CN101271502A - Software protection device with considerable file memory function - Google Patents
Software protection device with considerable file memory function Download PDFInfo
- Publication number
- CN101271502A CN101271502A CN 200810105875 CN200810105875A CN101271502A CN 101271502 A CN101271502 A CN 101271502A CN 200810105875 CN200810105875 CN 200810105875 CN 200810105875 A CN200810105875 A CN 200810105875A CN 101271502 A CN101271502 A CN 101271502A
- Authority
- CN
- China
- Prior art keywords
- software
- file
- data
- protecting equipment
- nonvolatile memory
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a software protection device with the large capacity file storage function. The software protection device can provide a standard file access function to a program while protecting the program code of the software and monitoring a visiting requirement of the digital file according to a prearranged strategy. Combined with the advantages of two methods of code transplantation and digital file protection in the software protection, the software protection device with the large capacity file storage function provides the software protection device with safety and high efficiency.
Description
Technical field
The present invention relates to Software Protection Technique, particularly a kind of software protecting equipment that has considerable file memory function.
Background technology
Software protecting equipment is the main means that realize software security protection and copyright protection.Software protecting equipment refers in particular to a kind of hardware device that is attached on the computer interface (such as, interfaces such as USB interface, serial ports, parallel port), and operation specific software is on computers carried out software security protection and copyright protection.Modern software protecting equipment, for example the USB encryption lock adopts high strength intelligent card chip and advanced cryptological technique, has certain calculation and storage capacity, is difficult to simultaneously be cracked and copied, and has in the high strength software copyright protection widely and uses.
A kind of method for protecting software commonly used is that the partial function of software is transplanted in the software protecting equipment; the code storage of transplanting is in the controller of software protecting equipment in the built-in nonvolatile memory; call the transplanted code of software protecting equipment operation during running software, thereby realize transplanted function.In order to reach certain protection intensity, transplanted function should be to have certain complicacy and non-common algorithm, and the data space of input and output must be enough big, is adapted at again moving under storage limited in the software protecting equipment and the design conditions simultaneously.In actual conditions, to find the functional module not a duck soup that satisfies above-mentioned requirements in the software, will between security intensity and operational efficiency, weigh usually.In addition; because software protecting equipment and PC main frame are diverse hardware calculate platforms; the software developer need have certain technical difficulty with original reprogramming realization on the development platform of the function on the PC at software protecting equipment, has therefore improved the software development and maintenance cost.
Another kind of software protection thinking is the data file with software protecting equipment protection software, with important data storage in software protecting equipment.But the built-in nonvolatile memory capacity of general software protecting equipment is very little, is only used by the program in the software protecting equipment usually; In addition; the nonvolatile memory of software protecting equipment is not with the format management of file system; therefore software must call self-defining, complex apparatus interface function when using these storeies, and this file access mode is different fully with the file access on the general PC, is not easy to use.
Summary of the invention
In view of this; the present invention proposes a kind of software protecting equipment that has considerable file memory function; the guard method that promptly provides general software code to transplant; jumbo file system is provided again; make the data file of protected software can store in the safe hardware device and the file access interface of standard is provided; access control policy to file can be set simultaneously, guarantee safety of files.The present invention has promptly improved protection intensity by the advantage in conjunction with two kinds of method for protecting software, has strengthened defencive function, again the cost of development of the software protection of Jiang Diing.
According to the present invention, a kind of software protecting equipment that has considerable file memory function is provided, it is characterized in that this device comprises:
Controller is used to implement the visit of software protection and realization and monitoring file system;
Storer is used for memory file system.
According to an aspect of the present invention, its feature is that also storer is flash memory or other nonvolatile memory.
According to an aspect of the present invention, its feature is that also controller comprises:
Software function is transplanted module, is used for storing, moving the function code of transplanting from protected software;
Storage control module is used to operate storage class equipment control and the access function that nonvolatile memory is realized standard;
The access monitoring module is according to predefined control strategy monitoring file access.
According to an aspect of the present invention, its feature is that also the code in the transplanting module can directly be visited the file data in the nonvolatile memory.
According to an aspect of the present invention, its feature is that also storage control module can be encrypted the data that write nonvolatile memory, to reading the data decryption of nonvolatile memory,
According to an aspect of the present invention, its feature is that also encryption key and decruption key are kept at software protecting equipment inside.
According to an aspect of the present invention, its feature is that also predefined control strategy is that the software developer formulates when carrying out the software protection development.
According to an aspect of the present invention, its feature is that also control strategy comprises that specified file is to outside inaccessible or read-only.
According to an aspect of the present invention, its feature also is, control strategy comprises that the access frequency of specified file or data volume are limited.
According to an aspect of the present invention, its feature also is, control strategy comprises that specified file is to just readable after having only externally software through authentication.
According to an aspect of the present invention, its feature is that also control strategy comprises that the form with ciphertext was transmitted data when specified file was visited by external software.
According to an aspect of the present invention, its feature is that also the transmission security key of encryption is the session key of software protecting equipment and protected software dynamic negotiation.
According to an aspect of the present invention, its feature is that also protected software is by pc port and software protecting equipment communication.
According to an aspect of the present invention, its feature is that also protected software is realized calling transplanted function code by the sending function call request.
According to an aspect of the present invention, its feature also is, protected software carries out access by sending the file access request to the file of software protecting equipment.
According to an aspect of the present invention, its feature is that also one or more data files of protected software are stored in after the nonvolatile memory of software protecting equipment, and storage control module is encrypted data when data are write nonvolatile memory.
According to an aspect of the present invention, its feature is that also the core code of protected software is transplanted in the software protecting equipment.
Description of drawings
A kind of structural representation that has the software protecting equipment of considerable file memory function that Fig. 1 proposes for the present invention.
Fig. 2 uses software protecting equipment to realize the schematic flow sheet of method for protecting software in the embodiment of the invention.
Fig. 3 in the embodiment of the invention during running software and software protecting equipment carry out mutual schematic flow sheet.
Embodiment
For making purpose of the present invention, technical scheme and advantage clearer, below with reference to the accompanying drawing embodiment that develops simultaneously, the present invention is described in more detail.
First embodiment
As shown in Figure 1, the software protecting equipment of considerable file memory function comprises controller and storer.
Storer can be flash memory or other nonvolatile memory as the storage medium of file system.
Controller comprises:
Software function is transplanted module, is used for storing, moving the function code of transplanting from protected software; Code in the transplanting module can directly be visited the file data in the nonvolatile memory.
Storage control module is used to operate storage class equipment control and the access function that nonvolatile memory is realized standard.Storage control module can be encrypted the data that write nonvolatile memory, and to reading the data decryption of nonvolatile memory, encryption key and decruption key are kept at software protecting equipment inside, thereby have guaranteed the privacy of file data.
The access monitoring module is according to predefined control strategy monitoring file access.Predefined control strategy is that the software developer formulates when carrying out the software protection development.Control strategy can be including, but not limited to following aspect:
Specified file is to outside inaccessible or read-only;
The access frequency or the data volume of specified file are limited;
Software promptly has only just addressable this document of specific program through just readable after authenticating to specified file to having only externally;
Must be when specified file is visited by external software with the form of ciphertext transmission data, further, be the session key of software protecting equipment and protected software dynamic negotiation to the transmission security key of its encryption.
Protected software is by pc port and software protecting equipment communication, realizes the calling of transplanted function code by the sending function call request, by sending the file access request file of software protecting equipment carried out access.
Second embodiment
For example a kind of dictionary software, basic function are that the user imports word or from word of screen scraping, and software is searched and shown the meaning of a word; Another function be the user from image of screen scraping, the meaning of a word is searched, shown to software then by the word that OCR (image recognition) technology obtains wherein.The dictionary that this software uses has determined the quality of the meaning of a word, and the OCR algorithm has determined the ability and the accuracy of image recognition, so the software developer tackles this two parts core data and technology is protected.
Referring to Fig. 2, the flow process of using software protecting equipment of the present invention that above-mentioned dictionary software is protected is as follows:
The 3rd embodiment
Fig. 3 is when dictionary software moves in the embodiment of the invention and software protecting equipment carries out mutual schematic flow sheet.
By above-mentioned example as seen, the present invention has protected software function with the method that code is transplanted, because therefore the OCR algorithm does not have software protecting equipment can't finish image identification function in the inner execution of software protecting equipment.Simultaneously, the present invention also protects software data, because the dictionary data file is stored in the software protecting equipment, does not have software protecting equipment can't obtain the meaning of a word.Simultaneously, visit has guaranteed that to the control strategy of file the dictionary data file can not be by other routine access, so the user can not directly duplicate this document.File data is encrypted transmission when reading, and has further guaranteed the dictionary safety of data.
Claims (17)
1, a kind of software protecting equipment that has considerable file memory function is characterized in that, this device comprises:
Controller is used to implement the visit of software protection and realization and monitoring file system;
Storer is used for memory file system.
2, device according to claim 1 is characterized in that, storer is flash memory or other nonvolatile memory.
3, device according to claim 1 is characterized in that, controller comprises:
Software function is transplanted module, is used for storing, moving the function code of transplanting from protected software;
Storage control module is used to make nonvolatile memory to realize the storage class equipment control and the access function of standard;
The access monitoring module is according to predefined control strategy monitoring file access.
4, device according to claim 3 is characterized in that, the code in the transplanting module can directly be visited the file data in the nonvolatile memory.
5, device according to claim 3 is characterized in that, storage control module can be encrypted the data that write nonvolatile memory, to reading the data decryption of nonvolatile memory.
6, device according to claim 5 is characterized in that, encryption key and decruption key are kept in the software protecting equipment.
7, device according to claim 3 is characterized in that, predefined control strategy is that the software developer formulates when carrying out the software protection development.
8, device according to claim 7 is characterized in that, control strategy comprises that specified file is from outside inaccessible or read-only.
9, device according to claim 7 is characterized in that, control strategy comprises that the access frequency of specified file or data volume are limited.
10, device according to claim 7 is characterized in that, control strategy comprises that specified file has only through just readable after the external software authentication.
11, device according to claim 7 is characterized in that, control strategy comprises that the form with ciphertext was transmitted data when specified file was visited by external software.
12, device according to claim 11 is characterized in that, the transmission security key of encryption is the session key of software protecting equipment and protected software dynamic negotiation.
13, device according to claim 3 is characterized in that, protected software is by pc port and software protecting equipment communication.
14, device according to claim 3 is characterized in that, protected software is realized calling transplanted function code by the sending function call request.
15, device according to claim 3 is characterized in that, protected software carries out access by sending the file access request to the file in the software protecting equipment.
16, device according to claim 3; it is characterized in that; one or more data files of protected software are stored in after the nonvolatile memory of software protecting equipment, and storage control module is encrypted data when data are write nonvolatile memory.
17, device according to claim 3 is characterized in that, the core code of protected software is transplanted in the software protecting equipment.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200810105875 CN101271502A (en) | 2008-05-04 | 2008-05-04 | Software protection device with considerable file memory function |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200810105875 CN101271502A (en) | 2008-05-04 | 2008-05-04 | Software protection device with considerable file memory function |
Publications (1)
Publication Number | Publication Date |
---|---|
CN101271502A true CN101271502A (en) | 2008-09-24 |
Family
ID=40005469
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 200810105875 Pending CN101271502A (en) | 2008-05-04 | 2008-05-04 | Software protection device with considerable file memory function |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101271502A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102024106A (en) * | 2010-11-17 | 2011-04-20 | 北京曙光天演信息技术有限公司 | Method for executing user customization code in encryption card and encryption card |
CN102779254A (en) * | 2012-07-06 | 2012-11-14 | 深圳市锐能微科技有限公司 | Chip and inner module encryption system thereof |
-
2008
- 2008-05-04 CN CN 200810105875 patent/CN101271502A/en active Pending
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102024106A (en) * | 2010-11-17 | 2011-04-20 | 北京曙光天演信息技术有限公司 | Method for executing user customization code in encryption card and encryption card |
CN102024106B (en) * | 2010-11-17 | 2014-01-15 | 曙光云计算技术有限公司 | Method for executing user customization code in encryption card and encryption card |
CN102779254A (en) * | 2012-07-06 | 2012-11-14 | 深圳市锐能微科技有限公司 | Chip and inner module encryption system thereof |
CN102779254B (en) * | 2012-07-06 | 2015-08-26 | 深圳市锐能微科技有限公司 | A kind of chip and inner module encryption system thereof |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11361083B1 (en) | Method and apparatus for securing embedded device firmware | |
CN102254124B (en) | A kind of information of mobile terminal security protection system and method | |
EP2696305B1 (en) | Method and device for file protection | |
CN102592069B (en) | Apparatus and method for managing digital rights through hooking a kernel native API | |
CN104794388B (en) | application program access protection method and application program access protection device | |
CN101593252B (en) | Method and system for controlling access of computer to USB equipment | |
CN101443744A (en) | Method and electric device for transmitting rights object | |
CN103106372A (en) | Lightweight class privacy data encryption method and system for Android system | |
CN102646075A (en) | Storage card locking method and system | |
CN101561855B (en) | Method and system for controlling computer to access USB device | |
CN106682521B (en) | File transparent encryption and decryption system and method based on driver layer | |
US20120233712A1 (en) | Method and Device for Accessing Control Data According to Provided Permission Information | |
US11531626B2 (en) | System and method to protect digital content on external storage | |
CN105447397A (en) | File security level identification method based on kernel module | |
CN104834874A (en) | Establishing physical locality between secure execution environments | |
CN108229190A (en) | Control method, device, program, storage medium and the electronic equipment of transparent encryption and decryption | |
KR102192330B1 (en) | Management system and method for data security for storage device using security device | |
JP4993114B2 (en) | Shared management method for portable storage device and portable storage device | |
CN101175268A (en) | Method and device for controlling operation authority of communication terminal chip | |
CN106326782A (en) | Information processing method and electronic device | |
CN101271502A (en) | Software protection device with considerable file memory function | |
CN104361280A (en) | Method for carrying out credible certification on USB storage device through SMI interrupt | |
KR20100040074A (en) | Server and method for preventing information outflow from inside | |
US9122504B2 (en) | Apparatus and method for encryption in virtualized environment using auxiliary medium | |
KR20140090408A (en) | Mobile Device Lock System and Method for Security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20080924 |