Providing software protection capability or a CD-ROM drive - technical

[FIGURES HAVE BEEN OMITTED]

The HP Series 61 00 Model 6001A drive supports two levels of security for software protection: load-time security, which prevents loading a package without the proper authority, and scrambling data on the disk to prevent reading a protected disk with another CD-ROM reader.

AN EFFECTIVE USE of CD-ROMs is for the distribution of very large quantities of software and literature. Before CD-ROM technology, software updates were distributed on tape. This method required the creation of multiple customized tapes for each customer. The tapes contained only the software that the customer had purchased. The security solution with this method was simple-customers only received tapes for the packages they had purchased.

With CD-ROM as the distribution medium, many large software packages can fit on one disk. This capability provides a significant cost savings over the tape distribution method. The problem with using CD-ROMs for distribution is how to give customers many software packages on one disk yet restrict them from using software that they did not purchase. This article discusses some aspects of the HP Series 6100 Model 600/A CD-ROM drive security scheme.

Implementation Considerations

Two security schemes were considered for the HP Model 600/A: run-time security and load-time security. Run-time security requires each package to check the system that it is about to run on. If the system is approved for running the package, the package will continue to run. If the system is not approved, the package will shut down, not allowing the package to run on a system that it was not originally installed on. Run-time security would have been a good method if we did not have the constraints of having to run on existing systems that do not have a method of identifying themselves, and protecting software that cannot be easily modified to use run-time security.

Load-time security does not allow the customer to load a package from the disk without the proper authority. This is the method we decided to use for the Model 600/A. This method satisfies both of the constraints mentioned above. The authority for accessing packages on an HP CD-ROM is a unique password that is shipped to the customer with each disk. This password enables customers to identify themselves uniquely to the Model 600/A CD-ROM drive.

Security Toolbox

There are many opinions on and methods of implementing software security features."" If we had provided a software security method that software distributors had to use, we would have ended up with a very small number of users. Instead, we decided to implement a toolbox approach. This gives users a box of security tools that can be used independently or not used at all.

The tools provided in the toolbox include:

* The capability to lock and unlock discrete portions of the disk selectively

* The ability to unscramble or decode secured data

* The ability to provide the host with a unique identifier.

The security scheme implemented may be defined in the security information that goes on the disk when it is mastered. This information may also define which host-to-disk commands (Command Set 80 commands) the Model 600/A will accept from the host.

The security information for a disk is located in the disk's system area. When a disk is mounted in the drive, based on the information in the system area, the Model 600/A either forces the implementation of the security scheme or redefines the default values of certain parameters. The default values are used when a new disk is loaded and after a Security Clear command is received from the host.

Region Access Map

The capability to lock and unlock regions of the disk selectively is provided using a structure called a region access map, which is located in the system area of the disk. The region access map logically divides the disk into regions. Each region has one or more logical sectors and each region is assigned to a group. Several different regions may be assigned to one group, but a region can only be assigned to one group. Fig. 1 shows this organization. Each region access map entry contains the start address of a region and the group the region is assigned to.

A structure called a group access map is used to determine which groups to lock or unlock. A default group access map exists in the system area of the disk. The group access map is a string of bits with the value of each bit representing the default locked or unlocked state of each corresponding group. Groups that are available to everyone will normally have their default value unlocked. Groups that must be individually purchased will normally have their default value locked.

For the customer to modify the group access map to unlock purchased packages, a group access map with the appropriate group representations set to unlocked and a verification password must be sent from the host to the Model 600/A disk controller. The disk controller will do some manipulation on the group access map, the publication identifier from the disk, and the internal identifier of the disk controller. The result of the manipulation is compared with the verification password received from the host. If the comparison proves that the group access map, the disk, and the disk controller all belong together, the customer's group access map is accepted as defining the locked and unlocked groups on the disk. If not, the HP Model 600/A disk controller will use the default group access map located in the system area of the disk. Fig. 2 summarizes this process.

To keep anyone from setting up a computer and sending a variety of verification passwords at full machine speed with the purpose of breaking through the security mechanism, the Model 600/A will purposely delay one second before returning to the host after discovering an incorrect password.

Fig. 3a shows a typical group of files that might exist on a software distribution disk. The operating system is contained in logical sectors 0 through 500, the COBOL compiler in sectors 501 through 600, and the Pascal compiler in sectors 601 through 700. Because of the modularity of the Pascal and COBOL compilers, both use drivers located in sectors 701 through 750. The region access map contains the disk addresses of each file. All the operating system files are assigned to group 0, the nonshared part of the COBOL compiler to group 1, the nonshared part of the Pascal compiler to group 2, and the shared drivers to group 3. If all customers were allowed access to the operating system but not the COBOL or Pascal compilers, the default group access map would have bit 0, representing group 0, set to unlocked, and bits 1, 2, and 3, representing groups 1, 2, and 3 respectively, set to locked (see Fig. 3b). If the customer had purchased COBOL but not Pascal, the customer's group access map would have bits ,1, and 3 set to unlocked and all other bits, including bit 2, set to locked (see Fig. 3c). Because there may be hundreds of software packages on a disk, it would be easier if the customer did not have to type in the group access map each time the system needed to be updated. Therefore, the group access map is not scrambled (encoded), allowing the customer to modify the map after receiving permission to access new packages. Allowing the user to modify the group access map does not nullify the security scheme because the group access map and the verification password must be compatible, ensuring that the customer can unlock only purchased software.

When the customer tries to access the disk, a host program will ask the customer for the password that came with the disk. The program will send the group access map and the password to the Model 600/A disk controller, and after performing the comparison process described earlier, the controller will unlock the correct portions of the disk. Once the disk is unlocked, it can be read using any standard CS-80 driver.

if the host does try to access a locked portion of the disk, the Model 600/A will normally respond with a NO DATA FOUND fault. However, there are some system drivers that will abort if this occurs. To solve this problem the Model 600/A is also capable of not responding with the NO DATA FOUND fault and returning to the host a string of meaningless data to complete the transaction so that it seems as if nothing happened. (The CS-80 command Data Fill, which is described later in this article, provides this capability). The host can then inquire about the security status to find out if an attempt was made to access a locked region of the disk and that invalid data was transmitted.

Unscrambling Data

The lockable disk is only secure if it is mounted in the Model 600/A CD-ROM drive. To prevent reading the disk from another CD-ROM reader, the data on a distribution disk is scrambled. The Model 600/A can unscramble a disk that has its data scrambled. This option should protect the packages from being loaded via another reader, and provides an extra level of security on top of the group access map and the verification password.

When data is scrambled for security purposes, a deciphering key is also generated. The unscrambling algorithm will return the scrambled data back to readable data only if it has available the same key used in the scrambling algorithm. The Model 600/A's unscrambling algorithm is located on the drive's controller board (see page 40). The key for the Model 600/A is an 8-byte value that can be located either on the disk or sent from the host. If the key is on the disk and scrambled, it is decoded using a predefined algorithm. If the key is sent from the host, the key will be decoded using an algorithm that is unique to each customer's Model 600/A CD-ROM drive. This scheme allows each of several customers to have a unique key even if they all have access to the same data.

The security tool for unscrambling data can be used in different ways. One method unscrambles either the whole disk or selected portions of the disk when data is read from the disk and sent to the host. Another method involves the host's using the Model 600/A as an unscrambling box. This method can be used only if certain portions of a package are scrambled. If the key used to unscramble the data is on the disk, the default method is to unscramble all data as it is read from the disk (see Fig. 4 switch position 2). If the key is sent from the host, the default method is to read the data and leave it scrambled (see Fig. 4 switch position 3).

To use the Model 600/A as an unscrambling box the host reads a complete scrambled file from the disk and then sends a customer-unique deciphering key to the CD-ROM drive. The host's unscrambling algorithm is a write, unscramble, and read sequence. First the scrambled file is written to the data buffer on the Model 600/A's controller using the CS-80 command Write Buffer (see Fig. 4 switch position 4). Next, using the CS-80 command Unscramble Buffer the host commands the controller to unscramble the data in the buffer using the deciphering key passed down earlier (see Fig. 4 switch position 1). Finally, the host uses the CS-80 command Read Buffer to transfer the unscrambled contents of the controller's data buffer to host memory.

Unique identifier

If a customer wants to implement run-time security, the Model 600/A has an 8-byte serial number available for the host. The serial number is in the same packed format as bytes two through nine of the HP 46084A HP-HIL ID module. This is the module used for system identification on HP 9000 Series 300 systems. The definition of the Model 600/A's 8-byte unique identifier corresponds to the report security code definition of bytes two through nine of the ID module.

Command Protocol

The HP-IB Command Set 80 protocol is used for communication between the CD-ROM reader and the HP 3000 MPE VE operating system. To simplify integration and for initial system startup the Model 600/A looks like a writeprotected HP 7935A 300-megabyte disk to the HP 3000 MPE VE operating system.

Making the Model 600/A look like a write-protected HP 7935A in most respects was simple. The biggest problem was trying to support the Release command, which frees a disk to be removed from the drive. Without a button on the front panel of the Model 600/A, the customer cannot request that the disk be released. On the HP 7935A, if the customer wants to remove a disk, the front-panel release button is pressed and the HP 7935A executes a release sequence that essentially asks the host if it can release the disk and go off-line, allowing the user to remove the disk and replace it with another disk. The HP 3000 system recognizes this sequence and knows that a disk has been removed and possibly replaced.

On the Model 600/A, if the door is unlocked, the user can remove a disk caddy at any time. It would be meaningless to make a Release request to the host because if the host denied the request, the host would think that the same disk was still loaded. The solution to this problem is that when a disk is removed a report is sent to the host that a new disk of zero length has just been loaded.

The constraint of trying to look like a write-protected HP 7935A meant that commands specific to the security or audio features of the CD-ROM had to be added under the CS-80 initiate Utility command. Service

Servicing the Model 600/A posed a potential problem. Since each unit must have a unique serial number that is used to validate passwords and manipulate unscrambling keys, the service engineer must have a means of programming these numbers in the field when a CD-ROM drive's controller board is replaced. The alternative to this would be to return the unit to the factory for repair.

Every repair board has programmed in EEPROM the serial number REPAIRBD and a special seed that is used to generate a unique password verification number. If this serial number is present on a board, the Model 600/A will allow a special service command Service 1) to be executed that programs a serial number into the controller board's EEPROM. It will also cause the unit to derive and program a unique password verification number into the EEPROM.

If the service engineer discovers after programming the controller board that the original controller board should not have been replaced, there is a process to return the repair controller board serial number back to REPAIRBD. The process requires that a special disk be mounted into the drive before a second special service command (Service 11) is executed. The combination of the special disk and the bytes sent with the Service II command will reprogram the serial number REPAIRBD and the special seed back into the controller board's EEPROM. If the Service II command is attempted and proves to be an invalid command because the wrong disk is being used or the wrong bytes are sent to the model 600/A, the controller will either program the EEPROM incorrectly or erase the EEPROM, requiring it to be sent back to the factory for reprogramming.

Utility Commands

The utility commands are CS-80 commands developed to support CD-ROM capabilities, security toolbox functions, and status information relevant to the Model 600/A security scheme. These commands are implemented via the CS-80 initiate Utility command. The initiate Utility command was included in the original CS-80 definition to allow the implementation of commands that are not in the formal CS-80 definition but fit into the CS-80 protocol. CD-ROM Commands. The following CS-80 commands are designed to support the Model 600/A and the features of CD-ROMs.

* Door Lock. Lock the drive's media door to prevent unwanted removal of the disk.

* Door Unlock. Unlock the drive's media door to allow removal of disk.

* Play Audio (length of play) (address of audio portion of the disk where to start playing). Play an audio portion of the CD-ROM. This command will return to the report phase when the audio is finished.

* Play Audio With Return Address (length of play) (address of audio portion of the disk where to start playing). Play an audio portion of the CD-ROM. This command will have multiple execution phases. At the end of each execution phase the address that is currently playing is returned to the host.

* Read TOC (track number). This command will return the TOC (table of contents) entry for the desired track number. The entry returned will consist of the address of that track and the control and address field from the Q channel of the CD-ROM.

* Set Logical Sector Length (sector length). This command will modify the logical length of a logical sector. The options available are 256, 512, 1024, 2048, 2336 and 2352 bytes. The default sector length will be either 256 bytes or the length defined in the system area of the disk. The typical frame of an industry-standard CD-ROM written with computer data contains 16 bytes of header, 2048 bytes of data, and 288 bytes of error correcting code (ECC). The 256, 512, 1024 and 2048-byte sectors will return data from the data field. If the disk has data for which data integrity is not important (e.g., video data), the ECC field may be replaced with 288 bytes of user data. The 2336-byte sector length will return all 2336 bytes of data (the full sector minus the header field). The 2352-byte length will return the full sector. If the CD-ROM is a secured disk, this command is disallowed.

Security Toolbox Commands. These are the CS-80 commands that implement the security scheme for the Model 600/A.

* Data Fill (enable/disable)(fill word). This command will either enable or disable the data fill capability. If data fill is enabled when a locked region of the disk is encountered, the fill word will finish the rest of the current transaction and the NO DATA FOUND fault is not set. If data fill is disabled, the current transaction will abort when a locked region of the disk is encountered and the NO DATA FOUND fault is set.

* Unscramble Buffer (length of data)(address in buffer where to start). This command will cause the Model 600/A controller's data buffer to be unscrambled with the key that is currently loaded in the controller's unscrambler (Fig. 4 switch position 1).

* Unscrambled Read on/off). This command will either send the data stream from the disk through the unscrambling algorithm (on) or not (off) before sending the data to the host (Fig. 4 switch positions 2 and 3).

* Read Buffer (length of data) (address in buffer where to start). This command will cause the contents of the controller's data buffer to be returned to the host.

* Receive Data Unscrambling Key (key). This command will cause the key received to be manipulated by the Model 600/A's unique identifier algorithm and then be used as the unscrambling key for future unscrambling.

* Receive Group Access Map password)(group access map). This command will cause the received group access map to be accessed if the password, the group map, and the currently loaded CD-ROM's identifier all belong together.

* Return Drive Security Number. This command will cause the Model 600/A's compacted serial number to be returned to the host.

* Write Buffer (length of data)(address in buffer where to start). This command will cause the Model 600/A's data buffer to be written into by the host (Fig. 4 switch position 4).

Security Status Commands. The following commands were added to retrieve status information about the CD-ROM and to make the security toolbox easier to use.

* Report Security Quick Status. This command will return one byte that indicates powerfail, disk change, and/or a security fault. This status is cleared either by a Security Clear command or by the execution of the Request Security Status command.

* Request Security Status. This command will return a string of bits indicating the type of disk currently loaded, the security features that are present in the system area of the disk, and the security faults that have occurred. This status is cleared either by the Security Clear command or by the execution of the Request Security Status command.

* Security Clear. This command will cause all security features to return to their default state. The CS-80 Clear command will not affect the security features. The difference between the CS-80 Clear command and the Security Clear command is that the CS-80 Clear command will set the CD-ROM reader and all internal state machines back to power-on conditions. The Security Clear command will set the security features back to either power-on or new disk loaded conditions. Using the Security Clear and the CS-80 Clear commands independently will help ensure that no data corruption occurs.

* Set Security Status Mask. This command will prevent the occurrences that are masked from affecting the Security Status or Security Quick Status commands.

Conclusion

The tools designed into the HP Series 6100 Model 600/A HP-IB CD-ROM drive should be adequate for almost any user who wants to distribute software or data on CD-ROM disks. The disk publisher can tailor the security level to range from no security at all to a very complex security scheme. If the host system wants to build a security driver with a protocol that is similar to the host CS-80 driver, the commands are available to do so. If the disk distributor wants to change the unique customer password verification number, there are hooks built into the Model 600/A to allow that change to be done safely at the customer's site. Essentially, the Model 600/A security scheme provides a good balance between security and ease of implementation for both the distributor and the customer.

Acknowledgments

The HP Series 6100 Model 600/A HP-IB CD-ROM drive project was a joint effort between HP's Greeley Storage Division (GSD) in Greeley, Colorado and HP's Application Support Division (ASD) in Mountain View, California. The desire for such a product was generated by ASD. They had a good idea of the general outline of the product they wanted, but being a support division, they did not have the R&D or manufacturing resources needed to design, develop, and manufacture the product. Therefore, GSD was contracted to supply the product. The security tool definitions were designed by a committee that consisted of Chris Armbrust and Pankaj Shah from ASD, John Santon from GSD, and Steve Hand from HP's Commercial Systems Division. I would like to thank ASD section manager jeannie Bruins who managed the host implementation part of the project, GSD project manager Ed Sponheimer who had the responsibility for managing the product and coordinating with ASD, Chris Armbrust of ASD who provided valuable insights about customer use and what the final product should look like, Mark Cousins and Pankai Shah from ASD who were the interface team for the HP 3000 operating system, and finally the GSD development team of john Meyer, firmware designer for drive control and error correction, John Santon, hardware designer, and Bob Proctor, mechanical designer.

References

1. T.A. Rullo, Advances in Computer Security Management, Volume 1, Heyden and Sons, 1980.

2. D.K. Hsiao, D.S. Kerr, S.E. Madnick, Computer Security, Academic Press, 1979.

3. "Using HP-HIL Devices," Facilities for Series 20013001500 HP-UX Concepts and Tutorial, HP publication number 9708990081.

4. CS-80 Instruction Set Programming Manual, HP publication number 5955-3442.

COPYRIGHT 1990 Hewlett Packard Company
COPYRIGHT 2004 Gale Group