CN100495285C - Method for protecting software - Google Patents
Method for protecting software Download PDFInfo
- Publication number
- CN100495285C CN100495285C CN 200510130169 CN200510130169A CN100495285C CN 100495285 C CN100495285 C CN 100495285C CN 200510130169 CN200510130169 CN 200510130169 CN 200510130169 A CN200510130169 A CN 200510130169A CN 100495285 C CN100495285 C CN 100495285C
- Authority
- CN
- China
- Prior art keywords
- program
- software
- kernel program
- target platform
- kernel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The method collocate protection program for each copy of kernel program to be protected, and converts kernel program to format, which is not possible to be run on target platform. Protection program is needed to start up before the kernel program is utilized. The method includes steps: (1) protection program determines whether authentication of authorization is passed; if yes, then executing step (2); otherwise, interrupting current process flow; (2) after recovering the kernel program not executable on the target platform to format executable on the target platform, the protection program starts up the kernel program. Thus, obtaining executable program from software developer, software issuer also protects software without need of obtaining source code of software. Software issuer and software developer can concern own content concerned respectively. The invention also lowers developing condition of software issuer so as to reduce cost, and shorten cycle for issuing software.
Description
Technical field
The invention belongs to the digital content protection field, specially refer to the method for protecting software when utilizing flash card or flash disk storage distributed software.
Background technology
The key factor that will consider when software protection is software publishing, so-called software protection are meant that the software user should could normally use software after authorized.Can guarantee that to software protection software is not by illegal distribution.Because its safe coefficient height, more and more general is applied among the software publishing with the checking method for protecting software that combines of hardware.This method is generally the checking hardware that one of every cover software distribution has unique identifying number, and when using software, requirement must provide normally operating software of this checking hardware simultaneously.That is to say, only have with the corresponding checking hardware of software and just can obtain use authority, so just guaranteed that software can not be by illegal distribution.
In the prior art,, need in the function code of finishing the software kernels function, insert extra protection code, go to carry out coherent detection by the protection code in order to allow software detect corresponding with it checking hardware information in the process of implementation; Simultaneously, function code is made certain modification, make function code in finishing the process of Core Feature, call the protection code.Owing to prevent the problem that software need be paid close attention to by the illegal distribution person that is the software publishing, therefore protect the exploitation and the insertion of code, and the design of supporting checking hardware finished by the software publishing person.This just needs the software publishing, and the person must obtain the source code of software from the software developer before distributed software.
But along with software publishing person and software developer are more and more independent, the software publishing person can't obtain the source code of software usually.Even obtained the source code of software, also need to finish function code and revise, protect work such as code insertion and recompility.This process steps is various, can prolong the cycle of software publishing; And the person has almost same with software developer exploitation condition to require the software publishing, so can increase the cost of software publishing.
Summary of the invention
In view of this, fundamental purpose of the present invention is to provide a kind of method of software protection, and the person that makes the software publishing need not to obtain software source code and can protect the software that will issue.
In order to achieve the above object; the invention provides a kind of method of software protection, be every part of corresponding defence program of kernel program configuration that needs protection, and convert kernel program to form that target platform can't move; start defence program when using kernel program earlier, this method also comprises:
Steps A, defence program judge whether by authority checking, if pass through then execution in step B, otherwise interrupt current treatment scheme;
Step B, defence program read the kernel program that target platform can't move, and convert thereof into the volatile memory that is stored in target platform behind the form that target platform can move, and start kernel program then.
Wherein, describedly convert kernel program to form that target platform can't move and be: kernel program is encrypted;
Describedly convert kernel program to form that target platform can move and be: kernel program is deciphered.
Wherein, described kernel program is encrypted as:
With identical key the kernel program that is about to be stored in the different storage mediums is encrypted.
Wherein, described kernel program is encrypted as:
For the kernel program that is about to be stored in the different storage mediums distributes the key that has nothing in common with each other, every part of kernel program is encrypted with the key of this part kernel program correspondence.
Wherein, described key is relevant with the hardware identification number of described storage medium.
Wherein, described storage medium is: flash card or flash disk.
Wherein, further be every part of corresponding checking hardware of kernel program configuration, described judging whether by authority checking is:
Authority checking flow process according to based on checking hardware has judged whether to provide correct checking hardware, if then think by authority checking, otherwise thinks by authority checking.
Wherein, described checking hardware is the storage medium of storage kernel program and defence program.
Wherein, further comprise after the step B:
Defence program stops the operation of self.
Adopt technical scheme provided by the present invention; be that executable program with software changes into the form that target platform can't move before software publishing; be again the executable program of software to be reverted to the form that target platform can move when software uses by defence program; that is to say, only the executable program of software is handled.This shows that the executable program that the software publishing person only needs to obtain software from the software developer can be protected software, and do not need to obtain the source code of software.The content of being absorbed in separately to be paid close attention to that makes so at first that software publishing person and software developer can walk abreast, promptly the software developer is absorbed in the software kernels function development, and the software publishing person is absorbed in the exploitation of Software Protection Technique; Next has reduced the requirement of the condition of developing for the software publishing person, thereby has reduced the cost of software publishing, has shortened the cycle of software publishing.
Description of drawings
Fig. 1 is the treatment scheme of embodiment when software publishing of method for protecting software provided by the invention.
Fig. 2 is the treatment scheme of embodiment when software uses of method for protecting software provided by the invention.
Embodiment
Core concept of the present invention is; the software publishing person protects the executable program of software to convert to behind the form that target platform can't move desire and supporting checking hardware is together issued; when need moving the executable program of desire protection software, target platform carries out authority checking by another executable program earlier; then desire is protected the executable program of software to revert to the form that target platform can move if the verification passes, started the executable program of desire protection software then.In the present invention, the executable program of desire protection software is called kernel program, and another executable program is called defence program, and kernel program and defence program are one to one.
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with drawings and the specific embodiments.
Please refer to Fig. 1, Fig. 1 is the treatment scheme of embodiment when software publishing of method for protecting software provided by the invention.
Converting kernel program to form that target platform can't move can have a variety of methods, for example kernel program is encrypted, and perhaps the data of kernel program is done certain transcoding, coding transform.Like this, have only through deciphering or inverse transformation and could move kernel program at target platform.
Especially, if adopt method of encrypting to convert kernel program to form that target platform can't move, can adopt dual mode in the time of encryption: a kind of mode be all to issue what stored on the distribution media of this software all be that kernel program is through the form after the same secret key encryption; Another kind of mode is that what to be stored on the distribution media of every part of this software of distribution is that kernel program is through the form after the different secret key encryptions.
Defence program is the executable program that can move on target platform, and its effect is to carry out authority checking after startup, then kernel program is converted to the form that target platform can move if the verification passes, and carries out kernel program.Here,, whether provide correct checking hardware to judge the user if the authority checking technology that is based on checking hardware that adopts so, is describedly carried out authority checking and referred to and detect the check verify hardware information,
Between distribution media and the supporting checking hardware is to concern one to one, and the distribution media that each part stores software and defence program all has corresponding with it supporting checking hardware.
Especially, if with flash card as the distribution media, so can be with same flash card as supporting checking hardware.Because each flash card all has a unique identification number, defence program can judge whether the software user provides correct checking hardware according to this identification number when using software.
If in step 102, what stored on the distribution media of every part of this software of distribution is kernel program through the form after the different secret key encryptions, and the key that adopts when encrypting so can be relevant with the identification number of supporting checking hardware.
In step 102, if the authority checking technology that is not based on checking hardware that described authority checking is adopted so just can be omitted step 103.
Please refer to Fig. 2, Fig. 2 is the treatment scheme of embodiment when software uses of method for protecting software provided by the invention.
In software publishing, kernel program is stored in the distribution media after being converted into the form that target platform can't move.After the kernel program that defence program can't move target platform from the distribution media read and convert to the form that target platform can move, the kernel program that target platform can be moved write on the volatile memory of target platform.
Why to use the volatile memory of target platform; be because if the protected program of the kernel program that target platform can move has write the nonvolatile memory of target platform; so after running software stops; just can from the nonvolatile memory of target platform, read the kernel program that target platform can move and distributed, thereby can on other target platforms, directly move kernel program.And kernel program is not done relevant authority checking when operation, does not just possess the software protection function yet.And the volatile memory of use target platform; after running software stops; the shared storage space of the kernel program that target platform can move is released; so just can't from volatile memory, read the kernel program that target platform can move; thereby all must start defence program earlier when needing the operation kernel program at every turn; through relevant authority checking, and then guaranteed that software not by illegal distribution, realized software protection.
Especially, if the mode of adopt encrypting before software publishing converts kernel program to form that target platform can't move, so described herein with kernel program convert to form that target platform can move for and kernel program is deciphered.
For not by the situation of authority checking, defence program can stop the operation of self; Also can point out user's authority checking not stop the operation of self by the back; Can also point out the user that correct checking hardware is provided.
Above-mentioned steps 202 is exactly the process of authority checking to step 204 in fact.In this specific embodiment, the authority checking technology that is based on checking hardware of employing.In actual applications, can also adopt other authority checking technology, for example based on authority checking technology of sequence number etc.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (9)
1, a kind of method of software protection; it is characterized in that, be every part of corresponding defence program of kernel program configuration that needs protection, and convert kernel program to form that target platform can't move; start defence program when using kernel program earlier, this method also comprises:
Steps A, defence program judge whether by authority checking, if pass through then execution in step B, otherwise interrupt current treatment scheme;
Step B, defence program read the kernel program that target platform can't move, and convert thereof into the volatile memory that is stored in target platform behind the form that target platform can move, and start kernel program then.
2, the method for software protection according to claim 1 is characterized in that, describedly converts kernel program to form that target platform can't move and is: kernel program is encrypted;
Describedly convert kernel program to form that target platform can move and be: use the key that employed key is identical when encrypting that kernel program is deciphered.
3, the method for software protection according to claim 2 is characterized in that, described kernel program is encrypted as:
With identical key the kernel program that is about to be stored in the different storage mediums is encrypted.
4, the method for software protection according to claim 2 is characterized in that, described kernel program is encrypted as:
For the kernel program that is about to be stored in the different storage mediums distributes the key that has nothing in common with each other, every part of kernel program is encrypted with the key of this part kernel program correspondence.
5, the method for software protection according to claim 4 is characterized in that, described key is relevant with the hardware identification number of described storage medium.
According to the method for claim 3 or 4 described software protections, it is characterized in that 6, described storage medium is: flash card or flash disk.
7, the method for software protection according to claim 1 is characterized in that, further is every part of corresponding checking hardware of kernel program configuration, and described judging whether by authority checking is:
Authority checking flow process according to based on checking hardware has judged whether to provide correct checking hardware, if then think by authority checking, otherwise thinks by authority checking.
8, the method for software protection according to claim 7 is characterized in that, described checking hardware is the storage medium of storage kernel program and defence program.
9, the method for software protection according to claim 1 is characterized in that, further comprises after the step B:
Defence program stops the operation of self.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510130169 CN100495285C (en) | 2005-12-19 | 2005-12-19 | Method for protecting software |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510130169 CN100495285C (en) | 2005-12-19 | 2005-12-19 | Method for protecting software |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1987715A CN1987715A (en) | 2007-06-27 |
| CN100495285C true CN100495285C (en) | 2009-06-03 |
Family
ID=38184539
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200510130169 Expired - Fee Related CN100495285C (en) | 2005-12-19 | 2005-12-19 | Method for protecting software |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100495285C (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100464301C (en) * | 2007-08-09 | 2009-02-25 | 威盛电子股份有限公司 | Applied program processing method and system |
| CN103164640A (en) * | 2011-12-08 | 2013-06-19 | 北京深思洛克软件技术股份有限公司 | Executive method of executable file in control software protective device |
| CN108259429B (en) * | 2016-12-29 | 2021-01-29 | 航天信息股份有限公司 | Method and system for controlling software distribution |
| CN109299945B (en) * | 2017-07-24 | 2020-10-09 | 深圳荆虹科技有限公司 | Identity verification method and device based on biological recognition algorithm |
-
2005
- 2005-12-19 CN CN 200510130169 patent/CN100495285C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN1987715A (en) | 2007-06-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210294879A1 (en) | Securing executable code integrity using auto-derivative key | |
| CN103210396B (en) | Comprise the method and apparatus of the framework for the protection of sensitive code and data | |
| US6134659A (en) | Controlled usage software | |
| US9633183B2 (en) | Modular software protection | |
| US6749115B2 (en) | Dual processor trusted computing environment | |
| US7971017B1 (en) | Memory card with embedded identifier | |
| CN101872404B (en) | Method for protecting Java software program | |
| CN109992987B (en) | Script file protection method and device based on Nginx and terminal equipment | |
| CN106529218B (en) | Application verification method and device | |
| EP2264640B1 (en) | Feature specific keys for executable code | |
| MX2007011377A (en) | Secure boot. | |
| US20110167498A1 (en) | Software License Management | |
| US20080263542A1 (en) | Software-Firmware Transfer System | |
| CN103065072A (en) | Method and device to improve Java software jailbreak difficulty and copyright verification method | |
| US20110271350A1 (en) | method for protecting software | |
| CN101031923A (en) | Method, device and computer program product for activating the right of use of at least one secured content item | |
| CN103440441A (en) | Software protection method and system | |
| US20100031373A1 (en) | Method and system for secure flexible software licensing | |
| JP5567033B2 (en) | Software license protection method, system therefor, server, terminal, and computer-readable recording medium | |
| CN104794388A (en) | Application program access protection method and application program access protection device | |
| CN100495285C (en) | Method for protecting software | |
| US20020147922A1 (en) | Software protection mechanism | |
| JP5036475B2 (en) | Program control apparatus and method and program | |
| CN102937907A (en) | Method for utilizing secure digital (SD) card to perform licensed software installation and update | |
| US20070056040A1 (en) | Data carrier belonging to an authorized domain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: CHINA POTEVIO CO., LTD. Free format text: FORMER OWNER: PUTIAN IT TECH INST CO., LTD. Effective date: 20130924 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| C56 | Change in the name or address of the patentee |
Owner name: PUTIAN IT TECH INST CO., LTD. Free format text: FORMER NAME: PUTIAN INST. OF INFORMATION TECHNOLOGY |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: HAIDIAN, BEIJING TO: 100080 HAIDIAN, BEIJING |
|
| CP03 | Change of name, title or address |
Address after: No. two, 6 North Street, Beijing, Haidian District, Haidian Patentee after: PETEVIO INSTITUTE OF TECHNOLOGY Co.,Ltd. Address before: 100085, No. two, 2 street, base of information industry, Beijing Patentee before: POTEVIO Institute of Information Technology |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20130924 Address after: 100080, No. two, 2 street, Zhongguancun science and Technology Park, Beijing, Haidian District Patentee after: CHINA POTEVIO CO.,LTD. Address before: No. two, 6 North Street, Beijing, Haidian District, Haidian Patentee before: PETEVIO INSTITUTE OF TECHNOLOGY Co.,Ltd. |
|
| ASS | Succession or assignment of patent right |
Owner name: PUTIAN IT TECH INST CO., LTD. Free format text: FORMER OWNER: CHINA POTEVIO CO., LTD. Effective date: 20131205 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20131205 Address after: 100080 Beijing, Haidian, North Street, No. two, No. 6, No. Patentee after: PETEVIO INSTITUTE OF TECHNOLOGY Co.,Ltd. Address before: 100080, No. two, 2 street, Zhongguancun science and Technology Park, Beijing, Haidian District Patentee before: CHINA POTEVIO CO.,LTD. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090603 Termination date: 20211219 |