WO1985003584A1 - Security and usage monitoring - Google Patents

Security and usage monitoring Download PDF

Info

Publication number
WO1985003584A1
WO1985003584A1 PCT/AU1985/000016 AU8500016W WO8503584A1 WO 1985003584 A1 WO1985003584 A1 WO 1985003584A1 AU 8500016 W AU8500016 W AU 8500016W WO 8503584 A1 WO8503584 A1 WO 8503584A1
Authority
WO
WIPO (PCT)
Prior art keywords
instructions
information
security
usage
sur
Prior art date
Application number
PCT/AU1985/000016
Other languages
French (fr)
Inventor
Paul Guignard
Original Assignee
Paul Guignard
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Paul Guignard filed Critical Paul Guignard
Publication of WO1985003584A1 publication Critical patent/WO1985003584A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering

Definitions

  • This invention relates to security and usage monitoring and relates generally to the prevention of unauthorised use of computer programmes or data or * materials to be used and broadly includes a method for preventing the copying and subsequent re-use of a computer programme without accounting for that use, to various forms of hardware for use with existing computers to enable this to be performed, and also to a total system whereby computer programmes or data or materials to be used can be held at a main store and where a computer can request a programme or data or materials to be used from that store and permit such programme or data or materials to be used only when its use is accounted for.
  • the invention is not limited solely to use in relation to computers as it may be extended to control usage of materials in a device. Notwithstanding this- the description will be generally addressed to the computer field.
  • This invention does not contemplate the prevention of direct copying of the software. Instead every time a programme is used in a computer it is proposed that the user eventually pay for use of that programme.
  • the computer is, in turn, attached to a security and usage register means (SUR.) which will inhibit the computer from using the software unless that SUR has a matching key code therein for that particular software programme. Thus a match must be made of the stored key code with the programme key code.
  • SUR security and usage register means
  • This allows the programme to operate in the computer and increments a usage register in SUR. Each time the programme is required to operate with the computer this SUR is first accessed by the computer to see if that SUR contains the key code for that programme.
  • Each programme is such that if it is pirated from a computer with a SUR which controls the operation of the computer with the programme and then placed in a computer which does not have such a SUR, then it will not be able to run with that computer because the initial sub-routine in the programme will first require matching of key codes in a SUR to enable the main programme or user programme to run. In other words the initial programme will require decoding keys to be obtained before it can operate with the computer.
  • a method of controlling the use,of a device which when operating, passes therethrough,, instructions, information or material to be used having at least one key code associated therewith, said method comprising:-
  • step (b) comparing the key code in step (a) for a match with a key code held in a holding means.
  • step (c) if a match of respective key codes is not made at step (b) inhibiting passing of said instructions, information or material to be used through said device, and (d) if a match of respective key codes is made at step (b) allowing said instructions, information or material to be used to pass through said device, and (e) following a match being made of respective key codes at step (b) incrementing a usage register, and optionally
  • each programme is identified by its own code (which is different to the key code) and a register stores information as to the number of times that particular programme is used, thus permitting different charges to be made for different programme usages .
  • the accounting for use is by incrementing a usage register.
  • the method proposes that a computer obtain programmes from a store which may be remote from the computer, such as at a central store which could be at a software house.
  • the programme is requested from the central store, key codes for that programme are sent to the computer, via the SUR.
  • This SUR transmits codes to the computer to enable the software to be used with the computer after the usage register has been incremented.
  • Both key codes and programme codes i.e. numbers are desirably stored in a memory in the SUR.
  • the method proposes that in order for the programme to operate with the computer it must have a match of the necessary key codes for that programme.
  • the SUR of the computer attempting to use the pirated programme may not have the required programme keys. If it does not have the key codes, these must be obtained from another source such as from a central store before the programme can be used. Once the key codes are obtained, the SUR will allow the computer to operate with the programme and it will increment the usage register and eventually a usage charge can be made. All programmes contain at least one sub-routine, which requires key codes to be obtained before the main programme can be used.
  • Such sub-routines may be only at the start of a particular programme or alternatively there may be many such sub-routines during a programme requiring the key codes to be obtained before the next stage of the programme can be commenced. Alternatively some processing may be initiated in SUR prior to the balance of the programme being freed for use.
  • the register need not be incremented every time a key code is obtained during one programme.
  • the initial key code obtained may be the only step which increments the register for that programme use.
  • a system is proposed by using a multitude of key code obtaining steps which will inhibit the attempted cracking of the programme by pirates. Further each key code required during the entire programme may be different to that during a preceding sub-routine. This will make the task of a person attempting to crack the key codes so as to use a pirated copy of the programme without incrementing the usage register even more difficult.
  • programmes be initially stored at a central store, such as a software house, and then transferred to a computer via cable or telephone line or the like line when first required.
  • the programme may then be subsequently stored at the computer.
  • the key code for that programme is intended to be ultimately stored at the computer site.
  • the storing of the programme may be on disc or in microcircuits within the computer.
  • the storing of the key code is preferably in a memory in hardware in the SUR which may be integral with the computer.
  • the invention also proposes in another aspect a computer fitted with hardware to enable the method to be performed.
  • the invention also proposes in another aspect, a store at a remote location fitted with hardware to enable either a programme or keys or both to be transmitted to a computer so that the programme can be used on that computer.
  • the invention also proposes a security and usage monitoring means for a device which, when operating, passes therethrough, instructions, information or material to be used, said instructions, information or material to be used having at least one key code associated therewith, said security and usage monitoring means comprising,
  • the security and usage monitoring means includes separate store means which stores not only the number of times a programme or data or material to be used is used but also which programme or data or material is used so that a billing or a check can be made related to the particular programme or data or material usage.
  • Figure 1 is a block circuit diagram of one embodiment
  • Figure 2 is a block circuit diagram of a similar but different embodiment
  • Figure 3 is a block circuit diagram of a further embodiment
  • Figure 4 is a block circuit diagram of a further embodiment
  • Figure 5 is a block circuit diagram of a further embodiment
  • Figure 6 is a block circuit diagram of a still further embodiment;
  • Figure 7 is a block circuit diagram of a SUR;
  • Figure 8 is a detailed circuit diagram of a sealed circuit part of the SUR shown in Figure 9;
  • Figures 9 through 18 are block circuit diagrams of network arrangements.
  • Figures 19 through 24 are flow diagrams of programme steps in different operations of SUR.
  • FIG. 1 there is shown a circuit diagram of one embodiment.
  • a device PC such as a computer which may be a personal computer PC.
  • the invention is applicable not only to computer arts but to arts where a device is used with instructions, information or material to be used.
  • the device may, in fact, be a machine which consumes materials and wherein those materials are coded with a key prior to entry into the machine.
  • the device may be a machine which is operating with a set of instructions or data information which may be suitably coded prior to entering the machine.
  • the device PC is connected with a security and usage register SUR.
  • the security and usage register contains means for holding keys therein.
  • the holding means comprises an electronic memory.
  • the keys are available in this security and usage register SUR, then an instruction is sent back to the device PC from the security and usage register SUR to enable the device PC to operate with the instructions, information or material to be used.
  • the actual usage register within the SUR may be incremented at the time when there is a match of the keys in SUR with the keys in the instructions, information or material to be used. Alternatively the usage register may be incremented at some other convenient time such as on completion of usage of the instructions, information or material to be used.
  • the SUR contains means, such as a port, to permit access to the usage register so that it may be read.
  • the necessary software or programmes or data or other information which is required to operate with the computer can be obtained from any desired source.
  • programmes may, in fact, be pirated and/or copied programmes but because it is proposed herein that all programmes be provided with a sub-routine which requires matching of keys in the programme and in the SUR, then in order for the programme or data or information to operate with the computer, the computer must be fitted with a SUR. Accordingly, if the keys " are not present in the SUR then the programme cannot run.
  • a user can ring up a central store, such as a software house, and ascertain the keys verbally or electronically such as via a modem connection or other connection.
  • a user may be able to "look-up" a handbook or chart or like record to obtain the desired keys.
  • These keys can then be inserted into the security and -usage register SUR to enable the programme to run. Once there is a match of keys then the programme is able to run and at some convenient time the usage register in the SUR is incremented.
  • the SUR has a finite capacity in the register such that periodically the SUR will fill and will not be able to operate until such time as the information in the register is down loaded. In this way it is possible to ensure that regular and/or periodic payments are made for software usage.
  • the register may have sufficient capacity to store not only information relating to the number of times programmes are used but also information as * to which programmes are used or to usage patterns, so that if " required higher charges can be made for different programme usage or usage patterns. If desired the usage register can be made to automatically down load the register information to a suitable store at any time.
  • the key memory KM may be of • sufficient size to store say 100 keys so that a user does not have to regularly obtain desired keys from a central store or from a suitable chart.
  • the embodiment of Figure 3 it can be seen that it is almost identical to the embodiments of Figures 1 and 2, except, that in addition, there is provided a link between the SUR and a central store CE.
  • the central CE be a software house or like establishment where programmes and/or keys can be stored, such as in an electronically accessible memory.
  • connection between the SUR and the central CE is preferably by way of land lines such as by the local telephone network. Accordingly a modem not shown is contemplated between the SUR and the central CE.
  • an operator of the device PC may already have a programme for use with the device PC.
  • the keys may not be available in the SUR.
  • the SUR may be programmed to automatically connect via the land line to request a key from central CE.
  • Central CE in turn, can transmit the key back to the SUR and then the programme will be able to run with the device PC and at a suitable time the usage register in SUR can be incremented. If a key memory KM is provided as optionally shown in Figure 3, then the key can be suitably stored.
  • the programming register can be incremented.
  • the necessary keys may already be in the key memories KM of the SUR when a programme is requested from central CE and in this case it will not be necessary to obtain the necessary keys from the central CE when the programme is requested.
  • the central CE can be arranged to automatically access the usage register in SUR at any time.
  • SUR Software'codings are utilized to ensure that the actual programme unlocking procedure and the register are secure.
  • the information stored in SUR can be attempted to be obtained via software means or by hardware means.
  • a user might try to break into the SUR unit using his computer connected to it either in the normal way (the PC-SUR connection) or via a network (the fraudulent user substitutes his computer for a central). Protection can be achieved by message coding and hardware design.
  • By hardware access a user may try to make connection with the circuitry itself in order to plug his own monitoring unit directly on the IC's therein.
  • connection is made then a user could read confidential memory register information and study a SUR programme during its execution and possibly feed his own programme to SUR in order to gain control of the unit.
  • protection can be achieved by sealing the circuitry in - such a way that a break-in would either damage the circuitry completely or leave traces in the circuitry such as damage to electronic components that would be detected when the register is inspected for usage and when a charge is to be made.
  • the circuitry can have a programme in it ⁇ such that it will down-loa ' d all the register information to a central CE if fraudulent access is attempted. This variation would of course only apply where the computer system is interconnected with a central CE.
  • the SUR contains a read only memory ROM and a memory M.
  • the read only memory ROM contains software.
  • SUR functions are:- 1.
  • the key codes or the programme codes are directly available at the computer PC
  • FIG. 5 shows a configuration where a direct memory access (DMA) buffer separates the CPU of the SUR from the computer PC and the central CE.
  • DMA direct memory access
  • Bl and Dl are buffers accessed respectively by the computer PC, the central CE and the CPU of the SUR.
  • CC represents control connections.
  • an intermediate step is provided in the transfer of messages from the computer PC and the central CE to the CPU. This means that a higher level of protection can be built into the SUR unit against software attempts to disrupt it and pirate information.
  • the CPU is pre-programmed to inspect the content of a message only when the computer PC or the central CE have terminated their transfer to Bl or Dl.
  • a further:increase in the protection of the SUR is obtained by replacing the buffers Cl and Dl of Figure 5 by more complex circuitry as shown in Figure 6.
  • the circuitry decodes the messages and performs checks on their content to detect attempted frauds.
  • DCl represents a decoder for the computer PC to the SUR.
  • DC2 represents a decoder for the SUR to central CE communications.
  • B2 represents • a buffer for the SUR to PC communications.
  • D2 represents a buffer for the SUR to the central CE communications.
  • Decoders DCl and DC2 may be encryption/decryption devices using known encryption/decryption codes.
  • the buffers Bl and D2 are optional and may be deleted if desired.
  • DCl and DC2 decoders can be special purpose " chips or made from a few integrated circuits (shift registers for example) and may have their own buffers (not shown) for the communications.
  • DCl and DC2 may not only decode the messages, but also perform checks on their content to detect frauds. In this case an increased level of protection can be performed before the message is transferred to the CPU - before it could be used to tamper with the sensitive part of SUR. If an attempted fraud is detected the message in fact is terminated and never reaches the CPU.
  • Figure 7 shows a general block circuit diagram of a SUR device. It is composed of a sealed area 10 in which the circuitry is protected against physical access and of an open area where the IC's and other components can be readily accessed as in a normal PC board.
  • FIG. 8 there is shown a block circuit diagram of the sealed circuit 10 shown in Figure 7.
  • the main components of the sealed circuit 10 comprise a microprocessor 20, a read only memory 21, a RAM 22, a real time clock RTC 23, a battery back-up circuit 24 for the real time clock RTC and for the RAM circuit 22, a ROM/RAM select logic circuit 25, an I/O select logic circuit 26 and a supervisor control logic circuit 27 and various buffer interfaces 28.
  • the interface buffers 28 are under the control of the microprocessor 20 and the select logic circuits 25 and 26 and . the supervisor control logic 27. Therefore operations internal to the sealed circuit 10 can be carried out without any information reaching the open area on any of the necessary buses.
  • the sealed circuit can operate very much as a standard microprocessor board except that its communications with the open circuit are under strict control.
  • the supervisor control logic circuit 27 performs the following functions:-
  • the battery module of the sealed circuit 10 is designed for the purposes of protecting the data stored in the static RAM 22 and to operate the real time clock 23 for extended periods when the external power source may be disconnected or interrupted.
  • microprocessor 20 used can vary according to the applications considered necessary of the SUR device. Typical microprocessors are Zilog Z80,
  • the ROM 21 in the sealed circuit 10 contains software required to operate the SUR for the first time. That is, it contains software which opens up communications with the outside so that new software can be loaded. When this is done the new software operates the sealed circuit 10 and resets or restarts operations on the new software which is then loaded.
  • the sealed circuit is produced on a thick film hybrid module or by any other technique known in the electronic circuit arts.
  • the important aspect of the sealed circuit 10 is that it will be protected against access both physically and by unauthorised electrical access.
  • the SUR described in Figure 7 can be configured using "PRO-LOG" cards based on the STD product line manufactured by the PRO-LOG Corporation of California, U.S.A. Card 7804 for sealed area 10 (without • battery back up).
  • Card 7704 for the ROM/RAM circuit 11.
  • Card 7304 dual UART card for the serial ports shown at RS232.
  • Card 7605 -programmable - TTL I/O parallel ports.
  • Card 7388 floppy disc controller (FDC) for a disc drive which may be connected with the control logic 12 to store information.
  • FDC floppy disc controller
  • an extra byte wide memory may be included such as card 7704.
  • the control logic 12 in Figure 7 is distributed among several cards: cards 7304, 7605 and 7388 for the control logic pertaining to the serial ports, the parallel ports and the FDC respectively.
  • the operations of the SUR are as follows:-
  • the total memory space in SUR is made of two storage areas, one internal to the sealed circuit 10 and the other external.
  • the memory space inside the sealed circuit 10 is further divided into two - one ROM and a RAM shown by ROM/RAM 21 and 22.
  • the functions of the software in ROM 21 are to control and supervise the important operations of the SUR such as:- (a) Access to sealed ROM/RAM 21 and 22 and. • external RAM 11 and/or the floppy disk.
  • the RAM area in the sealed circuit contains less important keys of software and may contain some data. This information does not need to be encrypted as access to the sealed memory 21, 22 is under the control the microprocessor 20. All data stored in external memory is typically encrypted for protection against unauthorised inspection and corruption. An empty memory may contain some perhaps randomly generated, information so as to mask not only the presence, but also the absence of important data.
  • SUR When a programme is being called by the user, or during its execution, its identification number is sent to SUR. If the programme has already been used, this number already exists in SUR memory as in RAM 22, Figure 8, with its associated decoding key(s). SUR then sends a signal to the computer PC to unlock the programme, or part of it and increments the • usage register in SUR. The usage register is also in RAM 22, Figure 8.
  • the programme can send not only its identification number, but also some instruction in coded form that must be " interpreted by SUR using the basic key codes sent by CE, so that the key codes to be returned may vary from run to run (for example they could depend on the date or on the operation being performed in SUR or on the data being processed in PC). Every message received by SUR is first checked for syntax and format correctness to detect attempted frauds.
  • Each SUR unit is identified by a number and each unit possesses an initial decoding key (known to the central), that was decided upon at time of manufacture. Encoding keys may also reside in the unit.
  • a new set of keys may be sent to SUR via the network (so that each set of keys is used only for a limited period of time) .
  • SUR When a programme is run for the first time, its identification number is not present in SUR memory.
  • SUR calls the central CE, identifies itself, and requests the programme unlocking key(s) to be sent (in coded form) .
  • the central CE wishes to check the usage register, it calls the SUR unit, and initiates a programme in SUR that reads the programme numbers and their usage, and sends this information in coded form to the central CE. Checks are made to ensure that the data was not corrupted during its transfer. The usage registers in SUR are then reset. Each message received by SUR is first checked for syntax and format correctness to detect attempted frauds.
  • the embodiments of Figures 7 and 8 may be modified by inclusion of a second CPU wired in tandem with the CPU shown, so that such!processing can be performed in that CPU whilst other processing can be performed in the original CPU.
  • the original CPU may have a sub-routine therein to automatically transfer the instructions or data to the second CPU.
  • the second CPU may be in the sealed circuit 10 or it may be in the external circuit. If it is in the external circuit, then naturally if security of information is required, the transferred information will have to be encrypted.
  • FIG. 9 there is shown a network embodiment using a plurality of computers PCI, PC2, PC3, ETC interconnected on a network line together with a SUR connected on that line.
  • a modem MOD is shown connected with the SUR which in turn connects with a central CE.
  • Figure 10 shows a further variation of the network arrangement shown in Figure 9 but where the central CE is actually connected directly with the network.
  • Figure 11 shows a further variation of the networking possibilities wherein a plurality of computers are connected on a network line and only one or some of the computers are interconnected with a SUR and then connected with a modem MOD for subsequent connection to a central CE.
  • a SUR can control one or several P.C.'s.
  • Figure 12 shows a variation where a personal computer P.C. is connected with a data base.
  • the computer is interconnected with a SUR which in turn connects with a modem MOD.
  • a land line then connects modem MOD with the data base.
  • An encryption device E is located at the data base.
  • the computer can request data by the SUR and the SUR will in turn check if there are any key codes in the memory in SUR before fetching the data and allowing it to pass to the personal computer.
  • a usage register is then' incremented in SUR.
  • the SUR acts as a decryption device for the encrypted data which is returned from the data base. Suitable decryption codes are included within the memory within SUR.
  • Figure 13 shows a further variation where the computer is connected directly with the data base and wherein t ⁇ e computer is indirectly connected with a central via the intermediary of a SUR.
  • Figure 14 shows a further variation where both the data base and the central interconnect with the computer via the intermediary of a SUR.
  • Figure 15 shows a further variation where the data base and the central are at the same location and wherein the computer can have direct access to information in the central CE and the data base.
  • Figure 16 shows an even further variation where the data base and the central interconnect with the computer via the SUR but wherein the data base and the central are at separate locations.
  • the SUR will record information relating to the usage such as the time of access, the type of records being accessed or the like so that eventually an appropriate charge can be made for either the programmes and/or the data base information.
  • Figure 17 shows an even further variation where a machine is used to consume information, instructions and/or materials.
  • the machine MC is interconnected with a SUR which in turn is interconnected with a modem MOD which in turn is connected with a computer at a remote location optionally via the intermediary of an encrypter E.
  • the SUR can be arranged to receive key codes from the information, instructions and/or material to be used at the machine and check that the key codes are available. If they are not available they can be obtained in one of the ways previously mentioned and once a match is made then the information, instructions and/or materials to be used can be passed through the machine MC.
  • a computer can control the operation of the machine from a remote location.
  • a host computer to which a plurality of terminals Tl—T9 ETC are shown.
  • the host computer is interconnected with a front end processor FEP.
  • Host SURS (SUR 1, SUR 2, SUR 3) are in turn associated with the host computer host.
  • the SURS 1, 2 and 3 interconnect with a communications network which may be a local telephone network or some other communications network.
  • a central CE is shown interconnected with the front end processor FEP and with the communications network.
  • Each of the terminals are associated with one or more SUR devices as contemplated in previous embodiments.
  • Communication controllers COM are interconnected in various ways with SURS E and SUR F as; shown and permit communication to suitable ' terminals.
  • Each SUR can have either one or several network ports (compare SURS A and B at the user side) . Similarly each SUR can have one or several terminal ports (SURS B and C). It is possible to have fewer network than terminal ports (SUR C) .
  • the SURS next to the host usually have the same number of ports on the host side as the network side.
  • a SUR can be connected to a communication controller COM that can be either on the network or the terminal side (see SURS E and F) .
  • the SUR devices come in pairs; one on the terminal side and one on the host side. This configuration is required ' hen encryption-decryption of data between the host and the terminals is required.
  • each of the SURS include the necessary encryption-decryption codes.
  • the SURS at the host side do not normally perform any user identification access control and usage monitoring functions but simply permit the necessary transactions to be passed to the terminal side.
  • the SURS at the host side are basically the same as the SURS at the terminal side in hardware design except- that the necessary firm ware is not as complete as at the terminal side.
  • pairs of SURS When pairs of SURS are used they can be connected in several ways as shown - SURS 1 and A - one front end processor FEP line per terminal with the SURS servicing several such lines.
  • SURS 3 and C one line from FEP to the terminal SUR, but more than one terminal are being served.
  • the supervisor at the central CE communicates with the terminal SURS either via the FEP (line 10) or directly via the communication network (line 11) or directly to the host SURS (line 12). In the first case FEP simply re-routes the central messages to the appropriate terminal SURS, or the terminal SURS messages to the central CE.
  • the central CE is treated by FEP as another terminal location.
  • the communications central-terminals SURS are either re-routed by FEP as mentioned previously or are. independent of FEP.
  • the SUR in central CE communications are always encrypted even when re-routed by FEP and using line 7. In this instance the host SURS are not used for these communication exchanges.
  • the central CE communicates directly with the host SURS and through them can communicate to the terminal SURS.
  • a key code can be any string of 0's and l's and a key code matching operation refer to a comparison between 2 such strings, that may determine future operations or action.
  • central CE can only communicate with a SUR after it has satisfied this SUR of its (CE) identity, and is satisfied of the SURS identity. This is achieved by using known techniques of key management for data security and integrity in communication. See for example "Cryptography and Data Security" by D.E.R. Denning, Addison-Wesley, 1983.
  • central CE can send instructions to the SUR, get information from it, etc. For example CE can get access to thee usage information in the SUR by instructing it to use the routine that sends this information to central CE. Alternatively, if the routine is.not in SUR, central CE first sends the routine to SUR, and then instructs it to execute the routine. The routine may also include steps to reset the usage register.
  • FIG. 18 Shows the general operations of the SURS in a network as illustrated in Figure 18. It includes aspects of Figures 21, 22 and 23. Note that not all the operations shown are mandatory, as several are application specific.
  • the top of the illustration (down to - end of transaction? ⁇ ) illustrates operations " involving PC and SUR, but not the host. In addition to its security functions, SUR can perform other tasks such as carrying out and keeping a record of an off-line (no direct connection to the host) , financial transactions for example.
  • Protection of Programmes and Data Protection is based on programmes or data being designed or configured in such a way that they need to interact with a SUR to be usable.
  • the level of protection can be adjusted by the software writer or data producer. When passwords only are used, that must be checked in SUR, the protection is low. However when some decryption and processing must take place in SUR the protection can be much higher. Its level depends on a user not being able to guess what the coded information in software data means and does. This forces the user to rely on a SUR.
  • the other key aspect is the usage monitoring function of SUR with regular downloading of usage information to the central.
  • the joint aspects of protection and usage monitoring offer significant advantages to the user of data or software, its producer or writer, and to the industry in general.
  • the user can have access to a wide variety of software or databases, but he is charged solely in proportion to the use he makes of the resources. This is in contrast to the present situation where he usually has to pay a fixed amount, with little consideration for what he gets out of the products.
  • the software writer (and data producer) can expect increased revenues due to reduced or eliminated pirating, and to widened market base for his products that item from charging the users in proportion to usage.
  • the industry could greatly benefit by increased dynamism among software and data users and writers.
  • the invention has also the potential to bypass the problems of copyright of software and data, and of its enforceability.
  • Network Security The network security system using SURS as illustrated in Figure 18 has the following advantages: a) It relies on dedicated hardware and ' software for security functions in a network. b) Network security is independent of the data processing department, and does not require changes to the host's software. c) The decentralised security functions in each SUR act as buffer between terminals and network. Each SUR is a secure gateway to the network resources. d) The SUR system offers a comprehensive and integrated network security based on:

Abstract

A method and apparatus where a device PC is controlled, so that when instructions, information or material to be used in the PC is provided to the PC, and where the instructions, information or material has at least one key code associated therewith, the PC cannot operate until the key code is matched with a key code held in a memory in a security and usage register SUR attached to the PC and wherein following a match being made, a usage register in the SUR is incremented. Eventually the usage register in the SUR can be inspected so that a charge, for example, can be made relating to the use of the instructions, information or material used. The invention has particular although not exclusive application in the computer arts where a programme or data cannot run in the computer until the key codes are matched and eventually a usage register incremented. By this means it is possible to substantially eradicate the unauthorized and/or unaccounted use of programs or data or materials.

Description

SECURITY AND USEAGE MONITORING BACKGROUND OF THE INVENTION
This invention relates to security and usage monitoring and relates generally to the prevention of unauthorised use of computer programmes or data or * materials to be used and broadly includes a method for preventing the copying and subsequent re-use of a computer programme without accounting for that use, to various forms of hardware for use with existing computers to enable this to be performed, and also to a total system whereby computer programmes or data or materials to be used can be held at a main store and where a computer can request a programme or data or materials to be used from that store and permit such programme or data or materials to be used only when its use is accounted for. The invention is not limited solely to use in relation to computers as it may be extended to control usage of materials in a device. Notwithstanding this- the description will be generally addressed to the computer field.
DESCRIPTION OF PRIOR ART In computer systems the software accounts for a significant proportion of the purchase-price. In addition the user will require application programmes usually not supplied with the computer. Between 20 and 40% of the total cost of a system is for the hardware, thus leaving 60 to 80% for the software necessary to get the machine to perform useful tasks.
Software is expensive, the initial purchase price is high, no matter how much use the owner is going to make of it. In addition, most of the software can be easily duplicated, causing widespread problems of pirating, that is, the marketing and use of unauthorised copies of programmes, thus depriving the writer of a legitimate return for his efforts. It is estimated that for the home and small business computer, not more than 1 out of every 4 copies of a programme in use has been sold via a licensed dealer; the other 3 having been pirated. Piracy is therefore a significant problem for software houses, leaving many writers very vulnerable financially and depriving the industry of large amounts of revenue. Hitherto people have recognized the need to provide security for software. Some of the security measures implemented to date involve use of encryption of software so that only a person with a decryption code can decipher the actual software. This system has problems because the encryption and decryption codes can be found and thus whilst it is difficult to make use of a copied encrypted programme it is not impossible. In all the methods used heretofore people are encouraged to copy software and to crack codes such as encryption codes which may be used.
This invention does not contemplate the prevention of direct copying of the software. Instead every time a programme is used in a computer it is proposed that the user eventually pay for use of that programme. The computer is, in turn, attached to a security and usage register means (SUR.) which will inhibit the computer from using the software unless that SUR has a matching key code therein for that particular software programme. Thus a match must be made of the stored key code with the programme key code. This, in turn, allows the programme to operate in the computer and increments a usage register in SUR. Each time the programme is required to operate with the computer this SUR is first accessed by the computer to see if that SUR contains the key code for that programme. If it does then an appropriate code is"transmitted to the computer to cause the computer to operate with that programme and a usage register is incremented. In this way if programmes are copied and sent to a different computer, that different computer will not have the required key code stored in the memory of the SUR. Before the programme can operate with that different computer the SUR must obtain the key code from some remote source. Once the key code is obtained and matched the programme is able to operate with that different computer and the usage register is then incremented. Eventually a charge is made to each computer user depending on the number of times individual programmes are used by that computer. Desirably, each different programme is appropriately identified by its own code in a register in the SUR because some programmes may require higher tariffs to be incurred. Each programme is such that if it is pirated from a computer with a SUR which controls the operation of the computer with the programme and then placed in a computer which does not have such a SUR, then it will not be able to run with that computer because the initial sub-routine in the programme will first require matching of key codes in a SUR to enable the main programme or user programme to run. In other words the initial programme will require decoding keys to be obtained before it can operate with the computer.
- SUMMARY OF THE INVENTION
Therefore according to a first broad aspect of the present invention there is provided a method of controlling the use,of a device, which when operating, passes therethrough,, instructions, information or material to be used having at least one key code associated therewith, said method comprising:-
(a) obtaining said key code from said instructions, information or material to be used.
(b) comparing the key code in step (a) for a match with a key code held in a holding means.
(c) if a match of respective key codes is not made at step (b) inhibiting passing of said instructions, information or material to be used through said device, and (d) if a match of respective key codes is made at step (b) allowing said instructions, information or material to be used to pass through said device, and (e) following a match being made of respective key codes at step (b) incrementing a usage register, and optionally
(f) periodically inspecting said usage register and making a charge related to the usage.
Preferably each programme is identified by its own code (which is different to the key code) and a register stores information as to the number of times that particular programme is used, thus permitting different charges to be made for different programme usages . Preferably the accounting for use is by incrementing a usage register.
In a further aspect of the invention the method proposes that a computer obtain programmes from a store which may be remote from the computer, such as at a central store which could be at a software house. In this method the programme is requested from the central store, key codes for that programme are sent to the computer, via the SUR. This SUR, in turn, transmits codes to the computer to enable the software to be used with the computer after the usage register has been incremented. Both key codes and programme codes (i.e. numbers) are desirably stored in a memory in the SUR.
If a programme is pirated, the method proposes that in order for the programme to operate with the computer it must have a match of the necessary key codes for that programme. In this case the SUR of the computer attempting to use the pirated programme may not have the required programme keys. If it does not have the key codes, these must be obtained from another source such as from a central store before the programme can be used. Once the key codes are obtained, the SUR will allow the computer to operate with the programme and it will increment the usage register and eventually a usage charge can be made. All programmes contain at least one sub-routine, which requires key codes to be obtained before the main programme can be used. Such sub-routines may be only at the start of a particular programme or alternatively there may be many such sub-routines during a programme requiring the key codes to be obtained before the next stage of the programme can be commenced. Alternatively some processing may be initiated in SUR prior to the balance of the programme being freed for use. The register need not be incremented every time a key code is obtained during one programme. The initial key code obtained may be the only step which increments the register for that programme use. In this manner a system is proposed by using a multitude of key code obtaining steps which will inhibit the attempted cracking of the programme by pirates. Further each key code required during the entire programme may be different to that during a preceding sub-routine. This will make the task of a person attempting to crack the key codes so as to use a pirated copy of the programme without incrementing the usage register even more difficult.
In one embodiment .of the invention it is proposed that programmes be initially stored at a central store, such as a software house, and then transferred to a computer via cable or telephone line or the like line when first required. The programme may then be subsequently stored at the computer. The key code for that programme is intended to be ultimately stored at the computer site. The storing of the programme may be on disc or in microcircuits within the computer. The storing of the key code is preferably in a memory in hardware in the SUR which may be integral with the computer. The invention also proposes in another aspect a computer fitted with hardware to enable the method to be performed.
The invention also proposes in another aspect, a store at a remote location fitted with hardware to enable either a programme or keys or both to be transmitted to a computer so that the programme can be used on that computer.
The invention- also proposes a security and usage monitoring means for a device which, when operating, passes therethrough, instructions, information or material to be used, said instructions, information or material to be used having at least one key code associated therewith, said security and usage monitoring means comprising,
(a) holding means to hold a.t least one key code therein, and,
(b) a usage register which is responsive to increment following a match made with the respective key codes, the arrangement being such that when connected with said device, the instructions, information or material to be used can only pass through said device following said match being made. Most preferably the security and usage monitoring means includes separate store means which stores not only the number of times a programme or data or material to be used is used but also which programme or data or material is used so that a billing or a check can be made related to the particular programme or data or material usage.
Most preferably means are provided to permit electronic reading of the usage register for possible subsequent billing of the user. Software containing said key code, either alone or fitted in the computer, and/or the system is also included within the broad ambit of the invention.
In order that the invention can be more clearly ascertained descriptions of preferred embodiments will now be made with reference to the accompanying drawings wherein:-
Figure 1 is a block circuit diagram of one embodiment; Figure 2 is a block circuit diagram of a similar but different embodiment;
Figure 3 is a block circuit diagram of a further embodiment;
Figure 4 is a block circuit diagram of a further embodiment;
Figure 5 is a block circuit diagram of a further embodiment;
Figure 6 is a block circuit diagram of a still further embodiment; : Figure 7 is a block circuit diagram of a SUR;
Figure 8 is a detailed circuit diagram of a sealed circuit part of the SUR shown in Figure 9;
Figures 9 through 18 are block circuit diagrams of network arrangements. Figures 19 through 24 are flow diagrams of programme steps in different operations of SUR.
Referring firstly to Figure 1 there is shown a circuit diagram of one embodiment. Here there is provided a device PC such as a computer which may be a personal computer PC. It should be appreciated that the invention is applicable not only to computer arts but to arts where a device is used with instructions, information or material to be used. In this connection the device may, in fact, be a machine which consumes materials and wherein those materials are coded with a key prior to entry into the machine. Similarly the device may be a machine which is operating with a set of instructions or data information which may be suitably coded prior to entering the machine. For ease of convenience the device will hereinafter be broadly referred to in all embodiments as a computer, however, it should be appreciated that- it is applicable to device's of this general nature and is not limited solely computer related machines. Returning now to the embodiment shown in Figure 1, it can be seen that the device PC is connected with a security and usage register SUR. The security and usage register contains means for holding keys therein. Typically the holding means comprises an electronic memory. When the instructions, information or material to be used by the device PC are introduced into the device PC, the device PC is arranged to first see if the keys for that set of instructions, information or material to be used are within the security and usage register. If the keys are available in this security and usage register SUR, then an instruction is sent back to the device PC from the security and usage register SUR to enable the device PC to operate with the instructions, information or material to be used. The actual usage register within the SUR may be incremented at the time when there is a match of the keys in SUR with the keys in the instructions, information or material to be used. Alternatively the usage register may be incremented at some other convenient time such as on completion of usage of the instructions, information or material to be used. The SUR contains means, such as a port, to permit access to the usage register so that it may be read.
When the device PC is a computer, then the necessary software or programmes or data or other information which is required to operate with the computer can be obtained from any desired source. In this connection, programmes may, in fact, be pirated and/or copied programmes but because it is proposed herein that all programmes be provided with a sub-routine which requires matching of keys in the programme and in the SUR, then in order for the programme or data or information to operate with the computer, the computer must be fitted with a SUR. Accordingly, if the keys "are not present in the SUR then the programme cannot run. In order to obtain keys which may not be present, a user can ring up a central store, such as a software house, and ascertain the keys verbally or electronically such as via a modem connection or other connection. Alternatively, a user may be able to "look-up" a handbook or chart or like record to obtain the desired keys. These keys can then be inserted into the security and -usage register SUR to enable the programme to run. Once there is a match of keys then the programme is able to run and at some convenient time the usage register in the SUR is incremented. Typically the SUR has a finite capacity in the register such that periodically the SUR will fill and will not be able to operate until such time as the information in the register is down loaded. In this way it is possible to ensure that regular and/or periodic payments are made for software usage. It should be appreciated that the register may have sufficient capacity to store not only information relating to the number of times programmes are used but also information as* to which programmes are used or to usage patterns, so that if" required higher charges can be made for different programme usage or usage patterns. If desired the usage register can be made to automatically down load the register information to a suitable store at any time.
Referring now to the embodiment of Figure 2 it can be seen that it is almost identical to that of Figure 1 except that it contains a key memory KM for storing keys. In this connection the key memory KM may be of sufficient size to store say 100 keys so that a user does not have to regularly obtain desired keys from a central store or from a suitable chart. • Referring now to the embodiment of Figure 3 it can be seen that it is almost identical to the embodiments of Figures 1 and 2, except, that in addition, there is provided a link between the SUR and a central store CE. In the embodiment of Figure 3 it is proposed that the central CE be a software house or like establishment where programmes and/or keys can be stored, such as in an electronically accessible memory. The connection between the SUR and the central CE is preferably by way of land lines such as by the local telephone network. Accordingly a modem not shown is contemplated between the SUR and the central CE. In the embodiment of Figure 3 an operator of the device PC may already have a programme for use with the device PC. However, the keys may not be available in the SUR. Accordingly the SUR may be programmed to automatically connect via the land line to request a key from central CE. Central CE, in turn, can transmit the key back to the SUR and then the programme will be able to run with the device PC and at a suitable time the usage register in SUR can be incremented. If a key memory KM is provided as optionally shown in Figure 3, then the key can be suitably stored. Within the embodiment proposed in Figure 3 it is also contemplated that instead of the SUR automatically telephoning the central CE and requesting a key, that a user can use a conventional telephone and make the request verbally. In other words, the SUR does not need to automatically call the central. In the case where the user does not have a programme or the necessary keys, then a connection can be made to central CE to transmit the progra me via the land line through the SUR and to be recorded at the device PC such is in some convenient medium therein as in RAM or on tape or disc. The transmitted programme includes the necessary sub-routines which require the obtaining of keys from the SUR or processing in SUR before the programme can run. Accordingly, the necessary keys will also be transmitted from the central CE and stored in the SUR. Thus, when the programme is to run, there will be a match of the keys in the programme with the keys in the SUR and eventually the usage register can be incremented. The necessary keys may already be in the key memories KM of the SUR when a programme is requested from central CE and in this case it will not be necessary to obtain the necessary keys from the central CE when the programme is requested.
The central CE can be arranged to automatically access the usage register in SUR at any time.
Particular hardware designs, as to be explained later, and software'codings are utilized to ensure that the actual programme unlocking procedure and the register are secure. The information stored in SUR can be attempted to be obtained via software means or by hardware means. In relation to software means a user might try to break into the SUR unit using his computer connected to it either in the normal way (the PC-SUR connection) or via a network (the fraudulent user substitutes his computer for a central). Protection can be achieved by message coding and hardware design. By hardware access a user may try to make connection with the circuitry itself in order to plug his own monitoring unit directly on the IC's therein. If connection is made then a user could read confidential memory register information and study a SUR programme during its execution and possibly feed his own programme to SUR in order to gain control of the unit. In this case protection can be achieved by sealing the circuitry in - such a way that a break-in would either damage the circuitry completely or leave traces in the circuitry such as damage to electronic components that would be detected when the register is inspected for usage and when a charge is to be made. Alternatively the circuitry can have a programme in it such that it will down-loa'd all the register information to a central CE if fraudulent access is attempted. This variation would of course only apply where the computer system is interconnected with a central CE. It may also have a programme in it which will shut-down its operation and destroy its security sensitive information if fraudulent access is attempted. In Figure 4 a further embodiment is shown where the SUR contains a read only memory ROM and a memory M. The read only memory ROM contains software. When triggered by a call from the computer PC its SUR functions are:- 1. When neither the programme, the key codes or the programme codes are directly available at the computer PC
(a) Receive request from computer PC for programme. (b) Call central CE and transmit programme request.
(c) Receive programme codes and key codes and store them in memory.
(d) Direct programme from the central CE to the computer PC
(e) Increment usage register.
(f) Obtain and send necessary key code to enable the programme to operate with the computer PC 1 .
2. When programme is available directly at computer, but computer does not have the key code.
(a) Receive request for codes to unlock computer PC to operate with the programme.
(b) Call central CE to obtain key codes.
(c) Receive and store key codes from central CE. (d) Increment usage register.
(e) Obtain and send necessary code to enable the programme to operate with the computer PC
3. When programme and key codes are directly available at the computer PC
(a) Receive request for key codes.
(b) Match or check key codes are in memory.
(c) Increment usage register.
(d) Obtain and send necessary code to enable the programme to operate with the computer PC In all of the three cases referred to above, failure to execute any one of the steps will be arranged to abort the programme use. In the case where data or material is to be used then failure to execute any one of the steps will be arranged to prevent use of the data or material.
The bus or port request lines"and other control connections are not shown in Figure 4. Figure 5 shows a configuration where a direct memory access (DMA) buffer separates the CPU of the SUR from the computer PC and the central CE. In this figure the designations are identical to those used in previous figures but here Bl and Dl are buffers accessed respectively by the computer PC, the central CE and the CPU of the SUR. CC represents control connections. In this embodiment an intermediate step is provided in the transfer of messages from the computer PC and the central CE to the CPU. This means that a higher level of protection can be built into the SUR unit against software attempts to disrupt it and pirate information. The CPU is pre-programmed to inspect the content of a message only when the computer PC or the central CE have terminated their transfer to Bl or Dl. This is achieved by proper design of the bus request and interrupt facilities in the communication circuit boards of the computer PC to the buffer Bl and the buffer Bl to the CPU (and also the central CE to buffer Dl and the buffer Dl to the CPU) . The control connections described above are represented diagrammatically as the CC lines.
A further:increase in the protection of the SUR is obtained by replacing the buffers Cl and Dl of Figure 5 by more complex circuitry as shown in Figure 6. Here the circuitry decodes the messages and performs checks on their content to detect attempted frauds. In this figure like component designations to those used in the previous figures have been used. Here DCl represents a decoder for the computer PC to the SUR. DC2 represents a decoder for the SUR to central CE communications. B2 represents a buffer for the SUR to PC communications. D2 represents a buffer for the SUR to the central CE communications. Decoders DCl and DC2 may be encryption/decryption devices using known encryption/decryption codes.
The buffers Bl and D2 are optional and may be deleted if desired. DCl and DC2 decoders can be special purpose " chips or made from a few integrated circuits (shift registers for example) and may have their own buffers (not shown) for the communications. DCl and DC2 may not only decode the messages, but also perform checks on their content to detect frauds. In this case an increased level of protection can be performed before the message is transferred to the CPU - before it could be used to tamper with the sensitive part of SUR. If an attempted fraud is detected the message in fact is terminated and never reaches the CPU.
Figure 7 shows a general block circuit diagram of a SUR device. It is composed of a sealed area 10 in which the circuitry is protected against physical access and of an open area where the IC's and other components can be readily accessed as in a normal PC board.
All the critical operations such as encryption/decryption, checks on security clearances, keys, passwords and;processing ETC are preformed inside the sealed circuit 10. Communication with the open area is under the control of the sealed circuit 10 and all the information that could be obtained using logical probes connected to the open area will not jeopardize the aspects nor the functions of the sealed area. Connected with the sealed circuit 10 are ROM/RAM circuits 11, control logic 12 which connects with the ROM/RAM 11 and with various ports and/or device connections as shown.
Referring now to Figure 8 there is shown a block circuit diagram of the sealed circuit 10 shown in Figure 7. The main components of the sealed circuit 10 comprise a microprocessor 20, a read only memory 21, a RAM 22, a real time clock RTC 23, a battery back-up circuit 24 for the real time clock RTC and for the RAM circuit 22, a ROM/RAM select logic circuit 25, an I/O select logic circuit 26 and a supervisor control logic circuit 27 and various buffer interfaces 28. The interface buffers 28 are under the control of the microprocessor 20 and the select logic circuits 25 and 26 and. the supervisor control logic 27. Therefore operations internal to the sealed circuit 10 can be carried out without any information reaching the open area on any of the necessary buses. As can be seen from Figure 8 the sealed circuit can operate very much as a standard microprocessor board except that its communications with the open circuit are under strict control.
The supervisor control logic circuit 27 performs the following functions:-
(a) Control the data transfers related to security and other critical operations.
(b) Restrict access to specific data and programme segments in the ROM/RAM circuits 21, 22.
(c) Control the access to the internal lines (from/to outside) . (d) Prevent access to protected ROM/RAM circuits 21, 22 when the processor 20 is under user programme control..
The battery module of the sealed circuit 10 is designed for the purposes of protecting the data stored in the static RAM 22 and to operate the real time clock 23 for extended periods when the external power source may be disconnected or interrupted.
The type of microprocessor 20 used can vary according to the applications considered necessary of the SUR device. Typical microprocessors are Zilog Z80,
Motorola 6809, 68008 or 68000 and others. The ROM 21 in the sealed circuit 10 contains software required to operate the SUR for the first time. That is, it contains software which opens up communications with the outside so that new software can be loaded. When this is done the new software operates the sealed circuit 10 and resets or restarts operations on the new software which is then loaded.
Typically the sealed circuit is produced on a thick film hybrid module or by any other technique known in the electronic circuit arts. The important aspect of the sealed circuit 10 is that it will be protected against access both physically and by unauthorised electrical access.. The SUR described in Figure 7 can be configured using "PRO-LOG" cards based on the STD product line manufactured by the PRO-LOG Corporation of California, U.S.A. Card 7804 for sealed area 10 (without battery back up). Card 7704 for the ROM/RAM circuit 11. Card 7304, dual UART card for the serial ports shown at RS232. Card 7605, -programmable - TTL I/O parallel ports. Card 7388, floppy disc controller (FDC) for a disc drive which may be connected with the control logic 12 to store information. Alternatively instead of using a disc, an extra byte wide memory may be included such as card 7704. Note that in the above configuration the control logic 12 in Figure 7 is distributed among several cards: cards 7304, 7605 and 7388 for the control logic pertaining to the serial ports, the parallel ports and the FDC respectively. The operations of the SUR are as follows:-
1. Storage of Information.
The total memory space in SUR is made of two storage areas, one internal to the sealed circuit 10 and the other external. The memory space inside the sealed circuit 10 is further divided into two - one ROM and a RAM shown by ROM/RAM 21 and 22. The functions of the software in ROM 21 are to control and supervise the important operations of the SUR such as:- (a) Access to sealed ROM/RAM 21 and 22 and. • external RAM 11 and/or the floppy disk.
(b) Check messages to the SUR to ensure they comply with communication protocols. (c) Reject messages outside protocols and if desired record these erroneous attempts.
(d) Encrypt-decrypt messages to and from the central CE and to and from external memory.
(e) Check the validity of any new software by checking passwords and keys received from the central CE.
(f) Supervise the control and monitoring operations related to the access and use of data software and other information. The RAM area in the sealed circuit contains less important keys of software and may contain some data. This information does not need to be encrypted as access to the sealed memory 21, 22 is under the control the microprocessor 20. All data stored in external memory is typically encrypted for protection against unauthorised inspection and corruption. An empty memory may contain some perhaps randomly generated, information so as to mask not only the presence, but also the absence of important data.
2. Communication with SUR
The following tasks typically require interaction with SUR:-
(a) Control and monitor user identity and/or access to data and/or user. (b) Control and monitor access to and use of software (and user) .
(c) Monitor any commands which may be required. (d) Enable and monitor usage of consumables' which are coded with suitable keys.
Principles of Coding (a) communication PC-SUR - Each programme (identified by a number) communicates with SUR with coded messages. Some of these messages exist in the programme only in coded form. They are embedded in the software. - The programme number is known to the central CE which has the corresponding decoding key(s) (these keys were communicated typically by the software writer) . - When the programme number is given to SUR for the first time, the decoding key(s) are transmitted (in coded form) to SUR by the central CE. After the programme is' called for the first:time, the keys then reside in SUR memory. - Following the increment of a usage register and perhaps some processing the key(s) or other information is transmitted by SUR to the calling computer PC to enable the programme to run.
When a programme is being called by the user, or during its execution, its identification number is sent to SUR. If the programme has already been used, this number already exists in SUR memory as in RAM 22, Figure 8, with its associated decoding key(s). SUR then sends a signal to the computer PC to unlock the programme, or part of it and increments the • usage register in SUR. The usage register is also in RAM 22, Figure 8.
It is also possible for the programme to send not only its identification number, but also some instruction in coded form that must be" interpreted by SUR using the basic key codes sent by CE, so that the key codes to be returned may vary from run to run (for example they could depend on the date or on the operation being performed in SUR or on the data being processed in PC). Every message received by SUR is first checked for syntax and format correctness to detect attempted frauds.
(b) communication SUR-CE
- The communications between SUR and the central CE are coded.
Each SUR unit is identified by a number and each unit possesses an initial decoding key (known to the central), that was decided upon at time of manufacture. Encoding keys may also reside in the unit.
- A new set of keys may be sent to SUR via the network (so that each set of keys is used only for a limited period of time) .
When a programme is run for the first time, its identification number is not present in SUR memory. In this case SUR calls the central CE, identifies itself, and requests the programme unlocking key(s) to be sent (in coded form) . When the central CE wishes to check the usage register, it calls the SUR unit, and initiates a programme in SUR that reads the programme numbers and their usage, and sends this information in coded form to the central CE. Checks are made to ensure that the data was not corrupted during its transfer. The usage registers in SUR are then reset. Each message received by SUR is first checked for syntax and format correctness to detect attempted frauds. The ROM 21 in the sealed circuit 10 or the ROM
11 in the open circuit have pre-programmed instructions therein to enable the above procedure to be effected at least to the level of obtaining keys or data information as required. In order to speed-up the operations of the decryption/encryption process or any other processing in SUR, the embodiments of Figures 7 and 8 may be modified by inclusion of a second CPU wired in tandem with the CPU shown, so that such!processing can be performed in that CPU whilst other processing can be performed in the original CPU. The original CPU may have a sub-routine therein to automatically transfer the instructions or data to the second CPU. The second CPU may be in the sealed circuit 10 or it may be in the external circuit. If it is in the external circuit, then naturally if security of information is required, the transferred information will have to be encrypted.
Referring now to Figure 9 there is shown a network embodiment using a plurality of computers PCI, PC2, PC3, ETC interconnected on a network line together with a SUR connected on that line. A modem MOD is shown connected with the SUR which in turn connects with a central CE. Figure 10 shows a further variation of the network arrangement shown in Figure 9 but where the central CE is actually connected directly with the network.
Figure 11 shows a further variation of the networking possibilities wherein a plurality of computers are connected on a network line and only one or some of the computers are interconnected with a SUR and then connected with a modem MOD for subsequent connection to a central CE. In Figures 9, 10 and 11, one SUR can control one or several P.C.'s.
Figure 12 shows a variation where a personal computer P.C. is connected with a data base. Here it can be seen that the computer is interconnected with a SUR which in turn connects with a modem MOD. A land line then connects modem MOD with the data base. An encryption device E is located at the data base. In the embodiment shown in Figure 12 the computer can request data by the SUR and the SUR will in turn check if there are any key codes in the memory in SUR before fetching the data and allowing it to pass to the personal computer. A usage register is then' incremented in SUR. In this embodiment the SUR acts as a decryption device for the encrypted data which is returned from the data base. Suitable decryption codes are included within the memory within SUR.
Figure 13 shows a further variation where the computer is connected directly with the data base and wherein tήe computer is indirectly connected with a central via the intermediary of a SUR. Figure 14 shows a further variation where both the data base and the central interconnect with the computer via the intermediary of a SUR.
Figure 15 shows a further variation where the data base and the central are at the same location and wherein the computer can have direct access to information in the central CE and the data base. Figure 16 shows an even further variation where the data base and the central interconnect with the computer via the SUR but wherein the data base and the central are at separate locations. Typically the SUR will record information relating to the usage such as the time of access, the type of records being accessed or the like so that eventually an appropriate charge can be made for either the programmes and/or the data base information. Figure 17 shows an even further variation where a machine is used to consume information, instructions and/or materials. Here the machine MC is interconnected with a SUR which in turn is interconnected with a modem MOD which in turn is connected with a computer at a remote location optionally via the intermediary of an encrypter E. In this construction the SUR can be arranged to receive key codes from the information, instructions and/or material to be used at the machine and check that the key codes are available. If they are not available they can be obtained in one of the ways previously mentioned and once a match is made then the information, instructions and/or materials to be used can be passed through the machine MC. A computer can control the operation of the machine from a remote location. Once the match is made in the SUR of the key codes of the information, instructions and/or material to be used, and also once a match is made with any computer instructions then appropriate registers in SUR can be incremented to show the usage. Such usage may be for the duration of use, the type of instructions given, the type of materials consumed, the type of data used. Combinations of these are also possible. In addition combination of the features 'shown in any one of the Figures 9 to 16 are possible. Referring now to Figure 18 there is shown a plurality of SURS interconnected in network architecture to provide for very wide usage possibilities. In the embodiment shown in Figure 18 several different ways of connecting the SUR devices to the network were shown. In this embodiment there is a host computer to which a plurality of terminals Tl—T9 ETC are shown. The host computer is interconnected with a front end processor FEP. Host SURS (SUR 1, SUR 2, SUR 3) are in turn associated with the host computer host. The SURS 1, 2 and 3 interconnect with a communications network which may be a local telephone network or some other communications network. A central CE is shown interconnected with the front end processor FEP and with the communications network. At the user end each of the terminals are associated with one or more SUR devices as contemplated in previous embodiments. Communication controllers COM are interconnected in various ways with SURS E and SUR F as; shown and permit communication to suitable' terminals.
Each SUR can have either one or several network ports (compare SURS A and B at the user side) . Similarly each SUR can have one or several terminal ports (SURS B and C). It is possible to have fewer network than terminal ports (SUR C) . The SURS next to the host usually have the same number of ports on the host side as the network side.
A SUR can be connected to a communication controller COM that can be either on the network or the terminal side (see SURS E and F) . Normally the SUR devices come in pairs; one on the terminal side and one on the host side. This configuration is required' hen encryption-decryption of data between the host and the terminals is required. In this case each of the SURS include the necessary encryption-decryption codes. It is also possible to have only one SUR on the terminal side as shown with line 7 and SUR D. This in implemented when the host terminal communication channel is of a secure nature and cannot be tapped or when the data transmitted is not.of sensitive nature. The SURS at the host side do not normally perform any user identification access control and usage monitoring functions but simply permit the necessary transactions to be passed to the terminal side. In this connected the SURS at the host side are basically the same as the SURS at the terminal side in hardware design except- that the necessary firm ware is not as complete as at the terminal side. When pairs of SURS are used they can be connected in several ways as shown - SURS 1 and A - one front end processor FEP line per terminal with the SURS servicing several such lines. SURS 3 and C - one line from FEP to the terminal SUR, but more than one terminal are being served. SURS 2 and B - one front end processor FEP line per terminal with the SURS servicing only!one such line. The supervisor at the central CE communicates with the terminal SURS either via the FEP (line 10) or directly via the communication network (line 11) or directly to the host SURS (line 12). In the first case FEP simply re-routes the central messages to the appropriate terminal SURS, or the terminal SURS messages to the central CE. The central CE is treated by FEP as another terminal location.
In the second situation the communications central-terminals SURS are either re-routed by FEP as mentioned previously or are. independent of FEP. The SUR in central CE communications are always encrypted even when re-routed by FEP and using line 7. In this instance the host SURS are not used for these communication exchanges. In the third situation the central CE communicates directly with the host SURS and through them can communicate to the terminal SURS.
The key codes and key code matching operations can be found in many operations, and several are listed hereunder as examples:
- password matching user identification using signature comparision with a reference signature profile access control, comparison of the requested programme, date or material with the access control file checking the origin of a message - checking the content of a message incrementing the usage register corresponding to a particular subroutine fetching the coding or decoding keys corresponding to a programme from a store A key code can be any string of 0's and l's and a key code matching operation refer to a comparison between 2 such strings, that may determine future operations or action.
In all cases central CE can only communicate with a SUR after it has satisfied this SUR of its (CE) identity, and is satisfied of the SURS identity. This is achieved by using known techniques of key management for data security and integrity in communication. See for example "Cryptography and Data Security" by D.E.R. Denning, Addison-Wesley, 1983.
Following these identity checks central CE can send instructions to the SUR, get information from it, etc. For example CE can get access to thee usage information in the SUR by instructing it to use the routine that sends this information to central CE. Alternatively, if the routine is.not in SUR, central CE first sends the routine to SUR, and then instructs it to execute the routine. The routine may also include steps to reset the usage register. Reference will now be made to the flow diagrams of Figures 14 through 24 which show operations in the SUR.
Figures 19a, 19b and 19c
These illustrations show the use of SUR to monitor software usage on a PC.
Figure 20
This shows details of CE - SUR communications. Such as the down loading to central CE of usage information stored in SUR.
Figure 21
This shows an illustration of a user identification exchange between SUR and PC.
Figure 22
This shown an illustration of an access control check in SUR following a request on PC.
Figure 23
This shows details of a host - terminal exchange, via a terminal SUR and a host SUR, as illustrated on Figure 18. It incorporates user identification, access control checks, usage monitoring and encryption of messages for line security. Figure 24
Shows the general operations of the SURS in a network as illustrated in Figure 18. It includes aspects of Figures 21, 22 and 23. Note that not all the operations shown are mandatory, as several are application specific. The top of the illustration (down to - end of transaction? ) illustrates operations" involving PC and SUR, but not the host. In addition to its security functions, SUR can perform other tasks such as carrying out and keeping a record of an off-line (no direct connection to the host) , financial transactions for example.
MAIN ADVANTAGES OF THE EMBODIMENTS As an illustration of the advantages of the invention disclosed in this specification-, 2 applications are considered:
1. Protection of programmes and data
2. Network security
1. Protection of Programmes and Data Protection is based on programmes or data being designed or configured in such a way that they need to interact with a SUR to be usable. The level of protection can be adjusted by the software writer or data producer. When passwords only are used, that must be checked in SUR, the protection is low. However when some decryption and processing must take place in SUR the protection can be much higher. Its level depends on a user not being able to guess what the coded information in software data means and does. This forces the user to rely on a SUR.
The other key aspect is the usage monitoring function of SUR with regular downloading of usage information to the central. The joint aspects of protection and usage monitoring offer significant advantages to the user of data or software, its producer or writer, and to the industry in general.
The user can have access to a wide variety of software or databases, but he is charged solely in proportion to the use he makes of the resources. This is in contrast to the present situation where he usually has to pay a fixed amount, with little consideration for what he gets out of the products. The software writer (and data producer) can expect increased revenues due to reduced or eliminated pirating, and to widened market base for his products that item from charging the users in proportion to usage. The industry could greatly benefit by increased dynamism among software and data users and writers. The invention has also the potential to bypass the problems of copyright of software and data, and of its enforceability.
2. Network Security The network security system using SURS as illustrated in Figure 18 has the following advantages: a) It relies on dedicated hardware and' software for security functions in a network. b) Network security is independent of the data processing department, and does not require changes to the host's software. c) The decentralised security functions in each SUR act as buffer between terminals and network. Each SUR is a secure gateway to the network resources. d) The SUR system offers a comprehensive and integrated network security based on:
- user identification - access control checks
- usage monitoring encryption-decryption
These functions are under the control of the central. e) The security functions in each SUR are remotely programmable from the central. This produces an adaptable and efficient security. - ' f) All security functions are safely under the control of the security officer in charge of the central, g) The security system based on SUR is only minimally dependent on the host hardware and software choices, and on the network architecture. The basic SUR can be used in a wide range of environments.

Claims

THE CLAIMS DEFINING THE INVENTION ARE AS FOLLOWS:
1. A method of controlling the use of a device, which when operating, passes therethrough, instructions, information or material to be used having at least one key code associated therewith, said method comprising:-
(a) obtaining said key code from said instructions, information or material to be used.
(b) comparing the key code in step (a) for a match with a key code held in a holding means.
(c) if a match of respective key codes is not made at step (b) inhibiting passing of said instructions, information or material to be used through said device, and
(d) if a match of respective key codes is made at step (b) allowing said instructions, information or material to be used to pass through said device, and-
(e) following a match being made of respective key codes at step (b) incrementing a usage register.
2. A method as claimed in Claim 1 further comprising periodically inspecting said usage register and making a charge or taking other action related to the usage.
3. A method as claimed in Claim 2 wherein said instructions, information or material to be used is identified by a code such that it can be distinguished from other instructions, information or material to be used so that an appropriate charge or other action can be made for different instructions, information or material used.
4. A method as claimed in Claim 2 or Claim 3 wherein the charge or other action is made relating to the time for which the instructions, information or material is used.
5. A method as claimed in any one of the preceding claims further comprising effecting additional processing of information following step (b) in order that required information or instructions can be given to the device prior to execution of step (d) .
6. A method as claimed in any one of the preceding claims further comprising effecting entry of a required key code into said holding means if the key code for the instructions, information or material to be used is not available in the holding means.
7. A method as claimed in Claim 6 further comprising obtaining said required key code from a remote location where many such different required key codes are held.
8. A method as claimed in any one of the preceding claims further comprising obtaining required instructions, information or material from a remote location prior to executing step (a) .
9. A method as claimed in Claim 8 wherein the required instructions, information or material is held where many such different instructions, information or material are held.
10. A method as claimed in any one of the preceding claims wherein the device is a computer and the instructions comprises programmes and the information comprises data and further comprising effecting a network arrangement of computers and permitting said holding means and said usage register to service and identify each computer.
11. A method as claimed in any one of Claims 6 to 9 wherein the device is a computer further comprising encrypting or decrypting the key codes, instructions or information at the time of entry into the holding means.
12. A method as claimed in any one of the preceding claims comprising effecting inspection of the usage register by passing a secure key code thereto.
13. A method as claimed in Claim 12 further comprising resetting of the usage register following inspection.
14. A security and usage monitoring means for a device which, when operating, passes therethrough, instructions, information or material to be used, said instructions, information or material to be used having at least one key code associated therewith, said security and usage monitoring means comprising,
(a) holding means to hold at least one key code therein, and,
(b) a usage register which is responsive to increment following a match made with the respective key codes, the arrangement being such that when connected with said device, the instructions, information or material to be used can only pass through said device following said match being made.
15. A security and usage monitoring means as claimed in Claim 14 wherein said usage register means is connected for storing not only the number of times the instructions, information or material is used, but also which instructions, information or material has been used so that a billing or check can be made relating to that particular usage".
16. A security and usage monitoring means as claimed in Claim 14 or Claim 15 including a central store where key codes, instructions or material to be used are stored and wherein said central store is interconnected with said device so that said key codes, instructions or material can be obtained from said store by said device.
17. A security and usage monitoring means as claimed in Claim 16 wherein said interconnection is an automatic connection which is made by said device when connected to said security and usage monitoring means.
18. A security and usage monitoring means as claimed in Claim 16 wherein said interconnection is an automatic connection which is made by said security and usage monitoring means.
19. A security and usage monitoring means as claimed in any of Claims 14 to 18 wherein said security and usage monitoring means is for use with a device which is a computer and wherein it includes a central processing unit, a read only memory containing ROM instructions for obtaining a match of key codes for said instructions, information or material to be used and the key codes held in said holding means and for providing instructions to said computer to allow said instructions, information or material to pass on a match of key codes being made. . >
20. A security and usage monitoring means as claimed in Claim 19 wherein said read only memory contains instructions to obtain a missing key code from a remote source if it is not available in said holding means.
21. A security and usage monitoring means as claimed in Claim 20 wherein said read only memory contains instructions to permit the automatic obtaining of desired instructions, information or material if they are not already at the computer.
22. A security and usage monitoring means as claimed in Claim 19, 20 and 21 wherein said security and usage monitoring means is connected with said device and said security and usage monitoring means is electrically connected with a central store where, said keys instructions, information or material is held and so that said keys, instructions, information or material can be automatically obtained if it is not at said computer.
23. A security and usage monitoring means as claimed in Claim 22 wherein keys, instructions, information or material to be used is encrypted at said central store by encryption means prior to dispatch and wherein decryption means is provided at said security and usage register means to provide decryption.
24. A security and usage monitoring means as claimed in any one of Claims 14 to 23 connected in a network with at least one other device.
25. A security and usage monitoring means as claimed in any one of Claims 14 to 23 wherein said key codes and said usage register is constructed to be secure.
26. A security and usage monitoring means as claimed in claim 25 wherein the security is effected by encapsulating said holding means and said usage register are in a casing which will reveal attempted access.
27. A security and usage monitoring means as claimed in Claim 26 when appended to any one of Claims 19 to 23 wherein said software and usage monitor includes a central processor for at least said holding means and a read only memory for instructions pertaining to matching of key codes, and a random access memory for at least said usage register and wherein all of said central processor, read only memory and said random access memory are encapsulated in said casing.
28. A security and usage monitoring means as claimed in any one of Claims 14 to 27 wherein said holding means and said usage register are mounted together as an attachment for said device.
PCT/AU1985/000016 1984-02-03 1985-02-04 Security and usage monitoring WO1985003584A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
AU345184 1984-02-03
AUPG3451 1984-02-03
AU770784 1984-10-19
AUPG7707 1984-10-19

Publications (1)

Publication Number Publication Date
WO1985003584A1 true WO1985003584A1 (en) 1985-08-15

Family

ID=25610157

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU1985/000016 WO1985003584A1 (en) 1984-02-03 1985-02-04 Security and usage monitoring

Country Status (2)

Country Link
EP (1) EP0203066A1 (en)
WO (1) WO1985003584A1 (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0265183A2 (en) * 1986-10-24 1988-04-27 John David Wiedemer Billing system for computer software
US4849927A (en) * 1987-06-12 1989-07-18 Ncr Corporation Method of controlling the operation of security modules
EP0329681A1 (en) * 1986-10-14 1989-08-30 Personal Library Software Inc Database usage metering and protection system and method.
WO1990013865A1 (en) * 1989-04-28 1990-11-15 Softel, Inc. Method and apparatus for remotely controlling and monitoring the use of computer software
US5050213A (en) * 1986-10-14 1991-09-17 Electronic Publishing Resources, Inc. Database usage metering and protection system and method
US5155680A (en) * 1986-10-24 1992-10-13 Signal Security Technologies Billing system for computing software
US5649187A (en) * 1989-04-28 1997-07-15 Softel, Inc. Method and apparatus for remotely controlling and monitoring the use of computer software
US5822291A (en) * 1995-03-23 1998-10-13 Zoom Television, Inc. Mass storage element and drive unit therefor
US6021391A (en) * 1998-03-03 2000-02-01 Winbond Electronics Corp. Method and system for dynamic data encryption
US7917749B2 (en) 1995-02-13 2011-03-29 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US7925898B2 (en) 1996-08-12 2011-04-12 Intertrust Technologies Corp. Systems and methods using cryptography to protect secure computing environments
US8510226B2 (en) 1996-02-26 2013-08-13 Graphon Corporation Method for synchronous encryption between a client and a licensing agent
US8533851B2 (en) 1996-08-30 2013-09-10 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1433172A1 (en) 2001-09-20 2004-06-30 Koninklijke Philips Electronics N.V. Optical scanning device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3473159A (en) * 1966-07-07 1969-10-14 Gen Electric Data processing system including means for protecting predetermined areas of memory
AU1186376A (en) * 1975-03-26 1977-09-15 Honeywell Information Systems Steering code generating apparatus for use inan input output processing system
AU5037979A (en) * 1978-09-05 1980-03-13 Honeywell Information Systems Incorp. Security system for remote cash dispensers
GB2123597A (en) * 1982-06-07 1984-02-01 Fortune Systems Corp Computer program protection
US4430728A (en) * 1981-12-29 1984-02-07 Marathon Oil Company Computer terminal security system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3473159A (en) * 1966-07-07 1969-10-14 Gen Electric Data processing system including means for protecting predetermined areas of memory
AU1186376A (en) * 1975-03-26 1977-09-15 Honeywell Information Systems Steering code generating apparatus for use inan input output processing system
AU5037979A (en) * 1978-09-05 1980-03-13 Honeywell Information Systems Incorp. Security system for remote cash dispensers
US4430728A (en) * 1981-12-29 1984-02-07 Marathon Oil Company Computer terminal security system
GB2123597A (en) * 1982-06-07 1984-02-01 Fortune Systems Corp Computer program protection

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5410598A (en) * 1986-10-14 1995-04-25 Electronic Publishing Resources, Inc. Database usage metering and protection system and method
EP0329681A1 (en) * 1986-10-14 1989-08-30 Personal Library Software Inc Database usage metering and protection system and method.
EP0329681A4 (en) * 1986-10-14 1990-10-24 Personal Library Software, Inc. Database usage metering and protection system and method
US5050213A (en) * 1986-10-14 1991-09-17 Electronic Publishing Resources, Inc. Database usage metering and protection system and method
EP0265183A3 (en) * 1986-10-24 1990-09-26 John David Wiedemer Billing system for computer software
EP0265183A2 (en) * 1986-10-24 1988-04-27 John David Wiedemer Billing system for computer software
US5155680A (en) * 1986-10-24 1992-10-13 Signal Security Technologies Billing system for computing software
US4849927A (en) * 1987-06-12 1989-07-18 Ncr Corporation Method of controlling the operation of security modules
GB2205667B (en) * 1987-06-12 1991-11-06 Ncr Co Method of controlling the operation of security modules
US5497479A (en) * 1989-04-28 1996-03-05 Softel, Inc. Method and apparatus for remotely controlling and monitoring the use of computer software
WO1990013865A1 (en) * 1989-04-28 1990-11-15 Softel, Inc. Method and apparatus for remotely controlling and monitoring the use of computer software
US5613089A (en) * 1989-04-28 1997-03-18 Softel, Inc. Method and apparatus for remotely controlling and monitoring the use of computer software
US5649187A (en) * 1989-04-28 1997-07-15 Softel, Inc. Method and apparatus for remotely controlling and monitoring the use of computer software
US7917749B2 (en) 1995-02-13 2011-03-29 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US8543842B2 (en) 1995-02-13 2013-09-24 Intertrust Technologies Corporation System and methods for secure transaction management and electronics rights protection
US5822291A (en) * 1995-03-23 1998-10-13 Zoom Television, Inc. Mass storage element and drive unit therefor
US8510226B2 (en) 1996-02-26 2013-08-13 Graphon Corporation Method for synchronous encryption between a client and a licensing agent
US7925898B2 (en) 1996-08-12 2011-04-12 Intertrust Technologies Corp. Systems and methods using cryptography to protect secure computing environments
US8533851B2 (en) 1996-08-30 2013-09-10 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US6021391A (en) * 1998-03-03 2000-02-01 Winbond Electronics Corp. Method and system for dynamic data encryption

Also Published As

Publication number Publication date
EP0203066A1 (en) 1986-12-03

Similar Documents

Publication Publication Date Title
Mori et al. Superdistribution: the concept and the architecture
TW475103B (en) Public cryptographic control unit and system therefor
White ABYSS: ATrusted Architecture for Software Protection
US5925127A (en) Method and system for monitoring the use of rented software
US5388211A (en) Method and apparatus for remotely controlling and monitoring the use of computer software
EP1224516B1 (en) Trusted computing platform for restricting use of data
US6101606A (en) System for securing protected software from unauthorized use in computer networks
US5854891A (en) Smart card reader having multiple data enabling storage compartments
US5146499A (en) Data processing system comprising authentification means viz a viz a smart card, an electronic circuit for use in such system, and a procedure for implementing such authentification
JP4278327B2 (en) Computer platform and operation method thereof
White et al. ABYSS: An architecture for software protection
JP3656856B2 (en) Software acquisition method and data processing system for implementing the method
EP0895148B1 (en) Software rental system and method for renting software
US5533123A (en) Programmable distributed personal security
EP1342149B1 (en) Method for protecting information and privacy
US7134016B1 (en) Software system with a biometric dongle function
WO1985003584A1 (en) Security and usage monitoring
US7080258B2 (en) IC, IC-mounted electronic device, debugging method and IC debugger
US20020138761A1 (en) Authentication system
JPS63125030A (en) Method of accessing remote terminal
WO1998007092A9 (en) Smart card reader having multiple data enabling storage compartments
EP1590722B1 (en) A method and a system for performing testing in a device, and a device
EP0990210A1 (en) System, method and article of manufacture for product return of software and other information
GB2149944A (en) Software distribution
EP1368720B1 (en) Method and system for content distribution and fees management

Legal Events

Date Code Title Description
AK Designated states

Designated state(s): AU BR DK FI JP KR NO US

AL Designated countries for regional patents

Designated state(s): AT BE CH DE FR GB LU NL SE