WO2007076665A1 - Method, system and apparatus for managing license - Google Patents

Method, system and apparatus for managing license Download PDF

Info

Publication number
WO2007076665A1
WO2007076665A1 PCT/CN2006/002280 CN2006002280W WO2007076665A1 WO 2007076665 A1 WO2007076665 A1 WO 2007076665A1 CN 2006002280 W CN2006002280 W CN 2006002280W WO 2007076665 A1 WO2007076665 A1 WO 2007076665A1
Authority
WO
WIPO (PCT)
Prior art keywords
license
license file
file
client
original
Prior art date
Application number
PCT/CN2006/002280
Other languages
French (fr)
Chinese (zh)
Inventor
Yongzheng Xie
Zhong Lin
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007076665A1 publication Critical patent/WO2007076665A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present invention relates to the field of information product protection, and in particular to a license
  • the license protection scheme is widely used in commercial products.
  • the license protection scheme needs to bind the application of the control object to the device feature and implement digital signature based on the characteristics of the control object, using a digital signature algorithm based on the asymmetric cryptosystem, and then store the signature data in the license file and issue it to the license file.
  • Authorized user During the operation of the product, the information device needs to obtain the digital signature from the license file on the one hand, and obtain the device identification from the product on the other hand, verify the content obtained by the two aspects, and then according to the verification result and the license file.
  • the feature item in the specification specifies that the corresponding resources, services, and functions are enabled to achieve controlled operation of the product.
  • Figure 1 shows the digital signature verification model in the license protection scheme system.
  • the digital signature based on the asymmetric cryptosystem is the core of the control in the license protection scheme system.
  • the License Center digitally signs the device serial number (ESN) and feature (Feature) through the private key (private key) to obtain the license product feature information segment, and then generates a license.
  • the file is sent to the license client (license Client); the information device as the license client uses itself after obtaining the license file
  • the ESN and the Public Key are verified and decrypted to obtain the feature attributes of the device.
  • there is a lack of effective management of the license file When the license client needs to use the license file, the corresponding license file needs to be manually found and loaded into the information device.
  • the method includes the following steps:
  • the license server receives a license request from the client
  • the license server generates a new license file according to the license request
  • the license server transmits the new license file to the client.
  • the generating a new license file according to the license request is:
  • the license server finds the corresponding original license file stored locally according to the client characteristic information in the license request, and uses the original license file as a new license file or according to the original license file. Generate a new license file for all or part of the content.
  • the generating a new license file according to all or part of the original license file is:
  • the license server finds a license information segment corresponding to the client feature information from the original license file according to the client feature information in the license request, and assembles a new license according to the license information segment. Certificate document.
  • the receiving the client's license request further includes:
  • the license server analyzes the original license file, obtains and stores the client feature information and The correspondence of the original license file.
  • the generating a new license file according to the license request is:
  • the license server obtains a corresponding original license file from the corresponding relationship between the client feature information and the original license file according to the client feature information in the license request, and obtains a corresponding corresponding file from the original license file.
  • the license information segment is assembled according to the obtained license information segment to generate a new license file.
  • the receiving the client's license request further includes:
  • the license server analyzes the original license file and obtains and stores the correspondence between the client feature information and the license information segment.
  • the generating a new license file according to the license request is:
  • the license server analyzes the license request, extracts client characteristic information therefrom, and searches for a corresponding license information segment according to the extracted client feature information to search for a corresponding relationship between the stored client feature information and the license information segment. And generate a new license file according to the obtained license information segment and the client feature information.
  • the assembly generates a new license file including:
  • the product feature information segment in the license information segment is added to the new license file.
  • the generating of the new license file further includes:
  • the generating the new license file includes: copying the product feature information segment in the original license file stored locally by the license server into the product feature information segment in the new license file.
  • the client's license request includes client feature information.
  • the client feature information includes: a product name, a device identifier, and a product version.
  • Another object of the present invention is to provide a license management system that can automatically manage Licensing documents.
  • the system includes:
  • a license server connected to the client through a network, for receiving a license request from a client, generating a new license file, and transmitting the generated new license file to the client;
  • the client is further configured to receive a license file from a license server and obtain license information from the received license file.
  • the license server includes:
  • An original license file analysis module for analyzing the original license file to obtain information in the original license file
  • a client request receiving module configured to receive a license request from the client
  • a new license file generating module configured to obtain information in the original license file obtained by the original license file analysis module, and a license of the client request receiving module Request, generate a new license file
  • a license file transfer module for transmitting a new license file generated by the new license file generation module to the client.
  • the system further includes:
  • a license file relay device connected to the client and the license server through the network, for receiving a license request sent by the client, and forwarding the license request to the license server; and also for receiving the license Server new license file and forward it to the client.
  • the license file relay device is a license file relay device group in which one or more license file relay devices are connected in series.
  • the license server includes:
  • Original license file analysis module used to analyze the original license file, obtain the original license The information in the document;
  • a client request receiving module configured to receive a license request of the client
  • a new license file generating module configured to generate a new license file according to the license information segment obtained by the original license file analysis module or the original license file;
  • a license file transfer module that transmits a new license file generated by the new license file generation module to the client.
  • the original license file analysis module includes:
  • An original license file storage unit for storing the original license file
  • the original license file analysis unit is configured to analyze the original license file stored in the original license file storage unit, and obtain a correspondence between the license information segment or the original license file and the client feature information.
  • the original license file analysis module further includes an analysis result storage unit configured to store the correspondence relationship obtained by the original license file analysis unit.
  • the new license file generation module includes:
  • a client characteristic information analyzing unit configured to obtain, from a client request, a client feature letter new license file synthesizing unit, configured to obtain, according to the client feature information obtained by the client feature information analyzing unit, the original license
  • the file analysis module obtains the corresponding license information segment or the original license file, and generates a new license file according to the obtained license information segment or the original license file.
  • the new license file generation module further includes a digital signature unit for generating a digital signature of the new license file.
  • the license server further includes:
  • An original license file acquisition module for obtaining an original license file from an external device.
  • the beneficial effects of the present invention are as follows:
  • the invention centrally manages a large number of license files in the license server, automatically distributes the license files according to the request of the client, does not need to know the license file name when the client requests, realizes automatic management of the license file, avoids human error, greatly Reduced maintenance costs.
  • the license file is transmitted between the license server and the client.
  • the license file itself has a high security, which greatly reduces the possibility of leaks in network transmission.
  • the new license file generated by the assembly can filter the original license file, extract only the information segments related to the requested client, and form a new license file, thereby reducing redundancy of network transmission. Data improves network transmission efficiency and client resolution efficiency.
  • related information can also be forwarded through a simple license file relay device, which increases the flexibility of client deployment.
  • FIG. 1 is a digital signature verification model in a prior art license protection scheme system
  • FIG. 2 is an example of an original license file in an embodiment of the present invention
  • FIG. 4 is a block diagram of a license management system according to an embodiment of the present invention.
  • FIG. 5 is a flowchart of license management according to an embodiment of the present invention.
  • Figure 6 is a block diagram of a first embodiment of a license server in the license management system shown in Figure 4;
  • FIG 7 is a block diagram showing a second embodiment of the license server in the license management system shown in Figure 4;
  • FIG. 8 is a block diagram showing an embodiment of an original license file analysis module in the license server shown in FIG. 6 or FIG. 7;
  • Figure 9 is a diagram of the new license file generation module in the license server shown in Figure 6 or Figure 7.
  • the core idea of the solution of the present invention is to centrally manage and decentralize the license files.
  • the license server (License Server) centrally manages and stores the original license files of the plurality of client devices; the client device sends a request for the license file to the license server, and the license server is configured according to the client device The request and the stored corresponding original license file generate a new license file and send to the client device.
  • Fig. 2 is a diagram showing an example of an original license file in the embodiment of the present invention.
  • the original license file may be in the form of text and may include a public information segment and at least one product feature information segment, wherein the public information segment is not required.
  • the public information section may include, but is not limited to, copyright notice information, full-text digital signatures, and the like, and is used to protect the entire file from being modified.
  • the product feature information segment may include, but is not limited to, plaintext data such as product name, product version, device identification, product characteristics, product feature attributes, and corresponding digital signatures.
  • the product name, product version, and device identification are used to determine which device the information segment belongs to; where the product version is not required, for example, if the product does not have multiple versions or the product feature information segment can be used for multiple versions, the product feature information segment There is no product version in it.
  • the product feature attribute describes the properties that the device is licensed to, such as the ability to perform certain functions, the maximum number of users, and so on.
  • the original license file may contain multiple pieces of feature information of one device, or may contain pieces of feature information of multiple devices.
  • FIG. 3 is a schematic diagram of a new license file in the embodiment of the present invention.
  • the new license file generated by the license server is basically the same as the original license file format, and the client does not have to understand the obtained license file.
  • the license file is a license server Reassemble the new license file generated by the build.
  • the license server can directly send the stored original license file to the client device.
  • the following processing manner can be adopted:
  • the license server reassembles according to the request of the client device to generate a new license file, which only contains the product feature information segment required by the client, and removes information unrelated to the client to improve network transmission.
  • the product feature information segment of the new license file may be a corresponding product feature information segment copied from the original license file, so that the license server does not need to encrypt and decrypt the product feature information segment, and the implementation is simple, and the security requirement is also very low.
  • the full-text digital signature of the original license file can no longer be used, the full-text digital signature can be removed, and the entire public information segment can be removed.
  • the preferred method is the license server. Generate a full-text digital signature of the new license file.
  • the license management system in the embodiment of the present invention includes a license server 100 and a client 200.
  • the system may further include one or more license file relay devices 300, and the client 200 may be connected to the license file relay device 300 through the network, and the license file relay device 300 Further connected to the license server 100, the client 200 obtains the license file from the license server 100 by forwarding the license file relay device.
  • the license file relay device can directly forward the data between the client and the license server.
  • the license file relay device is similar to a message forwarder; it can also be after receiving the client request or before the client request
  • the entire license file is forwarded to the client, and the license file relay device is similar.
  • the license file relay device in the system can also be connected in series one level, and the client obtains the license file through multiple forwarding.
  • the network described above refers to all media that can be communicated between two devices, including but not limited to Ethernet, Wireless Local Area Network (WLAN), Asynchronous Transfer Mode (ATM) networks, Time Division Multiplexing (TDM) networks, and the like.
  • WLAN Wireless Local Area Network
  • ATM Asynchronous Transfer Mode
  • TDM Time Division Multiplexing
  • TCP Transmission Control Protocol
  • UDP User Data Protocol
  • FTP File Transfer Protocol
  • TFTP Transmission Protocol
  • a license file relay device An application example of a license file relay device is given below. For example, if a device is connected to a network management server that manages the device through an RS-232 serial port, and the network management server can be connected to the license server through the Internet, the network management server can be relayed as a “license file”. The device forwards the license request sent by the client through the serial port to the license server through the Internet, and forwards the license file transmitted by the license server to the device through the serial port.
  • Step 510 The license server receives a license request of the client.
  • the license request received by the license server may be sent directly by the client, or may be forwarded by the license file relay device, and the license server considers the request sent by the client.
  • the license request contains the client's feature information, such as the client's product name "XX switch”, product version "1.0", and device ID "0050BA20CDD5".
  • licensel.txt includes the following.
  • the two product names are the product feature information sections of the product name "XX switch", the product version "1.0", and the device identifier "0050BA20CDD5";
  • the three product names are the product feature information sections of the product name "XX switch”, product version "1,0", and device identifier "1040BA20CDD5";
  • Product feature information section for 4 product names "XX Router”, product version "2.0”, device ID "0050BA20CDD5". Find the correspondence between the client feature information and the original license file, and store the corresponding relationship; for example, record the license server with the product name "XX switch”, product version "1.0", device identifier "0050BA20CDD5" The product feature information section exists in the file c: ⁇ license ⁇ licensel.txt.
  • the license server can analyze all license files in the specified directory c: ⁇ license at startup, or it can be manually initiated to analyze some or all of the original license files.
  • the original license file can be stored directly on the license server, or it can be obtained from the outside world and placed on the license server in various ways, such as copying it to the license server through a storage medium, or transferring it to the license through the network. In the server, and so on.
  • the information segment corresponding to the information (which may include product feature information segments, may also include public information segments, etc.) is extracted and stored, such as stored in a database or in a specific file. After the analysis is completed, the original license file may not be retained. .
  • the product name "XX switch”, product version "1.0", device ID "0050BA20CDD5" and its corresponding product feature information segments in the license server are stored in the database.
  • Step 520 The license server generates a new license file according to the request.
  • the license server analyzes the client's request, obtains the client feature information, and generates a new license file that meets the client's requirements according to the client feature information.
  • the easiest way to do this is for the license server to directly locate the original license file containing the client's feature information and use it directly as a new license file, or copy the original license file to get a new license file, instead of the original license.
  • the files are filtered, which also achieves the purpose of automatic centralized management.
  • the preferred implementation method is that the license server only composes the corresponding license information requested by the client into a new license file, and the implementation method is further described below.
  • the license server When assembling a new license file, the license server needs to obtain the license information segment corresponding to the client feature information, which is divided into the following three cases:
  • Case 1 If the license server has not analyzed the original license file before, the license server needs to search each original license file, find the original license file containing the client feature information, and obtain the corresponding client profile information. License information section. If the product feature information section of the product name "xx switch”, the product version "1.0", and the device identifier "0050BA20CDD5" is found in the original license file c: ⁇ license ⁇ licensel.txt, the license server is again from the file. Obtain the corresponding license information segment, that is, the public information segment and the two product names in the file are the product feature information segments of the product name "xx switch", the product version "1.0", and the device identifier "0050BA20CDD5"'.
  • Case 2 The license server has previously analyzed and obtained the correspondence between the client feature information and the original license file, and then obtains the corresponding original license file from the corresponding relationship according to the client feature information, and obtains the client from the client.
  • the license information segment corresponding to the feature information. If the license server has recorded the product name "xx switch”, the product version "1.0", the device ID "0050BA20CDD5", and the corresponding original license file is c: ⁇ license ⁇ licensel.txt, the license server can directly find the original.
  • the license file c: ⁇ license ⁇ licensel.txt, and the corresponding license information segment is obtained from it, that is, the public information segment and the two product names in the file are the product name "xx switch", the product version "1.0", the device Identify the product feature information section of "0050BA20CDD5".
  • Case 3 The license server has previously analyzed the original license file, and recorded the client feature information and its corresponding license information segment, then directly obtains the corresponding license information segment according to the client feature information, and does not need to search again. The original license file is gone.
  • the license server can directly copy the product feature information segment into the new license file.
  • the product feature information sections of the product name "XX switch", the product version "1.0", and the device identifier "0050BA20CDD5" are directly copied to the new license file, and the new license file contains the product feature attributes.
  • the client can control the relevant properties accordingly.
  • the license server can also copy the public information segment to the new license file to provide more information. If the new license file is not identical to the original license file, the full-text digital signature can no longer be used. It cannot be copied to a new license file; in this case, the license server can also generate a new full-text digital signature for the new license file and place it in a new license file for more complete protection.
  • Step 530 the license server transmits the new license file to the client.
  • the license server transmits the new license file to the client through the network, where the client can be either the final client or the license file relay device; the license file relay device then re-applies the new license file Forwarded to the final client, or forwarded to the next level of license file relay, the license server does not need to care about what is directly connected to it.
  • the protocol to be transmitted can be via TCP, UDP, FTP, TFTP ⁇ , or a custom protocol. Encryption can also be performed during the transfer. These are all techniques well known to those skilled in the art and will not be described again.
  • the client After the client obtains the license file, it can be verified and decrypted, which can be used to control its own functional attributes.
  • the license server 100 includes an original license file analysis module 110, a client request receiving module 120, a new license file generating module 130, and a license file transmitting module 140.
  • the original license file analysis module 110 is configured to analyze the stored original license file to obtain a correspondence between the client feature information and the license information segment or the original license file;
  • the client request receiving module 120 is configured to receive the client request, and send the received client request to the original license file analysis module 110 and the new license file generating module 130;
  • the new license file generation module 130 generates a new license file based on the client request from the client request receiving module 120 and the license information segment or the original license file from the original license file analysis module 110;
  • the license file transfer module 140 is for transmitting the generated new license file to the client.
  • Figure 7 shows a second embodiment of the license server of the present invention.
  • the license server 100 further adds an original license file obtaining module 150 for acquiring the original license file from the external device to the license server.
  • the original license file is copied from the external storage medium (floppy disk, CD, etc.) to the license server, or the original license file is transferred to the license server via the network.
  • FIG. 8 is a block diagram showing the internal structure of the original license file analysis module 110 in FIG. 6 or 7.
  • the original license file analysis module 110 includes an original license file analysis unit 111, an original license file storage unit 112, and an analysis result storage unit 113.
  • the original Xu The certificate file analysis unit 111 is configured to analyze the original license file stored in the original license file storage unit 112 to obtain an analysis result; the original license file storage unit 112 is configured to store the original license file; the analysis result storage unit 112 It is used to store the analysis result obtained by the original license file analyzing unit 111.
  • the analysis result is a correspondence between the license information segment or the original license file and the client feature information.
  • the original license file analysis module 110 may also include only the original license file analysis unit 111 and the original license file storage unit 112, and the analysis result of the original license file analysis unit 111 is directly sent to the new license file generation module 130.
  • FIG. 9 is a structural block diagram of a new license file generating module 130 in the license server shown in FIG. 6 or FIG. 7.
  • the new license file generating module 130 includes a client feature information analyzing unit 131, a new license file synthesizing unit 132, and a digital signature unit 133.
  • the client feature information analyzing unit 131 is configured to obtain a client from a client request.
  • Feature information, the new license file synthesizing unit 132 is configured to obtain a corresponding license information segment or an original license file from the original license file analysis module 110 according to the client feature information, and obtain the digital license unit 133.
  • the full-text digital signature of the new license file, synthesizing a new license file; the digital signature unit 133 is used to generate a full-text digital signature of the new license file.
  • the new license file generating module 130 is to include only the client feature information analyzing unit 131 and the new license file synthesizing unit 132.
  • the new license file synthesizing unit 132 may not filter the original license file, directly use the original license file corresponding to the 4 bar as a new license file, or directly copy the original license file as a new license file;
  • the unit 132 may also not perform full-text digital signature on the new license file; the new license file synthesizing unit 132 may not put the public information segment into the new license file, and the new license file only includes the product feature information segment.
  • the present invention can centrally manage a large number of license files in the license server, and automatically distribute the license files according to the request of the client, the client
  • the license file name does not need to be known
  • the automatic management of the license file is realized, the human error is avoided, and the maintenance cost is greatly reduced.
  • the license file is transmitted between the license server and the client.
  • the license file itself has high security and greatly reduces the possibility of leaks in network transmission.
  • the original license file can be filtered, only the information segments related to the requested client are extracted and formed into a new license file, thereby reducing redundant data transmitted by the network and improving the data. effectiveness.
  • related information can also be forwarded through a simple license file relay device, which increases the flexibility of client deployment.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

Α method for managing a license includes the following steps: a license server receives a request for the license from a client (510); the license server generates a new license file according to said request (520); the license server transmits the new license file to the client (530). And there are also a system for managing the license and a license server. A mount of the licenses are managed automatically by implementing the invention, and there are many advantages such as the good security, high efficiency and so on, and generally it will not be fail.

Description

一种许可证管理方法、 系统及装置  License management method, system and device
技术领域 Technical field
本发明涉及信息产品保护领域, 具体地说, 特别涉及一种许可证 The present invention relates to the field of information product protection, and in particular to a license
( License )管理方法、 装置及系统。 发明背景 (License) management method, device and system. Background of the invention
为保护信息设备的知识产权, 控制其应用范围, 确保产品所有者的 合法收益, 当前的信息产品采用了形式各样的保护技术来维护开发者的 正当权益, 其中包括序列号保护、 密码表保护、 光盘物理保护、 时间限 制保护、 NAG窗口保护、 密钥文件保护、 代码加壳保护、 许可证保护、 软件狗加密保护等多种方案。  In order to protect the intellectual property rights of information equipment, control its application scope, and ensure the legal benefits of product owners, current information products use various forms of protection technology to protect the legitimate rights and interests of developers, including serial number protection and password table protection. , CD physical protection, time limit protection, NAG window protection, key file protection, code pack protection, license protection, software dog encryption protection and many other programs.
其中, 许可证保护方案在商用产品中得到广泛使用。 许可证保护方 案需要根据控制对象特征, 利用基于非对称密码体制的数字签名算法, 将控制对象的应用与设备特征进行绑定并实施数字签名, 然后将签名数 据存放在许可证文件中并发布给授权用户; 在产品运行过程中, 信息设 备需要从一方面许可证文件中获取数字签名, 另一方面从产品中获取设 备标识, 对两方面获取的内容进行验证, 然后根据验证结果和许可证文 件中的特征项规定启用相应的资源、业务和功能, 实现产品的受控运行。  Among them, the license protection scheme is widely used in commercial products. The license protection scheme needs to bind the application of the control object to the device feature and implement digital signature based on the characteristics of the control object, using a digital signature algorithm based on the asymmetric cryptosystem, and then store the signature data in the license file and issue it to the license file. Authorized user; During the operation of the product, the information device needs to obtain the digital signature from the license file on the one hand, and obtain the device identification from the product on the other hand, verify the content obtained by the two aspects, and then according to the verification result and the license file. The feature item in the specification specifies that the corresponding resources, services, and functions are enabled to achieve controlled operation of the product.
图 1所示为许可证保护方案体系中的数字签名验证模型, 其中, 基 于非对称密码体制的数字签名是许可证保护方案体系中实现控制的核 心。许可证中心 ( License Center )将设备序歹 l]号 (Equipment Serial Number, ESN)和特征项 (Feature)通过私钥 ( Private Key )进行数字签名, 得到许 可证产品特征信息段,进而生成许可证文件并发送至许可证客户端 (许可 证 Client); 作为许可证客户端的信息设备在得到许可证文件后, 用自己 的 ESN和公钥 (Public Key)进行验证解密, 得到本设备的特征项属性。 在现有技术中, 缺乏对许可证文件有效的管理方式, 在许可证客户 端需要使用许可证文件时, 需要由人工找到对应的许可证文件并加载到 信息设备中。 所以, 在有大量信息设备时, 相应的许可证文件可能会非 常多, 从而造成维护许可证文件与信息设备的对应关系非常困难, 极大 增加了维护人员工作量, 且人工引入操作错误的可能性也很大。 发明内容 Figure 1 shows the digital signature verification model in the license protection scheme system. The digital signature based on the asymmetric cryptosystem is the core of the control in the license protection scheme system. The License Center digitally signs the device serial number (ESN) and feature (Feature) through the private key (private key) to obtain the license product feature information segment, and then generates a license. The file is sent to the license client (license Client); the information device as the license client uses itself after obtaining the license file The ESN and the Public Key are verified and decrypted to obtain the feature attributes of the device. In the prior art, there is a lack of effective management of the license file. When the license client needs to use the license file, the corresponding license file needs to be manually found and loaded into the information device. Therefore, when there are a large number of information devices, the corresponding license files may be very large, which makes the correspondence between the maintenance license files and the information devices very difficult, greatly increases the workload of the maintenance personnel, and artificially introduces the possibility of operation errors. Sex is also very big. Summary of the invention
本发明的目的在于, 提出一种许可证管理的方法, 可以自动地管理 许可证文件。 该方法包括以下步骤:  It is an object of the present invention to provide a method of license management that automatically manages license files. The method includes the following steps:
许可证服务器接收客户端的许可证请求;  The license server receives a license request from the client;
许可证服务器根据所述许可证请求生成新许可证文件;  The license server generates a new license file according to the license request;
许可证服务器将所述新许可证文件传送给客户端。  The license server transmits the new license file to the client.
所述根据所述许可证请求生成新许可证文件为:  The generating a new license file according to the license request is:
许可证服务器根据所述许可证请求中的客户端特征信息, 找到本地 所存储的对应的原始许可证文件, 并将所述原始许可证文件作为新许可 证文件或根据所述原始许可证文件中的全部或部分内容生成新许可证 文件。  The license server finds the corresponding original license file stored locally according to the client characteristic information in the license request, and uses the original license file as a new license file or according to the original license file. Generate a new license file for all or part of the content.
所述根据所述原始许可证文件中的全部或部分内容生成新许可证文 件为:  The generating a new license file according to all or part of the original license file is:
许可证服务器根据所述许可证请求中的客户端特征信息, 从原始许 可证文件中找出与所述客户端特征信息对应的许可证信息段, 并根据所 述许可证信息段组装生成新许可证文件。  The license server finds a license information segment corresponding to the client feature information from the original license file according to the client feature information in the license request, and assembles a new license according to the license information segment. Certificate document.
所述接收客户端的许可证请求之前还包括:  The receiving the client's license request further includes:
许可证服务器分析原始许可证文件, 得到并存储客户端特征信息与 原始许可证文件的对应关系。 The license server analyzes the original license file, obtains and stores the client feature information and The correspondence of the original license file.
所述根据所述许可证请求生成新许可证文件为:  The generating a new license file according to the license request is:
许可证服务器根据所述许可证请求中的客户端特征信息, 从客户端 特征信息与原始许可证文件的对应关系中得到对应的原始许可证文件, 并从所述原始许可证文件中获得对应的许可证信息段, 根据所获取的许 可证信息段组装生成新许可证文件。  The license server obtains a corresponding original license file from the corresponding relationship between the client feature information and the original license file according to the client feature information in the license request, and obtains a corresponding corresponding file from the original license file. The license information segment is assembled according to the obtained license information segment to generate a new license file.
所述接收客户端的许可证请求之前还包括:  The receiving the client's license request further includes:
许可证服务器分析原始许可证文件, 得到并存储客户端特征信息与 许可证信息段的对应关系。  The license server analyzes the original license file and obtains and stores the correspondence between the client feature information and the license information segment.
所述根据所述许可证请求生成新许可证文件为:  The generating a new license file according to the license request is:
许可证服务器分析所述许可证请求, 从中提取出客户端特征信息, 根据所提取的客户端特征信息查找已存储的客户端特征信息与许可证 信息段的对应关系得到对应的许可证信息段, 并根据所得许可证信息段 以及客户端特征信息组装生成新许可证文件。  The license server analyzes the license request, extracts client characteristic information therefrom, and searches for a corresponding license information segment according to the extracted client feature information to search for a corresponding relationship between the stored client feature information and the license information segment. And generate a new license file according to the obtained license information segment and the client feature information.
所述组装生成新许可证文件包括:  The assembly generates a new license file including:
将所述许可证信息段中的产品特征信息段添加到新许可证文件中。 所述生成新许可证文件之前进一步包括:  The product feature information segment in the license information segment is added to the new license file. The generating of the new license file further includes:
将所述许可证信息段的公共信息段中除全文数字签名外的内容作为 新许可证的公共信息段添加新许可证文件中, 并生成新许可证文件的公 共信息段的全文数字签名添加到新许可证文件中。  Adding a content other than the full-text digital signature in the public information section of the license information section as a public information section of the new license, and adding a full-text digital signature of the public information section of the new license file to In the new license file.
所述生成新许可证文件包括: 将许可证服务器本地存储的原始许可 证文件中的产品特征信息段拷贝为新许可证文件中的产品特征信息段。  The generating the new license file includes: copying the product feature information segment in the original license file stored locally by the license server into the product feature information segment in the new license file.
所述客户端的许可证请求中包含有客户端特征信息。  The client's license request includes client feature information.
所述客户端特征信息包括: 产品名称、 设备标识和产品版本。  The client feature information includes: a product name, a device identifier, and a product version.
本发明的另一目的在于, 提出一种许可证管理系统, 可以自动地管 理许可证文件。 该系统包括: Another object of the present invention is to provide a license management system that can automatically manage Licensing documents. The system includes:
客户端, 用于发送许可证请求;  Client, used to send a license request;
许可证服务器, 通过网络与所述客户端相连接, 用于接收客户端的 许可证请求, 生成新许可证文件, 并将所生成的新许可证文件传送给客 户端;  a license server, connected to the client through a network, for receiving a license request from a client, generating a new license file, and transmitting the generated new license file to the client;
所述客户端还用于接收来自许可证服务器的许可证文件, 并从所接 收的许可证文件中获取许可证信息。  The client is further configured to receive a license file from a license server and obtain license information from the received license file.
所述许可证服务器包括:  The license server includes:
原始许可证文件分析模块, 用于分析原始许可证文件, 获得原始许 可证文件中的信息;  An original license file analysis module for analyzing the original license file to obtain information in the original license file;
客户端请求接收模块, 用于接收来自客户端的许可证请求; 新许可证文件生成模块, 用于根据原始许可证文件分析模块获得的 原始许可证文件中的信息以及客户端请求接收模块的许可证请求, 生成 新许可证文件;  a client request receiving module, configured to receive a license request from the client; a new license file generating module, configured to obtain information in the original license file obtained by the original license file analysis module, and a license of the client request receiving module Request, generate a new license file;
许可证文件传送模块, 用于将新许可证文件生成模块生成的新许可 证文件传送给客户端。  A license file transfer module for transmitting a new license file generated by the new license file generation module to the client.
该系统进一步包括:  The system further includes:
许可证文件中继装置,通过网络分别与客户端和许可证服务器相连, 用于接收客户端发来的许可证请求, 并将所述许可证请求转发给许可证 服务器;还用于接收许可证服务器新许可证文件,并将其转发给客户端。  a license file relay device connected to the client and the license server through the network, for receiving a license request sent by the client, and forwarding the license request to the license server; and also for receiving the license Server new license file and forward it to the client.
所述许可证文件中继装置为一个以上的许可证文件中继装置串联形 成的许可证文件中继装置组。  The license file relay device is a license file relay device group in which one or more license file relay devices are connected in series.
本发明的目的还在于, 提出一种许可证服务器, 可以自动地管理许 可证文件。 所述许可证服务器包括:  It is also an object of the present invention to provide a license server that can automatically manage license files. The license server includes:
原始许可证文件分析模块, 用于分析原始许可证文件, 获得原始许 可证文件中的信息; Original license file analysis module, used to analyze the original license file, obtain the original license The information in the document;
客户端请求接收模块, 用于接收客户端的许可证请求;  a client request receiving module, configured to receive a license request of the client;
新许可证文件生成模块, 用于根据原始许可证文件分析模块获得的 许可证信息段或原始许可证文件, 生成新许可证文件;  a new license file generating module, configured to generate a new license file according to the license information segment obtained by the original license file analysis module or the original license file;
许可证文件传送模块, 该模块将新许可证文件生成模块生成的新许 可证文件传送给客户端。  A license file transfer module that transmits a new license file generated by the new license file generation module to the client.
所述原始许可证文件分析模块包括:  The original license file analysis module includes:
原始许可证文件存储单元, 用于存储原始许可证文件;  An original license file storage unit for storing the original license file;
原始许可证文件分析单元, 用于分析原始许可证文件存储单元中存 储的原始许可证文件, 得到许可证信息段或原始许可证文件与客户端特 征信息的对应关系。  The original license file analysis unit is configured to analyze the original license file stored in the original license file storage unit, and obtain a correspondence between the license information segment or the original license file and the client feature information.
所述原始许可证文件分析模块进一步包括分析结果存储单元, 用于 存储原始许可证文件分析单元所得到所述对应关系。  The original license file analysis module further includes an analysis result storage unit configured to store the correspondence relationship obtained by the original license file analysis unit.
所述新许可证文件生成模块包括:  The new license file generation module includes:
客户端特征信息分析单元, 用于从客户端请求中得到客户端特征信 新许可证文件合成单元, 用于根据所述客户端特征信息分析单元得 到的客户端特征信息, 从所述原始许可证文件分析模块得到对应的许可 证信息段或原始许可证文件, 并根据所得到的许可证信息段或原始许可 证文件生成新许可证文件。  a client characteristic information analyzing unit, configured to obtain, from a client request, a client feature letter new license file synthesizing unit, configured to obtain, according to the client feature information obtained by the client feature information analyzing unit, the original license The file analysis module obtains the corresponding license information segment or the original license file, and generates a new license file according to the obtained license information segment or the original license file.
所述新许可证文件生成模块进一步包括数字签名单元, 用于生成所 述新许可证文件的数字签名。  The new license file generation module further includes a digital signature unit for generating a digital signature of the new license file.
所述许可证服务器进一步包括:  The license server further includes:
原始许可证文件获取模块, 用于从外界设备获取原始许可证文件。 本发明有益效果如下: 本发明在许可证服务器集中管理大量许可证文件, 根据客户端的请 求自动分发许可证文件, 客户端请求时不需要知道许可证文件名, 实现 了许可证文件的自动管理, 避免人为操作错误, 大大减少了维护成本。 许可证服务器与客户端之间传送的是许可证文件, 许可证文件本身具有 4艮高的安全性, 大大降低了网络传输中的泄密可能性。 An original license file acquisition module for obtaining an original license file from an external device. The beneficial effects of the present invention are as follows: The invention centrally manages a large number of license files in the license server, automatically distributes the license files according to the request of the client, does not need to know the license file name when the client requests, realizes automatic management of the license file, avoids human error, greatly Reduced maintenance costs. The license file is transmitted between the license server and the client. The license file itself has a high security, which greatly reduces the possibility of leaks in network transmission.
在本发明的优选方案中, 组装生成的新许可证文件可以对原始许可 证文件进行过滤, 只提取与请求的客户端相关的信息段, 組成新的许可 证文件, 减少了网络传输的冗余数据, 提高了网络传输效率和客户端的 解析效率。  In a preferred solution of the present invention, the new license file generated by the assembly can filter the original license file, extract only the information segments related to the requested client, and form a new license file, thereby reducing redundancy of network transmission. Data improves network transmission efficiency and client resolution efficiency.
在本发明的优选方案中, 还可以通过简单的许可证文件中继装置转 发相关信息, 提高了客户端部署的灵活性。 附图简要说明  In a preferred embodiment of the present invention, related information can also be forwarded through a simple license file relay device, which increases the flexibility of client deployment. BRIEF DESCRIPTION OF THE DRAWINGS
图 1为现有技术中许可证保护方案体系中的数字签名验证模型; 图 2为本发明实施例中原始许可证文件的样例;  1 is a digital signature verification model in a prior art license protection scheme system; FIG. 2 is an example of an original license file in an embodiment of the present invention;
图 3为本发明实施例中新许可证文件的样例;  3 is an example of a new license file in an embodiment of the present invention;
图 4为本发明实施例的许可证管理系统的框图;  4 is a block diagram of a license management system according to an embodiment of the present invention;
图 5为本发明实施例的许可证管理流程图;  FIG. 5 is a flowchart of license management according to an embodiment of the present invention; FIG.
图 6 为图 4所示许可证管理系统中许可证服务器的第一实施例框 图;  Figure 6 is a block diagram of a first embodiment of a license server in the license management system shown in Figure 4;
图 7 为图 4所示许可证管理系统中许可证服务器的第二实施例框 图;  Figure 7 is a block diagram showing a second embodiment of the license server in the license management system shown in Figure 4;
图 8为图 6或图 7所示许可证服务器中原始许可证文件分析模块的 实施例框图;  8 is a block diagram showing an embodiment of an original license file analysis module in the license server shown in FIG. 6 or FIG. 7;
图 9为图 6或图 7所示许可证服务器中新许可证文件生成模块的实 施例框图。 实施本发明的方式 Figure 9 is a diagram of the new license file generation module in the license server shown in Figure 6 or Figure 7. Example block diagram. Mode for carrying out the invention
本发明方案的核心思想是对许可证文件进行集中管理、 分散控制。 具体地说, 由许可证服务器(License Server ) 集中管理并存储多个客户 端设备的原始许可证文件; 客户端设备向许可证服务器发送申请许可证 文件的请求, 许可证服务器根据客户端设备的请求以及所存储的对应原 始许可证文件生成新许可证文件并发送至所述客户端设备。  The core idea of the solution of the present invention is to centrally manage and decentralize the license files. Specifically, the license server (License Server) centrally manages and stores the original license files of the plurality of client devices; the client device sends a request for the license file to the license server, and the license server is configured according to the client device The request and the stored corresponding original license file generate a new license file and send to the client device.
为使本发明的目的、 技术方案和优点更加清楚, 下面结合附图对本 发明作进一步的详细阐述。  In order to make the objects, technical solutions and advantages of the present invention more comprehensible, the present invention will be further described in detail with reference to the accompanying drawings.
图 2所示是本发明实施例中原始许可证文件的样例。 原始许可证文 件可以是文本形式, 可以包括公共信息段和至少一个产品特征信息段, 其中公共信息段是非必须的。  Fig. 2 is a diagram showing an example of an original license file in the embodiment of the present invention. The original license file may be in the form of text and may include a public information segment and at least one product feature information segment, wherein the public information segment is not required.
公共信息段中可以包含但不限于版权声明信息、 全文数字签名等内 容, 用于对整个文件进行保护, 防止被修改。 产品特征信息段可以包含 但不限于产品名称、 产品版本、 设备标识、 产品特征、 产品特征属性等 明文数据及相应的数字签名。 产品名称、 产品版本以及设备标识用于确 定该信息段属于哪个设备所有; 其中产品版本是非必需的, 例如, 若产 品没有多个版本或产品特征信息段可用于多个版本, 则产品特征信息段 中可没有产品版本。 产品特征属性说明该设备被许可的属性, 如可以执 行某些功能, 可接纳最大用户数量等等。 原始许可证文件中可以包含一 个设备的多个特征信息段, 也可以包含多个设备的特征信息段。  The public information section may include, but is not limited to, copyright notice information, full-text digital signatures, and the like, and is used to protect the entire file from being modified. The product feature information segment may include, but is not limited to, plaintext data such as product name, product version, device identification, product characteristics, product feature attributes, and corresponding digital signatures. The product name, product version, and device identification are used to determine which device the information segment belongs to; where the product version is not required, for example, if the product does not have multiple versions or the product feature information segment can be used for multiple versions, the product feature information segment There is no product version in it. The product feature attribute describes the properties that the device is licensed to, such as the ability to perform certain functions, the maximum number of users, and so on. The original license file may contain multiple pieces of feature information of one device, or may contain pieces of feature information of multiple devices.
图 3所示是本发明实施例中新许可证文件的样例 ,本发明实施例中, 许可证服务器生成的新许可证文件与原始许可证文件格式上基本相同, 客户端可以不必理解获得的许可证文件是否为经过了许可证服务器的 重新组装生成而生成的新许可证文件。 换句话说, 许可证服务器可以直 接把所存储的原始许可证文件发送至客户端设备。 较佳地, 可以采用如 下处理方式: FIG. 3 is a schematic diagram of a new license file in the embodiment of the present invention. In the embodiment of the present invention, the new license file generated by the license server is basically the same as the original license file format, and the client does not have to understand the obtained license file. Whether the license file is a license server Reassemble the new license file generated by the build. In other words, the license server can directly send the stored original license file to the client device. Preferably, the following processing manner can be adopted:
许可证服务器根据客户端设备的请求重新组装生成新的许可证文 件, 该许可证文件中只包含有该客户端所需的产品特征信息段, 去掉与 该客户端无关的信息, 以提高网络传送效率和客户端解析效率。 所述新 许可证文件的产品特征信息段可以是拷贝自原始许可证文件的相应产 品特征信息段, 这样, 许可证服务器不需要对产品特征信息段进行加解 密, 实现简单, 安全性要求也很低。 当新许可证文件与原始许可证不相 同时, 不能再使用原始许可证文件的全文数字签名, 可以去掉该全文数 字签名, 甚至去掉整个公共信息段, 当然, 较优的方式是, 许可证服务 器生成新许可证文件的全文数字签名。  The license server reassembles according to the request of the client device to generate a new license file, which only contains the product feature information segment required by the client, and removes information unrelated to the client to improve network transmission. Efficiency and client resolution efficiency. The product feature information segment of the new license file may be a corresponding product feature information segment copied from the original license file, so that the license server does not need to encrypt and decrypt the product feature information segment, and the implementation is simple, and the security requirement is also very low. When the new license file is different from the original license, the full-text digital signature of the original license file can no longer be used, the full-text digital signature can be removed, and the entire public information segment can be removed. Of course, the preferred method is the license server. Generate a full-text digital signature of the new license file.
下面结合图 4说明本发明实施例中许可证管理系统的组成与基本工 作过程。 本发明实施例中许可证管理系统包含许可证服务器 100, 客户 端 200。 许可证服务器可以多于一个, 以实现分布式处理或备份; 客户 端也可以多于一个, 但一个客户端至少与一个许可证服务器通过网络相 连。 为提高客户端部署的灵活性, 本系统中还可以包含一个或多个许可 证文件中继装置 300, 客户端 200可以通过网络与许可证文件中继装置 300相连, 许可证文件中继装置 300再与许可证服务器 100相连, 通过 许可证文件中继装置的转发,实现客户端 200获得来自许可证服务器 100 的许可证文件。  The composition and basic working process of the license management system in the embodiment of the present invention will be described below with reference to FIG. The license management system in the embodiment of the present invention includes a license server 100 and a client 200. There can be more than one license server for distributed processing or backup; there can be more than one client, but one client is connected to at least one license server over the network. In order to improve the flexibility of the client deployment, the system may further include one or more license file relay devices 300, and the client 200 may be connected to the license file relay device 300 through the network, and the license file relay device 300 Further connected to the license server 100, the client 200 obtains the license file from the license server 100 by forwarding the license file relay device.
许可证文件中继装置可以直接转发客户端和许可证服务器之间的数 据, 此时许可证文件中继装置类似于一个消息转发器; 也可以是接收到 客户端请求后或在客户端请求前, 从许可证服务器获得整个许可证文件 后, 再将整个许可证文件转发给客户端, 此时许可证文件中继装置类似 于一个简化的客户端和简化的许可证服务器的结合体。 本系统中的许可 证文件中继装置还可以一级一级串联起来, 通过多次转发, 使客户端获 得许可证文件。 上面所述的网络是指两个设备之间可以通信的所有媒 介, 包括但不限于以太网、无线局域网(WLAN )、异步传输模式(ATM ) 网络、 时分复用 (TDM ) 网络等。 客户端、 许可证服务器、 许可证文件 中继装置之间的通信协议也没有限制, 包括但不限于传输控制协议 ( TCP )、 用户数据协议(UDP )、 文件传输协议(FTP )、 筒单文件传输 协议(TFTP ) 以及各种自定义协议等。 The license file relay device can directly forward the data between the client and the license server. At this time, the license file relay device is similar to a message forwarder; it can also be after receiving the client request or before the client request After obtaining the entire license file from the license server, the entire license file is forwarded to the client, and the license file relay device is similar. A combination of a simplified client and a simplified license server. The license file relay device in the system can also be connected in series one level, and the client obtains the license file through multiple forwarding. The network described above refers to all media that can be communicated between two devices, including but not limited to Ethernet, Wireless Local Area Network (WLAN), Asynchronous Transfer Mode (ATM) networks, Time Division Multiplexing (TDM) networks, and the like. There are also no restrictions on the communication protocol between the client, the license server, and the license file relay device, including but not limited to Transmission Control Protocol (TCP), User Data Protocol (UDP), File Transfer Protocol (FTP), and single file. Transmission Protocol (TFTP) and various custom protocols.
下面举一个许可证文件中继装置的应用示例。 如一个设备只与管理 该设备的一网管服务器通过 RS-232 串口相连接, 而该网管服务器可以 通过 Internet与许可证服务器相连接, 此时就可以将该网管服务器作为 ―台许可证文件中继装置, 将客户端通过串口发来的许可证请求通过 Internet转发给许可证服务器,将许可证服务器传来的许可证文件再通过 串口转发给该设备。  An application example of a license file relay device is given below. For example, if a device is connected to a network management server that manages the device through an RS-232 serial port, and the network management server can be connected to the license server through the Internet, the network management server can be relayed as a “license file”. The device forwards the license request sent by the client through the serial port to the license server through the Internet, and forwards the license file transmitted by the license server to the device through the serial port.
下面结合图 5说明本发明实施例中许可证管理的方法的具体实施过 程。  The specific implementation process of the method for license management in the embodiment of the present invention will be described below with reference to FIG.
步骤 510, 许可证服务器接收客户端的许可证请求;  Step 510: The license server receives a license request of the client.
此处许可证服务器接收到的许可证请求可以是客户端直接发来的, 也可以是通过许可证文件中继装置转发的, 许可证服务器都认为是客户 端发来的请求。 许可证请求中包含了客户端的特征信息, 如客户端的产 品名称 "XX交换机"、 产品版本 "1.0"、 设备标识 "0050BA20CDD5"。  Here, the license request received by the license server may be sent directly by the client, or may be forwarded by the license file relay device, and the license server considers the request sent by the client. The license request contains the client's feature information, such as the client's product name "XX switch", product version "1.0", and device ID "0050BA20CDD5".
假设许可证服务器中指定目录 c:\license中已经存放有多个原始许可 证文件, 其中一个文件名为 licensel.txt的原始许可证文件中包括如下内 六  Assume that there are multiple original license files in the specified directory c:\license in the license server. One of the original license files named licensel.txt includes the following.
谷: Valley:
1个公共信息段; 2个产品名称为产品名称 "XX交换机"、 产品版本 "1.0"、 设备标识 "0050BA20CDD5" 的产品特征信息段; 1 public information segment; The two product names are the product feature information sections of the product name "XX switch", the product version "1.0", and the device identifier "0050BA20CDD5";
3个产品名称为产品名称 "XX交换机"、 产品版本 "1,0"、 设备标识 "1040BA20CDD5" 的产品特征信息段;  The three product names are the product feature information sections of the product name "XX switch", product version "1,0", and device identifier "1040BA20CDD5";
4 个产品名称 " XX 路由器"、 产品版本 " 2.0 "、 设备标识 "0050BA20CDD5" 的产品特征信息段。 找出客户端特征信息与原始许可证文件的对应关系, 并将所述对应关系 存储起来; 例如, 将许可证服务器记录有产品名称 "XX交换机"、 产品 版本 "1.0"、 设备标识 "0050BA20CDD5" 的产品特征信息段存在于文 件 c:\license\licensel.txt。 许可证服务器可以在启动时, 对指定目录 c:\license中的所有 license文件进行分析;也可以是由人工启动对某个或 某些或所有原始许可证文件进行分析等等。 原始许可证文件可以直接存 放在许可证服务器上 , 也可以通过各种方式从外界获取并放到许可证服 务器上, 如可以通过存储介质拷贝到许可证服务器中, 也可以通过网络 传送到许可证服务器中, 等等。 征信息对应的信息段(可以包括产品特征信息段, 也可以包括公共信息 段等)提取出来并存储, 如存储在数据库中或特定的文件中, 在分析完 成后, 可以不保留原始许可证文件。 如上面所举的这个例子中, 将许可 证服务器中的产品名称 " XX 交换机"、 产品版本 " 1.0"、 设备标识 "0050BA20CDD5" 及其对应的所有产品特征信息段存储在数据库中。  Product feature information section for 4 product names "XX Router", product version "2.0", device ID "0050BA20CDD5". Find the correspondence between the client feature information and the original license file, and store the corresponding relationship; for example, record the license server with the product name "XX switch", product version "1.0", device identifier "0050BA20CDD5" The product feature information section exists in the file c:\license\licensel.txt. The license server can analyze all license files in the specified directory c:\license at startup, or it can be manually initiated to analyze some or all of the original license files. The original license file can be stored directly on the license server, or it can be obtained from the outside world and placed on the license server in various ways, such as copying it to the license server through a storage medium, or transferring it to the license through the network. In the server, and so on. The information segment corresponding to the information (which may include product feature information segments, may also include public information segments, etc.) is extracted and stored, such as stored in a database or in a specific file. After the analysis is completed, the original license file may not be retained. . In the example above, the product name "XX switch", product version "1.0", device ID "0050BA20CDD5" and its corresponding product feature information segments in the license server are stored in the database.
步骤 520, 许可证服务器根据所述请求生成新许可证文件。  Step 520: The license server generates a new license file according to the request.
具体地说,许可证服务器分析客户端的请求,得到客户端特征信息, 并根据所述客户端特征信息生成符合客户端要求的新许可证文件。 最简单的实现方法是许可证服务器直接找到包含客户端特征信息的 原始许可证文件, 并把它直接作为新许可证文件, 或者拷贝该原始许可 证文件得到新许可证文件, 而不对原始许可证文件进行过滤, 这样也能 达到自动集中管理的目的。 Specifically, the license server analyzes the client's request, obtains the client feature information, and generates a new license file that meets the client's requirements according to the client feature information. The easiest way to do this is for the license server to directly locate the original license file containing the client's feature information and use it directly as a new license file, or copy the original license file to get a new license file, instead of the original license. The files are filtered, which also achieves the purpose of automatic centralized management.
但较佳的实现方法是许可证服务器只把所述客户端请求的对应许可 证信息组成新许可证文件, 下面进一步描述这种实现方法。  However, the preferred implementation method is that the license server only composes the corresponding license information requested by the client into a new license file, and the implementation method is further described below.
在组装新许可证文件时, 许可证服务器要得到客户端特征信息所对 应的许可证信息段, 具体分为如下三种情况:  When assembling a new license file, the license server needs to obtain the license information segment corresponding to the client feature information, which is divided into the following three cases:
情况 1 : 若许可证服务器之前没有分析过原始许可证文件, 则许可 证服务器需要搜索各原始许可证文件, 从中找到包含客户端特征信息的 原始许可证文件, 并从中得到客户端特征信息所对应的许可证信息段。 如从原始许可证文件 c:\license\licensel .txt中找到了产品名称 "xx交换 机"、产品版本 " 1.0"、设备标识 "0050BA20CDD5"的产品特征信息段, 则许可证服务器再从该文件中获得对应的许可证信息段, 即该文件中的 公共信息段和 2个产品名称为产品名称 "xx交换机"、 产品版本 "1.0"、 设备标识 "0050BA20CDD5" '的产品特征信息段。  Case 1: If the license server has not analyzed the original license file before, the license server needs to search each original license file, find the original license file containing the client feature information, and obtain the corresponding client profile information. License information section. If the product feature information section of the product name "xx switch", the product version "1.0", and the device identifier "0050BA20CDD5" is found in the original license file c:\license\licensel.txt, the license server is again from the file. Obtain the corresponding license information segment, that is, the public information segment and the two product names in the file are the product feature information segments of the product name "xx switch", the product version "1.0", and the device identifier "0050BA20CDD5"'.
情况 2: 许可证服务器之前已经分析并得到了客户端特征信息与原 始许可证文件的对应关系 , 则根据客户端特征信息从所述对应关系中得 到对应的原始许可证文件, 再从中得到客户端特征信息所对应的许可证 信息段。 如许可证服务器已经记录了产品名称 "xx交换机"、 产品版本 " 1.0 "、 设备标识 " 0050BA20CDD5,, 对应的原始许可证文件为 c:\license\licensel.txt , 则许可证服务器可直接找到原始许可证文件 c:\license\licensel .txt, 并从中得到对应的许可证信息段, 即该文件中的 公共信息段和 2个产品名称为产品名称 "xx交换机"、 产品版本 "1.0"、 设备标识 "0050BA20CDD5" 的产品特征信息段。 情况 3: 许可证服务器之前已经分析原始许可证文件, 并记录了客 户端特征信息及其对应的许可证信息段, 则根据客户端特征信息直接得 到对应的许可证信息段, 不需再去搜索原始许可证文件了。 Case 2: The license server has previously analyzed and obtained the correspondence between the client feature information and the original license file, and then obtains the corresponding original license file from the corresponding relationship according to the client feature information, and obtains the client from the client. The license information segment corresponding to the feature information. If the license server has recorded the product name "xx switch", the product version "1.0", the device ID "0050BA20CDD5", and the corresponding original license file is c:\license\licensel.txt, the license server can directly find the original. The license file c:\license\licensel.txt, and the corresponding license information segment is obtained from it, that is, the public information segment and the two product names in the file are the product name "xx switch", the product version "1.0", the device Identify the product feature information section of "0050BA20CDD5". Case 3 : The license server has previously analyzed the original license file, and recorded the client feature information and its corresponding license information segment, then directly obtains the corresponding license information segment according to the client feature information, and does not need to search again. The original license file is gone.
在得到客户端特征信息对应的许可证信息段之后, 许可证服务器即 可以把其中的产品特征信息段直接拷贝到新许可证文件中。 如 2个产品 名称为产品名称 " XX 交换机"、 产品版本 " 1.0 "、 设备标识 "0050BA20CDD5" 的产品特征信息段直接拷贝到新许可证文件中, 这 样的新许可证文件包含了产品特征属性, 客户端据此可控制相关属性。 另外许可证服务器还可以把公共信息段也拷贝到新许可证文件中, 以提 供更多的信息, 如果新许可证文件与原始许可证文件不完全相同时, 其 中的全文数字签名不能再使用,不能将其拷贝到新许可证文件中;此时, 许可证服务器还可以对新许可证文件生成新的全文数字签名, 放入新许 可证文件中, 以提供更完整的保护。  After obtaining the license information segment corresponding to the client feature information, the license server can directly copy the product feature information segment into the new license file. For example, the product feature information sections of the product name "XX switch", the product version "1.0", and the device identifier "0050BA20CDD5" are directly copied to the new license file, and the new license file contains the product feature attributes. The client can control the relevant properties accordingly. In addition, the license server can also copy the public information segment to the new license file to provide more information. If the new license file is not identical to the original license file, the full-text digital signature can no longer be used. It cannot be copied to a new license file; in this case, the license server can also generate a new full-text digital signature for the new license file and place it in a new license file for more complete protection.
步骤 530, 许可证服务器将新许可证文件传送给客户端。  Step 530, the license server transmits the new license file to the client.
许可证服务器将新许可证文件通过网络传送给客户端, 这里的客户 端既可以是最终客户端, 也可以是许可证文件中继装置; 许可证文件中 继装置再将所述新许可证文件转发给最终客户端, 或转发给下一级许可 证文件中继装置, 许可证服务器并不需要关心与其直接相连的是什么。  The license server transmits the new license file to the client through the network, where the client can be either the final client or the license file relay device; the license file relay device then re-applies the new license file Forwarded to the final client, or forwarded to the next level of license file relay, the license server does not need to care about what is directly connected to it.
传送的协议可以是通过 TCP、 UDP、 FTP, TFTP ^†^, 或自定义 的协议。 传送过程中还可以再进行加密。 这些都是本领域技术人员熟知 的技术, 故不再赘述。  The protocol to be transmitted can be via TCP, UDP, FTP, TFTP^^, or a custom protocol. Encryption can also be performed during the transfer. These are all techniques well known to those skilled in the art and will not be described again.
客户端获得许可证文件后, 再对其进行验证、 解密, 即可用于控制 自身的功能属性等。  After the client obtains the license file, it can be verified and decrypted, which can be used to control its own functional attributes.
下面再结合图 6〜图 9说明本发明实施例中许可证服务器的具体实 施方式。 图 6为本发明许可证服务器的第一种实施方式。 其中, 许可证服务 器 100包括原始许可证文件分析模块 110、 客户端请求接收模块 120、 新许可证文件生成模块 130和许可证文件传送模块 140。 A specific implementation manner of the license server in the embodiment of the present invention will be described below with reference to FIG. 6 to FIG. Figure 6 is a first embodiment of a license server of the present invention. The license server 100 includes an original license file analysis module 110, a client request receiving module 120, a new license file generating module 130, and a license file transmitting module 140.
原始许可证文件分析模块 110用于对所存储的原始许可证文件进行 分析, 得到客户端特征信息与许可证信息段或原始许可证文件的对应关 系;  The original license file analysis module 110 is configured to analyze the stored original license file to obtain a correspondence between the client feature information and the license information segment or the original license file;
客户端请求接收模块 120用于接收客户端请求, 并将所接收的客户 端请求发送到原始许可证文件分析模块 110 和新许可证文件生成模块 130;  The client request receiving module 120 is configured to receive the client request, and send the received client request to the original license file analysis module 110 and the new license file generating module 130;
新许可证文件生成模块 130根据来自客户端请求接收模块 120的客 户端请求以及来自原始许可证文件分析模块 110的许可证信息段或原始 许可证文件, 生成新许可证文件;  The new license file generation module 130 generates a new license file based on the client request from the client request receiving module 120 and the license information segment or the original license file from the original license file analysis module 110;
许可证文件传送模块 140用于将所生成的新许可证文件传送给客户 端。  The license file transfer module 140 is for transmitting the generated new license file to the client.
许可证服务器的工作方法具体可参阅上述许可证管理过程的相关描 述。  For details on how the license server works, refer to the related description of the license management process described above.
图 7所示为本发明许可证服务器的第二种实施方式。 本实施例中, 与图 6所示的许可证服务器的结构相比较, 许可证服务器 100还多了一 个原始许可证文件获取模块 150, 用于从外界设备把原始许可证文件获 取到许可证服务器中, 如从外部存储介质 (软盘、 光盘等)把原始许可 证文件拷贝到许可证服务器中, 或通过网络把原始许可证文件传送到许 可证服务器中。  Figure 7 shows a second embodiment of the license server of the present invention. In this embodiment, compared with the structure of the license server shown in FIG. 6, the license server 100 further adds an original license file obtaining module 150 for acquiring the original license file from the external device to the license server. The original license file is copied from the external storage medium (floppy disk, CD, etc.) to the license server, or the original license file is transferred to the license server via the network.
图 8为图 6或图 7中的原始许可证文件分析模块 110的内部结构框 图。 原始许可证文件分析模块 110包括原始许可证文件分析单元 111、 原始许可证文件存储单元 112和分析结果存储单元 113。 其中, 原始许 可证文件分析单元 111用于对原始许可证文件存储单元 112中存储的原 始许可证文件进行分析, 得到分析结果; 原始许可证文件存储单元 112 用于存储原始许可证文件; 分析结果存储单元 112用于存储原始许可证 文件分析单元 111所得到的分析结果。 所述分析结果为许可证信息段或 原始许可证文件与客户端特征信息的对应关系。 FIG. 8 is a block diagram showing the internal structure of the original license file analysis module 110 in FIG. 6 or 7. The original license file analysis module 110 includes an original license file analysis unit 111, an original license file storage unit 112, and an analysis result storage unit 113. Among them, the original Xu The certificate file analysis unit 111 is configured to analyze the original license file stored in the original license file storage unit 112 to obtain an analysis result; the original license file storage unit 112 is configured to store the original license file; the analysis result storage unit 112 It is used to store the analysis result obtained by the original license file analyzing unit 111. The analysis result is a correspondence between the license information segment or the original license file and the client feature information.
原始许可证文件分析模块 110还可以只包括原始许可证文件分析单 元 111 和原始许可证文件存储单元 112, 原始许可证文件分析单元 111 的分析结果直接送给新许可证文件生成模块 130。  The original license file analysis module 110 may also include only the original license file analysis unit 111 and the original license file storage unit 112, and the analysis result of the original license file analysis unit 111 is directly sent to the new license file generation module 130.
图 9为图 6或图 7所示许可证服务器中新许可证文件生成模块 130 的结构框图。 其中, 新许可证文件生成模块 130包括客户端特征信息分 析单元 131、 新许可证文件合成单元 132和数字签名单元 133; 所述客 户端特征信息分析单元 131用于从客户端请求中得到客户端特征信息, 所述新许可证文件合成单元 132用于根据所述客户端特征信息从所述原 始许可证文件分析模块 110得到对应的许可证信息段或原始许可证文 件、 从数字签名单元 133得到新许可证文件的全文数字签名, 合成新许 可证文件; 数字签名单元 133用于生成新许可证文件的全文数字签名。  FIG. 9 is a structural block diagram of a new license file generating module 130 in the license server shown in FIG. 6 or FIG. 7. The new license file generating module 130 includes a client feature information analyzing unit 131, a new license file synthesizing unit 132, and a digital signature unit 133. The client feature information analyzing unit 131 is configured to obtain a client from a client request. Feature information, the new license file synthesizing unit 132 is configured to obtain a corresponding license information segment or an original license file from the original license file analysis module 110 according to the client feature information, and obtain the digital license unit 133. The full-text digital signature of the new license file, synthesizing a new license file; the digital signature unit 133 is used to generate a full-text digital signature of the new license file.
新许可证文件生成模块 130的另一实施方式是只包括客户端特征信 息分析单元 131和新许可证文件合成单元 132。 其中, 新许可证文件合 成单元 132可以不对原始许可证文件过滤, 直接 4巴对应的原始许可证文 件作为新许可证文件, 或直接拷贝原始许可证文件作为新许可证文件; 新许可证文件合成单元 132 也可以不对新许可证文件进行全文数字签 名; 新许可证文件合成单元 132还可以不把公共信息段放入新许可证文 件, 新许可证文件只包含产品特征信息段。  Another embodiment of the new license file generating module 130 is to include only the client feature information analyzing unit 131 and the new license file synthesizing unit 132. The new license file synthesizing unit 132 may not filter the original license file, directly use the original license file corresponding to the 4 bar as a new license file, or directly copy the original license file as a new license file; The unit 132 may also not perform full-text digital signature on the new license file; the new license file synthesizing unit 132 may not put the public information segment into the new license file, and the new license file only includes the product feature information segment.
从本发明的以上技术方案可以看出, 本发明可以在许可证服务器集 中管理大量许可证文件, 根据客户端的请求自动分发许可证文件, 客户 端请求时可不需要知道许可证文件名, 实现了许可证文件的自动管理, 避免人为操作错误, 大大减少了维护成本。 许可证服务器与客户端之间 传送的是许可证文件, 许可证文件本身具有很高的安全性, 大大降低了 网络传输中的泄密可能性。 As can be seen from the above technical solution of the present invention, the present invention can centrally manage a large number of license files in the license server, and automatically distribute the license files according to the request of the client, the client When the request is made, the license file name does not need to be known, the automatic management of the license file is realized, the human error is avoided, and the maintenance cost is greatly reduced. The license file is transmitted between the license server and the client. The license file itself has high security and greatly reduces the possibility of leaks in network transmission.
在本发明的优选方案中, 可以对原始许可证文件进行过滤, 只提取 与请求的客户端相关的信息段并将其组成新的许可证文件, 从而减少了 网络传输的冗余数据, 提高了效率。  In a preferred solution of the present invention, the original license file can be filtered, only the information segments related to the requested client are extracted and formed into a new license file, thereby reducing redundant data transmitted by the network and improving the data. effectiveness.
在本发明的优选方案中, 还可以通过简单的许可证文件中继装置转 发相关信息, 提高了客户端部署的灵活性。  In a preferred embodiment of the present invention, related information can also be forwarded through a simple license file relay device, which increases the flexibility of client deployment.
以上所述, 仅为本发明较佳的具体实施方式, 但本发明的保护范围 并不局限于此, 任何熟悉本技术领域的技术人员在本发明揭露的技术范 围内, 可轻易想到的变化或替换, 都应涵盖在本发明的保护范围之内。 因此, 本发明的保护范围应该以权利要求的保护范围为准。  The above is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or within the technical scope disclosed by the present invention. Alternatives are intended to be covered by the scope of the present invention. Therefore, the scope of protection of the present invention should be determined by the scope of the claims.

Claims

权利要求书 Claim
1、 一种许可证管理方法, 其特征在于, 包括以下步骤:  A license management method, characterized in that it comprises the following steps:
许可证服务器接收客户端的许可证请求;  The license server receives a license request from the client;
许可证服务器根据所述许可证请求生成新许可证文件;  The license server generates a new license file according to the license request;
许可证服务器将所述新许可证文件传送给客户端。  The license server transmits the new license file to the client.
2、根据权利要求 1.所述方法, 其特征在于, 所述根据所述许可证请 求生成新许可证文件为:  2. The method of claim 1 wherein said generating a new license file based on said license request is:
许可证服务器根据所述许可证请求中的客户端特征信息, 找到本地 所存储的对应的原始许可证文件, 并将所述原始许可证文件作为新许可 证文件或 居所述原始许可证文件中的全部或部分内容生成新许可证 文件。  The license server finds the corresponding original license file stored locally according to the client characteristic information in the license request, and uses the original license file as a new license file or in the original license file. Generate a new license file for all or part of the content.
3、根据权利要求 2所述方法, 其特征在于, 所述根据所述原始许可 证文件中的全部或部分内容生成新许可证文件为:  The method according to claim 2, wherein the generating a new license file according to all or part of the content in the original license file is:
许可证服务器根据所述许可证请求中的客户端特征信息, 从原始许 可证文件中找出与所述客户端特征信息对应的许可证信息段, 并根据所 述许可证信息段组装生成新许可证文件。  The license server finds a license information segment corresponding to the client feature information from the original license file according to the client feature information in the license request, and assembles a new license according to the license information segment. Certificate document.
4、 根据权利要求 1所述方法, 其特征在于, 所述接收客户端的许可 证请求之前还包括:  4. The method according to claim 1, wherein the receiving the client's license request further comprises:
许可证服务器分析原始许可证文件, 得到并存储客户端特征信息与 原始许可证文件的对应关系。  The license server analyzes the original license file and obtains and stores the correspondence between the client feature information and the original license file.
5、根据权利要求 4所述方法, 其特征在于, 所述根据所述许可证请 求生成新许可证文件为:  The method according to claim 4, wherein said generating a new license file according to said license request is:
许可证服务器根据所述许可证请求中的客户端特征信息, 从客户端 特征信息与原始许可证文件的对应关系中得到对应的原始许可证文件, 并从所述原始许可证文件中获得对应的许可证信息段, 根据所获取的许 可证信息段组装生成新许可证文件。 The license server obtains the corresponding original license file from the correspondence between the client feature information and the original license file according to the client feature information in the license request. And obtaining a corresponding license information segment from the original license file, and assembling a new license file according to the obtained license information segment.
6、根据权利要求 1所述方法, 其特征在于, 所述接收客户端的许可 证请求之前还包括:  The method according to claim 1, wherein the receiving the client's license request further comprises:
许可证服务器分析原始许可证文件, 得到并存储客户端特征信息与 许可证信息段的对应关系。  The license server analyzes the original license file and obtains and stores the correspondence between the client feature information and the license information segment.
7、根据权利要求 6所述方法, 其特征在于, 所述根据所述许可证请 求生成新许可证文件为:  7. The method of claim 6 wherein said generating a new license file based on said license request is:
许可证服务器分析所述许可证请求, 从中提取出客户端特征信息, 根据所提取的客户端特征信息查找已存储的客户端特征信息与许可证 信息段的对应关系得到对应的许可证信息段, 并根据所得许可证信息段 以及客户端特征信息组装生成新许可证文件。  The license server analyzes the license request, extracts client characteristic information therefrom, and searches for a corresponding license information segment according to the extracted client feature information to search for a corresponding relationship between the stored client feature information and the license information segment. And generate a new license file according to the obtained license information segment and the client feature information.
8、 根据权利要求 3、 5或 7所述方法, 其特征在于, 所述組装生成 新许可证文件包括:  8. The method according to claim 3, 5 or 7, wherein the assembling the new license file comprises:
将所述许可证信息段中的产品特征信息段添加到新许可证文件中。 The product feature information segment in the license information segment is added to the new license file.
9、根据权利要求 8所述方法, 其特征在于, 所述生成新许可证文件 之前进一步包括: The method according to claim 8, wherein the generating the new license file further comprises:
将所述许可证信息段的公共信息段中除全文数字签名外的内容作为 新许可证的公共信息段添加新许可证文件中, 并生成新许可证文件的全 文数字签名添加到新许可证文件中。  Adding the content other than the full-text digital signature in the public information section of the license information section as a public information section of the new license, and adding the full-text digital signature of the new license file to the new license file in.
10、 根据权利要求 1所述方法, 其特征在于, 所述生成新许可证文 件包括: 将许可证服务器本地存储的原始许可证文件中的产品特征信息 段拷贝为新许可证文件中的产品特征信息段。  10. The method according to claim 1, wherein the generating the new license file comprises: copying the product feature information segment in the original license file stored locally by the license server into a product feature in the new license file. Information segment.
11、 根据权利要求 1所述方法, 其特征在于, 所述客户端的许可证 请求中包含有客户端特征信息。 11. The method according to claim 1, wherein the client's license request includes client feature information.
12、根据权利要求 11所述方法, 其特征在于, 所述客户端特征信息 包括: 产品名称、 设备标识和产品版本。 The method according to claim 11, wherein the client feature information comprises: a product name, a device identifier, and a product version.
13、 一种许可证管理系统, 其特征在于, 包括:  13. A license management system, comprising:
客户端, 用于发送许可证请求;  Client, used to send a license request;
许可证服务器, 通过网络与所述客户端相连接, 用于接收客户端的 许可证请求, 生成新许可证文件, 并将所生成的新许可证文件传送给客 户端;  a license server, connected to the client through a network, for receiving a license request from a client, generating a new license file, and transmitting the generated new license file to the client;
所述客户端还用于接收来自许可证服务器的许可证文件, 并从所接 收的许可证文件中获取许可证信息。  The client is further configured to receive a license file from a license server and obtain license information from the received license file.
14、根据权利要求 13所述的许可证管理系统, 其特征在于, 所述许 可证服务器包括:  The license management system according to claim 13, wherein the license server comprises:
原始许可证文件分析模块, 用于分析原始许可证文件, 获得原始许 可证文件中的信息;  An original license file analysis module for analyzing the original license file to obtain information in the original license file;
客户端请求接收模块, 用于接收来自客户端的许可证请求; 新许可证文件生成模块, 用于根据原始许可证文件分析模块获得的 原始许可证文件中的信息以及客户端请求接收模块的许可证请求, 生成 新许可证文件;  a client request receiving module, configured to receive a license request from the client; a new license file generating module, configured to obtain information in the original license file obtained by the original license file analysis module, and a license of the client request receiving module Request, generate a new license file;
许可证文件传送模块, 用于将新许可证文件生成模块生成的新许可 证文件传送给客户端。  A license file transfer module for transmitting a new license file generated by the new license file generation module to the client.
15、 根据权利要求 13或 14所述的许可证管理系统, 其特征在于, 该系统进一步包括:  The license management system according to claim 13 or 14, wherein the system further comprises:
许可证文件中继装置,通过网络分别与客户端和许可证服务器相连, 用于接收客户端发来的许可证请求, 并将所述许可证请求转发给许可证 服务器;还用于接收许可证服务器新许可证文件,并将其转发给客户端。  a license file relay device connected to the client and the license server through the network, for receiving a license request sent by the client, and forwarding the license request to the license server; and also for receiving the license Server new license file and forward it to the client.
16、根据权利要求 15所述的许可证管理系统, 其特征在于, 所述许 可证文件中继装置为一个以上的许可证文件中继装置串联形成的许可 证文件中继装置组。 The license management system according to claim 15, wherein said license The provable file relay device is a license file relay device group formed by connecting one or more license file relay devices in series.
17、 一种许可证服务器, 其特征在于, 包括:  17. A license server, comprising:
原始许可证文件分析模块, 用于分析原始许可证文件, 获得原始许 可证文件中的信息;  An original license file analysis module for analyzing the original license file to obtain information in the original license file;
客户端请求接收模块, 用于接收客户端的许可证请求;  a client request receiving module, configured to receive a license request of the client;
新许可证文件生成模块, 用于根据原始许可证文件分析模块获得的 原始许可证文件中的信息以及客户端请求接收模块的许可证请求, 生成 新许可证文件;  a new license file generating module, configured to generate a new license file according to the information in the original license file obtained by the original license file analysis module and the license request of the client request receiving module;
许可证文件传送模块, 该模块将新许可证文件生成模块生成的新许 可证文件传送给客户端。  A license file transfer module that transmits a new license file generated by the new license file generation module to the client.
18、根据权利要求 17所述的许可证服务器, 其特征在于, 所述原始 许可证文件分析模块包括:  The license server according to claim 17, wherein the original license file analysis module comprises:
原始许可证文件存储单元, 用于存储原始许可证文件;  An original license file storage unit for storing the original license file;
原始许可证文件分析单元, 用于分析原始许可证文件存储单元中存 储的原始许可证文件, 得到许可证信息段或原始许可证文件与客户端特 征信息的对应关系。  The original license file analysis unit is configured to analyze the original license file stored in the original license file storage unit, and obtain a correspondence between the license information segment or the original license file and the client feature information.
19、根据权利要求 18所述的许可证服务器, 其特征在于, 所述原始 许可证文件分析模块进一步包括分析结果存储单元, 用于存储原始许可 证文件分析单元所得到所述对应关系。  The license server according to claim 18, wherein the original license file analysis module further comprises an analysis result storage unit configured to store the correspondence relationship obtained by the original license file analysis unit.
20、根据权利要求 17、 18或 19所述的许可证服务器, 其特征在于, 所述新许可证文件生成模块包括:  The license server according to claim 17, 18 or 19, wherein the new license file generating module comprises:
客户端特征信息分析单元, 用于从客户端请求中得到客户端特征信 息;  a client feature information analyzing unit, configured to obtain client feature information from a client request;
新许可证文件合成单元, 用于根据所述客户端特征信息分析单元得 到的客户端特征信息, 从所述原始许可证文件分析模块得到对应的许可 证信息段或原始许可证文件, 并根据所得到的许可证信息段或原始许可 证文件生成新许可证文件。 a new license file synthesizing unit, configured to analyze the unit according to the client characteristic information The obtained client feature information is obtained from the original license file analysis module to obtain a corresponding license information segment or an original license file, and a new license file is generated according to the obtained license information segment or the original license file.
21、根据权利要求 20所述的许可证服务器, 其特征在于, 所述新许 可证文件生成模块进一步包括数字签名单元, 用于生成所述新许可证文 件的数字签名。  The license server according to claim 20, wherein the new license file generating module further comprises a digital signature unit for generating a digital signature of the new license file.
22、根据权利要求 21所述的许可证服务器, 其特征在于, 所述许可 证服务器进一步包括:  The license server according to claim 21, wherein the license server further comprises:
原始许可证文件获取模块, 用于从外界设备获取原始许可证文件。  An original license file acquisition module for obtaining an original license file from an external device.
PCT/CN2006/002280 2006-01-05 2006-09-04 Method, system and apparatus for managing license WO2007076665A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNA2006100327540A CN1874218A (en) 2006-01-05 2006-01-05 Method, system and equipment for license management
CN200610032754.0 2006-01-05

Publications (1)

Publication Number Publication Date
WO2007076665A1 true WO2007076665A1 (en) 2007-07-12

Family

ID=37484506

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2006/002280 WO2007076665A1 (en) 2006-01-05 2006-09-04 Method, system and apparatus for managing license

Country Status (2)

Country Link
CN (1) CN1874218A (en)
WO (1) WO2007076665A1 (en)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101196966B (en) * 2006-12-08 2010-05-19 华为技术有限公司 Method for license interaction and recovery after break-up, and digital copyright management system
CN101321056B (en) * 2007-06-06 2012-05-23 华为技术有限公司 Method, equipment and system for forwarding permission
CN101247400B (en) * 2008-03-03 2011-02-02 华为技术有限公司 License control method and controller
CN101286987B (en) * 2008-03-27 2012-11-28 北京深思洛克软件技术股份有限公司 Method for transferring authority license of software
CN101355447B (en) * 2008-08-20 2012-03-07 中兴通讯股份有限公司 Method for managing service certificate
CN103152348B (en) * 2009-12-10 2016-11-23 华为技术有限公司 The method, apparatus and system of admissions control
CN101741833A (en) * 2009-12-10 2010-06-16 华为技术有限公司 Method, equipment and system for license control
CN101945010B (en) * 2010-09-19 2013-07-10 中国联合网络通信集团有限公司 Business license processing method, device and system
CN103795694A (en) * 2012-10-31 2014-05-14 中国电信股份有限公司 License control method and license control system
CN106131011B (en) * 2016-07-07 2021-01-22 新华三技术有限公司 Authorization confirmation method and device
CN108304735A (en) * 2017-12-28 2018-07-20 山东浪潮通软信息科技有限公司 A kind of authorization sequence application method, system and delivery of cargo system, application server
CN108830072A (en) * 2018-04-20 2018-11-16 广州市玄武无线科技股份有限公司 System function control method, device and computer readable storage medium
CN109359478B (en) * 2018-12-03 2020-11-10 北京中科晶上科技股份有限公司 Authorization method and system based on encrypted license file

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1369820A (en) * 2001-02-02 2002-09-18 松下电器产业株式会社 Content application administrative system and its method
CN1460372A (en) * 2001-04-19 2003-12-03 松下电器产业株式会社 License management system, license management device, relay device and terminal device
WO2004081771A2 (en) * 2003-03-12 2004-09-23 Matsushita Electric Industrial Co., Ltd. Digital content distribution system, right management server and user terminal
US20040260765A1 (en) * 2003-06-06 2004-12-23 Vincent Re System and method for distribution of software licenses in a networked computing environment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1369820A (en) * 2001-02-02 2002-09-18 松下电器产业株式会社 Content application administrative system and its method
CN1460372A (en) * 2001-04-19 2003-12-03 松下电器产业株式会社 License management system, license management device, relay device and terminal device
WO2004081771A2 (en) * 2003-03-12 2004-09-23 Matsushita Electric Industrial Co., Ltd. Digital content distribution system, right management server and user terminal
US20040260765A1 (en) * 2003-06-06 2004-12-23 Vincent Re System and method for distribution of software licenses in a networked computing environment

Also Published As

Publication number Publication date
CN1874218A (en) 2006-12-06

Similar Documents

Publication Publication Date Title
WO2007076665A1 (en) Method, system and apparatus for managing license
CN102422593B (en) HTTP-based authentication
WO2018024061A1 (en) Method, device and system for licensing shared digital content
CN102546176B (en) DNS security is supported in multiagent environment
CN112910840A (en) Medical data storage and sharing method and system based on alliance blockchain
CN102510370B (en) Authentication method for accessing files stored on distributed file system and distributed file system
WO2007048335A1 (en) An encrypted transmission method and equipment system for preventing copying the data resource
CN101605137A (en) Safe distribution file system
JP4264650B2 (en) Content transmission system, content transmission method, content transmission device, content transmission method, content reception device, content reception method, and computer program
US11652642B2 (en) Digital data locker system providing enhanced security and protection for data storage and retrieval
CN107948235B (en) JAR-based cloud data security management and audit device
JP2004295846A (en) System, server, and method for managing license, program, and recording medium
CN101305542A (en) Method for downloading digital certificate and cryptographic key
WO2010025638A1 (en) Method, equipment and system of peer to peer live broadcast stream transfer
CN112954000A (en) Privacy information management method and system based on block chain and IPFS technology
Guo et al. Using blockchain to control access to cloud data
CN112307116A (en) Data access control method, device and equipment based on block chain
GB2444339A (en) Shared access to private files in a distributed network
CN102714653B (en) For the system and method for accessing private digital content
CN112132581B (en) PKI identity authentication system and method based on IOTA
JP5586397B2 (en) Secure network storage system, method, client device, server device, and program
JP4320904B2 (en) Gateway and data communication method
US20070106910A1 (en) Device management system, device management method, computer program, and computer readable storage medium
JP4517608B2 (en) Data communication system
WO2008065348A2 (en) Perpetual data

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06775597

Country of ref document: EP

Kind code of ref document: A1