[go: up one dir, main page]

WO1997046932A1 - System for modifying computer related systems - Google Patents

System for modifying computer related systems Download PDF

Info

Publication number
WO1997046932A1
WO1997046932A1 PCT/US1997/000724 US9700724W WO9746932A1 WO 1997046932 A1 WO1997046932 A1 WO 1997046932A1 US 9700724 W US9700724 W US 9700724W WO 9746932 A1 WO9746932 A1 WO 9746932A1
Authority
WO
WIPO (PCT)
Prior art keywords
computer system
network
client
upgrade
control
Prior art date
Application number
PCT/US1997/000724
Other languages
French (fr)
Inventor
Sherman Lee
David G. Kyle
Original Assignee
Advanced Micro Devices, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Advanced Micro Devices, Inc. filed Critical Advanced Micro Devices, Inc.
Publication of WO1997046932A1 publication Critical patent/WO1997046932A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/629Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • This mvenuon relates to computer systems and, more particularly, to modifying computer related systems from a remote location.
  • Computer related systems contain many modifiable elements including hardware, firmware and software.
  • Computer hardware includes, but is not limited to, single and multiple processors and microprocessors, which are herein individually and collectively referred to as microprocessors, penpheral devices, and individual processing units or portions thereof.
  • Computer firmware includes, but is not limited to, programmable logic, read only memory, and other components in which control instructions such as microcode or program code can be mechanically, optically, electronically, or otherwise embedded
  • Computer software includes, but is not limited lo, any form of information or instructions for the computer provided in any media including, but is not limited to, tape, disk, cards, read only memory (ROM), or random access memory (RAM)
  • firmware is a combination of hardware with software embedded, it was similarly necessary to physically change components in order lo modify or upgrade the computer system.
  • the c ⁇ stomer Upon agreeing to the pnce, the c ⁇ stomer would provide credit card information to the provider and then verbally receive an activation code for the software. The customer would then have to use the activation code, for example, the customer would manually input it into the computer, to cause changes in the software
  • the present invention relates to a system in which a client computer system uses a predetermined activation code and includes the ability to access a server computer system through a communications network to receive modification cornmands based upon authentication of the activation code to cause modification of the server system.
  • the present invention provides an automated system for controlling other systems which include hardware, firmware, and software.
  • the present invention provides a system in which a client system may receive upgrade and other InformaUon through a communicauons network from a server system which is able to confirm the identity of the client system.
  • the present mvenUon further provides a mechanism for allowing a server system to determine the capability of a customer system and compatibility of upgrades or differing configurauons for use with the customer system.
  • the present invention still further provides a mechanism for the elimination of human error in the modification of hardware, firmware, and software.
  • the present invention further provides a client system which is uniquely identifiable.
  • the present invention still further provides a client system which will accept software only from an authorized server system.
  • the present invenUon s ll further provides a server system which can uniquely identify a client system.
  • the present invention still further provides a server system which will provide software only to an authorized client system.
  • FIG. 1 is a block diagram of an lllastrative system embodying the present invention
  • Fig. 2 is a block diagram of a client system that can be embodied in the system shown in Fig.
  • Fig 3 is a block diagram of a server system that can be embodied in the system shown in
  • Fig. 4 is a block diagram of a personal computer that can be embodied in the client system of Fig. 1 or in the server system of Fig. 1 ;
  • Fig. 5 is a partial flow chart of a process that is usable in the client system of Fig. 2;
  • Fig. 6 is another partial flow chart which shows the remainder of the process that is partially shown in Fig. 5 and that is usable in the client system of Fig. 2;
  • Fig. 7 is a partial flow chart of a process that is usable in the server system of Fig. 3; and Fig. 8 is another partial flow chart which shows the remainder of the process that is partially shown in Fig. 7 and that is usable in the server system of Fig. 3
  • Fig. 1 therein is shown an overall system 100 including client system*. 102, 104, and 106 which illustrate a few examples of what are called client systems in what follows. There can in fact be any of number of different types of client systems Client systems 102, 104, 106 that arc shown here include systems which are centered around customer computers such as personal assistants, palmtops, laptop computers, personal computers, workstations, mini computers, mainframe computers, or massively parallel computers.
  • Fig. 1 illustrates personal computer 102, workstation 104 and laptop computer 106, but could just as well include any of the mentioned type computers or other computers of that genre.
  • the client system 102 is shown connected to a local area network (LAN) 108, an example of which is an Ethernet system.
  • LAN local area network
  • Ethernet an Ethernet system
  • the client system 104 is shown connected to a wide area network (WAN) 110, which is exemplified by a TI or an ISDN connection. TI and ISDN systems are also well know m the art.
  • Client server 106 is shown connected to a plain old telephone system (POTS) 112, which is exemplified by a twisted pair of wires that are connectable between a network, like network 1 14, and a modem in a client system that may be located at a client's or other's site, like client system 106.
  • POTS plain old telephone system
  • Client systems 102, 104, 106 are connectable by way of LAN 108, WAN 110, POTS 1 12 through commumcatioas network 114 with server systems 122, 124 126 by way of LAN 1 16; WAN 11 ; or POTS 120 respectively.
  • Communications network 114 can be any type of interconnect where it is not necessary for the inputs or outputs to be known, just that they be lnterconnectable.
  • Network 114 can be a stnetly customer internal network, a standard telephone system, a high data transmission network, among other structures such as a cable system or a combination of network systems. In the illustrative embodiment it could be the standard telephone system which includes capability to interconnect though what has become known in the art as the Internet.
  • the communications network 114 is connected by LAN 1 1 , WAN 1 18, and POTS 120 respectively to server systems 122, 124, and 126. In that manner any of client systems 102, 104, 106 can communicate with any of server systems 122, 124, 126. It should also be noted that the communications network 114 as well as the various LAN 108, 1 16; WAN 110,118; and POTS 112, 120 can be cither wired or wireless systems. Wireless systems could include, but not be limited to, radio frequency and infrared systems.
  • server systems 122, 124, and 126 are systems typically operated or provided by hardware, firmware, and/or software vendors.
  • a typical client system 200 containing a computer 202 containing a computer 202.
  • Client system 200 of Fig. 2 could be substituted as any of client systems 102, 104 or 1 6 of Fig. 1 and is here desenbed as though it is any of those client systems.
  • the computer 202 could be any type of computer including a personal assistant, palmtop, laptop, personal, workstation, mini, mainframe, or massively parallel computers, but in the illustrative embodiment described here is a personal computer.
  • the computer 202 functions, among other things, as a controller and is operatively connectable to penpheral devices in the client system 200 such as a pnnter 204, monitor 206, extenor memory 208, and miscellaneous other devices 210.
  • the penpheral devices in addition could be smaller computers with microprocessors which have remote controllable deactivation and activation features to make them “green” penpheral devices which save power when they are not needed.
  • Such devices are sometimes called “green” systems in the art meaning when they are in an "off' state to save power they are referred to as “red” whereas when they are in an "on” state and using power they are referred to as “green” - much in the same sense as a traffic signal used on highways to direct automobile traffic.
  • This feature requires direct or indirect microprocessor to microprocessor communication such that the microprocessor in the computer 202 is capable of modifying the hardware, firmware, and software in the penpheral devices 204, 206, 208, 210.
  • the computer 202 is connectable by a communications interface 212 to the LAN 108, WAN 110 or POTS 112, but for purposes of this illustrative description are connected to LAN 108.
  • server system 300 having a computer 302 which could again be any type of computer such as a personal assistant, palmtop, laptop, desktop or personal, workstation, mini, mainframe, or massively parallel computer.
  • Server system 300 of Fig. 3 could be substituted as any server systems 122, 124 or 126 of Fig 1 and is here described as though it were any of those server systems and, in particular, in ihe illustrative embodiment of computer 302 within server system 300 is described as if it were a workstation
  • the computer 302 functions, among other things, as a controller and is operatively connectable to a number of different additional devices and systems such as the database 304, phone system 306, or other miscellaneous systems 308.
  • the database 304 could contain such information as various serial numbers that exist in systems, available features, configurations, prices, credit information, and activation codes.
  • the phone system 306 could be a backup system to handle unusual situations.
  • the miscellaneous devices 308 could include such systems as tracking systems to follow customer purchases and billing.
  • the computer 302 could be connected by a communication interface 310 to any of the LAN 116, WAN 118 or POTS 120, but for purposes of this illustrative description are connected to LAN 1 1 and thence to the communications network 114
  • COMPUTER 400 Refernng now to Fig.4, therein is shown the computer 400 which could be of a type to embody computer 202 of Fig. 2 or computer 302 of Fig 3 as a pan, respectively, of client system 200, 102, 104, 106 or server system 300, 122, 124, 126.
  • Computer 400 includes therein a microprocessor 402 that operates as a controller among other things.
  • microprocessor 402 can be any type of microprocessor manufactured by a number of companies such as Advanced Micro Devices, Intel Corporation, Cynx, IBM, Digital Equipment Corporation, and/or Motorola among other companies.
  • the microprocessor 402 will have programmed in it various items of information regarding the microprocessor itself. Typically, the programming of microprocessor 402 is done by the manufacturer. This programmed information defines a predetermined capability for the computer where its predetermined capability is defined by a set of parameters maintained within the computer system including several parameters relating to the capabilities of the computer system such as the maximum core frequency (i.e., which is a measure of the speed or how many megahertz the central processing unit of the microprocessor is capable of running at), the (maximum) instruction set, a descnption of all the features available from the microprocessor, and other information related to the (maximum or other) capabilities of the microprocessor and the system in which it operates, as appropriate for the specific application, for example, microprocessor 402 may have parameters which broadly or narrowly defined the client system or the server system of which the microprocessor is a part
  • the microprocessor 402 has programmed within itself certain parameters such as its full identification including the type of central processing unit it has, the manufacturer, the class
  • the microprocessor 402 could also be provided with a hard coded electronic encryption key. There are several types of encryption keys and methods of hard coding them that are well known to those skilled in the art. Similarly, as is also known to those skilled in the art, the microprocessor 402 could be configurable by changing internal software to change the core frequency or to modify yet other of its features or, for that matter, the features of the compul er 400 of which microprocessor 402 is illustrated as a part. In the illustrative embodiment that is being desenbed, the microprocessor 402 is connected through additional memory 404 which is shown as RAM 404 but could be other forms of memory to serve a specific application.
  • the additional memory would more likely be a L2 cache and, while it may be integral with the microprocessor 402, in the illustrative embodiment, it is shown as a separate chip
  • the L2 cache memory generally tends to be a high speed RAM memory.
  • the microprocessor 402 is connected to a ROM 406, which is illustratively shown as an electncally erasable read only memory (EPROM) but could be other forms of memory to serve a specific alternative application.
  • EPROM electncally erasable read only memory
  • the ROM 406 can be either separate or integral with the microprocessor 402 but, in the illustrative embodiment, it is shown as a separate chip
  • the ROM 406 could be a separate component which could be programmed, as would be evident to those skilled in the art, with a se ⁇ al number, feature control information (as will hereinafter be desenbed), a second encryption code, cychc redundancy check code (to permit multiple checks on the accuracy of the previous code), and error correction code (to correct any errors in the previous code).
  • the second encryption code key could be used to code and decode the senal number and feature information.
  • the microprocessor 402 the RAM 404 and the ROM 406 are all mounted on a card 408, called a "daughter" card 408 in the art, which is insertable into a system planar (not shown) in the computer 400.
  • CLIENT UPGRADE PROCEDURE 500 Referring now to Figs. 5 and 6, therein are shown a process in flow chart format that could be embodied in software as a computer program which are typical of the ones resident in the client systems 102, 104, 106, 200.
  • the illustrated process is herein referred to as the client upgrade procedure 500 in that the process is useful for upgrading a client system in order to modify it based on payment of an appropnate agreed upon pnee and being provided an appropnate venfication that authenticates the upgrade.
  • the upgrade procedure 500 can be embodied in software.
  • the process 500 starts in Fig. 5 at a "upgrade procedure" block 502 that is entered in response lo an upgrade request, typically from a client, and proceeds to "connect to upgrade server” block 504. Then the program proceeds to the "is connection successful?" decision block 506. If no, the program proceeds to "retry connection?” decision block 508 and ends at "end” block 512 when a sufficient number of ret ⁇ es has been unsuccessful attempted or, if yes, iterates through "connect to upgrade server” block 504 to retry a connection.
  • connection is successful out of decision block 506
  • the program proceeds to the "transmit product information for authentication” block 510 and then proceeds to the "is authentication successful?" decision block 514. If not successful, the program goes to the "initiate authentication failure procedure” block 516 and then through connector blocks 532 and 620 on to "restore system to original state” block 618, shown in Fig. 6.
  • the program proceeds to the "transmit upgrade request to server” block 518.
  • the program then proceeds to read “is upgrade request acknowledged?” decision block 520. If no, the program goes to the "inform customer that upgrade request is not valid” block 522 and then through connector blocks 532 and 620 on to "restore system to onginal state” block 618.
  • the program proceeds to the "receive upgrade cost from server” block 524. Upon receipt of the upgrade cost from the server, the program then goes to the "is upgrade cost acceptable?” decision block 526. If the upgrade cost is not acceptable, the program goes to the "cancel upgrade” block 528 and then through connector blocks 532 and 620 on to "restore system to onginal stale” block 618. Generally, in the illustrative embodiment the "initiate authentication failure procedure" block 516 and the "inform customer that upgrade request is not valid" block 522 end at the "restore system to original state” block 618.
  • While block 618 could restore the onginal system state and proceed to disconnect the connection, it should also be understood that there may be a further program or subroutine to try to take corrective action or provide additional information. The design of these could be within the ability of those having ordinary skill in the art.
  • the "restore system to onginal state” block 618 is also the termination point of the "initiate forgery procedure” block 614 and eventually through blocks 624 and 628 proceeds to the "terminate connection to update server” block 630 If the upgrade cost is acceptable, the program will go to the "receive upgrade applet from server" block 604 through connector blocks 530 and 602
  • An “Applet” is a small application program which is capable of running on the server system to upgrade hardware, firmware, or software in the client system.
  • the program procedure 500 then proceeds to the "is upgrade applet valid?” decision block 608. If the upgrade applet is not valid, the program proceeds to the "is upgrade applet a forgery?" decision block 610. If the applet is not a forgery, the program goes to the "request retransmission upgrade applet" block 606 and iterates by returning to the "receive upgrade applet from server block 604." If the upgrade applet is a forgery, the program proceeds to the "initiate forgery procedure" block 614 and through block 618 eventually proceeds to the "terminate connection to update server” block 630.
  • the program proceeds to the "execute upgrade applet to perform requested upgrade” block 612. After the execution, the program proceeds to the "is upgrade successful?" decision block 616.
  • the program proceeds to the "transmit successful upgrade message to server" block 622, then to the "inform end-user of successful upgrade” block 626, and then to the "terminate connection to upgrade server” block 630.
  • the program proceeds to the "restore system to onginal state” block 618 and through blocks 624 and 628 eventually proceeds to the "terminate connection to update server” block 630, as is now described.
  • the program proceeds to the "transmit upgrade error message to server” block 624 and then to the "inform customer of upgrade error” block 628 From the block 628 the program proceeds to the "terminate connection to upgrade server” block 630
  • the "terminate connection to upgrade server” block 630 will cause the program to proceed to the "request system restart” block 632 to cause the system to reboot to reinitialize the system with the upgraded system parameters.
  • SERVER UPGRADE PROCEDURE 700 Refernng now to Figs. 7 and 8, therein arc shown the partial flow charts of the typical computer program which is resident in the server systems 122, 124, 126, 300.
  • the illustrated process is herein referred to as the server upgrade procedure 700 in that the process is useful for illustrating what the server system does when a client seeks an upgrade, I. e. helps show the interplay between client system and server system as the client seeks an upgrade.
  • the server upgrade procedure 700 starts at the "upgrade procedure" block 702 in Fig. 7 in response to a client's upgrade request.
  • the program goes to the "connection from client?” decision block 704. If there is no connection, the program iterates through block 704 and continues to check for the connection. If there is connection, the program proceeds to the "receive product information for authentication” block 706 and then the program proceeds to the "is product information valid?" decision block 708.
  • the program proceeds to "request retra ⁇ smission of product information" block 710 which returns the program to the block 706 for another iteration through block 708.
  • the program proceeds to the "authenticate product information” block 712 and then proceeds to the "is product information authenticated?" decision block 714 If the product information is not authenticated, the program goes to "transmit authentication invalid message” block 716 and through connector blocks 728 and 804 on to
  • connection lo client block 830 in Fig 8 which is also referred to herein as “disconnect” block 830 in Fig 8.
  • the program proceeds to the "transmit authentication valid message” block 718.
  • the program then proceeds to ihe “receive upgrade request” block 720 and then proceeds to the "is upgrade request valid''" decision block 722.
  • the program proceeds to the "traasmit upgrade invalid message" block 724 and through connector blocks 728 and 804 on to block 830 in Fig. 8 Again, the "disconnect" block 830 may actually be another program
  • the program goes to the "is upgrade cost acceptable?" decision block 814. If the cost is not accepted, the program will go to the "cancel upgrade request" block 816 and then to the "disconnect” block 830. Again, the "disconnect" block 830 may be an additional program which contains advertising.
  • the program will go to the "transmit upgrade applet” block 818 and then to the "is upgrade applet received correctly?" block 820. If the applet is not received correctly, the program will go to the "retransmit applet request” block 822 where if there is a retransmission request it will iterate back to the "transmit upgrade applet” block 818; else it will go to "disconnect” block 830.
  • the program will go to the "disconnect" block 830 which could be a checking program to determine why the upgrade is unsuccessful.
  • the program will proceed to the "initiate upgrade charge procedure" block 828 which could be the procedure for billing and handling the receipt of compensation for the upgrade.
  • CLIENT UPGRADE PROCEDURE 500 AND SERVER UPGRADE PROCEDURE 700 In operation, a customer desirous of modifying the customer's client system could inmate the client upgrade procedure 500, which could be embodied in computer 400, as a computer program using the flow chart shown in Figs. 5 and 6. Computer 400 in turn can be embodied in computer 202 of client system 200, 102, 104, 106.
  • the customer could initiate the upgrade procedure 500 at entry point 502 in any of the client systems 200, 102, 104, 106 to start the program embodying the client upgrade procedure 500.
  • the program could then, without further customer intervention, look up the necessary connective path through the commu cations network 114 to the appropriate server system 300, 122, 124, 126.
  • This path connection (504) could be done by having the program have the telephone number or the electronic address of the appropnate server system 300, 122, 124, 126.
  • the program could then check to determine whether the connection is successful in the "is connection successful” block 506 and if not successful, it could retry the connection m the "retry connection?" decision block 508 a predetermined or an adjustable number of retnes and, if unsuccessful within that number of retnes, it will proceed to the procedure end block 512.
  • the microprocessor 402 can transmit (510) the encrypted information relating to senal numbers, featured capabilities, etc., across the commumcations network 114 to the appropnate server system 300, 122, 124, 126 in which the server upgrade procedure 700 of Figs. 7 and 8 can also be embodied in software.
  • Server upgrade process 700 begins to operate at upgrade procedure 702 and upon being connected to a client server (704) receives the information al the "receive product information for authentication" block 706.
  • the server upgrade procedure 700 then checks at the "is product information valid''" decision block 708 shown in Fig. 7 to determine if the se ⁇ al numbers and related information match or are otherwise valid. It should be noted at this point that this type of information can be used to determine if vanous components have been stolen or are otherwise being used by unautho ⁇ zed persons. Similarly, this information can be used for other purposes such as determining if recalls are required due to product liability problems.
  • the vendor system then authenticates the product information in the "authenticate product information” block 712 and the "is product information authenticated?" decision block 714.
  • the vendor's system transmits a validation message at the "transmit authentication valid message” block 718 which is received by the client system 102 at the "is authentication successful?" decision block 514 in Fig. 5
  • the client system 102 transmits a signal at the "transmit upgrade request to server" block 518 through the commumcations network 1 14 to the server system here assume it to be server system 122 to be received at the "receive upgrade request” block 720 in Fig. 7.
  • the server program then proceeds to determine if the upgrade request is valid at the "is upgrade request valid?" decision block 722. At this point, the previously provided message on the product information is used to check to make sure that the client system is capable of accepting the upgrades and performing them.
  • the server system 122 proceeds to ret ⁇ eve the cost information related to the upgrade at the "retneve costs from cost database" block 808 in Fig. 8.
  • the server system 122 then transmits the cost data at "transmit cost data" block 812 through the commumcations network 1 14.
  • the client system 102 at the "receive upgrade cost from upgrade server” block 524 in Fig. 5.
  • the customer must then determine whether or not the upgrade cost is acceptable (526). If not, the customer can cancel the upgrade (528), but if the cost is acceptable, the chent system 102 will so indicate to the server system 122 to proceed with transmitting the upgrade applet at the "transmit upgrade applet" block 818 in Fig. 8.
  • the transmitted applet will be received at the client system 102 at the "receive upgrade applet from upgrade server" block 604 in Fig. 6.
  • the upgrade applet could then be checked (608) to assure that it is correct, by any well known error correcting and checking procedure, or to determine whether or not it is a forgery (610) and an attempt is bemg made to harm the client system 102 by, for example, downloading a virus program.
  • the double encryption procedure of the computer 400 permits the encryption of information going in both directions and thus assures the protection of ingoing information as well as outgoing information.
  • the computer 400 then executes the upgrade applet at the "execute upgrade applet to perform requested upgrade" block 612.
  • the client system 102 checks to determine if the upgrade has been successful at the "is upgrade successful?" decision block 616.
  • the client system 102 will transmit a message at the "transmit successful upgrade message to upgrade server" block 622 which will be received at the server system 122 at the "is upgrade successful?" block 826 in Fig. 8.
  • the server system 1 2 will initiate the charging procedures to cover the cost of the upgrade at the "initiate upgrade charge procedure" 828. It should be evident that there are a number of ways that the charge procedure can operate. One example could be the use of credit card information transmitted via the double encryption procedure in the computer 400.
  • vanous encryption keys can be changed at will and randomly and totally without human intervention means that the breakdown of one pair of encryption keys will not compromise any other set of encryption keys which makes the system extremely secure for the transmittal of financial information or programming without the extenor introduction of computer viruses.
  • the server system 122 could advise the client system and the customer of the successful upgrade and payment. The server system 122 could then terminate the connection to the client system at the "terminate connection to the client" block 830 and then could proceed to the "update product information database” block 832 which could allow the collection of marketing data and other information related to the particular product
  • the program will proceed to the "request system restart” block 632 to reboot the system to initialize all the initialize parameters to be consistent with the upgrade which has been provided.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer And Data Communications (AREA)

Abstract

A computer overall system (100) includes client systems (102, 104, 106) which are centered around customer computers. Client systems are connectable through a communications network (114) with server systems (122, 124, 126) by way of a LAN (108, 116): wan (110, 118); or POTS (112, 120). Communications network (114) can be any type of interconnect which is connected to respective server system. A computer which is part of a client system or a server system, includes therein a microprocessor that is programmed by the manufacturer with various items of information regarding the microprocessor itself. This programmed information defines a predetermined capability for the computer where its predetermined capability is defined by a set of parameters maintained within the computer system including several parameters such as the maximum core frequency (i.e. which is a measure of the speed or how many megahertz the central processing unit of the microprocessor is capable of running at), the maximum instruction set, a description of all the features available from the microprocessor, and other information related to the maximum capabilities of the microprocessor and the system it can operate, as appropriate for the specific application, for example, microprocessor may have parameters which broadly or narrowly defined the client system or the server system of which the microprocessor is a part. The microprocessor could also be provided with a hard coded electronic encryption key. Similarly, as is also known to those skilled in the art, the microprocessor could be configurable by changing internal software to change the core frequency or to modify yet other features.

Description

SYSTEM FOR MODIFYING COMPUTER RELATED SYSTEMS Cross Reference to Related Applications This application is a continuation of copending application USSN 08/657,889 filed June 7, 1996. Field of the Invention
This mvenuon relates to computer systems and, more particularly, to modifying computer related systems from a remote location.
Background of the Invention Computer related systems contain many modifiable elements including hardware, firmware and software. Computer hardware includes, but is not limited to, single and multiple processors and microprocessors, which are herein individually and collectively referred to as microprocessors, penpheral devices, and individual processing units or portions thereof. Computer firmware includes, but is not limited to, programmable logic, read only memory, and other components in which control instructions such as microcode or program code can be mechanically, optically, electronically, or otherwise embedded Computer software includes, but is not limited lo, any form of information or instructions for the computer provided in any media including, but is not limited to, tape, disk, cards, read only memory (ROM), or random access memory (RAM)
In the past, hardware could only be modified where it was located. For example, between a personal computer and a penpheral pπnter, cable connections would have to be changed. Within a computer itself, vanous jumper cables would have to be changed or various components removed and replaced. For example, to upgrade the speed of a computer system, a microprocessor would have to be removed and replaced with a different, higher speed microprocessor
Also in the past, since firmware is a combination of hardware with software embedded, it was similarly necessary to physically change components in order lo modify or upgrade the computer system.
In the early days of this art, computer software onginally started out with the same limitations as computer hardware and firmware in that physical replacement was required in order to modify the computer system; e.g., new software on a new media had to be "loaded," or read from the media and wntten, into the computer. Recently, however, software has been developed which contains a program which allows only certain features of the software lo be utili/ed until a security code activation number or iden fication is entered which unlocks additional features
This system of modifying computer software was a great step forward in that a replacement of the software media was not required. However, the supporting mechanisms for allowing these modifications to be made tended to be expensive, time consuming, error prone, and inefficient. A computer customer wishing to modify this type of software would have to locate the telephone number of the software vendor, generally and unfortunately long after the software is onginally obtained and perhaps at a time when the onginal documentaUon had been misplaced or thrown-out. The customer would then contact the vendor, verbally give the vendor a seπal number from the user manual or the computer screen, and then descnbe the configuration of the customer's computer system. The customer would then tell the provider what type of modification to the software was desired and receive a pπce quote. Upon agreeing to the pnce, the cαstomer would provide credit card information to the provider and then verbally receive an activation code for the software. The customer would then have to use the activation code, for example, the customer would manually input it into the computer, to cause changes in the software
As should be apparent, this software modification system is time consuming and labonous with the possibility of many errors being caused by the requirement for human intervention using numerical codes both on the customer's part as well as on the provider's part
An additional problem with this system is that the software may be an unauthorized, or "bootleg," copy for which the user may not have obtained an appropnate πghi-to-use authonty, or license, and for which the provider may not have received payment for the onginal software. Often, the basic software tends to be much more expensive than an upgrade.
Although there has been a long felt need to be able to automate the modification of computer systems by computer system to computer system contact through various communicaϋon networks, it has not been heretofore feasible because of the inability to protect both the customer and the provider of computer systems from those people who gain unauthorized access lo the computer system. Such people who are unauthonzed users of a computer are sometimes cal led computer "hackers."
Computer hackers accessing the communications network between the two computer systems would be able to obtain access to confidenual information of both systems and to obtain sensitive credit InformaUon from one and sensitive activation codes from the other In addition, the hacker would be able to corrupt both systems by inserting viruses or changing activation codes or by causing or allowing other unfortuitous events to happen.
Thus, no system has been previously devised which is capable of controlling the modification of computer hardware, firmware, and or software from a remote location despite the long felt need to do so.
Summary of the Invention The present invention relates to a system in which a client computer system uses a predetermined activation code and includes the ability to access a server computer system through a communications network to receive modification cornmands based upon authentication of the activation code to cause modification of the server system.
The present invention provides an automated system for controlling other systems which include hardware, firmware, and software.
The present invention provides a system in which a client system may receive upgrade and other InformaUon through a communicauons network from a server system which is able to confirm the identity of the client system.
The present mvenUon further provides a mechanism for allowing a server system to determine the capability of a customer system and compatibility of upgrades or differing configurauons for use with the customer system.
The present invention still further provides a mechanism for the elimination of human error in the modification of hardware, firmware, and software.
The present invention further provides a client system which is uniquely identifiable. The present invention still further provides a client system which will accept software only from an authorized server system.
The present invenUon s ll further provides a server system which can uniquely identify a client system.
The present invention still further provides a server system which will provide software only to an authorized client system. The above and additional advantages of the present system will become apparent to those skilled in the art from a reading of the following detailed description when taken in conjunction with the accompanying drawings.
Bnef Description of the Drawings Fig. 1 is a block diagram of an lllastrative system embodying the present invention; Fig. 2 is a block diagram of a client system that can be embodied in the system shown in Fig.
1;
Fig 3 is a block diagram of a server system that can be embodied in the system shown in
Fig. 1 ;
Fig. 4 is a block diagram of a personal computer that can be embodied in the client system of Fig. 1 or in the server system of Fig. 1 ;
Fig. 5 is a partial flow chart of a process that is usable in the client system of Fig. 2; Fig. 6 is another partial flow chart which shows the remainder of the process that is partially shown in Fig. 5 and that is usable in the client system of Fig. 2;
Fig. 7 is a partial flow chart of a process that is usable in the server system of Fig. 3; and Fig. 8 is another partial flow chart which shows the remainder of the process that is partially shown in Fig. 7 and that is usable in the server system of Fig. 3
Detailed Description COMPUTER SYSTEM 100 Referring now to Fig. 1, therein is shown an overall system 100 including client system*. 102, 104, and 106 which illustrate a few examples of what are called client systems in what follows. There can in fact be any of number of different types of client systems Client systems 102, 104, 106 that arc shown here include systems which are centered around customer computers such as personal assistants, palmtops, laptop computers, personal computers, workstations, mini computers, mainframe computers, or massively parallel computers. Fig. 1 illustrates personal computer 102, workstation 104 and laptop computer 106, but could just as well include any of the mentioned type computers or other computers of that genre.
The client system 102 is shown connected to a local area network (LAN) 108, an example of which is an Ethernet system. LANs including Ethernet systems are well know m the art.
The client system 104 is shown connected to a wide area network (WAN) 110, which is exemplified by a TI or an ISDN connection. TI and ISDN systems are also well know m the art. Client server 106 is shown connected to a plain old telephone system (POTS) 112, which is exemplified by a twisted pair of wires that are connectable between a network, like network 1 14, and a modem in a client system that may be located at a client's or other's site, like client system 106.
Client systems 102, 104, 106 are connectable by way of LAN 108, WAN 110, POTS 1 12 through commumcatioas network 114 with server systems 122, 124 126 by way of LAN 1 16; WAN 11 ; or POTS 120 respectively.
Communications network 114 can be any type of interconnect where it is not necessary for the inputs or outputs to be known, just that they be lnterconnectable. Network 114 can be a stnetly customer internal network, a standard telephone system, a high data transmission network, among other structures such as a cable system or a combination of network systems. In the illustrative embodiment it could be the standard telephone system which includes capability to interconnect though what has become known in the art as the Internet.
The communications network 114 is connected by LAN 1 1 , WAN 1 18, and POTS 120 respectively to server systems 122, 124, and 126. In that manner any of client systems 102, 104, 106 can communicate with any of server systems 122, 124, 126. It should also be noted that the communications network 114 as well as the various LAN 108, 1 16; WAN 110,118; and POTS 112, 120 can be cither wired or wireless systems. Wireless systems could include, but not be limited to, radio frequency and infrared systems.
The server systems like server systems 122, 124, and 126 are systems typically operated or provided by hardware, firmware, and/or software vendors. CLIENT SYSTEM 200, 102, 104, 106
Refernng now to Fig. 2, therein is shown a typical client system 200 containing a computer 202. Client system 200 of Fig. 2 could be substituted as any of client systems 102, 104 or 1 6 of Fig. 1 and is here desenbed as though it is any of those client systems. The computer 202 could be any type of computer including a personal assistant, palmtop, laptop, personal, workstation, mini, mainframe, or massively parallel computers, but in the illustrative embodiment described here is a personal computer. The computer 202 functions, among other things, as a controller and is operatively connectable to penpheral devices in the client system 200 such as a pnnter 204, monitor 206, extenor memory 208, and miscellaneous other devices 210. The penpheral devices in addition could be smaller computers with microprocessors which have remote controllable deactivation and activation features to make them "green" penpheral devices which save power when they are not needed. Such devices are sometimes called "green" systems in the art meaning when they are in an "off' state to save power they are referred to as "red" whereas when they are in an "on" state and using power they are referred to as "green" - much in the same sense as a traffic signal used on highways to direct automobile traffic. This feature requires direct or indirect microprocessor to microprocessor communication such that the microprocessor in the computer 202 is capable of modifying the hardware, firmware, and software in the penpheral devices 204, 206, 208, 210.
The computer 202 is connectable by a communications interface 212 to the LAN 108, WAN 110 or POTS 112, but for purposes of this illustrative description are connected to LAN 108.
SERVER SYSTEM 300, 122, 124, 126 Referring now to Fig.3, therein is shown the server system 300 having a computer 302 which could again be any type of computer such as a personal assistant, palmtop, laptop, desktop or personal, workstation, mini, mainframe, or massively parallel computer. Server system 300 of Fig. 3 could be substituted as any server systems 122, 124 or 126 of Fig 1 and is here described as though it were any of those server systems and, in particular, in ihe illustrative embodiment of computer 302 within server system 300 is described as if it were a workstation
The computer 302 functions, among other things, as a controller and is operatively connectable to a number of different additional devices and systems such as the database 304, phone system 306, or other miscellaneous systems 308. The database 304 could contain such information as various serial numbers that exist in systems, available features, configurations, prices, credit information, and activation codes. The phone system 306 could be a backup system to handle unusual situations. The miscellaneous devices 308 could include such systems as tracking systems to follow customer purchases and billing.
The computer 302 could be connected by a communication interface 310 to any of the LAN 116, WAN 118 or POTS 120, but for purposes of this illustrative description are connected to LAN 1 1 and thence to the communications network 114
COMPUTER 400 Refernng now to Fig.4, therein is shown the computer 400 which could be of a type to embody computer 202 of Fig. 2 or computer 302 of Fig 3 as a pan, respectively, of client system 200, 102, 104, 106 or server system 300, 122, 124, 126. Computer 400 includes therein a microprocessor 402 that operates as a controller among other things. In particular, microprocessor 402 can be any type of microprocessor manufactured by a number of companies such as Advanced Micro Devices, Intel Corporation, Cynx, IBM, Digital Equipment Corporation, and/or Motorola among other companies.
The microprocessor 402 will have programmed in it various items of information regarding the microprocessor itself. Typically, the programming of microprocessor 402 is done by the manufacturer. This programmed information defines a predetermined capability for the computer where its predetermined capability is defined by a set of parameters maintained within the computer system including several parameters relating to the capabilities of the computer system such as the maximum core frequency (i.e., which is a measure of the speed or how many megahertz the central processing unit of the microprocessor is capable of running at), the (maximum) instruction set, a descnption of all the features available from the microprocessor, and other information related to the (maximum or other) capabilities of the microprocessor and the system in which it operates, as appropriate for the specific application, for example, microprocessor 402 may have parameters which broadly or narrowly defined the client system or the server system of which the microprocessor is a part The microprocessor 402 has programmed within itself certain parameters such as its full identification including the type of central processing unit it has, the manufacturer, the class of the machine, and a unique seπal number as well as perhaps still other relevant parameters which have meaning within the context of the apphcatιon(s) that are associated with, or in whatever manner use, the microprocessor 402.
The microprocessor 402 could also be provided with a hard coded electronic encryption key. There are several types of encryption keys and methods of hard coding them that are well known to those skilled in the art. Similarly, as is also known to those skilled in the art, the microprocessor 402 could be configurable by changing internal software to change the core frequency or to modify yet other of its features or, for that matter, the features of the compul er 400 of which microprocessor 402 is illustrated as a part. In the illustrative embodiment that is being desenbed, the microprocessor 402 is connected through additional memory 404 which is shown as RAM 404 but could be other forms of memory to serve a specific application. In advanced microprocessors, the additional memory would more likely be a L2 cache and, while it may be integral with the microprocessor 402, in the illustrative embodiment, it is shown as a separate chip The L2 cache memory generally tends to be a high speed RAM memory.
Similarly, the microprocessor 402 is connected to a ROM 406, which is illustratively shown as an electncally erasable read only memory (EPROM) but could be other forms of memory to serve a specific alternative application. Again, the ROM 406 can be either separate or integral with the microprocessor 402 but, in the illustrative embodiment, it is shown as a separate chip In our illustrative embodiment, the ROM 406 could be a separate component which could be programmed, as would be evident to those skilled in the art, with a seπal number, feature control information (as will hereinafter be desenbed), a second encryption code, cychc redundancy check code (to permit multiple checks on the accuracy of the previous code), and error correction code (to correct any errors in the previous code). Again as would be evident to those skilled in the art, upon a comprehension of the pnnciples of the instant mvention and of the descnption herein, the second encryption code key could be used to code and decode the senal number and feature information.
In the illustrative embodiment desenbed here, the microprocessor 402, the RAM 404 and the ROM 406 are all mounted on a card 408, called a "daughter" card 408 in the art, which is insertable into a system planar (not shown) in the computer 400.
CLIENT UPGRADE PROCEDURE 500 Referring now to Figs. 5 and 6, therein are shown a process in flow chart format that could be embodied in software as a computer program which are typical of the ones resident in the client systems 102, 104, 106, 200. The illustrated process is herein referred to as the client upgrade procedure 500 in that the process is useful for upgrading a client system in order to modify it based on payment of an appropnate agreed upon pnee and being provided an appropnate venfication that authenticates the upgrade. The upgrade procedure 500 can be embodied in software.
The process 500 starts in Fig. 5 at a "upgrade procedure" block 502 that is entered in response lo an upgrade request, typically from a client, and proceeds to "connect to upgrade server" block 504. Then the program proceeds to the "is connection successful?" decision block 506. If no, the program proceeds to "retry connection?" decision block 508 and ends at "end" block 512 when a sufficient number of retπes has been unsuccessful attempted or, if yes, iterates through "connect to upgrade server" block 504 to retry a connection.
If the connection is successful out of decision block 506, the program proceeds to the "transmit product information for authentication" block 510 and then proceeds to the "is authentication successful?" decision block 514. If not successful, the program goes to the "initiate authentication failure procedure" block 516 and then through connector blocks 532 and 620 on to "restore system to original state" block 618, shown in Fig. 6.
If the authentication is successful, the program proceeds to the "transmit upgrade request to server" block 518. The program then proceeds to read "is upgrade request acknowledged?" decision block 520. If no, the program goes to the "inform customer that upgrade request is not valid" block 522 and then through connector blocks 532 and 620 on to "restore system to onginal state" block 618.
If the upgrade request is acknowledged, the program proceeds to the "receive upgrade cost from server" block 524. Upon receipt of the upgrade cost from the server, the program then goes to the "is upgrade cost acceptable?" decision block 526. If the upgrade cost is not acceptable, the program goes to the "cancel upgrade" block 528 and then through connector blocks 532 and 620 on to "restore system to onginal stale" block 618. Generally, in the illustrative embodiment the "initiate authentication failure procedure" block 516 and the "inform customer that upgrade request is not valid" block 522 end at the "restore system to original state" block 618. While block 618 could restore the onginal system state and proceed to disconnect the connection, it should also be understood that there may be a further program or subroutine to try to take corrective action or provide additional information. The design of these could be within the ability of those having ordinary skill in the art. The "restore system to onginal state" block 618 is also the termination point of the "initiate forgery procedure" block 614 and eventually through blocks 624 and 628 proceeds to the "terminate connection to update server" block 630 If the upgrade cost is acceptable, the program will go to the "receive upgrade applet from server" block 604 through connector blocks 530 and 602 An "Applet" is a small application program which is capable of running on the server system to upgrade hardware, firmware, or software in the client system.
The program procedure 500 then proceeds to the "is upgrade applet valid?" decision block 608. If the upgrade applet is not valid, the program proceeds to the "is upgrade applet a forgery?" decision block 610. If the applet is not a forgery, the program goes to the "request retransmission upgrade applet" block 606 and iterates by returning to the "receive upgrade applet from server block 604." If the upgrade applet is a forgery, the program proceeds to the "initiate forgery procedure" block 614 and through block 618 eventually proceeds to the "terminate connection to update server" block 630.
If the upgrade applet is valid, the program proceeds to the "execute upgrade applet to perform requested upgrade" block 612. After the execution, the program proceeds to the "is upgrade successful?" decision block 616.
If the upgrade is successful out of decision block 616, the program proceeds to the "transmit successful upgrade message to server" block 622, then to the "inform end-user of successful upgrade" block 626, and then to the "terminate connection to upgrade server" block 630.
If the upgrade is unsuccessful out of the decision block 616, the program proceeds to the "restore system to onginal state" block 618 and through blocks 624 and 628 eventually proceeds to the "terminate connection to update server" block 630, as is now described. When the system is restored to the onginal state, the program proceeds to the "transmit upgrade error message to server" block 624 and then to the "inform customer of upgrade error" block 628 From the block 628 the program proceeds to the "terminate connection to upgrade server" block 630
As part of the successful upgrade, the "terminate connection to upgrade server" block 630 will cause the program to proceed to the "request system restart" block 632 to cause the system to reboot to reinitialize the system with the upgraded system parameters.
The program for the client system upgrade procedure 500 then ends at "end" block 634. SERVER UPGRADE PROCEDURE 700 Refernng now to Figs. 7 and 8, therein arc shown the partial flow charts of the typical computer program which is resident in the server systems 122, 124, 126, 300. The illustrated process is herein referred to as the server upgrade procedure 700 in that the process is useful for illustrating what the server system does when a client seeks an upgrade, I. e. helps show the interplay between client system and server system as the client seeks an upgrade.
The server upgrade procedure 700 starts at the "upgrade procedure" block 702 in Fig. 7 in response to a client's upgrade request.
From block 702, the program goes to the "connection from client?" decision block 704. If there is no connection, the program iterates through block 704 and continues to check for the connection. If there is connection, the program proceeds to the "receive product information for authentication" block 706 and then the program proceeds to the "is product information valid?" decision block 708.
If the product information is not valid, the program proceeds to "request retraαsmission of product information" block 710 which returns the program to the block 706 for another iteration through block 708.
If the product information is valid, the program proceeds to the "authenticate product information" block 712 and then proceeds to the "is product information authenticated?" decision block 714 If the product information is not authenticated, the program goes to "transmit authentication invalid message" block 716 and through connector blocks 728 and 804 on to
"terminate connection lo client" block 830 in Fig 8, which is also referred to herein as "disconnect" block 830 in Fig 8.
If the product information is authenticated, the program proceeds to the "transmit authentication valid message" block 718. The program then proceeds to ihe "receive upgrade request" block 720 and then proceeds to the "is upgrade request valid''" decision block 722.
If the upgrade request is invalid, the program proceeds to the "traasmit upgrade invalid message" block 724 and through connector blocks 728 and 804 on to block 830 in Fig. 8 Again, the "disconnect" block 830 may actually be another program
If the upgrade request is valid, the program will proceed through connectors 726 and 802 to the "transmit upgrade valid message" block 806 shown m Fig. 8
From the block 806, the program proceeds to the "access upgrade cost database" block 808 and then proceeds to the "transmit upgrade cost data" block 810 From block 810 the program waits to receive the upgrade cost acknowledge at block 812.
After the cost data is transmitted, the program goes to the "is upgrade cost acceptable?" decision block 814. If the cost is not accepted, the program will go to the "cancel upgrade request" block 816 and then to the "disconnect" block 830. Again, the "disconnect" block 830 may be an additional program which contains advertising.
If the cost is accepted, the program will go to the "transmit upgrade applet" block 818 and then to the "is upgrade applet received correctly?" block 820. If the applet is not received correctly, the program will go to the "retransmit applet request" block 822 where if there is a retransmission request it will iterate back to the "transmit upgrade applet" block 818; else it will go to "disconnect" block 830.
If the applet is received correctly, the program will proceed to the "receive upgrade status message" block 824.
From the "receive upgrade status message" block 824, the program proceeds to the "is upgrade successful?" decision block 826 in Fig. 8.
If the upgrade is not successful, the program will go to the "disconnect" block 830 which could be a checking program to determine why the upgrade is unsuccessful.
If the upgrade is successful, the program will proceed to the "initiate upgrade charge procedure" block 828 which could be the procedure for billing and handling the receipt of compensation for the upgrade.
After the "initiate upgrade charge procedure" block 828, the program will proceed to the "disconnect" or "terminate connection to the client" block 830. After termination of the connection, the program will proceed to the "update product information database" block 832 and then will proceed to the "end" block 834. SOME MORE OF THE INTERACTION BETWEEN
CLIENT UPGRADE PROCEDURE 500 AND SERVER UPGRADE PROCEDURE 700 In operation, a customer desirous of modifying the customer's client system could inmate the client upgrade procedure 500, which could be embodied in computer 400, as a computer program using the flow chart shown in Figs. 5 and 6. Computer 400 in turn can be embodied in computer 202 of client system 200, 102, 104, 106.
Although different types of modifications of the client system are possible, for example, the reduction of capabilities in order to reduce licensing costs (e.g. to reduce the costs to use the software that is being modified using the pnnciples of our invention) or just changing a configuration to specialize client system 102 in a particular manner, the following discussion is that of an illustrative embodiment that is related to upgrades.
When the customer is interested in an upgrade, the customer could initiate the upgrade procedure 500 at entry point 502 in any of the client systems 200, 102, 104, 106 to start the program embodying the client upgrade procedure 500. The program could then, without further customer intervention, look up the necessary connective path through the commu cations network 114 to the appropriate server system 300, 122, 124, 126. This path connection (504) could be done by having the program have the telephone number or the electronic address of the appropnate server system 300, 122, 124, 126.
The program could then check to determine whether the connection is successful in the "is connection successful" block 506 and if not successful, it could retry the connection m the "retry connection?" decision block 508 a predetermined or an adjustable number of retnes and, if unsuccessful within that number of retnes, it will proceed to the procedure end block 512.
On the other hand, if the connection is successful within the aforementioned number of retnes, the microprocessor 402 can transmit (510) the encrypted information relating to senal numbers, featured capabilities, etc., across the commumcations network 114 to the appropnate server system 300, 122, 124, 126 in which the server upgrade procedure 700 of Figs. 7 and 8 can also be embodied in software. Server upgrade process 700 begins to operate at upgrade procedure 702 and upon being connected to a client server (704) receives the information al the "receive product information for authentication" block 706.
The server upgrade procedure 700 then checks at the "is product information valid''" decision block 708 shown in Fig. 7 to determine if the seπal numbers and related information match or are otherwise valid. It should be noted at this point that this type of information can be used to determine if vanous components have been stolen or are otherwise being used by unauthoπzed persons. Similarly, this information can be used for other purposes such as determining if recalls are required due to product liability problems.
The vendor system then authenticates the product information in the "authenticate product information" block 712 and the "is product information authenticated?" decision block 714.
If the product is authenticated, the vendor's system transmits a validation message at the "transmit authentication valid message" block 718 which is received by the client system 102 at the "is authentication successful?" decision block 514 in Fig. 5
When the authentication is successful, the client system 102 transmits a signal at the "transmit upgrade request to server" block 518 through the commumcations network 1 14 to the server system here assume it to be server system 122 to be received at the "receive upgrade request" block 720 in Fig. 7. The server program then proceeds to determine if the upgrade request is valid at the "is upgrade request valid?" decision block 722. At this point, the previously provided message on the product information is used to check to make sure that the client system is capable of accepting the upgrades and performing them.
If the upgrade request is valid, the server system 122 proceeds to retπeve the cost information related to the upgrade at the "retneve costs from cost database" block 808 in Fig. 8.
The server system 122 then transmits the cost data at "transmit cost data" block 812 through the commumcations network 1 14. The client system 102 at the "receive upgrade cost from upgrade server" block 524 in Fig. 5. The customer must then determine whether or not the upgrade cost is acceptable (526). If not, the customer can cancel the upgrade (528), but if the cost is acceptable, the chent system 102 will so indicate to the server system 122 to proceed with transmitting the upgrade applet at the "transmit upgrade applet" block 818 in Fig. 8.
The transmitted applet will be received at the client system 102 at the "receive upgrade applet from upgrade server" block 604 in Fig. 6. The upgrade applet could then be checked (608) to assure that it is correct, by any well known error correcting and checking procedure, or to determine whether or not it is a forgery (610) and an attempt is bemg made to harm the client system 102 by, for example, downloading a virus program. It should be kept in mind that the double encryption procedure of the computer 400 permits the encryption of information going in both directions and thus assures the protection of ingoing information as well as outgoing information. The computer 400 then executes the upgrade applet at the "execute upgrade applet to perform requested upgrade" block 612.
Once the upgrade applet is performed, the client system 102 then checks to determine if the upgrade has been successful at the "is upgrade successful?" decision block 616.
If the upgrade is not successful, it is necessary to restore the system back to its onginal state so that any partial attempts at the upgrade which were incorporated will not later adversely affect a successful upgrade. And this is done at the "restore system to onginal state" block 618. The fact that there has been an error in the attempted upgrade will need to be transmitted back to the server system 122 as well as to a customer and this is done, respectively at the "transmit upgrade error message to upgrade server" block 624 and the "inform end-user of upgrade error" block 628. If the upgrade is successful, as determined by a conventional capability checking program, the client system 102 will transmit a message at the "transmit successful upgrade message to upgrade server" block 622 which will be received at the server system 122 at the "is upgrade successful?" block 826 in Fig. 8.
When the upgrade is successful, the server system 1 2 will initiate the charging procedures to cover the cost of the upgrade at the "initiate upgrade charge procedure" 828. It should be evident that there are a number of ways that the charge procedure can operate. One example could be the use of credit card information transmitted via the double encryption procedure in the computer 400.
The fact that the vanous encryption keys can be changed at will and randomly and totally without human intervention means that the breakdown of one pair of encryption keys will not compromise any other set of encryption keys which makes the system extremely secure for the transmittal of financial information or programming without the extenor introduction of computer viruses.
As part of the upgrade charge procedure, the server system 122 could advise the client system and the customer of the successful upgrade and payment. The server system 122 could then terminate the connection to the client system at the "terminate connection to the client" block 830 and then could proceed to the "update product information database" block 832 which could allow the collection of marketing data and other information related to the particular product
After the termination of the connection to the server system 122 at the "terminate connection to upgrade server" block 630 in Fig. 6, the program will proceed to the "request system restart" block 632 to reboot the system to initialize all the initialize parameters to be consistent with the upgrade which has been provided.
It should be noted that there are a number of advantageous features of the present mvention which have been desenbed penpherally. For example, this system is capable of tracking thefts of individual components in a computer system, preventing forged software from entenng the system, and providing secure traasrmttal of financial information While the invention has been desenbed in conjunction with a specific embodiment, it is to be understood that many alternatives, modifications, and vaπations will be apparent to those skilled in the art in light of the foregoing descnption. Accordingly, it is intended to embrace all such alternatives, modificatioas, and vanauons which fall within the spint and scope of the appended claims

Claims

We claim:
1. Apparatus 100, connectable to a com unicatioas network 114, compnsing: a first computer system 200, 102, 104, 106 connectable to said commumcations network 144 and having a predetermined capability, the predetermined capability being defined by a set of parameters maintained within the first computer system; said first computer system including control means 202, 402 for controlling said predetermined capability; and a second computer system 300, 122, 124, 126 connectable to said commumcations network; said second computer system including control meaas 302, 402 for identifying and controlling said first computer system control meaas through said commumcations network.
2. The apparatus as claimed in claim 1 wherein said first computer system includes identifier means for uniquely identifying said first computer system.
3. The apparatus as claimed in claim 2 wherein said second computer system includes authentication means for identifying said identifier meaas.
4. The apparatus as claimed in claim 3 wherein said first computer system includes encryption means for encrypting said identifier means whereby said unique identification of said first computer system is encrypted; and said second computer system includes decryption meaas for decrypting said encryption means encryption of said identifier means whereby said unique identification of said first computer system is accomplished across said commumcations network
5. The apparatus as claimed in claim 4 wherein said first computer system includes further encryption means for further encrypting said encryption means encryption of said identifier means; and said second computer system includes further decryption means for further decrypting said further encrypting means of said first computer system whereby said umque identification of said first computer system has at least two levels of encryption.-;.
6. Apparatus 100, connectable through a communicatioas network 1 14 lo a server computer system 300, 122, 124, 126 having a control mechamsm 302, 402 responsive lo signals through said communicatioas network 114, compπsing: an identifiable computer system 200, 102, 1 4, 106 connectable to said commumcations network 114; said identifiable computer system having a predetermined capability; said identifiable computer system including control means 202, 402 for controlling said predetermined capabilities; and said identifiable computer system including signaling means for sending a signal through said commumcations network to said server computer to cause said server computer to control said identifiable computer system through said communicatioas network.
7. The apparatus as claimed in claim 6 wherein said identifiable computer system includes identifier means for uniquely identifying said identifiable computer system.
8. The apparatus as claimed in claim 7 including means for transmitting said identifier means umque identification of said identifiable computer system.
9. The apparatus as claimed in claim 8 includes encryption meaas for encrypting said transmission means transmission of said identifier means.
10 The apparatus as claimed in claim 9 wherein said identifiable computer system includes further enciyption meaas for further encrypting said encryption meaas transmission of said identifier means. 11. Apparatus 100, connectable through a commumcations network 114 to a client computer system 200, 122, 124, 126 having a predetermined capability and a control mechanism 202, 402 for sending a signal through said commumcations network to request modification to certain of said predetermined capability and respoasive to a signal through said commumcations network 114 to control said predetermined capability, compnsing: a computer system 300, 122, 124, 126 connectable to said communications network
114; said computer system having memory means 304 containing information regarding said predetermined capability in said client computer system; and said computer system responsive to said signal from said client computer requesting modification of said predetermined capability to obtain one of said combinations of said predetermined capability to provide a control signal through said commumcations network for said client computer to control said predetermined capability in said client computer. 12 The apparatus as claimed in claim 1 1 wherein said computer system includes identifier meaas for uniquely identifying said control mechanism of said client computer 13. The apparatus as claimed in claim 12 wherein said computer system includes authentication means for identifying said signal from said control mechamsm of said client computer.
14 The apparatus as claimed in claim 13 wherein said computer system includes decryption means for decrypting said signal from said control mechanism of said client computer.
15 The apparatus as claimed in claim 14 wherein said computer system includes further decryption meaas for further decrypting said decryption means.
16 Apparatus 100, connectable to a commumcations network 114, compnsing: a first computer system 200, 102, 104, 106 connectable to said commumcations network 1 14 and having a predetermined set of capabilities; said first computer system including control means 202, 402 in controlling any of said capabilities in said predetermined set of capabilities; and a second computer system 300, 122, 124, 126 connectable to said commumcations network 1 14; said second computer system including control means 302, 402 for controlling said first computer system control means through said communications network 114. 17 Apparatus 100, connectable through a communicatioas network 114 to a server computer system 300, 122, 124, 126 having a control mechamsm responsive to signals through said commumcations network, compnsing: a client computer system 200, 102, 104, 106 connectable to said communications network 114; said client computer system having a predetermined set of capabilities; said client computer system including control means 202, 402 for controlling any of said capabilities in said predetermined set of capabilities; and said client computer system including signaling means for sending a signal through said commumcations network to said server computer to cause said server computer to control said client computer system through said commumcations network. 18. Apparatus 100, connectable through a communicatioas network 114 it) a client computer system 200, 102, 104, 106 having a predetermined set of capabilities and a control mechamsm for sending a signal through said commumcations network to request modification to certain of said predetermined set of capabilities and responsive to a signal through said commumcations network to control said predetermined set of capabilities, comprising: a server computer system 300, 122, 124, 126 connectable to said communicatioas network 114; said server computer system having memory means 304, 404, 406 containing information regarding combinations of said predetermined set of capabilities in said client computer system; and said server computer system responsive to said signal from said client computer requesting modification of said predetermined set of capabilities to obtain one of said combinations of said predetermined set of capabilities from said memory means to provide a control signal through said commumcations network for said computer system to control said predetermined set of capabilities in said client computer.
PCT/US1997/000724 1996-06-07 1997-01-14 System for modifying computer related systems WO1997046932A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US65788996A 1996-06-07 1996-06-07
US08/657,889 1996-06-07
US66518596A 1996-06-14 1996-06-14
US08/665,185 1996-06-14

Publications (1)

Publication Number Publication Date
WO1997046932A1 true WO1997046932A1 (en) 1997-12-11

Family

ID=27097511

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1997/000724 WO1997046932A1 (en) 1996-06-07 1997-01-14 System for modifying computer related systems

Country Status (1)

Country Link
WO (1) WO1997046932A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1562325A3 (en) * 2004-02-04 2005-10-05 Alcatel Enabling communication node capabilities on a Pay-per-use basis

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1992009160A1 (en) * 1990-11-07 1992-05-29 Tau Systems Corporation A secure system for activating personal computer software at remote locations
EP0703531A1 (en) * 1994-09-08 1996-03-27 Compaq Computer Corporation Software updating method
WO1996015485A1 (en) * 1994-11-15 1996-05-23 Absolute Software Corporation Security apparatus and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1992009160A1 (en) * 1990-11-07 1992-05-29 Tau Systems Corporation A secure system for activating personal computer software at remote locations
EP0703531A1 (en) * 1994-09-08 1996-03-27 Compaq Computer Corporation Software updating method
WO1996015485A1 (en) * 1994-11-15 1996-05-23 Absolute Software Corporation Security apparatus and method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1562325A3 (en) * 2004-02-04 2005-10-05 Alcatel Enabling communication node capabilities on a Pay-per-use basis
US7376224B2 (en) 2004-02-04 2008-05-20 Alcatel Lucent Pay-per-use communication node capabilities

Similar Documents

Publication Publication Date Title
JP4030708B2 (en) Prevention of illegal use of functional operation in telecommunications systems
US5771287A (en) Apparatus and method for secured control of feature set of a programmable device
EP1204910B1 (en) Computer platforms and their methods of operation
US6805634B1 (en) Method for downloading data to gaming devices
US4864494A (en) Software usage authorization system with key for decrypting/re-encrypting/re-transmitting moving target security codes from protected software
EP0923842B1 (en) System for preventing electronic memory tampering
US6463537B1 (en) Modified computer motherboard security and identification system
EP2565811B1 (en) System and method for authenticating a gaming device
EP1479187B1 (en) Controlling access levels in phones by certificates
GB2149944A (en) Software distribution
EP1043656A2 (en) Method and apparatus for synchronizing firmware
US20030014663A1 (en) Method for securing an electronic device, a security system and an electronic device
US20080133937A1 (en) Remote access system, gateway, client device, program, and storage medium
US20030120923A1 (en) Secure data authentication apparatus
JP2005518041A (en) Methods and configurations for protecting software
WO1995017732A1 (en) A secure software rental system using continuous asynchronous password verification
EP1949592A1 (en) Method and apparatus for managing digital rights of secure removable media
JP2003507784A (en) Mandatory restrictions on the use of stored data
US5946497A (en) System and method for providing microprocessor serialization using programmable fuses
WO2005038728A1 (en) A lock system and a method of configuring a lock system.
WO2007055169A1 (en) Communication terminal device, server terminal device, and communication system using the same
US20060075401A1 (en) Patch installation control
US20050138148A1 (en) Signaling managed device presence to control security
WO2025016143A1 (en) Deployment method and device for security authorization of pos machine, and storage medium
WO1997046932A1 (en) System for modifying computer related systems

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP KR

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: JP

Ref document number: 98500539

Format of ref document f/p: F

122 Ep: pct application non-entry in european phase