel Application No. 124571 filed May 21, 1998,
`the priority of which is claimed herewith under 35 U.S.C. 119.
`
`Verified Declaration Statement showing Small Entity Status:
`
`Formal Drawings: Figures 1 and 2
`
`(2 sheets)
`
`Fee (see formula below) check enclosed.
`
`
`
`
`a
`
`nytt Basic Fee $395/790..... ccc ce ee ee eee eee nene
`
`$__395.00
`
`Additional Fees;
`
`Total number of claims in excess of 20_* times $11/22 $
`
`0.00
`
`_1
`Number of independent claims
`
`0.00
`$
`*
`in excess of 3:
`times $41/82.................
`40.00
`An assignment is likewise enclosed; Recording Fee $40.5§
`TOTAL FEES FOR THE ABOVE APPLICATION... $__435.00
`
`,
`
`In the event there is attached hereto no check, or a check for an insuffi-
`x client amount, please charge the fee to our Account No. 19-3700 and notify us
`accordingly.
`
`RK: boa
`
`Respectfully submitted
`af
`
`
`
`Robert Kinberg,
`Registration No. 26,924
`
`0001
`
`Roku EX1002
`U.S. Patent No. 6,41 1,941
`
`Roku EX1002
`U.S. Patent No. 6,411,941
`
`0001
`
`

`

`a
`in
`‘Applicant or Patentee:
`Serial or Patent No.:
`Filed or Issued:
`For:_METHOD OF RESTRICTING SOPTWARE OPERATION WITHIN A LICENSED LIMITATION
`
`Attorney's
`
`Docket No.
`
`:
`
`mA
`
`-
`
`VERIFIED STATEMENT (DECLARATION) CLAIMING SMALL ENTITY STATUS
`(37 CFR 1.9(£) and 1.27(c)) - SMALL BUSINESS CONCERN
`
`I hereby declare that I am
`»
`£
`]
`the owner of the small business concern identified below:
`KJ an official of the small business concern empowered to act on behalf of the concern
`a identified below:
`mo
`
`NAME OF CONCERN M.¥.P.D. TECHNOLOGIES LTD.eeretetceretnNatt
`ADDRESS OF CONCERN
`cfo Keren-Shechter Law Firm,
`21 Har Sinai Street,
`Tel-Aviv 65816 Israel
`
`
`'I hereby declare that the above identified small business concern qualifies as a small
`basiness concern as defined in 13 CFR 121.3-18, and reproduced in 37 CFR 1.9(d),for purposes
`paying reduced fees under section 41(a) and (b) of Title 35, United States Code,
`in that
`£
`the number of employees of the concer, including those of its affiliates, does not exceed
`500 persons. For purposes of this statement,(1) the number of employees of the business
`“concern is the average over the previous fiscal year of the concern of the persons employed
`oi a full-time, part-time or temporary basis during each of the pay periods of the fiscal
`y8ar,and (2) concerns are affiliates of each other when either,directly or indirectly,one
`
`eencern controls or has the power to control the other,or a third party or parties controls
`has the power to control both.
`ereby declare that rights under contract or law have been conveyed to and remain with the
`stall business concern identified above with regard to the invention, entitled METHOD
`
`OF RESTRICTING SOFTWARE OPERATION WITHIN A LICENSED LIMITATION inventor(s)
`de cribad in
`
`
`
`
`
`the application filed herewith
`(x]
`» filed
`{
`] application serial no.
`» issued
`I
`] patent no.
`5
`the rights held by the above identified small business concern are not exclusive, each
`individual,concern or organization having rights to the invention is listed below* and no
`rights to the invention are held by any person, other than, the inventor, who could not
`qualify as a small business concern under 37 CFR 1.9(d) or by any concern which would not
`qualify as a small business concern under 37 CFR 1.9(d) or a nonprofit organization under 37
`CFR 1-:9(e). *NOYE: Separate verified statements are required from each named person,
`concern or organization having rights to the invention averring to their status as small
`entities.
`(37 CFR 1.27)
`.
`NAME, teADDRESS
`
`}
`INDIVIDUAL
`{
`J] SMALL BUSINESS CONCERN
`{
`] NONPROFIT ORGANIZATION
`
` {
`
`NAME
`
`ADDRESS TREETTces
`[
`] DNDIVIDUAL
`{
`J] SMALL BUSINESS GONCERN
`[
`] NONPROFLT ORGANIZATION
`I acknowledge the duty to file, in this application. or patent, notification of any change of
`status resulting in loss of entitlement to small entity status prior to paying, or at the
`time of paying,
`the earliest of the issue fee or any maintenance fee due after the date on
`whichstatus as a ‘small entity is no longer appropriate.
`(37 CFR 1.28(b))
`I hereby declare that all statements made herein of my own knowledge are true and that all
`statements made on information and belief are believed to be true; and further that these
`statements were made with the knowledge that willful false statements and the like so made
`are punishable by fine or imprisonment, or both, under section 1001 of Title 18 of the
`United States Code, and that such willful false statements may jeopardize the validity of
`the application, any patent issuing thereon, or any patent to which this verified statement
`is directed.
`:
`
`
`yok Ube Ve Aro NAME OF PERSON SIGNING X WAKi
`
`
`
`oN
`
`0002
`
`0002
`
`

`

`Method of Restricting Software Operation within A License Limitation
`
` 10
`
`15
`
`FIELD OF THE INVENTION
`
`This invention relates to a method and system of identifying and
`restricting an unauthorized software program’s operation.
`
`BACKGROUND OF THE INVENTION
`
`the identifying and
`Numerous methods have been devised for
`restricting of unauthorized software program’s operation. These methods have
`been primarily motivated by the grand proliferation of illegally copied
`software, which is engulfing the marketplace. This illegal copying represents
`billions of dollars in lost profits to commercial software developers.
`Software based products have been developed to validate authorized
`software usage by writing a license signature onto the computer’s volatile
`memory (e.g. hard disk). These products may be appropriate for restricting
`honest software users, but they are very vulnerable to attack at the hands of
`skilled system’s programmers (e.g. “hackers’”). These license signatures are
`also subject to the physical instabilities of their volatile memory media.
`Hardware base products have also been developed to validate
`authorized software usage by accessing a dongle that is coupled e.g. to the
`parallel port of the P.C. These units are expensive, inconvenient, and not
`
`particularly suitable for software that may be sold by downloading (e.g. over
`the internet).
`
`20
`
`0003
`
`0003
`
`

`

`
`
`
`There is accordingly a need in the art to provide for a system and
`method that substantially reduce or overcome the drawbacks of hitherto
`known solutions.
`
`SUMMARYOF THE INVENTION
`
`The present invention relates to a method ofrestricting software
`operation within a license limitation. This method strongly relies on the use of
`a key and of a record, which have been written into the non-volatile memory
`of a computer.
`
`For a better understanding of the underlying concept ofthe invention,
`there follows a specific non-limiting example. Thus, consider a conventional
`computer having a conventional BIOS module in which a key was embedded
`at
`the ROMsection thereof, during manufacture. The key constitutes,
`effectively, a unique identification code for the host computer. It is important
`to note that the key is stored in a non-volatile portion of the BIOS,
`i.e. it
`cannot be removedor modified.
`
`Further, according to the invention, each application program that is to
`be licensed to run on the specified computer,
`is associated with a license
`record; that consists of author name, program name and numberoflicensed
`users (for network). The license record may be held in either encrypted or
`explicit form.
`
`license establishment procedure,
`there commences an initial
`Now,
`where a verification structure is set in the BIOS so as to indicate that the
`
`specified program is licensed to run on the specified computer. This is
`implemented by encrypting the license record (or portion thereof) using said
`key (or portion thereof) exclusively or in conjunction with other identification
`
`information) as an encryption key. The resulting encrypted license record is
`stored in another (second) non-volatile section ofthe BIOS, e.g. E-PROM (or
`
`10
`
`20
`
`25
`
`0004
`
`0004
`
`

`

`is
`
`ra
`
`
`
`the ROM).It should be notedthat unlike the first non-volatile section, the data
`in the second non-volatile memory may optionally be erased or modified
`(using E’PROM manipulation commands), so as to enable to add, modify or
`remove licenses. The actual format of the license may include a string of
`terms that correspondto a licenseregistration entry (e.g. lookup table entry or
`entries) at a license registration bureau (which will be further described as part
`ofthe preferred embodiment ofthe present invention).
`Having placed the encrypted license record in the second non-volatile
`memory (e.g. the E’PROM),
`the process of verifying a license may be
`commenced. Thus, when a program is loaded into the memory of the
`computer, a so called license verifier application,that is a priori running in the
`computer, accesses the program under question, retrieves therefrom the
`license record, encrypts the record utilizing the specified unique key (as
`retrieved from the ROM section of the BIOS) and comparesthe so encrypted
`record to the encrypted records that reside in the E7PROM.In the case of
`
`match, the program is verified to run on the computer. If on the other hand the
`sought encrypted data record is not found in the E7PROM database, this
`means that
`the program under question is not properly licensed and
`appropriate application define action is invoked(e.g. informing to the user on
`the unlicensed status, halting the operation ofthe program under questionetc.)
`Those versed in the art will readily appreciate that any attempt to run a
`program at an unlicensed site will be immediately detected. Consider, for
`example, that a given application, say Lotus 123, is verified to run on a given
`computer having a first identification code (k1) stored in the ROM portion of
`the BIOSthereof. This obviously requires that the license record (LR) ofthe
`application after having been encrypted using k1 givingrise to (LR), is stored
`in the E’PROMofthefirst computer.
`Suppose now that a hacker attempts to run the specified application in
`a second computer having a second identification code (k2) stored in the
`
`10
`
`15
`
`20
`
`25
`
`0005
`
`0005
`
`

`

`
`
`
`ROMportion of the BIOS thereof. All or a portion the database contents
`(including of course (LR), ) that reside in the E7PROM portion in the first
`computer may be copied in a known per se means to the second computer. It
`is important to note that the hacker is unable to modify the key in the ROM of
`
`the second computer to K1, since, as recalled, the contents of the ROM is
`
`established during manufacture andis practically invariable.
`
`Now, when the application under question is executed in the second
`
`computer, the license verifier retrieves said LR from the application and, as
`
`explained above, encrypts it using the key as retrieved from the ROM ofthe
`
`10
`
`second computer, ie k2 giving rise to encrypted license record (LR)y.
`Obviously, the value (LR)o does not reside in the E7PROM database section
`
`of the second computer (since it was not legitimately licensed) and therefore
`
`the specified application is invalidated. It goes without saying that the data
`
`copied from the first
`
`(legitimate) computer
`
`is
`
`rendered useless,
`
`since
`
`15
`
`comparing (LR)o with the copied value (LR)g,
`
`results, of course,
`
`in
`
`mismatch.
`
`The example aboveis given for clarity of explanation only and is by no
`
`means binding.
`
`In its broadest aspect, the invention provides for a method ofrestricting
`
`20
`
`software operation within a license limitation including; for a computer
`
`having a first non-volatile memory area, a second non-volatile memory area,
`
`and a volatile memory area; the steps of: selecting a program residing in the
`
`volatile memory, setting up a verification structure in the non-volatile
`
`memories, verifying the program using the structure, and acting on the
`
`25
`
`program according to the verification.
`
`An important advantage in utilizing non-volatile memory such as that
`
`residing in the BIOS is that the required level of system programming
`
`expertise that is necessary to intercept or modify commands, interacting with
`
`the BIOS,is substantially higher than those needed for tampering with data
`
`0006
`
`0006
`
`

`

`residing in volatile memory such as hard disk. Furthermore, there is a much
`
`higher cost to the programmer, if his tampering is unsuccessful, i.e. if data
`residing in the BIOS (which is necessary for the computer’s operability) is
`inadvertently changed by the hacker. This is too high of a risk for the ordinary
`software hacker to pay. Note that various recognized meansfor hindering the
`professional-like hacker may also be utilized (e.g. anti-debuggers, etc.) in
`
`conjunction with the present invention.
`
`In the context ofthe present invention, a “computer”relates to a digital
`
`data processor. These processors are found in personal computers, or on one
`
`or more processing cards in multi-processor machines. Today, a processor
`
`normally includesa first non-volatile memory, a second non-volatile memory,
`
`and data linkage access to a volatile memory. There are also processors
`
`having only one non-volatile memory or having more than two non-volatile
`
`memories; all of which should be considered logically as relating to having a
`
`first and a second non-volatile memory areas. There are also computational
`
`environments where the volatile memory is distributed into numerous
`
`physical components, using a bus, LAN,etc.; all of which should logically be
`
`considered as being a volatile memory area.
`
`According to the preferred embodiment of the present invention, there
`
` 10
`
`15
`
`20
`
`is further provided a license authentication bureau which can participate in
`
`either or both of:
`
`(i) establishing the license record in the second non-volatile memory;
`
`and
`
`(ii) verifying if the key and license record in the non-volatile
`
`memory(s) is compatible with the license record information as extracted
`
`from the application under question.
`
`The bureau is a telecommunications accessible processor where
`
`functions such as formatting, encrypting, and verifying may be performed.
`
`Performing these or other
`
`functions at
`
`the bureau helps to limit
`
`the
`
`0007
`
`0007
`
`

`

`understanding of potential software hackers; since they can not observe how
`these functions are constructed. Additional security may also be achieved by
`forcing users of the bureau to register, collecting costs for connection to the
`
`bureau, logging transactionsat the bureau,etc.
`
`According to one example of using the bureau, setting up a verification
`
`structure further includes the steps of: establishing, between the computer and
`
`the bureau, a two-way data-communications linkage; transferring, from the
`
`computer to the bureau, a request-for-license including an identification of the
`
`computer and the license-record’s contents from the selected program;
`
`10
`
`forming an encrypted license-record at the bureau by encrypting parts of the
`
`request-for-license using part of the identification as the encryption key; and
`
`transferring, from the bureau to the computer, the encrypted license-record.
`
`According to another example of using the bureau, verifying the
`
`program further includes the steps of: establishing, between the computer and
`
`15
`
`the bureau, a two-way data-communications linkage; transferring, from the
`
`computer
`
`to the bureau, a request-for-license-verification including an
`
`identification of the computer, the encrypted license-record for the selected
`
`
` ‘n,
`
`
`
`
`
`
`
`
`
`
`
`
`
`program and_thefrom the second non-volatile memory,
`
`licensed-software-program’s license-record contents; enabling the comparing
`
`20
`
`at the bureau; and transferring, from the bureau to the computer, the result of
`
`the comparing.
`
`The actual key that serves for identifying the computer may be
`
`composed of the pseudo-unique key exclusively, or, if desired, in combination
`
`with information, e.g. information related to the registration of the user such
`
`as e.g. place, telephone number, user name, license number, etc. In the context
`
`of the present invention, a “pseudo-unique” key may relate to a bit string
`
`which uniquely identifies each first non-volatile memory. Alternately the
`
`“pseudo-unique” key may relate to a random bit string (or to an assigned bit
`
`string) of sufficient length such that: there is an acceptably low probability of
`
`0008
`
`0008
`
`

`

`a successful unauthorized transfer of licensed software between two
`
`computers, wherethe first volatile memories of these two computers have the
`
`same key.
`
`It should be noted that the license bureau might maintain a registry of
`
`keys and of licensed programs that have been registered at the bureau in
`
`association with these keys. This registry may be used to help facilitate the
`
`formalization of procedures for the transfer of ownership of licensed software
`
`from use on one computer to use on another computer.
`
`Constructing the key in the manner specified may hinder the hacker in
`
`10
`
`cracking the proposed encryption schemeofthe invention, in particular when
`
`the establishment ofthe license record or the verification thereof is performed
`
`in the bureau. Those versedin the art will readily appreciate that the invention
`
`is by no means boundbythe data, the algorithms, or the manner of operation
`
`ofthe bureau. It should be noted that the tasks of establishing and/or verifying
`
`a license record may be shared between the bureau and the computer, done
`
`exclusively at
`
`the computer, or done exclusively at
`
`the bureau. The
`
`pseudo-unique key length needs to be long enough to hinder encryption attack
`
`schemes. The establishing of the key may be done at any time from the
`
`non-volatile memory’s manufacture until an attempted use of an established
`
`20
`
`license-record in the non-volatile memory. The key is used for encryption or
`
`decryption operations associated with license-records.
`
`In principle,
`
`the
`
`manufacturer of the licensed-software-program may specify the license-record
`
`format and therefore different formats may, if desired, be used for respective
`
`applications.
`
`25
`
`According to the preferred embodiment of the present invention, the
`
`pseudo-unique key is a unique-identification bit string that is written onto the
`
`first non-volatile memory by the manufacturer ofthe is memory media.
`
`According to one, non-limiting, preferred embodiment of the present
`
`invention, the first non-volatile memory area is a ROM section of a BIOS; the
`
`0009
`
`
`
`
`
`
`
`
`0009
`
`

`

`
`
`second non-volatile memory area is a E7PROM section of a BIOS; andthe
`volatile memory is a RAM e.g. hard disk and/or internal memory of the
`computer.
`
`The present invention also relates to a non-volatile memory media
`used as a BIOS of a computer, for restricting software operation within a
`license limitation, wherein a pseudo-unique keyis established.
`According to the preferred embodiment of the non-volatile memory
`media of the present invention, the pseudo-unique key is established in a
`
`ROMsection of the BIOS.
`
`BRIEF DESCRIPTION OF THE DRAWINGS:
`
`In order to understand the invention and to see how it may be carried
`out in practice, a preferred embodiment will now be described, by way of
`non-limiting example only, with reference to the accompanying drawings, in
`which:
`
`Fig. 1 is a schematic diagram of a computer and a license bureau; and
`
`Fig. 2 is a generalized flow chart of the sequence of operations
`performed according to one embodimentofthe invention.
`
`20
`
`DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT
`
`A schematic diagram of a computer and a license bureau is shown in
`
`Figure 1. Thus, a computer processor (1) is associated with input operations
`(2) and with output operations (3). This computer (processor) internally
`contains a first non-volatile memory area (4) (e.g. the ROM section of the
`BIOS), a second non-volatile memory area (5) (e.g. the E7PROM section of
`the BIOS), and a volatile memory area (6) (e.g. the internal RAM memory of
`the computer).
`
`0010
`
`0010
`
`

`

`The computer processor is in temporary telecommunications linkage
`with a license bureau (7).
`
`The first non-volatile memory includes a pseudo-random identification
`key (8), which exclusively or in combination with other information (e.g. user
`name),
`is sufficient to uniquely differentiate this first non-volatile memory
`from all other first non-volatile memories. As specified before, said key
`constitutes unique identification ofthe computer.
`
`The second non-volatile memory includes a license-record-area (9) e.g.
`for the containing of at least one encrypted license-record (e.g. three records
`
`10-12). The volatile memory accommodates a license program (16) having
`
`license record fields (13-15) appended thereto. By way of example said fields
`
`stand for Application name(e.g. Lotus 123), Vendor name (Lotus inc.), and
`
`no oflicensed copies (1 for stand alone usage, >1 for numberof licensed users
`
`for a network application).
`
`Those versed in the art will readily appreciate that the license record is
`
`not necessarily bound to continuosfields. In fact, the various license content
`
`components of the data record may be embeddedin various locations in the
`
`application. Any component may,if desired, be encrypted.
`
`Each one of the encrypted license records (10-12) is obtained by
`
` 10
`
`15
`
`20
`
`encrypting the corresponding license record as extracted from program 16,
`
`utilizing for encryption the identification key (8).
`
`In
`
`a
`
`typical, yet not
`
`exclusive,
`
`sequence of operation,
`
`a
`
`transaction/request is sent, by the computer to the bureau. This transaction
`
`includes the key (8), the encrypted license-records (10-12), contents from the
`
`license program used in forming a license record (e.g. fields 13-15), and other
`
`items of information as desired.
`
`The bureau forms the proposed license-record from the contents,
`
`encrypts (utilizing predetermined encryption algorithm)
`
`the so formed
`
`license-record using the key (8), and compares the so formed encrypted
`
`0011
`
`0011
`
`

`

`
`
`
`-10-
`
`license-record with the license-records (10-12). The bureau generates an
`
`overlay according to the result of the comparison indication successful
`comparison, non-critical failure comparison andcritical failure comparison.
`The bureau returns the overlay which will direct the computer in
`subsequent operation. Thus, a success overlay will allow the license program
`to operate. A non-critical
`failure overlay will ask for additional user
`interactions. A critical failure overlay will cause permanent disruption to the
`computer’s BIOS operations. Thus, software operation of the program is
`methodologically according to a license limitation restriction.
`Those versed in the art will readily appreciate that the implementation
`as described with reference to Fig. 1 is by no means binding. Thus, by way of
`non-limiting example, the bureau, instead of being external entity may form
`
`part of the computer.
`Attention is now directed to Fig. 2, showing a generalized flow chart
`of the sequenceofoperations performed according to one embodiment of the
`
`invention.
`Thus, selecting (17) a program includes the step of: establishing a
`licensed-software-program in the volatile memory of the computer wherein
`the
`licensed-software-program includes
`contents
`used
`to
`form a
`license-record. These contents, be they centralize or decentralized, may
`include terms,
`identifications, specifications, or limitations related to the
`manufacturer of a software product, the distributor of a software product, the
`purchaser of a software product, a licensor, a licensee, items of computer
`hardware or components thereof, or to other terms and conditions related to
`
`the aforesaid.
`the verification structure includes the steps of:
`Setting up (18)
`establishing or certifying the existence of a pseudo-unique key in the first
`non-volatile memory area; and establishing at
`least one license-record
`location in the first or the second nonvolatile memory area.
`
`10
`
`20
`
`25
`
`0012
`
`0012
`
`

`

`-11-
`
`Establishing a license-record includes
`
`the steps of:
`
`forming a
`
`license-record by encrypting of the contents used to form a license-record
`
`with other predetermined data contents, using the key; and establishing the
`
`encrypted license-record in one of the at least one established license-record
`
`locations (e.g. 10-12 in Figure 1).
`
`Verifying (19) the program includes the steps of: encrypting the
`
`licensed-software-program’s
`
`license-record contents
`
`from the volatile
`
`memory area or decrypting the license-record in the first or the second
`
`non-volatile memory area, using the key; and comparing the encrypted
`
`10
`
`licensed-software-program’s
`
`license-record contents with the encrypted
`
`license-record in the first or the second non-volatile memory area, or
`
`comparing the licensed-software-program’s license-record contents with the
`decrypted license-recordin the first or the second non-volatile memory area.
`Acting (20) on the program includes the step of: restricting the
`program’s operation with predetermined limitatioris if the comparing yields
`non-unity or insufficiency. In this context “non-unity” relates to being unequal
`with respect to a specific equation (c.g. A=B+1); and “insufficiency”relates
`to being outside of a relational bound (e.g. A>B+1). “Restricting the
`program’s operation with predetermined limitations” may include actions
`such as erasing the software in volatile memory, warning the license
`applicant/user, placing a fine on the applicant/user through the billing service
`charges collected at the license bureau(if applicable), or scrambling sections
`of the BIOSofthe computer(or of functions interacting therewith).
`The present invention has been described with a certain degree of
`particularity but
`it should be understood that various modifications and
`alterations may be made without departing from the scope or spirit of the
`
`20
`
`25
`
`invention as defined by the following claims:
`
`
`
`
`0013
`
`0013
`
`

`

`-12-
`
`CLAIMS:
`
`limitation comprising; for a computer havingafirst non-volatile memory area,
`
`1. A method of restricting software operation within a license
`
`a second non-volatile memory area, and a volatile memory area; the stepsof:
`
`selecting a program residing in the volatile memory, setting up a verification
`
`structure in the non-volatile memories, verifying the program using the
`
`structure, and acting on the program accordingto the verification.
`
`2. A method according to claim 1, further comprising the step of:
`
`establishing a license authentication bureau.
`
`10
`
`3. A method according to claim 2, wherein setting up a verification
`
`structure further comprising the steps of: establishing, between the computer
`
`and the bureau, a two-way data-communications linkage; transferring, from
`
`15
`
`the computer to the bureau, a request-for-license including an identification of
`the computer and the license-record’s contents from the selected program;
`forming an encrypted license-record at the bureau by encrypting parts of the
`request-for-license using part of the identification as the encryption key; and
`transferring, from the bureau to the computer, the encrypted license-record.
`
`4. A method according to claim 2, wherein verifying the program
`
`
`
`
`20
`
`further comprising the steps of: establishing, between the computer and the
`bureau, a two-way data-communications linkage;
`transferring,
`from the
`computer
`to the bureau, a request-for-license-verification including an
`identification of the computer, the encrypted license-record for the selected
`
`program and__thefrom the second non-volatile memory,
`
`
`
`
`licensed-software-program’s license-record contents; enabling the comparing
`at the bureau; andtransferring, from the bureau to the computer, the result of
`
`25
`
`the comparing.
`5. A method according to claim 3 wherein the identification of the
`
`computer includes the pseudo-unique key.
`
`0014
`
`0014
`
`

`

`-13-
`
`6. A method according to claim 1 wherein selecting a program
`
`includes the step of: establishing a licensed-software-program in the volatile
`
`memory of the computer wherein said licensed-software-program includes
`
`contents used to form a license-record.
`
`7. A method according to claim 1 wherein setting up the verification
`
`structure includes the steps of: establishing or certifying the existence of a
`
`pseudo-unique key in the first non-volatile memory area; and establishing at
`
`least one license-record location in the first or the second nonvolatile memory
`
`area.
`
`8. A method according to claim 6 wherein establishing a license-record
`
`includes the steps of: forming a license-record by encrypting of the contents
`
`used to form a license-record with other predetermined data contents, using
`
`the key; and establishing the encrypted license-record in one of the at least
`
`one established license-record locations.
`
`15
`
`9. A method according to claim | wherein verifying the program
`
`includes
`
`the
`
`steps
`
`of:
`
`encrypting
`
`the
`
`licensed-software-program’s
`
`license-record contents from the volatile memory area or decrypting the
`
`license-record in the first or the second non-volatile memory area, using the
`
`key; and comparing the encrypted licensed-software-program’s license-record
`
`contents with the encrypted license-record in the first or
`
`the second
`
`non-volatile memory area, or comparing the licensed-software-program’s
`
`license-record contents with the decrypted license-record in the first or the
`
`second non-volatile memory area.
`
`10. A method according to claim 1 wherein acting on the program
`
`25
`
`includes the step of: restricting the program’s operation with predetermined
`
`limitations if the comparing yields non-unity or insufficiency.
`11. A method according to claim 1 wherein the first non-volatile
`
`memory area is a ROM section ofa BIOS.
`
`
`
`
`0015
`
`0015
`
`

`

`-14-
`
`12. A method according to claim 1 wherein the second non-volatile
`memory area is a E7PROMsection ofa BIOS.
`
`13. A method according to claim 1 wherein the volatile memory is a
`
`RAM.
`
`14. A non-volatile memory media used as a BIOS of a computer, for
`
`restricting software operation within a license limitation, wherein a
`
`pseudo-unique key is established.
`
`15. A non-volatile memory media according to claim 14 wherein the
`
`pseudo-unique key is established in a ROM section ofthe BIOS.
`
`
`
`0016
`
`0016
`
`

`

`-15-
`
`ABSTRACT
`
`A methodofrestricting software operation within a license limitation
`
`5
`
`that is applicable for a computer having a first non-volatile memory area, a
`second non-volatile memory area, and a volatile memory area. The method
`includes the steps of selecting a program residing in the volatile memory,
`setting up a verification structure in the non-volatile memories, verifying the
`program using the structure, and acting on the program according to the
`
`.
`
`verification.
`
`10
`
`0017
`
`0017
`
`

`

`DECLARATION FOR UNITED STATES PATENT APPLICATION,
`POWER OF ATTORNEY, DESIGNATION OF CORRESPONDENCE ADDRESS
`
`Attorney Docket
`
`s 2
`
`/95b
`
`[
`
`:
`
`I hereby declare that my residence, post office address and
`As a below named inventor,
`citizenship are as stated below next to my name, and that I believe I am the original, first
`and sole inventor (if only one name is listed below) or an original, first and joint inventor
`(if plural names are listed below) of the subject matter which is Claimed and for which a
`2
`patent is sought on the invention entitled:
`Method of Restricting Software Operation within a Licensed Limitation
`the specification of which
`'[ } is attached hereto.
`
`{
`] was filed on
`as Application No._
`--Unknown--
`-
`
`and was amended on
`{if applicable].
`] was filed under the Patent Cooperation Treaty on
`
`Serial No.
`,
`the United States of America being designated.
`I hereby state that I have reviewed and understand the contents of the above identified
`specification,
`including the claims, as amended by any amendment referred to above.
`® I acknowledge the duty to disclose to the Patent and Trademark Office all information
`known to me
`to be material
`to patentability as defined in Title 37, Code of Federal
`Regulations, §1.56 (a).
`“
`zt hereby claim foreign priority benefits under Title 35, United States Code, §119 of any
`foreign application(s)
`for patent, utility model, design or inventor's certificate listed
`..below and have also identified below any foreign application(s) for patent, utility model,
`design or inventor's certificate having a filing date before that of the application(s) on
`which prio