Electrical computers and digital processing systems: support – Data processing protection using cryptography – Tamper resistant
Reexamination Certificate
1999-05-19
2004-08-10
Sheikh, Ayaz (Department: 2135)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
Tamper resistant
C713S152000, C380S002000, C380S030000, C380S044000
Reexamination Certificate
active
06775778
ABSTRACT:
TECHNICAL FIELD OF THE INVENTION
The technical field of this invention is secure computing systems, especially computer systems that may execute after manufacture field provided programs secured to prevent the user from unauthorized use of selected computer services. The computer system may also be functionally reprogrammable in a secure manner.
BACKGROUND OF THE INVENTION
There are currently many methods to deliver video programming to a users television besides over the air broadcast. Numerous service providers are available to supply this programming to television viewers. Most of these service providers vend a hierarchy of services. Typically there is a basic service for a basic fee and additional services available for an additional fee. The basic services typically include the broadcast network programming, cable superstations, music and sports programming. These basic services are typically supported by advertizing. These basic programming services thus operate on the same economics as over the air broadcast television. The additional services typically include the so called “premium” programming such as sports and movies. These premium programming services are typically not advertizer supported. These are perceived by the television user as higher value services and television users are willing to pay their service providers additional fees for these services. The service provider passes much of this additional fee to the content providers as their compensation for supplying the programming. There may be one or several tiers of these premium services made available by the service providers. At the top of this programming hierarchy is pay per view programming. Pay per view programming typically includes music concerts and sporting events perceived as time sensitive and highly valuable by the television users. Pay per view may also include video on demand, where the television user requests a particular movie be supplied. This hierarchy of service exists for all current alternative methods of program delivery including television cable, over the air microwave broadcast and direct satellite television.
Reception of such alternative programming services has required an additional hardware appliance beyond the user provided television receiver since the beginning of cable television. Initially this additional hardware appliance merely translated the frequency of the signal from the transmission frequency to a standard frequency used in broadcast television. Such a standard frequency is receivable by the user provided television receiver. This additional hardware appliance is commonly know as a “set top box” in reference to its typical deployment on top of the television receiver. Current set top boxes handle the hierarchy of security previously described.
In the past these set top boxes have been fixed function machines. This means that the operational capabilities of the set top boxes were fixed upon manufacture and not subject to change once installed. A person intending to compromise the security of such a set top box would need substantial resources to reverse engineer the security protocol. Accordingly, these such fixed function set top boxes are considered secure. The future proposals for set top boxes places the security assumption in jeopardy. The set top box currently envisioned for the future would be a more capable machine. These set top boxes are expected to enable plural home entertainment options such as the prior known video programming options, viewing video programming stored on fixed media such as DVD disks, Internet browsing via a telephone or cable modem and playing video games downloaded via the modem or via a video data stream. Enabling the set top box to be programmed after installation greatly complicates security. It would be useful in the art to have a secure way to enable field reprogramming of set top boxes without compromising the hierarchy of video programming security.
SUMMARY OF THE INVENTION
This invention is a secure computing system. A program, preferably the secure computing system real time operating system, is encrypted with a private key. This program is preferably stored in a nonvolatile memory such as a flash EPROM. The data processor includes a boot ROM on the same integrated circuit. This boot ROM is inaccessible from outside the integrated circuit. The boot ROM includes the public key corresponding to the private key used to encrypt the program. On initialization the boot ROM decrypts at least a verification portion of the program. This enables verification or non-verification of the security of the program. The boot ROM may store additional public keys for verification of application programs following verification of the real time operating system. Alternatively, these additional public keys may be stored in the nonvolatile memory.
On verification of the security of the program, normal operation is enabled. There are several remedial actions that can take place on non-verification. The system could be disabled, or in the case of non-verification of an application following verification of the real time operating system only that application program could be disabled. The system could notify the system vendor of the security violation using the modem of the secure computing system.
This technique could be applied to after sale acquired application programs. On downloading the after acquired application program is decrypted using an additional public key. If verified normal use, then of the downloaded application program is permitted. The previously mentioned remedial actions are feasible on non-verification. Alternatively, the secure computing system could attempt to repeat the downloading. This would be useful in cases where the non-verification is due to corruption during the downloading.
REFERENCES:
patent: 4278837 (1981-07-01), Best
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5448045 (1995-09-01), Clark
patent: 5577735 (1996-11-01), Reed et al.
patent: 5610981 (1997-03-01), Mooney et al.
patent: 5633934 (1997-05-01), Hember
patent: 5643086 (1997-07-01), Alcorn et al.
patent: 5748940 (1998-05-01), Angelo et al.
patent: 5825878 (1998-10-01), Takahashi et al.
patent: 5896499 (1999-04-01), McKelvey
patent: 5982887 (1999-11-01), Hirotani
patent: 6138236 (2000-10-01), Mirov et al.
patent: 6209099 (2001-03-01), Saunders
patent: 6339828 (2002-01-01), Grawrock et al.
patent: 6401208 (2002-06-01), Davis et al.
patent: 6571335 (2003-05-01), O'Donnell et al.
patent: 2001/0011353 (2001-08-01), Little et al.
patent: 2002/0099946 (2002-07-01), Herbert et al.
patent: WO 98/15086 (1998-04-01), None
Arbaugh, W.A. et al, “A Secure and Reliable Bootstrap Architecture”, Dec. 2, 1996, University of Pennsylvania, entire document.*
IBM, “IBM PCI Cryptographic Coprocessor General Information Manual”, May 2002, IBM, 6thEdition, entire document, http://www.cs.dartmouth.edu/~jerryw/thesis/4758_Gen_Info.pdf.*
Waddington D.G., et al, “Interaction Points: Exploiting Operating System Mechanisms for Inter-component Communications”, Bell Labs Morpheus Research Project, 2001, entire document.
Ferguson Edward
Laczko, Sr. Frank L.
Baum Ronald
Brady III W. James
Marshall, Jr. Robert D.
Sheikh Ayaz
Telecky , Jr. Frederick J.
LandOfFree
Secure computing device having boot read only memory... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure computing device having boot read only memory..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure computing device having boot read only memory... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3316057