Title of Invention	HEADER OBJECT PROTECTION FOR A DATA STREAM
Abstract	A header object (210) for a data file (200) is comprised of sub-objects (220, 230, 240, 250) which specify properties of the data stream and contains information needed to properly verify and interpret the information within the data object (290). In order to allow the protection of any set of sub-objects(220, 230, 240, 250) without requiring that the sub-objects (220, 230. 240, 250) follow any specific ordering, a new sub-object (260) is introduced which includes region specifiers (264) identifying regions within sub-objects (220, 230, 240, 250) and verification information for those regions. This new sub-object (260) in the header object (210) allows the modification of non-protected regions and reorganization of sub-objects (220, 230, 240, 250) in a header without invalidating verification information.

Title of Invention

HEADER OBJECT PROTECTION FOR A DATA STREAM

Abstract

A header object (210) for a data file (200) is comprised of sub-objects (220, 230, 240, 250) which specify properties of the data stream and contains information needed to properly verify and interpret the information within the data object (290). In order to allow the protection of any set of sub-objects(220, 230, 240, 250) without requiring that the sub-objects (220, 230. 240, 250) follow any specific ordering, a new sub-object (260) is introduced which includes region specifiers (264) identifying regions within sub-objects (220, 230, 240, 250) and verification information for those regions. This new sub-object (260) in the header object (210) allows the modification of non-protected regions and reorganization of sub-objects (220, 230, 240, 250) in a header without invalidating verification information.

Full Text	Data Stream Header Object Prota nog Field of the Invention: The present invention relates generally to data venficatiori and more particularly to a header object for a data file. Background of the Invention: Convcnnonally, some data file and data stream formala in lude header objects. The header object includes "mexa-coment" information used for identirying and using the cootcnt data included in the data file or data stream. for example, one dau stream format is the Advanced Streaming Format (ASF), which U an exTenaible rile format designed to store coordinated multimedia data. The current specification for this format is available from wwwnricrosoft.com ASF supports data delivery over a wide variety of networks and protocols while allowing for le cal playback. Each ASF file is composed of one or more media streams. the header object specifics the properaes of the enare file, along with stream-specific properties. In ASF, each file must have one header object. The header object provides a well-known oyte sequence at the beginning of ASF files (the header object GUTD (globally unique iiiendfier)) and to contain all the information needed to properly interpret the multimedia data. 1 he header object may be thought of u a container thai contains header object information an a combination of header sub-object. The header object information consist of a GU1D for the header object ("ASF_Header_object, the sue of the header object, and the numoer of header sub-objects contained in the header object. Each header object begins with a Gt JTD Header sub-objects include: • A file properties sub-object, which defines the global characts risacs of the multimedia dau in doe file; • A stream properties sub-object, which defines the specific pi operties and characteristics of a media stream; • The header extension sub-object, which allows additional functionality to be added ro an ASF file while maintaining backwards compatibility, and .s a container containing extended headeT sub-objects; • The codec list sub-object, which provides user-friendly imormaiion about the codecs and formats used to encode the content found in the ASF file; • The script command sub-object, which provides a list of r\ peparamiter pairs of Unicode strings that art synchronized to the ASF file's timeline; • The marker sub-object, which contains a small, specializen index thai is used to provide named jump points within a file to allow a content author u divide content into logical sections, such as song boundanct in an entire CD or topic changes during a long presentation, and to assign a human-readable name to each section of a file for use by the user, • The bitratc mutual exclusion sub-object, which identifies video streams that have a mutual exclusion relationship to each other (in other words only one of the streams within such a relationship can be streamed and the rest are ignored); • The error correction sub-object, which defines the error cot,Action method and provides lnformaucra needed by the error correction engine for recovcry; • The content description sub-object, which permits authors to record well-known data describing the file and its contests, including title, author, copyright, description, and rating information; • The extended content description sub-object, which permits authors to record data describing the file and its contents that is beyond the standard bibliographic information such as title, author, copyright, description, or raring information; • The content encryption sub-object, which identifies if the coatcm is protected by a digital rights management (DRM) system. This sub-object include the DRM license-acquisition URL, the DRM Key ID, and other DRM-related metadata. • The scream bitrare properties sub-objecr, which defines the average birrate of e3ch media stream in the multimedia data; and • A padding sub-object, which is a dummy sub-object useci to pad out the size of ihc header object. The entity wruch first creates the data stream file and any successive entities acting on it may add or change elements of the header file. For example, a content-creating entity may create a data stream file, and include information in the content description object regarding the content. A second entity may create markers within the data, and wish to add a marker object with track information. And a third entity, which distributes the data strean: file, may add a script command object containing actions or data for scripts. For example, a script command object may contain information that opens a web browser window to a sjwcified URL (uniform resource locator). Because a number of entities may act on an ASF file, there is no way to determine which entity has created which part of the header object. Additionally, a change of information by an attacker cannot be identified. Summary Of The Invention: The present invention is directed to a system, method, and data structure for the verification of sub-objects in a header object The invention allows for verification by one entity of one or more sub-objects in the header object while still allowing the ordering of sub-objects to change. New sub-objects can also subsequently be created and vei lfied by another ennry. The verification of two or more sub-objects by a trusted entity may be combined, so that an art acker can not remove or change data leaving one sub-object verifiable as having been signed by the trusted entity while the other sub-objecx is not verifiable. Addinonal features and advantages of the invention are set forth in the description below Brief Description Of The Figure: FIG 1 is a diagram illustrating an overview of a compute, system. FIG. 2 is a block diagram illustrating a file according to U.e invention. FIG, 3 illustrates the process of creating a digital signarurr sub-object according to the invention. FIG. 4 illustrates the process of verifying a digital signature sub-object according to the invention. FIG 5 illustrates a digital signarure sub object according ve the invention. Defiled Description Qf The Preferred Embodiment!: Overview One or more digital signature sub-objects can be created and placed in the header object of a data 61c to allow for signature information for sub-objects ana regions of sub-object in the header object. if a digital signature sub-object us present and valid any editing or tampering with the signed sub-objects can be detected. Ordering of the sub-object need not be preserved The digital signature sub-object contains an array of region specifiers. Each region specifier identifies a specific region within a sub-object- A region specifier may also identify a complete sub-object. The digital signature sub-object also contains a signature. 1 he signature is a digital signature of the regions listed in the array of region specifiers. The signature can be used to venry that dw regrona Listed in the region specifier array have not been tampered with. Exemplary Compunnfl EnvirDnment FIG. 1 illustrates an example of a suitable computing system environment 100 in which the invention may be implememod. The computing system environMcnt 100 is only one example of a suitable computing environment and is not intended to suggest any limitation as to the scope of use ot functionality of the mvennon. Neither should the computiu.g environment 100 be interpreted as having any dependency or requirement rclanng to any one or combination of components illustrated in the exemplary operating environment ,00. One of ordinary stall in the an can appreciate that a computer or other client or server device can be deployed as part of a computer network, or in a di .mbuted computing environment. In this regard, the present invention pertains to an computer system having any numbeT of memory or storage units, and any number of applications and processes occurring across any number of storage units or volumes, which may be usied in connection with the present invention The present invention may apply to an environment with server computers and client computers deployed in a network environment or distributed computing environment, having remote or local storage. The present invennon may also be applied to standalone computing devices, having programming language functionality, interpretation and execunon capabilities for generating, receiving and transmitting information in connecbem with remote or local services. The invention is operational with numerous other general purpose or special purpose computing system environments or configurarions. Examples of well known computing systems, environments, and/or configurations that may be suitable for use tth the invention include, but are not limited to, personal computers, server computers, hand-hetd or laptop devices, multiprocessor systems, microprocessor-based systems, set top b xes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, listribuied computing environments that include any of the above systems or devices, and the like. The invention may be described in the general context of c omputer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The invention may also be practiced in distributed computing environments where task3 are performed by remote processing devices that are linked through a communications network or other data transmission medium. In a distributed computing environment, program modules and other data may be located in both local and remote computer storage media including memory storage devices. Distributed computing facilitates sharing of computer resources and -. -vices ny direct exchange between computing devices and systems. These resources and services include the exchange of information, cache siorage, and disk siorage for files. Distnburcd computing takes advantage of nerwork connectivity, allowing clients to leverage their collective power to benefit the entire enterprise. In this regard, a vanery of devices may have applicant.ns, objects or resources that may utili2c the techniques of the present invention. With reference to FIG. 1, an exemplary system for implemcmting the invention includes a general-purpose computing device in the form of a computer 110. Components of computer 110 may include, but are not limited to, a processing unit 120, a system memory 130, and a syttem bus 121 thai couples various system components including the sysicm memory to the processing unit 120. The system bus 121 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures. By way of example, and not limitation, such architet rum include Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MC A) bus. Enhanced ISA (EISA) bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus (also known as Mezzanine bus). Computer 110 typically includes a variety of computer readable media. Computer readable media can be any available media that can be accessed by computer 110 and includes both volatile and nonvolatile media, removable and non-removable media. By way of example, and not limitation, computer readable media may comprise computer storage media and communication media. Computer storage media includes both volaule and nonvolanle, removable and non-removable media implemented in any method cr technology for storage of mforrnation such as computer readable instructions, data structures, program modules or other data. Computer storage media includes, but is not limited to. RAM, ROM, EEPROM, flash memory or other memory technology, CDROM, digital versatile di-ks (DVD) or other opneal disk storage, magnetic cassette, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to store the desired uiformauon and thai can accessed by computer 110. Communication media typically emboth es computer readable instructions, data structures, program modules or other data in a modulated data signal such as a earner wave or other transport mechanism and includes any infoi mation delivery media. The term "modulated data signal" means a signal that has one or morr of iu characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wued connection, and wireless media such as acoustic, RF, infrared anc other wireless media. Combinations of any of the above should also be included within the scope of computer readable media. The system memory 130 includes computer storage media in the form of volatile and/or nonvolatile memory such as read only memory (ROM) 131 and rutjdom access memory (HAM) 132. A basic input/output system 133 (BIOS), containing the basu routines thai help to transfer mformaxion between elements within computer UO, such as during start-up. is typically stored in ROM 131 RAM 132 typically contains data and/or program modi Jesthat are immediately accessible to and/or presently being operated on by processing unit 120. By way of example, and not limitation, FIG. I illustrates operating system 134, application programs 135, other program modules 136, and program data 137 The computer 110 may also include other removable/non-removable, volatile/nonvolatile computer storage media. By way of example only, FIG. 1 illustrates a hard disk drive 140 thai reads from or writes to non-removable, nonvolatile magnetic medio, a magnetic disk drive 151 thai reads from or writes to a removable, nonvolatile magnetic disk 152, and an optical disk drive 155 that reads from or write* to a removable, nonvolanle optical di Jc 156, such as a CD ROM or other optical media. Other raaovablc/non-mnovable, volanle/nom olanJe computer storage media that can be oaed in the exemplary operating environment inc iude, but are not limited to, magnetic tape cassettes, flash memory cards, digital versatile disks, digital video tape, solid state RAM, solid state ROM, and the like. The hard disk drive 141 is Typically connected to the system bus 121 through an non-removable memory interface such as interface 140, and magneric disk drive 151 and optical disk drive 155 are ryptcally connected to the system bus 121 by a removable memory interface, such as interface 150. The drives and their associated compuier storage media di .cussed above and illustrated in FIG 1, provide storage of compuier readable instructions, data su jctures, program modules and other data for the compuier 110 In FIG. 1, for example, hard disk dnvc 141 ts illustrated as storing operating system 144, application programs 145, other program modules 146, and program data 147. Note that these components can either be the same as or different from operating system 134, application programs 135, other program m xlules 136, and program data 137 Operating system 144, application programs 145, other progr on modules 146, and program daw 147 are given different cumbers here to illustrate that, a a rrujomuxn, they are different copies. A user may enter commands and information into the computer 20 through input devices such aa a keyboard 162 and poinnng device 161, commonly referred to as a mouse, trackball or touch pad. Other input devices (not shown) may include a microphone, joystick, game pad, satellite dish, scanner, or the like. These and other input devices art often connected to the processing unit 120 through a user input interface 160 that is couplad to the system bus, but may be connected by other interface and bus structures, such as a parallel port, game port or a universal scnal bus (USB). A monitor 191 or other type of display .levice is also connected to the system bus 121 via an interface, such as a video interface 190, In audition to the monitor, computers may also include other peripheral output devices such as speakers 197 and printer 196, which may be connected through an output peripheral interface 190. The compuier 110 may operate in a networked environment using logical connections to one or more remote computers, such as a remote computer 180. The remote computer 180 may be a personal computer, a server, a router, a network PC, a peer device or other common network node, and typically iticludes many or all of the elements described attove relative to the computer 110, although only a memory storage device 181 has been ullustraiexs in FIG 1- The logical connections depicted in FIG. 1 include a local area network (LAN) i 71 and a wide area network (WAN) 173, but may also include other networks. Such networking environments are commonplace m offices, enterprise-wide compuier networks, intranets and the Internet. When used in a LAN networking environment, the compuier 110 is connected to the LAN 171 through a network interface or adapter 170. When used in J WAN networking environment, the computer 110 typically includes a modem 72 . of other means for establishing communications over the WAN 173, such as the Internet. The medem 172, which may be internal or external, may be connected to the system bus 121 via he user input interface 160, or other appropriate mechanism- In a networked environment, progitm modules depicted relative to the computer 110, or portions thereof, may be stored in the remou memory storage device. By way of example, and not limitation, FIG. 1 illustrates remote application programs 185 as rrsichng on memory device 181. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications lins between the computers may be used. Pipul Signature Sub-Objects Where a header object includes sub-objects and regions of sub-objects to be protected, according to the invention, a digital signature sub-object may be a-tded to the neader id order to allow verification that the sub-objects and regions signed have not been tampered with- This digital signature sub-object may be based on any digital signing algorithm that takes as input some data and produces a signature that can later be verified. In o.te embodiment, the algorithm used is the RS A algontbm. In another embodiment, the elliptic cu/ve algondun is used. Other embodiments may use other signature algorithms. Referring to FIG. 2, file 200 contains a neader object 210. in addition to header information 215, header object 210 contains a file properties sub-onject 220, a stream properties sub-object 230, a script command sub-object 240, and content desc ription sub-object 250. Content description sub-object 250 contains information on title 25 2, atuhor 254, copyright 256 and description 258 of the content Script command sub-object 24o contains a URL 245. File 200 also contains data object 290. This figure is exemplary, and it will be recognized that other combinations of sub-objects may be present in the header object rulaer dwn those shown. An endty may prevent tampering with pans of the header obiect 210 by adding digital signarurc sub-object 260. Digital signature sub-object 260 contains region specifier array 264 and signature 266. In one embodiment, digital signature sub-object 260 also contains signer information 268. Ln one embodiment, signer information 268 contains one or more certificates a hich can be used to securely verify the signature 266 The process for creating a digital signature sub-object 260 ;s shown in FIG 3. As shown in step 110, the entity decides which one OT more regions of header sub-objects it is going to sign and determines the region specifiers for these regions. For example, with reference to FIG 2. the regions to be signed may include the script command sub-object 2 10 and the title, author, and copyright sections of the content description sub-object 250 Refe nng again to FIG. 3, in step 320, the region specifier array 264 (from FIG. 2) is created. In stev 330, the regions specified in the region specifier aoay 264 are concatenated (m the order in whkb they are specified in the region specifier array 264) along with the region specifier array 264. This region is then signed 340 to produce signature 266 (from FIG. 2). When a file containing a header object including a digital signature sub-object is modified, the order of the sub-objects may be changed and addiuoi.al sub-objects may be inserted. If additional regions or sub-objects are to be verified, a new digital signature sub-object may be added- With reference to FIG. 2, in order to check the verification of the header object 210, the digital signature sub-object 260 and the regions specified in the region specifier array 264 are used As shown in FIG. 4, step 410, the header sub-object regions peeified in the region specifier array 264 (from FIG. 2) are identified- In step 420, these regions are concatenated (in the order in which they are specified in the region specifier array 264) together with the region specifier array 264. In step 430, signature 266 (from FIG. 2) is chet ted to determine whether it is a valid signature for rite concatenation. In one embodiment of the invention, both regions of sub-objects and complete sub-objects may be signed using the digital signature sub-object. In another embodiment, only complete sub-objects may be signed. In one embodiment of the mv soaon, more than one region from a single sub-object may be signed in one digital signature sub-rbject In one embodiment of the invention, the regions of one sub-object being signed may ovtrlap. In one embodiment of ihe invention, each header object m.ist contain at leasr one digital signature sub-object. If the header object does not contain a digital signature sub-objeci when one is expected, then it can be assumed that the header object has been tampered with. If the header object contains a digital signature sub-object that does not verify correctly or is not from a trusted source, the entity receiving the file containing the header object may act accordingly, for example, in one implementation, by not using the file. According .o this embodiment, a check is performed to see if any digital signature sub-objects exist. If none exist, then verification fails If sub-objects do exist, each one is checked to yield a verification result. In one embodiment, any file F that is a collection of objects Ov, 02,.. O0 may be signed according to the invention. A new object O04, ia created which inchlidea a region specifier array specifying the objects or regions of objects signed and a signature tor those objects and the array Exemplary ASF Implementation In one embodiment, the file is an ASF file. The components of a digital signature sub-object for an ASF file, in one embodiment, is shown in FIG. 5. Digital signature sub-object 500 includes a GUTD 510. Each object and sub-object in an ASF file begins with a GUID. GUIDs are used to uniquely identify all objects types within ASF files. Etch ASF object type has its own unique GUID However, in general, GUIDs cannot be used to uniquely identify sub-objects within an ASF Header object since multiple sub-objects in an ASF 1 leader object may have the same object type, and thus have the same GUID The next element in the exemplary ASF digital signature sut-object 500 is the sub-object size S20. Again, all ASF objects and sub-objects generally include toe sue of the object and sub-object. The region specifier array 540, as described above, is preceded by the number of signed regions conwuned in the region specifier array 530. The checksum algorithm identifier 550 and the signature aigonuim identifier 560 identify the checksum and signature algorithms used in the digital signature sub-object. The signature 580 of the regions and the region specifier array is preceded by the length of the signature 570, Signer mrormahon 590 contains information to verify or obuun information regarding the signer. Signer infor nation 590 may include the identity of the signer. In one embodiment, signer information 59, contains a certificate chain that can be used to verify che public key of the signer is from a trusted source. In ihe exemplary A$F implementation, each region specil.er contains a sub-object region offset, a sub-object region size, a checksum length and an object - hecksura. The region offset identifies where the region starts in the sub-object, and the region size identifies the sue of the region. The object checksum corresponds to the checksum of the region specified. This checksum algondim, in a preferred embodiment, is the Secure Hash Algorithm (SHA-1) algonthm. This algondim is available in the Federal Information Processing Standards Publication 180-1, which is available on the Internet at http://wwwjrj.nist.y)v/fipspubs/fip 180-1 htm. In alternate embodiments, any hashing algorithm with a low probability of collision can be used. In an alternate embodiment, the object checksum corresponds to the checksum of the sub-object containing the region specified. When the signature is being checked, in order to determine which sub-object the region is located in (as in step 410 of FIG- 4), the header sub-objects are examined. For each sub-object being examined, a checksum is computed according to the algontin specified in the checksum algohdim identifier 550. In the embodiment where me checksum is computed over the region, a checksum is computed for the data contained in that sub-object which begins at me given sub-object region offset and extends to be the given sub-object region oze. In me embodiment where the checksum if computed owr the entire sub-object, a checksum i computed for the sub-object. When a checksum is computed which matches the checksum in d.e region specifier, the correct sub-object for the region specifier has been identified When a sub-object corresponding to each region specifier has been identified, the signature can be checked. In this implementation, in order to specify an entire sub-obfoct to be signed, the offset in the region specifier will be zero, and the region size will be equal lo the lengm of the sub-object In another embodiment, the checksum is computed for we entire sob-object rather dian for the specified region. In this embodiment, more than one digital signature sub-object may be included in an object, in order to allow flexibility in having different areas of sut -objects verified together, and having different entities verify sub-objects. In other embodiments, other methods may be used to identify the regions In one embodiment, data which can uniquely identify the sub-object is contained with in the region specifier along with region offset and size data-in other embodiments, only entire sub-objects may be signed In one embodiment, the region specifier includes a checksum over the entire sub-object Li another embodiment, the lengih of the checksum is also included. In yet another embodiment, other dau that can identify the sub-object is used in the region specifier Conclusion Herein a system and method for data stream header object protection. As mentioned above, while exemplary embodiments of the present invention have been described in connection with various computing devices and network architectures, the untierlying concepts may be applied to any computing device or system in which it is desirable to provide dau stream header object protection. Thus, the techniques for providing dau stream header object protecuon in accordance with the present invention may be applied to a variety of applications and devices For instance, the techniques of the invention may be applied to the operating system of a computing device, provided as a separate object on the device, as pan of another object, as a downloadable object from a server, as a "middle man" between a device or object and the network, as a distributed object, etc. White exemplary names and e The various techniques described herein may be implemented in connection with hardware or software or, where appropriate, with a combination of both. Thus, the methods and appararus of the present invention, or certain aspects or portions thereof, may take the form of program code (i e., instructions) embothed in tangible media, such -J Soppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium wherein, when the program code is loaded into and executed by a machine, such as a compiler, the machine becomes an apparatus for practicing the invention In the case of program co.e execution on programmable computers, the computing device will generally include a proces or, a storage medium readable by the processor (including volatile and non-volante memory ami/or storage elements), at least one input device, and at least one ourput device One or more programs that may utilize the techniques of the present invention, e.g., through the use of a data processing API or the like, are preferably implemented in a high level procedural or object orieiited programming language to communicate with a computer system. However, the program(s) can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language, and combined with hardware implementations. The methods and apparatus of the present invention may Iso be practiced via communications embothed in me form of program code that is transmitted over some transmission medium, such as over electrical wiring or cabling, trough fiber optics, or via any other form of transmission, wherein, when the program code is received and loaded into and executed by a machine, such as an EPROM, a gate array, a progr.anmable logic device (PLD), a client computer, a video recorder or the like, or a receiving machine having the signal processing capabilities as described in exemplary embodiments above becon.es an apparatus for pracnemg the invention. When implemented on a general-purpose processcf, the program code combines with the processor to provide a unique apparatus that operates to . avolce the funcnonality of the present invention. Additionally, any storage techniques used in cmnecnon with the present invention may invariably be a combination of hardware and software. While the present invention has been described in connect ion with the preferred embodiment* of the various figures, it is to be understood that other similar embodiments may be used or modifications and additions may be made to the described embodiment for performing the same function of the present invention without deviating there from. For example, while exemplary network environments of the invention are described m the context of a networked environment, such as a peer to peer networked environment, one skulled in the an will recognize that the present invention is not limited thereto, and that the meth ds, as descnbed in the present application may apply to any computing device or environment, s.ich as a gaming console, handheld computer, portable computer, etc , whether wired or wir.Iess, and may be applied to any number of such computing devices connected via a communn acions network, and interacting across the network. Furthermore, it should be emphasized that a \ ariery of computer platforms, including handheld device operating systems and other application specific operating systems are contemplated, especially as the number of wireless networked dev.ces continues to proliferate. Still further, the present invention may be implemented in or acros a plurality of processing chips or devices, and storage may similarly be effected across a plurality of devices. Therefore, the present invenuon should not be limited to any single embodiment, but rather should be construed in breadth and scope in accordance with the appended c 141ms. We claim: 1. A computer implementable method for adding a digital signature sub-object for use with a header object comprising a plurality of sub-objects implemented by at least one computing system, the method comprising: selecting all or a portion of at least one of said plurality of sub-objects within the header object that are to be associated with a digital signature, wherein the selection, or the selections collectively, make up at least one region; identifying a region specifier for the at least one region; creating an array comprising the region specifier for each of the at least one region; producing the digital signature associated with each of said at least one region in said array; adding the digital signature sub-object comprising said array and said digital signature to the header object, said plurality of sub-objects within the header object being rearrangeable within the header object without invalidating the digital signature; and storing said header object in memory. 2. The method of claim 1, where each of said at least one region comprises a sub-object from among said plurality of sub-objects. 3. The method of claim 1, where each of said region specifiers comprises a checksum calculated according to a checksum algorithm. 4. The method of claim 3, where said checksum is calculated for the at least one region. 5. The method of claim 3, where said checksum is calculated for the all or the portion of at least one of said plurality of sub-objects contained in the region. 6. The method of claim 3, where said digital signature sub-object comprises a checksum algorithm identifier identifying the checksum algorithm used. 7. The method of claim 3, where each of said region specifiers comprises a checksum length. 8. The method of claim 1, where said digital signature sub-object comprises a signature algorithm identifier identifying a signature algorithm used for said producing of a digital signature. 9. The method of claim 1, where said digital signature sub-object comprises signer identifier identifying a signer for verification of said digital signature. 10. The method of claim 9, where said signer identifier comprises digital certificates for securely identifying and verifying a public key of said signer. 11. The method of claim 1, where each of said region specifiers comprises a region offset identifying a start location of the corresponding region in a sub-object. 12. The method of claim 1, where each of said region specifiers comprises a region size identifying a size of the corresponding region in a sub-object. 13. The method of claim 1, where said header object is a header object for an ASF file. 14. The method of claim 13, where said header object further comprises a GUID. 15. A computer implementable method for use with a header object comprising a plurality of sub-objects implemented by at least one computing system, comprising: validating a digital signature for at least one region, where a selection of all or a portion of at least one of said plurality of sub-objects within the header object that are associated with a digital signature make up at least one region, where said sub-objects are rearrangeable within the header object without invalidating the digital signature, and where an array comprises region specifiers for each of said at least one region; identifying a region corresponding to each of said region specifiers; creating a digital signature sub-object, within said header object, comprising said array and, for each of said region specifiers, said region corresponding to said region specifier; validating said digital signature on said digital signature sub-object; and storing said digital signature sub-object in memory. 16. The method of claim 15, where said header object is a header object for an ASF file. 17. A computer implementable method for use with a header object comprising a plurality of sub- objects implemented by at least one computing system, comprising: validating a digital signature for at least one region, where a selection of all or a portion of at least one of said plurality of sub-objects within the header object that are associated with a digital signature make up at least one region, where said sub-objects are rearrangeable within the header object without invalidating the digital signature, and where an array comprises region specifiers for each of said at least one region; determining a count of digital signatures present in said header object; validating each of said digital signatures; and storing said header object in memory. 18. The method of claim 17, further comprising: returning an error value if the count of digital signatures present in said header object is zero. 19. A system for use with an object comprising a plurality of sub-objects, said system providing a digital signature for at least one region, where said at least one region is comprised of all or a portion of one of at least one sub-object within said plurality of sub-objects, the system comprising: a processing unit; array-creation means for creating an array comprising, for said at least one region, a region specifier identifying the region, where each of said region specifiers comprises a checksum calculated according to a checksum algorithm; signing means for producing the digital signature based on data comprising each region and said array; and signature sub-object adding means for adding a signature sub-object comprising said array and said digital signature to the object, where said sub-objects within the object may be rearranged within the object without invalidating the digital signature. 20. The system of claim 19, where said at least one region comprises a sub-object from among said plurality of sub-objects. 21. The system of claim 19, where said checksum is calculated for the region. 22. The system of claim 19, where said checksum is calculated for the all or the portion of at least one of said plurality of sub-objects contained in the region. 23. The system of claim 19, where said signature sub-object comprises a checksum algorithm identifier identifying the checksum algorithm used. 24. The system of claim 19, where each of said region specifiers comprises a checksum length. 25. The system of claim 19, where said signature sub-object comprises a signature algorithm identifier identifying a signature algorithm used for said producing of a digital signature. 26. The system of claim 19, where said signature sub-object comprises signer identifier identifying a signer for verification of said digital signature. 27. The system of claim 26, where said signer identifier comprises digital certificates for securely identifying and verifying a public key of said signer. 28. The system of claim 19, where each of said region specifiers comprises a region offset identifying a start location of the corresponding region in a sub-object. 29. The system of claim 19, where each of said region specifiers comprises a region size identifying a size of the corresponding region in a sub-object. 30. The system of claim 19, where said object is a header object for an ASF file. 31. The system of claim 30, where said header object further comprises a GUID. 32. A system for validating a digital signature for use with an object comprising a plurality of sub-objects, said system comprising: a processing unit; region-identifying means identifying at least one region corresponding to each of region specifiers, wherein said at least one region comprises all or a portion of one of at least one sub-object within said plurality of sub-objects, wherein each of said region specifiers comprises a checksum calculated according to a checksum algorithm; object creation means for creating a object comprising an array and, for each of said region specifiers, said region corresponding to said region specifier, wherein said array comprises region specifiers for each of said at least one region; and validation means for validating said digital signature on said object for said at least one region, wherein said sub-objects are rearrangable within the object without invalidating the digital signature. 33. The system of claim 32, where said object is a header object for an ASF file. 34. A system for validating a digital signature for use with an object comprising a plurality of sub-objects, said system comprising: counting means for determining a number of digital signatures present in said object, wherein at least one region comprises all or a portion of one of at least one sub-object of the plurality of sub-objects and an array comprises region specifiers for each of said at least one region, each region specifier comprising a checksum calculated according to a checksum algorithm; and validating means for validating each of said digital signatures for at least one region, wherein said sub-objects are rearrangable within the object without invalidating the digital signature. 35. The system of claim 34, further comprising: error return means returning an error value if the number of digital signatures present in said object is zero.

Full Text

Data Stream Header Object Prota nog
Field of the Invention:
The present invention relates generally to data venficatiori and more particularly to a header object for a data file.
Background of the Invention:
Convcnnonally, some data file and data stream formala in lude header objects. The header object includes "mexa-coment" information used for identirying and using the cootcnt data included in the data file or data stream.
for example, one dau stream format is the Advanced Streaming Format (ASF), which U an exTenaible rile format designed to store coordinated multimedia data. The current specification for this format is available from wwwnricrosoft.com ASF supports data delivery over a wide variety of networks and protocols while allowing for le cal playback.
Each ASF file is composed of one or more media streams. the header object specifics the properaes of the enare file, along with stream-specific properties. In ASF, each file must have one header object. The header object provides a well-known oyte sequence at the beginning of ASF files (the header object GUTD (globally unique iiiendfier)) and to contain all the information needed to properly interpret the multimedia data. 1 he header object may be thought of u a container thai contains header object information an a combination of header sub-object*. The header object information consist* of a GU1D for the header object ("ASF_Header_object, the sue of the header object, and the numoer of header sub-objects contained in the header object. Each header object begins with a Gt JTD
Header sub-objects include:
• A file properties sub-object, which defines the global characts risacs of the multimedia dau in doe file;
• A stream properties sub-object, which defines the specific pi operties and characteristics
of a media stream;
• The header extension sub-object, which allows additional functionality to be added ro an ASF file while maintaining backwards compatibility, and .s a container containing extended headeT sub-objects;
• The codec list sub-object, which provides user-friendly imormaiion about the codecs and formats used to encode the content found in the ASF file;
• The script command sub-object, which provides a list of r\ peparamiter pairs of Unicode strings that art synchronized to the ASF file's timeline;
• The marker sub-object, which contains a small, specializen index thai is used to provide named jump points within a file to allow a content author u divide content into logical sections, such as song boundanct in an entire CD or topic changes during a long presentation, and to assign a human-readable name to each section of a file for use by the user,
• The bitratc mutual exclusion sub-object, which identifies video streams that have a mutual exclusion relationship to each other (in other words only one of the streams within such a relationship can be streamed and the rest are ignored);
• The error correction sub-object, which defines the error cot,Action method and provides lnformaucra needed by the error correction engine for recovcry;
• The content description sub-object, which permits authors to record well-known data describing the file and its contests, including title, author, copyright, description, and rating information;
• The extended content description sub-object, which permits authors to record data describing the file and its contents that is beyond the standard bibliographic information such as title, author, copyright, description, or raring information;
• The content encryption sub-object, which identifies if the coatcm is protected by a digital rights management (DRM) system. This sub-object include the DRM license-acquisition URL, the DRM Key ID, and other DRM-related metadata.
• The scream bitrare properties sub-objecr, which defines the average birrate of e3ch media stream in the multimedia data; and
• A padding sub-object, which is a dummy sub-object useci to pad out the size of ihc header object.
The entity wruch first creates the data stream file and any successive entities acting on it may add or change elements of the header file. For example, a content-creating entity may create a data stream file, and include information in the content description object regarding the content. A second entity may create markers within the data, and wish to add a marker object with track information. And a third entity, which distributes the data strean: file, may add a script command object containing actions or data for scripts. For example, a script command object may contain information that opens a web browser window to a sjwcified URL (uniform resource locator).
Because a number of entities may act on an ASF file, there is no way to determine which entity has created which part of the header object. Additionally, a change of information by an attacker cannot be identified.
Summary Of The Invention:
The present invention is directed to a system, method, and data structure for the verification of sub-objects in a header object The invention allows for verification by one entity of one or more sub-objects in the header object while still allowing the ordering of sub-objects to change. New sub-objects can also subsequently be created and vei lfied by another ennry. The verification of two or more sub-objects by a trusted entity may be combined, so that an art acker can not remove or change data leaving one sub-object verifiable as having been signed by the trusted entity while the other sub-objecx is not verifiable.
Addinonal features and advantages of the invention are set forth in the description below
Brief Description Of The Figure:
FIG 1 is a diagram illustrating an overview of a compute, system.
FIG. 2 is a block diagram illustrating a file according to U.e invention.
FIG, 3 illustrates the process of creating a digital signarurr sub-object according to the invention.
FIG. 4 illustrates the process of verifying a digital signature sub-object according to the invention.
FIG 5 illustrates a digital signarure sub object according ve the invention.
Defiled Description Qf The Preferred Embodiment!:
Overview
One or more digital signature sub-objects can be created and placed in the header object of a data 61c to allow for signature information for sub-objects ana regions of sub-object in the header object. if a digital signature sub-object us present and valid any editing or tampering with the signed sub-objects can be detected. Ordering of the sub-object need not be preserved
The digital signature sub-object contains an array of region specifiers. Each region specifier identifies a specific region within a sub-object- A region specifier may also identify a complete sub-object.
The digital signature sub-object also contains a signature. 1 he signature is a digital signature of the regions listed in the array of region specifiers. The signature can be used to venry that dw regrona Listed in the region specifier array have not been tampered with.
Exemplary Compunnfl EnvirDnment
FIG. 1 illustrates an example of a suitable computing system environment 100 in which the invention may be implememod. The computing system environMcnt 100 is only one example of a suitable computing environment and is not intended to suggest any limitation as to the scope of use ot functionality of the mvennon. Neither should the computiu.g environment 100 be
interpreted as having any dependency or requirement rclanng to any one or combination of components illustrated in the exemplary operating environment ,00.
One of ordinary stall in the an can appreciate that a computer or other client or server device can be deployed as part of a computer network, or in a di .mbuted computing environment. In this regard, the present invention pertains to an computer system having any numbeT of memory or storage units, and any number of applications and processes occurring across any number of storage units or volumes, which may be usied in connection with the present invention The present invention may apply to an environment with server computers and client computers deployed in a network environment or distributed computing environment, having remote or local storage. The present invennon may also be applied to standalone computing devices, having programming language functionality, interpretation and execunon capabilities for generating, receiving and transmitting information in connecbem with remote or local services.
The invention is operational with numerous other general purpose or special purpose computing system environments or configurarions. Examples of well known computing systems, environments, and/or configurations that may be suitable for use *tth the invention include, but are not limited to, personal computers, server computers, hand-hetd or laptop devices, multiprocessor systems, microprocessor-based systems, set top b xes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, listribuied computing environments that include any of the above systems or devices, and the like.
The invention may be described in the general context of c omputer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The invention may also be practiced in distributed computing environments where task3 are performed by remote processing devices that are linked through a communications network or other data transmission medium. In a distributed computing environment, program modules and other data may be located in both local and remote computer storage media including memory storage devices. Distributed
computing facilitates sharing of computer resources and -. -vices ny direct exchange between computing devices and systems. These resources and services include the exchange of information, cache siorage, and disk siorage for files. Distnburcd computing takes advantage of nerwork connectivity, allowing clients to leverage their collective power to benefit the entire enterprise. In this regard, a vanery of devices may have applicant.ns, objects or resources that may utili2c the techniques of the present invention.
With reference to FIG. 1, an exemplary system for implemcmting the invention includes a general-purpose computing device in the form of a computer 110. Components of computer 110 may include, but are not limited to, a processing unit 120, a system memory 130, and a syttem bus 121 thai couples various system components including the sysicm memory to the processing unit 120. The system bus 121 may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, and a local bus using any of a variety of bus architectures. By way of example, and not limitation, such architet rum include Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MC A) bus. Enhanced ISA (EISA) bus, Video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus (also known as Mezzanine bus).
Computer 110 typically includes a variety of computer readable media. Computer readable media can be any available media that can be accessed by computer 110 and includes both volatile and nonvolatile media, removable and non-removable media. By way of example, and not limitation, computer readable media may comprise computer storage media and communication media. Computer storage media includes both volaule and nonvolanle, removable and non-removable media implemented in any method cr technology for storage of mforrnation such as computer readable instructions, data structures, program modules or other data. Computer storage media includes, but is not limited to. RAM, ROM, EEPROM, flash memory or other memory technology, CDROM, digital versatile di-ks (DVD) or other opneal disk storage, magnetic cassette*, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to store the desired uiformauon and thai can accessed by computer 110. Communication media typically emboth es computer readable
instructions, data structures, program modules or other data in a modulated data signal such as a earner wave or other transport mechanism and includes any infoi mation delivery media. The term "modulated data signal" means a signal that has one or morr of iu characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wued connection, and wireless media such as acoustic, RF, infrared anc other wireless media. Combinations of any of the above should also be included within the scope of computer readable media.
The system memory 130 includes computer storage media in the form of volatile and/or nonvolatile memory such as read only memory (ROM) 131 and rutjdom access memory (HAM) 132. A basic input/output system 133 (BIOS), containing the basu routines thai help to transfer mformaxion between elements within computer UO, such as during start-up. is typically stored in ROM 131 RAM 132 typically contains data and/or program modi Jesthat are immediately accessible to and/or presently being operated on by processing unit 120. By way of example, and not limitation, FIG. I illustrates operating system 134, application programs 135, other program modules 136, and program data 137
The computer 110 may also include other removable/non-removable, volatile/nonvolatile computer storage media. By way of example only, FIG. 1 illustrates a hard disk drive 140 thai reads from or writes to non-removable, nonvolatile magnetic medio, a magnetic disk drive 151 thai reads from or writes to a removable, nonvolatile magnetic disk 152, and an optical disk drive 155 that reads from or write* to a removable, nonvolanle optical di Jc 156, such as a CD ROM or other optical media. Other raaovablc/non-mnovable, volanle/nom olanJe computer storage media that can be oaed in the exemplary operating environment inc iude, but are not limited to, magnetic tape cassettes, flash memory cards, digital versatile disks, digital video tape, solid state RAM, solid state ROM, and the like. The hard disk drive 141 is Typically connected to the system bus 121 through an non-removable memory interface such as interface 140, and magneric disk drive 151 and optical disk drive 155 are ryptcally connected to the system bus 121 by a removable memory interface, such as interface 150.
The drives and their associated compuier storage media di .cussed above and illustrated in FIG 1, provide storage of compuier readable instructions, data su jctures, program modules and other data for the compuier 110 In FIG. 1, for example, hard disk dnvc 141 ts illustrated as storing operating system 144, application programs 145, other program modules 146, and program data 147. Note that these components can either be the same as or different from operating system 134, application programs 135, other program m xlules 136, and program data 137 Operating system 144, application programs 145, other progr on modules 146, and program daw 147 are given different cumbers here to illustrate that, a a rrujomuxn, they are different copies. A user may enter commands and information into the computer 20 through input devices such aa a keyboard 162 and poinnng device 161, commonly referred to as a mouse, trackball or touch pad. Other input devices (not shown) may include a microphone, joystick, game pad, satellite dish, scanner, or the like. These and other input devices art often connected to the processing unit 120 through a user input interface 160 that is couplad to the system bus, but may be connected by other interface and bus structures, such as a parallel port, game port or a universal scnal bus (USB). A monitor 191 or other type of display .levice is also connected to the system bus 121 via an interface, such as a video interface 190, In audition to the monitor, computers may also include other peripheral output devices such as speakers 197 and printer 196, which may be connected through an output peripheral interface 190.
The compuier 110 may operate in a networked environment using logical connections to one or more remote computers, such as a remote computer 180. The remote computer 180 may be a personal computer, a server, a router, a network PC, a peer device or other common network node, and typically iticludes many or all of the elements described attove relative to the computer 110, although only a memory storage device 181 has been ullustraiexs in FIG 1- The logical connections depicted in FIG. 1 include a local area network (LAN) i 71 and a wide area network (WAN) 173, but may also include other networks. Such networking environments are commonplace m offices, enterprise-wide compuier networks, intranets and the Internet.
When used in a LAN networking environment, the compuier 110 is connected to the LAN 171 through a network interface or adapter 170. When used in J WAN networking
environment, the computer 110 typically includes a modem 72 . of other means for establishing communications over the WAN 173, such as the Internet. The medem 172, which may be internal or external, may be connected to the system bus 121 via he user input interface 160, or other appropriate mechanism- In a networked environment, progitm modules depicted relative to the computer 110, or portions thereof, may be stored in the remou memory storage device. By way of example, and not limitation, FIG. 1 illustrates remote application programs 185 as rrsichng on memory device 181. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications lins between the computers may be used.
Pipul Signature Sub-Objects
Where a header object includes sub-objects and regions of sub-objects to be protected, according to the invention, a digital signature sub-object may be a-tded to the neader id order to allow verification that the sub-objects and regions signed have not been tampered with- This digital signature sub-object may be based on any digital signing algorithm that takes as input some data and produces a signature that can later be verified. In o.te embodiment, the algorithm used is the RS A algontbm. In another embodiment, the elliptic cu/ve algondun is used. Other embodiments may use other signature algorithms.
Referring to FIG. 2, file 200 contains a neader object 210. in addition to header information 215, header object 210 contains a file properties sub-onject 220, a stream properties sub-object 230, a script command sub-object 240, and content desc ription sub-object 250. Content description sub-object 250 contains information on title 25 2, atuhor 254, copyright 256 and description 258 of the content Script command sub-object 24o contains a URL 245. File 200 also contains data object 290. This figure is exemplary, and it will be recognized that other combinations of sub-objects may be present in the header object rulaer dwn those shown.
An endty may prevent tampering with pans of the header obiect 210 by adding digital signarurc sub-object 260. Digital signature sub-object 260 contains region specifier array 264 and signature 266. In one embodiment, digital signature sub-object 260 also contains signer
information 268. Ln one embodiment, signer information 268 contains one or more certificates a hich can be used to securely verify the signature 266
The process for creating a digital signature sub-object 260 ;s shown in FIG 3. As shown in step 110, the entity decides which one OT more regions of header sub-objects it is going to sign and determines the region specifiers for these regions. For example, with reference to FIG 2. the regions to be signed may include the script command sub-object 2 10 and the title, author, and copyright sections of the content description sub-object 250 Refe nng again to FIG. 3, in step 320, the region specifier array 264 (from FIG. 2) is created. In stev 330, the regions specified in the region specifier aoay 264 are concatenated (m the order in whkb they are specified in the region specifier array 264) along with the region specifier array 264. This region is then signed 340 to produce signature 266 (from FIG. 2).
When a file containing a header object including a digital signature sub-object is modified, the order of the sub-objects may be changed and addiuoi.al sub-objects may be inserted. If additional regions or sub-objects are to be verified, a new digital signature sub-object may be added-
With reference to FIG. 2, in order to check the verification of the header object 210, the digital signature sub-object 260 and the regions specified in the region specifier array 264 are used As shown in FIG. 4, step 410, the header sub-object regions peeified in the region specifier array 264 (from FIG. 2) are identified- In step 420, these regions are concatenated (in the order in which they are specified in the region specifier array 264) together with the region specifier array 264. In step 430, signature 266 (from FIG. 2) is chet ted to determine whether it is a valid signature for rite concatenation.
In one embodiment of the invention, both regions of sub-objects and complete sub-objects may be signed using the digital signature sub-object. In another embodiment, only complete sub-objects may be signed. In one embodiment of the mv soaon, more than one region from a single sub-object may be signed in one digital signature sub-rbject In one embodiment of the invention, the regions of one sub-object being signed may ovtrlap.
In one embodiment of ihe invention, each header object m.ist contain at leasr one digital signature sub-object. If the header object does not contain a digital signature sub-objeci when one is expected, then it can be assumed that the header object has been tampered with. If the header object contains a digital signature sub-object that does not verify correctly or is not from a trusted source, the entity receiving the file containing the header object may act accordingly, for example, in one implementation, by not using the file. According .o this embodiment, a check is performed to see if any digital signature sub-objects exist. If none exist, then verification fails If sub-objects do exist, each one is checked to yield a verification result.
In one embodiment, any file F that is a collection of objects Ov, 02,.. O0 may be signed according to the invention. A new object O04, ia created which inchlidea a region specifier array specifying the objects or regions of objects signed and a signature tor those objects and the array
Exemplary ASF Implementation
In one embodiment, the file is an ASF file. The components of a digital signature sub-object for an ASF file, in one embodiment, is shown in FIG. 5. Digital signature sub-object 500 includes a GUTD 510. Each object and sub-object in an ASF file begins with a GUID. GUIDs are used to uniquely identify all objects types within ASF files. Etch ASF object type has its own unique GUID However, in general, GUIDs cannot be used to uniquely identify sub-objects within an ASF Header object since multiple sub-objects in an ASF 1 leader object may have the same object type, and thus have the same GUID
The next element in the exemplary ASF digital signature sut-object 500 is the sub-object size S20. Again, all ASF objects and sub-objects generally include toe sue of the object and sub-object. The region specifier array 540, as described above, is preceded by the number of signed regions conwuned in the region specifier array 530. The checksum algorithm identifier 550 and the signature aigonuim identifier 560 identify the checksum and signature algorithms used in the digital signature sub-object. The signature 580 of the regions and the region specifier array is preceded by the length of the signature 570, Signer mrormahon 590 contains information
to verify or obuun information regarding the signer. Signer infor nation 590 may include the identity of the signer. In one embodiment, signer information 59, contains a certificate chain that can be used to verify che public key of the signer is from a trusted source.
In ihe exemplary A$F implementation, each region specil.er contains a sub-object region offset, a sub-object region size, a checksum length and an object - hecksura. The region offset identifies where the region starts in the sub-object, and the region size identifies the sue of the region. The object checksum corresponds to the checksum of the region specified. This checksum algondim, in a preferred embodiment, is the Secure Hash Algorithm (SHA-1) algonthm. This algondim is available in the Federal Information Processing Standards Publication 180-1, which is available on the Internet at http://wwwjrj.nist.y)v/fipspubs/fip 180-1 htm. In alternate embodiments, any hashing algorithm with a low probability of collision can be used. In an alternate embodiment, the object checksum corresponds to the checksum of the sub-object containing the region specified.
When the signature is being checked, in order to determine which sub-object the region is located in (as in step 410 of FIG- 4), the header sub-objects are examined. For each sub-object being examined, a checksum is computed according to the algontin specified in the checksum algohdim identifier 550. In the embodiment where me checksum is computed over the region, a checksum is computed for the data contained in that sub-object which begins at me given sub-object region offset and extends to be the given sub-object region oze. In me embodiment where the checksum if computed owr the entire sub-object, a checksum i computed for the sub-object. When a checksum is computed which matches the checksum in d.e region specifier, the correct sub-object for the region specifier has been identified When a sub-object corresponding to each region specifier has been identified, the signature can be checked.
In this implementation, in order to specify an entire sub-obfoct to be signed, the offset in the region specifier will be zero, and the region size will be equal lo the lengm of the sub-object In another embodiment, the checksum is computed for we entire sob-object rather dian for the specified region.
In this embodiment, more than one digital signature sub-object may be included in an object, in order to allow flexibility in having different areas of sut -objects verified together, and having different entities verify sub-objects.
In other embodiments, other methods may be used to identify the regions In one embodiment, data which can uniquely identify the sub-object is contained with in the region specifier along with region offset and size data-in other embodiments, only entire sub-objects may be signed In one embodiment, the region specifier includes a checksum over the entire sub-object Li another embodiment, the lengih of the checksum is also included. In yet another embodiment, other dau that can identify the sub-object is used in the region specifier Conclusion
Herein a system and method for data stream header object protection. As mentioned above, while exemplary embodiments of the present invention have been described in connection with various computing devices and network architectures, the untierlying concepts may be applied to any computing device or system in which it is desirable to provide dau stream header object protection. Thus, the techniques for providing dau stream header object protecuon in accordance with the present invention may be applied to a variety of applications and devices For instance, the techniques of the invention may be applied to the operating system of a computing device, provided as a separate object on the device, as pan of another object, as a downloadable object from a server, as a "middle man" between a device or object and the network, as a distributed object, etc. White exemplary names and e The various techniques described herein may be implemented in connection with hardware or software or, where appropriate, with a combination of both. Thus, the methods and appararus of the present invention, or certain aspects or portions thereof, may take the form of program code (i e., instructions) embothed in tangible media, such -J Soppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium wherein, when the program
code is loaded into and executed by a machine, such as a compiler, the machine becomes an apparatus for practicing the invention In the case of program co.e execution on programmable computers, the computing device will generally include a proces or, a storage medium readable by the processor (including volatile and non-volante memory ami/or storage elements), at least one input device, and at least one ourput device One or more programs that may utilize the techniques of the present invention, e.g., through the use of a data processing API or the like, are preferably implemented in a high level procedural or object orieiited programming language to communicate with a computer system. However, the program(s) can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language, and combined with hardware implementations.
The methods and apparatus of the present invention may Iso be practiced via communications embothed in me form of program code that is transmitted over some transmission medium, such as over electrical wiring or cabling, trough fiber optics, or via any other form of transmission, wherein, when the program code is received and loaded into and executed by a machine, such as an EPROM, a gate array, a progr.anmable logic device (PLD), a client computer, a video recorder or the like, or a receiving machine having the signal processing capabilities as described in exemplary embodiments above becon.es an apparatus for pracnemg the invention. When implemented on a general-purpose processcf, the program code combines with the processor to provide a unique apparatus that operates to . avolce the funcnonality of the present invention. Additionally, any storage techniques used in cmnecnon with the present invention may invariably be a combination of hardware and software.
While the present invention has been described in connect ion with the preferred embodiment* of the various figures, it is to be understood that other similar embodiments may be used or modifications and additions may be made to the described embodiment for performing the same function of the present invention without deviating there from. For example, while exemplary network environments of the invention are described m the context of a networked environment, such as a peer to peer networked environment, one skulled in the an will recognize
that the present invention is not limited thereto, and that the meth ds, as descnbed in the present application may apply to any computing device or environment, s.ich as a gaming console, handheld computer, portable computer, etc , whether wired or wir.Iess, and may be applied to any number of such computing devices connected via a communn acions network, and interacting across the network. Furthermore, it should be emphasized that a \ ariery of computer platforms, including handheld device operating systems and other application specific operating systems are contemplated, especially as the number of wireless networked dev.ces continues to proliferate. Still further, the present invention may be implemented in or acros a plurality of processing chips or devices, and storage may similarly be effected across a plurality of devices. Therefore, the present invenuon should not be limited to any single embodiment, but rather should be construed in breadth and scope in accordance with the appended c 141ms.

We claim:
1. A computer implementable method for adding a digital signature sub-object for use with a header
object comprising a plurality of sub-objects implemented by at least one computing system, the
method comprising:
selecting all or a portion of at least one of said plurality of sub-objects within the header object that are to be associated with a digital signature, wherein the selection, or the selections collectively, make up at least one region;
identifying a region specifier for the at least one region;
creating an array comprising the region specifier for each of the at least one region;
producing the digital signature associated with each of said at least one region in said array;
adding the digital signature sub-object comprising said array and said digital signature to the header object, said plurality of sub-objects within the header object being rearrangeable within the header object without invalidating the digital signature; and
storing said header object in memory.
2. The method of claim 1, where each of said at least one region comprises a sub-object from among said plurality of sub-objects.
3. The method of claim 1, where each of said region specifiers comprises a checksum calculated according to a checksum algorithm.
4. The method of claim 3, where said checksum is calculated for the at least one region.
5. The method of claim 3, where said checksum is calculated for the all or the portion of at least one of said plurality of sub-objects contained in the region.
6. The method of claim 3, where said digital signature sub-object comprises a checksum algorithm identifier identifying the checksum algorithm used.
7. The method of claim 3, where each of said region specifiers comprises a checksum length.

8. The method of claim 1, where said digital signature sub-object comprises a signature algorithm identifier identifying a signature algorithm used for said producing of a digital signature.
9. The method of claim 1, where said digital signature sub-object comprises signer identifier identifying a signer for verification of said digital signature.

10. The method of claim 9, where said signer identifier comprises digital certificates for securely identifying and verifying a public key of said signer.
11. The method of claim 1, where each of said region specifiers comprises a region offset identifying a start location of the corresponding region in a sub-object.
12. The method of claim 1, where each of said region specifiers comprises a region size identifying a size of the corresponding region in a sub-object.
13. The method of claim 1, where said header object is a header object for an ASF file.
14. The method of claim 13, where said header object further comprises a GUID.
15. A computer implementable method for use with a header object comprising a plurality of sub-objects implemented by at least one computing system, comprising:
validating a digital signature for at least one region, where a selection of all or a portion of at least one of said plurality of sub-objects within the header object that are associated with a digital signature make up at least one region, where said sub-objects are rearrangeable within the header object without invalidating the digital signature, and where an array comprises region specifiers for each of said at least one region;
identifying a region corresponding to each of said region specifiers;
creating a digital signature sub-object, within said header object, comprising said array and, for each of said region specifiers, said region corresponding to said region specifier;
validating said digital signature on said digital signature sub-object; and
storing said digital signature sub-object in memory.
16. The method of claim 15, where said header object is a header object for an ASF file.

17. A computer implementable method for use with a header object comprising a plurality of sub-
objects implemented by at least one computing system, comprising:
validating a digital signature for at least one region, where a selection of all or a portion of at least one of said plurality of sub-objects within the header object that are associated with a digital signature make up at least one region, where said sub-objects are rearrangeable within the header object without invalidating the digital signature, and where an array comprises region specifiers for each of said at least one region;
determining a count of digital signatures present in said header object;
validating each of said digital signatures; and
storing said header object in memory.
18. The method of claim 17, further comprising:
returning an error value if the count of digital signatures present in said header object is zero.
19. A system for use with an object comprising a plurality of sub-objects, said system providing a
digital signature for at least one region, where said at least one region is comprised of all or a portion
of one of at least one sub-object within said plurality of sub-objects, the system comprising:
a processing unit;
array-creation means for creating an array comprising, for said at least one region, a region specifier identifying the region, where each of said region specifiers comprises a checksum calculated according to a checksum algorithm;
signing means for producing the digital signature based on data comprising each region and said array; and
signature sub-object adding means for adding a signature sub-object comprising said array and said digital signature to the object, where said sub-objects within the object may be rearranged within the object without invalidating the digital signature.
20. The system of claim 19, where said at least one region comprises a sub-object from among said
plurality of sub-objects.

21. The system of claim 19, where said checksum is calculated for the region.
22. The system of claim 19, where said checksum is calculated for the all or the portion of at least one of said plurality of sub-objects contained in the region.
23. The system of claim 19, where said signature sub-object comprises a checksum algorithm identifier identifying the checksum algorithm used.
24. The system of claim 19, where each of said region specifiers comprises a checksum length.
25. The system of claim 19, where said signature sub-object comprises a signature algorithm
identifier identifying a signature algorithm used for said producing of a digital signature.
26. The system of claim 19, where said signature sub-object comprises signer identifier identifying a signer for verification of said digital signature.
27. The system of claim 26, where said signer identifier comprises digital certificates for securely identifying and verifying a public key of said signer.
28. The system of claim 19, where each of said region specifiers comprises a region offset
identifying a start location of the corresponding region in a sub-object.
29. The system of claim 19, where each of said region specifiers comprises a region size identifying a size of the corresponding region in a sub-object.
30. The system of claim 19, where said object is a header object for an ASF file.
31. The system of claim 30, where said header object further comprises a GUID.
32. A system for validating a digital signature for use with an object comprising a plurality of sub-objects, said system comprising:
a processing unit;
region-identifying means identifying at least one region corresponding to each of region specifiers, wherein said at least one region comprises all or a portion of one of at least one sub-object within said plurality of sub-objects, wherein each of said region specifiers comprises a checksum calculated according to a checksum algorithm;

object creation means for creating a object comprising an array and, for each of said region specifiers, said region corresponding to said region specifier, wherein said array comprises region specifiers for each of said at least one region; and
validation means for validating said digital signature on said object for said at least one region, wherein said sub-objects are rearrangable within the object without invalidating the digital signature.
33. The system of claim 32, where said object is a header object for an ASF file.
34. A system for validating a digital signature for use with an object comprising a plurality of sub-objects, said system comprising:
counting means for determining a number of digital signatures present in said object, wherein at least one region comprises all or a portion of one of at least one sub-object of the plurality of sub-objects and an array comprises region specifiers for each of said at least one region, each region specifier comprising a checksum calculated according to a checksum algorithm; and
validating means for validating each of said digital signatures for at least one region, wherein said sub-objects are rearrangable within the object without invalidating the digital signature.
35. The system of claim 34, further comprising:
error return means returning an error value if the number of digital signatures present in said object is zero.

Documents:

1075-DEL-2003-Abstract-(09-07-2012).pdf

1075-del-2003-abstract.pdf

1075-del-2003-assignment.pdf

1075-DEL-2003-Claims-(09-07-2012).pdf

1075-del-2003-Claims-(19-02-2014).pdf

1075-del-2003-claims.pdf

1075-DEL-2003-Correspondence Others-(08-08-2011).pdf

1075-DEL-2003-Correspondence Others-(09-07-2012).pdf

1075-del-2003-Correspondence Others-(19-02-2014).pdf

1075-del-2003-Correspondence Others-(22-05-2012).pdf

1075-del-2003-Correspondence Others-(27-03-2012).pdf

1075-del-2003-Correspondence Others-(28-03-2012).pdf

1075-del-2003-correspondence-others.pdf

1075-del-2003-correspondence-po.pdf

1075-del-2003-description (complete).pdf

1075-DEL-2003-Drawings-(09-07-2012).pdf

1075-del-2003-drawings.pdf

1075-DEL-2003-Form-1-(09-07-2012).pdf

1075-del-2003-form-1.pdf

1075-del-2003-form-13.pdf

1075-del-2003-form-18.pdf

1075-del-2003-form-2.pdf

1075-DEL-2003-Form-3-(08-08-2011).pdf

1075-del-2003-Form-3-(27-03-2012).pdf

1075-del-2003-Form-3-(28-03-2012).pdf

1075-del-2003-form-3.pdf

1075-del-2003-form-5.pdf

1075-del-2003-GPA-(19-02-2014).pdf

1075-del-2003-gpa.pdf

1075-del-2003-Petition-137-(27-03-2012).pdf

« Previous Patent

Next Patent »

Patent Number

259429

Indian Patent Application Number

1075/DEL/2003

PG Journal Number

11/2014

Publication Date

14-Mar-2014

Grant Date

12-Mar-2014

Date of Filing

01-Sep-2003

Name of Patentee

MICROSOFT CORPORATION

Applicant Address

ONE MICROSOFT WAY, REDMOND, WASHINGTON 98052, U.S.A.

Inventors:

#	Inventor's Name	Inventor's Address
1	DANIEL ADENT	14828 NE 13TH STREET, BELLEVUE, WASHINGTON 98007, USA.
2	CORY WEST	3715 LIVINGSTON ROAD, CENTRAL POINT, OREGON 97502, USA.
3	PRATUL DUBLISH	22642 SE 13TH STREET, SAMMAMISH, WASHINGTON 98075, USA.
4	CLIFFORD P. STROM	4316 212TH AVENUE, NE, SAMMAMISH, WASHINGTON 98074, USA.
5	BRIAN D. CRITES	3904 163RD AVENUE, NE, REDMOND, WASHINGTON 98052, USA.

PCT International Classification Number

G06K 5/00

PCT International Application Number

N/A

PCT International Filing date

PCT Conventions:

#	PCT Application Number	Date of Convention	Priority Country
1	10/235,587	2002-09-04	U.S.A.