Computer system security method and apparatus having program authorization information data structures
INFORMATION PROTECTION AND AUTHENTICATION OF TEXAS, LLCThe holder of the '717 patent has sued Microsoft, Symantec, CA, F-Secure, McAfee, Kaspersky, Sophos, Novell, and PC Tools for infringing this patent.
Last updated: about 1 year ago
Summary / Description
| Summary / Description | This invention is directed to a cryptographic method for discouraging the copying and sharing of purchased software programs by allowing an encrypted program to be run on only a designated computer or, alternatively, to be run on any computer but only by the user possessing a designated smart card. |
Basic Information
| Type of Prior Art | Issued Patents - US |
| Country | United States of America |
| Patent/Application # | 4757534 |
| Kind Code | United States (US) - United STATES Patent - A |
| Patentee Name | International Business Machines Corp. |
| Relevant Pages, Columns, or Lines | col. 9, ln 54 - col. 10, ln 7 |
| URL | http://patft.uspto.gov/netacgi/... |
| Publication Date | February 3, 1987 |
| Additional Information | The publication date given is actually the filing date. |
Notes / To Do
| Notes | |
Excerpt
FIG. 11 shows the cryptographic facility 101 in the personal computer 10. The cryptographic facility is a secure implementation containing the Data Encryption Standard (DES) algorithm and storage for a small number of secret keys. It can be accessed logically only through inviolate interfaces secure against intrusion, circumvention and deception which allows processing requests via a control line, key and data parameters to be presented, and transformed output to be received. The cryptographic facility comprises a ROM, such as an EAPROM (Electronically Alterable and Programmable Read Only Memory), 113 that contains the computer key. Additional ROM 114 contains programs for key management sequence generators and disk loader. Additional Random Access Memory (RAM) 115 contains a parameter output buffer, a parameter input buffer, intermediate storage for parameters, data and keys, and additional storage for the decrypted programs. The RAM 115 is the protected memory of the cryptographic facility 101, and decrypted programs stored here can only be executed, not accessed for non-execution purposes.
Relevance
Claims
Claim 120
In a digital computer system having digital data processing means for executing a plurality of digital computer programs for a computer user and memory means for storing digital program instructions and digital data, a method for providing improved computer security comprising the steps of:
a) storing digital authorization information in said memory means which restricts an associated program from accessing resources when executed by said digital data processing means which are accessible to said computer user; and
b) storing in at least one segment, digital data for associating said authorization information with at least one program to be executed by said processing means for said computer user.
Relevance
a) storing digital authorization information in said memory means which restricts an associated program from accessing resources when executed by said digital data processing means which are accessible to said computer user
a) storing digital authorization information in said memory means which restricts an associated program from accessing resources when executed by said digital data processing means which are accessible to said computer user
Claim Chart
All
Claim 61
In a digital computer system for providing improved computer security having digital data processing means for executing a plurality of digital computer programs for a computer user and memory means for storing digital program instructions and digital data, apparatus for protecting a digital computer user from operations typically performable by a digital computer program executing on behalf of a user comprising:
a) means for storing digital authorization information in said memory means which restricts an associated program from performing operations, when executed by said processing means, which are available to said computer user; and
b) means for storing in at least one segment digital data for associating said authorization information with at least one program to be executed by said processing means.
Relevance
a) means for storing digital authorization information in said memory means which restricts an associated program from performing operations, when executed by said processing means, which are available to said computer user
a) means for storing digital authorization information in said memory means which restricts an associated program from performing operations, when executed by said processing means, which are available to said computer user
Claim Chart
All
Claim 1
In a digital computer system having a digital data processing means for executing a plurality of digital programs and a memory means for storing digital program instructions and digital data, apparatus for protecting a digital computer user from operations typically performable by a digital computer program executing on behalf of a user comprising:
a) means for storing a plurality of digital authorization entries in said memory means, wherein said entries qualify operations which an associated program is permitted to perform when executed by said processing means; and
b) means for storing in at least one segment, digital data for associating said authorization entries with at least one program.
Relevance
a) means for storing a plurality of digital authorization entries in said memory means, wherein said entries qualify operations which an associated program is permitted to perform when executed by said processing means
a) means for storing a plurality of digital authorization entries in said memory means, wherein said entries qualify operations which an associated program is permitted to perform when executed by said processing means
Claim Chart
All
