The invention generally relates to a security system for a computer system having Internet access capability. More particularly, the invention relates to a security system for a home video game system enhanced to include a modem and hard disk drive which allows a video game player to dial-up a network service provider and communicate over the service provider""s network to access the World Wide Web, send e-mail, play games and/or download executable programs, video and audio data to the system""s hard disk drive.
Over the years, special purpose home video game systems have been (and continue to be) immensely popular, notwithstanding the ever increasing presence of personal computers in households throughout the world. The latest generation of such dedicated video game systems utilize a user""s color television to generate exciting game play involving three dimensional game worlds having striking depth and realism involving numerous animated moving objects.
For the virtual millions of game players taking advantage of such low cost, special purpose video game systems, system operation and game play has been characterized by single location, stand alone operation. While home video game systems are designed for more than one player to play using multiple controllers attached to a single video game play console, such dedicated video game systems typically do not permit game play against other remotely located players.
Video game and video game system manufacturers and developers have heretofore faced continual piracy attacks. For the most part, in cartridge-based video game systems, these attacks have come from unscrupulous counterfeiters who produce and sell illegal cartridges. Particularly for cartridge-based video game systems, end user piracy of video games has not been a major problem to combat.
In copending parent application Ser. No. 09/288,293, a system is described which advantageously converts a heretofore stand alone, special purpose video game system into a network communicating device with bulk storage capacity having numerous enhanced capabilities such as simultaneous game play video and Internet display. As used herein, the xe2x80x9cInternetxe2x80x9d refers to the vast collection of interconnected networks that all use the TCP/IP protocols as well as the more generic interconnection of two or more networks.
In accordance with one exemplary embodiment of the incorporated copending application, an expansion device is connected to an existing video game system port to provide additional communication and storage capability via a modem and hard disk drive. A cable TV tuner is also included in the expansion device to assist in advantageously providing a unique picture-in-picture video capability, and data acquisition from the television vertical blanking interval.
With the addition of a modem and hard drive to a home video game system, the piracy issues become dramatically more serious and complex. For example, the personal computer industry has faced rampant end user piracy and the system described herein and in copending application Ser. No. 09/288,293 is likely to face the same type of pirating attacks.
A failure to properly secure such a system, which has been commercialized in part to take advantage of its ability to download purchased games, could be commercially disastrous. If an end user could simply download games from, for example, sellers of pirated games, a significant and perhaps catastrophic revenue stream loss could result from such activity.
The present invention advantageously provides a unique, multilevel security system for use in a computer system having Internet access capability and which precludes, inter alia, downloading and execution of unauthorized programs.
In accordance with one embodiment of the present invention, the primary system security features are incorporated into a video game system expansion device having a hard disk drive. The security system does not rely on the relatively insecure video game system.
The present exemplary embodiment focuses security control in a disk drive/mass media controlling engine which is physically disposed within the expansion device housing as close as possible to the hard disk drive and the downloaded video games and other data it is designed to protect. Security features are incorporated into, for example, a disk drive controlling processing engine to provide security features which extend far beyond simplistic password systems which have heretofore been utilized in conjunction with disk drive controllers.
Security is in part controlled by a server which downloads control information to a digital processor associated with hard drive 206. The disk drive controller processor utilizes this control information to control disk partitions that are created, and to control which applications can have access to respective partitions. The relatively insecure video game system has no control over which partitions may be accessible.
The disk controller processor responds to commands from the server to set up the disk partitioning. Thus, in accordance with one embodiment of the present invention, a direct security link exists between the server and a disk drive controller resident within the expansion device. The server preferably incorporates the highest degree of available Internet security features.
In accordance with an exemplary embodiment of the present invention, each expansion device includes a unique ID associated with its mass media storage device. Unique encryption keys are advantageously for each expansion device to ensure secure communications between the expansion device and the server. Thus, when a request is made through expansion device for downloading, for example, a particular video game, the server is able to rely on the request coming from an authorized expansion device and not an unauthorized device mimicking the expansion device.
In accordance with an exemplary embodiment of the present invention, the disk controller also incorporates an encrypting engine which encrypts in accordance with a highly secure encrypting algorithm.
A further level of security is provided in the illustrative embodiments by partitioning the hard drive into various partitions whose security/accessibility is tightly controlled. Each application program, e.g., a video game, has a predetermined number of private partitions, including a read only encrypted partition, where its executable code resides, a read only data partition for holding less secure data which is not encrypted to permit faster execution since no decryption step is required, and a third partition for storing a wide range of game related data, such as a player""s high score, the current location in a game.
The game downloading procedure is controlled at the server so that only authorized games are permitted to be downloaded. Each game is encrypted with an encryption key unique to each individual hard drive. The server utilizes the unique ID and encryption keys for each deck to encrypt downloaded game software. The server has a list of at least three items for each game, including the unique expansion device ID, e.g., serial number, an expansion device box encryption key, used for communications between the server and the expansion device, and a game encryption key which is utilized by the server to encrypt games for the expansion device 95. In playing a game, the server identifies to a disk controller in an expansion device 95, the disk partitions to which that particular game may have access. In accordance with the illustrative embodiments, the game program is decrypted by the disk controller encrypting engine before it may be played.
The above-described features and other advantages of the present invention will become apparent from the following detailed description of the present invention when taken in conjunction with the accompanying drawings.