Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-02-13
2001-10-23
Grant, William (Department: 2121)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C717S152000
Reexamination Certificate
active
06308270
ABSTRACT:
BACKGROUND OF THE INVENTION
The invention relates generally to validating and certifying execution of a software program with a smart card.
The proliferation of computers, including the personal computer, has allowed a wide variety of tasks and functions to be performed more efficiently and quickly. In addition, computers have provided a new mode for providing entertainment, for example, in the gaming industry, where it is occasionally desirable to validate results obtained by a consumer. The continued reliance on computer systems depends, in part, on the ability of persons using such systems to be assured that software programs being executed by the computer are, in fact, producing reliable results. This requires, among other things, that persons who wish to rely on results generated by a computer executing particular software are assured that the software has not been altered in an unauthorized manner. Situations can arise in which a software program has been altered or modified in an unauthorized manner, yet the alteration or modification may not always be capable of being easily detection by the user of the program. Such unauthorized alterations can result, for example, in the program's producing erroneous results. It may also allow unauthorized persons to use the software or may cause damage to the local computing environment. Moreover, such modifications of the computer program may result in proprietary information being sent to unauthorized third parties.
SUMMARY OF THE INVENTION
In general, in one aspect, the invention features a method of validating execution of a software program. The method includes executing the software program on a computer, sending information from the computer to a smart card during execution of the software program, verifying in the smart card information received from the computer, and storing a signal in the smart card indicative of whether execution of the software program is certified as valid.
In another aspect, the method of validating execution of a software program includes executing the software program on a computer, verifying in a smart card information received from the computer during execution of the software program, and generating a signal in the smart card indicative of whether execution of the software program is certified as valid.
In yet a further aspect, the invention features a smart card for use in connection with execution of a software program by a computer. The smart card includes communication circuitry for receiving information from a location external to the smart card and for transmitting information from the smart card to the external location. The smart card further includes a memory which stores data and a smart card program. In addition, the smart card includes a microcontroller configured by the smart card program to verify information received from the computer during execution of the software program and to cause a signal to be stored in the memory. The signal is indicative of whether execution of the software program is certified as valid based on results of verifying the received information.
The invention also includes a software package including a computer readable medium, which stores a software program for execution by a computer, and a smart card, such as the smart card described above and discussed in greater detail below.
Various implementations of the invention include one or more of the following features. Different types of information can be sent to the smart card. The information can include, for example, an identifier indicative of a point in the software program at which the information was sent to the smart card, information indicative of the current state of the software program, or the current value of a variable used in the software program. The smart card can perform one or more verification tests in response to the information received from the computer. For example, the smart card can check whether the identifier is correct, whether the current value of the variable is accurate, or whether the current value of the variable falls within a prescribed range. The information sent by the computer can also identify memory addresses in the computer in which specified data is stored, and the smart card can verify whether the memory addresses are permissible memory locations for the specified data.
One or more control values can be sent from the smart card to the computer in response to verifying the information received from the computer. A control value can be used to determine when subsequent information will be sent from the computer to the smart card during execution of the software program. The smart card can determine whether the software program responds correctly to the one or more control values. The frequency with which the computer sends information to the smart card can depend upon the control values. The smart card can also verify that the order in which information is received from the computer is correct.
In various implementations, the smart card can determine whether the frequency with which routines in the software program are called is within acceptable ranges. Similarly, the smart card can determine whether a duration of time between successive calls to the smart card by the computer during execution of the software program is within acceptable ranges.
The smart card can store or generate a signal indicating that execution of the software program is certified as valid or indicating that the software program was not altered in an unauthorized manner prior to or during its execution. The signal can be stored or generated after completion of the software program. In certain implementations, such a signal is stored only if all of the verification tests are satisfied. The signal indicative of whether execution of the software program is certified as valid can be retrieved from the smart card. Additionally, the microcontroller can be configured to cause a signal indicative of whether execution of the software program is certified as valid to be generated in response to a query generated externally to the smart card.
The microcontroller in the smart card can be suitably configured to perform the various functions so as to provide, in response to the proper execution of the program by the computer, a signal which indicates that execution of the software program is certified as valid or which indicates that the software program was not altered in an unauthorized manner prior to or during execution of the software program.
In an additional aspect, the invention includes a method of tracking the amount of usage of a software program executed by a computer. The method includes executing the software program on a computer, sending information from the computer to a smart card during execution of the software program, and storing information in the smart card indicative of the number of times the software program has been executed. The smart card can also store information indicative of the frequency with which various software routines were called during execution of the software program.
In various implementations, the invention provides one or more of the following advantages. The invention makes it easier to detect whether any unauthorized modifications to or tampering of the software program being executed by the computer has occurred. The invention can also provide a technique for validating and certifying the accuracy of results obtained by the software program. Such detection can be performed in a relatively low cost and secure manner.
In some implementations, the smart card can be used to vary the extent of its probe of the computer program in response to information previously received from the computer during execution of the program. Thus, the smart card can tailor the probe and subsequent validation tests to provide a tamper resistant, yet efficient, technique for executing a computer program.
The invention can also provide a technique for tracking the amount of use of a particular computer program. This tracking or metering can be used, for example, to charge consum
Grant William
Hartman Jr. Ronald D
Jansson Pehr B.
Maseles Danita J. M.
Schlumberger Technologies Inc.
LandOfFree
Validating and certifying execution of a software program... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Validating and certifying execution of a software program..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Validating and certifying execution of a software program... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2565929