EP1141808A1 - Assuring data integrity via a secure counter - Google Patents

Assuring data integrity via a secure counter

Info

Publication number
EP1141808A1
EP1141808A1 EP00972806A EP00972806A EP1141808A1 EP 1141808 A1 EP1141808 A1 EP 1141808A1 EP 00972806 A EP00972806 A EP 00972806A EP 00972806 A EP00972806 A EP 00972806A EP 1141808 A1 EP1141808 A1 EP 1141808A1
Authority
EP
European Patent Office
Prior art keywords
access
data
protected data
usage parameter
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP00972806A
Other languages
German (de)
French (fr)
Inventor
Michael A. Epstein
Antonius A. M. Staring
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Koninklijke Philips NV
Original Assignee
Koninklijke Philips Electronics NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics NV filed Critical Koninklijke Philips Electronics NV
Publication of EP1141808A1 publication Critical patent/EP1141808A1/en
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0622Securing storage systems in relation to access
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect

Definitions

  • This invention relates to the field of data security, and in particular to means for determining the integrity of data that changes with time.
  • some data may have limits imposed for the number of times the data may be accessed, or the number of days that the data may be accessed.
  • a "try-before-you-buy" software application will typically control the number of times the application can be used.
  • a video playback system may be configured to control the number of times a recorded program is accessed, based on a purchased limited use license. To effect such a system, a usage parameter must be maintained. If this usage parameter is merely stored at a memory location, the access security system can be overcome by merely writing a new value to the memory location as required.
  • a more sophisticated system may embed the usage parameter into an item that is bound to the limited-access material in a secure manner.
  • European patent EP0906700 "Method and system for transferring content information and supplemental information related thereto", issued 7 April 1999 to Johan
  • P.M.G. Linnartz et al presents a technique for the protection of copyright material via the use of a watermark "ticket" that controls the number of times the protected material may be rendered, and is incorporated by reference herein.
  • a common technique for overcoming a limited-access security systems is a "replay attack", wherein a copy of the usage parameter is recorded before its expiration is expired, and this recording is used to replay, or re-access, the material beyond the authorized access limits.
  • the usage parameter is bound to the data being protected, such as via a watermark-based security system, the content material and all bound parameters are recorded, for subsequent replacement, or "replay", as an authorized version of the material.
  • a financial database may contain internal checks that facilitate a determination of counterfeit entries.
  • a replay attack can be affected by obtaining a copy of a valid entry, such as a record or set of records showing a large balance in an account, then repeatedly substituting this record or set of records after withdrawing funds from the account.
  • This object and others are achieved by providing a system that includes a secure means of storing a usage parameter that is associated with each usage of the database, and a binding parameter that binds the usage parameter to the data that is being protected.
  • the usage parameter is incremented and the binding parameter is updated, based on this new usage parameter.
  • the stored binding parameter is compared to a value corresponding to the binding of the current value of the usage parameter with the data. If either the current value of the usage parameter differs from the usage parameter that was used to produce the binding parameter, or the current data differs from the data that was used to produce the binding parameter, the new binding value will not correspond to the stored binding parameter, and access is denied.
  • the usage parameter is a value that is contained in a sequential counter. In this manner, a sequential access to the protected data can be enforced, thereby precluding a replay attack. Note that the data being protected may be data that is used to control access to other protected material, thereby expanding the scope of security protection to this other protected material.
  • Fig. 1 illustrates an example block diagram of an access-control security system in accordance with this invention.
  • Fig. 2 illustrates an example block diagram of an alternative access-control security system in accordance with this invention.
  • Fig. 3 illustrates an example flow diagram for an access-control security system in accordance with this invention.
  • Fig. 1 illustrates an example block diagram of an access-control security system 100 that controls access to the contents of a database 150.
  • An access controller 120 receives an access request 101, and grants the request only if the database 150 is authenticated as being current.
  • a secure module 110 contains a counter 111 that maintains a usage parameter 111' that is incremented with each access to the controlled database 150.
  • this usage parameter 111 ' is bound to the database 150, preferably by computing a hash value 131 corresponding to the data base 150 and the usage parameter 111', via a hash generator 130.
  • a counter 111 is presented herein as a paradigm for a device that provides a substantially unique value with each access to the database.
  • a random number generator or other 'unique value generator' can be used in lieu of the counter 111 to uniquely identify each access to the database 150.
  • the number of times that the protected database 150 is access can also be determined, and usage-limiting rules can be enforced, as discussed further below.
  • the hash generator 130 provides a one-way computation of a hash value based on a set of input values, such that knowledge of the hash value provides no information regarding the value of any of the set of input values. Most significantly, it is computationally infeasible to determine a set of input values that will produce a specified hash value 131. A change of any item in the database 150 or the usage parameter 111' data item will produce a different hash value 131. That is, each access to the database 150 in accordance with this invention generates a unique hash value 131 whose value depends upon the usage parameter 111' and the contents of the data base 150. In some applications, the contents of the database is fixed; for example, a CD or DVD recording of entertainment material.
  • the database is modifiable. If the database can be modified, a preferred embodiment of this invention uses the database to store the usage parameter 111', thereby eliminating the need to provide an access counter 111 in the secure module 110. Storing the usage parameter 111 ' in the database 150 also eases the hash generation task at 130, because hash routines are commonly available that compute a hash value corresponding to a data file.
  • the access count device 111 is illustrated in the figures as being contained in the secure module 110, as the more general solution (independent of whether the database 150 is modifiable).
  • the usage parameter 111 ' is illustrated as being associated with the database 150, via the dashed block, indicating that the usage parameter 111' is used in computing the hash 131, regardless of whether the usage parameter 111' is stored in the database 150 directly, or in an access count device 111 within the secure module 110.
  • the unique hash value 131, or a parameter based on this unique hash value 131 is stored in the secure module, as an authentication code 112.
  • the usage parameter 111' is changed, a new hash value 131 is computed, and a new authentication code 112 is stored, replacing the prior authentication code.
  • a hash 131 of the current database 150 and usage parameter 111 ' is computed, and compared to the stored authentication code 112. If the usage parameter 111' is not included within the database 150, the current value of the access counter 111 is used to compute the new hash value 131.
  • the hash 131 of this substitute database will not match the stored authentication code 112, and access is denied. If the current database 150 is the latest version of the database, the hash 131 will match the stored authentication code 112, and access will be granted.
  • this invention provides a secure system and method for determining whether a current copy of a database corresponds to the latest version of a database. In addition to preventing successful replay attacks, this invention also protects against unauthorized modifications to the database. Conventional security techniques may be included in the access control 120 to assure that only authorized users are permitted to modify the database, including the use of passwords, cryptographic keys, access cards, smart cards, and the like. If the database is modified by a system other than one with access to the secure module 110, a new authentication code 112 will not be generated for this modified database, and therefore an attempt to substitute this modified database for the latest authorized database will fail.
  • each transaction is gated by an access controller 120 having access to the secure module 110; any substituted records in the database 150 will result in an access denial, as discussed above. Additional access controls may also be employed. If the database 150 has a limit to the number of times it may be accessed, corresponding, for example, to a limited use license, the usage parameter 111 ' is used to determine whether the number of accesses is within the limit. If the usage parameter 111' indicates that the limit has been reached, access is denied.
  • Fig. 2 illustrates an example block diagram of an alternative access-control security system 200 in accordance with this invention.
  • system 100 of Fig. 1 it is assumed that the usage parameter 111 ' is bound directly to the contents of the database 150.
  • the usage parameter 111 ' is bound indirectly to the contents of a plurality of databases 250a, 250b.
  • a hash value 230a, 230b is computed and stored in the database 150 for each of the plurality of databases 250a, 250b.
  • a hash value 131 is computed based on the contents of the database 150 and the usage parameter 111', and stored as the authentication code 112, as discussed above.
  • the access controller 120 authenticates each dataset 250a, 250b by comparing a hash of its contents to the stored value in the current database 150, and authenticates the current database 150 by comparing its hash value 131 to the stored authentication code 112.
  • a usage record 251 is included within the corresponding database 250a, 250b, and the value of this usage record 251 is thereby included in the determination of the hash value 230a, 230b that is stored in the database 150.
  • Fig. 3 illustrates an example flow diagram for an access-control security system in accordance with this invention.
  • an access request is received.
  • a hash of the database and usage parameter is computed, at 320, and compared to an authentication code that is stored in a secure location, at 330. If, at 335, the hash does not correspond to the stored authentication code, access is denied, at 340. If, at 335, the hash corresponds to the stored authentication code, the usage parameter is incremented, at 350. As noted above, this usage parameter may be stored in the associated database, or in the secure location that contains the authentication code, at 360. After incrementing, or otherwise modifying, the usage parameter, access to the database is granted, at 370.
  • a hash of the database, with the usage parameter is computed, at 380, and stored as the new authentication code in the secure location, at 390.
  • Alternative flows will be evident to one of ordinary art. For example, in the illustrated flow of Fig. 3, a discontinuity of flow 360-390 will result in a stored usage parameter that does not correspond to the stored authentication code.
  • Techniques common in the art can be used to assure a synchronization between the usage parameter and authentication code is maintained. For example, each time the usage parameter or database is changed, a corresponding authentication code can be generated and stored in a temporary location, and a recovery routine can be provided to recover the latest versions of the database, usage parameter, and authentication code in the event of a discontinuity of flow in the sequence of Fig. 3.
  • a solid-state memory module with smart card functionality may comprise the secure module 110.
  • the secure module 110 may be embodied as an encoding that only 'compliant devices' are able to read or write, a compliant device being one that is manufactured by manufacturers who agree to abide by certain rules and standards established for protecting recorded material.
  • the encoding may include the use of cryptographic keys that are secret to the complying manufacturers, or may include the use of special purpose hardware devices for reading and writing the secured information.
  • the secure module, the database, and the access controller may each be embodied as discrete components.
  • the secure module may be a smart card
  • the database may be a file on a remote computer, or at a site on the Internet
  • the access controller may be an embedded program in a processor of a playback device.
  • the security of the secure module may be provided via the use of encryption keys and the like, and therefore the entire system can be embodied as a software application.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Mathematical Physics (AREA)
  • Human Computer Interaction (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

An access-control system includes a counter, and a secure memory location that is configured to contain a parameter that binds the contents of the counter to the data that is being protected. Each time the data is accessed, the counter is incremented and the binding parameter is updated, based on this new count. When a subsequent access is requested, the stored binding parameter is compared to a value corresponding to the binding of the current value of the counter with the data. If either the current value of the counter differs from the count that was used to produce the binding parameter, or the current data differs from the data that was used to produce the binding parameter, the new binding value will not correspond to the stored binding parameter, and access is denied. In this manner, a sequential access to the protected data can be enforced, thereby precluding a replay attack. Note that the data being protected may be data that is used to control access to other protected material, thereby expanding the scope of security protection to this other protected material.

Description

Assuring data integrity via a secure counter
This invention relates to the field of data security, and in particular to means for determining the integrity of data that changes with time.
A number of applications exist that depend upon maintaining control of the usage of data. In conventional data processing applications, it is often necessary to assure that the data being used is the most recent data. In secure applications, it is often necessary to assure that the data has not been tampered with.
In addition to a need for assuring that the data being used is current and valid, some data may have limits imposed for the number of times the data may be accessed, or the number of days that the data may be accessed. For example, a "try-before-you-buy" software application will typically control the number of times the application can be used. In like manner, a video playback system may be configured to control the number of times a recorded program is accessed, based on a purchased limited use license. To effect such a system, a usage parameter must be maintained. If this usage parameter is merely stored at a memory location, the access security system can be overcome by merely writing a new value to the memory location as required. A more sophisticated system may embed the usage parameter into an item that is bound to the limited-access material in a secure manner. For example, European patent EP0906700, "Method and system for transferring content information and supplemental information related thereto", issued 7 April 1999 to Johan
P.M.G. Linnartz et al, presents a technique for the protection of copyright material via the use of a watermark "ticket" that controls the number of times the protected material may be rendered, and is incorporated by reference herein.
A common technique for overcoming a limited-access security systems is a "replay attack", wherein a copy of the usage parameter is recorded before its expiration is expired, and this recording is used to replay, or re-access, the material beyond the authorized access limits. In the case wherein the usage parameter is bound to the data being protected, such as via a watermark-based security system, the content material and all bound parameters are recorded, for subsequent replacement, or "replay", as an authorized version of the material.
In like manner, a financial database may contain internal checks that facilitate a determination of counterfeit entries. A replay attack can be affected by obtaining a copy of a valid entry, such as a record or set of records showing a large balance in an account, then repeatedly substituting this record or set of records after withdrawing funds from the account.
It is an object of this invention to provide a security system that is not susceptible to replay attacks. It is a further object of this invention to provide a security system that verifies that the accessed data is the latest authorized version of the protected data.
This object and others are achieved by providing a system that includes a secure means of storing a usage parameter that is associated with each usage of the database, and a binding parameter that binds the usage parameter to the data that is being protected.
Each time the data is accessed, the usage parameter is incremented and the binding parameter is updated, based on this new usage parameter. When a subsequent access is requested, the stored binding parameter is compared to a value corresponding to the binding of the current value of the usage parameter with the data. If either the current value of the usage parameter differs from the usage parameter that was used to produce the binding parameter, or the current data differs from the data that was used to produce the binding parameter, the new binding value will not correspond to the stored binding parameter, and access is denied. In a preferred embodiment, the usage parameter is a value that is contained in a sequential counter. In this manner, a sequential access to the protected data can be enforced, thereby precluding a replay attack. Note that the data being protected may be data that is used to control access to other protected material, thereby expanding the scope of security protection to this other protected material.
The invention is explained in further detail, and by way of example, with reference to the accompanying drawings wherein:
Fig. 1 illustrates an example block diagram of an access-control security system in accordance with this invention. Fig. 2 illustrates an example block diagram of an alternative access-control security system in accordance with this invention.
Fig. 3 illustrates an example flow diagram for an access-control security system in accordance with this invention.
Throughout the drawings, the same reference numerals indicate similar or corresponding features or functions.
Fig. 1 illustrates an example block diagram of an access-control security system 100 that controls access to the contents of a database 150. An access controller 120 receives an access request 101, and grants the request only if the database 150 is authenticated as being current. A secure module 110 contains a counter 111 that maintains a usage parameter 111' that is incremented with each access to the controlled database 150. In accordance with this invention, this usage parameter 111 ' is bound to the database 150, preferably by computing a hash value 131 corresponding to the data base 150 and the usage parameter 111', via a hash generator 130. A counter 111 is presented herein as a paradigm for a device that provides a substantially unique value with each access to the database. Alternatively, a random number generator or other 'unique value generator' can be used in lieu of the counter 111 to uniquely identify each access to the database 150. By using a counter 111, the number of times that the protected database 150 is access can also be determined, and usage-limiting rules can be enforced, as discussed further below.
As is common in the art, the hash generator 130 provides a one-way computation of a hash value based on a set of input values, such that knowledge of the hash value provides no information regarding the value of any of the set of input values. Most significantly, it is computationally infeasible to determine a set of input values that will produce a specified hash value 131. A change of any item in the database 150 or the usage parameter 111' data item will produce a different hash value 131. That is, each access to the database 150 in accordance with this invention generates a unique hash value 131 whose value depends upon the usage parameter 111' and the contents of the data base 150. In some applications, the contents of the database is fixed; for example, a CD or DVD recording of entertainment material. In other applications, the database is modifiable. If the database can be modified, a preferred embodiment of this invention uses the database to store the usage parameter 111', thereby eliminating the need to provide an access counter 111 in the secure module 110. Storing the usage parameter 111 ' in the database 150 also eases the hash generation task at 130, because hash routines are commonly available that compute a hash value corresponding to a data file. The access count device 111 is illustrated in the figures as being contained in the secure module 110, as the more general solution (independent of whether the database 150 is modifiable). Additionally, the usage parameter 111 ' is illustrated as being associated with the database 150, via the dashed block, indicating that the usage parameter 111' is used in computing the hash 131, regardless of whether the usage parameter 111' is stored in the database 150 directly, or in an access count device 111 within the secure module 110.
The unique hash value 131, or a parameter based on this unique hash value 131 is stored in the secure module, as an authentication code 112. Upon each access to the database, the usage parameter 111' is changed, a new hash value 131 is computed, and a new authentication code 112 is stored, replacing the prior authentication code. When a subsequent access request 101 is received, a hash 131 of the current database 150 and usage parameter 111 ' is computed, and compared to the stored authentication code 112. If the usage parameter 111' is not included within the database 150, the current value of the access counter 111 is used to compute the new hash value 131. If another database has been substituted for the latest version of the database, such as a prior version of the database, with an earlier usage parameter, the hash 131 of this substitute database will not match the stored authentication code 112, and access is denied. If the current database 150 is the latest version of the database, the hash 131 will match the stored authentication code 112, and access will be granted.
Note that, as thus far presented, this invention provides a secure system and method for determining whether a current copy of a database corresponds to the latest version of a database. In addition to preventing successful replay attacks, this invention also protects against unauthorized modifications to the database. Conventional security techniques may be included in the access control 120 to assure that only authorized users are permitted to modify the database, including the use of passwords, cryptographic keys, access cards, smart cards, and the like. If the database is modified by a system other than one with access to the secure module 110, a new authentication code 112 will not be generated for this modified database, and therefore an attempt to substitute this modified database for the latest authorized database will fail. In a financial database system, for example, each transaction is gated by an access controller 120 having access to the secure module 110; any substituted records in the database 150 will result in an access denial, as discussed above. Additional access controls may also be employed. If the database 150 has a limit to the number of times it may be accessed, corresponding, for example, to a limited use license, the usage parameter 111 ' is used to determine whether the number of accesses is within the limit. If the usage parameter 111' indicates that the limit has been reached, access is denied.
Fig. 2 illustrates an example block diagram of an alternative access-control security system 200 in accordance with this invention. In system 100 of Fig. 1, it is assumed that the usage parameter 111 ' is bound directly to the contents of the database 150. In system 200 of Fig. 2, the usage parameter 111 ' is bound indirectly to the contents of a plurality of databases 250a, 250b. A hash value 230a, 230b is computed and stored in the database 150 for each of the plurality of databases 250a, 250b. A hash value 131 is computed based on the contents of the database 150 and the usage parameter 111', and stored as the authentication code 112, as discussed above. The access controller 120 authenticates each dataset 250a, 250b by comparing a hash of its contents to the stored value in the current database 150, and authenticates the current database 150 by comparing its hash value 131 to the stored authentication code 112.
If any of the databases 250a, 250b have a limit to the number of times they may be accessed, a usage record 251 is included within the corresponding database 250a, 250b, and the value of this usage record 251 is thereby included in the determination of the hash value 230a, 230b that is stored in the database 150. Other items that facilitate organization and control, such as a unique ID 252 for each database 250a, 250b, are also included.
Fig. 3 illustrates an example flow diagram for an access-control security system in accordance with this invention. At 310, an access request is received. A hash of the database and usage parameter is computed, at 320, and compared to an authentication code that is stored in a secure location, at 330. If, at 335, the hash does not correspond to the stored authentication code, access is denied, at 340. If, at 335, the hash corresponds to the stored authentication code, the usage parameter is incremented, at 350. As noted above, this usage parameter may be stored in the associated database, or in the secure location that contains the authentication code, at 360. After incrementing, or otherwise modifying, the usage parameter, access to the database is granted, at 370. At the completion of access to the database, a hash of the database, with the usage parameter, is computed, at 380, and stored as the new authentication code in the secure location, at 390. Alternative flows will be evident to one of ordinary art. For example, in the illustrated flow of Fig. 3, a discontinuity of flow 360-390 will result in a stored usage parameter that does not correspond to the stored authentication code. Techniques common in the art can be used to assure a synchronization between the usage parameter and authentication code is maintained. For example, each time the usage parameter or database is changed, a corresponding authentication code can be generated and stored in a temporary location, and a recovery routine can be provided to recover the latest versions of the database, usage parameter, and authentication code in the event of a discontinuity of flow in the sequence of Fig. 3.
The foregoing merely illustrates the principles of the invention. It will thus be appreciated that those skilled in the art will be able to devise various arrangements which, although not explicitly described or shown herein, embody the principles of the invention and are thus within its spirit and scope. For example, the specific physical embodiment of this invention may take a variety of forms. A solid-state memory module with smart card functionality may comprise the secure module 110. The secure module 110 may be embodied as an encoding that only 'compliant devices' are able to read or write, a compliant device being one that is manufactured by manufacturers who agree to abide by certain rules and standards established for protecting recorded material. The encoding may include the use of cryptographic keys that are secret to the complying manufacturers, or may include the use of special purpose hardware devices for reading and writing the secured information. The secure module, the database, and the access controller may each be embodied as discrete components. For example, the secure module may be a smart card, the database may be a file on a remote computer, or at a site on the Internet, and the access controller may be an embedded program in a processor of a playback device. As noted above, the security of the secure module may be provided via the use of encryption keys and the like, and therefore the entire system can be embodied as a software application. These and other system configuration and optimization features will be evident to one of ordinary skill in the art in view of this disclosure, and are included within the scope of the following claims.

Claims

CLAIMS:
1. A security system (100, 200) comprising: an access device (120) that is configured to control access to protected data (150), a first memory (111) that is configured to contain a usage parameter that is modified by the access device (120) when the protected data (150) is accessed, a secure module (110), operably coupled to the access device (120), that includes: a second memory (112) that is configured to contain an authentication code that is based on the protected data (150) and the usage parameter when the protected data (150) is accessed.
2. The security system (100, 200) of claim 1, wherein the access device (120) is further configured to control access to the protected data (150) based on a usage limit, the usage parameter, and the authentication code.
3. The security system (100, 200) of claim 1, further including a hash generator (130) that is configured to generate a hash value corresponding to the authentication code that is dependent upon the protected data (150) and the usage parameter.
4. The security system (100, 200) of claim 1, wherein the protected data (150) includes a plurality of parameters (230), each parameter corresponding to one of a plurality of other protected data (250).
5. The security system (100, 200) of claim 4, wherein each parameter (230) corresponds to a hash value that is dependent upon the corresponding one of the plurality of other protected data (250).
6. The security system (100, 200) of claim 5, wherein the authentication code corresponds to an other hash value (131) that is dependent upon the protected data (150) and the usage parameter.
7. The security system (100, 200) of claim 1, wherein the secure module (110) corresponds to at least one of: a smart card, and an encoding in a secure format.
8. The security system (100, 200) of claim 1, wherein the first memory (111) is included in one of: a storage media that includes the protected data (150), and the secure module (110).
The security system (100, 200) of claim 1, wherein the first memory (111) corresponds to a memory of a counter, and the access device (120) modifies the first memory (111) by incrementing the counter.
10. A method of controlling access to protected data (150), comprising: computing (320) a hash value based on the protected data (150) and a usage parameter, comparing (330) the hash value to an authentication code that is stored in a secure location, and denying access (340) to the protected data (150) based on the comparison of the hash value and the authentication code.
11. The method of claim 10, further including: modifying (350) the usage parameter, computing (370) a second hash value based on the protected data (150) and the modified usage parameter, and storing (380) the second hash value as the authentication code in the secure location.
12. The method of claim 11 , further including: storing (360) the usage parameter with the protected data (150).
EP00972806A 1999-10-29 2000-10-18 Assuring data integrity via a secure counter Ceased EP1141808A1 (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US636724 1984-08-01
US16250399P 1999-10-29 1999-10-29
US162503P 1999-10-29
US63672400A 2000-08-11 2000-08-11
PCT/EP2000/010285 WO2001033317A1 (en) 1999-10-29 2000-10-18 Assuring data integrity via a secure counter

Publications (1)

Publication Number Publication Date
EP1141808A1 true EP1141808A1 (en) 2001-10-10

Family

ID=26858817

Family Applications (1)

Application Number Title Priority Date Filing Date
EP00972806A Ceased EP1141808A1 (en) 1999-10-29 2000-10-18 Assuring data integrity via a secure counter

Country Status (4)

Country Link
EP (1) EP1141808A1 (en)
JP (1) JP2003513388A (en)
KR (1) KR20010100011A (en)
WO (1) WO2001033317A1 (en)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2332034C (en) 1999-03-15 2008-07-29 Koninklijke Philips Electronics N.V. A method and system for providing copy-protection on a storage medium and storage medium for use in such a system
CN1263026C (en) * 2000-08-16 2006-07-05 皇家菲利浦电子有限公司 Method and device for controlling distribution and use of digital works
WO2002095748A2 (en) 2001-05-22 2002-11-28 Koninklijke Philips Electronics N.V. Record carrier with hidden channel
GB2393007B (en) 2001-06-28 2005-08-03 Trek 2000 Int Ltd Method and devices for data transfer
ATE486460T1 (en) * 2001-09-10 2010-11-15 Koninkl Philips Electronics Nv APPARATUS AND METHOD FOR GRANTING CONDITIONAL ACCESS
TW588243B (en) * 2002-07-31 2004-05-21 Trek 2000 Int Ltd System and method for authentication
US7325130B2 (en) 2003-03-21 2008-01-29 International Business Machines Corporation Method for guaranteeing freshness of results for queries against a non-secure data store
US6898555B2 (en) * 2003-07-14 2005-05-24 Aladdin Knowledge Systems Ltd. Method for indicating the integrity of use-information of a computer program
WO2006022667A1 (en) 2004-08-02 2006-03-02 International Business Machines Method for guaranteeing freshness of results for queries against a non-secure data store
KR100617321B1 (en) 2004-12-14 2006-08-30 한국전자통신연구원 Method and Apparatus for Protection to Link Security Attack
US7681050B2 (en) * 2005-12-01 2010-03-16 Telefonaktiebolaget L M Ericsson (Publ) Secure and replay protected memory storage
DE602006014801D1 (en) * 2006-04-24 2010-07-22 Ericsson Telefon Ab L M Checking the authorization to install a software version
FR2906380B1 (en) * 2006-09-27 2008-12-19 Trusted Logic Sa SYSTEM AND METHOD FOR SECURING DATA.
KR100923456B1 (en) * 2007-02-23 2009-11-09 삼성전자주식회사 Apparatus and method for managementing digital right management contents in portable terminal
WO2009063406A2 (en) * 2007-11-14 2009-05-22 Nxp B.V. Electronic system and method of operating an electronic system
US20100260476A1 (en) * 2009-04-13 2010-10-14 Cloutman John F Method and apparatus for secure configuration of electronic devices
US20120095877A1 (en) * 2010-10-19 2012-04-19 Apple, Inc. Application usage policy enforcement
DE102015216082A1 (en) * 2015-08-24 2017-03-02 Siemens Aktiengesellschaft Method and memory module for secure writes and / or reads on the memory module
FR3061586A1 (en) * 2016-12-30 2018-07-06 Idemia France METHOD FOR CONTROLLING USE HABITS AND ELECTRONIC DEVICE CAPABLE OF IMPLEMENTING SUCH A METHOD
JP7354713B2 (en) * 2019-09-19 2023-10-03 富士フイルムビジネスイノベーション株式会社 Information processing device and program

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4658093A (en) * 1983-07-11 1987-04-14 Hellman Martin E Software distribution system
US5327563A (en) * 1992-11-13 1994-07-05 Hewlett-Packard Method for locking software files to a specific storage device
US5958051A (en) * 1996-11-27 1999-09-28 Sun Microsystems, Inc. Implementing digital signatures for data streams and data archives

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0133317A1 *

Also Published As

Publication number Publication date
JP2003513388A (en) 2003-04-08
KR20010100011A (en) 2001-11-09
WO2001033317A1 (en) 2001-05-10

Similar Documents

Publication Publication Date Title
EP1141808A1 (en) Assuring data integrity via a secure counter
EP0895148B1 (en) Software rental system and method for renting software
AU767286B2 (en) Methods and apparatus for protecting information
CA2242596C (en) System for controlling access and distribution of digital property
US8997243B2 (en) Temporal proximity to verify physical proximity
EP0302710A2 (en) A method of controlling the use of computer programs
US8769675B2 (en) Clock roll forward detection
EP2264640B1 (en) Feature specific keys for executable code
JPH06324858A (en) Software use amount managing system and storage medium with software used amount managing function
EP1335365A2 (en) Data storage apparatus and method
US20090144563A1 (en) Method of detecting data tampering on a storage system
US20060015860A1 (en) System and method for storing attributes in a file for processing an operating system
US20080275917A1 (en) Itso Fvc2 Application Monitor
US20060155652A1 (en) Expiring encryption
WO1998053384A1 (en) Method and apparatus for activating programs/features in a computer
JP2006107305A (en) Data storage device
JP2001154577A (en) Device and method for electronically storing original document property and computer-readable recording medium with recorded program for the method to be executed by computer
JP2006190011A (en) Radio ic chip, decoding system using the same, program to be used for the same, recording medium with the program recorded thereon, decoding method, and installation method of program
WO1999035582A1 (en) A computer software activation system and a method of authenticating computer software
JP2001344074A (en) Device for reading data and method for controlling its operation
JPH0438523A (en) Program execution permitting system

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

17P Request for examination filed

Effective date: 20011112

RBV Designated contracting states (corrected)

Designated state(s): DE ES FR GB IT

17Q First examination report despatched

Effective date: 20040422

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20060225