WO2009061171A2 - Secure software licensing control mechanism - Google Patents
Secure software licensing control mechanism Download PDFInfo
- Publication number
- WO2009061171A2 WO2009061171A2 PCT/MY2008/000132 MY2008000132W WO2009061171A2 WO 2009061171 A2 WO2009061171 A2 WO 2009061171A2 MY 2008000132 W MY2008000132 W MY 2008000132W WO 2009061171 A2 WO2009061171 A2 WO 2009061171A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- software
- license code
- smart card
- user
- licensed
- Prior art date
Links
- 238000000034 method Methods 0.000 claims abstract description 20
- 238000013475 authorization Methods 0.000 claims 3
- 238000012795 verification Methods 0.000 abstract description 2
- 230000001419 dependent effect Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
Definitions
- the present invention relates to a control mechanism of licensed software. More particularly, the present invention relates to a system and method for protecting licensed software applications within a computer system from piracy.
- Piracy of digital content such as software and any content of any kind that is digitally stored and distributed is getting more prevalent nowadays.
- a mechanism for software licensing control is required.
- the purpose of software licensing control is to make sure that only users that have purchased the software is capable of using the software.
- license key is fixed or depending on the combination of username and organization data provided by the end user.
- U.S. Patent No. 7,200,760 describes a data encryption/decryption system where a user must obtain a license key in order to decrypt the critical data elements before the software program can use them.
- the data elements can be chosen such that their contents provide a control mechanism for the correct operation of the executable software program.
- the system allows for the inclusion of different data elements with or within a single version of the software program. However, this method can be easily cracked if the algorithm to derive the license key is known.
- U.S Patent No. 7,174,568 describes a product distribution and payment system for limited use or otherwise restricted digital software products which is made available to customers through a detachable local storage medium, such as a DVD or CD- ROM disc, or over a network connection.
- the software product may comprise a limited use product that is restricted in the number of plays or duration of use and the end user is allowed to download and purchase the product using his computer or playback console. When the preset time or number of plays has elapsed the software program is frozen and access to the program is not allowed.
- a two-way, public key/private key encryption system is implemented to transmit the product and usage information between the server providing the software product and the customer computer system.
- this method allows the system to provide a machine dependent control but not a user dependent control.
- the present invention is directed to overcoming one or more of the problems due to the limitations and disadvantages of the related arts.
- At least one of the above and other objects may be realized by providing a system and method for protecting a licensed software application from piracy within a computer system by using a smart card and license code.
- the system for protecting a licensed software application comprises a smart card containing a digital certificate and a private key, a licensed software containing a software module for authentication, a registration software running on a registration server and a license code generator which is running on a software vendor server for license code generation and encryption.
- the method comprises the steps of determining the presence of a license code, decrypting the license code using user's private key from the smart card, verifying a digital signature in the license code, and checking the expiry date of the software for execution of the software application. If the license code is not available, the method further requires the user to use certificate-based-login to a website and register using the smart card that is provided by the software vendor. Subsequently, user's information and certificate is sent through a secure channel to the vendor's server and server side application digitally signs the program license expiry date and encrypt with recipient public key. Then, the license code is sent back to the user and the decryption and verification process of the digital signature repeats.
- Fig. 1 illustrates a system for protecting licensed software applications from piracy within a computer system using a license code and a smart card according to the present invention
- Fig. 2 illustrates a diagram flow of a method for protecting licensed software applications from piracy within a computer system according to the present invention.
- a system for protecting licensed software applications 31 within a computer system from piracy comprises of:
- a smart card 32 containing a user digital certificate and a private key to decrypt license code sent by software vendor;
- a licensed software 31 installed in a computer 30 wherein the licensed software 31 contains a software module 33 which communicates with the smart card 32 in the authentication process;
- a registration software 11 running on a registration server 10 wherein the registration software 11 interacts with.
- the software module 33 through digital certificate based mutual authentication;
- a license code generator 21 running on a software vendor server 20 for license code generation and encryption.
- the software module 33 communicates with the smart card 32 to decrypt the license code and to verify the digital signature in the license code to check the expiry date of the software 31.
- the license code is decrypted using a private key in the smart card 32. Once the date has been verified, the software 33 is allowed to execute. If the software module 33 does not find the license code, the user has to use certificate-based-login to a website and register using the smart card 32 that is provided by the software vendor.
- the registration software 11 interacts with software module 33 via digital certificate based mutual authentication. User's digital certificate is used by the registration software 11 to gather information about the user. For this, the private key within smart card 32 is required in the process of digital certificate based authentication.
- the user's digital certificate is sent to license code generator 21 which further digitally signs the software license expiry date, generates license code for the user and encrypts the license code using public key extracted from the user's digital certificate forwarded by the registration software 11.
- the encrypted license code is sent by the license code generator 21 to the software module 33 and is further sent to the smart card 32 for decryption.
- the software module 33 sends the encrypted license code to smart card 32 directly without communicating with either the registration server 10 or software vendor server 20.
- the software module 33 Upon successful decryption, the software module 33 allows the software 31 to run.
Abstract
The present invention relates to a system and method for protecting a licensed software application (31) from piracy within a computer system by using a smart card (32) and a license code. The system for protecting a licensed software application (31) comprises a smart card (32), a licensed software (31), a registration software (11 ) running on a registration server (10) and a license code generator (21). Meanwhile, the method comprises the steps of determining the presence of a license code, decrypting the license code using user's private key from the smart card (32), verifying a digital signature in the license code, and checking the expiry date of the software (31) for execution of the software application. If the license code is not available, the method further requires the user to use certificate-based-login to a website and register using the smart card (32) that is provided by the software vendor. Subsequently, user's information and certificate is sent through a secure channel to the vendor's server and server side application digitally signs the program license expiry date and encrypt with recipient public key. Then, the license code is sent back to the user and the decryption and verification process of the digital signature repeats.
Description
SECURE SOFTWARE LICENSING CONTROL MECHANISM
The present invention relates to a control mechanism of licensed software. More particularly, the present invention relates to a system and method for protecting licensed software applications within a computer system from piracy.
BACKGROUND TO THE INVENTION
Piracy of digital content such as software and any content of any kind that is digitally stored and distributed is getting more prevalent nowadays. In order to curb the piracy of software and to sustain the business model of charging customers based on number of software installed, a mechanism for software licensing control is required. The purpose of software licensing control is to make sure that only users that have purchased the software is capable of using the software.
One of the most common license control mechanism is based on license key. Most of the time, the license key is fixed or depending on the combination of username and organization data provided by the end user. U.S. Patent No. 7,200,760 describes a data encryption/decryption system where a user must obtain a license key in order to decrypt the critical data elements before the software program can use them. The data elements can be chosen such that their contents provide a control mechanism for the correct operation of the executable software program. The system allows for the inclusion of different data elements with or within a single version of the software program. However, this method can be easily cracked if the algorithm to derive the license key is known.
Another method is based on having an external hardware or token connected to the computer via parallel port, COM port or USB. U.S Patent No. 7,174,568 describes a product distribution and payment system for limited use or otherwise restricted digital software products which is made available to customers through a detachable local storage medium, such as a DVD or CD-
ROM disc, or over a network connection. The software product may comprise a limited use product that is restricted in the number of plays or duration of use and the end user is allowed to download and purchase the product using his computer or playback console. When the preset time or number of plays has elapsed the software program is frozen and access to the program is not allowed. In one embodiment of the present invention, a two-way, public key/private key encryption system is implemented to transmit the product and usage information between the server providing the software product and the customer computer system. However, this method allows the system to provide a machine dependent control but not a user dependent control.
SUMMARY OF THE INVENTION
The present invention is directed to overcoming one or more of the problems due to the limitations and disadvantages of the related arts.
It is an object of the present invention to provide a secure software licensing control mechanism.
At least one of the above and other objects may be realized by providing a system and method for protecting a licensed software application from piracy within a computer system by using a smart card and license code. The system for protecting a licensed software application comprises a smart card containing a digital certificate and a private key, a licensed software containing a software module for authentication, a registration software running on a registration server and a license code generator which is running on a software vendor server for license code generation and encryption.
Meanwhile, the method comprises the steps of determining the presence of a license code, decrypting the license code using user's private key from the smart card, verifying a digital signature in the license code, and checking the expiry date of the software for execution of the software application. If the license code is not available, the method further requires the user to use certificate-based-login to a website and register using the smart card that is
provided by the software vendor. Subsequently, user's information and certificate is sent through a secure channel to the vendor's server and server side application digitally signs the program license expiry date and encrypt with recipient public key. Then, the license code is sent back to the user and the decryption and verification process of the digital signature repeats.
It is an advantage of the present invention to provide flexibility by allowing software companies to implement user dependent license control.
It is another advantage of the present invention to implement an asymmetric algorithm instead of symmetric algorithm used by a token which makes a license code unique for the user and therefore the software cannot activated by a different user.
These and other aspects, objects, features and advantages of the present invention will be more clearly understood and appreciated from a review of the following detailed description of the preferred embodiment and appended claims, and by reference to the accompanying drawings.
BRIEF DESCRtPTION OF THE DRAWINGS
The specific features, aspects, and advantages of the present invention will become better understood with regard to the following description, appended claims, and accompanying drawings where:
Fig. 1 illustrates a system for protecting licensed software applications from piracy within a computer system using a license code and a smart card according to the present invention; and
Fig. 2 illustrates a diagram flow of a method for protecting licensed software applications from piracy within a computer system according to the present invention.
DETAILED DESCRIPTION OF THE INVENTION
In the following description of the preferred embodiments of the present invention, reference is made to the accompanying drawings which form a part hereof, and in which is shown by way of illustration specific embodiments in which the invention may be practiced. It is understood that other embodiments may be utilized and structural changes may be made without departing from the scope of the present invention.
Referring to Fig. 1, a system for protecting licensed software applications 31 within a computer system from piracy according to the present invention comprises of:
a smart card 32 containing a user digital certificate and a private key to decrypt license code sent by software vendor;
a licensed software 31 installed in a computer 30 wherein the licensed software 31 contains a software module 33 which communicates with the smart card 32 in the authentication process;
a registration software 11 running on a registration server 10 wherein the registration software 11 interacts with. the software module 33 through digital certificate based mutual authentication; and
a license code generator 21 running on a software vendor server 20 for license code generation and encryption.
In Fig. 2, when a user executes the licensed software 31, the software module 33 communicates with the smart card 32 to decrypt the license code and to verify the digital signature in the license code to check the expiry date of the software 31. The license code is decrypted using a private key in the smart card 32. Once the date has been verified, the software 33 is allowed to execute.
If the software module 33 does not find the license code, the user has to use certificate-based-login to a website and register using the smart card 32 that is provided by the software vendor. The registration software 11 interacts with software module 33 via digital certificate based mutual authentication. User's digital certificate is used by the registration software 11 to gather information about the user. For this, the private key within smart card 32 is required in the process of digital certificate based authentication. Upon successful registration, the user's digital certificate is sent to license code generator 21 which further digitally signs the software license expiry date, generates license code for the user and encrypts the license code using public key extracted from the user's digital certificate forwarded by the registration software 11.
The encrypted license code is sent by the license code generator 21 to the software module 33 and is further sent to the smart card 32 for decryption. Once the encrypted license code is available in the computer 30, the software module 33 sends the encrypted license code to smart card 32 directly without communicating with either the registration server 10 or software vendor server 20. Upon successful decryption, the software module 33 allows the software 31 to run.
Claims
1. A system for protecting licensed software applications (31) within a computer system from piracy by providing a software module (33) prompting for user's authorization information during execution of the licensed software application (31), comprising:
a smart card (32) containing user digital certificate and a private key to decrypt license code sent by a software vendor;
a licensed software (31) installed in a computer (30), said licensed software (31) containing a software module (33) which communicates with the smart card (32) for authentication;
a registration software (11) running on a registration server (10), said registration software (11) interacts with the software module (33) through digital certificate based mutual authentication; and
a license code generator (21 ) running on a software vendor server (20) for license code generation and encryption.
2. A method for protecting a licensed software application (31 ) from piracy within a computer system by providing a software module (33) prompting for user's authorization information during execution of the licensed software application (31), wherein said authorization information is a private key stored in a smart card (32) and a license code is provided in the licensed software (31), whereby if the said license code is present, the following steps are executed:
(i) decrypting the license code using a private key stored in the smart card (32);
(ii) verifying a digital signature in the license code; and (iii) checking the date of expiry of the licensed software (31), wherein the licensed software is executed if the date is not expired,
whereby if the said license code is not present, then following steps are executed:
(iv) registering a user using certificate-based-login to a website to obtain a digital certificate using the private key stored in smart card (32);
(v) sending the digital certificate to a license code generator (21) together with encrypting the license code using public key extracted from the user's digital certificate forwarded by a registration software (11); and
(vi) sending the encrypted license code to the smart card (32) for decryption, whereby the software (31) is executed by the software module (33) after decryption.
3. A method according to claim 2, wherein the digital certificate of step (iv) is used by registration software (11) to gather information on the user.
4. A method according to claim 2, wherein the license code generator (21) of step (v) digitally signs a date of expiry for the licensed software (31) and encrypts the license code using the digital certificate forwarded by the registration software (11).
5. A method according to claim 2, wherein the encrypted license code of step (vi) can only be decrypted using a matching private key stored in the smart card (32).
6. A method according to claim 2, wherein the software module (33) of step (vi) sends the encrypted license code to the smart card (32) without communicating with the registration server (10) or with the software vendor server (20).
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
MYPI20071944 MY146126A (en) | 2007-11-09 | 2007-11-09 | Secure software licensing control mechanism |
MYPI20071944 | 2007-11-09 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2009061171A2 true WO2009061171A2 (en) | 2009-05-14 |
WO2009061171A3 WO2009061171A3 (en) | 2009-10-15 |
Family
ID=40626360
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/MY2008/000132 WO2009061171A2 (en) | 2007-11-09 | 2008-11-10 | Secure software licensing control mechanism |
Country Status (2)
Country | Link |
---|---|
MY (1) | MY146126A (en) |
WO (1) | WO2009061171A2 (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108268767A (en) * | 2016-12-30 | 2018-07-10 | 北京国双科技有限公司 | Web application authorization method and device |
CN110796220A (en) * | 2019-10-11 | 2020-02-14 | 北京如易行科技有限公司 | Identification code sending system based on public transport |
CN112579989A (en) * | 2020-12-23 | 2021-03-30 | 杭州安司源科技有限公司 | Anti-piracy method for network service software |
CN113343212A (en) * | 2021-06-25 | 2021-09-03 | 成都商汤科技有限公司 | Device registration method and apparatus, electronic device, and storage medium |
CN116415222A (en) * | 2023-05-09 | 2023-07-11 | 南京中图数码科技有限公司 | Authorization management method and system for cloud design platform of process industrial digital factory |
WO2023174943A1 (en) * | 2022-03-15 | 2023-09-21 | Wibu-Systems Ag | License binding of an application license to a device |
CN110796220B (en) * | 2019-10-11 | 2024-04-30 | 北京如易行科技有限公司 | Public transportation-based identification code sending system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001001227A1 (en) * | 1999-06-30 | 2001-01-04 | Accenture Llp | A system, method and article of manufacture for tracking software sale transactions of an internet-based retailer for reporting to a software publisher |
US20010051996A1 (en) * | 2000-02-18 | 2001-12-13 | Cooper Robin Ross | Network-based content distribution system |
KR20030033863A (en) * | 2001-10-25 | 2003-05-01 | (주)엔라인시스템 | The method and system of multistage user certification using active user-certifiable card of USB module type |
EP1942392A1 (en) * | 2001-03-28 | 2008-07-09 | Macrovision Corporation | Method, apparatus and optical medium for enabling playback of encrypted digital video on a plurality of playback devices having different security characteristics |
-
2007
- 2007-11-09 MY MYPI20071944 patent/MY146126A/en unknown
-
2008
- 2008-11-10 WO PCT/MY2008/000132 patent/WO2009061171A2/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001001227A1 (en) * | 1999-06-30 | 2001-01-04 | Accenture Llp | A system, method and article of manufacture for tracking software sale transactions of an internet-based retailer for reporting to a software publisher |
US20010051996A1 (en) * | 2000-02-18 | 2001-12-13 | Cooper Robin Ross | Network-based content distribution system |
EP1942392A1 (en) * | 2001-03-28 | 2008-07-09 | Macrovision Corporation | Method, apparatus and optical medium for enabling playback of encrypted digital video on a plurality of playback devices having different security characteristics |
KR20030033863A (en) * | 2001-10-25 | 2003-05-01 | (주)엔라인시스템 | The method and system of multistage user certification using active user-certifiable card of USB module type |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108268767A (en) * | 2016-12-30 | 2018-07-10 | 北京国双科技有限公司 | Web application authorization method and device |
CN110796220A (en) * | 2019-10-11 | 2020-02-14 | 北京如易行科技有限公司 | Identification code sending system based on public transport |
CN110796220B (en) * | 2019-10-11 | 2024-04-30 | 北京如易行科技有限公司 | Public transportation-based identification code sending system |
CN112579989A (en) * | 2020-12-23 | 2021-03-30 | 杭州安司源科技有限公司 | Anti-piracy method for network service software |
CN112579989B (en) * | 2020-12-23 | 2022-06-24 | 杭州安司源科技有限公司 | Anti-piracy method for network service software |
CN113343212A (en) * | 2021-06-25 | 2021-09-03 | 成都商汤科技有限公司 | Device registration method and apparatus, electronic device, and storage medium |
WO2023174943A1 (en) * | 2022-03-15 | 2023-09-21 | Wibu-Systems Ag | License binding of an application license to a device |
CN116415222A (en) * | 2023-05-09 | 2023-07-11 | 南京中图数码科技有限公司 | Authorization management method and system for cloud design platform of process industrial digital factory |
CN116415222B (en) * | 2023-05-09 | 2023-10-20 | 南京中图数码科技有限公司 | Authorization management method and system for cloud design platform of process industrial digital factory |
Also Published As
Publication number | Publication date |
---|---|
WO2009061171A3 (en) | 2009-10-15 |
MY146126A (en) | 2012-06-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6233567B1 (en) | Method and apparatus for software licensing electronically distributed programs | |
US5864620A (en) | Method and system for controlling distribution of software in a multitiered distribution chain | |
US7742992B2 (en) | Delivery of a secure software license for a software product and a toolset for creating the software product | |
US7124443B2 (en) | Information transaction system | |
US6195432B1 (en) | Software distribution system and software utilization scheme for improving security and user convenience | |
KR100912276B1 (en) | Electronic Software Distribution Method and System Using a Digital Rights Management Method Based on Hardware Identification | |
EP1253741B1 (en) | Method and system for generation and management of secret key of public key cryptosystem | |
CA2212813C (en) | Method and apparatus for cryptographically protecting data | |
CN101689237B (en) | Activation system architecture | |
US6308266B1 (en) | System and method for enabling different grades of cryptography strength in a product | |
US8646091B2 (en) | Digital software license procurement | |
US20110296175A1 (en) | Systems and methods for software license distribution using asymmetric key cryptography | |
CN107146120B (en) | Electronic invoice generation method and generation device | |
US20040088541A1 (en) | Digital-rights management system | |
CN101512536A (en) | System and method for authenticating a gaming device | |
KR100502580B1 (en) | Method for distrubution of copyright protected digital contents | |
JP2001175468A (en) | Method and device for controlling use of software | |
Aura et al. | Software License Management with Smart Cards. | |
JPH1131130A (en) | Service providing device | |
US6651169B1 (en) | Protection of software using a challenge-response protocol embedded in the software | |
WO2009061171A2 (en) | Secure software licensing control mechanism | |
EP1471405A1 (en) | Method and device for protecting information against unauthorised use | |
KR101858562B1 (en) | Security system for selling and using e-training contents | |
US7895449B2 (en) | System and method for securely delivering installation keys to a production facility | |
JP2004297550A (en) | Content management system and content distribution system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 08846314 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 08846314 Country of ref document: EP Kind code of ref document: A2 |