Case 6:21-cv-00735-ADA Document 32-4 Filed 01/27/22 Page 1 of 10
`
`Exhibit 1
`
`

`

`(12) United States Patent
`Mullor et al.
`
`USOO6411941B1
`(10) Patent No.:
`US 6,411,941 B1
`(45) Date of Patent:
`Jun. 25, 2002
`
`(54) METHOD OF RESTRICTING SOFTWARE
`OPERATION WITHIN A LCENSE
`LIMITATION
`
`O
`O
`(75) Inventors: Miki Mille, his Valiko, both of
`SO
`(73) Assignee: Beeble, Inc., Newport Beach, CA (US)
`c:
`-
`0
`(*) Notice:
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`
`6,000,030 A * 12/1999 Steinberg et al. ........... 713/200
`6,006,190 A 12/1999 Baena-Arnaiz et al.
`6,021,438 A 2/2000 Duvvoori et al.
`6,023,763 A 2/2000 Grumpstrup et al.
`6,052,600 A
`4/2000 Fette et al. ................. 455/509
`6,055,503 A 4/2000 Horstmann
`6,067,582 A
`5/2000 Smith et al. ................... 710/5
`6,073,256 A 6/2000 Sesima
`6,078,909 A 6/2000 Knutson
`6,128.741. A 10/2000 Goetz et al.
`6,173,446 B1
`1/2001 Khan et al.
`6,189,146 B1
`2/2001 Misra et al. .................. 717/11
`6,192.475 B1
`2/2001 Wallance
`6,198.875 B1 * 3/2001 Edenson et al. .............. 386/94
`6,226,747 B1
`5/2001 Larsson et al.
`6,233,567 B1
`5/2001 Cohen
`6.243,468 B1
`6/2001 Pearce et al.
`6,272.636 B1
`8/2001 Neville et al.
`6.298,138 B1 10/2001 Gotoh et al.
`FOREIGN PATENT DOCUMENTS
`408286906 A 11/1996
`............. GO6F/9/06
`
`JP
`
`(21) Appl. No.: 09/164,777
`(22) Filed:
`Oct. 1, 1998
`(30)
`Foreign Application Priority Data
`May 21, 1998
`(IL) ................................................ 124571
`(51) Int. Cl. ................................................ G06F 17/60
`(52) U.S. Cl. ............................. 705/59; 705/50; 705/51;
`OTHER PUBLICATIONS
`705/53; 705/57
`Dornbusch et al., DeStop management Software: no need to
`(58) Field of Search .............................. 705/51, 54,56,
`705/57, 58, 59, 1,50, 52, 53; (So adjust your set., Infoworld, v 17, n37, p.60.*
`* cited by examiner
`Primary Examiner Hyung-Sub Sough
`ASSistant Examiner-Calvin L. Hewitt
`(74) Attorney, Agent, or Firm Venable; Robert Kinberg;
`Jeffri A. Kaminski
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`4.866,769 A 9/1989 Karp
`4.903.296 A 2/1990 Chandra et al.
`4924,378 A 5/1990 Hershey et al.
`5,386,369 A 1/1995 Christiano
`5,390,297 A 2/1995 Barber et al.
`5,479,639 A * 12/1995 Ewertz et al. .............. 395/430
`5,490,216 A
`2/1996 Richadson, III ............... 380/4
`5,671,412 A 9/1997 Christiano
`5,684.951 A * 11/1997 Goodman et al. ..... 395/188.01
`5,754,763 A 5/1998 Bereiter
`5,758,068 A 5/1998 Brandt et al.
`5,758,069 A 5/1998 Olsen
`SC. A 8. E.
`5,892.900 A * 4/1999 Ginter et al. ............... 395/186
`5,905,860 A 5/1999 Olsen et al.
`
`ABSTRACT
`(57)
`0
`-
`A method of restricting Software operation within a license
`limitation that is applicable for a computer having a first
`non-volatile memory area, a Second non-volatile memory
`area, and a volatile memory area. The method includes the
`Steps of Selecting a program residing in the Volatile memory,
`Setting up a verification Structure in the non-volatile
`memories, Verifying the program using the Structure, and
`acting on the program according to the Verification.
`
`19 Claims, 2 Drawing Sheets
`
`Case 6:21-cv-00735-ADA Document 32-4 Filed 01/27/22 Page 2 of 10
`
`is: 'g
`IKEY (8)
`
`2nc "NALE (5)
`ICENCE RECORDS (o) an (12)
`
`WOLATILE MEMORY (6)
`CEMSE PROCRA
`
`
`
`14
`
`- 16
`13
`-15
`
`(2)
`
`3)
`
`LCENSE BUREAU
`
`(7)
`
`

`

`U.S. Patent
`
`Jun. 25, 2002
`
`Sheet 1 of 2
`
`US 6,411,941 B1
`
`1St NON-VOLATLE
`MEMORY
`(4)
`
`
`
`
`
`
`
`2nd NON-VOLATILE
`MEMORY
`9
`LICENCE RECORDS (10) (11) (12)
`
`(5)
`
`
`
`
`
`VOLATILE MEMORY (6)
`
`LCENSE PROGRAM
`
`-13
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Case 6:21-cv-00735-ADA Document 32-4 Filed 01/27/22 Page 3 of 10
`
`LICENSE BUREAU
`
`(7)
`
`
`
`FIG 1
`
`

`

`U.S. Patent
`
`Jun. 25, 2002
`
`Sheet 2 of 2
`
`US 6,411,941 B1
`
`SELECTING
`
`SETTING UP
`
`
`
`
`
`
`
`VERIFYING
`
`
`
`18
`
`19
`
`2O
`
`Case 6:21-cv-00735-ADA Document 32-4 Filed 01/27/22 Page 4 of 10
`
`FIG.2
`
`

`

`US 6,411,941 B1
`
`1
`METHOD OF RESTRICTING SOFTWARE
`OPERATION WITHIN A LCENSE
`LIMITATION
`
`FIELD OF THE INVENTION
`This invention relates to a method and system of identi
`fying and restricting an unauthorized Software program's
`operation.
`
`BACKGROUND OF THE INVENTION
`Numerous methods have been devised for the identifying
`and restricting of an unauthorized Software program's opera
`tion. These methods have been primarily motivated by the
`grand proliferation of illegally copied Software, which is
`engulfing the marketplace. This illegal copying represents
`billions of dollars in lost profits to commercial software
`developerS.
`Software based products have been developed to validate
`authorized Software usage by writing a license Signature
`onto the computer's volatile memory (e.g. hard disk). These
`products may be appropriate for restricting honest Software
`users, but they are very Vulnerable to attack at the hands of
`skilled System's programmers (e.g. “hackers”). These
`license Signatures are also Subject to the physical instabili
`ties of their volatile memory media.
`Hardware based products have also been developed to
`validate authorized Software usage by accessing a dongle
`that is coupled e.g. to the parallel port of the P.C. These units
`are expensive, inconvenient, and not particularly Suitable for
`Software that may be sold by downloading (e.g. Over the
`internet).
`There is accordingly a need in the art to provide for a
`System and method that Substantially reduce or overcome
`the drawbacks of hitherto known solutions.
`
`15
`
`25
`
`35
`
`2
`ROM). It should be noted that unlike the first non-volatile
`Section, the data in the Second non-volatile memory may
`optionally be erased or modified (using EPROM manipu
`lation commands), So as to enable to add, modify or remove
`licenses. The actual format of the license may include a
`String of terms that correspond to a license registration entry
`(e.g. lookup table entry or entries) at a license registration
`bureau (which will be further described as part of the
`preferred embodiment of the present invention).
`Having placed the encrypted license record in the Second
`non-volatile memory (e.g. the EPROM), the process of
`Verifying a license may be o commenced. Thus, when a
`program is loaded into the memory of the computer, a So
`called license verifier application, that is a priori running in
`the computer, accesses the program under question, retrieves
`therefrom the license record, encrypts the record utilizing
`the specified unique key (as retrieved from the ROM section
`of the BIOS) and compares the so encrypted record to the
`encrypted records that reside in the EPROM. In the case of
`match, the program is verified to run on the computer. If on
`the other hand the Sought encrypted data record is not found
`in the EPROM database, this means that the program under
`question is not properly licensed and appropriate application
`define action is invoked (e.g. informing to the user on the
`unlicensed Status, halting the operation of the program under
`question etc.)
`Those versed in the art will readily appreciate that any
`attempt to run a program at an unlicensed site will be
`immediately detected. Consider, for example, that a given
`application, Say Lotus 123, is verified to run on a given
`computer having a first identification code (k1) Stored in the
`ROM portion of the BIOS thereof. This obviously requires
`that the license record (LR) of the application after having
`been encrypted using k1 giving rise to (LR) is Stored in the
`EPROM of the first computer.
`Suppose now that a hacker attempts to run the Specified
`application in a Second computer having a Second identifi
`cation code (k2) stored in the ROM portion of the BIOS
`thereof. All or a portion the database contents (including of
`course (LR)) that reside in the EPROM portion in the first
`computer may be copied in a known per se means to the
`Second computer. It is important to note that the hacker is
`unable to modify the key in the ROM of the second
`computer to K1, since, as recalled, the contents of the ROM
`is established during manufacture and is practically invari
`able.
`Now, when the application under question is executed in
`the Second computer, the license verifier retrieves Said LR
`from the application and, as explained above, encrypts it
`using the key as retrieved from the ROM of the second
`computer, i.e. k2 giving rise to encrypted license record
`(LR). Obviously, the value (LR) does not reside in the
`EPROM database section of the second computer (since it
`was not legitimately licensed) and therefore the specified
`application is invalidated. It goes without Saying that the
`data copied from the first (legitimate) computer is rendered
`useless, Since comparing (LR) with the copied value
`(LR) results, of course, in mismatch.
`The example above is given for clarity of explanation
`only and is by no means binding.
`In its broadest aspect, the invention provides for a method
`of restricting Software operation within a license limitation
`including; for a computer having a first non-volatile memory
`area, a Second non-volatile memory area, and a volatile
`memory area; the Steps of Selecting a program residing in
`the Volatile memory, Setting up a verification Structure in the
`
`SUMMARY OF THE INVENTION
`The present invention relates to a method of restricting
`Software operation within a license limitation. This method
`40
`Strongly relies on the use of a key and of a record, which
`have been written into the non-volatile memory of a com
`puter.
`For a better understanding of the underlying concept of
`the invention, there follows a specific non-limiting example.
`Thus, consider a conventional computer having a conven
`tional BIOS module in which a key was embedded at the
`ROM section thereof, during manufacture. The key
`constitutes, effectively, a unique identification code for the
`host computer. It is important to note that the key is Stored
`in a non-volatile portion of the BIOS, i.e. it cannot be
`removed or modified.
`Further, according to the invention, each application pro
`gram that is to be licensed to run on the Specified computer,
`is associated with a license record; that consists of author
`name, program name and number of licensed users (for
`network). The license record may be held in either encrypted
`or explicit form.
`Now, there commences an initial license establishment
`procedure, where a verification structure is set in the BIOS
`So as to indicate that the Specified program is licensed to run
`on the Specified computer. This is implemented by encrypt
`ing the license record (or portion thereof) using said key (or
`portion thereof) exclusively or in conjunction with other
`identification information) as an encryption key. The result
`ing encrypted license record is stored in another (Second)
`non-volatile section of the BIOS, e.g. EPROM (or the
`
`45
`
`50
`
`55
`
`60
`
`65
`
`Case 6:21-cv-00735-ADA Document 32-4 Filed 01/27/22 Page 5 of 10
`
`

`

`3
`non-volatile memories, Verifying the program using the
`Structure, and acting on the program according to the Veri
`fication.
`An important advantage in utilizing non-volatile memory
`such as that residing in the BIOS is that the required level of
`System programming expertise that is necessary to intercept
`or modify commands, interacting with the BIOS, is substan
`tially higher than those needed for tampering with data
`residing in Volatile memory Such as hard disk. Furthermore,
`there is a much higher cost to the programmer, if his
`tampering is unsuccessful, i.e. if data residing in the BIOS
`(which is necessary for the computer's operability) is inad
`vertently changed by the hacker. This is too high of a risk for
`the ordinary Software hacker to pay. Note that various
`recognized means for hindering the professional-like hacker
`may also be utilized (e.g. anti-debuggers, etc.) in conjunc
`tion with the present invention.
`In the context of the present invention, a “computer
`relates to a digital data processor. These processors are
`found in personal computers, or on one or more processing
`cards in multi-processor machines. Today, a processor nor
`mally includes a first non-volatile memory, a Second non
`Volatile memory, and data linkage access to a volatile
`memory. There are also processors having only one non
`Volatile memory or having more than two non-volatile
`memories, all of which should be considered logically as
`relating to having a first and a Second non-volatile memory
`areas. There are also computational environments where the
`Volatile memory is distributed into numerous physical
`components, using a bus, LAN, etc.; all of which should
`logically be considered as being a volatile memory area.
`According to the preferred embodiment of the present
`invention, there is further provided a license authentication
`bureau which can participate in either or both of
`(i) establishing the license record in the Second non
`Volatile memory; and
`(ii) Verifying if the key and license record in the non
`volatile memory(s) is compatible with the license
`record information as extracted from the application
`under question.
`The bureau is a telecommunications accessible processor
`where functions Such as formatting, encrypting, and Verify
`ing may be performed. Performing these or other functions
`at the bureau helps to limit the understanding of potential
`Software hackers, Since they can not observe how these
`functions are constructed. Additional Security may also be
`achieved by forcing users of the bureau to register, collecting
`costs for connection to the bureau, logging transactions at
`the bureau, etc.
`According to one example of using the bureau, Setting up
`a verification Structure further includes the Steps of:
`establishing, between the computer and the bureau, a two
`way data-communications linkage; transferring, from the
`computer to the bureau, a request-for-license including an
`identification of the computer and the license-records con
`tents from the Selected program; forming an encrypted
`license-record at the bureau by encrypting parts of the
`request-for-license using part of the identification as the
`encryption key; and transferring, from the bureau to the
`computer, the encrypted license-record.
`According to another example of using the bureau, Veri
`fying the program further includes the Steps of establishing,
`between the computer and the bureau, a two-way data
`communications linkage; transferring, from the computer to
`the bureau, a request-for-license-verification including an
`identification of the computer, the encrypted license-record
`
`15
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`Case 6:21-cv-00735-ADA Document 32-4 Filed 01/27/22 Page 6 of 10
`
`US 6,411,941 B1
`
`4
`for the Selected program from the Second non-volatile
`memory, and the licensed-Software-program's license
`record contents, enabling the comparing at the bureau, and
`transferring, from the bureau to the computer, the result of
`the comparing.
`The actual key that Serves for identifying the computer
`may be composed of the pseudo-unique key exclusively, or,
`if desired, in combination with information, e.g. information
`related to the registration of the user Such as e.g. place,
`telephone number, user name, license number, etc. In the
`context of the present invention, a “pseudo-unique' key may
`relate to a bit String which uniquely identifies each first
`non-volatile memory. Alternately the "pseudo-unique' key
`may relate to a random bit string (or to an assigned bit string)
`of Sufficient length Such that: there is an acceptably low
`probability of a Successful unauthorized transfer of licensed
`Software between two computers, where the first volatile
`memories of these two computers have the same key.
`It should be noted that the license bureau might maintain
`a registry of keys and of licensed programs that have been
`registered at the bureau in association with these keys. This
`registry may be used to help facilitate the formalization of
`procedures for the transfer of ownership of licensed Software
`from use on one computer to use on another computer.
`Constructing the key in the manner Specified may hinder
`the hacker in cracking the proposed encryption Scheme of
`the invention, in particular when the establishment of the
`license record or the verification thereof is performed in the
`bureau. Those versed in the art will readily appreciate that
`the invention is by no means bound by the data, the
`algorithms, or the manner of operation of the bureau. It
`should be noted that the tasks of establishing and/or veri
`fying a license record may be shared between the bureau and
`the computer, done exclusively at the computer, or done
`exclusively at the bureau. The pseudo-unique key length
`needs to be long enough to hinder encryption attack
`Schemes. The establishing of the key may be done at any
`time from the non-volatile memory's manufacture until an
`attempted use of an established license-record in the non
`Volatile memory. The key is used for encryption or decryp
`tion operations associated with license-records. In principle,
`the manufacturer of the licensed-Software-program may
`specify the license-record format and therefore different
`formats may, if desired, be used for respective applications.
`According to the preferred embodiment of the present
`invention, the pseudo-unique key is a unique-identification
`bit string that is written onto the first non-volatile memory
`by the manufacturer of the is memory media.
`According to one, non-limiting, preferred embodiment of
`the present invention, the first non-volatile memory area is
`a ROM section of a BIOS; the second non-volatile memory
`area is a EPROM section of a BIOS; and the volatile
`memory is a RAM e.g. hard disk and/or internal memory of
`the computer.
`The present invention also relates to a non-volatile
`memory media used as a BIOS of a computer, for restricting
`Software operation within a license limitation, wherein a
`pseudo-unique key is established.
`According to the preferred embodiment of the non
`Volatile memory media of the present invention, the pseudo
`unique key is established in a ROM section of the BIOS.
`BRIEF DESCRIPTION OF THE DRAWINGS
`In order to understand the invention and to see how it may
`be carried out in practice, a preferred embodiment will now
`be described, by way of non-limiting example only, with
`reference to the accompanying drawings, in which:
`
`

`

`US 6,411,941 B1
`
`S
`FIG. 1 is a Schematic diagram of a computer and a license
`bureau, and
`FIG. 2 is a generalized flow chart of the Sequence of
`operations performed according to one embodiment of the
`invention.
`
`15
`
`DETAILED DESCRIPTION OF A PREFERRED
`EMBODIMENT
`A Schematic diagram of a computer and a license bureau
`is shown in FIG. 1. Thus, a computer processor (1) is
`associated with input operations (2) and with output opera
`tions (3). This computer (processor) internally contains a
`first non-volatile memory area (4) (e.g. the ROM section of
`the BIOS), a second non-volatile memory area (5) (e.g. the
`EPROM section of the BIOS), and a volatile memory area
`(6) (e.g. the internal RAM memory of the computer).
`The computer processor is in temporary telecommunica
`tions linkage with a license bureau (7).
`The first non-volatile memory includes a pseudo-random
`identification key (8), which exclusively or in combination
`with other information (e.g. user name), is Sufficient to
`uniquely differentiate this first non-volatile memory from all
`other first non-volatile memories. AS Specified before, Said
`key constitutes unique identification of the computer.
`The Second non-volatile memory includes a license
`record-area (9) e.g. which contains at least one encrypted
`license-record (e.g. three records 10-12). The volatile
`memory accommodates a license program (16) having
`license record fields (13-15) appended thereto. By way of
`example said fields Stand for Application names (e.g. Lotus
`123), Vendor name (Lotus inc.), and number of licensed
`copies (1 for stand alone usage, >1 for number of licensed
`users for a network application).
`Those versed in the art will readily appreciate that the
`license record is not necessarily bound to continuous fields.
`In fact, the various license content components of the data
`record may be embedded in various locations in the appli
`cation. Any component may, if desired, be encrypted.
`Each one of the encrypted license records (10-12) is
`obtained by encrypting the corresponding license record as
`extracted from program 16, utilizing for encryption the
`identification key (8).
`In a typical, yet not exclusive, Sequence of operation, a
`transaction/request is sent, by the computer to the bureau.
`This transaction includes the key (8), the encrypted license
`records (10–12), contents from the license program used in
`forming a license record (e.g. fields 13–15), and other items
`of information as desired.
`The bureau forms the proposed license-record from the
`contents, encrypts (utilizing predetermined encryption
`algorithm) the So formed license-record using the key (8),
`and compares the So formed encrypted license-record with
`the license-record (10-12). The bureau generates an overlay
`according to the result of the comparison indicating Suc
`cessful comparison, non-critical failure comparison and the
`critical failure comparison.
`The bureau returns the overlay which will direct the
`computer in Subsequent operation. Thus, a Success overlay
`will allow the license program to operate. A non-critical
`60
`failure overlay will ask for additional user interactions. A
`critical failure overlay will cause permanent disruption to
`the computer's BIOS operations. Thus, Software operation
`of the program is methodologically according to a license
`limitation restriction.
`Those versed in the art will readily appreciate that the
`implementation as described with reference to FIG. 1 is by
`
`65
`
`6
`no means binding. Thus, by way of non-limiting example,
`the bureau, instead of being external entity may form part of
`the computer.
`Attention is now directed to FIG. 2, showing a general
`ized flow chart of the Sequence of operations performed
`according to one embodiment of the invention.
`Thus, Selecting (17) a program includes the Step of:
`establishing a licensed-Software-program in the volatile
`memory of the computer wherein the licensed-Software
`program includes contents used to form a license-record.
`These contents, be they centralize or decentralized, may
`include terms, identifications, Specifications, or limitations
`related to the manufacturer of a Software product, the
`distributor of a Software product, the purchaser of a Software
`product, a licensor, a licensee, items of computer hardware
`or components thereof, or to other terms and conditions
`related to the aforesaid.
`Setting up (18) the verification structure includes the steps
`of establishing or certifying the existence of a pseudo
`unique key in the first non-volatile memory area; and
`establishing at least one license-record location in the first or
`the Second nonvolatile memory area.
`Establishing a license-record includes the Steps of: form
`ing a license-record by encrypting of the contents used to
`form a license-record with other predetermined data
`contents, using the key; and establishing the encrypted
`license-record in one of the at least one established license
`record locations (e.g. 10-12 in FIG. 1).
`Verifying (19) the program includes the Steps of encrypt
`ing the licensed-Software-program's license-record contents
`from the Volatile memory area or decrypting the license
`record in the first or the Second non-volatile memory area,
`using the key; and comparing the encrypted licensed
`Software-program's license-record contents with the
`encrypted license-record in the first or the Second non
`Volatile memory area, or comparing the licensed-Software
`program's license-record contents with the decrypted
`license-record in the first or the Second non-volatile memory
`aca.
`
`Acting (20) on the program includes the step of restrict
`ing the program's operation with predetermined limitations
`if the comparing yields non-unity or insufficiency. In this
`context “non-unity' relates to being unequal with respect to
`a specific equation (e.g. A=B+1); and “insufficiency” relates
`to being outside of a relational bound (e.g. A>B+1).
`“Restricting the program's operation with predetermined
`limitations' may include actions Such as erasing the Soft
`ware in Volatile memory, warning the license applicant/user,
`placing a fine on the applicant/user through the billing
`Service charges collected at the license bureau (if
`applicable), or scrambling sections of the BIOS of the
`computer (or of functions interacting therewith).
`The present invention has been described with a certain
`degree of particularity but it should be understood that
`various modifications and alterations may be made without
`departing from the Scope or Spirit of the invention as defined
`by the following claims.
`What is claimed is:
`1. A method of restricting Software operation within a
`license for use with a computer including an erasable,
`non-volatile memory area of a BIOS of the computer, and a
`Volatile memory area; the method comprising the Steps of
`Selecting a program residing in the Volatile memory,
`using an agent to Set up a verification Structure in the
`erasable, non-volatile memory of the BIOS, the veri
`fication Structure accommodating data that includes at
`least one license record,
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`Case 6:21-cv-00735-ADA Document 32-4 Filed 01/27/22 Page 7 of 10
`
`

`

`7
`Verifying the program using at least the Verification Struc
`ture from the erasable non-volatile memory of the
`BIOS, and
`acting on the program according to the verification.
`2. A method according to claim 1, further comprising the
`Steps of:
`establishing a license authentication bureau.
`3. A method according to claim 2, wherein Setting up a
`Verification Structure further comprising the Steps of:
`establishing, between the computer and the bureau, a two
`way data-communications linkage; transferring, from the
`computer to the bureau, a request-for-license including an
`identification of the computer and the license-records con
`tents from the Selected program; forming an encrypted
`license-record at the bureau by encrypting parts of the
`request-for-license using part of the identification as an
`encryption key; transferring, from the bureau to the
`computer, the encrypted license-record; and Storing the
`encrypted license record in the erasable non-volatile
`memory area of the BIOS.
`4. A method according to claim 2, wherein Verifying the
`program further comprises the Steps of establishing,
`between the computer and the bureau, a two-way data
`communications linkage; transferring, from the computer to
`the bureau, a request-for-license Verification including an
`identification of the computer, an encrypted license-record
`for the Selected program from the erasable, non-volatile
`memory area of the BIOS, and the program's license-record;
`enabling the comparing at the bureau, and transferring, from
`the bureau to the computer, the result of the comparing.
`5. A method according to claim 3 wherein the identifica
`tion of the computer includes the unique key.
`6. A method according to claim 1 wherein selecting a
`program includes the Steps of establishing a licensed
`Software-program in the volatile memory of the computer
`wherein Said licensed-Software-program includes contents
`used to form the license-record.
`7. A method according to claim 6 wherein using an agent
`to Set up the verification Structure includes the Steps of:
`establishing or certifying the existence of a pseudo-unique
`key in a first non-volatile memory area of the computer; and
`establishing at least one license-record location in the first
`nonvolatile memory area or in the erasable, non-volatile
`memory area of the BIOS.
`8. A method according to claim 6 wherein establishing a
`license-record includes the Steps of: forming a license
`record by encrypting of the contents used to form a license
`record with other predetermined data contents, using the
`key; and establishing the encrypted license-record in one of
`the at least one established license-record locations.
`9. A method according to claim 7 wherein verifying the
`program includes the Steps of encrypting the licensed
`Software-program's license-record contents from the Vola
`tile memory area or decrypting the license-record in the
`erasable, non-volatile memory area of the BIOS, using the
`pseudo-unique key; and comparing the encrypted licenses
`Software-program's license-record contents with the
`encrypted license-record in the erasable, non-volatile
`memory area of the BIOS, or comparing the license
`Software-program's license-record contents with the
`decrypted license-record in erasable non-volatile memory
`area of the BIOS.
`10. A method according to claim 9 wherein acting on the
`program includes the Step: restricting the program's opera
`tion with predetermined limitations if the comparing yields
`non-unity or insufficiency.
`
`15
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`Case 6:21-cv-00735-ADA Document 32-4 Filed 01/27/22 Page 8 of 10
`
`US 6,411,941 B1
`
`8
`11. A method according to claim 1 wherein the volatile
`memory is a RAM.
`12. The method of claim 1, wherein a pseudo-unique key
`is stored in the non-volatile memory of the BIOS.
`13. The method of claim 1, wherein a unique key is stored
`in a first non-volatile memory area of the computer.
`14. The method according claim 13, wherein the step of
`using the agent to Set up the verification record, including
`the license record, includes encrypting a license record data
`in the program using at least the unique key.
`15. The method according to claim 14, wherein the
`Verification comprises:
`extracting the license record from the Software program;
`encrypting the license record using the unique key Stored
`in the first non-volatile memory area of the computer to
`form Second encrypted license information; and
`comparing the encrypted license information Stored in the
`erasable, non-volatile memory area of the BIOS of the
`computer with the Second encrypted license informa
`tion.
`16. The method according to claim 13, wherein the step
`of Verifying the program includes a decrypting the license
`record data accommodated in the erasable Second non
`volatile memory area of the BIOS using at least the unique
`key.
`17. The method according to claim 13, wherein the step
`of Verifying the program includes encrypting the license
`record that is accommodated in the program using at least
`the unique key.
`18. A method for accessing an application Software pro
`gram using a pseudo-unique key Stored in a first non
`erasable non-volatile memory area of a computer, the first
`non-volatile memory area being unable to be programmati
`cally changed, the method, comprising:
`loading the application Software program residing in a
`non-volatile memory area of the computer;
`using an agent to perform the following Steps:
`extracting license information from Software program;
`encrypting license information using the pseudo
`unique key Stored in the first non-volatile memory
`area,
`Storing the encrypting license information in a Second
`erasable, Writable, non-volatile memory area of the
`BIOS of the computer;
`Subsequently verifying the application Software pro
`gram based on the encrypted license information
`Stored in the Second erasable, Writable, non-volatile
`memory area of the BIOS; and
`acting on the application Software program based on
`the verification.
`19. The method of claim 18, wherein the verification
`comprises:
`extracting the license information from the Software pro
`gram,
`encrypting the license information using the pseudo
`unique key Stored in the first non-volatile memory area
`of the computer to form Second encrypted license
`information; and
`comparing the encrypted license information Stored in the
`Second erasable, Writable, non-volatile memory area of
`the BIOS of the computer with the second encrypted
`license information.
`
`

`

`USOO641 1941 C1
`(12) EX PARTE REEXAMINATION CERTIFICATE (7545th)
`United States Patent
`US 6,411,941 C1
`(10) Number:
`Jun. 1, 2010
`(45) Certificate Issued:
`Mullor et al.
`
`(54) METHOD OF RESTRICTING SOFTWARE
`OPERATION WITHINALICENSE
`LIMITATION
`
`(75) Inventors: Miki Mullor, Ramat Hasharon (IL);
`Julian Valiko, Ramat Hasharon (IL)