JP2017058711A - License management apparatus, license management system, license management program, and license management method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To ensure proper license management when a virtual machine is used.SOLUTION: A storage unit 1a stores the number of available virtual machines or software programs to be executed by the virtual machines, by user information. On receipt of a machine code C1 from a virtual machine 2a, an arithmetic operation unit 1b acquires user information Y1 from the machine code C1. The arithmetic operation unit 1b determines whether to permit use of the virtual machine 2a or software on the virtual machine 2a, on the basis of the number of available software of the user information Y1 stored in the storage unit 1a. The arithmetic operation unit 1b transmits an authentication code including the machine code C1, to the virtual machine 2a when permitting use. The arithmetic operation unit 1b transmits an error code to the virtual machine 2a when not permitting use.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a license management apparatus, a license management system, a license management program, and a license management method.

  In the field of information processing, virtualization technology is used to operate a virtual computer (sometimes called a virtual machine or logical host) on a physical computer (sometimes called a physical machine or physical host). ing. Software such as an OS (Operating System) can be executed on each virtual machine. A physical machine that uses a virtualization technology executes software for managing a plurality of virtual machines. For example, software called a hypervisor may allocate a processing capacity of a CPU (Central Processing Unit) and a storage area of a RAM (Random Access Memory) to a plurality of virtual machines as computing resources.

  Software programs such as an OS and applications executed in the virtual machine can be provided as an image file that is a data image of the auxiliary storage device. The physical machine can execute a virtual machine and software on the virtual machine based on the image file.

  By the way, in the information processing system, various software is executed by a computer. Some software has a function of authenticating a user or a license. For example, a logical volume dedicated to each user is defined in the storage, and when the user uses a computer, the user is authenticated, and access to the LU (Logical Unit) dedicated to the user is permitted only from the computer used by the user. There are suggestions to control. In addition, there is a proposal for performing automatic login authentication of a user by providing the arithmetic device terminal with cookie information recorded on the management server side when booting the arithmetic device terminal with a read-only external medium.

JP 2007-293922 A JP 2009-139976 A

The image file used to execute the virtual machine can be duplicated on another physical machine. For this reason, management of software use licenses in virtual machines becomes a problem.
For example, after a certain software is properly license-authenticated in a certain virtual machine and information indicating that the software has been authenticated is added to the image file, the image file can be copied onto another physical machine. Then, a virtual machine including software in a license-authenticated state is started by another physical machine using the copied image file, and there is a possibility that the software is used illegally.

  In this regard, it is conceivable to manage whether the software executed on the virtual machine on the physical machine has been license-authenticated by executing the license management software on each physical machine. However, the provider of the virtual machine image file does not necessarily manage each physical machine. In other words, it may be difficult to introduce the license management software to each physical machine, and it is not easy to prevent unauthorized use of the software.

  In one aspect, an object of the present invention is to provide a license management apparatus, a license management system, a license management program, and a license management method that can appropriately perform license management when using a virtual machine.

  In one aspect, a license management apparatus that communicates with an information processing apparatus capable of executing a virtual machine is provided. This license management apparatus includes a storage unit and a calculation unit. The storage unit stores, for each user information, the virtual machine or the number of usable software executed by the virtual machine. When the calculation unit receives the first code generated based on the user information and the unique information of the virtual machine from the virtual machine, the calculation unit acquires the user information from the first code, and based on the user information and the available number It is determined whether or not the use of the virtual machine or software is permitted. If permitted, the second code including the first code is transmitted to the virtual machine. If not permitted, the third code indicating an error is virtually transmitted. Send to machine.

  In one aspect, license management when using a virtual machine can be performed appropriately.

It is a figure which shows the license management apparatus of 1st Embodiment. It is a figure which shows the information processing system of 2nd Embodiment. It is a figure which shows the hardware example of a management server. It is a figure which shows the example of the file used for operation | movement of a virtual machine. It is a figure which shows the function example of an information processing system. It is a figure which shows the example of specific information. It is a figure which shows the example of a user management table. It is a figure which shows the example of a virtual machine management table. It is a figure which shows the example of an authentication code. It is a flowchart which shows the process example at the time of the start of use of a virtual machine. It is a flowchart which shows the process example of the license management of a management server. It is a figure which shows the specific example of the authentication process at the time of image file duplication. It is a figure which shows the other example of a table (the 1). It is a figure which shows the other example of a table (the 2).

Hereinafter, the present embodiment will be described with reference to the drawings.
[First Embodiment]
FIG. 1 is a diagram illustrating a license management apparatus according to the first embodiment. The license management apparatus 1 is connected to the information processing apparatuses 2 and 3 via the network 4. The license management apparatus 1 communicates with the information processing apparatuses 2 and 3 via the network 4. The information processing apparatus 2 is a physical machine that can execute the virtual machine 2a. The information processing apparatus 3 is a physical machine that can execute the virtual machine 3a. The information processing apparatuses 2 and 3 may execute software called a hypervisor. The hypervisor of the information processing apparatus 2 operates the virtual machine 2a using hardware resources such as a CPU and a RAM provided in the information processing apparatus 2. Similarly, the hypervisor of the information processing apparatus 3 operates the virtual machine 3a using hardware resources such as a CPU and a RAM provided in the information processing apparatus 3.

  Here, the information processing apparatus 2 includes a storage device, and stores the image file 2b and the configuration file 2c by the storage device. The image file 2b is image data of the auxiliary storage device of the virtual machine 2a. The image file 2b may be referred to as a virtual disk image or a disk file. For example, in the image file 2b, software (OS, middleware, application software, etc.) executed by the virtual machine 2a is already installed. The configuration file 2c is data regarding physical resources allocated to the virtual machine 2a. The configuration file 2c includes unique information X1 of the virtual machine 2a. The unique information X1 is information unique to the virtual machine 2a. As an example of the unique information X1, a UUID (Universally Unique IDentifier), a MAC (Media Access Control) address, or the like can be considered. For example, the hypervisor of the information processing apparatus 2 can operate the virtual machine 2a based on the image file 2b and the configuration file 2c. Here, as will be described later, the virtual machine 3a is a virtual machine that is activated by an image file 3b that is a copy of the image file 2b (the virtual machine 3a can be said to be a so-called clone of the virtual machine 2a).

  The license management apparatus 1 is an information processing apparatus that manages licenses of software executed by the virtual machines 2a and 3a or the virtual machines 2a and 3a. For example, the software that is subject to license management by the license management apparatus 1 may be an OS, middleware, or application software executed by the virtual machines 2a and 3a. The license management apparatus 1 may be called a computer.

  The license management device 1 includes a storage unit 1a and a calculation unit 1b. The storage unit 1a may be a volatile storage device such as a RAM (Random Access Memory) or a non-volatile storage device such as an HDD (Hard Disk Drive) or a flash memory. The calculation unit 1b may include a CPU (Central Processing Unit), a DSP (Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), an FPGA (Field Programmable Gate Array), and the like. The calculation unit 1b may be a processor that executes a program. As used herein, the “processor” may include a set of multiple processors (multiprocessor).

  The storage unit 1a stores a virtual machine or the number of usable software in the virtual machine for each user information. The user information includes a user ID and the like. It can also be said that the user information is account information related to the user account. Specifically, the storage unit 1a stores license information T1. The license information T1 is information on the correspondence between the user information of the user and the number of usable virtual machines or software. The usable number of virtual machines is the number of virtual machines that a user may use. The number of usable software is the number of use licenses for each user (the number allowed to be installed in a virtual machine).

  For example, a user can purchase a right to use a virtual machine started from an image file from the provider of the image file. Further, for example, the user can purchase a right to install and use software in a virtual machine from a software vendor or the like. Then, the usable number of license information T1 can be added according to the number of purchases (for example, a license addition code issued according to the number of purchases is input to the license management apparatus 1). For example, the user can install and use software in a virtual machine. Then, the available number of license information T1 decreases according to the number of installations. The license management apparatus 1 may manage the available number (difference between the upper limit number and the current usage number) based on the upper limit number that can be used by the user and the current usage number.

  For example, in the license information T1, information “1” that can be used for a user “A” is registered for a virtual machine or software started from a certain image file. This indicates that one use of the virtual machine or software is permitted for the user corresponding to the user information “A”. Further, for example, in the license information T1, information on the number of usable information “2” is registered for the user information “B” for the software. This indicates that the software is allowed to be used in two ways for the user corresponding to the user information “B”.

  The computing unit 1b receives a first code (hereinafter referred to as a machine code) generated based on the user information and the unique information of the virtual machine from the virtual machine. For example, the virtual machine 2a is used by the user U1. The user U1 can operate the input device connected to the information processing apparatus 2 to use the virtual machine 2a, or operate the terminal apparatus connected to the information processing apparatus 2 via the network 4, The virtual machine 2a can also be used via the network 4. For example, when the user U1 tries to start using the virtual machine 2a, the virtual machine 2a displays a predetermined login screen on the display device connected to the information processing device 2 or the terminal device operated by the user U1, The input of the user information Y1 by the user U1 is received. Then, the virtual machine 2a generates a machine code C1 based on the unique information X1 and user information Y1 of the virtual machine 2a, and transmits the machine code C1 to the license management apparatus 1. The computing unit 1b receives the machine code C1 from the virtual machine 2a.

The computing unit 1b acquires user information from the machine code, and determines whether to permit the use of the virtual machine or the software to be managed based on the user information and the available number.
For example, the calculation unit 1b acquires user information Y1 from the machine code C1. The computing unit 1b determines whether or not the software to be managed is available to the user U1 based on the available number for each user information registered in the user information Y1 and the license information T1. For example, the user information Y1 indicates “A”. According to the license information T1, the usable number of management target software for the user information “A” is “1”. In this case, the software can be used by the user U1. Note that if the user information record of interest does not exist in the license information T1, or if the available number is “0” even if the record exists, the software cannot be used by the user U1.

  When permitting use, the computing unit 1b transmits a second code (hereinafter referred to as an authentication code) including a machine code (first code) to the virtual machine. In addition, when the operation unit 1b does not permit the use, the operation unit 1b transmits a third code indicating an error (hereinafter referred to as an error code) to the virtual machine.

  For example, when it is determined in the above-described availability determination that the corresponding software can be used by the user U1, the arithmetic unit 1b transmits an authentication code C including the machine code C1 to the virtual machine 2a. At this time, the calculation unit 1b subtracts 1 from the number of available software users U1 (user information “A”) in the license information T1. On the other hand, when it is determined in the above availability determination that the corresponding software is not usable by the user U1, the arithmetic unit 1b transmits an error code to the virtual machine 2a. A series of processing from the reception of the machine code by the calculation unit 1b to the transmission of the authentication code (or error code) can be said to be the license authentication processing by the license management apparatus 1.

  When the virtual machine 2a receives the error code from the license management apparatus 1, the virtual machine 2a determines that the user U1 is an unauthorized user and does not permit the use of the virtual machine 2a or the management target software.

  When the virtual machine 2a receives the authentication code C, the virtual machine 2a adds the authentication code C to the image file 2b. The virtual machine 2a verifies that the machine code C1 included in the authentication code C is created based on the unique information X1 and user information Y1 of the virtual machine 2a. When the verification is successful, the virtual machine 2a permits the user U1 to use the virtual machine 2a or the management target software. The virtual machine 2a determines that the verification is successful when both the machine code C1 created by the unique information X1 and the user information Y1 match the machine code C1 included in the authentication code C. On the other hand, if the two do not match, the virtual machine 2a determines that the verification has failed. When the verification fails, the virtual machine 2a does not allow the user U1 to use the virtual machine 2a or the software to be managed (since there is a possibility that an unauthorized operation such as code falsification has been performed in a series of authentication processes). ).

  Similarly, the virtual machine 2a can use the authentication code C added to the image file 2b to determine whether or not the user can use the virtual machine 2a. Specifically, the virtual machine 2a generates the machine code C1 using the user information Y1 input by the user U1 and the unique information X1 each time the user logs in to the virtual machine 2a. When the generated machine code C1 and the machine code C1 included in the authentication code C in the image file 2b match, the virtual machine 2a permits the use of the virtual machine 2a or software to be managed. If the two do not match, the virtual machine 2a transmits the machine code generated this time to the license management apparatus 1 without receiving permission to use the virtual machine 2a or software to be managed, and receives license authentication again.

  This makes it possible to appropriately manage licenses for software executed on the virtual machine. Specifically, it is as follows. For example, the user U1 or the user U2 can store the image file 3b obtained by duplicating the image file 2b in a storage device included in the information processing apparatus 3. Then, the information processing apparatus 3 can operate the virtual machine 3a that is a clone of the virtual machine 2a on the information processing apparatus 3 using the image file 3b.

  In this case, the virtual machine 3a performs authentication based on the authentication code C included in the image file 3b, similarly to the virtual machine 2a. For example, in order to operate the virtual machine 3a, the configuration file 3c is newly generated in the information processing apparatus 3. The configuration file 3c includes unique information X2 of the virtual machine 3a. The unique information X2 takes a value different from the unique information X1. At this time, the virtual machine 3a generates the machine code C2 based on the unique information X2 and the user information Y2 input by the user U2, and collates it with the machine code C1 included in the authentication code C. In this case, since they do not match, the virtual machine 3a transmits the machine code C2 to the license management apparatus 1 and receives license authentication again.

  Alternatively, the virtual machine 3a generates a machine code based on the unique information X2 and the user information Y1 input by the user U1, and collates it with the machine code C1 included in the authentication code C. In this case, since they do not match, the virtual machine 3a transmits the generated machine code to the license management apparatus 1 and receives license authentication again.

  On the other hand, for example, it is also conceivable to store in the image file 2b authenticated information (not including a machine code) indicating that a certain software has been license-authenticated. However, in this case, if the image file 3b is created by duplicating the image file 2b, the virtual machine 3a can be activated by the image file 3b with the corresponding software already authenticated. If this happens, an unauthorized user without a license may illegally use a virtual machine or software, or a licensed user may illegally use a virtual machine or software beyond the number permitted by the license. There is.

  On the other hand, according to the license management apparatus 1, a machine code is acquired from the virtual machine 2a, license authentication is performed, and an authentication code including the machine code is transmitted to the virtual machine 2a. When the user U2 uses the virtual machine 2a or when the user U1 or the user U2 tries to use the virtual machine 3a, the license management apparatus 1 can impose license authentication again, and the license management can be performed appropriately. It can be carried out.

[Second Embodiment]
FIG. 2 illustrates an information processing system according to the second embodiment. The information processing system according to the second embodiment includes a management server 100, business servers 200 and 200a, and PCs (Personal Computers) 300 and 300a. The management server 100 is connected to the network 10. The network 10 may be a LAN (Local Area Network), the Internet, a WAN (Wide Area Network), or the like. The business servers 200 and 200a and the PCs 300 and 300a are connected to the network 20. The network 20 is a LAN, for example. The network 20 is connected to the network 10.

  The management server 100 is a server computer that manages licenses of software executed on the business servers 200 and 200a. Managed software includes OS, middleware, and application software. The management server 100 is an example of the license management apparatus 1 according to the first embodiment.

  The business servers 200 and 200a are server computers that support a user's business. The business servers 200 and 200a execute virtual machines. The virtual machine executes various kinds of software (including OS, middleware, and application software) that are used for user's business support. The business servers 200 and 200a are examples of the information processing apparatuses 2 and 3 according to the first embodiment.

  The PCs 300 and 300a are client computers used by users. The PC 300 is used by the user 30. The PC 300a is used by the user 30a. The user 30 can request the business process from the virtual machine operating on the business server 200 by operating the PC 300. Then, the virtual machine that has received the request executes business processing, and returns the result to the PC 300. When the PC 300 starts using a virtual machine operating on the business servers 200 and 200a, the PC 300 inputs user information to the virtual machine and receives login authentication. Similarly, the user 30a can operate the PC 300a to use the business server 200 or a virtual machine that operates on the business server 200a.

  FIG. 3 is a diagram illustrating a hardware example of the management server. The management server 100 includes a processor 101, a RAM 102, an HDD 103, an image signal processing unit 104, an input signal processing unit 105, a medium reader 106, and a communication interface 107. Each unit is connected to the bus of the management server 100. The business servers 200 and 200a and the PCs 300 and 300a can also be realized using the same units as the management server 100.

  The processor 101 controls information processing of the management server 100. The processor 101 may be a multiprocessor. The processor 101 is, for example, a CPU, DSP, ASIC, or FPGA. The processor 101 may be a combination of two or more elements of CPU, DSP, ASIC, FPGA, and the like.

  The RAM 102 is a main storage device of the management server 100. The RAM 102 temporarily stores at least part of an OS program and application programs to be executed by the processor 101. The RAM 102 stores various data used for processing by the processor 101.

  The HDD 103 is an auxiliary storage device of the management server 100. The HDD 103 magnetically writes and reads data to and from the built-in magnetic disk. The HDD 103 stores an OS program, application programs, and various data. The management server 100 may include other types of auxiliary storage devices such as flash memory and SSD (Solid State Drive), or may include a plurality of auxiliary storage devices.

  The image signal processing unit 104 outputs an image to the display 11 connected to the management server 100 in accordance with an instruction from the processor 101. As the display 11, a CRT (Cathode Ray Tube) display, a liquid crystal display, or the like can be used.

  The input signal processing unit 105 acquires an input signal from the input device 12 connected to the management server 100 and outputs it to the processor 101. As the input device 12, for example, a pointing device such as a mouse or a touch panel, a keyboard, or the like can be used.

  The medium reader 106 is a device that reads programs and data recorded on the recording medium 13. As the recording medium 13, for example, a magnetic disk such as a flexible disk (FD) or an HDD, an optical disk such as a CD (Compact Disc) or a DVD (Digital Versatile Disc), or a magneto-optical disk (MO) is used. Can be used. Further, as the recording medium 13, for example, a non-volatile semiconductor memory such as a flash memory card can be used. For example, the medium reader 106 stores the program and data read from the recording medium 13 in the RAM 102 or the HDD 103 in accordance with an instruction from the processor 101.

  The communication interface 107 communicates with other devices via the network 10. The communication interface 107 may be a wired communication interface or a wireless communication interface.

The management server 100, the business servers 200 and 200a, and the PCs 300 and 300a may incorporate at least one of the display 11 and the input device 12.
FIG. 4 is a diagram illustrating an example of a file used for the operation of the virtual machine. The business server 200 executes the hypervisor V1. The business server 200a executes the hypervisor V2. The hypervisors V1 and V2 are sometimes called virtual machine monitors (VMMs).

  The hypervisor V1 operates the virtual machine M1 on the business server 200 using resources such as a processor and a memory included in the business server 200. At this time, a virtual auxiliary storage device that can be used by the virtual machine M1 is provided as an image file F11.

  The image file F11 is a file stored in an auxiliary storage device such as an HDD or an SSD provided in the business server 200. The image file F11 is data of the auxiliary storage device in a state where the OS, middleware, and application software are installed in advance. It can also be said that the image file F11 is data corresponding to a virtual auxiliary storage device (also referred to as a virtual disk). That is, the process of storing data in the nonvolatile storage device by the virtual machine M1 corresponds to storing the data in the image file F11. For example, when software such as the OS of the virtual machine M1 is properly license-authenticated, the virtual machine M1 adds authentication information indicating that the license has been authenticated to the image file F11.

  Information regarding the hardware configuration of the virtual machine M1 is provided as a configuration file F12. The configuration file F12 includes unique information (UUID, MAC address, etc.) related to hardware used in the virtual machine M1. For example, the UUID is determined when the configuration file F12 is created based on a predetermined identifier of the business server 200 and the storage path of the configuration file F12. Further, for example, a unique value is assigned to each virtual machine for the MAC address in accordance with a predetermined rule or statically by a system administrator.

  Here, the image file F11 can be copied in the same manner as a normal file managed by the file system of the business server 200. For this reason, for example, the image file F21, which is a file obtained by copying the image file F11, can be stored in the auxiliary storage device of the business server 200a via the network 20 or using a recording medium. Then, the hypervisor V2 can operate the virtual machine M2 based on the image file F21 using resources such as a processor and a memory included in the business server 200a. In this case, the configuration file F22 cannot be operated properly unless the settings specific to the virtual machine M2 are set (for example, if there are duplicate MAC addresses in the virtual machines M1 and M2) Etc.) For this reason, the business server 200a newly creates a configuration file F22 having a setting different from that of the configuration file F12 for the virtual machine M2.

  As described above, the business server 200a can operate the virtual machine M2, which is a so-called clone of the virtual machine M1, using the image file F21. If the image file F21 includes software authentication information, it is determined that the license authentication has been completed based on the authentication information when the virtual machine M2 is operating. Then, even though the user is not licensed, there is a risk that the corresponding software is used. Alternatively, although the user is a licensed user, the corresponding software may be used even though the number of licenses is exceeded. Therefore, the information processing system according to the second embodiment provides a function that enables appropriate management of software licenses in a virtual machine.

  FIG. 5 is a diagram illustrating an example of functions of the information processing system. The management server 100 includes a storage unit 110, an authentication unit 120, and an authentication code generation unit 130. The storage unit 110 is realized as a storage area secured in the RAM 102 or the HDD 103. The authentication unit 120 and the authentication code generation unit 130 are realized by the processor 101 executing a program stored in the RAM 102.

  The storage unit 110 stores license management information for managing licenses related to the use of software by the user. In the second embodiment, an OS executed in the virtual machines M1 and M2 is considered as an example of license management target software. However, the management server 100 can similarly manage licenses for other types of software such as middleware and application software. Alternatively, when a virtual machine is used as a virtual appliance in which the OS, middleware, application software, and the like are combined into one, it is possible to manage licenses in units of virtual appliances. Further, the license to be managed may be a license relating to the use of the virtual machine itself (the virtual machine itself is also realized by software, so the use license of the virtual machine may be considered as the use license of the software).

  Based on the machine code received from the virtual machine M1 and the license management information stored in the storage unit 110, the authentication unit 120 performs license authentication for software (here, OS) used in the virtual machine M1. The machine code is a code created by the virtual machine M1 based on the unique information of the virtual machine M1 and the user information of the user 30 input to the virtual machine M1.

  The authentication code generation unit 130 generates a predetermined code according to the result of the license authentication by the authentication unit 120 and transmits it to the virtual machine M1. There are two types of codes generated by the authentication code generation unit 130. The first is an authentication code indicating that the license authentication is successful. The second is an error code indicating that the license authentication has failed. The authentication code includes a machine code acquired from the virtual machine M1. The authentication code includes a machine ID assigned to the virtual machine M1 by the management server 100. The machine ID is a management ID given to each virtual machine by the management server 100. The authentication code generation unit 130 may encrypt the authentication code and the error code and transmit them to the business server 200. As the encryption method, for example, a common key method or a public key method can be used.

  The business server 200 includes a storage unit 210, a machine code generation unit 220, and a verification unit 230. The storage unit 210 is realized as a storage area secured in the HDD provided in the business server 200. The machine code generation unit 220 and the verification unit 230 are realized by executing a program stored in a RAM included in the business server 200 by a processor included in the business server 200. The functions of the machine code generation unit 220 and the verification unit 230 are realized on the virtual machine M1. Therefore, for example, programs that realize the functions of the machine code generation unit 220 and the verification unit 230 are stored in the image file F11. For example, the machine code generation unit 220 and the verification unit 230 are functions executed by the virtual machine M1 at the timing of login processing when the user 30 starts using the virtual machine M1.

  The storage unit 210 stores an image file F11 and a configuration file F12. Specific contents of the image file F11 and the configuration file F12 are as illustrated in FIG.

  The machine code generation unit 220 accepts input of user information by the user 30. The machine code generation unit 220 generates a machine code using the unique information included in the configuration file F12 and the user information input by the user 30, and transmits the machine code to the management server 100. For example, the machine code generation unit 220 generates a first character string having a first length by performing a predetermined irreversible operation on information obtained by combining single or plural pieces of unique information related to the virtual machine M1. . In addition, the machine code generation unit 220 generates a second character string having a second length by performing a predetermined reversible operation on the user information. The machine code generation unit 220 sets the result of adding the second character string to the first character string as the machine code. Then, the management server 100 can obtain the second character string by removing the first length part of the machine code, and can restore the user information from the second character string by the reversible operation. It is. The code length of the machine code and the code lengths of the first and second character string portions are agreed in advance between the management server 100 and the business server 200. The machine code generation unit 220 may encrypt the machine code and transmit it to the management server 100. As the encryption method, for example, a common key method or a public key method can be used.

  The verification unit 230 receives an authentication code or an error code from the management server 100. The authentication code or error code is a code generated by the management server 100 with respect to the machine code transmitted by the machine code generation unit 220. As described above, the authentication code includes a machine code and a machine ID. The code length of the machine ID is agreed in advance between the management server 100 and the business server 200.

  The verification unit 230 verifies the authentication code. Specifically, the verification unit 230 causes the machine code generation unit 220 to generate a machine code again using the user information input by the user 30 and the unique information included in the configuration file F12. When the machine code generation unit 220 has already generated the machine code, the machine code may be stored in the storage unit 210 and used for verification. The verification unit 230 acquires a machine code from the received authentication code.

  The verification unit 230 determines whether the machine code generated by the machine code generation unit 220 matches the machine code included in the authentication code. If both machine codes match, the verification unit 230 determines that the license authentication is successful, and permits the user 30 to use the virtual machine M1. Then, the user 30 can log in to the virtual machine M1 and use the business service provided by the virtual machine M1. If the two machine codes do not match, the verification unit 230 determines that the license authentication has failed, and does not permit the use of the virtual machine M1 by the user 30. In this case, the user 30 cannot log in to the virtual machine M1 and cannot use the virtual machine M1. If the verification unit 230 determines that the license authentication has failed, the verification may be performed again from the step of transmitting the machine code to the management server 100 by the machine code generation unit 220.

  The verification unit 230 may receive an error code from the management server 100. When the verification unit 230 receives an error code from the management server 100, the verification unit 230 determines that the license authentication has failed and does not permit the user 30 to use the virtual machine M1. In this case, the user 30 cannot log in to the virtual machine M1 and cannot use the virtual machine M1.

In the above example, the virtual machine M1 has been described as an example, but the virtual machine M2 similarly has functions corresponding to the machine code generation unit 220 and the verification unit 230.
FIG. 6 is a diagram illustrating an example of unique information. The unique information 211 is included in the configuration file F12. The unique information 211 includes, for example, items such as UUID and MAC address, and values set in each item. For example, the UUID value of the virtual machine M1 is “UUID_a”. The value of the MAC address of the virtual machine M1 is “MAC_b”.

  The unique information 211 is information unique to the virtual machine M1. The virtual machine M2 also has the same items (UUID and MAC address) as unique information, but the value set in each item is different from the value of the unique information of the virtual machine M1. The unique information 211 may include information unique to the virtual machine M1 other than the UUID and the MAC address.

  FIG. 7 is a diagram illustrating an example of a user management table. The user management table 111 is stored in the storage unit 110. The user management table 111 includes items of the user ID and the number that can be registered.

  User identification information (user ID) is registered in the user ID field. The number of licenses owned by the corresponding user is registered with respect to the OS subject to license management in the registerable number field (this number of licenses is referred to as the number that can be registered). This number of licenses can also be said to be the upper limit of the number of installations of the OS in the virtual machine permitted for the corresponding user.

  For example, information that the user ID is “X” and the number that can be registered is “3” is registered in the user management table 111. This indicates that the number of licenses of the management target OS held by the user identified by the user ID “X” is “3”. That is, the corresponding user is permitted to install and use the OS for a total of three virtual machines.

  FIG. 8 is a diagram illustrating an example of a virtual machine management table. The virtual machine management table 112 is stored in the storage unit 110. The virtual machine management table 112 includes items of user ID, machine code, and machine ID.

The user ID is registered in the user ID item. The machine code is registered in the machine code item. The machine ID is registered in the machine ID item.
For example, information that the user ID is “X”, the machine code is “a1bc3d...”, And the machine ID is “12345” is registered in the virtual machine management table 112. This indicates that the user identified by the user ID “X” is using the OS subject to license management in the virtual machine corresponding to the machine code “a1bc3d...” And the machine ID “12345”.

  A record is added to the virtual machine management table 112 for each combination of a virtual machine and a user. For example, when the user identified by the user ID “X” uses the corresponding OS by another virtual machine, one record is added to the virtual machine management table 112. In the example of FIG. 8, the user identified by the user ID “X” uses the OS of the license management target using two virtual machines.

  FIG. 9 is a diagram illustrating an example of the authentication code. The authentication code 40 is generated by the management server 100 and provided to the business server 200 as described above. The authentication code 40 includes a machine code and a machine ID. When the verification unit 230 receives the authentication code 40 and succeeds in the verification, the verification unit 230 adds the authentication code 40 to the image file F11.

  Then, the image file F11 is licensed for the user 30 and the virtual machine M1. Thereafter, the verification unit 230 can perform login authentication of the virtual machine M1 that is activated based on the image file F11, using the authentication code 40 included in the image file F11.

  Specifically, when the user 30 logs in again, the machine code generation unit 220 acquires user information input by the user 30, and based on the unique information included in the configuration file F12 and the acquired user information. Generate machine code. In addition, the verification unit 230 acquires a machine code from the authentication code 40 included in the image file F11. The verification unit 230 determines whether or not the machine code generated this time matches the machine code acquired from the authentication code 40. The verification unit 230 determines that login authentication is successful when both machine codes match, and determines that login authentication fails when both machine codes do not match.

Next, a processing procedure executed in the information processing system according to the second embodiment will be described.
FIG. 10 is a flowchart illustrating a processing example at the start of use of a virtual machine. In the following, the process illustrated in FIG. 10 will be described in order of step number.

  (S11) The machine code generation unit 220 receives user information of the user 30 from the PC 300. Here, the user 30 can use the virtual machine M <b> 1 by operating the PC 300. For example, the virtual machine M1 may provide the PC 300 with GUI (Graphical User Interface) information for inputting user information when the user 30 uses the virtual machine M1.

  (S12) The machine code generation unit 220 generates a machine code using the user information received from the PC 300 and the unique information included in the configuration file F12. For example, the machine code generation unit 220 generates a first character string by performing a predetermined irreversible operation on information obtained by combining single or plural pieces of unique information related to the virtual machine M1. In addition, the machine code generation unit 220 generates a second character string by performing a predetermined reversible operation on the user information. The machine code generation unit 220 sets the result of adding the second character string to the first character string as the machine code.

  (S13) The machine code generation unit 220 determines whether there is an authentication code in the image file F11. If there is an authentication code in the image file F11, the process proceeds to step S17. If there is no authentication code in the image file F11, the process proceeds to step S14.

  (S14) The machine code generation unit 220 transmits the machine code generated in step S12 to the management server 100. As described above, the machine code generation unit 220 may encrypt the machine code using a predetermined key and transmit it to the management server 100.

  (S15) The verification unit 230 receives a response (authentication code or error code) to the machine code from the management server 100. The authentication code or error code may be encrypted. In that case, the verification unit 230 decrypts the authentication code or the error code using a predetermined key.

  (S16) The verification unit 230 determines whether an error code has been received. If an error code is received, the process proceeds to step S20. If the error code has not been received (that is, the authentication code has been received), the process proceeds to step S17.

  (S17) The verification unit 230 verifies the authentication code and determines whether the verification result is normal. If the verification result is normal, the process proceeds to step S18. If the verification result is not normal, the process proceeds to step S20. Specifically, if the machine code generated in step S12 matches the machine code included in the authentication code, the verification result is normal. On the other hand, if the machine code generated in step S12 does not match the machine code included in the authentication code, the verification result is not normal. Here, the authentication code from which the machine code is extracted differs depending on whether the process proceeds to Yes or No in step S13. In the case of Yes in step S13, the authentication code from which the machine code is extracted is the authentication code included in the image file F11. On the other hand, in the case of No in step S13, the authentication code from which the machine code is extracted is the authentication code received from the management server 100 in step S15.

  (S18) The verification unit 230 adds an authentication code to the image file F11. In the case of Yes in step S13, since the same authentication code has already been stored in the image file F11, step S18 may be skipped and the process may proceed to step S19.

(S19) The verification unit 230 permits the user 30 to use the virtual machine M1. The user 30 can use the OS executed by the virtual machine M1. Then, the process ends.
(S20) The verification unit 230 disallows use of the virtual machine M1 by the user 30. The user 30 cannot use the virtual machine M1. Then, the process ends. If Yes in step S13 and No in step S17, the process may proceed to step S14. That is, the license authentication by the management server 100 may be received again for use by the user 30 of the virtual machine M1.

FIG. 11 is a flowchart illustrating a processing example of license management of the management server. In the following, the process illustrated in FIG. 11 will be described in order of step number.
(S21) The authentication unit 120 receives a machine code from the virtual machine M1. The machine code may be encrypted. In that case, the authentication unit 120 decrypts the machine code using a predetermined key.

  (S22) The authentication unit 120 extracts the user ID from the machine code. For example, the authentication unit 120 acquires the second character string by removing the first character string having the first length from the machine code, and performs a predetermined reversible operation on the second character string. By applying, a user ID can be acquired.

  (S23) The authentication unit 120 determines whether or not the user ID extracted in step S22 is registered in the user management table 111. If registered, the process proceeds to step S24. If not registered, the process proceeds to step S28.

  (S24) The authentication unit 120 refers to the virtual machine management table 112 and determines whether or not the used number by the corresponding user ID is smaller than the number that can be registered. If the used number by the corresponding user ID is smaller than the number that can be registered, the process proceeds to step S25. If the number of used by the corresponding user ID is equal to or greater than the number that can be registered, the process proceeds to step S28. The used number corresponds to the number of records including the corresponding user ID. In the example of the virtual machine management table 112 in FIG. 8, the used number by the user ID “X” is “2”.

  (S25) The authentication unit 120 issues a machine ID. The method for issuing the machine ID may be any method. However, the authentication unit 120 ensures that machine IDs do not overlap in each virtual machine.

  (S26) The authentication unit 120 registers a record including the user ID extracted in step S22, the machine code received in step S21, and the machine ID issued in step S25 in the virtual machine management table 112.

  (S27) The authentication code generation unit 130 generates an authentication code and transmits it to the business server 200. The authentication code includes the machine code acquired in step S21. The authentication code includes the machine ID issued in step S25. The authentication code generation unit 130 may generate an authentication code by combining the machine code and the result obtained by performing a predetermined reversible operation on the machine ID (in this case, the business server 200 uses the reversible operation to generate a machine from the authentication code. Extract code and machine ID). The authentication code generation unit 130 may encrypt the authentication code with a predetermined key and transmit it to the business server 200. Then, the process ends.

  (S28) The authentication code generation unit 130 generates an error code and transmits it to the business server 200. The authentication code generation unit 130 may encrypt the error code with a predetermined key and transmit it to the business server 200. Then, the process ends.

  In this way, the management server 100 performs license management of software executed on the virtual machine M1. By adding an authentication code to the image file F11 of the virtual machine M1 and imposing verification of the authentication code by the virtual machine M1, it is possible to prevent the virtual machine M1 from being used illegally without properly obtaining a license. In particular, even when the virtual machine M2 is used by the image file F21 that is a copy of the image file F11 with the authentication code added, unauthorized use of the software can be prevented.

  FIG. 12 is a diagram illustrating a specific example of the authentication process when copying an image file. For example, consider a case where the virtual machine M1 is activated in a state where the authentication code “XXXNNN” is added to the image file F11. In this case, the portion of “XXX” having a predetermined length at the beginning of the authentication code is the machine code. When the user 30 starts using the virtual machine M1, the virtual machine M1 acquires the user information of the user 30, and uses the unique information of the virtual machine M1 included in the configuration file F12 and the user ID of the user 30. Machine code “XXX”. The machine code “XXX” matches the machine code “XXX” included in the image file F11. Therefore, the virtual machine M1 permits the user 30 to use the virtual machine M1 (authentication success).

  On the other hand, the user 30 or the user 30a may store the image file F21 that is a copy of the image file F11 in the auxiliary storage device of the business server 200a. Since the image file F21 is a copy of the image file F11, it includes the authentication code “XXXNNN”. Consider a case where the virtual machine M2 is activated in this state.

  For example, consider a case where the user 30 starts using the virtual machine M2. In this case, the virtual machine M2 acquires user information of the user 30, and generates a machine code “YYY” using the unique information of the virtual machine M2 included in the configuration file F22 and the user ID of the user 30. The machine code “YYY” does not match the machine code “XXX” included in the image file F21. Therefore, the virtual machine M2 disallows use of the virtual machine M2 by the user 30 (authentication failure).

  At this time, the virtual machine M2 can receive the license authentication by transmitting the machine code “YYY” to the management server 100. If the number of licenses that can be used by the user 30 remains, the virtual machine M2 receives the authentication code “YYYMMM” from the management server 100, adds it to the image file F21, and permits the user 30 to use the virtual machine M2. . The virtual machine M2 may overwrite the existing authentication code “XXXNNN” when adding a new authentication code to the image file F21.

  Next, consider a case where the user 30a starts using the virtual machine M2. In this case, the virtual machine M2 acquires the user information of the user 30a, and generates the machine code “ZZZ” using the unique information of the virtual machine M2 included in the configuration file F22 and the user ID of the user 30a. The machine code “ZZZ” does not match the machine code “XXX” included in the image file F21. Therefore, the virtual machine M2 disallows use of the virtual machine M2 by the user 30a (authentication failure).

  At this time, the virtual machine M2 can receive the license authentication by transmitting the machine code “ZZZ” to the management server 100. If there is a license number that can be used by the user 30a, the virtual machine M2 receives the authentication code “ZZZZLLL” from the management server 100, adds it to the image file F21, and permits the user 30a to use the virtual machine M2. The virtual machine M2 may overwrite the existing authentication code “XXXNNN” when adding a new authentication code to the image file F21.

  In this way, even when the virtual machine M2 is activated using the image file F21 obtained by copying the image file F11, the license authentication by the management server 100 can be imposed, and the virtual machine M2 is illegally used. I can prevent it.

  In the description of the second embodiment, the case where the software subject to license management is limited to a specific OS is exemplified, but the management server 100 can manage licenses of various software. For example, it is conceivable to manage the number of users that can be registered in association with software identification information (software ID).

  FIG. 13 is a diagram illustrating another example (part 1) of the table. FIG. 13A illustrates a user management table 111a for managing the number of users that can be registered for each software ID. The user management table 111a includes items of software ID, user ID, and the number that can be registered.

  A software ID is registered in the item of software ID. The software ID may be a software name (for example, an OS name or an application name). The contents registered in the items of the user ID and the number that can be registered are the same as the contents registered in the item of the same name in the user management table 111. According to the user management table 111a, for example, the number that can be registered can be managed for each set of OS type and user ID.

  FIG. 13B illustrates a virtual machine management table 112a for managing the usage status of the user for each software ID. The virtual machine management table 112a includes items of software ID, user ID, machine code, and machine ID.

  A software ID is registered in the item of software ID. The contents registered in the items of user ID, machine code, and machine ID are the same as the contents registered in the item of the same name in the virtual machine management table 112. According to the virtual machine management table 112a, for example, which virtual machine is used for each set of OS type and user ID can be managed.

  When performing license management according to the software ID using the user management table 111a and the virtual machine management table 112a, the management server 100 also acquires software ID information from the virtual machines M1 and M2 at the time of license authentication. In other words, when the virtual machines M1 and M2 transmit the machine code to the management server 100, the virtual machines M1 and M2 also transmit the software ID of the license management target software to the management server 100. Then, the management server 100 can acquire the registerable number corresponding to the corresponding software ID and user ID with reference to the user management table 111a. Further, the management server 100 can determine whether or not the number of software uses by the corresponding software ID and user ID is smaller than the number that can be registered with reference to the virtual machine management table 112a.

  Although FIG. 13 shows an example in which the number of registrations and the usage status are managed by distinguishing them by software ID, still other management methods are conceivable. For example, the management server 100 may manage licenses in units of image files. Specifically, the management server 100 may manage the number of users that can be registered in association with image file identification information (image file ID).

  FIG. 14 is a diagram showing another example of the table (No. 2). FIG. 14A illustrates a user management table 111b for managing the number of users that can be registered for each image file ID. The user management table 111b includes items of an image file ID, a user ID, and a registerable number.

  The image file ID is registered in the image file ID item. The image file ID is an ID assigned to the image file. The image file ID is stored in the image file F11. For this reason, the image file ID of the image file F21 obtained by copying the image file F11 is the same. The contents registered in the items of the user ID and the number that can be registered are the same as the contents registered in the item of the same name in the user management table 111. According to the user management table 111b, for example, when a use license is granted for each image file, the number of registrations can be managed for each set of image file ID and user ID of the image file.

  FIG. 14B illustrates a virtual machine management table 112b for managing the usage status of the user for each image file ID. The virtual machine management table 112b includes items of image file ID, user ID, machine code, and machine ID.

  The image file ID is registered in the image file ID item. The contents registered in the items of user ID, machine code, and machine ID are the same as the contents registered in the item of the same name in the virtual machine management table 112. The virtual machine management table 112b can manage which virtual machine is used for each set of image file ID and user ID.

  When performing license management according to the image file ID using the user management table 111b and the virtual machine management table 112b, the management server 100 also acquires information on the image file ID from the virtual machines M1 and M2 at the time of license authentication. . That is, when the virtual machines M <b> 1 and M <b> 2 transmit a machine code to the management server 100, the virtual machines M <b> 1 and M <b> 2 also transmit the image file ID of the image file of the activation source to the management server 100. Then, the management server 100 refers to the user management table 111b and can acquire the registerable number corresponding to the corresponding image file ID and user ID. Further, the management server 100 can determine whether or not the number of image files used by the corresponding image file ID and user ID is smaller than the registerable number with reference to the virtual machine management table 112b.

  For example, when an image file in which an OS, middleware, and application software are integrated is provided like a virtual appliance, a license for each image file may be provided. As illustrated in FIG. 14, by managing licenses in units of image files, appropriate license management can be performed even when licenses are provided in units of image files.

  Further, when the usage exceeding the license by the user is detected, the user may be prompted to appropriately acquire the license. At that time, it may be possible to provide a user with a charging GUI for purchasing a license so that the user can smoothly perform charging or additional use of the virtual machine by the user.

  Note that the information processing of the first embodiment can be realized by causing the computing unit 1b to execute a program. The information processing according to the second embodiment can be realized by causing the processor 101 to execute a program. The program can be recorded on a computer-readable recording medium 13.

  For example, the program can be distributed by distributing the recording medium 13 on which the program is recorded. Alternatively, the program may be stored in another computer and distributed via a network. For example, the computer stores (installs) a program recorded in the recording medium 13 or a program received from another computer in a storage device such as the RAM 102 or the HDD 103, and reads and executes the program from the storage device. Good.

DESCRIPTION OF SYMBOLS 1 License management apparatus 1a Memory | storage part 1b Operation part 2,3 Information processing apparatus 2a, 3a Virtual machine 2b, 3b Image file 2c, 3c Configuration file 4 Network C Authentication code C1, C2 Machine code T1 License information U1, U2 User X1, X2 unique information Y1, Y2 User information

Claims (10)

A license management device that communicates with an information processing device capable of executing a virtual machine,
A storage unit that stores, for each user information, the virtual machine or the number of usable software executed by the virtual machine;
When the first code generated based on the user information and the unique information of the virtual machine is received from the virtual machine, the user information is acquired from the first code, and the user information and the usable number are obtained. To determine whether to permit the use of the virtual machine or the software, based on the above, if allowed, send the second code including the first code to the virtual machine, otherwise indicate an error An arithmetic unit that transmits a third code to the virtual machine;
A license management device.   The second code is added to the image file from which the virtual machine is started by the virtual machine that has received the second code, and the virtual machine or the software is started from the image file. The license management device according to claim 1, wherein the license management device is a code used for determining whether or not the user can use the device.   The license management apparatus according to claim 1, wherein the calculation unit stores the second code in the storage unit in association with the received first code and the user information. The storage unit stores information on the number of usable pieces for each user information in association with identification information of an image file that is a starting source of the virtual machine or identification information of the software,
The computing unit receives the identification information of the image file or the software from the virtual machine when receiving the machine code, and permits the use of the virtual machine or the software based on the user information and the identification information. Determine whether or not to
The license management apparatus according to any one of claims 1 to 3.   The unique information is stored in a file different from an image file from which the virtual machine is started, and is unique for each virtual machine regardless of the difference in the image file from which the virtual machine is started. Item 5. The license management apparatus according to any one of Items 1 to 4. An information processing apparatus capable of executing a virtual machine;
The usable number of the virtual machine or software executed by the virtual machine is stored for each user information, and the first code generated based on the user information and the unique information of the virtual machine is stored from the virtual machine. When received, the user information is obtained from the first code, and based on the user information and the available number, it is determined whether to permit the use of the virtual machine or the software. A license management apparatus that transmits a second code including a code of 1 to the virtual machine, and transmits a third code indicating an error to the virtual machine if not permitted;
A license management system.   When the virtual machine receives the second code, the virtual machine adds the second code to an image file from which the virtual machine is started, and based on the second code, the virtual machine or the software is added to the user. The license management system according to claim 6, wherein it is determined whether or not to use it.   The virtual machine receives an input of the user information by the user when the user starts using the virtual machine or the software, and the first code from the second code included in the image file Whether or not to allow the user to use the virtual machine or the software according to the collation of whether or not the first code corresponds to the user information and the virtual machine specific information received this time. The license management system according to claim 7, wherein the determination is made. To a computer that communicates with an information processing device that can execute a virtual machine,
When the first code generated based on the user information and the unique information of the virtual machine is received from the virtual machine, the user information is acquired from the first code and executed by the virtual machine or the virtual machine Whether or not to permit the use of the virtual machine or the software is determined based on information indicating the number of pieces of software that can be used for each user information, and if so, a second code including the first code Is sent to the virtual machine, and if not allowed, a third code indicating an error is sent to the virtual machine.
License management program that executes processing. A computer communicating with an information processing apparatus capable of executing a virtual machine is
When the first code generated based on the user information and the unique information of the virtual machine is received from the virtual machine, the user information is acquired from the first code and executed by the virtual machine or the virtual machine Whether or not to permit the use of the virtual machine or the software is determined based on information indicating the number of pieces of software that can be used for each user information, and if so, a second code including the first code Is sent to the virtual machine, and if not allowed, a third code indicating an error is sent to the virtual machine.
License management method.

Images