US 20070021195 A1
A gaming system utilizes watermarks in files to provide file authentication. In one embodiment, the files contain images or video clips. Selected frames of such images or video clips contain a watermark, which is compared to a key stored in the gaming system. The key may be stored in a non-volatile random access memory in the gaming system. In one embodiment, the memory is not modifiable by a customer.
1. A gaming machine implemented method comprising:
reading a frame from a file;
extracting a watermark from the frame; and
comparing the extracted watermark to a key to authenticate the frame.
2. The method of
3. The method of
4. The method of
5. The method of
6. The method of
7. The method of
8. The method of
9. The method of
10. The method of
11. A method of authenticating a file in a gaming system, the method comprising:
reading multiple frames from the file;
extracting a watermark from one of the frames;
comparing the extracted watermark to a key stored on the gaming system to authenticate the frame.
12. The method of
13. The method of
14. The method of
15. The method of
16. The method of
17. A computer readable medium having instructions encoded thereon for execution by a gaming machine for implementing a method comprising:
reading a frame from a file;
extracting a watermark from the frame; and
comparing the extracted watermark to a key to authenticate the frame.
18. The method of
19. The method of
20. The method of
21. A computer readable medium having code for execution on a gaming system, the medium comprising:
a file having multiple frames containing images for display on the gaming system, selected frames having watermarks corresponding to keys stored on the gaming system, wherein the gaming system extracts the watermarks from the selected frames and compares them to the keys for authentication of the frames in real time.
22. A gaming machine comprising:
a storage device having a read only audio/video file containing multiple frames of audio/video information, selected frames having a watermark;
a read only memory device having keys corresponding to watermarks in the selected frames; and
an authentication module that when executed by the gaming machine, authenticates the selected frames by comparing the watermarks to the keys while outputting the frames to the user.
23. The gaming machine of
24. A gaming machine implemented method comprising:
reading data from a file;
extracting a watermark from the data; and
comparing the extracted watermark to a key to authenticate the file.
25. The gaming machine implemented method of
26. The gaming machine implemented method of
27. The gaming machine implemented method of
28. The gaming machine implemented method of
This application claims priority under 35 U.S.C. 119(e) from U.S. Provisional Application Ser. No. 60/694,056 filed Jun. 24, 2005, and from U.S. Provisional Application Ser. No. 60/711,510 filed Aug. 26, 2005, both of which applications are incorporated herein by reference.
A portion of the disclosure of this patent document contains material to which the claim of copyright protection is made. The copyright owner has no objection to the facsimile reproduction by any person of the patent document or the patent disclosure, as it appears in the U.S. Patent and Trademark Office file or records, but reserves all other rights whatsoever. Copyright 2006, WMS Gaming, Inc.
The present invention related to gaming systems, and in particular to file authentication in a gaming system.
Gaming devices are highly regulated to ensure that they are operating properly, and within regulation. Many jurisdictions required that all gaming devices which have control programs residing in one or more conventional read only memory (ROM) devices must employ a mechanism to verify control programs and data. The mechanism used must detect at least 99.99 percent of all possible media failures. If these programs and data are to operate out of volatile random access memory (RAM), the program that loads the RAM must reside on and operate from a Conventional ROM Device.
Gaming devices having control programs or data stored on memory devices other than conventional ROM devices may need to employ a mechanism that verifies that all control program components, including data and graphic information, are authentic copies of the approved components. Tests may be required to verify that components are approved components. The verification mechanism must have an error rate of less than 1 in 10 to the 38th power and must prevent the execution of any control program component if any component is determined to be invalid. Any program component of the verification or initialization mechanism must be stored on a conventional ROM device that must be capable of being authenticated.
A method used for authentication should employ a mechanism which tests unused or unallocated areas of any alterable media for unintended programs or data and tests the structure of the storage media for integrity. The mechanism must prevent further play of the gaming device if unexpected data or structural inconsistencies are found.
Any gaming device executing control programs from electrically erasable or volatile memory must employ a mechanism that ensures the integrity of all control program components residing therein, including fixed data and graphic information and ensures that they are authentic copies of the approved components. Additionally, control program components, excluding graphics and sound components, must be fully verified at the time of loading into the electrically erasable or volatile memory and upon any significant event, including but not limited to door closings, game resets, and power up. The mechanism must prevent further play of the gaming device if an invalid component is detected.
These types of mechanisms can make it difficult to quickly modify gaming content in gaming machines. They can require the presence of a technician each time a game is updated or changed on a gaming device, which can lead to delays in updating games, introducing new games, and add to down time for gaming machines.
A gaming system utilizes watermarks in files to provide file authentication. In one embodiment, the files may contain images, video clips, audio clips, executable code and other information. Selected portions of the files, such as frames of images or video clips contain a watermark, which is compared to a key stored in the gaming system. The key may be stored in a non-volatile random access memory in the gaming system or remotely. In one embodiment, the memory is not modifiable by a customer.
In further embodiments, a watermark may be spread across multiple frames, or may occur in one frame in 30 to 50 frames, corresponding to about one second or more of video. The watermark may change from frame to frame. In one embodiment, a selected number of different watermarks are used, and rotated. The location of the watermark within a portion of a file may be changed randomly from file to file, and may also cover only a portion of the file.
In one embodiment, the watermark is encrypted, and is decrypted as it is read by the gaming system during normal operation or boot. The decrypted watermark is then compared to the key. In a further embodiment, the file is authenticated in real time, as the frames are read, as opposed to authenticating the entire file prior to beginning to display the frames.
In the following description, reference is made to the accompanying drawings that form a part hereof, and in which is shown by way of illustration specific embodiments which may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention, and it is to be understood that other embodiments may be utilized and that structural, logical and electrical changes may be made without departing from the scope of the present invention. The following description is, therefore, not to be taken in a limited sense, and the scope of the present invention is defined by the appended claims.
The functions or algorithms described herein are implemented in software or a combination of software and human implemented procedures in one embodiment. The software comprises computer executable instructions stored on computer readable media such as memory or other types of storage devices. The term “computer readable media” is also used to represent carrier waves on which the software is transmitted. Further, such functions correspond to modules, which are software, hardware, firmware or any combination thereof. Multiple functions are performed in one or more modules as desired, and the embodiments described are merely examples. The software is executed on a digital signal processor, ASIC, microprocessor, or other type of processor operating on a computer system, such as a personal computer, server or other computer system.
As used herein, the term casino game or gaming device encompasses, without limitation, slot machines, video poker machines, roulette tables, poker tables, craps tables and any other game of chance offered by a gaming establishment wherein for example the game qualifies as regulated and/or licensed gaming equipment.
A typical gaming system is first described, followed by a description of the use of watermarks in frames of audio, video and/or still images contained in a file. The watermarks may be used to authenticate the frames in real time by comparing them to a key stored on the gaming system, allowing faster initial display of the frames. Watermarks may also be used in other types of files, such as executable files and data files.
As illustrated in
As shown in
A player may “cash out” by pressing a cash out button 116. When a player cashes out, the gaming device 100 dispenses a number of coins, corresponding to the number of remaining credits, into the coin tray 118. The gaming device 100 may employ other payout mechanisms such as credit slips, which are redeemable by a cashier, or electronically recordable cards, which track player credits.
The gaming device 100 also includes one or more display devices. The embodiment shown in
In one embodiment, a commercial software product is used to insert watermarks into selected frames of files, such as audio/video files. One watermark may be inserted into each frame, or selected frames, such as every 30th to 50th frame, corresponding to one or more seconds of audio video when viewed by a user. The watermark may be the same or different for each frame, or may comprise a sequence of watermarks that may be repeated, or randomized. Keys are stored on the gaming system, such as in a compact flash read only card that is inserted into the gaming system. The keys should match up with the watermarks. The keys may identify locations in the frames where watermark numbers are placed, and also contains an identifier of the watermark, such as a sequence of matching numbers. In some embodiments, the watermark is encrypted, and when read, is decrypted prior to matching it to the number sequence in the corresponding key. The watermark may alternatively be digitally signed, with the signature verified prior to matching it.
During operation of a game, as audio/video frames are read, they are checked to ensure they contain the proper watermark. In one embodiment, an incorrect watermark may place the game in a halt state, showing a call attendant message on the screen. Normal operation is not possible without intervention by an attendant. In further embodiments, two consecutive incorrect watermarks may be detected prior to the game being placed in the halt state. In still further embodiments, a selected number of incorrect watermarks in a sequence of a predetermined number of watermarks. One example would be two out of three watermarks being incorrect, or two out of four or five watermarks being incorrect. This would allow for software and disk drive errors without prematurely halting a game. Many other examples of a percentage of incorrect watermarks may be envisioned to allow for an acceptable error rate without unnecessarily disrupting the user of a game. In further embodiments, a small percentage of files on boot or continuously during operation of the gaming system are checked for proper watermarking. Portions of files containing watermarks may be randomized from file to file.
A compact flash memory card is shown at 400 in
When the gaming system is booted up, a post boot authentication process shown at 500 in
If the hard drive is present, a read only check is performed at 535 to ensure that the drive is in the proper read only state. Following successful checking of the CF, watermark database and hard drive read only status, each file is opened in succession on the hard drive at 540. If a file is found at 545, it is verified at 550 using the watermarks stored in the watermark database. In one embodiment, approximately 15% of the files are verified at 555 to save time. Other percentages of file verification may be used in further embodiments, either higher or lower depending on the level of assurance of verification desired. If the last file is found at 560, the post boot authentication process is exited and the gaming system continues with other processes at 565.
During normal operation of the game, such as when the game is selected by a user or casino customer, watermark authentication of each audio/video file is performed in real time as illustrated at 600 in
In further embodiments, gaming system is coupled to a network. A remote network component may be used to store a watermark database. Results may be retrieved from this database when checking watermarks on files stored on gaming system. The remote network component may generate on demand requests to the gaming system for authentication of the watermarks of the entire gaming system, or a selected portion of the gaming system, such as a single file, portion of a file, disk drive or other portion of the gaming system.
An installation to hard drive method utilizes a game CF as shown in
The method for installation to hard drive is shown at 800 in
Following verification of the BOOT CF, the game CF is initialized at 808 and verified at 810. The system then asks for a write protect jumper to be installed at 812. Alternatively, a write enable jumper may be used, such that when added, writing is enabled, and when removed, writing is disabled. Installation is verified as having been done at 814, and the hard drive is formatted and partitioned at 816. This will be done in three partitions as shown in
Following formatting and partitioning, the compressed file from the game CF is obtained at 818 and verified at 820. The watermark database is then retrieved at 822 and verified at 824. Then the compressed file is decompressed at 826, and files are verified at 828. Again, in one embodiment, since the files may be very large, a partial authentication of approximately 15% of the files is performed. If the last file has not been processed at 830, the next file is obtained, decompressed and verified until all have been processed. The authentication is performed using the watermark database, which has been verified using a hashing algorithm on the game CF card. The watermark database also contains a size of each file to be tested in one embodiment. In a further embodiment, a file may contain a watermark corresponding to only a portion, such as a small percentage of the file as opposed to the entire file. The location of the portion in each file may be randomized to make the verification process less predictable. More than one watermark may be used on any particular frame or file if desired.
At 832, the system prompts for removal of the write protect jumper, and verifies such removal at 834. A game configure is then started at 836, by performing a power-restart. At this time initial settings of the game machine will be configured. Once this is done, the game is ready to play.
In a further embodiment, the contents of the hard disk drive and CF are indicated at 900 and 1000 in
CF 1000 contains game executables 1010, a sound operating system 1020, common sound banks 1030, a watermark database containing a hard disk drive encryption key 1040, a manifest file containing a FST 1050, and a digital signature for the entire device at 1060. The watermark database contains the key pattern used for comparison on each unique audio/video file contained on the hard drive, as well as each file size.
The hard disk drive authorization table may contain the file name, date/time created, file information such as type and validation technique, and an indication of whether the file is closed or not closed. Once a file is written to the hard drive, it becomes closed. If anything happens to the machine while writing to the hard drive, the file is considered not closed. Any not closed file will have a time/date stamp written to the hard disk drive authorization error log table. The authorization table may be encrypted to the hard drive encryption key. The file may be displayable through an operator menu of a game.
The hard drive encryption key will verify that the hard disk drive authorization table exists and may be used to verify that all files are contained in the authorization table. In the event of a failed authentication, the device will enter an error condition.
If a file is found in the hard disk drive authorization error log table that is not critical, such as files that do not affect game play, operation, or outcome, the file in question is deleted from the hard drive and a time/date stamp is written into the authorization error log table. Once the authorization error log table is cleared, verification of the authorization table is performed before returning to the game. Critical files, such as those that affect game play, operation, or outcome require operator intervention.
If further authentication of the authorization table is required, the table may be made redundant. In one embodiment, it may be set up with two equal sized partitions, keeping identical copies of the data. At regular intervals in each partition are special numbers, called checksums. When power is re-supplied to a game terminal, the checksums are recomputed and compared to the values stored. A hash algorithm may also be used to produce a message digest, or some other algorithm that produces a result which can be compared to verify the data is what is expected. If one partition is found to have errors, a recover attempt may be made by copying the good partition to the partition with an error. After copying, another result may be calculated and if successful, the game is allowed to continue.
A random check of partition four at 940 may be performed to ensure that zeros are found in different locations. If there is any authentication failure, the system starts up in a fault state showing a call attendant message on the screen, and normal operation is not possible without intervention by an attendant.
If the error file was correctly deleted at 1128, a check is made to see if it was the last error file at 1132. Each file is checked in a loop including 1128 and 1132 until the last file has been checked as indicated at 1132. The game is then allowed to continue at 1134.
In this embodiment, continuous run time authentication occurs in a manner similar to that illustrated in