(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2004/0198496 A1
`(43) Pub. Date:
`Oct. 7, 2004
`Gatto et al.
`
`US 2004O198496A1
`
`(54) DYNAMIC CONFIGURATION OF A GAMING
`SYSTEM
`
`(76) Inventors: Jean-Marie Gatto, London (GB);
`Thierry Brunet de Courssou, Palo
`Alto, CA (US)
`Correspondence Address:
`YOUNG LAW FIRM
`A PROFESSIONAL CORPORATION
`4370 ALPINE ROAD SUTE 106
`PORTOLAVALLEY, CA 94028
`(21) Appl. No.:
`10/789,975
`(22) Filed:
`Feb. 27, 2004
`Related U.S. Application Data
`(60) Provisional application No. 60/453,627, filed on Mar.
`10, 2003.
`
`Publication Classification
`
`(51) Int. Cl. .................................................. A63F 13/00
`(52) U.S. Cl. ................................................................ 463/42
`
`ABSTRACT
`(57)
`A method to enable dynamic configuration of gaming ter
`minals installed in one or a plurality of gaming premises
`whereby certified games, certified data files and certified
`Support Software components are activated in accordance
`with a predetermined Schedule or automatically in response
`to the observed gaming activity. The method may include
`allocating an individual PKI certificate to each executable
`Software component and each of its versions, binding the
`PKI certificate to the executable Software, associating a
`distinctive policy for each certificate and then enforcing the
`Software execution policies in accordance with the desired
`authorized game configuration and Schedule. The PKI cer
`tificate’s “Subject Name” (or “Issued to field or “Common
`Name” field) may be a concatenation of the software com
`ponent identification, its version number and optionally
`other identification characters. The method applies equally
`to other network connected gaming Subsystems. The method
`enables a fine-grained and Secure control of the authorized
`Software components and thus the flexibility to Securely
`configure the gaming System in accordance with a Schedule
`or in a close-loop fashion in order to meet busineSS objec
`tives. In addition, a method to enable the certification
`authority to bind the certificates to the tested code is
`described.
`
`/Gaming
`Labs
`1.N- 1008
`
`USA or urope
`Domain: C01..local
`
`
`
`(FPVS
`
`GM
`
`GMO2
`
`AN
`
`
`
`
`
`
`
`O
`play
`
`CK2
`indows
`2093 antreprise Sever
`Ss)
`
`104.8
`
`lice
`
`Cyberscan certification
`for 200 games and 50 US
`stones
`custo
`
`
`
`1010
`1012Y
`
`
`
`Not connectees'
`external network N.
`- Domain: CyberGDS001.local
`1026
`
`WPN only (no
`feet Access
`
`1024
`
`aos. 1022 1914
`
`C
`
`EE
`i
`
`Windows
`XP
`
`C
`
`&
`Eli
`
`R
`
`c
`
`airidows
`23 entaprisa Sarwar
`
`9i
`
`to enable Gaming Lab engineers
`to carry out testing and
`certification ever where
`fac
`
`1038
`Gaming
`N-E siahs
`s
`
`s s a
`11 Access
`1034
`
`1036
`$
`
`1030
`
`1018
`
`ordon
`Las Vegas
`
`
`
`fo enable Cyberscan to submit new
`certification submissions and provide
`support even when on the road
`
`
`
`
`
`
`
`ss o
`--S,
`
`1028
`
`Reference platform identical to
`(CEO. local certification platform
`
`1016
`
`
`
`s
`
`Šs
`
`DE
`
`S1
`st
`Certificates
`Code Signing
`- coxaSign
`Authority
`EFS
`- Ella
`Widows
`2003 Entreprise Server
`. as a
`.
`Yes sees as .
`.
`.
`.
`in-built scalability to supporta-going
`Cyberscan cartification for 200 games
`and 50 US customers
`
`Domain: CEO2.local
`
`1042
`
`IPR2020-01218
`Sony EX1027 Page 1
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 1 of 21
`
`US 2004/0198496 A1
`
`
`
`ZZ ),
`
`00-10000-9000
`7.TEÑEN
`¿No..
`
`I '6IÐ
`
`
`
`
`
`
`
`zo!
`
`
`Á?quuassy apoo 00:noS
`
`IPR2020-01218
`Sony EX1027 Page 2
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 2 of 21
`
`US 2004/0198496 A1
`
`
`
`
`
`
`
`
`
`
`
`
`
`Á?quuassy epoo 00:noS
`
`IPR2020-01218
`Sony EX1027 Page 3
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 3 of 21
`
`US 2004/0198496 A1
`
`færr
`
`O
`O
`Y
`
`
`
`
`
`:{s}æsodandºuwwodos ºs?a seg pºpusow? si?æxerxgwºo sxu|----------------------------------------------------------------------------------------------------------------------------?
`
`
`
`
`
`
`
`
`
`
`
`Á?quuassy epoko 30. noS
`
`01&----------------------------------------------------------------------------------------------------------------------------
`
`/* , , , , , , ,
`
`= p[0]-, o 1 panss||
`
`IPR2020-01218
`Sony EX1027 Page 4
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 4 of 21
`
`US 2004/0198496 A1
`
`# '6IÐ
`
`
`
`
`
`
`
`'''saqja dold \p?
`
`807
`
`907
`
`0017
`
`IPR2020-01218
`Sony EX1027 Page 5
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 5 of 21
`
`US 2004/0198496 A1
`
`
`
`
`
`
`
`”X”X”/”Väiquiässwapoo 35 inos
`
`809
`
`IPR2020-01218
`Sony EX1027 Page 6
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 6 of 21
`
`US 2004/0198496 A1
`
`\O
`
`s
`
`
`
`
`
`soprawnowaeth
`
`
`
`
`
`
`
`
`
`
`
`;-----------------------------------------------------------------------------------------------~--~~~~ ~~~~ ~~~~ ~~~-------------
`
`IPR2020-01218
`Sony EX1027 Page 7
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 7 of 21
`
`US 2004/0198496 A1
`
`
`
`IPR2020-01218
`Sony EX1027 Page 8
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 8 of 21
`
`US 2004/0198496 A1
`
`Start
`
`802
`
`814 810
`
`816
`
`8 1 8
`
`822
`
`824
`
`830
`
`828
`
`Trash Package
`
`NO
`
`832
`
`834
`
`836
`840
`
`842
`
`844
`
`846
`
`Copy Signed Code on CD
`
`copy signed code on cd
`Sok deploy wome D
`
`Deploy a new Game?
`YES
`
`CD into DEPOY server
`
`Verify Package Authorisation
`(Pass it 1 - by SRP)
`
`1.
`Trust Package
`YES
`Un-package and Store Signed Code
`
`Deploy Signed Code to GMs
`(in accordance with Schedule)
`
`Activate Signed Game Code
`
`Verify Code Authorisation & Config
`Files (Pass #2 - by CyberTrustGM)
`
`8 4. 8
`
`850
`
`8 5 4.
`
`8 5 2
`GFree GMD NO
`
`8 5 8
`
`YES
`
`Request to excecute code 2
`YES
`Verify Code Authorisation
`(Pass #3 - by SRP)
`
`Trust Code?
`
`YS
`
`Execute Code
`
`- 804
`
`808
`
`By Game Operator
`
`820
`
`By GDS Server (WAN) or
`By Gaming Terminal (LAN)
`N 826
`
`By Gaming Terminal
`N 838
`
`TIG. 8
`
`IPR2020-01218
`Sony EX1027 Page 9
`
`

`

`Patent Application Publication
`
`Oct. 7, 2004 Sheet 9 of 21
`
`US 2004/0198496 A1
`
`
`
`
`
`
`
`6 '61)
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`206
`
`IPR2020-01218
`Sony EX1027 Page 10
`
`

`

`Patent Application Publication
`
`Oct. 7, 2004 Sheet 10 of 21
`
`US 2004/0198496 A1
`
`(ssoooyouaju, ?
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2020-01218
`Sony EX1027 Page 11
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 11 of 21
`
`US 2004/0198496 A1
`
`5
`2
`
`3.
`
`3
`
`y
`
`
`
`II '6IÐ
`
`IPR2020-01218
`Sony EX1027 Page 12
`
`

`

`Patent Application Publication
`
`Oct. 7, 2004 Sheet 12 0f 21
`
`US 2004/0198496 A1
`
`fine.
`
`>mo“M
`
`
`
`#93.:momhonkv
`QmwmoSomchr
`
`
`
`0:56
`
`«9329.3:
`
`3E380$35
`
`muoSOw++o*0,
`
`«mm_.domxm.2025\fig“.
`
`bofionwm
`
`
`
`«cmEQngo8EESQ
`
`.1
`
`.:2
`
`
`wwuhaowm>VNNF390800».5595
`xoowuur\fig“...\3.025\5mm
`
`NNNr5625swam::063w
`
`
`
`1.16:“.3:00«332?me
`
`
` £8282>/063mx5mm_m=w_>E
`
`woosow10*03E9:80
`
`95—.
`
`SN_.
`
`amfioomhwo
`
`_m..ooonhmo
`
`225_m=m_>
`
`33.3.
`
`bogmoamm
`
`
`
`mummxomn_ws_.5mg".280
`
`
`
`093.81_ws_.5x00:39.mxm
`
`memSowxo
`
`35095x8in
`
`
`
`.mowascufi298Saw
`
`Sana$33SE9.53qu
`
`h
`
`amuck
`
`
`
`Rustin33m
`
`32
`
`onmr.
`
`
`
`flmwm<82>flmwmohzom
`
`wmwfl0m
`
`E‘Nw
`
`
`
` 858aa25fin:/mummxumn..92.5£33..035ba
`
`250mm
`
`33232>
`
`82>
`
`Scam
`
`@32ng
`
`36E
`
`oowv
`
`|PR2020-01218
`
`Sony EX1027 Page 13
`
`Stow
`
`onNra
`FNN_.32°.60wow—.
`
`
`mw2=ow++o#0wDNr
`
`89:8m>
`
`IPR2020-01218
`Sony EX1027 Page 13
`
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Oct. 7, 2004 Sheet 13 of 21
`
`US 2004/0198496 A1
`
`009 !,
`
`e,
`
`AE01
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2020-01218
`Sony EX1027 Page 14
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 14 of 21
`
`US 2004/0198496 A1
`
`1402
`
`1404
`
`1406
`
`1408
`
`1410
`
`1412
`
`Group Policy Management
`3: File
`Action Wiew Window Help
`- * (te)
`(?
`-60 Band Room (Training)
`-63 Gaming Terminals
`E-Gea Gaming Terminals-Floor
`SSbmO- GMAudit Policy
`Shmo - GM File System
`S. SbmO - GM local Remote Desktop lo
`SSbmo. GM Security Settings
`SbmOs SRP Global to a submissions
`
`aad- 5 SbmO-Windows Installer
`
`-141 4.
`
`Sh, w SRP Trusted Tools
`Sbm2 - SIP - RNG (GLI)
`SSbm2. SRP-RNG (GLI)
`Sen3. SIP GM
`
`ar
`
`
`
`1416
`63 20OAOx
`HESbmi.5-SIP-Roulette (GLI) -1
`Lisbmis-sRP. Roulette Gil) - Nu-1418
`Ga
`2BOx
`1420
`sbm1.4-sRP. Infinity(Gil)
`1
`ris Sbm1.5 - SIP - Roulette (GLI)
`1422
`simis-sRP-Rouletted in 1
`2OCOx
`résbm1.4 - SIP-Infinity (GLI) -u-1424
`
`-
`200GOx
`-G3 20OHOx
`E-63200IOx
`(-a 2000x
`-(a 2KOx
`
`1400
`
`IPR2020-01218
`Sony EX1027 Page 15
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 15 of 21
`
`US 2004/0198496 A1
`
`
`
`
`
`
`
`gogl ~~~~ suonea||ddw pouõIssw
`
`
`
`
`
`G6TÀ LINI-INI – d.IS - 9'9uuqS
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`(paqqeug) uo?emnõuuon aeqnduuon
`
`irrir.
`
`rera-sewn
`
`IPR2020-01218
`Sony EX1027 Page 16
`
`

`

`Patent Application Publication
`
`Oct. 7, 2004 Sheet 16 of 21
`
`US 2004/0198496 A1
`
`
`
`
`
`Huaurat euel, kojod dnoap , !
`
`
`
`
`
`IPR2020-01218
`Sony EX1027 Page 17
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 17 of 21
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`z
`
`IPR2020-01218
`Sony EX1027 Page 18
`
`

`

`Patent Application Publication
`
`Oct. 7, 2004 Sheet 18 of 21
`
`US 2004/0198496 A1
`
`as a 4- 8 m a m a
`
`| | | }
`
`0,81,908),Z08||
`
`
`
`
`
`
`
`
`
`IPR2020-01218
`Sony EX1027 Page 19
`
`

`

`Patent Application Publication
`
`Oct. 7, 2004 Sheet 19 of 21
`
`US 2004/0198496 A1
`
`006),
`
`
`
`6.I '6IÐ
`
`
`
`
`
`seuueso jo ?sÏT 199
`
`IPR2020-01218
`Sony EX1027 Page 20
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 20 of 21
`
`US 2004/0198496 A1
`
`
`
`0z '6IÐ
`
`IPR2020-01218
`Sony EX1027 Page 21
`
`

`

`Patent Application Publication Oct. 7, 2004 Sheet 21 of 21
`
`US 2004/0198496 A1
`
`
`
`
`
`
`
`
`
`nuaW s3uues) KejdslO
`
`99 || Z.
`
`IPR2020-01218
`Sony EX1027 Page 22
`
`

`

`US 2004/O198496 A1
`
`Oct. 7, 2004
`
`DYNAMIC CONFIGURATION OF A GAMING
`SYSTEM
`
`CROSS-REFERENCE TO RELATED CASES
`0001. The present application claims priority of copend
`ing and commonly assigned US provisional application
`serial No. 60/453,627 filed on Mar. 10, 2003.
`
`BACKGROUND OF THE INVENTION
`0002) 1. Field of the Invention
`0003. The present inventions relate generally to the field
`of network connected pay computer-controlled games,
`either games of skills or games of chance, and more par
`ticularly to the field of automated monitoring and control of
`a large number of clusters of pay gaming terminals. The
`gaming terminals may be slot machines, Video lotteries,
`bingo Systems or lottery terminals in all their forms, that is,
`desktop terminals, wall or pedestal mounted kiosks, or full
`Size consoles, operating either in a local area network (LAN)
`or in a wide area network (WAN). The present inventions
`also relate to the monitoring, control and payment Systems
`linked to the gaming terminals.
`0004 2. Description of the Prior Art and Related Infor
`mation
`0005 Pay entertainment and gaming systems of the prior
`art, either of the cash-in or the cash-leSS type, are Seriously
`limited due to the technical choices made in order to comply
`with gaming regulatory requirements. Regulators are mainly
`concerned with funds that may be illegally acquired by
`individuals as well as with funds that may not be acquired
`by legitimate winners as a result of flaws, cheating and/or
`Stealing. Game regulators are reluctant to accept State-of
`the-art operating Systems, multimedia and Internet technolo
`gies because of Security concerns and tend to favor anti
`quated technology based upon Secrecy rather that “open’
`State-of-the-art technology. A "Request/Authorize” method
`for downloadable games has been proposed by another
`company (IGT's Secure Virtual Network in a Gaming Envi
`ronment-Publication US2002/0116615 A1) but the method
`disclosed therein does not cover how to ensure that only
`certified authorized components may execute.
`0006 Although downloadable games are undeniably
`going to flourish, they have yet to create confidence within
`the regulatory arena.
`
`SUMMARY OF THE INVENTION
`0007 Embodiments of the present invention overcome
`the Security limitations of the prior art and allow game
`operators the flexibility to dynamically configure their estate
`of gaming terminals. It is to be noted that although the
`gaming industry has coined the term “downloadable game'
`and that gaming standard GLI-21 entitled “Game Download
`System” has been published by Game Laboratory Interna
`tional (GLI), the term downloadable game is rather restric
`tive, as the downloading of Software components to com
`puter terminals and computer Servers is by itself pervasive in
`any network distributed computer System. However, down
`loading certified game components in a Secure manner is a
`problem that has yet to find a Satisfactory Solution.
`0008 Embodiments of the present invention may allocate
`an individual PKI certificate to each executable Software
`
`component and each of its versions, binding the PKI cer
`tificate to the executable Software and associating a distinc
`tive policy for each PKI certificate. The PKI certificate's
`“Subject Name” (or “Issued to” field, or “CommonName”
`field) may be a concatenation of the Software component
`identification, its version number and optionally other iden
`tification characters, for example.
`0009. According to other embodiments, the present
`invention offers a method to enable dynamic configuration
`of gaming terminals installed in one or a plurality of gaming
`premises whereby certified games, certified data files and
`certified Support Software components may be activated in
`accordance with a predetermined Schedule or automatically
`in response to the observed gaming activity. This may be
`accomplished by configuring and then enforcing the Soft
`ware execution policies for selected PKI certificates in
`accordance with the desired authorized game configuration
`and Schedule.
`0010 Further embodiments of the present invention offer
`a method to ensure the trust of non-executable files Such as
`initialization or configuration files, Video files, Sound files,
`multimedia files, file containing list of hashes, CRCs, and/or
`Signatures. This method relies on the certificate Software
`Restriction Policy as described herein.
`0011 Still further embodiments of the invention enable
`the certification authority to bind the certificates to the tested
`Software components.
`0012. The present invention, according to still further
`embodiments thereof enables a dynamic generation of the
`list of games made available to the players without trans
`ferring a configuration file or files from the central Server to
`the gaming machines. For example, a method according to
`an embodiment of the present invention relies on attempting
`to execute a game component on which a certificate Soft
`ware Restriction Policy is enforced.
`0013 Embodiments of the present invention leverage the
`technology described in commonly assigned U.S. patent
`application filing 60/393,892 entitled “Secure Game
`Download” in which code signing and Software Restriction
`Policy enable executing authorized game Software. Code
`signing and Software Restriction Policy (SRP) technologies
`are available in Microsoft Windows XP, Windows 2000 and
`Windows 2003, Embedded Windows XP as well as in future
`Windows versions (as of this writing, the next version is
`code-named “Longhorn') to ensure that only executable
`Software components from a trusted publisher, let's Say
`“Microsoft', are allowed to run. Code signing and Software
`Restriction Policy technology are applied to executable
`components Such as *.exe, *.dll, *.ocx, *.Vbs, *.msi, *.cab,
`etc. In addition, Software Installation Policy (SIP) ensures
`that Software components are installed in a controlled fash
`ion. Embodiments of the present invention extend the use of
`code signing, Software Restriction Policy and Software
`Installation Policy to individual software components that
`are allowed to execute in a network connected gaming
`System by associating a distinctive code-signing certificate
`to each executable Software component. Each executable
`Software component version (usually comprising major ver
`Sion, minor version, revision and build) may have a unique
`certificate. A distinctive certificate may be created for each
`Software component version and the two entities (the com
`piled code and the certificate) may be bound together by a
`code signing operation, herein called “signcode.eXe'.
`
`IPR2020-01218
`Sony EX1027 Page 23
`
`

`

`US 2004/O198496 A1
`
`Oct. 7, 2004
`
`0.014 Code signed software components may be pack
`aged together with non-signed Software components (if any)
`into a MSI Microsoft installation package (MSI=Microsoft
`Software Installation). An MSI package is an executable
`component that in turn receives a distinctive certificate
`bound to its content by a code Signing operation. Only the
`Software component version that has Successfully passed the
`regulatory certification proceSS may be allowed to run by
`enforcing an unrestricted policy to the associated certificate.
`0.015 Moreover, embodiments of the present invention
`extend the use of code Signing and Software Restriction
`Policy to ensure that only authorized non-executable com
`ponents are used by the authorized executable components.
`This is of particular value for configuration files or media
`files that may affect the game outcome Such as fixing the
`return to player at, for example, 95% between 5:00 PM and
`11:00 PM, or at 98% during other time periods. For this,
`non-executable components may be placed in code signed
`MSI (Microsoft Software Installation) installation packages.
`Each individual MSI package is an executable component
`whose execution can be controlled by Software Restriction
`Policy (SRP). A distinctive certificate may be created for
`each package version (a part number is created for a prese
`lected aggregate of non-executable components) and the two
`entities may be bound together by the code signing operation
`“signcode.eXe'. Within the network connected gaming Sys
`tem, trust for non-executable components may be estab
`lished by executing the associated authorized code signed
`packages using SRP upon computer startup or alternatively
`on demand, resulting in the re-installation of the original
`non-corrupted non-executable components. The non-execut
`able components may be: initialization or configuration files,
`Video files, Sound files, multimedia files, file containing list
`of hashes, CRCs, and/or Signatures, for example.
`0016 For example, DRM (Digital Rights Management)
`technology offered by Microsoft Windows Media Player
`may be used to ensure that only authorized multimedia files
`may be played or viewed.
`0017 Also, RM (Rights Management) technology
`offered with Microsoft Office 2003, with the associated RM
`services and SDK (Software Development Kit) may be used
`to ensure that only authorized data files may be accessed,
`Viewed, copied or modified.
`0018 Software Installation Policy (SIP) and Software
`Restriction Policy (SRP) configured with an individual PKI
`certificate associated to each authorized Software component
`offer a “Policy/Enforce” model, or in other words a “Con
`figure the Policy and then Enforce the Policy” model to
`enable network installation (or “game download”) and acti
`Vation at predetermined times (or “game Scheduling”) of
`Selected authorized Software components, in order to control
`the Software of the network connected gaming System and
`offer selected games to players. This “Policy/Enforce”
`method may be constructed on a demonstrable trusted base;
`it offers transparent Security and fine-grained auditing, con
`trasting with conventional “Request/Authorize” methods
`that do not demonstrate reliance on a trusted base to enforce
`the use of only trusted Software components.
`0019. A network-connected gaming system comprises
`hundreds of authorized certified Software components that
`may be Selectively downloaded and Scheduled. Considering
`on-going support for 50 customers and for 200 distinctive
`
`games over a period of 5 years, tens of thousands of Software
`components will each need to receive individual certificates
`and be certified. Accordingly, embodiments of the present
`invention include an automated certification platform.
`Herein, Such a certification platform is denoted “Integrated
`Certification Environment' or ICE. Embodiments of Such a
`certification platform according to the present invention are
`designed to automate the Stepping through the procedure
`that must be done by the regulatory certification authority to
`produce only authorized Software components that may be
`dynamically installed in a gaming System, and to prevent
`generation of erroneous Software components. In addition,
`the ICE offers support to selectively enable the download of
`approved System Software components using MicroSoft
`Software Update Services (SUS), for example.
`0020 Embodiments of the present methods rely on estab
`lished Security standards and a demonstrable trusted base (as
`opposed to relying on Security by Secrecy) in order to offer
`transparent Security and allow fine-grained auditing.
`Embodiments of the present inventions are also applicable to
`any of the Subsystems available in a network connected
`gaming System that require preventing non-authorized Soft
`ware components from executing or affecting the game
`outcome, Such as the gaming terminals, the game manage
`ment system (CMS or MCS) that monitor and control whole
`or part of the estate of gaming machines, the progressive
`jackpot Systems, the bonussing Systems as well as game
`payment verification Systems. Such as IGTS EasyPay and
`Cyberview’s PVU (Payment Verification Unit) and PVS
`(Payment Verification System). Gaming subsystems may be
`tested against gaming Standards Such as those produced by
`GLI, the game Standards are mandated by game regulators
`in accordance with local regulation and laws. The network
`connected Subsystems may be located within the premises
`accommodating the estate of gaming machine (connection
`via a LAN) or outside of the premises (connection via a
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`0021
`FIG. 1 illustrates the intrinsic information that
`uniquely identifies each executable Software component,
`according to an embodiment of the present invention.
`0022 FIG. 2 illustrates the information uniquely identi
`fying each executable Software component being made
`available into the Windows Event Log upon execution of the
`Software component, according to an embodiment of the
`present invention.
`0023 FIG. 3 illustrates the information (test certificate
`indicator, project/product code, type of executable code, part
`number, major/minor/build/version, certification lab identi
`fier, friendly name) uniquely identifying each executable
`Software component being used to generate the "Subject
`Name” (or “Issued to” field, or “CommonName” field) of
`the individual PKI certificate associated to each executable
`Software component, according to an embodiment of the
`present invention.
`0024 FIG. 4 illustrates the information that may be
`entered in the Extended Attributes of a PKI certificate,
`according to an embodiment of the present invention.
`0025 FIG. 5 illustrates the information that may be
`obtained using the Trusted Inventory tool, according to an
`embodiment of the present invention.
`
`IPR2020-01218
`Sony EX1027 Page 24
`
`

`

`US 2004/O198496 A1
`
`Oct. 7, 2004
`
`0026 FIG. 6 illustrates the information that may be
`entered to configure a type-certificate Software Restriction
`Policy rule, according to an embodiment of the present
`invention. A Software Restriction Policy (SRP) is configured
`using the Group Policy Object Editor.
`0.027
`FIG. 7 illustrates the policies that are associated to
`the active directory container used to configure the gaming
`machines, according to an embodiment of the present inven
`tion.
`0028 FIG. 8 illustrates an exemplary cycle from the
`moment a game is being created until it is first executed on
`a gaming terminal, according to an embodiment of the
`present invention.
`0029 FIG. 9 illustrates the global verification process
`performed by the terminal in order to check that no unau
`thorized file may execute or may affect game outcome,
`according to an embodiment of the present invention.
`0030 FIG. 10 illustrates the configuration of the three
`parties involved in a new game cycle detailed at FIG. 8,
`according to an embodiment of the present invention.
`0031 FIG. 11 illustrates the 12 folders created on the
`disk repository of the development environment, according
`to an embodiment of the present invention.
`0032 FIG. 12 illustrates the dataflow for step 1 to step 3
`for producing the certified authorized Software components,
`according to an embodiment of the present invention.
`0033 FIG. 13 illustrates the dataflow for step 4 to step 12
`for producing the certified authorized Software components,
`according to an embodiment of the present invention.
`0034 FIG. 14 illustrates the grouping of gaming termi
`nals and the associated enforced policies, according to an
`embodiment of the present invention.
`0035 FIG. 15 illustrates a method for enforcing a Soft
`ware Installation Policy by “linking the policy, according to
`an embodiment of the present invention.
`0036 FIG. 16 illustrates a method for enforcing a Soft
`ware Restriction Policy by “linking” the policy, according to
`an embodiment of the present invention.
`0037 FIG. 17 illustrates the method to enforce a policy
`at a predetermined time, according to an embodiment of the
`present invention.
`0038 FIG. 18 illustrates the method to enforce a selected
`policy as the result of observing the gaming activity, accord
`ing to an embodiment of the present invention.
`0039 FIG. 19 illustrates the method to generate dynami
`cally the menu list of authorized game made available to the
`player on each gaming terminal, according to an embodi
`ment of the present invention.
`0040 FIG. 20 illustrates the method to generate a code
`signed companion Software component, according to an
`embodiment of the present invention.
`0041
`FIG. 21 illustrates the method to quickly generate
`dynamically the list of game installed on each gaming
`terminal using the companion Software component, accord
`ing to an embodiment of the present invention.
`
`DETAILED DESCRIPTION
`0042 Reference will now be made in detail to the con
`Struction and operation of preferred implementations of the
`present invention illustrated in the accompanying drawings.
`The following description of the preferred implementations
`of the present invention is only exemplary of the invention.
`The present invention is not limited to these implementa
`tions, but may be realized by other implementations.
`0043 FIG. 1 illustrates Software Component Identifica
`tion and Traceability Via File Properties, according to an
`embodiment of the present invention. Shown at 100 in FIG.
`1 is the intrinsic information that uniquely identifies each
`executable Software component. The executable component
`Source code comprises executable code lines (e.g. X=X--1;
`not shown here) and associated Source code assembly infor
`mation 102, 104 that comprises comment lines 106 and
`assembly information. Herein, AssemblyTitle 108, Assem
`bly Product 110 and Assembly Version 112 are configured.
`The AssemblyTitle 108 is set to CyberInv.exe that is the
`friendly name of the executable Software component;
`AssemblyProduct 110 is set to 0006-00001-00 that is the
`part number of the executable Software component and
`Assembly Version 112 is set to 1.0.1.0, which is the version
`number of the executable Software component. Once the
`Source code is compiled and the executable is built (Cyber
`InV.exe in this case), the configured assembly information is
`available via the File Property of Windows 114 when right
`clicking on the file CyberInv.exe and Selecting “Properties”
`and “Version', as shown at 116. The friendly name is shown
`in the Description field 118, the part number is shown in the
`Product Name field 120, 122 and the version is shown in the
`File Version field 124.
`0044) It will be apparent to those of skill in the art of
`Software development that intrinsic information that
`uniquely identifies each executable Software component
`may be obtained in various combinations of assembly direc
`tives and file property fields. Additional information may be
`configured Such as, for example, the Software component
`part number, major version number, minor version number,
`build number, revision number, project name, type of Soft
`Ware component, language Variant, game regulation Variant,
`friendly name, identification of the certification laboratory,
`identification of the client, and other predetermined identi
`fication identifiers. The identifiers associated with the
`executable Software component using Source code assembly
`directives may, therefore, be traceable via the File Property
`features of the Windows operating System.
`0045 An example of such a configuration is CST3000
`0006-00001-001.0.1.0){21} 11-9% S CyberInv.exe that
`comprises a concatenation of identifiers that may be used in
`a file name or a PKI certificate Subject name. According to
`this example, CST3000 is the marketing system product
`identification or the project name; 0006-00001-00 is the
`Software component part number; 1.0.1.0) details the soft
`ware component major version number, minor version num
`ber, build number, revision number; 21} is the software
`component variant identifier, 11 identifies the certification
`lab that certifies the software component; ~9 identifies the
`customer for which this software component is certified; %
`S is the Software component language variant (“S” for
`Spanish in this example); CyberInv.exe is the software
`component friendly name for quick identification. Spaces
`
`IPR2020-01218
`Sony EX1027 Page 25
`
`

`

`US 2004/O198496 A1
`
`Oct. 7, 2004
`
`may be used freely and the identifier fields may be written
`in any order So as to facilitate reading. Identifier fields may
`be omitted whenever the context already provides Such
`information. The framing or delimiter characters such as I,
`{}, ~, , 9% which are allowable characters to be used in file
`names and certificate Subject names facilitate human recog
`nition as well as String Searches for particular attributes
`(global Search for all Spanish variants for example).
`0046. In the same manner, a selected set of identification
`information making up the certificate Subject name may be
`used for making up the file name of PKI certificate related
`files such as *.CER, *.P7B and *.PVK such as to facilitate
`human identification, String Searches and file Searches.
`0047 FIG. 2 illustrates traceability via the Windows
`Event Log. Reference numeral 200 in FIG. 2 illustrates the
`information uniquely identifying each executable Software
`component being made available to the Windows Event Log
`upon execution of the software component. The Windows
`Event Log 202 is a repository for logging important events,
`it is viewed via the Event Viewer 204. Windows default
`event log bins (or containers) are Application, Security and
`System. In the illustrated example, an Event Log bin 206
`denominated “CyberScan” has been added. The CyberScan
`bin 206 contains traceability information in its “Source”
`field that is being logged by each of the executable Software
`components. The Software executable Software component
`makes use of the Event Log API to “splash” its identification
`information into the Source field of a predetermined bin in
`the WindowS Event Log each time it starts execution, or at
`any other time should the occurrence of an event be traced,
`in order to provide an audit trail to be examined by auditors.
`The part number 214, version 216 and friendly name 212
`identifiers associated to the executable Software component
`using Source code assembly directives 201 are therefore
`traceable via the Event Log features of the Windows oper
`ating System. Other information associated with the execut
`able Software component may be Splashed into the event log
`for additional traceability. The “Type' field 208 may flag an
`important audit condition such as here “Failure Audit' to
`alert the auditor.
`0048 FIG. 3 illustrates the Certificate “Issued to” Field.
`Reference numeral 300 illustrates the information 308 (test
`certificate indicator 318, project/product code 320, type of
`executable code 322, part number 324, major/minor/build/
`version 326, certification lab identifier 328, friendly name
`330) uniquely identifying each executable Software compo
`nent being used to generate the “Subject Name'