Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-04-06
2004-08-10
Sheikh, Ayaz (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S175000, C713S176000, C713S193000, C705S051000, C711S154000
Reexamination Certificate
active
06775779
ABSTRACT:
TECHNICAL FIELD
The present invention relates to electronic data processing, and more particularly concerns software and hardware for preventing the unauthorized manipulation of proprietary content in a computer.
BACKGROUND
Multimedia and other proprietary content is increasingly being made available in forms that can be received, processed, and presented in computers, or in sophisticated devices that share many of the characteristics of computers. Public networks such as the Internet can provide online selection and delivery of content in high-quality digital form. Even off-line media such as optical discs may have only specific rights granted, to a customer, such as playback for a limited time period. For customers, online delivery and sophisticated licensing increase timeliness and convenience. Publishers can realize lower delivery costs, reduced physical inventory, and other benefits. Unfortunately, these advantages are often outweighed by the ease of unauthorized access, copying, and other manipulation by the customer or by others.
Unauthorized copying of online and other digital content is becoming a significant problem. In the past, most premium content available on the World Wide web was of sufficiently low value that wholesale piracy was not attractive, and casual copying was not overly damaging to the content owner. Also, some digital media players already incorporate hardware protection against unauthorized access or manipulation. However, present and potential distributors increasingly desire to make available high-value content, and are increasingly fearful of both organized and casual theft of their rights.
New modes of distributing digital content frequently involve the transmission of a digital bit stream independently of a physically protectible medium, and manipulation by remote software and hardware over which the distributor has no control. These characteristics render the content especially susceptible to diversion by third parties, and to use by legitimate recipients of the content outside the scope of the license granted them by the distributors. Digital rights management is fast becoming an important concern as online commerce continues its rapid growth. Content distributors and the electronics industry must quickly develop technologies and protocols for ensuring that licensed digital content is guaranteed to be handled in accordance with the rights granted by its distributors. If adequate protection is not forthcoming, those who distribute premium content may be put out of business by widespread theft or, more likely, will refuse to deliver content in the otherwise desirable new ways that technology makes available. Digital data that is furnished to a user with restrictions upon its use will be referred to as licensed or premium content.
Traditional security systems do not adequately address this difficulty. Existing techniques for encrypting and storing data, and for authorizing and revoking user privileges have little effectiveness against legitimate users of the hardware and software that ultimately employ the data—and it is precisely those legitimate users who have both an interest and an ability to misuse the data. Traditional smart cards merely provide authentication and encryption. Cryptographic coprocessors provide higher-performance services and are programmable; but operating systems and other untrusted programs can employ their functions for unauthorized purposes.
Three broad categories of solution are available for this problem. One solution is to forego general-purpose computers altogether in favor of special-purpose tamper-resistant hardware for delivery, storage, and display of valuable digital content. This is the approach adopted by the cable industry, and appears to be the model for digital video disk (DVD) players. The second solution employs proprietary data formats and software, or software containers. The third solution modifies a general-purpose computer to support a model for client-side content security and digital rights management.
One approach within the third category of solutions introduces the concept of a secure operating system. Minimal hardware support can allow a personal computer or similar general-purpose machine to authenticate to remote distributors that the computer is running a copy of an operating system that is trusted to provide adequate protection for digital content, and that even a legitimate user in physical possession of the computer cannot vitiate this protection. Copending commonly assigned provisional patent application Ser. No. 60/105,891, filed on Oct. 26, 1998, entitled “System and Method for Authenticating an Operating System to a Central Processing Unit, Providing the CPU/OS With Secure Storage, and Authenticating the CPU/OS to a Third Party”, application Ser. No. 09/227,611, filed on Jan. 8, 1999, now U.S. Pat. No. 6,327,652, entitled “Loading and Identifying a Digital Rights Management Operating System”, application Ser. No. 09/227,568, filed Jan. 8, 1999, entitled “Key-Based Secure Storage”, and application Ser. No. 09/227,559, filed Jan. 8, 1999, entitled “Digital Rights Management Using One Or More Access Prediates, Rights Manager Certificates, And Licenses” describe aspects of this concept. Authenticating the proper booting and integrity of such a trusted operating system allows it to maintain'secret keys and other data, and to prove to remote parties that it is running properly.
This solution works well. However, it requires constructing the entire operating system, as well as device drivers and other components, with the mechanisms for trusted operation. In the environment of relatively small systems, these problems need not be significant. Larger operating systems, such as the Windows2000® operating system available from Microsoft Corporation, have millions of lines of code, and thousands of individual modules, few of which have anything to do with digital rights management. Furthermore, such large operating systems are desirably open to extension and modification by third-party sellers of programs such as drivers, plug-ins, and utilities. It is difficult to ensure that all outside programmers comply with the rules required to preserve rights management, and a certification program could become onerous. Trusting entire operating systems also requires that bugs in any part of the system be remedied very quickly and thoroughly, because rights management involves the entire system.
The success of digital rights management in developing new methods of content delivery therefore still needs an architecture for protecting rights in digital content, in the environment of general-purpose, user-controlled equipment having large, multi-purpose operating systems.
SUMMARY OF THE INVENTION
A “secure pages” architecture is capable of running designated processes, libraries, or other software components at a higher level of protection, without requiring that the remainder of an operating system or similar environment be trusted. For example, rights-management operating-system modules, communications drivers, and video decoding applications programs can run in protected memory that is not accessible by other OS modules and device drivers, and by other applications outside the OS, even if those outside components actively attempt to steal content data or data such as keys for decrypting the content. The trusted modules exchange data among themselves, and are able to prove to remote parties that they are running in a protected mode. Each trusted module optionally restricts access from some or all of the other trusted modules, to create a hierarchy of trust.
Secure pages handle premium content with a system of code modules in a hierarchy of trust, where a module names other modules that it is willing to trust, and those modules in turn name other modules that they are willing to trust.
According to other aspects of the invention, trusted code modules execute in a secure memory with page permissions assigned by a secure loader and a security manger, enforced by a memory manager. Code entry points are
England Paul
Lampson Butler W.
Lee & Hayes PLLC
Microsoft Corporation
Revak Christopher
Sheikh Ayaz
LandOfFree
Hierarchical trusted code for content protection in computers does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Hierarchical trusted code for content protection in computers, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Hierarchical trusted code for content protection in computers will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3346070