GB2243701A - Controlling access to computer system features - Google Patents
Controlling access to computer system features Download PDFInfo
- Publication number
- GB2243701A GB2243701A GB9105482A GB9105482A GB2243701A GB 2243701 A GB2243701 A GB 2243701A GB 9105482 A GB9105482 A GB 9105482A GB 9105482 A GB9105482 A GB 9105482A GB 2243701 A GB2243701 A GB 2243701A
- Authority
- GB
- United Kingdom
- Prior art keywords
- cpu
- computer system
- sequence
- bytes
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 230000004044 response Effects 0.000 claims abstract description 3
- 238000000034 method Methods 0.000 claims description 8
- 230000006870 function Effects 0.000 claims description 2
- 241001470502 Auzakia danava Species 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 3
- 230000003213 activating effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000000630 rising effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
A computer system is designed for use with a removable and insertable program source, such as a ROM cartridge 9 or floppy disk 12, and includes a CPU 1 for executing stored program instructions either directly from the ROM cartridge or after being read into a RAM memory 3. A video/sound generating chip 2 provides basic features open to all programs and enhanced features open only to selected programs. Access to the enhanced features is controlled by comparing a sequence of bytes outputted by the CPU in response to the program instructions with a reference sequence provided by a pseudo-random sequence generator (Figure 2), and enabling the enhanced features in dependence upon the result of the comparison. <IMAGE>
Description
COMPUTER SYSTEM
This invention relates to computer systems and in particular to a computer which receives its software program from a removable program source such as a ROM cartridge, floppy disk, or cassette tape.
It is common practice for a computer to be designed and manufactured by a company specialising in hardware, and for software for this computer to be written and sold by many different specialist software companies. This software may cover many diverse applications, may be provided by a wide range of competing vendors, and may be available in different media formats, including cassette tape, floppy disk and ROM cartridge. In such circumstances the hardware vendor, manufacturing the computer, may be unable to regulate or control the quality or suitability of such software. He will however, make every effort to ensure that any design or manufacturing changes to the computer will not make it incompatible with software written for previous generations of this same computer.
It is often possible for the manufacturer to achieve desirable reductions in manufacturing cost or increases in product reliability by incorporating the latest advances in technology whilst not affecting compatibility with previous generations of software. Such changes, however, cannot affect the features of the computer such as the number of display modes or the music and sound generation facilities.
However, the computer manufacturer may wish to upgrade his computer by adding enhanced features, such as extra display modes or new sound and music generating facilities, whilst still maintaining the previously available features and also maintaining-compatibility with previous generations of software.
In such a case, the computer designer must recognise that his computer must operate correctly, firstly, with enhanced software that has been written with knowledge of the new enhanced features and designed specifically to exploit them and secondly, with old software that was written without knowledge of the new enhanced features. In particular, the computer designer must ensure that old software does not accidentally activate the new features. The computer requires a method of ensuring that the new enhanced features are only available to new software which has been written with a full understanding of how to correctly use these new features.
Previously, computer manufacturers have sometimes published specifications for their products which indicate that certain areas of the I/O and memory map are reserved for future expansion or enhancement. However, there are cases where such reservations are not made.
Also, previously, some computer manufacturers wishing to enhance their products have sought to control the quality or suitability of third party software by, for example, publishing lists of suitable software. Such a method is only applicable when the number of software titles to be qualified is known and manageably small.
Also, previously, some computer manufacturers have insisted that software to be used with the new, enhanced features must be fitted with a hardware key, otherwise known as a "dongle". Such a method requires the expense of firstly, qualifying the software to check its suitability for use with the new computer, and secondly, the expense of fitting a hardware key or "dongle" to each item of software sold.
In United States Patent 4 462 076 is proposed a system which authenticates a removable cartridge, by requiring the CPU to read and check the contents of selected locations in the cartridge. A similar approach is used in the Commodore 64 computer system, see
Commodore 64 Programmer's Reference Guide, 1982, Commodore Business
Machines Inc., page 263. Such proposals require the computer to have special firmware (e.g. ROM software) to enable it to look for the authentication code.
European Patent Specification 67 875 and United States
Patent 4 688 169 both describe systems in which a machine-specific code or "signature" is written on each copy of a program so that it will only run on one specific machine identified by that code or signature. Again it is necessary for the microprocessor to check that particular location of the program tape.
In another instance, European Patent Specifications 206 704 and 217 668 describe a ROM cartridge which contains its own microprocessor so that the output of that microprocessor can be compared with that of a corresponding device in the main computer to authenticate the cartridge. However, having a microprocessor in the ROM cartridge is both expensive and complex.
According to the invention there is provided a computer system comprising a removable and insertable program source, memory means for storing program instructions, a CPU for executing stored program instructions, feature means containing features accessed by instructions from the CPU, and access enabling means for enabling access to at least selected ones of the features, the access enabling means comprising means for comparing a sequence of bytes outputted by the CPU in response to the program instructions with a reference sequence of bytes, and for enabling the selected features in the feature means in dependence upon the result of the comparison.
In the present invention the program itself causes the CPU to output a sequence of bytes. Only when that happens, and when the thus-generated sequence agrees with the reference sequence, are the additional enhanced features made available to the program.
The invention also provides a program source, such as a ROM cartridge etc., for use in the computer system, and a method of selectively enabling functions in a computer system.
The present invention has the advantage of being simple to implement, requiring only that the processor, under software control, writes a predetermined sequence of values to a specified port location to make the enhanced features available. No special built-in firmware, such as might be necessary in computers which look for security codes" at specific addresses within the program source, is required. No separate microprocessor is required in the program source.
The invention will now be described in more detail, by way of example, with reference to the accompanying drawings, in which:
Figure 1 is a block diagram of a computer system embodying the invention;
Figure 2 is a block circuit diagram illustrating lock circuitry within the video/sound generating chip in the system of
Figure 1;
Figure 3 is a flow chart illustrating the steps in a successful attempt to unlock the new enhanced features in the computer;
Figure 4 is a flow chart illustrating the steps in an unsuccessful attempt to unlock the new features; and
Figure 5 is a flow chart illustrating the steps in a successful attempt to lock the new features.
Figure 1 shows a computer having a CPU 1 (central processing unit) which executes instructions from the applications software currently loaded. This software is loaded through a bus 25 into
RAM (random access memory) 3 and may originate from a ROM (read only memory) cartridge 9 plugged onto the CPU bus via a ROM cartridge connector 8, or a floppy disk 12, the contents of which are read via a floppy disk drive 11 and floppy disk controller 10; or a cassette tape 14, the contents of which are read via a cassette deck 13.
Although particularly suitable for use with a ROM cartridge, this invention is not limited to any particular method of loading software. When the program is on disk or tape it is downloaded to
RAM. This mode of operation is also possible when the program is a
ROM cartridge, although it is preferred that the CPU will execute instructions one by one directly from the cartridge. In the following description it will be assumed that the program is downloaded to RAM, this being applicable to all three types of program source.
The CPU executes instructions during the normal course of running software which read and write the contents of RAM memory 3; read the status of a keyboard 7, and read and write internal registers and memory in a video/sound generating chip 2 that control the video and sound features of the computer. These internal registers and memory include some concerned with controlling the old or basic features and also extra ones concerned with the new or enhanced features. The basic features are open to all programs but the enhanced features are open only to those programs written with these enhanced features specifically in mind. The chip 2 also provides the communication path for the keyboard 7 and RAM 3 within the bus 25.
Also included in the video/sound generating chip 2 is a lock circuit that prevents old software from accidentally activating the new features. This lock has two states. When locked the new enhanced features are not accessible to the CPU, when unlocked, these features are available.
Figure 2 shows the details of the lock circuitry inside the video/sound generating chip. This comprises a pseudo-randombinary-sequence (PRBS) generator consisting of flip-flops 15 to 22 and their associated exclusive-OR gates. The flip-flops 15 to 22 in practice operate as two PRBS generators, each four bits wide, to give an overall eight-bit wide PRBS. The construction of a PRBS generator is well known and basically comprises a shift register with a number of stages, four as shown, the outputs of selected stages being combined and fed back as the input to the first stage.
The PRBS generator can take sixteen different states including the all-zero states. Each state has a unique 8-bit value appearing on bus PRBS (7:0). The sixteen states are referred to as PRBS (O) to
PRBS (15). As is well known with PRBS generators, wherein ~ is the number of stages in the register, the PRBS generator is capable of generating a pseudo-random sequence of 0's and l's. The sequence repeats with a length which, provided the connections to the gates are correctly chosen, has a maximum of m ~ = 2 n - 1.
The state of the lock is determined by the flip-flop 24 with output signal ENF. When ENF is zero the enhanced features are disabled (locked). When ENF is one, the enhanced features are enabled and available to the CPU (unlocked).
The PRBS generator advances its state whenever the CPU excecutes an output instruction to Port A, this being a port within the video/sound chip 2 by which the lock circuit interfaces to the bus 25, such that an output instruction to Port A is an output instruction to the lock. Such an output instruction results in a pulse on signal CP which clocks the eight flip-flops 15 to 22 comprising the PRBS generator.
During the rising (active) edge of this pulse the CPU data bus appears on bus DI (7:0) and is compared with the PRBS state PRBS (7:0) in an 8-bit comparator 23. Thus, for example, if PRBS (7:0) equals 3F (hex) and the CPU executes an instruction outputting data value 3F (hex) to port A, the PRBS generator will advance a state with the comparator 23 output indicating a true comparison.
On each positive edge of the clock pulse (CP), the PRBS generator will either: a) advance through its sequence, if the data on DI (7:0) matches the PRBS state PRBS (7:0), orb) set to all l's, i.e. restart the sequence from the beginning if the comparator indicates that DI (7:0) does not match PRBS (7:0).
On each positive clock edge (CP), the output flip-flop 24 will either: a) go to a 0 state (locked) if the PRBS is at state PRBS 14, or b) go to a 1 state (unlocked) if the PRBS is at state PRBS 15, or c) hold its previous state.
The CPU output is of course dependent upon the program loaded in it. This program is derived from the program source, namely the ROM 9, floppy disk drive 12 or casette tape 14. Thus the computer can tell by the comparison described above whether the software on the ROM, floppy disk or tape has been written with the enhanced features or not. Only if it has been written with the enhanced features in mind are these features unlocked so as to be made available to the software. Thus software which was written before the advent of the enhanced features can not inadvertently invoke them or corrupt them.
Whenever it is necessary to operate the lock and the state of the PRBS generator is unknown it must be synchronised by first writing all l's and then writing all 0's. This will cause the PRBS to reset.
Figures 3, 4 and 5 show sequences of CPU output data values to activate the lock. These figures are self-explanatory and are therefore not here described in detail. Figure 3 is a flow chart showing the steps involved in a successful attempt to unlock the enhanced features. Figure 4 is a flow chart showing the steps involved in an unsuccessful attempt to lock or unlock the enhanced features. Figure 5 is a flow chart showing the steps involved in a successful attempt to lock the new features. The boxes shown contain hexadecimal values to be written to Port A. Also PRBS (0-15) represent the PRBS states in order.
The system is thus seen to comprise two parts. The first is a hardware lock mechanism, that compares data values written by the CPU to Port A with the state of a PRBS generator; and the second a software routine to send the correct sequence of data values, PRBS (0-15) to Port A. This sequence of values is deliberately chosen to be so obscure that the probability of old software accidentally activating the key is so small as to be negligible. This software may be implemented in many different forms; e.g. it may contain a series of output instructions each with an associated data operand corresponding to the PRBS state; it may, alternatively, comprise a loop with an associated look-up table.
The system described does not require detailed control by the computer manufacturer of the software to be run on it, and yet does not require the use of a dongle or the like. The invention can be used where no reservation of areas of the 1/0 and memory map has been made.
The invention is not limited to any particular software technique or program structure, but encompasses any software that can output the correct sequence of data values. Further, it is not restricted to any particular media for storing the program and in particular, encompasses ROM cartridge, floppy disk and cassette.
Claims (10)
1. A computer system comprising:
a removable and insertable program source;
memory means for storing program instructions;
a CPU for executing stored program instructions;
feature means containing features accessed by instructions from the CPU; and
access enabling means for enabling access to at least selected ones of the features;
the access enabling means comprising means for comparing a sequence of bytes outputted by the CPU in response to the program instructions with a reference sequence of bytes, and for enabling the selected features in the feature means in dependence upon the result of the comparison.
2. A computer system according to claim 1, in which the program source comprises a ROM cartridge.
3. A computer system according to claim 2, in which the memory means is at least in part comprised by the ROM cartridge and the CPU directly executes instructions held in the ROM cartridge.
4. A computer system according to claim 1, in which the program source comprises a floppy disk.
5. A computer system according to claim 1, in which the program source comprises a cassette tape.
6. A computer system according to claim 2, 4 or 5, in which the memory means comprises a memory accessible to the CPU and not within the removable program source, and further comprising loading means for loading a program in the progam source into the memory for execution by the CPU.
7. A computer system according to any preceding claim, in which the access enabling means comprises a pseudo-random binary sequence generator to generate the reference sequence of bytes.
8. A removable program source for use in a system in accordance with any preceding claim and comprising means for causing the CPU to execute program instructions such as to output a sequence of bytes for comparison in the access enabling means with the said reference sequence.
9. A method of selectively enabling functions in a computer system having a CPU, the method comprising the steps of connecting a removable and insertable program source to the computer system, executing instructions stored in the CPU such as to output a sequence of bytes, comparing the thus-outputted sequence of bytes with a reference sequence of bytes, and selectively enabling access by the CPU to selected operating features in dependence upon the result of the comparison.
10. A method according to claim 9, in which the reference sequence comprises a pseudo-random binary sequence.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB909005916A GB9005916D0 (en) | 1990-03-16 | 1990-03-16 | Computer system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| GB9105482D0 GB9105482D0 (en) | 1991-05-01 |
| GB2243701A true GB2243701A (en) | 1991-11-06 |
Family
ID=10672710
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB909005916A Pending GB9005916D0 (en) | 1990-03-16 | 1990-03-16 | Computer system |
| GB9105482A Withdrawn GB2243701A (en) | 1990-03-16 | 1991-03-15 | Controlling access to computer system features |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB909005916A Pending GB9005916D0 (en) | 1990-03-16 | 1990-03-16 | Computer system |
Country Status (4)
| Country | Link |
|---|---|
| ES (1) | ES2026091A6 (en) |
| FR (1) | FR2659763A1 (en) |
| GB (2) | GB9005916D0 (en) |
| IT (1) | IT1245221B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2268605B (en) * | 1992-07-08 | 1996-09-04 | Mitel Corp | Option selection and control |
| GB2366028A (en) * | 2000-02-08 | 2002-02-27 | Ibm | Software execution control using pseudo-random binary sequence program interlocks |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW230247B (en) * | 1992-10-01 | 1994-09-11 | Hardson Kk |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0067875A1 (en) * | 1980-12-29 | 1982-12-29 | Fanuc Ltd. | System for executing a program |
| US4462076A (en) * | 1982-06-04 | 1984-07-24 | Smith Engineering | Video game cartridge recognition and security system |
| EP0217668A2 (en) * | 1985-10-04 | 1987-04-08 | Nintendo Co. Limited | A cartridge for gaming machine and a gaming machine using the same |
| US4688169A (en) * | 1985-05-30 | 1987-08-18 | Joshi Bhagirath S | Computer software security system |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA1183276A (en) * | 1981-11-25 | 1985-02-26 | Charles B. Heffron | Method for identifying a system-allied physically separable program memory and a data processing system utilizing said method |
| US4777590A (en) * | 1984-10-29 | 1988-10-11 | Pictorial, Inc. | Portable computer |
| CA1270339A (en) * | 1985-06-24 | 1990-06-12 | Katsuya Nakagawa | System for determining a truth of software in an information processing apparatus |
| JPS62192836A (en) * | 1986-02-20 | 1987-08-24 | Nec Corp | Enciphered storage device |
-
1990
- 1990-03-16 GB GB909005916A patent/GB9005916D0/en active Pending
-
1991
- 1991-03-13 IT ITMI910669A patent/IT1245221B/en active IP Right Grant
- 1991-03-14 ES ES9100662A patent/ES2026091A6/en not_active Expired - Lifetime
- 1991-03-15 GB GB9105482A patent/GB2243701A/en not_active Withdrawn
- 1991-03-15 FR FR9103217A patent/FR2659763A1/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0067875A1 (en) * | 1980-12-29 | 1982-12-29 | Fanuc Ltd. | System for executing a program |
| US4462076A (en) * | 1982-06-04 | 1984-07-24 | Smith Engineering | Video game cartridge recognition and security system |
| US4688169A (en) * | 1985-05-30 | 1987-08-18 | Joshi Bhagirath S | Computer software security system |
| EP0217668A2 (en) * | 1985-10-04 | 1987-04-08 | Nintendo Co. Limited | A cartridge for gaming machine and a gaming machine using the same |
Non-Patent Citations (1)
| Title |
|---|
| Commodore 64 Programmer's Reference Guide, 1983, CBM Inc & Howard W Sams & Co, pp 262,263,269. * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2268605B (en) * | 1992-07-08 | 1996-09-04 | Mitel Corp | Option selection and control |
| GB2366028A (en) * | 2000-02-08 | 2002-02-27 | Ibm | Software execution control using pseudo-random binary sequence program interlocks |
| GB2366028B (en) * | 2000-02-08 | 2004-08-18 | Ibm | Software execution control using pseudo-random binary sequence program interlocks |
| US6789199B1 (en) | 2000-02-08 | 2004-09-07 | International Business Machines Corporation | Tamper resistance with pseudo-random binary sequence program interlocks |
Also Published As
| Publication number | Publication date |
|---|---|
| ITMI910669A1 (en) | 1992-09-13 |
| ES2026091A6 (en) | 1992-04-01 |
| IT1245221B (en) | 1994-09-13 |
| FR2659763A1 (en) | 1991-09-20 |
| GB9005916D0 (en) | 1990-05-09 |
| GB9105482D0 (en) | 1991-05-01 |
| ITMI910669A0 (en) | 1991-03-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6453417B1 (en) | Microcontroller with secure signature extraction | |
| US5963142A (en) | Security control for personal computer | |
| AU635550B2 (en) | An apparatus and method for decreasing the memory requirements for bios in a personal computer system | |
| US5022077A (en) | Apparatus and method for preventing unauthorized access to BIOS in a personal computer system | |
| CA2020523C (en) | Inital bios load for a personal computer system | |
| US6145085A (en) | Method and apparatus for providing remote access to security features on a computer network | |
| US6212578B1 (en) | Method and apparatus for managing dependencies in a distributed computing environment for ensuring the safety of remote procedure calls | |
| US6094702A (en) | Method and apparatus for enabling access to computer system resources | |
| US6226740B1 (en) | Information processing apparatus and method that uses first and second power supplies for reducing booting time | |
| US20030084316A1 (en) | System and method for securing a computer | |
| JPS58208849A (en) | Preventor for unauthorized reading of program word | |
| KR100319838B1 (en) | Personal computer with security device, security method thereof, and installation and removal method of the security device | |
| WO1999063707A1 (en) | Method of controlling usage of software components | |
| US5862368A (en) | Process to allow automatic microprocessor clock frequency detection and selection | |
| US6965977B2 (en) | Tamper-resistant method and data processing system using the same | |
| US5901311A (en) | Access key protection for computer system data | |
| US5222218A (en) | System with devices connected in sequence to receive information in a predetermined order | |
| US20090327569A1 (en) | Controlled frequency core processor and method for starting-up said core processor in a programmed manner | |
| WO1997036241A1 (en) | Method and apparatus for protecting data using lock values in a computer system | |
| GB2243701A (en) | Controlling access to computer system features | |
| US5938758A (en) | Microprocessor having function of prefetching instruction | |
| US5913057A (en) | Hidden headers for protecting computer system data | |
| JP4137877B2 (en) | ACPI control method name collision avoidance | |
| US5901285A (en) | Hierarchical erasure key protection for computer system data | |
| JPH0244431A (en) | Protective instruction taking out device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |