Abstract: Software is licensed for use on a particular computing device, such as a gaming console or a multimedia console. An unlocking code is provided from a distribution service to the computing device (either directly or via a user), which in turn, unlocks the appropriate software or portion of software for use with the associated computing device. The software may reside on a computer-readable medium, such as a CD-ROM or DVD disk, that is being used in conjunction with the computing device. The unlocking code may be provided directly to the user in private (e.g., via email or a mobile phone) or in public (e.g., published on a website). Portions of the software that may be unlocked include a particular level of a game or other features (such as additional characters or weapons), or a working or more advanced version of an application that was otherwise provided as a demo or older version.

Abstract: A console-based multi-user authentication process allows multiple users of a game console to be authenticated together in a single request/reply exchange with an authentication entity. The results of which is the possession of a single ticket that can be used to prove authenticity of multiple authentication principals to one or more online services. Also described is a handshake process that can be used to initially establish an authentication account for each game console, in which the account creation server can trust that a genuine game console is making the request.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity for online participation. The architecture involves placing pre-established secrets on the game console during console manufacturing that may be subsequently used to guarantee the authenticity of the game console during registration time.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity for online participation. The architecture involves placing pre-established secrets on the game console during console manufacturing that may be subsequently used to guarantee the authenticity of the game console during registration time.

Abstract: A process for requesting authentication includes transmitting a hash digest formed from first client-specific data together with second client specific data and receiving, in response to transmitting, an indication of acceptance when the hash digest and second client-specific data correspond to a valid client authentication request.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity for online participation. The architecture involves placing pre-established secrets on the game console during console manufacturing that may be subsequently used to guarantee the authenticity of the game console during registration time.

Abstract: Provided are systems and services for billing and managing on-demand access to consumable goods and services. The system allows a user to consume resources via an application on a computing device by connecting to a service and requesting access to the resource based on a stored balance associated with a user ID and resource ID. If it is determined by the service that the user has the rights to access the resource, then access to the resource may be granted via the application. If it is determined by the service that the user does not have the rights to access a resource, a right to access the resource may be purchased from the service.

Abstract: The same level of protection and ability to associate rights to media content available with a stand alone media player is provided with a software media player. In an example configuration, a peripheral device comprising an optical disc drive capable of reading HD DVD media, and comprising a flash memory microcontroller with cryptographic capabilities, is coupled to a host game console via a universal serial bus (USB) interface. Media content from the peripheral device is rendered on the host game console. Software protection and management are provided utilizing various cryptographic keys and protocols. Software protection and management meets the prescribed rules of the Advanced Access Content System (AACS) license agreement with respect to consumer electronics players while allowing the playback of media content (e.g., movies) to be performed by software.

Abstract: Controlling access to secure data and services by versatile computers outside a secure environment, which communicates with limited dedicated devices such as game consoles, over a secure network such as a virtual private network. The versatile computing devices obtain access over an insecure network, such as the Internet, through a trusted partner Web site that authenticates users of the site and relays requests to the secure environment. The Web site uses a certificate for a predefined level of secure access to the secure environment. A link is established between a user's Web ID authenticated by the Web site and a gamer tag used within the secure environment. Access is limited as a function of the Web ID, gamer tag, and a Web site partner ID. A Web cache stores and provides some secure data, minimizing disruption to the secure environment's primary function to service the dedicated devices.

Abstract: A game device, such as a game console or a PC, is authenticated before joining an online gaming session. When the device registers with the gaming service, the device is queried for its system type (e.g., XBOX®, XBOX® 360, and PC) and a device identifier (e.g., serial number). The first time the device registers with the gaming service, the devices system type and identifier are stored. Each subsequent time the device registers with the gaming system, the device query response is compared with the stored system type and identifier. If the system type and identifier match, the device is allowed to participate in the game session. Additionally, the device system type is analyzed to determine if the device is allowed to participate in the game session. For example, a PC would not be allowed to participate in an XBOX® only game session.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity. The architecture involves creating a console public key and a console private key for each console-based gaming system. A digital certificate is created that contains the console public key and additional information about the console-based gaming system. The digital certificate is signed with a factory private key associated with the factory that manufactured the console-based gaming system.

Abstract: A trust rating factor (TRF) based upon data collected for players participating in previous online games sessions is used in determining official results for an online game session when different results are reported by the participants. Counters corresponding to each of a plurality of parameters related to conditions that arise during or at the end of a game session are employed in determining the TRF for each player. For example, if one of the players may have experienced a packet bombing that interrupted normal data communication, a counter related to that condition will be incremented for all players in the game session. If all of the players report results that are consistent at the end of the game session, the TRF of each player is improved. A separate TRF is determined for each game title in which a player participates.

Abstract: Various techniques are described for managing license rights for a variety of digital content. One technique involves initiating a request for a specific content package. The content package includes a unique content package identifier that can be linked with a license offer that also has a unique identifier. A determination is made as to whether the specific content package is available locally, and if not, the specific content package is downloaded. A use license can be obtained for digital content contained within the specific content package. One or more use-license parameters can be determined based on the use license obtained for the digital content. Finally, use of the digital content is enabled in accord with the license parameters that were thus determined.

Abstract: A condition on a client that is communicating with a server is determined by issuing a challenge to the client, causing the client to produce a response indicative of the condition. The server compares the response to an expected response to determine if the condition is as expected, and if not, takes appropriate action, such as terminating the connection with the client. The challenge preferably includes parameters and a code segment that causes the client to produce the response by executing the code segment. The code segment could perform a one-way hashing algorithm of a portion of memory indicated in the parameters. The server can thus determine if the client is using a modified basic input output system, modified software, pirated software, or whether other conditions exist on the client. The challenge can be changed to prevent the client from returning a false, predetermined response to the challenge.

Abstract: A console-based multi-user authentication process allows multiple users of a game console to be authenticated together in a single request/reply exchange with an authentication entity. The results of which is the possession of a single ticket that can be used to prove authenticity of multiple authentication principals to one or more online services. Also described is a handshake process that can be used to initially establish an authentication account for each game console, in which the account creation server can trust that a genuine game console is making the request.

Abstract: An architecture is described to manufacture console-based gaming systems in a manner that allows them to be authenticated to a remote entity for online participation. The architecture involves placing pre-established secrets on the game console during console manufacturing that may be subsequently used to guarantee the authenticity of the game console during registration time.

Abstract: Machine instructions comprising a bootstrap code are buried within a critical component of an electronic game console where they cannot readily be accessed or modified. A preloader portion in a read only memory (ROM) is hashed by the bootstrap code and the result is compared to an expected hash value maintained in the bootstrap code. Further verification of the boot-up process is carried out by the preloader, which hashes the code in ROM to obtain a hash value for the code. The result is verified against a digital signature value that defines an expected value for this hash. Failure to obtain any expected result terminates the boot-up process. Since the bootstrap code confirms the preloader, and the preloader confirms the remainder of the code in ROM, this technique is useful for ensuring that the code used for booting up the device has not been modified or replaced.

Abstract: Controlling access to secure data and services by versatile computers outside a secure environment, which communicates with limited dedicated devices such as game consoles, over a secure network such as a virtual private network. The versatile computing devices obtain access over an insecure network, such as the Internet, through a trusted partner Web site that authenticates users of the site and relays requests to the secure environment. The Web site uses a certificate for a predefined level of secure access to the secure environment. A link is established between a user's Web ID authenticated by the Web site and a gamer tag used within the secure environment. Access is limited as a function of the Web ID, gamer tag, and a Web site partner ID. A Web cache stores and provides some secure data, minimizing disruption to the secure environment's primary function to service the dedicated devices.

Abstract: A condition on a client that is communicating with a server is determined by issuing a challenge to the client, causing the client to produce a response indicative of the condition. The server compares the response to an expected response to determine if the condition is as expected, and if not, takes appropriate action, such as terminating the connection with the client. The challenge preferably includes parameters and a code segment that causes the client to produce the response by executing the code segment. The code segment could perform a one-way hashing algorithm of a portion of memory indicated in the parameters. The server can thus determine if the client is using a modified basic input output system, modified software, pirated software, or whether other conditions exist on the client. The challenge can be changed to prevent the client from returning a false, predetermined response to the challenge.

Abstract: Machine instructions comprising a bootstrap code are buried within a critical component of an electronic game console where they cannot readily be accessed or modified. A preloader portion in a read only memory (ROM) is hashed by the bootstrap code and the result is compared to an expected hash value maintained in the bootstrap code. Further verification of the boot-up process is carried out by the preloader, which hashes the code in ROM to obtain a hash value for the code. The result is verified against a digital signature value that defines an expected value for this hash. Failure to obtain any expected result terminates the boot-up process. Since the bootstrap code confirms the preloader, and the preloader confirms the remainder of the code in ROM, this technique is useful for ensuring that the code used for booting up the device has not been modified or replaced.