WO2001033317A1 - Integrite des donnees assuree via un compteur securise - Google Patents

Integrite des donnees assuree via un compteur securise Download PDF

Info

Publication number
WO2001033317A1
WO2001033317A1 PCT/EP2000/010285 EP0010285W WO0133317A1 WO 2001033317 A1 WO2001033317 A1 WO 2001033317A1 EP 0010285 W EP0010285 W EP 0010285W WO 0133317 A1 WO0133317 A1 WO 0133317A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
data
protected data
usage parameter
parameter
Prior art date
Application number
PCT/EP2000/010285
Other languages
English (en)
Inventor
Michael A. Epstein
Antonius A. M. Staring
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Priority to KR1020017008315A priority Critical patent/KR20010100011A/ko
Priority to JP2001535142A priority patent/JP2003513388A/ja
Priority to EP00972806A priority patent/EP1141808A1/fr
Publication of WO2001033317A1 publication Critical patent/WO2001033317A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • G06F3/0622Securing storage systems in relation to access
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect

Definitions

  • This invention relates to the field of data security, and in particular to means for determining the integrity of data that changes with time.
  • some data may have limits imposed for the number of times the data may be accessed, or the number of days that the data may be accessed.
  • a "try-before-you-buy" software application will typically control the number of times the application can be used.
  • a video playback system may be configured to control the number of times a recorded program is accessed, based on a purchased limited use license. To effect such a system, a usage parameter must be maintained. If this usage parameter is merely stored at a memory location, the access security system can be overcome by merely writing a new value to the memory location as required.
  • a more sophisticated system may embed the usage parameter into an item that is bound to the limited-access material in a secure manner.
  • European patent EP0906700 "Method and system for transferring content information and supplemental information related thereto", issued 7 April 1999 to Johan
  • P.M.G. Linnartz et al presents a technique for the protection of copyright material via the use of a watermark "ticket" that controls the number of times the protected material may be rendered, and is incorporated by reference herein.
  • a common technique for overcoming a limited-access security systems is a "replay attack", wherein a copy of the usage parameter is recorded before its expiration is expired, and this recording is used to replay, or re-access, the material beyond the authorized access limits.
  • the usage parameter is bound to the data being protected, such as via a watermark-based security system, the content material and all bound parameters are recorded, for subsequent replacement, or "replay", as an authorized version of the material.
  • a financial database may contain internal checks that facilitate a determination of counterfeit entries.
  • a replay attack can be affected by obtaining a copy of a valid entry, such as a record or set of records showing a large balance in an account, then repeatedly substituting this record or set of records after withdrawing funds from the account.
  • This object and others are achieved by providing a system that includes a secure means of storing a usage parameter that is associated with each usage of the database, and a binding parameter that binds the usage parameter to the data that is being protected.
  • the usage parameter is incremented and the binding parameter is updated, based on this new usage parameter.
  • the stored binding parameter is compared to a value corresponding to the binding of the current value of the usage parameter with the data. If either the current value of the usage parameter differs from the usage parameter that was used to produce the binding parameter, or the current data differs from the data that was used to produce the binding parameter, the new binding value will not correspond to the stored binding parameter, and access is denied.
  • the usage parameter is a value that is contained in a sequential counter. In this manner, a sequential access to the protected data can be enforced, thereby precluding a replay attack. Note that the data being protected may be data that is used to control access to other protected material, thereby expanding the scope of security protection to this other protected material.
  • Fig. 1 illustrates an example block diagram of an access-control security system in accordance with this invention.
  • Fig. 2 illustrates an example block diagram of an alternative access-control security system in accordance with this invention.
  • Fig. 3 illustrates an example flow diagram for an access-control security system in accordance with this invention.
  • Fig. 1 illustrates an example block diagram of an access-control security system 100 that controls access to the contents of a database 150.
  • An access controller 120 receives an access request 101, and grants the request only if the database 150 is authenticated as being current.
  • a secure module 110 contains a counter 111 that maintains a usage parameter 111' that is incremented with each access to the controlled database 150.
  • this usage parameter 111 ' is bound to the database 150, preferably by computing a hash value 131 corresponding to the data base 150 and the usage parameter 111', via a hash generator 130.
  • a counter 111 is presented herein as a paradigm for a device that provides a substantially unique value with each access to the database.
  • a random number generator or other 'unique value generator' can be used in lieu of the counter 111 to uniquely identify each access to the database 150.
  • the number of times that the protected database 150 is access can also be determined, and usage-limiting rules can be enforced, as discussed further below.
  • the hash generator 130 provides a one-way computation of a hash value based on a set of input values, such that knowledge of the hash value provides no information regarding the value of any of the set of input values. Most significantly, it is computationally infeasible to determine a set of input values that will produce a specified hash value 131. A change of any item in the database 150 or the usage parameter 111' data item will produce a different hash value 131. That is, each access to the database 150 in accordance with this invention generates a unique hash value 131 whose value depends upon the usage parameter 111' and the contents of the data base 150. In some applications, the contents of the database is fixed; for example, a CD or DVD recording of entertainment material.
  • the database is modifiable. If the database can be modified, a preferred embodiment of this invention uses the database to store the usage parameter 111', thereby eliminating the need to provide an access counter 111 in the secure module 110. Storing the usage parameter 111 ' in the database 150 also eases the hash generation task at 130, because hash routines are commonly available that compute a hash value corresponding to a data file.
  • the access count device 111 is illustrated in the figures as being contained in the secure module 110, as the more general solution (independent of whether the database 150 is modifiable).
  • the usage parameter 111 ' is illustrated as being associated with the database 150, via the dashed block, indicating that the usage parameter 111' is used in computing the hash 131, regardless of whether the usage parameter 111' is stored in the database 150 directly, or in an access count device 111 within the secure module 110.
  • the unique hash value 131, or a parameter based on this unique hash value 131 is stored in the secure module, as an authentication code 112.
  • the usage parameter 111' is changed, a new hash value 131 is computed, and a new authentication code 112 is stored, replacing the prior authentication code.
  • a hash 131 of the current database 150 and usage parameter 111 ' is computed, and compared to the stored authentication code 112. If the usage parameter 111' is not included within the database 150, the current value of the access counter 111 is used to compute the new hash value 131.
  • the hash 131 of this substitute database will not match the stored authentication code 112, and access is denied. If the current database 150 is the latest version of the database, the hash 131 will match the stored authentication code 112, and access will be granted.
  • this invention provides a secure system and method for determining whether a current copy of a database corresponds to the latest version of a database. In addition to preventing successful replay attacks, this invention also protects against unauthorized modifications to the database. Conventional security techniques may be included in the access control 120 to assure that only authorized users are permitted to modify the database, including the use of passwords, cryptographic keys, access cards, smart cards, and the like. If the database is modified by a system other than one with access to the secure module 110, a new authentication code 112 will not be generated for this modified database, and therefore an attempt to substitute this modified database for the latest authorized database will fail.
  • each transaction is gated by an access controller 120 having access to the secure module 110; any substituted records in the database 150 will result in an access denial, as discussed above. Additional access controls may also be employed. If the database 150 has a limit to the number of times it may be accessed, corresponding, for example, to a limited use license, the usage parameter 111 ' is used to determine whether the number of accesses is within the limit. If the usage parameter 111' indicates that the limit has been reached, access is denied.
  • Fig. 2 illustrates an example block diagram of an alternative access-control security system 200 in accordance with this invention.
  • system 100 of Fig. 1 it is assumed that the usage parameter 111 ' is bound directly to the contents of the database 150.
  • the usage parameter 111 ' is bound indirectly to the contents of a plurality of databases 250a, 250b.
  • a hash value 230a, 230b is computed and stored in the database 150 for each of the plurality of databases 250a, 250b.
  • a hash value 131 is computed based on the contents of the database 150 and the usage parameter 111', and stored as the authentication code 112, as discussed above.
  • the access controller 120 authenticates each dataset 250a, 250b by comparing a hash of its contents to the stored value in the current database 150, and authenticates the current database 150 by comparing its hash value 131 to the stored authentication code 112.
  • a usage record 251 is included within the corresponding database 250a, 250b, and the value of this usage record 251 is thereby included in the determination of the hash value 230a, 230b that is stored in the database 150.
  • Fig. 3 illustrates an example flow diagram for an access-control security system in accordance with this invention.
  • an access request is received.
  • a hash of the database and usage parameter is computed, at 320, and compared to an authentication code that is stored in a secure location, at 330. If, at 335, the hash does not correspond to the stored authentication code, access is denied, at 340. If, at 335, the hash corresponds to the stored authentication code, the usage parameter is incremented, at 350. As noted above, this usage parameter may be stored in the associated database, or in the secure location that contains the authentication code, at 360. After incrementing, or otherwise modifying, the usage parameter, access to the database is granted, at 370.
  • a hash of the database, with the usage parameter is computed, at 380, and stored as the new authentication code in the secure location, at 390.
  • Alternative flows will be evident to one of ordinary art. For example, in the illustrated flow of Fig. 3, a discontinuity of flow 360-390 will result in a stored usage parameter that does not correspond to the stored authentication code.
  • Techniques common in the art can be used to assure a synchronization between the usage parameter and authentication code is maintained. For example, each time the usage parameter or database is changed, a corresponding authentication code can be generated and stored in a temporary location, and a recovery routine can be provided to recover the latest versions of the database, usage parameter, and authentication code in the event of a discontinuity of flow in the sequence of Fig. 3.
  • a solid-state memory module with smart card functionality may comprise the secure module 110.
  • the secure module 110 may be embodied as an encoding that only 'compliant devices' are able to read or write, a compliant device being one that is manufactured by manufacturers who agree to abide by certain rules and standards established for protecting recorded material.
  • the encoding may include the use of cryptographic keys that are secret to the complying manufacturers, or may include the use of special purpose hardware devices for reading and writing the secured information.
  • the secure module, the database, and the access controller may each be embodied as discrete components.
  • the secure module may be a smart card
  • the database may be a file on a remote computer, or at a site on the Internet
  • the access controller may be an embedded program in a processor of a playback device.
  • the security of the secure module may be provided via the use of encryption keys and the like, and therefore the entire system can be embodied as a software application.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Mathematical Physics (AREA)
  • Databases & Information Systems (AREA)
  • Human Computer Interaction (AREA)
  • Storage Device Security (AREA)

Abstract

Selon l'invention, un système de contrôle d'accès comprend un compteur et un emplacement mémoire sécurisé configuré pour contenir un paramètre qui associe les contenus du compteur aux données protégées. Chaque fois que l'on accède à une donnée, le compteur est incrémenté et le paramètre d'association est mis à jour en fonction de ce nouveau compte. Lorsqu'un accès subséquent est requis, le paramètre d'association stocké est comparé à une valeur correspondant à l'association entre la valeur courante du compteur et la donnée. Si la valeur courante du compteur diffère du compte utilisé pour créer le paramètre d'association, ou si la donnée courante diffère de la donnée utilisée pour créer le paramètre d'association, la nouvelle valeur d'association ne correspondra pas au paramètre d'association stocké, et l'accès sera refusé. De cette façon, un accès séquentiel aux données protégées peut être mis en oeuvre, empêchant ainsi un piratage de réexécution. Il faut souligner que la donnée qui est protégée peut être la donnée utilisée pour contrôler l'accès à d'autre matériau protégé, élargissant ainsi le champ d'application de la protection sécurisée à cet autre matériau protégé.
PCT/EP2000/010285 1999-10-29 2000-10-18 Integrite des donnees assuree via un compteur securise WO2001033317A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
KR1020017008315A KR20010100011A (ko) 1999-10-29 2000-10-18 보안 카운터를 경유하여 데이터 통합성을 보증하는 방법
JP2001535142A JP2003513388A (ja) 1999-10-29 2000-10-18 安全性が確保されたカウンタによりデータ信頼性を保証するシステム及び方法
EP00972806A EP1141808A1 (fr) 1999-10-29 2000-10-18 Integrite des donnees assuree via un compteur securise

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US16250399P 1999-10-29 1999-10-29
US60/162,503 1999-10-29
US63672400A 2000-08-11 2000-08-11
US09/636,724 2000-08-11

Publications (1)

Publication Number Publication Date
WO2001033317A1 true WO2001033317A1 (fr) 2001-05-10

Family

ID=26858817

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2000/010285 WO2001033317A1 (fr) 1999-10-29 2000-10-18 Integrite des donnees assuree via un compteur securise

Country Status (4)

Country Link
EP (1) EP1141808A1 (fr)
JP (1) JP2003513388A (fr)
KR (1) KR20010100011A (fr)
WO (1) WO2001033317A1 (fr)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002015184A1 (fr) * 2000-08-16 2002-02-21 Koninklijke Philips Electronics N.V. Procede et dispositif de controle de la repartition et l'utilisation de travaux numeriques
WO2003024099A2 (fr) * 2001-09-10 2003-03-20 Koninklijke Philips Electronics N.V. Procede et dispositif de mise en oeuvre d'un acces conditionnel
WO2004015579A1 (fr) * 2002-07-31 2004-02-19 Trek 2000 International Ltd. Procede et equipement de dispositif de stockage de chiffrement de cle d'antipiratage pour controler l'acces a des donnees sur des reseaux
WO2006022667A1 (fr) 2004-08-02 2006-03-02 International Business Machines Procede garantissant la fraicheur de resultats d'interrogations relativement a une memoire de donnees non sure
EP1644882A2 (fr) * 2003-07-14 2006-04-12 Aladdin Knowledge Systems Procede permettant d'indiquer l'integrite d'informations d'utilisation d'un programme informatique
KR100617321B1 (ko) 2004-12-14 2006-08-30 한국전자통신연구원 링크 암호화 공격을 차단하는 장치 및 그 방법
WO2007062941A2 (fr) * 2005-12-01 2007-06-07 Telefonaktiebolaget Lm Ericsson (Publ) Stockage de mémoire sûr et protégé contre une réexécution
EP1850256A1 (fr) * 2006-04-24 2007-10-31 Telefonaktiebolaget LM Ericsson (publ) Contrôle de versions pour autoriser l'installation de logiciels
EP1962219A2 (fr) * 2007-02-23 2008-08-27 Samsung Electronics Co., Ltd. Appareil et procédé pour la gestion de contenu de gestion de droits numériques dans un terminal portable
WO2009063406A2 (fr) * 2007-11-14 2009-05-22 Nxp B.V. Systeme electronique et procede d'exploitation associe
US7650470B2 (en) 2001-06-28 2010-01-19 Trek 2000 International, Ltd. Method and devices for data transfer
US7809958B2 (en) 2003-03-21 2010-10-05 International Business Machines Corporation Method for guaranteeing freshness of results for queries against a non-secure data store
WO2010120645A2 (fr) * 2009-04-13 2010-10-21 Rovi Solutions Corporation Procédé et appareil de sécurisation de la configuration de dispositifs électroniques
US8296582B2 (en) 1999-03-15 2012-10-23 Koninklijke Philips Electronics N.V. Method and system for providing copy-protection on a storage medium and storage medium for use in such a system
US8364981B2 (en) 2001-05-22 2013-01-29 Koninklijke Philips Electronics N.V. Record carrier for storing a digital work
DE102015216082A1 (de) * 2015-08-24 2017-03-02 Siemens Aktiengesellschaft Verfahren und Speichermodul für sicherheitsgeschützte Schreibvorgänge und/oder Lesevorgänge auf dem Speichermodul
US10943230B2 (en) * 2016-12-30 2021-03-09 Idemia France Method for monitoring usage patterns and electronic device capable of implementing such a method
US11475106B2 (en) 2010-10-19 2022-10-18 Apple Inc. Application usage policy enforcement

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2906380B1 (fr) * 2006-09-27 2008-12-19 Trusted Logic Sa Systeme et procede de securisation de donnees.
JP7354713B2 (ja) * 2019-09-19 2023-10-03 富士フイルムビジネスイノベーション株式会社 情報処理装置及びプログラム

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4658093A (en) * 1983-07-11 1987-04-14 Hellman Martin E Software distribution system
EP0845733A2 (fr) * 1996-11-27 1998-06-03 Sun Microsystems, Inc. Mise en oeuvre de signatures numériques de flux de données et d'archives
EP0881561A2 (fr) * 1992-11-13 1998-12-02 Hewlett-Packard Company Chiffrement de logiciels

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4658093A (en) * 1983-07-11 1987-04-14 Hellman Martin E Software distribution system
EP0881561A2 (fr) * 1992-11-13 1998-12-02 Hewlett-Packard Company Chiffrement de logiciels
EP0845733A2 (fr) * 1996-11-27 1998-06-03 Sun Microsystems, Inc. Mise en oeuvre de signatures numériques de flux de données et d'archives

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8296582B2 (en) 1999-03-15 2012-10-23 Koninklijke Philips Electronics N.V. Method and system for providing copy-protection on a storage medium and storage medium for use in such a system
WO2002015184A1 (fr) * 2000-08-16 2002-02-21 Koninklijke Philips Electronics N.V. Procede et dispositif de controle de la repartition et l'utilisation de travaux numeriques
US8364981B2 (en) 2001-05-22 2013-01-29 Koninklijke Philips Electronics N.V. Record carrier for storing a digital work
US7650470B2 (en) 2001-06-28 2010-01-19 Trek 2000 International, Ltd. Method and devices for data transfer
WO2003024099A2 (fr) * 2001-09-10 2003-03-20 Koninklijke Philips Electronics N.V. Procede et dispositif de mise en oeuvre d'un acces conditionnel
WO2003024099A3 (fr) * 2001-09-10 2003-11-20 Koninkl Philips Electronics Nv Procede et dispositif de mise en oeuvre d'un acces conditionnel
WO2004015579A1 (fr) * 2002-07-31 2004-02-19 Trek 2000 International Ltd. Procede et equipement de dispositif de stockage de chiffrement de cle d'antipiratage pour controler l'acces a des donnees sur des reseaux
GB2397923A (en) * 2002-07-31 2004-08-04 Trek 2000 Int Ltd Method and apparatus of storage anti-piracy key encryption (sake) device to control data access for networks
GB2397923B (en) * 2002-07-31 2005-04-06 Trek 2000 Int Ltd Method and apparatus of storage anti-piracy key encryption (sake) device to control data access for networks
AU2003217139B2 (en) * 2002-07-31 2006-04-27 Trek 2000 International Ltd. Method and apparatus of storage anti-piracy key encryption (SAKE) device to control data access for networks
AU2003217139B8 (en) * 2002-07-31 2006-05-18 Trek 2000 International Ltd. Method and apparatus of storage anti-piracy key encryption (SAKE) device to control data access for networks
US7809958B2 (en) 2003-03-21 2010-10-05 International Business Machines Corporation Method for guaranteeing freshness of results for queries against a non-secure data store
EP1644882A4 (fr) * 2003-07-14 2010-06-02 Aladdin Knowledge Systems Procede permettant d'indiquer l'integrite d'informations d'utilisation d'un programme informatique
EP1644882A2 (fr) * 2003-07-14 2006-04-12 Aladdin Knowledge Systems Procede permettant d'indiquer l'integrite d'informations d'utilisation d'un programme informatique
EP1782203A4 (fr) * 2004-08-02 2009-05-13 Ibm Procede garantissant la fraicheur de resultats d'interrogations relativement a une memoire de donnees non sure
WO2006022667A1 (fr) 2004-08-02 2006-03-02 International Business Machines Procede garantissant la fraicheur de resultats d'interrogations relativement a une memoire de donnees non sure
EP1782203A1 (fr) * 2004-08-02 2007-05-09 International Business Machines Procede garantissant la fraicheur de resultats d'interrogations relativement a une memoire de donnees non sure
KR100617321B1 (ko) 2004-12-14 2006-08-30 한국전자통신연구원 링크 암호화 공격을 차단하는 장치 및 그 방법
WO2007062941A2 (fr) * 2005-12-01 2007-06-07 Telefonaktiebolaget Lm Ericsson (Publ) Stockage de mémoire sûr et protégé contre une réexécution
WO2007062941A3 (fr) * 2005-12-01 2007-07-26 Ericsson Telefon Ab L M Stockage de mémoire sûr et protégé contre une réexécution
US7681050B2 (en) 2005-12-01 2010-03-16 Telefonaktiebolaget L M Ericsson (Publ) Secure and replay protected memory storage
EP1850256A1 (fr) * 2006-04-24 2007-10-31 Telefonaktiebolaget LM Ericsson (publ) Contrôle de versions pour autoriser l'installation de logiciels
WO2007121903A1 (fr) * 2006-04-24 2007-11-01 Telefonaktiebolaget L M Ericsson (Publ) Autorisation d'installation d'une version de logiciel
US8752205B2 (en) 2007-02-23 2014-06-10 Samsung Electronics Co., Ltd Apparatus and method for managing digital rights management contents in portable terminal
EP1962219A3 (fr) * 2007-02-23 2010-03-03 Samsung Electronics Co., Ltd. Appareil et procédé pour la gestion de contenu de gestion de droits numériques dans un terminal portable
EP1962219A2 (fr) * 2007-02-23 2008-08-27 Samsung Electronics Co., Ltd. Appareil et procédé pour la gestion de contenu de gestion de droits numériques dans un terminal portable
WO2009063406A3 (fr) * 2007-11-14 2010-04-22 Nxp B.V. Systeme electronique et procede d'exploitation associe
WO2009063406A2 (fr) * 2007-11-14 2009-05-22 Nxp B.V. Systeme electronique et procede d'exploitation associe
US8581692B2 (en) 2007-11-14 2013-11-12 Nxp B.V. Electronic system and method of operating an electronic system
WO2010120645A2 (fr) * 2009-04-13 2010-10-21 Rovi Solutions Corporation Procédé et appareil de sécurisation de la configuration de dispositifs électroniques
WO2010120645A3 (fr) * 2009-04-13 2011-01-13 Rovi Solutions Corporation Procédé et appareil de sécurisation de la configuration de dispositifs électroniques
US11475106B2 (en) 2010-10-19 2022-10-18 Apple Inc. Application usage policy enforcement
DE102015216082A1 (de) * 2015-08-24 2017-03-02 Siemens Aktiengesellschaft Verfahren und Speichermodul für sicherheitsgeschützte Schreibvorgänge und/oder Lesevorgänge auf dem Speichermodul
US10353830B2 (en) 2015-08-24 2019-07-16 Siemens Aktiengesellschaft Method and memory module for security-protected write processes and/or read processes on the memory module
US10943230B2 (en) * 2016-12-30 2021-03-09 Idemia France Method for monitoring usage patterns and electronic device capable of implementing such a method

Also Published As

Publication number Publication date
JP2003513388A (ja) 2003-04-08
EP1141808A1 (fr) 2001-10-10
KR20010100011A (ko) 2001-11-09

Similar Documents

Publication Publication Date Title
EP1141808A1 (fr) Integrite des donnees assuree via un compteur securise
EP0895148B1 (fr) Système de location de logiciels et méthode pour louer des logiciels
AU767286B2 (en) Methods and apparatus for protecting information
CA2242596C (fr) Systeme permettant d'agir sur l'acces a la propriete numerique et sur sa diffusion
US8997243B2 (en) Temporal proximity to verify physical proximity
EP0302710A2 (fr) Une méthode pour commander l'utilisation des programmes d'ordinateur
US8769675B2 (en) Clock roll forward detection
EP2264640B1 (fr) Clés spécifiques de fonctions pour code exécutable
JPH06324858A (ja) ソフトウェア使用量管理方式およびソフトウェア使用量管理機能を備えた記憶媒体
EP1335365A2 (fr) Dispositif et procédé de stockage de données
US20090144563A1 (en) Method of detecting data tampering on a storage system
US20060015860A1 (en) System and method for storing attributes in a file for processing an operating system
US20080275917A1 (en) Itso Fvc2 Application Monitor
US20060155652A1 (en) Expiring encryption
WO1998053384A1 (fr) Procede et appareil d'activation de programmes/fonctions dans un ordinateur
JP2006107305A (ja) データ記憶装置
JP2001154577A (ja) 原本性保証電子保存装置、原本性保証電子保存方法およびその方法をコンピュータに実行させるプログラムを記録したコンピュータ読み取り可能な記録媒体
JP2006190011A (ja) 無線icチップ、それを利用した暗号復号化システム、それに用いられるプログラム、そのプログラムが記録された記録媒体、暗号復号化方法、および、プログラムのインストール方法
WO1999035582A1 (fr) Systeme d'activation de logiciel et procede d'authentification de logiciel
JP2001344074A (ja) データ読み取り装置およびその動作制御方法
JPH0438523A (ja) プログラム実行許可方式

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP KR

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

WWE Wipo information: entry into national phase

Ref document number: 2000972806

Country of ref document: EP

ENP Entry into the national phase

Ref country code: JP

Ref document number: 2001 535142

Kind code of ref document: A

Format of ref document f/p: F

WWE Wipo information: entry into national phase

Ref document number: 1020017008315

Country of ref document: KR

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWP Wipo information: published in national office

Ref document number: 2000972806

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1020017008315

Country of ref document: KR

WWR Wipo information: refused in national office

Ref document number: 2000972806

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 2000972806

Country of ref document: EP