WO2007030301A2 - Hybrid gaming network - Google Patents

Hybrid gaming network Download PDF

Info

Publication number
WO2007030301A2
WO2007030301A2 PCT/US2006/032479 US2006032479W WO2007030301A2 WO 2007030301 A2 WO2007030301 A2 WO 2007030301A2 US 2006032479 W US2006032479 W US 2006032479W WO 2007030301 A2 WO2007030301 A2 WO 2007030301A2
Authority
WO
WIPO (PCT)
Prior art keywords
network
gaming
protocol
devices
interface
Prior art date
Application number
PCT/US2006/032479
Other languages
French (fr)
Other versions
WO2007030301A3 (en
Inventor
David Salls
James W. Morrow
Original Assignee
Bally Gaming International, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/220,781 external-priority patent/US8392707B2/en
Priority claimed from US11/319,034 external-priority patent/US8118677B2/en
Application filed by Bally Gaming International, Inc. filed Critical Bally Gaming International, Inc.
Publication of WO2007030301A2 publication Critical patent/WO2007030301A2/en
Publication of WO2007030301A3 publication Critical patent/WO2007030301A3/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/32Coin-freed apparatus for hiring articles; Coin-freed facilities or services for games, toys, sports, or amusements
    • G07F17/3202Hardware aspects of a gaming system, e.g. components, construction, architecture thereof
    • G07F17/3223Architectural aspects of a gaming system, e.g. internal configuration, master/slave, wireless communication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/32Coin-freed apparatus for hiring articles; Coin-freed facilities or services for games, toys, sports, or amusements
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/32Coin-freed apparatus for hiring articles; Coin-freed facilities or services for games, toys, sports, or amusements
    • G07F17/3241Security aspects of a gaming system, e.g. detecting cheating, device integrity, surveillance

Definitions

  • the claimed invention relates generally to a network, and more particularly, to a gaming network with an identification and communication system for network devices.
  • gaming machines were standalone devices. Security of the gaming machines was accomplished via physical locks, security protocols, security personnel, physical and video monitoring, and the need to be physically present at a machine to attempt to breach the security of the gaming machine. By the same token, management of the gaming machines required a great deal of personal physical interaction with each gaming machine. The ability to change parameters of the gaming machine also required physical interaction.
  • gaming machines have become customizable via electronic communications and remotely controllable.
  • Manufacturers of gaming equipment have taken advantage of the increased functionality of gaming machines by adding additional devices and features to gaming machines, thereby maintaining a player's attention to the gaming machines for longer periods of time increasing minimum bet and bet frequency and speed of play. This, in turn, leads to the player wagering at the gaming machine for longer periods of time, with more money at a faster pace, thereby increasing owner profits.
  • gambling-related information attaching a small electronic display to the gaming device, gambling-related information, as well as news and advertisements can be sent to the player.
  • the gambling- related information may include, for example, information on sports betting and betting options for those sporting events. Additionally, the gambling-related information may also include information such as horse racing and off-track betting.
  • News and advertisements can also maintain a player's attention by providing the player with access to information ranging from show times, to restaurant and hotel specials, and to world events, thus reducing the need and/or desire of the player to leave the gaming machine.
  • the player may participate in a "premium" promotion where the player is registered with the gaming establishment as a club member when the player inserts an ID card into the gaming machines during play. The player may be rewarded for certain play patterns (e.g. wager amounts, wager totals, payouts, time of play, or the like) and earn redeemable benefits or upgrade of club member status.
  • certain play patterns e.g. wager amounts, wager totals, payouts, time of play, or the like
  • One disadvantage of prior art networks is the inability to integrate one or more proprietary or independent networks to a common central server.
  • the inability of certain networks to communicate with each other makes management of the networks more complex and costly. Accounting, player tracking, and security are problematic when messages originate from multiple networks.
  • a gaming network may have a large number of dynamically changing and reconfigurable components. Because of the desire to keep down-time to a minimum, it is important that the population of devices on the network be determinable and verifiable. In the past, this has meant pre-programming knowledge of all other devices into each device, so that communication between devices could take place. Such a requirement of preprogramming or pre-knowledge is too time consuming to be practical in a gaming network environment.
  • the invention provides a method and apparatus for linking a plurality of independent networks to a single central control system.
  • a casino accounting and reporting processing system provides a common back end to a plurality of networks.
  • the central server is coupled to at least one network using the same protocol so that no translation or interface is necessary.
  • One or more other networks are coupled to the central server via an interface for translating communications and commands from the independent network to the host network protocol.
  • the interface is implemented using a standard interface referred to as "S2S".
  • Figure 1 is a block diagram of an embodiment of the invention.
  • Figure 2 is a block diagram illustrating an embodiment of a communication model using the interface of the invention.
  • Figure 3 is a flow diagram illustrating communication in an embodiment of the invention.
  • Figures 4A, 4B, and 4C are block diagrams of a gaming machine configuration in embodiments of the invention.
  • Figure 5 is a flow diagram illustrating one embodiment of game machine device management using the invention.
  • Figure 6 is a flow diagram illustrating the transmission step of Figure 5.
  • Figure 7 is a flow diagram illustrating the identification step of Figure 5.
  • Figure 8 is a flow diagram illustrating the communication step of Figure 5.
  • the claimed invention is directed to a hybrid network where one or more independent networks may be managed by a single central server.
  • the preferred embodiments of the system and method are illustrated and described herein, by way of example only, and not by way of limitation.
  • FIG. 1 is a block diagram illustrating an embodiment of the invention.
  • a central server or back end system 101 is, configured as the controller of the system. Although this back end system may be comprised of many parts, it may be referred to herein as a central server 101.
  • the protocol upon which the central server 101 operates is referred to as the native protocol.
  • a native network 102 is directly coupled to the central server 101.
  • the native network 102 is a group of game machines that operate using the same protocol as the central server 101. It should be understood that the invention may be practiced with or without one or more native networks.
  • the central server 101 includes a database 103 for storing operational data, performance data, financial data, security data, and the like.
  • An application layer 104 interfaces between the native network 102 and the command queues 105 (inbound) and 106 (outbound). In one embodiment, application layer 104 communicates with a casino back end server 124. Command queues 105 and 106 communicate with protocol layer 107.
  • Serverl08 communicates (receiving messages from independent networks) with the interface 110 and is a web server in one embodiment capable of XML parsing. Client 109 is coupled to interface 110 and is used to send messages to independent networks.
  • Interface 110 is used to bridge between the native and the independent networks.
  • an independent network is a network using a different protocol than the native protocol of the central server 101.
  • These independent protocols may or may not include some mixture of proprietary and standard protocols.
  • An example of a proprietary protocol is the Slot Data Transport (SDT) by Bally Gaming Systems, or RSM, a binary TCP messaging structure that is socket based, used for near real-time communication, also by Bally Gaming Systems.
  • SDT Slot Data Transport
  • RSM Binary TCP messaging structure that is socket based, used for near real-time communication, also by Bally Gaming Systems.
  • the interface provides the ability to translate commands and data from one network protocol to another. In this case, it provides a way to translate from one or more independent protocols to the native protocol and vice-versa. Communication is not limited to only between the central server and the independent networks. It should be realized that the native and independent networks may communicate with each other, using the interface to facilitate communication.
  • the interface is implemented using the S2S (System to System) protocol defined by the Gaming Standards Association (GSA)
  • S2S System to System
  • GSA Gaming Standards Association
  • independent network 111 is shown by way of example as an IGT Class II system.
  • the network 111 comprises a plurality of gaming machines 150 coupled to system processor 114.
  • Network 111 in one embodiment communicates using web services via SOAP ("Simple Object Access Protocol") over HTTPS.
  • Network 112 comprises a network (e.g. an NRT network) with a plurality of bill acceptors 152 or other coin-in devices 153, 154 coupled to network system processor 115.
  • Network 112 communicates with direct posts using HTTP in one embodiment of the invention.
  • Network 113 is an anticipated future network that uses a protocol not currently in use and includes a plurality of gaming machines 156 and network system processor 116.
  • Network 113 in one embodiment communicates via socket or web services.
  • the invention contemplates use with existing network protocols and future network protocols.
  • protocol layer 107 is capable of communicating with a number of independent networks using a variety of protocols. Protocol layer 107 can use web services to communicate using SOAP, use direct posts using HTTP, or via sockets.
  • Figure 2 is a block diagram illustrating a communication model in an embodiment of the interface 110.
  • the native network system is represented on the left side of Figure 2 and an independent network is represented on the right side.
  • Application layer 201 and business layer 202 respond to commands in messages directed to the native network.
  • business layer 104 communicates with a casino back end server 220.
  • Application layer 218 and Business layer 217 respond to commands in messages directed to the independent network.
  • Application layer 201 receives messages (and commands) via inbound command queue 203.
  • Application layer 201 sends messages to the network via outbound command queue 204.
  • the queues 203 and 204 are coupled to the protocol layer 207.
  • messages are transmitted between the network hosts.
  • Application layer 218 receives messages and commands via inbound command queue 216 and sends messages to the network via outbound command queue 215. Queues 215 and 216 are coupled to protocol layer 214.
  • Protocol layer 207 includes a web server 205 and client connection 206.
  • protocol layer 214 includes a client connection 212 and web server 213.
  • communication is accomplished via a request-response method. Therefore, there are separate channels for inbound and outbound communication of messages.
  • the inbound channel for protocol layer 207 (and correspondingly the outbound channel for protocol layer 214) is represented by the connection between server 205 of protocol layer 207 and client connection 212 of protocol layer 214.
  • Client connection 212 sends a message 208 to server 205.
  • An acknowledgement (ACK) 209 is sent back by server 205 to client connection 212 when a message has been received.
  • ACK acknowledgement
  • the outbound channel for protocol layer 207 (and inbound channel for protocol layer 214) is represented by the connection between client connection 206 of protocol layer 207 and web server 213 of protocol layer 214.
  • Client connection 206 sends a message 210 to web server 213.
  • An ACK 211 is sent back by server 213 to client connection 206 when a message has been received.
  • the ACK only indicates that a message and the commands have been received and does not represent an acknowledgement that the commands will be executed.
  • the processing of commands in the system of Figure 2 is illustrated in the flow diagram of Figure 3.
  • the native network A sends a message to independent network B.
  • the message includes a command.
  • network B sends an ACK to network A acknowledging the receipt of the message and command.
  • network B processes the command. (The embodiment illustrated contemplates asynchronous operation so that the commands do not have to be processed immediately upon receipt).
  • network B may send a message to network A that confirms that the original command has been processed and perhaps including a command from network B to network A.
  • network A sends an ACK to network B.
  • network A processes the command.
  • a standard message format is used to enhance the ability to promote cross network and cross protocol communication.
  • a message element forms the outer wrapper of an original message and the acknowledgement.
  • An acknowledgement is composed of a single element "Acknowledge".
  • a message comprises a header and a body. The header identifies the sender, the receiver and information about the message. The body of the message contains application level commands.
  • the header includes attributes that identify the message, including a system identifier of the originator, the system identifier of the recipient, a unique message identifier, and a date stamp.
  • the system identifier permits the appropriate translation to take place for ease of communication between native and non-native systems.
  • the application command consists of a class-level element and a command-level element.
  • a message element may contain multiple commands comprising the class- level/command-level pair.
  • FIG. 4A is a block diagram of an example gaming machine configuration in an embodiment of the invention.
  • the gaming machine 415 communicates with its associated native or non-native network via communications path 414 which may be Ethernet, wireless Ethernet, wire, fiber, wireless, or any other suitable communication link.
  • the gaming machine 415 may include a communications interface 401 that handles communication between the gaming machine and its associated devices and the remainder of the gaming network.
  • Communication interface 401 is coupled to an MPU 402.
  • the MPU serves as the processor of the gaming machine.
  • SMIB 403 An interface referred to as a "SMIB" 403 (smart interface board or slot machine interface board) is coupled to the MPU and to the communication interface 401.
  • SMIB 403 is coupled to one or more peripherals or other devices connected to the gaming machine 415, such as devices 404A to 404N of Figure 4A.
  • SMIB 403 uses an Ethernet or other high-speed communications link to the communication interface 401, MPU 402, and devices 404A through 404N.
  • the SMIB includes switching capabilities.
  • the SMIB is implemented with a Mastercom 300 manufactured by Bally Technologies. [0045]
  • Figure 4B illustrates an alternate embodiment of a gaming machine and peripherals.
  • the gaming machine communicates with its associated network via communications path 414 (which may be an Ethernet connection). Communication is handled by network distribution device 405. This device could be an Ethernet hub, for example, or any other suitable communications interface.
  • the game machine includes an MPU 402 that provides processing for the game.
  • a number of peripherals are included in the gaming machine and are coupled directly to the network distribution device 405 or to the MPU 402.
  • such peripheral devices include lights 406, keypad 407, card reader 408, primary display 409, lights 410, button deck 411, printer 412, hopper 413, coin acceptor 414, bill acceptor 415, and secondary display 416. It is understood that not every gaming machine will have this exact configuration of peripherals.
  • a gaming machine may have fewer or more peripherals, and different peripherals, without departing from the scope of the invention.
  • FIG. 4C An alternate embodiment of a gaming machine and peripherals is illustrated in Figure 4C.
  • the gaming machine remains coupled to its associated network via communication path 414 and network distribution device 405.
  • the gaming machine includes an MPU 402 and a number of peripheral devices.
  • the devices are coupled to the network distribution device 405 and/or the MPU 402 via a plurality of protocols. These protocols could include parallel connections (e.g. lights 406), I 2 C connections (e.g. keypad 407), USB (e.g. card reader 408), LVDS (e.g. primary display 409) and other protocols.
  • the MPU 402 and/or the network distribution device 405 convert from the non-Ethernet protocol " to Ethernet protocol for communication via the network.
  • Each gaming network may use a number of network services for administration and operation.
  • Dynamic Host Configuration Protocol allows central management and assignment of IP addresses within the gaming network. The dynamic assignment of IP addresses is used in one embodiment instead of statically assigned IP addresses for each network component.
  • a DNS domain name service
  • DNS servers are well known in the art and are used to resolve the domain names to IP addresses on the Internet.
  • NTP Network Time Protocol
  • NTP may be used to synchronize time references within the network components for security and audit activities. It is important to have a consistent and synchronized clock so that the order and the timing of transactions within the gaming network can be known with reliability and certainty.
  • Network information can be gathered centrally at a single workstation by using the Remote Monitoring (RMON) protocol.
  • RMON Remote Monitoring
  • SNMP simple network management protocol
  • SNMPv3 is used to take advantage of embedded security mechanisms to mitigate malicious attacks made against the configuration management function.
  • TFTP vial file transfer protocol
  • servers to boot or download code to network components.
  • the network may be implemented using the IPv6 protocol designed by the IETF (Internet Engineering Task Force).
  • IPv6 Internet Engineering Task Force
  • QoS refers to the ability of a network to provide a guaranteed level of service (i.e. transmission rate, loss rate, minimum bandwidth, packet delay, etc).
  • QoS may be used as an additional security feature in that certain transactions may request a certain QoS as a rule or pursuant to some schedule. Any fraudulent traffic of that nature that does not request the appropriate QoS is considered an attack and appropriate quarantine and counter measures are taken.
  • IPv4 the Type of Service (ToS) capabilities of IPv4 may also be used in a similar manner to provide additional security cues for validation of transactions. Again, certain types of transactions may be associated with a particular specific ToS or a rotating schedule of ToS that is known by network monitors. [0051] ' Traffic Content
  • the traffic content varies in size and sensitivity.
  • Messages may comprise transactional messages related to game play, such as coin-in. Other messages may be related to management, administration, or sensitive information, such as administrator passwords, new game code, pay tables, win rates, patron personal data, or the like.
  • Device Addressing may comprise transactional messages related to game play, such as coin-in. Other messages may be related to management, administration, or sensitive information, such as administrator passwords, new game code, pay tables, win rates, patron personal data, or the like.
  • each device including each peripheral device in a game machine, could have its own MAC address.
  • the central server could be responsible for assigning IP addresses to each device and gathering the devices into bindings that represent a physical location of a device. For example, all of the bindings of a gaming machine may be in a single binding.
  • the network distribution device 405 may be responsible for assigning IP addresses to the devices within the game machine.
  • there is a common IP address e.g. 10.5.5.32
  • the remaining devices in the gaming machine are addressable by a unique port assignment attached to the common IP address.
  • PORT 5020 could be associated with the card reader 408, PORT 5030 with the hopper 413, and the like.
  • the MPU 402 and network distribution device 405 communicate using the IP and PORT address. In some cases the communication itself may use a proprietary protocol yet still use the IP and PORT address as a destination.
  • the network distribution service can act as an Internet Protocol Exchange (IPX) to facilitate the translation of TCP/IP network traffic to the native protocol of a device and vice-versa.
  • the device enablement may take advantage of a USB sharing hub such as the USB Multi-switch manufactured by Standard Microsystems, Corp.
  • An embodiment of the invention provides a process for identifying devices coupled to a game machine. This process is described in Figure 5.
  • each device e.g. devices 404A - 404N
  • the address is received by a switch in the game machine (e.g. the SMIB * 403, network distribution device 405, or the like) and a table of addresses of associated devices is assembled. This table is made available to the devices in the game machine so that the IP addresses of other devices within the gaming machine become available to each device.
  • each device identifies itself to other devices in the gaming machine.
  • a verification process is initiated so that it can be determined if the devices are valid devices on the network.
  • devices may begin to transmit data between themselves and to the core layer or other back-end server of the network.
  • any network-connected device inside the gaming machine will attempt to communicate with the network at step 602 by sending its MAC/IP address via the SMIB or other switching device.
  • the nature of this initial communication may be for a DHCP or BOOTP configuration, an ARP request, or any other attempt to identify itself to the back-end system.
  • the MAC/IP addresses that are part of these communication attempts are added at step 603 to a table. This table is managed by the SMIB 403 in one embodiment, or by the MPU 402 in another embodiment.
  • a table will be generated that contains the MAC/IP addresses of all of the devices in the gaming machine.
  • the devices send only their MAC addresses but the switch or other management device associates an IP address with each MAC address to populate a table. This embodiment may be used when IP addresses are assigned dynamically as described above.
  • the switch or MPU or whichever device is managing the address table, periodically transmits raw Ethernet frames, USB packets, or TCP packets that include a list of the attached MAC/IP addresses associated with that game machine.
  • the frame is sent on a regular basis (e.g. every three to five seconds) so that other devices can expect that frame and react appropriately if it is not received.
  • the transmitted frame is sent to switches and game machines on the network.
  • the transmission is via User Datagram Protocol (UDP) but any suitable protocol may be used without departing from the spirit and scope of the invention. In this manner, game machine devices need only be able to recognize the frame to take action. Eventually all of the MAC/IP addresses of game machine devices are published throughout the network.
  • UDP User Datagram Protocol
  • the process in one embodiment is an ongoing process, shown by the return path from step 605 to step 602 in Figure 6.
  • the tables are rebroadcast periodically by the switch. This rebroadcast allows devices to learn about other new devices that have been added to the network. It also allows a device to know when another device has left the network.
  • the information being collected is pre-authentication. It allows a list of possible devices to be known and addressable so that if the device is valid and authenticated, it can participate on the network.
  • Identification [0067] The identification process 502 is described in conjunction with Figure 7.
  • a device receives a MAC/IP transmission frame from the switch at step 701. This is an ongoing process during runtime as the switch periodically transmits Ethernet frames containing updated and new MAC/IP address information as described above.
  • the device identifies other devices within the same game machine or cabinet from information in the Ethernet frame.
  • the device initiates an identification communication with one or more other devices in the game machine.
  • the form of this transmission at step 704 may be as simple as sending an "I'm here" message.
  • the identification message may include identification information about the device at step 704. This information may include information such as the port address, device ID, a preferred communication protocol, and the like. In other embodiments, such information is provided during communication negotiations. [0068] Verification
  • a verification procedure can take place.
  • the verification procedure is intended to establish that the device with which another device is communicating is a valid gaming device.
  • verification may be accomplished by using the protocol described herein in connection with Figures 3 and 4. Any suitable verification protocol may be utilized without departing from the scope and spirit of the invention.
  • In-cabinet devices have similar security concerns as other network devices described herein. For example a device may not only need to identify itself to a central server, but may also need to identify itself to another device within the same cabinet.
  • a verification method is used such as is described in pending U. S. Patent application number 10/243,912, filed on September 13, 2002, and entitled “Device Verification System and Method", assigned to the assignee of the invention, and incorporated by reference herein in its entirety.
  • the invention provides a system and method for verifying a device by verifying the components of that device.
  • the components may comprise, for example, software components, firmware components, hardware components, or structural components of an electronic device.
  • These components include, without limitation, processors, persistent storage media, volatile storage media, random access memories, read-only memories (ROMs), erasable programmable ROMs, data files (which are any collections of data, including executable programs in binary or script form, and the information those programs operate upon), device cabinets (housings) or cathode ray tubes (CRTs).
  • Identification numbers or strings of the components are read and then verified. The process of verifying may comprise matching each identification number in a database to determine whether each identification number is valid.
  • verification of that file in effect, comprises verifying part of an operating system.
  • the file names may comprise the identification numbers.
  • the database may comprise a relational database, object database, or may be stored in XML format, or in a number of other formats that are commonly known.
  • the database may also comprise an independent system stack of bindings, which comprise numbers, identification strings or signatures in the database for matching or authenticating the components, from manufacturers of the components, each identification number being verified using the binding from the manufacturer of the respective component to verify the component.
  • a system stack may comprise a subset of one or more global component databases containing bindings from manufacturers of the components, each binding of the subset being associated with at least one of the identification numbers of one of the components in the device.
  • Structural components such as cabinets, may contain an electronic identification chip embedded within them, such as a so-called Dallas chip or an IBUTTON device manufactured by Dallas Semiconductor of Dallas, Texas. These devices allow a unique identifier, placed within a semiconductor or chip, to be placed on a component that may or may not be electronic, such as a computer or gaming machine cabinet.
  • the IBUTTON device is a computer chip enclosed in a 16 mm stainless steel can.
  • the steel button can be mounted, preferably permanently or semi-permanently, on or in the structural component.
  • Two wires may be affixed to the IBUTTON device, one on the top, and one on the bottom, to exchange data between the IBUTTON device and a processor, serial port, universal serial bus (USB) port, or parallel port.
  • the matching process may comprise matching each identification number based on the type of component that the identification number identifies.
  • the identification number and the type of component are matched in the database in order to verify that the identification number is valid. Operation of the device may be stopped if any one of the identification numbers is not matched in the database. In the case of a game or gaming machine type of device, a tilt condition message is generated if any one of the identification numbers is not matched in the database.
  • the database may consist of a set of signatures, also called bindings.
  • a well-known hash function such as the Secure Hash Function -1, also known as SHA-I
  • This 160-bit hash value also called an abbreviated bit string
  • DSA Digital Signature Algorithm
  • the DSA uses a private key of a private key/public key pair, and randomly or pseudorandomly generated integers, to produce a 320-bit signature of the 160-bit hash value of the data file or firmware contents.
  • This signature is stored in the database in addition to the identification number.
  • the verification software may be stored on a persistent storage media such as a hard disk device, read only memory (ROM), electrically erasable programmable read-only memory (EEPROM), in the aforementioned CMOS memory, battery-backed random access memory, flash memory or other type of persistent memory.
  • the verification software is stored in a basic input/output system (BIOS) on a solid-state persistent memory device or chip. BIOS chips have been used for storing verification software, such as the BIOS+ chip used by Bally Gaming Systems, Inc. of Las Vegas, NV in their EVO gaming system. Placing the verification software in the BIOS is advantageous because the code in the BIOS is usually the first code executed upon boot or start-up of the device, making it hard to bypass the verification process.
  • BIOS basic input/output system
  • the verification software may be stored in a firmware hub, which may comprise the part of an electronic device or computer that stores BIOS information.
  • a firmware hub is used in place of a peripheral component interconnect (PCI) bus to connect elements of chipsets.
  • PCI peripheral component interconnect
  • the persistent storage media may be a removable storage unit such as a CD-ROM reader, a WORM device, a CD-RW device, a floppy disk device, a removable hard disk device, a ZIP disk device, a JAZZ disk device, a DVD device, a removable flash memory device, or a hard card device.
  • the database is preferably stored in a non-removable, secure device either within the device being verified, or remotely on a server, in order to enhance security.
  • the verification software executes a DSA verification of the data files and firmware components. Also stored in the database is the public key of the private key/public key pair. For each data file and firmware component, as part of the DSA verification, the processor and verification software first computes the hash value of the digital contents of the component using the SHA-I algorithm. The verification software then processes or authenticates this computed hash value, using the DSA signature verification algorithm, which also takes, as input, the aforementioned public key stored in the database. The verification part of the DSA produces a Boolean result (yes or no) as to whether the inputs solve the algorithm. If the algorithm is not solved by the inputs, then an unexpected result is produced, thereby failing to verify the particular component.
  • the set of executable instructions may use the Rivest-Shamir- Adleman (RSA) algorithm to verify the components.
  • RSA Rivest-Shamir- Adleman
  • a first abbreviated bit string or hash value is computed from each component's digital contents and encrypted into a digital signature.
  • the digital signature is stored in the database along with the identification number for the component.
  • the component is verified by computing a second abbreviated bit string computed from the component's digital contents.
  • the signature is retrieved from the database by searching the database for the identification number.
  • the signature is decrypted to recover the first abbreviated bit string.
  • the component is then verified by comparing the second abbreviated bit string with the first abbreviated bit string.
  • first and second abbreviated bit strings do not match, then the component is not verified. As discussed below, this may cause a fault tilt to occur to prohibit the loading operation of the device. Otherwise, use of the device is permitted.
  • collections of data files may be signed together in order speed up processing.
  • the abbreviated bit strings, hash values, or signatures, also called digests, of the collection of data files are collected into a catalog file, and the catalog is signed as described above.
  • a device initiates a communication with another device.
  • the sending device may include a section of the first message to provide needed information to the intended recipient. This information may include at step 802 the type of device, the protocol the device is using, any restrictions related to QOS, and other communication related information.
  • the recipient determines if it can communicate with the sender directly or if an interface is needed at decision block 804. If an interface is needed at step 806, the sender and receiver may need to communicate through the MPU or interface 110, for example, if the MPU includes software or firmware for translating appropriately for the devices. If the devices can communicate directly, then messages are sent back and forth using an accepted protocol at step 805.
  • the invention allows devices to be aware of each other's presence through MAC/IP transmissions. This permits the use of a single network port for each device to use to communicate with each other and with a back-end system. The devices do not need pre- knowledge of the MAC/IP addresses of other devices but can learn them at start up and during run-time. The system also allows a new device to be added to a game cabinet and have it be integrated and identified to the system without extensive IT effort. [0084] Although the invention has been described in connection with in-cabinet devices identifying themselves to each other, it is not limited to such an application. The invention may be used to provide identification of any network devices by organically updating identification information periodically in Ethernet frames. In addition, the invention is not limited to the specific network configuration described herein. Rather, the system can work with any number of network configurations without departing from the scope and spirit of the invention.

Abstract

[0086] The invention provides a method and apparatus for linking a plurality of independent networks to a single central control system. In one embodiment, a casino accounting and reporting processing system provides a common back end to a plurality of networks. In one embodiment, the central server is coupled to at least one network using the same protocol so that no translation or interface is necessary. One or more other networks are coupled to the central server via an interface for translating communications and commands from the independent network to the host network protocol. In one embodiment, the interface is implemented using a standard interface referred to as 'S2S'. An advantage of the invention is that it can be used to provide a common user interface, common accounting and security, and common player tracking management.

Description

HYBRID GAMING NETWORK
Background of the Invention
[0001] 1. Field of the Invention The claimed invention relates generally to a network, and more particularly, to a gaming network with an identification and communication system for network devices.
[0002] 2. Background In early gaming environments, gaming machines were standalone devices. Security of the gaming machines was accomplished via physical locks, security protocols, security personnel, physical and video monitoring, and the need to be physically present at a machine to attempt to breach the security of the gaming machine. By the same token, management of the gaming machines required a great deal of personal physical interaction with each gaming machine. The ability to change parameters of the gaming machine also required physical interaction.
[0003] In view of the increased processing power and availability of computing devices, gaming machines have become customizable via electronic communications and remotely controllable. Manufacturers of gaming equipment have taken advantage of the increased functionality of gaming machines by adding additional devices and features to gaming machines, thereby maintaining a player's attention to the gaming machines for longer periods of time increasing minimum bet and bet frequency and speed of play. This, in turn, leads to the player wagering at the gaming machine for longer periods of time, with more money at a faster pace, thereby increasing owner profits.
[0004] One technique that has been employed to maintain a player's attention at the gaming machine has been to provide players with access to gambling-related information. In this regard, attaching a small electronic display to the gaming device, gambling-related information, as well as news and advertisements can be sent to the player. The gambling- related information may include, for example, information on sports betting and betting options for those sporting events. Additionally, the gambling-related information may also include information such as horse racing and off-track betting. News and advertisements can also maintain a player's attention by providing the player with access to information ranging from show times, to restaurant and hotel specials, and to world events, thus reducing the need and/or desire of the player to leave the gaming machine.
[0005] Moreover, it has been shown to be desirable to provide the player with interactive access to the above information. This type of interactivity allows players significantly more flexibility to make use of the above-described information. The gambling-related information can also be utilized by the player in a much more efficient manner. In this regard, greater levels of flexibility and access are likely to make the player remain and gamble at the gaming machine for significantly longer periods of time. [0006] In addition, the player may participate in a "premium" promotion where the player is registered with the gaming establishment as a club member when the player inserts an ID card into the gaming machines during play. The player may be rewarded for certain play patterns (e.g. wager amounts, wager totals, payouts, time of play, or the like) and earn redeemable benefits or upgrade of club member status.
[0007] Attempts to distribute gambling-related information and advertisements to players and to allow the recognition of premium membership players have resulted in additional system components that may be attached to the gaming devices. These components for accessing and displaying information for gaming machines may include a keypad, card reader, and display equipment (including, for example, color touch-screens) It is also desired to have a common user interface for all gaming machines including having a common location for devices such as the card reader, keypad, and display. [0008] The amount of interactivity and data presentation/collection possible with current processor based gaming machines has led to a desire to connect gaming machines in a gaming network. In addition to the gaming machines themselves, a number of devices associated with a gaming machine or with a group of gaming machines may be part of the network. It has become important for the devices within a gaming machine or cabinet to be aware of each other and to be able to communicate to a control server. Not only is the presence or absence of a network device important, but also the physical location of the device and the ability to associate devices within a particular gaming machine has become a necessary component of a gaming network.
[0009] Current networks for gaming machines have been primarily one-way in communication, have been slow, and have been proprietary (custom designed and incompatible with commercial networking equipment). Prior art networks provided accounting, security, and player related data reporting from the gaming machine to a backend server. Secondary auditing procedures allowed regulators and managers to double check network reporting, providing a method of detecting malfeasance and network attacks. However, such security is remote in time from when a network attack has occurred. Prior art networks lack many security features needed for more rapid detection of cheating from a variety of possible attackers.
[0010] One disadvantage of prior art networks is the inability to integrate one or more proprietary or independent networks to a common central server. The inability of certain networks to communicate with each other makes management of the networks more complex and costly. Accounting, player tracking, and security are problematic when messages originate from multiple networks.
[0011] Although prior art networks of gaming machines provide advantages to gaming establishment operators, they also engender new risks to security of the gaming establishment and to the gaming machines. Not only is traditional data associated with gaming machines now potentially at risk on the gaming network, but personal player information is now at risk, as well.
[0012] In addition, the proprietary nature of prior art gaming machine networks limits the ability to use commercially available technology. This adds to the cost of gaming networks and limits their scalability and the ability to upgrade as technology improves. Further, as gaming machines are grouped in networks, the value of the pooled financial data traversing the network creates a great temptation to attack the network. The potential reward from attacking a network of gaming machines is greater than the reward from attacking a single machine.
[0013] A gaming network may have a large number of dynamically changing and reconfigurable components. Because of the desire to keep down-time to a minimum, it is important that the population of devices on the network be determinable and verifiable. In the past, this has meant pre-programming knowledge of all other devices into each device, so that communication between devices could take place. Such a requirement of preprogramming or pre-knowledge is too time consuming to be practical in a gaming network environment.
[0014] In addition, operators desire to be able to access individual devices inside of a gaming machine from a central server or from other machines. In addition, it may be desirable for multiple machines to be able to communicate with a peripheral so that peripherals may be shared. In other cases, it may be desired to temporarily use another machine's peripheral upon failure of one of its own peripherals. [0015] Another disadvantage of current gaming systems is the hybrid nature of networks that include a number of different protocols. Many legacy devices are unable to effectively communicate with other devices in the system. In addition, proprietary protocols add to the expense of device manufacture and replacement.
Summary of the Invention
[0016] The invention provides a method and apparatus for linking a plurality of independent networks to a single central control system. In one embodiment, a casino accounting and reporting processing system provides a common back end to a plurality of networks. In one embodiment, the central server is coupled to at least one network using the same protocol so that no translation or interface is necessary. One or more other networks are coupled to the central server via an interface for translating communications and commands from the independent network to the host network protocol. In one embodiment, the interface is implemented using a standard interface referred to as "S2S". An advantage of the invention is that it can be used to provide a common user interface, common accounting and security, and common player tracking management.
[0017] These and other features and advantages of the claimed invention will become apparent from the following detailed description when taken in conjunction with the accompanying drawings, which illustrate, by way of example, the features of the claimed invention.
Brief Description of the Drawings
[0018] Figure 1 is a block diagram of an embodiment of the invention. [0019] Figure 2 is a block diagram illustrating an embodiment of a communication model using the interface of the invention.
[0020] Figure 3 is a flow diagram illustrating communication in an embodiment of the invention.
[0021] Figures 4A, 4B, and 4C are block diagrams of a gaming machine configuration in embodiments of the invention.
[0022] Figure 5 is a flow diagram illustrating one embodiment of game machine device management using the invention.
[0023] Figure 6 is a flow diagram illustrating the transmission step of Figure 5. [0024] Figure 7 is a flow diagram illustrating the identification step of Figure 5. [0025] Figure 8 is a flow diagram illustrating the communication step of Figure 5. DETAILED DESCRIPTION
[0026] The claimed invention is directed to a hybrid network where one or more independent networks may be managed by a single central server. The preferred embodiments of the system and method are illustrated and described herein, by way of example only, and not by way of limitation.
[0027] Referring now to the drawings, wherein like reference numerals denote like or corresponding parts throughout the drawings, there are shown embodiments of the hybrid gaming network constructed in accordance with the claimed invention. Figure 1 is a block diagram illustrating an embodiment of the invention. A central server or back end system 101 is, configured as the controller of the system. Although this back end system may be comprised of many parts, it may be referred to herein as a central server 101. The protocol upon which the central server 101 operates is referred to as the native protocol. In the embodiment shown, a native network 102 is directly coupled to the central server 101. The native network 102 is a group of game machines that operate using the same protocol as the central server 101. It should be understood that the invention may be practiced with or without one or more native networks.
[0028] The central server 101 includes a database 103 for storing operational data, performance data, financial data, security data, and the like. An application layer 104 interfaces between the native network 102 and the command queues 105 (inbound) and 106 (outbound). In one embodiment, application layer 104 communicates with a casino back end server 124. Command queues 105 and 106 communicate with protocol layer 107. Serverl08 communicates (receiving messages from independent networks) with the interface 110 and is a web server in one embodiment capable of XML parsing. Client 109 is coupled to interface 110 and is used to send messages to independent networks.
[0029] Interface 110 is used to bridge between the native and the independent networks. As referred to herein, an independent network is a network using a different protocol than the native protocol of the central server 101. These independent protocols may or may not include some mixture of proprietary and standard protocols. An example of a proprietary protocol is the Slot Data Transport (SDT) by Bally Gaming Systems, or RSM, a binary TCP messaging structure that is socket based, used for near real-time communication, also by Bally Gaming Systems. The interface provides the ability to translate commands and data from one network protocol to another. In this case, it provides a way to translate from one or more independent protocols to the native protocol and vice-versa. Communication is not limited to only between the central server and the independent networks. It should be realized that the native and independent networks may communicate with each other, using the interface to facilitate communication.
[0030] In one embodiment of the invention, the interface is implemented using the S2S (System to System) protocol defined by the Gaming Standards Association (GSA) [0031] In the example of Figure 1, there are a number of independent networks 111, 112, and 113 coupled to the central server 101 via the interface 110. Independent network 111 is shown by way of example as an IGT Class II system. The network 111 comprises a plurality of gaming machines 150 coupled to system processor 114. Network 111 in one embodiment communicates using web services via SOAP ("Simple Object Access Protocol") over HTTPS. Network 112 comprises a network (e.g. an NRT network) with a plurality of bill acceptors 152 or other coin-in devices 153, 154 coupled to network system processor 115. Network 112 communicates with direct posts using HTTP in one embodiment of the invention. Network 113 is an anticipated future network that uses a protocol not currently in use and includes a plurality of gaming machines 156 and network system processor 116. Network 113 in one embodiment communicates via socket or web services. The invention contemplates use with existing network protocols and future network protocols. [0032] In the example of Figure 1, protocol layer 107 is capable of communicating with a number of independent networks using a variety of protocols. Protocol layer 107 can use web services to communicate using SOAP, use direct posts using HTTP, or via sockets. [0033] Figure 2 is a block diagram illustrating a communication model in an embodiment of the interface 110. The native network system is represented on the left side of Figure 2 and an independent network is represented on the right side. Application layer 201 and business layer 202 respond to commands in messages directed to the native network. In one embodiment, business layer 104 communicates with a casino back end server 220. Application layer 218 and Business layer 217 respond to commands in messages directed to the independent network.
[0034] Application layer 201 receives messages (and commands) via inbound command queue 203. Application layer 201 sends messages to the network via outbound command queue 204. The queues 203 and 204 are coupled to the protocol layer 207. At the protocol level, messages are transmitted between the network hosts. [0035] Application layer 218 receives messages and commands via inbound command queue 216 and sends messages to the network via outbound command queue 215. Queues 215 and 216 are coupled to protocol layer 214.
[0036] Protocol layer 207 includes a web server 205 and client connection 206. Similarly, protocol layer 214 includes a client connection 212 and web server 213. In the embodiment shown in Figure 2, communication is accomplished via a request-response method. Therefore, there are separate channels for inbound and outbound communication of messages. The inbound channel for protocol layer 207 (and correspondingly the outbound channel for protocol layer 214) is represented by the connection between server 205 of protocol layer 207 and client connection 212 of protocol layer 214. Client connection 212 sends a message 208 to server 205. An acknowledgement (ACK) 209 is sent back by server 205 to client connection 212 when a message has been received.
[0037] The outbound channel for protocol layer 207 (and inbound channel for protocol layer 214) is represented by the connection between client connection 206 of protocol layer 207 and web server 213 of protocol layer 214. Client connection 206 sends a message 210 to web server 213. An ACK 211 is sent back by server 213 to client connection 206 when a message has been received.
[0038] In the embodiment illustrated, the ACK only indicates that a message and the commands have been received and does not represent an acknowledgement that the commands will be executed. The processing of commands in the system of Figure 2 is illustrated in the flow diagram of Figure 3. At step 301 the native network A sends a message to independent network B. The message includes a command. At step 302 network B sends an ACK to network A acknowledging the receipt of the message and command. At some later time at step 303 network B processes the command. (The embodiment illustrated contemplates asynchronous operation so that the commands do not have to be processed immediately upon receipt). At step 304 network B may send a message to network A that confirms that the original command has been processed and perhaps including a command from network B to network A. At step 305 network A sends an ACK to network B. At step 306, network A processes the command. [0039] Message Format
[0040] In one embodiment of the invention, a standard message format is used to enhance the ability to promote cross network and cross protocol communication. In one embodiment, a message element forms the outer wrapper of an original message and the acknowledgement. An acknowledgement is composed of a single element "Acknowledge". A message comprises a header and a body. The header identifies the sender, the receiver and information about the message. The body of the message contains application level commands.
[0041] The header includes attributes that identify the message, including a system identifier of the originator, the system identifier of the recipient, a unique message identifier, and a date stamp. The system identifier permits the appropriate translation to take place for ease of communication between native and non-native systems.
[0042] The application command consists of a class-level element and a command-level element. A message element may contain multiple commands comprising the class- level/command-level pair. [0043] Gaming Machine
[0044] The invention contemplates the ability to interact with gaming devices on different networks. The following figures give examples of embodiments of gaming machines that may be used with the invention. Figure 4A is a block diagram of an example gaming machine configuration in an embodiment of the invention. The gaming machine 415 communicates with its associated native or non-native network via communications path 414 which may be Ethernet, wireless Ethernet, wire, fiber, wireless, or any other suitable communication link. The gaming machine 415 may include a communications interface 401 that handles communication between the gaming machine and its associated devices and the remainder of the gaming network. Communication interface 401 is coupled to an MPU 402. The MPU serves as the processor of the gaming machine. An interface referred to as a "SMIB" 403 (smart interface board or slot machine interface board) is coupled to the MPU and to the communication interface 401. SMIB 403 is coupled to one or more peripherals or other devices connected to the gaming machine 415, such as devices 404A to 404N of Figure 4A. In one embodiment of the invention, SMIB 403 uses an Ethernet or other high-speed communications link to the communication interface 401, MPU 402, and devices 404A through 404N. In one embodiment, the SMIB includes switching capabilities. In one embodiment, the SMIB is implemented with a Mastercom 300 manufactured by Bally Technologies. [0045] Figure 4B illustrates an alternate embodiment of a gaming machine and peripherals. The gaming machine communicates with its associated network via communications path 414 (which may be an Ethernet connection). Communication is handled by network distribution device 405. This device could be an Ethernet hub, for example, or any other suitable communications interface. The game machine includes an MPU 402 that provides processing for the game. A number of peripherals are included in the gaming machine and are coupled directly to the network distribution device 405 or to the MPU 402. In the embodiment of Figure 4B, such peripheral devices include lights 406, keypad 407, card reader 408, primary display 409, lights 410, button deck 411, printer 412, hopper 413, coin acceptor 414, bill acceptor 415, and secondary display 416. It is understood that not every gaming machine will have this exact configuration of peripherals. A gaming machine may have fewer or more peripherals, and different peripherals, without departing from the scope of the invention.
[0046] An alternate embodiment of a gaming machine and peripherals is illustrated in Figure 4C. Here the gaming machine remains coupled to its associated network via communication path 414 and network distribution device 405. The gaming machine includes an MPU 402 and a number of peripheral devices. In this embodiment, the devices are coupled to the network distribution device 405 and/or the MPU 402 via a plurality of protocols. These protocols could include parallel connections (e.g. lights 406), I2C connections (e.g. keypad 407), USB (e.g. card reader 408), LVDS (e.g. primary display 409) and other protocols. In this embodiment, the MPU 402 and/or the network distribution device 405 convert from the non-Ethernet protocol" to Ethernet protocol for communication via the network.
[0047] Each gaming network may use a number of network services for administration and operation. Dynamic Host Configuration Protocol (DHCP) allows central management and assignment of IP addresses within the gaming network. The dynamic assignment of IP addresses is used in one embodiment instead of statically assigned IP addresses for each network component. A DNS (domain name service) is used to translate between the domain names and the IP addresses of network components and services. DNS servers are well known in the art and are used to resolve the domain names to IP addresses on the Internet. [0048] Similarly, Network Time Protocol (NTP) may be used to synchronize time references within the network components for security and audit activities. It is important to have a consistent and synchronized clock so that the order and the timing of transactions within the gaming network can be known with reliability and certainty. Network information can be gathered centrally at a single workstation by using the Remote Monitoring (RMON) protocol. SNMP (simple network management protocol) allows network management components to remotely manage hosts on the network, thus providing scalability. In one embodiment of the gaming network, SNMPv3 is used to take advantage of embedded security mechanisms to mitigate malicious attacks made against the configuration management function. Still further, TFTP (trivial file transfer protocol) is used by servers to boot or download code to network components.
[0049] In one embodiment, the network may be implemented using the IPv6 protocol designed by the IETF (Internet Engineering Task Force). When using IPv6, the network may take advantage of the Quality of Service (QoS) features available with IPv6. QoS refers to the ability of a network to provide a guaranteed level of service (i.e. transmission rate, loss rate, minimum bandwidth, packet delay, etc). QoS may be used as an additional security feature in that certain transactions may request a certain QoS as a rule or pursuant to some schedule. Any fraudulent traffic of that nature that does not request the appropriate QoS is considered an attack and appropriate quarantine and counter measures are taken. [0050] Similarly, the Type of Service (ToS) capabilities of IPv4 may also be used in a similar manner to provide additional security cues for validation of transactions. Again, certain types of transactions may be associated with a particular specific ToS or a rotating schedule of ToS that is known by network monitors. [0051] ' Traffic Content
[0052] In an embodiment of the gaming network, the traffic content varies in size and sensitivity. Messages may comprise transactional messages related to game play, such as coin-in. Other messages may be related to management, administration, or sensitive information, such as administrator passwords, new game code, pay tables, win rates, patron personal data, or the like. [0053] Device Addressing
[0054] In one embodiment of the invention, each device, including each peripheral device in a game machine, could have its own MAC address. The central server could be responsible for assigning IP addresses to each device and gathering the devices into bindings that represent a physical location of a device. For example, all of the bindings of a gaming machine may be in a single binding. Alternatively, the network distribution device 405 may be responsible for assigning IP addresses to the devices within the game machine. [0055] In one embodiment, there is a common IP address (e.g. 10.5.5.32) for the gaming machine and that is owned by network distribution device 405. (In some cases, the MPU 402 and/or other devices, such as the printer, may have their own IP addresses). The remaining devices in the gaming machine are addressable by a unique port assignment attached to the common IP address. For example, PORT 5020 could be associated with the card reader 408, PORT 5030 with the hopper 413, and the like. Even though the physical connection with the peripheral may be, for example, an RS232 connection, the MPU 402 and network distribution device 405 communicate using the IP and PORT address. In some cases the communication itself may use a proprietary protocol yet still use the IP and PORT address as a destination. [0056] In cases where multiple protocols are used in the system, the network distribution service can act as an Internet Protocol Exchange (IPX) to facilitate the translation of TCP/IP network traffic to the native protocol of a device and vice-versa. In one embodiment, the device enablement may take advantage of a USB sharing hub such as the USB Multi-switch manufactured by Standard Microsystems, Corp. [0057] Initialization of Gaming Machine Devices
[0058] An embodiment of the invention provides a process for identifying devices coupled to a game machine. This process is described in Figure 5. At step 501, during initialization, each device (e.g. devices 404A - 404N) attempts to communicate with the network and transmits its MAC/IP address. The address is received by a switch in the game machine (e.g. the SMIB* 403, network distribution device 405, or the like) and a table of addresses of associated devices is assembled. This table is made available to the devices in the game machine so that the IP addresses of other devices within the gaming machine become available to each device.
[0059] At the identification step 502 each device identifies itself to other devices in the gaming machine. At step 503 a verification process is initiated so that it can be determined if the devices are valid devices on the network. At step 504 devices may begin to transmit data between themselves and to the core layer or other back-end server of the network. [0060] MAC/IP Transmission
[0061] A description of one embodiment of the MAC/IP transmission of step 501 is illustrated in the flow diagram of Figure 6. During a boot or initialization sequence 601, any network-connected device inside the gaming machine will attempt to communicate with the network at step 602 by sending its MAC/IP address via the SMIB or other switching device. The nature of this initial communication may be for a DHCP or BOOTP configuration, an ARP request, or any other attempt to identify itself to the back-end system. The MAC/IP addresses that are part of these communication attempts are added at step 603 to a table. This table is managed by the SMIB 403 in one embodiment, or by the MPU 402 in another embodiment. Eventually at step 604, a table will be generated that contains the MAC/IP addresses of all of the devices in the gaming machine.
[0062] In one embodiment, the devices send only their MAC addresses but the switch or other management device associates an IP address with each MAC address to populate a table. This embodiment may be used when IP addresses are assigned dynamically as described above.
[0063] At step 605, the switch or MPU, or whichever device is managing the address table, periodically transmits raw Ethernet frames, USB packets, or TCP packets that include a list of the attached MAC/IP addresses associated with that game machine. In one embodiment, the frame is sent on a regular basis (e.g. every three to five seconds) so that other devices can expect that frame and react appropriately if it is not received. The transmitted frame is sent to switches and game machines on the network. In one embodiment, the transmission is via User Datagram Protocol (UDP) but any suitable protocol may be used without departing from the spirit and scope of the invention. In this manner, game machine devices need only be able to recognize the frame to take action. Eventually all of the MAC/IP addresses of game machine devices are published throughout the network. In this embodiment, there is no necessity of flooding the network with broadcasts frames with address information. This information is distributed organically throughout the network. [0064] The process in one embodiment is an ongoing process, shown by the return path from step 605 to step 602 in Figure 6. The tables are rebroadcast periodically by the switch. This rebroadcast allows devices to learn about other new devices that have been added to the network. It also allows a device to know when another device has left the network. [0065] At this point in the process the information being collected is pre-authentication. It allows a list of possible devices to be known and addressable so that if the device is valid and authenticated, it can participate on the network. [0066] Identification [0067] The identification process 502 is described in conjunction with Figure 7. A device receives a MAC/IP transmission frame from the switch at step 701. This is an ongoing process during runtime as the switch periodically transmits Ethernet frames containing updated and new MAC/IP address information as described above. At step 702 the device identifies other devices within the same game machine or cabinet from information in the Ethernet frame. At step 703 the device initiates an identification communication with one or more other devices in the game machine. The form of this transmission at step 704 may be as simple as sending an "I'm here" message. In other embodiments, the identification message may include identification information about the device at step 704. This information may include information such as the port address, device ID, a preferred communication protocol, and the like. In other embodiments, such information is provided during communication negotiations. [0068] Verification
[0069] Once two devices have identified themselves to each other, a verification procedure can take place. The verification procedure is intended to establish that the device with which another device is communicating is a valid gaming device. In one embodiment of the invention, verification may be accomplished by using the protocol described herein in connection with Figures 3 and 4. Any suitable verification protocol may be utilized without departing from the scope and spirit of the invention. In-cabinet devices have similar security concerns as other network devices described herein. For example a device may not only need to identify itself to a central server, but may also need to identify itself to another device within the same cabinet.
[0070] In one embodiment, a verification method is used such as is described in pending U. S. Patent application number 10/243,912, filed on September 13, 2002, and entitled "Device Verification System and Method", assigned to the assignee of the invention, and incorporated by reference herein in its entirety. The invention provides a system and method for verifying a device by verifying the components of that device. The components may comprise, for example, software components, firmware components, hardware components, or structural components of an electronic device. These components include, without limitation, processors, persistent storage media, volatile storage media, random access memories, read-only memories (ROMs), erasable programmable ROMs, data files (which are any collections of data, including executable programs in binary or script form, and the information those programs operate upon), device cabinets (housings) or cathode ray tubes (CRTs). Identification numbers or strings of the components are read and then verified. The process of verifying may comprise matching each identification number in a database to determine whether each identification number is valid. In the case where a data file comprises one of a plurality of operating system files, verification of that file, in effect, comprises verifying part of an operating system. For data files, the file names may comprise the identification numbers.
[0071] The database may comprise a relational database, object database, or may be stored in XML format, or in a number of other formats that are commonly known. The database may also comprise an independent system stack of bindings, which comprise numbers, identification strings or signatures in the database for matching or authenticating the components, from manufacturers of the components, each identification number being verified using the binding from the manufacturer of the respective component to verify the component. Especially in the context of smaller devices such as personal digital assistants (PDAs), such a system stack may comprise a subset of one or more global component databases containing bindings from manufacturers of the components, each binding of the subset being associated with at least one of the identification numbers of one of the components in the device.
[0072] Structural components, such as cabinets, may contain an electronic identification chip embedded within them, such as a so-called Dallas chip or an IBUTTON device manufactured by Dallas Semiconductor of Dallas, Texas. These devices allow a unique identifier, placed within a semiconductor or chip, to be placed on a component that may or may not be electronic, such as a computer or gaming machine cabinet. The IBUTTON device is a computer chip enclosed in a 16 mm stainless steel can. The steel button can be mounted, preferably permanently or semi-permanently, on or in the structural component. Two wires may be affixed to the IBUTTON device, one on the top, and one on the bottom, to exchange data between the IBUTTON device and a processor, serial port, universal serial bus (USB) port, or parallel port.
[0073] The matching process may comprise matching each identification number based on the type of component that the identification number identifies. The identification number and the type of component are matched in the database in order to verify that the identification number is valid. Operation of the device may be stopped if any one of the identification numbers is not matched in the database. In the case of a game or gaming machine type of device, a tilt condition message is generated if any one of the identification numbers is not matched in the database.
[0074] The database may consist of a set of signatures, also called bindings. At least with respect to the components that comprise data files or firmware, a well-known hash function, the Secure Hash Function -1, also known as SHA-I, may be used to compute a 160-bit hash value from the data file or firmware contents. This 160-bit hash value, also called an abbreviated bit string, is then processed to create a signature of the game data using an equally well-known, one-way, private signature key technique, the Digital Signature Algorithm (DSA). The DSA uses a private key of a private key/public key pair, and randomly or pseudorandomly generated integers, to produce a 320-bit signature of the 160-bit hash value of the data file or firmware contents. This signature is stored in the database in addition to the identification number.
[0075] Either contained in the device, or in communication with the device, is a processor and a memory containing executable instructions or a software program file for verification of the components (verification software), which may itself be one of the components to verify. The verification software may be stored on a persistent storage media such as a hard disk device, read only memory (ROM), electrically erasable programmable read-only memory (EEPROM), in the aforementioned CMOS memory, battery-backed random access memory, flash memory or other type of persistent memory. Preferably, the verification software is stored in a basic input/output system (BIOS) on a solid-state persistent memory device or chip. BIOS chips have been used for storing verification software, such as the BIOS+ chip used by Bally Gaming Systems, Inc. of Las Vegas, NV in their EVO gaming system. Placing the verification software in the BIOS is advantageous because the code in the BIOS is usually the first code executed upon boot or start-up of the device, making it hard to bypass the verification process.
[0076] Alternatively, the verification software may be stored in a firmware hub, which may comprise the part of an electronic device or computer that stores BIOS information. In personal computer hub technology, such as that manufactured by the Intel Corporation of Santa Clara, California, a hub is used in place of a peripheral component interconnect (PCI) bus to connect elements of chipsets.
[0077] The persistent storage media may be a removable storage unit such as a CD-ROM reader, a WORM device, a CD-RW device, a floppy disk device, a removable hard disk device, a ZIP disk device, a JAZZ disk device, a DVD device, a removable flash memory device, or a hard card device. However, the database is preferably stored in a non-removable, secure device either within the device being verified, or remotely on a server, in order to enhance security.
[0078] The verification software executes a DSA verification of the data files and firmware components. Also stored in the database is the public key of the private key/public key pair. For each data file and firmware component, as part of the DSA verification, the processor and verification software first computes the hash value of the digital contents of the component using the SHA-I algorithm. The verification software then processes or authenticates this computed hash value, using the DSA signature verification algorithm, which also takes, as input, the aforementioned public key stored in the database. The verification part of the DSA produces a Boolean result (yes or no) as to whether the inputs solve the algorithm. If the algorithm is not solved by the inputs, then an unexpected result is produced, thereby failing to verify the particular component. This may cause a fault tilt to occur to prohibit the loading operation of the device. Otherwise, use of the device is permitted. A detailed description of the DSA can be found in the U.S. government's Federal Information Processing Standards Publication (FIPS) 186-2. That publication describes each step of the DSA signature generation and verification.
[0079] Alternatively, the set of executable instructions may use the Rivest-Shamir- Adleman (RSA) algorithm to verify the components. Using the RSA algorithm, a first abbreviated bit string or hash value is computed from each component's digital contents and encrypted into a digital signature. The digital signature is stored in the database along with the identification number for the component. When the device is verified, the component is verified by computing a second abbreviated bit string computed from the component's digital contents. The signature is retrieved from the database by searching the database for the identification number. The signature is decrypted to recover the first abbreviated bit string. The component is then verified by comparing the second abbreviated bit string with the first abbreviated bit string. If the first and second abbreviated bit strings do not match, then the component is not verified. As discussed below, this may cause a fault tilt to occur to prohibit the loading operation of the device. Otherwise, use of the device is permitted. [0080] Instead of creating a digital signature for, or signing, each data file individually, collections of data files may be signed together in order speed up processing. The abbreviated bit strings, hash values, or signatures, also called digests, of the collection of data files are collected into a catalog file, and the catalog is signed as described above. [0081] Communication
[0082] After verification between devices has been completed, they may begin communication. At step 801 of Figure 8, a device initiates a communication with another device. The sending device may include a section of the first message to provide needed information to the intended recipient. This information may include at step 802 the type of device, the protocol the device is using, any restrictions related to QOS, and other communication related information. At step 803 the recipient determines if it can communicate with the sender directly or if an interface is needed at decision block 804. If an interface is needed at step 806, the sender and receiver may need to communicate through the MPU or interface 110, for example, if the MPU includes software or firmware for translating appropriately for the devices. If the devices can communicate directly, then messages are sent back and forth using an accepted protocol at step 805.
[0083] The invention allows devices to be aware of each other's presence through MAC/IP transmissions. This permits the use of a single network port for each device to use to communicate with each other and with a back-end system. The devices do not need pre- knowledge of the MAC/IP addresses of other devices but can learn them at start up and during run-time. The system also allows a new device to be added to a game cabinet and have it be integrated and identified to the system without extensive IT effort. [0084] Although the invention has been described in connection with in-cabinet devices identifying themselves to each other, it is not limited to such an application. The invention may be used to provide identification of any network devices by organically updating identification information periodically in Ethernet frames. In addition, the invention is not limited to the specific network configuration described herein. Rather, the system can work with any number of network configurations without departing from the scope and spirit of the invention.
[0085] It will be apparent from the foregoing that, while particular forms of the claimed invention have been illustrated and described, various modifications can be made without departing from the spirit and scope of the claimed invention. Accordingly, it is not intended that the claimed invention be limited, except as by the appended claims.

Claims

CLAIMSWhat is Claimed is:
1. A gaming network comprising: a first sub-network using a first network protocol; a second sub-network using a second network protocol; an interface coupled to the first and second sub-networks to translate messages between the first and second sub-networks.
2. The gaming network of claim 1 wherein the second network protocol is SOAP over HTTPS.
3. The gaming network of claim 1 wherein the first network protocol is a proprietary system.
4. The gaming network of claim 1 wherein the interface comprises an S2S transport protocol.
5. The gaming network of claim 1 further including a first inbound command queue in said first sub-network for receiving messages containing commands from the second sub-network.
6. The gaming network of claim 5 further including a first outbound command queue in said first sub-network for sending messages containing commands to the second sub-network.
7. The gaming network of claim 6 further including a second inbound command queue in said second sub-network for receiving messages containing commands from the first sub-network.
8. The gaming network of claim 7 further including a second outbound command queue in said second sub-network for sending messages containing commands to said first sub-network.
PCT/US2006/032479 2005-09-07 2006-08-17 Hybrid gaming network WO2007030301A2 (en)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US11/220,781 US8392707B2 (en) 2005-09-07 2005-09-07 Gaming network
US11/220,781 2005-09-07
US11/319,034 2005-12-23
US11/319,034 US8118677B2 (en) 2005-09-07 2005-12-23 Device identification
US11/380,854 US20070054740A1 (en) 2005-09-07 2006-04-28 Hybrid gaming network
US11/380,854 2006-04-28

Publications (2)

Publication Number Publication Date
WO2007030301A2 true WO2007030301A2 (en) 2007-03-15
WO2007030301A3 WO2007030301A3 (en) 2007-05-03

Family

ID=37836335

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/032479 WO2007030301A2 (en) 2005-09-07 2006-08-17 Hybrid gaming network

Country Status (2)

Country Link
US (1) US20070054740A1 (en)
WO (1) WO2007030301A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8616978B2 (en) 2009-09-01 2013-12-31 Wms Gaming, Inc Managing wagering game applications and events
US9257006B2 (en) 2011-04-18 2016-02-09 Bally Gaming, Inc. Dynamic updating of content based on gaming-application context

Families Citing this family (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080220880A1 (en) * 2005-09-07 2008-09-11 Bally Gaming, Inc. Trusted Cabinet Identification System
US7967682B2 (en) 2006-04-12 2011-06-28 Bally Gaming, Inc. Wireless gaming environment
US8100753B2 (en) 2006-05-23 2012-01-24 Bally Gaming, Inc. Systems, methods and articles to facilitate playing card games with selectable odds
US8052519B2 (en) 2006-06-08 2011-11-08 Bally Gaming, Inc. Systems, methods and articles to facilitate lockout of selectable odds/advantage in playing card games
US9101820B2 (en) 2006-11-09 2015-08-11 Bally Gaming, Inc. System, method and apparatus to produce decks for and operate games played with playing cards
US9111078B2 (en) 2006-11-10 2015-08-18 Bally Gaming, Inc. Package manager service in gaming system
US20080171588A1 (en) * 2006-11-10 2008-07-17 Bally Gaming, Inc. Download and configuration server-based system and method with structured data
US8631501B2 (en) * 2006-11-10 2014-01-14 Bally Gaming, Inc. Reporting function in gaming system environment
US8478833B2 (en) 2006-11-10 2013-07-02 Bally Gaming, Inc. UDP broadcast for user interface in a download and configuration gaming system
US8191121B2 (en) * 2006-11-10 2012-05-29 Bally Gaming, Inc. Methods and systems for controlling access to resources in a gaming network
US8784212B2 (en) * 2006-11-10 2014-07-22 Bally Gaming, Inc. Networked gaming environment employing different classes of gaming machines
US8920233B2 (en) 2006-11-10 2014-12-30 Bally Gaming, Inc. Assignment template and assignment bundle in a gaming configuration and download system
US9275512B2 (en) 2006-11-10 2016-03-01 Bally Gaming, Inc. Secure communications in gaming system
US8195826B2 (en) 2006-11-10 2012-06-05 Bally Gaming, Inc. UDP broadcast for user interface in a download and configuration gaming method
US8930461B2 (en) * 2006-11-13 2015-01-06 Bally Gaming, Inc. Download and configuration management engine for gaming system
US8347280B2 (en) 2006-11-13 2013-01-01 Bally Gaming, Inc. System and method for validating download or configuration assignment for an EGM or EGM collection
US8131829B2 (en) * 2006-11-13 2012-03-06 Bally Gaming, Inc. Gaming machine collection and management
US9082258B2 (en) * 2006-11-13 2015-07-14 Bally Gaming, Inc. Method and system for providing download and configuration job progress tracking and display via host user interface
US8920236B2 (en) 2007-11-02 2014-12-30 Bally Gaming, Inc. Game related systems, methods, and articles that combine virtual and physical elements
US8201229B2 (en) 2007-11-12 2012-06-12 Bally Gaming, Inc. User authorization system and methods
US8616958B2 (en) * 2007-11-12 2013-12-31 Bally Gaming, Inc. Discovery method and system for dynamically locating networked gaming components and resources
US8721431B2 (en) 2008-04-30 2014-05-13 Bally Gaming, Inc. Systems, methods, and devices for providing instances of a secondary game
US9483911B2 (en) 2008-04-30 2016-11-01 Bally Gaming, Inc. Information distribution in gaming networks
US20090275401A1 (en) * 2008-04-30 2009-11-05 Bally Gaming, Inc. Method, system, apparatus, and article of manufacture for profile-driven configuration for electronic gaming machines (egms)
US9005034B2 (en) 2008-04-30 2015-04-14 Bally Gaming, Inc. Systems and methods for out-of-band gaming machine management
US8856657B2 (en) 2008-04-30 2014-10-07 Bally Gaming, Inc. User interface for managing network download and configuration tasks
US8366542B2 (en) 2008-05-24 2013-02-05 Bally Gaming, Inc. Networked gaming system with enterprise accounting methods and apparatus
US9443377B2 (en) 2008-05-30 2016-09-13 Bally Gaming, Inc. Web pages for gaming devices
US8412768B2 (en) 2008-07-11 2013-04-02 Ball Gaming, Inc. Integration gateway
US8266213B2 (en) 2008-11-14 2012-09-11 Bally Gaming, Inc. Apparatus, method, and system to provide a multiple processor architecture for server-based gaming
US8347303B2 (en) 2008-11-14 2013-01-01 Bally Gaming, Inc. Apparatus, method, and system to provide a multi-core processor for an electronic gaming machine (EGM)
US8423790B2 (en) * 2008-11-18 2013-04-16 Bally Gaming, Inc. Module validation
US8192283B2 (en) 2009-03-10 2012-06-05 Bally Gaming, Inc. Networked gaming system including a live floor view module
WO2012166927A1 (en) * 2011-06-02 2012-12-06 Numerex Corp. Wireless snmp agent gateway
US9058716B2 (en) 2011-06-06 2015-06-16 Bally Gaming, Inc. Remote game play in a wireless gaming environment
US9120007B2 (en) 2012-01-18 2015-09-01 Bally Gaming, Inc. Network gaming architecture, gaming systems, and related methods
US8974305B2 (en) 2012-01-18 2015-03-10 Bally Gaming, Inc. Network gaming architecture, gaming systems, and related methods

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6682423B2 (en) * 2001-04-19 2004-01-27 Igt Open architecture communications in a gaming network
US20040185936A1 (en) * 2003-03-17 2004-09-23 Block Rory L. Gaming terminal network with a message director
US20050113172A1 (en) * 2003-09-12 2005-05-26 Aristocrat Technologies Australia Pty, Ltd. Communications interface for a gaming machine

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10022423A1 (en) * 2000-05-09 2001-11-15 Bosch Gmbh Robert Method for control of equipment items or appliance/device in motor vehicle communications network, requires operating software to be made available in communications network device
US7951002B1 (en) * 2000-06-16 2011-05-31 Igt Using a gaming machine as a server
US8147334B2 (en) * 2003-09-04 2012-04-03 Jean-Marie Gatto Universal game server
US6908391B2 (en) * 2001-11-23 2005-06-21 Cyberscan Technology, Inc. Modular entertainment and gaming system configured for network boot, network application load and selective network computation farming
WO2003047211A1 (en) * 2001-11-23 2003-06-05 Cyberscan Technology, Inc. Method and systems for large scale controlled and secure data downloading
US7297062B2 (en) * 2001-11-23 2007-11-20 Cyberview Technology, Inc. Modular entertainment and gaming systems configured to consume and provide network services
US6945870B2 (en) * 2001-11-23 2005-09-20 Cyberscan Technology, Inc. Modular entertainment and gaming system configured for processing raw biometric data and multimedia response by a remote server
US6916247B2 (en) * 2001-11-23 2005-07-12 Cyberscan Technology, Inc. Modular entertainment and gaming systems
AU2002341754A1 (en) * 2002-07-05 2004-01-23 Cyberscan Technology, Inc. Secure game download
US7600251B2 (en) * 2003-03-10 2009-10-06 Igt Universal peer-to-peer game download
EP1611708A4 (en) * 2003-03-10 2009-12-30 Cyberview Technology Inc Dynamic configuration of a gaming system
US7337330B2 (en) * 2003-03-10 2008-02-26 Cyberview Technology, Inc. Universal game download system for legacy gaming machines
US20060116207A1 (en) * 2004-11-29 2006-06-01 Barona Tribal Gaming Authority Electronic gaming system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6682423B2 (en) * 2001-04-19 2004-01-27 Igt Open architecture communications in a gaming network
US20040185936A1 (en) * 2003-03-17 2004-09-23 Block Rory L. Gaming terminal network with a message director
US20050113172A1 (en) * 2003-09-12 2005-05-26 Aristocrat Technologies Australia Pty, Ltd. Communications interface for a gaming machine

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
BOX D. ET AL.: 'Simple Object Access Protocol (SOAP) 1.1', [Online] 08 May 2000, XP002216674 Retrieved from the Internet: <URL:http://www.w3.org/TR/2000/NOTE-SOAP-20 000508> *
'S2S Message Protocol v1.00' GAMING STANDARDS ASSOCIATION, [Online] 11 March 2005, Retrieved from the Internet: <URL:http://www.web.archive.org/web/2005031 1052509> *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8616978B2 (en) 2009-09-01 2013-12-31 Wms Gaming, Inc Managing wagering game applications and events
US9875604B2 (en) 2009-09-01 2018-01-23 Bally Gaming, Inc. Managing wagering game applications and events
US9257006B2 (en) 2011-04-18 2016-02-09 Bally Gaming, Inc. Dynamic updating of content based on gaming-application context
US9734666B2 (en) 2011-04-18 2017-08-15 Bally Gaming, Inc. Dynamic updating of content based on gaming-application context
US10319185B2 (en) 2011-04-18 2019-06-11 Bally Gaming, Inc. Dynamic updating of content based on gaming-application context

Also Published As

Publication number Publication date
US20070054740A1 (en) 2007-03-08
WO2007030301A3 (en) 2007-05-03

Similar Documents

Publication Publication Date Title
US20070054740A1 (en) Hybrid gaming network
US8118677B2 (en) Device identification
US20070054741A1 (en) Network gaming device peripherals
US8259597B1 (en) System for managing IP addresses in a network gaming environment
US8775316B2 (en) Wagering game with encryption and authentication
US8172684B2 (en) Networks for use in gaming
EP2556649B1 (en) Apparatus and method for inviting users to online sessions
US7370194B2 (en) Security gateway for online console-based gaming
US20080318685A9 (en) Controlled access layer system and method
US20080248879A1 (en) Gaming Device Firewall
US20090093312A1 (en) System and method for connecting gaming devices to a network for remote play
CA2501725A1 (en) System and method for connecting gaming devices to a network for remote play
EP1665732A2 (en) Player specific network
US20080220880A1 (en) Trusted Cabinet Identification System
US20100122320A1 (en) Secure and Self Monitoring Slot Gaming Network
US20090067629A1 (en) Table-based encryption/decryption techniques for gaming networks, and gaming networks incorporating the same
US10621817B2 (en) Ultra-thick gaming device
US8392707B2 (en) Gaming network
WO2007092608A2 (en) Wagering game server availability broadcast message system
US8075406B2 (en) Inter-game communications in multi-machine gaming system and method
US8259596B1 (en) Method for managing IP addresses in a network gaming environment
US20100120527A1 (en) Co-processor assisted software authentication method
US8241115B2 (en) Multiple key failover validation in a wagering game machine
US9251649B2 (en) System and method for connecting gaming devices to a network for remote play
US20100120526A1 (en) Co-processor assisted software authentication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2006813567

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06813567

Country of ref document: EP

Kind code of ref document: A2